Biblio

Bitcoin is a famously decentralized cryptocurrency. Bitcoin is excellent because it is a digital currency that provides convenience and security in transactions. Transaction security in Bitcoin uses a consensus involving a distributed system, the security of this system generates a hash sequence with a Proof of Work (PoW) mechanism. However, in its implementation, various attacks appear that are used to generate profits from the existing system. Attackers can use various types of methods to get an unfair portion of the mining income. Such attacks are commonly referred to as Mining attacks. Among which the famous is the Selfish Mining attack. In this study, we simulate the effect of changing decision matrix, attacker region, attacker hash rate on selfish miner attacks by using the opensource NS3 platform. The experiment aims to see the effect of using 1%, 10%, and 20% decision matrices with different attacker regions and different attacker hash rates on Bitcoin selfish mining income. The result of this study shows that regional North America and Europe have the advantage in doing selfish mining attacks. This advantage is also supported by increasing the decision matrix from 1%, 10%, 20%. The highest attacker income, when using decision matrix 20% in North America using 16 nodes on 0.3 hash rate with income 129 BTC. For the hash rate, the best result for a selfish mining attack is between 27% to 30% hash rate.

Propagation delay in blockchain networks is a major impairment of message transmission and validation in the bitcoin network. The transaction delay caused by message propagation across long network chains can cause significant threats to the bitcoin network integrity by allowing miners to find blocks during the message consensus process. Potential threats of slow transaction dissemination include double-spending, partitions, and eclipse attacks. In this paper, we propose a method for minimizing propagation delay by reducing non-compulsory message broadcasts during transaction dissemination in the underlying blockchain network. Our method will decrease the propagation delay in the bitcoin network and consequently mitigate the security threats based on message dissemination delay. Our results show improvement in the delay time with more effect on networks with a large number of nodes.

Advanced Encryption Standard (AES) algorithm plays an important role in a data security application. In general S-box module in AES will give maximum confusion and diffusion measures during AES encryption and cause significant path delay overhead. In most cases, either L UTs or embedded memories are used for S- box computations which are vulnerable to attacks that pose a serious risk to real-world applications. In this paper, implementation of the composite field arithmetic-based Sub-bytes and inverse Sub-bytes operations in AES is done. The proposed work includes an efficient multiple round AES cryptosystem with higher-order transformation and composite field s-box formulation with some possible inner stage pipelining schemes which can be used for throughput rate enhancement along with path delay optimization. Finally, input biometric-driven key generation schemes are used for formulating the cipher key dynamically, which provides a higher degree of security for the computing devices.

Considered sensitive information by the ISO/IEC 24745, biometric data should be stored and used in a protected way. If not, privacy and security of end-users can be compromised. Also, the advent of quantum computers demands quantum-resistant solutions. This work proposes the use of Kyber and Saber public key encryption (PKE) algorithms together with homomorphic encryption (HE) in a face recognition system. Kyber and Saber, both based on lattice cryptography, were two finalists of the third round of NIST post-quantum cryptography standardization process. After the third round was completed, Kyber was selected as the PKE algorithm to be standardized. Experimental results show that recognition performance of the non-protected face recognition system is preserved with the protection, achieving smaller sizes of protected templates and keys, and shorter execution times than other HE schemes reported in literature that employ lattices. The parameter sets considered achieve security levels of 128, 192 and 256 bits.

The Software Defined Networking (SDN) is a solution for Data Center Networks (DCN). This solution offers a centralized control that helps to simplify the management and reduce the big data issues of storage management and data analysis. This paper investigates the performance of deploying an SDN controller in DCN. The paper considers the network topology with a different number of hosts using the Mininet emulator. The paper evaluates the performance of DCN based on Python SDN controllers with a different number of hosts. This evaluation compares POX and RYU controllers as DCN solutions using the throughput, delay, overhead, and convergence time. The results show that the POX outperforms the RYU controller and is the best choice for DCN.

Along with the ever increasing growth in data collection and its mining, there is an increasing fear of compromising individual and population privacy. Several techniques have been proposed in literature to preserve privacy of collected data while storing and processing. In this paper, we propose a privacy-aware architecture for storing and processing data in a Big Data warehouse. In particular, we propose a flexible, extendable, and adaptable architecture that enforces user specified privacy requirements in the form of Embedded Privacy Agreements. The paper discusses the details of the architecture with some implementation details.

The widespread adoption of eCommerce, iBanking, and eGovernment institutions has resulted in an exponential rise in the use of web applications. Due to a large number of users, web applications have become a prime target of cybercriminals who want to steal Personally Identifiable Information (PII) and disrupt business activities. Hence, there is a dire need to audit the websites and ensure information security. In this regard, several web vulnerability scanners are employed for vulnerability assessment of web applications but attacks are still increasing day by day. Therefore, a considerable amount of research has been carried out to measure the effectiveness and limitations of the publicly available web scanners. It is identified that most of the publicly available scanners possess weaknesses and do not generate desired results. In this paper, the evaluation of publicly available web vulnerability scanners is performed against the top ten OWASP11OWASP® The Open Web Application Security Project (OWASP) is an online community that produces comprehensive articles, documentation, methodologies, and tools in the arena of web and mobile security. vulnerabilities and their performance is measured on the precision of their results. Based on these results, we proposed an Integrated Multi-Agent Blackbox Security Assessment Tool (SAT) for the security assessment of web applications. Research has proved that the vulnerabilities assessment results of the SAT are more extensive and accurate.

To detect human behaviour and measure accuracy of classification rate. Materials and Methods: A novel deep belief network with sample size 10 and support vector machine with sample size of 10. It was iterated at different times predicting the accuracy percentage of human behaviour. Results: Human behaviour detection utilizing novel deep belief network 87.9% accuracy compared with support vector machine 87.0% accuracy. Deep belief networks seem to perform essentially better compared to support vector machines \$(\textbackslashmathrmp=0.55)(\textbackslashtextPiˆ0.05)\$. The deep belief algorithm in computer vision appears to perform significantly better than the support vector machine algorithm. Conclusion: Within this human behaviour detection novel deep belief network has more precision than support vector machine.

The Internet of Things (IoT) is rapidly evolving, allowing physical items to share information and coordinate with other nodes, increasing IoT’s value and being widely applied to various applications. Radio Frequency Identification (RFID) is usually used in IoT applications to automate item identification by establishing symmetrical communication between the tag device and the reader. Because RFID reading data is typically in plain text, a security mechanism is required to ensure that the reading results from this RFID data remain confidential. Researchers propose a lightweight encryption algorithm framework for IoT-based RFID applications to address this security issue. Furthermore, this research assesses the implementation of lightweight encryption algorithms, such as Grain v1 and Espresso, as two systems scenarios. The Grain v1 encryption is the final eSTREAM project that accepts an 80-bit key, 64-bit IV, and has a 160-bit internal state with limited application. In contrast, the Espresso algorithm has been implemented in various applications such as 5G wireless communication. Furthermore, this paper tested the performance of each encryption algorithm in the microcontroller and inspected the network performance in an IoT system.

The current face recognition technology has rapidly come into the public life, from unlocking cell phone face to mobile payment, which has brought a lot of convenience to life. However, it is undeniable that it also brings security challenges. Based on this paper, we will discuss the risks of face recognition in the mobile payment and put forward relevant suggestions.

In this paper, a novel composite right/left-handed transmission line (CRLH TL) 3-unit cell is presented for finding excellent time-delay (TD) efficiency of Chipless RFID's True-Time-Delay Lines (TTDLs). RFID (Radio Frequency Identification) is a non-contact automatic identification technology that uses radio frequency (RF) signals to identify target items automatically and retrieve pertinent data without the need for human participation. However, as compared to barcodes, RFID tags are prohibitively expensive and complex to manufacture. Chipless RFID tags are RFID tags that do not contain silicon chips and are therefore less expensive and easier to manufacture. It combines radio broadcasting technology with radar technology. Radio broadcasting technology use radio waves to send and receive voice, pictures, numbers, and symbols, whereas radar technology employs the radio wave reflection theory. Chipless RFID lowers the cost of sensors such as gas, temperature, humidity, and pressure. In addition, Chipless RFID tags can be used as sensors which are also required for security purposes and future IoT applications.

In recent years, body-worn RFID and NFC (near field communication) devices have become one of the principal technologies concurring to the rise of healthcare internet of thing (H-IoT) systems. Similarly, points of care (PoCs) moved increasingly closer to patients to reduce the costs while supporting precision medicine and improving chronic illness management, thanks to timely and frequent feedback from the patients themselves. A typical PoC involves medical sensing devices capable of sampling human health, personal equipment with communications and computing capabilities (smartphone or tablet) and a secure software environment for data transmission to medical centers. Hybrid platforms simultaneously employing NFC and ultra-high frequency (UHF) RFID could be successfully developed for the first sensing layer. An application example of the proposed hybrid system for the monitoring of acute myocardial infarction (AMI) survivors details how the combined use of NFC and UHF-RFID in the same PoC can support the multifaceted need of AMI survivors while protecting the sensitive data on the patient’s health.

Study on the effect of nanosecond laser anneal (NLA) induced crystallization of ferroelectric (FE) Si-doped hafnium oxide (HSO) material is reported. The laser energy density (0.3 J/cm2 to 1.3 J/cm2) and pulse count (1.0 to 30) variations are explored as pathways for the HSO based metal-ferroelectric-metal (MFM) capacitors. The increase in energy density shows transition toward ferroelectric film crystallization monitored by the remanent polarization (2Pr) and coercive field (2Ec). The NLA conditions show maximum 2Pr (\$\textbackslashsim 24\textbackslash \textbackslashmu\textbackslashmathrmC/\textbackslashtextcmˆ2\$) comparable to the values obtained from reference rapid thermal processing (RTP). Reliability dependence in terms of fatigue (107 cycles) of MFMs on NLA versus RTP crystallization anneal is highlighted. The NLA based MFMs shows improved fatigue cycling at high fields for the low energy densities compared to an RTP anneal. The maximum fatigue cycles to breakdown shows a characteristic dependence on the laser energy density and pulse count. Leakage current and dielectric breakdown of NLA based MFMs at the transition of amorphous to crystalline film state is reported. The role of NLA based anneal on ferroelectric film crystallization and MFM stack reliability is reported in reference with conventional RTP based anneal.

Data Analytics is at the core of almost all modern ap-plications ranging from science and finance to healthcare and web applications. The evolution of data analytics over the last decade has been dramatic - new methods, new tools and new platforms - with no slowdown in sight. This rapid evolution has pushed the boundaries of data analytics along several axis including scalability especially with the rise of distributed infrastructures and the Big Data era, and interoperability with diverse data management systems such as relational databases, Hadoop and Spark. However, many analytic application developers struggle with the challenge of production deployment. Recent experience suggests that it is difficult to deliver modern data analytics with the level of reliability, security and manageability that has been a feature of traditional SQL DBMSs. In this tutorial, we discuss the advances and innovations introduced at both the infrastructure and algorithmic levels, directed at making analytic workloads scale, while paying close attention to the kind of quality of service guarantees different technology provide. We start with an overview of the classical centralized analytical techniques, describing the shift towards distributed analytics over non-SQL infrastructures. We contrast such approaches with systems that integrate analytic functionality inside, above or adjacent to SQL engines. We also explore how Cloud platforms' virtualization capabilities make it easier - and cheaper - for end users to apply these new analytic techniques to their data. Finally, we conclude with the learned lessons and a vision for the near future.

Managing and storing big data is non-trivial for traditional relational databases (RDBMS). Therefore, the NoSQL (Not Only SQL) database management system emerged. It is ca-pable of handling the vast amount and the heterogeneity of data. In this research, we are interested in one of its trending types, the graph database, namely, the Directed Property Graph (DPG). This type of database is powerful in dealing with complex relationships (\$\textbackslashmathrme.\textbackslashmathrmg\$., social networks). However, its sen-sitive and private data must be protected against unauthorized access. This research proposes a security model that aims at exploiting and combining the benefits of Access Control, View-Based, and Query-Rewriting approaches. This is a novel combination for securing DPG.

In this paper, we proposed a data security model of a big data analytical environment in the financial sector. Big Data can be seen as a trend in the advancement of technology that has opened the door to a new approach to understanding and decision making that is used to describe the vast amount of data (structured, unstructured and semi-structured) that is too time consuming and costly to load a relational database for analysis. The increase in cybercriminal attacks on an organization’s assets results in organizations beginning to invest in and care more about their cybersecurity points and controls. The management of business-critical data is an important point for which robust cybersecurity controls should be considered. The proposed model is applied in a datalake and allows the identification of security gaps on an analytical repository, a cybersecurity risk analysis, design of security components and an assessment of inherent risks on high criticality data in a repository of a regulated financial institution. The proposal was validated in financial entities in Lima, Peru. Proofs of concept of the model were carried out to measure the level of maturity focused on: leadership and commitment, risk management, protection control, event detection and risk management. Preliminary results allowed placing the entities in level 3 of the model, knowing their greatest weaknesses, strengths and how these can affect the fulfillment of business objectives.

Ubiquitous environment embedded with artificial intelligent consist of heterogenous smart devices communicating each other in several context for the computation of requirements. In such environment the trust among the smart users have taken as the challenge to provide the secure environment during the communication in the ubiquitous region. To provide the secure trusted environment for the users of ubiquitous system proposed approach aims to extract behavior of smart invisible entities by retrieving their behavior of communication in the network and applying the recommendation-based filters using Deep learning (RBF-DL). The proposed model adopts deep learning-based classifier to classify the unfair recommendation with fair ones to have a trustworthy ubiquitous system. The capability of proposed model is analyzed and validated by considering different attacks and additional feature of instances in comparison with generic recommendation systems.

Malicious attacks, malware, and ransomware families pose critical security issues to cybersecurity, and it may cause catastrophic damages to computer systems, data centers, web, and mobile applications across various industries and businesses. Traditional anti-ransomware systems struggle to fight against newly created sophisticated attacks. Therefore, state-of-the-art techniques like traditional and neural network-based architectures can be immensely utilized in the development of innovative ransomware solutions. In this paper, we present a feature selection-based framework with adopting different machine learning algorithms including neural network-based architectures to classify the security level for ransomware detection and prevention. We applied multiple machine learning algorithms: Decision Tree (DT), Random Forest (RF), Naïve Bayes (NB), Logistic Regression (LR) as well as Neural Network (NN)-based classifiers on a selected number of features for ransomware classification. We performed all the experiments on one ransomware dataset to evaluate our proposed framework. The experimental results demonstrate that RF classifiers outperform other methods in terms of accuracy, F -beta, and precision scores.

Cyber security is turning into a significant angle in each industry like in banking part, force and computerization segments. Servers are basic resources in these enterprises where business basic touch information is put away. These servers frequently join web servers in them through which any business information and tasks are performed remotely. Thus, clearly for a solid activity, security of web servers is extremely basic. This paper gives another testing way to deal with defenselessness appraisal of web applications by methods for breaking down and utilizing a consolidated arrangement of apparatuses to address a wide scope of security issues.

The robustness of the encryption systems in all of their types depends on the key generation. Thus, an encryption system can be said robust if the generated key(s) are very complex and random which prevent attackers or other analytical tools to break the encryption system. This paper proposed an enhanced key generation based on iris image as biometric, to be implemented dynamically in both of authentication process and data encryption. The captured iris image during the authentication process will be stored in a cloud server to be used in the next login to decrypt data. While in the current login, the previously stored iris image in the cloud server would be used to decrypt data in the current session. The results showed that the generated key meets the required randomness for several NIST tests that is reasonable for one use. The strength of the proposed approach produced unrepeated keys for encryption and each key will be used once. The weakness of the produced key may be enhanced to become more random.

A novel secure physical layer key generation method for Connected and Autonomous Vehicles (CAVs) against an attacker is proposed under fading and Additive White Gaussian Noise (AWGN). In the proposed method, a random sequence key is added to the demodulated sequence to generate a unique pre-shared key (PSK) to enhance security. Extensive computer simulation results proved that an attacker cannot extract the same legitimate PSK generated by the received vehicle even if identical fading and AWGN parameters are used both for the legitimate vehicle and attacker.

5G has received significant interest from commercial as well as defense industries. However, resiliency in 5G remains a major concern for its use in military and defense applications. In this paper, we explore physical layer resiliency enhancements for 5G and use narrow-band Internet of Things (NB-IoT) as a study case. Two physical layer modifications, frequency hopping, and direct sequence spreading, are analyzed from the standpoint of implementation and performance. Simulation results show that these techniques are effective to harden the resiliency of the physical layer to interference and jamming. A discussion of protocol considerations for 5G and beyond is provided based on the results.

An often overlooked but equally important aspect of unmanned aerial system (UAS) design is the security of their networking protocols and how they deal with cyberattacks. In this context, cyberattacks are malicious attempts to monitor or modify incoming and outgoing data from the system. These attacks could target anywhere in the system where a transfer of data occurs but are most common in the transfer of data between the control station and the UAS. A compromise in the networking system of a UAS could result in a variety of issues including increased network latency between the control station and the UAS, temporary loss of control over the UAS, or a complete loss of the UAS. A complete loss of the system could result in the UAS being disabled, crashing, or the attacker overtaking command and control of the platform, all of which would be done with little to no alert to the operator. Fortunately, the majority of higher-end, enterprise, and government UAS platforms are aware of these threats and take actions to mitigate them. However, as the consumer market continues to grow and prices continue to drop, network security may be overlooked or ignored in favor of producing the lowest cost product possible. Additionally, these commercial off-the-shelf UAS often use uniform, standardized frequency bands, autopilots, and security measures, meaning a cyberattack could be developed to affect a wide variety of models with minimal changes. This paper will focus on a low-cost educational-use UAS and test its resilience to a variety of cyberattack methods, including man-in-the-middle attacks, spoofing of data, and distributed denial-of-service attacks. Following this experiment will be a discussion of current cybersecurity practices for counteracting these attacks and how they can be applied onboard a UAS. Although in this case the cyberattacks were tested against a simpler platform, the methods discussed are applicable to any UAS platform attempting to defend against such cyberattack methods.

Amount and variety of training data drastically affect the performance of CNNs. Thus, annotation methods are becoming more and more critical to collect data efficiently. In this paper, we propose a simple yet efficient Interactive Self-Annotation framework to cut down both time and human labor cost for video object bounding box annotation. Our method is based on recurrent self-supervised learning and consists of two processes: automatic process and interactive process, where the automatic process aims to build a supported detector to speed up the interactive process. In the Automatic Recurrent Annotation, we let an off-the-shelf detector watch unlabeled videos repeatedly to reinforce itself automatically. At each iteration, we utilize the trained model from the previous iteration to generate better pseudo ground-truth bounding boxes than those at the previous iteration, recurrently improving self-supervised training the detector. In the Interactive Recurrent Annotation, we tackle the human-in-the-loop annotation scenario where the detector receives feedback from the human annotator. To this end, we propose a novel Hierarchical Correction module, where the annotated frame-distance binarizedly decreases at each time step, to utilize the strength of CNN for neighbor frames. Experimental results on various video datasets demonstrate the advantages of the proposed framework in generating high-quality annotations while reducing annotation time and human labor costs.

This paper presents a novel authentication method based on a distributed version of Kerberos for UAVs. One of the major problems of UAVs in recent years has been cyber-attacks which allow attackers to control the UAV or access its information. The growing use of UAVs has encouraged us to investigate the methods of their protection especially authentication of their users. In the past, the Kerberos system was rarely used for authentication in UAV systems. In our proposed method, based on a distributed version of Kerberos, we can authenticate multiple ground stations, users, and controllers for one or more UAVs. This method considers most of the security aspects to protect UAV systems mainly in the authentication phase and improves the security of UAVs and ground control stations and their communications considerably.