Biblio

Fog computing extends cloud resources to the edge of the network, thus enabling network providers to support real-time applications at low latencies. These applications further demand high security against malicious attacks that target distributed fog servers. One effective defense mechanism here against cyber attacks is the use of honeypots. The latter acts as a potential target for attackers by diverting malicious traffic away from the servers that are dedicated to legitimate users. However, one main limitation of honeypots is the lack of real traffic and network activities. Therefore, it is important to implement a solution that simulates the behavior of the real system to lure attackers without the risk of being exposed. Hence this paper proposes a practical approach to generate network traffic by introducing decoy virtual network functions (VNF) embedded on fog servers, which make the network traffic on honeypots resemble a legitimate, vulnerable fog system to attract cyber attackers. The use of virtualization allows for robust scalability and modification of network functions based on incoming attacks, without the need for dedicated hardware. Moreover, deep learning is leveraged here to build fingerprints for each real VNF, which is subsequently used to support its decoy counterpart against active probes. The proposed framework is evaluated based on CPU utilization, memory usage, disk input/output access, and network latency.

Dew Computing (DC) is a comparatively modern field with a wide range of applications. By examining how technological advances such as fog, edge and Dew computing, and distributed intelligence force us to reconsider traditional Cloud Computing (CC) to serve the Internet of Things. A new dew estimation theory is presented in this article. The revised definition is as follows: DC is a software and hardware cloud-based company. On-premises servers provide autonomy and collaborate with cloud networks. Dew Calculation aims to enhance the capabilities of on-premises and cloud-based applications. These categories can result in the development of new applications. In the world, there has been rapid growth in Information and Communication Technology (ICT), starting with Grid Computing (GC), CC, Fog Computing (FC), and the latest Edge Computing (EC) technology. DC technologies, infrastructure, and applications are described. We’ll go through the newest developments in fog networking, QoE, cloud at the edge, platforms, security, and privacy. The dew-cloud architecture is an option concerning the current client-server architecture, where two servers are located at opposite ends. In the absence of an Internet connection, a dew server helps users browse and track their details. Data are primarily stored as a local copy on the dew server that starts the Internet and is synchronized with the cloud master copy. The local dew pages, a local online version of the current website, can be browsed, read, written, or added to the users. Mapping between different Local Dew sites has been made possible using the dew domain name scheme and dew domain redirection.

The aim of this study is to determine the current challenges related to security and trust issues in digital supply chains. The development of information and communication technologies (ICT) has improved the efficiency of supply chains, while creating new vulnerabilities and increasing the likelihood of security threats. Previous studies lack the physical security aspect, so the emphasis is on the security of cyber-physical systems. In order to achieve the goal of the study, traditional and digital supply chains, their security risks and main differences were examined. A security framework for cyber-physical risks in digital supply chains was developed.

Increasing consumer experience and companies inner quality presents a direct demand of different requirements on supply chain traceability. Typically, existing solutions have separate data storages which eventually provide limited support when multiple individuals are included. Therefore, the block-chain-based methods are utilized to defeat these deficiencies by generating digital illustrations of real products to following several objects at the same time. Nevertheless, they actually cannot identify the change of products in manufacturing methods. The connection between components included in the production decreased, whereby the ability to follow a product’s origin reduced consequently. In this paper, a methodology is recommended which involves using a Block-chain in Supply Chain Traceability, to solve the issues of manipulations and changes in data and product source. The method aims to improve the product’s origin transparency. Block-chain technology produces a specific method of storing data into a ledger, which is raised on many end-devices such as servers or computers. Unlike centralized systems, the records of the present system are encrypted and make it difficult to be manipulated. Accordingly, this method manages the product’s traceability changes. The recommended system is performed for the cheese supply chain. The result were found to be significant in terms of increasing food security and distributors competition.

In recent years, Counterfeit goods play a vital role in product manufacturing industries. This Phenomenon affects the sales and profit of the companies. To ensure the identification of real products throughout the supply chain, a functional block chain technology used for preventing product counterfeiting. By using a block chain technology, consumers do not need to rely on the trusted third parties to know the source of the purchased product safely. Any application that uses block chain technology as a basic framework ensures that the data content is “tamper-resistant”. In view of the fact that a block chain is the decentralized, distributed and digital ledger that stores transactional records known as blocks of the public in several databases known as chain across many networks. Therefore, any involved block cannot be changed in advance, without changing all subsequent block. In this paper, counterfeit products are detected using barcode reader, where a barcode of the product linked to a Block Chain Based Management (BCBM) system. So the proposed system may be used to store product details and unique code of that product as blocks in database. It collects the unique code from the customer and compares the code against entries in block chain database. If the code matches, it will give notification to the customer, otherwise it gets information from the customer about where they bought the product to detect counterfeit product manufacturer.

With the rapid development of IoT in recent years, IoT is increasingly being used as an endpoint of supply chains. In general, as the majority of data is now being stored and shared over the network, information security is an important issue in terms of secure supply chain management. In response to cyber security breaches and threats, there has been much research and development on the secure storage and transfer of data over the network. However, there is a relatively limited amount of research and proposals for the security of endpoints, such as IoT linked in the supply chain network. In addition, it is difficult to ensure reliability for IoT itself due to a lack of resources such as CPU power and storage. Ensuring the reliability of IoT is essential when IoT is integrated into the supply chain. Thus, in order to secure the supply chain, we need to improve the reliability of IoT, the endpoint of the supply chain. In this work, we examine the use of IoT gateways, client certificates, and IdP as methods to compensate for the lack of IoT resources. The results of our qualitative evaluation demonstrate that using the IdP method is the most effective.

With over 80% of goods transportation in volume carried by sea, ports are key infrastructures within the logistics value chain. To address the challenges of the globalized and competitive economy, ports are digitizing at a fast pace, evolving into smart ports. Consequently, the cyber-resilience of ports is essential to prevent possible disruptions to the economic supply chain. Over the last few years, there has been a significant increase in the number of disclosed cyber-attacks on ports. In this paper, we present the capabilities of a high-end hybrid cyber range for port cyber risks awareness and training. By describing a specific port use-case and the first results achieved, we draw perspectives for the use of cyber ranges for the training of port actors in cyber crisis management.

An increasing number of industries around the world are adopting advance manufacturing technologies for product design, among which additive manufacturing (AM) is gaining attention among aerospace, defense, automotive and health care domains. Products with complicated designs demanding lesser weight, improved performance and conformance are manufactured by companies using AM technologies. Some noticeable examples of ducting, airflow system and vent products in the aerospace domain can be seen being made out of AM techniques. One of the benefits being mentioned is the significant reduction in the number of components going into a finished product, thereby impacting the supply chain as well. However, one of the challenges in AM process is to reduce the process variation which affects the reliability of the product. To realize the true benefits of additively manufactured products, it is imperative to ensure that the reliability of AM products is similar or better than traditionally manufactured products. Current state of art for assessing reliability of traditionally manufactured products is mature. However, the reliability assessment framework for products manufactured by advanced technologies are being studied upon. In this direction, this paper highlights a structured reliability assessment framework for additive manufactured products, which will help in identifying, analyzing and mitigating reliability risks as part of product development life cycle.

The modern electronics supply chain is a globalized marketplace with the increasing threat of counterfeit integrated circuits (ICs) being installed into mission critical systems. A number of methods for detecting counterfeit ICs exist; however, effective test and evaluation (T&E) methods to assess the confidence of detecting recycled ICs are needed. Additionally, methods for the trustworthy tracking of recycled ICs in the supply chain are also needed. In this work, we propose a novel methodology to address the detection and tracking of recycled ICs at each stage of the electronics supply chain. We present a case study demonstrating our assessment model to calculate the confidence levels of authentic and recycled ICs, and to confidently track these types of ICs throughout the electronics supply chain.

The supply chain network is a complex network with the risk of cascading failure. To study the cascading failure in it, an accurate supply chain network model needs to be established. In this paper, we construct a layered supply chain network model according to the types of companies in real supply chain networks. We first define the similarity between companies in the same layer by studying real-world scenarios in supply chain networks. Then, considering both the node degree and the similarity between nodes in the same layer, we propose preferential attachment probability formulas for the new nodes to join the exist network. Finally, the evolution steps of the model are summarized. We analyze the structural characteristics of the new model. The results show that the new model has scale-free property and small-world property, which conform to the structural characteristics of the known supply chain networks. Compared with the other network models, it is found that the new model can better describe the actual supply chain network.

Information security of logistics services. Information security of logistics services is understood as a complex activity aimed at using information and means of its processing in order to increase the level of protection and normal functioning of the object's information environment. At the same time the main recommendations for ensuring information security of logistics processes include: logistics support of processes for ensuring the security of information flows of the enterprise; assessment of the quality and reliability of elements, reliability and efficiency of obtaining information about the state of logistics processes. However, it is possible to assess the level of information security within the organization's controlled part of the supply chain through levels and indicators. In this case, there are four levels and elements of information security of supply chains.

Blockchain will increase supply chains' productivity and accountability, and have a positive effect on anything from warehousing to distribution to payment. To bridge the supply chain visibility gap, blockchain is being deployed because of its security features like immutability, tamper-resistant and hash proof. Blockchain integration with IoT increases the traceability and verifiability of the supply chain management and drastically eradicates the fraudulent activities including bribery, money laundering, forged checks, sanction violations, misrepresentation of goods and services. Blockchain can help to cross-check the verification, identification and authenticity of IoT devices to reduce the frequency and ramifications of fraud in supply chain management. The epidemic outbreak of SARS-CoV-2 has disrupted many global supply chains. The Geneva-based World Economic Forum declared that SARS-CoV-2 exposed supply chain failures can be tackled by blockchain technology. This paper explores the modern methodologies of supply chain management with integration of blockchain and IoT.

Military supply chains play a critical role in the acquisition and movement of goods for defence purposes. The disruption of these supply chain processes can have potentially devastating affects to the operational capability of military forces. The introduction and integration of new technologies into defence supply chains can serve to increase their effectiveness. However, the benefits posed by these technologies may be outweighed by significant consequences to the cyber security of the entire defence supply chain. Supply chains are complex Systems of Systems, and the introduction of an insecure technology into such a complex ecosystem may induce cascading system-wide failure, and have catastrophic consequences to military mission assurance. Subsequently, there is a need for an evaluative process to determine the extent to which a new technology will affect the cyber security of military supply chains. This work proposes a new model, the Military Supply Chain Cyber Implications Model (M-SCCIM), that serves to aid military decision makers in understanding the potential cyber security impact of introducing new technologies to supply chains. M-SCCIM is a multiphase model that enables understanding of cyber security and supply chain implications through the lenses of theoretical examinations, pilot applications and system wide implementations.

Supply chain plays a significant job in an organization making systems between an organization and its supplier to deliver and disperse items and administrations to the last purchasers. Digitization alludes to the way toward moving physical reports into physical documents. Digitization will make incredible open doors for associations and supply chain rehearses. Numerous associations need to turn out to be progressively “advanced” since they have watched the criticality and value of computerized advances for their development and their own organizations. This research study topic presents a review of the supply chain management digitization practices and dreams with a merged image of digitization and stream of data between the Supplier and Manufacturer chain. Value management, in value analysis, assumes a huge job in a viable Digital Supply Chain Management, it is progressively centered around mechanization, digitizing the procedure, and the coordination and reconciliation of the considerable number of components associated with the supply chain. In view of how value-chain management has developed, it assumes an urgent job in managing the ever-expanding unpredictability in supply chains all inclusive. This study presents an overview of the supply chain management digitization practices and visions with a consolidated picture of digitization and flow of information between the Supplier and Manufacturer chain. This study can be further improved by integrating the latest technology and tools AI and IoT-as a future study.

The ongoing trend of moving data and computation to the cloud is met with concerns regarding privacy and protection of intellectual property. Cloud Service Providers (CSP) must be fully trusted to not tamper with or disclose processed data, hampering adoption of cloud services for many sensitive or critical applications. As a result, CSPs and CPU manufacturers are rushing to find solutions for secure and trustworthy outsourced computation in the Cloud. While enclaves, like Intel SGX, are strongly limited in terms of throughput and size, AMD’s Secure Encrypted Virtualization (SEV) offers hardware support for transparently protecting code and data of entire VMs, thus removing the performance, memory and software adaption barriers of enclaves. Through attestation of boot code integrity and means for securely transferring secrets into an encrypted VM, CSPs are effectively removed from the list of trusted entities. There have been several attacks on the security of SEV, by abusing I/O channels to encrypt and decrypt data, or by moving encrypted code blocks at runtime. Yet, none of these attacks have targeted the attestation protocol, the core of the secure computing environment created by SEV. We show that the current attestation mechanism of Zen 1 and Zen 2 architectures has a significant flaw, allowing us to manipulate the loaded code without affecting the attestation outcome. An attacker may abuse this weakness to inject arbitrary code at startup–and thus take control over the entire VM execution, without any indication to the VM’s owner. Our attack primitives allow the attacker to do extensive modifications to the bootloader and the operating system, like injecting spy code or extracting secret data. We present a full end-to-end attack, from the initial exploit to leaking the key of the encrypted disk image during boot, giving the attacker unthrottled access to all of the VM’s persistent data.

Plagiarism is the act of using someone else’s words or ideas without giving them due credit and representing it as one’s own work. In today's world, it is very easy to plagiarize others' work due to advancement in technology, especially by the use of the Internet or other offline sources such as books or magazines. Plagiarism can be classified into two broad categories on the basis of detection namely extrinsic and intrinsic plagiarism. Extrinsic plagiarism detection refers to detecting plagiarism in a document by comparing it against a given reference dataset, whereas, Intrinsic plagiarism detection refers to detecting plagiarism with the help of variation in writing styles without using any reference corpus. Although there are many approaches which can be adopted to detect extrinsic plagiarism, few are available for intrinsic plagiarism detection. In this paper, a simplified approach is proposed for developing an intrinsic plagiarism detector which is helpful in detecting plagiarism even when no reference corpus is available. The approach deals with development of an intrinsic plagiarism detection system by identifying the writing style of authors in the document using stylometric features and Density-Based Spatial Clustering of Applications with Noise (DBSCAN) clustering. The proposed system has an easy to use interactive interface where user has to upload a text document to be checked for plagiarism and the result is displayed on the web page itself. In addition, the user can also see the analysis of the document in the form of graphs.

Social bots are computer algorithms able to produce content and interact with other users on social media autonomously, trying to emulate and possibly influence humans’ behavior. Indeed, bots are largely employed for malicious purposes, like spreading disinformation and conditioning electoral campaigns. Nowadays, bots’ capability of emulating human behaviors has become increasingly sophisticated, making their detection harder. In this paper, we aim at recognizing bot-driven accounts by evaluating the consistency of users’ writing style over time. In particular, we leverage the intuition that while bots compose posts according to fairly deterministic processes, humans are influenced by subjective factors (e.g., emotions) that can alter their writing style. To verify this assumption, by using stylistic consistency indicators, we characterize the writing style of more than 12,000 among bot-driven and human-operated Twitter accounts and find that statistically significant differences can be observed between the different types of users. Thus, we evaluate the effectiveness of different machine learning (ML) algorithms based on stylistic consistency features in discerning between human-operated and bot-driven Twitter accounts and show that the experimented ML algorithms can achieve high performance (i.e., F-measure values up to 98%) in social bot detection tasks.

Code authorship identification can assist in identifying creators of malware, identifying plagiarism, and giving insights in copyright infringement cases. Taking inspiration from facial recognition work, we apply recent advances in metric learning to the problem of authorship identification and verification. The metric learning approach makes it possible to measure similarity in the learned embedding space. Access to a discriminative similarity measure allows for the estimation of probability distributions that facilitate open-set classification and verification. We extend our analysis to verification based on sets of files, a previously unexplored problem domain in large-scale author identification. On closed-set tasks we achieve competitive accuracies, but do not improve on the state of the art.

Plagiarism checkers have been widely used to verify the authenticity of dissertation/project submissions. However, when non-verbatim plagiarism or online examinations are considered, this practice is not the best solution. In this work, we propose a better authentication system for online examinations that analyses the submitted text's stylometry for a match of writing pattern of the author by whom the text was submitted. The writing pattern is analyzed over many indicators (i.e., features of one's writing style). This model extracts 27 such features and stores them as the writing pattern of an individual. Stylometric Analysis is a better approach to verify a document's authorship as it doesn't check for plagiarism, but verifies if the document was written by a particular individual and hence completely shuts down the possibility of using text-convertors or translators. This paper also includes a brief comparative analysis of some simpler algorithms for the same problem statement. These algorithms yield results that vary in precision and accuracy and hence plotting a conclusion from the comparison shows that the best bet to tackle this problem is through Artificial Neural Networks.

Previous research on frequency hopping (FH) signal recognition utilizing deep learning only focuses on single-label signal, but can not deal with overlapped FH signal which has multi-labels. To solve this problem, we propose a new FH signal recognition method based on fully convolutional networks (FCN). Firstly, we perform the short-time Fourier transform (STFT) on the collected FH signal to obtain a two-dimensional time-frequency pattern with time, frequency, and intensity information. Then, the pattern will be put into an improved FCN model, named FH-FCN, to make a pixel-level prediction. Finally, through the statistics of the output pixels, we can get the final classification results. We also design an algorithm that can automatically generate dataset for model training. The experimental results show that, for an overlapped FH signal, which contains up to four different types of signals, our method can recognize them correctly. In addition, the separation of multiple FH signals can be achieved by a slight improvement of our method.

A comparative analysis of the classical and approximation methods of spectral analysis of fast-variable processes in technical systems is carried out. It is shown that the approximation methods make it possible to substantially remove the contradiction between the requirements for spectrum smoothing and its frequency resolution. On practical examples of vibroacoustic signals, the effectiveness of approximation methods is shown. The Prony method was used to process the time series. The interactive frequency segmentation method and the direct identification method were used for approximation and frequency characteristics.

This work describes a concept for extending the Network Time Security (NTS) protocol to enable implementation- independent communication between the NTS key establishment (NTS-KE) server and the connected time server(s). It Alls a specification gap left by RFC 8915 for securing the Network Time Protocol (NTP) and enables the centralized and public deployment of an NTS key management server that can support both secured NTP and secured PTP.

Recently, the informatics infrastructure of INRiM Time and Frequency Laboratory has been completely renewed with particular attention to network security and software architecture aspects, with the aims to improve the reliability, robustness and automation of the overall set-up. This upgraded infrastructure has allowed, since January 2020, a fully automated generation and monitoring of the Italian time scale UTC(IT), based on dedicated software developed in-house [1]. We focus in this work on the network and software aspects of our set-up, which enable a robust and reliable automatic time scale generation with continuous monitoring and minimal human intervention.

The fundamental limits of high-current conduction and response of metal conductors to large, fast current pulses are of interest to high-speed fuses, exploding wires and foils, and magnetically driven dynamic material property and inertial confinement fusion experiments. A collaboration between the University of Nevada, Reno, University of New Mexico, and Sandia National Laboratory has fielded an electrically thick (R 400-μm \textbackslashtextgreater skin-depth) cylindrical metal rod platform in a Z-pinch configuration driven by the Sandia 100-ns, 900-kA Mykonos linear transformer driver 1 . Photonic Doppler velocimetry (PDV) measuring the expansion velocity of the uncoated surface of aluminum rods 2 was used to benchmark equation of state (EOS) and electrical conductivity models used in magnetohydrodynamics simulations using the Los Alamos National Laboratory (LANL) code FLAG 3 . The metal surface was found to expand along the liquid-vapor coexistence curve in density-temperature space for 90 ns of the rod’s expansion for both tabular EOSs with Van der Waals loops and with Maxwell constructions under the vapor dome. As the slope of the coexistence curve varies across EOS models, the metal surface in simulation was found to heat and expand at different rates depending on the model used. The expansion velocities associated with EOS models were then compared against the PDV data to validate the EOS used in simulations of similar systems. Here, the most recent aluminum EOS (SESAME 93722) 4 was found to drive a simulated velocity that best compared with the experimental data due to its relatively steep coexistence curve and high critical point.

Magnetized Liner Inertial Fusion (MagLIF) is a magneto-inertial fusion concept that relies on fuel magnetization, laser preheat, and a magnetically driven implosion to produce fusion conditions. In MagLIF, the target is a roughly 10 mm long, 5 mm diameter, 0.5 mm thick, cylindrical beryllium shell containing 1 mg/cm 3 D 2 gas. An axial magnetic field on the order of 10 T is applied to the target, and several kJ of laser energy is deposited into the fuel. Up to 20 MA of current is driven axially through the beryllium target, causing it to implode over approximately 100 ns. The implosion produces a 100-μm diameter, 8-mm tall fuel column with a burn-averaged ion temperature of several keV, that generates 10 11 -10 13 DD neutrons.