Biblio

Smart meters (SMs) can pose privacy threats for consumers, an issue that has received significant attention in recent years. This paper studies the impact of Side Information (SI) on the performance of possible attacks to real-time privacy-preserving algorithms for SMs. In particular, we consider a deep adversarial learning framework, in which the desired releaser, which is a Recurrent Neural Network (RNN), is trained by fighting against an adversary network until convergence. To define the objective for training, two different approaches are considered: the Causal Adversarial Learning (CAL) and the Directed Information (DI)-based learning. The main difference between these approaches relies on how the privacy term is measured during the training process. The releaser in the CAL method, disposing of supervision from the actual values of the private variables and feedback from the adversary performance, tries to minimize the adversary log-likelihood. On the other hand, the releaser in the DI approach completely relies on the feedback received from the adversary and is optimized to maximize its uncertainty. The performance of these two algorithms is evaluated empirically using real-world SMs data, considering an attacker with access to SI (e.g., the day of the week) that tries to infer the occupancy status from the released SMs data. The results show that, although they perform similarly when the attacker does not exploit the SI, in general, the CAL method is less sensitive to the inclusion of SI. However, in both cases, privacy levels are significantly affected, particularly when multiple sources of SI are included.

Verifiability is one of the parameters in e-voting that can increase confidence in voting technology with several parties ensuring that voters do not change their votes. Voting has become an important part of the democratization system, both to make choices regarding policies, to elect representatives to sit in the representative assembly, and to elect leaders. the more voters and the wider the distribution, the more complex the social life, and the need to manage the voting process efficiently and determine the results more quickly, electronic-based voting (e-Voting) is becoming a more promising option. The level of confidence in voting depends on the capabilities of the system. E-voting must have parameters that can be used as guidelines, which include the following: Accuracy, Invulnerability, Privacy and Verifiability. The implementation of the simple verifiability metric to measure the degree of verifiability in the e-voting protocol, the researchers can calculate the degree of verifiability in the e-voting protocol and the researchers have been able to assess the proposed e-voting protocol with the standard of the best degree of verifiability is 1, where the value of 1 is is absolutely verified protocol.

Data driven classification models are useful to assess quality of manufactured electronics. Because decisions are taken based on the models, their veracity is relevant, covering aspects such as accuracy, transparency and clarity. The proposed BB-Stepwise algorithm aims to improve the classification model transparency and accuracy of black box models. K-Nearest Neighbours (KNN) is a black box model which is easy to implement and has achieved good classification performance in different applications. In this paper KNN-Stepwise is illustrated for fault detection of electronics devices. The results achieved shows that the proposed algorithm was able to improve the accuracy, veracity and transparency of KNN models and achieve higher transparency and clarity, and at least similar accuracy than when using Decision Tree models.

Personally identifiable information (PII) has become a major target of cyber-attacks, causing severe losses to data breach victims. To protect data breach victims, researchers focus on collecting exposed PII to assess privacy risk and identify at-risk individuals. However, existing studies mostly rely on exposed PII collected from either the dark web or the surface web. Due to the wide exposure of PII on both the dark web and surface web, collecting from only the dark web or the surface web could result in an underestimation of privacy risk. Despite its research and practical value, jointly collecting PII from both sources is a non-trivial task. In this paper, we summarize our effort to systematically identify, collect, and monitor a total of 1,212,004,819 exposed PII records across both the dark web and surface web. Our effort resulted in 5.8 million stolen SSNs, 845,000 stolen credit/debit cards, and 1.2 billion stolen account credentials. From the surface web, we identified and collected over 1.3 million PII records of the victims whose PII is exposed on the dark web. To the best of our knowledge, this is the largest academic collection of exposed PII, which, if properly anonymized, enables various privacy research inquiries, including assessing privacy risk and identifying at-risk populations.

Underwater Acoustic Sensor Networks (UASNs) are often deployed in hostile environments, and they face many security threats. Moreover, due to the harsh characteristics of the underwater environment, UASNs are vulnerable to malicious attacks. One of the most dangerous security threats is the eavesdropping attack, where an adversary silently collects the information exchanged between the sensor nodes. Although careful assignment of transmission power levels and optimization of data flow paths help alleviate the extent of eavesdropping attacks, the network lifetime can be negatively affected since routing could be established using sub-optimal paths in terms of energy efficiency. In this work, two optimization models are proposed where the first model minimizes the potential eavesdropping risks in the network while the second model maximizes the network lifetime under a certain level of an eavesdropping risk. The results show that network lifetimes obtained when the eavesdropping risks are minimized significantly shorter than the network lifetimes obtained without considering any eavesdropping risks. Furthermore, as the countermeasures against the eavesdropping risks are relaxed, UASN lifetime is shown to be prolonged, significantly.

In the current generation, road accidents and security problems increase dramatically worldwide in our day to day life. In order to overcome this, Vehicular Ad-hoc Network (VANETs) is considered as a key element of future Intelligent Transportation Systems (ITS). With the advancement in vehicular communications, the attacks have also increased, and such architecture is still exposed to many weaknesses which led to numerous security threats that must be addressed before VANET technology is practically and safely adopted. Distributed Denial of Service (DDoS) attack, replay attacks and Sybil attacks are the significant security threats that affect the communication and privacy in VANET. An algorithm to detect and prevent various kinds of security attacks in VANET communication has been designed and proposed in this work. An analysis has also been done by applying four protocols on an existing scenario of real traffic simulator using OpenStreetMap and the best suitable protocol has been selected for further application. The evaluation has been done using SUMO, NS3 and Java simulation environment. Simulation results and extensive performance analysis shows that our proposed Algorithm performs well in detecting and preventing the attacks in VANET communication.

Studies on two-factor authentication based on RFID and face recognition have been carried out on a large scale. However, these studies didn't discuss the way to overcome the weaknesses of face recognition authentication in the access control systems. In this study, two authentication factors, RFID and face recognition, were implemented using the LBP (Local Binary Pattern) algorithm to overcome weaknesses of face recognition authentication in the access control system. Based on the results of performance testing, the access control system has 100% RFID authentication and 80% face recognition authentication. The average time for the RFID authentication process is 0.03 seconds, the face recognition process is 6.3885 seconds and the verification of the face recognition is 0.1970 seconds. The access control system can still work properly after three days without being switched off. The results of security testing showed that the capabilities spoofing detection has 100% overcome the photo attack.

A neural key exchange is a secret key exchange technique based on neural synchronization of the neural network. Since the neural key exchange is based on synchronizing weights within the neural network structure, the security of the algorithm does not depend on the attacker's computational capabilities. However, due to the neural key exchange's repetitive mutual-learning processes, using explicit user authentication methods -such as a public key certificate- is inefficient due to high communication overhead. Implicit authentication based on information that only authorized users know can significantly reduce overhead in communications. However, there was a lack of realistic methods to distribute secret information for authentication among authorized users. In this paper, we propose the concept idea of distributing shared secret values for implicit authentication based on the randomness of the public blockchain. Moreover, we present a method to prevent the unintentional disclosure of shared secret values to third parties in the network due to the transparency of the blockchain.

The Security is a vital aspect of cloud service as it comprises of data that belong to multiple users. Cloud service providers are responsible for maintaining data integrity, confidentiality and availability. They must ensure that their infrastructure and data are protected from intruders. In this research work Intrusion Detection System is designed to detect malicious server by using Cuckoo Search (CS) along with Artificial Intelligence. CS is used for feature optimization with the help of fitness function, the server's nature is categorized into two types: normal and attackers. On the basis of extracted features, ANN classify the attackers which affect the networks in cloud environment. The main aim is to distinguish attacker servers that are affected by DoS/DDoS, Black and Gray hole attacks from the genuine servers. Thus, instead of passing data to attacker server, the server passes the data to the genuine servers and hence, the system is protected. To validate the performance of the system, QoS parameters such as PDR (Packet delivery rate), energy consumption rate and total delay before and after prevention algorithm are measured. When compared with existing work, the PDR and the delay have been enhanced by 3.0 %and 21.5 %.

Today our world benefits from Internet of Things (IoT) technology; however, new security problems arise when these IoT devices are introduced into our homes. Because many of these IoT devices have access to the Internet and they have little to no security, they make our smart homes highly vulnerable to compromise. Some of the threats include IoT botnets and generic confidentiality, integrity, and availability (CIA) attacks. Our research explores botnet detection by experimenting with supervised machine learning and deep-learning classifiers. Further, our approach assesses classifier performance on unbalanced datasets that contain benign data, mixed in with small amounts of malicious data. We demonstrate that the classifiers can separate malicious activity from benign activity within a small IoT network dataset. The classifiers can also separate malicious activity from benign activity in increasingly larger datasets. Our experiments have demonstrated incremental improvement in results for (1) accuracy, (2) probability of detection, and (3) probability of false alarm. The best performance results include 99.9% accuracy, 99.8% probability of detection, and 0% probability of false alarm. This paper also demonstrates how the performance of these classifiers increases, as IoT training datasets become larger and larger.

Generative Adversarial Network (GAN) and its variants have shown promising results in generating synthetic data. However, the issues with GANs are: (i) the learning happens around the training samples and the model often ends up remembering them, consequently, compromising the privacy of individual samples - this becomes a major concern when GANs are applied to training data including personally identifiable information, (ii) the randomness in generated data - there is no control over the specificity of generated samples. To address these issues, we propose imdpGAN-an information maximizing differentially private Generative Adversarial Network. It is an end-to-end framework that simultaneously achieves privacy protection and learns latent representations. With experiments on MNIST dataset, we show that imdpGAN preserves the privacy of the individual data point, and learns latent codes to control the specificity of the generated samples. We perform binary classification on digit pairs to show the utility versus privacy trade-off. The classification accuracy decreases as we increase privacy levels in the framework. We also experimentally show that the training process of imdpGAN is stable but experience a 10-fold time increase as compared with other GAN frameworks. Finally, we extend imdpGAN framework to CelebA dataset to show how the privacy and learned representations can be used to control the specificity of the output.

The article presents a proposal for implementing asymmetric cryptography, specifically the elliptic curves for the protection of high-speed data transmission in a corporate network created on the platform of PLC (Power Line Communications). The solution uses an open-source software library OpenSSL. As part of the design, an experimental workplace was set up, a DHCP and FTP server was established. The possibility of encryption with the selected own elliptic curve from the OpenSSL library was tested so that key pairs (public and private keys) were generated using a software tool. A shared secret was created between communication participants and subsequently, data encryption and decryption were performed.

In VANETs, pseudonyms are often used to replace the identity of vehicles in communication. When vehicles drive out of the network or misbehave, their pseudonym certificates need to be revoked by the certificate authority (CA). The certificate revocation lists (CRLs) are usually used to store the revoked certificates before their expiration. However, using CRLs would incur additional storage, communication and computation overhead. Some existing schemes have proposed to use Bloom Filter to compress the original CRLs, but they are unable to delete the expired certificates and introduce the false positive problem. In this paper, we propose an improved pseudonym certificates revocation scheme, using Cuckoo Filter for compression to reduce the impact of these problems. In order to optimize deletion efficiency, we propose the concept of Certificate Expiration List (CEL) which can be implemented with priority queue. The experimental results show that our scheme can effectively reduce the storage and communication overhead of pseudonym certificates revocation, while retaining moderately low false positive rates. In addition, our scheme can also greatly improve the lookup performance on CRLs, and reduce the revocation operation costs by allowing deletion.

Well-known approaches to risk analysis suggest considering the level of an information system risk as one frame in a film. This means that we only can perform a risk assessment for the current point in time. This article explores the idea of risk assessment in a future period, as a prediction of what we will see in the film later. In other words, the article presents an approach to predicting a potential future risk and suggests the idea of relying on forecasting the likelihood of an attack on information system assets. To establish the risk level at a selected time interval in the future, one has to perform a mathematical decomposition. To do this, we need to select the required information system parameters for the predictions and their statistical data for risk assessment. This method can be used to ensure more detailed budget planning when ensuring the protection of the information system. It can be also applied in case of a change of the information protection configuration to satisfy the accepted level of risk associated with projected threats and vulnerabilities.

Trusted Platform Modules (TPMs) are specialized chips that store RSA keys specific to the host system for hardware authentication. The RSA keys refer to an encryption technology developed by RSA Data Security. The RSA algorithm accounts for the fact that there is no efficient way to factor extremely large numbers. Each TPM chip contains an RSA Key pair known as the Endorsement Key that cannot be accessed by software. The TPM contains an additional key, called the Attestation Identity Key that protects the device itself against unauthorized firmware and software modification by implementing hash functions on critical sections of the software and firmware before execution. As a result, the TPM can be used as a chip for handling encryption for a larger system to offer an additional layer of security. Furthermore, the TPM can also be used for managing encryption keys, as a Storage Root Key is created when a user or administrator takes ownership of the system. However, merging the TPM into a system does come with additional costs along with potential benefits. This paper focuses on integrating a TPM into a system implemented on an ARM processor that engages with power electronics, and then presents the security benefits associated with a TPM.

The number of Mobile device users in the word has evolved rapidly. Many internet users currently want to connect the internet for all utilities automatically. One of the technologies in the IPv6 network, which supports data access from moving users, is IPv6 Mobile protocol. In its mobility, the users on a range of networks can move the range to another network. High demand for this technology will interest to a hacker or a cracker to carry out an attack. One of them is a DoS attack that compromises a target to denial its services. A firewall is usually used to protect networks from external attacks. However, since the firewall based on the attacker database, the unknown may not be detected. In order to address the obstacle, a detection tool could be used. In this research, IDS as an intrusion detection tool was integrated with a firewall to be implemented in IPv6 Mobile to stop the DoS attack. The results of some experiments showed that the integration system could block the attack at 0.9 s in Correspondent Node and 1.2 s in Home Agent. The blocked attack can decrease the network throughput up to 27.44% when a Mobile Node in Home Agent, 28,87% when the Mobile Node in a Foreign Network. The final result of the blocked attack is reducing the average CPU utilization up to 30.99%.

In recent years, we have faced a series of online threats. The continuous malicious attacks on the network have directly caused a huge threat to the user's spirit and property. In order to deal with the complex security situation in today's network environment, an intelligent network situational awareness model based on deep neural networks is proposed. Use the nonlinear characteristics of the deep neural network to solve the nonlinear fitting problem, establish a network security situation assessment system, take the situation indicators output by the situation assessment system as a guide, and collect on the main data features according to the characteristics of the network attack method, the main data features are collected and the data is preprocessed. This model designs and trains a 4-layer neural network model, and then use the trained deep neural network model to understand and analyze the network situation data, so as to build the network situation perception model based on deep neural network. The deep neural network situational awareness model designed in this paper is used as a network situational awareness simulation attack prediction experiment. At the same time, it is compared with the perception model using gray theory and Support Vector Machine(SVM). The experiments show that this model can make perception according to the changes of state characteristics of network situation data, establish understanding through learning, and finally achieve accurate prediction of network attacks. Through comparison experiments, datatypized neural network deep neural network situation perception model is proved to be effective, accurate and superior.

Recently literature indicates that stack based three-dimensional (3D) integration techniques may bring in new security vulnerabilities, such as new attack surfaces for hardware Trojan (HT) insertion. Compared to its two-dimensional counterpart (2DHTs), a 3D hardware Trojan (3DHT) could be stealthily distributed in multiple tiers in a single 3D chip. Although the comprehensive models for 3DHTs are available in recent work, there still lacks 3DHT detection and mitigation methods, especially run-time countermeasures against 3DHTs. This work proposes to leverage the 3D communication infrastructure, 3D network-on-chips (NoCs), to tackle the cross-tier hardware Trojans in stacked multi-tier chips. An invariance checking method is further proposed to detect the Trojans that induce malicious NoC packets or facilitate information leak. The proposed method is successfully deployed in NoC routers and achieves a Trojan detection rate of over 94%. The synthesis result of a hardened router at a 45nm technology node shows that the proposed invariance checking only increases the area by 6.49% and consumes 3.76% more dynamic power than an existing 3D router. The NoC protected with the proposed method is applied to the image authentication in a 3D system. The case study indicates that the proposed security measure reduces the correlation coefficient by up to 31% over the baseline.

In recent times, an increasing amount of intelligent electronic devices (IEDs) are being deployed to make power systems more reliable and economical. While these technologies are necessary for realizing a cyber-physical infrastructure for future smart power grids, they also introduce new vulnerabilities in the grid to different cyber-attacks. Traditional methods such as state vector estimation (SVE) are not capable of identifying cyber-attacks while the geometric information is also injected as an attack vector. In this paper, a machine learning based smart grid attack identification method is proposed. The proposed method is carried out by first collecting smart grid power flow data for machine learning training purposes which is later used to classify the attacks. The performance of both the proposed SVM method and the traditional SVE method are validated on IEEE 14, 30, 39, 57 and 118 bus systems, and the performance regarding the scale of the power system is evaluated. The results show that the SVM-based method performs better than the SVE-based in attack identification over a much wider scale of power systems.

Quantum computing is an emerging field that depends upon the basic properties of quantum physics and principles of classical systems. This leads a way to develop systems to solve complex problems that a classical system cannot do. In this article, we present simple methods to implement logic circuits using quantum gates. Logic gates and circuits are defined with quantum gates using Qiskit in Python. Later, they are verified with quantum circuits created by using IBM Quantum. Moreover, we propose a way of instantiating the basic logic circuits to design high-end logic expressions. As per our knowledge, the proposed simple approach may be helpful to solve the complex logical problems in near future.

Internet of Things (IoT) systems are becoming widely used, which makes them to be a high-value target for both hackers and crackers. From gaining access to sensitive information to using them as bots for complex attacks, the variety of advantages after exploiting different security vulnerabilities makes the security of IoT devices to be one of the most challenging desideratum for cyber security experts. In this paper, we will propose a new IoT system, designed to ensure five data principles: confidentiality, integrity, availability, authentication and authorization. The innovative aspects are both the usage of a web-based communication and a custom dynamic data request structure.

Traceability is a fundamental component of the modern software development process that helps to ensure properly functioning, secure programs. Due to the high cost of manually establishing trace links, researchers have developed automated approaches that draw relationships between pairs of textual software artifacts using similarity measures. However, the effectiveness of such techniques are often limited as they only utilize a single measure of artifact similarity and cannot simultaneously model (implicit and explicit) relationships across groups of diverse development artifacts. In this paper, we illustrate how these limitations can be overcome through the use of a tailored probabilistic model. To this end, we design and implement a HierarchiCal PrObabilistic Model for SoftwarE Traceability (Comet) that is able to infer candidate trace links. Comet is capable of modeling relationships between artifacts by combining the complementary observational prowess of multiple measures of textual similarity. Additionally, our model can holistically incorporate information from a diverse set of sources, including developer feedback and transitive (often implicit) relationships among groups of software artifacts, to improve inference accuracy. We conduct a comprehensive empirical evaluation of Comet that illustrates an improvement over a set of optimally configured baselines of ≈14% in the best case and ≈5% across all subjects in terms of average precision. The comparative effectiveness of Comet in practice, where optimal configuration is typically not possible, is likely to be higher. Finally, we illustrate Comet's potential for practical applicability in a survey with developers from Cisco Systems who used a prototype Comet Jenkins plugin.

Source location privacy (SLP) protection ensures security of assets in monitoring wireless sensor networks (WSNs). Also, low end-to-end delay (EED) and high packet delivery ratio (PDR) guarantee high packet delivery reliability. Therefore, it is important to ensure high levels of SLP protection, low EED, and high PDR in mission-critical monitoring applications. Thus, this study proposes a new angle-based agent node routing protocol (APr) which is capable of achieving high levels of SLP protection, low EED, and high PDR. The proposed APr protocol employs multiple routing strategies to enable a dynamic agent node selection process and creation of obfuscating routing paths. Analysis results reveal that the APr protocol achieves high packet delivery reliability to outperform existing intermediate node-based protocols such as the AdrR and tree-based protocols such as the TbR. Furthermore, the APr protocol achieves significantly high levels of SLP protection to outperform the AdrR protocol.

The purpose of this paper is threefold. First, it makes the case for incorporating cybersecurity principles into undergraduate Engineering Technology Education and for incorporating Industrial Control Systems (ICS) principles into undergraduate Information Technology (IT)/Cybersecurity Education. Specifically, the paper highlights the knowledge/skill gap between engineers and IT/Cybersecurity professionals with respect to the cybersecurity of the ICS. Secondly, it identifies several areas where traditional IT systems and ICS intercept. This interception not only implies that ICS are susceptible to the same cyber threats as traditional IT/IS but also to threats that are unique to ICS. Subsequently, the paper identifies several areas where cybersecurity principles can be applied to ICS. By incorporating cybersecurity principles into Engineering Technology Education, the paper hopes to provide IT/Cybersecurity and Engineering Students with (a) the theoretical knowledge of the cybersecurity issues associated with administering and operating ICS and (b) the applied technical skills necessary to manage and mitigate the cyber risks against these systems. Overall, the paper holds the promise of contributing to the ongoing effort aimed at bridging the knowledge/skill gap with respect to securing ICS against cyber threats and attacks.

Cyber-physical systems (CPS) depend on cybersecurity to ensure functionality, data quality, cyberattack resilience, etc. There are known and unknown cyber threats and attacks that pose significant risks. Information assurance and information security are critical. Many systems are vulnerable to intelligence exploitation and cyberattacks. By investigating cybersecurity risks and formal representation of CPS using spatiotemporal dynamic graphs and networks, this paper investigates topics and solutions aimed to examine and empower: (1) Cybersecurity capabilities; (2) Information assurance and system vulnerabilities; (3) Detection of cyber threat and attacks; (4) Situational awareness; etc. We introduce statistically-characterized dynamic graphs, novel entropy-centric algorithms and calculi which promise to ensure near-real-time capabilities.