Biblio

Increasing connectivity and automation in vehicles leads to a greater potential attack surface. Such vulnerabilities within vehicles can also be used for auto-theft, increasing the potential for attackers to disable anti-theft mechanisms implemented by vehicle manufacturers. We utilize patterns derived from Controller Area Network (CAN) bus traffic to verify driver “behavior”, as a basis to prevent vehicle theft. Our proposed model uses semi-supervised learning that continuously profiles a driver, using features extracted from CAN bus traffic. We have selected 15 key features and obtained an accuracy of 99% using a dataset comprising a total of 51 features across 10 different drivers. We use a number of data analysis algorithms, such as J48, Random Forest, JRip and clustering, using 94K records. Our results show that J48 is the best performing algorithm in terms of training and testing (1.95 seconds and 0.44 seconds recorded, respectively). We also analyze the effect of using a sliding window on algorithm performance, altering the size of the window to identify the impact on prediction accuracy.

Confidentiality and integrity security are the key challenges in future 5G networks. To encounter these challenges, various signature and key agreement protocols are being implemented in 5G systems to secure high-speed mobile-to-mobile communication. Many security ciphers such as SNOW 3G, Advanced Encryption Standard (AES), and ZUC are used for 5G security. Among these protocols, the AES algorithm has been shown to achieve higher hardware efficiency and throughput in the literature. In this paper, we implement the AES algorithm on Field Programmable Gate Array (FPGA) and real-time performance factors of the AES algorithm were exploited to best fit the needs and requirements of 5G. In addition, several modifications such as partial pipelining and deep pipelining (partial pipelining with sub-module pipelining) are implemented on Virtex 6 FPGA ML60S board to improve the throughput of the proposed design.

With the proliferation of malware, the detection and classification of malware have been hot topics in the academic and industrial circles of cyber security, and the generation of malware signatures is one of the important research directions. In this paper, we propose NBP-MS, a method of signature generation that is based on network traffic generated by malware. Specifically, we utilize the network traffic generated by malware to perform fine-grained profiling of its network behaviors first, and then cluster all the profiles to generate network behavior signatures to classify malware, providing support for subsequent analysis and defense.

SaaS is a cloud-based application service that allows users to use applications that work in a cloud environment. SaaS is a subscription type, and the service expenditure varies depending on the license, the number of users, and duration of use. For efficient network management, security and cost management, accurate detection of user behavior for SaaS applications is required. In this paper, we propose a rule-based traffic analysis method for the user behavior detection. We conduct comparative experiments with signature-based method by using the real SaaS application and demonstrate the validity of the proposed method.

The attacker’s server plays an important role in sending attack orders and receiving stolen information, particularly in the more recent cyberattacks. Under these circumstances, it is important to use network-based signatures to block malicious communications in order to reduce the damage. However, in addition to blocking malicious communications, signatures are also required not to block benign communications during normal business operations. Therefore, the generation of signatures requires a high level of understanding of the business, and highly depends on individual skills. In addition, in actual operation, it is necessary to test whether the generated signatures do not interfere with benign communications, which results in high operational costs. In this paper, we propose SIGMA, a system that automatically generates signatures to block malicious communication without interfering with benign communication and then automatically evaluates the impact of the signatures. SIGMA automatically extracts the common parts of malware communication destinations by clustering them and generates multiple candidate signatures. After that, SIGMA automatically calculates the impact on normal communication based on business logs, etc., and presents the final signature to the analyst, which has the highest blockability of malicious communication and non-blockability of normal communication. Our objectives with this system are to reduce the human factor in generating the signatures, reduce the cost of the impact evaluation, and support the decision of whether to apply the signatures. In the preliminary evaluation, we showed that SIGMA can automatically generate a set of signatures that detect 100% of suspicious URLs with an over-detection rate of just 0.87%, using the results of 14,238 malware analyses and actual business logs. This result suggests that the cost for generation of signatures and the evaluation of their impact on business operations can be suppressed, which used to be a time-consuming and human-intensive process.

Peer-to-peer (P2P) energy trading is one of the promising approaches for implementing decentralized electricity market paradigms. In the P2P trading, each actor negotiates directly with a set of trading partners. Since the physical network or grid is used for energy transfer, power losses are inevitable, and grid-related costs always occur during the P2P trading. A proper market clearing mechanism is required for the P2P energy trading between different producers and consumers. This paper proposes a decentralized market clearing mechanism for the P2P energy trading considering the privacy of the agents, power losses as well as the utilization fees for using the third party owned network. Grid-related costs in the P2P energy trading are considered by calculating the network utilization fees using an electrical distance approach. The simulation results are presented to verify the effectiveness of the proposed decentralized approach for market clearing in P2P energy trading.

Active consumers have now been empowered thanks to the smart grid concept. To avoid fossil fuels, the demand side must provide flexibility through Demand Response events. However, selecting the proper participants for an event can be complex due to response uncertainty. The authors design a Contextual Consumer Rate to identify the trustworthy participants according to previous performances. In the present case study, the authors address the problem of new players with no information. In this way, two different methods were compared to predict their rate. Besides, the authors also refer to the consumer privacy testing of the dataset with and without information that could lead to the participant identification. The results found to prove that, for the proposed methodology, private information does not have a high impact to attribute a rate.

Managing electricity effectively also means knowing as accurately as possible when, where and how electricity is used. Detailed metering and timely allocation of consumption can help identify specific areas where energy consumption is excessive and therefore requires action and optimization. All those interested in the measurement process (distributors, sellers, wholesalers, managers, ultimately customers and new prosumer figures - producers / consumers -) have an interest in monitoring and managing energy flows more efficiently, in real time.Smart meter plays a key role in sending data containing consumer measurements to both the producer and the consumer, thanks to chain 2. It allows you to connect consumption and production, during use and the customer’s identity, allowing billing as Time-of-Use or Real-Time Pricing, and through the new two-way channel, this information is also made available to the consumer / prosumer himself, enabling new services such as awareness of energy consumption at the very moment of energy use.This is made possible by latest generation devices that "talk" with the end user, which use chain 2 and the power line for communication.However, the implementation of smart meters and related digital technologies associated with the smart grid raises various concerns, including, privacy. This paper provides a comparative perspective on privacy policies for residential energy customers, moreover, it will be possible to improve security through the blockchain for the introduction of smart contracts.

Current sensors are widely used in power grid for power metering, automation and power equipment monitoring. Since the tradeoff between the sensitivity and the measurement range needs to be made to design a current sensor, it is difficult to deploy one sensor to measure both the small-magnitude and the large-magnitude current. In this research, we design a surface-mount current sensor by using the tunneling magneto-resistance (TMR) devices and show that the tradeoff between the sensitivity and the detection range can be broken. Two TMR devices of different sensitivity degrees were integrated into one current sensor module, and a signal processing algorithm was implemented to fusion the outputs of the two TMR devices. Then, a platform was setup to test the performance of the surface-mount current sensor. The results showed that the designed current sensor could measure the current from 2 mA to 100 A with an approximate 93 dB dynamic range. Besides, the nonintrusive feature of the surface-mount current sensor could make it convenient to be deployed on-site.

For some countries around the world, meeting demand is a serious concern. Power supply market is increasingly increasing, posing a big challenge for various countries throughout the world. The increasing expansion in the market for power needs upgrading system dependability to increase the smart grid's resilience. This smart electric grid has a sensor that analyses grid power availability and sends regular updates to the organisation. The internet is currently being utilized to monitor processes and place orders for running variables from faraway places. A large number of scanners have been used to activate electrical equipment for domestic robotics for a long period in the last several days. Conversely, if it is not correctly implemented, it will have a negative impact on cost-effectiveness as well as productivity. For something like a long time, home automation has relied on a large number of sensor nodes to control electrical equipment. Since there are so many detectors, this isn't cost-effective. In this article, develop and accept a wireless communication component and a management system suitable for managing independent efficient network units from voltage rises and voltage control technologies in simultaneous analyzing system reliability in this study. This research paper has considered secondary method to collect relevant and in-depth data related to the wireless sensor network and its usage in smart grid monitoring.

This article describes an analysis of the key technologies currently applied to improve the quality, efficiency, safety and sustainability of Smart Grid systems and identifies the tools to optimize them and possible gaps in this area, considering the different energy sources, distributed generation, microgrids and energy consumption and production capacity. The research was conducted with a qualitative methodological approach, where the literature review was carried out with studies published from 2019 to 2022, in five (5) databases following the selection of studies recommended by the PRISMA guide. Of the five hundred and four (504) publications identified, ten (10) studies provided insight into the technological trends that are impacting this scenario, namely: Internet of Things, Big Data, Edge Computing, Artificial Intelligence and Blockchain. It is concluded that to obtain the best performance within Smart Grids, it is necessary to have the maximum synergy between these technologies, since this union will enable the application of advanced smart digital technology solutions to energy generation and distribution operations, thus allowing to conquer a new level of optimization.

Traditional power consumption management systems are not showing enough reliability and thus, smart grid technology has been introduced to reduce the excess power wastages. In the context of smart grid systems, network communication is another term that is used for developing the network between the users and the load profiles. Cloud computing and clustering are also executed for efficient power management. Based on the facts, this research is going to identify wireless network communication systems to monitor and control smart grid power consumption. Primary survey-based research has been carried out with 62 individuals who worked in the smart grid system, tracked, monitored and controlled the power consumptions using WSN technology. The survey was conducted online where the respondents provided their opinions via a google survey form. The responses were collected and analyzed on Microsoft Excel. Results show that hybrid commuting of cloud and edge computing technology is more advantageous than individual computing. Respondents agreed that deep learning techniques will be more beneficial to analyze load profiles than machine learning techniques. Lastly, the study has explained the advantages and challenges of using smart grid network communication systems. Apart from the findings from primary research, secondary journal articles were also observed to emphasize the research findings.

In order to solve the problem of high data collision probability, high access delay and high-power consumption in random access process of power Internet of Things, an access scheme for large-scale micro-power wireless sensors based on slot-scheduling and hybrid mode is presented. This scheme divides time into different slots and designs a slot-scheduling algorithm according to network workload and power consumption. Sensors with different service priorities are arranged in different time slots for competitive access, using appropriate random-access mechanism. And rationally arrange the number of time slots and competing end-devices in different time slots. This scheme is able to meet the timeliness requirements of different services and reduce the overall network power consumption when dealing with random access scenarios of large-scale micro-power wireless sensor network. Based on the simulation results of actual scenarios, this access scheme can effectively reduce the overall power consumption of the network, and the high priority services can meet the timeliness requirements on the premise of lower power consumption, while the low priority services can further reduce power consumption.

The most vital requirement for the electric power system as a critical infrastructure is its security of supply. In course of the transition of the electric energy system, however, the security provided by the N-1 principle increasingly reaches its limits. The IT/OT convergence changes the threat structure significantly. New risk factors, that can lead to major blackouts, are added to the existing ones. The problem, however, the cost of security optimizations are not always in proportion to their value. Not every component is equally critical to the energy system, so the question arises, "How secure does my system need to be?". To adress the security-by-design principle, this contribution introduces a Security Metric (SecMet) that can be applied to Smart Grid architectures and its components and deliver an indicator for the "Securitisation Need" based on an individual risk assessment.

In this study, the effect of surface treatment on the boding strength between Quad flat package (QFP) and quartz was investigated for establishing a QFP/quartz glass bonding technique. This bonding technique is necessary to prevent bond failure at the nano-artifact metrics (NAM) chip and adhesive interface against physical attacks such as counterfeiting and tampering of edge AI devices that use NAM chips. Therefore, we investigated the relationship between surface roughness and tensile strength by applying surface treatments such as vacuum ultraviolet (VUV) and Ar/O2 plasma. All QFP/quartz glass with surface treatments such as VUV and Ar/O2 plasma showed increased bond strength. Surface treatment and bonding technology for QFP and quartz glass were established to realize NAM chip mounting.

he growing trend towards network “softwarization” allows the creation and deployment of even complex network environments in a few minutes or seconds, rather than days or weeks as required by traditional methods. This revolutionary approach made it necessary to seek automatic processes to solve network security problems. One of the main issues in the automation of network security concerns the proper and efficient modeling of network traffic. In this paper, we describe two optimized Traffic Flows representation models, called Atomic Flows and Maximal Flows. In addition to the description, we have validated and evaluated the proposed models to solve two key network security problems - security verification and automatic configuration - showing the advantages and limitations of each solution.

With the growing number of IoT applications and devices, IoT security breaches are a dangerous reality. Cost pressure and complexity of security tests for embedded systems and networked infrastructure are often the excuse for skipping them completely. In our paper we introduce SecLab security test lab to overcome that problem. Based on a flexible and lightweight architecture, SecLab allows developers and IoT security specialists to harden their systems with a low entry hurdle. The open architecture supports the reuse of existing external security test libraries and scalability for the assessment of complex IoT Systems. A reference implementation of security tests in a realistic IoT application scenario proves the approach.

The article deals with the issues of improving the quality of corporate information systems functioning and ensuring the information security of financial organizations that have a complex structure and serve a significant number of customers. The formation of the company's informational system and its integrated information security system is studied based on the process approach, methods of risk management and quality management. The risks and threats to the security of the informational system functioning and the quality of information support for customer service of a financial organization are analyzed. The methods and tools for improving the quality of information services and ensuring information security are considered on the example of an organization for social insurance. Recommendations are being developed to improve the quality of the informational system functioning in a large financial company.

This article analyzes Risk management (RM) activities against different ISO standards. The aim is to improve the coordination and interoperability of risk management activities in IT, IT services management, quality management, project management, and information security management. The ISO 31000: 2018 standard was chosen as a structured input for ISO 20000-1: 2018, ISO 21500: 2021, ISO 27000: 2018, ISO 9001: 2015 and ISO Annex SL standards relative to RM. The PDCA cycle has been chosen as one of the main methods for planning, implementing, and improving quality management systems and their processes. For a management system to be more effective, more reliable, and capable of preventing negative results, it must deal with the possible resulting risks.

In recent years, the need for seamless connectivity has increased across various network platforms with demands coming from industries, home, mobile, transportation and office networks. The 5th generation (5G) network is being deployed to meet such demand of high-speed seamless network device connections. The seamless connectivity 5G provides could be a security threat allowing attacks such as distributed denial of service (DDoS) because attackers might have easy access into the network infrastructure and higher bandwidth to enhance the effects of the attack. The aim of this research is to provide a security solution for 5G technology to DDoS attacks by managing the response to threats posed by DDoS. Deploying a security policy language which is reactive and event-oriented fits into a flexible, efficient, and lightweight security approach. A policy in our language consists of an event whose occurrence triggers a policy rule where one or more actions are taken.

The Internet of Things devices is rapidly becoming widespread, as are IoT services. Their achievement has not gone unnoticed, as threats as well as attacks towards IoT devices as well as services continue to grow. Cyber attacks are not unique to IoT, however as IoT becomes more ingrained in our lives as well as communities, it is imperative to step up as well as take cyber defense seriously. As a result, there is a genuine need to protect IoT, which necessitates a thorough understanding of the dangers and attacks against IoT infrastructure. The purpose of this study is to define threat types, as well as to assess and characterize intrusions and assaults against IoT devices as well as services

Firewalls are security devices that perform network traffic filtering. They are ubiquitous in the industry and are a common method used to enforce organizational security policy. Security policy is specified on a high level of abstraction, with statements such as "web browsing is allowed only on workstations inside the office network", and needs to be translated into low-level firewall rules to be enforceable. There has been a lot of work regarding optimization, analysis and platform independence of firewall rules, but an area that has seen much less success is automatic translation of high-level security policies into firewall rules. In addition to improving rules’ readability, such translation would make it easier to detect errors.This paper surveys of over twenty papers that aim to generate firewall rules according to a security policy specified on a higher level of abstraction. It also presents an overview of similar features in modern firewall systems. Most approaches define specialized domain languages that get compiled into firewall rule sets, with some of them relying on formal specification, ontology, or graphical models. The approaches’ have improved over time, but there are still many drawbacks that need to be solved before wider application.

The proliferation of linked devices in decisive infrastructure fields including health care and the electric grid is transforming public perceptions of critical infrastructure. As the world grows more mobile and connected, as well as as the Internet of Things (IoT) expands, the growing interconnectivity of new critical sectors is being fuelled. Interruptions in any of these areas can have ramifications across numerous sectors and potentially the world. Crucial industries are critical to contemporary civilization. In today's hyper-connected world, critical infrastructure is more vulnerable than ever to cyber assaults, whether they are state-sponsored, carried out by criminal organizations, or carried out by individuals. In a world where more and more gadgets are interconnected, hackers have more and more entry points via which they may damage critical infrastructure. Significant modifications to an organization's main technological systems have created a new threat surface. The study's goal is to raise awareness about the challenges of protecting digital infrastructure in the future while it is still in development. Fog architecture is designed based on functionality once the infrastructure that creates large data has been established. There's also an in-depth look of fog-enabled IoT network security requirements. The next section examines the security issues connected with fog computing, as well as the privacy and trust issues raised by fog-enabled Internet of Things (IoT). Block chain is also examined to see how it may help address IoT security problems, as well as the complimentary interrelationships between block-chain and fog computing. Additionally, Formalizes big data security goal and scope, develops taxonomy for identifying risks to fog-based Internet of Things systems, compares current development contributions to security service standards, and proposes interesting study areas for future studies, all within this framework

As a new industry integrated by computing, communication, networking, electronics, and automation technology, the Internet of Vehicles (IoV) has been widely concerned and highly valued at home and abroad. With the rapid growth of the number of intelligent connected vehicles, the data security risks of the IoV have become increasingly prominent, and various attacks on data security emerge in an endless stream. This paper firstly introduces the latest progress on the data security policies, regulations, standards, technical routes in major countries and regions, and international standardization organizations. Secondly, the characteristics of the IoV data are comprehensively analyzed in terms of quantity, standard, timeliness, type, and cross-border transmission. Based on the characteristics, this paper elaborates the security risks such as privacy data disclosure, inadequate access control, lack of identity authentication, transmission design defects, cross-border flow security risks, excessive collection and abuse, source identification, and blame determination. And finally, we put forward the measures and suggestions for the security development of IoV data in China.

We present a system for interactive examination of learned security policies. It allows a user to traverse episodes of Markov decision processes in a controlled manner and to track the actions triggered by security policies. Similar to a software debugger, a user can continue or or halt an episode at any time step and inspect parameters and probability distributions of interest. The system enables insight into the structure of a given policy and in the behavior of a policy in edge cases. We demonstrate the system with a network intrusion use case. We examine the evolution of an IT infrastructure’s state and the actions prescribed by security policies while an attack occurs. The policies for the demonstration have been obtained through a reinforcement learning approach that includes a simulation system where policies are incrementally learned and an emulation system that produces statistics that drive the simulation runs.