Biblio

Distributed Denial-of-Service (DDoS) attacks are increasing in frequency and volume on the Internet, and there is evidence that cyber-criminals are turning to Internet-of-Things (IoT) devices such as cameras and vending machines as easy launchpads for large-scale attacks. This paper quantifies the capability of consumer IoT devices to participate in reflective DDoS attacks. We first show that household devices can be exposed to Internet reflection even if they are secured behind home gateways. We then evaluate eight household devices available on the market today, including lightbulbs, webcams, and printers, and experimentally profile their reflective capability, amplification factor, duration, and intensity rate for TCP, SNMP, and SSDP based attacks. Lastly, we demonstrate reflection attacks in a real-world setting involving three IoT-equipped smart-homes, emphasising the imminent need to address this problem before it becomes widespread.

The appearance of distributed learning allows multiple participants to collaboratively train a global model, where instead of directly releasing their private training data with the server, participants iteratively share their local model updates (parameters) with the server. However, recent attacks demonstrate that sharing local model updates is not sufficient to provide reasonable privacy guarantees, as local model updates may result in significant privacy leakage about local training data of participants. To address this issue, in this paper, we present an alternative approach that combines distributed differential privacy (DDP) with a three-layer encryption protocol to achieve a better privacy-utility tradeoff than the existing DP-based approaches. An unbiased encoding algorithm is proposed to cope with floating-point values, while largely reducing mean squared error due to rounding. Our approach dispenses with the need for any trusted server, and enables each party to add less noise to achieve the same privacy and similar utility guarantees as that of the centralized differential privacy. Preliminary analysis and performance evaluation confirm the effectiveness of our approach, which achieves significantly higher accuracy than that of local differential privacy approach, and comparable accuracy to the centralized differential privacy approach.

This paper proposes a novel privacy-preserving smart metering system for aggregating distributed smart meter data. It addresses two important challenges: (i) individual users wish to publish sensitive smart metering data for specific purposes, and (ii) an untrusted aggregator aims to make queries on the aggregate data. We handle these challenges using two main techniques. First, we propose Fourier Perturbation Algorithm (FPA) and Wavelet Perturbation Algorithm (WPA) which utilize Fourier/Wavelet transformation and distributed differential privacy (DDP) to provide privacy for the released statistic with provable sensitivity and error bounds. Second, we leverage an exponential ElGamal encryption mechanism to enable secure communications between the users and the untrusted aggregator. Standard differential privacy techniques perform poorly for time-series data as it results in a Θ(n) noise to answer n queries, rendering the answers practically useless if n is large. Our proposed distributed differential privacy mechanism relies on Gaussian principles to generate distributed noise, which guarantees differential privacy for each user with O(1) error, and provides computational simplicity and scalability. Compared with Gaussian Perturbation Algorithm (GPA) which adds distributed Gaussian noise to the original data, the experimental results demonstrate the superiority of the proposed FPA and WPA by adding noise to the transformed coefficients.

Mobile Social Networks have become one of the most convenient services for users to share information everywhere. This crowdsourced information is often meaningful and recommended to users, e.g., reviews on Yelp or high marks on Dianping, which poses the threat of Sybil attacks. To address the problem of Sybil attacks, previous solutions mostly use indirect/direct graph model or clickstream model to detect fake accounts. However, they are either dependent on strong connections or solely preserved by servers of social networks. In this paper, we propose a novel predictable approach by exploiting users' custom patterns to distinguish Sybil attackers from normal users for the application of recommendation in mobile social networks. First, we introduce the entropy of spatial-temporal features to profile the mobility traces of normal users, which is quite different from Sybil attackers. Second, we develop discriminative entropy-based features, i.e., users' preference features, to measure the uncertainty of users' behaviors. Third, we design a smart Sybil detection model based on a binary classification approach by combining our entropy-based features with traditional behavior-based features. Finally, we examine our model and carry out extensive experiments on a real-world dataset from Dianping. Our results have demonstrated that the model can significantly improve the detection accuracy of Sybil attacks.

Connected cars have received massive attention in Intelligent Transportation System. Many potential services, especially safety-related ones, rely on spatial-temporal messages periodically broadcast by cars. Without a secure authentication algorithm, malicious cars may send out invalid spatial-temporal messages and then deny creating them. Meanwhile, a lot of private information may be disclosed from these spatial-temporal messages. Since cars move on expressways at high speed, any authentication must be performed in real-time to prevent crashes. In this paper, we propose a Fast and Anonymous Spatial-Temporal Trust (FastTrust) mechanism to ensure these properties. In contrast to most authentication protocols which rely on fixed infrastructures, FastTrust is distributed and mostly designed on symmetric-key cryptography and an entropy-based commitment, and is able to fast authenticate spatial-temporal messages. FastTrust also ensures the anonymity and unlinkability of spatial-temporal messages by developing a pseudonym-varying scheduling scheme on cars. We provide both analytical and simulation evaluations to show that FastTrust achieves the security and privacy properties. FastTrust is low-cost in terms of communication and computational resources, authenticating 20 times faster than existing Elliptic Curve Digital Signature Algorithm.

Cyber-physical systems (CPS) depend on cybersecurity to ensure functionality, data quality, cyberattack resilience, etc. There are known and unknown cyber threats and attacks that pose significant risks. Information assurance and information security are critical. Many systems are vulnerable to intelligence exploitation and cyberattacks. By investigating cybersecurity risks and formal representation of CPS using spatiotemporal dynamic graphs and networks, this paper investigates topics and solutions aimed to examine and empower: (1) Cybersecurity capabilities; (2) Information assurance and system vulnerabilities; (3) Detection of cyber threat and attacks; (4) Situational awareness; etc. We introduce statistically-characterized dynamic graphs, novel entropy-centric algorithms and calculi which promise to ensure near-real-time capabilities.

The paper presents a new technique for the botnets' detection in the corporate area networks. It is based on the usage of the algorithms of the artificial immune systems. Proposed approach is able to distinguish benign network traffic from malicious one using the clonal selection algorithm taking into account the features of the botnet's presence in the network. An approach present the main improvements of the BotGRABBER system. It is able to detect the IRC, HTTP, DNS and P2P botnets.

This research used an Autonomous Security Robot (ASR) scenario to examine public reactions to a robot that possesses the authority and capability to inflict harm on a human. Individual differences in terms of personality and Perfect Automation Schema (PAS) were examined as predictors of trust in the ASR. Participants (N=316) from Amazon Mechanical Turk (MTurk) rated their trust of the ASR and desire to use ASRs in public and military contexts following a 2-minute video depicting the robot interacting with three research confederates. The video showed the robot using force against one of the three confederates with a non-lethal device. Results demonstrated that individual differences factors were related to trust and desired use of the ASR. Agreeableness and both facets of the PAS (high expectations and all-or-none beliefs) demonstrated unique associations with trust using multiple regression techniques. Agreeableness, intellect, and high expectations were uniquely related to desired use for both public and military domains. This study showed that individual differences influence trust and one's desired use of ASRs, demonstrating that societal reactions to ASRs may be subject to variation among individuals.

It is important to be able to establish formal performance bounds for autonomous systems. However, formal verification techniques require a model of the environment in which the system operates; a challenge for autonomous systems, especially those expected to operate over longer timescales. This paper describes work in progress to automate the monitor and repair of ROS-based autonomous robot software written for an apriori partially known and possibly incorrect environment model. A taint analysis method is used to automatically extract the dataflow sequence from input topic to publish topic, and instrument that code. A unique reinforcement learning approximation of MDP utility is calculated, an empirical and non-invasive characterization of the inherent objectives of the software designers. By comparing design (a-priori) utility with deploy (deployed system) utility, we show, using a small but real ROS example, that it's possible to monitor a performance criterion and relate violations of the criterion to parts of the software. The software is then patched using automated software repair techniques and evaluated against the original off-line utility.

Airports are at the forefront of technological innovation, mainly due to the fact that the number of air travel passengers is exponentially increasing every year. As a result, airports enhance infrastructure's intelligence and evolve as smart facilities to support growth, by offering a pleasurable travel experience, which plays a vital role in increasing revenue of aviation sector. New challenges are coming up, which aviation has to deal and adapt, such as the integration of Industrial IoT in airport facilities and the increased use of Bring Your Own Device from travelers and employees. Cybersecurity is becoming a key enabler for safety, which is paramount in the aviation context. Smart airports strive to provide optimal services in a reliable and sustainable manner, by working around the domains of growth, efficiency, safety andsecurity. This paper researches the implementation rate of cybersecurity measures and best practices to improve airports cyber resilience. With the aim to enhance operational practices anddevelop robust cybersecurity governance in smart airports, we analyze security gaps in different areas including technical, organizational practices and policies.

Factoring is an important financial instrument for SMEs to solve liquidity problems, where the invoice is cashed to avoid late buyer payments. Unfortunately, this business model is risky as it relies on human interaction and involved actors (factors in particular) suffer from information asymmetry. One of the risks involved is 'double-financing': the event that an SME extracts funds from multiple factors. To reduce this asymmetry and increase the scalability of this important instrument, we propose a framework, DecReg, based on blockchain technology. We provide the protocols designed for this framework and present performance analysis. This framework will be deployed in practice as of February 2017 in the Netherlands.

Internet of Medical Things (IoMT) is a rapidly growing branch of IoT (Internet of Things), which requires special treatment to cyber security due to confidentiality of healthcare data and patient health threat. Healthcare data and automated medical devices might become vulnerable targets of malicious cyber-attacks. While a large number of robotic applications, including medical and healthcare, employ robot operating system (ROS) as their backbone, not enough attention is paid for ROS security. The paper discusses a security of ROS-based swing doors automation in the context of a robotic hospital framework, which should be protected from cyber-attacks.

We are exploring new ways to analyze phishing attacks. To do this, we investigate the change in the dynamics of the power of phishing attacks. We also analyze the effectiveness of detection of phishing attacks. We are considering the possibility of using new tools for analyzing phishing attacks. As such tools, the methods of chaos theory and the ideology of wavelet coherence are used. The use of such analysis tools makes it possible to investigate the peculiarities of the phishing attacks occurrence, as well as methods for their identification effectiveness. This allows you to expand the scope of the analysis of phishing attacks. For analysis, we use real data about phishing attacks.

This paper explores the benefits of 3D face modeling for in-the-wild facial expression recognition (FER). Since there is limited in-the-wild 3D FER dataset, we first construct 3D facial data from available 2D dataset using recent advances in 3D face reconstruction. The 3D facial geometry representation is then extracted by deep learning technique. In addition, we also take advantage of manipulating the 3D face, such as using 2D projected images of 3D face as additional input for FER. These features are then fused with that of 2D FER typical network. By doing so, despite using common approaches, we achieve a competent recognition accuracy on Real-World Affective Faces (RAF) database and Static Facial Expressions in the Wild (SFEW 2.0) compared with the state-of-the-art reports. To the best of our knowledge, this is the first time such a deep learning combination of 3D and 2D facial modalities is presented in the context of in-the-wild FER.

Power system intelligent terminal equipment is widely used in real-time monitoring, data acquisition, power management, power distribution and other tasks of smart grid. The power system intelligent terminal can obtain various information of users and power companies in the power grid, but there is still a lack of protection means for the connection and communication process of the terminal components. In this paper, a novel method based on improved deep belief network(IDBN) is proposed to accomplish the business-level security monitoring and attack detection of power system terminal. A non-intrusive business-level monitoring platform for power system terminals is established, which uses energy metering intelligent terminals as an example for non-intrusive data collection. Based on this platform, the I-DBN extracts the spatial and temporal attack characteristics of the external monitoring data of the system. Some fault conditions and cyber attacks of the model have been simulated to demonstrate the effectiveness of the proposed detection method and the results show excellent performance. The method and platform proposed in this paper can be extended to other services in the power industry, providing a theoretical basis and implementation method for realizing the security monitoring of power system intelligent terminals from the business level.

For multi-source heterogeneous complex data types of data cleaning and visual display, we proposed to build dynamic multimode visualization analysis tool, according to the different types of data designed by the user in accordance with the data model, and use visualization technology tools to build and use CQRS technology to design, external interface using a RESTFul architecture, The domain model and data query are completely separated, and the underlying data store adopts Hbase, ES and relational database. Drools is adopted in the data flow engine. According to the internal algorithm, three kinds of graphs can be output, namely, transaction relationship network analysis graph, capital flow analysis graph and transaction timing analysis graph, which can reduce the difficulty of analysis and help users to analyze data in a more friendly way

The motion process of multi-dimensional chaotic system is complex and variable, the randomness of motion state is stronger, and the motion state is more unpredictable within a certain range. This feature of multi-dimensional chaotic system can effectively improve the security performance of digital image encryption algorithm. In this paper, the hyper-chaotic Lorenz map is used to design the encryption sequence to improve the random performance of the encryption sequence, thus optimizing the performance of the digital image encryption algorithm. In this paper, the chaotic sequence is used to randomly select the row vector of the Hadamard matrix to form the Hadamard matrix to determine the measurement matrix, which simplifies the computational difficulty of the algorithm and solves the problem of the discontinuity of the key space in the random matrix design.

Object-oriented program (OOP) is very popular in these years for its advantages, but the testing method for OOP is still not mature enough. To deal with the problem that it is impossible to generate the probability density function by simply numeralizing a point in the test case caused by the complex structure of the object-oriented test case, we propose the Adaptive Random Testing through Test Profile for Object-Oriented software (ARTTP-OO). It generates a test case at the edge of the input field and calculates the distance between object-oriented test cases using Object and Method Invocation Sequence Similarity (OMISS) metric formula. And the probability density function is generated by the distance to select the test cases, thereby realizing the application of ARTTP algorithm in OOP. The experimental results indicate the proposed ARTTP-OO consumes less time cost without reducing the detection effectiveness.

In 2013, subversion attack comes to publity again by Mikhail Bellare, who was inspired by PRISM. In this work, we implement this kind of attack on cloud auditing protocols. We show that through subversion attacks, the cloud server can recover the secret information stored by the data owner. Especially, First, we set a general frame of data auditing protocols. This model forms a basic security model of auditing protocols. Then we give a security model of attacker. Finally, we put forward some popular auditing protocols which can be subverted.

Network security has always been the most important of enterprise informatization construction and development, and the security assessment of network system is the basis for enterprises to make effective security defense strategies. Aiming at the relevance of security factors and subjectivity of evaluation results in the process of enterprise network system security assessment, a security assessment method combining Analytic Network Process and evidence theory is proposed. Firstly, we built a complete security assessment index system and network analysis structure model for enterprise network, and determined the converged security index weights by calculating hypermatrix, limit hypermatrix and stable limit hypermatrix; then, we used the evidence theory on data fusion of the evaluation opinions of multiple experts to eliminate the conflict between evidences. Finally, according to the principle of maximum membership degree, we realized the assessment of enterprise network security level using weighted average. The example analysis showed that the model not only weighed the correlation influence among the security indicators, but also effectively reduced the subjectivity of expert evaluation and the fuzziness and uncertainty in qualitative analysis, which verified the effectiveness of the model and method, and provided an important basis for network security management.

XSS is one of the common vulnerabilities in web applications. Many black-box testing tools may collect a large number of payloads and traverse them to find a payload that can be successfully injected, but they are not very efficient. And previous research has paid less attention to how to improve the efficiency of black-box testing to detect XSS vulnerability. To improve the efficiency of testing, we develop an XSS testing tool. It collects 6128 payloads and uses a headless browser to detect XSS vulnerability. The tool can discover XSS vulnerability quickly with the ART(Adaptive Random Testing) method. We conduct an experiment using 3 extensively adopted open source vulnerable benchmarks and 2 actual websites to evaluate the ART method. The experimental results indicate that the ART method can effectively improve the fuzzing method by more than 27.1% in reducing the number of attempts before accomplishing a successful injection.

The past decade has seen a growing interest in underwater acoustic positioning networks (UAPNs) because of their wide applications in marine research, ocean monitoring, offshore exploration, and defense or homeland security. Efficient communication among all sensors and receivers is crucial so as to make positioning service available. Traditional UAPNs could locate only one target, that are growing obsolete due to increasing demands for multiple users working at the same time. Due to the demands for multiple users working simultaneously and narrow acoustic bandwidth, new efficient and reliable communication and networking protocols are required in design for UAPNs. In this paper, we aim to provide the procedure of communication design for UAPNs based on sonar equation and spread spectrum communication. What's more, signal design and performance analysis are supplied. The results show that the signal we designed have ideal correlation performance and high processing gain. The signal is suitable for multiple users UAPNs and thus show favorable potential in ocean engineering applications.

This paper proposes a new random forest classification algorithm based on differential privacy protection. In order to reduce the impact of differential privacy protection on the accuracy of random forest classification, a hybrid decision tree algorithm is proposed in this paper. The hybrid decision tree algorithm is applied to the construction of random forest, which balances the privacy and classification accuracy of the random forest algorithm based on differential privacy. Experiment results show that the random forest algorithm based on differential privacy can provide high privacy protection while ensuring high classification performance, achieving a balance between privacy and classification accuracy, and has practical application value.

With the increase in the number of cyber attacks on industrial control systems, especially in critical infrastructure facilities, the problem of comprehensive analysis of the security of such systems becomes urgent. This, in turn, requires the availability of fundamental mathematical, methodological and instrumental basis for modeling automated systems, modeling attacks on their information resources, which would allow realtime system protection analysis. The paper proposes a basis for simulating protected industrial control systems, based on the developed reference security model, and a model for attacks on information resources of automated systems. On the basis of these mathematical models, a complex model of a protected automated system was developed, which can be used to build protection systems for automated systems used in production.

Cryptocurrencies record transactions in a decentralized data structure called a blockchain. Two of the most popular cryptocurrencies, Bitcoin and Ethereum, support the feature to encode rules or scripts for processing transactions. This feature has evolved to give practical shape to the ideas of smart contracts, or full-fledged programs that are run on blockchains. Recently, Ethereum's smart contract system has seen steady adoption, supporting tens of thousands of contracts, holding millions dollars worth of virtual coins. In this paper, we investigate the security of running smart contracts based on Ethereum in an open distributed network like those of cryptocurrencies. We introduce several new security problems in which an adversary can manipulate smart contract execution to gain profit. These bugs suggest subtle gaps in the understanding of the distributed semantics of the underlying platform. As a refinement, we propose ways to enhance the operational semantics of Ethereum to make contracts less vulnerable. For developers writing contracts for the existing Ethereum system, we build a symbolic execution tool called Oyente to find potential security bugs. Among 19, 336 existing Ethereum contracts, Oyente flags 8, 833 of them as vulnerable, including the TheDAO bug which led to a 60 million US dollar loss in June 2016. We also discuss the severity of other attacks for several case studies which have source code available and confirm the attacks (which target only our accounts) in the main Ethereum network.