Biblio

Recently, the informatics infrastructure of INRiM Time and Frequency Laboratory has been completely renewed with particular attention to network security and software architecture aspects, with the aims to improve the reliability, robustness and automation of the overall set-up. This upgraded infrastructure has allowed, since January 2020, a fully automated generation and monitoring of the Italian time scale UTC(IT), based on dedicated software developed in-house [1]. We focus in this work on the network and software aspects of our set-up, which enable a robust and reliable automatic time scale generation with continuous monitoring and minimal human intervention.

X-ray radiography has been used to diagnose a wide variety of experiments at the Z facility including inertial confinement fusion capsule implosions, the growth of the magneto-Rayleigh-Taylor instability in solid liners, and the development of helical structures in axially magnetized liner implosions. In these experiments, the Z Beamlet laser (1 kJ, 1 ns) was used to generate the x-ray source. An alternate x-ray source is desirable in experiments where the Z Beamlet laser is used for another purpose (e.g., preheating the fuel in magnetized liner inertial fusion experiments) or when multiple radiographic lines of sight are necessary.

This paper studies the differential privacy-preserving problem of discrete-time multi-agent systems (MASs) with antagonistic information, where the connected signed graph is structurally balanced. First, we introduce the bipartite consensus definitions in the sense of mean square and almost sure, respectively. Second, some criteria for mean square and almost sure bipartite consensus are derived, where the eventualy value is related to the gauge matrix and agents’ initial states. Third, we design the ε-differential privacy algorithm and characterize the tradeoff between differential privacy and system performance. Finally, simulations validate the effectiveness of the proposed algorithm.

With the continuous development of edge computing, the application scope of mobile crowdsourcing (MCS) is constantly increasing. The distributed nature of edge computing can transmit data at the edge of processing to meet the needs of low latency. The trustworthiness of the third-party platform will affect the level of privacy protection, because managers of the platform may disclose the information of workers. Anonymous servers also belong to third-party platforms. For unreal third-party platforms, this paper recommends that workers first use the localized differential privacy mechanism to interfere with the real location information, and then upload it to an anonymous server to request services, called the localized differential anonymous privacy protection mechanism (LDNP). The two privacy protection mechanisms further enhance privacy protection, but exacerbate the loss of service quality. Therefore, this paper proposes to give corresponding compensation based on the authenticity of the location information uploaded by workers, so as to encourage more workers to upload real location information. Through comparative experiments on real data, the LDNP algorithm not only protects the location privacy of workers, but also maintains the availability of data. The simulation experiment verifies the effectiveness of the incentive mechanism.

Traditional passive defense methods cannot resist the constantly updated and evolving cyber attacks. The concept of resilience is introducing to measure the ability of the system to maintain its function under attack. It matters in evaluating the security of modern industrial systems. This paper presents a 3D Resilience State Space method to assess Communication-based train control (CBTC) system resilience under malware attack. We model the spread of malware as two functions: the communicability function \$f\$(x) and the susceptibility function 9 (x). We describe the characteristics of these two function in the CBTC complex network by using the percolation theory. Then we use a perturbation formalism to analyze the impact of malware attack on information flow and use it as an indicator of the cyber layer state. The CBTC cyber-physical system resilience metric formalizes as the system state transitions in three-dimensional state space. The three dimensions respectively represent the cyber layer state, the physical layer state, and the transmission layer state. The simulation results reveal that the proposed framework can effectively assess the resilience of the CBTC system. And the anti-malware programs can prevent the spread of malware and improve CBTC system resilience.

The widely adopted dynamic line rating (DLR) mechanism can improve the operation efficiency for industrial and commercial power systems. However, the predicted environmental parameters used in DLR bring great uncertainty to transmission line capacity estimation and may introduce system security risk if over-optimistic estimation is adopted in the operation process, which could affect the electrical safety of industrial and commercial power systems in multiple cases. Therefore, it becomes necessary to establish a system operation security assessment model to reduce the risk and provide operational guidance to enhance electrical safety. This paper aims to solve the electrical safety problems caused by the transmission line under DLR mechanism. An operation security assessment method of transmission lines considering DLR uncertainty is proposed to visualize the safety margin under the given operation strategy and optimally setting transmission line capacity while taking system safety into account. With the help of robust optimization (RO) techniques, the uncertainty is characterized and a risk-averse transmission line rating guidance can be established to determine the safety margin of line capacity for system operation. In this way, the operational security for industrial and commercial power systems can be enhanced by reducing the unsafe conditions while the operational efficiency benefit provided by DLR mechanism still exist.

Continuous Integration (CI) and Continuous Delivery (CD) have become a well-known practice in DevOps to ensure fast delivery of new features. This is achieved by automatically testing and releasing new software versions, e.g. multiple times per day. However, classical security management techniques cannot keep up with this quick Software Development Life Cycle (SDLC). Nonetheless, guaranteeing high security quality of software systems has become increasingly important. The new trend of DevSecOps aims to integrate security techniques into existing DevOps practices. Especially, the automation of security testing is an important area of research in this trend. Although plenty of literature discusses security testing and CI/CD practices, only a few deal with both topics together. Additionally, most of the existing works cover only static code analysis and neglect dynamic testing methods. In this paper, we present an approach to integrate three automated dynamic testing techniques into a CI/CD pipeline and provide an empirical analysis of the introduced overhead. We then go on to identify unique research/technology challenges the DevSecOps communities will face and propose preliminary solutions to these challenges. Our findings will enable informed decisions when employing DevSecOps practices in agile enterprise applications engineering processes and enterprise security.

As a part of the global decarbonization agenda, the electrification of the transport sector involving the large-scale integration of electric vehicles (EV) constitues one of the key initiatives. However, the introduction of EV loads results in more variable electrical demand profiles and higher demand peaks, challenging power system balancing, voltage and network congestion management. In this paper, a novel optimal load scheduling approach for a coupled power and transportation network is proposed. It employs an EV charging demand forecasting model to generate the temporal-spatial distribution of the aggregate EV loads taking into account the uncertainties stemmed from the traffic condition. An AC optimal power flow (ACOPF) problem is formulated and solved to determine the scheduling decisions for the EVs, energy storage units as well as other types of flexible loads, taking into account their operational characteristics. Convex relaxation is performed to convert the original non-convex ACOPF problem to a second order conic program. Case studies demonstrate the effectiveness of the proposed scheduling strategy in accurately forecasting the EV load distribution as well as effectively alleviating the voltage deviation and network congestion in the distribution network through optimal load scheduling control decisions.

This paper is devoted to boundary control design for urban traffic described on a macroscopic scale. The state corresponds to vehicle density that evolves on a continuum two-dimensional domain that represents a continuous approximation of a urban network. Its parameters are interpolated as a function of distance to physical roads. The dynamics are governed by a new macroscopic multi-directional traffic model that encompasses a system of four coupled partial differential equations (PDE) each describing density evolution in one direction layer: North, East, West and South (NEWS). We analyse the class of desired states that the density governed by NEWS model can achieve. Then a boundary control is designed to drive congested traffic to an equilibrium with the minimal congestion level. The result is validated numerically using the real structure of Grenoble downtown (a city in France).

Background: Most of the people are not medically qualified for studying or understanding the extremity of their diseases or symptoms. This is the place where natural language processing plays a vital role in healthcare. These chatbots collect patients' health data and depending on the data, these chatbot give more relevant data to patients regarding their body conditions and recommending further steps also. Purposes: In the medical field, AI powered healthcare chatbots are beneficial for assisting patients and guiding them in getting the most relevant assistance. Chatbots are more useful for online search that users or patients go through when patients want to know for their health symptoms. Methods: In this study, the health assistant system was developed using Dialogflow application programming interface (API) which is a Google's Natural language processing powered algorithm and the same is deployed on google assistant, telegram, slack, Facebook messenger, and website and mobile app. With this web application, a user can make health requests/queries via text message and might also get relevant health suggestions/recommendations through it. Results: This chatbot acts like an informative and conversational chatbot. This chatbot provides medical knowledge such as disease symptoms and treatments. Storing patients personal and medical information in a database for further analysis of the patients and patients get real time suggestions from doctors. Conclusion: In the healthcare sector AI-powered applications have seen a remarkable spike in recent days. This covid crisis changed the whole healthcare system upside down. So this NLP powered chatbot system reduced office waiting, saving money, time and energy. Patients might be getting medical knowledge and assisting ourselves within their own time and place.

Empathy is a fundamental mechanism of human interactions. As such, it should be an integral part of Human-Computer Interaction systems to make them more relatable. With this work, we focused on conversational scenarios where integrating empathy is crucial to perceive the computer like a human. As a result, we derived the high-level architecture of an Empathetic Conversational Agent we are willing to implement. We relied on theories about artificial empathy to derive the function approximating this mechanism and selected the conversational aspects to control for an empathetic interaction. In particular, we designed a core empathetic controller manages the empathetic responses, predicting, at each turn, the high-level content of the response. The derived architecture integrates empathy in a task-agnostic manner; hence we can employ it in multiple scenarios by changing the objective of the controller.

Electromagnetic emissions associated with the transmission of automotive controller area network (CAN) messages within a passenger car have been analysed and used to reconstruct the original CAN messages. Concurrent monitoring of the CAN traffic via a wired connection to the vehicle OBD-II port was used to validate the effectiveness of the reconstruction process. These results confirm the feasibility of reconstructing in-vehicle network data for forensic purposes, without the need for wired access, at distances of up to 1 m from the vehicle by using magnetic field measurements, and up to 3 m using electric field measurements. This capability has applications in the identification and resolution of EMI issues in vehicle data network, as well as possible implications for automotive cybersecurity.

In this paper, we highlight a fundamental vulnerability associated with the widely adopted “Just Tap” push-based authentication in the face of a concurrency attack, and propose the method REPLICATE, a redesign to counter this vulnerability. In the concurrency attack, the attacker launches the login session at the same time the user initiates a session, and the user may be fooled, with high likelihood, into accepting the push notification which corresponds to the attacker's session, thinking it is their own. The attack stems from the fact that the login notification is not explicitly mapped to the login session running on the browser in the Just Tap approach. REPLICATE attempts to address this fundamental flaw by having the user approve the login attempt by replicating the information presented on the browser session over to the login notification, such as by moving a key in a particular direction, choosing a particular shape, etc. We report on the design and a systematic usability study of REPLICATE. Even without being aware of the vulnerability, in general, participants placed multiple variants of REPLICATE in competition to the Just Tap and fairly above PIN-based authentication.

In the ever evolving Internet threat landscape, Distributed Denial-of-Service (DDoS) attacks remain a popular means to invoke service disruption. DDoS attacks, however, have evolved to become a tool of deceit, providing a smokescreen or distraction while some other underlying attack takes place, such as data exfiltration. Knowing the intent of a DDoS, and detecting underlying attacks which may be present concurrently with it, is a challenging problem. An entity whose network is under a DDoS attack may not have the support personnel to both actively fight a DDoS and try to mitigate underlying attacks. Therefore, any system that can detect such underlying attacks should do so only with a high degree of confidence. Previous work utilizing flow aggregation techniques with multi-class anomaly detection showed promise in both DDoS detection and detecting underlying attacks ongoing during an active DDoS attack. In this work, we head in the opposite direction, utilizing flow segmentation and concurrent flow feature aggregation, with the primary goal of greatly reduced detection times of both DDoS and underlying attacks. Using the same multi-class anomaly detection approach, we show greatly improved detection times with promising detection performance.

This article analyzes the possibilities of using cognitive approaches in forming expert assessments for solving information security problems. The experts use the contextual approach by A.Yu. Khrennikov’s as a basic model for the mathematical description of the quantum decision-making method. In the cognitive view, expert assessments are proposed to be considered as conditional probabilities with regard to the fulfillment of a set of certain conditions. However, the conditions in this approach are contextual, but not events like in Boolean algebra.

This paper presents a new framework for SATCOM jamming resiliency in the presence of a smart adversary jammer that can prioritize specific channels to attack with a non-uniform probability of distribution. We first develop a model and a defense action strategy based on a Markov decision process (MDP). We propose a greedy algorithm for the MDP-based defense algorithm's policy to optimize the expected user's immediate and future discounted rewards. Next, we remove the assumption that the user has specific information about the attacker's pattern and model. We develop a Q-learning algorithm-a reinforcement learning (RL) approach-to optimize the user's policy. We show that the Q-learning method provides an attractive defense strategy solution without explicit knowledge of the jammer's strategy. Computer simulation results show that the MDP-based defense strategies are very efficient; they offer a significant data rate advantage over the simple random hopping approach. Also, the proposed Q-learning performance can achieve close to the MDP approach without explicit knowledge of the jammer's strategy or attacking model.

Due to the advantages and limitations of the two kinds of vulnerability mining methods of static and dynamic analysis of android applications, the paper proposes a method of Android application vulnerability mining based on dynamic and static combination. Firstly, the static analysis method is used to obtain the basic vulnerability analysis results of the application, and then the input test case of dynamic analysis is constructed on this basis. The fuzzy input test is carried out in the real machine environment, and the application security vulnerability is verified with the taint analysis technology, and finally the application vulnerability report is obtained. Experimental results show that compared with static analysis results, the method can significantly improve the accuracy of vulnerability mining.

Static security assessment is of great significance to ensure the stable transmission of electric power and steady operation of load. The scale of power system trends to expand due to the development of interconnected grid, and the security analysis of the entire network has become time-consuming. On the basis of synthesizing the efficiency and accuracy, a new method is developed. This method adopts a novel dynamic power flow (DPF) model considering the influence of governor deadband and amplitude-limit on the steady state quantitatively. In order to reduce the computation cost, a contingency screening algorithm based on binary search method is proposed. Static security assessment based on the proposed DPF models is applied to calculate the security margin constrained by severe contingencies. The ones with lower margin are chosen for further time-domain (TD) simulation analysis. The case study of a practical grid verifies the accuracy of the proposed model compared with the conventional one considering no governor nonlinearity. Moreover, the test of a practical grid in China, along with the TD simulation, demonstrates that the proposed method avoids massive simulations of all contingencies as well as provides detail information of severe ones, which is effective for security analysis of practical power grids.

In this paper, we discuss the methodology of generalizing the optimal control law from learned component tasks to unlearned composite tasks on Multi-Agent Systems (MASs), by using the linearity composition principle of linearly solvable optimal control (LSOC) problems. The proposed approach achieves both the compositionality and optimality of control actions simultaneously within the cooperative MAS framework in both discrete and continuous-time in a sample-efficient manner, which reduces the burden of re-computation of the optimal control solutions for the new task on the MASs. We investigate the application of the proposed approach on the MAS with coordination between agents. The experiments show feasible results in investigated scenarios, including both discrete and continuous dynamical systems for task generalization without resampling.

Payment channel hubs (PCHs) constitute a promising solution to the inherent scalability problem of blockchain technologies, allowing for off-chain payments between sender and receiver through an intermediary, called the tumbler. While state-of-the-art PCHs provide security and privacy guarantees against a malicious tumbler, they do so by relying on the scripting-based functionality available only at few cryptocurrencies, and they thus fall short of fundamental properties such as backwards compatibility and efficiency.In this work, we present the first PCH protocol to achieve all aforementioned properties. Our PCH builds upon A2L, a novel cryptographic primitive that realizes a three-party protocol for conditional transactions, where the tumbler pays the receiver only if the latter solves a cryptographic challenge with the help of the sender, which implies the sender has paid the tumbler. We prove the security and privacy guarantees of A2L (which carry over to our PCH construction) in the Universal Composability framework and present a provably secure instantiation based on adaptor signatures and randomizable puzzles. We implemented A2L and compared it to TumbleBit, the state-of-the-art Bitcoin-compatible PCH. Asymptotically, A2L has a communication complexity that is constant, as opposed to linear in the security parameter like in TumbleBit. In practice, A2L requires 33x less bandwidth than TumleBit, while retaining the computational cost (or providing 2x speedup with a preprocessing technique). This demonstrates that A2L (and thus our PCH construction) is ready to be deployed today.In theory, we demonstrate for the first time that it is possible to design a secure and privacy-preserving PCH while requiring only digital signatures and timelock functionality from the underlying scripting language. In practice, this result makes our PCH backwards compatible with virtually all cryptocurrencies available today, even those offering a highly restricted form of scripting language such as Ripple or Stellar. The practical appealing of our construction has resulted in a proof-of-concept implementation in the COMIT Network, a blockchain technology focused on cross-currency payments.

Privacy and data security are critical aspects in databases, mainly when the latter are publically accessed such in social networks. Furthermore, for advanced databases, such as NoSQL ones, security models and security meta-data must be integrated to the business specification and data. In the literature, the proposed models for NoSQL databases can be considered as static, in the sense where the privileges for a given user are predefined and remain unchanged during job sessions. In this paper, we propose a novel model for NoSQL database access control that we aim that it will be dynamic. To be able to design such model, we have considered the Trust concept to compute the reputation degree for a given user that plays a given role.

The randomness, ambiguity and some other uncertainties of trust relationships in Wireless Sensor Networks (WSNs) make existing trust management methods often unsatisfactory in terms of accuracy. This paper proposes a trust evaluation method based on cloud model for malicious node detection. The conversion between qualitative and quantitative sensor node trust degree is achieved. Firstly, nodes cooperate with each other to establish a standard cloud template for malicious nodes and a standard cloud template for normal nodes, so that malicious nodes have a qualitative description to be either malicious or normal. Secondly, the trust cloud template obtained during the interactions is matched against the previous standard templates to achieve the detection of malicious nodes. Simulation results demonstrate that the proposed method greatly improves the accuracy of malicious nodes detection.

An efficient quantum circuit (program) compiler aims to minimize the gate-count - through efficient instruction translation, routing, gate, and cancellation - to improve run-time and noise. Therefore, a high-efficiency compiler is paramount to enable the game-changing promises of quantum computers. To date, the quantum computing hardware providers are offering a software stack supporting their hardware. However, several third-party software toolchains, including compilers, are emerging. They support hardware from different vendors and potentially offer better efficiency. As the quantum computing ecosystem becomes more popular and practical, it is only prudent to assume that more companies will start offering software-as-a-service for quantum computers, including high-performance compilers. With the emergence of third-party compilers, the security and privacy issues of quantum intellectual properties (IPs) will follow. A quantum circuit can include sensitive information such as critical financial analysis and proprietary algorithms. Therefore, submitting quantum circuits to untrusted compilers creates opportunities for adversaries to steal IPs. In this paper, we present a split compilation methodology to secure IPs from untrusted compilers while taking advantage of their optimizations. In this methodology, a quantum circuit is split into multiple parts that are sent to a single compiler at different times or to multiple compilers. In this way, the adversary has access to partial information. With analysis of over 152 circuits on three IBM hardware architectures, we demonstrate the split compilation methodology can completely secure IPs (when multiple compilers are used) or can introduce factorial time reconstruction complexity while incurring a modest overhead ( 3% to 6% on average).

Capability machines such as CHERI provide memory capabilities that can be used by compilers to provide security benefits for compiled code (e.g., memory safety). The existing C to CHERI compiler, for example, achieves memory safety by following a principle called “pointers as capabilities” (PAC). Informally, PAC says that a compiler should represent a source language pointer as a machine code capability. But the security properties of PAC compilers are not yet well understood. We show that memory safety is only one aspect, and that PAC compilers can provide significant additional security guarantees for partial programs: the compiler can provide security guarantees for a compilation unit, even if that compilation unit is later linked to attacker-provided machine code.As such, this paper is the first to study the security of PAC compilers for partial programs formally. We prove for a model of such a compiler that it is fully abstract. The proof uses a novel proof technique (dubbed TrICL, read trickle), which should be of broad interest because it reuses the whole-program compiler correctness relation for full abstraction, thus saving work. We also implement our scheme for C on CHERI, show that we can compile legacy C code with minimal changes, and show that the performance overhead of compiled code is roughly proportional to the number of cross-compilation-unit function calls.

This paper presents the application of Compressive Sampling (CS) to the realization of a wideband receiver for distributed spectrum monitoring. The proposed prototype performs the non-uniform sampling CS-based technique, while the signal reconstruction is realized by the Orthogonal Matching Pursuit (OMP) algorithm on a personal computer. A first experimental analysis has been conducted on the prototype by assessing several figures of merit, thus characterizing its performance in the time, frequency and modulation domains. The obtained results demonstrate that the proposed prototype can achieve good performance in all specified domains with Compression Ratios (CRs) up to 10 for a 4-QAM (Quadrature Amplitude Modulation) signal having carrier frequency of 350 MHz and working at a symbol rate of 46 MSym/s.