Biblio

The economic progress of the Internet of Things (IoT) is phenomenal. Applications range from checking the alignment of some components during a manufacturing process, monitoring of transportation and pedestrian levels to enhance driving and walking path, remotely observing terminally ill patients by means of medical devices such as implanted devices and infusion pumps, and so on. To provide security, encrypting the data becomes an indispensable requirement, and symmetric encryptions algorithms are becoming a crucial implementation in the resource constrained environments. Typical symmetric encryption algorithms like Advanced Encryption Standard (AES) showcases an assumption that end points of communications are secured and that the encryption key being securely stored. However, devices might be physically unprotected, and attackers may have access to the memory while the data is still encrypted. It is essential to reserve the key in such a way that an attacker finds it hard to extract it. At present, techniques like White-Box cryptography has been utilized in these circumstances. But it has been reported that applying White-Box cryptography in IoT devices have resulted in other security issues like the adversary having access to the intermediate values, and the practical implementations leading to Code lifting attacks and differential attacks. In this paper, a solution is presented to overcome these problems by demonstrating the need of White-Box Cryptography to enhance the security by utilizing the cipher block chaining (CBC) mode.

Email privacy is of crucial importance. Existing email encryption approaches are comprehensive but seldom used due to their complexity and inconvenience. We take a new approach to simplify email encryption and improve its usability by implementing receiver-controlled encryption: newly received messages are transparently downloaded and encrypted to a locally-generated key; the original message is then replaced. To avoid the problem of moving a single private key between devices, we implement per-device key pairs: only public keys need be synchronized via a simple verification step. Compromising an email account or server only provides access to encrypted emails. We implemented this scheme on several platforms, showing it works with PGP and S/MIME, is compatible with widely used mail clients and email services including Gmail, has acceptable overhead, and that users consider it intuitive and easy to use.

In this paper, we explore the use of machine learning technique for wormhole attack detection in ad hoc network. This work has categorized into three major tasks. One of our tasks is a simulation of wormhole attack in an ad hoc network environment with multiple wormhole tunnels. A next task is the characterization of packet attributes that lead to feature selection. Consequently, we perform data generation and data collection operation that provide large volume dataset. The final task is applied to machine learning technique for wormhole attack detection. Prior to this, a wormhole attack has detected using traditional approaches. In those, a Multirate-DelPHI is shown best results as detection rate is 90%, and the false alarm rate is 20%. We conduct experiments and illustrate that our method performs better resulting in all statistical parameters such as detection rate is 93.12% and false alarm rate is 5.3%. Furthermore, we have also shown results on various statistical parameters such as Precision, F-measure, MCC, and Accuracy.

Security experts often recommend using password-management tools that both store passwords and generate random passwords. However, research indicates that only a small fraction of users use password managers with password generators. Past studies have explored factors in the adoption of password managers using surveys and online store reviews. Here we describe a semi-structured interview study with 30 participants that allows us to provide a more comprehensive picture of the mindsets underlying adoption and effective use of password managers and password-generation features. Our participants include users who use no password-specific tools at all, those who use password managers built into browsers or operating systems, and those who use separately installed password managers. Furthermore, past field data has indicated that users of built-in, browser-based password managers more often use weak and reused passwords than users of separate password managers that have password generation available by default. Our interviews suggest that users of built-in password managers may be driven more by convenience, while users of separately installed tools appear more driven by security. We advocate tailored designs for these two mentalities and provide actionable suggestions to induce effective password manager usage.

An MIT study suggests the use of crowdsourcing to devalue false news stories and misinformation online. Despite differences in political opinions, all groups can agree that fake and hyperpartisan sites are untrustworthy.

Todays analyzing web weaknesses and vulnerabilities in order to find security attacks has become more urgent. In case there is a communication contrary to the system security policies, a covert channel has been created. The attacker can easily disclosure information from the victim's system with just one public access permission. Covert timing channels, unlike covert storage channels, do not have memory storage and they draw less attention. Different methods have been proposed for their identification, which generally benefit from the shape of traffic and the channel's regularity. In this article, an entropy-based detection method is designed and implemented. The attacker can adjust the amount of channel entropy by controlling measures such as changing the channel's level or creating noise on the channel to protect from the analyst's detection. As a result, the entropy threshold is not always constant for detection. By comparing the entropy from different levels of the channel and the analyst, we conclude that the analyst must investigate traffic at all possible levels.

In AI Matters Volume 4, Issue 2, and Issue 4, we raised the notion of the possibility of an AI Cosmology in part in response to the "AI Hype Cycle" that we are currently experiencing. We posited that our current machine learning and big data era represents but one peak among several previous peaks in AI research in which each peak had accompanying "Hype Cycles". We associated each peak with an epoch in a possible AI Cosmology. We briefly explored the logic machines, cybernetics, and expert system epochs. One of the objectives of identifying these epochs was to help establish that we have been here before. In particular we've been in the territory where some application of AI research finds substantial commercial success which is then closely followed by AI fever and hype. The public's expectations are heightened only to end in disillusionment when the applications fall short. Whereas it is sometimes somewhat of a challenge even for AI researchers, educators, and practitioners to know where the reality ends and hype begins, the layperson is often in an impossible position and at the mercy of pop culture, marketing and advertising campaigns. We suggested that an AI Cosmology might help us identify a single standard model for AI that could be the foundation for a common shared understanding of what AI is and what it is not. A tool to help the layperson understand where AI has been, where it's going, and where it can't go. Something that could provide a basic road map to help the general public navigate the pitfalls of AI Hype.

Entropy sources are designed to provide unpredictable random numbers for cryptographic systems. As an assessment of the sources, Shannon entropy is usually adopted to quantitatively measure the unpredictability of the outputs. In several related works about the entropy evaluation of ring oscillator-based (RO-based) entropy sources, authors evaluated the unpredictability with the average conditional Shannon entropy (ACE) of the source, moreover provided a lower bound of the ACE (LBoACE). However, in this paper, we have demonstrated that when the adversaries have access to the history outputs of the entropy source, for example, by some intrusive attacks, the LBoACE may overestimate the actual unpredictability of the next output for the adversaries. In this situation, we suggest to adopt the specific conditional Shannon entropy (SCE) which exactly measures the unpredictability of the future output with the knowledge of previous output sequences and so is more consistent with the reality than the ACE. In particular, to be conservative, we propose to take the lower bound of the SCE (LBoSCE) as an estimation of the worst-case entropy of the sources. We put forward a detailed method to estimate this worst-case entropy of RO-based entropy sources, which we have also verified by experiment on an FPGA device. We recommend to adopt this method to provide a conservative assessment of the unpredictability when the entropy source works in a vulnerable environment and the adversaries might obtain the previous outputs.

The human side of cyber is fundamentally important to understanding and improving cyber operations. With the exception of Capture the Flag (CTF) exercises, cyber testing and experimentation tends to ignore the human attacker. While traditional CTF events include a deeply rooted human component, they rarely aim to measure human performance, cognition, or psychology. We argue that CTF is not sufficient for measuring these aspects of the human; instead, we examine the value in performing red team behavioral and cognitive testing in a large-scale, controlled human-subject experiment. In this paper we describe the pros and cons of performing this type of experimentation and provide detailed exposition of the data collection and experimental controls used during a recent cyber deception experiment-the Tularosa Study. Finally, we will discuss lessons learned and how our experiences can inform best practices in future cyber operations studies of human behavior and cognition.

The disclosure of an important yet sensitive link may cause serious privacy crisis between two users of a social graph. Only deleting the sensitive link referred to as a target link which is often the attacked target of adversaries is not enough, because the adversarial link prediction can deeply forecast the existence of the missing target link. Thus, to defend some specific adversarial link prediction, a budget limited number of other non-target links should be optimally removed. We first propose a path-based dissimilarity function as the optimizing objective and prove that the greedy link deletion to preserve target link privacy referred to as the GLD2Privacy which has monotonicity and submodularity properties can achieve a near optimal solution. However, emulating all length limited paths between any pair of nodes for GLD2Privacy mechanism is impossible in large scale social graphs. Secondly, we propose a Walk2Privacy mechanism that uses self-avoiding random walk which can efficiently run in large scale graphs to sample the paths of given lengths between the two ends of any missing target link, and based on the sampled paths we select the alternative non-target links being deleted for privacy purpose. Finally, we compose experiments to demonstrate that the Walk2Privacy algorithm can remarkably reduce the time consumption and achieve a very near solution that is achieved by the GLD2Privacy.

SVM has been one of the most popular machine learning method for the binary classification such as sentiment analysis and spam message filtering. We explored a word embedding method for the construction of a feature vector and the deep learning method for the binary classification. CBOW is used as a word embedding technique and feedforward neural network is applied to classify SMS messages into ham or spam. The accuracy of the two classification methods of SVM and neural network are compared for the binary classification. The experimental result shows that the accuracy of deep learning method is better than the conventional machine learning method of SVM-light in the binary classification.

Plenty of methods applied in system identification, while those based on data-driven are increasingly popular. Usually we ignore the absence of outliers among the system to be modeled, but it is unreachable in reality. To improve the precision of identification towards system with outliers, advantageous approaches with robustness are needed. This study analyzes the superiority of weighted Least Square Support Vector Machine Regression (LS-SVMR) in the field of system identification under random outliers, and compare it with LS-SVMR mainly.

Botnets are responsible for many large scale attacks happening on the Internet. Their weak point, which is usually targeted to take down a botnet, is the command and control infrastructure: the foundation for the diffusion of the botmaster's instructions. Hence, botmasters employ stealthy communication methods to remain hidden and retain control of the botnet. Recent research has shown that blockchains can be leveraged for under the radar communication with bots, however these methods incur fees for transaction broadcasting. This paper discusses the use of a novel technology, Whisper, for command and control instruction dissemination. Whisper allows a botmaster to control bots at virtually zero cost, while providing a peer-to-peer communication infrastructure, as well as privacy and encryption as part of its dark communication strategy. It is therefore well suited for bidirectional botnet command and control operations, and creating a botnet that is very difficult to take down.

Atomic multicast is a communication primitive that delivers messages to multiple groups of processes according to some total order, with each group receiving the projection of the total order onto messages addressed to it. To be scalable, atomic multicast needs to be genuine, meaning that only the destination processes of a message should participate in ordering it. In this paper we propose a novel genuine atomic multicast protocol that in the absence of failures takes as low as 3 message delays to deliver a message when no other messages are multicast concurrently to its destination groups, and 5 message delays in the presence of concurrency. This improves the latencies of both the fault-tolerant version of classical Skeen's multicast protocol (6 or 12 message delays, depending on concurrency) and its recent improvement by Coelho et al. (4 or 8 message delays). To achieve such low latencies, we depart from the typical way of guaranteeing fault-tolerance by replicating each group with Paxos. Instead, we weave Paxos and Skeen's protocol together into a single coherent protocol, exploiting opportunities for white-box optimisations. We experimentally demonstrate that the superior theoretical characteristics of our protocol are reflected in practical performance pay-offs.

Ad fraud is becoming more common among websites. Ad fraud can help fraudsters to generate revenue for themselves through fake traffic, fake clicks and fake installs. It can also help the cybercriminals to deploy malware on users' computers.

Robots that interact with children are becoming more common in places such as child care and hospital environments. While such robots may mistakenly provide nonsensical information, or have mechanical malfunctions, we know little of how these robot errors are perceived by children, and how they impact trust. This is particularly important when robots provide children with information or instructions, such as in education or health care. Drawing inspiration from established psychology literature investigating how children trust entities who teach or provide them with information (informants), we designed and conducted an experiment to examine how robot errors affect how young children (3-5 years old) trust robots. Our results suggest that children utilize their understanding of people to develop their perceptions of robots, and use this to determine how to interact with robots. Specifically, we found that children developed their trust model of a robot based on the robot's previous errors, similar to how they would for a person. We however failed to replicate other prior findings with robots. Our results provide insight into how children as young as 3 years old might perceive robot errors and develop trust.

In this paper, we address the web service selection problem for linear workflows. Given a linear workflow specifying a set of ordered tasks and a set of candidate services providing different features for each task, the selection problem deals with the objective of selecting the most eligible service for each task, given the ordering specified. A number of approaches to solving the selection problem have been proposed in literature. With web services growing at an incredible pace, service selection at the Internet scale has resurfaced as a problem of recent research interest. In this work, we present our approach to the selection problem using an abstraction refinement technique to address the scalability limitations of contemporary approaches. Experiments on web service benchmarks show that our approach can add substantial performance benefits in terms of space when compared to an approach without our optimization.

Modern Internet of Things networks are often proprietary, although based on open standards, or are built on the basis of conventional Wi-Fi network, which does not allow the use of energy-saving modes and limits the range of solutions used. The paper is devoted to the study and comparison of two solutions based on Wi-Fi and Bluetooth with the functions of a self-organizing network and switching between transmission channels. The power consumption in relation to specific actions and volumes of transmitted data is investigated; a conclusion is drawn on the conditions for the application of a particular technology.

Phishing is a criminal offense which involves theft of user's sensitive data. The phishing websites target individuals, organizations, the cloud storage hosting sites and government websites. Currently, hardware based approaches for anti-phishing is widely used but due to the cost and operational factors software based approaches are preferred. The existing phishing detection approaches fails to provide solution to problem like zero-day phishing website attacks. To overcome these issues and precisely detect phishing occurrence a three phase attack detection named as Web Crawler based Phishing Attack Detector(WC-PAD) has been proposed. It takes the web traffics, web content and Uniform Resource Locator(URL) as input features, based on these features classification of phishing and non phishing websites are done. The experimental analysis of the proposed WC-PAD is done with datasets collected from real phishing cases. From the experimental results, it is found that the proposed WC-PAD gives 98.9% accuracy in both phishing and zero-day phishing attack detection.

The development of the internet and the web makes human activities more practical, comfortable, and inexpensive. So that the use of the internet and websites is increasing in various ways. Public networks make the security of websites vulnerable to attack. This research proposes a Honeypot for server security against attackers who want to steal data by carrying out a brute force attack. In this research, Honeypot is integrated on the server to protect the server by creating a shadow server. This server is responsible for tricking the attacker into not being able to enter the original server. Brute force attacks tested using Medusa tools. With the application of Honeypot on the server, it is proven that the server can be secured from the attacker. Even the log of activities carried out by the attacker in the shadow server is stored in the Kippo log activities.

While the IT industry is embracing the cloud-native technologies, migrating from monolithic architecture to service-oriented architecture is not a trivial process. It involves a lot of dissection and abstraction. The layer of abstraction designed for simplifying the development quickly becomes the barrier of visibility and the source of misconfigurations. The complexity may give microservices a larger attack surface compared to monolithic applications. This talk presents a microservices threat modeling that uncovers the attack vectors hidden in each abstraction layer. Scenarios of security breaches in microservices platforms are discussed, followed by the countermeasures to close these attack vectors. Finally, a decision-making process for architecting secure microservices is presented.

Traditional web security assessments are evaluated using a single data source, and the results of the calculations from different data sources are different. Based on multi-source data, this paper uses Analytic Hierarchy Process to construct an evaluation model, calculates the weight of each level of indicators in the web security evaluation model, analyzes and processes the data, calculates the host security threat assessment values at various levels, and visualizes the evaluation results through ECharts+WebGL technology.

In this paper, we present two web-based attacks against local IoT devices that any malicious web page or third-party script can perform, even when the devices are behind NATs. In our attack scenario, a victim visits the attacker's website, which contains a malicious script that communicates with IoT devices on the local network that have open HTTP servers. We show how the malicious script can circumvent the same-origin policy by exploiting error messages on the HTML5 MediaError interface or by carrying out DNS rebinding attacks. We demonstrate that the attacker can gather sensitive information from the devices (e.g., unique device identifiers and precise geolocation), track and profile the owners to serve ads, or control the devices by playing arbitrary videos and rebooting. We propose potential countermeasures to our attacks that users, browsers, DNS providers, and IoT vendors can implement.

Website defacements can inflict significant harm on the website owner through the loss of reputation, the loss of money, or the leakage of information. Due to the complexity and diversity of all kinds of web application systems, especially a lack of necessary security maintenance, website defacements increased year by year. In this paper, we focus on detecting whether the website has been defaced by extracting website features and website embedded trojan features. We use three kinds of classification learning algorithms which include Gradient Boosting Decision Tree (GBDT), Random Forest (RF) and Support Vector Machine (SVM) to do the classification experiments, and experimental results show that Support Vector Machine classifier performed better than two other classifiers. It can achieve an overall accuracy of 95%-96% in detecting website defacements.

Security engineers have been fighting with C compilers for years. A careful programmer would test for null pointer dereferencing or division by zero; but the compiler would fail to understand, and optimize the test away. Modern compilers now have dedicated options to mitigate this. But when a programmer tries to control side effects of code, such as to make a cryptographic algorithm execute in constant time, the problem remains. Programmers devise complex tricks to obscure their intentions, but compiler writers find ever smarter ways to optimize code. A compiler upgrade can suddenly and without warning open a timing channel in previously secure code. This arms race is pointless and has to stop. We argue that we must stop fighting the compiler, and instead make it our ally. As a starting point, we analyze the ways in which compiler optimization breaks implicit properties of crypto code; and add guarantees for two of these properties in Clang/LLVM. Our work explores what is actually involved in controlling side effects on modern CPUs with a standard toolchain. Similar techniques can and should be applied to other security properties; achieving intentions by compiler commands or annotations makes them explicit, so we can reason about them. It is already understood that explicitness is essential for cryptographic protocol security and for compiler performance; it is essential for language security too. We therefore argue that this should be only the first step in a sustained engineering effort.