Keystroke Analysis 2015

	Keystroke Analysis 2015

Keystrokes are a basis for behavioral biometrics. The rhythms and patterns of the individual user can become the basis for a unique biological identification. Research into this area of computer security is growing. For the Science of Security, keystroke analysis is relevant to the hard problems of human behavior factors and predictive metrics.

---

Kalina, J.; Schlenker, A.; Kutilek, P., "Highly Robust Analysis of Keystroke Dynamics Measurements," in Applied Machine Intelligence and Informatics (SAMI), 2015 IEEE 13th International Symposium on, pp. 133-138, 22-24 Jan. 2015. doi: 10.1109/SAMI.2015.7061862

Abstract: Standard classification procedures of both data mining and multivariate statistics are sensitive to the presence of outlying values. In this paper, we propose new algorithms for computing regularized versions of linear discriminant analysis for data with small sample sizes in each group. Further, we propose a highly robust version of a regularized linear discriminant analysis. The new method denoted as MWCD-L2-LDA is based on the idea of implicit weights assigned to individual observations, inspired by the minimum weighted covariance determinant estimator. Classification performance of the new method is illustrated on a detailed analysis of our pilot study of authentication methods on computers, using individual typing characteristics by means of keystroke dynamics.

Keywords: covariance matrices; message authentication; pattern classification; statistical analysis; MWCD-L2-LDA; authentication method; implicit weight assignment; keystroke dynamics measurements; minimum weighted covariance determinant estimator; regularized linear discriminant analysis; robust classification performance analysis; typing characteristics; Atmospheric measurements; Particle measurements; Pollution measurement; Principal component analysis (ID#: 15-8169)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7061862&isnumber=7061844

Bando, S.; Nozawa, A.; Matsuya, Y., "Multidimensional Directed Coherence Analysis of Keystroke Dynamics and Physiological Responses," in Noise and Fluctuations (ICNF), 2015 International Conference on, pp. 1-4, 2-6 June 2015. doi: 10.1109/ICNF.2015.7288595

Abstract: Techno-stress has been a problem in recent years with a development of information technology. Various studies have been reported about a relationship between key typing and psychosomatic state. Keystroke dynamics are known as dynamics of a key typing motion. The objective of this paper is to clarify the mechanism between keystroke dynamics and physiological responses. Inter-stroke time (IST) that was the interval between each keystroke was measured as keystroke dynamics. The physiological responses were heart rate variability (HRV) and respiration (Resp). The system consisted of IST, HRV, and Resp was applied multidimensional directed coherence in order to reveal a causal correlation. As a result, it was observed that strength of entrainment of physiological responses having fluctuation to IST differed in surround by the noise and a cognitive load. Specifically, the entrainment became weak as a cognitive resource devoted to IST was relatively increased with the keystroke motion had a robust rhythm. On the other hand, the entrainment became stronger as a cognitive resource devoted to IST was relatively decreased since the resource also devoted to the noise or the cognitive load.

Keywords: cognitive systems; human factors; HRV; IST; cognitive load; cognitive resource; heart rate variability; interstroke time; key typing motion dynamics; keystroke dynamics; multidimensional directed coherence analysis; physiological responses; psychosomatic state; respiration; techno-stress; Coherence; Dynamics; Fluctuations; Heart rate variability; Noise; Physiology; Stress; keystroke dynamics; multidimensional directed coherence; physiological responses (ID#: 15-8170)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7288595&isnumber=7288529

Vizer, L.M.; Sears, A.; "Classifying Text-Based Computer Interactions for Health Monitoring;" Pervasive Computing, IEEE, vol. 14, no. 4, pp. 64-71, Oct.-Dec. 2015. doi: 10.1109/MPRV.2015.85

Abstract: Detecting early trends indicating cognitive decline can allow older adults to better manage their health, but current assessments present barriers precluding the use of such continuous monitoring by consumers. To explore the effects of cognitive status on computer interaction patterns, the authors collected typed text samples from older adults with and without pre-mild cognitive impairment (PreMCI) and constructed statistical models from keystroke and linguistic features for differentiating between the two groups. Using both feature sets, they obtained a 77.1 percent correct classification rate with 70.6 percent sensitivity, 83.3 percent specificity, and a 0.808 area under curve (AUC). These results are in line with current assessments for MC--a more advanced disease--but using an unobtrusive method. This research contributes a combination of features for text and keystroke analysis and enhances understanding of how clinicians or older adults themselves might monitor for PreMCI through patterns in typed text. It has implications for embedded systems that can enable healthcare providers and consumers to proactively and continuously monitor changes in cognitive function.

Keywords: health care; human computer interaction; patient monitoring; pattern classification ;text analysis; AUC; PreMCI; area under curve; classification rate; classifying text-based computer interaction; cognitive function; computer interaction pattern; constructed statistical model; continuous monitoring; current assessment; health monitoring; healthcare provider; keystroke analysis; premild cognitive impairment; text analysis; unobtrusive method; Aging; Computational modeling; Data models; Dementia; Monitoring; Pragmatics; Predictive models; aging; cognitive impairment; healthcare; human-computer interaction; personal health informatics; pervasive computing (ID#: 15-8171)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7310820&isnumber=7310795

Gonzalez, N.; Calot, E.P., "Finite Context Modeling of Keystroke Dynamics in Free Text," in Biometrics Special Interest Group (BIOSIG), 2015 International Conference of the, pp. 1-5, 9-11 Sept. 2015

doi: 10.1109/BIOSIG.2015.7314606

Abstract: Keystroke dynamics analysis has been applied successfully to password or fixed short texts verification as a means to reduce their inherent security limitations, because their length and the fact of being typed often makes their characteristic timings fairly stable. On the other hand, free text analysis has been neglected until recent years due to the inherent difficulties of dealing with short term behavioral noise and long term effects over the typing rhythm. In this paper we examine finite context modeling of keystroke dynamics in free text and report promising results for user verification over an extensive data set collected from a real world environment outside the laboratory setting that we make publicly available.

Keywords: cryptography; text analysis; finite context modeling; fixed short texts verification; free text analysis; keystroke dynamics analysis; password; user verification; Context; Context modeling; Security; Standards; Timing; Training (ID#: 15-8172)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7314606&isnumber=7314586

Darabseh, A.; Siami Namin, A., "On Accuracy of Keystroke Authentications Based on Commonly Used English Words," in Biometrics Special Interest Group (BIOSIG), 2015 International Conference of the, pp. 1-8, 9-11 Sept. 2015. doi: 10.1109/BIOSIG.2015.7314612

Abstract: The aim of this research is to advance the user active authentication using keystroke dynamics. Through this research, we assess the performance and influence of various keystroke features on keystroke dynamics authentication systems. In particular, we investigate the performance of keystroke features on a subset of most frequently used English words. The performance of four features such as i) key duration, ii) flight time latency, iii) digraph time latency, and iv) word total time duration are analyzed. Experiments are performed to measure the performance of each feature individually as well as the results from the different subsets of these features. Four machine learning techniques are employed for assessing keystroke authentications. The selected classification methods are two-class support vector machine (TC) SVM, one-class support vector machine (OC) SVM, k-nearest neighbor classifier (K-NN), and Naive Bayes classifier (NB). The logged experimental data are captured for 28 users. The experimental results show that key duration time offers the best performance result among all four keystroke features, followed by word total time. Furthermore, our results show that TC SVM and KNN perform the best among the four classifiers.

Keywords: cryptography; learning (artificial intelligence); natural language processing; pattern classification; support vector machines; K-NN; Naive Bayes classifier; commonly used English words; digraph time latency feature; flight time latency feature; k-nearest neighbor classifier; key duration feature; keystroke authentications; keystroke dynamics authentication systems; keystroke features; machine learning techniques; one-class support vector machine SVM; two-class support vector machine SVM; user active authentication; word total time duration feature (ID#: 15-8173)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7314612&isnumber=7314586

Roth, J.; Xiaoming Liu; Ross, A.; Metaxas, D., "Investigating the Discriminative Power of Keystroke Sound," in Information Forensics and Security, IEEE Transactions on, vol. 10, no. 2, pp. 333-345, Feb. 2015. doi: 10.1109/TIFS.2014.2374424

Abstract: The goal of this paper is to determine whether keystroke sound can be used to recognize a user. In this regard, we analyze the discriminative power of keystroke sound in the context of a continuous user authentication application. Motivated by the concept of digraphs used in modeling keystroke dynamics, a virtual alphabet is first learned from keystroke sound segments. Next, the digraph latency within the pairs of virtual letters, along with other statistical features, is used to generate match scores. The resultant scores are indicative of the similarities between two sound streams, and are fused to make a final authentication decision. Experiments on both static text-based and free text-based authentications on a database of 50 subjects demonstrate the potential as well as the limitations of keystroke sound.

Keywords: acoustic signal processing; authorisation; directed graphs; keyboards; statistical analysis; text analysis; authentication decision; continuous user authentication application; digraph latency; discriminative power; free text-based authentications; keystroke dynamics modeling; keystroke sound segments; score matching; sound streams; static text-based authentications; statistical features; user recognition ;virtual alphabet learning; virtual letters; Acoustics; Authentication; Feature extraction; Histograms; Keyboards; Presses; Training; Keystroke sound; continuous authentication; keyboard typing; keystroke dynamics (ID#: 15-8174)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6966780&isnumber=7000004

Sitova, Z.; Sedenka, J.; Yang, Q.; Peng, G.; Zhou, G.; Gasti, P.; Balagani, K.S., "HMOG: New Behavioral Biometric Features for Continuous Authentication of Smartphone Users," in Information Forensics and Security, IEEE Transactions on , vol. PP, no. 99, pp. 1-1, 8 December 2015. doi: 10.1109/TIFS.2015.2506542

Abstract: We introduce Hand Movement, Orientation, and Grasp (HMOG), a set of behavioral features to continuously authenticate smartphone users. HMOG features unobtrusively capture subtle micro-movement and orientation dynamics resulting from how a user grasps, holds, and taps on the smartphone. We evaluated authentication and biometric key generation (BKG) performance of HMOG features on data collected from 100 subjects typing on a virtual keyboard. Data was collected under two conditions: sitting and walking. We achieved authentication EERs as low as 7.16% (walking) and 10.05% (sitting) when we combined HMOG, tap, and keystroke features. We performed experiments to investigate why HMOG features perform well during walking. Our results suggest that this is due to the ability of HMOG features to capture distinctive body movements caused by walking, in addition to the hand-movement dynamics from taps. With BKG, we achieved EERs of 15.1% using HMOG combined with taps. In comparison, BKG using tap, key hold, and swipe features had EERs between 25.7% and 34.2%. We also analyzed the energy consumption of HMOG feature extraction and computation. Our analysis shows that HMOG features extracted at 16Hz sensor sampling rate incurred a minor overhead of 7.9% without sacrificing authentication accuracy. Two points distinguish our work from current literature: 1) we present the results of a comprehensive evaluation of three types of features (HMOG, keystroke, and tap) and their combinations under the same experimental conditions; and 2) we analyze the features from three perspectives (authentication, BKG, and energy consumption on smartphones).

Keywords: Accelerometers; Authentication; Feature extraction; Gyroscopes; Legged locomotion; Magnetometers; Resistance; Behavioral biometrics; HMOG; biometric key generation; continuous authentication; energy evaluation (ID#: 15-8175)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7349202&isnumber=4358835

Mondal, S.; Bours, P., "Continuous Authentication in a Real World Settings," in Advances in Pattern Recognition (ICAPR), 2015 Eighth International Conference on, pp. 1-6, 4-7 Jan. 2015. doi: 10.1109/ICAPR.2015.7050673

Abstract: Continuous Authentication by analysing the user's behaviour profile on the computer input devices is challenging due to limited information, variability of data and the sparse nature of the information. As a result, most of the previous research was done as a periodic authentication, where the analysis was made based on a fixed number of actions or fixed time period. Also, the experimental data was obtained for most of the previous research in a very controlled condition, where the task and environment were fixed. In this paper, we will focus on actual continuous authentication that reacts on every single action performed by the user. The experimental data was collected in a complete uncontrolled condition from 52 users by using our data collection software. In our analysis, we have considered both keystroke and mouse usages behaviour pattern to avoid a situation where an attacker avoids detection by restricting to one input device because the continuous authentication system only checks the other input device. The result we have obtained from this research is satisfactory enough for further investigation on this domain.

Keywords: authorisation; computer input devices; continuous authentication system; data collection software; periodic authentication; Authentication; Computers; Feature extraction; Mathematical model; Mice; Presses; Software; Behavioural Biometrics; Continuous Authentication; Keystroke Dynamics;Mouse Dynamics; Trust Model (ID#: 15-8176)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7050673&isnumber=7050639

Mondal, S.; Bours, P., "Context Independent Continuous Authentication Using Behavioural Biometrics," in Identity, Security and Behavior Analysis (ISBA), 2015 IEEE International Conference on, pp. 1-8, 23-25 March 2015. doi: 10.1109/ISBA.2015.7126342

Abstract: In this research, we focus on context independent continuous authentication that reacts on every separate action performed by a user. The experimental data was collected in a complete uncontrolled condition from 53 users by using our data collection software. In our analysis, we considered both keystroke and mouse usage behaviour patterns to prevent a situation where an attacker avoids detection by restricting to one input device because the continuous authentication system only checks the other input device. The best result obtained from this research is that for 47 bio-metric subjects we have on average 275 actions required to detect an imposter where these biometric subjects are never locked out from the system.

Keywords: behavioural sciences computing; biometrics (access control); message authentication; behavioural biometrics; context independent continuous authentication; continuous authentication system; data collection software; keystroke; mouse usage behaviour patterns; Authentication; Biometrics (access control);Feature extraction; Mathematical model; Mice; Presses ;Training (ID#: 15-8177)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7126342&isnumber=7126341

Idrus, S.Z.S.; Cherrier, E.; Rosenberger, C.; Mondal, S.; Bours, P., "Keystroke Dynamics Performance Enhancement with Soft Biometrics," in Identity, Security and Behavior Analysis (ISBA), 2015 IEEE International Conference on, pp. 1-7, 23-25 March 2015. doi: 10.1109/ISBA.2015.7126345

Abstract: It is accepted that the way a person types on a keyboard contains timing patterns, which can be used to classify him/her, is known as keystroke dynamics. Keystroke dynamics is a behavioural biometric modality, whose performances, however, are worse than morphological modalities such as fingerprint, iris recognition or face recognition. To cope with this, we propose to combine keystroke dynamics with soft biometrics. Soft biometrics refers to biometric characteristics that are not sufficient to authenticate a user (e.g. height, gender, skin/eye/hair colour). Concerning keystroke dynamics, three soft categories are considered: gender, age and handedness. We present different methods to combine the results of a classical keystroke dynamics system with such soft criteria. By applying simple sum and multiply rules, our experiments suggest that the combination approach performs better than the classification approach with best result of 5.41% of equal error rate. The efficiency of our approaches is illustrated on a public database.

Keywords: behavioural sciences computing; biometrics (access control); behavioural biometric modality; biometric characteristics; classification approach; combination approach; keystroke dynamics performance enhancement; soft biometrics; Authentication; Biometrics (access control);Databases; Feature extraction; Support vector machines; Timing (ID#: 15-8178)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7126345&isnumber=7126341

Dangra, B.S.; Rajput, D.; Bedekar, M.V.; Panicker, S.S., "Profiling Of Automobile Drivers Using Car Games," in Pervasive Computing (ICPC), 2015 International Conference on, pp. 1-5, 8-10 Jan. 2015. doi: 10.1109/PERVASIVE.2015.7087173

Abstract: In this paper we use car games as a simulator for real automobiles, and generate driving logs that contain the vehicle data. This includes values for parameters like gear used, speed, left turns taken, right turns taken, accelerator, braking and so on. From these parameters we have derived some more additional parameters and analyzed them. As the input from automobile driver is only routine driving, no explicit feedback is required; hence there are more chances of being able to accurately profile the driver. Experimentation and analysis from this logged data shows possibility that driver profiling can be done from vehicle data. Since the profiles are unique, these can be further used for a wide range of applications and can successfully exhibit typical driving characteristics of each user.

Keywords: automobiles; computer games; digital simulation; traffic engineering computing; automobile driver profiling; car games; driving characteristics; driving log generation; simulator; vehicle data; Acceleration; Automobiles; Computational modeling; Computers; Games; Gears; Part profiles; User profiling; behavioral patterns; biometrics; gaming; keystroke identification (ID#: 15-8179)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7087173&isnumber=7086957

Jiaju Huang; Daqing Hou; Schuckers, S.; Zhenhao Hou, "Effect of Data Size on Performance of Free-Text Keystroke Authentication," in Identity, Security and Behavior Analysis (ISBA), 2015 IEEE International Conference on, pp. 1-7, 23-25 March 2015. doi: 10.1109/ISBA.2015.7126361

Abstract: Free-text keystroke authentication has been demonstrated to be a promising behavioral biometric. But unlike physiological traits such as fingerprints, in free-text keystroke authentication, there is no natural way to identify what makes a sample. It remains an open problem as to how much keystroke data are necessary for achieving acceptable authentication performance. Using public datasets and two existing algorithms, we conduct two experiments to investigate the effect of the reference profile size and test sample size on False Alarm Rate (FAR) and Imposter Pass Rate (IPR). We find that (1) larger reference profiles will drive down both IPR and FAR values, provided that the test samples are large enough, and (2) larger test samples have no obvious effect on IPR, regardless of the reference profile size. We discuss the practical implication of our findings.

Keywords: authorisation; biometrics (access control);keyboards; FAR; IPR; authentication performance; behavioral biometric; data size; false alarm rate; free-text keystroke authentication; imposter pass rate; keystroke data; physiological traits; public datasets; reference profile size; test sample size; Authentication; Bioinformatics; Databases; Distance measurement; Intellectual property; Standards; Testing (ID#: 15-8180)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7126361&isnumber=7126341

Antal, M.; Szabo, L.Z., "An Evaluation of One-Class and Two-Class Classification Algorithms for Keystroke Dynamics Authentication on Mobile Devices," in Control Systems and Computer Science (CSCS), 2015 20th International Conference on, pp. 343-350, 27-29 May 2015. doi: 10.1109/CSCS.2015.16

Abstract: In this paper we study keystroke dynamics as an authentication mechanism for touch screen based devices. The authentication process decides whether the identity of a given person is accepted or rejected. This can be easily implemented by using a two-class classifier which operates with the help of positive samples (belonging to the authentic person) and negative ones. However, collecting negative samples is not always a viable option. In such cases a one-class classification algorithm can be used to characterize the target class and distinguish it from the outliers. We implemented an authentication test-framework that is capable of working with both one-class and two-class classification algorithms. The framework was evaluated on our dataset containing keystroke samples from 42 users, collected from touch screen-based Android devices. Experimental results yield an Equal Error Rate (EER) of 3% (two-class) and 7% (one-class) respectively.

Keywords: Android (operating system); authorisation; error analysis; mobile computing; pattern classification; touch sensitive screens; Android devices; EER; authentication test-framework; equal error rate; keystroke dynamics authentication; mobile devices; one-class classification algorithms; touch screen based devices; two-class classification algorithms; Authentication; Biometrics (access control); Error analysis; Feature extraction; Keyboards; Mobile handsets; Training; biometrics; keystroke dynamics; mobile authentication; one-class classification; touchscreen (ID#: 15-8181)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7168452&isnumber=7168393

D'Lima, N.; Mittal, J., "Password Authentication using Keystroke Biometrics," in Communication, Information & Computing Technology (ICCICT), 2015 International Conference on, pp. 1-6, 15-17 Jan. 2015. doi: 10.1109/ICCICT.2015.7045681

Abstract: The majority of applications use a prompt for a username and password. Passwords are recommended to be unique, long, complex, alphanumeric and non-repetitive. These reasons that make passwords secure may prove to be a point of weakness. The complexity of the password provides a challenge for a user and they may choose to record it. This compromises the security of the password and takes away its advantage. An alternate method of security is Keystroke Biometrics. This approach uses the natural typing pattern of a user for authentication. This paper proposes a new method for reducing error rates and creating a robust technique. The new method makes use of multiple sensors to obtain information about a user. An artificial neural network is used to model a user's behavior as well as for retraining the system. An alternate user verification mechanism is used in case a user is unable to match their typing pattern.

Keywords: authorisation; biometrics (access control);neural nets; pattern matching; artificial neural network; error rates; keystroke biometrics; password authentication; password security; robust security technique; typing pattern matching; user behavior; user natural typing pattern; user verification mechanism; Classification algorithms; Error analysis; Europe; Hardware; Monitoring; Support vector machines; Text recognition; Artificial Neural Networks; Authentication; Keystroke Biometrics; Password; Security (ID#: 15-8182)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7045681&isnumber=7045627

Chammas, Edgard; Mokbel, Chafic; Likforman-Sulem, Laurence, "Arabic Handwritten Document Preprocessing and Recognition," in Document Analysis and Recognition (ICDAR), 2015 13th International Conference on, pp. 451-455, 23-26 Aug. 2015. doi: 10.1109/ICDAR.2015.7333802

Abstract: Arabic handwritten documents present specific challenges due to the cursive nature of the writing and the presence of diacritical marks. Moreover, one of the largest labeled database of Arabic handwritten documents, the OpenHart-NIST database includes specific noise, namely guidelines, that has to be addressed. We propose several approaches to process these documents. First a guideline detection approach has been developed, based on K-means, that detects the documents that include guidelines. We then propose a series of preprocessing at text-line level to reduce the noise effects. For text-lines including guidelines, a guideline removal preprocessing is described and existing keystroke restoration approaches are assessed. In addition, we propose a preprocessing that combines noise removal and deskewing by removing line fragments from neighboring text lines, while searching for the principal orientation of the text-line. We provide recognition results, showing the significant improvement brought by the proposed processings.

Keywords: Hidden Markov models; Image recognition; Image segmentation; Optical imaging; Optical reflection; Text recognition; Writing; Arabic Handwriting Recognition; Guideline removal; Handwritten Document preprocessing; Noise removal; OpenHaRT database; Textline image Preprocessing (ID#: 15-8183)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7333802&isnumber=7333702

Fwa Hua Leong, "Automatic Detection of Frustration of Novice Programmers from Contextual and Keystroke Logs," in Computer Science & Education (ICCSE), 2015 10th International Conference on, pp. 373-377, 22-24 July 2015. doi: 10.1109/ICCSE.2015.7250273

Abstract: Novice programmers exhibit a repertoire of affective states over time when they are learning computer programming. The modeling of frustration is important as it informs on the need for pedagogical intervention of the student who may otherwise lose confidence and interest in the learning. In this paper, contextual and keystroke features of the students within a Java tutoring system are used to detect frustration of student within a programming exercise session. As compared to psychological sensors used in other studies, the use of contextual and keystroke logs are less obtrusive and the equipment used (keyboard) is ubiquitous in most learning environment. The technique of logistic regression with lasso regularization is utilized for the modeling to prevent over-fitting. The results showed that a model that uses only contextual and keystroke features achieved a prediction accuracy level of 0.67 and a recall measure of 0.833. Thus, we conclude that it is possible to detect frustration of a student from distilling both the contextual and keystroke logs within the tutoring system with an adequate level of accuracy.

Keywords: Java; computer science education; feature extraction; intelligent tutoring systems; programming; regression analysis; Java tutoring system; contextual logs; keystroke logs; lasso regularization; logistic regression; novice programmers; programming exercise session; student frustration detection; Accuracy; Context modeling; Java; Mathematical model; Programming profession; Sensors; frustration; keystrokes; learning; novice; programming (ID#: 15-8184)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7250273&isnumber=7250193

---

Note:

Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to news@scienceofsecurity.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.

---

Metadata Discovery Problem 2015

	Metadata Discovery Problem 2015

Metadata is often described as "data about data." Usage varies from virtualization to data warehousing to statistics. Because of its volume and complexity, metadata has the potential to tax security procedures and processes. The C3E page at http://cps-vo.org/node/13712 describes the Metadata-based Malicious Cyber Discovery Problem and solicits research and papers. The bibliography presented here looks at what has been published in 2015.

---

Chappell, A.; Weaver, J.; Purohit, S.; Smith, W.; Schuchardt, K.; West, P.; Lee, B.; Fox, P., "Enhancing the Impact of Science Data Toward Data Discovery and Reuse," in Computer and Information Science (ICIS), 2015 IEEE/ACIS 14th International Conference on, pp. 271-277, June 28 2015-July 1 2015. doi: 10.1109/ICIS.2015.7166605

Abstract: The amount of data produced in support of scientific research continues to grow rapidly. Despite the accumulation and demand for scientific data, relatively little data are actually made available for the broader scientific community. We surmise that one root of this problem is the perceived difficulty of electronically publishing scientific data and associated metadata in a way that makes it discoverable. We propose exploiting Semantic Web technologies and best practices to make metadata both discoverable and easy to publish. We share experiences in curating metadata to illustrate the cumbersome nature of data reuse in the current research environment. We also make recommendations with a real-world example of how data publishers can provide their metadata by adding limited additional markup to HTML pages on the Web. With little additional effort from data publishers, the difficulty of data discovery, access, and sharing can be greatly reduced and the impact of research data greatly enhanced.

Keywords: data handling; meta data; semantic Web; HTML pages; data access; data discovery; data publishing; data reuse; data sharing; meta data; science data; semantic Web technologies; Moisture measurement; Ontologies; Resource description framework; Semantics; Soil measurements; Soil moisture; Data Curation; Data Discovery; Data Publishing Recommendations; Digital Data Sharing; Linked Data (ID#: 15-7947)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7166605&isnumber=7166553

Dinata, S.; Dewabharata, A.; Shuo-Yan Chou, "An Ontology-Enabled Service Discovery for Supporting Health Promotion System," in Computer Software and Applications Conference (COMPSAC), 2015 IEEE 39th Annual, vol. 3, pp. 276-281, 1-5 July 2015. doi: 10.1109/COMPSAC.2015.244
Abstract: Health promotion related products and services have grown rapidly in recent years, many devices and services were developed for this endeavor. Consequently, there is a need to represent fragmented functions into a general description and comparable shape in order to provide context-based matching and ranking, which is a substance of the whole services. A service discovery was introduced as a mechanism to support user in reducing the difficulties. There is also an approach to the problem of context matching and ranking of services towards resulted recommendation. This research introduced methods or mechanisms to address the issue of the semantic similarity assessment among services with the recommendation, such as TF/IDF and context analysis. Each service or application is represented by metadata designed by using ontology to allow modifiable and collaborative work in this field. Selection of the most suitable metadata definition language was also the issue covered by this work.

Keywords: health care; meta data; ontologies (artificial intelligence);ubiquitous computing; context-based matching; context-based ranking; fragmented functions; health promotion system; metadata definition language; ontology-enabled service discovery; semantic similarity assessment;Androids;Context; Context-aware services; Metadata; Ontologies; Sensor phenomena and characterization; Health promotion; metadata; mobile and wearable computing; ontology; persuasive technology; service discovery (ID#: 15-7948)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7273368&isnumber=7273299

Rauch, M.; Klieber, W.; Wozelka, R.; Singh, S.; Sabol, V., "Knowminer Search - A Multi-visualisation Collaborative Approach to Search Result Analysis," in Information Visualisation (iV), 2015 19th International Conference on, pp. 379-385, 22-24 July 2015. doi: 10.1109/iV.2015.72

Abstract: The amount of information available on the internet and within enterprises has reached an incredible dimension. Efficiently finding and understanding information and thereby saving resources remains one of the major challenges in our daily work. Powerful text analysis methods, a scalable faceted retrieval engine and a well-designed interactive user interface are required to address the problem. Besides providing means for drilling-down to the relevant piece of information, a part of the challenge arises from the need of analysing and visualising data to discover relationships and correlations, gain an overview of data distributions and unveil trends. Visual interfaces leverage the enormous bandwidth of the human visual system to support pattern discovery in large amounts of data. Our Know miner search builds upon the well-known faceted search approach which is extended with interactive visualisations allowing users to analyse different aspects of the result set. Additionally, our system provides functionality for organising interesting search results into portfolios, and also supports social features for rating and boosting search results and for sharing and annotating portfolios.

Keywords: data visualisation; information analysis; information retrieval; user interfaces; data analysis; data visualization; human visual system; interactive user interface; knowminer search approach; multivisualisation collaborative approach; pattern discovery; portfolio annotation; portfolio search; scalable faceted retrieval engine; search result analysis; visual interface; Data mining; Data visualization; Metadata; Portfolios; Search engines; Semantics; Visualization; Search interface; faceted search; multi-visualisation analysis; shared result portfolios (ID#: 15-7949)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7272630&isnumber=7272518

Santana Guimaraes, F.S.; Quaresma, P.; Pampulim Caldeira, C., "Information Audit Based on Ontology," in Information Systems and Technologies (CISTI), 2015 10th Iberian Conference on, pp. 1-7, 17-20 June 2015. doi: 10.1109/CISTI.2015.7170596

Abstract: Information Audit use methods and CAATTS (Computer-Assisted Audit Techniques) to capture, analyze and evaluate organizational information assets, in regular or continuous basis. However, does not exist a widespread adoption of CAATTs and the CAATTs normally does not use a kind of model that allows to capture the structure and semantic of information as part of the data capture process to audit. Based on this problem, this article focuses on the domain Ontology and Metadata used in Data Governance concepts and Data Lineage for its application to Audit Information.

Keywords: auditing; meta data; ontologies (artificial intelligence); semantic Web; CAATTS; computer-assisted audit techniques; data capture process; data governance concepts; data lineage; domain ontology; information audit; information semantic; information structure; metadata; organizational information asset analysis; organizational information asset capture; organizational information asset evaluation; semantic Web; Bismuth; Business; Metadata; Ontologies; Standards; Unified modeling language; Business Intelligence; Data Discovery; Data Governance; Data Lineage; Information Audit; Metadata; Natural Language Processing; Ontology; Semantic Web (ID#: 15-7950)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7170596&isnumber=7170350

---

Note:

Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to news@scienceofsecurity.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.

---

Oscillating Behavior 2015

	Oscillating Behavior 2015

The oscillation of a function or a sequence quantifies the variance between its extreme values as it approaches infinity or a point. As such, oscillating behaviors are important to the Science of Security in terms of predictive metrics and resilience. The articles cited here were presented in 2015.

---

Gozse, I.; Soumelidis, A., "Realizing System Poles Identification on the Unit Disc Based on the Fourier Transform of Laguerre-Coefficients," in Control and Automation (MED), 2015 23th Mediterranean Conference on, pp. 821-826, 16-19 June 2015. doi: 10.1109/MED.2015.7158847

Abstract: This paper proposes a new method of identification of the poles in a discrete linear system from frequency domain data. The discrete rational transfer function is represented in a rational Laguerre basis, where the basis elements can be expressed by powers of the Blaschke-function. Laguerre coefficients are considered as a sum of oscillating signals what gives the opportunity to estimate the number and place of poles of the system by the Fourier trasform of the Laguerre-coefficients. The behavior of the method is analyzed in the presence of noise in the measurements and an example is presented as an illustration of the full procedure.

Keywords: Fourier transforms; signal processing; stochastic processes; transfer functions; Blaschke-function; Fourier transform; Laguerre-coefficients; discrete linear system; discrete rational transfer function; frequency domain data; rational Laguerre basis; system poles identification; unit disc; Discrete Fourier transforms; Frequency-domain analysis; Mathematical model; Noise; Noise measurement; Identification; Linear systems (ID#: 15-7904)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7158847&isnumber=7158720

Zhenhui Li; Jingjing Wang; Jiawei Han, "ePeriodicity: Mining Event Periodicity from Incomplete Observations," in Knowledge and Data Engineering, IEEE Transactions on, vol. 27, no. 5, pp. 1219-1232, May 1 2015. doi: 10.1109/TKDE.2014.2365801

Abstract: Advanced technology in GPS and sensors enables us to track physical events, such as human movements and facility usage. Periodicity analysis from the recorded data is an important data mining task which provides useful insights into the physical events and enables us to report outliers and predict future behaviors. To mine periodicity in an event, we have to face real-world challenges of inherently complicated periodic behaviors and imperfect data collection problem. Specifically, the hidden temporal periodic behaviors could be oscillating and noisy, and the observations of the event could be incomplete. In this paper, we propose a novel probabilistic measure for periodicity and design a practical algorithm, ePeriodicity, to detect periods. Our method has thoroughly considered the uncertainties and noises in periodic behaviors and is provably robust to incomplete observations. Comprehensive experiments on both synthetic and real datasets demonstrate the effectiveness of our method.

Keywords: data mining; probability; GPS; data mining task; e-periodicity analysis; facility usage; hidden temporal periodic behaviors; human movements; imperfect data collection problem; incomplete observations; outlier detection; period detection; periodic behavior noises; periodic behavior prediction; periodic behavior uncertainties; periodicity event mining; periodicity mining; physical event tracking; physical events; probabilistic measure; real datasets; sensors; synthetic datasets; Global Positioning System; Markov processes; Nonhomogeneous media; Probabilistic logic; Random processes; Sensors; Vectors; Incomplete Observations; Periodicity; Probabilistic Model; incomplete observations; probabilistic model (ID#: 15-7905)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6940249&isnumber=7073687

Jeon, J.P.; Hong, J.; Lee, Y.R.; Seo, J.H.; Oh, S.H.; Chung, S.K., "Novel Energy Harvesting Using Acoustically Oscillating Microbubbles," in Solid-State Sensors, Actuators and Microsystems (TRANSDUCERS), 2015 Transducers - 2015 18th International Conference on, pp. 1933-1936, 21-25 June 2015. doi: 10.1109/TRANSDUCERS.2015.7181330

Abstract: When a bubble hanging on a piezocantilever is excited by an acoustic wave around its resonant frequency, it oscillates and simultaneously generates cavitational microstreaming around it. The microstreaming bends the piezocantilever with fine vibration, resulting in electric power generation from the piezocantilever. In this study, we explore the dynamic behaviors of an acoustically oscillating bubble on the flexible substrate as well as demonstrate applicability of the proposed system to practical applications such as energy harvesting and acoustic wave sensors. First, the effects of an applied frequency and bubble size on the dynamic characteristics of an acoustically oscillating bubble, such as maximum amplitude and resonant frequency, are experimentally investigated. The amplitude of an oscillating bubble is maximized at its resonant frequency, which is inversely proportional to its size. In addition, electrical voltage generated by a piezocantilever attaching with an oscillating bubble is measured at different applied frequencies, bubble sizes, and distances between the bubble and piezoactuator. The results show that the generated voltage is strongly affected by the applied frequency and is inversely proportional to the bubble size and the distance between the bubble and piezoactuator. Finally, the output voltage is almost linearly proportional to the number of bubbles.

Keywords: bubbles; energy harvesting; microfluidics; piezoelectric actuators; acoustic wave sensors; acoustically oscillating microbubbles; cavitational microstreaming; electric power generation; energy harvesting; flexible substrate; piezoactuator; piezocantilever; resonant frequency; Acoustic waves; Energy harvesting; Microfluidics; Oscillators; Resonant frequency; Sensors; Bubble dynamics; acoustic wave sensors; cavitational microstreaming; energy harvesting (ID#: 15-7906)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7181330&isnumber=7180834

Juanjuan Shi; Ming Liang, "Oscillatory Behavior Based Fault Feature Extraction for Bearing Fault Diagnosis," in Advanced Mechatronic Systems (ICAMechS), 2015 International Conference on, pp. 473-478, 22-24 Aug. 2015. doi: 10.1109/ICAMechS.2015.7287157

Abstract: An intelligent fault signature extraction scheme based on oscillatory behaviors is reported in this paper for bearing fault diagnosis. The proposed method is based on the joint application of morphological component analysis (MCA) and tunable Q-factor wavelet transform (TQWT) to decompose a signal into two signal components (i.e., low- and high-oscillation components) according to whether they having sustained oscillations. As bearing fault-induced transients (low-oscillation component) oscillate differently from periodic interferences and noise (high-oscillation component and residual), they can be separated via the MCA with the aid of TQWT which is parameterized by Q-factor and plays a role of distinguishing signal components presenting different oscillatory behaviors. The low- and high-oscillation components can be obtained by solving the objective function formulated based on MCA and TQWT. The determination of Q-factor for each signal component representation is also explored in this paper. The effectiveness of the proposed method is examined by experimental data.

Keywords: Q-factor; fault diagnosis; feature extraction; machine bearings; mechanical engineering computing; oscillations; signal processing; bearing fault diagnosis; bearing fault-induced transients; fault feature extraction; intelligent fault signature extraction; morphological component analysis; oscillatory behavior; periodic interferences; signal component representation; signal components; tunable Q-factor wavelet transform; Conferences; Decision support systems; Mechatronics; Bearing Fault Diagnosis; Intelligent Fault Feature Extraction; Oscillatory Behavior; Signal Decomposition; Tunable Q-factor Wavelet Transform (ID#: 15-7907)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7287157&isnumber=7287059

Cai, W.; Yi, F.; Cosoroaba, E.; Fahimi, B., "Stability Optimization Method Based on Virtual Resistor and Nonunity Voltage Feedback Loop for Cascaded DC-DC Converters," in Industry Applications, IEEE Transactions on, vol. 51, no. 6, pp. 4575-4583, Nov.-Dec. 2015. doi: 10.1109/TIA.2015.2443717

Abstract: This paper proposes a stability optimization method based on virtual resistor and nonunity voltage feedback loop for cascaded dc-dc converters. Oscillating phenomenon or instability would occur occasionally with two or more closed-loop dc-dc converters in series. The virtual resistor and nonunity voltage feedback are used to modify the feedback loop instead of only a direct voltage feedback to improve stability and get rid of oscillating behavior. Based on the stability analysis of dc-dc converters with distributed parameters, several cases have been derived. After that, relative to different cases, two modified methods based on virtual resistor and nonunity voltage feedback loop are proposed to stabilize the overall system. With these methods, no extra power loss would be generated, and it is easy to embed them into any conventional control system. Experimental results verified the theoretical analysis and feasibility of the proposed control methods.

Keywords: Capacitors; DC-DC power converters; Feedback loop; Impedance; Inductors; Resistors; Stability analysis; Cascaded converter; constant power load; constant-power load (CPL); negative impedance; non-unity feedback; nonunity feedback; virtual resistor (ID#: 15-7908)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7120974&isnumber=7331695

Senkal, D.; Efimovskaya, A.; Shkel, A.M., "Minimal Realization of Dynamically Balanced Lumped Mass WA Gyroscope: Dual Foucault Pendulum," in Inertial Sensors and Systems (ISISS), 2015 IEEE International Symposium on, pp. 1-2, 23-26 March 2015. doi: 10.1109/ISISS.2015.7102394

Abstract: We report a new type of MEMS rate integrating gyroscope. The Dual Foucault Pendulum (DFP) gyroscope consists of two dynamically equivalent, mechanically coupled proof masses, oscillating in anti-phase motion, creating a dynamically balanced resonator with x-y symmetry in frequency and damping. Phase synchronization is established by mechanical coupling of the two proof masses, whereas quadrature suppression is achieved by four differential shuttle pairs placed in-between. Dual axis tuning fork behavior provides vibration immunity and anchor loss mitigation, resulting in a Qfactor over 100,000 on both modes at a center frequency of 2.7 kHz. Whole angle mechanization is demonstrated by FPGAbased closed loop control of the gyroscope, showing a scale factor variation of 22 ppm RMS over 2 hours of measurement. We believe Dual Foucault Pendulum is the minimal realization of a dynamically balanced lumped mass whole angle (WA) gyroscope.

Keywords: angular measurement; closed loop systems; field programmable gate arrays; gyroscopes; mass measurement; microsensors; pendulums; synchronisation; vibration measurement; vibrations; DFP gyroscope; FPGA-based closed loop control; MEMS rate integrating gyroscope; anchor loss mitigation; antiphase motion; differential shuttle pair; dual axis tuning fork;dual foucault pendulum gyroscope; dynamically balanced lumped mass WA gyroscope; dynamically balanced resonator; frequency 2.7 kHz; mechanical coupled proof mass; phase synchronization; quadrature suppression; vibration immunity; whole angle gyroscope; whole angle mechanization; x-y symmetry; Couplings; Damping; Gain control; Gyroscopes; Micromechanical devices; Phase locked loops; Vibrations; Rate integrating MEMS gyroscope; closed loop control; tuning fork behaviour; whole angle mechanization (ID#: 15-7909)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7102394&isnumber=7102353

Cossutta, P.; Aguirre, M.P.; Cao, A.; Raffo, S.; Valla, M.I., "A Novel Modulation Technique for Single Phase Current Source Inverters with Active Buffering," in Industrial Technology (ICIT), 2015 IEEE International Conference on, pp. 2036-2041, 17-19 March 2015. doi: 10.1109/ICIT.2015.7125396

Abstract: Interface between electric grids and renewable energy sources are of a big concern to researchers worldwide. Many efforts are applied to obtain converter topologies and modulation techniques with increasing features regarding switching behavior, input and output distortion, efficiency, switches utilization ratio and reliability. Interfacing constant power sources with sinusoidal systems require huge storage capabilities to compensate the oscillating output power. This storage implies higher costs, lower reliability and bulkier systems. In this paper a new modulation technique for a single phase Current Source Inverter (CSI) with an Active Buffer (AB) is presented. The AB allows to reduce the size and ripple requirements of the storage element, increasing reliability and improving overall performance.

Keywords: invertors; modulation; active buffering; constant power source interface; modulation technique; renewable energy source; ripple reduction; single phase current source inverter; size reduction; storage element; Capacitors; Inverters; Phase locked loops; Phase modulation; Power generation; Switches (ID#: 15-7910)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7125396&isnumber=7125066

Choi, Y.; Lee, K.; Kim, Y.; Kim, T.; You, C.; Jung, M., "Oscillatory Magnetic Coupling in Amorphous CoSiB/Pt/CoSiB Structure," in Magnetics Conference (INTERMAG), 2015 IEEE, pp. 1-1, 11-15 May 2015.doi: 10.1109/INTMAG.2015.7156734

Abstract: This paper investigates the magnetic interaction between two CoSiB layers separated by a Pt layer. The CoSiB/Pt/CoSiB sandwich structures are grown using DC sputtering method. Anomalous Hall effect is measured at room temperature. The magnitudes of Hall voltage signals are oscillating as a function of the Pt thickness, resembling the oscillatory behavior observed for the Ruderman-Kittle-Kasuya-Yosida (RKKY) interaction. For 22 and 27 A thickness, clear signals from the antiferromagnetic coupling have been seen in both AHE and magnetization data. In order to exploit the mechanism of indirect interlayer coupling, the AHE is also measured as a function of perpendicular field Hz in an external magnetic field of Hx or Hy parallel to the film plane. AHE results show a shift of hysteresis loop, similar to an exchange bias effect found in ferromagnetic/antiferromagnetic bilayer structure. This behavior is analyzed using the Stoner-Wohlfarth model.

Keywords: Hall effect; RKKY interaction; amorphous magnetic materials; antiferromagnetic materials; boron alloys; cobalt alloys; magnetic hysteresis; magnetic multilayers; platinum; sandwich structures; silicon alloys; sputter deposition; CoSiB-Pt-CoSiB; DC sputtering; Hall voltage signals; Ruderman-Kittle-Kasuya-Yosida interaction; Stoner-Wohlfarth model; amorphous structure; anomalous Hall effect; antiferromagnetic coupling; exchange bias effect; external magnetic field; ferromagnetic-antiferromagnetic bilayer structure; hysteresis loop; indirect interlayer coupling; magnetic interaction; magnetization; oscillatory magnetic coupling; perpendicular field; sandwich structures; temperature 293 K to 298 K; Amorphous magnetic materials; Magnetic domain walls; Magnetic domains; Magnetic hysteresis; Magnetic multilayers; Magnetic separation; Perpendicular magnetic anisotropy (ID#: 15-7911)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7156734&isnumber=7156490

Bin Sayed, S.; Ulku, H.A.; Bagci, H., "A Stable Marching On-In-Time Scheme for Solving the Time-Domain Electric Field Volume Integral Equation on High-Contrast Scatterers," in Antennas and Propagation, IEEE Transactions on, vol. 63, no. 7, pp. 3098-3110, July 2015. doi: 10.1109/TAP.2015.2429736

Abstract: A time-domain electric field volume integral equation (TD-EFVIE) solver is proposed for characterizing transient electromagnetic wave interactions on high-contrast dielectric scatterers. The TD-EFVIE is discretized using the Schaubert-Wilton-Glisson (SWG) and approximate prolate spherical wave (APSW) functions in space and time, respectively. The resulting system of equations cannot be solved by a straightforward application of the marching on-in-time (MOT) scheme since the two-sided APSW interpolation functions require the knowledge of unknown "future" field samples during time marching. Causality of the MOT scheme is restored using an extrapolation technique that predicts the future samples from known "past" ones. Unlike the extrapolation techniques developed for MOT schemes that are used in solving time-domain surface integral equations, this scheme trains the extrapolation coefficients using samples of exponentials with exponents on the complex frequency plane. This increases the stability of the MOT-TD-EFVIE solver significantly, since the temporal behavior of decaying and oscillating electromagnetic modes induced inside the scatterers is very accurately taken into account by this new extrapolation scheme. Numerical results demonstrate that the proposed MOT solver maintains its stability even when applied to analyzing wave interactions on high-contrast scatterers.

Keywords: approximation theory; electric field integral equations; electromagnetic wave scattering; extrapolation; interpolation; stability; time-domain analysis; MOT-TD-EFVIE solver; SWG scheme; Schaubert-Wilton-Glisson scheme; approximate prolate spherical wave function; extrapolation technique; high-contrast dielectric scatterer; stability; stable marching on-in-time scheme; time-domain electric field volume integral equation; time-domain surface integral equation; transient electromagnetic wave interaction; two-sided APSW interpolation function;Accuracy;Convolution;Dielectrics;Extrapolation;Integral equations; Numerical stability; Time-domain analysis; Band-limited interpolation; Marching on-in-time method; band-limited interpolation; electric field volume integral equation; electric field volume integral equation (EFVIE); extrapolation; marching on-in-time (MOT) method; time domain analysis; time-domain analysis; transient analysis (ID#: 15-7912)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7101834&isnumber=7147853

O'Riordan, E.; Dudka, A.; Galayko, D.; Basset, P.; Feely, O.; Blokhina, E., "Capacitive Energy Conversion With Circuits Implementing a Rectangular Charge-Voltage Cycle Part 2: Electromechanical and Nonlinear Analysis," in Circuits and Systems I: Regular Papers, IEEE Transactions on, vol. 62, no. 11, pp. 2664-2673, Nov. 2015. doi: 10.1109/TCSI.2015.2451913

Abstract: In this paper, we explore and describe the electromechanical coupling which results from eKEH conditioning circuits implementing a rectangular QV cycle, including but not limited to the charge pump and Bennet's doubler circuits. We present numerical and semi-analytical analyses describing the nonlinear relationship between the oscillating mass and the conditioning circuit. We believe this is a poorly understood facet of the device and, as we will portray, affects the potential harvested energy. An approach to determine the frequency shift due to the electromechanical coupling is presented and compared with novel experimental results. We provide some examples of bifurcation behavior and show that the only source of nonlinearity is in the coupling between the electrical and mechanical domains. This work continues from the electrical analysis presented in Part 1, providing a full insight into the complex behavior of the electromechanical coupling.

Keywords: bifurcation; charge pump circuits; energy harvesting; frequency multipliers; signal conditioning circuits; Bennet doubler circuit; bifurcation behavior; capacitive energy conversion; charge pump; eKEH conditioning circuit; electromechanical analysis; electromechanical coupling; electrostatic kinetic energy harvester; frequency shift; nonlinear analysis; rectangular QV cycle; rectangular charge-voltage cycle; Force; Integrated circuit modeling; Mathematical model; Numerical models; Oscillators; Transducers; Vibrations; Bifurcation analysis; electromechanical coupling; electrostatic kinetic energy harvesters; multiple scale methods; steady-state oscillations (ID#: 15-7913)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7300453&isnumber=7307240

Ramirez, D.; Bartolome, J.P.; Martinez, S.; Herrero, L.C.; Blanco, M., "Emulation of an OWC Ocean Energy Plant With PMSG and Irregular Wave Model," in Sustainable Energy, IEEE Transactions on, vol. 6, no. 4, pp. 1515-1523, Oct. 2015. doi: 10.1109/TSTE.2015.2455333

Abstract: Ocean energy is a promising resource for renewable electricity generation that presents many advantages, such as being more predictable than wind energy, but also some disadvantages such as large and slow amplitude variations in the generated power. This paper presents a hardware-in-the-loop prototype that allows the study of the electric power profile generated by a wave power plant based on the oscillating water column (OWC) principle. In particular, it facilitates the development of new solutions to improve the intermittent profile of the power fed into the grid or the test of the OWC behavior when facing a voltage dip. Also, to obtain a more realistic model behavior, statistical models of real waves have been implemented.

Keywords: hydroelectric power stations; statistical analysis; wave power plants; OWC ocean energy plant; PMSG; electric power profile; generated power; hardware-in-the-loop prototype; irregular wave model; oscillating water column; renewable electricity generation; slow amplitude variations; statistical models; voltage dip; wave power plant; wind energy; Mathematical model; Prototypes; Renewable energy sources; Torque; Wave energy; Oscillating water column (OWC);renewable energy; ride through; wave energy (ID#: 15-7914)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7177104&isnumber=7270370

Dietmannsberger, M.; Schulz, D., "Ancillary Services and Dynamic Behavior of Inverters Connected to the Low Voltage Grid," in Compatibility and Power Electronics (CPE), 2015 9th International Conference on, pp. 49-56, 24-26 June 2015. doi: 10.1109/CPE.2015.7231048

Abstract: Small generators connected to the low voltage grid must be able to provide ancillary services in order to support system stability nowadays and in the future. Grid codes have been implemented that demand for load-frequency control and reactive power control. Together with anti-islanding-detection, these control algorithms mainly affect the dynamic behavior of the inverters in case of loss of mains. In this paper, an inverter model is presented that complies with the major grid codes. Islanding tests show new effects that arise because of the interaction between different control algorithms. Oscillating operating points may occur under special circumstances. This leads to further investigations on frequency dynamics. The additional benefit of rate-of-change-of-frequency (ROCOF) monitoring is numbered in a quantitative analysis and simulation. Not only steady state, but dynamic behavior is investigated with respect to the Non-Detection-Zone (NDZ). It is shown, that using frequency dynamics, scales down NDZs of passive anti-islanding methods significantly.

Keywords: distributed power generation; frequency control; invertors; load regulation; power distribution faults; power grids; power system stability; reactive power control; NDZ; ROCOF monitoring; ancillary service; antiislanding detection; frequency dynamic; inverter dynamic behavior; load-frequency control; low voltage grid code; nondetection zone; quantitative analysis; rate-of-change-of-frequency monitoring; reactive power control; Generators; Inverters; Low voltage; Reactive power; Resonant frequency; Standards; Non Detection Zone; ROCOF; ancillary services; anti-islanding; inverter control; mains monitoring; rate of change of frequency (ID#: 15-7915)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7231048&isnumber=7231036

Yang, J.; Yu, Q.; Zhao, J.; Qiu, J.; Wen, Y.; Li, P., "A Broadband and Two-Dimensional Vibration Energy Harvester using Multiple Magnetostrictive/Piezoelectric Composite Transducers," in Magnetics Conference (INTERMAG), 2015 IEEE, pp. 1-1, 11-15 May 2015. doi: 10.1109/INTMAG.2015.7156828

Abstract: There is growing interest in energy scavenging from natural vibration sources to power autonomous wireless telemetry devices. Vibration energy is typically converted into electrical energy using piezoelectric, electromagnetic, or electrostatic transduction mechanisms [1]. Despite the transduction mechanisms and novel structures, there is still an obstacle facing realistic implementation in most of the vibration-based energy harvester, because they are deigned to harvest energy in a single direction of the ambient vibrations. But a vibration source in real environment may exhibit several motion directions over time. Hence, they may not generate power effectively in the case of a motion with multiple or time-variant motion directions. To address this issue, Moss et al. proposed a bi-axial oscillator to extract vibration energy with arbitrary motion directions in a plane [2]. However, the AISI 52100 ball oscillating on the surface of the Terfenol-D will damage the transducer inevitably, and the bandwidth of the harvester was narrow (about 1 Hz). Magnetoelectric (ME) transducers (composed of magnetostrictive/ piezoelectric laminate composites) were originally intended for magnetic field sensors but have recently been used in vibration energy harvesting. Therefore, we report on a design for an energy harvester using ME transducers, in which only one vibrating body is used to extract the ambient vibration energy with arbitrary in-plane motion directions, and the frequency bandwidth can be enhanced by nonlinear behavior of the magnetic force.

Keywords: composite materials; energy harvesting; magnetostrictive devices; piezoelectric transducers; vibrations; ambient vibration energy; arbitrary in-plane motion directions; broadband vibration energy harvester; design; frequency bandwidth; magnetic force; multiple magnetostrictive/piezoelectric composite transducers; nonlinear behavior; two-dimensional vibration energy harvester; vibrating body; Energy harvesting; Magnetic circuits; Magnetic flux; Magnetoelectric effects; Magnetostriction; Transducers; Vibrations (ID#: 15-7916)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7156828&isnumber=7156490

Huang, Z.; Yue, J.; Wang, J.; Zhai, Y.; Xu, Y.; Wang, B., "Oscillatory Tunneling Magnetoresistance in Fe3O4/GaAs/Fe3O4 Junction," in Magnetics Conference (INTERMAG), 2015 IEEE, pp. 1-1, 11-15 May 2015. doi: 10.1109/INTMAG.2015.7156969

Abstract: Spintronics strives to revolutionize conventional electronics by integrating magnetic materials with semiconductor devices, such as the spin field effect transistor (SFET), which not only improve the capabilities of electronic devices, but develop new functionalities. For electrodes of spin injection and detection in SFET device, half metallic Fe3O4 is an attractive candidate because its high Curie temperature of 858 K, large spin polarization near 100% at the Fermi level and relatively high electronic conductivity at room temperature, which is believed to benefit the injection of spin carriers into the semiconductors. For ferromagnetic metal(FM)/Semiconductor system, Fe3O4/GaAs is a very promising system for the fabrication of magnetoelectronic devices due to the Schottky contact of the Fe3O4/GaAs interface, which is crucial for studying the behaviors of spin dependent transportation for the devices. It is reported that in a FM/I/NM/I/FM double tunnel junction, where NM is the normal metal, and I the insulating barrier, theories predicted an oscillation of the tunneling magnetoresistance (TMR) effect as a function of the NM layer thickness because the spin polarization of the tunneling electron oscillates as a result of the resonant tunneling. Furthermore, Quantum oscillation of spin polarization in GaAs channel was experimentally demonstrated. In this paper, we have presented a theoretical approach to the tunneling conductance and TMR in a Fe3O4/GaAs/Fe3O4 magnetic double tunnel junction with both ballistic and diffusive components.

Keywords: III-V semiconductors; gallium arsenide; interface magnetism; iron compounds; oscillations; spin polarised transport; tunnelling magnetoresistance; Curie temperature; Fe3O4-GaAs-Fe3O4; Fermi level; GaAs channel; Schottky contact; ballistic component; detection electrode; diffusive component; electronic conductivity ;ferromagnetic metal-semiconductor system; insulating barrier; magnetic double tunnel junction; magnetic materials; magnetoelectronic device fabrication; quantum oscillation; resonant tunneling; semiconductor devices; spin carrier injection; spin dependent transportation; spin field effect transistor device; spin injection electrode; spin polarization; spintronics; tunneling conductance; tunneling electron; tunneling magnetoresistance effect oscillation; Frequency modulation; Gallium arsenide; Junctions; Magnetoelectronics; Oscillators; Tunneling magnetoresistance (ID#: 15-7917)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7156969&isnumber=7156490

Gustavsen, B.; Runde, M.; Ohnstad, T.M., "Wideband Modeling, Field Measurement, and Simulation of a 420-kV Variable Shunt Reactor," in Power Delivery, IEEE Transactions on, vol. 30, no. 3, pp. 1594-1601, June 2015. doi: 10.1109/TPWRD.2014.2375556

Abstract: A 420-kV gapped-core five-legged variable shunt reactor is modeled in the frequency range 5 Hz-10 MHz based on frequency sweep measurements and curve fitting using rational functions. Comparison with time-domain measurements at reduced voltage shows that the model can accurately predict the transient behavior of the shunt reactor, both for impinging overvoltages and circuit-breaker transient recovery voltages. Among the observations is that mutual coupling between the phases leads to a beat phenomenon in the reactor voltage following disconnection. Representing the shunt reactor by an LC parallel circuit leads to unrealistic results for steep-fronted incoming waves and high-frequency oscillating overvoltages, and for the attenuation of the transient recovery voltage following disconnection.

Keywords: curve fitting; frequency measurement; overvoltage protection; rational functions; transients; circuit-breaker transient recovery voltages; curve fitting; field measurement; frequency sweep measurements; oscillating overvoltages; rational functions; transient behavior; variable shunt reactor; voltage 420 kV; wideband modeling; Current measurement; Frequency measurement; Inductors; Integrated circuit modeling; Shunts (electrical);Transient analysis; Voltage measurement; Black-box model; Electromagnetic Transients Program (EMTP); frequency dependency; simulation; transient recovery voltage; transients; variable shunt reactor (ID#: 15-7918)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6977937&isnumber=7110680

Li, J.X.; Jia, M.W.; Sun, L.; Ding, Z.; Chen, B.L.; Wu, Y.Z., "Oscillatory Anisotropic Magnetoresistance Arising From Quantum Well States in Au/Fe(001) Bilayers," in Magnetics Letters, IEEE, vol. 6, pp.1-4, 2015. doi: 10.1109/LMAG.2015.2444831

Abstract: The anisotropic magnetoresistance (AMR) in epitaxial Au/Fe(001) bilayers grown on MgO(001) substrate was systematically studied as a function of Au thickness over the temperature range 6300K. The AMR oscillates with a period of about 1.8 nm in Au thickness at low temperatures and also oscillates at certain higher temperatures. Such novel oscillatory AMR behavior is attributed to quantum well states in Au ultrathin films.

Keywords: enhanced magnetoresistance; gold; iron; magnetic multilayers; quantum wells; Au-Fe; bilayers; oscillatory AMR behavior; oscillatory anisotropic magnetoresistance; quantum well states; temperature 6 K to 300 K; Films; Gold; Iron; Oscillators; Perpendicular magnetic anisotropy; Substrates; Magnetic and Spintronic Materials; Magnetic films; Magneto-Electronics; Magneto-electronics; Magnetoresistance; Spin Electronics; Thin films; magnetic and spintronic materials; magnetic films; magnetoresistance; spin electronics; thin films (ID#: 15-7919)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7122913&isnumber=7029255

Taucer, M.; Karim, F.; Walus, K.; Wolkow, R.A., "Consequences of Many-Cell Correlations in Clocked Quantum-Dot Cellular Automata," in Nanotechnology, IEEE Transactions on, vol. 14, no. 4, pp. 638-647, July 2015. doi: 10.1109/TNANO.2015.2426058

Abstract: Quantum-dot cellular automata (QCA) provides a basis for classical computation without transistors. Many simulations of QCA rely upon the so-called intercellular Hartree approximation (ICHA), which neglects the possibility of entanglement between cells. The ICHA was originally proposed as a solution to the problem of exponential scaling in the computational cost of fully quantum mechanical treatments. However, in some cases, the ICHA predicted errors in QCA operation, and quantum correlations were required for circuits to operate correctly. While quantum correlations can remedy certain problems that present themselves in ICHA calculations, here we present simulations that show that quantum correlations may in fact be problematic in other situations, such as clocked QCA. Small groups of QCA cells are modelled with a Hamiltonian analogous to a quantum mechanical Ising-like spin chain in a transverse field, including the effects of intercellular entanglement completely. When energy relaxation is included in the model, we find that intercellular entanglement changes the qualitative behavior of the system, and new features appear. In clocked QCA, isolated groups of active cells have a tendency to oscillate between polarization states as information propagates. Additionally, energy relaxation tends to bring groups of cells to an unpolarized steady state. This contrasts with the results of previous simulations, which employed the ICHA. The ICHA may in fact be a good approximation in the limit of very low tunneling rates, which can be realized in lithographically defined quantum dots. However, in molecular and atomic implementations of QCA, entanglement will play a greater role. The degree to which intercellular correlations pose a problem for memory, and clocking depends upon implementation-specific details of the interaction of the system with its environment, as well as the system's internal dynamics.

Keywords: Ising model; SCF calculations; cellular automata; quantum computing; quantum dots; quantum entanglement; spin systems; Hamiltonian model; clocked quantum-dot cellular automata; energy relaxation; exponential scaling; intercellular Hartree approximation; intercellular entanglement; internal dynamics; many-cell correlations; polarization states; quantum computation; quantum correlations; quantum mechanical Ising-like spin chain; transverse field; tunneling rates; Approximation methods; Clocks; Correlation; Mathematical model; Quantum dots; Quantum mechanics; Steady-state; Nanoscale Devices; Nanoscale devices; Quantum Cellular Automata; Quantum Dots; quantum cellular automata; quantum dots (ID#: 15-7920)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7098406&isnumber=7151757

Teixeira, F.P.P.; Shanahan, M., "Local and Global Criticality within Oscillating Networks of Spiking Neurons," in Neural Networks (IJCNN), 2015 International Joint Conference on, pp. 1-7, 12-17 July 2015. doi: 10.1109/IJCNN.2015.7280561

Abstract: Neuronal avalanches are a local cortical phenomenon characterised by bursts of activity bracketed by periods of quiescence. It has been shown both in vivo and in vitro that these avalanches exhibit features of systems within a critical state. Locally critical system's avalanches conform to power law-like distributions. Globally these systems consist of modules exhibiting long-range temporal correlations identifiable via Detrended Fluctuation Analysis (DFA). Using an eight module oscillatory spiking neural network we analyse the correlation between these local and global criticality markers. Our findings demonstrate that locally critical modules promote long-range temporal correlations. Furthermore, when local modules are no longer critical we find that modules become uncorrelated or noisy. This suggests a strong link between local and global critical behaviour.

Keywords: correlation theory; graph theory;network theory (graphs); neural nets; statistical distributions; stochastic processes; DFA; criticality marker; detrended fluctuation analysis; network oscillation; neuronal avalanche; power law-like distribution; spiking neural network; temporal correlation (ID#: 15-7921)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7280561&isnumber=7280295

---

Note:

Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to news@scienceofsecurity.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.

---

Radio Frequency Identification (RFIDs) 2015

	Radio Frequency Identification (RFIDs) 2015

Radio frequency identification (RFID) has become a ubiquitous identification system used to provide positive identification for items as diverse as cheese and pets. Research into RFID technologies continues and the security of RFID tags is being increasingly questioned. The papers presented here start with countermeasures and proceed to area coverage, mobility, reliability, antennas, and tag localization. The work is related to Science of Security issues for resiliency and human behaviors. This work was presented in 2015.

---

Benssalah, M.; Djeddou, M.; Drouiche, K., "Pseudo-Random Sequence Generator Based on Random Selection of an Elliptic Curve," in Computer, Information and Telecommunication Systems (CITS), 2015 International Conference on, pp. 1-5, 15-17 July 2015. doi: 10.1109/CITS.2015.7297719

Abstract: Pseudo-random numbers generators (PRNG) are one of the main security tools in Radio Frequency IDentification (RFID) technology. Thus, a weak internal embedded generator can directly cause the entire application to be insecure and it makes no sense to employ robust protocols for the security issue. In this paper, we propose a new PRNG constructed by randomly selecting points from two elliptic curves, suitable for ECC based applications. The main contribution of this work is the increasing of the generator internal states by extending the set of its output realizations to two curves randomly selected. The main advantages of this PRNG in comparison to previous works are the large periodicity, a better distribution of the generated sequences and a high security level based on the elliptic curve discrete logarithm problem (ECDLP). Further, the proposed PRNG has passed the different Special Publication 800-22 NIST statistical test suite. Moreover, the proposed PRNG presents a scalable architecture in term of security level and periodicity at the expense of increasing the computation complexity. Thus, it can be adapted for ECC based cryptosystems such as RFID tags and sensors networks and other applications like computer physic simulations, and control coding.

Keywords: computational complexity; cryptographic protocols; public key cryptography; radiofrequency identification; random number generation; statistical analysis; ECC based cryptosystem; ECDLP; PRNG; RFID technology; computation complexity; elliptic curve discrete logarithm problem; embedded generator; pseudo-random sequence generator; radio frequency identification technology; random selection; robust protocols; security tools; sensors networks; special publication 800-22 NIST statistical test; Complexity theory; Elliptic curve cryptography; Elliptic curves; Generators; Space exploration; Cryptosystem; ECC; PRNG; RFID (ID#: 15-7883)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7297719&isnumber=7297712

Cavdar, D.; Tomur, E., "A Practical NFC Relay Attack on Mobile Devices using Card Emulation Mode," in Information and Communication Technology, Electronics and Microelectronics (MIPRO), 2015 38th International Convention on, pp. 1308-1312, 25-29 May 2015. doi: 10.1109/MIPRO.2015.7160477

Abstract: In this study, a practical card-emulated relay attack is implemented on Near Field Communication (NFC) equipped mobile devices. NFC is a promising communication technology which is also used in smart mobile devices. As an effective and flexible communication technology, NFC is frequently used in innovative solutions nowadays such as payments, access control etc. Because of the nature of these transactions, security is a critical issue that should be considered in system design and development phases. Although inherited from Radio Frequency Identification (RFID) technology, NFC security needs, requirements and solutions differ in terms of its usage areas and solutions. Based on these parameters, security precautions in communication layer of RFID technology do not prevent relay attacks occurred in the application layer NFC solutions. This study is conducted to prove relay attack practicability with using only mobile phones for relaying credentials instead of RFID based smart cards in an access control application. The Host Card Emulation (HCE) mode also eases relay attacks in NFC communication. The study explains the conceptual description of proposed relay attack, development and operating logic of mobile applications working based on card emulation mode and server software and also data communication basics between modules and web services descriptions.

Keywords: mobile communication; near-field communication; radiofrequency identification; relay networks (telecommunication);HCE mode; NFC relay attack; NFC security; RFID technology; Web services descriptions; access control application; card emulated relay attack; card emulation mode; communication layer; communication technology; data communication; flexible communication technology; host card emulation; mobile applications; near field communication; radio frequency identification technology; relay attacks; security precautions; server software; smart cards; smart mobile devices; Access control; Emulation; Mobile handsets; Radiofrequency identification; Relays; Smart cards; Card Emulation; Mobile; NFC; Relay Attack (ID#: 15-7884)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7160477&isnumber=7160221

Taekyung Kim; Chenglong Shao; Wonjun Lee, "Promptly Pinpointing Mobile RFID tags for Large-scale Internet-of-Things," in Big Data and Smart Computing (BigComp), 2015 International Conference on, pp. 118-123, 9-11 Feb. 2015. doi: 10.1109/35021BIGCOMP.2015.7072820

Abstract: In recent years, RFID has increasingly been found in our daily life with various applications such as Internet of Things (IoT) and wireless sensor networks. However, considering a large-scale RFID system, collisions occur when multiple tags transmit signals to RFID reader simultaneously, thereby we observe significant degradation of the efficiency of these applications. Besides, in practice, since tags may move into or out of the transmission range of an RFID reader, three different types of tags coexist: dwelling tags, arriving tags, and leaving tags. In this context, it is necessary to design a novel anti-collision protocol which can distinguish them to achieve efficient tag identification. Nevertheless, we observe that existing protocols fail in fully utilizing the differences of the three types of tags. Therefore, this paper proposes a novel protocol, Durable Tree Slotted ALOHA-based protocol (DTSA), to further improve the efficiency obtained in the literature. In general, DTSA distinguishes the three types of tags based on the obtained information from the last identification process. Moreover, DTSA promptly resolves the collisions for the arriving tags and identifies the dwelling tags one-by-one without any collisions. Evaluation results justify that DTSA is more efficient than state-of-the-art protocols.

Keywords: Internet of Things; access protocols; mobile radio; radiofrequency identification; telecommunication congestion control; trees (mathematics);DTSA protocol; anticollision protocol; arriving tags; durable tree slotted ALOHA protocol; dwelling tag identification; large-scale Internet of Things; leaving tags; promptly pinpointing mobile RFID tag reader; radio frequency identification; Algorithm design and analysis; Binary trees; Context; Mobile communication; Protocols; Radiation detectors; Radiofrequency identification; Internet of Things (IoT);algorithm; mobile RFID (ID#: 15-7885)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7072820&isnumber=7072806

Kodym, O.; Benes, F.; Svub, J., "EPC application framework in the context of Internet of Things," in Carpathian Control Conference (ICCC), 2015 16th International,., pp. 214-219, 27-30 May 2015. doi: 10.1109/CarpathianCC.2015.7145076

Abstract: Internet of Things philosophy implementation in conditions of the existing communication networks requires new types of services and interoperability. Once of the desired innovations is communication between existing IP world and the new generation network. Not just networks of smart devices that may not always have IP connectivity, but also other RFID-labeled objects and sensors. Fulfilling the need for high-quality applications for further more specific parameters of these objects internet of things, as may be location, serial number, distinctive and unique characters/connections, can add a proper extension of the existing network and system infrastructure with new information and naming service. Their purpose is not only to assign a unique identifier to the object, but also allow users to new services use other information associated with the selected object. The technology that enables the data processing, filtering and storage is defined in the Electronic Product Code Application Framework (EPCAF) as RFID middleware and EPCIS. One of the implementations of these standards is the Open Source solution Fosstrak. We experimented with Fosstrak system that was developed on Massachusetts Institute of Technology (MIT) by an academic initiative but nowadays we are going to prove its benefits in the context of business environment. The project is aimed also on connection and linking between systems of the EPCIS class made by the ONS systems.

Keywords: IP networks; Internet of Things; filtering theory; middleware; open systems; product codes; radiofrequency identification; storage management; EPC application framework; EPCAF; EPCIS class; Fosstrak system; IP connectivity; IP world; Internet of Things; MIT; Massachusetts Institute of Technology; ONS system; RFID middleware; RFID-labeled object; academic initiative; business environment; communication network; data processing; electronic product code application framework; filtering; high-quality application; information service; interoperability; naming service; new generation network; open source solution Fosstrak; smart device; storage; system infrastructure; Artificial neural networks; IP networks; Interoperability; Product codes; Standards; Technological innovation;Testing;Fosstrak;IPv6;IoT (Internet of Things);ONS (Object name services); RFID security (ID#: 15-7886)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7145076&isnumber=7145033

Tao Zhang; Wenye Meng; Hongwei Wang; Hongyan Wang; Wei Wu; Hongxi Wei, "An Indoor Human Action Recognition Method Based on Spatial Location Information," in Control and Decision Conference (CCDC), 2015 27th Chinese, pp. 5963-5967, 23-25 May 2015. doi: 10.1109/CCDC.2015.7161878

Abstract: In indoor environments, identifying human actions is of great importance for various context-aware applications, such as smart home, smart healthcare, habitat monitoring, and so on. As a result, abundant methods and systems have been developed to recognize human actions by using different types of information, e.g., static images, surveillance videos, signals of inertial sensors, and etc. Different from existing works, this paper deals with the problem by making use of spatial location information of three different parts of a human body, which are derived via three UWB-RFID tags and a Ubisense UWB positioning system, and further implements a classification system based on a backpropagation (BP) neural network model to predict six ordinary human actions (i.e., stand, walk, run, lay down, squat, and jump). This model is trained based on a practical experiment. An experimental analysis based on the method of 5-fold cross validation reveals that the classification accuracy is nearly 80%, indicating that the proposed system is efficient.

Keywords: backpropagation; image classification; neural nets; ubiquitous computing; 5-fold cross validation; BP neural network model; UWB-RFID tags; Ubisense UWB positioning system; backpropagation neural network model; classification system; context-aware applications; habitat monitoring; human action identification; indoor environments; indoor human action recognition method; smart healthcare; smart home; spatial location information; Accuracy; Artificial neural networks; Feature extraction; Mathematical model; Sensors; Smart homes; Training; Back Propagation Neural Network; Human Action Recognition; UWB-RFID (ID#: 15-7887)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7161878&isnumber=7161655

Akkaya, K.; Guvenc, I.; Aygun, R.; Pala, N.; Kadri, A., "IoT-Based Occupancy Monitoring Techniques for Energy-Efficient Smart Buildings," in Wireless Communications and Networking Conference Workshops (WCNCW), 2015 IEEE, pp. 58-63, 9-12 March 2015. doi: 10.1109/WCNCW.2015.7122529

Abstract: With the proliferation of Internet of Things (IoT) devices such as smartphones, sensors, cameras, and RFIDs, it is possible to collect massive amount of data for localization and tracking of people within commercial buildings. Enabled by such occupancy monitoring capabilities, there are extensive opportunities for improving the energy consumption of buildings via smart HVAC control. In this respect, the major challenges we envision are 1) to achieve occupancy monitoring in a minimally intrusive way, e.g., using the existing infrastructure in the buildings and not requiring installation of any apps in the users' smart devices, and 2) to develop effective data fusion techniques for improving occupancy monitoring accuracy using a multitude of sources. This paper surveys the existing works on occupancy monitoring and multi-modal data fusion techniques for smart commercial buildings. The goal is to lay down a framework for future research to exploit the spatio-temporal data obtained from one or more of various IoT devices such as temperature sensors, surveillance cameras, and RFID tags that may be already in use in the buildings. A comparative analysis of existing approaches and future predictions for research challenges are also provided.

Keywords: HVAC; Internet of Things; building management systems; energy consumption; radiofrequency identification; sensor fusion; smart phones; Internet of Things; IoT devices; IoT-based occupancy monitoring techniques; RFID tags; cameras; commercial buildings; data fusion techniques; energy consumption; energy-efficient smart buildings; multimodal data fusion techniques; proliferation; sensors; smart HVAC control; smart commercial buildings; smartphones; spatio-temporal data; surveillance cameras; Accuracy; Buildings; Cameras; Data integration; IEEE 802.11 Standards; Monitoring; Sensors; Big data; HVAC; Markov chain; WLAN; WiFi; data fusion; data mining; energy efficiency; hidden Markov model (HMM);localization; occupancy monitoring; position estimation; positioning; wireless location estimation}, (ID#: 15-7888)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7122529&isnumber=7122513

Tountas, K.; Alevizos, P.N.; Tzedaki, A.; Bletsas, A., "Bistatic Architecture Provides Extended Coverage and System Reliability in Scatter Sensor Networks," in RFID Technology (EURFID), 2015 International EURASIP Workshop on, pp. 144-151, 22-23 Oct. 2015. doi: 10.1109/EURFID.2015.7332400

Abstract: Scatter radio is a promising enabling technology for ultra-low power consumption and low monetary cost, largescale wireless sensor networks. The two most prominent scatter radio architectures, namely the monostatic and the bistatic, are compared. Comparison metrics include bit error probability under maximum-likelihood detection for the single-user case and outage probability for the multi-user case (including tight bounds). This work concretely shows that the bistatic architecture improves coverage and system reliability. Utilizing this fact, a bistatic, digital scatter radio sensor network, perhaps the first of its kind, using frequency-shift keying (FSK) modulation and access, is implemented and demonstrated.

Keywords: Conferences; Frequency division multiplexing; Frequency shift keying; Radiofrequency identification; Receivers; Topology; Wireless sensor networks (ID#: 15-7889)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7332400&isnumber=7332373

Kypus, L.; Vojtech, L.; Hrad, J., "Security of ONS Service for Applications of the Internet of Things and Their Pilot Implementation in Academic Network," in Carpathian Control Conference (ICCC), 2015 16th International, pp. 271-276, 27-30 May 2015. doi: 10.1109/CarpathianCC.2015.7145087

Abstract: The aim of the Object name services (ONS) project was to find a robust and stable way of automated communication to utilize name and directory services to support radio-frequency identification (RFID) ecosystem, mainly in the way that can leverage open source and standardized services and capability to be secured. All this work contributed to the new RFID services and Internet of Things (IoT) heterogeneous environments capabilities presentation. There is an increasing demand of transferred data volumes associated with each and every IP or non-IP discoverable objects. For example RFID tagged objects and sensors, as well as the need to bridge remaining communication compatibility issues between these two independent worlds. RFID and IoT ecosystems require sensitive implementation of security approaches and methods. There are still significant risks associated with their operations due to the content nature. One of the reasons of past failures could be lack of security as the integral part of design of each particular product, which is supposed to build ONS systems. Although we focused mainly on the availability and confidentiality concerns in this paper, there are still some remaining areas to be researched. We tried to identify the hardening impact by metrics evaluating operational status, resiliency, responsiveness and performance of managed ONS solution design. Design of redundant and hardened testing environment under tests brought us the visibility into the assurance of the internal communication security and showed behavior under the load of the components in such complex information service, with respect to an overall quality of the delivered ONS service.

Keywords: Internet of Things; radiofrequency identification; telecommunication security; Internet of Things; ONS service; RFID; academic network; object name services; radio-frequency identification; Operating systems; Protocols; Radiofrequency identification; Security; Servers; Standards; Virtual private networks;IPv6;Internet of Things; ONS; RFID; security hardening (ID#: 15-7890)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7145087&isnumber=7145033

Jian Shen; Haowen Tan; Shaohua Chang; Yongjun Ren; Qi Liu, "A Lightweight and Practical RFID Grouping Authentication Protocol in Multiple-Tag Arrangements," in Advanced Communication Technology (ICACT), 2015 17th International Conference on, pp. 681-686, 1-3 July 2015. doi: 10.1109/ICACT.2015.7224882

Abstract: Radio Frequency Identification (RFID) is a potential technology with the purpose of replacing the barcodes. The authentication towards multiple tags and tag groups has become the research hotspot considering of practical prospects of low-cost RFID tags. However, there are many concerns about the security risks and privacy issues due to the lightweight authentication property of the RFID tags. Many researches achievements have been made focusing on the existence of single tag in an object, while the arrangement that multiple tags attached to one object is out of consideration. In this paper, we propose a lightweight and practical RFID grouping authentication protocol in multiple-tag arrangement. In our assumption, one object to be authenticated is attached with a group of RFID tags. The backend process system (BPS) is able to take full control of the entire authentication process. The feedback towards various cases of the RFID tags is timely provided, which is available for practical situations. Additionally, the accurate position and status of the object can be ascertained with a number of tags combined with the object. Moreover, the protocol is proved to offer enough security assurances and have resistance to various attacks under the security analysis. The regular operation of RFID system will not be affected or damaged by the incidents occurred during the authentication process.

Keywords: cryptographic protocols; radiofrequency identification; telecommunication control; telecommunication security; BPS;RFID grouping authentication protocol; RFID system; RFID tags; authentication process; backend process system; barcodes; lightweight authentication property; radio frequency identification; security analysis; security assurances; security risks; Authentication; Information science; Protocols; RFID tags; Resistance; RFID; grouping authentication; lightweight; multiple tag; security (ID#: 15-7891)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7224882&isnumber=7224736

Navarro, W.; Ternera, Y.; Velez, J.C.; Candelo, J.E., "RFID System on Electrical Substation Equipment," in Environment and Electrical Engineering (EEEIC), 2015 IEEE 15th International Conference on, pp.15-20, 10-13 June 2015. doi: 10.1109/EEEIC.2015.7165177

Abstract: Monitoring, controlling and identification processes of electrical equipment are logistical tasks that require to be automated. Some electrical substations use barcodes for identification. However, environmental factors make difficult to read this information. The use of Radio Frequency Identification (RFID) is a better option to automate this process in electrical substations. However, RFID UHF systems present problems when they are implemented over metal surfaces. This paper presents experiments of testing RFID systems for an electrical indoor substation, to determine the scope of implementing RFID technology on electrical equipment. Experimental results revealed that RFID UHF passive systems may be used on metal surfaces and electrical equipment. Nonetheless, system performance decreases when RFID tags are located on metal surfaces and sometimes, the reader does not detect RFID tags, even when they are within the coverage area.

Keywords: RSSI; radiofrequency identification; substation automation; RFID UHF passive system; RFID UHF systems; RFID tags; electrical indoor substation; electrical substation equipment; metal surface; radio frequency identification; Metals; Power transformers; RFID tags; Substations; Switchgear; Uninterruptible power systems; Electrical Substation; RFID System; Read Range; Read Rate; Received Signal Strength Indicator; UHF Ultra-High Frequency (ID#: 15-7892)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7165177&isnumber=7165173

Vojtech, L.; Nerada, M.; Hrad, J.; Bortel, R., "Outdoor Localization Technique using Active RFID Technology Aimed for Security and Disaster Management Applications," in Carpathian Control Conference (ICCC), 2015 16th International, pp. 586-589, 27-30 May 2015. doi: 10.1109/CarpathianCC.2015.7145148

Abstract: With the implementation of the principle of the Internet of Things raises demands for new services as well as technical requirements that enable their implementation. One of the fields is the localization of wounded in mass disasters. Currently, the identification is performed by paper / plastic triage tags, which are used to label wounded victim at first contact with rescue unit based on the state of the causality. Automatic identification using active RFID technology is in such a case a solution which permits remote technically sophisticated surveillance of the situation. It is advantageous to use active RFID tags as a low-power transmitter, which is an immense advantage comparison with GPS technology. Lifetime of such tag can be several months. Managed active RFID tags can localize wounded objects within the range of a few hundred meters in free space and indicate the degree of severity of the injury of individual causalities. RFID readers, i.e. locators placed in that area, evaluate the direction of arrival of each tag and transmit obtained information to the computer system, which calculates the position of each RFID tag using sophisticated signal processing methods. This information can be displayed in a specific map including classification of tags, their movement or history. This paper focuses on the testing and experimental verification of such a system. The results of the experiment verify the concept of an RFID locator with achieved accuracy of 2.1 m in the area of 100 x 100 m.

Keywords: Internet of Things; disasters; radiofrequency identification; signal processing; GPS; Internet of Things; RFID; computer system; disaster management; outdoor localization technique; signal processing; size 100 m; Computers; Current measurement; Global Positioning System; Measurement uncertainty; RFID tags; Active tags; Internet of Things; Localization; RFID technology; Signal processing (ID#: 15-7893)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7145148&isnumber=7145033

Wenyu Yang; Die Wu; Hussain, M.J.; Li Lu, "Wireless Firmware Execution Control in Computational RFID Systems," in RFID (RFID), 2015 IEEE International Conference on, pp. 129-136, 15-17 April 2015

doi: 10.1109/RFID.2015.7113083

Abstract: Current Computational RFID Tags (CRFIDs) are pre-programmed with only a single firmware instance in their flash memories for runtime operation where the functionality of CRFID is pre-determined by the firmware at the time of programming. As a result, the current CRFIDs require wired interface to re-program a new firmware which strictly limits their use to easy-to-reach places. We address this issue by remotely changing the behavior of CRFIDs by switching their firmware through commercial RFID reader and the EPC protocol, without demanding any hardware upgrades to CRFID tags or modification to EPC standard. We articulate the design, implementation and evaluation of FirmSwitch - a wireless scheme that equips CRFIDs with the capability of switching their firmware during runtime. This is achieved by wirelessly passing the encoded switching parameters to CRFID tag through RFID reader which leverages the tag to switch among firmwares and execute them for intended cycles. We further employ the schemes of pre-defined EPC and pre-calculated CRC for computational liberty and energy efficiency. For concept validation, we develop a User Interface to switch between four firmwares and extensively test our scheme. The results show that FirmSwitch offers a minimal energy overhead of 11.5nJ to 2.037mJ, and incurs a switching delay of 7.8 to 1498 msec. As overall, our system achieves a success rate of 87% for an interrogation range of 0.5 meter.

Keywords: firmware; flash memories; protocols; radiofrequency identification; CRFIDs; EPC protocol; FirmSwitch evaluation; commercial RFID reader; computational RFID systems; computational liberty; current computational RFID tags; encoded switching parameters; energy efficiency; firmware; flash memories; intended cycles; runtime operation; single firmware; user interface; wired interface; wireless firmware execution control; Ash; Decoding; Microprogramming; Protocols; Radiofrequency identification; Switches; User interfaces; Computational RFID; EPC; Execution Flexibility; Firmware Execution (ID#: 15-7894)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7113083&isnumber=7113062

Kannouf, Nabil; Douzi, Youssef; Benabdellah, Mohamed; Azizi, Abdelmalek, "Security on RFID Technology," in Cloud Technologies and Applications (CloudTech), 2015 International Conference on, pp. 1-5, 2-4 June 2015. doi: 10.1109/CloudTech.2015.7336997

Abstract: RFID (Radio Frequency Identification) systems are emerging as one of the most pervasive computing technologies in history due to their low cost and their broad applicability. Latest technologies have brought costs down and standards are being developed. Actually, RFID is mostly used as a medium for numerous tasks including managing supply chains, tracking livestock, preventing counterfeiting, controlling building access, and supporting automated checkout. The use of RFID is limited by security concerns and delays in standardization. This paper presents some research done on RFID, the RFID applications and RFID data security.

Keywords: Noise measurement; RFID; RFID Technology; Security on RFID (ID#: 15-7895)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7336997&isnumber=7336956

Yongming Jin; Hongsong Zhu; Zhiqiang Shi; Xiang Lu; Limin Sun, "Cryptanalysis and Improvement of Two RFID-OT Protocols Based on Quadratic Residues," in Communications (ICC), 2015 IEEE International Conference on, pp. 7234-7239, 8-12 June 2015. doi: 10.1109/ICC.2015.7249481

Abstract: The ownership transfer of RFID tag means a tagged product changes control over the supply chain. Recently, Doss et al. proposed two secure RFID tag ownership transfer (RFID-OT) protocols based on quadratic residues. However, we find that they are vulnerable to the desynchronization attack. The attack is probabilistic. As the parameters in the protocols are adopted, the successful probability is 93.75%. We also show that the use of the pseudonym of the tag h(TID) and the new secret key KTID are not feasible. In order to solve these problems, we propose the improved schemes. Security analysis shows that the new protocols can resist in the desynchronization attack and other attacks. By optimizing the performance of the new protocols, it is more practical and feasible in the large-scale deployment of RFID tags.

Keywords: cryptographic protocols; probability; radiofrequency identification; supply chains; RFID-OT protocol improvement; cryptanalysis; desynchronization attack; probability; quadratic residue; radio frequency identification; secure RFID tag ownership transfer protocol; security analysis; supply chain; Cryptography; Information systems; Privacy; Protocols; Radiofrequency identification; Servers; Ownership Transfer; Protocol; Quadratic Residues; RFID; Security (ID#: 15-7896)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7249481&isnumber=7248285

Susu Guo; Zijing Zhou; Jianming Li; Qiao Xiang; Zhonghua Li, "Applications of Soft Computing in RFID System: A Review," in Control and Decision Conference (CCDC), 2015 27th Chinese, pp. 1237-1242, 23-25 May 2015. doi: 10.1109/CCDC.2015.7162107

Abstract: RFID technology is one of the major core competencies for Internet of Things (IOT). Organizational strategies focus on improving the management efficiency as well as reducing the operational cost to maintain profit margins. Therefore, the performance of RFID systems has attracted researchers' attention. A variety of soft computing techniques have been employed to improve effectiveness and efficiency in various aspects of RFID systems. Meanwhile, an increasing number of papers have been published to address related issues. The aim of this paper is to summarize the findings by a systematic review of existing research papers concerning the application of soft computing techniques to RFID technology.

Keywords: Internet of Things; neural nets; radiofrequency identification; telecommunication computing; telecommunication network management; IOT; Internet of Things; RFID system; RFID technology; operational cost; organizational strategies; soft computing applications; soft computing techniques; Artificial neural networks; Data processing; Fuzzy logic; Helical antennas; Planning; Radiofrequency identification; Internet of Thing; RFID; Soft Computing Technique (ID#: 15-7897)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7162107&isnumber=7161655

Broz, I.; Bako, N.; Butkovic, Z.; Baric, A., "RFID UHF Protocol Implementation in Distributed Sensor Networks," in Information and Communication Technology, Electronics and Microelectronics (MIPRO), 2015 38th International Convention on, pp. 68-73, 25-29 May 2015. doi: 10.1109/MIPRO.2015.7160240

Abstract: In today's market significant segment is taken by the applications using sensors to track physical events in the surrounding environment. Market raise is particularly related to the distributed sensor networks based on the wireless communications (like Internet of Things IoT devices). One of the hardest challenges in this field is associated with the power supply requirements. Battery operated electronics is limited by the battery capacity and battery lifetime. This paper proposes solution based on the RFID EPC-Gen2-protocol-based readers supplying power to the sensor nodes, consisting of the microelectronic circuit and the associated sensor. Besides the power, RFID protocol provides means of wireless communication, without the need for the battery supply on the sensor node side. Analogue circuits for receiving and demodulating RF ASK modulated signal from the reader, and transmitting back the signal to the reader using backscattering technique, are presented. Subset of the command protocol is implemented to support data communication including sensor identification through the unique ID code and sensor reading in the form of the digital word provided by the on-chip ADC. RTL description for digital control is developed in VHDL and synthesized. The prototype is processed in UMC Mixed-Mode/RF 180 nm technology.

Keywords: amplitude shift keying; data communication; demodulation; integrated circuits; protocols; radiofrequency identification; wireless sensor networks; RF ASK modulated signal demodulation; RFID EPC-Gen2 protocol reader; RFID UHF protocol implementation; RTL description; UMC mixed-mode RF technology; VHDL; backscattering technique; battery capacity; battery lifetime; battery operated electronics; command protocol; data communication; digital control; distributed sensor network; microelectronic circuit; on-chip ADC; power supply requirements; sensor identification; wireless communication; Batteries; Digital control; Envelope detectors; Protocols; RF signals; Radio frequency; Radiofrequency identification (ID#: 15-7898)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7160240&isnumber=7160221

Bag, J.; Sarkar, S.K., "VLSI Implementation of a Key Distribution Server Based Data Security Scheme for RFID System," in Advanced Computing & Communication Technologies (ACCT), 2015 Fifth International Conference on, pp. 581-585, 21-22 Feb. 2015. doi: 10.1109/ACCT.2015.55

Abstract: RFID Technology is now a globally accepted technology which is rapidly emerging in every field of science and applications. It's excellent feature of very fast auto-identification without line of sight has made it popular in different areas of wire-less communication based system. But, during data transmission/exchange, security of personal or confidential data, it exposes serious threats to the security and privacy of individuals and organizations. Data security for RFID technology is now a mandatory condition to be provided by the manufacturer for better customer support and services. In this paper, we have proposed a security scheme which introduces a trusted Key management system. In this system, not a single key but several keys will be maintained, controlled and provided by the Key distribution server system (KDSS). It will be extremely useful for military persons in remote places where it is useful to identify specific item or guide to right route. Data will be encrypted using different programmable cellular automata (PCA) rules which is also provided with the key by the server. The system processor has been implemented up to RTL schematic level using Xilinx ISE14.3 simulation tool and virtex-7 FPGA board for real time verification of its functionality.

Keywords: VLSI; cellular automata; public key cryptography; radiofrequency identification; telecommunication security; KDSS; PCA rules; RFID system; VLSI; Virtex-7 FPGA board; Xilinx ISE14.3 simulation tool; confidential data security; data transmission-exchange; key distribution server based data security scheme; key distribution server system; personal security; programmable cellular automata; trusted key management system; wireless communication based system; Automata; Cryptography; Principal component analysis; Radiofrequency identification; Servers; Data security; FPGA; KDSS; PCA rules; RFID technology; VLSI (ID#: 15-7899)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7079149&isnumber=7079031

Mai, Anchan; Wei, Zongtian; Gao, Mengji, "An Access Control and Positioning Security Management System Based on RFID," in Intelligent Human-Machine Systems and Cybernetics (IHMSC), 2015 7th International Conference on, vol. 2, pp. 537-540, 26-27 Aug. 2015. doi: 10.1109/IHMSC.2015.227

Abstract: According to the need from the security and monitoring management, the paper proposes a new type of access control and positioning security management system based on RFID techniques. Combining with non-barrier access control subsystem and regional positioning subsystem, the system uses a small amount of passive and active RFID devices and monitoring management subsystem to make up the complex area of internal security management loopholes. In addition, an improved RF packet loss rate localization algorithm is presented to trace the exact location of the crews. The application result shows that the system can realize personnel identify, personnel fixed position and personnel track record etc., the system runs stability with a low fail rate and a quickly warned response.

Keywords: Access control; Base stations; Monitoring; Personnel; Radiofrequency identification; Access Control; Positioning Location; RFID; Security Monitoring (ID#: 15-7900)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7335030&isnumber=7334774

Chuang Wang; Pingyu Jiang, "The Approach of Hybrid Data on Tag in Decentralized Control System," in Cyber Technology in Automation, Control, and Intelligent Systems (CYBER), 2015 IEEE International Conference on, pp. 799-802, 8-12 June 2015. doi: 10.1109/CYBER.2015.7288045

Abstract: The study of Radio Frequency Identification (RFID) is concentrating on saving object related data in networks, called "data-on-network". This approach, however, cannot adapt to some manufacturing scenarios, especially which require rapid response and process flexibility. Another alternative approach is to save the data on the tag which is attached to the object, called "data-on-tag". But large amounts of data on tag would make reading and writing data slowly. For solving this problem, a hybrid method is proposed. What's more, three key enabling technologies are described in detail, namely, the mapping relationship between hybrid data and further manufacturing information stored in the remote database, the data model of backend database, and the decentralized control node model. The flexible automated production line is taken as an example of the decentralized control system to illustrate the utility of hybrid-data-on-tag.

Keywords: data handling; data models; multivariable systems; radiofrequency identification; storage management; data model; data-on-network; decentralized RFID data storage; decentralized control node model; decentralized control system; flexible automated production line; hybrid-data-on-tag; manufacturing information; radio frequency identification; Data models; Decentralized control; Indexes; Manufacturing; Production; Radiofrequency identification; Hybrid-data-on-tag; RFID; decentralized control system}, (ID#: 15-7901)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7288045&isnumber=7287893

Ghosh, S.; Goswami, J.; Kumar, A.; Majumder, A., "Issues In NFC as a Form of Contactless Communication: A Comprehensive Survey," in Smart Technologies and Management for Computing, Communication, Controls, Energy and Materials (ICSTM), 2015 International Conference on, pp. 245-252, 6-8 May 2015. doi: 10.1109/ICSTM.2015.7225422

Abstract: Near Field Communication, being an emerging technology, has become an attractive area of research in academics as well as in industries due to its flooding growth and promising applications like short range contactless communication for mobile phone and other devices alike. In this regard, a proper understanding and direction of current research of NFC is to be perfectly maintained for the advancement of knowledge and to reduce the bridge gap between its basic theory and application practice. In this paper, we have proposed a thorough survey on NFC and discussed it in terms of our own visualization. We have found the problems available in the current technology of major industries like Apple, Google, Paypal and proposed some new thoughts to solve those. We also have analyzed the NFC business ecosystem and current / future market trends. In other words, this holistic review with the objective of bringing to state-of-the-art in NFC design provides development of knowledge in this field with future research directions.

Keywords: mobile handsets; near-field communication; NFC business ecosystem; contactless communication; mobile phone; near field communication; Business; Google; Industries; Mobile communication; Mobile handsets; Radiofrequency identification; Security; Bluetooth; NFC ecosystem; RFID; contactless payment; near field communication (ID#: 15-7902)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7225422&isnumber=7225373

Ez-zazi, I.; Arioua, M.; el Oualkadi, A.; el Assari, Y., "Performance Analysis of Efficient Coding Schemes for Wireless Sensor Networks," in RFID And Adaptive Wireless Sensor Networks (RAWSN), 2015 Third International Workshop on, pp. 42-47, 13-15 May 2015. doi: 10.1109/RAWSN.2015.7173277

Abstract: Energy consumption in sensor nodes and Link reliability are two of the major challenges in Wireless Sensor Networks (WSNs). The data exchanged between nodes and base station are vulnerable to corruption by errors induced by random noise, signal fading and other factors. In this regard, error control coding (ECC) is an efficient technique used to increase link reliability and to reduce the required transmitted power. In this context, the choice of energy efficient ECC with a suitable modulation scheme is a crucial task at the link and physical layer of wireless sensor networks to improve their lifetime. Since the WSNs are energy constraint in nature, both the probability of bit error rate (BER) and power consumption have to be taken into account. A performance analysis of error control coding schemes referring to BPSK modulation through a Gaussian channel (AWGN) is presented in this paper. Our results show that the RS(31,21) outperforms other ECC schemes and can be the optimal choice for wireless sensor network environment.

Keywords: Gaussian channels; error correction codes; phase shift keying; telecommunication network reliability; wireless sensor networks; BPSK modulation; Gaussian channel; bit error rate; efficient coding schemes; energy consumption; error control coding; link reliability; power consumption; wireless sensor networks; Bit error rate; Decoding; Encoding; Parity check codes; Reed-Solomon codes; Wireless sensor networks; AWGN; BER; ECC; LDPC; RS; SNR; WSN (ID#: 15-7903)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7173277&isnumber=7173261

---

Note:

Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to news@scienceofsecurity.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.

---

Scientific Computing 2015

	Scientific Computing 2015

Scientific computing is concerned with constructing mathematical models and quantitative analysis techniques and using computers to analyze and solve scientific problems. As a practical matter, scientific computing is the use of computer simulation and other forms of computation from numerical analysis and theoretical computer science to solve specific problems such as cybersecurity. For the Science of Security community, it relates to predictive metrics, compositionality, and resilience. The works cited here were presented in 20915.

---

Donghoon Kim; Vouk, M.A., "Securing Scientific Workflows," in Software Quality, Reliability and Security - Companion (QRS-C), 2015 IEEE International Conference on, pp. 95-104, 3-5 Aug. 2015. doi: 10.1109/QRS-C.2015.25

Abstract: This paper investigates security of Kepler scientific workflow engine. We are especially interested in Kepler-based scientific workflows that may operate in cloud environments. We find that (1) three security properties (i.e., input validation, remote access validation, and data integrity) are essential for making Kepler-based workflows more secure, and (2) that use of the Kepler provenance module may help secure Kepler based workflows. We implemented a prototype security enhanced Kepler engine to demonstrate viability of use of the Kepler provenance module in provision and management of the desired security properties.

Keywords: authorisation; cloud computing; data integrity; scientific information systems; workflow management software; Kepler provenance module; Kepler scientific workflow engine security; cloud environment; data integrity; input validation; remote access validation; Cloud computing; Conferences; Databases; Engines; Security; Software quality; Uniform resource locators; Cloud; Kepler; Provenance; Scientific workflow; Vulnerability (ID#: 15-7975)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7322130&isnumber=7322103

Ionita, M.-G.; Patriciu, V.-V., "Cyber Incident Response Aided by Neural Networks and Visual Analytics," in Control Systems and Computer Science (CSCS), 2015 20th International Conference on, pp. 229-233, 27-29 May 2015. doi: 10.1109/CSCS.2015.41

Abstract: The world security context is changing more than ever. Military interest has shifted from the conventional means of warfare to that of cyber warfare. The most potent nations have entire armies that are watching the international cyberspace for anomalies. And these forces are ready to intervene for keeping peace at home or for an enemy nation. The international interest in exploit development has risen significantly. And has gone from an underground activity of a group of hackers to a semi-covert operation of a governmental agency [1]. In this context, where over 70 exabytes of data are moved over the internet, per month [2], and the level of significant cyber-attacks is almost 43 million per year [3] the sheer number of security events a SIEM operator has to triage can be impressive and overwhelming. This is why a human operator has to be helped by technology. This is where neural networks can bring a huge plus for detecting previously unknown attacks and zero-day exploits. And visual analytics to help a human being understand and process the huge volume of information coming to him, by presenting it in a cognitive fashion that helps him better understand and classify it in the correct context. Both of the concepts evoked are presented in this paper, the detection algorithm based on neural networks and the scientific representation scheme based on visual analytics.

Keywords: computer crime; government; military computing; neural nets; cyber incident response; cyber warfare; governmental agency; hackers; military interest; neural networks; visual analytics; world security context; Computer crime; Control systems; Google; Neural networks; Protocols; Visual analytics; Cyber security; Incident response; Neural networks; Visual analytics (ID#: 15-7976)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7168435&isnumber=7168393

Yuan, Shijin; Yan, Jinghao; Mu, Bin; Li, HongYu, "Parallel Dynamic Step Size Sphere-Gap Transferring Algorithm for Solving Conditional Nonlinear Optimal Perturbation," in High Performance Computing and Communications (HPCC), 2015 IEEE 7th International Symposium on Cyberspace Safety and Security (CSS), 2015 IEEE 12th International Conference on Embedded Software and Systems (ICESS), 2015 IEEE 17th International Conference on, pp. 559-565, 24-26 Aug. 2015. doi: 10.1109/HPCC-CSS-ICESS.2015.261

Abstract: Intelligent algorithms have been extensively applied in scientific computing. Recently, some researchers apply intelligent algorithms to solve conditional nonlinear optimal perturbation (CNOP) which is proposed to study the predictability of numerical weather and climate prediction. The difficulty of solving CNOP using the intelligent algorithm is the high dimensionality of complex numerical models. Therefore, previous researches either are just tested in ideal models or have low time efficiency in complex numerical models which limited the application of CNOP. In this paper, we proposed a parallel dynamic step size sphere-gap transferring algorithm (DSGT) to solve CNOP in complex numerical models. A dynamic step size factor is also designed to speed up convergence of sphere-gap transferring algorithm. Through the singular value decomposition, the original problem is reduced into a low-dimensional space to hunt the coordinate of the optimal CNOP with the DSGT algorithm. Moreover, in order to accelerate the computation speed, we parallelize the DSGT method with MPI technology. To demonstrate the validity, the proposed method has been studied in the Zebiak-Cane model to solve the CNOP. Experimental results prove that the proposed method can efficiently and stably obtain a satisfactory CNOP, and the parallel version can reach the speedup of 7.18 times with 10 cores.

Keywords: Algorithm design and analysis; Atmospheric modeling; Computational modeling; Heuristic algorithms; Numerical models; Optimization; Prediction algorithms; CNOP; Zebiak-Cane model; parallel; sphere-gap transferring algorithm (ID#: 15-7977)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7336217&isnumber=7336120

Liu, Yueming; Zhang, Peng; Qiu, Meikang, "Fast Numerical Evaluation for Symbolic Expressions in Java," in High Performance Computing and Communications (HPCC), 2015 IEEE 7th International Symposium on Cyberspace Safety and Security (CSS), 2015 IEEE 12th International Conference on Embedded Software and Systems (ICESS), 2015 IEEE 17th International Conference on, pp. 599-604, 24-26 Aug. 2015. doi: 10.1109/HPCC-CSS-ICESS.2015.19

Abstract: The symbolic-numeric computation has been extensively developed in scientific computing for experimenting mathematics in numerical programs, like in optimization problems and finite element methods. Many software and libraries have been developed to support symbolic-numeric computation especially in the recent years. However, most of the implementations are cumbersome and inefficient for numerically evaluating symbolic expressions. The popular implementation chooses the way that generates C/C++/FORTRAN source codes for symbolic expressions and compiles the source files using the external compilers. The compiled machine codes are then linked back to the symbolic manipulation language environment. Thi sprocess suffers from slow compilation and significant overhead of external function calls. To address this problem, this paper presents a handy approach that provides fast numerical evaluation for symbolic expressions in Java. In our approach, Java bytecode is generated in memory for symbolic expressions and further Just-In-Time (JIT) compiled to machine codes onJava Virtual Machine (JVM) at runtime. We have developed SymJava (https://github.com/yuemingl/SymJava) to implement our approach and tested a range of benchmark problems. The results show that SymJava is 1~3 orders of magnitude faster than the existing implementations including Matlab, Mathematica, Sage, Theano and SymPy. Additionally, SymJava offers a human friendly programming style for symbolic expressions by overloading operators in Java. Our approach opens up a new avenue for the development of next generation symbolic-numeric software.

Keywords: Benchmark testing; Java; Libraries; MATLAB; Mathematics; Runtime; JIT; bytecode; compile; java; numeric; symbolic (ID#: 15-7978)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7336223&isnumber=7336120

Zhou, Wenhao; Chen, Juan; Wang, Zhiyuan; Xu, Xinhai; Xu, Liyang; Tang, Yuhua, "Time-Dimension Communication Characterization of Representative Scientific Applications on Tianhe-2," in High Performance Computing and Communications (HPCC), 2015 IEEE 7th International Symposium on Cyberspace Safety and Security (CSS), 2015 IEEE 12th International Conference on Embedded Software and Systems (ICESS), 2015 IEEE 17th International Conference on, pp. 423-429, 24-26 Aug. 2015. doi: 10.1109/HPCC-CSS-ICESS.2015.15

Abstract: Exascale computing is one of the major challenges of this decade, and several studies have shown that the communication is becoming one of the bottlenecks for scaling parallel applications. The characteristic analysis of communication is an important means to improve the performance of scientific applications. In this paper, we focus on the statistical regularity in time-dimension communication characteristics of representative scientific applications and find that the distribution of interval of communication events has a power-law decay, which is widely found in scientific interests and human activities. For a quantitative study on characteristics of power-law distribution, we count two groups of typical measures: bursty vs. memory and periodicity vs. dispersion. Our analysis shows that the communication events reflect a "strong-bursty and weak-memory" characteristic and we also capture the periodicity and dispersion in interval distribution. All of the quantitative results are verified with eight representative scientific applications on Tianhe-2 supercomputer with a fat-tree-like interconnection network. Finally, our study provides an insight on the relationship between communication optimization and time-dimension communication characteristics.

Keywords: Benchmark testing; Dispersion; High performance computing; Histograms; Libraries; Supercomputers; Power-law distributions; Supercomputing; Tianhe-2; Time-dimension Communication Characterization (ID#: 15-7979)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7336198&isnumber=7336120

Suresh, N.; Mbale, J.; Terzoli, A.; Mufeti, T.K., "Enhancing Cloud Connectivity Among NRENs in the SADC Region Through a Novel Institution Cloud Infrastructure Framework," in Emerging Trends in Networks and Computer Communications (ETNCC), 2015 International Conference on, pp. 179-184, 17-20 May 2015. doi: 10.1109/ETNCC.2015.7184830

Abstract: It is increasingly being recognized that faster socioeconomic development in Africa is dependent upon the development of Information and Communication Technology (ICT) Infrastructure for the dissemination of data and educational services. The scalability and flexibility provided by Cloud services in terms of resource management, service provisioning and virtualization makes it an attractive system for use with educational and ICT services. The flexibility of pay-as-you-go models combined with the ability to scale computing, storage and/or networking resources makes Cloud computing an ideal candidate for use with education, research and scientific infrastructures. Notwithstanding its benefits, transitioning from a traditional IT infrastructure to a Cloud computing paradigm raises security concerns with respect to data storage, data transmission and user privacy. This paper presents on-going research for the development of Science, Technology and Innovation (STI) infrastructure for the distribution of Information Communication technologies (ICT) services in the African context. The Inter-Cloud Infrastructure Framework (ICIF) proposed, is conceived as a Cloud computing framework suitable for use with National Research and Education Networks (NRENs) in the SADC region. The ICIF system is used to create an Inter-Cloud infrastructure, and helps NRENs transition from traditional IT infrastructure systems to the Cloud computing paradigm. It also provides new functional/operational components and Cloud services to support the interconnection and/or interoperability among SADC NRENs through the ICIF infrastructure.

Keywords: cloud computing; data privacy; innovation management; virtualisation; Africa; ICIF; ICT infrastructure; NRENs; National Research and Education Networks; SADC region; STI infrastructure; cloud computing; cloud connectivity; data dissemination; data storage; data transmission; educational services; information and communication technology infrastructure; innovation infrastructure; institution cloud infrastructure framework; intercloud infrastructure framework; pay-as-you-go models; resource management; science infrastructure; service provisioning; socioeconomic development; user privacy; virtualization; Collaboration; Computational modeling; Computer architecture; Organizations; Platform as a service; Security; Cloud Computing; Cloud Services; Inter-Cloud Infrastructure (ID#: 15-7980)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7184830&isnumber=7184793

Memon, S.; Riedel, M.; Koeritz, C.; Grimshaw, A., "Interoperable Job Execution and Data Access Through UNICORE and the Global Federated File System," in Information and Communication Technology, Electronics and Microelectronics (MIPRO), 2015 38th International Convention on, pp. 269-274, 25-29 May 2015. doi: 10.1109/MIPRO.2015.7160278

Abstract: Computing middlewares play a vital role for abstracting complexities of backend resources by providing a seamless access to heterogeneous execution management services. Scientific communities are taking advantage of such technologies to focus on science rather than dealing with technical intricacies of accessing resources. Multi-disciplinary communities often bring dynamic requirements which are not trivial to realize. Specifically, to attain massivley parallel data processing on supercomputing resources which require an access to large data sets from widely distributed and dynamic sources located across organizational boundaries. In order to support this abstract scenario, we bring a combination that integrates UNICORE middleware and the Global Federated File System. Furthermore, the paper gives architectural and implementation perspective of UNICORE extension and its interaction with Global Federated File System space through computing, data and security standards.

Keywords: file organisation; information retrieval; middleware; parallel processing; UNICORE middleware; backend resource complexity abstracting; data access; global federated file system; heterogeneous execution management services; interoperable job execution; multidisciplinary community; organizational boundary; parallel data processing; security standards; supercomputing resources; Communities; File systems; Security; Servers; Standards; Web services (ID#: 15-7981)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7160278&isnumber=7160221

Skalicky, Sam; Lopez, Sonia; Lukowiak, Marcin; Schmidt, Andrew G., "A Parallelizing Matlab Compiler Framework and Run Time for Heterogeneous Systems," in High Performance Computing and Communications (HPCC), 2015 IEEE 7th International Symposium on Cyberspace Safety and Security (CSS), 2015 IEEE 12th International Conference on Embedded Software and Systems (ICESS), 2015 IEEE 17th International Conference on, pp. 232-237, 24-26 Aug. 2015. doi: 10.1109/HPCC-CSS-ICESS.2015.51

Abstract: Compute-intensive applications incorporate ever increasing data processing requirements on hardware systems. Many of these applications have only recently become feasible thanks to the increasing computing power of modern processors. The Matlab language is uniquely situated to support the description of these compute-intensive scientific applications, and consequently has been continuously improved to provide increasing computational support in the form of multithreading for CPUs and utilizing accelerators such as GPUs and FPGAs. Moreover, to take advantage of the computational support in these heterogeneous systems from the problem domain to the computer architecture necessitates a wide breadth of knowledge and understanding. In this work, we present a framework for the development of compute-intensive scientific applications in Matlab using heterogeneous processor systems. We investigate systems containing CPUs, GPUs, and FPGAs. We leverage the capabilities of Matlab and supplement them by automating the mapping, scheduling, and parallel code generation. Our experimental results on a set of benchmarks achieved from 20x to 60x speedups compared to the standard Matlab CPU environment with minimal effort required on the part of the user.

Keywords: Data transfer; Field programmable gate arrays; Kernel; MATLAB; Message systems; Processor scheduling; Scheduling; Heterogeneous computing; Matlab; compiler (ID#: 15-7982)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7336169&isnumber=7336120

Gomez-Folgar, F.; Indalecio, G.; Garcia-Loureiro, A.J.; Pena, T.F., "A Flexible Cluster System for the Management of Virtual Clusters in the Cloud," in High Performance Computing and Communications (HPCC), 2015 IEEE 7th International Symposium on Cyberspace Safety and Security (CSS), 2015 IEEE 12th International Conference on Embedded Software and Systems (ICESS), 2015 IEEE 17th International Conference on, pp. 1693-1698, 24-26 Aug. 2015. doi: 10.1109/HPCC-CSS-ICESS.2015.120

Abstract: Cluster computing is a fundamental tool to support enterprise services. It also provides the computing capacity for modelling and simulation research fields. There have been several initiatives to improve the access of the scientific community to the cluster resources that they need. Some of them are focused on specific research field, or they are enterprise grade solutions. In order to overcome this situation and to provide system administrators and users the possibility of deploying specific Virtual Clusters on demand in Cloud, we have developed a new tool called Flexible Cluster Manager (FCM). It allows user selectable cluster configuration packages, and it is very easy to include more software by means of the definition of the deployment workflow. FCM allows changing the software configuration of the deployed cluster on-line, including the support of fixing damaged virtual clusters, i.e clusters that have damaged or missing nodes. The performance of our tool, using commodity hardware, is also presented using serial and parallel deploying of the virtual cluster.

Keywords: Cloud computing; Computer architecture; Databases; Resource management; Software packages; Virtualization; Apache CloudStack; KVM; Virtual clusters; performance (ID#: 15-7983)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7336414&isnumber=7336120

Zhimin Gao; Desalvo, N.; Pham Dang Khoa; Seung Hun Kim; Lei Xu; Won Woo Ro; Verma, R.M.; Weidong Shi, "Integrity Protection for Big Data Processing with Dynamic Redundancy Computation," in Autonomic Computing (ICAC), 2015 IEEE International Conference on, pp. 159-160, 7-10 July 2015. doi: 10.1109/ICAC.2015.34

Abstract: Big data is a hot topic and has found various applications in different areas such as scientific research, financial analysis, and market studies. The development of cloud computing technology provides an adequate platform for big data applications. No matter public or private, the outsourcing and sharing characteristics of the computation model make security a big concern for big data processing in the cloud. Most existing works focus on protection of data privacy but integrity protection of the processing procedure receives little attention, which may lead the big data application user to wrong conclusions and cause serious consequences. To address this challenge, we design an integrity protection solution for big data processing in cloud environments using reputation based redundancy computation. The implementation and experiment results show that the solution only adds limited cost to achieve integrity protection and is practical for real world applications.

Keywords: Big Data; cloud computing; data integrity; data privacy; Big Data processing; cloud computing technology; dynamic redundancy computation; integrity protection solution; reputation based redundancy computation; Conferences; MapReduce; cloud computing; integrity protection (ID#: 15-7984)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7266957&isnumber=7266915

Yount, Charles, "Vector Folding: Improving Stencil Performance via Multi-dimensional SIMD-vector Representation," in High Performance Computing and Communications (HPCC), 2015 IEEE 7th International Symposium on Cyberspace Safety and Security (CSS), 2015 IEEE 12th International Conference on Embedded Software and Systems (ICESS), 2015 IEEE 17th International Conference on, pp. 865-870, 24-26 Aug. 2015. doi: 10.1109/HPCC-CSS-ICESS.2015.27

Abstract: Stencil computation is an important class of algorithms used in a large variety of scientific-simulation applications. Modern CPUs are employing increasingly longer SIMD vector registers and operations to improve computational throughput. However, the traditional use of vectors to contain sequential data elements along one dimension is not always the most efficient representation, especially in the multicore and hyper-threaded context where caches are shared among many simultaneous compute streams. This paper presents a general technique for representing data in vectors for 2D and 3D stencils. This method reduces the number of memory accesses required by storing a small multi-dimensional block of data in each vector compared to the single dimension in the traditional approach. Experiments on an Intel Xeon Phi Coprocessor show performance speedups over traditional vectors ranging from 1.2x to 2.7x, depending on the problem size and stencil type. This technique is independent of and complementary to a variety of existing stencil-computation tuning algorithms such as cache blocking, loop tiling, and wavefront parallelization.

Keywords: Jacobian matrices; Layout; Memory management; Registers; Shape; Three-dimensional displays; Intel; SIMD; Xeon Phi; high-performance computing; stencil; vector folding; vectorization (ID#: 15-7985)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7336272&isnumber=7336120

Sasidharan, Aparna; Dennis, John M.; Snir, Marc, "A General Space-filling Curve Algorithm for Partitioning 2D Meshes," in High Performance Computing and Communications (HPCC), 2015 IEEE 7th International Symposium on Cyberspace Safety and Security (CSS), 2015 IEEE 12th International Conference on Embedded Software and Systems (ICESS), 2015 IEEE 17th International Conference on, pp. 875-879, 24-26 Aug. 2015. doi: 10.1109/HPCC-CSS-ICESS.2015.192

Abstract: This paper describes a recursive algorithm for constructing a general Space-Filling Curve (SFC) for an arbitrary distribution of points in2D. We use the SFC to partition 2D meshes, both structured and unstructured, and compare the quality of partitions with traditional SFCs and the multilevel partitioning schemes of Metis and Scotch. The algorithm is independent of the geometry of the mesh and can be easily adapted to irregular meshes. We discuss the advantages of SFCs over multilevel partitioners for meshes in scientific simulations. We define three performance metrics for a reasonable comparison of partitions: volume or load per partition, degree or the number of distinct edges of a partition in the communication graph and communication volume or the sum of the weights of outgoing edges for each partition in the communication graph. We propose a performance model for modern architectures using these metrics. We find our partitions comparable to and in some cases better than the best multilevel partitions, while being computed much faster. Unlike Metis, our hierarchical approach yields good hierarchical partitions (e.g., for partitioning to node and core level), and is appropriate for adaptive mesh refinement kernels.

Keywords: Adaptation models; Computer science; Electronic mail; Load modeling; Measurement; Partitioning algorithms; Shape; Geometric Partitioning; Mesh Partitioning; Metis; Scotch; Space-filling Curve (ID#: 15-7986)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7336274&isnumber=7336120

Gulhane, S.; Bodkhe, S., "DDAS Using Kerberos with Adaptive Huffman Coding to Enhance Data Retrieval Speed and Security," in Pervasive Computing (ICPC), 2015 International Conference on, pp. 1-6, 8-10 Jan. 2015. doi: 10.1109/PERVASIVE.2015.7086987

Abstract: The increasing fad of deploying application over the web and store as well as retrieve database to/from particular server. As data stored in distributed manner so scalability, flexibility, reliability and security are important aspects need to be considered while established data management system. There are several systems for database management. After reviewing Distributed data aggregation service (DDAS) system which is relying on Blobseer it found that it provide a high level performance in aspects such as data storage as a Blob (Binary large objects) and data aggregation. For complicated analysis and instinctive mining of scientific data, Blobseer serve as a repository backend. WS-Aggregation is another framework which is viewed as a web services but it is actually carried out aggregation of data. In this framework for executing multi-site queries a single-site interface is provided to the clients. Simple storage service (S3) is another type of storage utility. This S3 system provides an anytime available and low cost service. Kerberos is a method which provides a secure authentication as only authorized clients are able to access distributed database. Kerberos consist of four steps i.e. Authentication Key exchange, Ticket granting service Key exchange, Client/Server service exchange and Build secure communication. Adaptive Huffman method to writing (also referred to as Dynamic Huffman method) is associate accommodative committal to writing technique basic of Huffman coding. It permits compression as well as decompression of data and also permits building the code because the symbols square measure is being transmitted, having no initial information of supply distribution, that enables one-pass cryptography and adaptation to dynamical conditions in data.

Keywords: Huffman codes; Web services; cryptography; data mining; distributed databases; query processing; Blob; Blobseer; DDAS; Kerberos; WS-Aggregation; Web services; adaptive Huffman coding; authentication key exchange; binary large objects; client-server service exchange; data aggregation; data management system; data retrieval security; data retrieval speed; data storage; distributed data aggregation service system; distributed database; dynamic Huffman method; instinctive scientific data mining; multisite queries; one-pass cryptography; secure communication; Authentication; Catalogs; Distributed databases; Memory; Servers; XML; adaptive huffman method; blobseer; distributed database; kerberos; simple storage service; ws aggregation (ID#: 15-7987)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7086987&isnumber=7086957

Elmore, R.A.; Charlton, W.S., "Nonproliferation Informatics: Employing Bayesian Analysis, Agent Based Modeling, And Information Theory For Dynamic Proliferation Pathway Studies," in Intelligence and Security Informatics (ISI), 2015 IEEE International Conference on, pp. 43-48, 27-29 May 2015. doi: 10.1109/ISI.2015.7165937

Abstract: Decision making on weapons of mass effect (WME) proliferation and counter-proliferation is information driven. However, the large data requirements, along with associated knowledge gaps and intelligence uncertainties, impedes optimal strategy selection. Combining Bayesian analysis, agent based modeling (ABM), and information theory within a security informatics context can aid understanding of dynamic WME proliferation and counter-proliferation pathways and possibilities. The Bayesian ABM Nonproliferation Enterprise (BANE) was developed to incorporate large databases and information sets. There are three broad BANE agent classes: 1) proliferator, 2) defensive, and 3) neutral. Within each agent class exists significant flexibility for them pursuing different objectives. Bayesian analysis cover the technical linkages realistically tying proliferation pathway process steps together. In BANE, Bayesian networks using the Netica software program provide a wide array of scientific and engineering pathway options. Information theory, especially entropy reduction and mutual information, in a Bayesian security informatics arrangement help identify optimal technical areas to master or disrupt. Concurrently, interlocking factors such as available resources, technical sophistication, time horizons, detection risks, and agent affinities impact agents' ability to achieve their goals. Actions taken by one BANE agent on the proliferation or counter-proliferation front affect its future opportunities and those of potential partner or adversarial agents. An explanation of the BANE framework and several key security informatics aspects crucial to WME proliferation and counter-proliferation analysis are provided.

Keywords: belief networks; decision making; military computing; multi-agent systems; security of data; weapons; BANE; Bayesian ABM nonproliferation enterprise; Bayesian analysis; Bayesian network; Bayesian security informatics; Netica software program; WME proliferation; agent based modelling; decision making; dynamic proliferation pathway; information theory; nonproliferation informatics; weapons of mass effect; Bayes methods; Databases; Decision making; Informatics; Information theory; Security; Uncertainty; Agent Based Modeling; Bayesian Analysis; Information Theory; Intelligence Informatics; Nonproliferation; Nuclear} (ID#: 15-7988)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7165937&isnumber=7165923

Zhicong Huang; Ayday, E.; Fellay, J.; Hubaux, J.-P.; Juels, A., "GenoGuard: Protecting Genomic Data against Brute-Force Attacks," in Security and Privacy (SP), 2015 IEEE Symposium on, pp. 447-462, 17-21 May 2015. doi: 10.1109/SP.2015.34

Abstract: Secure storage of genomic data is of great and increasing importance. The scientific community's improving ability to interpret individuals' genetic materials and the growing size of genetic database populations have been aggravating the potential consequences of data breaches. The prevalent use of passwords to generate encryption keys thus poses an especially serious problem when applied to genetic data. Weak passwords can jeopardize genetic data in the short term, but given the multi-decade lifespan of genetic data, even the use of strong passwords with conventional encryption can lead to compromise. We present a tool, called Geno Guard, for providing strong protection for genomic data both today and in the long term. Geno Guard incorporates a new theoretical framework for encryption called honey encryption (HE): it can provide information-theoretic confidentiality guarantees for encrypted data. Previously proposed HE schemes, however, can be applied to messages from, unfortunately, a very restricted set of probability distributions. Therefore, Geno Guard addresses the open problem of applying HE techniques to the highly non-uniform probability distributions that characterize sequences of genetic data. In Geno Guard, a potential adversary can attempt exhaustively to guess keys or passwords and decrypt via a brute-force attack. We prove that decryption under any key will yield a plausible genome sequence, and that Geno Guard offers an information-theoretic security guarantee against message-recovery attacks. We also explore attacks that use side information. Finally, we present an efficient and parallelized software implementation of Geno Guard.

Keywords: biology computing; cryptography; data privacy; genetics; statistical distributions; storage management; GenoGuard; HE; brute-force attacks; data breaches; encryption keys; genetic database populations; genetic materials; genomic data protection; honey encryption; information-theoretic confidentiality; parallelized software implementation; passwords; probability distributions; storage security; Bioinformatics; Encoding; Encryption; Genomics; brute-force attack; distribution-transforming encoder; genomic privacy; honey encryption (ID#: 15-7989)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7163041&isnumber=7163005

Djellalbia, Amina; Benmeziane, Souad; Badache, Nadjib; Bensimessaoud, Sihem, "An Adaptive Anonymous Authentication for Cloud Environment," in Cloud Technologies and Applications (CloudTech), 2015 International Conference on, pp. 1-8, 2-4 June 2015. doi: 10.1109/CloudTech.2015.7337010

Abstract: Preserving identity privacy is a significant challenge for the security in cloud services. Indeed, an important barrier to the adoption of cloud services is user fear of privacy loss in the cloud. One interesting issue from a privacy perspective is to hide user's usage behavior or meta-information which includes access patterns and frequencies when accessing services. Users may not want the cloud provider to learn which resources they access and how often they use a service by making them anonymous. In this paper, we will propose an adaptive and flexible approach to protect the identity privacy through an anonymous authentication scheme.

Keywords: Authentication; Biological system modeling; Cloud computing; Computational modeling; Data privacy; Privacy; Anonymity; Authentication; Blind signature; Cloud environment; Onion Routing; Privacy; Security (ID#: 15-7990)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7337010&isnumber=7336956

Hauger, Werner K.; Olivier, Martin S., "The State of Database Forensic Research," in Information Security for South Africa (ISSA), 2015, pp. 1-8, 12-13 Aug. 2015. doi: 10.1109/ISSA.2015.7335071

Abstract: A sentiment that is quite often encountered in database forensic research material is the scarcity of scientific research in this vital area of digital forensics. Databases have been around for many years in the digital space and have moved from being exclusively used in specialised applications of big corporations to becoming a means to an end in even the simplest end-user applications. Newer disciplines such as cloud forensics seem to be producing a far greater volume of new research material than database forensics. This paper firstly investigates the validity of the expressed sentiment. It also attempts to establish possible reasons for the apparent lack of research in this area. A survey was conducted of scientific research material that was published after an initial assessment was performed in 2009. The gathered database forensic material was compared to scientific material published in the same period in the cloud forensic discipline. The survey indicated that the speed of research into database forensics has increased since the 2009 paper. However the area of cloud forensics has produced twice the amount of new research in the same time period. The factors that made cloud forensics an attractive research area are either not applicable to database forensics or no longer play a significant role. This would explain the lesser interest in performing research in database forensics.

Keywords: Cloud computing; Computers; Database systems; Digital forensics; Google; database forensics; scientific research; survey (ID#: 15-7991)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7335071&isnumber=7335039

Malyuk, A.; Miloslavskaya, N., "Information Security Theory for the Future Internet," in Future Internet of Things and Cloud (FiCloud), 2015 3rd International Conference on, pp. 150-157, 24-26 Aug. 2015. doi: 10.1109/FiCloud.2015.12

Abstract: The Future Internet and the Internet of Things (IoT) and clouds as its integral parts need a specialized theory for their information protection from different threats and intruders. The history and main results of research aimed at creating a scientific and methodological foundation of the Information Security Theory in Russia are examined. The discussion considers the formulation of the informal systems theory and approaches for creating the simulation models of information security (IS) maintenance (ISM) processes in conditions of incomplete and insufficiently reliable input data. The structure of a unified IS concept is proposed. Theoretical problems of designing an integrated information protection system's functioning, including IS assessment methodology, methodology of defining requirements to ISM and methodology of creating information protection systems (IPSs) are described. Finally, the results of the IS theory development are summarized and areas of further research are outlined.

Keywords: Internet of Things; security of data; IPSs; IS assessment methodology; IS maintenance; ISM; Internet of Things; IoT; future Internet; informal systems theory; information protection systems; information security maintenance; information security theory; integrated information protection system; simulation models; Analytical models; Cloud computing; Data models; IP networks; Information security; Future Internet security; Internet of Things security; cloud security; information protection systems ;information security concept; information security theory (ID#: 15-7992)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7300812&isnumber=7300539

Zhenyu Wen; Cala, J.; Watson, P.; Romanovsky, A.; "Cost Effective, Reliable, and Secure Workflow Deployment over Federated Clouds;" in Cloud Computing (CLOUD), 2015 IEEE 8th International Conference on, pp. 604-612, June 27 2015-July 2 2015. doi: 10.1109/CLOUD.2015.86

Abstract: The federation of clouds can provide benefits for cloud-based applications. Different clouds have different advantages - one might be more reliable whilst another might be more secure or less expensive. However, being able to select the best combination of clouds to meet the application requirements is not trivial. This paper presents a novel algorithm to deploy workflow applications on federated clouds. Firstly, we introduce an entropy-based method to quantify the most reliable workflow deployments. Secondly, we apply an extension of the Bell-LaPadula Multi-Level security model to meet application security requirements. Finally, we optimise deployment in terms of its entropy and also its monetary cost, taking into account the price of computing power, data storage and inter-cloud communication. To evaluate the new algorithm we compared it against two existing scheduling algorithms: Dynamic Constraint Algorithm (DCA) and Biobjective dynamic level scheduling (BDLS). We show that our algorithm can find deployments that are of equivalent reliability, but are less expensive and also meet security requirements. We have validated our solution using workflows implemented in the e-Science Central cloud-based data analysis system.

Keywords: business data processing; cloud computing; costing; data analysis; scheduling; scientific information systems; security of data; BDLS; Bell-LaPadula multilevel security model; DCA; application requirements; biobjective dynamic level scheduling; cloud-based applications; computing power; cost effective workflow deployment; data storage; dynamic constraint algorithm; e-Science central cloud-based data analysis system; federated clouds; intercloud communication; monetary cost; reliable workflow deployment; scheduling algorithm; secure workflow deployment; security requirements; workflow applications; Algorithm design and analysis; Cloud computing; Computational modeling; Entropy; Optimization; Reliability; Security; Cloud Computing; Cost; Reliability; Scheduling; Security; Workflow (ID#: 15-7993)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7214096&isnumber=7212169

---

Note:
Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to news@scienceofsecurity.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.

---

Signal Processing 2015

	Signal Processing 2015

Broadly speaking, signal processing covers signal acquisition and reconstruction, quality improvement, signal compression and feature extraction. Each of these processes introduces vulnerabilities into communications and other systems. The research articles cited here explore trust between networks, steganalysis, tracing passwords across networks, and certificates. They address the Science of Security hard problems related to privacy, resilience, metrics, and composability. All were presented in 2015.

---

Xiaohua Li; Yang, T., "Signal Processing Oriented Approach for Big Data Privacy," in High Assurance Systems Engineering (HASE), 2015 IEEE 16th International Symposium on, pp. 275-276, 8-10 Jan. 2015. doi: 10.1109/HASE.2015.23

Abstract: This paper addresses the challenge of big data security by exploiting signal processing theories. We propose a new big data privacy protocol that scrambles data via artificial noise and secret transform matrices. The utility of the scrambled data is maintained, as demonstrated by a cyber-physical system application. We further outline the proof of the proposed protocol's privacy by considering the limitations of blind source separation and compressive sensing.

Keywords: Big Data; compressed sensing; data privacy; matrix algebra; security of data; Big Data privacy; Big Data security; artificial noise; blind source separation; compressive sensing; secret transform matrix; signal processing; Big data; Data privacy; Noise; Power demand; Protocols; Vectors; big data; cyber-physical systems; privacy; signal processing (ID#: 15-7922)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7027443&isnumber=7027398

Bol, David; de Streel, Guerric; Flandre, Denis, "Can We Connect Trillions of IoT Sensors in a Sustainable Way? A Technology/Circuit Perspective (Invited)," in SOI-3D-Subthreshold Microelectronics Technology Unified Conference (S3S), 2015 IEEE, pp. 1-3, 5-8 Oct. 2015. doi: 10.1109/S3S.2015.7333500

Abstract: The Internet-of-Things is about to revolutionize our world with trillions of sensors to be deployed. However, this revolution raises sustainability issues at the economical, societal and environmental levels: security and privacy of the sensed data, environmental and economical costs of battery production and replacement, carbon footprint associated to the production of the sensor nodes, congestion of the RF spectrum due to numerous connected devices and electrical power consumption of the ICT infrastructure to support the Internet traffic due to the sensed data. In this paper, we show how these high-level challenges can be translated into IC design targets for three main functions of IoT nodes: digital signal processing (DSP), embedded power management (PM) and low-power wireless RF communications. We then demonstrate that CMOS technology scaling and ultra-low-voltage operation can help meeting these targets through an analysis of their benefits on simple yet representative DSP, PM and RF blocks.

Keywords: CMOS integrated circuits; CMOS technology; Digital signal processing; Noise measurement; Radio frequency; Sensors; Wireless communication (ID#: 15-7923)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7333500&isnumber=7333477

Mishra, M.K.; Sengar, S.S.; Mukhopadhyay, S., "Algorithm for Secure Visual Communication," in Signal Processing and Integrated Networks (SPIN), 2015 2nd International Conference on, pp. 831-836, 19-20 Feb. 2015. doi: 10.1109/SPIN.2015.7095310

Abstract: The enormous size of video data of natural scene and objects is a practical threat to storage, transmission. The efficient handling of video data essentially requires compression for economic utilization of storage space, access time and the available network bandwidth of the public channel. In addition, the protection of important video is of utmost importance so as to save it from malicious intervention, attack or alteration by unauthorized users. Therefore, security and privacy has become an important issue. Since from past few years, number of researchers concentrate on how to develop efficient video encryption for secure video transmission, a large number of multimedia encryption schemes have been proposed in the literature like selective encryption, complete encryption and entropy coding based encryption. Among above three kinds of algorithms, they all remain some kind of shortcomings. In this paper, we have proposed a lightweight selective encryption algorithm for video conference which is based on efficient XOR operation and symmetric hierarchical encryption, successfully overcoming the weakness of complete encryption while offering a better security. The proposed algorithm guarantees security, fastness and error tolerance without increasing the video size.

Keywords: cryptography; data privacy; multimedia communication; telecommunication network reliability; telecommunication security; teleconferencing; video communication; XOR operation; economic utilization; entropy coding; lightweight selective encryption algorithm; malicious intervention; multimedia encryption scheme; network bandwidth availability; privacy; public channel; secure visual communication; symmetric hierarchical encryption; video conference; video data handling; video data storage space; video data transmission; Ciphers; Encryption; Signal processing algorithms; Streaming media; Video coding; GDH.3; H.264/AVC; RC4; video encryption (ID#: 15-7924)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7095310&isnumber=7095159

Govinda, K.; Prasanna, S., "A Generic Image Cryptography Based on Rubik's Cube," in Soft-Computing and Networks Security (ICSNS), 2015 International Conference on, pp. 1-4, 25-27 Feb. 2015. doi: 10.1109/ICSNS.2015.7292383

Abstract: Security is one of the core areas of study of the IT industry. In this era, where our information represents us, information security is no more a simple non-functional requirement. In order to define and determine security trends and techniques with respect to evolving data that impacts our life every day, Here in this paper we define and design procedures and schemes that provides privacy, security and authenticated data that flows through the network, stored in cloud and the data that is available everywhere all the time serving, homo sapiens by full filling their requirements.

Keywords: cloud computing; cryptography; data privacy; image processing; message authentication; storage management; IT industry; Rubik's cube; authenticated data; cloud storage; data privacy; data security; generic image cryptography; information security; nonfunctional requirement; Chaotic communication; Ciphers; Encryption; Signal processing algorithms; Cryptography ;Decryption; Encryption; Game of life; Rubik's Cube (ID#: 15-7925)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7292383&isnumber=7292366

Kumar, R.R.; Hussain, M., "Query Execution over Encrypted Database," in Advances in Computing and Communication Engineering (ICACCE), 2015 Second International Conference on, pp. 459-464, 1-2 May 2015. doi: 10.1109/ICACCE.2015.13

Abstract: Rapid changes in internet and network technologies facilitated easy to access online applications, services and database. Database as a service (DaaS) is a model that offer its users to perform data processing (store, modify and retrieve) as long as they are connect to internet. Providing security to database as service model became a challenging work due to malicious network administrator, they exploit software bugs and retrieve confidential data of enterprise and users. Two privacy issues are important in DaaS, First data stored in database is secure from outsiders i.e. It should be ensured that, stored data is secure from data thefts. Second, data is secure from the DaaS service provider i.e. Data is secure from curious or malicious database administrators. In this work, emphasis is on second challenge. We have proposed a system in which data stored at server site is in encrypted form and encrypted query is forwarded to server for processing. Encryption of queries and decryption of encrypted query result are done at client site. The system is secured through symmetric key encryption and authentication using digital signature. The proposed system provides confidentiality, integrity, availability, and authentication services to the data users.

Keywords: cloud computing; cryptography; data privacy; database management systems; digital signatures; query processing; DaaS model; data privacy; database as a service; database encryption; digital signature; query execution; symmetric key encryption; Databases; Digital signal processing; Digital signatures; Encryption; Servers; authentication; confidentiality; data security; digital signature; integrity (ID#: 15-7926)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7306729&isnumber=7306547

Pittaluga, F.; Koppal, S.J., "Privacy Preserving Optics for Miniature Vision Sensors," in Computer Vision and Pattern Recognition (CVPR), 2015 IEEE Conference on, pp. 314-324, 7-12 June 2015. doi: 10.1109/CVPR.2015.7298628

Abstract: The next wave of micro and nano devices will create a world with trillions of small networked cameras. This will lead to increased concerns about privacy and security. Most privacy preserving algorithms for computer vision are applied after image/video data has been captured. We propose to use privacy preserving optics that filter or block sensitive information directly from the incident light-field before sensor measurements are made, adding a new layer of privacy. In addition to balancing the privacy and utility of the captured data, we address trade-offs unique to miniature vision sensors, such as achieving high-quality field-of-view and resolution within the constraints of mass and volume. Our privacy preserving optics enable applications such as depth sensing, full-body motion tracking, people counting, blob detection and privacy preserving face recognition. While we demonstrate applications on macro-scale devices (smartphones, webcams, etc.) our theory has impact for smaller devices.

Keywords: computer vision; data privacy; security of data; video signal processing; computer vision; image/video data; micro devices; miniature vision sensors; nano devices; privacy preserving optics; security; small networked cameras; Face; Optical design; Optical imaging; Optical sensors; Privacy (ID#: 15-7927)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7298628&isnumber=7298593

Edward Jero, S.; Ramu, P.; Ramakrishnan, S., "Steganography in Arrhythmic Electrocardiogram Signal," in Engineering in Medicine and Biology Society (EMBC), 2015 37th Annual International Conference of the IEEE, pp. 1409-1412, 25-29 Aug. 2015. doi: 10.1109/EMBC.2015.7318633

Abstract: Security and privacy of patient data is a vital requirement during exchange/storage of medical information over communication network. Steganography method hides patient data into a cover signal to prevent unauthenticated accesses during data transfer. This study evaluates the performance of ECG steganography to ensure secured transmission of patient data where an abnormal ECG signal is used as cover signal. The novelty of this work is to hide patient data into two dimensional matrix of an abnormal ECG signal using Discrete Wavelet Transform and Singular Value Decomposition based steganography method. A 2D ECG is constructed according to Tompkins QRS detection algorithm. The missed R peaks are computed using RR interval during 2D conversion. The abnormal ECG signals are obtained from the MIT-BIH arrhythmia database. Metrics such as Peak Signal to Noise Ratio, Percentage Residual Difference, Kullback-Leibler distance and Bit Error Rate are used to evaluate the performance of the proposed approach.

Keywords: data privacy; discrete wavelet transforms; diseases; electrocardiography; medical signal processing; security of data; singular value decomposition;steganography;2D abnormal ECG signal matrix; ECG steganography; Kullback-Leibler distance; MIT-BIH arrhythmia database; Tompkins QRS detection algorithm; arrhythmic electrocardiogram signal; bit error rate; cover signal; data privacy; data security; data transfer; discrete wavelet transform; medical information; percentage residual difference; singular value decomposition; steganography method; Bit error rate; Discrete wavelet transforms; Electrocardiography; Matrix decomposition; Measurement; Watermarking (ID#: 15-7928)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7318633&isnumber=7318236

Pedrouzo-Ulloa, A.; Troncoso-Pastoriza, J.R.; Perez-Gonzalez, F., "Multivariate Lattices for Encrypted Image Processing," in Acoustics, Speech and Signal Processing (ICASSP), 2015 IEEE International Conference on, pp. 1707-1711, 19-24 April 2015. doi: 10.1109/ICASSP.2015.7178262

Abstract: Images are inherently sensitive signals that require privacy-preserving solutions when processed in an untrusted environment, but their efficient encrypted processing is particularly challenging due to their structure and size. This work introduces a new cryptographic hard problem called m-RLWE (multivariate Ring Learning with Errors) extending RLWE. It gives support to lattice cryptosystems that allow for encrypted processing of multidimensional signals. We show an example cryptosystem and prove that it outperforms its RLWE counterpart in terms of security against basis-reduction attacks, efficiency and cipher expansion for encrypted image processing.

Keywords: cryptography; image processing; telecommunication security; cryptographic hard problem; encrypted image processing; lattice cryptosystem; m-RLWE; multidimensional signal processing; multivariate lattice; multivariate ring learning with error; privacy-preserving solution; Ciphers; Encryption; Image processing; Lattices; Polynomials; Homomorphic Processing; Image Encryption; Lattice Cryptography; Security (ID#: 15-7929)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7178262&isnumber=7177909

Jianwei Niu; Fei Gu; Ruogu Zhou; Guoliang Xing; Wei Xiang, "VINCE: Exploiting Visible Light Sensing for Smartphone-Based NFC Systems," in Computer Communications (INFOCOM), 2015 IEEE Conference on, pp. 2722-2730, April 26 2015-May 1 2015. doi: 10.1109/INFOCOM.2015.7218664

Abstract: This paper presents VINCE - a novel visible light sensing design for smartphone-based Near Field Communication (NFC) systems. VINCE encodes information as different brightness levels of smartphone screens, while receivers capture the light signal via light sensors. In contrast to RF technologies, the direction and distance of such a Visible Light Communication (VLC) link can be easily controlled, preserving communication privacy and security. As a result, VINCE can be used in a wide range of NFC applications such as contactless payments and device pairing. We experimentally profile the impact of screen brightness levels and refresh rates of smartphones, and then use the results to guide the design of light intensity encoding scheme of VINCE. We adopt several signal processing techniques and empirically derive a model to deal with the significant variation of received light intensity caused by noises and low screen refresh rates. To improve the communication reliability, VINCE adopts a feedback-based retransmission scheme, and dynamically adjusts the number of encoding brightness levels based on the current light channel condition. We also derive an analytical model that characterizes the relation among the distance, SNR (Signal to Noise Ratio), and BER (Bit Error Rate) of VINCE. Our design and theoretical model are validated via extensive evaluations using a hardware implementation of VINCE on Android smartphones and the Arduino platform.

Keywords: near-field communication; optical communication; smart phones; Android smartphones; Arduino platform; VINCE; near field communication systems; signal processing techniques; smartphone-based NFC systems; visible light communication; visible light sensing; Brightness; Decoding; Encoding; Receivers; Sensors; Signal to noise ratio (ID#: 15-7930)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7218664&isnumber=7218353

Droandi, G.; Lazzeretti, R., "SHE Based Non Interactive Privacy Preserving Biometric Authentication Protocols," in Intelligent Signal Processing (WISP), 2015 IEEE 9th International Symposium on, pp. 1-6, 15-17 May 2015. doi: 10.1109/WISP.2015.7139180

Abstract: Being unique and immutable for each person, biometric signals are widely used in access control systems. While biometric recognition appeases concerns about password's theft or loss, at the same time it raises concerns about individual privacy. Central servers store several enrolled biometrics, hence security against theft must be provided during biometric transmission and against those who have access to the database. If a server's database is compromised, other systems using the same biometric templates could also be compromised as well. One solution is to encrypt the stored templates. Nonetheless, when using traditional cryptosystem, data must be decrypted before executing the protocol, leaving the database vulnerable. To overcame this problem and protect both the server and the client, biometrics should be processed while encrypted. This is possible by using secure two-party computation protocols, mainly based on Garbled Circuits (GC) and additive Homomorphic Encryption (HE). Both GC and HE based solutions are efficient yet interactive, meaning that the client takes part in the computation. Instead in this paper we propose a non-interactive protocol for privacy preserving biometric authentication based on a Somewhat Homomorphic Encryption (SHE) scheme, modified to handle integer values, and also suggest a blinding method to protect the system from spoofing attacks. Although our solution is not as efficient as the ones based on GC or HE, the protocol needs no interaction, moving the computation entirely on the server side and leaving only inputs encryption and outputs decryption to the client.

Keywords: biometrics (access control); cryptographic protocols; data privacy; SHE scheme; access control systems; biometric recognition; biometric signal; blinding method; cryptosystem; encryption; garbled circuit; noninteractive privacy preserving biometric authentication protocol; secure two-party computation protocol; somewhat homomorphic encryption scheme; Authentication; Encryption; Noise; Protocols; Public key; Servers (ID#: 15-7931)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7139180&isnumber=7139146

Costea, S.; Tapus, N., "Input Validation for the Laplace Differential Privacy Mechanism," in Control Systems and Computer Science (CSCS), 2015 20th International Conference on, pp. 469-474, 27-29 May 2015. doi: 10.1109/CSCS.2015.84

Abstract: Privacy is an increasing concern as the number of databases containing personal information grows. Differential privacy algorithms can be used to provide safe database queries through the insertion of noise. Attackers cannot recover pieces of the initial data with certainty, but this comes at the cost of data utility. Noise insertion leads to errors, and signal to noise ratio can become an issue. In such cases, current differential privacy mechanisms cannot inform the end user that the sanitized data might not be reliable. We propose a new differential privacy algorithm that signals the user when relative errors surpass a predefined threshold. This allows users running complex differential privacy algorithms, such as sequence processing or geographical data analysis, to improve utility through better management of large errors. We prove that our algorithm satisfies differential privacy, and perform a formal analysis of its performance. Finally, we provide guidelines on how to customize behaviour to improve results.

Keywords: data privacy; query processing; security of data; Laplace differential privacy mechanism; data utility; database query; differential privacy algorithm; error management; geographical data analysis; input validation; noise insertion; personal information; sequence processing; Algorithm design and analysis; Data privacy; Databases; Noise; Partitioning algorithms; Privacy; Sensitivity; Differential privacy; Laplace distribution; Privacy; Security (ID#: 15-7932)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7168470&isnumber=7168393

Lin Yuan; Korshunov, P.; Ebrahimi, T., "Privacy-Preserving Photo Sharing Based on a Secure JPEG," in Computer Communications Workshops (INFOCOM WKSHPS), 2015 IEEE Conference on, pp.185-190, April 26 2015-May 1 2015. doi: 10.1109/INFCOMW.2015.7179382

Abstract: Sharing photos online is a common activity on social networks and photo hosting platforms, such as Facebook, Pinterest, Instagram, or Flickr. However, after reports of citizens surveillance by governmental agencies and the scandalous leakage of celebrities private photos online, people have become concerned about their online privacy and are looking for ways to protect it. Popular social networks typically offer privacy protection solutions only in response to the public demand and therefore are often rudimental, complex to use, and provide limited degree of control and protection. Most solutions either allow users to control who can access the shared photos or for how long they can be accessed. In contrast, in this paper, we take a structured privacy by design approach to the problem of online photo privacy protection. We propose a privacy-preserving photo sharing architecture that takes into account content and context of a photo with privacy protection integrated inside the JPEG file itself in a secure way. We demonstrate the proposed architecture with a prototype mobile iOS application called ProShare that offers scrambling as the privacy protection tool for a selected region in a photo, secure access to the protected images, and secure photo sharing on Facebook.

Keywords: data protection; social networking (online); online photo privacy protection; privacy-preserving photo sharing architecture; secure JPEG file; structured privacy; Data privacy; Image reconstruction; Privacy; Security; Servers; Social network services; Transform coding (ID#: 15-7933)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7179382&isnumber=7179273

Prathima P; Rajendiran, Kishore; Shri Ranjani, G; Kurian, Preethi; Swarupa S, "Simple And Flexible Authentication Framework For Vehicular Ad Hoc Networks," in Communications and Signal Processing (ICCSP), 2015 International Conference on pp. 1176-1180, 2-4 April 2015. doi: 10.1109/ICCSP.2015.7322690

Abstract: Vehicular Adhoc NETwork (VANET) provides a variety of applications for road safety, traffic efficiency and driver assistance. VANET enables two types of communication. The communication among vehicles is called as Vehicle-to-Vehicle (V2V) communication and the communication between the vehicle and the infrastructure is called as Vehicle-to-Infrastructure (V2I) communication. This can help to build safer and smart roads by providing timely information to the vehicles. In such scenarios there is a possibility of wide variety of attacks and hence there is a need for a security framework that will protect the network from different types of security attacks. The major security issues in VANET include jamming, forgery, in-transit traffic tampering, impersonation, privacy violation, on-board tampering. To address some of these issues a proper authentication scheme is required. The objective is to reduce the computational burden in authentication between vehicles in a heavy traffic scenario. In the proposed system, the Road Side Units (RSU) takes the responsibility to check for message integrity and authenticate the users which reduce the burden of individual vehicles from authenticating each other. The performance is evaluated in terms of average end-to-end delay, packet delivery ratio. The results show that the performance of the proposed system is better when compared to the performance of the traditional way of allowing the individual vehicles to authenticate each other.

Keywords: Privacy; Read only memory; Roads; Schedules; Security; Vehicles; Vehicular ad hoc networks; Authentication; Average end-to-end delay; Packet delivery ratio; Vehicular Adhoc NETwork (ID#: 15-7934)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7322690&isnumber=7322423

Hajny, J.; Dzurenda, P.; Malina, L.; Zeman, V., "Cryptography for Privacy-Preserving Electronic Services," in Telecommunications and Signal Processing (TSP), 2015 38th International Conference on, pp. 596-600, 9-11 July 2015. doi: 10.1109/TSP.2015.7296333

Abstract: The paper contains the overview and analysis of modern cryptographic primitives which have a significant potential for the application in privacy-preserving cloud systems. We analyze the primitives for anonymous routing, the group signature schemes, the attribute authentication schemes and homomorphic encryption schemes. All these cryptographic constructions have appeared quite recently, most of them in the last decade. We show where these theoretic constructions can be used in practical systems. Furthermore, we show the architecture of an ideal privacy-preserving cloud system. In such a system, the users are protected against attacks on their data as well as on their digital identity and privacy. Using the privacy-preserving cloud system, the electronic services can be provided more securely and without unauthorized private data leaks. At the same time, the cloud service providers keep complete control over their assets and the accounting of services provided.

Keywords: cloud computing; cryptography; data protection; digital signatures; anonymous routing; attribute authentication schemes; cloud service providers; cryptography; group signature schemes; homomorphic encryption schemes; privacy-preserving cloud systems; privacy-preserving electronic services; user protection; Authentication; Cloud computing; Encryption; Privacy; Protocols; Privacy; anonymity; cloud services; cryptography; security (ID#: 15-7935)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7296333&isnumber=7296206

Hajny, J.; Malina, L.; Dzurenda, P., "Practical Privacy-Enhancing Technologies," in Telecommunications and Signal Processing (TSP), 2015 38th International Conference on, pp. 60-64, 9-11 July 2015. doi: 10.1109/TSP.2015.7296224

Abstract: The purpose of this paper is to provide an overview of current cryptographic Privacy-Enhancing Technologies (PETs) and show practical examples of services where these technologies can be deployed. In particular, the paper covers anonymous routing protocols, privacy-enhanced authentication systems and general-purpose systems like group signatures. Besides the overview of existing cryptographic technologies and relevant use-case scenarios, we provide also practical information regarding the performance of PETs on resource-restricted devices such as smart-cards, smart-phones and microcontrollers.

Keywords: cryptographic protocols; data privacy; digital signatures; anonymous routing protocol; cryptographic PET; cryptographic privacy-enhancing technology; general-purpose system; group signature; privacy-enhanced authentication systems; Access control; Authentication; Cryptography; Positron emission tomography; Privacy; Routing; Authentication; access control; cryptography; privacy; security (ID#: 15-7936)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7296224&isnumber=7296206

Tyagi, Amit Kumar; Sreenath, N., "Location Privacy Preserving Techniques for Location Based Services Over Road Networks," in Communications and Signal Processing (ICCSP), 2015 International Conference on, pp. 1319-1326, 2-4 April 2015. doi: 10.1109/ICCSP.2015.7322723

Abstract: With the rapid development of wireless and mobile technologies (LBS, Privacy of personal location information in location-based services of a vehicle ad-hoc network (VANET) users is becoming an increasingly important issue. LBSs provide enhanced functionalities, they open up new vulnerabilities that can be exploited to cause security and privacy breaches. During communication in LBSs, individuals (vehicle users) face privacy risks (for example location privacy, identity privacy, data privacy etc.) when providing personal location data to potentially untrusted LBSs. However, as vehicle users with mobile (or wireless) devices are highly autonomous and heterogeneous, it is challenging to design generic location privacy protection techniques with desired level of protection. Location privacy is an important issue in vehicular networks since knowledge of a vehicle's location can result in leakage of sensitive information. This paper focuses and discussed on both potential location privacy threats and preserving mechanisms in LBSs over road networks. The proposed research in this paper carries significant intellectual merits and potential broader impacts i.e. a) investigate the impact of inferential attacks (for example inference attack, position co-relation attack, transition attack and timing attack etc.) in LBSs for vehicular ad-hoc networks (VANET) users, and proves the vulnerability of using long-term pseudonyms (or other approaches like silent period, random encryption period etc.) for camouflaging users' real identities. b) An effective and extensible location privacy architecture based on the one approach like mix zone model with other approaches to protect location privacy are discussed. c) This paper addresses the location privacy preservation problems in details from a novel angle and provides a solid foundation for future research to protecting user's location information.

Keywords: Communication system security; Mobile communication; Mobile computing; Navigation; Privacy; Vehicles; Wireless communication; Location privacy; Location-Based Service; Mix zones; Mobile networks; Path confusion; Pseudonyms; k-anonymity (ID#: 15-7937)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7322723&isnumber=7322423

Dzurenda, P.; Hajny, J.; Zeman, V.; Vrba, K.; "Modern Physical Access Control Systems and Privacy Protection," in Telecommunications and Signal Processing (TSP), 2015 38th International Conference on, pp. 1-5, 9-11 July 2015. doi: 10.1109/TSP.2015.7296213

Abstract: The paper deals with current state of card based PAC (Physical Access Control) systems, especially their level of security and provided mechanisms for protecting users' privacy. We propose to use ABCs (Attribute-Based Credentials) to create Privacy-PAC system that provides greater protection of user privacy compared to classic systems. We define basic requirements for Privacy-PAC and provide a comparison of the current ABC systems by their usability in Privacy-PAC. Moreover, we show performance benchmarks of cryptographic primitives used in ABCs which were implemented on Multos and Java Card platforms.

Keywords: Java; authorisation; cryptography; data privacy; user interfaces; ABC; Java Card platforms; Multos platforms; Privacy-PAC system; attribute-based credentials; cryptographic primitives; modern physical access control systems; privacy protection; users privacy; Access control; Authentication; Ciphers; Privacy; Protocols; Privacy; anonymity; cryptography; physical access; security (ID#: 15-7938)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7296213&isnumber=7296206

Kulkarni, Pallavi; Khanai, Rajashri, "Addressing Mobile Cloud Computing Security Issues: A Survey," in Communications and Signal Processing (ICCSP), 2015 International Conference on, pp. 1463-1467, 2-4 April 2015. doi: 10.1109/ICCSP.2015.7322756

Abstract: The cloud heralds a new era of computing where application services are provided through the Internet. Cloud Computing is a flexible, cost-effective, and proven delivery platform for providing business or consumer IT services over the Internet. The computing capability of mobile systems is enhanced by Cloud computing. Mobile devices can rely on cloud computing and information storage resource, to perform computationally intensive operations such as searching, data mining, and multimedia processing. Along with traditional computation services it provides, mobile cloud also enhances the operation of traditional ad hoc network by treating mobile devices as service nodes, e.g., sensing services. The sensed information, such as location coordinates, health related information, should be processed and stored in a secure fashion to protect user's privacy in the cloud. While the economic ease for cloud computing is compelling, the security challenges it poses are equally striking. The security threats have become obstacles in the rapid adaptability of the mobile cloud computing paradigm. Significant efforts have been devoted in research organizations and academia to build secure mobile cloud computing environments and infrastructures. In spite of the efforts, there are a number of loopholes and challenges that still exist in the security policies of mobile cloud computing. We discuss these issues here, identifying the main vulnerabilities in this kind of systems and the most important threats found in the literature related to Cloud Computing and its environment as well as to identify and relate vulnerabilities and threats with possible solutions.

Keywords: Computer architecture; Cryptography; Mobile communication; Performance evaluation; Switches; Mobile Cloud Computing (MCC); Mobile Cloud Security; Mobile Computing (MC) (ID#: 15-7939)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7322756&isnumber=7322423

Tas, I.M.; Ugurdogan, B.; Tas, H., "Integrating VoIP/UC Security into the Holistic Information Security Planning," in Signal Processing and Communications Applications Conference (SIU), 2015 23th, pp.1002-1005, 16-19 May 2015. doi: 10.1109/SIU.2015.7130001

Abstract: VoIP has become an important component of modern corporate communications, and many enterprises depend entirely on it for voice and multimedia. As with most new technologies, there are both security opportunities and risks with VoIP and many of the security concerns associated with this technology are not being addressed. In financial institutions and other industries where there are strict regulatory controls to ensure the privacy of customer information, a continued lack of emphasis on VoIP security will eventually leave organizations open to legal risks. This study deals with the VoIP/UC security threats associated with enterprise communication along with business risks and impacts and provides VoIP/UC Security Best Practices Checklist in order to help integrating VoIP/UC into the holistic corporate information security planning.

Keywords: Internet telephony; business communication; computer network security; data privacy; security of data; VoIP-UC security threats; business risks; customer information privacy; enterprise communication; financial institutions; holistic information security planning; Best practices; IP networks; Industries; Information security; Internet telephony; Planning; Security; Security Planning; UC; VoIP; VoIP Security Best Practices; VoIP Security Checklist; VoIP/UC (ID#: 15-7940)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7130001&isnumber=7129794

Malina, L.; Hajny, J.; Zeman, V.; Vrba, K., "Security And Privacy in the Smart Grid Services," in Telecommunications and Signal Processing (TSP), 2015 38th International Conference on, pp. 71-75, 9-11 July 2015. doi: 10.1109/TSP.2015.7296226

Abstract: The paper focuses on the usability of privacy-enhancing cryptographic protocols and primitives for secure smart grid services. The paper introduces a security solution that is suitable for secure smart grid services providing the privacy protection of user during the data collection process. Our cryptographic solution is designed to ensure privacy protection, data authenticity, confidentiality and data integrity in heterogeneous smart grid networks which contain smart meters, embedded devices and smart grid appliances. Our solution uses lightweight cryptography to secure communication from constrained smart meters and provides privacy protection by using the group signatures that enable service providers to collect anonymized user data.

Keywords: cryptographic protocols; data privacy; power engineering computing; power system security; smart power grids; anonymized user data; cryptographic solution; data authenticity; data confidentiality; data integrity; heterogeneous smart grid networks; lightweight cryptography; privacy protection; privacy-enhancing cryptographic protocols; secure smart grid services; Encryption; Logic gates; Protocols; Smart grids; Smart meters; Data communication; cryptography; efficiency; group signatures; privacy; security; smart grid (ID#: 15-7941)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7296226&isnumber=7296206

Nemati, A.; Feizi, S.; Ahmadi, A.; Haghiri, S.; Ahmadi, M.; Alirezaee, S., "An Efficient Hardware Implementation of Few Lightweight Block Cipher," in Artificial Intelligence and Signal Processing (AISP), 2015 International Symposium on, pp. 273-278, 3-5 March 2015. doi: 10.1109/AISP.2015.7123493

Abstract: Radio-frequency identification (RFID) are becoming a part of our everyday life with a wide range of applications such as labeling products and supply chain management and etc. These smart and tiny devices have extremely constrained resources in terms of area, computational abilities, memory, and power. At the same time, security and privacy issues remain as an important problem, thus with the large deployment of low resource devices, increasing need to provide security and privacy among such devices, has arisen. Resource-efficient cryptographic incipient become basic for realizing both security and efficiency in constrained environments and embedded systems like RFID tags and sensor nodes. Among those primitives, lightweight block cipher plays a significant role as a building block for security systems. In 2014 Manoj Kumar et al proposed a new Lightweight block cipher named as FeW, which are suitable for extremely constrained environments and embedded systems. In this paper, we simulate and synthesize the FeW block cipher. Implementation results of the FeW cryptography algorithm on a FPGA are presented. The design target is efficiency of area and cost.

Keywords: cryptography; field programmable gate arrays; radiofrequency identification; FPGA; FeW cryptography algorithm; FeW lightweight block cipher; RFID; hardware implementation; radio-frequency identification; resource-efficient cryptographic incipient; security system; sensor node; Algorithm design and analysis; Ciphers; Encryption; Hardware; Schedules; Block Cipher; FeW Algorithm; Feistel structure; Field Programmable Gate Array (FPGA); High Level Synthesis (ID#: 15-7942)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7123493&isnumber=7123478

Vinayaga Sundaram, B.; Ramnath, M.; Prasanth, M.; Varsha Sundaram, J., "Encryption And Hash Based Security in Internet of Things," in Signal Processing, Communication and Networking (ICSCN), 2015 3rd International Conference on, pp. 1-6, 26-28 March 2015. doi: 10.1109/ICSCN.2015.7219926

Abstract: The Internet of Things (IoT) promises to be the next big revolution of the World Wide Web. It has a very wide range of applications, ranging from smart cities, smart homes, monitoring radiation levels in nuclear plants, animal tracking, health surveillance and a lot more. When nodes in wireless sensor networks are monitored through internet it becomes a part of Internet of Things. This brings in a lot of concerns related to security, privacy, standardization, power management. This paper aims at enhancing security in smart home systems. Devices like thermostat, air conditioners, doors and lighting systems are connected with each other and the internet through the internet of things technologies. Encryption and hash algorithms are proposed in this paper through which devices in the IoT can securely send messages between them. Encryption algorithm is used to ensure confidentiality as the attackers cannot interpret the cipher text that is sent. In order to ensure integrity (cipher text is not changed) hash algorithm is used.

Keywords: Internet; Internet of Things; Web sites; computer network security; cryptography; data integrity; home automation; telecommunication power management; wireless sensor networks; Internet; Internet of Things; World Wide Web; animal tracking; encryption; hash based security; health surveillance; loT; nuclear plant radiation level monitoring; power management; smart city; smart home system security enhancement; wireless sensor network; Cryptography; Monitoring; Prediction algorithms; Internet of Things; Security; Smart Homes; Wireless Sensor Networks (ID#: 15-7943)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7219926&isnumber=7219823

Tsung-Hsuan Hung; Sung-Hsien Hsieh; Chun-Shien Lu, "Privacy-Preserving Data Collection and Recovery of Compressive Sensing," in Signal and Information Processing (ChinaSIP), 2015 IEEE China Summit and International Conference on, pp. 473-477, 12-15 July 2015. doi: 10.1109/ChinaSIP.2015.7230447

Abstract: Energy-efficient data collection and privacy-preserving data recovery have received much attention recently. We propose the first encryption framework for the computation-intensive basis pursuit problem to be securely solved in the cloud with the data being efficiently collected using compressive sensing. We provide security and efficiency analyses to show the effectiveness of our method. Simulations and comparison with state-of-the-art are also conducted.

Keywords: cloud computing; compressed sensing; cryptography; data privacy; cloud computing; compressive sensing; computation-intensive basis pursuit problem; encryption framework; energy-efficient data collection; privacy-preserving data collection; privacy-preserving data recovery; Compressed sensing; Computational efficiency; Encryption; Polynomials; Sensors; Basis pursuit; compressive sensing; convex optimization; encryption; security (ID#: 15-7944)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7230447&isnumber=7230339

Saad, A.; Mohamed, A.; Elfouly, T.M.; Khattab, T.; Guizani, M., "Comparative Simulation for Physical Layer Key Generation Methods;" in Wireless Communications and Mobile Computing Conference (IWCMC), 2015 International, pp. 120-125, 24-28 Aug. 2015. doi: 10.1109/IWCMC.2015.7289068

Abstract: The paper cogitates about a comparative simulation for various distillation, reconciliation, and privacy amplification techniques that are used to generate secure symmetric physical layer keys. Elementary wireless model of two mobile nodes in the presence of a passive eavesdropper is used to perform the comparison process. Important modifications are proposed to some phases' techniques in order to increase the performance of the generation process as a whole. Different metrics were used for comparison in each phase, in the distillation phase, we use the Bit Mismatch Rate (BMR) for different SNR values to compare various extracted random strings of the two intended nodes. On the other hand, the messaging rate and process complexity is exploited to estimate the performance of the compared techniques in both reconciliation and privacy amplification phases. The randomness and entropy properties of the keys are verified using the NIST suite, all the generated keys are 128 bits, it is shown that the success rate of the keys passing the randomness tests depends strongly on the techniques that are used through the three generation phases.

Keywords: cryptography; BMR; SNR values; bit mismatch rate; elementary wireless model; messaging rate; mobile nodes; physical layer key generation methods; process complexity; Complexity theory; Phase measurement; Physical layer; Privacy; Receivers; Security; Signal to noise ratio; Physical layer security; cascaded techniques; distillation; physical layer key generation; privacy amplification; reconciliation (ID#: 15-7945)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7289068&isnumber=7288920

Kumar, K.A.; Gnanadeepa, S.; John, H.; Janani, G.K., "Survey on Security and Privacy Preserving Public Auditing for Content Storage in Cloud Environment," in Electrical, Electronics, Signals, Communication and Optimization (EESCO), 2015 International Conference on, pp. 1-4, 24-25 Jan. 2015. doi: 10.1109/EESCO.2015.7253779

Abstract: Cloud Computing provides the means of sharing various resources over the internet. Using storage as a service user can store as well as share the data remotely. The cloud data storage has many benefits over local data storage. Users should be able to use the data in cloud storage as if data is local, without worrying about the need to verify its integrity. But a challenge is providing data integrity. Public audit ability for cloud storage allows users to ask third-party auditor(TPA) to check the integrity of data. This paper discusses various issues related to privacy when user stores data in the cloud. Here we are going to analyze the techniques of providing privacy and security to data in cloud. By providing privacy-preserving public auditing using ring signature process secure cloud storage system can be implemented.

Keywords: auditing; cloud computing; data integrity; security of data; cloud computing; cloud data storage; cloud environment; content storage; data integrity; public auditing; ring signature process; Cloud computing; Cryptography; Data privacy; Privacy; Servers; Cloud Computing; data integrity; privacy preserving; public auditing (ID#: 15-7946)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7253779&isnumber=7253613

Note:

Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to news@scienceofsecurity.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.

Smart Grid Security 2015

	Smart Grid Security 2015

The primary value of published research in smart grid technologies--the use of cyber-physical systems to coordinate the generation, transmission, and use of electrical power and its sources is because of its strategic importance and the consequences of intrusion. Smart grid is of particular importance to the Science of Security in the areas of resilience, metrics, and composability. The work cited here was presented in 2015. It was selected by the editors for its relevance to the Science of Security hard problems.

---

Mahmoud, M.M.E.A.; Misic, J.; Akkaya, K.; Shen, X., "Investigating Public-Key Certificate Revocation in Smart Grid," in Internet of Things Journal, IEEE, vol. 2, no. 6, pp.490-503, Dec. 2015.doi: 10.1109/JIOT.2015.2408597

Abstract: The public key cryptography (PKC) is essential for securing many applications in smart grid. For the secure use of the PKC, certificate revocation schemes tailored to smart grid applications should be adopted. However, little work has been done to study certificate revocation in smart grid. In this paper, we first explain different motivations that necessitate revoking certificates in smart grid. We also identify the applications that can be secured by PKC and thus need certificate revocation. Then, we explain existing certificate revocation schemes and define several metrics to assess them. Based on this assessment, we identify the applications that are proper for each scheme and discuss how the schemes can be modified to fully satisfy the requirements of its potential applications. Finally, we study certificate revocation in pseudonymous public key infrastructure (PPKI), where a large number of certified public/private keys are assigned for each node to preserve privacy. We target vehicles-to-grid communications as a potential application. Certificate revocation in this application is a challenge because of the large number of certificates. We discuss an efficient certificate revocation scheme for PPKI, named compressed certificate revocation lists (CRLs). Our analytical results demonstrate that one revocation scheme cannot satisfy the overhead/security requirements of all smart grid applications. Rather, different schemes should be employed for different applications. Moreover, we used simulations to measure the overhead of the schemes.

Keywords: Electricity; Measurement; Privacy; Public key; Smart grids; Substations; Certificate revocation schemes; public key cryptography; public key cryptography (PKC); smart grid communication security (ID#: 15-7994)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7054434&isnumber=7331244

YooJin Kwon; Huy Kang Kim; Yong Hun Lim; Jong In Lim, "A behavior-based intrusion detection technique for smart grid infrastructure," in PowerTech, 2015 IEEE Eindhoven , vol., no., pp.1-6, June 29 2015-July 2 2015

doi: 10.1109/PTC.2015.7232339

Abstract: A smart grid is a fully automated electricity network, which monitors and controls all its physical environments of electricity infrastructure being able to supply energy in an efficient and reliable way. As the importance of cyber-physical system (CPS) security is growing, various intrusion detection algorithms to protect SCADA system and generation sector have been suggested, whereas there were less consideration on distribution sector. Thus, this paper first highlights the significance of CPS security, especially the availability as the most important factor in smart grid environment. Then this paper classifies various modern intrusion detection system (IDS) techniques for securing smart grid network. In our approach, we propose a novel behavior-based IDS for IEC 61850 protocol using both statistical analysis of traditional network features and specification-based metrics. Finally, we present the attack scenarios and detection methods applicable for IEC 61850-based digital substation in Korean environment.

Keywords: IEC standards; SCADA systems; power engineering computing; power system security; security of data; smart power grids; statistical analysis; substation protection; CPS security; IEC 61850 protocol; Korean environment; SCADA system protection; behavior-based IDS; behavior-based intrusion detection technique; cyber physical system security; digital substation; electricity infrastructure physical environment; fully automated electricity network reliability; smart grid infrastructure; statistical analysis; Clustering algorithms;Indexes;Inductors;Measurement;Security;Cyber-physical system; IEC 61850;anomaly detection; intrusion detection; smart grid (ID#: 15-7995)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7232339&isnumber=7232233

Belghith, A.; Aissa, M., "M2M Performance Metrics: Challenges, Solutions and Research Opportunities," in Web Applications and Networking (WSWAN), 2015 2nd World Symposium on, pp. 1-7, 21-23 March 2015. doi: 10.1109/WSWAN.2015.7210309

Abstract: Machine-to-machine (M2M) communications have emerged as a cutting edge technology for next-generation communications, and are undergoing rapid development and inspiring numerous applications. Machine-to-machine (M2M) communications could enable machines to exchange information without the direct human intervention. Machines in M2M systems could not only collect data for their own use, but also share the data with other machines intelligently. Therefore, M2M communications could be employed efficiently in smart grid, vehicular network, as well as real-time monitoring of patients in e-healthcare system, and so on. This contribution highlights the challenges which arise from M2M performance metrics. We extend our work to highlight the most recent solutions for these challenges and research derived from literature.

Keywords: biomedical communication; health care; next generation networks; patient monitoring; telecommunication security; vehicular ad hoc networks; M2M communications; M2M performance metrics; e-healthcare system; information exchange; machine-to-machine communications; next-generation communications; real-time patient monitoring; smart grid; vehicular network; Long Term Evolution; Measurement; Security; Sensors; Smart grids; Wireless communication; Wireless sensor networks;M2M;QoS;energy efficiency; performance metrics; security (ID#: 15-7996)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7210309&isnumber=7209078

Vellaithurai, C.; Srivastava, A.; Zonouz, S.; Berthier, R., "CPIndex: Cyber-Physical Vulnerability Assessment for Power-Grid Infrastructures," in Smart Grid, IEEE Transactions on, vol. 6, no. 2, pp.566-575, March 2015. doi: 10.1109/TSG.2014.2372315

Abstract: To protect complex power-grid control networks, power operators need efficient security assessment techniques that take into account both cyber side and the power side of the cyber-physical critical infrastructures. In this paper, we present CPINDEX, a security-oriented stochastic risk management technique that calculates cyber-physical security indices to measure the security level of the underlying cyber-physical setting. CPINDEX installs appropriate cyber-side instrumentation probes on individual host systems to dynamically capture and profile low-level system activities such as interprocess communications among operating system assets. CPINDEX uses the generated logs along with the topological information about the power network configuration to build stochastic Bayesian network models of the whole cyber-physical infrastructure and update them dynamically based on the current state of the underlying power system. Finally, CPINDEX implements belief propagation algorithms on the created stochastic models combined with a novel graph-theoretic power system indexing algorithm to calculate the cyber-physical index, i.e., to measure the security-level of the system's current cyber-physical state. The results of our experiments with actual attacks against a real-world power control network shows that CPINDEX, within few seconds, can efficiently compute the numerical indices during the attack that indicate the progressing malicious attack correctly.

Keywords: Bayes methods; graph theory; power engineering computing; power grids; power system control; power system security; risk management; stochastic processes; CPIndex; cyber-physical critical infrastructures; cyber-physical security indices; cyber-physical vulnerability assessment; cyber-side instrumentation probes; graph-theoretic power system indexing algorithm; interprocess communications; numerical indices; operating system assets; power network configuration; power operators; power-grid Infrastructures; power-grid control networks; security assessment techniques; security-oriented stochastic risk management technique; stochastic Bayesian network models; Generators; Indexes; Power measurement; Security; Smart grids; Cyber-physical security metrics; cyber-physical systems; intrusion detection systems; situational awareness (ID#: 15-7997)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6979242&isnumber=7042857

Yan Xu; Zhao Yang Dong; Chixin Xiao; Rui Zhang; Kit Po Wong, "Optimal Placement of Static Compensators for Multi-Objective Voltage Stability Enhancement of Power Systems," in Generation, Transmission & Distribution, IET , vol.9, no.15, pp.2144-2151, 11 19 2015. doi: 10.1049/iet-gtd.2015.0070

Abstract: Static compensators (STATCOMs) are able to provide rapid and dynamic reactive power support within a power system for voltage stability enhancement. While most of previous research focuses on only an either static or dynamic (short-term) voltage stability criterion, this study proposes a multi-objective programming (MOP) model to simultaneously minimise (i) investment cost, (ii) unacceptable transient voltage performance, and (iii) proximity to steady-state voltage collapse. The model aims to find Pareto optimal solutions for flexible and multi-objective decision-making. To account for multiple contingencies and their probabilities, corresponding risk-based metrics are proposed based on respective voltage stability measures. Given the two different voltage stability criteria, a strategy based on Pareto frontier is designed to identify critical contingencies and candidate buses for STATCOM connection. Finally, to solve the MOP model, an improved decomposition-based multi-objective evolutionary algorithm is developed. The proposed model and algorithm are demonstrated on the New England 39-bus test system, and compared with state-of-the-art solution algorithms.

Keywords: Pareto optimisation; cost reduction; evolutionary computation; power system dynamic stability; power system economics; power system reliability; power system security; power system transient stability; probability; risk management; stability criteria; static VAr compensators; voltage regulators; MOP model; New England 39-bus test system; Pareto optimal solutions; decomposition-based multiobjective evolutionary algorithm; dynamic reactive power support; investment cost minimisation; multiobjective decision-making; multiobjective programming model; multiobjective voltage stability enhancement; multiple contingencies; optimal static compensators placement; power system; proximity minimisation; risk-based metrics; steady-state voltage collapse; unacceptable transient voltage performance minimisation; voltage stability criteria; voltage stability measures (ID#: 15-7998)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7328457&isnumber=7328433

Zhuo Lu; Wenye Wang; Wang, C., "Camouflage Traffic: Minimizing Message Delay for Smart Grid Applications under Jamming," in Dependable and Secure Computing, IEEE Transactions on, vol. 12, no. 1, pp.31-44, Jan.-Feb. 1 2015. doi: 10.1109/TDSC.2014.2316795

Abstract: Smart grid is a cyber-physical system that integrates power infrastructures with information technologies. To facilitate efficient information exchange, wireless networks have been proposed to be widely used in the smart grid. However, the jamming attack that constantly broadcasts radio interference is a primary security threat to prevent the deployment of wireless networks in the smart grid. Hence, spread spectrum systems, which provide jamming resilience via multiple frequency and code channels, must be adapted to the smart grid for secure wireless communications, while at the same time providing latency guarantee for control messages. An open question is how to minimize message delay for timely smart grid communication under any potential jamming attack. To address this issue, we provide a paradigm shift from the case-by-case methodology, which is widely used in existing works to investigate well-adopted attack models, to the worst-case methodology, which offers delay performance guarantee for smart grid applications under any attack. We first define a generic jamming process that characterizes a wide range of existing attack models. Then, we show that in all strategies under the generic process, the worst-case message delay is a U-shaped function of network traffic load. This indicates that, interestingly, increasing a fair amount of traffic can in fact improve the worst-case delay performance. As a result, we demonstrate a lightweight yet promising system, transmitting adaptive camouflage traffic (TACT), to combat jamming attacks. TACT minimizes the message delay by generating extra traffic called camouflage to balance the network load at the optimum. Experiments show that TACT can decrease the probability that a message is not delivered on time in order of magnitude.

Keywords: jamming; power system security; probability; radio networks; radiofrequency interference; smart power grids; telecommunication security; telecommunication traffic; TACT; U-shaped function; camouflage traffic; code channel; control messages; cyber-physical system; delay performance guarantee; existing attack model; generic jamming process; information exchange; information technologies; jamming attack; jamming resilience; latency guarantee; message delay minimization; multiple-frequency channel; network load balance; network traffic load; power infrastructures; primary security threat; probability; radio interference broadcast; smart grid application; smart grid communication; spread spectrum systems; transmitting adaptive camouflage traffic; well-adopted attack model; wireless communication security; wireless network deployment; worst-case message delay; Communication system security; Delays; Power distibution; Receivers; Smart grids; Wireless networks; Smart grid; jamming attacks; message delay; performance modeling; wireless applications; worst-case analysis (ID#: 15-7999)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6786992&isnumber=7008601

Ying Bi; Jamalipour, A., "A Time Correlated Attacker-Defender Model for Smart Grid Communication Networks," in Communications (ICC), 2015 IEEE International Conference on, pp. 815-819, 8-12 June 2015. doi: 10.1109/ICC.2015.7248422

Abstract: The research on smart grid security has led to several important results. Nevertheless, previous works neglect to consider the time-varying properties of smart grid, which in many attack strategies play a pivotal role. Mainly because of the time-varying collaboration among communication agents and the time-varying confrontation between defenders and attackers, smart grid communication network should not be considered as a static entity. Understanding the smart grid resilience through time-varying analysis is thus crucial to both the grid protection and to the design of new countermeasures against cyber threats. In this work we attempt to bring time dimension into smart grid security analysis. In each time step, attackers determine the attack targets based on a 2-state Markov process. Defenders (smart meters) are empowered with two defense actions: either to monitor their neighbors which requires more resources but yields timely discovery of attacks, or not to monitor their neighbors which saves resources but leads to slow response to attacks. Defenders choose between the two by estimating the attack probability based on previous time slots. The objective of defenders is to minimize their defense cost. Simulation results are provided to demonstrate the superior performance of the proposed scheme over the conventional methods.

Keywords: power system security; smart power grids; telecommunication security; 2-state Markov process; smart grid communication networks; smart grid security analysis; time correlated attacker-defender model; Communication networks; Markov processes; Monitoring; Nickel; Security; Smart grids; Smart meters (ID#: 15-8000)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7248422&isnumber=7248285

Hoefling, M.; Heimgaertner, F.; Menth, M.; Katsaros, K.V.; Romano, P.; Zanni, L.; Kamel, G., "Enabling Resilient Smart Grid Communication over the Information-Centric C-DAX Middleware," in Networked Systems (NetSys), 2015 International Conference and Workshops on, pp. 1-8, 9-12 March 2015. doi: 10.1109/NetSys.2015.7089080

Abstract: Limited scalability, reliability, and security of today's utility communication infrastructures are main obstacles to the deployment of smart grid applications. The C-DAX project aims at providing and investigating a communication middleware for smart grids to address these problems, applying the information-centric networking and publish/subscribe paradigm. We briefly describe the C-DAX architecture, and extend it with a flexible resilience concept, based on resilient data forwarding and data redundancy. Different levels of resilience support are defined, and their underlying mechanisms are described. Experiments show fast and reliable performance of the resilience mechanism.

Keywords: middleware; power engineering computing; smart power grids; communication middleware; data redundancy; flexible resilience concept; information-centric C-DAX middleware; information-centric networking; publish/subscribe paradigm; resilient data forwarding; resilient smart grid communication; smart grids; utility communication infrastructures; Delays; Monitoring; Reliability; Resilience; Security; Subscriptions; Synchronization (ID#: 15-8001)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7089080&isnumber=7089054

Gamage, T.; Zweigle, G.; Venkathasubramanian, M.; Hauser, C.; Bakken, D., "Towards Grid Resilience: A Proposal for a Progressive Control Strategy," in Green Technologies Conference (GreenTech), 2015 Seventh Annual IEEE, pp. 58-65, 15-17 April 2015. doi: 10.1109/GREENTECH.2015.25

Abstract: This white paper describes preliminary research on the use of progressive control strategies to improve the advanced electric power grid's resilience to major grid disturbances. The proposed approach calls to leverage real-time wide-area monitoring and control capabilities to provide globally coordinated distributed control actions under stressed conditions. To that end, the paper illustrates the proposed concept using case studies drawn from major North American blackouts, discusses design challenges, and proposes the design of a Grid Integrity Management System (GIMS) to manage the required communication and computation to meet these challenges.

Keywords: power grids; power system control; power system faults; power system measurement; power system reliability; GIMS; North American blackouts; electric power grid resilience; grid disturbance; grid integrity management system; progressive control strategy; wide area monitoring; Generators; Load modeling; Monitoring; Power system stability; Real-time systems; Stability analysis; QoS; RAS; cyber-physical systems; distributed control; model predictive control; security; smart grid (ID#: 15-8002)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7150230&isnumber=7150207

Wente Zeng; Yuan Zhang; Mo-yuen Chow, "A Resilient Distributed Energy Management Algorithm for Economic Dispatch in the Presence of Misbehaving Generation Units," in Resilience Week (RWS), 2015, pp. 1-5, 18-20 Aug. 2015. doi: 10.1109/RWEEK.2015.7287411

Abstract: The legacy power system is gradually evolving into the smart grid. A variety of distributed control algorithms are being applied for smart grid energy management applications because of their flexibility, robustness, and local communication and computation features. These algorithms, however, increase the vulnerability of smart grid to adversaries. Thus, there is an urgent need to protect the distributed energy management algorithms from malicious cyber-attacks. A reputation-based distributed energy management algorithm is proposed to guarantee an accurate control computation in distributed energy management algorithms to solve the economic dispatch problem in the presence of misbehaving generation units. The proposed method is capable of performing a resilient distributed control without a central coordinator and allows all the well behaving generation units to reach the correct state asymptotically. The effectiveness of the proposed method is illustrated through simulation case studies.

Keywords: distributed control; energy management systems; power generation control; power generation dispatch; power generation economics; power generation protection; smart power grids; distributed control algorithm; economic dispatch problem; legacy power system; malicious cyber-attack; misbehaving generation unit; reputation-based distributed energy management algorithm; smart grid energy management applications; Convergence; Economics; Energy management; Integrated circuits; Security; Smart grids; Economic dispatch; reputation system; resilient distributed energy management (ID#: 15-8003)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7287411&isnumber=7287407

Verissimo, P.E., "MB4CP 2015 Keynote II: Resilience of Cyber-Physical Energy Systems," in Dependable Systems and Networks Workshops (DSN-W), 2015 IEEE International Conference on, pp. 3-3, 22-25 June 2015. doi: 10.1109/DSN-W.2015.42

Abstract: Electrical utility infrastructures have become largely computerized, remotely/automatically controlled, and interconnected, amongst each other and with other types of critical infrastructures, and we are witnessing the explosion of new paradigms: distributed generation, smart grids. In this accelerated mutation of power grids to cyber-physical systems, may it be that some things are "lost in translation"? Are we using the right models to represent, design, build and analyze cyber physical energy systems? Especially when what used to be an electrical infrastructure became quite susceptible to computer-borne problems such as digital accidental faults and malicious cyber-attacks? This talk will challenge the audience with some reflections and points for discussion along these topics.

Keywords: distributed power generation; electricity supply industry; smart power grids; cyber-physical energy systems; distributed generation; electrical utility infrastructures; power grids; smart grids; Computational modeling; Conferences; Distributed power generation; Explosions; Resilience; Security; Smart grids (ID#: 15-8004)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7272543&isnumber=7272533

Yingyun Sun; Zuyi Li; Shahidehpour, M.; Bo Ai, "Battery-Based Energy Storage Transportation for Enhancing Power System Economics and Security," in Smart Grid, IEEE Transactions on, vol. 6, no. 5, pp.2395-2402, Sept. 2015. doi: 10.1109/TSG.2015.2390211

Abstract: This paper evaluates the effect of integrating battery-based energy storage transportation (BEST) by railway transportation network on power grid operation and control. A time-space network model is adopted to represent transportation constraints. The proposed model integrates the hourly security-constrained unit commitment with vehicle routing problem. The BEST solution provides the locational and hourly charging/discharging schedule of the battery storage system. The mobility of BEST will be of particular interest for enhancing the power system resilience in disaster areas where the transmission grid is congested or on outrage. Two cases are used to simulate the BEST including a six-bus power system linking with a three-station railway system, as well as the IEEE 118-bus systems linking with an eight-station railway system. The results show that under certain conditions, the mobility of battery storage system can economically relieve the transmission congestion and lower the operation costs.

Keywords: battery storage plants; power generation scheduling; power system economics; power system security; railway engineering; vehicle routing; BEST; battery storage system; battery-based energy storage transportation; hourly charging-discharging schedule; hourly security-constrained unit commitment; power grid control; power grid operation; power system economics; power system security; railway transportation network; time-space network model; transmission grid; vehicle routing problem; Batteries; Mathematical model; Power grids; Rail transportation; Renewable energy sources; Battery-based energy storage transportation (BEST); mixed-integer programming (MIP); security-constraint unit commitment (SCUC); time-space network (TSN) (ID#: 15-8005)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7024941&isnumber=7210244

Yingmeng Xiang; Lingfeng Wang; Yichi Zhang, "Power Grid Adequacy Evaluation Involving Substation Cybersecurity Issues," in Innovative Smart Grid Technologies Conference (ISGT), 2015 IEEE Power & Energy Society, pp. 1-5, 18-20 Feb. 2015. doi: 10.1109/ISGT.2015.7131815

Abstract: Modern power systems heavily rely on the associated cyber network, so it is crucial to develop novel methods to evaluate the overall power system adequacy considering the substation cybersecurity issues. In this study, human dynamic is applied to simulate the temporal behavior pattern of cyber attackers. The Markov game and static game are utilized to model the intelligent attack/defense behaviors in different attack scenarios. A novel framework for power system adequacy assessment incorporating the cyber and physical failures is proposed. Simulations are conducted based on a representative reliability test system, and the influences of critical parameters on system adequacy are carefully examined. It is concluded that effective measures should be implemented to ensure the overall system adequacy, and informed decisions should be made to allocate the limited resources for enhancing the cybersecurity of cyber-physical power grids.

Keywords: Markov processes; failure analysis; game theory; power grids; power system faults; power system reliability; power system security; security of data; substation protection; Markov game; cyber failure; cyber network; cyber-physical power grid adequacy evaluation; intelligent attack behavior; intelligent defense behavior; overall power system adequacy evaluation; physical failure; power system adequacy assessment; representative reliability test system; static game; substation cybersecurity issues; temporal behavior pattern simulation; Computer security; Game theory; Games; Markov processes; Power system dynamics; Substations; Adequacy assessment; cyber security; cyber-physical systems; game theory; human dynamics (ID#: 15-8006)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7131815&isnumber=7131775

Procopiou, A.; Komninos, N., "Current and Future Threats Framework in Smart Grid Domain," in Cyber Technology in Automation, Control, and Intelligent Systems (CYBER), 2015 IEEE International Conference on, pp. 1852-1857, 8-12 June 2015. doi: 10.1109/CYBER.2015.7288228

Abstract: Due to smart grid's complex nature and criticality as an infrastructure, it is important to understand the key actors on each domain in depth so the potential vulnerabilities that can rise are identified. Furthermore, the correct identification of threats affecting the smart grid's normal functionality must be realised, as well as what impact these threats can have so appropriate countermeasures are implemented. In this paper a list of vulnerabilities that weaken the smart grid is outlined. Also structured analysis of attacks regarding the three key security objectives across the different layers is presented along with appropriate examples applicable to the smart grid infrastructure and what impact each of them has to the smart grid on each case. Finally, a set of new attack scenarios that focus on attacks being initiated from the smart home part of the smart grid is described targeting these security objectives with the potential consequences they can cause to the smart grid.

Keywords: power system security; smart power grids; attack scenarios; correct threat identification; future threats framework; key security objectives; normal functionality; potential vulnerability identification; smart grid domain; Density estimation robust algorithm; Floods; Least squares approximations; Protocols; Security; Smart grids; Smart meters; Attacks; Availability; Confidentiality; Information Security; Integrity; Smart Grid; Threats; Vulnerabilities (ID#: 15-8007)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7288228&isnumber=7287893

Delgado-Gomes, V.; Martins, J.F.; Lima, C.; Nicolae Borza, P., "Smart Grid Security Issues," in Compatibility and Power Electronics (CPE), 2015 9th International Conference on, pp. 534-538, 24-26 June 2015. doi: 10.1109/CPE.2015.7231132

Abstract: The smart grid concept is being fostered due to required evolution of the power network to incorporate distributed energy sources (DES), renewable energy sources (RES), and electric vehicles (EVs). The inclusion of these components on the smart grid requires an information and communication technology (ICT) layer in order to exchange information, control, and monitor the electrical components of the smart grid. The two-way communication flows brings cyber security issues to the smart grid. Different cyber security countermeasures need to be applied to the heterogeneous smart grid according to the computational resources availability, time communication constraints, and sensitive information data. This paper presents the main security issues and challenges of a cyber secure smart grid, whose main objectives are confidentiality, integrity, authorization, and authentication of the exchanged data.

Keywords: authorisation; data integrity; distributed power generation; power engineering computing; power system security; renewable energy sources; smart power grids; DES; ICT; RES; computational resources availability; cyber secure smart grid; cyber security; data authentication; data authorization; data confidentiality; data integrity; distributed energy sources; electric vehicles; information and communication technology; power network evolution; renewable energy sources; smart grid security; time communication constraints; two-way communication flow; Computer security; Monitoring; NIST; Privacy; Smart grids; Smart grid; challenges; cyber security; information and communication technology (ICT) (ID#: 15-8008)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7231132&isnumber=7231036

Cheung, H.; Cungang Yang; Cheung, H., "New Smart-Grid Operation-Based Network Access Control," in Energy Conversion Congress and Exposition (ECCE), 2015 IEEE, pp. 1203-1207, 20-24 Sept. 2015. doi: 10.1109/ECCE.2015.7309828

Abstract: Changes due to increasing use of equipment with communication capability in electricity distribution systems, development of microgrids, government-imposed electricity-market open access competitions, etc., have let electricity utilities in a greater reliance on communication networks for smart-grid operations that include monitoring, protection, control, and time-of-use metering. This paper presents a new smart-grid network access control strategy and a new operation-based access model in order to increase the grid-access security and grid-operation efficiency. The new access model extends the network access control from a traditional single security domain to multiple domains specifically designed for interconnected microgrids. A security policy to simplify power-grid network security administrations is proposed, the authorization is independently defined and separated from policy representations as well as implementation mechanisms, and digital credential is introduced to establish trust and role assignments for users in different microgrid domains. The proposed smart-grid operation-based network access control has significant advantages over the standard role-based access control for application on smart-grid operations. This paper presents case studies for illustrating this new smart-grid operation-based network access controls.

Keywords: authorisation; computer network security; power engineering computing; smart power grids; trusted computing; electricity distribution system; grid access security; interconnected microgrids; network access control; operation based access model; power grid network administration; power grid network security; role assignment; smart grid operation; trust assignment; Access control; Authentication; Computer architecture; Microgrids; Monitoring; Smart grids; network access; network security; operation access control; smart grids (ID#: 15-8009)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7309828&isnumber=7309651

Rietveld, G.; Braun, J.-P.; Martin, R.; Wright, P.; Heins, W.; Ell, N.; Clarkson, P.; Zisky, N., "Measurement Infrastructure to Support the Reliable Operation of Smart Electrical Grids," in Instrumentation and Measurement, IEEE Transactions on, vol. 64, no. 6, pp. 1355-1363, June 2015. doi: 10.1109/TIM.2015.2406056

Abstract: Grid operators are facing a significant challenge in ensuring continuity and quality of electricity supply, while more and more renewable energy sources are connected to the grid. The resulting evolvement of so-called smart grids strongly relies on the availability of reliable measurement data for monitoring and control of these grids. This paper presents an overview of the results achieved in recent smart grid metrology research in Europe, aiming to realize the required metrology infrastructure for ensuring security and quality of supply in future smart electrical grids. A consortium of 22 metrology and research institutes has made significant steps in modeling of smart grids, enhancement of the revenue metering infrastructure, performance and evaluation of onsite power quality campaigns, and the development of a metrological framework for traceability of smart grid phasor measurements.

Keywords: phasor measurement; power supply quality; power system control; power system reliability; power system security; renewable energy sources; smart power grids; Europe; electricity supply; grid operators; measurement data; measurement infrastructure; metrology infrastructure; onsite power quality campaigns; renewable energy sources; revenue metering infrastructure; smart electrical grids; smart grid metrology research; smart grid phasor measurements; Calibration; Current measurement; Harmonic analysis; Metrology; Phasor measurement units; Smart grids; Uncertainty; Electrical grids; grid modeling; metrology; phasor measurement unit; power quality (PQ); revenue metering; smart grid; synchrophasor; synchrophasor (ID#: 15-8010)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7089250&isnumber=7104190

Inshil Doh; Jiyoung Lim; Kijoon Chae, "Secure Authentication for Structured Smart Grid System," in Innovative Mobile and Internet Services in Ubiquitous Computing (IMIS), 2015 9th International Conference on, pp. 200-204, 8-10 July 2015. doi: 10.1109/IMIS.2015.32

Abstract: An important application area for M2M (Machine to Machine) or IoT (Internet of Things) technology is smart grid system which plays an important role in electric power transmission, electricity distribution, and demand-driven control for the energy. To make the smart grid system more reliable and stable, security is the major issue to be provided with the main technologies. In this work, we propose an authentication mechanism between the utility system and the smart meters which gather the energy consumption data from electrical devices in layered smart grid system. Our proposal enhances the smart grid system integrity, availability and robustness by providing security with low overhead.

Keywords: Internet of Things; message authentication; smart power grids; telecommunication security; Internet of things technology; IoT; M2M;demand-driven control; electric power transmission; electrical devices; electricity distribution; energy consumption data; layered smart grid system; machine to machine; secure authentication; smart meters; structured smart grid system; utility system; Authentication; Proposals; Protocols; Servers; Smart grids; Smart meters; IoT; M2M; authentication; security; structured smart grid (ID#: 15-8011)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7284948&isnumber=7284886

Zhiwei Wang; Feng Chen; Aidong Xia; "Attribute-Based Online/Offline Encryption in Smart Grid;" in Computer Communication and Networks (ICCCN), 2015 24th International Conference on, pp. 1-5, 3-6 Aug. 2015. doi: 10.1109/ICCCN.2015.7288380

Abstract: A smart grid is a modernized electrical grid that uses distribution networks to deliver electricity. It aims to gather and act on information, such as information about the behaviors of grid entities, in an automated fashion to improve the efficiency, security and reliability. It is important that the sensitive information should be shared securely among the grid entities. In smart grid, smart devices (e.g., smart meters) usually have limited computational capability. In this paper, we propose an online/offline attribute based encryption (ABE) scheme based J.Hur's ABE scheme with hidden policy. In our scheme, the advantages of J.Hur's scheme are kept. Thus, the data privacy and policy privacy are all preserved well. The computational overhead of encryptors are reduced by splitting the computation for encryption algorithm into two phases: online/offline. Most of the laborious decryption operations are delegated to the offline phase. The online phase can then rapidly assemble an ABE ciphertext when the message and the attribute control policy become known.

Keywords: cryptography; data privacy; distribution networks; power system reliability; power system security; smart meters; smart power grids; ABE ciphertext; J.Hur ABE scheme; attribute based encryption scheme; data privacy; distribution networks; encryption algorithm; online/offline encryption; policy privacy; reliability; security; smart devices; smart grid; smart meters; Encryption; Public key; Receivers; Smart grids; Smart meters}, (ID#: 15-8012)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7288380&isnumber=7288342

---

Note:

Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to news@scienceofsecurity.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.

---

System Recovery 2015

	System Recovery 2015

System recovery following an attack is a core cybersecurity issue. Current research into methods to undo data manipulation and to recover lost or extruded data in distributed, cloud-based or other large scale complex systems is discovering new approaches and methods. For the Science of Security community, it is an essential element of resiliency. The articles cited here are from 2015.

---

Di Martino, C.; Kramer, W.; Kalbarczyk, Z.; Iyer, R., "Measuring and Understanding Extreme-Scale Application Resilience: A Field Study of 5,000,000 HPC Application Runs," in Dependable Systems and Networks (DSN), 2015 45th Annual IEEE/IFIP International Conference on, pp. 25-36, 22-25 June 2015. doi: 10.1109/DSN.2015.50

Abstract: This paper presents an in-depth characterization of the resiliency of more than 5 million HPC application runs completed during the first 518 production days of Blue Waters, a 13.1 petaflop Cray hybrid supercomputer. Unlike past work, we measure the impact of system errors and failures on user applications, i.e., the compiled programs launched by user jobs that can execute across one or more XE (CPU) or XK (CPU+GPU) nodes. The characterization is performed by means of a joint analysis of several data sources, which include workload and error/failure logs. In order to relate system errors and failures to the executed applications, we developed LogDiver, a tool to automate the data pre-processing and metric computation. Some of the lessons learned in this study include: i) while about 1.53% of applications fail due to system problems, the failed applications contribute to about 9% of the production node hours executed in the measured period, i.e., the system consumes computing resources, and system-related issues represent a potentially significant energy cost for the work lost, ii) there is a dramatic increase in the application failure probability when executing full-scale applications: 20x (from 0.008 to 0.162) when scaling XE applications from 10,000 to 22,000 nodes, and 6x (from 0.02 to 0.129) when scaling GPU/hybrid applications from 2000 to 4224 nodes, and iii) the resiliency of hybrid applications is impaired by the lack of adequate error detection capabilities in hybrid nodes.

Keywords: Cray computers; failure analysis; parallel machines; parallel processing; system monitoring; system recovery; Blue Waters; Cray hybrid supercomputer; HPC application runs;LogDiver; application failure probability; error-failure logs; extreme-scale application resilience; system errors; system failures; workload logs; Blades; Graphics processing units;Hardware; Random access memory; Servers; Torque; Xenon; application resilience; data analysis; data-driven resilience; extreme-scale; hybrid machines; resilience; supercomputer (ID#: 15-8038)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7266835&isnumber=7266818

Padma, V.; Yogesh, P., "Proactive failure recovery in OpenFlow based Software Defined Networks," in Signal Processing, Communication and Networking (ICSCN), 2015 3rd International Conference on, pp. 1-6, 26-28 March 2015. doi: 10.1109/ICSCN.2015.7219846

Abstract: Software Defined Networking (SDN) is a network architecture that decouples the control and data planes. SDN enables network control to become directly programmable and the underlying infrastructure to be abstracted from the network services. The foundation for open standards based software defined networking is the OpenFlow protocol. The OpenFlow architecture which is originally designed for Local Area Networks (LANs), doesn't include effective mechanisms for fast resiliency. But metro, carrier grade Ethernet networks and industrial area networks have to guarantee fast resiliency upon network failure. This paper experiments the link protection scheme that aims to enhance the OpenFlow architecture by adding fast recovery mechanisms in the switch and the controller. This is achieved by enabling the controller to add backup paths proactively along with the working paths and enabling the switches to perform the recovery actions locally. As this avoids controller intervention during recovery, the recovery time solely depends upon the failure detection time of the switch. As this will be less compared to the switch-controller round trip time, this gives better results. The performance of the system is evaluated by finding the packet loss and switch over time and comparing it with the current OpenFlow implementations. The system performs reasonably better than the existing systems in terms of switch over time. However the number of backup path entries increase relatively.

Keywords: computer network reliability; local area networks; protocols; signal detection ;software defined networking; LAN; OpenFlow protocol architecture; SDN architecture; carrier grade Ethernet network; controller intervention avoidance; failure detection; industrial area network; link protection scheme; local area network; metro grade Ethernet network; network control; proactive failure recovery; software defined network; Computer architecture; Ports (Computers); Protocols; Signal processing; Software defined networking;Switches; Failure recovery; Fast resiliency Link protection; OpenFlow; Software Defined Networking (ID#: 15-8039)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7219846&isnumber=7219823

Hukerikar, S.; Diniz, P.C.; Lucas, R.F., "Enabling Application Resilience Through Programming Model Based Fault Amelioration," in High Performance Extreme Computing Conference (HPEC), 2015 IEEE, pp. 1-6, 15-17 Sept. 2015. doi: 10.1109/HPEC.2015.7322460

Abstract: High-performance computing applications that will run on future exascale-class supercomputing systems are projected to encounter accelerated rates of faults and errors. For these large-scale systems, maintaining fault resilient operation is a key challenge. The most widely used resiliency approach today, which is based on checkpoint and rollback (C/R) recovery, is not expected to remain viable in the presence of frequent errors and failures. In this paper, we present a framework for enabling application-level recovery from error states through fault amelioration. Our approach is based on programming model extensions that enable algorithm-based fault amelioration knowledge to be expressed as an intrinsic feature of the programming environment. This is accomplished through a set of language extensions that are supported by a compiler infrastructure and a runtime system. We experimentally demonstrate that the framework enables recovery from errors in the program state with low overhead to the application performance.

Keywords: checkpointing; parallel processing; program compilers; software fault tolerance; software maintenance; C/R recovery; algorithm-based fault amelioration knowledge; application resiliency; application-level recovery; checkpoint and rollback recovery; compiler infrastructure; exascale-class supercomputing systems; fault resilient operation maintenance; high-performance computing applications; large-scale systems; programming model extensions; runtime system; Data structures; Program processors; Programming; Resilience; Runtime; Semantics; Syntactics (ID#: 15-8040)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7322460&isnumber=7322434

Crowcroft, J.; Levin, L.; Segal, M., "Using Data Mules for Sensor Network Resiliency," in Modeling and Optimization in Mobile, Ad Hoc, and Wireless Networks (WiOpt), 2015 13th International Symposium on, pp. 427-434, 25-29 May 2015. doi: 10.1109/WIOPT.2015.7151102

Abstract: In this paper, we study the problem of efficient data recovery using the data mules approach, where a set of mobile sensors with advanced mobility capabilities re-acquire lost data by visiting the neighbors of failed sensors, thereby improving network resiliency. Our approach involves defining the optimal communication graph and mules' placements such that the overall traveling time and distance is minimized regardless to which sensors crashed. We explore this problem under different practical network topologies such as general graphs, grids and random linear networks and provide approximation algorithms based on multiple combinatorial techniques. Simulation experiments demonstrate that our algorithms outperform various competitive solutions for different network models, and that they are applicable for practical scenarios.

Keywords: approximation theory; graph theory; minimisation; mobility management (mobile radio);telecommunication network topology; wireless sensor networks; advanced mobility capabilities; approximation algorithms; data mules; data recovery; general graphs; mobile sensors; multiple combinatorial techniques; network topologies; optimal communication graph; overall traveling distance minimization; overall traveling time minimization; random linear networks; sensor network resiliency improvement; Ad hoc networks; Approximation algorithms; Mobile communication; Mobile computing; Optimized production technology; Robot sensing systems; Topology (ID#: 15-8041)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7151102&isnumber=7151020

Pham Phuoc Hung; Xuan-Qui Pham; Ga-Won Lee; Tuan-Anh Bui; Eui-Nam Huh; "A Procedure to Achieve Cost and Performance Optimization for Recovery in Cloud Computing;" Network Operations and Management Symposium (APNOMS), 2015 17th Asia-Pacific, pp. 596-599, 19-21 Aug. 2015. doi: 10.1109/APNOMS.2015.7275402

Abstract: This research discusses a system architecture that comes up with potentially better resiliency and faster recovery from failures based on the renowned genetic algorithm. Additionally, we aim to achieve a globally optimized performance as well as a service solution that can remain financially and operationally balanced according to customer preferences. The proposed methodology has undergone numerous and severe evaluations to be proclaimed of their effectiveness and efficiency, even when put under tight comparison with other existing work.

Keywords: cloud computing; genetic algorithms; software architecture software performance evaluation; system recovery; cloud computing; customer preferences; genetic algorithm; performance optimization; recovery time; service solution; system architecture; Cloud computing; Genetic algorithms; Processor scheduling; Program processors; Schedules; Sociology; Statistics; Task scheduling; big data; cloud computing; parallel computing; recovery time (ID#: 15-8042)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7275402&isnumber=7275336

Soowoong Eo; Wooyeon Jo; Seokjun Lee; Shon, T., "A Phase of Deleted File Recovery for Digital Forensics Research in Tizen," in IT Convergence and Security (ICITCS), 2015 5th International Conference on, pp. 1-3, 24-27 Aug. 2015. doi: 10.1109/ICITCS.2015.7292924

Abstract: Digital Forensics, not only for the computers of suspect, needs to collect the various digital evidences especially in many different kinds of mobile devices and operating systems. Moreover, in case of acquiring digital evidences, recovering a deleted file is more meaningful that it can find the concealed evidence by the suspect. In this paper, the phase of deleted file recovery in Tizen operating system is suggested and certified with the experiment.

Keywords: back-up procedures; digital forensics; operating systems (computers); system recovery; Tizen operating system; concealed evidence; deleted file recovery; digital evidences; digital forensics; mobile devices; operating systems; Digital forensics; File systems; Mobile communication; Operating systems; Smart phones (ID#: 15-8043)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7292924&isnumber=7292885

Fairbanks, K.D., "A Technique for Measuring Data Persistence Using the Ext4 File System Journal," in Computer Software and Applications Conference (COMPSAC), 2015 IEEE 39th Annual, vol. 3, no., pp. 18-23, 1-5 July 2015. doi: 10.1109/COMPSAC.2015.164

Abstract: In this paper, we propose a method of measuring data persistence using the Ext4 journal. Digital Forensic tools and techniques are commonly used to extract data from media. A great deal of research has been dedicated to the recovery of deleted data, however, there is a lack of information on quantifying the chance that an investigator will be successful in this endeavor. To that end, we suggest the file system journal be used as a source to gather empirical evidence of data persistence, which can later be used to formulate the probability of recovering deleted data under various conditions. Knowing this probability can help investigators decide where to best invest their resources. We have implemented a proof of concept system that interrogates the Ext4 file system journal and logs relevant data. We then detail how this information can be used to track the reuse of data blocks from the examination of file system metadata structures. This preliminary design contributes a novel method of tracking deleted data persistence that can be used to generate the information necessary to formulate probability models regarding the full and/or partial recovery of deleted data.

Keywords: digital forensics; file organisation; probability; Ext4 file system journal; data extraction; data persistence; digital forensic tools; probability; proof of concept system; Data mining; Data structures; Digital forensics; File systems; Media; Metadata; Operating systems;Data Persistence; Data Recovery; Digital Forensics;Ext4;File System Forensics; Journal; Persistence Measurement (ID#: 15-8044)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7273317&isnumber=7273299

Leom, Ming Di; DOrazio, Christian Javier; Deegan, Gaye; Choo, Kim-Kwang Raymond, "Forensic Collection and Analysis of Thumbnails in Android," in Trustcom/BigDataSE/IEEESPA, 2015 IEEE, vol. 1, pp. 1059-1066, 20-22 Aug. 2015. doi: 10.1109/Trustcom.2015.483

Abstract: JPEG thumbnail images are of interest in forensic investigations as images from the thumbnail cache could be intact even when the original pictures have been deleted. In addition, a deleted thumbnail is less likely to be fragmented due to its small size. The focus of existing literature is generally on the desktop environment. Considering the increasing capability of smart mobile devices, particularly Android devices, to take pictures and videos on the go, it is important to understand how thumbnails can be collected from these devices. In this paper, we examine and describe the various thumbnail sources in Android devices and propose a methodology for thumbnail collection and analysis from Android devices. We also demonstrate the utility of our proposed methodology using a case study (e.g. thumbnails could be recovered even when the file system is heavily fragmented). Our findings also indicate that collective information obtained from the recovered fragmented JPEG image (e.g. metadata) and the thumbnail could be akin to recovering the full image for forensic purposes.

Keywords: Androids; Australia; File systems; Forensics; Humanoid robots; Media; Mobile handsets; Android forensics; forensic recovery; mobile forensics; thumbcache; thumbnail recovery (ID#: 15-8045)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7345391&isnumber=7345233

Mohite, M.P.; Ardhapurkar, S.B., "Design and Implementation of a Cloud Based Computer Forensic Tool," in Communication Systems and Network Technologies (CSNT), 2015 Fifth International Conference on, pp. 1005-1009, 4-6 April 2015. doi: 10.1109/CSNT.2015.180

Abstract: Nowadays, Cloud computing is receiving more and more attention from the information and communication technology industry recently. Thus, From the demand of cloud users digital forensics in cloud computing are a raw expanse of study linked to the increasing use of information processing governance, internet and digital computer storage devices in numerous criminal actions in both traditional and Hi-Tech. The digital forensics, including handle, conduct of, study, and document digital evidence in a court of law. Digital Forensic tool in a cloud computing environment is a big demand from forensic investigator. Thus, in the process of digital forensics, it is needed to create an image of the original digital data without damage and to show that the computer evidence existed at the specific time. The evidences are then analyzed by the forensic investigator. After the proof is examined, it is obliged to make a report to embrace it as legitimately successful confirmation in the law court. To give an advanced crime scene investigation benefit on cloud environment, a cloud based computer forensic tool is proposed in this paper. To probe the evidence multiple features are provided in this tool like data recovery, sorting, indexing, hex viewer, data bookmarking.

Keywords: cloud computing; image forensics; law; Internet; advanced crime scene investigation; cloud computing; cloud-based computer forensic tool; computer forensic tool; court of law; digital computer storage device; digital forensic tool; document digital evidence; information processing governance; Cloud computing; Digital forensics; Media; Portable computers; Cloud Computing; Computer Forensic; Digital Evidence; Forensic Investigation (ID#: 15-8046)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7280070&isnumber=7279856

Ramisch, F.; Rieger, M., "Recovery of SQLite Data Using Expired Indexes," in IT Security Incident Management & IT Forensics (IMF), 2015 Ninth International Conference on, pp. 19-25, 18-20 May 2015. doi: 10.1109/IMF.2015.11

Abstract: SQLite databases have tremendous forensic potential. In addition to active data, expired data remain in the database file, if the option secure delete is not applied. Tests of available forensic tools show, that the indexes were not considered, although they may complete the recovery of the table structures. Algorithms for their recovery and combination with each other or with table data are worked out. A new tool, SQLite Index Recovery, was developed for this study. The use with test data and data of Apple Mail shows, that the recovery of indexes is possible and enriches the recovery of ordinary table data.

Keywords: database indexing; digital forensics; relational databases; Apple Mail data; SQLite data recovery; SQLite databases; SQLite index recovery; active data; database file; expired data; forensic tools; table data; table structure recovery; test data; File systems; Forensics; Indexes; Metadata; Oxygen; Postal services; Apple Mail; SQLite; database; expired data; forensic tool; free block; index; recovery (ID#: 15-8047)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7195803&isnumber=7195793

Bao, Jianrong; Gao, Xiqi; Liu, Chao; Jiang, Bin, "Iterative Carrier Recovery in an LDPC Coded QPSK System at Low SNRs," in Wireless Communications & Signal Processing (WCSP), 2015 International Conference on, pp. 1-5, 15-17 Oct. 2015. doi: 10.1109/WCSP.2015.7340999

Abstract: This paper presents an iterative carrier recovery (ICR) via soft decision metrics (SDMs) of low-density parity-check (LDPC) decoding in an LDPC coded quadrature phase shift keying (QPSK) system. It is crucial for wireless communication systems to work effectively, especially at low signal-to-noise ratios (SNRs). By maximizing the sum of the square of the SDMs of LDPC decoding with gradient oriented optimization of the objective function, it adaptively updates the carrier phase and frequency parameter accurately. The structure of the proposed scheme is also given, along with the phase ambiguity solution. Meanwhile, it is combined with the Costas loop tracking and the LDPC decoding feedback to eliminate residual carrier offsets. Simulation results indicate that the proposed ICR algorithm achieves good performance in an LDPC coded QPSK system under rather large carrier phase offsets, which is just within 0.1 dB of the ideal code performance at the cost of some moderate complexity. By the proposed scheme, a rate-1/2 LDPC coded QPSK system can even work at low bit SNR (Eb/N0) about 1-2 dB, which is useful in energy-limited wireless communications.

Keywords: Approximation methods; Complexity theory; Iterative decoding; Linear programming; Maximum likelihood decoding; Phase shift keying; LDPC codes; carrier synchronization; iterative carrier recovery; soft decision metrics (ID#: 15-8048)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7340999&isnumber=7340966

Silveira, J.; Marcon, C.; Cortez, P.; Barroso, G.; Ferreira, J.M.; Mota, R., "Preprocessing of Scenarios for Fast and Efficient Routing Reconfiguration in Fault-Tolerant NoCs," in Parallel, Distributed and Network-Based Processing (PDP), 2015 23rd Euromicro International Conference on, pp. 404-411, 4-6 March 2015. doi: 10.1109/PDP.2015.22

Abstract: Newest processes of CMOS manufacturing allow integrating billions of transistors in a single chip. This huge integration enables to perform complex circuits, which require an energy efficient communication architecture with high scalability and parallelism degree, such as a Network-on-Chip (NoC). However, these technologies are very close to physical limitations implying the susceptibility increase of faults on manufacture and at runtime. Therefore, it is essential to provide a method for efficient fault recovery, enabling the NoC operation even in the presence of faults on routers or links, and still ensure deadlock-free routing even for irregular topologies. A preprocessing approach of the most probable fault scenarios enables to anticipate the computation of deadlock-free routings, reducing the time necessary to interrupt the system operation in a fault event. This work describes a preprocessing technique of fault scenarios based on forecasting fault tendency, which employs a fault threshold circuit and a high-level software that identifies the most relevant fault scenarios. We propose methods for dissimilarity analysis of scenarios based on measurements of cross-correlation of link fault matrices. At runtime, the preprocessing technique employs analytic metrics of average distance routing and links load for fast search of sound fault scenarios. Finally, we use RTL simulation with synthetic traffic to prove the quality of our approach.

Keywords: fault tolerance; network-on-chip; topology; CMOS manufacturing; deadlock-free routing reconfiguration; fault threshold circuit; fault-tolerant NoC operation; forecasting fault tendency; high-level software; irregular topology; link fault matrices; network-on-chip; Circuit faults; Computer architecture; Fault tolerance; Fault tolerant systems; Ports (Computers);Routing; System recovery; NoC; fault-tolerance; irregular topology; routing (ID#: 15-8049)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7092752&isnumber=7092002

Mondal, S.K.; Xiaoyan Yin; Muppala, J.K.; Alonso Lopez, J.; Trivedi, K.S., "Defects per Million Computation in Service-Oriented Environments," in Services Computing, IEEE Transactions on, vol. 8, no. 1, pp. 32-46, Jan.-Feb. 2015. doi: 10.1109/TSC.2013.52

Abstract: Traditional system-oriented dependability metrics like reliability and availability do not fully reflect the impact of system failure-repair behavior in service-oriented environments. The telecommunication systems community prefers to use Defects Per Million (DPM), defined as the number of calls dropped out of a million calls due to failures, as a user-perceived dependability metric. In this paper, we provide new formulation for the computation of the DPM metric for a system supporting Voice over IP functionality using the Session Initiation Protocol (SIP). We evaluate different replication schemes that can be used at the SIP application server. They include the effects of software failure, failure detection, recovery mechanisms, and imperfect coverage for recovery mechanisms. We derive closed-form expressions for the DPM taking into account the transient behavior of recovery after a failure. Our approach and underlying models can be readily extended to other types of service-oriented environments.

Keywords: Internet telephony; signalling protocols; software fault tolerance; software metrics; system recovery; DPM metric; SIP application server; Session Initiation Protocol; defects per million computation; failure detection; imperfect coverage; recovery mechanisms; reliability; replication schemes; service-oriented environments; software failure; system failure-repair behavior; system-oriented dependability metrics; telecommunication systems community; transient behavior; user-perceived dependability metric; voice over IP functionality; Availability; Computational modeling; Equations; Mathematical model; Measurement; Servers; Session initiation protocol; defects per million; fault tolerance; replication; user-perceived service reliability (ID#: 15-8050)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6671595&isnumber=7029726

Camara, M.S.; Fall, I.; Mendy, G.; Diaw, S., "Activity Failure Prediction Based on Process Mining," in System Theory, Control and Computing (ICSTCC), 2015 19th International Conference on, pp.854-859, 14-16 Oct. 2015. doi: 10.1109/ICSTCC.2015.7321401

Abstract: Based on the state of the art of process mining, we can conclude that quality characteristics (failure rate metrics or loops) are poorly represented or absent in most predictive models that can be found in the literature. The main goal of this present research work is to analyze how to learn prediction model defining failure as response variable. A model of this type can be used for active real-time-controlling (e. g. through the reassignment of workflow activities based on prediction results) or for the automated support of redesign (i.e., prediction results are transformed in software requirements used to implement process improvements). The proposed methodology is based on the application of a data mining process because the objective of this work can be considered as a data mining goal.

Keywords: business data processing; data mining; system recovery; BPM; active real-time-controlling; activity failure prediction; automated support; business process management; data mining goal; failure rate metrics; predictive models; process improvements; process mining; quality characteristics; response variable; software requirements; workflow activities; Analytical models;Business; Data mining; Data models; Measurement; Predictive models; Process control; Business Process Management; Data mining; Process mining; Supervised learning; Workflow management software (ID#: 15-8051)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7321401&isnumber=7321255

Jiyeon Kim; Kim, H.S., "PBAD: Perception-Based Anomaly Detection System for Cloud Datacenters," in Cloud Computing (CLOUD), 2015 IEEE 8th International Conference on, pp. 678-685, June 27 2015-July 2 2015. doi: 10.1109/CLOUD.2015.95

Abstract: Detection of anomalies in large Cloud infrastructure is challenging. Understanding operational behavior of Cloud is extremely difficult due to the heterogeneity of different technologies, virtualized platforms and complex interactions among the systems. Many of existing system models for Cloud are based on utilization metrics such as CPU, memory, network and I/O. Such system models are quite complex and their anomaly detection mechanisms are mostly based on threshold scheme. Utilization metrics exceeding a certain threshold would trigger an alarm. In fact, it is impossible to determine proper threshold for all anomalies. These system models fail to assess the state of the system accurately. We propose a novel anomaly detection system based on user perception rather than complex system models. In our Perception-Based Anomaly Detection system (PBAD), each component within multi-tier applications monitors response time and determines whether overall service response time is adequate. PBAD also locates the anomaly by analyzing component behaviors. PBAD masks the complexity of Cloud and addresses what matters, how user perceives the service provided by the Cloud applications. The key advantages of the proposed algorithm are simplicity and scalability. We implement and deploy PBAD in our production data center environment. The experimental results show that PBAD detects numerous types of anomalies as well as the combination of anomalies where existing systems fail.

Keywords: cloud computing; computer centres; security of data; system monitoring; system recovery; virtual machines; virtualisation; CPU utilization; I/O utilization; PBAD; anomaly detection mechanism; cloud application; cloud complexity; cloud datacenters; cloud operational behavior; complex system interactions; component behavior analysis; large cloud infrastructure; memory utilization; multitier application; network utilization; perception-based anomaly detection system; production data center environment; response time monitoring; service response time; system failure; system model; system state assessment; technology heterogeneity; threshold scheme; user perception; utilization metrics; virtual machine; virtualized platform; Cloud computing; Computational modeling; Delays; Servers; Support vector machines; Time factors; anomaly detection; cloud computing; cloud datacenter; response time; virtual machine (ID#: 15-8052)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7214105&isnumber=7212169

Dasgupta, S.; Paramasivam, M.; Vaidya, U.; Ajjarapu, V., "Entropy-Based Metric for Characterization of Delayed Voltage Recovery," in Power Systems, IEEE Transactions on, vol. 30, no. 5, pp. 2460-2468, Sept. 2015. doi: 10.1109/TPWRS.2014.2361649

Abstract: In this paper, we introduce a novel entropy-based metric to characterize the fault-induced delayed voltage recovery (FIDVR) phenomenon. In particular, we make use of Kullback-Leibler (KL) divergence to determine both the rate and the level of voltage recovery following a fault or disturbance. The computation of the entropy-based measure relies on voltage time-series data and is independent of the underlying system model used to generate the voltage time-series. The proposed measure provides quantitative information about the degree of WECC voltage performance violation for FIDVR phenomenon. The quantitative measure for violation allows one to compare the voltage responses of different buses to various contingencies and to rank order them, based on the degree of violation.

Keywords: entropy; power system faults; power system measurement; signal processing; time series; Kullback-Leibler divergence; WECC voltage performance violation; delayed voltage recovery characterization; entropy based metrics;fault induced delayed voltage recovery; voltage recovery rate; voltage time-series data; Approximation methods; Density functional theory; Entropy; Probability density function; Probability distribution; Steady-state; Voltage measurement; Contingency analysis; delayed voltage recovery; entropy (ID#: 15-8053)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6942243&isnumber=7161453

Perova, I.; Mulesa, P., "Fuzzy Spatial Extrapolation Method Using Manhattan Metrics for Tasks Of Medical Data Mining," in Scientific and Technical Conference "Computer Sciences and Information Technologies" (CSIT), 2015 Xth International, pp. 104-106, 14-17 Sept. 2015. doi: 10.1109/STC-CSIT.2015.7325443

Abstract: In this paper the approach for fuzzy clustering-classification of medical short data samples using the method of fuzzy spatial extrapolation is considered. The proposed procedure refers to the direction of Medical Data Mining, and is hybrid system that can solve the task of diagnosing of various diseases in a limited sample, complete or partial overlapping of classes, their different densities, different numerical filling and requires for its training small volumes of a priori information. Also this procedure can realize a filling of gaps in feature vector based on recovery of hidden dependencies that are contained in data set.

Keywords: data mining; fuzzy set theory; medical administrative data processing; fuzzy clustering-classification; fuzzy spatial extrapolation method; fuzzy spatial extrapolation; hybrid system; manhattan metrics; medical data mining; Computational intelligence; Data mining; Extrapolation; Filling; Measurement; Medical diagnostic imaging; Neural networks; classification; deficit of information; feature vector; fuzzy clustering; fuzzy spatial extrapolation; gap (ID#: 15-8054)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7325443&isnumber=7325415

Chowdhury, M.; Goldsmith, A., "Reliable Uncoded Communication in the SIMO MAC," in Information Theory, IEEE Transactions on, vol. 61, no. 1, pp. 388-403, Jan. 2015. doi: 10.1109/TIT.2014.2371040

Abstract: A single-input multiple-output multiple access channel, with a large number of uncoded noncooperating single-antenna transmitters and joint processing at a multiantenna receiver is considered. The minimum number of receiver antennas per transmitter that is needed for perfect recovery of the transmitted signals with overwhelming probability is investigated. It is shown that in the limit of a large number of transmitters, and in a rich scattering environment, the per-transmitter number of receiver antennas can be arbitrarily small, not only with the optimal maximum likelihood decoding rule, but also with much lower complexity decoders. Comparison with the ergodic capacity of the channel in the limit of a large number of transmitters suggests that uncoded transmissions achieve the Shannon-theoretic scaling behavior of the minimum per-transmitter number of receiver antennas. Thus, the diversity of a large system not only makes the performance metrics for some coded systems similar to that of uncoded systems, but also allows efficient decoders to realize close to the optimal performance of maximum likelihood decoding.

Keywords: MIMO communication; antenna arrays; channel capacity; electromagnetic wave scattering; maximum likelihood decoding; multiuser channels; probability; radio receivers; radio transmitters; telecommunication network reliability; wireless channels; Shannon-theoretic scaling; channel capacity; lower complexity decoder; maximum likelihood decoding rule; multiantenna receiver; probability; rich scattering environment; single antenna transmitter; single input multiple output multiple access channel; uncoded communication reliability; Maximum likelihood decoding; Receiving antennas; Reliability; Transmitting antennas; Convex programming; Maximum likelihood detection; Multiuser detection; Spatial diversity; convex programming; maximum likelihood detection; multiuser detection (ID#: 15-8055)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6957541&isnumber=6994912

Jyothirmai, P.; Raj, J.S., "Secure Interoperable Architecture Construction for Overlay Networks," in Innovations in Information, Embedded and Communication Systems (ICIIECS), 2015 International Conference on, pp. 1-6, 19-20 March 2015. doi: 10.1109/ICIIECS.2015.7193261

Abstract: Delay-tolerant networking (DTN) is an approach to computer network architecture that seeks to address the technical issues in heterogeneous networks that may lack continuous network connectivity. Examples of such networks are those operating in mobile or extreme terrestrial environments, or planned networks in space. In Disruption Tolerant Networks packets storage exists when there is any link breakage between the nodes in the network so delay is tolerable in this type of network during the data transmission. But this delay is not tolerable in wireless network for voice packet transmission. This evokes the use of wireless networks. Different wireless networks are interoperating with each other so the communication across the network is called overlay network. This network is vulnerable to attacks due to mobile behaviour of nodes. One of these is the wormhole attack. It is a critical threat to normal operation in wireless networks which results in the degradation of the network performance. It can be identified by using a technique called forbidden topology. The proposed recovery algorithm will increase the performance of the network. The performance metrics such as throughput, packet delivery ratio and delay are evaluated.

Keywords: computer network security; data communication; delay tolerant networks; open systems; overlay networks; radio links; telecommunication network topology; DTN; computer network architecture; data transmission; delay tolerant networking; disruption tolerant network; forbidden topology; overlay network; secure interoperable architecture construction; voice packet transmission; wireless network; wormhole attack; Delays; Network topology; Overlay networks; Security; Throughput; Topology; Wireless networks; Interoperable; Overlay Networks; Security; Wireless Networks; Wormhole Attack (ID#: 15-8056)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7193261&isnumber=7192777

Shaohan Hu; Shen Li; Shuochao Yao; Lu Su; Govindan, R.; Hobbs, R.; Abdelzaher, T.F., "On Exploiting Logical Dependencies for Minimizing Additive Cost Metrics in Resource-Limited Crowdsensing," in Distributed Computing in Sensor Systems (DCOSS), 2015 International Conference on, pp. 189-198, 10-12 June 2015. doi: 10.1109/DCOSS.2015.26

Abstract: We develop data retrieval algorithms for crowd-sensing applications that reduce the underlying network bandwidth consumption or any additive cost metric by exploiting logical dependencies among data items, while maintaining the level of service to the client applications. Crowd sensing applications refer to those where local measurements are performed by humans or devices in their possession for subsequent aggregation and sharing purposes. In this paper, we focus on resource-limited crowd sensing, such as disaster response and recovery scenarios. The key challenge in those scenarios is to cope with resource constraints. Unlike the traditional application design, where measurements are sent to a central aggregator, in resource limited scenarios, data will typically reside at the source until requested to prevent needless transmission. Many applications exhibit dependencies among data items. For example, parts of a city might tend to get flooded together because of a correlated low elevation, and some roads might become useless for evacuation if a bridge they lead to fails. Such dependencies can be encoded as logic expressions that obviate retrieval of some data items based on values of others. Our algorithm takes logical data dependencies into consideration such that application queries are answered at the central aggregation node, while network bandwidth usage is minimized. The algorithms consider multiple concurrent queries and accommodate retrieval latency constraints. Simulation results show that our algorithm outperforms several baselines by significant margins, maintaining the level of service perceived by applications in the presence of resource-constraints.

Keywords: data handling; query processing; additive cost metric minimization; central aggregation node; data items; data retrieval algorithms; logic expressions; logical data dependency; multiple concurrent query; network bandwidth consumption; network bandwidth usage; resource constraints; resource-limited crowdsensing; retrieval latency constraints; Algorithm design and analysis; Bandwidth; Decision trees; Engines; Optimization; Sensors; System analysis and design; cost optimization; crowd sensing; logical dependency; resource limitation (ID#: 15-8057)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7165037&isnumber=7164869

---

Note:

Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to news@scienceofsecurity.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.

---

Video Surveillance 2015

	Video Surveillance 2015

Video surveillance is a fast growing area of public security. With it have come policy issues related to privacy. Technical issues and opportunities have also arisen, including the potential to use advanced methods to provide positive identification, abnormal behaviors in crowds, intruder detection, and information fusion with other data. The research presented here came from multiple conferences and publications and was offered in 2015.

---

Boyer, M.; Veigl, S., "Privacy Preserving Video Surveillance Infrastructure with Particular Regard to Modular Video Analytics," in Imaging for Crime Prevention and Detection (ICDP-15), 6th International Conference on, pp. 1-5, 15-17 July 2015. doi: 10.1049/ic.2015.0120

Abstract: The demand for modular video analytics in surveillance systems is steadily growing as it offers significant advantages when flexibility and/or scalability in terms of computational performance are required. At the same time, the utilization of modular systems raises many questions with regard to ensuring the right for privacy, justice and freedom of citizens when developing and operating surveillance infrastructure. Both, surveillance infrastructure as well as the rights of citizens concerning their personal data are subject to constant change. The socio-ethical nature of individual rights (e.g. the varying perception of such rights) has to be considered too. Last but not least, a concept of accountability (i.e. accountability-by-design) has to be established. Our contribution demonstrates how a set of simple and individually harmless algorithmic modules can be used to obtain sensitive personal information out of surveillance video footage. Trying to solve this challenge solely by technical means (i.e. for individual components) is not expedient and will hardly lead to a successful solution: The functionality of a combination of primitive algorithms can exceed the abilities of the sum of the parts by magnitudes. Strict adherence to the privacy-by-design paradigm for each individual component in order to guarantee privacy preservation for the whole system is not sufficient either. Our solution tackles this challenge on a higher, comprehensive level considering the entire life cycle of surveillance systems, ideally starting with the planning and design phase. It supports the development and ensures that privacy aspects are continuously reviewed whilst the audited system is in operation or maintenance. This indicates another difficulty in connection with the ever-changing nature of the parties being in charge of privacy concerns over the lifetime of surveillance systems. We will present a solution being applied to a surveillance system including modular video analytic- using the example of a specific video surveillance scenario.

Keywords: data privacy; video surveillance; harmless algorithmic modules; modular video analytics; primitive algorithms; privacy preserving video surveillance infrastructure; privacy-by-design paradigm; socio-ethical nature; Distributed Systems; Modular Design; Privacy Protection; Visual Analytics; Visual Surveillance (ID#: 15-8013)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7322157&isnumber=7244054

Bonetto, M.; Korshunov, P.; Ramponi, G.; Ebrahimi, T., "Privacy in Mini-Drone Based Video Surveillance," in Automatic Face and Gesture Recognition (FG), 2015 11th IEEE International Conference and Workshops on, vol. 04, pp. 1-6, 4-8 May 2015. doi: 10.1109/FG.2015.7285023

Abstract: Mini-drones are increasingly used in video surveillance. Their areal mobility and ability to carry video cameras provide new perspectives in visual surveillance which can impact privacy in ways that have not been considered in a typical surveillance scenario. To better understand and analyze them, we have created a publicly available video dataset of typical drone-based surveillance sequences in a car parking. Using the sequences from this dataset, we have assessed five privacy protection filters via a crowdsourcing evaluation. We asked crowdsourcing workers several privacy- and surveillance-related questions to determine the tradeoff between intelligibility of the scene and privacy, and we present conclusions of this evaluation in this paper.

Keywords: autonomous aerial vehicles; image filtering; image sequences; video surveillance; car parking; crowdsourcing evaluation; drone based surveillance sequence; minidrone based video surveillance privacy; privacy protection filter; publicly available video dataset; Crowdsourcing; Data privacy; Licenses; Privacy; Surveillance; Vehicles; Visualization; Mini-drones; crowdsourcing evaluation; dataset; privacy; video surveillance (ID#: 15-8014)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7285023&isnumber=7285013

Ma, X.; Zeng, W.; Yang, L.; Zou, D.; Jin, H., "Lossless ROI Privacy Protection of H.264/AVC Compressed Surveillance Videos," in Emerging Topics in Computing, IEEE Transactions on , vol. PP, no.99, pp.1-1, 06 August 2015. doi: 10.1109/TETC.2015.2460462

Abstract: Privacy becomes one of the major concerns of video surveillance systems especially in cloud-based systems. Privacy protection of surveillance videos aims to protect privacy information without hampering normal video surveillance tasks. ROI (Region-Of-Interest) privacy protection is more practical compared to the whole video encryption approaches. However, one common drawback of virtually all current ROI privacy protection methods is that the original compressed surveillance video recorded in the camera is permanently distorted by the privacy protection process, due to the quantization in the re-encoding process. Thus the integrity of the original compressed surveillance video captured by the camera is destroyed. This is unacceptable for some application scenarios such as video forensics for investigations and video authentication for law enforcement, et al. In this paper, we introduce a new paradigm for privacy protection in surveillance videos, referred to as lossless privacy region protection, which has the property that the distortion introduced by the protection of the privacy data can be completely removed from the protected videos by authorized users. We demonstrate the concept of lossless privacy region protection through a proposed scheme applied on H.264/AVC compressed videos.

Keywords: Cameras; Encryption; Privacy; Surveillance; Video coding; Videos; H.264/AVC; inter-frame drift error; intra-frame drift error; lossless; privacy protection; video surveillance (ID#: 15-8015)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7181657&isnumber=6558478

Birnstill, P.; Daoyuan Ren; Beyerer, J., "A User Study on Anonymization Techniques for Smart Video Surveillance," in Advanced Video and Signal Based Surveillance (AVSS), 2015 12th IEEE International Conference on, pp. 1-6, 25-28 Aug. 2015. doi: 10.1109/AVSS.2015.7301805

Abstract: A key mechanism of privacy-aware smart video surveillance is anonymization of video data. We conducted a user study with a response of 103 participants in order to investigate which pixel operations are suitable for protecting persons' identities while, at the same time, allowing a human operator to recognize persons' activities i.e., preserving the utility of the video data. Regarding the activities in the data set, namely stealing, fighting, and dropping a bag, our data does not approve the common hypothesis that privacy and utility of video data are necessarily trade-off.

Keywords: data privacy; video surveillance; anonymization techniques; privacy-aware smart video surveillance; video data; Color; Image color analysis; Image edge detection; Privacy; Shape; Video recording; Video surveillance (ID#: 15-8016)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7301805&isnumber=7301715

Ma, X.; Yang, L.; Xiang, Y.; Zeng, W.; Zou, D.; Jin, H., "Fully Reversible Privacy Region Protection for Cloud Video Surveillance," in Cloud Computing, IEEE Transactions on , vol. PP, no.99, pp.1-1, 18 August 2015. doi: 10.1109/TCC.2015.2469651

Abstract: Privacy becomes one of the major concerns of cloud-based multimedia applications such as cloud video surveillance. Privacy protection of surveillance videos aims to protect privacy information without hampering normal processing tasks of the cloud. Privacy Region Protection only protects the privacy region while keeping the non-privacy region visually intact to facilitate processing in the cloud. However, full reversibility, i.e. the complete recovery of the original video which is critical to digital investigation and law enforcement has not been properly addressed in privacy region protection. In this paper, we introduce fully reversible privacy region protection into cloud video surveillance and propose a novel fully reversible privacy protection method for H.264/AVC compressed video. All the operations are performed in the compressed domain and avoid lossy re-encoding, so the original H.264/AVC compressed video can be fully recovered. To our best knowledge, the proposed scheme is the first fully reversible one for privacy region protection. Experimental results and performance comparison demonstrate the effectiveness and efficiency of the proposed approach.

Keywords: Cameras; Cloud computing; Discrete cosine transforms; Entropy; Privacy; Video coding; Video surveillance; Cloud-based multimedia application; full reversibility; intra-frame drift error; privacy protection (ID#: 15-8017)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7208839&isnumber=6562694

Ribaric, S.; Pavesic, N., "An Overview of Face De-Identification in Still Images and Videos," in Automatic Face and Gesture Recognition (FG), 2015 11th IEEE International Conference and Workshops on, vol. 04, pp. 1-6, 4-8 May 2015. doi: 10.1109/FG.2015.7285017

Abstract: Face-based identification is used in various application scenarios - from identification of a person based on still images in passport or identity card, to identification based on face images captured by a surveillance system without the cooperation of the person. In many application scenarios, especially in video surveillance, privacy can be compromised. One of the approaches to the preservation of privacy is de-identification, where de-identification is the process of concealing or removing personal identifiers, or replacing them with surrogate personal identifiers in personal information, captured in a multimedia content, in order to prevent the disclosure and use of data for purposes unrelated to the purpose for which the information was originally obtained. This paper presents a survey of approaches, methods and solutions for face de-identification in still images and videos.

Keywords: face recognition; video surveillance; face de-identification; identity card; multimedia content; passport; personal information; still images; still videos; surrogate personal identifiers; video surveillance; Cameras; Face; Face detection; Privacy; Real-time systems; Surveillance; Videos (ID#: 15-8018)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7285017&isnumber=7285013

Michael, K., "Sousveillance: Implications for Privacy, Security, Trust, and the Law.," in Consumer Electronics Magazine, IEEE, vol. 4, no. 2, pp. 92-94, April 2015. doi: 10.1109/MCE.2015.2393006

Abstract: Point of view has its foundations in film. It usually depicts a scene through the eyes of a character. Body-worn video-recording technologies now mean that a wearer can shoot film from a first-person perspective of another subject or object in his or her immediate field of view (FOV). The term sousveillance has been defined by Steve Mann to denote a recording done from a portable device such as a head-mounted display (HMD) unit in which the wearer is a participant in the activity. Some people call it inverse surveillance because it is the opposite of a camera that is wall mounted and fixed.

Keywords: video recording; video surveillance; FOV; HMD unit; body worn video recording technologies; head mounted display; immediate field of view; portable device; privacy; security; shoot film; sousveillance; trust; Cameras; Computer security; Consumer electronics; Privacy; Surveillance; Trust management; Video recording (ID#: 15-8019)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7084771&isnumber=7084739

Babiceanu, R.F.; Bojda, P.; Seker, R.; Alghumgham, M.A., "An Onboard UAS Visual Privacy Guard System," in Integrated Communication, Navigation, and Surveillance Conference (ICNS), 2015, pp. J1-1-J1-8, 21-23 April 2015. doi: 10.1109/ICNSURV.2015.7121232

Abstract: The application areas of Unmanned Aircraft Systems (UAS) are vast. The ever-increasing deployment of UAS is pushed further by advancements and cost effectiveness. It is not uncommon to come across makeshift UAS composed of off-the-shelf components that can be purchased from electronics stores. These components/systems are so easy to obtain and assemble to make homemade UAS, which then can be used by anyone for any purpose seen fit. This paper introduces the first of a set of privacy preserving measures and techniques for UAS applications. The system conceptual design will have a few versions, which the authors will apply in different setting in the subsequent research activities. For the sake of presenting the UAS Visual Privacy Guard system, the authors will use news reporting as an application.

Keywords: autonomous aerial vehicles; data privacy; video surveillance; UAS visual privacy guard system; image processing; unmanned aircraft system; video surveillance; Algorithm design and analysis; Cameras; Lenses; Object recognition; Privacy; Surveillance; Videos (ID#: 15-8020)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7121232&isnumber=7121207

Nawaz, T.; Ferryman, J., "An Annotation-Free Method for Evaluating Privacy Protection Techniques in Videos," in Advanced Video and Signal Based Surveillance (AVSS), 2015 12th IEEE International Conference on, pp. 1-6, 25-28 Aug. 2015. doi: 10.1109/AVSS.2015.7301800

Abstract: While several privacy protection techniques are presented in the literature, they are not complemented with an established objective evaluation method for their assessment and comparison. This paper proposes an annotation-free evaluation method that assesses the two key aspects of privacy protection that are privacy and utility. Unlike some existing methods, the proposed method does not rely on the use of subjective judgements and does not assume a specific target type in the image data. The privacy aspect is quantified as an appearance similarity and the utility aspect is measured as a structural similarity between the original raw image data and the privacy-protected image data. We performed an extensive experimentation using six challenging datasets (including two new ones) to demonstrate the effectiveness of the evaluation method by providing a performance comparison of four state-of-the-art privacy protection techniques.

Keywords: data privacy; video surveillance; annotation-free evaluation method; appearance similarity; image data; original raw image data; privacy protection techniques evaluation; video processing; Blanking; Data privacy; Image quality; Positron emission tomography; Privacy; Vehicles; Videos (ID#: 15-8021)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7301800&isnumber=7301715

Loughlin, M.; Adnane, A., "Privacy and Trust in Smart Camera Sensor Networks," in Availability, Reliability and Security (ARES), 2015 10th International Conference on, pp. 244-248, 24-27 Aug. 2015. doi: 10.1109/ARES.2015.31

Abstract: The emerging technologies of Smart Camera Sensor Networks (SCSN) are being driven by the social need for security assurance and analytical information. SCSN are deployed for protection and for surveillance tracking of potential criminals. A smart camera sensor does not just capture visual and audio information but covers the whole electromagnetic spectrum. It constitutes of intelligent onboard processor, autonomous communication interfaces, memory and has the ability to execute algorithms. The rapid deployment of smart camera sensors with ubiquitous imaging access causes security and privacy issues for the captured data and its metadata, as well as the need for trust and cooperation between the smart camera sensors. The intelligence growth in this technology requires adequate information security with capable privacy and trust protocols to prevent malicious content attacks. This paper presents, first, a clear definition of SCSN. It addresses current methodologies with perspectives in privacy and trust protection, and proposes a multi-layer security approach. The proposed approach highlights the need for a public key infrastructure layer in association with a Reputation-Based Cooperation mechanism.

Keywords: cameras; cryptographic protocols; data privacy; meta data; public key cryptography; video surveillance; analytical information; autonomous communication interfaces; captured data; information security; intelligent onboard processor; metadata; multilayer security approach; potential criminals; privacy issues; privacy protection; public key infrastructure layer; reputation-based cooperation mechanism; security assurance; security issues; smart camera sensor network; surveillance tracking; trust protection; trust protocols; ubiquitous imaging access; Data privacy; Metadata; Privacy; Security; Smart cameras; Technological innovation; Privacy; Smart Camera Sensor; Trust based reputation (ID#: 15-8022)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7299922&isnumber=7299862

Wai Lam Hoo; Miron, A.; Badii, A.; Chee Seng Chan, "Skin-Based Privacy Filter for Surveillance Systems," in Systems, Signals and Image Processing (IWSSIP), 2015 International Conference on, pp. 269-272, 10-12 Sept. 2015. doi: 10.1109/IWSSIP.2015.7314228

Abstract: With surveillance monitoring becoming widely available with the emergence of high resolution cameras, privacy concerns have been raised. One way to achieve privacy protection is by employing a privacy preserving device that can protect persons' identity, but still provide sufficient information to detect anomalous events if necessary. The skin region is important as a Personally Identifying Information (PII) that needs to be obscured if privacy is to be protected. Thus, this paper presents skin detection techniques to conceal privacy sensitive information. However, state-of-the-art skin detection methods suffer from various problems when deployed in a surveillance system. Accordingly, we propose a solution whereby we first find a set of candidate Regions-of-Interest (RoI) and then apply skin detection to the RoI thus found so as to locate the skin. By using this strategy, skin regions can be well delineated to allow targeted privacy filtering without covering the non-RoI parts.

Keywords: image recognition; video surveillance; PII; personally identifying information; privacy sensitive information; regions-of-interest; skin detection; skin-based privacy filter; surveillance system; Cameras; Detection algorithms; Detectors; Privacy; Skin; Surveillance; Visualization; privacy protection systems; skin detection; surveillance (ID#: 15-8023)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7314228&isnumber=7313917

Aronoff, J.S.; Simske, S.J.; Rolia, J., "Classification of Patient Movement Events Captured with a 6-Axis Inertial Sensor," in Electrical and Computer Engineering (CCECE), 2015 IEEE 28th Canadian Conference on, pp. 784-791, 3-6 May 2015. doi: 10.1109/CCECE.2015.7129374

Abstract: Patient monitoring is an important part of the overall treatment plan for hospital in-patients. However, monitoring is often time consuming for hospital staff. Staff must either remain in a patient's room, check in on the patient with frequent intervals or remotely monitor the patient via video surveillance. Constant monitoring may be disruptive to the patient as he or she attempts to rest. Furthermore, all of these methods may be considered intrusive to the patient's privacy and time-consuming for hospital staff which may result in increased medical costs. To mitigate these issues, we propose an alternate method of patient monitoring wherein a high-sensitivity 6-axis accelerometer is attached to the patient's hospital bed. Using frequency-series analysis, we can extract relevant patterns for patient movement and train a classifier to identify movement patterns of the patient. Automated monitoring of the patient's movement frees up time for hospital staff. The system can be configured to immediately notify staff when certain events are detected, thereby directing resources to where they are needed most. Event identification accuracy of 90% for a 12-class problem space was achieved.

Keywords: accelerometers; inertial systems; patient monitoring; patient treatment; pattern classification; sensors;6-axis inertial sensor; automated patient monitoring method; frequency-series analysis; high-sensitivity 6-axis accelerometer; hospital in-patients; hospital staff; patient hospital bed; patient movement event classification; patient privacy; patient treatment plan; video surveillance; Accelerometers; Accuracy; Discrete Fourier transforms; Hospitals; Monitoring; Training; Training data (ID#: 15-8024)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7129374&isnumber=7129089

Yuan Cao; Le Zhang; Zalivaka, S.S.; Chip-Hong Chang; Shoushun Chen, "CMOS Image Sensor Based Physical Unclonable Function for Coherent Sensor-Level Authentication," in Circuits and Systems I: Regular Papers, IEEE Transactions on, vol. 62, no. 11, pp. 2629-2640, Nov. 2015. doi: 10.1109/TCSI.2015.2476318

Abstract: In the applications of biometric authentication and video surveillance, the image sensor is expected to provide certain degree of trust and resiliency. This paper presents a new low-cost CMOS image sensor based physical unclonable function (PUF) targeting a variety of security, privacy and trusted protocols that involves image sensor as a trusted entity. The proposed PUF exploits the intrinsic imperfection during the image sensor manufacturing process to generate unique and reliable digital signatures. The proposed differential readout stabilizes the response bits extracted from the random fixed pattern noises of selected pixel pairs determined by the applied challenge against supply voltage and temperature variations. The threshold of difference can be tightened to winnow out more unstable response bits from the challenge-response space offered by modern image sensors to enhance the reliability under harsher operating conditions and loosened to improve its resiliency against masquerade attacks in routine operating environment. The proposed design can be classified as a weak PUF which is resilient to modeling attacks, with direct access to its challenge-response pair restricted by the linear feedback shift register. Our experiments on the reset voltages extracted from a 64 x 64 image sensor fabricated in 180 nm 3.3 V CMOS technology demonstrated that robust and reliable challenge-response pairs can be generated with a uniqueness of 49.37% and a reliability of 99.80% under temperature variations of 15 ~ 115 degC and supply voltage variations of 3 ~ 3.6 V.

Keywords: CMOS image sensors; data privacy; integrated circuit noise; integrated circuit reliability; protocols; readout electronics; CMOS image sensor; PUF; biometric authentication; coherent sensor-level authentication; differential readout stability; digital signature; linear feedback shift register; physical unclonable function; random fixed pattern noise; reliability; reset voltage extraction; response bit extraction; security; size 180 nm; temperature 15 degC to 115 degC; trusted protocol; video surveillance; voltage 3 V to 3.6 V; Authentication; CMOS image sensors; Cameras; Noise; Reliability; Threshold voltage; CMOS image sensor; device authentication; physical unclonable function; process variation; random number generator; trusted integrated circuits (ID#: 15-8025)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7307261&isnumber=7307240

Jaime, Francisco; Mana, Antonio; Ma, Zhendong; Wagner, Christian; Hovie, Daniel; Bossuet, Mathias, "Building a Privacy Accountable Surveillance System," in Model-Driven Engineering and Software Development (MODELSWARD), 2015 3rd International Conference on, pp. 646-654, 9-11 Feb. 2015. Doi: (not provided)

Abstract: This paper presents a sample surveillance use-case based on a video archive search scenario. Privacy and accountability concerns related to video surveillance systems are identified and described here, thus assessing the impact on privacy of this type of systems. Then, after a description of the scenario, we produce the design for this particular context using the SALT methodology developed by the PARIS project. This methodology follows the privacy-by-design approach and ensures that privacy and accountability concerns are properly taken into account for the system under development. This kind of development entails a series of advantages, not only from the point of view of the subject under surveillance, but also for the other system stakeholders.

Keywords: Cameras; Context; Data privacy; Law; Privacy; S urveillance; System analysis and design; Accountability; Methodology; Privacy; Process; SALT; Scenario; Surveillance (ID#: 15-8026)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7323181&isnumber=7323049

Dantcheva, A.; Elia, P.; Ross, A., "What Else Does Your Biometric Data Reveal? A Survey on Soft Biometrics;" in Information Forensics and Security, IEEE Transactions on, vol. PP, no.99, pp.1-1, 22 September 2015. doi: 10.1109/TIFS.2015.2480381

Abstract: Recent research has explored the possibility of extracting ancillary information from primary biometric traits, viz., face, fingerprints, hand geometry and iris. This ancillary information includes personal attributes such as gender, age, ethnicity, hair color, height, weight, etc. Such attributes are known as soft biometrics and have applications in surveillance and indexing biometric databases. These attributes can be used in a fusion framework to improve the matching accuracy of a primary biometric system (e.g., fusing face with gender information), or can be used to generate qualitative descriptions of an individual (e.g., ?young Asian female with dark eyes and brown hair?). The latter is particularly useful in bridging the semantic gap between human and machine descriptions of biometric data. In this paper, we provide an overview of soft biometrics and discuss some of the techniques that have been proposed to extract them from image and video data. We also introduce a taxonomy for organizing and classifying soft biometric attributes, and enumerate the strengths and limitations of these attributes in the context of an operational biometric system. Finally, we discuss open research problems in this field. This survey is intended for researchers and practitioners in the field of biometrics.

Keywords: Accuracy; Bioinformatics; Data mining; Face; Feature extraction; Hair; Iris recognition; Age; Biometrics; Computer Vision; Cosmetics; Ethnicity; Gender; Privacy; Race; Semantics; Soft biometrics; Visual Attributes (ID#: 15-8027)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7273870&isnumber=4358835

Jiang, R.; Bouridane, A.; Crookes, D.; Celebi, M.E.; Wei, Hua-Liang, "Privacy-Protected Facial Biometric Verification via Fuzzy Forest Learning," in Fuzzy Systems, IEEE Transactions on , vol. PP, no.99, pp.1-1, October 2015. doi: 10.1109/TFUZZ.2015.2486803

Abstract: Although visual surveillance has emerged as an effective technology for public security, privacy has become an issue of great concern in the transmission and distribution of surveillance videos. For example, personal facial images should not be browsed without permission. To cope with this issue, face image scrambling has emerged as a simple solution for privacy- related applications. Consequently, online facial biometric verification needs to be carried out in the scrambled domain thus bringing a new challenge to face classification. In this paper, we investigate face verification issues in the scrambled domain and propose a novel scheme to handle this challenge. In our proposed method, to make feature extraction from scrambled face images robust, a biased random subspace sampling scheme is applied to construct fuzzy decision trees from randomly selected features, and fuzzy forest decision using fuzzy memberships is then obtained from combining all fuzzy tree decisions. In our experiment, we first estimated the optimal parameters for the construction of the random forest, and then applied the optimized model to the benchmark tests using three publically available face datasets. The experimental results validated that our proposed scheme can robustly cope with the challenging tests in the scrambled domain, and achieved an improved accuracy over all tests, making our method a promising candidate for the emerging privacy-related facial biometric applications.

Keywords: Face; Face recognition; Security; Surveillance; Transforms; Vegetation; Videos; Facial biometrics; chaotic pattern; ensemble learning; face scrambling; fuzzy random forest; privacy (ID#: 15-8028)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7289412&isnumber=4358784

Yufeng Wang; Latif, Waqas; Tan, Chiu C.; Yifan Zhang, "Security and Privacy for Body Cameras Used in Law Enforcement," in Communications and Network Security (CNS), 2015 IEEE Conference on, pp.173-181, 28-30 Sept. 2015. doi: 10.1109/CNS.2015.7346826

Abstract: The move towards deploying body cameras for law enforcement personnel makes the security and privacy of these body cameras a pressing problem. Body cameras record police interactions with the public, mainly to provide evidence of potential malicious police actions. However, since these body cameras are deployed and maintained by the police departments themselves, there is lack of trust in the integrity of the footage. Furthermore, the pervasive use of body cameras increases the surveillance of general public, causing a loss of privacy. This paper presents a system that protects the integrity of the body camera videos, as well as protect public privacy. Our approach integrates computer vision techniques onto a resource constrained body camera system, and our evaluation indicates that our approach is feasible to be applied on body cameras.

Keywords: Cameras; Cryptography; Law enforcement; Privacy; Surveillance; Videos (ID#: 15-8029)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7346826&isnumber=7346791

Vezzani, R.; Lombardi, M.; Cucchiara, R., "Automatic Configuration and Calibration of Modular Sensing Floors," in Advanced Video and Signal Based Surveillance (AVSS), 2015 12th IEEE International Conference on, pp. 1-6, 25-28 Aug. 2015. doi: 10.1109/AVSS.2015.7301799

Abstract: Sensing floors are becoming an emerging solution for many privacy-compliant and large area surveillance systems. Many research and even commercial technologies have been proposed in the last years. Similarly to distributed camera networks, the problem of calibration is crucial, specially when installed in wide areas. This paper addresses the general problem of automatic calibration and configuration of modular and scalable sensing floors. Working on training data only, the system automatically finds the spatial placement of each sensor module and estimates threshold parameters needed for people detection. Tests on several training sequences captured with a commercial sensing floor are provided to validate the method.

Keywords: calibration; sensor placement; surveillance; wireless sensor networks; distributed camera networks; large area surveillance systems; modular sensing floor calibration; people detection; privacy-compliant systems; sensing floors; sensor placement; Calibration; Ceramics; Floors; Layout; Maximum likelihood detection; Sensors (ID#: 15-8030)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7301799&isnumber=7301715

Cunha, P.; Moura, D.C., "A Scalable and Privacy Preserving Approach for Counting Pedestrians in Urban Environment," in Advanced Video and Signal Based Surveillance (AVSS), 2015 12th IEEE International Conference on, pp. 1-6, 25-28 Aug. 2015. doi: 10.1109/AVSS.2015.7301806
Abstract: Understanding the flow of pedestrians in a city is of paramount importance for urban planning. In this paper, we propose a new approach to pedestrian counting based on using low-cost single-board computers that perform all the video analysis locally. This approach has several advantages: i) the impact on the server-side is minimal when the number of devices is increased, ii) communication requirements are low, and iii) people privacy is assured. A foreground detection algorithm based on keypoint detectors is here proposed to handle the low and unsteady frame rates expected under low-spec hardware. Given a single frame, the algorithm delivers a mask of blobs of potential interest. Several image descriptors are extracted for estimating the number of people. A prototype based on the Raspberry Pi platform was built and installed in a pedestrian street of a mid-size city running the proposed method. Experiments were performed both on data from the prototype and on a public dataset. Results show counting accuracy comparable to related work, while achieving frame rates of ~5 frames per second when running on the Raspberry Pi. We conclude that the proposed system is able to deliver frame rates compatible with typical people counting applications at a low cost while assuring privacy and scalability.

Keywords: computer vision; feature extraction; microcomputers; pedestrians; town and country planning; video signal processing; Raspberry Pi platform; foreground detection algorithm; keypoint detectors; low-cost single-board computers; low-spec hardware; pedestrian counting approach; privacy preserving approach; unsteady frame rates; urban environment; urban planning; video analysis; Cameras; Cities and towns; Detectors; Feature extraction; Privacy; Prototypes; Training (ID#: 15-8031)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7301806&isnumber=7301715

Bor-Jeng Chen; Medioni, G., "Motion Propagation Detection Association for Multi-Target Tracking in Wide Area Aerial Surveillance," in Advanced Video and Signal Based Surveillance (AVSS), 2015 12th IEEE International Conference on, pp. 1-6, 25-28 Aug. 2015. doi: 10.1109/AVSS.2015.7301766

Abstract: We propose a novel approach to track multiple targets with weak appearance in low frame rate wide area aerial videos. In real world scenarios, non-linear motion such as sharp turns after slowing down or U-shape trajectories occur. Performing accurate matching without introducing undesired trajectories is very challenging. To tackle various motion patterns, we sequentially optimizing an objective function and propagating motion information at each time step in a sliding temporal window. We show how to exploit an optimal short track (tracklet) for each detection in the first frame of each window using dynamic programming. Tracklets obtained in the window are then associated with existing tracks iteratively to form final tracks. We reduce false alarms in background subtraction motion detection with the aid of optical flow. Our system is tested on two challenging datasets. The quantitative evaluation on a long annotated aerial video sequence shows that the proposed approach outperforms state-of-the-art detection and tracking methods in all common axes of evaluation metrics.

Keywords: dynamic programming; motion estimation; target tracking; aerial video sequence; background subtraction motion detection; dynamic programming; motion propagation detection association; multi-target tracking; optimal short track; propagating motion information; sliding temporal window; wide area aerial surveillance; Linear programming; Optimization; Target tracking; Trajectory; Vehicles; Videos (ID#: 15-8032)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7301766&isnumber=7301715

Solera, F.; Calderara, S.; Cucchiara, R., "Towards the Evaluation of Reproducible Robustness in Tracking-by-Detection," in Advanced Video and Signal Based Surveillance (AVSS), 2015 12th IEEE International Conference on, pp. 1-6, 25-28 Aug. 2015. doi: 10.1109/AVSS.2015.7301755

Abstract: Conventional experiments on MTT are built upon the belief that fixing the detections to different trackers is sufficient to obtain a fair comparison. In this work we argue how the true behavior of a tracker is exposed when evaluated by varying the input detections rather than by fixing them. We propose a systematic and reproducible protocol and a MATLAB toolbox for generating synthetic data starting from ground truth detections, a proper set of metrics to understand and compare trackers peculiarities and respective visualization solutions.

Keywords: object detection; object tracking; Matlab toolbox; ground truth detection; input detection; reproducible protocol; reproducible robustness; synthetic data generation; systematic protocol; tracking-by-detection; Detectors; Protocols; Robustness; Target tracking; Trajectory (ID#: 15-8033)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7301755&isnumber=7301715

Jain, S.; Pilli, E.S.; Govil, M.C.; Rao, D.V., "Performance Evaluation of Congestion-Aware Routing Protocols for Underwater Sensor Networks with Multimedia Data," in Underwater Technology (UT), 2015 IEEE, pp. 1-6, 23-25 Feb. 2015. doi: 10.1109/UT.2015.7108271

Abstract: Performance advancements in acoustic communication technology have fostered to provide technical platform for numerous interdisciplinary applications ranging from bathymetry, hydrographic surveys, disaster prevention, to tactical surveillance over underwater sensor networks (UWSN). Supporting real-time data transmission over error-prone UWSN is increasingly important as these networks become more widely deployed. Existing UWSN routing protocols caters the requirements of non-real time applications where as delay sensitive applications requires solutions that can improve efficiency and reliability, often dynamically throughout the event detection and data transmission session. Congestion control is vital to achieve a high throughput and a long network lifetime. In particular, it is important for a routing protocol to provide congestion control by incorporating metrics like throughput, delay, packet loss ratio, etc. This paper presents a comparative analysis of UWSN routing protocols over real time multimedia data, using H.265/HEVC encoded video sequences. The aim of this study is to extend the in-built support in UWSN routing protocols for transmission of real time data traffic. The applicability of congestion control protocols in UW framework has been explored and the performance characteristics of the protocols have been studied under different multimedia load conditions with varying mobility. This methodology has been illustrated using the case studies in the military and ocean monitoring domains.

Keywords: routing protocols; telecommunication congestion control; telecommunication traffic; underwater acoustic communication; H.265 HEVC encoded video sequences; UWSN routing protocols; acoustic communication technology; congestion control protocols; congestion-aware routing protocols; delay sensitive applications; multimedia data; real time data traffic; underwater sensor networks; Delays; Distributed Bragg reflectors; Multimedia communication; Routing protocols; Streaming media; Wireless sensor networks; Aqua-Sim; Congestion Aware protocols; Congestion protocols; Multimedia traffic; Simulation; UWSN (ID#: 15-8034)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7108271&isnumber=7108213

Sharma, L.; Yadav, D.K.; Bharti, S.K., "An Improved Method for Visual Surveillance using Background Subtraction Technique," in Signal Processing and Integrated Networks (SPIN), 2015 2nd International Conference on, pp. 421-426, 19-20 Feb. 2015. doi: 10.1109/SPIN.2015.7095253

Abstract: Moving object detection is an important research area in computer vision. It deals with detecting instances of moving objects of various classes (such as humans, animals, buildings, or vehicles) in digital images and frame sequences for increasing needs of security and surveillance in public or private areas. In this work, proposed improvement enhances the existing model by using some image processing techniques in order to improve detection quality and compared against existing model using metrics like error analysis, precision, recall, f-measure and accuracy. In the existing work, robust estimators were used in order to model an efficient background and then a fast test was used to classify foreground pixel. There were problem of noisy pixels (false detection) due to environmental changes like waving tree leaves, rippling water and lighting effects. The, proposed improvement overcomes the problem of false detection and enhances the detection quality.

Keywords: error analysis; object detection; video surveillance; background subtraction technique; detection quality; false detection; foreground pixel; image processing technique; lighting effect; metrics like error analysis; noisy pixel; rippling water; robust estimator; visual surveillance; waving tree leaves; Accuracy; Adaptation models; Lighting; Object detection; Signal processing; Surveillance; Visualization; Background Modeling; Background Subtraction; Hole filling; Morphological Operator; Moving Object Detection (ID#: 15-8035)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7095253&isnumber=7095159

Gardzinski, P.; Kowalak, K.; Kaminski, L.; Mackowiak, S., "Crowd Density Estimation Based on Voxel Model in Multi-View Surveillance Systems," in Systems, Signals and Image Processing (IWSSIP), 2015 International Conference on, pp. 216-219, 10-12 Sept. 2015. doi: 10.1109/IWSSIP.2015.7314215

Abstract: In this paper, a novel crowd density estimation method based on voxel modeling in multi-view surveillance systems is presented. The approach proposed in this paper is based on human silhouette modeling with an anthropometric cylinder. The performance of crowd density estimation was analyzed on two multi-view sequences datasets. For this propose PETS 2006 and PETS 2009 were used. Performance of the proposed approach has been evaluated for two metrics: people counting and crowd classification.

Keywords: image classification; image sequences; video signal processing; video surveillance; PETS 2006;PETS 2009;anthropometric cylinder; crowd classification; crowd density estimation method; human silhouette modeling; multiview sequences datasets; multiview surveillance systems; people counting; voxel modeling; Calibration; Cameras; Chebyshev approximation; Conferences; Estimation; Positron emission tomography; Surveillance; Crowd density estimation; Multi-view; Voxel modeling (ID#: 15-8036)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7314215&isnumber=7313917

Soumya, T.; Thampi, S.M., "Day Color Transfer Based Night Video Enhancement for Surveillance System," in Signal Processing, Informatics, Communication and Energy Systems (SPICES), 2015 IEEE International Conference on, pp. 1-5, 19-21 Feb. 2015. doi: 10.1109/SPICES.2015.7091556

Abstract: A dark video captured during night surveillance is insufficient to recognize an action. In order to perform various video analysis operations, a night time video enhancement approach is required. A daytime coloring approach is proposed to improve the visual perception of night video. The day image is down sampled and its color features are applied to the night fusion video. The experimental results are compared with context enhancement fusion methods and objective metrics are used to evaluate the performance of the algorithm. The quality measures show that edge pixel strength and contrast of the surveillance videos are enhanced compared to other methods.

Keywords: image colour analysis; image fusion; video signal processing; video surveillance; visual perception; action recognition; color features; context enhancement fusion methods; dark video capturing; day color transfer; day image; daytime coloring approach; edge pixel contrast; edge pixel strength; night fusion video; night time video enhancement; objective metrics; performance evaluation; surveillance system; video analysis operations; visual perception improvement; Histograms; Image color analysis; Lighting; Mathematical model; Streaming media; Surveillance; Visualization; Color Transfer; Night video Surveillance; Video Enhancement (ID#: 15-8037)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7091556&isnumber=7091354

---

Note:

Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to news@scienceofsecurity.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.

---

Vulnerability Detection 2015

	Vulnerability Detection 2015

Vulnerability detection is a topic for which a great deal of research is being done. For the Science of Security community, vulnerability detection research is relevant to human behavior, resiliency, compositionality, and metrics. The work cited here was presented during 2015.

---

Antunes, N.; Vieira, M., "On the Metrics for Benchmarking Vulnerability Detection Tools," in Dependable Systems and Networks (DSN), 2015 45th Annual IEEE/IFIP International Conference on, pp. 505-516, 22-25 June 2015. doi: 10.1109/DSN.2015.30

Abstract: Research and practice show that the effectiveness of vulnerability detection tools depends on the concrete use scenario. Benchmarking can be used for selecting the most appropriate tool, helping assessing and comparing alternative solutions, but its effectiveness largely depends on the adequacy of the metrics. This paper studies the problem of selecting the metrics to be used in a benchmark for software vulnerability detection tools. First, a large set of metrics is gathered and analyzed according to the characteristics of a good metric for the vulnerability detection domain. Afterwards, the metrics are analyzed in the context of specific vulnerability detection scenarios to understand their effectiveness and to select the most adequate one for each scenario. Finally, an MCDA algorithm together with experts' judgment is applied to validate the conclusions. Results show that although some of the metrics traditionally used like precision and recall are adequate in some scenarios, others require alternative metrics that are seldom used in the benchmarking area.

Keywords: invasive software; software metrics; MCDA algorithm; alternative metrics; benchmarking vulnerability detection tool; software metrics; software vulnerability detection tool; Benchmark testing; Concrete; Context; Measurement; Security; Standards; Automated Tools; Benchmarking; Security Metrics; Software Vulnerabilities; Vulnerability Detection (ID#: 15-8084)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7266877&isnumber=7266818

Casola, V.; De Benedictis, A.; Rak, M., "Security Monitoring in the Cloud: An SLA-Based Approach," in Availability, Reliability and Security (ARES), 2015 10th International Conference on, pp. 749-755, 24-27 Aug. 2015. doi: 10.1109/ARES.2015.74

Abstract: In this paper we present a monitoring architecture that is automatically configured and activated based on a signed Security SLA. Such monitoring architecture integrates different security-related monitoring tools (either developed ad-hoc or already available as open-source or commercial products) to collect measurements related to specific metrics associated with the set of security Service Level Objectives (SLOs) that have been specified in the Security SLA. To demonstrate our approach, we discuss a case study related to detection and management of vulnerabilities and illustrate the integration of the popular open source monitoring system Open VAS into our monitoring architecture. We show how the system is configured and activated by means of available Cloud automation technologies and provide a concrete example of related SLOs and metrics.

Keywords: cloud computing; contracts; public domain software; security of data; system monitoring; OpenVAS; SLA-based approach; SLO; cloud automation technologies; monitoring architecture; open source monitoring system; open-source products; security monitoring; security service level objectives; security-related monitoring tools; signed security SLA; vulnerability management; Automation; Computer architecture; Measurement; Monitoring; Protocols; Security; Servers; Cloud security monitoring; Open VAS; Security Service Level Agreements; vulnerability monitoring (ID#: 15-8085)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7299988&isnumber=7299862

Combita, Luis F.; Giraldo, Jairo; Cardenas, Alvaro A.; Quijano, Nicanor, "Response and Reconfiguration of Cyber-Physical Control Systems: A Survey," in Automatic Control (CCAC), 2015 IEEE 2nd Colombian Conference on, pp. 1-6, 14-16 Oct. 2015. doi: 10.1109/CCAC.2015.7345181

Abstract: The integration of physical systems with distributed embedded computing and communication devices offers advantages on reliability, efficiency, and maintenance. At the same time, these embedded computers are susceptible to cyber-attacks that can harm the performance of the physical system, or even drive the system to an unsafe state; therefore, it is necessary to deploy security mechanisms that are able to automatically detect, isolate, and respond to potential attacks. Detection and isolation mechanisms have been widely studied for different types of attacks; however, automatic response to attacks has attracted considerably less attention. Our goal in this paper is to identify trends and recent results on how to respond and reconfigure a system under attack, and to identify limitations and open problems. We have found two main types of attack protection: i) preventive, which identifies the vulnerabilities in a control system and then increases its resiliency by modifying either control parameters or the redundancy of devices; ii) reactive, which responds as soon as the attack is detected (e.g., modifying the non-compromised controller actions).

Keywords: Actuators; Game theory; Games; Security; Sensor systems (ID#: 15-8086)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7345181&isnumber=7345173

Muntean, P.; Rabbi, A.; Ibing, A.; Eckert, C., "Automated Detection of Information Flow Vulnerabilities in UML State Charts and C Code," in Software Quality, Reliability and Security - Companion (QRS-C), 2015 IEEE International Conference on, pp. 128-137, 3-5 Aug. 2015. doi: 10.1109/QRS-C.2015.30

Abstract: Information flow vulnerabilities in UML state charts and C code are detrimental as they can cause data leakages or unexpected program behavior. Detecting such vulnerabilities with static code analysis techniques is challenging because code is usually not available during the software design phase and previous knowledge about what should be annotated and tracked is needed. In this paper we propose textual annotations used to introduce information flow constraints in UML state charts and code which are afterwards automatically loaded by information flow checkers that check if imposed constraints hold or not. We evaluated our approach on 6 open source test cases available in the National Institute of Standards and Technology (NIST) Juliet test suite for C/C++. Our results show that our approach is effective and can be further applied to other types of UML models and programming languages as well, in order to detect different types of vulnerabilities.

Keywords: Unified Modeling Language; program diagnostics; software engineering; source code (software); C code; Juliet test; NIST; National Institute of Standards and Technology; UML state charts; automated detection; information flow vulnerabilities; software design; static code analysis techniques; Computer bugs; Cryptography; Grammar; Software; Software algorithms; Unified modeling language; information flow vulnerability ;model-based verification; static code analysis (ID#: 15-8087)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7322134&isnumber=7322103

Yaohui Wang; Dan Wang; Wenbing Zhao; Yuan Liu; "Detecting SQL Vulnerability Attack Based on the Dynamic and Static Analysis Technology," in Computer Software and Applications Conference (COMPSAC), 2015 IEEE 39th Annual, vol. 3, pp. 604-607, 1-5 July 2015. doi: 10.1109/COMPSAC.2015.277

Abstract: Targeting at PHP program, this paper proposes an SQL vulnerability detection method based on the injection analysis technology. This method makes a detailed analysis on the one-time injection in the aspects of data flow and program behavior, on the basis of the combination of dynamic and static analysis technique. Then it implements the SQL vulnerability determination algorithm which is based on lexical feature comparison. At last, this paper combines alias analysis technology, behavior model and SQL which is based on lexical feature comparison to design and establish a prototype system for SQL vulnerability detection. The experiment shows that our system has a good strong ability of SQL vulnerability detection and very low time cost.

Keywords: SQL; data flow analysis; security of data; PHP program; SQL vulnerability attack detection; SQL vulnerability determination algorithm; alias analysis technology; behavior model; data flow; dynamic analysis technology; injection analysis technology; lexical feature comparison; program behavior; static analysis technology; Algorithm design and analysis; Analytical models; Arrays; Computer bugs; Feature extraction; Prototypes; Testing; SQL vulnerabilities; combination of static and dynamic technique; alias analysis; behavior model (ID#: 15-8088)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7273432&isnumber=7273299

Hao Li; Guangjie Liu; Weiwei Jiang; Yuewei Dai, "Designing Snort Rules to Detect Abnormal DNP3 Network Data," in Control, Automation and Information Sciences (ICCAIS), 2015 International Conference on, pp. 343-348, 29-31 Oct. 2015. doi: 10.1109/ICCAIS.2015.7338690

Abstract: Vulnerability of industrial control network communication protocol is the most important reason leading to industrial control network attacks. In this paper, the vulnerability of DNP3, the typical industrial control network communication protocol, is analyzed. The abnormal behaviors of DNP3 are categorized according to the Snort detection mechanisms. The Snort detection rule template for anomaly DNP3 data is constructed and the rules are designed according the template. The rule designing method can be generally extended to other network-based industrial control protocols.

Keywords: Arrays; Computer crime; Industrial control; Intrusion detection; Protocols; Servers;DNP3;industrial control network security; protocol vulnerability analysis; snort rule template (ID#: 15-8089)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7338690&isnumber=7338636

Marve, T.K.; Sambhe, N.U., "A Review on Cross Layer Intrusion Detection System in Wireless Ad Hoc Network," in Electrical, Computer and Communication Technologies (ICECCT), 2015 IEEE International Conference on, pp.1-4, 5-7 March 2015. doi: 10.1109/ICECCT.2015.7226109

Abstract: Wireless ad-hoc networks is a collection of small randomly dispersed device deployed in large number that provide essential function like monitor physical and environmental condition also provide efficient, reliable communication via wireless Network, ad-hoc network are vulnerable to various type of security threat and attack, various way are possible to overcome vulnerabilities in wireless ad-hoc network from attack and threat, mostly used solution is an Intrusion detection system (IDS) that suites the security needs and characteristics of ad-hoc networks for efficient and effective performance against intrusion. In this paper we propose a cross layer intrusion detection system (CIDS) which overcome demerits such as false positive present in traditional IDS, a cross layer design framework that will exploit the information available across different layer of the protocol stack by triggering two level of detection that utilizes the knowledge of network and node condition in determining the node behavior, and enhance the accuracy of detection.

Keywords: ad hoc networks; routing protocols; security of data; telecommunication security; wireless channels; cross layer intrusion detection system; environmental condition; physical condition; protocol stack; reliable communication; security attack; security threat; small randomly dispersed device; wireless ad hoc network; Jamming; Monitoring; Threat model; cross layer intrusion detection system (CIDS); intrusion detection system (ID#: 15-8090)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7226109&isnumber=7225915

Nen-Fu Huang; Chuang Wang; I-Ju Liao; Che-Wei Lin; Chia-Nan Kao, "An OpenFlow-Based Collaborative Intrusion Prevention System for Cloud Networking," in Communication Software and Networks (ICCSN), 2015 IEEE International Conference on, pp. 85-92, 6-7 June 2015. doi: 10.1109/ICCSN.2015.7296133

Abstract: Software-Defined Networking (SDN) is an emerging architecture that is ideal for today's high-bandwidth, dynamic network environments. In this architecture, the control and data planes are decoupled from each other. Although much research has been performed into how SDN can resolve some of the most-glaring security issues of traditional networking, less research has addressed cloud security threats, and, in particular, botnet/malware detection and in-cloud attacks. This work proposes an intrusion prevention system for cloud networking with SDN solutions. To realize collaborative defense, mechanisms of botnet/malware blocking, scan filtering and honeypot are implemented. Malicious traffic is isolated because bot-infected VMs are removed effectively and efficiently from the private cloud. The scanning behavior can be filtered at a very early stage of prevention, making the VMs less exploitable. A honeypot mechanism is also deployed to trap attackers. Experimental results show the high detection rate, high prevention accuracy and low vulnerability of the proposed system.

Keywords: cloud computing; computer network security; invasive software; software defined networking; botnet blocking; cloud networking; collaborative defense; honeypot mechanism; intrusion prevention system; malicious traffic isolation; malware blocking; openflow based collaborative intrusion prevention; scan filtering; software defined networking; Cloud computing; Computer architecture; Filtering; Malware; Ports (Computers);Servers; Botnet Detection; Cloud Computing; Intrusion Prevention System; OpenFlow; Software-Defined Networking (SDN) (ID#: 15-8091)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7296133&isnumber=7296115

Bajwa, G.; Fazeen, M.; Dantu, R.; Tanpure, S., "Unintentional Bugs to Vulnerability Mapping in Android Applications," in Intelligence and Security Informatics (ISI), 2015 IEEE International Conference on, pp. 176-178, 27-29 May 2015. doi: 10.1109/ISI.2015.7165966

Abstract: The intention of an Android application, determined by the source code analysis is used to identify potential maliciousness in that application (app). Similarly, it is possible to analyze the unintentional behaviors of an app to identify and reduce the window of vulnerabilities. Unintentional behaviors of an app can be any developmental loopholes such as software bugs overlooked by a developer or introduced by an adversary intentionally. FindBugsTM and Android Lint are a couple of tools that can detect such bugs easily. A software bug can cause many security vulnerabilities (known or unknown) and vice-versa, thus, creating a many-to-many mapping. In our approach, we construct a matrix of mapping between the bugs and the potential vulnerabilities. A software bug detection tool is used to identify a list of bugs and create an empirical list of the vulnerabilities in an app. The many-to-many mapping matrix is obtained by two approaches - severity mapping and probability mapping. These mappings can be used as tools to measure the unknown vulnerabilities and their strength. We believe our study is the first of its kind and it can enhance the security of Android apps in their development phase itself. Also, the reverse mapping matrix (vulnerabilities to bugs) could be used to improve the accuracy of malware detection in Android apps.

Keywords: Android (operating system); invasive software; matrix algebra; probability; program debugging; software tools; source code (software); Android Lint; Android applications; FindBugsTM; development phase; developmental loopholes; malware detection; many-to-many mapping matrix; probability mapping; reverse mapping matrix; security vulnerabilities; severity mapping; software bug detection tool; software bugs; source code analysis; unintentional behavior analysis; unintentional bugs; vulnerability mapping; Androids; Computer bugs; Conferences; Humanoid robots; Indexes; Security; Software; android applications; bugs; mapping; security; vulnerability (ID#: 15-8092)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7165966&isnumber=7165923

Alheeti, K.M.A.; Gruebler, A.; McDonald-Maier, K.D., "An Intrusion Detection System Against Malicious Attacks on the Communication Network of Driverless Cars," in Consumer Communications and Networking Conference (CCNC), 2015 12th Annual IEEE, pp. 916-921, 9-12 Jan. 2015. doi: 10.1109/CCNC.2015.7158098

Abstract: Vehicular ad hoc networks (VANET) have become a significant technology in the current years because of the emerging generation of self-driving cars such as Google driverless cars. VANET have more vulnerabilities compared to other networks such as wired networks, because these networks are an autonomous collection of mobile vehicles and there is no fixed security infrastructure, no high dynamic topology and the open wireless medium makes them more vulnerable to attacks. It is important to design new approaches and mechanisms to raise the security these networks and protect them from attacks. In this paper, we design an intrusion detection mechanism for the VANETs using Artificial Neural Networks (ANNs) to detect Denial of Service (DoS) attacks. The main role of IDS is to detect the attack using a data generated from the network behavior such as a trace file. The IDSs use the features extracted from the trace file as auditable data. In this paper, we propose anomaly and misuse detection to detect the malicious attack.

Keywords: computer network security; feature extraction; neural nets; vehicular ad hoc networks; Denial of Service attack detection; DoS attack detection; IDS; VANET; artificial neural network; driverless car communication network; feature extraction; intrusion detection system; malicious attack; misuse detection; mobile vehicle autonomous collection; open wireless medium; self-driving car; vehicular ad hoc networking; Accuracy; Ad hoc networks; Artificial neural networks; Feature extraction; Security; Training; Vehicles; driverless car; intrusion detection system; security; vehicular ad hoc networks (ID#: 15-8093)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7158098&isnumber=7157933

Vamsi, P.R.; Kant, K., "Secure Data Aggregation and Intrusion Detection in Wireless Sensor Networks," in Signal Processing and Communication (ICSC), 2015 International Conference on, pp. 127-131, 16-18 March 2015. doi: 10.1109/ICSPCom.2015.7150633

Abstract: Data Aggregation (DA) is a technique of data gathering in Wireless Sensor Networks (WSNs). It provide advantages such as reporting consolidated data, reducing data redundancy, improving network lifetime etc. However, deploying WSNs in hostile and remote environments presents security vulnerabilities that can lead to various security attacks such as energy based attacks, attacks on data aggregation etc. Numerous secure DA techniques have been proposed in the literature. However, lightweight models using Trust Monitoring System (TMS) and Intrusion Detection Systems (IDS) are limited. This paper presents a secure data aggregation framework for Wireless Sensor Networks (WSNs) using TMS at node level and IDS at Base Station (BS) side. Each node in the network assesses the behavior of its neighbors using trust ratings and performs the network activities such as cluster head selection, data aggregation, and reporting to the BS. Then, BS analyzes the received information using IDS and reports the information about the malicious activities back to nodes in the network. In this way, the proposed model identifies and isolates the malicious nodes from the data aggregation process. Simulation results show the effectiveness of this model.

Keywords: security of data; wireless sensor networks; head selection; intrusion detection systems; secure data aggregation; trust monitoring system; wireless sensor networks; Computational modeling; Data models; Intrusion detection; Nickel; Protocols; Wireless sensor networks; Data aggregation; energy efficiency; intrusion detection system; malicious activity; security; trust monitoring system (ID#: 15-8094)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7150633&isnumber=7150604

Alruhaily, Nada; Bordbar, Behzad; Chothia, Tom, "Analysis of Mobility Algorithms for Forensic Virtual Machine Based Malware Detection," in Trustcom/BigDataSE/IEEESPA, 2015 IEEE, vol. 1, pp. 766-773, 20-22 Aug. 2015. doi: 10.1109/Trustcom.2015.445

Abstract: Forensic Virtual Machines are a new technology that replaces signature-based malware detection for the cloud. Forensic Virtual Machines are mini-VMs which are used to identify symptoms of malicious behaviour on customer VMs. Scanning using these mini-VMs consumes less resources than a full scan would and their small size reduces the possibility of the FVMs themselves containing vulnerabilities. A mobility algorithm embedded in every FVM specifies how it chooses which customer VM to scan. Although multiple scanning strategies have been introduced, there is no work which provides a comparison of these strategies. In this paper, we develop a probabilistic approach which tells us which strategy is best for a given cloud environment and particular family of malware. Our framework uses Bayesian probability in addition to a malware knowledge base in order to simulate the scanning process of a number of FVMs.

Keywords: Algorithm design and analysis; Cloud computing; Forensics; Heuristic algorithms; Malware; Virtual machining; Behavioural Analysis; Forensic Virtual Machine; Malware; Mobility Algorithms (ID#: 15-8095)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7345353&isnumber=7345233

Badea, A.; Croitoru, V.; Gheorghica, D., "Computer Network Vulnerabilities and Monitoring," in Advanced Topics in Electrical Engineering (ATEE), 2015 9th International Symposium on, pp. 49-54, 7-9 May 2015. doi: 10.1109/ATEE.2015.7133678

Abstract: This paper presents an overview of the current computer network vulnerabilities and exploits, possibilities of monitoring the network traffic, by intercepting and duplicating it, ways of analyzing the monitored traffic in order to better understand and explain the detection of user's behavior.

Keywords: computer network management; computer network security; telecommunication traffic; computer network monitoring; computer network vulnerabilities; network traffic monitoring; user behavior; Computers; IP networks; Monitoring; Ports (Computers); Protocols; Telecommunication traffic; analyze network traffic; cyber security; detection of user's behavior; exploits; monitoring traffic; security; vulnerabilities (ID#: 15-8096)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7133678&isnumber=7133661

Rani; Jaya Kumar, C.; Divya, "Trust aware systems in Wireless Sensor Networks," in Computing and Communications Technologies (ICCCT), 2015 International Conference on, pp. 174-179, 26-27 Feb. 2015. doi: 10.1109/ICCCT2.2015.7292741

Abstract: Sensor network is an adaptable technology for perceiving environmental criterions and hence finds its pivotal role in a wide range of applications. The applications range from mission critical like military or patient monitoring systems to home surveillance systems where the network may be prone to security attacks. The network is vulnerable to attack as it may be deployed in hostile environments. In addition it may be exposed to attacks due to the inherent feature of not incorporating security mechanisms into the nodes. Hence additional programs for security may be added in the network. One such scheme is making the network a trust ware system. The trust computation serves as a powerful tool in the detection of unexpected node behaviour. In this paper we propose a trust mechanism to determine the trustworthiness of the sensor node. Most of the existing trust aware systems are centralised and suffer from single head failure. In this paper we propose a dynamic and decentralized system.

Keywords: telecommunication security; trusted computing; wireless sensor networks; decentralized system; dynamic system; environmental criterion; hostile environment ;network security; network vulnerability; sensor node trustworthiness determination; trust aware system; unexpected node behaviour detection; wireless sensor network; Base stations; Energy efficiency; Monitoring; Reliability; Routing; Security; Wireless sensor networks; security; trust evaluation; wireless sensor network (ID#: 15-8097)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7292741&isnumber=7292708

Bhebe, W.; Kogeda, O.P., "Shilling Attack Detection in Collaborative Recommender Systems using a Meta Learning Strategy," in Emerging Trends in Networks and Computer Communications (ETNCC), 2015 International Conference on, pp. 56-61, 17-20 May 2015. doi: 10.1109/ETNCC.2015.7184808

Abstract: Collaborative Recommender Systems suggest items to a user based on other users past behaviour (items they once bought, viewed or selected and/or ratings they gave to those items). They are very effective in generating meaningful recommendations to a group of users for products or items that might interest them. However, since Collaborative filtering techniques depend on outside sources of information they are susceptible to profile injection attacks popularly known as shilling attacks. Shilling is a process in which syndicating users can connive to promote or demote a certain item. These mischievous users can consciously inject shilling profiles in an effort to bias the recommender system to their advantage. In this paper we seek to understand the degree to which shilling attacks can harm recommender systems and how these attacks can be detected. Firstly, we evaluate the vulnerabilities of collaborative filtering techniques in providing reliable recommendations. We study various attack strategies that manipulators use to attack recommender systems. Secondly we investigate the most suitable features that can be used to adequately identify shilling attacks. We propose the combiner strategy that combines multiple classifiers in an effort to detect shilling attacks. The diversity measure is used to determine the most suitable combination of classifiers. In this paper, we made use k-Nearest Neighbour, Support Vector Machines and Bayesian Networks as the initial base classifiers. The Naive Bayes was used as a Meta Classifier. The proposed Meta-Learning classifier gave an overall performance of 99% and was found to be more superior to Neural Networks and k-Nearest Neighbor.

Keywords: belief networks; collaborative filtering; pattern classification; recommender systems; security of data; support vector machines; Bayesian network; collaborative filtering technique; collaborative recommender system; k-nearest neighbour; metalearning classifier; shilling attack detection; support vector machine; Classification algorithms; Collaboration; Motion pictures; Prediction algorithms; Recommender systems; Training; Collaborative filtering; Machine Learning; Meta Learning; Recommender Systems; Shilling attacks (ID#: 15-8098)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7184808&isnumber=7184793

Alshamrani, H.; Ghita, B.; Lancaster, D., "Detecting IP Prefix Hijacking Using Data Reduction-Based and Binary Search Algorithm," in Internet Technologies and Applications (ITA), 2015, pp. 78-84, 8-11 Sept. 2015. doi: 10.1109/ITechA.2015.7317374

Abstract: In spite of significant ongoing research, the Border gateway protocol (BGP) still encompasses conceptual vulnerability issues regarding impersonating the ownership of IP prefixes for ASes (Autonomous Systems). In this context, a number of research studies focused on securing BGP through historical-based and statistical-based behavioural models. This paper proposes a novel algorithm aiming to track the behaviour of BGP edge routers and detect IP prefix hijacks based on a typical signature. The algorithm parses the BGP advertisements in order to detect the apparent relocation of specific IP prefixes, either in the same or in different regions. The algorithm aims to identify IP prefixes by multiple independent ASes. The method differs from routing consistency monitoring, which faces difficulties detecting events at the edge of the BGP infrastructure. Based on the RIRs' database, the algorithm can detect national and cross-border IP prefix hijacks very quick. However, 5 results out of 16 were not accurate therefore the algorithm has some false positives and needs further improvement to be done in future.

Keywords: IP networks; computer network security; data reduction; internetworking; protocols; search problems; ASe; BGP; BGP advertisement parsing BGP edge routers; RIR database; autonomous systems; binary search algorithm; border gateway protocol; cross-border IP prefix hijack detection; data reduction-based algorithm; false positives; historical-based behavioural model; national IP prefix hijack detection; routing consistency monitoring; statistical-based behavioural model; Communication cables; Feature extraction; IP networks; Image edge detection; Logic gates; MATLAB; Monitoring; BGP advertisements; Binary Search Algorithm; Data Reduction; IP prefix; origin AS (ID#: 15-8099)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7317374&isnumber=7317353

Gilsu Choi; Jahns, T.M., "Post-Demagnetization Characteristics of Permanent Magnet Synchronous Machines," in Energy Conversion Congress and Exposition (ECCE), 2015 IEEE, pp. 1781-1788, 20-24 Sept. 2015. doi: 10.1109/ECCE.2015.7309911

Abstract: This work investigates post-demagnetization characteristics of permanent magnet synchronous machines (PMSMs). A combination of closed-form analysis using a magnetic equivalent circuit model and finite element (FE) analysis is used to provide physical insights into the flux paths associated with demagnetizing electromotive force (MMF). Post-demagnetization behavior in several types of PMSMs is studied to better understand post-fault PM machine performance and the key characteristics that can be used to monitor demagnetization faults. Topics include the key role of magnet flux leakage paths in interior PM machines for attenuating the negative impact of demagnetizing stator MMF, and the particular vulnerability of PM machines with fractional-slot concentrated windings to progressive accumulated degradation following exposure to multiple demagnetization events. FE analysis is used to build confidence in the demagnetization predictions of the developed model and to provide more insights that are difficult to obtain using the analytical model.

Keywords: demagnetisation; electric potential; equivalent circuits; finite element analysis; machine windings; magnetic flux; magnetic leakage; permanent magnet machines; reliability; synchronous machines; FE analysis; PMSM post-demagnetization characteristics; closed-form analysis; electromotive force demagnetization fault monitoring; finite element analysis; fractional-slot concentrated winding; interior PM machine; magnet flux leakage path; magnetic equivalent circuit model; multiple demagnetization event; permanent magnet synchronous machine post-demagnetization characteristics; Demagnetization; Magnetic circuits; Magnetic flux; Magnetomechanical effects; Rotors; Saturation magnetization; Stators; Permanent magnet machines; demagnetization; fault detection; interior PM machines; surface PM machines (ID#: 15-8100)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7309911&isnumber=7309651

Sun Ding; Hee Beng Kuan Tan; Lwin Khin Shar, "Mining Patterns of Unsatisfiable Constraints to Detect Infeasible Paths," in Automation of Software Test (AST), 2015 IEEE/ACM 10th International Workshop on, pp. 65-69, 23-24 May 2015. doi: 10.1109/AST.2015.21

Abstract: Detection of infeasible paths is required in many areas including test coverage analysis, test case generation, security vulnerability analysis, etc. Existing approaches typically use static analysis coupled with symbolic evaluation, heuristics, or path-pattern analysis. This paper is related to these approaches but with a different objective. It is to analyze code of real systems to build patterns of unsatisfiable constraints in infeasible paths. The resulting patterns can be used to detect infeasible paths without the use of constraint solver and evaluation of function calls involved, thus improving scalability. The patterns can be built gradually. Evaluation of the proposed approach shows promising results.

Keywords: data mining; infeasible paths detection; pattern mining; unsatisfiable constraints; Accuracy; Pattern matching; Prototypes; Scalability; Software; Testing; Training; Infeasible paths; pattern mining; static analysis; structural testing; symbolic evaluation (ID#: 15-8101)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7166270&isnumber=7166248

Mahmud, R.; Vallakati, R.; Mukherjee, A.; Ranganathan, P.; Nejadpak, A., "A Survey on Smart Grid Metering Infrastructures: Threats and Solutions," in Electro/Information Technology (EIT), 2015 IEEE International Conference on, pp. 386-391, 21-23 May 2015. doi: 10.1109/EIT.2015.7293374

Abstract: Without a reliable metering and communication infrastructure, the smart grid could become a catastrophe to national security and economy. A true smart grid infrastructure should detect all existing and predict future threats through intrusion detection methods. Smart grids are susceptible to various physical and cyber-attack as a result of communication, control and computation vulnerabilities employed in the grid. The paper provides a comprehensive study on types of threats and solutions on smart grid communication and metering infrastructures. As a part of this survey, the smart grid metering infrastructures susceptibilities and recommended remedial actions are identified. In addition, the paper details types of known attacks on existing metering infrastructure and defensive methodologies.

Keywords: national security; power engineering computing; power system measurement; power system security; smart meters; smart power grids; communication vulnerability; computation vulnerability; control vulnerability; cyber attack; intrusion detection method; national economy; national security; physical attack; smart grid communication; smart grid metering infrastructure; threat detection; Authentication; Encryption; Intrusion detection; Smart grids; Smart meters; Intrusion detection; advanced metering infrastructure (AMI); smart meter (ID#: 15-8102)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7293374&isnumber=7293314

Darwish, I.; Igbe, O.; Saadawi, T., "Experimental and Theoretical Modeling of DNP3 Attacks in Smart Grids," in Sarnoff Symposium, 2015 36th IEEE, pp. 155-160, 20-22 Sept. 2015. doi: 10.1109/SARNOF.2015.7324661
Abstract: Security challenges have emerged in recent years facing smart-grids in the energy sector. Threats are arising every day that could cause great scale of damages in critical infrastructure. Our paper will address internal security threats associated with smart grid in a simulated virtual environment involving DNP3 protocol. We will analyze vulnerabilities and perform penetration testing involving Man-in-the-middle (MITM) type of attacks. Ultimately, by utilizing theoretical modeling of smart-grid attacks using game theory, we will optimize our detection and mitigation procedures to reduce cyber threats in DNP3 environment. The use of intrusion detection system will be necessary to identify attackers targeting different part of the smart grid infrastructure. Mitigation techniques will ensure a healthy check of the network. Performing DNP3 security attacks, detections, preventions and counter measures will be our goals to achieve in this research paper.
Keywords: game theory; power system security; safety systems; smart power grids; DNP3 attacks; game theory; internal security threats; intrusion detection system; man-in-the-middle; mitigation techniques; simulated virtual environment; smart grids; Delay effects; Game theory; Games; Payloads; Protocols; Security; Smart grids; DNP3; Game Theory; IED; MITM; Malicious Attacks; SCADA; Smart-Grid (ID#: 15-8103)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7324661&isnumber=7324628

Taylor, C.; Johnson, T., "Strong Authentication Countermeasures Using Dynamic Keying for Sinkhole and Distance Spoofing Attacks in Smart Grid Networks," in Wireless Communications and Networking Conference (WCNC), 2015 IEEE, pp. 1835-1840, 9-12 March 2015. doi: 10.1109/WCNC.2015.7127747

Abstract: This paper presents a proposal to provide secure communications in smart grid / utility metering networks using RPL (Routing Protocol for Low Power and Lossy Networks). The RPL protocol provides optimal routing performance in some wireless sensor networks and may become a strong standard in utility metering networks. However, the protocol does have numerous security flaws which should be addressed prior to its use in critical infrastructure such as automated metering infrastructure (AMI). Among those flaws, this paper examines the sinkhole and distance spoofing attacks; in addition, it proposes modifications to RPL addressing routing vulnerabilities, including using node-to-node encrypted authentication with dynamically served encryption keys and key-compromising detection using data mining. Simulation results show that the proposed resolution provides good performance characteristics for use in utility grid networks.

Keywords: cryptographic protocols; routing protocols; smart power grids; telecommunication security; wireless sensor networks; RPL protocol modification; automated metering infrastructure; data mining; distance spoofing attacks; dynamic keying; key-compromising detection; node-to-node encrypted authentication; routing protocol for low power and lossy networks; secure communications; sinkhole; smart grid networks; strong authentication countermeasures; utility grid networks; utility metering networks; wireless sensor networks; Authentication; Encryption; Routing; Routing protocols; Wireless sensor networks (ID#: 15-8104)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7127747&isnumber=7127309

Dehghani, M.; Khalafi, Z.; Khalili, A.; Sami, A., "Integrity Attack Detection in PMU Networks Using Static State Estimation Algorithm," in PowerTech, 2015 IEEE Eindhoven, pp. 1-6, June 29 2015-July 2 2015. doi: 10.1109/PTC.2015.7232265

Abstract: Information Technology (IT) infrastructure is used to send information from Phasor Measurement Unites (PMUs) to Phasor Data Concentrators (PDCs) and Control Centers (CCs) in modern smart grids. Unfortunately, vulnerabilities of IT infrastructure make modern smart grids prone to cyber-attacks. To detect such attacks, a number of Intrusion Detection Systems (IDSs) have been proposed in recent years. However, these IDSs can only detect attacks and are not capable of obtaining correct measurements and localizing the attack source. In this paper, these two capabilities are provided by proposing an approach based on static state estimation algorithm. The main focus of this approach is on attacks targeting smart grid integrity. Simulation results on the IEEE 14-bus test system indicate that in addition to detect integrity attacks, this method can extract the correct measurements and localize compromised devices or communication lines.

Keywords: estimation theory; phasor measurement; power system security; security of data; smart power grids; state estimation; IDS ;IEEE 14-bus test system; PDC; PMU networks; attack detection; control centers; cyber-attacks; information technology infrastructure; intrusion detection systems; phasor data concentrators; phasor measurement unit; smart grids; static state estimation algorithm; Encryption; Intrusion detection; Phasor measurement units; Smart grids; State estimation; Voltage measurement; Integrity Attack; Intrusion Detection; Phasor Measurement Unit (PMU);Smart grid; Static State Estimation (ID#: 15-8105)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7232265&isnumber=7232233

Kaster, P.; Sen, P.K., "Cyber Security and Rural Electric Power Systems," in Rural Electric Power Conference (REPC), 2015 IEEE, pp. 49-54, 19-21 April 2015. doi: 10.1109/REPC.2015.23

Abstract: Cyber security is a topic of increasing importance and interest to small utility operators like REA's. The requirement for cyber security is based upon reasons ranging from national security to individual business operations to regulatory compliance. Several fundamental concepts can guide an operator when implementing a cyber security plan. Operators must consider the competing requirements of confidentiality, integrity, availability, and cost. They must consider the potential levels of impact for an incident. While implementing a cyber security plan, operators will constantly identify adversaries, threats, vulnerabilities, consequences, and risks. They will implement physical, technical, and administrative controls to protect networks and other assets, detect attacks, respond to those attacks, and recover from any damage. The process will be continuous, as operators respond to the changing environment.

Keywords: power system security; smart power grids; REA; attack detection; business operations; cyber security plan; national security; network protection; regulatory compliance; rural electric power systems; small utility operators; smart power grid; Availability ;Companies; Computer hacking; Standards; Terrorism; Communications Protocols; Cyber Security; NERC; Power Grid; Rural Electric Power; Smart Grid (ID#: 15-8106)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7106309&isnumber=7106293

Bo Chen; Pattanaik, N.; Goulart, A.; Butler-Purry, K.L.; Kundur, D., "Implementing Attacks for Modbus/TCP Protocol in a Real-Time Cyber Physical System Test Bed," in Communications Quality and Reliability (CQR), 2015 IEEE International Workshop Technical Committee on, pp. 1-6, 11-14 May 2015. doi: 10.1109/CQR.2015.7129084

Abstract: To understand security vulnerabilities of communication protocols used in power systems, a real-time framework can be developed to conduct vulnerability studies. The framework should implement protection mechanisms against vulnerabilities and study their effectiveness. In this paper, a realtime cyber-physical framework or test bed is presented. It integrates a real-time power system simulator and a communication system simulator to study the cyber and physical system vulnerabilities in smart power grids. The power system simulation is implemented using the Real-Time Digital Simulator (RTDS(r)) power grid simulator, with LabVIEW and PXI modules that simulate the supervisory control and data acquisition (SCADA) system and intelligent electronic devices (IEDs). The communication system simulation is implemented using Opnet's System-in-the-Loop (SITL) simulator and open source Linux tools and servers. Results of two cyber-attacks on the Modbus/TCP protocol are discussed and improvements to the test bed for protocol attack detection and mitigation are proposed.

Keywords: Linux; SCADA systems; power system security; power system simulation; smart power grids; telecommunication security; transport protocols; virtual instrumentation; LabVIEW; Modbus/TCP protocol; Opnet; PXI modules; SCADA system; SITL; communication protocols; communication system simulator; cyber system vulnerabilities; cyber-attacks; intelligent electronic devices; physical system vulnerabilities; power grid simulator; power systems; protection mechanisms; real-time cyber physical system test bed; real-time digital simulator; real-time power system simulator; security vulnerabilities; supervisory control and data acquisition; system-in-the-loop simulator; Computer crime; Power system stability ;Protocols; Real-time systems; Servers; Smart grids; DoS; LabVIEW; MITM; Modbus/TCP; Opnet; RTDS; SCADA; cyber-attacks; test bed (ID#: 15-8107)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7129084&isnumber=7129075

---

Note:

Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to news@scienceofsecurity.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.

---

Web Browser Security 2015

	Web Browser Security 2015

Web browsers are vulnerable to a range of threats. To the Science of Security community, they are often the first vector for attacks and are relevant to the issues of compositionality, resilience, predictive metrics, and human behavior. The work cited here was presented in 2015.

---

Panja, B.; Gennarelli, T.; Meharia, P., "Handling Cross Site Scripting Attacks Using Cache Check to Reduce Webpage Rendering Time with Elimination of Sanitization and Filtering in Light Weight Mobile Web Browser," in Mobile and Secure Services (MOBISECSERV), 2015 First Conference on, pp.1-7, 20-21 Feb. 2015. doi: 10.1109/MOBISECSERV.2015.7072878

Abstract: In this paper we propose a new approach to prevent and detect potential cross-site scripting attacks. Our method called Buffer Based Cache Check, will utilize both the server-side as well as the client-side to detect and prevent XSS attacks and will require modification of both in order to function correctly. With Cache Check, instead of the server supplying a complete whitelist of all the known trusted scripts to the mobile browser every time a page is requested, the server will instead store a cache that contains a validated "trusted" instance of the last time the page was rendered that can be checked against the requested page for inconsistencies. We believe that with our proposed method that rendering times in mobile browsers will be significantly reduced as part of the checking is done via the server, and fewer checking within the mobile browser which is slower than the server. With our method the entire checking process isn't dumped onto the mobile browser and as a result the mobile browser should be able to render pages faster as it is only checking for "untrusted" content whereas with other approaches, every single line of code is checked by the mobile browser, which increases rendering times.

Keywords: cache storage; client-server systems; mobile computing; online front-ends; security of data; trusted computing; Web page rendering time; XSS attacks; buffer based cache check; client-side; cross-site scripting attacks; filtering; light weight mobile Web browser; sanitization; server-side; trusted instance; untrusted content; Browsers; Filtering; Mobile communication; Radio access networks; Rendering (computer graphics); Security; Servers; Cross site scripting; cache check; mobile browser; webpage rendering (ID#: 15-7951)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7072878&isnumber=7072857

Rajani, V.; Bichhawat, A.; Garg, D.; Hammer, C., "Information Flow Control for Event Handling and the DOM in Web Browsers," in Computer Security Foundations Symposium (CSF), 2015 IEEE 28th, pp.366-379, 13-17 July 2015. doi: 10.1109/CSF.2015.32

Abstract: Web browsers routinely handle private information. Owing to a lax security model, browsers and JavaScript in particular, are easy targets for leaking sensitive data. Prior work has extensively studied information flow control (IFC) as a mechanism for securing browsers. However, two central aspects of web browsers - the Document Object Model (DOM) and the event handling mechanism - have so far evaded thorough scrutiny in the context of IFC. This paper advances the state-of-the-art in this regard. Based on standard specifications and the code of an actual browser engine, we build formal models of both the DOM (up to Level 3) and the event handling loop of a typical browser, enhance the models with fine-grained taints and checks for IFC, prove our enhancements sound and test our ideas through an instrumentation of WebKit, an in-production browser engine. In doing so, we observe several channels for information leak that arise due to subtleties of the event loop and its interaction with the DOM.

Keywords: Internet; Java; online front-ends;security of data; DOM; IFC; JavaScript; Web browsers; WebKit; browser engine; document object model; event handling; event handling mechanism; formal models; in-production browser engine; information flow control; lax security model; sensitive data leakage; Browsers; Context; Instruments; Lattices; Monitoring; Security; Standards (ID#: 15-7952)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7243745&isnumber=7243713

Hale, M.L.; Hanson, S., "A Testbed and Process for Analyzing Attack Vectors and Vulnerabilities in Hybrid Mobile Apps Connected to Restful Web Services," in Services (SERVICES), 2015 IEEE World Congress on, pp. 181-188, June 27 2015-July 2 2015. doi: 10.1109/SERVICES.2015.35

Abstract: Web traffic is increasingly trending towards mobile devices driving developers to tailor web content to small screens and customize web apps using mobile-only capabilities such as geo-location, accelerometers, offline storage, and camera features. Hybrid apps provide a cross-platform, device independent, means for developers to utilize these features. They work by wrapping web-based code, i.e., HTML5, CSS, and JavaScript, in thin native containers that expose device features. This design pattern encourages re-use of existing code, reduces development time, and leverages existing web development talent that doesn't depend on platform specific languages. Despite these advantages, the newness of hybrid apps raises new security challenges associated with integrating code designed for a web browser with features native to a mobile device. This paper explores these security concerns and defines three forms of attack that can specifically target and exploit hybrid apps connected to web services. Contributions of the paper include a high level process for discovering hybrid app attacks and vulnerabilities, definitions of emerging hybrid attack vectors, and a test bed platform for analyzing vulnerabilities. As an evaluation, hybrid attacks are analyzed in the test bed showing that it provides insight into vulnerabilities and helps assess risk.

Keywords: Web services; mobile computing; program testing; security of data; software engineering; RESTful Web service; Web development; attack vector analysis; hybrid mobile app; mobile device; test bed platform; vulnerability analysis; Accelerometers; Browsers; Cameras; Mobile applications; Mobile communication; Security; Smart phones; attack vectors; hybrid mobile application; thin native containers; vulnerabilities; web browser; web services (ID#: 15-7953)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7196523&isnumber=7196486

Hazel, J.J.; Valarmathie, P.; Saravanan, R., "Guarding Web Application with Multi - Angled Attack Detection," in Soft-Computing and Networks Security (ICSNS), 2015 International Conference on, pp. 1-4, 25-27 Feb. 2015. doi: 10.1109/ICSNS.2015.7292382

Abstract: An important research issue in the design of web application is protecting the front end web application from unauthorized access. Normally the web application is in the front end and database is in the back end and can be accessible using web browser. The database contains valuable information and it is the target for the attackers. There are many security issues in the back end database and many security measures being implemented in order to protect it. The problem here is, the front end application has set accessible by everyone and the attackers are trying to compromise the web front end application which in turn compromise the back end database. Therefore, the challenge here is to provide security to the front end web application thus enhancing security to the back end database. Currently vulnerability scanner is used to provide security to the front end web application. Even though many attacks are possible with it the most common and top most attacks are "Remote file inclusion attack, Query string attack, Union attack, Cross site scripting attack". The proposed system is based on the design of web application in which it concentrates mainly on the detection and prevention of above said attacks. Initially, the system will show how these attacks are happening in the front end web application and overcoming of these attacks using the proposed algorithms such as longest common subsequence algorithm and brute force string matching algorithm. The successful overcoming of these attacks enhances security in the back end by implementing security in the web front end.

Keywords: Internet; authorisation; database management systems; online front-ends; query processing; Web application; Web browser; Web front end application; back end database; cross site scripting attack; multi-angled attack detection; query string attack; remote file inclusion attack; security issues; security measures; unauthorized access; union attack; Algorithm design and analysis; Browsers; Communication networks; Databases; Force; Reliability; Security; Cross site scripting attack; Query string attack; Remote file inclusion attack; Union attack (ID#: 15-7954)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7292382&isnumber=7292366

Chao Zhang; Niknami, M.; Chen, K.Z.; Chengyu Song; Zhaofeng Chen; Song, D., "JITScope: Protecting Web Users From Control-Flow Hijacking Attacks," in Computer Communications (INFOCOM), 2015 IEEE Conference on, pp. 567-575, April 26 2015-May 1 2015. doi: 10.1109/INFOCOM.2015.7218424

Abstract: Web browsers are one of the most important enduser applications to browse, retrieve, and present Internet resources. Malicious or compromised resources may endanger Web users by hijacking web browsers to execute arbitrary malicious code in the victims' systems. Unfortunately, the widely-adopted Just-In-Time compilation (JIT) optimization technique, which compiles source code to native code at runtime, significantly increases this risk. By exploiting JIT compiled code, attackers can bypass all currently deployed defenses. In this paper, we systematically investigate threats against JIT compiled code, and the challenges of protecting JIT compiled code. We propose a general defense solution, JITScope, to enforce Control-Flow Integrity (CFI) on both statically compiled and JIT compiled code. Our solution furthermore enforces the WX policy on JIT compiled code, preventing the JIT compiled code from being overwritten by attackers. We show that our prototype implementation of JITScope on the popular Firefox web browser introduces a reasonably low performance overhead, while defeating existing real-world control flow hijacking attacks.

Keywords: Internet; data protection; online front-ends; source code (software); CFI; Firefox Web browser; Internet resources; JIT compiled code; JIT optimization technique; JITScope; WX policy; Web user protection; arbitrary malicious code; control-flow hijacking attacks; control-flow integrity; just-in-time compilation; source code compilation; Browsers; Engines; Instruments; Layout; Runtime; Safety; Security (ID#: 15-7955)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7218424&isnumber=7218353

Tajbakhsh, M.S.; Bagherzadeh, J., "A Sound Framework for Dynamic Prevention of Local File Inclusion," in Information and Knowledge Technology (IKT), 2015 7th Conference on, pp. 1-6, 26-28 May 2015. doi: 10.1109/IKT.2015.7288798

Abstract: Web applications take an important role in remote access over the Internet. These applications have many capabilities such as database access, file read/write, calculations as well as desktop applications but run in web browsers environments. As desktop applications, web applications can be exploited but with different techniques. One of the major known vulnerabilities of the web applications is Local File Inclusion. Inclusion in web applications is similar to library imports in desktop applications where a developer can include former developed codes. If an attacker includes his/her libraries, he/she can run his/her malicious code. Current research makes a brief survey of static and dynamic code analysis and suggests a framework for dynamically preventing malicious file inclusions by attackers. It is discussed that this framework prevents local file inclusions even if the developer has exploitable source code. The language PHP is used for describing the vulnerability and prevention framework.

Keywords: Internet; file organisation; libraries; security of data; Internet; Web browser environment; database access; desktop applications; dynamic code analysis; dynamic prevention; local file inclusion; malicious code; malicious file inclusions; remote access; sound framework; source code; static code analysis (ID#: 15-7956)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7288798&isnumber=7288662

Shbair, W.M.; Cholez, T.; Goichot, A.; Chrisment, I.; "Efficiently Bypassing SNI-based HTTPS Filtering," in Integrated Network Management (IM), 2015 IFIP/IEEE International Symposium on, pp. 990-995, 11-15 May 2015. doi: 10.1109/INM.2015.7140423

Abstract: Encrypted Internet traffic is an essential element to enable security and privacy in the Internet. Surveys show that websites are more and more being served over HTTPS. They highlight an increase of 48% of sites using TLS over the past year, justifying the tendency that the Web is going to be encrypted. This motivates the development of new tools and methods to monitor and filter HTTPS traffic. This paper handles the latest technique for HTTPS traffic filtering that is based on the Server Name Indication (SNI) field of TLS and which has been recently implemented in many firewall solutions. Our main contribution is an evaluation of the reliability of this SNI extension for properly identifying and filtering HTTPS traffic. We show that SNI has two weaknesses, regarding (1) backward compatibility and (2) multiple services using a single certificate. We demonstrate thanks to a web browser plug-in called "Escape" that we designed and implemented, how these weaknesses can be practically used to bypass firewalls and monitoring systems relying on SNI. The results show positive evaluation (firewall's rules successfully bypassed) for all tested websites.

Keywords: Internet; Web sites; cryptography; data privacy; firewalls; hypermedia; information filtering; network servers; online front-ends; telecommunication traffic; transport protocols; Escape; HTTPS filtering; Internet privacy; Internet security; Internet traffic encryption; SNI; Web browser plug-in; Web site; firewall rule; server name indication; Browsers; Cryptography; Filtering; IP networks; Internet; Protocols; Servers (ID#: 15-7957)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7140423&isnumber=7140257

Yuchen Zhou; Evans, D., "Understanding and Monitoring Embedded Web Scripts," in Security and Privacy (SP), 2015 IEEE Symposium on, pp. 850-865, 17-21 May 2015. doi: 10.1109/SP.2015.57

Abstract: Modern web applications make frequent use of third-party scripts, often in ways that allow scripts loaded from external servers to make unrestricted changes to the embedding page and access critical resources including private user information. This paper introduces tools to assist site administrators in understanding, monitoring, and restricting the behavior of third-party scripts embedded in their site. We developed Script Inspector, a modified browser that can intercept, record, and check third-party script accesses to critical resources against security policies, along with a Visualizer tool that allows users to conveniently view recorded script behaviors and candidate policies and a Policy Generator tool that aids script providers and site administrators in writing policies. Site administrators can manually refine these policies with minimal effort to produce policies that effectively and robustly limit the behavior of embedded scripts. Policy Generator is able to generate effective policies for all scripts embedded on 72 out of the 100 test sites with minor human assistance. In this paper, we present the designs of our tools, report on what we've learned about script behaviors using them, evaluate the value of our approach for website administrator.

Keywords: Internet; data privacy; online front-ends; security of data; Policy Generator; Script Inspector; Visualizer tool; Web application; Web browser; Web script; critical resource access; private user information; security policy; third-party script; Advertising; Browsers; Monitoring; Privacy; Robustness; Security; Visualization; Anomaly Detection; Security and Privacy Policy; Web security and Privacy (ID#: 15-7958)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7163064&isnumber=7163005

Adachi, T.; Omote, K., "An Approach to Predict Drive-by-Download Attacks by Vulnerability Evaluation and Opcode," in Information Security (AsiaJCIS), 2015 10th Asia Joint Conference on, pp. 145-151, 24-26 May 2015. doi: 10.1109/AsiaJCIS.2015.17

Abstract: Drive-by-download attacks exploit vulnerabilities in Web browsers, and users are unnoticeably downloading malware which accesses to the compromised Web sites. A number of detection approaches and tools against such attacks have been proposed so far. Especially, it is becoming easy to specify vulnerabilities of attacks, because researchers well analyze the trend of various attacks. Unfortunately, in the previous schemes, vulnerability information has not been used in the detection/prediction approaches of drive-by-download attacks. In this paper, we propose a prediction approach of "malware downloading" during drive-by-download attacks (approach-I), which uses vulnerability information. Our experimental results show our approach-I achieves the prediction rate (accuracy) of 92%, FNR of 15% and FPR of 1.0% using Naive Bayes. Furthermore, we propose an enhanced approach (approach-II) which embeds Opcode analysis (dynamic analysis) into our approach-I (static approach). We implement our approach-I and II, and compare the three approaches (approach-I, II and Opcode approaches) using the same datasets in our experiment. As a result, our approach-II has the prediction rate of 92%, and improves FNR to 11% using Random Forest, compared with our approach-I.

Keywords: Web sites; invasive software; learning (artificial intelligence); system monitoring; FNR; FPR; Opcode analysis; Web browsers; Web sites; attack vulnerabilities; drive-by-download attack prediction; dynamic analysis; malware downloading; naive Bayes; prediction rate; random forest; static approach; vulnerability evaluation; vulnerability information; Browsers; Feature extraction; Machine learning algorithms; Malware; Predictive models; Probability; Web pages; Drive-by-Download Attacks; Malware; Supervised Machine Learning (ID#: 15-7959)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7153949&isnumber=7153836

Limin Jia; Sen, S.; Garg, D.; Datta, A., "A Logic of Programs with Interface-Confined Code," in Computer Security Foundations Symposium (CSF), 2015 IEEE 28th, pp. 512-525, 13-17 July 2015

doi: 10.1109/CSF.2015.38

Abstract: Interface-confinement is a common mechanism that secures untrusted code by executing it inside a sandbox. The sandbox limits (confines) the code's interaction with key system resources to a restricted set of interfaces. This practice is seen in web browsers, hypervisors, and other security-critical systems. Motivated by these systems, we present a program logic, called System M, for modeling and proving safety properties of systems that execute adversary-supplied code via interface-confinement. In addition to using computation types to specify effects of computations, System M includes a novel invariant type to specify the properties of interface-confined code. The interpretation of invariant type includes terms whose effects satisfy an invariant. We construct a step-indexed model built over traces and prove the soundness of System M relative to the model. System M is the first program logic that allows proofs of safety for programs that execute adversary-supplied code without forcing the adversarial code to be available for deep static analysis. System M can be used to model and verify protocols as well as system designs. We demonstrate the reasoning principles of System M by verifying the state integrity property of the design of Memoir, a previously proposed trusted computing system.

Keywords: source code (software);trusted computing; Memoir design; System M program logic; Web browsers; adversary-supplied code; hypervisors; interface-confined code; sandbox; security-critical systems; step-indexed model; trusted computing system; untrusted code; Cognition; Computational modeling; Instruction sets; Radiation detectors; Safety; Semantics; Standards; adversary-supplied code; interface confinement; program logic; safety properties (ID#: 15-7960)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7243751&isnumber=7243713

Aditya, S.; Mittal, V., "Multi-Layered Crypto Cloud Integration of oPass," in Computer Communication and Informatics (ICCCI), 2015 International Conference on, pp. 1-7, 8-10 Jan. 2015. doi: 10.1109/ICCCI.2015.7218114

Abstract: One of the most popular forms of user authentication is the Text Passwords. It is due to its convenience and simplicity. Still, the passwords are susceptible to be taken and compromised under various threats and weaknesses. In order to overcome these problems, a protocol called oPass was proposed. A cryptanalysis of it was done. We found out four kinds of attacks which could be done on it i.e. Use of SMS service, Attacks on oPass communication links, Unauthorized intruder access using the master password, Network attacks on untrusted web browser. One of them was Impersonation of the User. In order to overcome these problems in cloud environment, a protocol is proposed based on oPass to implement multi-layer crypto-cloud integration with oPass which can handle this kind of attack.

Keywords: cloud computing; cryptography; SMS service; Short Messaging Service; cloud environment; cryptanalysis; master password; multilayered crypto cloud integration; oPass communication links; oPass protocol; text password; user authentication; user impersonation; Authentication; Cloud computing; Encryption; Protocols; Servers; Cloud; Digital Signature; Impersonation; Network Security; RSA; SMS; oPass (ID#: 15-7961)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7218114&isnumber=7218046

Caillat, Benjamin; Gilbert, Bob; Kemmerer, Richard; Kruegel, Christopher; Vigna, Giovanni, "Prison: Tracking Process Interactions to Contain Malware," in High Performance Computing and Communications (HPCC), 2015 IEEE 7th International Symposium on Cyberspace Safety and Security (CSS), 2015 IEEE 12th International Conferen on Embedded Software and Systems (ICESS), 2015 IEEE 17th International Conference on, pp. 1282-1291, 24-26 Aug. 2015. doi: 10.1109/HPCC-CSS-ICESS.2015.297

Abstract: Modern operating systems provide a number of different mechanisms that allow processes to interact. These interactions can generally be divided into two classes: inter-process communication techniques, which a process supports to provide services to its clients, and injection methods, which allow a process to inject code or data directly into another process' address space. Operating systems support these mechanisms to enable better performance and to provide simple and elegant software development APIs that promote cooperation between processes. Unfortunately, process interaction channels introduce problems at the end-host that are related to malware containment and the attribution of malicious actions. In particular, host-based security systems rely on process isolation to detect and contain malware. However, interaction mechanisms allow malware to manipulate a trusted process to carry out malicious actions on its behalf. In this case, existing security products will typically either ignore the actions or mistakenly attribute them to the trusted process. For example, a host-based security tool might be configured to deny untrusted processes from accessing the network, but malware could circumvent this policy by abusing a (trusted) web browser to get access to the Internet. In short, an effective host-based security solution must monitor and take into account interactions between processes. In this paper, we present Prison, a system that tracks process interactions and prevents malware from leveraging benign programs to fulfill its malicious intent. To this end, an operating system kernel extension monitors the various system services that enable processes to interact, and the system analyzes the calls to determine whether or not the interaction should be allowed. Prison can be deployed as an online system for tracking and containing malicious process interactions to effectively mitigate the threat of malware. The system can also be used as a dynamic analysis too- to aid an analyst in understanding a malware sample's effect on its environment.

Keywords: Browsers; Internet; Kernel; Malware; Monitoring; inter-process communication; malware containment; prison; windows (ID#: 15-7962)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7336344&isnumber=7336120

Last, D., "Using Historical Software Vulnerability Data to Forecast Future Vulnerabilities," in Resilience Week (RWS), 2015, pp. 1-7, 18-20 Aug. 2015. doi: 10.1109/RWEEK.2015.7287429

Abstract: The field of network and computer security is a never-ending race with attackers, trying to identify and patch software vulnerabilities before they can be exploited. In this ongoing conflict, it would be quite useful to be able to predict when and where the next software vulnerability would appear. The research presented in this paper is the first step towards a capability for forecasting vulnerability discovery rates for individual software packages. This first step involves creating forecast models for vulnerability rates at the global level, as well as the category (web browser, operating system, and video player) level. These models will later be used as a factor in the predictive models for individual software packages. A number of regression models are fit to historical vulnerability data from the National Vulnerability Database (NVD) to identify historical trends in vulnerability discovery. Then, k-NN classification is used in conjunction with several time series distance measurements to select the appropriate regression models for a forecast. 68% and 95% confidence bounds are generated around the actual forecast to provide a margin of error. Experimentation using this method on the NVD data demonstrates the accuracy of these forecasts, as well as the accuracy of the confidence bounds forecasts. Analysis of these results indicates which time series distance measures produce the best vulnerability discovery forecasts.

Keywords: pattern classification; regression analysis; security of data; software packages; time series;computer security; k-NN classification; regression model; software package; software vulnerability data; time series distance measure; vulnerability forecasting; Accuracy; Market research; Predictive models; Software packages; Time series analysis; Training; cybersecurity; vulnerability discovery model; vulnerability prediction (ID#: 15-7963)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7287429&isnumber=7287407

Hyun Lock Choo; Sanghwan Oh; Jonghun Jung; Hwankuk Kim, "The Behavior-Based Analysis Techniques for HTML5 Malicious Features," in Innovative Mobile and Internet Services in Ubiquitous Computing (IMIS), 2015 9th International Conference on, pp. 436-440, 8-10 July 2015. doi: 10.1109/IMIS.2015.67

Abstract: HTML5 announced in October 2014 contains many more functions than previous HTML versions. It includes the media controls of audio, video, canvas, etc., and it is designed to access the browser file system through the Java Script API such as the web storage and file reader API. In addition, it provides the powerful functions to replace existing active X. As the HTML5 standard is adopted, the conversion of web services to HTML5 is being carried out all over the world. The browser developers particularly have high expectation for HTML5 as it provides many mobile functions. However, as there is much expectation of HTML5, the damage of malicious attacks using HTML5 is also expected to be large. The script, which is the key to HTML5 functions, is a different type from existing malware attacks as a malicious attack can be generated merely by only a user accessing a browser. The existing known attacks can also be reused by bypassing the detection systems through the new HTML5 elements. This paper intends to define the unique HTML5 behavior data through the browser execution data and to propose the detection of malware by categorizing the malicious HTML5 features.

Keywords: Internet; Java; hypermedia markup languages; invasive software; mobile computing; multimedia computing; online front-ends; telecommunication control; HTML versions; HTML5 behavior data; HTML5 elements; HTML5 functions; HTML5 malicious features;HTML5 standard; Java Script API; Web services; Web storage; behavior-based analysis techniques; browser developers; browser execution data; browser file system; detection systems; file reader API; malicious attacks; malware attacks; media controls; mobile functions; Browsers; Engines; Feature extraction; HTML; Malware; Standards; Behavior-Based Analysis;HTML5 Malicious Features; Script-based CyberAttack; Web Contents Security (ID#: 15-7964)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7284990&isnumber=7284886

Sanders, S.; Kaur, J., "Can Web Pages Be Classified Using Anonymized TCP/IP Headers?," in Computer Communications (INFOCOM), 2015 IEEE Conference on, pp. 2272-2280, April 26 2015-May 1 2015. doi: 10.1109/INFOCOM.2015.7218614

Abstract: Web page classification is useful in many domains- including ad targeting, traffic modeling, and intrusion detection. In this paper, we investigate whether learning-based techniques can be used to classify web pages based only on anonymized TCP/IP headers of traffic generated when a web page is visited. We do this in three steps. First, we select informative TCP/IP features for a given downloaded web page, and study which of these remain stable over time and are also consistent across client browser platforms. Second, we use the selected features to evaluate four different labeling schemes and learning-based classification methods for web page classification. Lastly, we empirically study the effectiveness of the classification methods for real-world applications.

Keywords: Web sites; online front-ends; security of data; telecommunication traffic; transport protocols; TCP/IP header; Web page classification; ad targeting; client browser platforms; intrusion detection; labeling schemes; learning-based classification methods; learning-based techniques; traffic modeling; Browsers; Feature extraction; IP networks; Labeling; Navigation; Streaming media; Web pages; Traffic Classification; Web Page Measurement (ID#: 15-7965)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7218614&isnumber=7218353

Thomas, K.; Bursztein, E.; Grier, C.; Ho, G.; Jagpal, N.; Kapravelos, A.; Mccoy, D.; Nappa, A.; Paxson, V.; Pearce, P.; Provos, N.; Abu Rajab, M., "Ad Injection at Scale: Assessing Deceptive Advertisement Modifications," in Security and Privacy (SP), 2015 IEEE Symposium on, pp. 151-167, 17-21 May 2015. doi: 10.1109/SP.2015.17

Abstract: Today, web injection manifests in many forms, but fundamentally occurs when malicious and unwanted actors tamper directly with browser sessions for their own profit. In this work we illuminate the scope and negative impact of one of these forms, ad injection, in which users have ads imposed on them in addition to, or different from, those that websites originally sent them. We develop a multi-staged pipeline that identifies ad injection in the wild and captures its distribution and revenue chains. We find that ad injection has entrenched itself as a cross-browser monetization platform impacting more than 5% of unique daily IP addresses accessing Google -- tens of millions of users around the globe. Injected ads arrive on a client's machine through multiple vectors: our measurements identify 50,870 Chrome extensions and 34,407 Windows binaries, 38% and 17% of which are explicitly malicious. A small number of software developers support the vast majority of these injectors who in turn syndicate from the larger ad ecosystem. We have contacted the Chrome Web Store and the advertisers targeted by ad injectors to alert each of the deceptive practices involved.

Keywords: advertising; online front-ends; profitability; Chrome Web store; Web injection; browser sessions; deceptive advertisement modifications; distribution chains; multistaged pipeline; profit; revenue chains;Browsers;Ecosystems;Google;Internet;Libraries;Pipelines;Security;ad fraud; ad injection; web injection (ID#: 15-7966)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7163024&isnumber=7163005

Zibordi de Paiva, O.; Ruggiero, W.V., "A Survey on Information Flow Control Mechanisms in Web Applications," in High Performance Computing & Simulation (HPCS), 2015 International Conference on, pp. 211-220, 20-24 July 2015. doi: 10.1109/HPCSim.2015.7237042

Abstract: Web applications are nowadays ubiquitous channels that provide access to valuable information. However, web application security remains problematic, with Information Leakage, Cross-Site Scripting and SQL-Injection vulnerabilities - which all present threats to information - standing among the most common ones. On the other hand, Information Flow Control is a mature and well-studied area, providing techniques to ensure the confidentiality and integrity of information. Thus, numerous works were made proposing the use of these techniques to improve web application security. This paper provides a survey on some of these works that propose server-side only mechanisms, which operate in association with standard browsers. It also provides a brief overview of the information flow control techniques themselves. At the end, we draw a comparative scenario between the surveyed works, highlighting the environments for which they were designed and the security guarantees they provide, also suggesting directions in which they may evolve.

Keywords: Internet; SQL; security of data; SQL-injection vulnerability; Web application security; cross-site scripting; information confidentiality; information flow control mechanisms; information integrity; information leakage; server-side only mechanisms; standard browsers; ubiquitous channels; Browsers; Computer architecture; Context; Security; Standards; Web servers; Cross-Site Scripting; Information Flow Control; Information Leakage; SQL Injection; Web Application Security (ID#: 15-7967)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7237042&isnumber=7237005

Deng, YuFeng; Manoharan, Sathiamoorthy, "Review and Analysis of Web Prefetching," in Communications, Computers and Signal Processing (PACRIM), 2015 IEEE Pacific Rim Conference on, pp. 40-45, 24-26 Aug. 2015. doi: 10.1109/PACRIM.2015.7334806

Abstract: Web caching is widely used to cache resources that have already been used and reuse them in near future. Prefetching, in comparison, is a technique to cache resources that have never been used. The core of prefetching is prediction - predicting which resources might be used in the the near future. Prefetching is a technology that has been actively studied in the recent years. Most of the modern browsers have built-in mechanisms for prefetching. Some modern websites also add prefetching support to enhance performance. Although prefetch can reduce user-perceived latency, it may increase bandwidth requirements, cause security issues, and trigger unexpected actions. This paper reviews prefetching features of some of the most popular modern web browsers and websites and discusses the problems that prefetching could cause.

Keywords: Bandwidth; Browsers; HTML; IP networks; Prefetching; Servers; Web pages; HTML5 link prefetching; omnibox prediction; prefetching; web caching (ID#: 15-7968)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7334806&isnumber=7334793

Nosheen, F.; Qamar, U., "Flexibility and Privacy Control by Cookie Management," in Digital Information, Networking, and Wireless Communications (DINWC), 2015 Third International Conference on, pp. 94-98, 3-5 Feb. 2015. doi: 10.1109/DINWC.2015.7054224

Abstract: Privacy of internet users is continuously on stack from various directions with the evolution of technology. Modern technology in the field of internet poses serious threats on the privacy of users. Unfortunately, while surfing on internet, we are careless about our privacy and allow intrusion of privacy to a great extent without objection. This facilitates advertisers in tracking user activities on web by third party cookies. Researchers have been conducting vigorous research on this topic and also have presented solutions to control the leakage of privacy without user consent. But surprisingly, major research activities confined to the desktop platform and little is known about web tracking on mobile devices. We survey current technologies and purpose a novel approach for android based mobile devices which control excessive tracking of users. Further, Mozilla Firefox add-ons and other related proposals dealing with cookies and privacy are also analyzed.

Keywords: Android (operating system); Internet; data privacy; mobile computing; security of data; Android based mobile devices; Internet user privacy; Mozilla Firefox add-ons; Web tracking; World Wide Web; cookie management; desktop platform; leakage control; privacy control; privacy intrusion; third party cookies; user activity tracking; Androids; Browsers; Humanoid robots; Internet; Mobile communication; Mobile handsets; Privacy; behavioural tracking; cookies; mobile-web; privacy; third party; tracking (ID#: 15-7969)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7054224&isnumber=7054206

Taguinod, M.; Doupe, A.; Ziming Zhao; Gail-Joon Ahn, "Toward a Moving Target Defense for Web Applications," in Information Reuse and Integration (IRI), 2015 IEEE International Conference on, pp. 510-517, 13-15 Aug. 2015. doi: 10.1109/IRI.2015.84

Abstract: Web applications are a critical component of the security ecosystem as they are often the front door for many companies, as such, vulnerabilities in web applications allow hackers access to companies' private data, which contains consumers' private financial information. Web applications are, by their nature, available to everyone, at anytime, from anywhere, and this includes attackers. Therefore, attackers have the opportunity to perform reconnaissance at their leisure, acquiring information on the layout and technologies of the web application, before launching an attack. However, the defender must be prepared for all possible attacks and does not have the luxury of performing reconnaissance on the attacker. The idea behind Moving Target Defense (MTD) is to reduce the information asymmetry between the attacker and defender, ultimately rendering the reconnaissance information misleading or useless. In this paper we take the first steps of applying MTD concepts to web applications in order to create effective defensive layers. We first analyze the web application stack to understand where and how MTD can be applied. The key issue here is that an MTD application must actively prevent or disrupt a vulnerability or exploit, while still providing identical functionality. Then, we discuss our implementation of two MTD approaches, which can mitigate several classes of web application vulnerabilities or exploits. We hope that our discussion will help guide future research in applying the MTD concepts to the web application stack.

Keywords: Internet; security of data; MTD concept; Web applications; information asymmetry reduction; moving target defense; security ecosystem; Browsers; Databases; HTML; Layout; Operating systems; Web servers; Abstract Syntax Tree; Automated Conversion; Diversify; Layers; Moving; Randomize; Source Translation; Tiered; Web Software; Web applications}, (ID#: 15-7970)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7301020&isnumber=7300933

Adaimy, R.; El-Hajj, W.; Ben Brahim, G.; Hajj, H.; Safa, H., "A Framework for Secure Information Flow Analysis in Web Applications," in Advanced Information Networking and Applications (AINA), 2015 IEEE 29th International Conference on, pp. 434-441, 24-27 March 2015. doi: 10.1109/AINA.2015.218

Abstract: Huge amounts of data and personal information are being sent to and retrieved from web applications on daily basis. Every application has its own confidentiality and integrity policies. Violating these policies can have broad negative impact on the involved company's financial status, while enforcing them is very hard even for the developers with good security background. In this paper, we propose a framework that enforces security-by-construction in web applications. Minimal developer effort is required, in a sense that the developer only needs to annotate database attributes by a security class. The web application code is then converted into an intermediary representation, called Extended Program Dependence Graph (EPDG). Using the EPDG, the provided annotations are propagated to the application code and run against generic security enforcement rules that were carefully designed to detect insecure information flows as early as they occur. As a result, any violation in the data's confidentiality or integrity policies is reported. As a proof of concept, two PHP web applications, Hotel Reservation and Auction, were used for testing and validation. The proposed system was able to catch all the existing insecure information flows at their source. Moreover and to highlight the simplicity of the suggested approaches vs. Existing approaches, two professional web developers assessed the annotation tasks needed in the presented case studies and provided a very positive feedback on the simplicity of the annotation task.

Keywords: Internet; data integrity; graph theory; security of data; EPDG; PHP Web applications; Web application code; Web applications; annotation tasks; confidentiality policies; extended program dependence graph; generic security enforcement rules; insecure information flows; integrity policies; minimal developer effort; personal information; secure information flow analysis; security background; security-by-construction; Aggregates; Arrays; Browsers; Computer science; Databases; Security; Servers; Database Annotation; Program Dependence Graph ;Secure Information Flow; Web Applications Security (ID#: 15-7971)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7098003&isnumber=7097928

Zheng Dong; Kapadia, A.; Blythe, J.; Camp, L.J., "Beyond The Lock Icon: Real-Time Detection of Phishing Websites Using Public Key Certificates," in Electronic Crime Research (eCrime), 2015 APWG Symposium on, pp. 1-12, 26-29 May 2015. doi: 10.1109/ECRIME.2015.7120795

Abstract: We propose a machine-learning approach to detect phishing websites using features from their X.509 public key certificates. We show that its efficacy extends beyond HTTPS-enabled sites. Our solution enables immediate local identification of phishing sites. As such, this serves as an important complement to the existing server-based anti-phishing mechanisms which predominately use blacklists. Blacklisting suffers from several inherent drawbacks in terms of correctness, timeliness, and completeness. Due to the potentially significant lag prior to site blacklisting, there is a window of opportunity for attackers. Other local client-side phishing detection approaches also exist, but primarily rely on page content or URLs, which are arguably easier to manipulate by attackers. We illustrate that our certificate-based approach greatly increases the difficulty of masquerading undetected for phishers, with single millisecond delays for users. We further show that this approach works not only against HTTPS-enabled phishing attacks, but also detects HTTP phishing attacks with port 443 enabled.

Keywords: Web sites; computer crime; learning (artificial intelligence); public key cryptography; HTTPS-enabled phishing attack; Web site phishing detection; machine-learning approach from; public key certificate; server-based antiphishing mechanism; site blacklisting; Browsers; Electronic mail; Feature extraction; Public key; Servers; Uniform resource locators; certificates; machine learning; security (ID#: 15-7972)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7120795&isnumber=7120794

Lubbe, Luke; Oliver, Martin, "Beacons and Their Uses for Digital Forensics Purposes," in Information Security for South Africa (ISSA), 2015, pp. 1-6, 12-13 Aug. 2015. doi: 10.1109/ISSA.2015.7335074

Abstract: This article relates to the field of digital forensics with a particular focus on web (World Wide Web) beacons and how they can be utilized for digital forensic purposes. A web beacon or more commonly "web bug" is an example of a hidden resource reference in a webpage, which when the webpage is loaded, is requested from a third party source. The purpose of a web beacon is to track the browsing habits of a particular IP address. This paper proposes a novel technique that utilizes the presence of web beacons to create a unique ID for a website, to test this, a practical investigation is performed. The practical investigation involves an automated scanning of web beacons on a number of websites, this scanning process involves identifying which beacons are present on a web page and recording the presence of those beacons, the results of this scanning process is then encoded into a table for human analyses. The result of the investigation show promise and incentivizes further research. Real world implications, future work and possible Improvements on the methods which were used in this study are finally discussed.

Keywords: Browsers; DNA; Digital forensics; Fingerprint recognition; IP networks; Internet; Servers; Digital forensics; Web analytics; Web beacons; Web bugs (ID#: 15-7973)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7335074&isnumber=7335039

Sliwa, J.; Jasiul, B.; Podlasek, T.; Matyszkiel, R., "Security Services Efficiency in Disadvantaged Networks," in Vehicular Technology Conference (VTC Spring), 2015 IEEE 81st, pp. 1-5, 11-14 May 2015

doi: 10.1109/VTCSpring.2015.7146075

Abstract: Modern coalition operations require efficient cooperation between partners of allied forces. They usually rely on their national systems equipped with software solutions supporting interoperability. Federation of systems built for the purpose of such operations assumes however independence of particular individual ones. In order to support efficient exchange of information between allies there are necessary federated software solutions promoting secure cross-domain information exchange. Lately the concept of Federated Mission Networking following Service Oriented Architecture (SOA) is being developed by NATO. In terms of secure information exchange for SOA-based services it proposes to use Web Authentication standard based on WS-Federation. In the article the authors present the results of tests of this standard efficiency in disadvantaged network environment built with PR4G radios. The architecture of the solution is presented with necessary information exchange relations and their invocation times.

Keywords: open systems; security of data; NATO; PR4G radios; SOA-based services; WS-Federation; Web authentication standard; allied forces; disadvantaged network environment built; disadvantaged networks; federated mission networking; federated software solutions; information exchange relations; interoperability; modern coalition operations; national systems; secure cross-domain information exchange; secure information exchange; security services efficiency; service oriented architecture; Authentication; Browsers; Delays; IP networks; Portals; Standards (ID#: 15-7974)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7146075&isnumber=7145573

---

Note:

Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to news@scienceofsecurity.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.

---

Wireless Mesh Network Security 2015

	Wireless Mesh Network Security 2015

With more than 70 protocols vying for preeminence over wireless mesh networks, the security problem is magnified. The work cited here relates to the Science of Security hard problems of resiliency, metrics, and composability. These citations were presented in 2015,

---

Raj, S.Pravin; Renold, A.Pravin, "An Enhanced Elliptic Curve Algorithm for Secured Data Transmission in Wireless Sensor Network," in Communication Technologies (GCCT), 2015 Global Conference on, pp.891-896, 23-24 April 2015. doi: 10.1109/GCCT.2015.7342790

Abstract: Wireless Sensor Network is the remote accessible network or the implementation of the network in the unattainable area to gather data from sensor nodes. The data from the network in wireless mesh topology is less secured based on the security features implemented. Any communication between the nodes are through the other nodes in the network. These motes in the network are restricted to memory and energy issues. Algorithms like symmetric key methods Ron Rivest, Adi Shamir and Leonard Adleman Algorithm (RSA) and Advanced Encryption Standard (AES) are used. It has less efficiency in terms of computation and memory size. It is also harder to implement in the Hop by hop protocol where the authenticity of the message need to pass from one node to the other with limited memory and energy where the need for security is high. So for better effective security and authentication we go for the Elliptic curve cryptography(ECC) algorithm. This method is more efficient with the key size and also more secure in terms. It is less vulnerable to security threat attacks. Modified effective implementing enhanced ECC with a features like Elliptic Curve Digital Signature Algorithm (ECDSA) in to add more secure and effective data transfer along with the key cipher of the text information.

Keywords: Authentication; Elliptic curve cryptography; Elliptic curves; Protocols; Wireless sensor networks; ECC; ECDSA; ElGamal; Message forwarding; RSA; Sensor Networks (ID#: 15-8058)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7342790&isnumber=7342608

Chugh, J., "Resilience, Survivability and Availability in WDM Optical Mesh Network," in Computing for Sustainable Global Development (INDIACom), 2015 2nd International Conference on, pp. 222-227, 11-13 March 2015. Doi: (not provided)

Abstract: The network has become essential to all aspects of modern life and thus the consequences of network disruption have become increasingly severe. It is widely recognized that the generally network is not sufficiently resilient, survivable, highly available and dependable and that significant research, development and engineering is necessary to improve the situation. This paper describes the high level architecture of WDM optical mesh network for resilience, survivability and availability. This paper also describes about protection and restoration schemes available for optical network and further depicts how these protection and restoration schemes can be used to design highly resilient, highly survivable and highly available network (99.99999).

Keywords: optical communication; telecommunication network reliability; telecommunication security; wavelength division multiplexing; wireless mesh networks; WDM optical mesh network; network disruption; protection schemes; restoration schemes; Availability; Optical fiber networks; Optical fibers; Resilience; Routing; Wavelength division multiplexing; Optical Network; Survivability; WDM (ID#: 15-8059)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7100249&isnumber=7100186

Subhash, P.; Ramachandram, S., "Secure Neighbour Discovery in Wireless Mesh Networks Using Connectivity Information," in Advances in Computing, Communications and Informatics (ICACCI), 2015 International Conference on, pp. 2061-2066, 10-13 Aug. 2015. doi: 10.1109/ICACCI.2015.7275920

Abstract: Authenticated mesh peering exchange (AMPE) is one of the core functionalities of wireless mesh network (WMN) that facilitates mesh routers to discover their peers (neighbours), securely. Even though the AMPE protocol prevents unauthorized neighbours from becoming part of the network, it fails to prevent relay attacks, where an attacker can simply relay frames used to establish peer-links. The motivation of an attacker is to convince two far-away nodes as neighbours, and make them commit to a non-existent link that acts as a wormhole later. In this paper, we address this problem of relay attacks and propose a secure neighbour discovery mechanism that detects non-existent network links. It relies on a ranking mechanism to compute relative distance between neighbours, and employs connectivity information to validate those links.

Keywords: protocols; relay networks (telecommunication);telecommunication network reliability; telecommunication security; wireless mesh networks; AMPE protocol; WMN relay attack prevention failure; authenticated mesh peering exchange; connectivity information; ranking mechanism; secure neighbour discovery mechanism; wireless mesh network; Communication system security; Peer-to-peer computing; Receivers; Relays; Routing protocols; Wireless mesh networks; Ranking Mechanism; Relay Attacks; Secure Neighbour Discovery; Wireless Mesh Network; Wormhole; non-existent link (ID#: 15-8060)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7275920&isnumber=7275573

Peng, Yuhuai; Deng, QingXu; Guo, Lei; Ning, Zhaolong; Zhang, Lingbing, "Design of Dynamic Traffic Grooming Algorithm in Software-Defined Wireless Mesh Networks," in High Performance Computing and Communications (HPCC), 2015 IEEE 7th International Symposium on Cyberspace Safety and Security (CSS), 2015 IEEE 12th International Conference on Embedded Software and Systems (ICESS), 2015 IEEE 17th International Conference on, pp. 1812-1816, 24-26 Aug. 2015. doi: 10.1109/HPCC-CSS-ICESS.2015.274

Abstract: Software-Defined Networking (SDN) separates the network control plane from the packet forwarding plane, and provides the upper applications with an global view of the distributed networks state. By making the network device software programmable, this newly emerging networking paradigm can contribute to change the large and highly complex situation of current networks protocol architecture. SDN enabled Wireless Mesh Networks (WMNs) will apply SDN technology into WMNs. By separating network control logic from data forwarding, automatic control and update functions would be achieved by software-driven control logic, which improves network performance and shortens the cycle of network innovation. Traffic engineering problem involves in the task of mapping network traffic distribution to existing physical topology. It can control network resources utilization and fair traffic allocation, which will optimize the utilization of network resources, and solve the imbalance problem of network resources, so that the network will reach a high degree of reliability, robustness and operability. Therefore, the design of dynamic traffic grooming algorithm in SDN enabled Wireless Mesh Networks is of important theoretical significance and practical value. This article focuses on traffic engineering technology in software defined networking. Aiming at the dynamic routing problem, the SDN controller dynamic traffic grooming algorithm is designed, which takes into account both the path length and link utilization to determine routing establishment, so as to achieve the network load balance and reduce the network congestion. Simulation results demonstrate that our proposed dynamic traffic grooming algorithm performs better in terms of average end-to-end throughput, average end-to-end delay and packet loss probability than traditional scheme.

Keywords: Algorithm design and analysis; Delays; Heuristic algorithms; Network topology; Routing; Topology; Wireless mesh networks; Software-Defined Networking (SDN);Wireless Mesh Networks (WMNs);traffic engineering; traffic grooming algorithm (ID#: 15-8061)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7336435&isnumber=7336120

Yi-jia Zhang; Jun Sun, "Topology Analysis of Wireless Mesh Network Based on 802.11a," in Control and Decision Conference (CCDC), 2015 27th Chinese, pp. 5978-5980, 23-25 May 2015. doi: 10.1109/CCDC.2015.7161881

Abstract: The system architecture, analysis process and the key technology and test results of the topology analysis system, which based on wireless Mesh network are introduced in this paper. This paper is achieved the 802.11a protocol analysis and positioning method based on signal strength, and the method of links analysis based on the business statistics is proposed. The practical wireless mesh network based on 802.11a is set as test environments, then the network topological analysis and the drawing of topological graph are finished after the design and achievement of wireless Mesh network's topology analysis system.

Keywords: graph theory; protocols; signal processing; telecommunication network topology; wireless mesh networks;802.11a protocol analysis; architecture system; business statistics; links analysis; network topological analysis; positioning method; signal strength; topological graph; topology analysis system; wireless mesh network topology analysis system; Electronic mail; Information security; Network topology; Radar tracking; Sun; Topology; Wireless mesh networks;802.11a; Mesh Network; Topology Analysis (ID#: 15-8062)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7161881&isnumber=7161655

Gassara, M.; Zarai, F.; Daly, I.; Obaidat, M.S.; Kuei-Fang Hsiao, "A New Scheme for Proactive Out of Band Signaling Solution for IP Traceback in Wireless Mesh Network," in Computer, Information and Telecommunication Systems (CITS), 2015 International Conference on, pp. 1-6, 15-17 July 2015. doi: 10.1109/CITS.2015.7297758

Abstract: Since Wireless Mesh Networks (WMNs) have received great attention and momentum, security has become a crucial issue for them. Denial of Service attack (DoS) represents a serious threat on WMNs due to their plug-and-play architecture. Unfortunately, a DoS attack still very hard to stop due to the uncontrolled spoofing of source IP addresses. The best solution to this is to fix the problem at its root by guessing the source of attack. As a solution to this dilemma, numerous approaches have been suggested to support IP traceability. In this work, we focus on Wireless Mesh Network WMN (IEEE 802.11s standard). We design a signaling architecture, based on previous works, in order to trace anonymous IP packets back towards their source(s), where a simple security-oriented signaling protocol permits specialized signaling entities to exchange reliable signaling information that allows performing a simple and efficient traceback. This solution represents a novel and efficient approach to deal with the traceback problem in WMN environments.

Keywords: IP networks; computer network security; signalling protocols; wireless mesh networks; DoS attack; IEEE 802.11s standard; IP traceback; WMN; band signaling solution; denial of service attack; plug-and-play architecture; wireless mesh network; Computer architecture; Computer crime; IEEE 802.11 Standard; IP networks; Protocols; Wireless mesh networks; IEEE 802.11s;IP traceback; WMN; security; signaling information (ID#: 15-8063)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7297758&isnumber=7297712

Peng, Yuhuai; Guo, Lei; Deng, QingXu; Ning, Zhaolong; Zhang, Lingbing, "A Novel Hybrid Routing Forwarding Algorithm in SDN Enabled Wireless Mesh Networks," in High Performance Computing and Communications (HPCC), 2015 IEEE 7th International Symposium on Cyberspace Safety and Security (CSS), 2015 IEEE 12th International Conference on Embedded Software and Systems (ICESS), 2015 IEEE 17th International Conference on, pp. 1806-1811, 24-26 Aug. 2015. doi: 10.1109/HPCC-CSS-ICESS.2015.271

Abstract: As an essential part of next generation Internet, Wireless Mesh Networks (WMNs) have attracted much research attention due to its potential advantages including low up-front cost, ease of deployment, enhanced capacity and service coverage. However, the inherit features of wireless multi-hop networks have put forward a severe challenge for traffic engineering problem. Conventional traffic engineering techniques either locally manipulate network traffic or adopt unreliable best-effort delivery mechanism. Software Defined Networking (SDN) is a new networking paradigm that separates the network control plane from the packet forwarding plane and provides applications with an abstracted centralized view of the distributed network state. A logically centralized controller that has a global network view is responsible for all the control decisions and it communicates with the network-wide distributed forwarding elements via standardized interfaces. Considering the current price of SDN equipments and deployment cost, this paper proposes an idea that gradually increases the number of SDN forwarding element in the networks. In other words, partly deployment of the SDN forwarding element in the networks can achieve fast forwarding traffic. On this basis, a new traffic engineering algorithms named Hybrid Routing Forwarding Algorithm (HRFA) which is based on SDN forwarding and OSPF (Open Shortest Path First) protocol is designed. This hybrid routing scheme divides the network nodes into conventional nodes and SDN forwarding elements (SDN-FE), and chooses effective forwarding strategies for different network elements, which will improve the overall performance of the networks. In order to verify the performance of the proposed algorithms, a number of simulation experiments are carried out in the NS-2 simulation platform. The results show that compared with the traditional routing forwarding method, HRFA can well increase the normalized throughput, and reduce the delay and packet loss.

Keywords: Algorithm design and analysis; Network topology; Routing; Routing protocols; Throughput; Topology; Software Defined Networking (SDN); Wireless Mesh Networks (WMNs);control plane; hybrid protocol; traffic engineering (ID#: 15-8064)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7336434&isnumber=7336120

Cong Sun; Yi-hua Zhu; Liyong Yuan; Kaikai Chi, "Borrowing Address from Two-Hop Neighbor to Improve Successful Probability of Joining IEEE 802.15.5-Based Mesh Wireless Sensor Networks," in New Technologies, Mobility and Security (NTMS), 2015 7th International Conference on, pp. 1-7, 27-29 July 2015. doi: 10.1109/NTMS.2015.7266474

Abstract: IEEE 802.15.5 standard supports mesh networking for IEEE 802.15.4 based low-rate wireless sensor network (WSN). Through assigning a consecutive address block (CAB) to a node, IEEE 802.15.5 enables routing without table, which eliminates route discovery latency and reduces communication overhead and energy consumption in addition to saving storage space for routing table. With CAB, however, a node may fail in joining the mesh network due to insufficient address. To overcome the address-lacking problem, the scheme called Borrowing Address from Two-hop Neighbor (BATN) is proposed in this paper, which provides with two procedures for the nodes to join or leave the mesh, respectively. In addition, the routing scheme under BATN is presented. Both theoretical and simulation results show that the proposed BATN is better than the basic address assignment scheme introduced in IEEE 802.15.5 standard and the existing address borrowing schemes in terms of the probability of the node's successful joining the mesh network and the number of bytes used in reporting the number of children in address assigning stage.

Keywords: Zigbee; energy consumption; wireless mesh networks; wireless sensor networks; CAB; IEEE 802.15.4;IEEE 802.15.5 standard; WSN; consecutive address block; energy consumption; mesh networking; route discovery; wireless sensor network; Energy consumption ;IEEE 802.15 Standard; Mesh networks; Routing; Wireless sensor networks; Zigbee; IEEE 802.15.5 standard; Internet of Things; Wireless sensor network; address assignment; wireless mesh network}, (ID#: 15-8065)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7266474&isnumber=7266450

Gassara, M.; El Bouabidi, I.; Zarai, F.; Obaidat, M.S., "All-in-One Binary Word Solution for IP Traceback in Wireless Mesh Network," in Communications (ICC), 2015 IEEE International Conference on, pp. 6284-6288, 8-12 June 2015. doi: 10.1109/ICC.2015.7249325

Abstract: Wireless Mesh Networks (WMNs) are continuously overwhelmed with various kinds of security threats. Amongst these threats is Denial of Service (DoS) which represents a huge umbrella of powerful attacks. It is very essential to understand the complexities of these attacks and counter-mechanisms existed in the literature. The best antidote to defend against these attacks would be to resolve the problem at its root by identifying the source of the attacks. The traceback technique realizes such a forensic analysis of the internet traffic. In this paper, we explain our novel approach of IP traceback based on marking approach and that used the Chinese remainder theorem to conceive the communication protocol in WMN IEEE 802.11s environments. We evaluated the performance and the efficiency of our proposed scheme based on some collected evaluation metrics.

Keywords: IP networks; computer network security; protocols; wireless LAN; wireless mesh networks; Chinese remainder theorem; Denial of Service attack; DoS attack; IP traceback; WMN IEEE 802.11s environment; binary word solution; communication protocol; marking approach; wireless mesh network; Ad hoc networks; IEEE 802.11 Standard; IP networks; Routing protocols; Security; Wireless mesh networks; Chinese remainder theorem; IP traceback; WMN IEEE 802.11s; attacks; marking approach; security (ID#: 15-8066)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7249325&isnumber=7248285

Yu, Yao; Ning, Zhaolong; Song, Qingyang; Guo, Lei; Liu, Hongyan, "A Dynamic Cooperative Monitor Node Selection Algorithm in Wireless Mesh Networks," in High Performance Computing and Communications (HPCC), 2015 IEEE 7th International Symposium on Cyberspace Safety and Security (CSS), 2015 IEEE 12th International Conference on Embedded Software and Systems (ICESS), 2015 IEEE 17th International Conference on, pp. 1800-1805, 24-26 Aug. 2015. doi: 10.1109/HPCC-CSS-ICESS.2015.118

Abstract: Wireless Mesh Network (WMN) is developed as an emerging key solution for wireless broadband connectivity through a flexible and cost-effective way. However, due to the lack of a physical line of defense, the security in such a network is a big concern. Intrusion Detection System (IDS) is considered as one of the most effective security mechanisms in WMN. Traditionally, IDS is operated on the monitor nodes that cooperatively identify and assess intrusions by analyzing their collected network data. Therefore, most IDS mechanisms need to choose a large number of monitor nodes for good rapidity and accuracy, which increases overhead and degrades network performance. In this paper, we propose a dynamic cooperative monitor node selection scheme based on social network analysis to solve the above issue. In the scheme, we choose the monitor nodes according to their influence in the network, which is evaluated by the relationship among the nodes and the analysis of mutual information. Then, the nodes with similar information are divided into the same monitor area. Simulation results show that the proposed scheme can effectively reduce network cost compared with the traditional node section schemes.

Keywords: Accuracy; Bridges; Monitoring; Mutual information; Security; Social network services; Topology; Monitor node selection; cooperative; mutual information; social network analysis (ID#: 15-8067)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7336433&isnumber=7336120

Yue Shi; Abhilash, S.; Kai Hwang, "Cloudlet Mesh for Securing Mobile Clouds from Intrusions and Network Attacks," in Mobile Cloud Computing, Services, and Engineering (MobileCloud), 2015 3rd IEEE International Conference on, pp. 109-118, March 30 2015-April 3 2015. doi: 10.1109/MobileCloud.2015.15

Abstract: This paper presents a new cloudlet mesh architecture for security enforcement to establish trusted mobile cloud computing. The cloudlet mesh is WiFi-or mobile-connected to the Internet. This security framework establishes a cyber trust shield to fight against intrusions to distance clouds, prevent spam/virus/worm attacks on mobile cloud resources, and stop unauthorized access of shared datasets in offloading the cloud. We have specified a sequence of authentication, authorization, and encryption protocols for securing communications among mobile devices, cloudlet servers, and distance clouds. Some analytical and experimental results prove the effectiveness of this new security infrastructure to safeguard mobile cloud services.

Keywords: authorisation; cloud computing; computer network security ;computer viruses; cryptographic protocols; mobile computing; trusted computing; wireless LAN; Internet; WiFi-connected cloudlet mesh; authentication; authorization; cloudlet mesh architecture; cloudlet servers; cybertrust shield; distance clouds; encryption protocols; intrusion attack; mobile cloud resources; mobile cloud services; mobile devices; mobile-connected cloudlet mesh; security enforcement; security framework ;security infrastructure; shared datasets; spam attacks; trusted mobile cloud computing; unauthorized access; virus attacks; worm attacks; Cloud computing; Filtering; Grippers; Mobile communication; Mobile handsets; Protocols; Security; MapReduce spam filtering; Mobile cloud; cloud mashup; cloudlet mesh; collaborative intrusion detection; inter-cloud protocol (ID#: 15-8068)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7130875&isnumber=7130853

Chaki, P.; Yasuda, M.; Fujita, N., "Seamless Group Reformation in WiFi Peer to Peer Network using Dormant Backend Links," in Consumer Communications and Networking Conference (CCNC), 2015 12th Annual IEEE, pp. 773-778, 9-12 Jan. 2015. doi: 10.1109/CCNC.2015.7158075

Abstract: WiFi Peer to Peer (P2P) aka WiFi Direct enables devices to communicate with each other in a peer to peer manner without requiring any Access Point at typical WiFi speed with WPA2 security. With its huge prospect in revolutionizing device to device communication, WiFi P2P can potentially play a much larger role amid the growing interest in M2M communication and Internet of Things. However, unlike a conventional P2P network which operates on mesh topology, WiFi P2P requires one of its group members to act as Group Owner, with whom all the other devices in the group stay associated. The group suffers from a temporary network disruption when the Group Owner suddenly leaves the group without any prior notice. In addition, restoration of the group connectivity consumes much time which is intolerable for most delay sensitive applications. In this paper, we address this issue using our proposed concept of Seamless Group Reformation which helps in maintaining near continuous connectivity and alleviates over dependence of the group on the Group Owner. The concept is seconded by the proposed mechanism of Dormant Backend Links to cut down the total group-disruption time. We implement the mechanism of Dormant Backend Links on a practical WiFi P2P testbed and present an experimental evaluation.

Keywords: Internet of Things; computer network security; peer-to-peer computing; telecommunication network topology; wireless LAN; Internet of Things;M2M communication;P2P; WPA2 security; WiFi P2P;WiFi peer to peer network; WiFi speed; access point; delay sensitive applications; device to device communication; dormant backend links; group connectivity; group owner; mesh topology; peer to peer manner; seamless group reformation; IEEE 802.11 Standards; Internet; Interrupters; Lead; Security; Topology; Group Owner; Group Reformation; Peer to peer(P2P); WiFi Direct (ID#: 15-8069)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7158075&isnumber=7157933

Islam, Taoufikul; Rahman, Hafiz Abdur; Syrus, Minhaz Ahmed, "Fire Detection System with Indoor Localization using Zigbee Based Wireless Sensor Network," in Informatics, Electronics & Vision (ICIEV), 2015 International Conference on, pp. 1-6, 15-18 June 2015. doi: 10.1109/ICIEV.2015.7334000

Abstract: Fire detection and protection are major problems in factories. A closely related problem is to localize fire sources to effectively extinguish those. In this paper we presented development of a moderate cost wireless sensor network based fire detection system with indoor localization capability. In Bangladesh, where large numbers of garment factories are located suffers fire incidents every year. The aim of our work was to develop fire detection system that could help the garment owners to install reliable fire detection systems with localizing capability within a relatively lower cost. As such, we have used open source hardware and software tools to develop our system and documented our approach well, so that it can be replicated anywhere.

Keywords: Communication system security; Fires; Mathematical model; Sensors; Wireless communication; Wireless sensor networks; Zigbee; Arduino; Fire Detection; Indoor Localization; Mesh Network; Open Source Hardware Software; Wireless Sensor Network; ZigBee (ID#: 15-8070)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7334000&isnumber=7333967

Lin, Chun-Cheng; Tung-Huei Chen; Shun-Yu Jhong, "Wireless Mesh Router Placement with Constraints of Gateway Positions and QoS," in Heterogeneous Networking for Quality, Reliability, Security and Robustness (QSHINE), 2015 11th International Conference on, pp. 72-74, 19-20 Aug. 2015. Doi: (not provided)

Abstract: The past studies on router node placement for wireless mesh networks (WMNs) did not consider placement of Internet gateways. Therefore, mesh routers and mesh clients can only communicate locally. The problem in this paper is to maximize both network connectivity and client coverage for the router node placement in WMNs consisting of mesh routers, mesh clients, and Internet gateways, subject to three QoS constraints: delay, relay load, and Internet gateway capacity. By visualizing the placements in previous works, we discover two main drawbacks: overlapping and coverless. To solve them, this paper presents a novel particle swarm optimization approach. Performance of the proposed approach is verified by simulation.

Keywords: Delays; Internet; Logic gates; Particle swarm optimization; Quality of service; Relays; Wireless mesh networks; QoS; Wireless mesh network; particle swarm optimization (ID#: 15-8071)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7332545&isnumber=7332527

Wenxiang Li; Chunchun Pi; Mei Han; Chong Ran; Wei Chen; Peng Ke, "A Scheduling Method For IOT-Aided Packaging and Printing Manufacturing System," in Heterogeneous Networking for Quality, Reliability, Security and Robustness (QSHINE), 2015 11th International Conference on, pp. 335-340, 19-20 Aug. 2015. Doi: (not provided)

Abstract: To meet the demand of effective control of production in packaging and printing industry, this paper proposes a manufacturing-assist system based on Internet of Things (IOT) techniques. The system is composed of reliable network connection with wireless mesh networks and widely deployed sensor nodes. With smart sensing, transmission and processing for the states of manufacturing facilities, products and production procedures, the system can exert efficient surveillance and control over the manufacturing procedure. Based on this system, this paper further designs a method for scheduling subtasks both among facilities and inside each facility. The method is implemented by Genetic Algorithm for optimization objectives such as minimizing overall production delay and minimizing overall production cost. Simulation and on-spot experiment in enterprise showed the superiority of the method for the optimization objectives.

Keywords: Delays; Genetics; Process control; Reliability; Scheduling; Wireless mesh networks; Genetic Algorithm; Internet of things; Package manufacturing; Scheduling (ID#: 15-8072)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7332591&isnumber=7332527

Tata, C.; Kadoch, M., "Secure Multipath Routing Algorithm for Device-to-Device Communications for Public Safety over LTE Heterogeneous Networks," in Future Internet of Things and Cloud (FiCloud), 2015 3rd International Conference on, pp. 212-217, 24-26 Aug. 2015. doi: 10.1109/FiCloud.2015.51

Abstract: This article proposes a new approach for secure communications Device-to-Device (D2D) if unable to apply network coding transmissions within LTE small cells. Our new algorithm called Secure Load Balancing Selective Ad hoc On-demand Multipath Distance Vector (LBS-AOMDV) is based on a multipath coded information transmissions, Data Splitting and Data Shuffling schemes. The objective of this study is to reduce the impact of confidentiality attack within Wireless Mesh Networks (WMN) by preventing eavesdroppers to obtain significant information from those transmitted by legal users, while ensuring a high level of quality of Service (QoS) for transmitted traffic. The simulation results show that Secure LBS-AOMDV increases the level of security in the wireless network compared to the LBS-AOMDV approach without adding traffic control.

Keywords: Long Term Evolution; multipath channels; network coding; quality of service; resource allocation; telecommunication network routing; telecommunication security; wireless mesh networks; LBS-AOMDV; LTE heterogeneous networks; QoS; data shuffling; data splitting; device-to-device communications; multipath coded information transmissions; network coding transmissions; public safety; quality of service; secure communications; secure load balancing selective ad hoc on-demand multipath distance vector; secure multipath routing algorithm; wireless mesh networks; Computer hacking; Load management; Quality of service; Safety; Wireless LAN; Wireless networks;D2D;LTE;Load Balancing; Multipath; Public Safety; Quality of Service; Security (ID#: 15-8073)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7300820&isnumber=7300539

Shahzad, G.; Ahmad, A.W.; Heekwon Yang; Chankil Lee, "Sensor Fusion Based Energy Efficient and Sustainable Smart Parking System," in Advanced Communication Technology (ICACT), 2015 17th International Conference on, pp. 100-104, 1-3 July 2015. doi: 10.1109/ICACT.2015.7224766

Abstract: With the rapid increase in urban population and hence the automobiles, parking has emerged as a resource with fair amount of energy consumption, air pollution and traffic congestion in almost every major city around the globe. Therefore, its efficient management in terms of both energy and space is not only necessitated to save a lot of energy, but also plays a pivotal role to obtain environment friendly green cities. In this article, we proposed a smart energy efficient parking system, which integrates the image recognition techniques for license plate recognition, infrared sensor for group control and wireless sensor network (WSN) for intelligent light emitting diode (LED) lighting. The system offers better guidance to parking position, controls LED lights based on traffic distribution for maximum energy efficiency, and offers enhanced security as compared to its counterpart conventional system. The system is built on ZigBee based Wireless Mesh network (WMN) nodes equipped with image sensor and RF module. The vehicles in the parking lot are detected and recognized using the grid based algorithm and license plate image recognition. The concept of zoning or lighting group control algorithm is integrated with moving object tracking algorithm to control the array of lights to attain the maximum energy efficiency and reduced Greenhouse gases (GHG) emissions. In comparison to conventional parking and normal lighting, the proposed system presents the substantial amount of energy savings, less environmental pollution and enhanced surveillance. Moreover, the embedded advantage of improved reliability, reduced maintenance and low cost due to smart control suggests very satisfactory and optimistic results for future implementation of the system as an integrated part of smart cities.

Keywords: Zigbee; air pollution control; energy conservation; image fusion; image recognition; image sensors; infrared detectors; light emitting diodes; lighting; object tracking; traffic control; wireless mesh networks; wireless sensor networks; LED lighting; ZigBee; energy efficiency; energy savings; enhanced surveillance; environmental pollution; group control; image sensor; infrared sensor; intelligent light emitting diode lighting; license plate image recognition; moving object tracking; reduced greenhouse gas emissions; sensor fusion; smart control; smart energy efficient parking system; sustainable smart parking system; wireless mesh network; wireless sensor network; Energy efficiency; Licenses; Light emitting diodes; Lighting; Vehicles; Wireless sensor networks; Zigbee; Energy Efficiency ;Group control; Image recognition; LED Intelligent lighting; Smart parking; Wireless sensor; ZigBee (ID#: 15-8074)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7224766&isnumber=7224736

Guo, Qi; Li, Xiaohong; Feng, Zhiyong; Xu, Guangquan, "MPOID: Multi-protocol Oriented Intrusion Detection Method for Wireless Sensor Networks," in High Performance Computing and Communications (HPCC), 2015 IEEE 7th International Symposium on Cyberspace Safety and Security (CSS), 2015 IEEE 12th International Conference on Embedded Software and Systems (ICESS), 2015 IEEE 17th International Conference on, pp. 1512-1517, 24-26 Aug. 2015. doi: 10.1109/HPCC-CSS-ICESS.2015.283

Abstract: It is very difficult to detect intrusions in wireless sensor networks (WSN), because of the dynamic network topology and diverse routing protocols. Traditional Intrusion Detection Systems (IDS) for WSN only focus attention on a specified routing protocol, which lacks universality and flexibility. To solve the problem of multi-protocol intrusion detection, this paper proposes a universal method: MPOID (Multi-Protocol Oriented Intrusion Detection). Our work can generate all the attack types for any routing protocol of WSN, furthermore, part of which can be detected with the automatically generated rules accurately. In this work, we formalize the routing protocol with the Process Algebra for Wireless Mesh Networks (AWN) language, and then classify all the potential attacks into four categories according to four original purposes. Beginning from the original purpose, we can generate all the attack targets, attack traces and attack types. What's more, if the protocol process do not use local variables in the key variable assignment, we can also generate the detection rules for this attack type. Our case study of ADOV (Ad hoc On-demand Distance Vector) protocol shows that our method generated all types of attacks, which outperforms other work. Our further theoretical analysis verifies that our detection rules could detect the corresponding attack types as we claimed. In conclusion, the MPOID method could be used as a flexible and universal tool to analyze and detect attack types for multi-protocol in WSN effectively.

Keywords: Algebra; Intrusion detection; Routing protocols; Skeleton; Wireless sensor networks; AWN; attack analysis; intrusion detection; multi-protocol; wireless sensor networks (ID#: 15-8075)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7336382&isnumber=7336120

Steger, M.; Karner, M.; Hillebrand, J.; Rom, W.; Armengaud, E.; Hansson, M.; Boano, C.A.; Romer, K., "Applicability of IEEE 802.11s for Automotive Wireless Software Updates," in Telecommunications (ConTEL), 2015 13th International Conference on, pp. 1-8, 13-15 July 2015. doi: 10.1109/ConTEL.2015.7231190

Abstract: Due to the rising number of electronic control units (ECU) in a vehicle and the growing complexity of the related software installed, a fast and efficient system for updating software is needed. Wireless software updates similar to firmware over the air updates for smartphones can be a suitable solution to solve this issue. In this paper we propose a wireless update system based on an IEEE 802.11s mesh network and describe related high-level requirements for such a system. Additionally the prototype of a wireless vehicle interface (WVI) is described. This interface is needed to maintain the wireless link as well as to forward the received data to the in-vehicle communication system and finally to the ECU. Existing diagnostic standards are applied to transfer and install the new software on the ECU. Furthermore, IEEE 802.11s-based network nodes and the WVI prototype are used to evaluate the applicability of IEEE 802.11s for a wireless update system used in the vehicle development phase. We performed indoor measurements as well as measurements inside two different vehicles to evaluate the influence of the shielding properties of a vehicle. The results of these measurements show that the used setup consisting of the WVI prototype and other IEEE 802.11s based nodes can be used to realize a wireless update system and is able to fulfil the defined system requirements.

Keywords: automotive engineering; mechanical engineering computing; wireless LAN; IEEE 802.11s-based network nodes; WVI; automotive wireless software updates; electronic control units; smartphones; wireless vehicle interface; Automotive engineering; Communication system security; IEEE 802.11 Standard; Safety; Vehicles; Wireless communication; Wireless sensor networks (ID#: 15-8076)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7231190&isnumber=7231179

Beyranvand, H.; Levesque, M.; Maier, M.; Salehi, J.A., "FiWi Enhanced LTE-A HetNets with Unreliable Fiber Backhaul Sharing and WiFi Offloading," in Computer Communications (INFOCOM), 2015 IEEE Conference on, pp. 1275-1283, April 26 2015-May 1 2015. doi: 10.1109/INFOCOM.2015.7218503

Abstract: To cope with the unprecedented growth of mobile data traffic, we investigate the performance gains obtained from unifying coverage-centric 4G mobile networks and capacity-centric fiber-wireless (FiWi) broadband access networks based on data-centric Ethernet technologies with resulting fiber backhaul sharing and WiFi offloading capabilities. Despite recent progress on backhaul-aware 4G studies with capacity-limited backhaul links, the performance-limiting impact of backhaul latency and reliability has not been examined in sufficient detail previously. In this paper, we evaluate the maximum aggregate throughput, offloading efficiency, and in particular the delay performance of FiWi enhanced LTE-A heterogeneous networks (HetNets), including the beneficial impact of various localized fiber-lean backhaul redundancy and wireless protection techniques, by means of probabilistic analysis and verifying simulation, paying close attention to fiber backhaul reliability issues and WiFi offloading limitations due to WiFi mesh node failures as well as temporal and spatial WiFi coverage constraints.

Keywords: 4G mobile communication; Long Term Evolution; broadband networks; local area networks; optical fibre communication; probability; statistical analysis; telecommunication network reliability; telecommunication security; telecommunication traffic; FiWi broadband access networks; LTE-A HetNets; Long Term Evolution; WiFi coverage constraints; WiFi mesh node failures; WiFi offloading capabilities; backhaul latency; backhaul-aware 4G studies; capacity-centric fiber-wireless broadband access networks; capacity-limited backhaul links; coverage-centric 4G mobile networks; data-centric Ethernet technologies; fiber backhaul reliability; fiber backhaul sharing; localized fiber-lean backhaul redundancy; mobile data traffic; probabilistic analysis; wireless protection techniques; Delays; IEEE 802.11 Standard; Mobile communication; Optical network units; Passive optical networks; Wireless communication (ID#: 15-8077)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7218503&isnumber=7218353

Li, Feng; Zhang, Zhaopeng; Jia, Zhiping; Ju, Lei, "Superframe Scheduling for Data Aggregation in WirelessHART Networks," in High Performance Computing and Communications (HPCC), 2015 IEEE 7th International Symposium on Cyberspace Safety and Security (CSS), 2015 IEEE 12th International Conference on Embedded Software and Systems (ICESS), 2015 IEEE 17th International Conference on, pp. 1540-1545, 24-26 Aug. 2015.doi: 10.1109/HPCC-CSS-ICESS.2015.220

Abstract: WirelessHART has become an industrial standard for robust and real-time wireless monitoring and control. While energy-efficiency is one of the key design considerations for networks with battery-operated devices, data aggregation has been widely studied in the wireless sensor network (WSN) environments to reduce the traffic and prolong the lifetime of the network. However, existing data aggregation techniques cannot be applied directly to WirelessHART networks due to the multi-channel Time Synchronized Mesh Protocol (TSMP) and the superframe-based communication slot scheduling in WirelessHART. In this work, we propose a data aggregation mechanism for energy-efficient and real-time WirelessHART communication. In particular, a greedy-based heuristic is applied during the superframe construction phase to assign package transmissions whose data can be aggregated at intermediate routing nodes into nearby time slots. Experimental results show that compared with existing WirelessHART routing algorithms, our proposed framework has significantly improvement on the energy saving and prolongs the overall lifetime of the network.

Keywords: Energy efficiency; Real-time systems; Reliability; Routing; Standards; Time division multiple access; Wireless sensor networks; Data aggregation; Scheduling; WirelessHART (ID#: 15-8078)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7336387&isnumber=7336120

Babbitt, T.A.; Szymanski, B.K., "Trust Metric Integration in Resource Constrained Networks Via Data Fusion," in Information Fusion (Fusion), 2015 18th International Conference on, pp. 582-589, 6-9 July 2015. Doi: (not provided)

Abstract: There are numerous environments and situations where network infrastructure is sparse, latent, or partially out of service. There is a growing body of research on protocols, security, information assurance and trust for use in such Resource Constrained Networks. A few examples of a Resource Constrained Network include Delay Tolerant, Wireless Sensor, and many mobile ad-hoc and ad-hoc mesh networks. Data fusion of direct observations and recommendations from other nodes into an aggregate trust value on a given node allows for more efficient routing and enables information assurance security services that support data availability, confidentiality, integrity, authentication, and non-repudiation. Selecting proper data metrics and fusion scheme allows nodes in a network to quickly converge on an accurate trust value for a given node. This minimizes security risks and provides better quality of service to properly functioning nodes as well as quickly isolates malicious ones. This paper discusses our current work on distributed trust management schemes for use in Resource Constrained Networks. Specifically, it introduces fusion methods to integrate diverse clues into a composite trust value.

Keywords: data integrity; security of data; sensor fusion; trusted computing; ad-hoc mesh networks; data authentication; data availability; data confidentiality; data fusion; data integrity; data nonrepudiation; delay tolerance; distributed trust management schemes; information assurance security services; mobile ad-hoc networks; resource constrained networks; trust metric integration; wireless sensor; Ad hoc networks; Aggregates; Mathematical model; Measurement; Protocols; Routing; Security (ID#: 15-8079)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7266613&isnumber=7266535

Tunaru, I.; Denis, B.; Perrier, R.; Uguen, B., "Cooperative Group Key Generation Using IR-UWB Multipath Channels," in Ubiquitous Wireless Broadband (ICUWB), 2015 IEEE International Conference on, pp. 1-5, 4-7 Oct. 2015. doi: 10.1109/ICUWB.2015.7324430

Abstract: In wireless decentralized networks, nodes physically close to each other can take advantage of the shared wireless medium to generate common secrets or keys and enhance the security of communications. Previous studies already provided models, algorithms, and proofs of concept to exploit the radio physical layer and generate symmetric keys over single links. Some of these models have been adapted to cooperative scenarios involving several nodes, either to reinforce the generated pair-wise keys or to issue a common group key (i.e., shared by more than two nodes). In this study, we focus on key agreement from Impulse Radio - Ultra Wideband (IR-UWB) multipath channels according to the source model. We propose a new method to generate group keys within cooperative scenarios, while exploiting all the available physical links in a full mesh topology and reducing over-the-air traffic. The main idea consists in adjusting the IR-UWB signals usually transmitted for channel probing so that receiving nodes have access to non-observable channels corresponding to their non-adjacent links. We describe an example where the transmitted signal is optimized using a least squares minimization routine with prior information.

Keywords: cooperative communication; least squares approximations; private key cryptography; radio links; telecommunication network topology; telecommunication security; telecommunication traffic; ultra wideband communication; wireless channels; IR-UWB multipath channels; channel probing; communication security; impulse radio-ultra wideband multipath channels; least squares minimization routine; mesh topology; over-the-air traffic; pair-wise keys; radio physical layer; symmetric keys; wireless decentralized networks; wireless medium; Channel estimation; Communication system security; Generators; Physical layer; Protocols; Quantization (signal); Wireless communication (ID#: 15-8080)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7324430&isnumber=7324387

Bi, Zhuo; Chen, Deji; Wang, Cheng; Jiang, Changjun; Chen, Ming, "Adopting WirelessHART for In-vehicle-Networking," in High Performance Computing and Communications (HPCC), 2015 IEEE 7th International Symposium on Cyberspace Safety and Security (CSS), 2015 IEEE 12th International Conference on Embedded Software and Systems (ICESS), 2015 IEEE 17th International Conference on, pp.1027-1030, 24-26 Aug. 2015. Doi: 10.1109/HPCC-CSS-ICESS.2015.244

Abstract: It is estimated that the breakthrough in the broad deployment of Internet of Things (IoT) could come from smart cars. Indeed, we have seen multi-facet advances around cars: new material, in vehicle infotainment, driverless cars, smart transportation, electrical vehicles, etc. However, in-vehicle-networking has been mainly by wire, the wiring for a car is largely pre-built during the design phase. With more and more things networked within a car, wiring has taken up 1-2 percent of the total weight. This translates into burning up to 0.1 kilogram fuel over 100 kilometers. On the other hand, the advances in wireless technology, especially the broad acceptance of WirelssHART in the industrial settings, has proved its capability in harsh environments. This paper studies what could happen if we use WirelessHART mesh network for in-vehicle communication. While new wireless network protocols are needed to perform the task of CAN, the dominant in-vehicle fieldbus, WirelessHART could take on the work performed by LIN, the fieldbus for peripheral devices. A detailed study is provided to compare these buses. Road tests were performed, in which a WirelessHART network keeps running for the whole 20 minute period.

Keywords: Communication system security; Protocols; Standards; Vehicles; Wireless communication; Wireless sensor networks; Wires; CAN; LIN; Reliable Wireless Sensor Network; Smart Car; WirelessHART (ID#: 15-8081)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7336304&isnumber=7336120

Thakur, P.; Patel, R.; Patel, N., "A Proposed Framework for Protection of Identity Based Attack in Zigbee," in Communication Systems and Network Technologies (CSNT), 2015 Fifth International Conference on, pp. 628-632, 4-6 April 2015. doi: 10.1109/CSNT.2015.243

Abstract: ZigBee is used for emerging standard of lowpower, low-rate wireless communication which aims at interoperability and covers a full range of devices even including low- end battery-powered nodes. Zigbee is a specification for a suite of high-level communication protocols used to create personal area network built from small network. Zigbee network are vulnerable to Sybil attack in which a Sybil node send forges multiple identities to trick the system and conduct harmful attack. We propose a Sybil attack detection and prevention method using distance and address of node in Zigbee. In this technique, trusted node verifies other nodes and identifies the malicious node. We will implement this technique using NS2 with AODV protocol for mesh topology.

Keywords: Zigbee; protocols; radiocommunication; telecommunication network topology; telecommunication security; AODV protocol;NS2;Sybil attack detection; Sybil node; Zigbee; high-level communication protocols; identity protection; low-end battery-powered nodes; mesh topology; personal area network; wireless communication; Ad hoc networks; IP networks; Protocols; Security; Wireless communication; Wireless sensor networks; Zigbee; Zigbee network; Trust center; Sybil attack (ID#: 15-8082)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7279994&isnumber=7279856

Ishida, Shigemi; Tagashira, Shigeaki; Arakawa, Yutaka; Fukuda, Akira, "On-demand Indoor Location-Based Service Using Ad-hoc Wireless Positioning Network," in High Performance Computing and Communications (HPCC), 2015 IEEE 7th International Symposium on Cyberspace Safety and Security (CSS), 2015 IEEE 12th International Conference on Embedded Software and Systems (ICESS), 2015 IEEE 17th International Conference on, pp. 1005-1013, 24-26 Aug. 2015. Doi: (not provided)

doi: 10.1109/HPCC-CSS-ICESS.2015.111

Abstract: WiFi-based localization is a promising candidate for indoor localization because the localization systems can be implemented on WiFi devices widely used today. In this paper, we present a distributed localization system to realize on-demand location-based services. We define characteristics of on-demand from both the service providers' and users' perspectives. From the service providers' perspective, we utilize our previous work, a WiFi ad-hoc wireless positioning network (AWPN). From the users' perspective, we address two challenges: the elimination of a user-application installation process and a reduction in network traffic. We design a localization system using the AWPN and provide a location-based service as a Web service, which allows the use of Web browsers. The proposed localization system is built on WiFi access points and distributes network traffic over the network. We describe the design and implementation and include a design analysis of the proposed localization system. Experimental evaluations confirm that the proposed localization system can localize a user device within 220 milliseconds. We also perform simulations and demonstrate that the proposed localization system reduces network traffic by approximately 24% compared to a centralized localization system.

Keywords: Accuracy; Ad hoc networks; IEEE 802.11 Standard; Mobile radio mobility management; Web servers; Wireless communication; WiFi mesh network; ad-hoc wireless positioning network; indoor localization; location-based Web service; on-demand (ID#: 15-8083)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7336301&isnumber=7336120

---

Note:

Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to news@scienceofsecurity.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.

---