Biblio

Computing capabilities such as real time data, unlimited connection, data from sensors, environmental analysis, automated decisions (machine learning) are demanded by many areas like industry for example decision making, machine learning, by research and military, for example GPS, sensor data collection. The possibility to make these features compatible with each domain that demands them is known as ubiquitous computing. Ubiquitous computing includes network topologies such as wireless sensor networks (WSN) which can help further improving the existing communication, for example the Internet. Also, ubiquitous computing is included in the Internet of Things (IoT) applications. In this article, it is discussed the mobility of WSN and its advantages and innovations, which make possible implementations for smart home and office. Knowing the growing number of mobile users, we place the mobile phone as the key factor of the future ubiquitous wireless networks. With secure computing, communicating, and storage capacities of mobile devices, they can be taken advantage of in terms of architecture in the sense of scalability, energy efficiency, packet delay, etc. Our work targets to present a structure from a ubiquitous computing point of view for researchers who have an interest in ubiquitous computing and want to research on the analysis, to implement a novel method structure for the ubiquitous computing system in military sectors. Also, this paper presents security and privacy issues in ubiquitous sensor networks (USN).

To support secure and reliable operation of optical networks, we propose a framework for autonomous anomaly detection, root cause analysis and visualization of the anomaly impact on optical signal parameters. Verification on experimental physical layer security data reveals important properties of different attack profiles.

Routing protocol running over low power and lossy networks (RPL) is currently one of the main routing protocols for the Internet of Things (IoT). This protocol has some vulnerabilities that can be exploited by attackers to change its behavior and deteriorate its performance. In the RPL rank attack, a malicious node announces a wrong rank, which leads the neighboring’s nodes to choose this node as a preferred parent. In this study, we used different metrics to assess RPL protocol in the presence of misbehaving nodes, namely the overhead, convergence time, energy consumption, preferred parent changes, and network lifetime. Our simulations results show that a mobile environment is more damaged by the rank attack than a static environment.

With the explosion of Industry 4.0, industrial facilities and critical infrastructures are transforming into “smart” systems that dynamically adapt to external events. The result is an ecosystem of heterogeneous physical and cyber components, such as programmable logic controllers, which are more and more exposed to cyber-physical attacks, i.e., security breaches in cyberspace that adversely affect the physical processes at the core of industrial control systems. We apply runtime enforcement techniques, based on an ad-hoc sub-class of Ligatti et al.'s edit automata, to enforce specification compliance in networks of potentially compromised controllers, formalised in Hennessy and Regan's Timed Process Language. We define a synthesis algorithm that, given an alphabet P of observable actions and an enforceable regular expression e capturing a timed property for controllers, returns a monitor that enforces the property e during the execution of any (potentially corrupted) controller with alphabet P and complying with the property e. Our monitors correct and suppress incorrect actions coming from corrupted controllers and emit actions in full autonomy when the controller under scrutiny is not able to do so in a correct manner. Besides classical properties, such as transparency and soundness, the proposed enforcement ensures non-obvious properties, such as polynomial complexity of the synthesis, deadlock- and diverge-freedom of monitored controllers, together with scalability when dealing with networks of controllers.

Self-adaptive systems overcome many of the limitations of human supervision in complex software-intensive systems by endowing them with the ability to automatically adapt their structure and behavior in the presence of runtime changes. However, adaptation in some classes of systems (e.g., safetycritical) can benefit by receiving information from humans (e.g., acting as sophisticated sensors, decision-makers), or by involving them as system-level effectors to execute adaptations (e.g., when automation is not possible, or as a fallback mechanism). However, human participants are influenced by factors external to the system (e.g., training level, fatigue) that affect the likelihood of success when they perform a task, its duration, or even if they are willing to perform it in the first place. Without careful consideration of these factors, it is unclear how to decide when to involve humans in adaptation, and in which way. In this paper, we investigate how the explicit modeling of human participants can provide a better insight into the trade-offs of involving humans in adaptation. We contribute a formal framework to reason about human involvement in self-adaptation, focusing on the role of human participants as actors (i.e., effectors) during the execution stage of adaptation. The approach consists of: (i) a language to express adaptation models that capture factors affecting human behavior and its interactions with the system, and (ii) a formalization of these adaptation models as stochastic multiplayer games (SMGs) that can be used to analyze humansystem-environment interactions. We illustrate our approach in an adaptive industrial middleware used to monitor and manage sensor networks in renewable energy production plants.

The ever-growing threats of cascading failures due to cyber-attacks pose a significant challenge to power grid security. A wrong system state estimate caused by a false data injection attack could lead to a wrong control actions and take the system into a more insecure operating condition. As a consequence, an attack-resilient failure mitigation strategy needs to be developed to correctly determine control actions to prevent the propagation of cascades. In this paper, a recovery-based model predictive control methodology is developed to eliminate power system component violations following coordinated cyber-physical attacks where physical attacks are masked by targeted false data injection attacks. Specifically, to address the problem of wrong system state estimation with compromised data, a developed methodology recovers the incorrect states from historical data rather than utilizing the tampered data, and thus allowing control centers to identify proper control actions. Additionally, instead of using a one-step method to optimize control actions, the recovery-based model predictive control methodology scheme incorporates the effect of controls over a finite time horizon and the attack detection delay to make appropriate control decisions. Case studies, performed on IEEE 30-bus and Illinois 200-bus systems, show that the developed recovery-based model predictive control methodology scheme is robust to coordinated attacks and efficient in mitigating cascades.

The exploitation of key supply chains by foreign adversaries—especially when executed in concert with cyber intrusions and insider threat activities—represents a complex and growing threat to strategically important U.S. economic sectors and critical infrastructure. The increasing reliance on foreign-owned or controlled hardware, software, or services as well as the proliferation of networking technologies, including those associated with the Internet of Things, creates vulnerabilities in our nation’s supply chains. By exploiting these vulnerabilities, foreign adversaries could compromise the integrity, trustworthiness, and authenticity of products and services that underpin government and American industry, or even subvert and disrupt critical networks and systems, operations, products, and weapons platforms in a time of crisis. We must elevate the role of supply chain security in the acquisition process.

Although there is great media attention to connected and automated vehicles (CAVs) and strong public interest in the technology, it is still under development. Their deployment to the broader public will require new regulations and road traffic rules that are also under development, and there is not yet a globally harmonized approach. This paper reviews the main safety and liability issues for CAVs with a focus on the rules developed for on-road testing to date in Australia, the United States, and Germany. It also reviews government policies from Victoria, Australia, and California, the United States, and it provides an appendix on European Union (E.U.) regulations. After a review of similarities and differences regarding safety and liability provisions, the study suggests how the current provisions can be brought together toward a globally harmonized approach to safety issues that builds on best practices in the three countries.

In view of the security threats caused by the code execution vulnerability of the industrial control system, design the trusted security architecture of the industrial control system based on the embedded system. From the trusted startup of industrial control equipment, the safety protection for industrial control system is completed. The scheme is based on TPM and Xilinx Zynq-7030 to build an industrial trusted computing environment and complete the trusted startup process. Experiment shows that this method can effectively prevent the destruction of malicious code during the startup process of embedded system and provide technical support for the construction of trusted computing environment of industrial control system.

Compared with traditional databases such as Oracle database, SQL Server database and MySQL database, Dameng database is a domestic database with independent intellectual property rights. Combined with the security management of Dameng database and the requirement of database audit, this paper designs the security configuration baseline of Dameng database. By designing the security configuration baseline of Dameng database, the audit work of Dameng database can be carried out efficiently, and by analyzing the audit results, the security configuration baseline of Dameng database can be improved.

In view of the problem that the overall security of the network is difficult to evaluate quantitatively, we propose the edge authority attack graph model, which aims to make up for the traditional dependence attack graph to describe the relationship between vulnerability behaviors. This paper proposed a network security metrics based on probability, and proposes a network vulnerability algorithm based on vulnerability exploit probability and attack target asset value. Finally, a network security reinforcement algorithm with network vulnerability index as the optimization target is proposed based on this metric algorithm.

In order to improve the information security ability of the network information platform, the information security evaluation method is proposed based on artificial neural network. Based on the comprehensive analysis of the security events in the construction of the network information platform, the risk assessment model of the network information platform is constructed based on the artificial neural network theory. The weight calculation algorithm of artificial neural network and the minimum artificial neural network pruning algorithm are also given, which can realize the quantitative evaluation of network information security. The fuzzy neural network weighted control method is used to control the information security, and the non-recursive traversal method is adopted to realize the adaptive training of information security assessment process. The adaptive learning of the artificial neural network is carried out according to the conditions, and the ability of information encryption and transmission is improved. The information security assessment is realized. The simulation results show that the method is accurate and ensures the information security.

Energy Internet is a typical cyber-physical system (CPS), in which the disturbance on cyber part may result in the operation risks on the physical part. In order to perform CPS assessment and research the interactive influence between cyber part and physical part, an integrated energy internet CPS model which adopts information flow matrix, energy control flow matrix and information energy hybrid flow matrix is proposed in this paper. The proposed model has a higher computational efficacy compared with simulation based approaches. Then, based on the proposed model, the influence of cyber disturbances such as data dislocation, data delay and data error on the physical part are studied. Finally, a 3 MW PET based energy internet CPS is built using PSCAD/EMTDC software. The simulation results prove the validity of the proposed model and the correctness of the interactive influence analysis.

ARP-attack often occurs in LAN network [1], which directly affects the user's online experience. The common type of ARP-attack is MITM-Attack (Man-in-the-Middle Attack) with two-types, disguising a host or a gateway. Common means of ARP-attack prevention is by deploying network-security equipment or binding IP-MAC in LAN manually[10]. This paper studies an automatic ARP-attack prevention technology for multi-object, based on the domain-control technology and batch-processing technology. Compared with the common ARP-attack-prevention measure, this study has advantages of low-cost, wide-application, and maintenance-free. By experimentally researching, this paper demonstrates the research correctness and technical feasibility. This research result, multi-object-oriented automatic defense technology for ARP-attacking, can apply to enterprise network.

With the rapid progress of informatization construction in power business, data resource has become the basic strategic resource of the power industry and innovative element in power production. The security protection of data in power business is particularly important in the informatization construction of power business. In order to implement data security protection, transparent encryption is one of the fifteen key technical standards in the Construction Guideline of the Standard Network Data Security System. However, data storage in the encrypted state is bound to affect the security audit of data to a certain extent. Based on this problem, this paper proposes a scheme to audit the sensitivity of the power business data under the protection of encryption to achieve an efficient sensitivity audit of ciphertext data with the premise of not revealing the decryption key or data information. Through a security demonstration, this paper fully proves that this solution is secure under the known plaintext attacks.

This research paper presented a design that will address the challenges brought by remanence in ground-fault current interrupter devices (gfci). Remanence or residual magnetism is the magnetization left behind in a ferromagnetic material (such as iron) after an external magnetic field is removed. Remanence will make the gfci devices less accurate and less reliable in tripping the current above threshold in just five (5) years. It affects the performance of the device in terms of efficiency, accuracy, and response time. In this research, the problems caused by remanence were alleviated by using two identical transformers in detecting residual current both for hot and neutral wires. The difference of the current detected by the two transformers will be the basis of the signal threshold in tripping the device. By doing so, the problems caused by remanence phenomenon will be solved without compromising the response time of the circuit which is around 16 mS. The design will extend the life span of GFCI devices up to 15 years.

Software-Defined Networks (SDN) are being adopted widely and are also likely to be deployed as the infrastructure of systems with critical real-time properties such as Industrial Control Systems (ICS). This raises the question of what security and performance guarantees can be given for the data plane of such critical systems and whether any control plane actions will adversely affect these guarantees, particularly for quality of service in real-time systems. In this paper we study the existing literature on the analysis of SDN using queueing networks and show ways in which models need to be extended to study attacks that are based on arrival rates and service time distributions of flows in SDN.

In this paper, we study the resilient vector consensus problem in multi-agent networks and improve resilience guarantees of existing algorithms. In resilient vector consensus, agents update their states, which are vectors in ℝd, by locally interacting with other agents some of which might be adversarial. The main objective is to ensure that normal (non-adversarial) agents converge at a common state that lies in the convex hull of their initial states. Currently, resilient vector consensus algorithms, such as approximate distributed robust convergence (ADRC) are based on the idea that to update states in each time step, every normal node needs to compute a point that lies in the convex hull of its normal neighbors' states. To compute such a point, the idea of Tverberg partition is typically used, which is computationally hard. Approximation algorithms for Tverberg partition negatively impact the resilience guarantees of consensus algorithm. To deal with this issue, we propose to use the idea of centerpoint, which is an extension of median in higher dimensions, instead of Tverberg partition. We show that the resilience of such algorithms to adversarial nodes is improved if we use the notion of centerpoint. Furthermore, using centerpoint provides a better characterization of the necessary and sufficient conditions guaranteeing resilient vector consensus. We analyze these conditions in two, three, and higher dimensions separately. We also numerically evaluate the performance of our approach.

Mobile Ad hoc Network (MANET) is one of the emerging technologies to communicate between nodes and its decentralized structure, self-configuring nature are the few properties of this Ad hoc network. Due to its undefined structure, it has found its usage in the desired and temporary communication network. MANET has many routing protocols governing it and due to its changing topology, there can be many issues arise in recent times. Problems like no central node, limited energy, and the quality of service, performance, design issues, and security challenges have been bugging the researchers. The black hole attacks are the kind that cause ad hoc network to be at loss of information and make the source to believe that it has the actual least distance path to the destination, but in real scenario the packets do not get forwarded to neighbouring nodes. In this paper, we have discussed different solutions over the past years to deal with such attacks. A summary of the schemes with their results and drawbacks in terms of performance metrics is also given.

The significant development of Internet of Things (IoT) paradigm for monitoring the real-time applications using the wireless communication technologies leads to various challenges. The secure data transmission and privacy is one of the key challenges of IoT enabled Wireless Sensor Networks (WSNs) communications. Due to heterogeneity of attackers like Man-in-Middle Attack (MIMA), the present single layered security solutions are not sufficient. In this paper, the robust cross-layer trust computation algorithm for MIMA attacker detection proposed for IoT enabled WSNs called IoT enabled Cross-Layer Man-in-Middle Attack Detection System (IC-MADS). In IC-MADS, first robust clustering method proposed to form the clusters and cluster head (CH) preference. After clustering, for every sensor node, its trust value computed using the parameters of three layers such as MAC, Physical, and Network layers to protect the network communications in presence of security threats. The simulation results prove that IC-MADS achieves better protection against MIMA attacks with minimum overhead and energy consumption.

Many self-adaptive systems benefit from human
involvement, where a human operator can provide expertise not available to the system and perform adaptations involving physical changes that cannot be automated. However, a lack
of transparency and intelligibility of system goals and the autonomous behaviors enacted to achieve them may hinder a human operator’s effort to make such involvement effective. Explanation
is sometimes helpful to allow the human to understand why the system is making certain decisions. However, explanations come
with costs in terms of, e.g., delayed actions. Hence, it is not always obvious whether explanations will improve the satisfaction of
system goals and, if so, when to provide them to the operator.  In this work, we define a formal framework for reasoning about explanations of adaptive system behaviors and the conditions
under which they are warranted. Specifically, we characterize explanations in terms of their impact on a human operator’s ability to effectively engage in adaptive actions. We then present a decision-making approach for planning in self-adaptation that leverages a probabilistic reasoning tool to determine when the explanation should be used in an adaptation strategy in order to improve overall system utility. We illustrate our approach in a
representative scenario for the application of an adaptive news website in the context of potential denial-of-service attacks.

Conflicts may arise at any time during military debriefing meetings, especially in high intensity deployed settings. When such conflicts arise, it takes time to get everyone back into a receptive state of mind so that they engage in reflective discussion rather than unproductive arguing. It has been proposed by some that the use of social robots equipped with social abilities such as emotion regulation through rapport building may help to deescalate these situations to facilitate critical operational decisions. However, in military settings, the same AI agent used in the pre-brief of a mission may not be the same one used in the debrief. The purpose of this study was to determine whether a brief rapport-building session with a social robot could create a connection between a human and a robot agent, and whether consistency in the embodiment of the robot agent was necessary for maintaining this connection once formed. We report the results of a pilot study conducted at the United States Air Force Academy which simulated a military mission (i.e., Gravity and Strike). Participants' connection with the agent, sense of trust, and overall likeability revealed that early rapport building can be beneficial for military missions.

Intelligent connected vehicle cyber security has attracted widespread attention this year. The safety of GNSS information is related to the safety of cars and has become a key technology. This paper researches the cyber security characteristics of intelligent connected vehicle navigation and positioning by analyzing the signal receiving mode of navigation and positioning on the vehicle terminal. The article expounds the principles of deceiving and interfering cyber security that lead to the safety of GNSS information. This paper studies the key causes of cyber security. Based on key causes, the article constructs a GNSS cyber security test method by combining a navigation signal simulator and an interference signal generator. The results shows that the method can realize the security test of the GNSS information of the vehicle terminal. This method provides a test method for the navigation terminal defense cyber security capability for a vehicle terminal, and fills a gap in the industry for the vehicle terminal information security test.

In the increasingly diverse information age, various kinds of personal information security problems continue to break out. According to the idea of combination of identity authentication and encryption services, this paper proposes a personal identity access management model based on the OIDC protocol. The model will integrate the existing personal security information and build a set of decentralized identity authentication and access management application cluster. The advantage of this model is to issue a set of authentication rules, so that all users can complete the authentication of identity access of all application systems in the same environment at a lower cost, and can well compatible and expand more categories of identity information. Therefore, this method not only reduces the number of user accounts, but also provides a unified and reliable authentication service for each application system.

Based on the analysis of the difficulties and pain points of privacy protection in the opening and sharing of government data, this paper proposes a new method for intelligent discovery and protection of structured and unstructured privacy data. Based on the improvement of the existing government data masking process, this method introduces the technologies of NLP and machine learning, studies the intelligent discovery of sensitive data, the automatic recommendation of masking algorithm and the full automatic execution following the improved masking process. In addition, the dynamic masking and static masking prototype with text and database as data source are designed and implemented with agent-based intelligent masking middleware. The results show that the recognition range and protection efficiency of government privacy data, especially government unstructured text have been significantly improved.