Biblio

Major blackouts are due to cascading failures in power systems. These failures usually occur at vulnerable links of the network. To identify these, indicators have already been defined using complex network theory. However, most of these indicators only depend on the topology of the grid; they fail to detect the weak links. We introduce a new metric to identify the vulnerable lines, based on the load-flow equations and the grid geometry. Contrary to the topological indicators, ours is built from the electrical equations and considers the location and magnitude of the loads and of the power generators. We apply this new metric to the IEEE 118-bus system and compare its prediction of weak links to the ones given by an industrial software. The agreement is very well and shows that using our indicator a simple examination of the network and its generator and load distribution suffices to find the weak lines.

As power grid control systems become increasingly automated and distributed, security has become a significant design concern. Systems increasingly expose new avenues, at a variety of levels, for attackers to exploit and enable widespread disruptions and/or surveillance. Much prior work has explored the implications of attack models focused on false data injection at the front-end of the control system (i.e. during state estimation) [1]. Instead, in this paper we focus on characterizing the inherent cyber-attack vulnerabilities with power flow. Power flow (and power flow constraints) are at the core of many applications critical to operation of power grids (e.g. state estimation, economic dispatch, contingency analysis, etc.). We propose two algorithmic approaches for characterizing the vulnerability of buses within power grids to cyber-attacks. Specifically, we focus on measuring the instability of power flow to attacks which manifest as either voltage or power related errors. Our results show that attacks manifesting as voltage errors are an order of magnitude more likely to cause instability than attacks manifesting as power related errors (and 5x more likely for state estimation as compared to power flow).

Multicast distribution employs the model of many-to-many so that it is a more efficient way of data delivery compared to traditional one-to-one unicast distribution, which can benefit many applications such as media streaming. However, the lack of security features in its nature makes multicast technology much less popular in an open environment such as the Internet. Internet Service Providers (ISPs) take advantage of IP multicast technology's high efficiency of data delivery to provide Internet Protocol Television (IPTV) to their users. But without the full control on their networks, ISPs cannot collect revenue for the services they provide. Secure Internet Group Management Protocol (SIGMP), an extension of Internet Group Management Protocol (IGMP), and Group Security Association Management Protocol (GSAM), have been proposed to enforce receiver access control at the network level of IP multicast. In this paper, we analyze operational details and issues of both SIGMP and GSAM. An examination of the performance of both protocols is also conducted.

Security model is an important subject in the field of low energy independence complexity theory. It takes security strategy as the core, changes the system from static protection to dynamic protection, and provides the basis for the rapid response of the system. A large number of empirical studies have been conducted to verify the cache consistency. The development of object oriented language is pure object oriented language, and the other is mixed object oriented language, that is, adding class, inheritance and other elements in process language and other languages. This paper studies a new object-oriented language application, namely GUT for a write-back cache, which is based on the study of simulation algorithm to solve all these challenges in the field of low energy independence complexity theory.

Interior permanent magnet (IPM)-type linear oscillating actuators (LOAs) have a higher output power density than typical LOAs. Their mover consists of a permanent magnet (PM) and an iron core, however, this configuration generates significant side forces. The device can malfunction due to eccentricity in the electromagnetic behavior. Thus, here an electromagnetic design was developed to minimize this side force. In addition, dynamic analysis was performed considering the mechanical systems of LOAs. To perform a more accurate analysis, instantaneous inductance was considered according to the mover's position.

Physical Unclonable Functions (PUFs) are vulnerable to various modelling attacks. The chaotic behaviour of oscillating systems can be leveraged to improve their security against these attacks. We have integrated an Arbiter PUF implemented on a FPGA with Chua's oscillator circuit to obtain robust final responses. These responses are tested against conventional Machine Learning and Deep Learning attacks for verifying security of the design. It has been found that such a design is robust with prediction accuracy of nearly 50%. Moreover, the quality of the PUF architecture is evaluated for uniformity and uniqueness metrics and Monte Carlo analysis at varying temperatures is performed for determining reliability.

This paper deals with effects of current sensor bandwidth and time delays in a system controlled by a Phase-Shift Self-Oscillating Current Controller (PSSOCC). The robustness of this current controller has been proved in former works showing its good performances in a large range of applications including AC/DC and DC/AC converters, power factor correction, active filters, isolation amplifiers and motor control. As switching frequencies can be upper than 30kHz, time delays and bandwidth limitations cannot be neglected in comparison with former works on this robust current controller. Thus, several models are proposed in this paper to analyze system behaviours. Those models permit to find analytical expressions binding maximum oscillation frequency with time delay and/or additional filter parameters. Through current spectrums analysis, quality of analytical expressions is proved for each model presented in this work. An experimental approach shows that every element of the electronic board having a low-pass effect or delaying command signals need to be included in the model in order to have a perfect match between calculations, simulations and practical results.

The relative permittivity (also known as dielectric constant) is one of the physical properties that characterize a substance. The measurement of its magnitude can be useful in the analysis of several fluids, playing an important role in many industrial processes. This paper presents a method for measuring the relative permittivity of fluids, with the possibility of real-time monitoring. The method comprises the immersion of a capacitive sensor inside a tank or duct, in order to have the inspected substance as its dielectric. An electronic circuit is responsible for exciting this sensor, which will have its capacitance measured through a quick analysis of two analog signals outputted by the circuit. The developed capacitance meter presents a novel topology derived from the well-known Howland current source. One of its main advantages is the capacitance-selective behavior, which allows the system to overcome the effects of parasitic resistive and inductive elements on its readings. In addition to an adjustable current output that suits different impedance magnitudes, it exhibits a steady oscillating behavior, thus allowing continuous operation without any form of external control. This paper presents experimental results obtained from the proposed system and compares them to measurements made with proven and calibrated equipment. Two initial capacitance measurements performed with the system for evaluating the sensor's characteristics exhibited relative errors of approximately 0.07% and 0.53% in comparison to an accurate workbench LCR meter.

Geo-social applications deal with constantly sharing user's current geographic information in terms of location (Latitude and Longitude). Such application can be used by many people to get information about their surrounding with the help of their friend's locations and their recommendations. But without any privacy protection, these systems can be easily misused by tracking the users. We are proposing Error Based Transformation (ERB) approach for location transformation which provides significantly improved location privacy without adding uncertainty in to query results or relying on strong assumptions about server security. The key insight is to apply secure user-specific, distance-preserving coordinate transformations to all location data shared with the server. Only the friends of a user can get exact co-ordinates by applying inverse transformation with secret key shared with them. Servers can evaluate all location queries correctly on transformed data. ERB privacy mechanism guarantee that servers are unable to see or infer actual location data from the transformed data. ERB privacy mechanism is successful against a powerful adversary model where prototype measurements used to show that it provides with very little performance overhead making it suitable for today's mobile device.

Geo-social applications deal with constantly sharing user's current geographic information in terms of location (Latitude and Longitude). Such application can be used by many people to get information about their surrounding with the help of their friend's locations and their recommendations. But without any privacy protection, these systems can be easily misused by tracking the users. We are proposing Error Based Transformation (ERB) approach for location transformation which provides significantly improved location privacy without adding uncertainty in to query results or relying on strong assumptions about server security. The key insight is to apply secure user-specific, distance-preserving coordinate transformations to all location data shared with the server. Only the friends of a user can get exact co-ordinates by applying inverse transformation with secret key shared with them. Servers can evaluate all location queries correctly on transformed data. ERB privacy mechanism guarantee that servers are unable to see or infer actual location data from the transformed data. ERB privacy mechanism is successful against a powerful adversary model where prototype measurements used to show that it provides with very little performance overhead making it suitable for today's mobile device.

Privacy becomes one of the important issues in data-driven applications. The advent of non-PC devices such as Internet-of-Things (IoT) devices for data-driven applications leads to needs for light-weight data anonymization. In this paper, we develop an anonymization framework that expedites model learning in parallel and generates deployable models for devices with low computing capability. We evaluate our framework with various settings such as different data schema and characteristics. Our results exhibit that our framework learns anonymization models up to 16 times faster than a sequential anonymization approach and that it preserves enough information in anonymized data for data-driven applications.

Privacy becomes one of the important issues in data-driven applications. The advent of non-PC devices such as Internet-of-Things (IoT) devices for data-driven applications leads to needs for light-weight data anonymization. In this paper, we develop an anonymization framework that expedites model learning in parallel and generates deployable models for devices with low computing capability. We evaluate our framework with various settings such as different data schema and characteristics. Our results exhibit that our framework learns anonymization models up to 16 times faster than a sequential anonymization approach and that it preserves enough information in anonymized data for data-driven applications.

Bitcoin is popular not only with consumers, but also with cybercriminals (e.g., in ransomware and online extortion, and commercial online child exploitation). Given the potential of Bitcoin to be involved in a criminal investigation, the need to have an up-to-date and in-depth understanding on the forensic acquisition and analysis of Bitcoins is crucial. However, there has been limited forensic research of Bitcoin in the literature. The general focus of existing research is on postmortem analysis of specific locations (e.g. wallets on mobile devices), rather than a forensic approach that combines live data forensics and postmortem analysis to facilitate the identification, acquisition, and analysis of forensic traces relating to the use of Bitcoins on a system. Hence, the latter is the focus of this paper where we present an open source tool for live forensic and postmortem analysing automatically. Using this open source tool, we describe a list of target artifacts that can be obtained from a forensic investigation of popular Bitcoin clients and Web Wallets on different web browsers installed on Windows 7 and Windows 10 platforms.

We developed a virtualization-based infringement incident response tool for cyber security training system using Cloud. This tool was developed by applying the concept of attack and defense which is the basic of military war game modeling and simulation. The main purpose of this software is to cultivate cyber security experts capable of coping with various situations to minimize the damage in the shortest time when an infringement incident occurred. This tool acquired the invaluable certificate from Korean government agency. This tool shall provide CBT type remote education such as scenario based infringement incident response training, hacking defense practice, and vulnerability measure practice. The tool works in Linux, Window operating system environments, and uses Korean e-government framework and secure coding to construct a situation similar to the actual information system. In the near future, Internet and devices connected to the Internet will be greatly enlarged, and cyber security threats will be diverse and widespread. It is expected that various kinds of hacking will be attempted in an advanced types using artificial intelligence technology. Therefore, we are working on applying the artificial intelligence technology to the current infringement incident response tool to cope with these evolving threats.

Inference of unknown opinions with uncertain, adversarial (e.g., incorrect or conflicting) evidence in large datasets is not a trivial task. Without proper handling, it can easily mislead decision making in data mining tasks. In this work, we propose a highly scalable opinion inference probabilistic model, namely Adversarial Collective Opinion Inference (Adv-COI), which provides a solution to infer unknown opinions with high scalability and robustness under the presence of uncertain, adversarial evidence by enhancing Collective Subjective Logic (CSL) which is developed by combining SL and Probabilistic Soft Logic (PSL). The key idea behind the Adv-COI is to learn a model of robust ways against uncertain, adversarial evidence which is formulated as a min-max problem. We validate the out-performance of the Adv-COI compared to baseline models and its competitive counterparts under possible adversarial attacks on the logic-rule based structured data and white and black box adversarial attacks under both clean and perturbed semi-synthetic and real-world datasets in three real world applications. The results show that the Adv-COI generates the lowest mean absolute error in the expected truth probability while producing the lowest running time among all.

In the vertical multi-level public network, the ciphertext video needs to support the distribution of key in the whole network when it is shared across different security domains horizontally. However, the traditional key management mode faces great pressure on the security classification and encryption efficiency, and especially, it cannot fully ensure the security of content and key when sharing across-domains. Based on the above analysis, this paper proposes a cross domain video security sharing solution based on white box encryption theory to improve the security of video data sharing. In this solution, the white box encryption technology is adopted to establish the data sharing background trust mechanism based on the key management center, and we study the white box key protection technology of the video terminal to support the mass level key distribution in the network and the online security generation and replacement of the white box password module, so that the safe and fast cross domain exchange and sharing of video data are realized.

Modern Browsers have become sophisticated applications, providing a portal to the web. Browsers host a complex mix of interpreters such as HTML and JavaScript, allowing not only useful functionality but also malicious activities, known as browser-hijacking. These attacks can be particularly difficult to detect, as they usually operate within the scope of normal browser behaviour. CryptoJacking is a form of browser-hijacking that has emerged as a result of the increased popularity and profitability of cryptocurrencies, and the introduction of new cryptocurrencies that promote CPU-based mining. This paper proposes MANiC (Multi-step AssessmeNt for Crypto-miners), a system to detect CryptoJacking websites. It uses regular expressions that are compiled in accordance with the API structure of different miner families. This allows the detection of crypto-mining scripts and the extraction of parameters that could be used to detect suspicious behaviour associated with CryptoJacking. When MANiC was used to analyse the Alexa top 1m websites, it detected 887 malicious URLs containing miners from 11 different families and demonstrated favourable results when compared to related CryptoJacking research. We demonstrate that MANiC can be used to provide insights into this new threat, to identify new potential features of interest and to establish a ground-truth dataset, assisting future research.

The difficult of detecting, response, tracing the malicious behavior in cloud has brought great challenges to the law enforcement in combating cybercrimes. This paper presents a malicious behavior oriented framework of detection, emergency response, traceability, and digital forensics in cloud environment. A cloud-based malicious behavior detection mechanism based on SDN is constructed, which implements full-traffic flow detection technology and malicious virtual machine detection based on memory analysis. The emergency response and traceability module can clarify the types of the malicious behavior and the impacts of the events, and locate the source of the event. The key nodes and paths of the infection topology or propagation path of the malicious behavior will be located security measure will be dispatched timely. The proposed IaaS service based forensics module realized the virtualization facility memory evidence extraction and analysis techniques, which can solve volatile data loss problems that often happened in traditional forensic methods.

Recently, data protection has become increasingly important in cloud environments. The cloud platform has global user information, rich storage resource allocation information, and a fuller understanding of data attributes. At the same time, there is an urgent need for data access control to provide data security, and software-defined network, as a ready-made facility, has a global network view, global network management capabilities, and programable network rules. In this paper, we present an approach, named High-Performance Software-Defined Data Access Network (HP-SDDAN), providing software-defined data access network architecture, global data attribute management and attribute-based data access network. HP-SDDAN combines the excellent features of cloud platform and software-defined network, and fully considers the performance to implement software-defined data access network. In evaluation, we verify the effectiveness and efficiency of HP-SDDAN implementation, with only 1.46% overhead to achieve attribute-based data access control of attribute-based differential privacy.

The Internet of Things (IoT) and mobile systems nowadays are required to perform more intensive computation, such as facial detection, image recognition and even remote gaming, etc. Due to the limited computation performance and power budget, it is sometimes impossible to perform these workloads locally. As high-performance GPUs become more common in the cloud, offloading the computation to the cloud becomes a possible choice. However, due to the fact that offloaded workloads from different devices (belonging to different users) are being computed in the same cloud, security concerns arise. Side channel attacks on GPU systems have been widely studied, where the threat model is the attacker and the victim are running on the same operating system. Recently, major GPU vendors have provided hardware and library support to virtualize GPUs for better isolation among users. This work studies the side channel attacks from one virtual machine to another where both share the same physical GPU. We show that it is possible to infer other user's activities in this setup and can further steal others deep learning model.

TEE(Trusted Execution Environment) has became one of the most popular security features for mobile platforms. Current TEE solutions usually implement secure functions in Trusted applications (TA) running over a trusted OS in the secure world. Host App may access these secure functions through the TEE driver. Unfortunately, such architecture is not very secure. A trusted OS has to be loaded in secure world to support TA running. Thus, the code size in secure world became large. As more and more TA is installed, the secure code size will be further larger and larger. Lots of real attack case have been reported [1]. In this paper, we present a novel TEE constructing method named ALTEE. Different from existing TEE solutions, ALTEE includes secure code in host app, and constructs a trustworthy execution environment for it dynamically whenever the code needs to be run.

This paper describes the goals of the ATMOSPHERE project, which is a multi-institutional research and development (R&D) effort aiming at designing and implementing a framework and platform to develop, build, deploy, measure and evolve trustworthy, cloud-enabled applications. The proposed system addresses the federation of geographically distributed cloud computing providers that rely on lightweight virtualization, and provide access to heterogeneous sets of resources. In addition, the system also considers both classic trustworthiness properties from the systems community, such as dependability and security, and from the machine learning community, such as fairness and transparency. We present the architecture that has been proposed to address these challenges and discuss some preliminary results.

In recent years, the number of smart mobile devices has rapidly increased worldwide. This explosion of continuously connected mobile devices has resulted in an exponential growth in the number of publically available mobile Apps. To facilitate the selection of mobile Apps, from various available choices, the App distribution platforms typically rank/recommend Apps based on average star ratings, the number of downloads, and associated reviews - the external aspect of an App. However, these ranking schemes typically tend to ignore critical internal aspects (e.g., security vulnerabilities) of the Apps. Such an omission of internal aspects is certainly not desirable, especially when many of the users do not possess the necessary skills to evaluate the internal aspects and choose an App based on the default ranking scheme which uses the external aspect. In this paper, we build upon our earlier efforts by focusing specifically on the security-related internal aspect of an App and its combination with the external aspect computed from the user reviews by identifying security-related comments.We use this combination to rank-order similar Apps. We evaluate our approach on publicly available Apps from the Google PlayStore and compare our ranking with prevalent ranking techniques such as the average star ratings. The experimental results indicate the effectiveness of our proposed approach.

The uptake of virtualization and cloud technologies has pushed novel development and operation models for the software, bringing more agility and automation. Unfortunately, cyber-security paradigms have not evolved at the same pace and are not yet able to effectively tackle the progressive disappearing of a sharp security perimeter. In this paper, we describe a novel cyber-security architecture for cloud-based distributed applications and network services. We propose a security orchestrator that controls pervasive, lightweight, and programmable security hooks embedded in the virtual functions that compose the cloud application, pursuing better visibility and more automation in this domain. Our approach improves existing management practice for service orchestration, by decoupling the management of the business logic from that of security. We also describe the current implementation stage for a programmable monitoring, inspection, and enforcement framework, which represents the ground technology for the realization of the whole architecture.

Phishing is the major problem of the internet era. In this era of internet the security of our data in web is gaining an increasing importance. Phishing is one of the most harmful ways to unknowingly access the credential information like username, password or account number from the users. Users are not aware of this type of attack and later they will also become a part of the phishing attacks. It may be the losses of financial found, personal information, reputation of brand name or trust of brand. So the detection of phishing site is necessary. In this paper we design a framework of phishing detection using URL.