Biblio

Context : Programmers frequently look for the code of previously solved problems that they can adapt for their own problem. Despite existing example code on the web, on sites like Stack Overflow, cryptographic Application Programming Interfaces (APIs) are commonly misused. There is little known about what makes examples helpful for developers in using crypto APIs. Analogical problem solving is a psychological theory that investigates how people use known solutions to solve new problems. There is evidence that the capacity to reason and solve novel problems a.k.a Fluid Intelligence (Gf) and structurally and procedurally similar solutions support problem solving. Aim: Our goal is to understand whether similarity and Gf also have an effect in the context of using cryptographic APIs with the help of code examples. Method : We conducted a controlled experiment with 76 student participants developing with or without procedurally similar examples, one of two Java crypto libraries and measured the Gf of the participants as well as the effect on usability (effectiveness, efficiency, satisfaction) and security bugs. Results: We observed a strong effect of code examples with a high procedural similarity on all dependent variables. Fluid intelligence Gf had no effect. It also made no difference which library the participants used. Conclusions: Example code must be more highly similar to a concrete solution, not very abstract and generic to have a positive effect in a development task.

Defects in infrastructure as code (IaC) scripts can have serious
consequences, for example, creating large-scale system outages. A
taxonomy of IaC defects can be useful for understanding the nature
of defects, and identifying activities needed to fix and prevent
defects in IaC scripts. The goal of this paper is to help practitioners
improve the quality of infrastructure as code (IaC) scripts by developing
a defect taxonomy for IaC scripts through qualitative analysis.
We develop a taxonomy of IaC defects by applying qualitative analysis
on 1,448 defect-related commits collected from open source
software (OSS) repositories of the Openstack organization. We conduct
a survey with 66 practitioners to assess if they agree with the
identified defect categories included in our taxonomy. We quantify
the frequency of identified defect categories by analyzing 80,425
commits collected from 291 OSS repositories spanning across 2005
to 2019.

Our defect taxonomy for IaC consists of eight categories, including
a category specific to IaC called idempotency (i.e., defects that
lead to incorrect system provisioning when the same IaC script is
executed multiple times). We observe the surveyed 66 practitioners
to agree most with idempotency. The most frequent defect category
is configuration data i.e., providing erroneous configuration data
in IaC scripts. Our taxonomy and the quantified frequency of the
defect categories may help in advancing the science of IaC script
quality.

A secure multi-party batch matrix multiplication problem (SMBMM) is considered, where the goal is to allow a master to efficiently compute the pairwise products of two batches of massive matrices, by distributing the computation across S servers. Any X colluding servers gain no information about the input, and the master gains no additional information about the input beyond the product. A solution called Generalized Cross Subspace Alignment codes with Noise Alignment (GCSA- NA) is proposed in this work, based on cross-subspace alignment codes. The state of art solution to SMBMM is a coding scheme called polynomial sharing (PS) that was proposed by Nodehi and Maddah-Ali. GCSA-NA outperforms PS codes in several key aspects - more efficient and secure inter-server communication, lower latency, flexible inter-server network topology, efficient batch processing, and tolerance to stragglers.

The study presents the design and development of security solution pertaining to prevention of leakage of secret data that is in transit (DIT) to be deployed in a Network Gateway, the Gateway is the link connecting the Trusted Network with the Un-trusted Network. The entire solution includes, tasks such as classification of data flowing in the network, followed by the confinement of the identified data, the confinement of the identified data is done either by tagging the data or by means of encryption, however the later form is employed to achieve confinement of classified data under secret category thereby achieving confidentiality of the same. GNN is used for achieving the categorization function and the results are found to be satisfying with less processing time. The dataset that is used is the publicly available dataset and is available in its labeled format. The final deployment will however be based on the datasets that is available to meet a particular requirement of an Organization/Institution. Any organization can prepare a customized dataset suiting its requirements and train the model. The model can then be used for meeting the DLP requirement.

The papers in this special section focus on network science for high confidence cyber-physical systems (CPS) Here CPS refers to the engineered systems that can seamlessly integrate the physical world with the cyber world via advanced computation and communication capabilities. To enable high-confidence CPS for achieving better benefits as well as supporting emerging applications, network science-based theories and methodologies are needed to cope with the ever-growing complexity of smart CPS, to predict the system behaviors, and to model the deep inter-dependencies among CPS and the natural world. The major objective of this special section is to exploit various network science techniques such as modeling, analysis, mining, visualization, and optimization to advance the science of supporting high-confidence CPS for greater assurances of security, safety, scalability, efficiency, and reliability. These papers bring a timely and important research topic. The challenges and opportunities of applying network science approaches to high-confidence CPS are profound and far-reaching.

Recognising user's risky behaviours in real-time is an important element of providing appropriate solutions and recommending suitable actions for responding to cybersecurity threats. Employing user modelling and machine learning can make this process automated by requires high-performance intelligent agent to create the user security profile. User profiling is the process of producing a profile of the user from historical information and past details. This research tries to identify the monitoring factors and suggests a novel observation solution to create high-performance sensors to generate the user security profile for a home user concerning the user's privacy. This observer agent helps to create a decision-making model that influences the user's decision following real-time threats or risky behaviours.

Bitcoin was the first successful decentralized cryptocurrency and remains the most popular of its kind to this day. Despite the benefits of its blockchain, Bitcoin still faces serious scalability issues, most importantly its ever-increasing blockchain size. While alternative designs introduced schemes to periodically create snapshots and thereafter prune older blocks, already-deployed systems such as Bitcoin are often considered incapable of adopting corresponding approaches. In this work, we revise this popular belief and present CoinPrune, a snapshot-based pruning scheme that is fully compatible with Bitcoin. CoinPrune can be deployed through an opt-in velvet fork, i.e., without impeding the established Bitcoin network. By requiring miners to publicly announce and jointly reaffirm recent snapshots on the blockchain, CoinPrune establishes trust into the snapshots' correctness even in the presence of powerful adversaries. Our evaluation shows that CoinPrune reduces the storage requirements of Bitcoin already by two orders of magnitude today, with further relative savings as the blockchain grows. In our experiments, nodes only have to fetch and process 5GiB instead of 230GiB of data when joining the network, reducing the synchronization time on powerful devices from currently 5h to 46min, with even more savings for less powerful devices.

Anonymous communication networks (ACNs) are intended to protect the metadata during communication. As classic ACNs, onion mix-nets are famous for strong anonymity, in which the source defines a static path and wraps the message multi-times with the public keys of nodes on the path, through which the message is relayed to the destination. However, onion mix-nets lacks in resilience when the static on-path mixes fail. Mix failure easily results in message loss, communication failure, and even specific attacks. Therefore, it is desirable to achieve resilient routing in onion mix-nets, providing persistent routing capability even though node failure. The state-of-theart solutions mainly adopt mix groups and thus need to share secret keys among all the group members which may cause single point of failure. To address this problem, in this work we propose a hybrid routing approach, which embeds the onion mix-net with hop-by-hop routing to increase routing resilience. Furthermore, we propose the threshold hybrid routing to achieve better key management and avoid single point of failure. As for experimental evaluations, we conduct quantitative analysis of the resilience and realize a local T-hybrid routing prototype to test performance. The experimental results show that our proposed routing strategy increases routing resilience effectively, at the expense of acceptable latency.

Big data provides a way to handle and analyze large amount of data or complex set. It provides a systematic extraction also. In this paper a hybrid security analysis based on intelligent adaptive learning in big data has been discussed with the current trends. This paper also explores the possibility of cloud computing collaboration with big data. The advantages along with the impact for the overall platform evaluation has been discussed with the traditional trends. It has been useful in the analysis and the exploration of future research. This discussion also covers the computational variability and the connotation in terms of data reliability, availability and management in big data with data security aspects.

Steganography is a data hiding technique, which is generally used to hide the data within a file to avoid detection. It is used in the police department, detective investigation, and medical fields as well as in many more fields. Various techniques have been proposed over the years for Image Steganography and also attackers or hackers have developed many decoding tools to break these techniques to retrieve data. In this paper, CAPTCHA codes are used to ensure that the receiver is the intended receiver and not any machine. Here a randomized CAPTCHA code is created to provide additional security to communicate with the authenticated user and used Image Steganography to achieve confidentiality. For achieving secret and reliable communication, encryption and decryption mechanism is performed; hence a machine cannot decode it using any predefined algorithm. Once a secure connection has been established with the intended receiver, the original message is transmitted using the LSB algorithm, which uses the RGB color spectrum to hide the image data ensuring additional encryption.

Encryption has become an important need for each and every data transmission. Large amount of delicate data is transferred regularly through different computer networks such as e-banking, email applications and file exchange. Cryptanalysis is study of analyzing the hidden information in the system. The process of cryptanalysis could be done by various features such as power, sound, electromagnetic radiation etc. Lightweight cryptography plays an important role in the IoT devices. It includes various appliances, vehicles, smart sensors and RFID-tags (RFID). PRESENT is one such algorithm, designed for resource constrained devices. This requires less memory and consumes less power. The project propounds a model in which the cryptographic keys are analyzed by the trace of power.

Lightweight cryptography concept has been a very hot topic for the last few years and considered as a new domain of encryption suitable for big data networks, small devices, phones, cards and embedded systems. These systems require low latency security and low power consuming [1]. An improved lightweight encryption algorithm ILEA is proposed in this paper. ILEA is based on PRINCE lightweight algorithm as his main core with two defacing balanced mixing layers added. ILEA presented in two programming languages: PYTHON, C++ with a comparative study with original PRINCE results and some of another lightweight algorithms.

Wireless sensor network (WSNs) formed from an enormous number of sensor hub with the capacity to detect and process information in the physical world in a convenient way. The sensor nodes contain a battery imperative, which point of confinement the system lifetime. Because of vitality limitations, the arrangement of WSNs will required development methods to keep up the system lifetime. The vitality productive steering is the need of the innovative WSN systems to build the process time of system. The WSN system is for the most part battery worked which should be ration as conceivable as to cause system to continue longer and more. WSN has developed as a significant figuring stage in the ongoing couple of years. WSN comprises of countless sensor points, which are worked by a little battery. The vitality of the battery worked nodes is the defenseless asset of the WSN, which is exhausted at a high rate when data is transmitted, because transmission vitality is subject to the separation of transmission. Sensor nodes can be sent in the cruel condition. When they are conveyed, it ends up difficult to supplant or energize its battery. Therefore, the battery intensity of sensor hub ought to be utilized proficiently. Many steering conventions have been proposed so far to boost the system lifetime and abatement the utilization vitality, the fundamental point of the sensor hubs is information correspondence, implies move of information packs from one hub to other inside the system. This correspondence is finished utilizing grouping and normal vitality of a hub. Each bunch chooses a pioneer called group head. The group heads CHs are chosen based by and large vitality and the likelihood. There are number of bunching conventions utilized for the group Head determination, the principle idea is the existence time of a system which relies on the normal vitality of the hub. In this work we proposed a model, which utilizes the leftover vitality for group head choice and LZW pressure Technique during the transmission of information bundles from CHs to base station. Work enhanced the throughput and life time of system and recoveries the vitality of hub during transmission and moves more information in less vitality utilization. The Proposed convention is called COMPRESSED MODLEACH.

Lately mining of information from online life is pulling in more consideration because of the blast in the development of Big Data. In security, Big Data manages an assortment of immense advanced data for investigating, envisioning and to draw the bits of knowledge for the expectation and anticipation of digital assaults. Big Data Analytics (BDA) is the term composed by experts to portray the art of dealing with, taking care of and gathering a great deal of data for future evaluation. Data is being made at an upsetting rate. The quick improvement of the Internet, Internet of Things (IoT) and other creative advances are the rule liable gatherings behind this proceeded with advancement. The data made is an impression of the earth, it is conveyed out of, along these lines can use the data got away from structures to understand the internal exercises of that system. This has become a significant element in cyber security where the objective is to secure resources. Moreover, the developing estimation of information has made large information a high worth objective. Right now, investigate ongoing exploration works in cyber security comparable to huge information and feature how Big information is secured and how huge information can likewise be utilized as a device for cyber security. Simultaneously, a Big Data based concentrated log investigation framework is actualized to distinguish the system traffic happened with assailants through DDOS, SQL Injection and Bruce Force assault. The log record is naturally transmitted to the brought together cloud server and big information is started in the investigation process.

Cybercrime is growing dramatically in the technological world nowadays. World Wide Web criminals exploit the personal information of internet users and use them to their advantage. Unethical users leverage the dark web to buy and sell illegal products or services and sometimes they manage to gain access to classified government information. A number of illegal activities that can be found in the dark web include selling or buying hacking tools, stolen data, digital fraud, terrorists activities, drugs, weapons, and more. The aim of this project is to collect evidence of any malicious activity in the dark web by using computer security mechanisms as traps called honeypots.

Deception technology is a useful approach to improve the security posture of IoT systems. The deployment of replication techniques as a deception tactic is presented with a summary of our research progress towards quantifying the defensive improvement as part of overall risk management considerations.

Nowadays, the emerging Internet-of-Things (IoT) emphasize the need for the security of network-connected devices. Additionally, there are two types of services in IoT devices that are easily exploited by attackers, weak authentication services (e.g., SSH/Telnet) and exploited services using command injection. Based on this observation, we propose IoTCMal, a hybrid IoT honeypot framework for capturing more comprehensive malicious samples aiming at IoT devices. The key novelty of IoTC-MAL is three-fold: (i) it provides a high-interactive component with common vulnerable service in real IoT device by utilizing traffic forwarding technique; (ii) it also contains a low-interactive component with Telnet/SSH service by running in virtual environment. (iii) Distinct from traditional low-interactive IoT honeypots[1], which only analyze family categories of malicious samples, IoTCMal primarily focuses on homology analysis of malicious samples. We deployed IoTCMal on 36 VPS1 instances distributed in 13 cities of 6 countries. By analyzing the malware binaries captured from IoTCMal, we discover 8 malware families controlled by at least 11 groups of attackers, which mainly launched DDoS attacks and digital currency mining. Among them, about 60% of the captured malicious samples ran in ARM or MIPs architectures, which are widely used in IoT devices.

The Internet of Things technology has been used in a wide range of fields, ranging from industrial applications to individual lives. As a result, a massive amount of sensitive data is generated and transmitted by IoT devices. Those data may be accessed by a large number of complex users. Therefore, it is necessary to adopt an encryption scheme with access control to achieve more flexible and secure access to sensitive data. The Ciphertext Policy Attribute-Based Encryption (CP-ABE) can achieve access control while encrypting data can match the requirements mentioned above. However, the long ciphertext and the slow decryption operation makes it difficult to be used in most IoT devices which have limited memory size and computing capability. This paper proposes a modified CP-ABE scheme, which can implement the full security (adaptive security) under the access structure of AND gate. Moreover, the decryption overhead and the length of ciphertext are constant. Finally, the analysis and experiments prove the feasibility of our scheme.

The availability of commercial fully immersive virtual reality systems allows the proposal and development of new applications that offer novel ways to visualize and interact with multidimensional neuroimaging data. We propose a system for the visualization and interaction with Magnetic Resonance Imaging (MRI) scans in a fully immersive learning environment in virtual reality. The system extracts the different slices from a DICOM file and presents the slices in a 3D environment where the user can display and rotate the MRI scan, and select the clipping plane in all the possible orientations. The 3D environment includes two parts: 1) a cube that displays the MRI scan in 3D and 2) three panels that include the axial, sagittal, and coronal views, where it is possible to directly access a desired slice. In addition, the environment includes a representation of the brain where it is possible to access and browse directly through the slices with the controller. This application can be used both for educational purposes as an immersive learning tool, and by neuroscience researchers as a more convenient way to browse through an MRI scan to better analyze 3D data.

Return-oriented programming (ROP)is a technique used to break data execution protection(DEP). Existing ROP chain automatic construction technology cannot effectively use program controllable memory area. In order to improve the utilization of memory space, this paper proposes a method of ROP chain fragmentation layout. By searching the controllable memory area of the program, a set of layoutable space is formed, and the overall ROP chain is segmented to add jump instructions at the end of each segment, thereby achieving a fragmented layout of the ROP chain. The prototype system ROP-chip based on S2E proved the effectiveness of the fragmented layout of the ROP chain.

A Distributed Denial of Service ( DDoS ) attack is usually instigated on a primary server that provides important services in a network. However such DDoS attacks can be identified and mitigated by the controller in a Software Defined Network (SDN). If the intruder further performs an attack on the controller along with the server, the attack becomes successful.In this paper, we show how such a combined DDoS attack can be instigated on a controller as well as a primary server. The DDoS attack on the primary server is instigated by compromising few hosts to send packets with spoofed IP addresses and the attack on the controller is instigated by compromising few switches to send flow table requests repeatedly to the controller. With the help of an emulator called mininet, we show the severity of this attack on the performance of the network. We further propose a common technique that can be used to mitigate this kind of attack by observing the variation of destination IP addresses and setting different priorities to switches and handling the flow table requests accordingly by the controller.

Android, being the most widespread mobile operating systems is increasingly becoming a target for malware. Malicious apps designed to turn mobile devices into bots that may form part of a larger botnet have become quite common, thus posing a serious threat. This calls for more effective methods to detect botnets on the Android platform. Hence, in this paper, we present a deep learning approach for Android botnet detection based on Convolutional Neural Networks (CNN). Our proposed botnet detection system is implemented as a CNN-based model that is trained on 342 static app features to distinguish between botnet apps and normal apps. The trained botnet detection model was evaluated on a set of 6,802 real applications containing 1,929 botnets from the publicly available ISCX botnet dataset. The results show that our CNN-based approach had the highest overall prediction accuracy compared to other popular machine learning classifiers. Furthermore, the performance results observed from our model were better than those reported in previous studies on machine learning based Android botnet detection.

The complexity and ubiquity of modern computing systems is a fertile ground for anomalies, including security and privacy breaches. In this paper, we propose a new methodology that addresses the practical challenges to implement anomaly detection approaches. Specifically, it is challenging to define normal behavior comprehensively and to acquire data on anomalies in diverse cloud environments. To tackle those challenges, we focus on anomaly detection approaches based on system performance signatures. In particular, performance signatures have the potential of detecting zero-day attacks, as those approaches are based on detecting performance deviations and do not require detailed knowledge of attack history. The proposed methodology leverages an analytical performance model and experimentation, and allows to control the rate of false positives in a principled manner. The methodology is evaluated using the TPCx-V workload, which was profiled during a set of executions using resource exhaustion anomalies that emulate the effects of anomalies affecting system performance. The proposed approach was able to successfully detect the anomalies, with a low number of false positives (precision 90%-98%).

In recent years, software defined networking (SDN) has been proposed for enhancing the security of industrial control networks. However, its ability to guarantee the quality of service (QoS) requirements of such networks in the presence of adversarial flow still needs to be investigated. Queueing theory and particularly queueing network models have long been employed to study the performance and QoS characteristics of networks. The latter appears to be particularly suitable to capture the behaviour of SDN owing to the dependencies between layers, planes and components in an SDN architecture. Also, several authors have used queueing network models to study the behaviour of different application of SDN architectures, but none of the existing works have considered the strong periodic network traffic in software-defined industrial control networks. In this paper, we propose a queueing network model for softwaredefined industrial control networks, taking into account the strong periodic patterns of the network traffic in the data plane. We derive the performance measures for the analytical model and apply the queueing network model to study the effect of adversarial flow in software-defined industrial control networks.

Following substantial advancements in stochastic classes of decision-making optimization problems, scenario-based stochastic optimization, robust\textbackslashtextbackslash distributionally robust optimization, and chance-constrained optimization have recently gained an increasing attention. Despite the remarkable developments in probabilistic forecast of uncertainties (e.g., in renewable energies), most approaches are still being employed in a univariate framework which fails to unlock a full understanding on the underlying interdependence among uncertain variables of interest. In order to yield cost-optimal solutions with predefined probabilistic guarantees, conditional and dynamic interdependence in uncertainty forecasts should be accommodated in power systems decision-making. This becomes even more important during the emergencies where high-impact low-probability (HILP) disasters result in remarkable fluctuations in the uncertain variables. In order to model the interdependence correlation structure between different sources of uncertainty in power systems during both normal and emergency operating conditions, this paper aims to bridge the gap between the probabilistic forecasting methods and advanced optimization paradigms; in particular, perdition regions are generated in the form of ellipsoids with probabilistic guarantees. We employ a modified Khachiyan's algorithm to compute the minimum volume enclosing ellipsoids (MVEE). Application results based on two datasets on wind and photovoltaic power are used to verify the efficiency of the proposed framework.