Biblio

Using security primitives, a novel scheme for licensing hardware intellectual properties (HWIPs) on Field Programmable Gate Arrays (FPGAs) in public clouds is proposed. The proposed scheme enforces a pay-per-use model, allows HWIP's installation only on specific on-cloud FPGAs, and efficiently protects the HWIPs from being cloned, reverse engineered, or used without the owner's authorization by any party, including a cloud insider. It also provides protection for the users' designs integrated with the HWIP on the same FPGA. This enables cloud tenants to license HWIPs in the cloud from the HWIP vendors at a relatively low price based on usage instead of paying the expensive unlimited HWIP license fee. The scheme includes a protocol for FPGA authentication, HWIP secure decryption, and usage by the clients without the need for the HWIP vendor to be involved or divulge their secret keys. A complete prototype test-bed implementation showed that the proposed scheme is very feasible with relatively low resource utilization. Experiments also showed that a HWIP could be licensed and set up in the on-cloud FPGA in 0.9s. This is 15 times faster than setting up the same HWIP from outside the cloud, which takes about 14s based on the average global Internet speed.

In this fast moving world, every industry is advanced by a new technological paradigm called Internet of Things (IoT). It offers interconnectivity between the digital and the real world which will swiftly transform the style of doing business. It opens up a wide-ranging new array of dynamic opportunities in all industries and is fuelling innovation in every part of life. Due to the constrained nature of the devices in IoT environment, it is difficult to execute complex data encryption algorithms to enhance the security. Moreover, computation overhead caused by the existing cryptographic security algorithms is heavy and has to be minimized. To overcome these challenges, this paper presents the security analysis of the lightweight block cipher SAT\_Jo to ensure the data security in healthcare Internet of Things. It is based on SPN structure and runs for 31 rounds. It encrypts 64-bits of block length with key of 80 bits. Cadence NC-Verilog 5.1 is used for simulation and Cadence Encounter RTL Compiler v10.1 for synthesis. The implementations are synthesized for UMC 90 nm low-leakage Faraday library from technology libraries. Moreover, the proposed SAT\_Jo block cipher withstands in various attacks such as differential attack, linear attack and algebraic attack in healthcare IoT environment.

Mobile phones have become nowadays a commodity to the majority of people. Using them, people are able to access the world of Internet and connect with their friends, their colleagues at work or even unknown people with common interests. This proliferation of the mobile devices has also been seen as an opportunity for the cyber criminals to deceive smartphone users and steel their money directly or indirectly, respectively, by accessing their bank accounts through the smartphones or by blackmailing them or selling their private data such as photos, credit card data, etc. to third parties. This is usually achieved by installing malware to smartphones masking their malevolent payload as a legitimate application and advertise it to the users with the hope that mobile users will install it in their devices. Thus, any existing application can easily be modified by integrating a malware and then presented it as a legitimate one. In response to this, scientists have proposed a number of malware detection and classification methods using a variety of techniques. Even though, several of them achieve relatively high precision in malware classification, there is still space for improvement. In this paper, we propose a text mining all repeated pattern detection method which uses the decompiled files of an application in order to classify a suspicious application into one of the known malware families. Based on the experimental results using a real malware dataset, the methodology tries to correctly classify (without any misclassification) all randomly selected malware applications of 3 categories with 3 different families each.

In the deep learning tasks, we can design different network models to address different tasks (classification, detection, segmentation). But traditional deep learning networks simply increase the depth and breadth of the network. This leads to a higher complexity of the model. We propose Adaptively Weighted Channel Feature Network of Mixed Convolution Kernel(SKENet). SKENet extract features from different kernels, then mixed those features by elementwise, lastly do sigmoid operator on channel features to get adaptive weightings. We did a simple classification test on the CIFAR10 amd CIFAR100 dataset. The results show that SKENet can achieve a better result in a shorter time. After that, we did an object detection experiment on the VOC dataset. The experimental results show that SKENet is far ahead of the SKNet[20] in terms of speed and accuracy.

This paper describes a machine assistance approach to grading decisions for values that might be missing or need validation, using a mathematical algebraic form of an Expert System, instead of the traditional textual or logic forms and builds a neural network computational graph structure. This Experts System approach is also structured into a neural network like format of: input, hidden and output layers that provide a structured approach to the knowledge-base organization, this provides a useful abstraction for reuse for data migration applications in big data, Cyber and relational databases. The approach is further enhanced with a Bayesian probability tree approach to grade the confidences of value probabilities, instead of the traditional grading of the rule probabilities, and estimates the most probable value in light of all evidence presented. This is ground work for a Machine Learning (ML) experts system approach in a form that is closer to a Neural Network node structure.

The rise in the number of devices joining the Internet of Things (IoT) has created a huge potential for distributed denial of service (DDoS) attacks, especially due to the lack of security in these computationally limited devices. Malicious actors have realized that and managed to turn large sets of IoT devices into botnets under their control. Given this scenario, this work studies botnet architectures identified so far and assesses how they are considered in the few recent defense proposals that consider botnet architectures.

This paper introduces an anonymous privacy-preserving scheme for big data over the cloud. The proposed design helps to enhance the encryption/decryption time of big data by utilizing the MapReduce framework. The Hadoop distributed file system and the secure hash algorithm are employed to provide the anonymity, security and efficiency requirements for the proposed scheme. The experimental results show a significant enhancement in the computational time of data encryption and decryption.

Cyber threats have increased extensively during the last decade, especially in smart grids. Cybercriminals have become more sophisticated. Current security controls are not enough to defend networks from the number of highly skilled cybercriminals. Cybercriminals have learned how to evade the most sophisticated tools, such as Intrusion Detection and Prevention Systems (IDPS), and Advanced Persistent Threat (APT) is almost invisible to current tools. Fortunately, the application of Artificial Intelligence (AI) may increase the detection rate of IDPS systems, and Machine Learning (ML) techniques can mine data to detect different attack stages of APT. However, the implementation of AI may bring other risks, and cybersecurity experts need to find a balance between risk and benefits.

This paper introduces a biologically inspired associative data model and structure for finding nearest neighbors and similar patterns. The method can be used as an alternative to the classical approaches to accelerate the search for such patterns using various priorities for attributes according to the Sebestyen measure. The presented structure, together with algorithms developed in this paper can be useful in various computational intelligence tasks like pattern matching, recognition, clustering, classification, multi-criterion search etc. This approach is particularly useful for the on-line operation of associative neural network graphs. Graphs that dynamically develop their structure during learning on training data. The results of experiments show that the associative approach can substantially accelerate the nearest neighbor search and that associative structures can also be used as a model for KNN tasks. Finally, this paper presents how the associative structures can be used to self-organize data and represent knowledge about them in the associative way, which yields new search approaches described in this paper.

The fast advancement in the last two decades proposed a new challenge in security. In addition, the methods used to secure information are drawing more attention and under intense investigation by researchers around the globe. However, securing data is a very hard task, due to the escalation of threat levels. Several technologies and techniques developed and used to secure data throughout communication or by direct access to the information as an example encryption techniques and authentication techniques. A most recent development methods used to enhance security is by using human biometric characteristics such as thumb, hand, eye, cornea, and DNA; to enforce the security of a system toward higher level, human DNA is a promising field and human biometric characteristics can enhance the security of any system using biometric features for authentication. Furthermore, the proposed methods does not fulfil or present the ultimate solution toward tightening the system security. However, one of the proposed solutions enroll a technique to encrypt the biometric characteristic using a well-known cryptosystem technique. In this paper, an overview presented on the benefits of incorporating a human DNA based security systems and the overall effect on how such systems enhance the security of a system. In addition, an algorithm is proposed for practical application and the implementation discussed briefly.

Biometrics manages the computerized acknowledgment of people dependent on natural and social attributes. The example acknowledgment framework perceives an individual by deciding the credibility of a particular conduct normal for person. The primary rule of biometric framework is recognizable proof and check. A biometric confirmation framework use fingerprints, face, hand geometry, iris, and voice, mark, and keystroke elements of a person to recognize an individual or to check a guaranteed character. Biometrics authentication is a form of identification and access control process which identify individuals in packs that are under reconnaissance. Biometric security system increase in the overall security and individuals no longer have to deal with lost ID Cards or forgotten passwords. It helps much organization to see everyone is at a certain time when something might have happened that needs reviewed. The current issues in biometric system with individuals and many organization facing are personal privacy, expensive, data's may be stolen.

In the modern security-conscious world, Deep Packet Inspection (DPI) proxies are increasingly often used on industrial and enterprise networks to perform TLS unwrapping on all outbound connections. However, enabling TLS unwrapping requires local devices to have the DPI proxy Certificate Authority certificates installed. While for conventional computing devices this is addressed via enterprise management, it's a difficult problem for Internet of Things ("IoT") devices which are generally not under enterprise management, and may not even be capable of it due to their resource-constrained nature. Thus, for typical IoT devices, being installed on a network with DPI requires either manual device configuration or custom DPI proxy configuration, both of which solutions have significant shortcomings. This poses a serious challenge to the deployment of IoT devices on DPI-enabled intranets. The authors propose a solution to this problem: a method of installing on IoT devices the CA certificates for DPI proxy CAs, as well as other security configuration ("security bootstrapping"). The proposed solution respects the DPI policies, while allowing the commissioning of IoT and IIoT devices without the need for additional manual configuration either at device scope or at network scope. This is accomplished by performing the bootstrap operation over unsecured connection, and downloading certificates using TLS validation at application level. The resulting solution is light-weight and secure, yet does not require validation of the DPI proxy's CA certificates in order to perform the security bootstrapping, thus avoiding the chicken-and-egg problem inherent in using TLS on DPI-enabled intranets.

Over the past few years, we have experienced great technological advancements in the information and communication field, which has significantly contributed to reshaping the Intelligent Transportation System (ITS) concept. Evolving from the platform of a collection of sensors aiming to collect data, the data exchanged paradigm among vehicles is shifted from the local network to the cloud. With the introduction of cloud and edge computing along with ubiquitous 5G mobile network, it is expected to see the role of Artificial Intelligence (AI) in data processing and smart decision imminent. So as to fully understand the future automobile scenario in this verge of industrial revolution 4.0, it is necessary first of all to get a clear understanding of the cutting-edge technologies that going to take place in the automotive ecosystem so that the cyber-physical impact on transportation system can be measured. CIoV, which is abbreviated from Cognitive Internet of Vehicle, is one of the recently proposed architectures of the technological evolution in transportation, and it has amassed great attention. It introduces cloud-based artificial intelligence and machine learning into transportation system. What are the future expectations of CIoV? To fully contemplate this architecture's future potentials, and milestones set to achieve, it is crucial to understand all the technologies that leaned into it. Also, the security issues to meet the security requirements of its practical implementation. Aiming to that, this paper presents the evolution of CIoV along with the layer abstractions to outline the distinctive functional parts of the proposed architecture. It also gives an investigation of the prime security and privacy issues associated with technological evolution to take measures.

This paper considers consensus-based distributed Kalman filtering subject to data-falsification attack, where Byzantine agents share manipulated data with their neighboring agents. The attack is assumed to be coordinated among the Byzantine agents and follows a linear model. The goal of the Byzantine agents is to maximize the network-wide estimation error while evading false-data detectors at honest agents. To that end, we propose a joint selection of Byzantine agents and covariance matrices of attack sequences to maximize the network-wide estimation error subject to constraints on stealthiness and the number of Byzantine agents. The attack strategy is then obtained by employing block-coordinate descent method via Boolean relaxation and backward stepwise based subset selection method. Numerical results show the efficiency of the proposed attack strategy in comparison with other naive and uncoordinated attacks.

The concept of a decoy process is a new development of defensive deception beyond traditional honeypots. Decoy processes can be exceptionally effective in detecting malware, directly upon contact or by redirecting malware to decoy I/O. A key requirement is that they resemble their real counterparts very closely to withstand adversarial probes by threat actors. To be usable, decoy processes need to consume only a small fraction of the resources consumed by their real counterparts. Our contribution in this paper is twofold. We attack the resource utilization consistency of decoy processes provided by a neural network with a heatmap training mechanism, which we find to be insufficiently trained. We then devise machine learning over control flow graphs that improves the heatmap training mechanism. A neural network retrained by our work shows higher accuracy and defeats our attacks without a significant increase in its own resource utilization.

In recent years, image steganography is being considered as one of the methods to secure the confidentiality of sensitive and private data sent over networks. Conventional image steganography techniques use cover images to hide secret messages. These techniques are susceptible to steganalysis algorithms based on anomaly detection. This paper proposes a new approach to image steganography without using cover images. In addition, it utilizes Deoxyribonucleic Acid (DNA) sequences. DNA sequences are used to generate key and stego-image. Experimental results show that the use of DNA sequences in this technique offer very low cracking probability and the coverless approach contributes to its high embedding capacity.

As nuclear power plant Instrumentation and Control(I&C) systems have turned into digital systems, the possibility of cyber-attacks has increased. To protect the nuclear power plant from cyber-attacks, digital assets are classified and managed as critical digital assets which have safety, security and emergency preparedness functions. However, critical digital assets represent 70-80% of total digital assets, and applying and managing the same security control is inefficient. Therefore, this paper presents the criteria for identifying digital assets that are classified as vital digital assets that can directly affect the serious accidents of nuclear power plants.

Internet of Things (IoT) has an immense potential for a plethora of applications ranging from healthcare automation to defence networks and the power grid. The security of an IoT network is essentially paramount to the security of the underlying computing and communication infrastructure. However, due to constrained resources and limited computational capabilities, IoT networks are prone to various attacks. Thus, safeguarding the IoT network from adversarial attacks is of vital importance and can be realised through planning and deployment of effective security controls; one such control being an intrusion detection system. In this paper, we present a novel intrusion detection scheme for IoT networks that classifies traffic flow through the application of deep learning concepts. We adopt a newly published IoT dataset and generate generic features from the field information in packet level. We develop a feed-forward neural networks model for binary and multi-class classification including denial of service, distributed denial of service, reconnaissance and information theft attacks against IoT devices. Results obtained through the evaluation of the proposed scheme via the processed dataset illustrate a high classification accuracy.

In order to enhance the network security protection level of intelligent substation, this paper puts forward a model of intelligent substation network security defense system through the analysis of intelligent substation network security risk and protection demand, and using example proved the feasibility and effectiveness of the defense system. It is intelligent substation network security protection provides a new solution.

Advanced Persistent Threat (APT) attack has the characteristics of complex attack means, long duration and great harmfulness. Based on the idea of dynamic deception, the paper proposed an APT defense system framework, and analyzed the deception defense process. The paper proposed a hybrid encryption communication mechanism based on socket, a dynamic IP address generation method based on SM4, a dynamic timing selection method based on Viterbi algorithm and a dynamic policy allocation mechanism based on DHCPv6. Tests show that the defense system can dynamically change and effectively defense APT attacks.

Deep learning is a popular powerful machine learning solution to the computer vision tasks. The most criticized vulnerability of deep learning is its poor tolerance towards adversarial images obtained by deliberately adding imperceptibly small perturbations to the clean inputs. Such negatives can delude a classifier into wrong decision making. Previous defensive techniques mostly focused on refining the models or input transformation. They are either implemented only with small datasets or shown to have limited success. Furthermore, they are rarely scrutinized from the hardware perspective despite Artificial Intelligence (AI) on a chip is a roadmap for embedded intelligence everywhere. In this paper we propose a new discriminative noise injection strategy to adaptively select a few dominant layers and progressively discriminate adversarial from benign inputs. This is made possible by evaluating the differences in label change rate from both adversarial and natural images by injecting different amount of noise into the weights of individual layers in the model. The approach is evaluated on the ImageNet Dataset with 8-bit truncated models for the state-of-the-art DNN architectures. The results show a high detection rate of up to 88.00% with only approximately 5% of false positive rate for MobileNet. Both detection rate and false positive rate have been improved well above existing advanced defenses against the most practical noninvasive universal perturbation attack on deep learning based AI chip.

The use of the Internet of Things (IoT) devices has surged in recent years. However, due to the lack of substantial security, IoT devices are vulnerable to cyber-attacks like Denial-of-Service (DoS) attacks. Most of the current security solutions are either computationally expensive or unscalable as they require known attack signatures or full packet inspection. In this paper, we introduce a novel Graph-based Outlier Detection in Internet of Things (GODIT) approach that (i) represents smart home IoT traffic as a real-time graph stream, (ii) efficiently processes graph data, and (iii) detects DoS attack in real-time. The experimental results on real-world data collected from IoT-equipped smart home show that GODIT is more effective than the traditional machine learning approaches, and is able to outperform current graph-stream anomaly detection approaches.

The number of phishing attacks has increased in Latin America, exceeding the operational skills of cybersecurity analysts. The cognitive security application proposes the use of bigdata, machine learning, and data analytics to improve response times in attack detection. This paper presents an investigation about the analysis of anomalous behavior related with phishing web attacks and how machine learning techniques can be an option to face the problem. This analysis is made with the use of an contaminated data sets, and python tools for developing machine learning for detect phishing attacks through of the analysis of URLs to determinate if are good or bad URLs in base of specific characteristics of the URLs, with the goal of provide realtime information for take proactive decisions that minimize the impact of an attack.

The fundamental aim of digital forensics is to discover, investigate and protect an evidence, increasing cybercrime enforces digital forensics team to have more accurate evidence handling. This makes digital evidence as an important factor to link individual with criminal activity. In this procedure of forensics investigation, maintaining integrity of the evidence plays an important role. A chain of custody refers to a process of recording and preserving details of digital evidence from collection to presenting in court of law. It becomes a necessary objective to ensure that the evidence provided to the court remains original and authentic without tampering. Aim is to transfer these digital evidences securely using encryption techniques.

Intellectual Property (IP) infringement including piracy and overproduction have emerged as significant threats in the semiconductor supply chain. Key-based obfuscation techniques (i.e., logic locking) are widely applied to secure legacy IP from such attacks. However, the fundamental question remains open whether an attacker is allowed an exponential amount of time to seek correct key or could it be useful to lock out the design in a non-destructive manner after several incorrect attempts. In this paper, we address this question with a robust design lockout technique. Specifically, we perform comparisons on obfuscation logic output that reflects the condition (correct or incorrect) of the applied key without changing the system behavior. The proposed approach, when combined with key obfuscation (logic locking) technique, increases the difficulty of reverse engineering key obfuscated RTL module. We provide security evaluation of DLockout against three common side-channel attacks followed by a quantitative assessment of the resilience. We conducted a set of experiments on four datapath intensive IPs and one crypto core for three different key lengths (32-, 64-, and 128-bit) under the typical design corner. On average, DLockout incurs negligible area, power, and delay overheads.