Biblio

Traditionally, power grid vulnerability assessment methods are separated to the study of nodes vulnerability and edges vulnerability, resulting in the evaluation results are not accurate. A framework for vulnerability assessment is still required for power grid. Thus, this paper proposes a universal method for vulnerability assessment of power grid by establishing a complex network model with uniform weight of nodes and edges. The concept of virtual edge is introduced into the distinct weighted complex network model of power system, and the selection function of edge weight and virtual edge weight are constructed based on electrical and physical parameters. In addition, in order to reflect the electrical characteristics of power grids more accurately, a weighted betweenness evaluation index with transmission efficiency is defined. Finally, the method has been demonstrated on the IEEE 39 buses system, and the results prove the effectiveness of the proposed method.

An important principle in computational security is to reduce the attack surface, by maintaining the Trusted Computing Base (TCB) small. Even so, no security technique ensures full protection against any adversary. Thus, sensitive applications should be designed with several layers of protection so that, even if a layer might be violated, sensitive content will not be compromised. In 2015, Intel released the Software Guard Extensions (SGX) technology in its processors. This mechanism allows applications to allocate enclaves, which are private memory regions that can hold code and data. Other applications and even privileged code, like the OS kernel and the BIOS, are not able to access enclaves' contents. This paper presents a novel password file protection scheme, which uses Intel SGX to protect authentication credentials in the PAM authentication framework, commonly used in UNIX systems. We defined and implemented an SGX-enabled version of the pam\_unix.so authentication module, called UniSGX. This module uses an SGX enclave to handle the credentials informed by the user and to check them against the password file. To add an extra security layer, the password file is stored using SGX sealing. A threat model was proposed to assess the security of the proposed solution. The obtained results show that the proposed solution is secure against the threat model considered, and that its performance overhead is acceptable from the user point of view. The scheme presented here is also suitable to other authentication frameworks.

Nowadays citizens live in a world where communication technologies offer opportunities for new interactions between people and society. Clearly, e-government is changing the way citizens relate to their government, moving the interaction of physical environment and management towards digital participation. Therefore, it is necessary for e-government to have procedures in place to prevent and lessen the negative impact of an attack or intrusion by third parties. In this research work, he focuses on the implementation of anonymous communication in a proof of concept application called “Delta”, whose function is to allow auctions and offers of products, thus marking the basis for future implementations in e-government services.

Security within the IoT is currently below par. Common security issues include IoT device vendors not following security best practices and/or omitting crucial security controls and features within their devices, lack of defined and mandated IoT security standards, default IoT device configurations, missing secure update mechanisms to rectify security flaws discovered in IoT devices and the overall unintended consequence of complexity - the attack surface of networks comprising IoT devices can increase exponentially with the addition of each new device. In this paper we set out an approach using graphs and graph databases to understand IoT network complexity and the impact that different devices and their profiles have on the overall security of the underlying network and its associated data.

Use-After-Free (UAF) vulnerabilities are caused by the program operating on a dangling pointer and can be exploited to compromise critical software systems. While there have been many tools to mitigate UAF vulnerabilities, UAF remains one of the most common attack vectors. UAF is particularly di cult to detect in concurrent programs, in which a UAF may only occur with rare thread schedules. In this paper, we present a novel technique, UFO, that can precisely predict UAFs based on a single observed execution trace with a provably higher detection capability than existing techniques with no false positives. The key technical advancement of UFO is an extended maximal thread causality model that captures the largest possible set of feasible traces that can be inferred from a given multithreaded execution trace. By formulating UAF detection as a constraint solving problem atop this model, we can explore a much larger thread scheduling space than classical happens-before based techniques. We have evaluated UFO on several real-world large complex C/C++ programs including Chromium and FireFox. UFO scales to real-world systems with hundreds of millions of events in their execution and has detected a large number of real concurrency UAFs.

With the rapid growth of the cyber attacks, cyber threat intelligence (CTI) sharing becomes essential for providing advance threat notice and enabling timely response to cyber attacks. Our goal in this paper is to develop an approach to extract low-level cyber threat actions from publicly available CTI sources in an automated manner to enable timely defense decision making. Specifically, we innovatively and successfully used the metrics of entropy and mutual information from Information Theory to analyze the text in the cybersecurity domain. Combined with some basic NLP techniques, our framework, called ActionMiner has achieved higher precision and recall than the state-of-the-art Stanford typed dependency parser, which usually works well in general English but not cybersecurity texts.

The paper is devoted to analysis of condition of executing devices and sensors of Industrial Control Systems information security. The work contains structures of industrial control systems divided into groups depending on system's layer. The article contains the analysis of analog interfaces work and work features of data transmission protocols in industrial control system field layer. Questions about relevance of industrial control systems information security, both from the point of view of the information security occurring incidents, and from the point of view of regulators' reaction in the form of normative legal acts, are described. During the analysis of the information security systems of industrial control systems a possibility of leakage through technical channels of information leakage at the field layer was found. Potential vectors of the attacks on devices of field layer and data transmission network of an industrial control system are outlined in the article. The relevance analysis of the threats connected with the attacks at the field layer of an industrial control system is carried out, feature of this layer and attractiveness of this kind of attacks is observed.

Due to its costly and time-consuming nature and a wide range of passive barrier elements and tools for their breaching, testing the delay time of passive barriers is only possible as an experimental tool to verify expert judgements of said delay times. The article focuses on the possibility of creating and utilizing a new method of acquiring values of delay time for various passive barrier elements using expert judgements which could add to the creation of charts where interactions between the used elements of mechanical barriers and the potential tools for their bypassing would be assigned a temporal value. The article consists of basic description of methods of expert judgements previously applied for making prognoses of socio-economic development and in other societal areas, which are called soft system. In terms of the problem of delay time, this method needed to be modified in such a way that the prospective output would be expressible by a specific quantitative value. To achieve this goal, each stage of the expert judgements was adjusted to the use of suitable scientific methods to select appropriate experts and then to achieve and process the expert data. High emphasis was placed on evaluation of quality and reliability of the expert judgements, which takes into account the specifics of expert selection such as their low numbers, specialization and practical experience.

Deep learning neural networks (DNNs) have been successful in solving a wide range of machine learning problems. Specialized hardware accelerators have been proposed to accelerate the execution of DNN algorithms for high-performance and energy efficiency. Recently, they have been deployed in datacenters (potentially for business-critical or industrial applications) and safety-critical systems such as self-driving cars. Soft errors caused by high-energy particles have been increasing in hardware systems, and these can lead to catastrophic failures in DNN systems. Traditional methods for building resilient systems, e.g., Triple Modular Redundancy (TMR), are agnostic of the DNN algorithm and the DNN accelerator's architecture. Hence, these traditional resilience approaches incur high overheads, which makes them challenging to deploy. In this paper, we experimentally evaluate the resilience characteristics of DNN systems (i.e., DNN software running on specialized accelerators). We find that the error resilience of a DNN system depends on the data types, values, data reuses, and types of layers in the design. Based on our observations, we propose two efficient protection techniques for DNN systems.

The security of almost any real-world distributed system today depends on the participants having some "reasonably accurate" sense of current real time. Indeed, to name one example, the very authenticity of practically any communication on the Internet today hinges on the ability of the parties to accurately detect revocation of certificates, or expiration of passwords or shared keys.,,However, as recent attacks show, the standard protocols for determining time are subvertible, resulting in wide-spread security loss. Worse yet, we do not have security notions for network time protocols that (a) can be rigorously asserted, and (b) rigorously guarantee security of applications that require a sense of real time.,,We propose such notions, within the universally composable (UC) security framework. That is, we formulate ideal functionalities that capture a number of prevalent forms of time measurement within existing systems. We show how they can be realized by real-world protocols, and how they can be used to assert security of time-reliant applications - specifically, certificates with revocation and expiration times. This allows for relatively clear and modular treatment of the use of time consensus in security-sensitive systems.,,Our modeling and analysis are done within the existing UC framework, in spite of its asynchronous, event-driven nature. This allows incorporating the use of real time within the existing body of analytical work done in this framework. In particular it allows for rigorous incorporation of real time within cryptographic tools and primitives.

We present a new method to protect projected content from secret photography using high-speed projection. Protection techniques for digital copies have been discussed over many years from the viewpoint of data protection. However, content displayed by general display techniques is not only visible to the human eye but also can be captured by cameras. Therefore, projected content is, at times, secretly taken by malicious small cameras even when protection techniques for digital copies are adopted. In this study, we aim to realize a protectable projection method that allows people to observe content with their eyes but not record content with camera devices.

Deduplication is a widely used technique for reducing storage space of cloud service providers. Yet, it is unclear how to support deduplication of encrypted data securely until the study of Bellareetal on message-locked encryption (Eurocrypt 2013). Since then, there are many improvements such as strengthening its security, reducing client storage, etc. While updating a (shared) file is common, there is little attention on how to efficiently update large encrypted files in a remote storage with deduplication. To modify even a single bit, existing solutions require the trivial and expensive way of downloading and decrypting the large ciphertext. We initiate the study of updatable block-level message-locked encryption. We propose a provably secure construction that is efficiently updatable with O(logtextbarFtextbar) computational cost, where textbarFtextbar is the file size. It also supports proof-of-ownership, a nice feature which protects storage providers from being abused as a free content distribution network.

Malicious Hardware Trojans can corrupt data which if undetected may cause serious harm. We propose a technique where characteristics of the data itself are used to detect Hardware Trojan (HT) attacks. In particular, we use a two-chip approach where we generate a data "signature" in analog and test for the signature in a partially reconfigurable digital microchip where the HT may attack. This paper presents an overall signature-based HT detection architecture and case study for cardiovascular signals used in medical device technology. Our results show that with minimal performance and area overhead, the proposed architecture is able to detect HT attacks on primary data inputs as well as on multiple modules of the design.

Combining Error-Correction Coding ECC and cryptography was proposed in the recent decade making use of bit-quality parameters to improve the error correction capability. Most of such techniques combine authentication crypto-functions jointly with ECC codes to improve system reliability, while fewer proposals involve ciphering functions with ECC to improve reliability. In this work, we propose practical and pragmatic low-cost approaches for making use of existing ciphering functions for reliability improvement. The presented techniques show that ciphering functions (as deterministic, non-linear bijective functions) can serve to achieve error correction enhancement and hence allow error recovery and scalable security trade-offs with or without additional ECC components. We demonstrate two best-effort error-correcting strategies. It is further shown, that the targeted reliability improvement is scalable to attain practical usability. The first proposed technique is pure-cipher-based error correction procedure deploying hard decision, best-effort operations to improve the system-survivability without changing system configuration. The second strategy is making use of ECC in combination with the ciphering function to enhance system-survivability. The correction procedures are based on simple experimental search-and-modify the corrupted ciphertext until predefined criteria become valid. This procedure may, however, turn out to become equivalent to a successful integrity/authenticity attack that may reduce the system security level, however in a scalable and predictable non-significant fashion.

Mobile applications frequently request sensitive data. While prior work has focused on analyzing sensitive-data uses originating from well-dened API calls in the system, the security and privacy implications of inputs requested via application user interfaces have been widely unexplored. In this paper, our goal is to understand the broad implications of such requests in terms of the type of sensitive data being requested by applications.

To this end, we propose UiRef (User Input REsolution Framework), an automated approach for resolving the semantics of user inputs requested by mobile applications. UiRef’s design includes a number of novel techniques for extracting and resolving user interface labels and addressing ambiguity in semantics, resulting in signicant improvements over prior work.We apply UiRef to 50,162 Android applications from Google Play and use outlier analysis to triage applications with questionable input requests. We identify concerning developer practices, including insecure exposure of account passwords and non-consensual input disclosures to third parties. These ndings demonstrate the importance of user-input semantics when protecting end users.

Recent years have witnessed a rapid growth in the domain of Internet of Things (IoT). This network of billions of devices generates and exchanges huge amount of data. The limited cache capacity and memory bandwidth make transferring and processing such data on traditional CPUs and GPUs highly inefficient, both in terms of energy consumption and delay. However, many IoT applications are statistical at heart and can accept a part of inaccuracy in their computation. This enables the designers to reduce complexity of processing by approximating the results for a desired accuracy. In this paper, we propose an ultra-efficient approximate processing in-memory architecture, called APIM, which exploits the analog characteristics of non-volatile memories to support addition and multiplication inside the crossbar memory, while storing the data. The proposed design eliminates the overhead involved in transferring data to processor by virtually bringing the processor inside memory. APIM dynamically configures the precision of computation for each application in order to tune the level of accuracy during runtime. Our experimental evaluation running six general OpenCL applications shows that the proposed design achieves up to 20x performance improvement and provides 480x improvement in energy-delay product, ensuring acceptable quality of service. In exact mode, it achieves 28x energy savings and 4.8x speed up compared to the state-of-the-art GPU cores.

Biometrics are widely used for authentication in several domains, services and applications. However, only very few systems succeed in effectively combining highly secure user authentication with an adequate privacy protection of the biometric templates, due to the difficulty associated with jointly providing good authentication performance, unlinkability and irreversibility to biometric templates. This thwarts the use of biometrics in remote authentication scenarios, despite the advantages that this kind of architectures provides. We propose a user-specific approach for decoupling the biometrics from their binary representation before using biometric protection schemes based on fuzzy extractors. This allows for more reliable, flexible, irreversible and unlinkable protected biometric templates. With the proposed biometrics decoupling procedures, biometric metadata, that does not allow to recover the original biometric template, is generated. However, different biometric metadata that are generated starting from the same biometric template remain statistically linkable, therefore we propose to additionally protect these using a second authentication factor (e.g., knowledge or possession based). We demonstrate the potential of this approach within a two-factor authentication protocol for remote biometric authentication in mobile scenarios.

Social network services enable users to conveniently share personal information.  Often, the information shared concerns other people, especially other members of the social network service.  In such situations, two or more people can have conflicting privacy preferences; thus, an appropriate sharing policy may not be apparent. We identify such situations as multiuser privacy scenarios. Current approaches propose finding a sharing policy through preference aggregation.  However, studies suggest that users feel more confident in their decisions regarding sharing when they know the reasons behind each other's preferences.  The goals of this paper are (1) understanding how people decide the appropriate sharing policy in multiuser scenarios where arguments are employed, and (2) developing a computational model to predict an appropriate sharing policy for a given scenario. We report on a study that involved a survey of 988 Amazon MTurk users about a variety of multiuser scenarios and the optimal sharing policy for each scenario.  Our evaluation of the participants' responses reveals that contextual factors, user preferences, and arguments influence the optimal sharing policy in a multiuser scenario.  We develop and evaluate an inference model that predicts the optimal sharing policy given the three types of features.  We analyze the predictions of our inference model to uncover potential scenario types that lead to incorrect predictions, and to enhance our understanding of when multiuser scenarios are more or less prone to dispute.

 

The advancement in technology has changed how people work and what software and hardware people use. From conventional personal computer to GPU, hardware technology and capability have dramatically improved so does the operating systems that come along. Unfortunately, current industry practice to compare OS is performed with single perspective. It is either benchmark the hardware level performance or performs penetration testing to check the security features of an OS. This rigid method of benchmarking does not really reflect the true performance of an OS as the performance analysis is not comprehensive and conclusive. To illustrate this deficiency, the study performed hardware level and operational level benchmarking on Windows XP, Windows 7 and Windows 8 and the results indicate that there are instances where Windows XP excels over its newer counterparts. Overall, the research shows Windows 8 is a superior OS in comparison to its predecessors running on the same hardware. Furthermore, the findings also show that the automated benchmarking tools are proved less efficient benchmark systems that run on Windows XP and older OS as they do not support DirectX 11 and other advanced features that the hardware supports. There lies the need to have a unified benchmarking approach to compare other aspects of OS such as user oriented tasks and security parameters to provide a complete comparison. Therefore, this paper is proposing a unified approach for Operating System (OS) comparisons with the help of a Windows OS case study. This unified approach includes comparison of OS from three aspects which are; hardware level, operational level performance and security tests.

Universally Composable (UC) framework provides the strongest security notion for designing fully trusted cryptographic protocols, and it is very challenging on applying UC security in the design of RFID mutual authentication protocols. In this paper, we formulate the necessary conditions for achieving UC secure RFID mutual authentication protocols which can be fully trusted in arbitrary environment, and indicate the inadequacy of some existing schemes under the UC framework. We define the ideal functionality for RFID mutual authentication and propose the first UC secure RFID mutual authentication protocol based on public key encryption and certain trusted third parties which can be modeled as functionalities. We prove the security of our protocol under the strongest adversary model assuming both the tags' and readers' corruptions. We also present two (public) key update protocols for the cases of multiple readers: one uses Message Authentication Code (MAC) and the other uses trusted certificates in Public Key Infrastructure (PKI). Furthermore, we address the relations between our UC framework and the zero-knowledge privacy model proposed by Deng et al. [1].

User privacy is an important issue in a blockchain based transaction system. Bitcoin, being one of the most widely used blockchain based transaction system, fails to provide enough protection on users' privacy. Many subsequent studies focus on establishing a system that hides the linkage between the identities (pseudonyms) of users and the transactions they carry out in order to provide a high level of anonymity. Examples include Zerocoin, Zerocash and so on. It thus becomes an interesting question whether such new transaction systems do provide enough protection on users' privacy. In this paper, we propose a novel and effective approach for de-anonymizing these transaction systems by leveraging information in the system that is not directly related, including the number of transactions made by each identity and time stamp of sending and receiving. Combining probability studies with optimization tools, we establish a model which allows us to determine, among all possible ways of linking between transactions and identities, the one that is most likely to be true. Subsequent transaction graph analysis could then be carried out, leading to the de-anonymization of the system. To solve the model, we provide exact algorithms based on mixed integer linear programming. Our research also establishes interesting relationships between the de-anonymization problem and other problems studied in the literature of theoretical computer science, e.g., the graph matching problem and scheduling problem.

The evolution of convolutional neural networks (CNNs) into more complex forms of organization, with additional layers, larger convolutions and increasing connections, established the state-of-the-art in terms of accuracy errors for detection and classification challenges in images. Moreover, as they evolved to a point where Gigabytes of memory are required for their operation, we have reached a stage where it becomes fundamental to understand how their inference capabilities can be impaired if data elements somehow become corrupted in memory. This paper introduces fault-injection in these systems by simulating failing bit-cells in hardware memories brought on by relaxing the 100% reliable operation assumption. We analyze the behavior of these networks calculating inference under severe fault-injection rates and apply fault mitigation strategies to improve on the CNNs resilience. For the MNIST dataset, we show that 8x less memory is required for the feature maps memory space, and that in sub-100% reliable operation, fault-injection rates up to 10-1 (with most significant bit protection) can withstand only a 1% error probability degradation. Furthermore, considering the offload of the feature maps memory to an embedded dynamic RAM (eDRAM) system, using technology nodes from 65 down to 28 nm, up to 73 80% improved power efficiency can be obtained.