Biblio

Over the years, operating systems (OSs) have grown significantly in complexity and size providing attackers with more avenues to compromise their security. By eliminating the OS, it becomes possible to develop general-purpose non-embedded applications that are free of typical OS-related vulnerabilities. Such applications are simpler and smaller in size, making it easier secure the application code. Bare machine computing (BMC) applications run on ordinary desktops and laptops without the support of any operating system or centralized kernel. Many BMC applications have been developed previously for single-core systems. We show how to build BMC applications for multicore systems by presenting the design and implementation of a novel UDP-based bare machine prototype Web server for a multicore architecture. We also include preliminary experimental results from running the server on the Internet. This work provides a foundation for building secure computer applications that run on multicore systems without the need for intermediary software.

Blockchain is opening up new avenues for the development of new sorts of digital services. In this article, we'll employ the transparent Blockchain method to propose a system for collecting data from many sources and databases for use in local and national elections. The Blockchain-based system will be safe, trustworthy, and private. It will assist to know the overall count of the candidates who participated and it functions in the same way as people's faith in their governments does. Blockchain technology is the one that handles the actual vote. We use the secure hash algorithm for resolving this problem and tried to bring a solution through the usage of this booming technology. A centralized database in a blockchain system keeps track of the secure electronic interactions of users in a peer-to-peer network.

With the tremendous growth of IoT application, providing security to IoT systems has become more critical. In this paper, a technique is presented to ensure the safety of Internet of Things (IoT) devices. This technique ensures hardware and software security of IoT devices. Blockchain technology is used for software security and hardware logics are used for hardware security. For enabling a Blockchain, Ethereum Network is used for secure peer-to-peer transmission. A prototype model is also used using two IoT nodes to demonstrate the security logic.

Protecting privacy of the user location in Internet of Things (IoT) applications is a complex problem. Peer-to-peer (P2P) approach is one of the most popular techniques used to protect privacy in IoT applications, especially that use the location service. The P2P approach requires trust among peers in addition to serious cooperation. These requirements are still an open problem for this approach and its methods. In this paper, we propose an effective solution to this issue by creating a manager for the peers' reputation called R-TTP. Each peer has a new query. He has to evaluate the cooperated peer. Depending on the received result of that evaluation, the main peer will send multiple copies of the same query to multiple peers and then compare results. Moreover, we proposed another scenario to the manager of reputation by depending on Fog computing to enhance both performance and privacy. Relying on this work, a user can determine the most suitable of many available cooperating peers, while avoiding the problems of putting up with an inappropriate cooperating or uncommitted peer. The proposed method would significantly contribute to developing most of the privacy techniques in the location-based services. We implemented the main functions of the proposed method to confirm its effectiveness, applicability, and ease of application.

A new ONU authentication method based on POTS key matching is proposed, which makes use of ONU's own FXS resources and connects with a pots phone by dialing the corresponding LOID service key and authentication code that will be sent to ONU. The key combined with LOID service key and authentication code received by ONU will be filtered and then the LOID authentication code is obtained, which is put to match with DigitMap preset into the database of ONU. The LOID authentication code will be transmitted to OLT so as to achieve the purpose of ONU authentication and authorization if the match result is successful.

Cost-effective and efficient sequencing technologies have resulted in massive genomic data availability. To compute on a large-scale genomic dataset, it is often required to outsource the dataset to the cloud. To protect data confidentiality, data owners encrypt sensitive data before outsourcing. Outsourcing enhances data owners to eliminate the storage management problem. Since genome data is large in volume, secure execution of researchers query is challenging. In this paper, we propose a method to securely perform count query on datasets containing genotype, phenotype, and numeric data. Our method modifies the prefix-tree proposed by Hasan et al. [1] to incorporate numerical data. The proposed method guarantees data privacy, output privacy, and query privacy. We preserve the security through encryption and garbled circuits. For a query of 100 single-nucleotide polymorphism (SNPs) sequence, we achieve query execution time approximately 3.5 minutes in a database of 1500 records. To the best of our knowledge, this is the first proposed secure framework that addresses heterogeneous biomedical data including numeric attributes.

With the proliferation of cloud services, cloud-based image retrieval services enable large-scale image outsourcing and ubiquitous image searching. While enjoying the benefits of the cloud-based image retrieval services, critical privacy concerns may arise in such services since they may contain sensitive personal information. In this paper, we propose an efficient and Privacy-Preserving Image Retrieval scheme with Key Switching Technique (PPIRS). PPIRS utilizes the inner product encryption for measuring Euclidean distances between image feature vectors and query vectors in a privacy-preserving manner. Due to the high dimension of the image feature vectors and the large scale of the image databases, traditional secure Euclidean distance comparison methods provide insufficient search efficiency. To prune the search space of image retrieval, PPIRS tailors key switching technique (KST) for reducing the dimension of the encrypted image feature vectors and further achieves low communication overhead. Meanwhile, by introducing locality sensitive hashing (LSH), PPIRS builds efficient searchable indexes for image retrieval by organizing similar images into a bucket. Security analysis shows that the privacy of both outsourced images and queries are guaranteed. Extensive experiments on a real-world dataset demonstrate that PPIRS achieves efficient image retrieval in terms of computational cost.

The high penetration of wind power generation into the grid evokes all the concerns for the deep understanding of its behavior and impact on the existing power system. This paper investigates the optimal operation of the Doubly Fed Induction Generator (DFIG) for the maximum power point tracking in deep with modal analysis. The grid connected DFIG system has been examined in two cases viz. open-loop case and closed-loop case where closed-loop case consists the system with the Flux Magnitude Angle Control (FMAC) and Direct Torque Control (DTC) approach. Various modes of the oscillation and their damping factor has been found in both the cases for the examination of the internal behavior of the system. Further, the effectiveness of the all the employed controls along with MPPT when the system is subjected to a stepped wind speed disturbance and voltage-dip have been confirmed. It was found from the simulation and the modal analysis that the frequency of the various oscillating modes is lesser while the damping is improved in the case of DTC control.

In this work, the efficient evaluation of Sommerfeld integrals (SIs) above an impedance plane is addressed. Started from Weyl's expression of SIs, using the coordinate transformation and steepest descent path approach, an exact single image representation to SIs is derived. This single image representation image eliminates oscillating and slow-decay integrand in traditional SIs, and efficient to calculate. Moreover, the far-field asymptotic behavior of SIs in this case is considered and is represented by the Fresnel-integral related function. A high-order approximation based on series expansion of Fresnel integral is provided for fast evaluation. Finally, the validity of the proposed expressions is verified by numerical examples.

This paper is devoted to the choice and justification of a joint-level controller for a joint with intrinsic elasticity. Such joints show a number of advantages in terms of shock robustness, interaction safety, energy efficiency and so on. On the other hand, the addition of elastic element, i.e. a torsion spring, leads to oscillating behaviour. Thus, more elaborate controller structure is required. Active damping injection approach is chosen in this article to improve the joint performance and achieve smooth motion. A method to select controller gains is suggested as well which allows step-wise customization, by which either the settling time can be minimized or the motion can be made fully smooth. Finally, the controller performance is verified in simulation.

We propose thrombolysis using a magnetic nanoparticle microswarm with tissue plasminogen activator (tPA) under ultrasound imaging. The microswarm is generated in blood using an oscillating magnetic field and can be navigated with locomotion along both the long and short axis. By modulating the input field, the aspect ratio of the microswarm can be reversibly tuned, showing the ability to adapt to different confined environments. Simulation results indicate that both in-plane and out-of-plane fluid convection are induced around the microswarm, which can be further enhanced by tuning the aspect ratio of the microswarm. Under ultrasound imaging, the microswarm is navigated in a microchannel towards a blood clot and deformed to obtain optimal lysis. Experimental results show that the lysis rate reaches -0.1725 ± 0.0612 mm3/min in the 37°C blood environment under the influence of the microswarm-induced fluid convection and tPA. The lysis rate is enhanced 2.5-fold compared to that without the microswarm (-0.0681 ± 0.0263 mm3/min). Our method provides a new strategy to increase the efficiency of thrombolysis by applying microswarm-induced fluid convection, indicating that swarming micro/nanorobots have the potential to act as effective tools towards targeted therapy.

In proof-of-stake (PoS) blockchains, stakeholders that extend the chain are selected according to the amount of stake they own. In S&P 2019 the "Ouroboros Crypsinous" system of Kerber et al. (and concurrently Ganesh et al. in EUROCRYPT 2019) presented a mechanism that hides the identity of the stakeholder when adding blocks, hence preserving anonymity of stakeholders both during payment and mining in the Ouroboros blockchain. They focus on anonymizing the messages of the blockchain protocol, but suggest that potential identity leaks from the network-layer can be removed as well by employing anonymous broadcast channels.In this work we show that this intuition is flawed. Even ideal anonymous broadcast channels do not suffice to protect the identity of the stakeholder who proposes a block.We make the following contributions. First, we show a formal network-attack against Ouroboros Crypsinous, where the adversary can leverage network delays to distinguish who is the stakeholder that added a block on the blockchain. Second, we abstract the above attack and show that whenever the adversary has control over the network delay – within the synchrony bound – loss of anonymity is inherent for any protocol that provides liveness guarantees. We do so, by first proving that it is impossible to devise a (deterministic) state-machine replication protocol that achieves basic liveness guarantees and better than (1-2f) anonymity at the same time (where f is the fraction of corrupted parties). We then connect this result to the PoS setting by presenting the tagging and reverse tagging attack that allows an adversary, across several executions of the PoS protocol, to learn the stake of a target node, by simply delaying messages for the target. We demonstrate that our assumption on the delaying power of the adversary is realistic by describing how our attack could be mounted over the Zcash blockchain network (even when Tor is used). We conclude by suggesting approaches that can mitigate such attacks.

MANET stands for Mobile ad-hoc network, which is also known as a wireless network. It provides a routable networking environment which does not have a centralized infrastructure. MANET is used in many important sectors like economic sector (corporate field), security sector (military field), education sector (video conferences and lectures), law sector (law enforcement) and many more. Even though it plays a vital role in different sectors and improves its economic growth, security is a major concern in MANET. Due to lack of inbuilt security, several attacks like data traffic attack, control traffic attack. The wormhole is a kind of control traffic attack which forms wormhole link between nodes. In this paper, we have proposed an approach to detect and get rid of the wormhole attack. The proposed approach is based on trust values, which will decide whether nodes are affected by using parameters like receiving time and data rate. On evaluation, we have concluded that the wormhole attack decreases the network's performance while using trusted approach its value increases. Means PDR and throughput return best results for the affected network while in case of end to end delay it returns similar results as of unaffected network.

Mobile Ad-hoc Networks (MANET) is an autonomous network consisting of movable devices that can form a network using wireless media. MANET routing protocols can be used for selecting an efficient and shortest path for data transmission between nodes in a smart environment formed by the Internet of Things (IoT). Networking in such MANET-enabled IoT system is based on the routing protocols of MANET, data sensing from things, and data handling and processing using IoT. This paper studies proactive approach-based secure routing protocols for MANET-enabled IoT and analyses these protocols to identify security issues in it. Since this fusion network is resource-constrained in nature, each of the studied protocol is evaluated to check if it is lightweight or not. Also, the solution to defend against active attacks in this network is discussed.

In Mobile Ad-hoc Network based Internet of things (MANET-IoT), nodes are mobile, infrastructure less, managed and organized by themselves that have important role in many areas such as Mobile Computing, Military Sector, Sensor Networks Commercial Sector, medical etc. One major problem in MANET based IoT is security because nodes are mobile, having not any central administrator and are also not reliable. So, MANET-IoT is more defenseless to denial-of-service attacks for-example Blackhole, Wormhole, Gray-hole etc. To compare the performance of network under different attacks for checking which attack is more affecting the performance of network, we implemented Blackhole and Wormhole attack by modifying AODV routing protocol in NS-3. After preprocessing of data that is obtained by using Flow-monitor module, we calculated performance parameters such as Average Throughput, Average Packet Delivery Ratio, Average End to End Delay, Average Jitter-Sum and compared it with no. of nodes in MANET-IoT network. Throughput and goodput performance of each node in the network is also calculated by using Trace metric module and compared with each node in the network. This approach is also very helpful for further research in MANET-IoT Security.

Mobile Ad hoc Networks ‘MANETs’ are still defenseless against peripheral threats due to the fact that this network has vulnerable access and also the absence of significant fact of administration. The black hole attack is a kind of some routing attack, in this type of attack the attacker node answers to the Route Requests (RREQs) thru faking and playing itself as an adjacent node of the destination node in order to get through the data packets transported from the source node. To counter this situation, we propose to deploy some nodes (exhibiting some distinctive functionality) in the network called DPS (Detection and Prevention System) nodes that uninterruptedly monitor the RREQs advertised by all other nodes in the networks. DPS nodes target to satisfy the set objectives in which it has to sense the mischievous nodes by detecting the activities of their immediate neighbor. In the case, when a node demonstrates some peculiar manners, which estimates according to the experimental data, DPS node states that particular distrustful node as black hole node by propagation of a threat message to all the remaining nodes in the network. A protocol with a clustering approach in AODV routing protocol is used to sense and avert the black hole attack in the mentioned network. Consequently, empirical evaluation shows that the black hole node is secluded and prohibited from the whole system and is not allowed any data transfer from any node thereafter.

Machine learning-based malware detection systems are often vulnerable to evasion attacks, in which a malware developer manipulates their malicious software such that it is misclassified as benign. Such software hides some properties of the real class or adopts some properties of a different class by applying small perturbations. A special case of evasive malware hides by repackaging a bonafide benign mobile app to contain malware in addition to the original functionality of the app, thus retaining most of the benign properties of the original app. We present a novel malware detection system based on metamorphic testing principles that can detect such benign-seeming malware apps. We apply metamorphic testing to the feature representation of the mobile app, rather than to the app itself. That is, the source input is the original feature vector for the app and the derived input is that vector with selected features removed. If the app was originally classified benign, and is indeed benign, the output for the source and derived inputs should be the same class, i.e., benign, but if they differ, then the app is exposed as (likely) malware. Malware apps originally classified as malware should retain that classification, since only features prevalent in benign apps are removed. This approach enables the machine learning model to classify repackaged malware with reasonably few false negatives and false positives. Our training pipeline is simpler than many existing ML-based malware detection methods, as the network is trained end-to-end to jointly learn appropriate features and to perform classification. We pre-trained our classifier model on 3 million apps collected from the widely-used AndroZoo dataset.1 We perform an extensive study on other publicly available datasets to show our approach's effectiveness in detecting repackaged malware with more than 94% accuracy, 0.98 precision, 0.95 recall, and 0.96 F1 score.

Malicious software (malware) creators are constantly mutating malware files in order to avoid detection, resulting in hundreds of millions of new malware every year. Therefore, most malware files are unlabeled due to the time and cost needed to label them manually. This makes it very challenging to perform malware detection, i.e., deciding whether a file is malware or not, and malware classification, i.e., determining the family of the malware. Most solutions use supervised learning (e.g., ResNet and VGG) whose accuracy degrades significantly with the lack of abundance of labeled data. To solve this problem, this paper proposes a semi-supervised learning model for image-based malware classification. In this model, malware files are represented as grayscale images, and semi-supervised learning is carefully selected to handle the plethora of unlabeled data. Our proposed model is an enhanced version of the ∏-model, which makes it more accurate and consistent. Experiments show that our proposed model outperforms the original ∏-model by 4% in accuracy and three other supervised models by 6% in accuracy especially when the ratio of labeled samples is as low as 20%.

Malware evolves quickly as new attack, evasion and mutation techniques are commonly used by hackers to build new malicious malware families. For malware detection and classification, multi-class learning model is one of the most popular machine learning models being used. To recognize malicious programs, multi-class model requires malware types to be predefined as output classes in advance which cannot be dynamically adjusted after the model is trained. When a new variant or type of malicious programs is discovered, the trained multi-class model will be no longer valid and have to be retrained completely. This consumes a significant amount of time and resources, and cannot adapt quickly to meet the timely requirement in dealing with dynamically evolving malware types. To cope with the problem, an evolvable malware classification deep learning model, namely EC-Model, is proposed in this paper which can dynamically adapt to new malware types without the need of fully retraining. Consequently, the reaction time can be significantly reduced to meet the timely requirement of malware classification. To our best knowledge, our work is the first attempt to adopt multi-task, deep learning for evolvable malware classification.

The inference results of neural network accelerators often involve personal privacy or business secrets in intelligent systems. It is important for the safety of convolutional neural network (CNN) accelerator to prevent the key data and inference result from being leaked. The latest CNN models have started to combine with fully homomorphic encryption (FHE), ensuring the data security. However, the computational complexity, data storage overhead, inference time are significantly increased compared with the traditional neural network models. This paper proposed a lightweight FHE scheme on fully-connected layer for CNN hardware accelerator to achieve security inference, which not only protects the privacy of inference results, but also avoids excessive hardware overhead and great performance degradation. Compared with state-of-the-art works, this work reduces computational complexity by approximately 90% and decreases ciphertext size by 87%∼95%.

With the rapid growth of the Internet of Things (IoT) applications in smart regions/cities, for example, smart healthcare, smart homes/offices, there is an increase in security threats and risks. The IoT devices solve real-world problems by providing real-time connections, data and information. Besides this, the attackers can tamper with sensors, add or remove them physically or remotely. In this study, we address the IoT security sensor tampering issue in an office environment. We collect data from real-life settings and apply machine learning to detect sensor tampering using two methods. First, a real-time view of the traffic patterns is considered to train our isolation forest-based unsupervised machine learning method for anomaly detection. Second, based on traffic patterns, labels are created, and the decision tree supervised method is used, within our novel Anomaly Detection using Machine Learning (AD-ML) system. The accuracy of the two proposed models is presented. We found 84% with silhouette metric accuracy of isolation forest. Moreover, the result based on 10 cross-validations for decision trees on the supervised machine learning model returned the highest classification accuracy of 91.62% with the lowest false positive rate.

In recent years, cyber security has become a challenging task to protect the networks and computing systems from various types of digital attacks. Therefore, to preserve these systems, various innovative methods have been reported and implemented in practice. However, still more research work needs to be carried out to have malware free computing system. In this paper, an attempt has been made to develop simple but reliable ML based malware detection systems which can be implemented in practice. Keeping this in view, the present paper has proposed and compared the performance of three ML based malware detection systems applicable for computer systems. The proposed methods include k-NN, RF and LR for detection purpose and the features extracted comprise of Byte and ASM. The performance obtained from the simulation study of the proposed schemes has been evaluated in terms of ROC, Log loss plot, accuracy, precision, recall, specificity, sensitivity and F1-score. The analysis of the various results clearly demonstrates that the RF based malware detection scheme outperforms the model based on k-NN and LR The efficiency of detection of proposed ML models is either same or comparable to deep learning-based methods.

With the emergence and development of quantum computers, the traditional public-key cryptography (PKC) is facing the risk of being cracked. In order to resist quantum attacks and ensure long-term communication security, NIST launched a global collection of Post Quantum Cryptography (PQC) standards in 2016, and it is currently in the third round of selection. There are three Lattice-based PKC algorithms that stand out, and NTRU is one of them. In this article, we proposed the first complete and compact full hardware implementation of NTRU algorithm submitted in the third round. By using one structure to complete the design of the three types of complex polynomial multiplications in the algorithm, we achieved better performance while reducing area costs.

Security plays a paradigmatic role in the area of networking. The main goal of security is to protect these networks which contains confidential data against various kinds of attacks. By changing parameters like key size, increasing the rounds of iteration and finally using confusion box as the S-box, the strength of the cryptographic algorithms can be incremented. By using the Data Encryption Standard (DES), the images can be secured with the help of Dynamic S-boxes. Each of these 8 S-boxes contain 64 elements. Each row contains elements in the range 0–15 and are unique. Our proposed system generates these S-boxes dynamically depending on the key. The evaluation of this Dynamic S-box and DES shows much fruitful results over factors like Non-linearity, Strict Avalanche criterion, Balance, memory and time required for implementation using images.

One of the many methods for identifying malware is to disassemble the malware files and obtain the opcodes from them. Since malware have predominantly been found to contain specific opcode sequences in them, the presence of the same sequences in any incoming file or network content can be taken up as a possible malware identification scheme. Malware detection systems help us to understand more about ways on how malware attack a system and how it can be prevented. The proposed method analyses malware executable files with the help of opcode information by converting the incoming executable files to assembly language thereby extracting opcode information (opcode count) from the same. The opcode count is then converted into opcode frequency which is stored in a CSV file format. The CSV file is passed to various machine learning algorithms like Decision Tree Classifier, Random Forest Classifier and Naive Bayes Classifier. Random Forest Classifier produced the highest accuracy and hence the same model was used to predict whether an incoming file contains a potential malware or not.