Biblio

Internet Exchange Points (IXPs) are critical components of the Internet infrastructure that affect its performance, evolution, security and economy. In this work, we introduce a technique to improve the well-known TraIXroute tool with its ability to identify IXPs. TraIXroute is a tool written in python3. It always encounters problems during its installation by network administrators and researchers. This problem remains unchanged in the field of internet ixp measurement tools. Our paper aims to make a critical analysis of TraIXroute tool which has some malfunctions. Furthermore, our main objective is to implement an improved tool for detecting ixps on the traceroute path with ipv4 and ipv6. The tool will have options for Geolocation of ixps as well as ASs. Our tool is written in C\# (C sharp) and python which are object oriented programming languages.

This demo paper presents the technical details and usage scenarios of μSE: a mutation-based tool for evaluating security-focused static analysis tools for Android. Mutation testing is generally used by software practitioners to assess the robustness of a given test-suite. However, we leverage this technique to systematically evaluate static analysis tools and uncover and document soundness issues.μSE's analysis has found 25 previously undocumented flaws in static data leak detection tools for Android.μSE offers four mutation schemes, namely Reachability, Complex-reachability, TaintSink, and ScopeSink, which determine the locations of seeded mutants. Furthermore, the user can extend μSE by customizing the API calls targeted by the mutation analysis.μSE is also practical, as it makes use of filtering techniques based on compilation and execution criteria that reduces the number of ineffective mutations.

Structured Query Language (SQL) is extensively used for storing, manipulating and retrieving information in the relational database management system. Using SQL statements, attackers will try to gain unauthorized access to databases and launch attacks to modify/retrieve the stored data, such attacks are called as SQL injection attacks. Such SQL Injection (SQLi) attacks tops the list of web application security risks of all the times. Identifying and mitigating the potential SQL attack statements before their execution can prevent SQLi attacks. Various techniques are proposed in the literature to mitigate SQLi attacks. In this paper, a random decision forest approach is introduced to mitigate SQLi attacks. From the experimental results, we can infer that the proposed approach achieves a precision of 97% and an accuracy of 95%.

Sharing relational databases on the Internet creates the need to protect these databases. Its output in substantial losses to the data storing systems because of unauthorized access to information that could lose novelty. The research associations use the research databases to mine new information about the research works of the relational databases that are available for free. It is a great challenge to maintain authenticity because these databases are vulnerable to security issues. Watermarking is a candidate solution that fully protects databases shared with the receiver. The protection of relational database ownership that may continue to evolve against the various aquatic mechanisms shared with the recipient that arouses appetite for attacks and must continue to evolve so that they can have database knowledge to support their decision-making system is effective. The relational database based onVirtual private key Watermarking using numeric attribute) involves embedding the same watermark in the same properties in different places in the same place. Therefore, data attackers cannot remove watermarks from data. The proposed strategy is to work by inserting watermark bits in such a way that it causes minimal distortion in the data and the data usability must remain intact after the data is watermarked. The proposed strategy is to work by inserting watermark bits in such a way that it causes minimal distortion in the data and the ability to use the data after watermarking the data must remain intact. The existence of a primary key is the main feature or compulsory item for most of the strategies. Our method provides solutions no primary key feature where the integrating search system of the database remains intact after watermarking distortion.

Relational database management systems not only support larger-than-memory data processing and very advanced query optimization, but also offer the benefits of data security, privacy, and consistency. When machine learning on large data sets is processed directly on an existing SQL database server, the data does not need to be exported and transferred to a separate big data processing platform. To achieve this, we implement a linear regression algorithm using SQL code generation such that the computation can be performed server-side and directly in the RDBMs. Our method and its implementation, programmed in Python, solves linear regression (LR) using the ordinary least squares (OLS) method directly in the RDBMS using SQL code generation, leaving most of the processing in the database. Only the matrix of the system of equations, whose size is equal to the number of variables squared, is transferred from the SQL server to the Python client to be solved for OLS regression. For evaluation purposes, our LR implementation was tested with artificially generated datasets and compared to an existing Python library (Scikit Learn). We found that our implementation consistently solves OLS regression faster than Scikit Learn for datasets with more than 10,000 input rows, and if the number of columns is less than 64. Moreover, under the same test conditions where the computation is larger than memory, our implementation showed a fast result, while Scikit returned an out-of-memory error. We conclude that SQL is a promising tool for in-database processing of large-volume, low-dimensional data sets with a particular class of machine learning algorithms, namely those that can be efficiently solved with map-reduce queries such as OLS regression.

With the continuous emergence of cloud computing technology, cloud infrastructure software will become the mainstream application model in the future. Among the databases, relational databases occupy the largest market share. Therefore, the relational cloud database will be the main product of the combination of database technology and cloud computing technology, and will become an important branch of the database industry. This article explores the establishment of an evaluation system framework for relational databases, helping enterprises to select relational cloud database products according to a clear goal and path. This article can help enterprises complete the landing of relational cloud database projects.

The Multivariate Polynomial Public Key (MPPK) algorithm, over a prime Galois field, takes a multiplier multivariate polynomial and two multiplicand univariate solvable polynomials to create two product multivariate polynomials. One of variables is for secret message and all others are for noises. The public key consists of all coefficients of the product multivariate polynomials, except the two constant terms for the message variable. The private key is made of both multiplicands. Encryption takes a list of random numbers, over the prime Galois field. The first number is the secret to exchange. The other random numbers generate noise automatically cancelled by decryption. The secret is easily extracted from the evaluation of a solvable equation. The level of security provided by MPPK is adaptable. The algorithm can be used in several different ways. In this paper, we review the performance achieved by MPPK for several combinations of polynomial configurations and Galois field sizes. For every combination, we calculated key generation time, encryption time and decryption time. We also compare the effectiveness of MPPK with the performance of all four NIST PQC finalists. For MPPK, the data has been collected from the execution of an implementation in Java. In comparison to the NIST PQC finalists, MPPK key generation, encryption and decryption performance is excellent.

The Internet is evolving everywhere and expanding its entity globally. The IoT(Internet of things) is a new and interesting concept introduced in this world of internet. Generally it is interconnected computing device which can be embedded in our daily routine objects through which we can send and receive data. It is beyond connecting computers and laptops only although it can connect billion of devices. It can be described as reliable method of communication that also make use of other technologies like wireless sensor, QR code etc. IoT (Internet of Things) is making everything smart with use of technology like smart homes, smart cities, smart watches. In this chapter, we will study the security algorithms in IoT (Internet of Things) which can be achieved with encryption process. In the world of IoT, data is more vulnerable to threats. So as to protect data integrity, data confidentiality, we have Light weight Encryption Algorithms like symmetric key cryptography and public key cryptography for secure IoT (Internet of Things) named as Secure IoT. Because it is not convenient to use full encryption algorithms that require large memory size, large program code and larger execution time. Light weight algorithms meet all resource constraints of small memory size, less execution time and efficiency. The algorithms can be measured in terms of key size, no of blocks and algorithm structure, chip size and energy consumption. Light Weight Techniques provides security to smart object networks and also provides efficiency. In Symmetric Key Cryptography, two parties can have identical keys but has some practical difficulty. Public Key Cryptography uses both private and public key which are related to each other. Public key is known to everyone while private key is kept secret. Public Key cryptography method is based on mathematical problems. So, to implement this method, one should have a great expertise.

The majority of systems rely on user authentication on passwords, but passwords have so many weaknesses and widespread use that easily raise significant security concerns, regardless of their encrypted form. Users hold the same password for different accounts, administrators never check password files for flaws that might lead to a successful cracking, and the lack of a tight security policy regarding regular password replacement are a few problems that need to be addressed. The proposed research work aims at enhancing this security mechanism, prevent penetrations, password theft, and attempted break-ins towards securing computing systems. The selected solution approach is two-folded; it implements a two-factor authentication scheme to prevent unauthorized access, accompanied by Honeyword principles to detect corrupted or stolen tokens. Both can be integrated into any platform or web application with the use of QR codes and a mobile phone.

Security is a most concerning matter for client's data in today's emerging technological world in each field, like banking, management, retail, shopping, communication, education, etc. Arise in cyber-crime due to the black hat community, there is always a need for a better way to secure the client's sensitive information, Security is the key point in online banking as the threat of unapproved online access to a client's data is very significant as it ultimately danger to bank reputation. The more secure and powerful methods can allow a client to work with untrusted parties. Paper is focusing on how secure banking transaction system can work by using homomorphic encryption and steganography techniques. For data encryption NTRU, homomorphic encryption can be used and to hide details through the QR code, a cover image can be embed using steganography techniques.

A Quick Response (QR) Code is a type of barcode that can be read by the digital devices and which stores the information in a square-shaped. The QR Code readers can extract data from the patterns which are presented in the QR Code matrix. A QR Code can be acting as an attack vector that can harm indirectly. In such case a QR Code can carry malicious or phishing URLs and redirect users to a site which is well conceived by the attacker and pretends to be an authorized one. Once the QR Code is decoded the commands are triggered and executed, causing damage to information, operating system and other possible sequence the attacker expects to gain. In this paper, a new model for QR Code authentication and phishing detection has been presented. The proposed model will be able to detect the phishing and malicious URLs in the process of the QR Code validation as well as to prevent the user from validating it. The development of this application will help to prevent users from being tricked by the harmful QR Codes.

Distribution of keys in classical cryptography is one of the most significant affairs to deal with. The computational hardness is the fundamental basis of the security of these keys. However, in the era of quantum computing, quantum computers can break down these keys with their substantially more computation capability than normal computers. For instance, a quantum computer can easily break down RSA or ECC in polynomial time. In order to make the keys quantum resistant, Quantum Key Distribution (QKD) is developed to enforce security of the classical cryptographic keys from the attack of quantum computers. By using quantum mechanics, QKD can reinforce the durability of the keys of classical cryptography, which were practically unbreakable during the pre-quantum era. Thus, an extensive study is required to understand the importance of QKD to make the classical cryptographic key distributions secure against both classical and quantum computers. Therefore, in this paper, we discuss trends and limitations of key management protocols in classical cryptography, and demonstrates a relative study of different QKD protocols. In addition, we highlight the security implementation aspects of QKD, which lead to the solution of threats occurring in a quantum computing scenario, such that the cryptographic keys can be quantum resistant.

The development of edge computing and machine learning technologies have led to the growth of Industrial IoT systems. Autonomous decision making and smart manufacturing are flourishing in the current age of Industry 4.0. By providing more compute power to edge devices and connecting them to the internet, the so-called Cyber Physical Systems are prone to security threats like never before. Security in the current industry is based on cryptographic techniques that use pseudorandom number keys. Keys generated by a pseudo-random number generator pose a security threat as they can be predicted by a malicious third party. In this work, we propose a secure Industrial IoT Architecture that makes use of true random numbers generated by a quantum random number generator (QRNG). CITRIOT's FireConnect IoT node is used to show the proof of concept in a quantum-safe network where the random keys are generated by a cloud based quantum device. We provide an implementation of QRNG on both real quantum computer and quantum simulator. Then, we compare the results with pseudorandom numbers generated by a classical computer.

Cyber-security training has evolved into an imperative need, aiming to provide cyber-security professionals with the knowledge and skills required to confront cyber-attacks that are increasing in number and sophistication. Training activities are typically associated with evaluation means, aimed to assess the extent to which the trainee has acquired the knowledge and skills whose development is targeted by the training programme, while cyber-security awareness and skill level evaluation means may be used to support additional security-related aspects of organizations. In this paper, we review trainee performance assessment metrics in cyber-security training, aiming to assist designers of cyber-security training activities to identify the most prominent trainee performance assessment means for their training programmes, while additional research directions involving cyber-security training evaluation metrics are also identified.

Professional training is essential for organizations to successfully defend their assets against cyber-attacks. Successful detection and prevention of security incidents demands that personnel is not just aware about the potential threats, but its security expertise goes far beyond the necessary background knowledge. To fill-in the gap for competent security professionals, platforms offering realistic training environments and scenarios are designed that are referred to as cyber-ranges. Multiple cyber-ranges listed under a common platform can simulate more complex environments, referred as cyber-range federations. Security education approaches often implement gamification mechanics to increase trainees’ engagement and maximize the outcome of the training process. Scoring is an integral part of a gamification scheme, allowing both the trainee and the trainer to monitor the former’s performance and progress. In this article, a novel scoring model is presented that is designed to be agnostic with respect to the source of information: either a CR or a variety of different CRs being part of a federated environment.

Higher education is increasingly called upon to enhance cyber education, including hands-on "experiential" training. The good news is that additional tools and techniques are becoming more available, both in-house and through third parties, to provide cyber training environments and simulations at various features and price points. However, the training thus far has only focused on "traditional" Cybersecurity that lightly touches on wireless in undergraduate and master's degree programs, and certifications. The purpose of this research is to identify and recognize nascent cyber training emphasizing a broader spectrum of wireless security and encourage curricular development that includes critical experiential training. Experiential wireless security training is important to keep pace with the growth in wireless communication mediums and associated Internet of Things (IoT) and Cyber Physical System (CPS) applications. Cyber faculty at a university offering undergraduate and master's Cybersecurity degrees authored this paper; both degrees are offered to resident as well as online students.

Modbus is a popular industrial communication protocol supported by most automation devices. Despite its popularity, it is not a secure protocol because when it was developed, security was not a concern due to closed environments of industrial control systems. With the convergence of information technology and operational technology in recent years, the security of industrial control systems has become a serious concern. Due to the high availability requirements, it is not practical or feasible to do security experimentation of production systems. We present an implementation of cyber-physical systems with Modbus/TCP communication for real-time security testing. The proposed architecture consists of a process simulator, an IEC 61131-3 compliant programmable logic controller, and a human-machine interface, all communicating via Modbus/TCP protocol. We use Simulink as the process simulator. It does not have built-in support for the Modbus protocol. A contribution of the proposed work is to extend the functionality of Simulink with a custom block to enable Modbus communication. We use two case studies to demonstrate the utility of the cyber-physical system architecture. We can model complex industrial processes with this architecture, can launch cyber-attacks, and develop protection mechanisms.

We suggest using Fully Homomorphic Encryption (FHE) to be used, not only to keep the privacy of information but also, to verify computations with no additional significant overhead, using only part of the variables length for verification. This method supports the addition of encrypted values as well as multiplication of encrypted values by the addition of their logarithmic representations and is based on a separation between hardware functionalities. The computer/server performs blackbox additions and is based on the separation of server/device/hardware, such as the enclave, that may deal with additions of logarithmic values and exponentiation. The main idea is to restrict the computer operations and to use part of the variable for computation verification (computation fingerprints) and the other for the actual calculation. The verification part holds the FHE value, of which the calculated result is known (either due to computing locally once or from previously verified computations) and will be checked against the returned FHE value. We prove that a server with bit computation granularity can return consistent encrypted wrong results even when the public key is not provided. For the case of computer word granularity the verification and the actual calculation parts are separated, the verification part (the consecutive bits from the LSB to the MSB of the variables) is fixed across all input vectors. We also consider the case of Single Instruction Multiple Data (SIMD) where the computation fingerprints index in the input vectors is fixed across all vectors.

This paper presents the time complexity estimates for the methods of points exponentiation, which are basic for encrypting information flows in computer systems. As a result of numerical experiments, it is determined that the method of doubling-addition-subtraction has the lowest complexity. Mathematical models for determining the execution time of each considered algorithm for points exponentiation on elliptic curves were developed, which allowed to conduct in-depth analysis of their performance and resistance to special attacks, in particular timing analysis attack. The dependences of the cryptographic operations execution time on the key length and the sustainability of each method on the Hamming weight are investigated. It is proved that under certain conditions the highest sustainability of the system is achieved by the doubling-addition-subtraction algorithm. This allows to justify the choice of algorithm and its parameters for the implementation of cryptographic information security, which is resistant to special attacks.

Pairings on elliptic curves are exploited for pairing-based cryptography, e.g., ID-based encryption and group signature authentication. For secure cryptography, it is important to choose the curves that have resistance to a special variant of the tower number field sieve (TNFS) that is an attack for the finite fields. However, for the pairings on several curves with embedding degree \$k=\10,11,13,14\\$ resistant to the special TNFS, efficient algorithms for computing the final exponentiation constructed by the lattice-based method have not been provided. For these curves, the authors present efficient algorithms with the calculation costs in this manuscript.

Pairings on elliptic curves which are carried out by the Miller loop and final exponentiation are used for innovative protocols such as ID-based encryption and group signature authentication. As the recent progress of attacks for finite fields in which pairings are defined, the importance of the use of the curves with prime embedding degrees \$k\$ has been increased. In this manuscript, the authors provide a method for providing efficient final exponentiation algorithms for a specific cyclotomic family of curves with arbitrary prime \$k\$ of \$k\textbackslashtextbackslashequiv 1(\textbackslashtextbackslashtextmod\textbackslashtextbackslash 6)\$. Applying the proposed method for several curves such as \$k=7\$, 13, and 19, it is found that the proposed method gives rise to the same algorithms as the previous state-of-the-art ones by the lattice-based method.

This paper presents a randomized Montgomery Powering Ladder Modular Exponentiation (RMPLME) scheme for side channel attacks (SCA) resistant Rivest-Shamir-Adleman (RSA) and its leakage resilience analysis. This method randomizes the computation time of square-and-multiply operations for each exponent bit of the Montgomery Powering Ladder (MPL) based RSA exponentiation using various radices (Radix – 2, 22, and 24) based Montgomery Modular multipliers (MMM) randomly. The randomized computations of RMPLME generates non-uniform timing channels information and power traces thus protecting against SCA. In this work, we have developed and implemented a) an unmasked right-to-left Montgomery Modular Exponentiation (R-L MME), b) MPL exponentiation and c) the proposed RMPLME schemes for RSA decryption. All the three realizations have been assessed for side channel leakage using Welch’s t-test and analyzed for secured realizations based on degree of side channel information leakage. RMPLME scheme shows the least side-channel leakage and resilient against SPA, DPA, C-Safe Error, CPA and Timing Attacks.

In the present paper the exponentiation algorithm “To Center and Back” based on the idea of the additive chains exponentiation method is developed. The created by authors algorithm allows to reduce the calculation time and to improve the performance of conventional and cryptographic algorithms, as pre-quantum and quantum, and then post-quantum, in which it is necessary to use the fast exponentiation algorithm.

Modern smart grid systems are heavily dependent on Information and Communication Technology, and this dependency makes them prone to cyber-attacks. The occurrence of a cyber-attack has increased in recent years resulting in substantial damage to power systems. For a reliable and stable operation, cyber protection, control, and detection techniques are becoming essential. Automated detection of cyberattacks with high accuracy is a challenge. To address this, we propose a two-layer hierarchical machine learning model having an accuracy of 95.44 % to improve the detection of cyberattacks. The first layer of the model is used to distinguish between the two modes of operation - normal state or cyberattack. The second layer is used to classify the state into different types of cyberattacks. The layered approach provides an opportunity for the model to focus its training on the targeted task of the layer, resulting in improvement in model accuracy. To validate the effectiveness of the proposed model, we compared its performance against other recent cyber attack detection models proposed in the literature.

Nowadays, cyber physical systems are playing an important role in human life in which they provide features that make interactions between human and machine easier. To design and analysis such systems, the main problem is their complexity. In this paper, we propose a description language for cyber physical systems based on stochastic processes. The proposed language is called SPDL (Stochastic Description Process Language). For designing SPDL, two main parts are considered for Cyber Physical Systems (CSP): embedded systems and physical environment. Then these parts are defined as stochastic processes and CPS is defined as a tuple. Syntax and semantics of SPDL are stated based on the proposed definition. Also, the semantics are defined as by set theory. For implementation of SPDL, dependencies between words of a requirements are extracted as a tree data structure. Based on the dependencies, SPDL is used for describing the CPS. Also, a lexical analyzer and a parser based on a defined BNF grammar for SPDL is designed and implemented. Finally, SPDL of CPS is transformed to NuSMV which is a symbolic model checker. The Experimental results show that SPDL is capable of describing cyber physical systems by natural language.