Biblio

An effective response against information security violations in the technical systems remains relevant challenge nowadays, when their number, complexity, and the level of possible losses are growing. The violation can be caused by the set of the intruder's consistent actions. In the area of countermeasure selection for a proactive and reactive response against security violations, there are a large number of techniques. The techniques based on graph models seem to be promising. These models allow representing the set of actions caused the violation. Their advantages include the ability to forecast violations for timely decision-making on the countermeasures, as well as the ability to analyze and consider the coverage of countermeasures in terms of steps caused the violation. The paper proposes and describes a decision support method for responding against information security violations in the technical systems based on the graph models, as well as the developed models, including the countermeasure model and the graph representing the set of actions caused the information security violation.

Magnetized Liner Inertial Fusion (MagLIF) is a magneto-inertial fusion concept that relies on fuel magnetization, laser preheat, and a magnetically driven implosion to produce fusion conditions. In MagLIF, the target is a roughly 10 mm long, 5 mm diameter, 0.5 mm thick, cylindrical beryllium shell containing 1 mg/cm 3 D 2 gas. An axial magnetic field on the order of 10 T is applied to the target, and several kJ of laser energy is deposited into the fuel. Up to 20 MA of current is driven axially through the beryllium target, causing it to implode over approximately 100 ns. The implosion produces a 100-μm diameter, 8-mm tall fuel column with a burn-averaged ion temperature of several keV, that generates 10 11 -10 13 DD neutrons.

The load margin due to voltage instability and small-signal instability can be a valuable measure for the operator of the power system to ensure a continuous and safe supply of electricity. However, if this load margin was calculated without considering system operating requirements, then this margin may not be adequate. This article proposes an algorithm capable of providing the power system load margin considering the requirements of voltage stability, small-signal stability, and operational requirements, as limits of reactive power generation of synchronous generators in dynamic security assessment. Case studies were conducted in the 107-bus reduced order Brazilian system considering a list of contingencies and directions of load growth.

Continuous Integration (CI) and Continuous Delivery (CD) have become a well-known practice in DevOps to ensure fast delivery of new features. This is achieved by automatically testing and releasing new software versions, e.g. multiple times per day. However, classical security management techniques cannot keep up with this quick Software Development Life Cycle (SDLC). Nonetheless, guaranteeing high security quality of software systems has become increasingly important. The new trend of DevSecOps aims to integrate security techniques into existing DevOps practices. Especially, the automation of security testing is an important area of research in this trend. Although plenty of literature discusses security testing and CI/CD practices, only a few deal with both topics together. Additionally, most of the existing works cover only static code analysis and neglect dynamic testing methods. In this paper, we present an approach to integrate three automated dynamic testing techniques into a CI/CD pipeline and provide an empirical analysis of the introduced overhead. We then go on to identify unique research/technology challenges the DevSecOps communities will face and propose preliminary solutions to these challenges. Our findings will enable informed decisions when employing DevSecOps practices in agile enterprise applications engineering processes and enterprise security.

Dynamic security assessment (DSA) is to ensure the power system being operated under a secure condition that can withstand potential contingencies. DSA normally proceeds periodically on a 5 to 15 minutes basis, where the system security condition over a complete time interval is merely determined upon the system snapshot captured at the beginning of the interval. With high wind power penetration, the minute-to-minute variations of wind power can lead to more volatile power system states within a single DSA time interval. This paper investigates the intra-interval variation (IIV) phenomenon in power system online DSA and analyze whether the IIV problem is deserved attention in future DSA research and applications. An IIV-contaminated testing environment based on hierarchical Monte-Carlo simulation is developed to evaluate the practical IIV impacts on power system security and DSA performance. The testing results show increase in system insecurity risk and significant degradation in DSA accuracy in presence of IIV. This result draws attention to the IIV phenomenon in DSA of wind-energy power systems and calls for more robust DSA approach to mitigate the IIV impacts.

Incast traffic is a many-to-one communication pattern used in many applications, including distributed storage, web-search with partition/aggregation design pattern, and MapReduce, commonly in data centers. It is generally composed of short-lived flows that may be queued behind large flows' packets in congested switches where performance degradation is observed. Smart buffering at the switch level is sensed to mitigate this issue by automatically and dynamically adapting to traffic conditions changes in the highly dynamic data center environment. But for this dynamic and smart buffer management to become effectively beneficial for all the traffic, and especially for incast the most critical one, incast performance models that provide insights on how various factors affect it are needed. The literature lacks these types of models. The existing ones are analytical models, which are either tightly coupled with a particular protocol version or specific to certain empirical data. Motivated by this observation, we propose a machine-learning-based incast performance inference. With this prediction capability, smart buffering scheme or other QoS optimization algorithms could anticipate and efficiently optimize system parameters adjustment to achieve optimal performance. Since applying machine learning to networks managed in a distributed fashion is hard, the prediction mechanism will be deployed on an SDN control plane. We could then take advantage of SDN's centralized global view, its telemetry capabilities, and its management flexibility.

The 2020 Corona pandemic has shown that on-line real-time multimedia communication is of vital importance when regular face-to-face meetings are not possible. One popular choice for conducting these meetings is the open standard WebRTC which is implemented in every major web browser. Even though this technology has found widespread use, there are still open issues with how different congestion control (CC) algorithms of Media- and DataChannels interact. In 2018 we have shown that the issue of self-inflicted queuing delay can be mitigated by introducing a CC coupling mechanism called FSE-NG. Originally, this solution was only capable of linking DataChannel flows controlled by TCP-style CCs and MediaChannels controlled by NADA CC. Standardization has progressed and along with NADA, IETF has also standardized the RTP CC SCReAM. This work extends the FSE-NG algorithm to also incorporate flows controlled by the latter algorithm. By means of simulation, we show that our approach is capable of drastically reducing end-to-end delays while also increasing RTP throughput and thus enabling WebRTC communication in scenarios where it has not been applicable before.

Conversational agents are the most popular AI technology in IT trends. Domain specific chatbots are now used by almost every industry in order to upgrade their customer service. The Proposed paper shows the modelling and performance of one such conversational agent created using deep learning. The proposed model utilizes NMT (Neural Machine Translation) from the TensorFlow software libraries. A BiRNN (Bidirectional Recurrent Neural Network) is used in order to process input sentences that contain large number of tokens (20-40 words). In order to understand the context of the input sentence attention model is used along with BiRNN. The conversational models usually have one drawback, that is, they sometimes provide irrelevant answer to the input. This happens quite often in conversational chatbots as the chatbot doesn't realize that it is answering without context. This drawback is solved in the proposed system using Deep Reinforcement Learning technique. Deep reinforcement Learning follows a reward system that enables the bot to differentiate between right and wrong answers. Deep Reinforcement Learning techniques allows the chatbot to understand the sentiment of the query and reply accordingly. The Deep Reinforcement Learning algorithms used in the proposed system is Q-Learning, Deep Q Neural Network (DQN) and Distributional Reinforcement Learning with Quantile Regression (QR-DQN). The performance of each algorithm is evaluated and compared in this paper in order to find the best DRL algorithm. The dataset used in the proposed system is Cornell Movie-dialogs corpus and CoQA (A Conversational Question Answering Challenge). CoQA is a large dataset that contains data collected from 8000+ conversations in the form of questions and answers. The main goal of the proposed work is to increase the relevancy of the chatbot responses and to increase the perplexity of the conversational chatbot.

Frequently emergency services are required nationally and globally, in Mexico during 2020 of the 16,22,879 calls made to 911, statistics reveal that 58.43% were about security, 16.57% assistance, 13.49% medical, 6.29% civil protection, among others. However, the constant traffic of cities generates delays in the time of arrival to medical, military or civil protection services, wasting time that can be critical in an emergency. The objective is to create a connection between the road infrastructure (traffic lights) and emergency vehicles to reduce waiting time as a vehicle on a mission passes through a traffic light with Controller Area Network CAN controller to modify the color and give way to the emergency vehicle that will send signals to the traffic light controller through a controller located in the car. For this, the Controller Area Network Flexible Data (CAN-FD) controllers will be used in traffic lights since it is capable of synchronizing data in the same bus or cable to avoid that two messages arrive at the same time, which could end in car accidents if they are not it respects a hierarchy and the CANblue ll controller that wirelessly connects devices (vehicle and traffic light) at a speed of 1 Mbit / s to avoid delays in data exchange taking into account the high speeds that a car can acquire. It is intended to use the CAN controller for the development of improvements in response times in high-speed data exchange in cities with high traffic flow. As a result of the use of CAN controllers, a better data flow and interconnection is obtained.

Modern cars are becoming more accessible targets for cyberattacks due to the proliferation of wireless communication channels. The intra-vehicle Controller Area Network (CAN) bus lacks authentication, which exposes critical components to interference from less secure, wirelessly compromised modules. To address this issue, we propose vProfile, a sender authentication system based on voltage fingerprints of Electronic Control Units (ECUs). vProfile exploits the physical properties of ECU output voltages on the CAN bus to determine the authenticity of bus messages, which enables the detection of both hijacked ECUs and external devices connected to the bus. We show the potential of vProfile using experiments on two production vehicles with precision and recall scores of over 99.99%. The improved identification rates and more straightforward design of vProfile make it an attractive improvement over existing methods.

Non-interference is a program property that ensures the absence of information leaks. In the context of programming languages, there exist two common approaches for establishing non-interference: type systems and program logics. Type systems provide strong automation (by means of type checking), but they are inherently restrictive in the kind of programs they support. Program logics support challenging programs, but they typically require significant human assistance, and cannot handle modules or higher-order programs.To connect these two approaches, we present SeLoC—a separation logic for non-interference, on top of which we build a type system using the technique of logical relations. By building a type system on top of separation logic, we can compositionally verify programs that consist of typed and untyped parts. The former parts are verified through type checking, while the latter parts are verified through manual proof.The core technical contribution of SeLoC is a relational form of weakest preconditions that can track information flow using separation logic resources. SeLoC is fully machine-checked, and built on top of the Iris framework for concurrent separation logic in Coq. The integration with Iris provides seamless support for fine-grained concurrency, which was beyond the reach of prior type systems and program logics for non-interference.

By taking advantages of graphs and potential functions, a security reinforcement method for edge computing terminals is proposed in this paper. A risk graph of the terminal security protection system is constructed, and importance of the security protection and risks of the terminals is evaluated according to the topological potential of the graph nodes, and the weak points of the terminal are located, and the corresponding reinforcement method is proposed. The simulation experiment results show that the proposed method can upgrade and strengthen the key security mechanism of the terminal, improve the performance of the terminal security protection system, and is beneficial to the security management of the edge computing system.

Cyber security is a topic of increasing relevance in relation to industrial networks. The higher intensity and intelligent use of data pushed by smart technology (Industry 4.0) together with an augmented integration between the operational technology (production) and the information technology (business) parts of the network have considerably raised the level of vulnerabilities. On the other hand, many industrial facilities still use serial networks as underlying communication system, and they are notoriously limited from a cyber security perspective since protection mechanisms available for ТСР/IР communication do not apply. Therefore, an attacker gaining access to a serial network can easily control the industrial components, potentially causing catastrophic incidents, jeopardizing assets and human lives. This study proposes a framework to act as an anomaly detection system (ADS) for industrial serial networks. It has three ingredients: an unsupervised К-means component to analyse message content, a knowledge-based Expert System component to analyse message metadata, and a voting process to generate alerts for security incidents, anomalous states, and faults. The framework was evaluated using the Proflbus-DP, a network simulator which implements a serial bus system. Results for the simulated traffic were promising: 99.90% for accuracy, 99,64% for precision, and 99.28% for F1-Score. They indicate feasibility of the framework applied to serial-based industrial networks.

Web server is an appealing target for attackers since it may be exploited to gain access to an organization’s internal network. After compromising a web server, the attacker can construct a webshell to maintain a long-term and stealthy access for further attacks. Among all webshell-based attacks, command injection is a powerful attack that can be launched to steal sensitive data from the web server or compromising other computers in the network. To monitor and analyze webshell-based command injection, we develop a hybrid webshell honeypot framework called HoneyBog, which intercepts and redirects malicious injected commands from the front-end honeypot to the high-fidelity back-end honeypot for execution. HoneyBog can achieve two advantages by using the client-server honeypot architecture. First, since the webshell-based injected commands are transferred from the compromised web server to a remote constrained execution environment, we can prevent the attacker from launching further attacks in the protected network. Second, it facilitates the centralized management of high-fidelity honeypots for remote honeypot service providers. Moreover, we increase the system fidelity of HoneyBog by synchronizing the website files between the front-end and back-end honeypots. We implement a prototype of HoneyBog using PHP and the Apache web server. Our experiments on 260 PHP webshells show that HoneyBog can effectively intercept and redirect injected commands with a low performance overhead.

Power system security assessment and enhancement in grids with high penetration of renewables is critical for pragmatic power system planning. Static Security Assessment (SSA) is a fast response tool to assess system stability margins following considerable contingencies assuming post fault system reaches a steady state. This paper presents a contingency ranking methodology using static security indices to rank credible contingencies considering severity. A Modified IEEE 9 bus system integrating renewables was used to test the approach. The static security indices used independently provides accurate results in identifying severe contingencies but further assessment is needed to provide an accurate picture of static security assessment in an increased time frame of the steady state. The indices driven for static security assessment could accurately capture and rank contingencies with renewable sources but due to intermittency of the renewable source various contingency ranking lists are generated. This implies that using indices in future grids without consideration on intermittent nature of renewables will make it difficult for the grid operator to identify severe contingencies and assist the power system operator to make operational decisions. This makes it necessary to integrate the behaviour of renewables in security indices for practical application in real time security assessment.

The Android application market will conduct various security analysis on each application to predict its potential harm before put it online. Since almost all the static analysis tools can only detect malicious behaviors in the Java layer, more and more malwares try to avoid static analysis by taking the malicious codes to the Native layer. To provide a solution for the above situation, there's a new research aspect proposed in this paper and defined as Inter-language Static Analysis. As all the involved technologies are introduced, the current research results of them will be captured in this paper, such as static analysis in Java layer, binary analysis in Native layer, Java-Native penetration technology, etc.

Static security assessment is of great significance to ensure the stable transmission of electric power and steady operation of load. The scale of power system trends to expand due to the development of interconnected grid, and the security analysis of the entire network has become time-consuming. On the basis of synthesizing the efficiency and accuracy, a new method is developed. This method adopts a novel dynamic power flow (DPF) model considering the influence of governor deadband and amplitude-limit on the steady state quantitatively. In order to reduce the computation cost, a contingency screening algorithm based on binary search method is proposed. Static security assessment based on the proposed DPF models is applied to calculate the security margin constrained by severe contingencies. The ones with lower margin are chosen for further time-domain (TD) simulation analysis. The case study of a practical grid verifies the accuracy of the proposed model compared with the conventional one considering no governor nonlinearity. Moreover, the test of a practical grid in China, along with the TD simulation, demonstrates that the proposed method avoids massive simulations of all contingencies as well as provides detail information of severe ones, which is effective for security analysis of practical power grids.

Static analysis tools are programs that run on source code prior to their compilation to binary executables and attempt to find flaws or defects in the code during the early stages of development. If left unresolved, these flaws could pose security risks. While numerous static analysis tools exist, there is no single tool that is optimal. Therefore, many static analysis tools are often used to analyze code. Further, some of the alerts generated by the static analysis tools are low-priority or false alarms. Machine learning algorithms have been developed to distinguish between true alerts and false alarms, however significant man hours need to be dedicated to labeling data sets for training. This study investigates the use of active learning to reduce the number of labeled alerts needed to adequately train a classifier. The numerical experiments demonstrate that a query by committee active learning algorithm can be utilized to significantly reduce the number of labeled alerts needed to achieve similar performance as a classifier trained on a data set of nearly 60,000 labeled alerts.

Current permissionless cryptocurrencies such as Bitcoin suffer from a limited transaction rate and slow confirmation time, which hinders further adoption. Payment channels are one of the most promising solutions to address these problems, as they allow the parties of the channel to perform arbitrarily many payments in a peer-to-peer fashion while uploading only two transactions on the blockchain. This concept has been generalized into payment channel networks where a path of payment channels is used to settle the payment between two users that might not share a direct channel between them. However, this approach requires the active involvement of each user in the path, making the system less reliable (they might be offline), more expensive (they charge fees per payment), and slower (intermediaries need to be actively involved in the payment). To mitigate this issue, recent work has introduced the concept of virtual channels (IEEE S&P’19), which involve intermediaries only in the initial creation of a bridge between payer and payee, who can later on independently perform arbitrarily many off-chain transactions. Unfortunately, existing constructions are only available for Ethereum, as they rely on its account model and Turing-complete scripting language. The realization of virtual channels in other blockchain technologies with limited scripting capabilities, like Bitcoin, was so far considered an open challenge.In this work, we present the first virtual channel protocols that are built on the UTXO-model and require a scripting language supporting only a digital signature scheme and a timelock functionality, being thus backward compatible with virtually every cryptocurrency, including Bitcoin. We formalize the security properties of virtual channels as an ideal functionality in the Universal Composability framework and prove that our protocol constitutes a secure realization thereof. We have prototyped and evaluated our protocol on the Bitcoin blockchain, demonstrating its efficiency: for n sequential payments, they require an off-chain exchange of 9+2n transactions or a total of 3524+695n bytes, with no on-chain footprint in the optimistic case. This is a substantial improvement compared to routing payments in a payment channel network, which requires 8n transactions with a total of 3026n bytes to be exchanged.

Transportation of people and goods is important and crucial in the context of smart cities. The trend in regard of people's mobility is moving from privately owned vehicles towards shared mobility. This trend is even stronger in urban areas, where space for parking is limited, and the mobility is supported by the public transport system, which lowers the need for private vehicles. Several challenges and barriers of currently available solutions retard a massive growth of this mobility option, such as the trust problem, data monopolism, or intermediary costs. Decentralizing mobility management is a promising approach to solve the current problems of the mobility market, allowing to move towards a more usable internet of mobility and smart transportation. Leveraging blockchain technology allows to cut intermediary costs, by utilizing smart contracts. Important in this ecosystem is the proof of identity of participants in the blockchain network. To proof the possession of the claimed identity, the private key corresponding to the wallet address is utilized, and therefore essential to protect. In this paper, a blockchain-based shared mobility platform is proposed and a proof-of-concept is shown. First, current problems and state-of-the-art systems are analyzed. Then, a decentralized concept is built based on ERC-721 tokens, implemented in a smart contract, and augmented with a Hardware Security Module (HSM) to protect the confidential key material. Finally, the system is evaluated and compared against state-of-the-art solutions.

Many embedded systems have evolved from simple bare-metal control systems to highly complex network-connected systems. These systems increasingly demand rich and feature-full operating-systems (OS) functionalities. Furthermore, the network connectedness offers attack vectors that require stronger security designs. To that end, this paper defines a prototypical RTOS API called Patina that provides services common in featurerich OSes (e.g., Linux) but absent in more trustworthy μ -kernel based systems. Examples of such services include communication channels, timers, event management, and synchronization. Two Patina implementations are presented, one on Composite and the other on seL4, each of which is designed based on the Principle of Least Privilege (PoLP) to increase system security. This paper describes how each of these μ -kernels affect the PoLP based design, as well as discusses security and performance tradeoffs in the two implementations. Results of comprehensive evaluations demonstrate that the performance of the PoLP based implementation of Patina offers comparable or superior performance to Linux, while offering heightened isolation.

Nowadays, the increasing complexity of digital applications for social and business activities has required more and more advanced mechanisms to prove the identity of subjects like those based on the Two-Factor Authentication (2FA). Such an approach improves the typical authentication paradigm but it has still some weaknesses. Specifically, it has to deal with the disadvantages of a centralized architecture causing several security threats like denial of service (DoS) and man-in-the-middle (MITM). In fact, an attacker who succeeds in violating the central authentication server could be able to impersonate an authorized user or block the whole service. This work advances the state of art of 2FA solutions by proposing a decentralized Microservices and Blockchain Based One Time Password (MBB-OTP) protocol for security-enhanced authentication able to mitigate the aforementioned threats and to fit different application scenarios. Experiments prove the goodness of our MBB-OTP protocol considering both private and public Blockchain configurations.

In order to improve the security and reliability of information system and reduce the risk of vulnerability intrusion and attack, an automatic patch installation method of operating systems based on deep learning is proposed, If the installation is successful, the basic information of the system will be returned to the visualization server. If the installation fails, it is recommended to upgrading manually and display it on the patch detection visualization server. Through the practical application of statistical analysis, the statistical results show that the proposed method is significantly better than the original and traditional installation methods, which can effectively avoid the problem of client repeated download, and greatly improve the success rate of patch automatic upgrades. It effectively saves the upgrade cost and ensures the security and reliability of the information system.

The Internet, originally an academic network for the rapid exchange of information, has moved over time into the commercial media, business and later industrial communications environment. Recently, it has been included as a part of cyberspace as a combat domain. Any device connected to the unprotected Internet is thus exposed to possible attacks by various groups and individuals pursuing various criminal, security and political objectives. Therefore, each such device must be set up to be as resistant as possible to these attacks. For the implementation of small home, academic or industrial systems, people very often use small computing system Raspberry PI, which is usually equipped with the operating system Raspbian Linux. Such a device is often connected to an unprotected Internet environment and if successfully attacked, can act as a gateway for an attacker to enter the internal network of an organization or home. This paper deals with security configuration of Raspbian Linux operating system for operation on public IP addresses in an unprotected Internet environment. The content of this paper is the conduction and analysis of an experiment in which five Raspbian Linux/Raspberry PI accounts were created with varying security levels; the easiest to attack is a simulation of the device of a user who has left the system without additional security. The accounts that follow gradually add further protection and security. These accounts are used to simulate a variety of experienced users, and in a practical experiment the effects of these security measures are evaluated; such as the number of successful / unsuccessful attacks; where the attacks are from; the type and intensity of the attacks; and the target of the attack. The results of this experiment lead to formulated conclusions containing an analysis of the attack and subsequent design recommendations and settings to secure such a device. The subsequent section of the paper discusses the implementation of a simple TCP server that is configured to listen to incoming traffic on preset ports; it simulates the behaviour of selected services on these ports. This server's task is to intercept unauthorized connection attempts to these ports and intercepting attempts to communicate or attack these services. These recorded attack attempts are analyzed in detail and formulated in the conclusion, including implications for the security settings of such a device. The overall result of this paper is the recommended set up of operating system Raspbian Linux to work on public IP addresses in an unfiltered Internet environment.

In this paper, we propose a scheme that supports statistic query and authorized access control on an Encrypted Electronic Medical Records Databases(EMDB). Different from other schemes, it is based on Differential-Privacy(DP), which can protect the privacy of patients. By deploying an improved Multi-Authority Attribute-Based Encryption(MA-ABE) scheme, all authorities can distribute their search capability to clients under different authorities without additional negotiations. To our best knowledge, there are few studies on statistical queries on encrypted data. In this work, we consider that support differentially-private statistical queries. To improve search efficiency, we leverage the Bloom Filter(BF) to judge whether the keywords queried by users exists. Finally, we use experiments to verify and evaluate the feasibility of our proposed scheme.