Biblio

The intelligent connected vehicle industry has entered a period of opportunity, industry data is accumulating rapidly, and the formulation of industry standards to regulate big data management and application is imminent. As the basis of data security, data classification has received unprecedented attention. By combing through the research and development status of data classification in various industries, this article combines industry characteristics and re-examines the framework of industry data classification from the aspects of information security and data assetization, and tries to find the balance point between data security and data value. The intelligent networked automobile industry provides support for big data applications, this article combines the characteristics of the connected vehicle industry, re-examines the data characteristics of the intelligent connected vehicle industry from the 2 aspects as information security and data assetization, and eventually proposes a scene-based hierarchical framework. The framework includes the complete classification process, model, and quantifiable parameters, which provides a solution and theoretical endorsement for the construction of a big data automatic classification system for the intelligent connected vehicle industry and safe data open applications.

Big data continues to grow in the manufacturing domain due to increasing interconnectivity on the shop floor in the course of the fourth industrial revolution. The optimization of machines based on either real-time or historical machine data provides benefits to both machine producers and operators. In order to be able to make use of these opportunities, it is necessary to access the machine data, which can include sensitive information such as intellectual property. Employing the use case of machine tools, this paper presents a solution enabling industrial data sharing and cloud collaboration while protecting sensitive information. It employs the edge computing paradigm to apply differential privacy to machine data in order to protect sensitive information and simultaneously allow machine producers to perform the necessary calculations and analyses using this data.

Deep Neural Networks (DNN) has gained great success in solving several challenging problems in recent years. It is well known that training a DNN model from scratch requires a lot of data and computational resources. However, using a pre-trained model directly or using it to initialize weights cost less time and often gets better results. Therefore, well pre-trained DNN models are valuable intellectual property that we should protect. In this work, we propose DeepTrace, a framework for model owners to secretly fingerprinting the target DNN model using a special trigger set and verifying from outputs. An embedded fingerprint can be extracted to uniquely identify the information of model owner and authorized users. Our framework benefits from both white-box and black-box verification, which makes it useful whether we know the model details or not. We evaluate the performance of DeepTrace on two different datasets, with different DNN architectures. Our experiment shows that, with the advantages of combining white-box and black-box verification, our framework has very little effect on model accuracy, and is robust against different model modifications. It also consumes very little computing resources when extracting fingerprint.

Traditional software intellectual property protection technology improves the complexity and anti-attack ability of the program, while it also increases the extra execution cost of the program. Therefore, this paper starts with the obfuscation of program control flow in reverse engineering to provide defense strategies for the protection of software intellectual property rights. Focusing on the parsing and obfuscation of Java byte code, we implement a prototype of code obfuscation system. The scheme improves the class aggregation and class splitting algorithms, discusses the fusion methods of various independent code obfuscation technologies, and provides the description and implementation of other key module algorithms. The experimental analysis shows that the obfuscation transformation scheme in this paper not only gets higher security, but also improves the program performance to a certain extent, which can effectively protect the intellectual property rights of Java software.

This paper describes the process of developing data visualisations to enhance a commercial software platform for combating insider threat, whose existing UI, while perfectly functional, was limited in its ability to allow analysts to easily spot the patterns and outliers that visualisation naturally reveals. We describe the design and development process, proceeding from initial tasks/requirements gathering, understanding the platform’s data formats, the rationale behind the visualisations’ design, and then refining the prototype through gathering feedback from representative domain experts who are also current users of the software. Through a number of example scenarios, we show that the visualisation can support the identified tasks and aid analysts in discovering and understanding potentially risky insider activity within a large user base.

Insider threats are the cyber attacks from the trusted entities within an organization. An insider attack is hard to detect as it may not leave a footprint and potentially cause huge damage to organizations. Anomaly detection is the most common approach for insider threat detection. Lack of real-world data and the skewed class distribution in the datasets makes insider threat analysis an understudied research area. In this paper, we propose a Conditional Generative Adversarial Network (CGAN) to enrich under-represented minority class samples to provide meaningful and diverse data for anomaly detection from the original malicious scenarios. Comprehensive experiments performed on benchmark dataset demonstrates the effectiveness of using CGAN augmented data, and the capability of multi-class anomaly detection for insider activity analysis. Moreover, the method is compared with other existing methods against different parameters and performance metrics.

We present a scalable architecture based on a trained filter bank for input pre-processing and a recurrent neural network (RNN) for the detection of atrial fibrillation in electrocardiogram (ECG) signals, with the focus on enabling a very efficient hardware implementation as application-specific integrated circuit (ASIC). Our already very efficient base architecture is further improved by replacing the RNN with a delta-encoded gated recurrent unit (GRU) and adding a confidence measure (CM) for terminating the computation as early as possible. With these optimizations, we demonstrate a reduction of the processing load of 58 % on an internal dataset while still achieving near state-of-the-art classification results on the Physionet ECG dataset with only 1202 parameters.

The full integration of Remotely Piloted Aircraft Systems (RPAS) in non-segregated airspace is one of the major objectives for the worldwide aviation organizations and authorities. However, there are several technological and regulatory issues due to the increase of the air traffic in the next years and to the need of keeping high safety levels. In this framework, a real-time validation environment capable to simulate complex scenarios related to future air traffic management (ATM) conditions is of paramount importance. These facilities allow detailed testing and tuning of new technologies and procedures before executing flight tests. With such motivations, the Italian Aerospace Research Centre has developed the Integrated Simulation Facility (ISF) able to accurately reproduce ATM complex scenarios in real-time with hardware and human in-the-loop simulations, aiming to validate new ATM procedures and innovative system prototypes for RPAS and General Aviation aircraft. In the present work, the ISF facility has been used for reproducing relevant ATM scenarios to validate the functionalities of a Detect and Avoid system (DAA). The results of the ISF test campaign demonstrate the effectiveness of the developed algorithm in the autonomous resolution of mid-air collisions in presence of both air traffic and fixed obstacles (i.e. bad weather areas, no-fly-zone and terrain) and during critical flight phases, thus exceeding the current DAA state-of-the-art.

Digital forensics is concerned with identifying, reporting and responding to security breaches. It is about how to acquire, analyze and report digital evidence and using the technical skills, discovering the traces of Cyber Crime. The field of digital forensics is in high demand due to the constant threats of data breaches and information hacks. Digital Forensics is utilized in the identification and elimination of crimes in any controversy where evidence is preserved in online space. This is the use of specialized techniques for retrieval, authentication and electronic data analysis. Computer forensics deals with the identification, preservation, analysis, documentation and presentation of digital evidence. The paper has analyzed the present-day trends that includes IoT forensics, cloud forensics, network forensics and social media forensics. Recent researches have shown a wide range of threats and cyber-attacks, which requires forensic investigators and forensics scientists to simplify the digital world. Hence, all our research gives a clear view of digital forensics which could be of a great help in forensic investigation. In this research paper we have discussed about the need and way to preserve the digital evidence, so that it is not compromised at any point in time and an unalter evidence can be presented before the court of law.

Both the Internet of Things (IoT) and Information Centric Networking (ICN) have gathered a lot of attention from both research and industry in recent years. While ICN has proved to be beneficial in many situations, it is not widely deployed outside research projects, also not addressing needs of IoT application programming interfaces (APIs). On the other hand, today's IoT solutions are built on top of the host-centric communication model associated with the usage of the Internet Protocol (IP). This paper contributes a discussion on the need of an integration of a specific form of IoT APIs, namely WebSocket based streaming APIs, into an ICN. Furthermore, different access models are discussed and requirements are derived from real world APIs. Finally, the design of an ICN-style extension is presented using one of the examined APIs.

This paper integrates Software-Defined Networking (SDN) and Information -Centric Networking (ICN) framework to enable low latency-based stateful routing and caching management by leveraging a novel forwarding and caching strategy. The framework is implemented in a clean- slate environment that does not rely on the TCP/IP principle. It utilizes Pending Interest Tables (PIT) instead of Forwarding Information Base (FIB) to perform data dissemination among peers in the proposed IC-SDN framework. As a result, all data exchanged and cached in the system are organized in chunks with the same interest resulting in reduced packet overhead costs. Additionally, we propose an efficient caching strategy that leverages in- network caching and naming of contents through an IC-SDN controller to support off- path caching. The testbed evaluation shows that the proposed IC-SDN implementation achieves an increased throughput and reduced latency compared to the traditional information-centric environment, especially in the high load scenarios.

Online news articles are an important source of information for decisions makers to understand the causal relation of events that happened. However, understanding the causality of an event or between events by traditional machine learning-based techniques from natural language text is a challenging task due to the complexity of the language to be comprehended by the machines. In this study, the Knowledge-oriented convolutional neural network (K-CNN) technique is used to extract the causal relation from online news articles related to the South China Sea (SCS) dispute. The proposed K-CNN model contains a Knowledge-oriented channel that can capture the causal phrases of causal relationships. A Data-oriented channel that captures the position information was added to the K-CNN model in this phase. The online news articles were collected from the national news agency and then the sentences which contain relation such as causal, message-topic, and product-producer were extracted. Then, the extracted sentences were annotated and converted into lower form and base form followed by transformed into the vector by looking up the word embedding table. A word filter that contains causal keywords was generated and a K-CNN model was developed, trained, and tested using the collected data. Finally, different architectures of the K-CNN model were compared to find out the most suitable architecture for this study. From the study, it was found out that the most suitable architecture was the K-CNN model with a Knowledge-oriented channel and a Data-oriented channel with average pooling. This shows that the linguistic clues and the position features can improve the performance in extracting the causal relation from the SCS online news articles. Keywords-component; Convolutional Neural Network, Causal Relation Extraction, South China Sea.

The project uses 3D immersive technology to innovatively apply virtual reality technology to the monitoring field, and proposes the concept and technical route of remote 3D immersive intelligent control. A design scheme of a three-dimensional immersive remote somatosensory intelligent controller is proposed, which is applied to the remote three-dimensional immersive control of a crawler mobile robot, and the test and analysis of the principle prototype are completed.

At present, the limitation of intangible cultural experience lies in the lack of long-term immersive cultural experience for users. In order to solve this problem, this study divides the process from the perspective of Freudian psychology and combines the theoretical research on intangible cultural heritage and flow experience to get the preliminary research direction. Then, based on the existing interactive experience cases of intangible cultural heritage, a set of method model of immersive interactive experience of intangible cultural heritage based on flow theory is summarized through user interviews in this research. Finally, through data verification, the model is proved to be correct. In addition, this study offers some important insights into differences between primary users and experienced users, and proposed specific guiding suggestions for immersive interactive experience design of intangible cultural heritage based on flow theory in the future.

On the basis of analyzing the development and application of virtual reality (VR) technology at home and abroad, and combining with the specific situation of the exhibition hall, this paper establishes an immersive scene roaming system of the exhibition hall. The system is completed by virtual scene modeling technology and virtual roaming interactive technology. The former uses modeling software to establish the basic model in the virtual scene, while the latter uses VR software to enable users to control their own roles to run smoothly in the roaming scene. In interactive roaming, this paper optimizes the A* pathfinding algorithm, uses binary heap to process data, and on this basis, further optimizes the pathfinding algorithm, so that when the pathfinding target is an obstacle, the pathfinder can reach the nearest place to the obstacle. Texture mapping technology, LOD technology and other related technologies are adopted in the modeling, thus finally realizing the immersive scene roaming system of the exhibition hall.

The interdisciplinary field of immersive learning research is scattered. Combining efforts for better exploration of this field from the different disciplines requires researchers to communicate and coordinate effectively. We call upon the community of immersive learning researchers for planting the Knowledge Tree of Immersive Learning Research, a proposal for a systematization effort for this field, combining both scholarly and practical knowledge, cultivating a robust and ever-growing knowledge base and methodological toolbox for immersive learning. This endeavor aims at promoting evidence-informed practice and guiding future research in the field. This paper contributes with the rationale for three objectives: 1) Developing common scientific terminology amidst the community of researchers; 2) Cultivating a common understanding of methodology, and 3) Advancing common use of theoretical approaches, frameworks, and models.

We tackle the problem where a server owns a trained Machine Learning (ML) model and a client/user has an unclassified query that he wishes to classify in secure and private fashion using the server’s model. During the process the server learns nothing, while the user learns only his final classification and nothing else. Since several ML classification algorithms, such as deep neural networks, support vector machines-SVM (and hyperplane decisions in general), Logistic Regression, Naïve Bayes, etc., can be expressed in terms of matrix operations, initially we propose novel secure matrix operations as our building blocks. On top of them we build our secure and private ML classification algorithms under strict security and privacy requirements. As our underlying cryptographic primitives are shown to be resilient to quantum computer attacks, our algorithms are also suitable for the post-quantum world. Our theoretical analysis and extensive experimental evaluations show that our secure matrix operations, hence our secure ML algorithms build on top of them as well, outperform the state of the art schemes in terms of computation and communication costs. This makes our algorithms suitable for devices with limited resources that are often found in Industrial IoT (Internet of Things)

Quantum entanglement gives rise to a range of non-classical effects, which are extensively exploited in quantum computing and quantum communication. Therefore, detection and quantification of entanglement as well as preparation of highly entangled quantum states remain the fundamental objectives in these fields. Much attention has been devoted to the studies of graph states, which play a role of a central resource in quantum error correction, quantum cryptography and practical quantum metrology in the presence of noise.We examine multi-qubit graph states generated by the action of controlled phase shift operators on a separable quantum state of a system, in which all the qubits are in arbitrary identical states. Analytical expression is obtained for the geometric measure of entanglement of a qubit with other qubits in graph states represented by arbitrary graphs. We conclude that this quantity depends on the degree of the vertex corresponding to the qubit, the absolute values of the parameter of the phase shift gate and the parameter of the initial state the gate is acting on. Moreover, the geometric measure of entanglement of certain types of graph states is quantified on the IBM’s quantum computer ibmq\_athens based on the measurements of the mean spin. Namely, we consider states associated with the native connectivity of ibmq\_athens, the claw and the complete graphs. Appropriate protocols are proposed to prepare these states on the quantum computer. The results of quantum computations verify our theoretical findings [1].

This paper proposes a scheme for secure telecommunication based on synchronizing a chaotic Liu system with a nontrivial Lyapunov candidate, which allows for the control signal to act only on one state of the slave system. The proposal has the advantages of being robust against disturbances (internal and external) and simple, which is essential because it leads to significant cost reductions when implemented using analog electronics. A simulation study, which considers the presence of disturbances, is used to validate the theoretical results and show the easy implementation of the proposed approach.

The fields of transportation and fleet management have been evolving at a rapid pace and most of these changes are due to numerous incremental developments in the area. However, a comprehensive study that critically compares and contrasts all the existing techniques and methodologies in the area is still missing. This paper presents a comparative analysis of the vulnerabilities and security threats for IoT and their mitigation strategies in the context of transportation and fleet management. Moreover, we attempt to classify the existing strategies based on their underlying principles.

The IFDS algorithm can be memory-intensive, requiring a memory budget of more than 100 GB of RAM for some applications. The large memory requirements significantly restrict the deployment of IFDS-based tools in practise. To improve this, we propose a disk-assisted solution that drastically reduces the memory requirements of traditional IFDS solvers. Our solution saves memory by 1) recomputing instead of memorizing intermediate analysis data, and 2) swapping in-memory data to disk when memory usages reach a threshold. We implement sophisticated scheduling schemes to swap data between memory and disks efficiently. We have developed a new taint analysis tool, DiskDroid, based on our disk-assisted IFDS solver. Compared to FlowDroid, a state-of-the-art IFDS-based taint analysis tool, for a set of 19 apps which take from 10 to 128 GB of RAM by FlowDroid, DiskDroid can analyze them with less than 10GB of RAM at a slight performance improvement of 8.6%. In addition, for 21 apps requiring more than 128GB of RAM by FlowDroid, DiskDroid can analyze each app in 3 hours, under the same memory budget of 10GB. This makes the tool deployable to normal desktop environments. We make the tool publicly available at https://github.com/HaofLi/DiskDroid.

Nowadays, smart contracts manage more and more digital assets and have become an attractive target for adversaries. To prevent smart contracts from malicious attacks, a thorough test is indispensable and must be finished before deployment because smart contracts cannot be modified after being deployed. Fuzzing is an important testing approach, but most existing smart contract fuzzers can hardly solve the constraints which involve deeply nested conditional statements, resulting in low coverage. To address this problem, we propose Targy, an efficient targeted mutation strategy based on dynamic taint analysis. We obtain the taint flow by dynamic taint propagation, and generate a more accurate mutation strategy for the input parameters of functions to simultaneously satisfy all conditional statements. We implemented Targy on sFuzz with 3.6 thousand smart contracts running on Ethereum. The numbers of covered branches and detected vulnerabilities increase by 6% and 7% respectively, and the average time required for covering a branch is reduced by 11 %.

Management control and monitoring of production activities in intelligent environments in subway mines must be aligned with the strategies and objectives of each agent. It is required that in operations, the local structure of each service is fault-tolerant and that large amounts of data are transmitted online to executives to make effective and efficient decisions. The paper proposes an architecture that enables strategic text analysis on the Internet of Things devices through task partitioning with multiple agent systems and evaluates the feasibility of the design by building a prototype that improves communication. The results validate the system's design because Raspberry Pi can execute text mining algorithms and agents in about 3 seconds for 197 texts. This work emphasizes multiple agents for text analytics because the algorithms, along with the agents, use about 70% of a Raspberry Pi CPU.

As cyber threats continue to grow and expertise resources are limited, organisations need to find ways to evaluate their resilience efficiently and take proactive measures against an attack from a specific adversary before it occurs. Threat modelling is an excellent method of assessing the resilience of ICT systems, forming Attack (Defense) Graphs (ADGs) that illustrate an adversary’s attack vectors. Cyber Threat Intelligence (CTI) is information that helps understand the current cyber threats, but has little integration with ADGs. This paper contributes with an approach that resolves this problem by using CTI feeds of known threat actors to enrich ADGs under multiple reuse. This enables security analysts to take proactive measures and strengthen their ICT systems against current methods used by any threat actor that is believed to pose a threat to them.

Commodity hypervisors are widely deployed to support virtual machines (VMs) on multiprocessor hardware. Their growing complexity poses a security risk. To enable formal verification over such a large codebase, we introduce microverification, a new approach that decomposes a commodity hypervisor into a small core and a set of untrusted services so that we can prove security properties of the entire hypervisor by verifying the core alone. To verify the multiprocessor hypervisor core, we introduce security-preserving layers to modularize the proof without hiding information leakage so we can prove each layer of the implementation refines its specification, and the top layer specification is refined by all layers of the core implementation. To verify commodity hypervisor features that require dynamically changing information flow, we introduce data oracles to mask intentional information flow. We can then prove noninterference at the top layer specification and guarantee the resulting security properties hold for the entire hypervisor implementation. Using microverification, we retrofitted the Linux KVM hypervisor with only modest modifications to its codebase. Using Coq, we proved that the hypervisor protects the confidentiality and integrity of VM data, while retaining KVM’s functionality and performance. Our work is the first machine-checked security proof for a commodity multiprocessor hypervisor.