Biblio

Emerging technologies change the qualities of modern healthcare by employing smart systems for patient monitoring. To well use the data surrounding the patient, tiny sensing devices and smart gateways are involved. These sensing systems have been used to collect and analyze the real-time data remotely in Internet of Medical Thinks (IoM). Since the patient sensed information is so sensitive, the security and privacy of medical data are becoming challenging problem in IoM. It is then important to ensure the security, privacy and integrity of the transmitted data by designing a secure and a lightweight authentication protocol for the IoM. In this paper, in order to improve the authentication and communications in health care applications, we present a novel secure and anonymous authentication scheme. We will use elliptic curve cryptography (ECC) with random numbers generated by fuzzy logic. We simulate IoM scheme using network simulator 3 (NS3) and we employ optimized link state routing protocol (OLSR) algorithm and ECC at each node of the network. We apply some attack algorithms such as Pollard’s ρ and Baby-step Giant-step to evaluate the vulnerability of the proposed scheme.

Business's strength arises from the strength of its supply chain. Therefore, a proper supply chain management is vital for business continuity. One of the most challenging parts of SCM is the contract negotiation, and one main aspect of the negotiation is to know the risk associated with each range of quantity agreed on. Currently Managers assess the quantity to be supplied based on a binary way of either full or 0 supply, This paper aims to assess the corresponding quantities risks of the suppliers on a multilayer basis. The proposed approach uses fuzzy logic as an artificial intelligence tool that would develop the verbal terms of managers into numbers to be dealt with. A company that produces fresh frozen vegetables and fruits in Egypt who faces the problem of getting the required quantities from the suppliers with a fulfilment rate of 33% was chosen to apply the proposed model. The model allowed the managers to have full view of risk in their supply chain effectively and decide their needed capacity as well as the negotiation terms with both suppliers and customers. Future work should be the use of more data in the fuzzy database and implement the proposed methodology in an another industry.

In the recent years, sustainability has becoming an important topic in agro-food supply chain. Moreover, these supply chains are more vulnerable due to different interrelated risks from man-made and natural disasters. However, most of the previous studies consider less about interrelation in assessing sustainability risks. The purpose of this research is to develop a framework to assess supply chain sustainability risks by rnking environmental risks, economic risks, social risks and operational risks. To solve this problem, the proposed methodology is an integrated rough decision- making and trial evaluation laboratory (DEMA℡) method that consider the interrelationship between different risks and the group preference diversity. In order to evaluate the applicability of the proposed method, a real-world case study of Tunisian agro-food company is presented. The results show that the most important risks are corruption, inflation and uncertainty in supply and demand.

The ongoing trend of moving data and computation to the cloud is met with concerns regarding privacy and protection of intellectual property. Cloud Service Providers (CSP) must be fully trusted to not tamper with or disclose processed data, hampering adoption of cloud services for many sensitive or critical applications. As a result, CSPs and CPU manufacturers are rushing to find solutions for secure and trustworthy outsourced computation in the Cloud. While enclaves, like Intel SGX, are strongly limited in terms of throughput and size, AMD’s Secure Encrypted Virtualization (SEV) offers hardware support for transparently protecting code and data of entire VMs, thus removing the performance, memory and software adaption barriers of enclaves. Through attestation of boot code integrity and means for securely transferring secrets into an encrypted VM, CSPs are effectively removed from the list of trusted entities. There have been several attacks on the security of SEV, by abusing I/O channels to encrypt and decrypt data, or by moving encrypted code blocks at runtime. Yet, none of these attacks have targeted the attestation protocol, the core of the secure computing environment created by SEV. We show that the current attestation mechanism of Zen 1 and Zen 2 architectures has a significant flaw, allowing us to manipulate the loaded code without affecting the attestation outcome. An attacker may abuse this weakness to inject arbitrary code at startup–and thus take control over the entire VM execution, without any indication to the VM’s owner. Our attack primitives allow the attacker to do extensive modifications to the bootloader and the operating system, like injecting spy code or extracting secret data. We present a full end-to-end attack, from the initial exploit to leaking the key of the encrypted disk image during boot, giving the attacker unthrottled access to all of the VM’s persistent data.

A text is a meaningful source of information. Capturing the right patterns in written text gives metrics to measure and infer to what extent this text belongs or is relevant to a specific author. This research aims to introduce a new feature that goes more in deep in the language structure. The feature introduced is based on an attempt to differentiate stylistic changes among authors according to the different sentence structure each author uses. The study showed the effect of introducing this new feature to machine learning models to enhance their performance. It was found that the prediction of authors was enhanced by adding sentence structure as an additional feature as the f1\_scores increased by 0.3% and when normalizing the data and adding the feature it increased by 5%.

We consider a graph property known as r-robustness of the random K-out graphs. Random K-out graphs, denoted as \$\textbackslashtextbackslashmathbbH(n;K)\$, are constructed as follows. Each of the n nodes select K distinct nodes uniformly at random, and then an edge is formed between these nodes. The orientation of the edges is ignored, resulting in an undirected graph. Random K-out graphs have been used in many applications including random (pairwise) key predistribution in wireless sensor networks, anonymous message routing in crypto-currency networks, and differentially-private federated averaging. r-robustness is an important metric in many applications where robustness of networks to disruptions is of practical interest, and r-robustness is especially useful in analyzing consensus dynamics. It was previously shown that consensus can be reached in an r-robust network for sufficiently large r even in the presence of some adversarial nodes. r-robustness is also useful for resilience against adversarial attacks or node failures since it is a stronger property than r-connectivity and thus can provide guarantees on the connectivity of the graph when up to r – 1 nodes in the graph are removed. In this paper, we provide a set of conditions for Kn and n that ensure, with high probability (whp), the r-robustness of the random K-out graph.

The secure functioning of automotive systems is vital to the safety of their passengers and other roadway users. One of the critical functions for safety is the controller area network (CAN), which interconnects the safety-critical electronic control units (ECUs) in the majority of ground vehicles. Unfortunately CAN is known to be vulnerable to several attacks. One such attack is the bus-off attack, which can be used to cause a victim ECU to disconnect itself from the CAN bus and, subsequently, for an attacker to masquerade as that ECU. A limitation of the bus-off attack is that it requires the attacker to achieve tight synchronization between the transmission of the victim and the attacker's injected message. In this paper, we introduce a schedule-based attack framework for the CAN bus-off attack that uses the real-time schedule of the CAN bus to predict more attack opportunities than previously known. We describe a ranking method for an attacker to select and optimize its attack injections with respect to criteria such as attack success rate, bus perturbation, or attack latency. The results show that vulnerabilities of the CAN bus can be enhanced by schedule-based attacks.

Android Operating System becomes a major target for malicious attacks. Static analysis approach is widely used to detect malicious applications. Most of existing studies on static analysis frameworks are limited to certain features. This paper presents an Android Static Analysis Framework (ASAF) which models the overall static analysis phases and approaches for Android applications. ASAF can be implemented for different purposes including Android malicious apps detection. The proposed framework utilizes a parsing tool, Android Static Parse (ASParse) which is also introduced in this paper. Through the extendibility of the ASParse tool, future research studies can easily extend the parsed features and the parsed files to perform parsing based on their specific requirements and goals. Moreover, a case study is conducted to illustrate the implementation of the proposed ASAF.

Due to the advantages and limitations of the two kinds of vulnerability mining methods of static and dynamic analysis of android applications, the paper proposes a method of Android application vulnerability mining based on dynamic and static combination. Firstly, the static analysis method is used to obtain the basic vulnerability analysis results of the application, and then the input test case of dynamic analysis is constructed on this basis. The fuzzy input test is carried out in the real machine environment, and the application security vulnerability is verified with the taint analysis technology, and finally the application vulnerability report is obtained. Experimental results show that compared with static analysis results, the method can significantly improve the accuracy of vulnerability mining.

One of the major issues which are hindering widespread and seamless adoption of Internet of Thing (IoT) is security. The IoT devices are vulnerable and susceptible to attacks which became evident from a series of recent large-scale distributed denial-of-service (DDoS) attacks, leading to substantial business and financial losses. Furthermore, in order to find vulnerabilities in IoT, there is a lack of comprehensive security analysis framework. In this paper, we present a modular, adaptable and tunable framework, called PIT, to probe IoT systems at different layers of design and implementation. PIT consists of several security analysis engines, viz., penetration testing, fuzzing, static analysis, and dynamic analysis and an exploitation engine to discover multiple IoT vulnerabilities, respectively. We also develop a novel grey-box fuzzer, called Applica, as a part of the fuzzing engine to overcome the limitations of the present day fuzzers. The proposed framework has been evaluated on a real-world IoT testbed comprising of the state-of-the-art devices. We discovered several network and system-level vulnerabilities such as Buffer Overflow, Denial-of-Service, SQL Injection, etc., and successfully exploited them to demonstrate the presence of security loopholes in the IoT devices.

Current permissionless cryptocurrencies such as Bitcoin suffer from a limited transaction rate and slow confirmation time, which hinders further adoption. Payment channels are one of the most promising solutions to address these problems, as they allow the parties of the channel to perform arbitrarily many payments in a peer-to-peer fashion while uploading only two transactions on the blockchain. This concept has been generalized into payment channel networks where a path of payment channels is used to settle the payment between two users that might not share a direct channel between them. However, this approach requires the active involvement of each user in the path, making the system less reliable (they might be offline), more expensive (they charge fees per payment), and slower (intermediaries need to be actively involved in the payment). To mitigate this issue, recent work has introduced the concept of virtual channels (IEEE S&P’19), which involve intermediaries only in the initial creation of a bridge between payer and payee, who can later on independently perform arbitrarily many off-chain transactions. Unfortunately, existing constructions are only available for Ethereum, as they rely on its account model and Turing-complete scripting language. The realization of virtual channels in other blockchain technologies with limited scripting capabilities, like Bitcoin, was so far considered an open challenge.In this work, we present the first virtual channel protocols that are built on the UTXO-model and require a scripting language supporting only a digital signature scheme and a timelock functionality, being thus backward compatible with virtually every cryptocurrency, including Bitcoin. We formalize the security properties of virtual channels as an ideal functionality in the Universal Composability framework and prove that our protocol constitutes a secure realization thereof. We have prototyped and evaluated our protocol on the Bitcoin blockchain, demonstrating its efficiency: for n sequential payments, they require an off-chain exchange of 9+2n transactions or a total of 3524+695n bytes, with no on-chain footprint in the optimistic case. This is a substantial improvement compared to routing payments in a payment channel network, which requires 8n transactions with a total of 3026n bytes to be exchanged.

Capability machines such as CHERI provide memory capabilities that can be used by compilers to provide security benefits for compiled code (e.g., memory safety). The existing C to CHERI compiler, for example, achieves memory safety by following a principle called “pointers as capabilities” (PAC). Informally, PAC says that a compiler should represent a source language pointer as a machine code capability. But the security properties of PAC compilers are not yet well understood. We show that memory safety is only one aspect, and that PAC compilers can provide significant additional security guarantees for partial programs: the compiler can provide security guarantees for a compilation unit, even if that compilation unit is later linked to attacker-provided machine code.As such, this paper is the first to study the security of PAC compilers for partial programs formally. We prove for a model of such a compiler that it is fully abstract. The proof uses a novel proof technique (dubbed TrICL, read trickle), which should be of broad interest because it reuses the whole-program compiler correctness relation for full abstraction, thus saving work. We also implement our scheme for C on CHERI, show that we can compile legacy C code with minimal changes, and show that the performance overhead of compiled code is roughly proportional to the number of cross-compilation-unit function calls.

Compressive Covariance Sampling (CCS) is a strategy used to recover the covariance matrix (CM) directly from compressive measurements. Several works have proven the advantages of CSS in Compressive Spectral Imaging (CSI) but most of these algorithms require multiple random projections of the scene to obtain good reconstructions. However, several low-resolution copies of the scene can be captured in a single snapshot through a lenslet array. For this reason, this paper proposes a sensing protocol and a single snapshot CCS optical architecture using a lenslet array based on the Dual Dispersive Aperture Spectral Imager(DD-CASSI) that allows the recovery of the covariance matrix with a single snapshot. In this architecture uses the lenslet array allows to obtain different projections of the image in a shot due to the special coded aperture. In order to validate the proposed approach, simulations evaluated the quality of the recovered CM and the performance recovering the spectral signatures against traditional methods. Results show that the image reconstructions using CM have PSNR values about 30 dB, and reconstructed spectrum has a spectral angle mapper (SAM) error less than 15° compared to the original spectral signatures.

The digitalization of safety-critical railroad infrastructure enables new types of attacks. This increases the need to integrate Information Technology (IT) security measures into railroad systems. For that purpose, we rely on a security architecture for a railway object controller which controls field elements that we developed in previous work. Our architecture enables the integration of security mechanisms into a safety-certified railway system. In this paper, we demonstrate the practical feasibility of our architecture by using a Trusted Platform Module (TPM) 2.0 and a Multiple Independent Levels of Safety and Security (MILS) Separation Kernel (SK) for our implementation. Our evaluation includes a test bed and shows how certification and homologation can be achieved.

Recently, Mobile Edge Cloud computing (MEC) has attracted attention both from academia and industry. The idea of moving a part of cloud resources closer to users and data sources can bring many advantages in terms of speed, data traffic, security and context-aware services. The MEC infrastructure does not only host and serves applications next to the end-users, but services can be dynamically migrated and reallocated as mobile users move in order to guarantee latency and performance constraints. This specific requirement calls for the involvement and collaboration of multiple MEC providers, which raises a major issue related to trustworthiness. Two main challenges need to be addressed: i) trustworthiness needs to be handled in a manner that does not affect latency or performance, ii) trustworthiness is considered in different dimensions - not only security metrics but also performance and quality metrics in general. In this paper, we propose a trust layer for public MEC infrastructure that handles establishing and updating trust relations among all MEC entities, making the interaction withing a MEC network transparent. First, we define trust attributes affecting the trusted quality of the entire infrastructure and then a methodology with a computation model that combines these trust attribute values. Our experiments showed that the trust model allows us to reduce latency by removing the burden from a single MEC node, while at the same time increase the network trustworthiness.

This position paper presents and illustrates the concept of security requirements as code – a novel approach to security requirements specification. The aspiration to minimize code duplication and maximize its reuse has always been driving the evolution of software development approaches. Object-Oriented programming (OOP) takes these approaches to the state in which the resulting code conceptually maps to the problem that the code is supposed to solve. People nowadays start learning to program in the primary school. On the other hand, requirements engineers still heavily rely on natural language based techniques to specify requirements. The key idea of this paper is: artifacts produced by the requirements process should be treated as input to the regular object-oriented analysis. Therefore, the contribution of this paper is the presentation of the major concepts for the security requirements as the code method that is illustrated with a real industry example from the VeriDevOps project.

There has been a significant rise in ransomware attacks over the last few years. Cyber attackers have made use of tried and true ransomware viruses to target the government, health care, and educational institutions. Ransomware variants can be purchased on the dark web by amateurs giving them the same attack tools used by professional cyber attackers without experience or skill. Traditional antivirus and antimalware products have improved, but they alone fall short when it comes to catching and stopping ransomware attacks. Employee training has become one of the most important aspects of being prepared for attempted cyberattacks. However, training alone only goes so far; human error is still the main entry point for malware and ransomware infections. In this paper, we propose a multi-layered defense approach to safeguard against ransomware. We have come to the startling realization that it is not a matter of “if” your organization will be hit with ransomware, but “when” your organization will be hit with ransomware. If an organization is not adequately prepared for an attack or how to respond to an attack, the effects can be costly and devastating. Our approach proposes having innovative antimalware software on the local machines, properly configured firewalls, active DNS/Web filtering, email security, backups, and staff training. With the implementation of this layered defense, the attempt can be caught and stopped at multiple points in the event of an attempted ransomware attack. If the attack were successful, the layered defense provides the option for recovery of affected data without paying a ransom.

This research presented a digital watermarking scheme using multi-level authentication for protecting QR code images in order to provide security and authenticity. This research focuses on the improved digital watermarking scheme for QR code security that can protect the confidentiality of the information stored in QR code images from the public. Information modification, malicious attack, and copyright violation may occur due to weak security and disclosure pattern of QR code. Digital watermarking can be a solution to reduce QR code imitation and increase QR code security and authenticity. The objectives of this research are to provide QR code image authentication and security, tamper localization, and recovery scheme on QR code images. This research proposed digital watermarking for QR code images based on multi-level authentication with Least Significant Bit (LSB) and SHA-256 hash function. The embedding and extracting watermark utilized region of Interest (ROI) and Region of Non-Interest (RONI) in the spatial domain for improving the depth and width of QR code application in the anti-counterfeiting field. The experiments tested the reversibility and robustness of the proposed scheme after a tempered watermarked QR code image. The experimental results show that the proposed scheme provides multi-level security, withstands tampered attacks and it provided high imperceptibility of QR code image.

Modern smart grid systems are heavily dependent on Information and Communication Technology, and this dependency makes them prone to cyber-attacks. The occurrence of a cyber-attack has increased in recent years resulting in substantial damage to power systems. For a reliable and stable operation, cyber protection, control, and detection techniques are becoming essential. Automated detection of cyberattacks with high accuracy is a challenge. To address this, we propose a two-layer hierarchical machine learning model having an accuracy of 95.44 % to improve the detection of cyberattacks. The first layer of the model is used to distinguish between the two modes of operation - normal state or cyberattack. The second layer is used to classify the state into different types of cyberattacks. The layered approach provides an opportunity for the model to focus its training on the targeted task of the layer, resulting in improvement in model accuracy. To validate the effectiveness of the proposed model, we compared its performance against other recent cyber attack detection models proposed in the literature.

In this study, it is aimed to reduce False-Alarm levels and increase the correct detection rate in order to reduce this uncertainty. Within the scope of the study, 13157 SQLi and XSS type malicious and 10000 normal HTTP Requests were used. All HTTP requests were received from the same web server, and it was observed that normal requests and malicious requests were close to each other. In this study, a novel approach is presented via both digitization and expressing the data with words in the data preprocessing stages. LSTM, MLP, CNN, GNB, SVM, KNN, DT, RF algorithms were used for classification and the results were evaluated with accuracy, precision, recall and F1-score metrics. As a contribution of this study, we can clearly express the following inferences. Each payload even if it seems different which has the same impact maybe that we can clearly view after the preprocessing phase. After preprocessing we are calculating euclidean distances which brings and gives us the relativity between expressions. When we put this relativity as an entry data to machine learning and/or deep learning models, perhaps we can understand the benign request or the attack vector difference.

The popularity of cryptocurrencies has garnered interest from cybercriminals, spurring an onslaught of cryptojacking campaigns that aim to hijack computational resources for the purpose of mining cryptocurrencies. In this paper, we present a cross-stack cryptojacking defense system that spans the hardware and OS layers. Unlike prior work that is confined to detecting cryptojacking behavior within web browsers, our solution is application agnostic. We show that tracking instructions that are frequently used in cryptographic hash functions serve as reliable signatures for fingerprinting cryptojacking activity. We demonstrate that our solution is resilient to multi-threaded and throttling evasion techniques that are commonly employed by cryptojacking malware. We characterize the robustness of our solution by extensively testing a diverse set of workloads that include real consumer applications. Finally, an evaluation of our proof-of-concept implementation shows minimal performance impact while running a mix of benchmark applications.

Automated analysis of facial expressions is one of the most interesting and challenging problems in many areas such as human-computer interaction. Facial images are affected by many factors, such as intensity, pose and facial expressions. These factors make facial expression recognition problem a challenge. The aim of this paper is to propose a new method based on the pyramid local binary pattern (PLBP) and the pyramid local phase quantization (PLPQ), which are the extension of the local binary pattern (LBP) and the local phase quantization (LPQ) as two methods for extracting texture features. LBP operator is used to extract LBP feature in the spatial domain and LPQ operator is used to extract LPQ feature in the frequency domain. The combination of features in spatial and frequency domains can provide important information in both domains. In this paper, PLBP and PLPQ operators are separately used to extract features. Then, these features are combined to create a new feature vector. The advantage of pyramid transform domain is that it can recognize facial expressions efficiently and with high accuracy even for very low-resolution facial images. The proposed method is verified on the CK+ facial expression database. The proposed method achieves the recognition rate of 99.85% on CK+ database.

Physical-layer security is a new paradigm that offers data protection against eavesdropping in wireless 5G networks. In this context, the Gaussian channel is a typical model that captures the practical aspects of confidentially transmitting a message through the wireless medium. In this paper, we consider the peculiar case of transmitting a message through a wireless, state-dependent channel which is prone to eavesdropping, where the state knowledge is non-causally known and shared between the sender and the eavesdropper. We show that a novel structured coding scheme, which combines random coding arguments and the dirty-paper coding technique, achieves the fundamental limit of secure and reliable communication for the considered model.

In this paper, two methods are introduced for securing voice communication. The first technique applies multilevel chaos-based block cipher and the second technique applies non-autonomous chaotic modulation. In the first approach, the encryption method is implemented by joining Arnold cat map with the Lorenz system. This method depends on permuting and substituting voice samples. Applying two levels of a chaotic system, enhances the security of the encrypted signal. the permutation process of the voice samples is implemented by applying Arnold cat map, then use Lorenz chaotic flow to create masking key and consequently substitute the permuted samples. In the second method, an encryption method based on non-autonomous modulation is implemented, in the master system, and the voice injection process is applied into one variable of the Lorenz chaotic flow without modifying the state of controls parameter. Non-autonomous modulation is proved to be more suitable than other techniques for securing real-time applications; it also masters the problems of chaotic parameter modulation and chaotic masking. A comparative study of these methods is presented.

Random number generators (RNGs) has an extensive application area from cryptography to simulation software. Piecewise linear one-dimensional (PL1D) maps are commonly preferred structures used as the basis of RNGs due to their theoretically proven chaotic behavior and ease of implementation. In this work, a skew-tent map based RNG is designed by using the chaotic sampling method in TSMC 180 nm CMOS process. Simulation data of the designed RNG is validated by the statistical randomness tests of the FIPS-140-2 and NIST 800-22 suites. The proposed RNG has three key features: the generated bitstreams can fulfill the randomness tests without using any post processing methods; the proposed RNG has immunity against external interference thanks to the chaotic sampling method; and higher bitrates (4.8 Mbit/s) can be achieved with relatively low power consumption (9.8 mW). Thus, robust RNG systems can be built for high-speed security applications with low power by using the proposed architecture.