Biblio

Security, efficiency and availability are three key factors that affect the application of searchable encryption schemes in mobile cloud computing environments. In order to meet the above characteristics, this paper proposes a certificateless public key encryption with a keyword search (CLPEKS) scheme. In this scheme, a CLPEKS generation method and a Trapdoor generation method are designed to support multiple receivers to query. Based on the elliptic curve scalar multiplication, the efficiencies of encrypting keywords, generating Trapdoors, and testing are improved. By adding a random number factor to the Trapdoor generation, the scheme can resist the internal keyword guessing attacks. Under the random oracle model, it is proved that the scheme can resist keyword guessing attacks. Theoretical analyses and implementation show that the proposed scheme is more efficient than the existing schemes.

Cloud computing has helped in managing big data and providing resources remotely and ubiquitously, but it has some latency and security concerns. Fog has provided tremendous advantages over cloud computing which include low latency rate, improved real-time interactions, reduced network traffic overcrowding, and improved reliability, however, security concerns need to be addressed separately. Another major issue in the cloud is Cloud Lock-in/Vendor Lock-in. Through this research, an effort has been made to extend fog computing and Searchable Encryption technologies. The proposed system can reduce the issue of cloud lock-in faced in traditional cloud computing. The SE schemes used in this paper are Symmetric Searchable Encryption (SSE) and Multi-keyword Ranked Searchable Encryption (MRSE) to achieve confidentiality, privacy, fine-grained access control, and efficient keyword search. This can help to achieve better access control and keyword search simultaneously. An important use of this technique is it helps to prevent the issue of cloud/vendor lock-in. This can shift some computation and storage of index tables over fog nodes that will reduce the dependency on Cloud Service Providers (CSPs).

Given that an increasingly larger part of an organization's activity is taking place online, especially in the current situation caused by the COVID-19 pandemic, network log data collected by organizations contain an accurate image of daily activity patterns. In some scenarios, it may be useful to share such data with other parties in order to improve collaboration, or to address situations such as cyber-security incidents that may affect multiple organizations. However, in doing so, serious privacy concerns emerge. One can uncover a lot of sensitive information when analyzing an organization's network logs, ranging from confidential business interests to personal details of individual employees (e.g., medical conditions, political orientation, etc). Our objective is to enable organizations to share information about their network logs, while at the same time preserving data privacy. Specifically, we focus on enabling encrypted search at network flow granularity. We consider several state-of-the-art searchable encryption flavors for this purpose (including hidden vector encryption and inner product encryption), and we propose several customized encoding techniques for network flow information in order to reduce the overhead of applying state-of-the-art searchable encryption techniques, which are notoriously expensive.

Smart grid monitoring, automation and control will completely rely on PMU based sensor data soon. Accordingly, a high throughput, low latency Information and Communication Technology (ICT) infrastructure should be opted in this regard. Due to the low cost, low power profile, dynamic nature, improved accuracy and scalability, wireless sensor networks (WSNs) can be a good choice. Yet, the efficiency of a WSN depends a lot on the network design and the routing technique. In this paper a new design of the ICT network for smart grid using WSN is proposed. In order to understand the interactions between different entities, detect their operational levels, design the routing scheme and identify false data injection by particular ICT entities, a new model of interdependency called the Multi State Implicative Interdependency Model (MSIIM) is proposed in this paper, which is an updated version of the Modified Implicative Interdependency Model (MIIM) [1]. MSIIM considers the data dependency and operational accuracy of entities together with structural and functional dependencies between them. A multi-path secure routing technique is also proposed in this paper which relies on the MSIIM model for its functioning. Simulation results prove that MSIIM based False Data Injection (FDI) detection and mitigation works better and faster than existing methods.

Autonomous robots are increasingly widespread in our society. These robots need to be safe, reliable, respectful of privacy, not manipulable by external agents, and capable of offering explanations of their behavior in order to be accountable and acceptable in our societies. Companies offering robotic services will need to provide mechanisms to address these issues using High Performance Computing (HPC) facilities, where logs and off-line forensic analysis could be addressed if required, but these solutions are still not available in software development frameworks for robots. The aim of this paper is to discuss the implications and interactions among cybersecurity, safety, and explainability with the goal of making autonomous robots more trustworthy.

Social conflicts appearing in the media are increasing public awareness about security issues, resulting in a higher demand of more exhaustive environment monitoring methods. Automatic video surveillance systems are a powerful assistance to public and private security agents. Since the arrival of deep learning, object detection and classification systems have experienced a large improvement in both accuracy and versatility. However, deep learning-based object detection and classification systems often require expensive GPU-based hardware to work properly. This paper presents a novel deep learning-based foreground anomalous object detection system for video streams supplied by panoramic cameras, specially designed to build power efficient video surveillance systems. The system optimises the process of searching for anomalous objects through a new potential detection generator managed by three different multivariant homoscedastic distributions. Experimental results obtained after its deployment in a Jetson TX2 board attest the good performance of the system, postulating it as a solvent approach to power saving video surveillance systems.

Smart Grid is used to improve the accuracy of the grid network query. Though it gives the accuracy, it has the data privacy issues. It is a big challenge to solve the privacy issue in the smart grid. We need secured algorithms to protect the data in the smart grid, since the data is very important. This paper explains about the k-anonymous algorithm and analyzes the enhanced L-diversity algorithm for data privacy and security. The algorithm can protect the data in the smart grid is proven by the experiments.

The widespread utilization of smart grids is due to their flexibility to support the two-way flow of electricity and data. The critical nature of smart grids evokes traditional network attacks. Due to the advantages of blockchains in terms of ensuring trustworthiness and security, a significant body of literature has been recently developed to secure smart grid operations. We categorize the blockchain applications in smart grid into three categories: energy trading, infrastructure management, and smart-grid operations management. This paper provides an extensive survey of these works and the different ways to utilize blockchains in smart grid in general. We propose an abstract system to overcome a critical cyberattack; namely, the fake data injection, as previous works did not consider such an attack.

With the development of IT technology and the generalization of the Internet of Things, smart grid systems combining IoT for efficient power grid construction are being widely deployed. As a form of development for this, edge computing and blockchain technology are being combined with the smart grid. Wang et al. proposed a user authentication scheme to strengthen security in this environment. In this paper, we describe the scheme proposed by Wang et al. and security faults. The first is that it is vulnerable to a side-channel attack, an impersonation attack, and a key material change attack. In addition, their scheme does not guarantee the anonymity of a participant in the smart grid system.

This paper studies the use of Supervisory Control Theory to design and implement post-fault restoration schemes in a HVDC grid. Our study focuses on the synthesis of discrete controllers and on the management of variable control rules during the execution of the protection strategy. The resulting supervisory control system can be proven "free of deadlocks" in the sense that designated tasks are always completed.

Cloud computing has included an essential part of its industry and statistics garage is the main service provided, where a huge amount of data can be stored in a virtual server. Storing data in public platforms may be vulnerable to threats. Consequently, the obligation of secure usage and holistic backup of statistics falls upon the corporation providers. Subsequently, an affordable and compliant mechanism of records auditing that permits groups to audit the facts stored in shared clouds whilst acting quick and trouble- unfastened healing might be a fairly sought-after cloud computing task concept. There is a lot of advantage in growing this domain and there is considerable precedence to follow from the examples of dropbox, google power among others.

Modern embedded IoT devices are an attractive target for cyber attacks. For example, they can be used to disable entire factories and ask for ransom. Recovery of compromised devices is not an easy task, because malware can subvert the original software and make itself persistent. In addition, many embedded devices do not implement remote recovery procedures and, therefore, require manual intervention.Recent proposals from NIST and TCG define concepts and building blocks for cyber resilience: protection, detection and recovery. In this paper, we describe a system which allows implementing cyber resilient IoT devices that can be recovered remotely and timely. The proposed architecture consists of trusted data monitoring, local and remote attack detection, and enforced connections to remote services as building blocks for attack detection and recovery. Further, hardware- and software-based implementations of such a system are presented.

Securing communication between any two wireless devices or users is challenging without compromising sensitive/personal data. To address this problem, we have developed an artificial intelligence (AI) algorithm to secure communication on virtualized wireless networks. To detect cyberattacks in a virtualized environment is challenging compared to traditional wireless networks setting. However, we successfully investigate an efficient cyberattack detection algorithm using an AI algorithm in a Bayesian learning model for detecting cyberattacks on the fly. We have studied the results of Random Forest and deep neural network (DNN) models to detect the cyberattacks on a virtualized wireless network, having considered the required transmission power as a threshold value to classify suspicious activities in our model. We present both formal mathematical analysis and numerical results to support our claims. The numerical results show our accuracy in detecting cyberattacks in the proposed Bayesian model is better than Random Forest and DNN models. We have also compared both models in terms of detection errors. The performance comparison results show our proposed approach outperforms existing approaches in detection accuracy, precision, and recall.

IPsec is widely used for internet security because it offers confidentiality, integrity, and authenticity also protects from replay attacks. IP Security depends on numerous frameworks, organization propels, and cryptographic techniques. IPsec is a heavyweight complex security protocol suite. Because of complex architecture and implementation processes, security implementers prefer TLS. Because of complex implementation, it is impractical to manage over the IoT devices. We propose a simplified and lite version of internet security protocol implemented with only ESP. For encryption, we use AES, RAS-RLP public key cryptography.

Security is a key component of the network. Software Defined Networking (SDN) is a refined form of traditional network management system. It is a new encouraging approach to design-build and manage networks. SDN decouples control plane (software-based router) and data plane (software-based switch), hence it is programmable. Consequently, it facilitates implementation of security based applications for the prevention of DOS attacks. Various solutions have been proposed by researches for handling of DOS attacks in SDN. However, these solutions are very limited in scope, complex, time consuming and change resistant. In this article, we have proposed a novel model driven framework i.e. MDAP (Model Based DOS Attacks Prevention) Framework. Particularly, a meta model is proposed. As tool support, a tree editor and a Sirius based graphical modeling tool with drag drop palette have been developed in Oboe designer community edition. The tool support allows modeling and visualization of simple and complex network topology scenarios. A Model to Text transformation engine has also been made part of framework that generates java code for the Floodlight SDN controller from the modeled scenario. The validity of proposed framework has been demonstrated via case study. The results prove that the proposed framework can effectively handle DOS attacks in SDN with simplicity as per the true essence of MDSE and can be reliably used for the automation of security based applications in order to deny DOS attacks in SDN.

Internet of Things (IoT) devices use different types of media and protocols to communicate to Internet, but security is compromised since the devices are not using encryption, authentication and integrity. Virtual Private Network of Things (VPNoT) is a new technology designed to create end to end encrypted tunnels for IoT devices, in this case, the VPNoT device is based on OpenVPN that provides confidentiality and integrity, also based on Raspberry Pi as the hardware and Linux as the operating system, both provide connectivity using different types of media to access Internet and network management. IoT devices and sensors can be connected to the VPNoT device so an encrypted tunnel is created to an IoT Server. VPNoT device uses a profile generated by the server, then all devices form a virtual private network (VPN). VPNoT device can act like a router when necessary and this environment works for IPv6 and IPv4 with a great advantage that OpenVPN traverses NAT permitting private IoT servers be accessible to the VPN. The annual cost of the improvement is about \$455 USD per year for 10 VPNoT devices.

The prevalence of memory corruption bugs in the past decades resulted in numerous defenses, such as stack canaries, control flow integrity (CFI), and memory-safe languages. These defenses can prevent entire classes of vulnerabilities, and help increase the security posture of a program. In this paper, we show that memory corruption defenses can be bypassed using speculative execution attacks. We study the cases of stack protectors, CFI, and bounds checks in Go, demonstrating under which conditions they can be bypassed by a form of speculative control flow hijack, relying on speculative or architectural overwrites of control flow data. Information is leaked by redirecting the speculative control flow of the victim to a gadget accessing secret data and acting as a side channel send. We also demonstrate, for the first time, that this can be achieved by stitching together multiple gadgets, in a speculative return-oriented programming attack. We discuss and implement software mitigations, showing moderate performance impact.

In dynamic control centers, conventional SCADA systems are enhanced with novel assistance functionalities to increase existing monitoring and control capabilities. To achieve this, different key technologies like phasor measurement units (PMU) and Digital Twins (DT) are incorporated, which give rise to new cyber-security challenges. To address these issues, a four-stage threat analysis approach is presented to identify and assess system vulnerabilities for novel dynamic control center architectures. For this, a simplified risk assessment method is proposed, which allows a detailed analysis of the different system vulnerabilities considering various active and passive cyber-attack types. Qualitative results of the threat analysis are presented and discussed for different use cases at the control center and substation level.

Industry 4.0 or also known as the fourth industrial revolution poses a great cybersecurity risk for Supervisory control and data acquisition (SCADA) systems. Nowadays, lots of enterprises have turned into renewable energy and are changing the energy dependency to be on wind power. The SCADA systems are often vulnerable against different kinds of cyberattacks and thus allowing intruders to successfully and intrude exfiltrate different wind farm SCADA systems. During our research a future concept testbed of a wind farm SCADA system is going to be introduced. The already existing real-world vulnerabilities that are identified are later on going to be demonstrated against the test SCADA wind farm system.

The Linux kernel is implemented in C, an unsafe programming language, which puts the burden of memory management, type and bounds checking, and error handling in the hands of the developer. Hundreds of buffer overflow bugs have compromised Linux systems over the years, leading to endless layers of mitigations applied on top of C. In contrast, the D programming language offers automated memory safety checks and modern features such as OOP, templates and functional style constructs. In addition, interoper-ability with C is supported out of the box. However, to integrate a D module with the Linux kernel it is required that the needed C header files are translated to D header files. This is a tedious, time consuming, manual task. Although a tool to automate this process exists, called DPP, it does not work with the complicated, sometimes convoluted, kernel code. In this paper, we improve DPP with the ability to translate any Linux kernel C header to D. Our work enables the development and integration of D code inside the Linux kernel, thus facilitating a method of making the kernel memory safe.

Image hash regimes have been widely used for authenticating content, recovery of images and digital forensics. In this article we propose a new algorithm for image haunting (SSL) with the most stable key points and regional features, strong against various manipulation of content conservation, including multiple combinatorial manipulations. In order to extract most stable keypoint, the proposed algorithm combines the Speed Up Robust Features (SURF) with Saliency detection. The keyboards and characteristics of the local area are then combined in a hash vector. There is also a sperate secret key that is randomly given for the hash vector to prevent an attacker from shaping the image and the new hash value. The proposed hacking algorithm shows that similar or initial images, which have been individually manipulated, combined and even multiple manipulated contents, can be visently identified by experimental result. The probability of collision between hacks of various images is almost nil. Furthermore, the key-dependent security assessment shows the proposed regime safe to allow an attacker without knowing the secret key not to forge or estimate the right havoc value.

The vast majority of nowadays remote code execution attacks target virtual function tables (vtables). Attackers hijack vtable pointers to change the control flow of a vulnerable program to their will, resulting in full control over the underlying system. In this paper, we present NoVT, a compiler-based defense against vtable hijacking. Instead of protecting vtables for virtual dispatch, our solution replaces them with switch-case constructs that are inherently control-flow safe, thus preserving control flow integrity of C++ virtual dispatch. NoVT extends Clang to perform a class hierarchy analysis on C++ source code. Instead of a vtable, each class gets unique identifier numbers which are used to dispatch the correct method implementation. Thereby, NoVT inherently protects all usages of a vtable, not just virtual dispatch. We evaluate NoVT on common benchmark applications and real-world programs including Chromium. Despite its strong security guarantees, NoVT improves runtime performance of most programs (mean overhead −0.5%, −3.7% min, 2% max). In addition, protected binaries are slightly smaller than unprotected ones. NoVT works on different CPU architectures and protects complex C++ programs against strong attacks like COOP and ShrinkWrap.

In recent times, the world has seen a tremendous increase in the number of attacks on IoT devices. A majority of these attacks have been botnet attacks, where an army of compromised IoT devices is used to launch DDoS attacks on targeted systems. In this paper, we study how the choice of a dataset and the extracted features determine the performance of a Machine Learning model, given the task of classifying Linux Binaries (ELFs) as being benign or malicious. Our work focuses on Linux systems since embedded Linux is the more popular choice for building today’s IoT devices and systems. We propose using 4 different types of files as the dataset for any ML model. These include system files, IoT application files, IoT botnet files and general malware files. Further, we propose using static, dynamic as well as network features to do the classification task. We show that existing methods leave out one or the other features, or file types and hence, our model outperforms them in terms of accuracy in detecting these files. While enhancing the dataset adds to the robustness of a model, utilizing all 3 types of features decreases the false positive and false negative rates non-trivially. We employ an exhaustive scenario based method for evaluating a ML model and show the importance of including each of the proposed files in a dataset. We also analyze the features and try to explain their importance for a model, using observed trends in different benign and malicious files. We perform feature extraction using the open source Limon sandbox, which prior to this work has been tested only on Ubuntu 14. We installed and configured it for Ubuntu 18, the documentation of which has been shared on Github.

The Open Data Cube (ODC), created and facilitated by the Committee on Earth Observation Satellites (CEOS), is an open source software architecture that continues to gain global popularity through the integration of analysis-ready data (ARD) on cloud computing frameworks. In 2021, CEOS released a new ODC sandbox that provides global users with a free and open programming interface connected to Google Earth Engine datasets. The open source toolset allows users to run application algorithms using a Google Colab Python notebook environment. This tool demonstrates rapid creation of science products anywhere in the world without the need to download and process the satellite data. Basic operation of the tool will support many users but can also be scaled in size and scope to support enhanced user needs. The creation of the ODC sandbox was prompted by the migration of many CEOS ARD satellite datasets to the cloud. The combination of these datasets in an interoperable data cube framework will inspire the creation of many new application products and advance open science.

Various methods for face validation-based authentication systems have been applied in a number of access control applications. However, using only one biometric factor such as facial data may limit accuracy and use, and is not practical in a real environment. This paper presents the implementation of a face time attendance system with an additional factor, a QR code to improve accuracy. This two- factor authentication system was developed in the form of a kiosk with a contactless process, which emerged due to the COVID-19 pandemic. The experiment was conducted at a well- known training event in Thailand. The proposed two-factor system was evaluated in terms of accuracy and satisfaction. Additionally, it was compared to a traditional single-factor system using only face recognition. The results confirm that the proposed two-factor scheme is more effective and did not incorrectly identify any users.