Biblio

The risk of detecting incidents in the field of computer technology in Maritime transport is considered. The structure of the computer incident investigation system and its functions are given. The system of conducting investigations of computer incidents on sea transport is considered. A possible algorithm for investigating the incident using the tools of forensic science and an algorithm for transmitting the received data for further processing are presented.

Automatic Static Analysis Tools (ASATs) detect coding rule violations, including mistakes and bad practices that frequently occur during programming. While ASATs are widely used in both OSS and industry, the developers do not resolve more than 80% of the detected violations. As one of the reasons, most ASATs users do not customize their ASATs to their projects after installation; the ASATs with the default configuration report many rule violations that confuse developers. To reduce the ratio of such uninteresting warning messages, we propose a method to customize ASATs according to the product source code automatically. Our fundamental hypothesis is: A software project has interesting ASAT rules that are consistent over time. Our method takes source code as input and generates an ASAT configuration. In particular, the method enables optional (i.e., disabled by default) rules that detected no violations on the version because developers are likely to follow the rules in future development. Our method also disables violated rules because developers were unlikely to follow them. To evaluate the method, we applied our method to 643 versions of four JavaScript projects. The generated configurations for all four projects increased the ASAT precision. They also increased recall for two projects. The result shows that our method helps developers to focus on their attractive rule violations. Our implementation of the proposed method is available at https://github.com/devreplay/linter-maintainer

A source code static analysis became an industrial standard for program source code issues early detection. As one of requirements to such kind of analysis is high performance to provide response of automatic code checking tool as early as possible as far as such kind of tools integrates to Continuous testing and Integration systems. In this paper we propose a source code static analysis algorithm for solving performance issue of source code static analysis tool in general way.

Risk management is an essential part of software security. Assemblyline is a software security tool developed by the Canadian Centre for Cyber Security (CCCS) for malware detection and analysis. In this paper, we examined the performance of Assemblyline for assessing the risk of executable files. We developed and examined use-cases where Assemblyline is included as part of a security safety net assessing vulnerabilities that would lead to risk. Finally, we considered Assemblyline’s utility in a continuous integration / delivery context using our test results.

Software and firmware vulnerabilities pose security threats to photovoltaic (PV) systems. When patches are not available or cannot be timely applied to fix vulnerabilities, it is important to mitigate vulnerabilities such that they cannot be exploited by attackers or their impacts will be limited when exploited. However, the vulnerability mitigation problem for PV systems has received little attention. This paper analyzes known security vulnerabilities in PV systems, proposes a multi-level mitigation framework and various mitigation strategies including neural network-based attack detection inside inverters, and develops a prototype system as a proof-of-concept for building vulnerability mitigation into PV system design.

Internet of Things (IoT) is a sophisticated concept of the traditional internet. In IoT, all things in our lives can be connected with the internet or with each other to exchange data and perform specific functions through the network. However, combining several devices-especially by unskilled users-may pose a number of security risks. In addition, some commonly used communication protocols in the IoT area are not secure. Security, on the other hand, increases overhead by definition, resulting in performance degradation. The Message Queuing Telemetry Transport (MQTT) protocol is a lightweight protocol and can be considered as one of the most popular IoT protocols, it is a publish/subscribe messaging transport protocol that uses a client-server architecture. MQTT is built to run over TCP protocol, thus it does not provide any level of security by default. Therefore, Transport Layer Security (TLS) can be used to ensure the security of the MQTT protocol. This paper analyzed the impact on the performance and security of the MQTT protocol in two cases. The first case, when using TLS protocol to support the security of the MQTT protocol. The second case, using the traditional MQTT without providing any level of security for the exchanged data. The results indicated that there is a tradeoff between the performance and the security when using MQTT protocol with and without the presence of TLS protocol.

This article is devoted to the existing standards for assessing the state of information security, which provides a classification and comparative analysis of standards for assessing the state of information.

With the spread of the Internet, various devices are now connected to it and the number of IoT devices is increasing. Data generated by IoT devices has traditionally been aggregated in the cloud and processed over time. However, there are two issues with using the cloud. The first is the response delay caused by the long distance between the IoT device and the cloud, and the second is the difficulty of implementing sufficient security measures on the IoT device side due to the limited resources of the IoT device at the end. To address these issues, fog computing, which is located in the middle between IoT devices and the cloud, has been attracting attention as a new network component. However, the risks associated with the introduction of fog computing have not yet been fully investigated. In this study, we conducted a risk assessment of fog computing, which is newly established to promote the use of IoT devices, and identified 24 risk factors. The main countermeasures include the gradual introduction of connected IoT connection protocols and security policy matching. We also demonstrated the effectiveness of the proposed risk measures by evaluating the risk values. The proposed risk countermeasures for fog computing should help us to utilize IoT devices in a safe and secure manner.

In recent years, new cyber attacks such as targeted attacks have caused extensive damage. With the continuing development of the IoT society, various devices are now connected to the network and are being used for various purposes. The Internet of Things has the potential to link cyber risks to actual property damage, as cyberspace risks are connected to physical space. With this increase in unknown cyber risks, the demand for cyber insurance is increasing. One of the most serious emerging risks is the silent cyber risk, and it is likely to increase in the future. However, at present, security measures against silent cyber risks are insufficient. In this study, we conducted a risk management of silent cyber risk for organizations with the objective of contributing to the development of risk management methods for new cyber risks that are expected to increase in the future. Specifically, we modeled silent cyber risk by focusing on state transitions to different risks. We newly defined two types of silent cyber risk, namely, Alteration risk and Combination risk, and conducted risk assessment. Our assessment identified 23 risk factors, and after analyzing them, we found that all of them were classified as Risk Transference. We clarified that the most effective risk countermeasure for Alteration risk was insurance and for Combination risk was measures to reduce the impact of the risk factors themselves. Our evaluation showed that the silent cyber risk could be reduced by about 50%, thus demonstrating the effectiveness of the proposed countermeasures.

Industry 4.0 is the latest industrial revolution primarily merging automation with advanced manufacturing to reduce direct human effort and resources. Predictive maintenance (PdM) is an industry 4.0 solution, which facilitates predicting faults in a component or a system powered by state-of-the- art machine learning (ML) algorithms (especially deep learning algorithms) and the Internet-of-Things (IoT) sensors. However, IoT sensors and deep learning (DL) algorithms, both are known for their vulnerabilities to cyber-attacks. In the context of PdM systems, such attacks can have catastrophic consequences as they are hard to detect due to the nature of the attack. To date, the majority of the published literature focuses on the accuracy of DL enabled PdM systems and often ignores the effect of such attacks. In this paper, we demonstrate the effect of IoT sensor attacks (in the form of false data injection attack) on a PdM system. At first, we use three state-of-the-art DL algorithms, specifically, Long Short-Term Memory (LSTM), Gated Recurrent Unit (GRU), and Convolutional Neural Network (CNN) for predicting the Remaining Useful Life (RUL) of a turbofan engine using NASA's C-MAPSS dataset. The obtained results show that the GRU-based PdM model outperforms some of the recent literature on RUL prediction using the C-MAPSS dataset. Afterward, we model and apply two different types of false data injection attacks (FDIA), specifically, continuous and interim FDIAs on turbofan engine sensor data and evaluate their impact on CNN, LSTM, and GRU-based PdM systems. The obtained results demonstrate that FDI attacks on even a few IoT sensors can strongly defect the RUL prediction in all cases. However, the GRU-based PdM model performs better in terms of accuracy and resiliency to FDIA. Lastly, we perform a study on the GRU-based PdM model using four different GRU networks with different sequence lengths. Our experiments reveal an interesting relationship between the accuracy, resiliency and sequence length for the GRU-based PdM models.

In power systems, having accurate device models is crucial for grid reliability, availability, and resiliency. Existing model calibration methods based on mathematical approaches often lead to multiple solutions due to the ill-posed nature of the problem, which would require further interventions from the field engineers in order to select the optimal solution. In this paper, we present a novel deep-learning-based approach for model parameter calibration in power systems. Our study focused on the generator model as an example. We studied several deep-learning-based approaches including 1-D Convolutional Neural Network (CNN), Long Short-Term Memory (LSTM), and Gated Recurrent Units (GRU), which were trained to estimate model parameters using simulated Phasor Measurement Unit (PMU) data. Quantitative evaluations showed that our proposed methods can achieve high accuracy in estimating the model parameters, i.e., achieved a 0.0079 MSE on the testing dataset. We consider these promising results to be the basis for further exploration and development of advanced tools for model validation and calibration.

Graph neural networks (GNNs) is an emerging class of iterative connectionist models taking full advantage of the interaction patterns in an underlying domain. Depending on their configuration GNNs aggregate local state information to obtain robust estimates of global properties. Since graphs inherently represent high dimensional data, GNNs can effectively perform dimensionality reduction for certain aggregator selections. One such task is assigning sentiment polarity labels to the vertices of a large social network based on local ground truth state vectors containing structural, functional, and affective attributes. Emotions have been long identified as key factors in the overall social network resiliency and determining such labels robustly would be a major indicator of it. As a concrete example, the proposed methodology has been applied to two benchmark graphs obtained from political Twitter with topic sampling regarding the Greek 1821 Independence Revolution and the US 2020 Presidential Elections. Based on the results recommendations for researchers and practitioners are offered.

We are interested in the design of generative networks. The training of these mathematical structures is mostly performed with the help of adversarial (min-max) optimization problems. We propose a simple methodology for constructing such problems assuring, at the same time, consistency of the corresponding solution. We give characteristic examples developed by our method, some of which can be recognized from other applications, and some are introduced here for the first time. We present a new metric, the likelihood ratio, that can be employed online to examine the convergence and stability during the training of different Generative Adversarial Networks (GANs). Finally, we compare various possibilities by applying them to well-known datasets using neural networks of different configurations and sizes.

Currently, the increasing complexity of DDoS attacks makes it difficult for modern security systems to track them. Machine learning techniques are increasingly being used in such systems as they are well established. However, a new problem arose: the creation of informative datasets. Generative adversarial networks can help create large, high-quality datasets for machine learning training. The article discusses the issue of using generative adversarial networks to generate new patterns of network attacks for the purpose of their further use in training.

The technique of concealing a confidential information in a carrier information is known as steganography. When we use digital images as carriers, it is termed as image steganography. The advancements in digital technology and the need for information security have given great significance for image steganographic methods in the area of secured communication. An efficient steganographic system is characterized by a good trade-off between its features such as imperceptibility and capacity. The proposed scheme implements an edge-detection based adaptive steganography with transform domain embedding, offering high imperceptibility and capacity. The scheme employs an adaptive embedding technique to select optimal data-hiding regions in carrier image, using Canny edge detection and a Convolutional Neural Network (CNN). Then, the secret image is embedded in the Dual-Tree Complex Wavelet Transform (DTCWT) coefficients of the selected carrier image blocks, with the help of Singular Value Decomposition (SVD). The analysis of the scheme is performed using metrics such as Peak Signal-to-Noise Ratio (PSNR), Structural Similarity Index (SSIM), and Normalized Cross Correlation (NCC).

Digital signal processor (DSP) intellectual property (IP) cores are the underlying hardware responsible for high performance data intensive applications. However an unauthorized IP vendor may counterfeit the DSP IPs and infuse them into the design-chain. Thus fake IPs or integrated circuits (ICs) are unknowingly integrated into consumer electronics (CE) systems, leading to reliability and safety issues for users. The latent solution to this threat is hardware steganography wherein vendor's secret information is covertly inserted into the design to enable detection of counterfeiting. A key-regulated hash-modules chaining based IP steganography is presented in our paper to secure against counterfeiting threat. The proposed approach yielded a robust steganography achieving very high security with regard to stego-key length than previous approaches.

The Internet of Things (IoT) technology is being utilized in endless applications nowadays and the security of these applications is of great importance. Image based IoT applications serve a wide variety of fields such as medical application and smart cities. Steganography is a great threat to these applications where adversaries can use the images in these applications to hide malicious messages. Therefore, this paper presents an image steganalysis technique that employs Convolutional Neural Networks (CNN) to detect the infamous JPEG steganography technique: JPEG universal wavelet relative distortion (J-UNIWARD). Several experiments were conducted to determine the breaking point of J-UNIWARD, whether the hiding technique relies on correlation of the images, and the effect of utilizing Discrete Cosine Transform (DCT) on the performance of the CNN. The results of the CNN display that the breaking point of J-UNIWARD is 1.5 (bpnzAC), the correlation of the database affects the detection accuracy, and DCT increases the detection accuracy by 13%.

Information sharing through internet has becoming challenge due to high-risk factor of attacks to the information being transferred. In this paper, a novel image-encryption edge based Image steganography technique is proposed. The proposed algorithm uses logistic map for encrypting the information prior to transmission. Laplacian of Gaussian (LoG) edge operator is used to find edge areas of the colored-cover-image. Simulation analysis demonstrates that the proposed algorithm has a good amount of payload along with better results of security analysis. The proposed scheme is compared with the existing-methods.

This paper proposes 2 multiple layer message security schemes. Information security is carried out through the implementation of cryptography, steganography and image processing techniques. In both schemes, the sensitive data is first encrypted by employing a chaotic function. In the first proposed scheme, LSB steganography is then applied to 2D slices of a 3D image. In the second proposed scheme, a corner detection filter is first applied to the 2D slices of a 3D image, then LSB embedding is carried out in those corner-detected pixels. The number of neighboring pixels used for corner detection is varied and its effect is noted. Performance of the proposed schemes is numerically evaluated using a number of metrics, including the mean squared error (MSE), the peak signal to noise ratio (PSNR), the structure similarity index measure (SSIM), the normalized cross-correlation (NCC), the image fidelity (IF), as well as the image difference (ID). The proposed schemes exhibit superior payload capacity and security in comparison to their counterparts from the literature.

Steganography security is the main concern in today’s informative world. The fact is that communication takes place to hide information secretly. Steganography is the technique of hiding secret data within an ordinary, non-secret, file, text message and images. This technique avoids detection of the secret data then extracted at its destination. The main reason for using steganography is, we can hide any secret message behind its ordinary file. This work presents a unique technique for image steganography based on a 512-bit algorithm. The secure stego image is a very challenging task to give protection. Therefore we used the least significant bit (LSB) techniques for implementing stego and cover image. However, data encryption and decryption are used to embedded text and replace data into the least significant bit (LSB) for better approaches. Android-based interface used in encryption-decryption techniques that evaluated in this process.Contribution—this research work with 512-bit data simultaneously in a block cipher to reduce the time complexity of a system, android platform used for data encryption decryption process. Steganography model works with stego image that interacts with LSB techniques for data hiding.

In this current age, stakeholders exchange legal documents, as well as documents that are official, sensitive and confidential via digital channels[1]. To securely communicate information between stakeholders is not an easy task considering the intentional or unintentional changes and possible attacks that can occur during communication. This paper focuses on protecting and securing data by hiding the data using steganography techniques, after encrypting the data to avoid unauthorized changes or modification made by adversaries to the data through using the Simplified Data Encryption Technique. By leveraging on these two approaches, secret data security intensifies to two levels and a steganography image of high quality is attained. Cryptography converts plaintext into cipher text (unreadable text); whereas steganography is the technique of hiding secret messages in other messages. First encryption of data is done using the Simplified Data Encryption Standard (S-DES) algorithm after which the message encrypted is embedded in the cover image by means of the Least Significant Bit (LSB) approach.

A new Domain Name System (DNS) cache poisoning attack aiming at clients has emerged recently. It induced cloud users to visit fake web sites and thus reveal information such as account passwords. However, the design of current DNS defense architecture does not formally consider the protection of clients. Although the DNS traffic encryption technology can alleviate this new attack, its deployment is as slow as the new DNS architecture. Thus we propose a lightweight adaptive intelligent defense strategy, which only needs to be deployed on the client without any configuration support of DNS. Firstly, we model the attack and defense process as a static stochastic game with incomplete information under bounded rationality conditions. Secondly, to solve the problem caused by uncertain attack strategies and large quantities of game states, we adopt a deep reinforcement learning (DRL) with guaranteed monotonic improvement. Finally, through the prototype system experiment in Alibaba Cloud, the effectiveness of our method is proved against multiple attack modes with a success rate of 97.5% approximately.

In this paper, we consider a sequential stochastic Stackelberg game with two players, a leader, and a follower. The follower observes the state of the system privately while the leader does not. Players play Stackelberg equilibrium where the follower plays best response to the leader's strategy. In such a scenario, the leader has the advantage of committing to a policy that maximizes its returns given the knowledge that the follower is going to play the best response to its policy. Such a pair of strategies of both the players is defined as Stackelberg equilibrium of the game. Recently, [1] provided a sequential decomposition algorithm to compute the Stackelberg equilibrium for such games which allow for the computation of Markovian equilibrium policies in linear time as opposed to double exponential, as before. In this paper, we extend that idea to the case when the state update dynamics are not known to the players, to propose an reinforcement learning (RL) algorithm based on Expected Sarsa that learns the Stackelberg equilibrium policy by simulating a model of the underlying Markov decision process (MDP). We use particle filters to estimate the belief update for a common agent that computes the optimal policy based on the information which is common to both the players. We present a security game example to illustrate the policy learned by our algorithm.

Moving Target Defense (MTD) is a defensive mechanism based on dynamic system reconfiguration to prevent or thwart cyberattacks. In the last years, considerable progress has been made regarding MTD approaches for virtualized environments, and Virtual Machine (VM) migration is the core of most of these approaches. However, VM migration produces system downtime, meaning that each MTD reconfiguration affects system availability. Therefore, a method for a combined evaluation of availability and security is of utmost importance for VM migration-based MTD design. In this paper, we propose a Stochastic Reward Net (SRN) for the probability of attack success and availability evaluation of an MTD based on VM migration scheduling. We study the MTD system under different conditions regarding 1) VM migration scheduling, 2) VM migration failure probability, and 3) attack success rate. Our results highlight the tradeoff between availability and security when applying MTD based on VM migration. The approach and results may provide inputs for designing and evaluating MTD policies based on VM migration.

Underwater Wireless Communication Network (UWCN) is highly emerging in recent times due to the broad variety of underwater applications ranging from disaster prediction, environmental resource monitoring, military security surveillance and assisted navigation. Since the kind of accuracy these applications demands from the dynamic underwater environment is really high, so there is a need for effective way of study underwater communication networks. Usually underwater networks can be studied with the help of actual underwater testbed or with the model of the underwater network. Studying the underwater system with the actual underwater testbed is costly. The effective way of analysis can be done by creating a mathematical model of underwater systems. Queuing theory is one of the most popular mathematical theories used for conventional circuit switched networks whereas it can’t be applied for modeling modern packet switched networks which has high variability compared to that of circuit switched networks. So this paper presents Stochastic Network Calculus (SNC) as the mathematical theory for modeling underwater communication networks. Underlying principles and basic models provided by SNC for analyzing the performance graduates of UWCN is discussed in detail for the benefit of researchers looking for the effective mathematical theory for modeling the system in the domain of underwater communication.