Biblio

In this research work, we attempted to predict the creditworthiness of smartphone users in Indonesia during the COVID-19 pandemic using machine learning. Principal Component Analysis (PCA) and Kmeans algorithms are used for the prediction of creditworthiness with the used a dataset of 1050 respondents consisting of twelve questions to smartphone users in Indonesia during the COVID-19 pandemic. The four different classification algorithms (Logistic Regression, Support Vector Machine, Decision Tree, and Naive Bayes) were tested to classify the creditworthiness of smartphone users in Indonesia. The tests carried out included testing for accuracy, precision, recall, F1-score, and Area Under Curve Receiver Operating Characteristics (AUCROC) assesment. Logistic Regression algorithm shows the perfect performances whereas Naïve Bayes (NB) shows the least. The results of this research also provide new knowledge about the influential and non-influential variables based on the twelve questions conducted to the respondents of smartphone users in Indonesia during the COVID-19 pandemic.

Android malware is continuously evolving at an alarming rate due to the growing vulnerabilities. This demands more effective malware detection methods. This paper presents DynaMalDroid, a dynamic analysis-based framework to detect malicious applications in the Android platform. The proposed framework contains three modules: dynamic analysis, feature engineering, and detection. We utilized the well-known CICMalDroid2020 dataset, and the system calls of apps are extracted through dynamic analysis. We trained our proposed model to recognize malware by selecting features obtained through the feature engineering module. Further, with these selected features, the detection module applies different Machine Learning classifiers like Random Forest, Decision Tree, Logistic Regression, Support Vector Machine, Naïve-Bayes, K-Nearest Neighbour, and AdaBoost, to recognize whether an application is malicious or not. The experiments have shown that several classifiers have demonstrated excellent performance and have an accuracy of up to 99%. The models with Support Vector Machine and AdaBoost classifiers have provided better detection accuracy of 99.3% and 99.5%, respectively.

In the traditional Internet of Vehicles, communication data is easily tampered with and easily leaked. In order to improve the trust evaluation mechanism of the Internet of Vehicles and establish a trust relationship between vehicles, a blockchain-based Internet of Vehicles trust evaluation (BBTE) scheme is proposed. First, the scheme uses the roadside unit RSU to calculate the trust value of vehicle nodes and maintain the generation, verification and storage of blocks, so as to realize distributed data storage and ensure that data cannot be tampered with. Secondly, an efficient trust evaluation method is designed. The method integrates four trust decision factors: initial trust, historical experience trust, recommendation trust and RSU observation trust to obtain the overall trust value of vehicle nodes. In addition, in the process of constructing the recommendation trust method, the recommendation trust is divided into three categories according to the interaction between the recommended vehicle node and the communicator, use CRITIC to obtain the optimal weights of three recommended trusts, and use CRITIC to obtain the optimal weights of four trust decision-making factors to obtain the final trust value. Finally, the NS3 simulation platform is used to verify the security and accuracy of the trust evaluation method, and to improve the identification accuracy and detection rate of malicious vehicle nodes. The experimental analysis shows that the scheme can effectively deal with the gray hole attack, slander attack and collusion attack of other vehicle nodes, improve the security of vehicle node communication interaction, and provide technical support for the basic application of Internet of Vehicles security.

Among the greatest obstacles in cybersecurity is insider threat, which is a well-known massive issue. This anomaly shows that the vulnerability calls for specialized detection techniques, and resources that can help with the accurate and quick detection of an insider who is harmful. Numerous studies on identifying insider threats and related topics were also conducted to tackle this problem are proposed. Various researches sought to improve the conceptual perception of insider risks. Furthermore, there are numerous drawbacks, including a dearth of actual cases, unfairness in drawing decisions, a lack of self-optimization in learning, which would be a huge concern and is still vague, and the absence of an investigation that focuses on the conceptual, technological, and numerical facets concerning insider threats and identifying insider threats from a wide range of perspectives. The intention of the paper is to afford a thorough exploration of the categories, levels, and methodologies of modern insiders based on machine learning techniques. Further, the approach and evaluation metrics for predictive models based on machine learning are discussed. The paper concludes by outlining the difficulties encountered and offering some suggestions for efficient threat identification using machine learning.

This paper discusses the outcome of combining insider threat agent taxonomies with the aim of enhancing insider threat detection. The objectives sought to explore taxonomy combinations and investigate threat sophistication from the taxonomy combinations. Investigations revealed the plausibility of combining the various taxonomy categories to derive a new taxonomy. An observation on category combinations yielded the introduction of the concept of a threat path. The proposed taxonomy tree consisted of more than a million threat-paths obtained using a formula from combinatorics analysis. The taxonomy category combinations thus increase the insider threat landscape and hence the gap between insider threat agent sophistication and countermeasures. On the defensive side, knowledge of insider threat agent taxonomy category combinations has the potential to enhance defensive countermeasure tactics, techniques and procedures, thus increasing the chances of insider threat detection.

This paper proposes a Mobile IoT optimization method for Next-Generation networks by evaluating a series of named-based techniques implemented in Information-Centric Networking (ICN). The idea is based on the possibility to have a more suitable naming and forwarding mechanism to be implemented in IoT. The main advantage of the method is in achieving a higher success packet rate and data rate by following the proposed technique even when the device is mobile / roaming around. The proposed technique is utilizing a root prefix naming which allows faster process and dynamic increase for content waiting time in Pending Interest Table (PIT). To test the idea, a simulation is carried out by mimicking how IoT can be implemented, especially in smart cities, where a user can also travel and not be static. Results show that the proposed technique can achieve up to a 13% interest success rate and an 18.7% data rate increase compared to the well-known implementation algorithms. The findings allow for possible further cooperation of data security factors and ensuring energy reduction through leveraging more processes at the edge node.

The Cloud Native paradigm has quickly emerged as a new trend in Web Services architectures. Applications are now developed as a network of microservices and functions that can be quickly re-deployed anywhere, decoupled from their state. In this scenario, workloads are usually packaged as container images that can be quickly provisioned anywhere in a provider web service. To enforce security, traditional Docker container runtime mechanisms are now being enhanced by stronger isolation techniques such as lightweight hardware level virtualization. Such sandboxing inserts a strong boundary - the guest space - and therefore security containers do not share filesystem semantics with the host Operating System. However, the existing container storage drivers are designed and optimized to run directly on the host. In this paper we bridge the gap between traditional containers and virtualized containers. We present Deverlay, a container storage driver that prepares a block-based container root filesystem view, targeting lightweight Virtual Machines and keeping host native execution compatibility. We show that, in contrast to other block-based drivers, Deverlay can boot 80 micro VM containers in less than 4s by efficiently sharing host cache buffers among containers and reducing I/O disk access by 97.51 %.

DefendR is a Security operation used to block the access of the user to edit or overwrite the contents in our personal file that is stored in our system. This approach of applying a certain filter for the sensitive or sensitive data that are applicable exclusively in read-only mode. This is an improvisation of security for the personal data that restricts undo or redo related operations in the shared file. We use a mini-filter driver tool. Specifically, IRP (Incident Response Plan)-based I/O operations, as well as fast FSFilter callback activities, may additionally all be filtered with a mini-filter driver. A mini-filter can register a preoperation callback procedure, a postoperative Each of the I/O operations it filters is filtered by a callback procedure. By registering all necessary callback filtering methods in a filter manager, a mini-filter driver interfaces to the file system indirectly. When a mini-filter is loaded, the latter is a Windows file system filter driver that is active and connects to the file system stack.

Network attacks are always a nightmare for the network administrators as it eats away a huge wavelength and disturbs the normal working of many critical services in the network. Network behavior based profiling and detection is considered to be an accepted method; but the modeling data and method is always a big concern. The network event-based profiling is getting acceptance as they are sequential in nature and the sequence depicts the behavior of the system. This sequential network events can be analyzed using different techniques to create a profile for anomaly detection. In this paper we examine the possibility of two techniques for sequential event analysis using Modified GSP and IPAM algorithm. We evaluate the performance of these algorithms on the CSE-CIC-IDS 2018 data set to benchmark the performance. This experiment is different from other anomaly-based detection which evaluates the features of the dataset to detect the abnormalities. The performance of the algorithms on the dataset is then confirmed by the pattern evolving from the analysis and the indications it provides for early detection of network attacks.

Cloud computing plays major role in the development of accessing clouduser’s document and sensitive information stored. It has variety of content and representation. Cyber security and attacks in the cloud is a challenging aspect. Information security attains a vital part in Cyber Security management. It involves actions intended to reduce the adverse impacts of such incidents. To access the documents stored in cloud safely and securely, access control will be introduced based on cloud users to access the user’s document in the cloud. To achieve this, it is highly required to combine security components (e.g., Access Control, Usage Control) in the security document to get automatic information. This research work has proposed a Role Key Homomorphic Encryption Algorithm (RKHEA) to monitor the cloud users, who access the services continuously. This method provides access creation of session-based key to store the singularized encryption to reduce the key size from random methods to occupy memory space. It has some terms and conditions to be followed by the cloud users and also has encryption method to secure the document content. Hence the documents are encrypted with the RKHEA algorithm based on Service Key Access (SKA). Then, the encrypted key will be created based on access control conditions. The proposed analytics result shows an enhanced control over the documents in cloud and improved security performance.

Imbalanced class distribution can cause information loss and missed/false alarms for deep learning and machine-learning algorithms. The detection performance of traditional intrusion detection systems tend to degenerate due to skewed class distribution caused by the uneven allocation of observations in different kinds of attacks. To combat class imbalance and improve network intrusion detection performance, we adopt the conditional generative adversarial network (CTGAN) that enables the generation of samples of specific classes of interest. CTGAN builds on the generative adversarial networks (GAN) architecture to model tabular data and generate high quality synthetic data by conditionally sampling rows from the generated model. Oversampling using CTGAN adds instances to the minority class such that both data in the majority and the minority class are of equal distribution. The generated security alerts are used for training classifiers that realize critical alert detection. The proposed scheme is evaluated on a real-world dataset collected from security operation center of a large enterprise. The experiment results show that detection accuracy can be substantially improved when CTGAN is adopted to produce a balanced security-alert dataset. We believe the proposed CTGAN-based approach can cast new light on building effective systems for critical alert detection with reduced missed/false alarms.

With the progress of cryptography computer science, designing cryptographic algorithms using deep learning is a very innovative research direction. Google Brain designed a communication model using generation adversarial network and explored the encrypted communication algorithm based on machine learning. However, the encrypted communication model it designed lacks quantitative evaluation. When some plaintexts and keys are leaked at the same time, the security of communication cannot be guaranteed. This model is optimized to enhance the security by adjusting the optimizer, modifying the activation function, and increasing batch normalization to improve communication speed of optimization. Experiments were performed on 16 bits and 64 bits plaintexts communication. With plaintext and key leak rate of 0.75, the decryption error rate of the decryptor is 0.01 and the attacker can't guess any valid information about the communication.

Considering the evidence that conditions accept a considerable place in each of the structures, owing to limited assets available at each sensor center, it is a difficult problem. Vitality safety is the primary concern in many of the implementations in remote sensor hubs. This is critical as the improvement in the lifetime of the device depends primarily on restricting the usage of vitality in sensor hubs. The rationing and modification of the usage of vitality are of the most serious value in this context. In a remote sensor arrangement, the fundamental test is to schedule measurements for the least use of vitality. These classification frameworks are used to frame the classes in the structure and help efficiently use the strength that burdens out the lifespan of the network. Besides, the degree of the center was taken into account in this work considering the measurement of cluster span as an improvement to the existing methods. The crucial piece of leeway of this suggested approach on affair clustering using fuzzy logic is which can increase the lifespan of the system by reducing the problem area problem word.

In order to control users’ access to the information system, it is necessary to develop a security system that can work in real time and easily reconfigure. This problem can be solved using a fuzzy logic. In this paper the authors propose a fuzzy distribution system for access to the student assessment system, which takes into account the level of user access, identifier and the risk of attack during the request. This approach allows process fuzzy or incomplete information about the user and implement a sufficient level of confidential information protection.

Facial expression intensity, which quantifies the degree of facial expression, has been proposed. It is calculated based on how much facial feature values change compared to an expressionless face. The estimation has two aspects. One is to classify facial expressions, and the other is to estimate their intensity. However, it is difficult to do them at the same time. There- fore, in this work, the estimation of intensity and the classification of expression are separated. We suggest an explicit method and an implicit method. In the explicit one, a classifier determines which types of expression the inputs are, and each regressor determines its intensity. On the other hand, in the implicit one, we give zero values or non-zero values to regressors for each type of facial expression as ground truth, depending on whether or not an input image is the correct facial expression. We evaluated the two methods and, as a result, found that they are effective for facial expression recognition.

Promising means of detecting small UAVs are FMCW radar systems. Small UAVs with an RCS value of the order of 10−3••• 10−1m2 are characterized by a low SNR (less than 10 dB). To ensure an acceptable probability of detection in the resolution element (more than 0.9), it becomes necessary to reduce the detection threshold. However, this leads to a significant increase in the probability of false alarms (more than 10−3) and is accompanied by the appearance of a large number of false plots. The work describes an algorithm for trajectory detecting of a small UAV based on a “l/n-d” criterion using Kalman filtering in a spherical coordinate system due to FMCW radar data. Statistical analysis of algorithms based on two types of criteria “3/5-2” and “5/9-2” is performed. It is shown that the algorithms allow to achieve the probability of target trajectory detection greater than 0.9 and low probability of false detection of the target trajectory less than 10−4 with the false alarm probability in the resolution element 10−3••• 10−2•

Cooperative Intelligent Transportation System (CITS) has been introduced recently to increase road safety, traffic efficiency, and to enable various infotainment and comfort applications and services. To this end, a bunch technologies have been deployed to maintain and promote ITS. In essence, ITS is composed of vehicles, roadside infrastructure, and the environment that includes pedestrians, and other entities. Recently, several solutions were suggested to handle with the challenges faced by the vehicular networks (VN) using future internet architectures. One of the promising solutions proposed recently is Vehicular Fog computing (VFC), an attractive solution that supports sensitive service requests considering factors such as latency, mobility, localization, and scalability. VFC also provides a virtual platform for real-time big data analytic using servers or vehicles as a fog infrastructure. This paper surveys the general fog computing (FC) concept, the VFC architectures, and the key characteristics of several intelligent computing applications. We mainly focus on trust and security challenges in VFC deployment and real-time BD analytic in vehicular environment. We identify the faced challenges and future research directions in VFC and we highlight the research gap that can be exploited by researchers and vehicular manufactures while designing a new secure VFC architecture.

Cloud computing is becoming a demanding technology due to its flexibility, sensibility and remote accessibility. Apart from these applications of cloud computing, privacy and security are two terms that pose a circumstantial discussion. Various authors have argued on this topic that cloud computing is more secure than other data sharing and storing methods. The conventional data storing system is a computer system or smartphone storage. The argument debate also states that cloud computing is vulnerable to enormous types of attacks which make it a more concerning technology. This current study has also tried to draw the circumstantial and controversial debate on the security and privacy system of cloud computing. Primary research has been conducted with 65 cloud computing experts to understand whether a cloud computing security technique is highly secure or not. An online survey has been conducted with them where they provided their opinions based on the security and privacy system of cloud computing. Findings showed that no particular technology is available which can provide maximum security. Although the respondents agreed that blockchain is a more secure cloud computing technology; however, the blockchain also has certain threats which need to be addressed. The study has found essential encryption systems that can be integrated to strengthen security; however, continuous improvement is required.

Online template attacks (OTA), high-efficiency side-channel attacks, are initially presented to attack the elliptic curve scalar. The modular exponentiation is similarly vulnerable to OTA. The correlation between modular multiplication's intermediate products is a crucial leakage of the modular exponent. This paper proposed a practical OTA countermeasure based on randomized domain Montgomery multiplication, which combines blinding and shuffling methods to eliminate the correlation between modular multiplication's inner products without additional computation requirements. The proposed OTA countermeasure is implemented on the Sakura-G board with a suppose that the target board and template board are identical. The experiment results show that the proposed countermeasure is sufficient to protect the modular exponentiation from OTA.

Analyzing reflectionally symmetric features inside an image is one of the important processes for recognizing the peculiar appearance of natural and man-made objects, biological patterns, etc. In this work, we will point out an efficient detector of reflectionally symmetric shapes by addressing a class of projection-based signatures that are structured by a generalized \textbackslashmathcalR\_fm-transform model. To this end, we will firstly prove the \textbackslashmathcalR\_fmˆ-transform in accordance with reflectional symmetry detection. Then different corresponding \textbackslashmathcalR\_fm-signatures of binary shapes are evaluated in order to determine which the corresponding exponentiation of the \textbackslashmathcalR\_fm-transform is the best for the detection. Experimental results of detecting on single/compound contour-based shapes have validated that the exponentiation of 10 is the most discriminatory, with over 2.7% better performance on the multiple-axis shapes in comparison with the conventional one. Additionally, the proposed detector also outperforms most of other existing methods. This finding should be recommended for applications in practice.

Pairing is carried out by two steps, Miller loop and final exponentiation. In this manuscript, the authors propose an efficient Miller loop for a pairing on the FK12 curve. A Hamming weight and bit-length of loop parameter have a great effect on the computational cost of Miller loop. Optimal-ate pairing is used as the most efficient pairing on the FK12 curve currently. The loop parameter of optimal-ate pairing is 6z+2 where z is the integer to make the FK12 curve parameter. Our method uses z which has a shorter bit-length than the previous optimal-ate pairing as the loop parameter. Usually, z has a low Hamming weight to make final exponentiation efficient. Therefore, the loop parameter in our method has a lower Hamming weight than the loop parameter of the previous one in many cases. The authors evaluate our method by the number of multiplications and execution time. As a result, the proposed algorithm leads to the 3.71% reduction in the number of multiplications and the 3.38% reduction in the execution time.

Modular exponentiation (ME) is a complex operation for several public-key cryptosystems (PKCs). Moreover, ME is expensive for resource-constrained devices in terms of computation time and energy consumption, especially when the exponent is large. ME is defined as the task of raising an integer x to power k and reducing the result modulo some integer n. Several methods to calculate ME have been proposed. In this paper, we present the efficient ME methods. We then implement the methods using different security levels of RSA keys on a Raspberry Pi. Finally, we give the fast ME method.

Pairings on elliptic curves are used for innovative protocols such as ID-based encryption and zk-SNARKs. To make the pairings secure, it is important to consider the STNFS which is the special number field sieve algorithm for discrete logarithms in the finite field. The Fotiadis-Konstantinou curve with embedding degree 12(FK12), is known as one of the STNFS secure curves. To an efficient pairing on the FK12 curve, there are several previous works that focus on final exponentiation. The one is based on lattice-based method to decompose the hard part of final exponentiation and addition chain. However, there is a possibility to construct a more efficient calculation algorithm by using the relations appeared in the decomposition calculation algorithm than that of the previous work. In this manuscript, the authors propose a relation of the decomposition and verify the effectiveness of the proposed method from the execution time.

We propose versatile hardware framework for ECC. The framework supports arithmetic operations over P-256, Ed25519 and Curve25519 curves, enabling easy implementation of various ECC algorithms. Framework finds its application area e.g. in FIDO2 attestation or in nowadays rapidly expanding field of hardware wallets. As the design is intended to be ASIC-ready, we designed it to be area efficient. Hardware units are reused for calculations in several finite fields, and some of them are superior to previously designed circuits in terms of time-area product. The framework implements several attack countermeasures. It enables implementation of certain countermeasures even in later stages of design. The design was validated on SoC FPGA.

This paper presents a novel approach for a facial security system using elliptic curve cryptography. Face images extracted from input video are encrypted before sending to a remote server. The input face images are completely encrypted by mapping each pixel value of the detected face from the input video frame to a point on an elliptic curve. The original image can be recovered when needed using the elliptic curve cryptography decryption function. Specifically, we modify point multiplication designed for projective coordinates and apply the modified approach in affine coordinates to speed up scalar point multiplication operation. Image encryption and decryption operations are also facilitated using our existing scheme. Simulation results on Visual Studio demonstrate that the proposed systems help accelerate encryption and decryption operations while maintaining information confidentiality.