Biblio

Now a day, Wireless Sensor Networks are widely used in military applications by its applications, it is extended to healthcare, industrial environments and many more. As we know that, there are some unique features of WSNs such as limited power supply, minimum bandwidth and limited energy. So, to secure traditional network, multiple techniques are available, but we can't use same techniques to secure WSNs. So to increase the overall security of WSNs, we required new ideas as well as new approaches. In general, intrusion prevention is the primary issue in WSNs and intrusion detection already reached to saturation. Thus, we need an efficient solution for proactive intrusion prevention towards WSNs. Thus, formal validation of protocols in WSN is an essential area of research. This research paper aims to formally verify as well as model some protocol used for intrusion detection using AVISPA tool and HLPSL language. In this research paper, the results of authentication and DoS attacks were detected is presented, but there is a need to prevent such type of attacks. In this research paper, a system is proposed in order to avoid intrusion using machine learning for the wireless sensor network. So, the proposed system will be used for intrusion prevention in a wireless sensor network.

A Stoner-Wohlfarth-type model is used to demonstrate the effect of the buildup of magnetic charges near the grain boundaries of low anisotropy polycrystalline materials, revealed by measuring the magnetization during positive-field warming after negative-field cooling. The remnant magnetization after negative-field cooling has two different contributions. The temperature-dependent component is modeled as an assembly of particles with thermal relaxation. The temperature-independent component is modeled as an assembly of particles overcoming variable phenomenological energy barriers corresponding to the change in susceptibility when the anisotropy constant changes its sign. The model is applicable to soft-magnetic materials where the buildup of the magnetic charges near the grain boundaries creates demagnetizing fields opposing, and comparable in magnitude to, the anisotropy field. The results of the model are in qualitative agreement with published data revealing the magneto-thermal characteristics of polycrystalline gadolinium.

For sharing resources using ad hoc communication MANET are quite effective and scalable medium. MANET is a distributed, decentralized, dynamic network with no fixed infrastructure, which are self- organized and self-managed. Achieving high security level is a major challenge in case of MANET. Layered architecture is one of the ways for handling security challenges, which enables collection and analysis of data from different security dimensions. This work proposes a novel multi-layered outlier detection algorithm using hierarchical similarity metric with hierarchical categorized data. Network performance with and without the presence of outlier is evaluated for different quality-of-service parameters like percentage of APDR and AT for small (100 to 200 nodes), medium (200 to 1000 nodes) and large (1000 to 3000 nodes) scale networks. For a network with and without outliers minimum improvements observed are 9.1 % and 0.61 % for APDR and AT respectively while the maximum improvements of 22.1 % and 104.1 %.

In this paper, a multi-objective particle swarm optimization (MOPSO)-based framework is presented to find the multiple solutions rather than a single one. The presented grid-based algorithm is used to assign the probability of the non-dominated solution for next iteration. Based on the designed algorithm, it is unnecessary to pre-define the weights of the side effects for evaluation but the non-dominated solutions can be discovered as an alternative way for data sanitization. Extensive experiments are carried on two datasets to show that the designed grid-based algorithm achieves good performance than the traditional single-objective evolution algorithms.

Aiming at the problem of node identification in wireless networks, a method of node identification based on deep learning is proposed, which starts with the tiny features of nodes in radiofrequency layer. Firstly, in order to cut down the computational complexity, Principal Component Analysis is used to reduce the dimension of node sample data. Secondly, a convolution neural network containing two hidden layers is designed to extract local features of the preprocessed data. Stochastic gradient descent method is used to optimize the parameters, and the Softmax Model is used to determine the output label. Finally, the effectiveness of the method is verified by experiments on practical wireless ad-hoc network.

The numerical analysis of transient quantum effects in heterostructure devices with conventional numerical methods tends to pose problems. To overcome these limitations, a novel numerical scheme for the transient non-equilibrium solution of the quantum Liouville equation utilizing a finite volume discretization technique is proposed. Additionally, the solution with regard to the stationary regime, which can serve as a reference solution, is inherently included within the discretization scheme for the transient regime. Resulting in a highly oscillating interference pattern of the statistical density matrix as well in the stationary as in the transient regime, the reflecting nature of the conventional boundary conditions can be an additional source of error. Avoiding these non-physical reflections, the concept of a complex absorbing potential used for the Schrödinger equation is utilized to redefine the drift operator in order to render open boundary conditions for quantum transport equations. Furthermore, the method allows the application of the commonly used concept of inflow boundary conditions.

Dynamic network security services have been proposed exploiting the benefits of Software Defined Networking (SDN) and Network Functions Virtualization (NFV) technologies. However, many of these services rely on controller interaction, which presents a performance and scalability challenge, and a threat vector. To overcome the performance issue, stateful data-plane designs have been proposed. Unfortunately, these solutions do not offer protection from attacks that exploit the SDN implementation of network functions such as topology and path update, or services such as the Address Resolution Protocol (ARP). In this work, we propose state-based SDN security protection mechanisms. Our stateful security data plane solution, OFMTL-SEC, is designed to provide protection against attacks on SDN and traditional network services. Specifically, we present a novel data plane protection against configuration-based attacks in SDN and against ARP spoofing. OFMTL-SEC is compared with the state-of-the-art solutions and offers increased security to SDNs with negligible performance impact.

Face recognition is a fast-expanding field of research. Countless classification algorithms have found use in face recognition, with more still being developed, searching for better performance and accuracy. For high-dimensional data such as images, the K-Nearest-Neighbours classifier is a tempting choice. However, it is very computationally-intensive, as it has to perform calculations on all items in the stored dataset for each classification it makes. Fortunately, there is a way to speed up the process by performing some of the calculations in parallel. We propose a parallel CUDA implementation of the KNN classifier and then compare it to a serial implementation to demonstrate its performance superiority.

The EU SoftFIRE project has built an experimentation platform for NFV and SDN experiments, tailored for testing and evaluating 5G network applications and solutions. The platform is a fully orchestrated virtualisation testbed consisting of multiple component testbeds across Europe. Users of the platform can deploy their virtualisation experiments via the platform's Middleware. This paper introduces the SoftFIRE testbed and its Middleware, and presents a set of KPI results for evaluation of experiment deployment performance.

Public key infrastructure (PKI) is the foundation and core of network security construction. Blockchain (BC) has many technical characteristics, such as decentralization, impossibility of being tampered with and forged, which makes it have incomparable advantages in ensuring information credibility, security, traceability and other aspects of traditional technology. In this paper, a method of constructing PKI certificate system based on permissioned BC is proposed. The problems of multi-CA mutual trust, poor certificate configuration efficiency and single point failure in digital certificate system are solved by using the characteristics of BC distribution and non-tampering. At the same time, in order to solve the problem of identity privacy on BC, this paper proposes a privacy-aware PKI system based on permissioned BCs. This system is an anonymous digital certificate publishing scheme., which achieves the separation of user registration and authorization, and has the characteristics of anonymity and conditional traceability, so as to realize to protect user's identity privacy. The system meets the requirements of certificate security and anonymity, reduces the cost of CA construction, operation and maintenance in traditional PKI technology, and improves the efficiency of certificate application and configuration.

Establishing a digital identity plays a vital part in the digital era. It is crucial to authenticate and identify the users in order to perform online transactions securely. For example, internet banking applications normally require a user to present a digital identity, e.g., username and password, to allow users to perform online transactions. However, the username-password approach has several downsides, e.g., susceptible to the brute-force attack. Public key binding using Certificate Authority (CA) is another common alternative to provide digital identity. Yet, the public key approach has a serious drawback: all CAs in the browser/OS' CA list are treated equally, and consequently, all trusts on the certificates could be invalidated by compromising only a single root CA's private key. We propose a Real Digital Identity based approach, or RDI, on decentralized PKI scheme. The core idea relies on a combination of well-known parties (e.g., a bank, a government agency) to certify the identity, instead of relying on a single CA. These parties, collectively known as Trusted Source Certificate Authorities (TSCA), formed a network of CAs. The generated certificates are stored in the blockchain controlled by smart contract. RDI creates a digital identity that can be trusted based on the TSCAs' challenge/response and it is also robust against a single point of trust attack on traditional CAs.

Operating data analysis means to analyze the operating system logs, user operation logs, various types of alarms and security relevant configurations, etc. The purpose is to find whether there is an attack event, suspicious behaviors or improper configurations. It is an important part of risk assessment for enterprise intranet. However, due to the lack of information security knowledge or relevant experience, many people do not know how to properly implement it. In this article, we provided guidance on conducting operating data analysis and how to determine the security risk with the analysis results.

Many governments organizations in Libya have started transferring traditional government services to e-government. These e-services will benefit a wide range of public. However, deployment of e-government bring many new security issues. Attackers would take advantages of vulnerabilities in these e-services and would conduct cyber attacks that would result in data loss, services interruptions, privacy loss, financial loss, and other significant loss. The number of vulnerabilities in e-services have increase due to the complexity of the e-services system, a lack of secure programming practices, miss-configuration of systems and web applications vulnerabilities, or not staying up-to-date with security patches. Unfortunately, there is a lack of study being done to assess the current security level of Libyan government websites. Therefore, this study aims to assess the current security of 16 Libyan government websites using penetration testing framework. In this assessment, no exploits were committed or tried on the websites. In penetration testing framework (pen test), there are four main phases: Reconnaissance, Scanning, Enumeration, Vulnerability Assessment and, SSL encryption evaluation. The aim of a security assessment is to discover vulnerabilities that could be exploited by attackers. We also conducted a Content Analysis phase for all websites. In this phase, we searched for security and privacy policies implementation information on the government websites. The aim is to determine whether the websites are aware of current accepted standard for security and privacy. From our security assessment results of 16 Libyan government websites, we compared the websites based on the number of vulnerabilities found and the level of security policies. We only found 9 websites with high and medium vulnerabilities. Many of these vulnerabilities are due to outdated software and systems, miss-configuration of systems and not applying the latest security patches. These vulnerabilities could be used by cyber hackers to attack the systems and caused damages to the systems. Also, we found 5 websites didn't implement any SSL encryption for data transactions. Lastly, only 2 websites have published security and privacy policies on their websites. This seems to indicate that these websites were not concerned with current standard in security and privacy. Finally, we classify the 16 websites into 4 safety categories: highly unsafe, unsafe, somewhat unsafe and safe. We found only 1 website with a highly unsafe ranking. Based on our finding, we concluded that the security level of the Libyan government websites are adequate, but can be further improved. However, immediate actions need to be taken to mitigate possible cyber attacks by fixing the vulnerabilities and implementing SSL encryption. Also, the websites need to publish their security and privacy policy so the users could trust their websites.

In the Self-Organizing Networks (SON) concept, self-healing functions are used to detect, diagnose and correct degraded states in the managed network functions or other resources. Such methods are increasingly important in future network deployments, since ultra-high reliability is one of the key requirements for the future 5G mobile networks, e.g. in critical machine-type communication. In this paper, we discuss the considerations for improving the resiliency of future cognitive autonomous mobile networks. In particular, we present an automated anomaly detection and diagnosis function for SON self-healing based on multi-dimensional statistical methods, case-based reasoning and active learning techniques. Insights from both the human expert and sophisticated machine learning methods are combined in an iterative way. Additionally, we present how a more holistic view on mobile network self-healing can improve its performance.

The recently developed deep belief network (DBN) has been shown to be an effective methodology for solving time series forecasting problems. However, the performance of DBN is seriously depended on the reasonable setting of hyperparameters. At present, random search, grid search and Bayesian optimization are the most common methods of hyperparameters optimization. As an alternative, a state-of-the-art derivative-free optimizer-negative correlation search (NCS) is adopted in this paper to decide the sizes of DBN and learning rates during the training processes. A comparative analysis is performed between the proposed method and other popular techniques in the time series forecasting experiment based on two types of time series datasets. Experiment results statistically affirm the efficiency of the proposed model to obtain better prediction results compared with conventional neural network models.

With the rapid growth of the cyber attacks, cyber threat intelligence (CTI) sharing becomes essential for providing advance threat notice and enabling timely response to cyber attacks. Our goal in this paper is to develop an approach to extract low-level cyber threat actions from publicly available CTI sources in an automated manner to enable timely defense decision making. Specifically, we innovatively and successfully used the metrics of entropy and mutual information from Information Theory to analyze the text in the cybersecurity domain. Combined with some basic NLP techniques, our framework, called ActionMiner has achieved higher precision and recall than the state-of-the-art Stanford typed dependency parser, which usually works well in general English but not cybersecurity texts.

Dynamic Fuzzy Rule Interpolation (D-FRI) offers a dynamic rule base for fuzzy systems which is especially useful for systems with changing requirements and limited prior knowledge. This suggests a possible application of D-FRI in the area of network security due to the volatility of the traffic. A honeypot is a valuable tool in the field of network security for baiting attackers and collecting their information. However, typically designed with fewer resources they are not considered as a primary security tool for use in network security. Consequently, such honeypots can be vulnerable to many security attacks. One such attack is a spoofing attack which can cause severe damage to the honeypot, making it inefficient. This paper presents a vigilant dynamic honeypot based on the D-FRI approach for use in predicting and alerting of spoofing attacks on the honeypot. First, it proposes a technique for spoofing attack identification based on the analysis of simulated attack data. Then, the paper employs the identification technique to develop a D-FRI based vigilant dynamic honeypot, allowing the honeypot to predict and alert that a spoofing attack is taking place in the absence of matching rules. The resulting system is capable of learning and maintaining a dynamic rule base for more accurate identification of potential spoofing attacks with respect to the changing traffic conditions of the network.

{Information and Communications Technology (ICT) have rationalized government services into a more efficient and transparent government. However, a large part of the government services remained constant in the manual process due to the high cost of ICT. The purpose of this paper is to explore the role of e-governance and ICT in the legislative management of municipalities in the Philippines. This study adopted the phases of Princeton Project Management Methodology (PPMM) as the approach in the development of LeMTrac. This paper utilized the developmental- quantitative research design involving two (2) sets of respondents, which are the end-users and IT experts. Majority of the respondents perceived that the system as "highly acceptable" with an average Likert score of 4.72 for the ISO 9126 Software quality metric Usability. The findings also reveal that the integration of LeMTrac within the Sangguniang Bayan (SB) Office in the Municipal Local Government Units (LGU) of Nabua and Bula, Camarines Sur provided better accessibility, security, and management of documents.

Although Stylometry has been effectively used for Authorship Attribution, there is a growing number of methods being developed that allow authors to mask their identity [2, 13]. In this paper, we investigate the usage of non-traditional feature sets for Authorship Attribution. By using non-traditional feature sets, one may be able to reveal the identity of adversarial authors who are attempting to evade detection from Authorship Attribution systems that are based on more traditional feature sets. In addition, we demonstrate how GEFeS (Genetic & Evolutionary Feature Selection) can be used to evolve high-performance hybrid feature sets composed of two non-traditional feature sets for Authorship Attribution: LIWC (Linguistic Inquiry & Word Count) and Sentiment Analysis. These hybrids were able to reduce the Adversarial Effectiveness on a test set presented in [2] by approximately 33.4%.

Cloud Storage Brokers (CSB) provide seamless and concurrent access to multiple Cloud Storage Services (CSS) while abstracting cloud complexities from end-users. However, this multi-cloud strategy faces several security challenges including enlarged attack surfaces, malicious insider threats, security complexities due to integration of disparate components and API interoperability issues. Novel security approaches are imperative to tackle these security issues. Therefore, this paper proposes CS-BAuditor, a novel cloud security system that continuously audits CSB resources, to detect malicious activities and unauthorized changes e.g. bucket policy misconfigurations, and remediates these anomalies. The cloud state is maintained via a continuous snapshotting mechanism thereby ensuring fault tolerance. We adopt the principles of chaos engineering by integrating BrokerMonkey, a component that continuously injects failure into our reference CSB system, CloudRAID. Hence, CSBAuditor is continuously tested for efficiency i.e. its ability to detect the changes injected by BrokerMonkey. CSBAuditor employs security metrics for risk analysis by computing severity scores for detected vulnerabilities using the Common Configuration Scoring System, thereby overcoming the limitation of insufficient security metrics in existing cloud auditing schemes. CSBAuditor has been tested using various strategies including chaos engineering failure injection strategies. Our experimental evaluation validates the efficiency of our approach against the aforementioned security issues with a detection and recovery rate of over 96 %.

In our daily lives, the advances of new technology can be used to sustain the development of people across the globe. Particularly, e-government can be the dynamo of the development for the people. The development of technology and the rapid growth in the use of internet creates a big challenge in the administration in both the public and the private sector. E-government is a vital accomplishment, whereas the security is the main downside which occurs in each e-government process. E-government has to be secure as technology grows and the users have to follow the procedures to make their own transactions safe. This paper tackles the challenges and obstacles to enhance the security of information in e-government. Hence to achieve security data hiding techniques are found to be trustworthy. Reversible data hiding (RDH) is an emerging technique which helps in retaining the quality of the cover image. Hence it is preferred over the traditional data hiding techniques. Modification in the existing algorithm is performed for image encryption scheme and data hiding scheme in order to improve the results. To achieve this secret data is split into 20 parts and data concealing is performed on each part. The data hiding procedure includes embedding of data into least significant nibble of the cover image. The bits are further equally distributed in the cover image to obtain the key security parameters. Hence the obtained results validate that the proposed scheme is better than the existing schemes.

With the advent of blockchain technology, multiple avenues of use are being explored. The immutability and security afforded by blockchain are the key aspects of exploitation. Extending this to legal contracts involving digital intellectual properties provides a way to overcome the use of antiquated paperwork to handle digital assets.

Confidentiality, Integrity, and Availability are principal keys to build any secure software. Considering the security principles during the different software development phases would reduce software vulnerabilities. This paper measures the impact of the different software quality metrics on Confidentiality, Integrity, or Availability for any given object-oriented PHP application, which has a list of reported vulnerabilities. The National Vulnerability Database was used to provide the impact score on confidentiality, integrity, and availability for the reported vulnerabilities on the selected applications. This paper includes a study for these scores and its correlation with 25 code metrics for the given vulnerable source code. The achieved results were able to correlate 23.7% of the variability in `Integrity' to four metrics: Vocabulary Used in Code, Card and Agresti, Intelligent Content, and Efferent Coupling metrics. The Length (Halstead metric) could alone predict about 24.2 % of the observed variability in ` Availability'. The results indicate no significant correlation of `Confidentiality' with the tested code metrics.

Hardware Trojans (HTs) are malicious modifications of the original circuits intended to leak information or cause malfunction. Based on the Side Channel Analysis (SCA) technology, a set of hardware Trojan detection platform is designed for RTL circuits on the basis of HSPICE power consumption simulation. Principal Component Analysis (PCA) algorithm is used to reduce the dimension of power consumption data. An intelligent neural networks (NN) algorithm based on Particle Swarm Optimization (PSO) is introduced to achieve HTs recognition. Experimental results show that the detection accuracy of PSO NN method is much better than traditional BP NN method.

We formulate a tracker which performs incessant decision making in order to track objects where the objects may undergo different challenges such as partial occlusions, moving camera, cluttered background etc. In the process, the agent must make a decision on whether to keep track of the object when it is occluded or has moved out of the frame temporarily based on its prediction from the previous location or to reinitialize the tracker based on the belief that the target has been lost. Instead of the heuristic methods we depend on reward and penalty based training that helps the agent reach an optimal solution via this partially observable Markov decision making (POMDP). Furthermore, we employ deeply learned compositional model to estimate human pose in order to better handle occlusion without needing human inputs. By learning compositionality of human bodies via deep neural network the agent can make better decision on presence of human in a frame or lack thereof under occlusion. We adapt skeleton based part representation and do away with the large spatial state requirement. This especially helps in cases where orientation of the target in focus is unorthodox. Finally we demonstrate that the deep reinforcement learning based training coupled with pose estimation capabilities allows us to train and tag multiple large video datasets much quicker than previous works.