B C, Manoj Kumar, R J, Anil Kumar, D, Shashidhara, M, Prem Singh.
2022.
Data Encryption and Decryption Using DNA and Embedded Technology. 2022 Fourth International Conference on Emerging Research in Electronics, Computer Science and Technology (ICERECT). :1—5.
Securing communication and information is known as cryptography. To convert messages from plain text to cipher text and the other way around. It is the process of protecting the data and sending it to the right audience so they can understand and process it. Hence, unauthorized access is avoided. This work suggests leveraging DNA technology for encrypt and decrypt the data. The main aim of utilizing the AES in this stage will transform ASCII code to hexadecimal to binary coded form and generate DNA. The message is encrypted with a random key. Shared key used for encrypt and decrypt the data. The encrypted data will be disguised as an image using steganography. To protect our data from hijackers, assailants, and muggers, it is frequently employed in institutions, banking, etc.
B M, Chandrakala, Linga Reddy, S C.
2019.
Proxy Re-Encryption using MLBC (Modified Lattice Based Cryptography). 2019 International Conference on Recent Advances in Energy-efficient Computing and Communication (ICRAECC). :1—5.
In last few years, Proxy Re-Encryption has been used for forwarding the encrypted message to the user, these users are the one who has not been a part of encryption. In the past several scheme were developed in order to provide the efficient and secure proxy re-encryption. However, these methodology mainly focused on features like maximum key privacy, minimal trust proxy and others. In such cases the efficiency and security was mainly ignored. Hence, in order to provide the efficient and secure proxy re-encryption, we proposed an algorithm named as MLBC (Modified Lattice Based Cryptography) is proposed. Our method is based on the PKE (Public Key Encryption) and it provides more efficiency when compared to the other cryptography technique. Later in order to evaluate the algorithm simulation is done based on several parameter such as encryption time, proxy key generation time, Re-encryption time and Total computation time. Later, it is compared with the existing algorithm and the plotted graph clearly shows that our algorithm outperforms the existing algorithm.
B S, Sahana Raj, Venugopalachar, Sridhar.
2022.
Traitor Tracing in Broadcast Encryption using Vector Keys. 2022 IEEE 2nd Mysore Sub Section International Conference (MysuruCon). :1–5.
Secured data transmission between one to many authorized users is achieved through Broadcast Encryption (BE). In BE, the source transmits encrypted data to multiple registered users who already have their decrypting keys. The Untrustworthy users, known as Traitors, can give out their secret keys to a hacker to form a pirate decoding system to decrypt the original message on the sly. The process of detecting the traitors is known as Traitor Tracing in cryptography. This paper presents a new Black Box Tracing method that is fully collusion resistant and it is designated as Traitor Tracing in Broadcast Encryption using Vector Keys (TTBE-VK). The proposed method uses integer vectors in the finite field Zp as encryption/decryption/tracing keys, reducing the computational cost compared to the existing methods.
B. Boyadjis, C. Bergeron, S. Lecomte.
2015.
"Auto-synchronized selective encryption of video contents for an improved transmission robustness over error-prone channels". 2015 IEEE International Conference on Image Processing (ICIP). :2969-2973.
Selective encryption designates a technique that aims at scrambling a message content while preserving its syntax. Such an approach allows encryption to be transparent towards middle-box and/or end user devices, and to easily fit within existing pipelines. In this paper, we propose to apply this property to a real-time diffusion scenario - or broadcast - over a RTP session. The main challenge of such problematic is the preservation of the synchronization between encryption and decryption. Our solution is based on the Advanced Encryption Standard in counter mode which has been modified to fit our auto-synchronization requirement. Setting up the proposed synchronization scheme does not induce any latency, and requires no additional bandwidth in the RTP session (no additional information is sent). Moreover, its parallel structure allows to start decryption on any given frame of the video while leaving a lot of room for further optimization purposes.
B. C. M. Cappers, J. J. van Wijk.
2015.
"SNAPS: Semantic network traffic analysis through projection and selection". 2015 IEEE Symposium on Visualization for Cyber Security (VizSec). :1-8.
Most network traffic analysis applications are designed to discover malicious activity by only relying on high-level flow-based message properties. However, to detect security breaches that are specifically designed to target one network (e.g., Advanced Persistent Threats), deep packet inspection and anomaly detection are indispensible. In this paper, we focus on how we can support experts in discovering whether anomalies at message level imply a security risk at network level. In SNAPS (Semantic Network traffic Analysis through Projection and Selection), we provide a bottom-up pixel-oriented approach for network traffic analysis where the expert starts with low-level anomalies and iteratively gains insight in higher level events through the creation of multiple selections of interest in parallel. The tight integration between visualization and machine learning enables the expert to iteratively refine anomaly scores, making the approach suitable for both post-traffic analysis and online monitoring tasks. To illustrate the effectiveness of this approach, we present example explorations on two real-world data sets for the detection and understanding of potential Advanced Persistent Threats in progress.
B. Gu, Y. Fang, P. Jia, L. Liu, L. Zhang, M. Wang.
2015.
"A New Static Detection Method of Malicious Document Based on Wavelet Package Analysis". 2015 International Conference on Intelligent Information Hiding and Multimedia Signal Processing (IIH-MSP). :333-336.
More and more advanced persistent threat attacks has happened since 2009. This kind of attacks usually use more than one zero-day exploit to achieve its goal. Most of the times, the target computer will execute malicious program after the user open an infected compound document. The original detection method becomes inefficient as the attackers using a zero-day exploit to structure these compound documents. Inspired by the detection method based on structural entropy, we apply wavelet analysis to malicious document detection system. In our research, we use wavelet analysis to extract features from the raw data. These features will be used todetect whether the compound document was embed malicious code.
B. Yang, E. Martiri.
2015.
"Using Honey Templates to Augment Hash Based Biometric Template Protection". 2015 IEEE 39th Annual Computer Software and Applications Conference. 3:312-316.
Hash based biometric template protection schemes (BTPS), such as fuzzy commitment, fuzzy vault, and secure sketch, address the privacy leakage concern on the plain biometric template storage in a database through using cryptographic hash calculation for template verification. However, cryptographic hashes have only computational security whose being cracked shall leak the biometric feature in these BTPS; and furthermore, existing BTPS are rarely able to detect during a verification process whether a probe template has been leaked from the database or not (i.e., being used by an imposter or a genuine user). In this paper we tailor the "honeywords" idea, which was proposed to detect the hashed password cracking, to enable the detectability of biometric template database leakage. However, unlike passwords, biometric features encoded in a template cannot be renewed after being cracked and thus not straightforwardly able to be protected by the honeyword idea. To enable the honeyword idea on biometrics, diversifiability (and thus renewability) is required on the biometric features. We propose to use BTPS for his purpose in this paper and present a machine learning based protected template generation protocol to ensure the best anonymity of the generated sugar template (from a user's genuine biometric feature) among other honey ones (from synthesized biometric features).
B.D.J., Anudeep, Sai N., Mohan, Bhanuj T., Sai, Devi, R. Santhiya, Kumar, Vaishnavi, Thenmozhi, K., Rengarajan, Amirtharajan, Praveenkumar, Padmapriya.
2020.
Reversible Hiding with Quick Response Code - A Responsible Security. 2020 International Conference on Computer Communication and Informatics (ICCCI). :1—5.
In this paper, Reversible data hiding using difference statistics technique incorporating QR codes was proposed. Here, Quick Response (QR) codes were employed as an additional feature and were hidden in the corners of the original image to direct to the hyperlink after authentication and then embedding the secret data bits was carried out. At the receiver side, when the QR codes were scanned by the user, the link to the webpage was accessed, and then the original image and the secret data bits were recovered by using the proposed reversible data hiding scheme. In the proposed scheme, the pixels of the cover image were scanned in row-major order fashion, and the differences between the adjacent pixels were computed, keeping the first pixel unaltered to maintain the size of the host and the difference image same. Now, the histogram was shifted towards the right or left to reduce the redundancy and then to embed the secret data bits were done. Due to the similarity exists between the pixel values, the difference between the host and the secret image reconstructs the marked image. The proposed scheme was carried out using MATLAB 2013. PSNR (Peak Signal to Noise Ratio) and payload have been computed for various test images to validate the proposed scheme and found to be better than the available literature.
Ba-Hutair, M. N., Kamel, I..
2016.
A New Scheme for Protecting the Privacy and Integrity of Spatial Data on the Cloud. 2016 IEEE Second International Conference on Multimedia Big Data (BigMM). :394–397.
As the amount of spatial data gets bigger, organizations realized that it is cheaper and more flexible to keep their data on the Cloud rather than to establish and maintain in-house huge data centers. Though this saves a lot for IT costs, organizations are still concerned about the privacy and security of their data. Encrypting the whole database before uploading it to the Cloud solves the security issue. But querying the database requires downloading and decrypting the data set, which is impractical. In this paper, we propose a new scheme for protecting the privacy and integrity of spatial data stored in the Cloud while being able to execute range queries efficiently. The proposed technique suggests a new index structure to support answering range query over encrypted data set. The proposed indexing scheme is based on the Z-curve. The paper describes a distributed algorithm for answering range queries over spatial data stored on the Cloud. We carried many simulation experiments to measure the performance of the proposed scheme. The experimental results show that the proposed scheme outperforms the most recent schemes by Kim et al. in terms of data redundancy.
Ba\c ser, Melike, Güven, Ebu Yusuf, Aydın, Muhammed Ali.
2021.
SSH and Telnet Protocols Attack Analysis Using Honeypot Technique : *Analysis of SSH AND ℡NET Honeypot. 2021 6th International Conference on Computer Science and Engineering (UBMK). :806–811.
Generally, the defense measures taken against new cyber-attack methods are insufficient for cybersecurity risk management. Contrary to classical attack methods, the existence of undiscovered attack types called' zero-day attacks' can invalidate the actions taken. It is possible with honeypot systems to implement new security measures by recording the attacker's behavior. The purpose of the honeypot is to learn about the methods and tools used by the attacker or malicious activity. In particular, it allows us to discover zero-day attack types and develop new defense methods for them. Attackers have made protocols such as SSH (Secure Shell) and Telnet, which are widely used for remote access to devices, primary targets. In this study, SSHTelnet honeypot was established using Cowrie software. Attackers attempted to connect, and attackers record their activity after providing access. These collected attacker log records and files uploaded to the system are published on Github to other researchers1. We shared the observations and analysis results of attacks on SSH and Telnet protocols with honeypot.
Baba, Asif Iqbal, Jaeger, Manfred, Lu, Hua, Pedersen, Torben Bach, Ku, Wei-Shinn, Xie, Xike.
2016.
Learning-Based Cleansing for Indoor RFID Data. Proceedings of the 2016 International Conference on Management of Data. :925–936.
RFID is widely used for object tracking in indoor environments, e.g., airport baggage tracking. Analyzing RFID data offers insight into the underlying tracking systems as well as the associated business processes. However, the inherent uncertainty in RFID data, including noise (cross readings) and incompleteness (missing readings), pose challenges to high-level RFID data querying and analysis. In this paper, we address these challenges by proposing a learning-based data cleansing approach that, unlike existing approaches, requires no detailed prior knowledge about the spatio-temporal properties of the indoor space and the RFID reader deployment. Requiring only minimal information about RFID deployment, the approach learns relevant knowledge from raw RFID data and uses it to cleanse the data. In particular, we model raw RFID readings as time series that are sparse because the indoor space is only partly covered by a limited number of RFID readers. We propose the Indoor RFID Multi-variate Hidden Markov Model (IR-MHMM) to capture the uncertainties of indoor RFID data as well as the correlation of moving object locations and object RFID readings. We propose three state space design methods for IR-MHMM that enable the learning of parameters while contending with raw RFID data time series. We solely use raw uncleansed RFID data for the learning of model parameters, requiring no special labeled data or ground truth. The resulting IR-MHMM based RFID data cleansing approach is able to recover missing readings and reduce cross readings with high effectiveness and efficiency, as demonstrated by extensive experimental studies with both synthetic and real data. Given enough indoor RFID data for learning, the proposed approach achieves a data cleansing accuracy comparable to or even better than state-of-the-art techniques requiring very detailed prior knowledge, making our solution superior in terms of both effectiveness and employability.
Babaei, Armin.
2021.
Lightweight and Reconfigurable Security Architecture for Internet of Things devices. 2021 IEEE International Conference on Autonomic Computing and Self-Organizing Systems Companion (ACSOS-C). :307—309.
Assuring Cybersecurity for the Internet of things (IoT) remains a significant challenge. Most IoT devices have minimal computational power and should be secured with lightweight security techniques (optimized computation and energy tradeoff). Furthermore, IoT devices are mainly designed to have long lifetimes (e.g., 10–15 years), forcing the designers to open the system for possible future updates. Here, we developed a lightweight and reconfigurable security architecture for IoT devices. Our research goal is to create a simple authentication protocol based on physical unclonable function (PUF) for FPGA-based IoT devices. The main challenge toward realization of this protocol is to make it make it resilient against machine learning attacks and it shall not use cryptography primitives.
Babaie, T., Chawla, S., Ardon, S., Yue Yu.
2014.
A unified approach to network anomaly detection. Big Data (Big Data), 2014 IEEE International Conference on. :650-655.
This paper presents a unified approach for the detection of network anomalies. Current state of the art methods are often able to detect one class of anomalies at the cost of others. Our approach is based on using a Linear Dynamical System (LDS) to model network traffic. An LDS is equivalent to Hidden Markov Model (HMM) for continuous-valued data and can be computed using incremental methods to manage high-throughput (volume) and velocity that characterizes Big Data. Detailed experiments on synthetic and real network traces shows a significant improvement in detection capability over competing approaches. In the process we also address the issue of robustness of network anomaly detection systems in a principled fashion.
Babasaheb, Desai Rahul, Raman, Indhumathi.
2018.
Survey on Fault Tolerance and Security in Mobile Ad Hoc Networks (MANETs). 2018 3rd International Conference for Convergence in Technology (I2CT). :1–5.
Providing fault tolerance in Mobile Ad hoc Networks (MANETs) is very tricky activity as nodes migrate from one place to other place and changes network topology. Also MANET is very susceptible for various attacks like DoS attacks etc. So providing security to MANET is also very difficult job. Multipath protocols provide better results than unipath protocols. Multipath protocols provide fault tolerance but many multipath protocols for MANETs not targeted security issues. Distributed and cooperative security that means Intrusion Detection System (IDS) gives better security to MANETs. In this paper we have discussed many confronts and concerns regarding fault tolerance and IDS.
Babay, Amy, Schultz, John, Tantillo, Thomas, Amir, Yair.
2018.
Toward an Intrusion-Tolerant Power Grid: Challenges and Opportunities. 2018 IEEE 38th International Conference on Distributed Computing Systems (ICDCS). :1321–1326.
While cyberattacks pose a relatively new challenge for power grid control systems, commercial cloud systems have needed to address similar threats for many years. However, technology and approaches developed for cloud systems do not necessarily transfer directly to the power grid, due to important differences between the two domains. We discuss our experience adapting intrusion-tolerant cloud technologies to the power domain and describe the challenges we have encountered and potential directions for overcoming those obstacles.
Babay, Amy, Tantillo, Thomas, Aron, Trevor, Platania, Marco, Amir, Yair.
2018.
Network-Attack-Resilient Intrusion-Tolerant SCADA for the Power Grid. 2018 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN). :255–266.
As key components of the power grid infrastructure, Supervisory Control and Data Acquisition (SCADA) systems are likely to be targeted by nation-state-level attackers willing to invest considerable resources to disrupt the power grid. We present Spire, the first intrusion-tolerant SCADA system that is resilient to both system-level compromises and sophisticated network-level attacks and compromises. We develop a novel architecture that distributes the SCADA system management across three or more active sites to ensure continuous availability in the presence of simultaneous intrusions and network attacks. A wide-area deployment of Spire, using two control centers and two data centers spanning 250 miles, delivered nearly 99.999% of all SCADA updates initiated over a 30-hour period within 100ms. This demonstrates that Spire can meet the latency requirements of SCADA for the power grid.
Babay, Amy, Schultz, John, Tantillo, Thomas, Beckley, Samuel, Jordan, Eamon, Ruddell, Kevin, Jordan, Kevin, Amir, Yair.
2019.
Deploying Intrusion-Tolerant SCADA for the Power Grid. 2019 49th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN). :328–335.
While there has been considerable research on making power grid Supervisory Control and Data Acquisition (SCADA) systems resilient to attacks, the problem of transitioning these technologies into deployed SCADA systems remains largely unaddressed. We describe our experience and lessons learned in deploying an intrusion-tolerant SCADA system in two realistic environments: a red team experiment in 2017 and a power plant test deployment in 2018. These experiences resulted in technical lessons related to developing an intrusion-tolerant system with a real deployable application, preparing a system for deployment in a hostile environment, and supporting protocol assumptions in that hostile environment. We also discuss some meta-lessons regarding the cultural aspects of transitioning academic research into practice in the power industry.
Babel, Franziska, Hock, Philipp, Kraus, Johannes, Baumann, Martin.
2022.
It Will Not Take Long! Longitudinal Effects of Robot Conflict Resolution Strategies on Compliance, Acceptance and Trust. 2022 17th ACM/IEEE International Conference on Human-Robot Interaction (HRI). :225–235.
Domestic service robots become increasingly prevalent and autonomous, which will make task priority conflicts more likely. The robot must be able to effectively and appropriately negotiate to gain priority if necessary. In previous human-robot interaction (HRI) studies, imitating human negotiation behavior was effective but long-term effects have not been studied. Filling this research gap, an interactive online study (\$N=103\$) with two sessions and six trials was conducted. In a conflict scenario, participants repeatedly interacted with a domestic service robot that applied three different conflict resolution strategies: appeal, command, diminution of request. The second manipulation was reinforcement (thanking) of compliance behavior (yes/no). This led to a 3×2×6 mixed-subject design. User acceptance, trust, user compliance to the robot, and self-reported compliance to a household member were assessed. The diminution of a request combined with positive reinforcement was the most effective strategy and perceived trustworthiness increased significantly over time. For this strategy only, self-reported compliance rates to the human and the robot were similar. Therefore, applying this strategy potentially seems to make a robot equally effective as a human requester. This paper contributes to the design of acceptable and effective robot conflict resolution strategies for long-term use.
Babel, Franziska, Baumann, Martin.
2022.
Designing Psychological Conflict Resolution Strategies for Autonomous Service Robots. 2022 17th ACM/IEEE International Conference on Human-Robot Interaction (HRI). :1146–1148.
As autonomous service robots will become increasingly ubiquitous in our daily lives, human-robot conflicts will become more likely when humans and robots share the same spaces and resources. This thesis investigates the conflict resolution of robots and humans in everyday conflicts in the domestic and public context. Hereby, the acceptability, trustworthiness, and effectiveness of verbal and non-verbal strategies for the robot to solve the conflict in its favor are evaluated. Based on the assumption of the Media Equation and CASA paradigm that people interact with computers as social actors, robot conflict resolution strategies from social psychology and human-machine interaction were derived. The effectiveness, acceptability, and trustworthiness of those strategies were evaluated in online, virtual reality, and laboratory experiments. Future work includes determining the psychological processes of human-robot conflict resolution in further experimental studies.
Babenko, Liudmila, Pisarev, Ilya.
2018.
Security Analysis of the Electronic Voting Protocol Based on Blind Intermediaries Using the SPIN Verifier. 2018 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery (CyberC). :43—435.
Cryptographic protocols are the basis for the security of any protected system, including the electronic voting system. One of the most effective ways to analyze protocol security is to use verifiers. In this paper, the formal verifier SPIN was used to analyze the security of the cryptographic protocol for e-voting, which is based on model checking using linear temporal logic (LTL). The cryptographic protocol of electronic voting is described. The main structural units of the Promela language used for simulation in the SPIN verifier are described. The model of the electronic voting protocol in the language Promela is given. The interacting parties, transferred data, the order of the messages transmitted between the parties are described. Security of the cryptographic protocol using the SPIN tool is verified. The simulation of the protocol with active intruder using the man in the middle attack (MITM) to substitute data is made. In the simulation results it is established that the protocol correctly handles the case of an active attack on the parties' authentication.
Babenko, Liudmila, Shumilin, Alexander, Alekseev, Dmitry.
2021.
Development of the Algorithm to Ensure the Protection of Confidential Data in Cloud Medical Information System. 2021 14th International Conference on Security of Information and Networks (SIN). 1:1–4.
The main purpose to ensure the security for confidential medical data is to develop and implement the architecture of a medical cloud system, for storage, systematization, and processing of survey results (for example EEG) jointly with an algorithm for ensuring the protection of confidential data based on a fully homomorphic cryptosystem. The most optimal algorithm based on the test results (analysis of the time of encryption, decryption, addition, multiplication, the ratio of the signal-to-noise of the ciphertext to the open text), has been selected between two potential applicants for using (BFV and CKKS schemes). As a result, the CKKS scheme demonstrates maximal effectiveness in the context of the criticality of the requirements for an important level of security.
Babenko, Ludmila, Maro, Ekaterina, Anikeev, Maxim.
2016.
Modeling of Algebraic Analysis of GOST+ Cipher in SageMath. Proceedings of the 9th International Conference on Security of Information and Networks. :100–103.
In this paper we present results of algebraic analysis of GOST⌖ algorithm in SageMath environment. Using the GOST⌖ as the example we explore basic stages of algebraic analysis of any symmetric block cipher based on Feistel network. We construct sets of boolean equations for five encryption rounds and determine the number of known text pairs for which the key can be found with the probability of 1. The algebraic analysis of five rounds of GOST⌖ allowed to find a 160-bit encryption key with the probability of 1 for five known text pairs within 797.21 s; the search for the solution took 24.66 s.
Babenko, Mikhail, Redvanov, Aziz Salimovich, Deryabin, Maxim, Chervyakov, Nikolay, Nazarov, Anton, Al-Galda, Safwat Chiad, Vashchenko, Irina, Dvoryaninova, Inna, Nepretimova, Elena.
2019.
Efficient Implementation of Cryptography on Points of an Elliptic Curve in Residue Number System. 2019 International Conference on Engineering and Telecommunication (EnT). :1—5.
The article explores the question of the effective implementation of arithmetic operations with points of an elliptic curve given over a prime field. Given that the basic arithmetic operations with points of an elliptic curve are the operations of adding points and doubling points, we study the question of implementing the arithmetic operations of adding and doubling points in various coordinate systems using the weighted number system and using the Residue Number System (RNS). We have shown that using the fourmodule RNS allows you to get an average gain for the operation of adding points of the elliptic curve of 8.67% and for the operation of doubling the points of the elliptic curve of 8.32% compared to the implementation using the operation of modular multiplication with special moduli from NIST FIPS 186.
Babiker, M., Khalifa, O. O., Htike, K. K., Hassan, A., Zaharadeen, M..
2017.
Automated daily human activity recognition for video surveillance using neural network. 2017 IEEE 4th International Conference on Smart Instrumentation, Measurement and Application (ICSIMA). :1–5.
Surveillance video systems are gaining increasing attention in the field of computer vision due to its demands of users for the seek of security. It is promising to observe the human movement and predict such kind of sense of movements. The need arises to develop a surveillance system that capable to overcome the shortcoming of depending on the human resource to stay monitoring, observing the normal and suspect event all the time without any absent mind and to facilitate the control of huge surveillance system network. In this paper, an intelligent human activity system recognition is developed. Series of digital image processing techniques were used in each stage of the proposed system, such as background subtraction, binarization, and morphological operation. A robust neural network was built based on the human activities features database, which was extracted from the frame sequences. Multi-layer feed forward perceptron network used to classify the activities model in the dataset. The classification results show a high performance in all of the stages of training, testing and validation. Finally, these results lead to achieving a promising performance in the activity recognition rate.
Babkin, Sergey, Epishkina, Anna.
2019.
Authentication Protocols Based on One-Time Passwords. 2019 IEEE Conference of Russian Young Researchers in Electrical and Electronic Engineering (EIConRus). :1794–1798.
Nowadays one-time passwords are used in a lot of areas of information technologies including e-commerce. A few vulnerabilities in authentication protocols based on one-time passwords are widely known. In current work, we analyze authentication protocols based on one-time passwords and their vulnerabilities. Both simple and complicated protocols which are implementing cryptographic algorithms are reviewed. For example, an analysis of relatively old Lamport's hash-chain protocol is provided. At the same time, we examine HOTP and TOTP protocols which are actively used nowadays. The main result of the work are conclusions about the security of reviewed protocols based on one-time passwords.