Biblio

We propose new metrics drawing inspiration from the optimization domain that can be used to characterize the effectiveness of moving target defenses better. Besides that, we propose a Network Neighborhood Partitioning algorithm that can help to measure the influence of MTDs more precisely. The techniques proposed here are generic and could be combined with existing metrics. The obtained results demonstrate how additional information about the effectiveness of defenses can be obtained as well as how network neighborhood partitioning helps to improve the granularity of metrics.

We introduce ImAxes immersive system for exploring multivariate data using fluid, modeless interaction. The basic interface element is an embodied data axis. The user can manipulate these axes like physical objects in the immersive environment and combine them into sophisticated visualisations. The type of visualisation that appears depends on the proximity and relative orientation of the axes with respect to one another, which we describe with a formal grammar. This straight-forward composability leads to a number of emergent visualisations and interactions, which we review, and then demonstrate with a detailed multivariate data analysis use case.

3D imaging has been a hot research topic recently due to a high demand from various applications of security, health, autonomous vehicle and robotics. Yet Stereoscopic 3D imaging is limited due to its principles which mimics the human eye technique thus the camera separation baseline defines amount of 3D depth can be captured. Holoscopic 3D (H3D) Imaging is based on the “Fly's eye” technique that uses coherent replication of light to record a spatial image of a real scene using a microlens array (MLA) which gives the complete 3D parallax. H3D Imaging has been considered a promising 3D imaging technique which pursues the simple form of 3D acquisition using a single aperture camera therefore it is the most suited for scalable digitization, security and autonomous applications. This paper proposes 360-degree holoscopic 3D imaging system design for immersive 3D acquisition and stitching.

In this paper, we present an immersive image database navigation system. Images are visualised in a spherical visualisation space and arranged, on a grid, by colour so that images of similar colour are located close to each other, while access to large image sets is possible through a hierarchical browsing structure. The user is wearing a 3-D head mounted display (HMD) and is immersed inside the image sphere. Navigation is performed by head movement using a 6-degree-of-freedom tracker integrated in the HMD in conjunction with a wiimote remote control.

This paper presents principles of Defensive Programming and examines the growing concern that these principles are not effectively incorporated into Computer Science and related computing degree programs' curricula. To support this concern, Defensive Programming principles are applied to a case study - Cross-site Scripting cybersecurity attacks. This paper concludes that Defensive Programming plays an important role in preventing these attacks and should thus be more aggressively integrated into CS courses such as Programming, Algorithms, Databases, Computer Architecture and Organization, and Computer Networks.

The protection of confidential information has become very important with the increase of data sharing and storage on public domains. Data confidentiality is accomplished through the use of ciphers that encrypt and decrypt the data to impede unauthorized access. Emerging heterogeneous platforms provide an ideal environment to use hardware acceleration to improve application performance. In this paper, we explore the performance benefits of an AES hardware accelerator versus the software implementation for multiple cipher modes on the Zynq 7000 All-Programmable System-on-a-Chip (SoC). The accelerator is implemented on the FPGA fabric of the SoC and utilizes DMA for interfacing to the CPU. File encryption and decryption of varying file sizes are used as the workload, with execution time and throughput as the metrics for comparing the performance of the hardware and software implementations. The performance evaluations show that the accelerated AES operations achieve a speedup of 7 times relative to its software implementation and throughput upwards of 350 MB/s for the counter cipher mode, and modest improvements for other cipher modes.

IPv6 Segment Routing is a major IPv6 extension that provides a modern version of source routing that is currently being developed within the Internet Engineering Task Force (IETF). We propose the first open-source implementation of IPv6 Segment Routing in the Linux kernel. We first describe it in details and explain how it can be used on both endhosts and routers. We then evaluate and compare its performance with plain IPv6 packet forwarding in a lab environment. Our measurements indicate that the performance penalty of inserting IPv6 Segment Routing Headers or encapsulating packets is limited to less than 15%. On the other hand, the optional HMAC security feature of IPv6 Segment Routing is costly in a pure software implementation. Since our implementation has been included in the official Linux 4.10 kernel, we expect that it will be extended by other researchers for new use cases.

In smart city construction, wireless sensor networks (WSNs) are normally deployed to collect and transmit real-time data. The nodes of the WSN are embedded facility that integrated sensors and data processing modules. For security and privacy concerns, cryptography methods are required for data protection. However, the Rivest-Shamir-Adleman (RSA) cryptosystem, known as the the most popular and deployed public key algorithm, is still hardly implemented on embedded devices because of the intense computation required from its inherent arithmetic operations. Even though, different methods have being proposed for more efficient RSA implementations such as utilizing the Chinese remainder theorem, various modular exponentiation methods, and optimized modular arithmetic methods. In this paper, we propose an efficient multiplication for long integers on the sensor nodes equipped with 16-bit microcontrollers. Combined with this efficient multiplication, we obtain a faster Montgomery multiplication. The combined optimized Montgomery multiplication, the Chinese remainder theorem, and the m-ary exponentiation method allowed for execution times of less than 44.6 × 106 clock cycles for RSA decryption, a new speed record for the RSA implementation on MSP430 microcontrollers.

In this paper, an improved cooperative jamming (CJ) strategy is developed for physical layer (PHY) security in a multi-hop wireless communication system which employs beamforming in the last hop. Users are assigned to independent groups based on the merger-and-split rule in a coalition game. The secrecy capacity for a valid coalition is a non-convex optimization problem which cannot easily be solved. Therefore, restrictions are added to transform this into a convex problem, and this is solved to obtain a suboptimal closed-form solution for the secrecy capacity. Simulation results are presented which show that the proposed strategy outperforms other methods such as non-cooperation, relay cooperation, and previous CJ approaches in terms of the secrecy capacity. Further, it is shown that the proposed multi-hop solution is suitable for long distance communication systems.

In order to improve the efficiency of the existing homomorphic encryption method, based on the DGHV scheme, an improved fully homomorphic scheme over the integer is proposed. Under the premise of ensuring data owner and user data security, the scheme supports the addition and multiplication operations of ciphertext, and ensures faster execution efficiency and meets the security requirements of cloud computing. Security analysis shows that our scheme is safe. Performance assessment demonstrates that our scheme can more efficiently implement data than DGHV scheme.

In this paper we give improved constructions of several central objects in the literature of randomness extraction and tamper-resilient cryptography. Our main results are: (1) An explicit seeded non-malleable extractor with error � and seed length d=O(logn)+O(log(1/�)loglog(1/�)), that supports min-entropy k=Ω(d) and outputs Ω(k) bits. Combined with the protocol by Dodis and Wichs, this gives a two round privacy amplification protocol with optimal entropy loss in the presence of an active adversary, for all security parameters up to Ω(k/logk), where k is the min-entropy of the shared weak random source. Previously, the best known seeded non-malleable extractors require seed length and min-entropy O(logn)+log(1/�)2O�loglog(1/�), and only give two round privacy amplification protocols with optimal entropy loss for security parameter up to k/2O(�logk). (2) An explicit non-malleable two-source extractor for min entropy k � (1��)n, some constant �\textbackslashtextgreater0, that outputs Ω(k) bits with error 2�Ω(n/logn). We further show that we can efficiently uniformly sample from the pre-image of any output of the extractor. Combined with the connection found by Cheraghchi and Guruswami this gives a non-malleable code in the two-split-state model with relative rate Ω(1/logn). This exponentially improves previous constructions, all of which only achieve rate n�Ω(1). (3) Combined with the techniques by Ben-Aroya et. al, our non-malleable extractors give a two-source extractor for min-entropy O(logn loglogn), which also implies a K-Ramsey graph on N vertices with K=(logN)O(logloglogN). Previously the best known two-source extractor by Ben-Aroya et. al requires min-entropy logn 2O(�logn), which gives a Ramsey graph with K=(logN)2O(�logloglogN). We further show a way to reduce the problem of constructing seeded non-malleable extractors to the problem of constructing non-malleable independent source extractors. Using the non-malleable 10-source extractor with optimal error by Chattopadhyay and Zuckerman, we give a 10-source extractor for min-entropy O(logn). Previously the best known extractor for such min-entropy by Cohen and Schulman requires O(loglogn) sources. Independent of our work, Cohen obtained similar results to (1) and the two-source extractor, except the dependence on � is log(1/�)poly loglog(1/�) and the two-source extractor requires min-entropy logn poly loglogn.

In interpersonal interactions, humans speak in part by considering their social distance and position with respect to other people, thereby developing relationships. In our research, we focus on positive politeness (PP), a strategy for positively reducing the distance people in human communication using language. In addition, we propose an agent that attempts to actively interact with humans. First, we design a dialog system based on the politeness theory. Next, we examine the effect of our proposed method on interactions. For our experiments, we implemented two agents:the method proposed for performing PP and a conventional method that performs negative politeness based on the unobjectionable behavior. We then compare and analyze impressions of experiment participants in response to the two agents. From our results, male participants accepted PP more frequently than female participants. Further, the proposed method lowered the perceived sense of interacting with a machine for male participants.

The Border Gateway Protocol (BGP) has been used for decades as the de facto protocol to exchange reachability information among networks in the Internet. However, little is known about how this protocol is used to restrict reachability to selected destinations, e.g., that are under attack. While such a feature, BGP blackholing, has been available for some time, we lack a systematic study of its Internet-wide adoption, practices, and network efficacy, as well as the profile of blackholed destinations. In this paper, we develop and evaluate a methodology to automatically detect BGP blackholing activity in the wild. We apply our method to both public and private BGP datasets. We find that hundreds of networks, including large transit providers, as well as about 50 Internet exchange points (IXPs) offer blackholing service to their customers, peers, and members. Between 2014–2017, the number of blackholed prefixes increased by a factor of 6, peaking at 5K concurrently blackholed prefixes by up to 400 Autonomous Systems. We assess the effect of blackholing on the data plane using both targeted active measurements as well as passive datasets, finding that blackholing is indeed highly effective in dropping traffic before it reaches its destination, though it also discards legitimate traffic. We augment our findings with an analysis of the target IP addresses of blackholing. Our tools and insights are relevant for operators considering offering or using BGP blackholing services as well as for researchers studying DDoS mitigation in the Internet.

The Cyber Transport Systems (CTSs) have made significant advancement along with the development of the information technology and transportation industries worldwide. The rapid proliferation of cyber transportation technology provides rich information and infinite possibilities for our society to understand and use the complex inherent mechanism, which governs the novel intelligence world. In addition, applying information technology to cyber transportation applications open a range of new application scenarios, such as vehicular safety, energy efficiency, reduced pollution, and intelligent maintenance services. However, while enjoying the services and convenience provided by CTS, users, vehicles, even the systems might lose privacy during information transmitting and processing. This paper summarizes the state-of-art research findings on information privacy issues in a broad range. We firstly introduce the typical types of information and the basic mechanisms of information communication in CTS. Secondly, considering the information privacy issues of CTS, we present the literature on information privacy issues and privacy protection approaches in CTS. Thirdly, we discuss the emerging challenges and the opportunities for the information technology community in CTS.

Emerging technologies are proliferating and the computing profession continues to evolve to embrace the many opportunities and solve the many challenges this brings. Among the challenges is identifying and describing the competencies, responsibilities, and curriculum content needed for cybersecurity. As part of addressing these issues, there are efforts taking place that both improve integration of cybersecurity into the established computing disciplines while other efforts are developing and articulating cybersecurity as a new meta-discipline. The various individual computing disciplines, such as Computer Science, Information Technology, and Information Systems, have increased and improved the amount of cybersecurity in their model curricula. In parallel, organizations such as the Cyber Education Project, an ACM/IEEE Joint Task Force, and the accrediting body ABET are producing such artifacts as a multi-disciplinary Body of Knowledge and accreditation program criteria for cybersecurity writ large. This paper explores these various cybersecurity initiatives from the perspective of the Information Technology discipline, and it addresses the degree to which cybersecurity and Information Technology are both similar and different.

Emerging technologies are proliferating and the computing profession continues to evolve to embrace the many opportunities and solve the many challenges this brings. Among the challenges is identifying and describing the competencies, responsibilities, and curriculum content needed for cybersecurity. As part of addressing these issues, there are efforts taking place that both improve integration of cybersecurity into the established computing disciplines while other efforts are developing and articulating cybersecurity as a new meta-discipline. The various individual computing disciplines, such as Computer Science, Information Technology, and Information Systems, have increased and improved the amount of cybersecurity in their model curricula. In parallel, organizations such as the Cyber Education Project, an ACM/IEEE Joint Task Force, and the accrediting body ABET are producing such artifacts as a multi-disciplinary Body of Knowledge and accreditation program criteria for cybersecurity writ large. This paper explores these various cybersecurity initiatives from the perspective of the Information Technology discipline, and it addresses the degree to which cybersecurity and Information Technology are both similar and different.

Ambient infrasound with frequency ranges well below 20 Hz is known to carry robust navigation cues that can be exploited to authenticate the location of a speaker. Unfortunately, many of the mobile devices like smartphones have been optimized to work in the human auditory range, thereby suppressing information in the infrasonic region. In this paper, we show that these ultra-low frequency cues can still be extracted from a standard smartphone recording by using acceleration-based cepstral features. To validate our claim, we have collected smartphone recordings from more than 30 different scenes and used the cues for scene fingerprinting. We report scene recognition rates in excess of 90% and a feature set analysis reveals the importance of the infrasonic signatures towards achieving the state-of-the-art recognition performance.

Information Security in cloud storage is a key trepidation with regards to Degree of Trust and Cloud Penetration. Cloud user community needs to ascertain performance and security via QoS. Numerous models have been proposed [2] [3] [6][7] to deal with security concerns. Detection and prevention of insider threats are concerns that also need to be tackled. Since the attacker is aware of sensitive information, threats due to cloud insider is a grave concern. In this paper, we have proposed an authentication mechanism, which performs authentication based on verifying facial features of the cloud user, in addition to username and password, thereby acting as two factor authentication. New QoS has been proposed which is capable of monitoring and detection of insider threats using Machine Learning Techniques. KNN Classification Algorithm has been used to classify users into legitimate, possibly legitimate, possibly not legitimate and not legitimate groups to verify image authenticity to conclude, whether there is any possible insider threat. A threat detection model has also been proposed for insider threats, which utilizes Facial recognition and Monitoring models. Security Method put forth in [6] [7] is honed to include threat detection QoS to earn higher degree of trust from cloud user community. As a recommendation, Threat detection module should be harnessed in private cloud deployments like Defense and Pharma applications. Experimentation has been conducted using open source Machine Learning libraries and results have been attached in this paper.

New generations of industrial control systems offer higher performance, they are distributed, and it is very likely that they are internet connected in one way or another. These trends raise new challenges in the contexts of reliability and security. We propose a novel approach that tackles the complexity of industrial control systems at design time and run time. At design time our target is to ease the configuration and verification of controller configurations through model-driven engineering techniques together with the contract-based design paradigm. At run time the information from design time is reused in order to support a modular and distributed self-adaptive software system that aims to increase reliability and security. The industrial setting of the presented approach are control devices for hydropower plant units.

The importance of the task of countering the means of unauthorized access is to preserve the integrity of restricted access information circulating in computer networks determines the relevance of investigating perspective methods of cryptographic transformations, which are characterized by high speed and reliability of encryption. The methods of information security in the telecommunication system were researched based on integration of encryption processes and noise-immune coding. The method for data encryption based on generic polynomials of cyclic codes, gamut of the dynamic chaos sequence, and timer coding was proposed. The expediency of using timer coding for increasing the cryptographic strength of the encryption system and compensating for the redundancy of the verification elements was substantiated. The method for cryptographic transformation of data based on the gamma sequence was developed, which is formed by combining numbers from different sources of dynamical chaos generators. The efficiency criterion was introduced for the integrated information transformation method.

Process anomaly is used for detecting cyber-physical attacks on critical infrastructure such as plants for water treatment and electric power generation. Identification of process anomaly is possible using rules that govern the physical and chemical behavior of the process within a plant. These rules, often referred to as invariants, can be derived either directly from plant design or from the data generated in an operational. However, for operational legacy plants, one might consider a data-centric approach for the derivation of invariants. The study reported here is a comparison of design-centric and data-centric approaches to derive process invariants. The study was conducted using the design of, and the data generated from, an operational water treatment plant. The outcome of the study supports the conjecture that neither approach is adequate in itself, and hence, the two ought to be integrated.

Honeynet is deployed to trap attackers and learn their behavior patterns and motivations. Conventional honeynet is implemented by dedicated hardware and software. It suffers from inflexibility, high CAPEX and OPEX. There have been several virtualized honeynet architectures to solve those problems. But they lack a standard operating environment and common architecture for dynamic scheduling and adaptive resource allocation. Software Defined Security (SDS) framework has a centralized control mechanism and intelligent decision making ability for different security functions. In this paper, we present a new intelligent honeynet architecture based on SDS framework. It implements security functions over Network Function Virtualization Infrastructure (NFVI). Under uniform and intelligent control, security functional modules can be dynamically deployed and collaborated to complete different tasks. It migrates resources according to the workloads of each honeypot and power off unused modules. Simulation results show that intelligent honeynet has a better performance in conserving resources and reducing energy consumption. The new architecture can fit the needs of future honeynet development and deployment.

The performance evaluation of distribution network operators is essential for the electrical utilities to know how prepared the operators are to execute their operation standards and rules, searching for minimizing the time of power outage, after some contingency. The performance of operators can be evaluated by the impact of their actions on several technical and economic indicators of the distribution system. This issue is a complex problem, whose solution involves necessarily some expertise and a multi-criteria evaluation. This paper presents a Tutorial Expert System (TES) for performance evaluation of electrical distribution network operators after a given contingency in the electrical network. The proposed TES guides the evaluation process, taking into account technical, economic and personal criteria, aiding the quantification of these criteria. A case study based on real data demonstrates the applicability of the performance evaluation procedure of distribution network operators.

This electronic document is a “live” template and already defines the components of your paper [title, text, heads, etc.] in its style sheet. The paper considers the possibility and necessity of using in modern control and training systems with a natural language interface methods and mechanisms, characteristic for knowledge processing systems. This symbiosis assumes the introduction of specialized inference machines into the testing systems. For the effective operation of such an intelligent interpreter, it is necessary to “translate” the user's answers into one of the known forms of the knowledge representation, for example, into the expressions (rules) of the first-order predicate calculus. A lexical processor, performing morphological, syntactic and semantic analysis, solves this task. To simplify further work with the rules, the Skolem-transformation is used, which allows to get rid of quantifiers and to present semantic structures in the form of sequents (clauses, disjuncts). The basic principles of operation of the inference machine are described, which is the main component of the developed intellectual subsystem. To improve the performance of the machine, one of the fastest methods was chosen - a parallel method of deductive inference based on the division of clauses. The parallelism inherent in the method, and the use of the dataflow architecture, allow parallel computations in the output machine to be implemented without additional effort on the part of the programmer. All this makes it possible to reduce the time for comparing the sequences stored in the knowledge base by several times as compared to traditional inference mechanisms that implement various versions of the principle of resolutions. Formulas and features of the technique of numerical estimation of the user's answers are given. In general, the development of the human-computer dialogue capabilities in test systems- through the development of a specialized module for processing knowledge, will increase the intelligence of such systems and allow us to directly consider the semantics of sentences, more accurately determine the relevance of the user's response to standard knowledge and, ultimately, get rid of the skeptical attitude of many managers to machine testing systems.

Internet device graphs identify relationships between user-centric internet connected devices such as desktops, laptops, smartphones, tablets, gaming consoles, TV's, etc. The ability to create such graphs is compelling for online advertising, content customization, recommendation systems, security, and operations. We begin by describing an algorithm for generating a device graph based on IP-colocation, and then apply the algorithm to a corpus of over 2.5 trillion internet events collected over the period of six weeks in the United States. The resulting graph exhibits immense scale with greater than 7.3 billion edges (pair-wise relationships) between more than 1.2 billion nodes (devices), accounting for the vast majority of internet connected devices in the US. Next, we apply community detection algorithms to the graph resulting in a partitioning of internet devices into 100 million small communities representing physical households. We validate this partition with a unique ground truth dataset. We report on the characteristics of the graph and the communities. Lastly, we discuss the important issues of ethics and privacy that must be considered when creating and studying device graphs, and suggest further opportunities for device graph enrichment and application.