Biblio

keystroke dynamics authenticates the system user by analyzing his typing rhythm. Given that each of us has his own typing rhythm and that the method is based on the keyboard makes it available in all computer machines, these two reasons (uniqueness and reduced cost) have made the method very solicit by administrators of security. In addition, the researchers used the method in different fields that are listed later in the paper.

We propose a new spam detection approach based solely on meta data features gained from email headers. The approach achieves above 99 % classification accuracy on the CSDMC2010 dataset, which matches or surpasses state-of-the-art spam classifiers. We utilize a static set of engineered features, supplemented with automatically extracted features. The approach is just as effective for spam detection in end-to-end encryption, as our feature set remains unchanged for encrypted emails. In contrast to most established spam detectors, we disregard the email body completely and can therefore deliver very high classification speeds, as computationally expensive text preprocessing is not necessary.

Diffie-Hellman and RSA encryption/decryption involve computationally intensive cryptographic operations such as modular exponentiation. Computing modular exponentiation using appropriate pre-computed pairs of bases and exponents was first proposed by Boyko et al. In this paper, we present a reconfigurable architecture for pre-computation methods to compute modular exponentiation and thereby speeding up RSA and Diffie-Hellman like protocols. We choose Diffie-Hellman key pair (a, ga mod p) to illustrate the efficiency of Boyko et al's scheme in hardware architecture that stores pre-computed values ai and corresponding gai in individual block RAM. We use a Pseudo-random number generator (PRNG) to randomly choose ai values that are added and corresponding gai values are multiplied using modular multiplier to arrive at a new pair (a, ga mod p). Further, we present the advantage of using Montgomery and interleaved methods for batch multiplication to optimise time and area. We show that a 1024-bit modular exponentiation can be performed in less than 73$μ$s at a clock rate of 200MHz on a Xilinx Virtex 7 FPGA.

Untethered microrobots actuated by external magnetic fields have drawn extensive attention recently, due to their potential advantages in real-time tracking and targeted delivery in vivo. To control a swarm of microrobots with external fields, however, is still one of the major challenges in this field. In this work, we present new methods to generate ribbon-like and vortex-like microrobotic swarms using oscillating and rotating magnetic fields, respectively. Paramagnetic nanoparticles with a diameter of 400 nm serve as the agents. These two types of swarms exhibits out-of-equilibrium structure, in which the nanoparticles perform synchronised motions. By tuning the magnetic fields, the swarming patterns can be reversibly transformed. Moreover, by increasing the pitch angle of the applied fields, the swarms are capable of performing navigated locomotion with a controlled velocity. This work sheds light on a better understanding for microrobotic swarm behaviours and paves the way for potential biomedical applications.

Denial of service (DoS) is a process of injecting malicious packets into the network. Intrusion detection system (IDS) is a system used to investigate malicious packets in the network. Software-defined network (SDN) physically separates control plane and data plane. The control plane is moved to a centralized controller, and it makes a decision in the network from a global view. The combination between IDS and SDN allows the prevention of malicious packets to be more efficient due to the advantage of the global view in SDN. IDS needs to communicate with switches to have an access to all end-to-end traffic in the network. The high traffic in the link between switches and IDS results in congestion. The congestion between switches and IDS delays the detection and prevention of malicious traffic. To address this problem, we propose a historical database (Hdb), a scheme to reduce the traffic between switches and IDS, based on the historical information of a sender. The simulation shows that in the average, 54.1% of traffic mirrored to IDS is reduced compared to the conventional schemes.

For the task with complicated manipulation in unstructured environments, traditional hand-coded methods are ineffective, while reinforcement learning can provide more general and useful policy. Although the reinforcement learning is able to obtain impressive results, its stability and reliability is hard to guarantee, which would cause the potential safety threats. Besides, the transfer from simulation to real-world also will lead in unpredictable situations. To enhance the safety and reliability of robots, we introduce the force and haptic perception into reinforcement learning. Force and tactual sensation play key roles in robotic dynamic control and human-robot interaction. We demonstrate that the force-based reinforcement learning method can be more adaptive to environment, especially in sim-to-real transfer. Experimental results show in object pushing task, our strategy is safer and more efficient in both simulation and real world, thus it holds prospects for a wide variety of robotic applications.

The relative permittivity (also known as dielectric constant) is one of the physical properties that characterize a substance. The measurement of its magnitude can be useful in the analysis of several fluids, playing an important role in many industrial processes. This paper presents a method for measuring the relative permittivity of fluids, with the possibility of real-time monitoring. The method comprises the immersion of a capacitive sensor inside a tank or duct, in order to have the inspected substance as its dielectric. An electronic circuit is responsible for exciting this sensor, which will have its capacitance measured through a quick analysis of two analog signals outputted by the circuit. The developed capacitance meter presents a novel topology derived from the well-known Howland current source. One of its main advantages is the capacitance-selective behavior, which allows the system to overcome the effects of parasitic resistive and inductive elements on its readings. In addition to an adjustable current output that suits different impedance magnitudes, it exhibits a steady oscillating behavior, thus allowing continuous operation without any form of external control. This paper presents experimental results obtained from the proposed system and compares them to measurements made with proven and calibrated equipment. Two initial capacitance measurements performed with the system for evaluating the sensor's characteristics exhibited relative errors of approximately 0.07% and 0.53% in comparison to an accurate workbench LCR meter.

Research on keystroke dynamics has the good potential to offer continuous authentication that complements conventional authentication methods in combating insider threats and identity theft before more harm can be done to the genuine users. Unfortunately, the large amount of data required by free-text keystroke authentication often contain personally identifiable information, or PII, and personally sensitive information, such as a user's first name and last name, username and password for an account, bank card numbers, and social security numbers. As a result, there are privacy risks associated with keystroke data that must be mitigated before they are shared with other researchers. We conduct a systematic study to remove PII's from a recent large keystroke dataset. We find substantial amounts of PII's from the dataset, including names, usernames and passwords, social security numbers, and bank card numbers, which, if leaked, may lead to various harms to the user, including personal embarrassment, blackmails, financial loss, and identity theft. We thoroughly evaluate the effectiveness of our detection program for each kind of PII. We demonstrate that our PII detection program can achieve near perfect recall at the expense of losing some useful information (lower precision). Finally, we demonstrate that the removal of PII's from the original dataset has only negligible impact on the detection error tradeoff of the free-text authentication algorithm by Gunetti and Picardi. We hope that this experience report will be useful in informing the design of privacy removal in future keystroke dynamics based user authentication systems.

The recent success of brain-inspired deep neural networks (DNNs) in solving complex, high-level visual tasks has led to rising expectations for their potential to match the human visual system. However, DNNs exhibit idiosyncrasies that suggest their visual representation and processing might be substantially different from human vision. One limitation of DNNs is that they are vulnerable to adversarial examples, input images on which subtle, carefully designed noises are added to fool a machine classifier. The robustness of the human visual system against adversarial examples is potentially of great importance as it could uncover a key mechanistic feature that machine vision is yet to incorporate. In this study, we compare the visual representations of white- and black-box adversarial examples in DNNs and humans by leveraging functional magnetic resonance imaging (fMRI). We find a small but significant difference in representation patterns for different (i.e. white- versus black-box) types of adversarial examples for both humans and DNNs. However, human performance on categorical judgment is not degraded by noise regardless of the type unlike DNN. These results suggest that adversarial examples may be differentially represented in the human visual system, but unable to affect the perceptual experience.

Before accessing Internet websites or applications, network users first ask the Domain Name System (DNS) for the corresponding IP address, and then the user's browser or application accesses the required resources through the IP address. The server log of DNS keeps records of all users' requesting queries. This paper analyzes the user network accessing behavior by analyzing network DNS log in campus, constructing a behavior fingerprint model for each user. Different users and even same user's fingerprints in different periods can be used to determine whether the user's access is abnormal or safe, whether it is infected with malicious code. After detecting the behavior of abnormal user accessing, preventing the spread of viruses, Trojans, bots and attacks is made possible, which further assists the protection of users' network access security through corresponding techniques. Finally, analysis of user behavior fingerprints of campus network access is conducted.

In order to improve the information security level of intelligent substation, this paper proposes an intelligent substation information security assessment tool through the research and analysis of intelligent substation information security risk and information security assessment method, and proves that the tool can effectively detect it. It is of great significance to carry out research on industrial control systems, especially intelligent substation information security.

This paper studies and describes encrypted communication between IoT cloud and IoT embedded systems. It uses encrypted MQTTS protocol with SSL/TLS certificate. A JSON type data format is used between the cloud structure and the IoT device. The embedded system used in this experiment is Esp32 Wrover. The IoT embedded system measures temperature and humidity from a sensor DHT22. The architecture and software implementation of the experimental stage are also presented.

The difficult of detecting, response, tracing the malicious behavior in cloud has brought great challenges to the law enforcement in combating cybercrimes. This paper presents a malicious behavior oriented framework of detection, emergency response, traceability, and digital forensics in cloud environment. A cloud-based malicious behavior detection mechanism based on SDN is constructed, which implements full-traffic flow detection technology and malicious virtual machine detection based on memory analysis. The emergency response and traceability module can clarify the types of the malicious behavior and the impacts of the events, and locate the source of the event. The key nodes and paths of the infection topology or propagation path of the malicious behavior will be located security measure will be dispatched timely. The proposed IaaS service based forensics module realized the virtualization facility memory evidence extraction and analysis techniques, which can solve volatile data loss problems that often happened in traditional forensic methods.

Person re-identification(Person Re-ID) means that images of a pedestrian from cameras in a surveillance camera network can be automatically retrieved based on one of this pedestrian's image from another camera. The appearance change of pedestrians under different cameras poses a huge challenge to person re-identification. Person re-identification systems based on deep learning can effectively extract the appearance features of pedestrians. In this paper, the feature enhancement experiment is conducted, and the result showed that the current person reidentification datasets are relatively small and cannot fully meet the need of deep training. Therefore, this paper studied the method of using generative adversarial network to extend the person re-identification datasets and proposed a label smoothing regularization for outliers with weight (LSROW) algorithm to make full use of the generated data, effectively improved the accuracy of person re-identification.

Industrial Internet of Things (IIoT) is a fusion of industrial automation systems and IoT systems. It features comprehensive sensing, interconnected transmission, intelligent processing, self-organization and self-maintenance. Its applications span intelligent transportation, smart factories, and intelligence. Many areas such as power grid and intelligent environment detection. With the widespread application of IIoT technology, the cyber security threats to industrial IoT systems are increasing day by day, and information security issues have become a major challenge in the development process. In order to protect the industrial IoT system from network attacks, this paper aims to study the industrial IoT information security protection technology, and the typical architecture of industrial Internet of things system, and analyzes the network security threats faced by industrial Internet of things system according to the different levels of the architecture, and designs the security protection strategies applied to different levels of structures based on the specific means of network attack.

In transient distributed cloud computing environment, software is vulnerable to attack, which leads to software functional completeness, so it is necessary to carry out functional testing. In order to solve the problem of high overhead and high complexity of unsupervised test methods, an intelligent evaluation method for transient analysis software function testing based on active depth learning algorithm is proposed. Firstly, the active deep learning mathematical model of transient analysis software function test is constructed by using association rule mining method, and the correlation dimension characteristics of software function failure are analyzed. Then the reliability of the software is measured by the spectral density distribution method of software functional completeness. The intelligent evaluation model of transient analysis software function testing is established in the transient distributed cloud computing environment, and the function testing and reliability intelligent evaluation are realized. Finally, the performance of the transient analysis software is verified by the simulation experiment. The results show that the accuracy of the software functional integrity positioning is high and the intelligent evaluation of the transient analysis software function testing has a good self-adaptability by using this method to carry out the function test of the transient analysis software. It ensures the safe and reliable operation of the software.

Aiming at the realization of power system visualization plane topology modeling, a development method of Microsoft Foundation Classes application framework based on Microsoft Visual Studio is proposed. The overall platform development is mainly composed of five modules: the primitive library module, the platform interface module, the model array file module, the topology array file module, and the algorithm module. The software developed by this method can realize the user-defined power system modeling, and can realize power system operation analysis by combining with algorithm. The proposed method has a short development cycle, compatibility and expandability. This method is applied to the development of a plane topology modeling platform for the distribution network system, which further demonstrates the feasibility of this method.

Accurate network traffic identification is an important basis for network traffic monitoring and data analysis, and is the key to improve the quality of user service. In this paper, through the analysis of two network traffic identification methods based on machine learning and deep packet inspection, a network traffic identification method based on machine learning and deep packet inspection is proposed. This method uses deep packet inspection technology to identify most network traffic, reduces the workload that needs to be identified by machine learning method, and deep packet inspection can identify specific application traffic, and improves the accuracy of identification. Machine learning method is used to assist in identifying network traffic with encryption and unknown features, which makes up for the disadvantage of deep packet inspection that can not identify new applications and encrypted traffic. Experiments show that this method can improve the identification rate of network traffic.

With the rapid development of the contemporary society, wide use of smart phone and vehicle sensing devices brings a huge influence on the extensive data collection. Network coding can only provide weak security privacy protection. Aiming at weak secure feature of network coding, this paper proposes an information transfer mechanism, Weak Security Network Coding with Homomorphic Encryption (HE-WSNC), and it is integrated into routing policy. In this mechanism, a movement model is designed, which allows information transmission process under Wi-Fi and Bluetooth environment rather than consuming 4G data flow. Not only does this application reduce the cost, but also improve reliability of data transmission. Moreover, it attracts more users to participate.

Intelligent recommendation applications based on data mining have appeared as prospective solution for consumer's demand recognition in large-scale data, and it has contained a great deal of consumer data, which become the most valuable wealth of application providers. However, the increasing threat to consumer privacy security in intelligent recommendation mobile application (IR App) makes it necessary to have a risk evaluation to narrow the gap between consumers' need for convenience with efficiency and need for privacy security. For the previous risk evaluation researches mainly focus on the network security or information security for a single work, few of which consider the whole data lifecycle oriented privacy security risk evaluation, especially for IR App. In this paper, we analyze the IR App's features based on the survey on both algorithm research and market prospect, then provide a hierarchical factor set based privacy security risk evaluation method, which includes whole data lifecycle factors in different layers.

As cloud services enter the Internet market, cloud security issues are gradually exposed. In the era of knowledge economy, the unique potential value of big data is being gradually explored. However, the control of data security is facing many challenges. According to the development status and characteristics of database within the cloud environment, this paper preliminary studies on the database security risks faced by the “three-clouds” of State Grid Corporation of China. Based on the mature standardization of information security, this paper deeply studies the database security requirements of cloud environment, and six-step method for cloud database protection is presented, which plays an important role in promoting development of security work for the cloud database. Four key technologies of cloud database security protection are introduced, including database firewall technology, sensitive data encryption, production data desensitization, and database security audit technology. It is helpful to the technology popularization of the grade protection in the security of the cloud database, and plays a great role in the construction of the security of the state grid.

In order to study the stress detection method on long-distance oil and gas pipeline, the distribution characteristics of the surface remanence signals in the stress concentration regions must be known. They were studied by using the magnetic domain model in the non-magnetic saturation state. The finite element method was used herein with the aim to analyse the static and mechanical characteristics of a ferromagnetic specimen. The variation law of remanence signal in stress concentration regions was simulated. The results show that a residue signal in the stress concentration region exists. In addition, a one-to-one correspondence in the non-magnetic saturation environment is evident. In the case of magnetic saturation, the remanence signal of the stress concentration region is covered and the signal cannot be recognised.

An improved algorithm of the Analytic Hierarchy Process (AHP) is proposed in this paper, which is realized by constructing an improved judgment matrix. Specifically, rough set theory is used in the algorithm to calculate the weight of the network metric data, and then the improved AHP algorithm nine-point systemic is structured, finally, an improved AHP judgment matrix is constructed. By performing an AHP operation on the improved judgment matrix, the weight of the improved network metric data can be obtained. If only the rough set theory is applied to process the network index data, the objective factors would dominate the whole process. If the improved algorithm of AHP is used to integrate the expert score into the process of measurement, then the combination of subjective factors and objective factors can be realized. Based on the aforementioned theory, a new network attack metrics system is proposed in this paper, which uses a metric structure based on "attack type-attack attribute-attack atomic operation-attack metrics", in which the metric process of attack attribute adopts AHP. The metrics of the system are comprehensive, given their judgment of frequent attacks is universal. The experiment was verified by an experiment of a common attack Smurf. The experimental results show the effectiveness and applicability of the proposed measurement system.

The traditional logistics transaction lacks a perfect traceability mechanism, and the data information's integrity and safety are not guaranteed in the existing traceability system. In order to solve the problem of main body responsibility caused by the participation of many stakeholders and the uncompleted supervision system in the process of logistics service transaction, This paper proposes a traceability algorithm for logistics service transactions based on blockchain. Based on the logistics service supply chain and alliance chain, the paper firstly investigates the traditional logistics service supply chain, analyzes the existing problems, and combines the structural characteristics of the blockchain to propose a decentralized new logistics service supply chain concept model based on blockchain. Then, using Globe sandara 1 to standardize the physical products and data circulating in the new logistics service supply chain, form unified and standard traceable data, and propose a multi-dimensional traceable data model based on logistics service supply chain. Based on the proposed model, combined with the business process of the logistics service supply chain and asymmetric encryption, a blockchain-based logistics service transaction traceability algorithm is designed. Finally, the simulation results show that the algorithm realizes the end-to-end traceability of the logistics service supply chain, and the service transaction is transparent while ensuring the integrity and security of the data.

Aiming at the operation characteristics of power industry control system, this paper deeply analyses the attack mechanism and characteristics of power industry control system intrusion. On the basis of classifying and sorting out the attack characteristics of power industrial control system, this paper also attaches importance to break the basic theory and consequential technologies of industrial control network space security, and constructs the network intrusion as well as attack model of power industrial control system to realize the precise characterization of attackers' attack behavior, which provides a theoretical model for the analysis and early warning of attack behavior analysis of power industrial control systems.