Biblio

Dynamic searchable symmetric encryption (DSSE) that enables a client to perform searches and updates on encrypted data has been intensively studied in cloud computing. Recently, forward privacy and backward privacy has engaged significant attention to protect DSSE from the leakage of updates. However, the research in this field almost focused on keyword-level updates. That is, the client needs to know the keywords of the documents in advance. In this paper, we proposed a document-level update scheme, DBP, which supports immediate deletion while guaranteeing forward privacy and backward privacy. Compared with existing forward and backward private DSSE schemes, our DBP scheme has the following merits: 1) Practicality. It achieves deletion based on document identifiers rather than document/keyword pairs; 2) Efficiency. It utilizes only lightweight primitives to realize backward privacy while supporting immediate deletion. Experimental evaluation on two real datasets demonstrates the practical efficiency of our scheme.

With the widespread application of cloud computing technology, data privacy security problem becomes more serious. The recent studies related to searchable encryption (SE) area have shown that the data owners can share their private data with efficient search function and high-strength security. However, the search method has yet to be perfected, compared with the plaintext search mechanism. In this paper, based LSSS matrix, we give a new searchable algorithm, which is suitable for many search method, such as exact search, Boolean search and range search. In order to improve the search efficiency, the 0, 1-coding theory is introduced in the process of ciphertext search. Meanwhile it is shown that multi-search mechanism can improve the efficiency of data sharing. Finally, the performance analysis is presented, which prove our scheme is secure, efficient, and human-friendly.

To ensure a secure Cloud-based Electronic Health Record (EHR) system, we need to encrypt data and impose field-level access control to prevent malicious usage. Since the attributes of the Users will change with time, the encryption policies adopted may also vary. For large EHR systems, it is often necessary to search through the encrypted data in realtime and perform client-side computations without decrypting all patient records. This paper describes our novel cloud-based EHR system that uses Attribute Based Encryption (ABE) combined with Semantic Web technologies to facilitate differential access to an EHR, thereby ensuring only Users with valid attributes can access a particular field of the EHR. The system also includes searchable encryption using keyword index and search trapdoor, which allows querying EHR fields without decrypting the entire patient record. The attribute revocation feature is efficiently managed in our EHR by delegating the revision of the secret key and ciphertext to the Cloud Service Provider (CSP). Our methodology incorporates advanced security features that eliminate malicious use of EHR data and contributes significantly towards ensuring secure digital health systems on the Cloud.

As the extensive use of the wireless sensor networks in Advanced Metering Infrastructure (AMI) of Smart Grid, the network security of AMI becomes more important. Thus, an optimization of trust management mechanism of Beta distribution theory is put forward in this article. First of all, a self-adaption method of trust features sampling is proposed, that adjusts acquisition frequency according to fluctuation of trust attribute collected, which makes the consumption of network resource minimum under the precondition of ensuring accuracy of trust value; Then, the collected trust attribute is judged based on the Mahalanobis distance; Finally, calculate the nodes’ trust value by the optimization of the Beta distribution theory. As the simulation shows, the trust management scheme proposed is suited to WSNs in AMI, and able to reflect the trust value of nodes in a variety of circumstances change better.

With the rapid development of smart grid, the data generated by grid services are growing rapidly, and the requirements for time delay are becoming more and more stringent. The storage and computing capacity of the existing terminal equipment can not meet the needs of high bandwidth and low delay of the system at the same time. Fortunately, mobile edge computing (MEC) can provide users with nearby storage and computing services at the network edge, this can give an option to simultaneously meet the requirement of high bandwidth and low delay. Aiming at the problem of service offload scheduling in edge computing, this paper proposes a delay optimized task offload algorithm based on task priority classification. Firstly, the priority of power grid services is divided by using analytic hierarchy process (AHP), and the processing efficiency and quality of service of emergency tasks are guaranteed by giving higher weight coefficients to delay constraints and security levels. Secondly, the service is initialized and unloaded according to the task preprocessing time. Finally, the reasonable subchannel allocation is carried out based on the task priority design decision method. Simulation results show that compared with the traditional approaches, our algorithm can effectively improve the overall system revenue and reduce the average user task delay.

By 2025, it is estimated that installed data storage in the U.S. will be 2.2 Zettabytes, generating about 50 million units of end-of-life hard-disk drives (HDDs) per year. The circular economy (CE) tackles waste issues by maximizing value retention in the economy, for instance, through reuse and recycling. However, the reuse of hard disk drives is hindered by the lack of trust organizations have toward other means of data removal than physically destroying HDDs. Here, an agent-based approach explores how organizations' decisions to adopt other data removal means affect HDDs' circularity. The model applies the theory of planned behavior to model the decisions of HDDs end-users. Results demonstrate that the attitude (which is affected by trust) of end-users toward data-wiping technologies acts as a barrier to reuse. Moreover, social pressure can play a significant role as organizations that adopt CE behaviors can set an example for others.

With the development of IT technology and the generalization of the Internet of Things, smart grid systems combining IoT for efficient power grid construction are being widely deployed. As a form of development for this, edge computing and blockchain technology are being combined with the smart grid. Wang et al. proposed a user authentication scheme to strengthen security in this environment. In this paper, we describe the scheme proposed by Wang et al. and security faults. The first is that it is vulnerable to a side-channel attack, an impersonation attack, and a key material change attack. In addition, their scheme does not guarantee the anonymity of a participant in the smart grid system.

Regular expression denial of service (ReDoS)— which exploits the super-linear running time of matching regular expressions against carefully crafted inputs—is an emerging class of DoS attacks to web services. One challenging question for a victim web service under ReDoS attacks is how to quickly recover its normal operation after ReDoS attacks, especially these zero-day ones exploiting previously unknown vulnerabilities.In this paper, we present RegexNet, the first payload-based, automated, reactive ReDoS recovery system for web services. RegexNet adopts a learning model, which is updated constantly in a feedback loop during runtime, to classify payloads of upcoming requests including the request contents and database query responses. If detected as a cause leading to ReDoS, RegexNet migrates those requests to a sandbox and isolates their execution for a fast, first-measure recovery.We have implemented a RegexNet prototype and integrated it with HAProxy and Node.js. Evaluation results show that RegexNet is effective in recovering the performance of web services against zero-day ReDoS attacks, responsive on reacting to attacks in sub-minute, and resilient to different ReDoS attack types including adaptive ones that are designed to evade RegexNet on purpose.

Networked control design is essential to enable normal operation and further accomplish performance improvement of the cyber-physical systems. In this work, a resilient control scheme is presented for the networked nonlinear system under the denial-of-service (DoS) attack and the system uncertainty. Through synthesizing a self regulation system, this scheme is capable of releasing the prescribed performance when attack is active and recovering that in finite-time after the attack is slept. Meanwhile, the neural network is employed to approximate the system uncertainty. Particularly, the update law possesses the non-certainty-equivalent (NCE) structure, and then the impact of the DoS attack is totally isolated. Finally, the numerical simulation is presented to illustrate the effectiveness and benefits of the estimation scheme and the control design.

A recent source of concern for the security of neural networks is the emergence of clean-label dataset poisoning attacks, wherein correctly labeled poison samples are injected into the training dataset. While these poison samples look legitimate to the human observer, they contain malicious characteristics that trigger a targeted misclassification during inference. We propose a scalable and transferable clean-label poisoning attack against transfer learning, which creates poison images with their center close to the target image in the feature space. Our attack, Bullseye Polytope, improves the attack success rate of the current state-of-the-art by 26.75% in end-to-end transfer learning, while increasing attack speed by a factor of 12. We further extend Bullseye Polytope to a more practical attack model by including multiple images of the same object (e.g., from different angles) when crafting the poison samples. We demonstrate that this extension improves attack transferability by over 16% to unseen images (of the same object) without using extra poison samples.

The network security problem brought by the cloud computing has become an important issue to be dealt with in information construction. Since anomaly detection and attack detection in cloud environment need to find the vulnerability through the reverse analysis of data flow, it is of great significance to carry out the reverse analysis of unknown network protocol in the security application of cloud environment. To solve this problem, an improved mining method on bitstream protocol association rules with unknown type and format is proposed. The method combines the location information of the protocol framework to make the frequent extraction process more concise and accurate. In addition, for the frame separation problem of unknown protocol, we design a hierarchical clustering algorithm based on Jaccard distance and a frame field delimitation method based on the proximity of information entropy between bytes. The experimental results show that this technology can correctly resolve the protocol format and realize the purpose of anomaly detection in cloud computing, and ensure the security of cloud services.

Integrity verification of cloud data is of great importance for secure and effective cloud storage since attackers can change the data even though it is encrypted. Traditional integrity verification schemes only let the client know the integrity status of the remote data. When the data is corrupted, the system cannot hold the server accountable. Besides, almost all existing schemes assume that the users are credible. Instead, especially in a dynamic operation environment, users can deny their behaviors, and let the server bear the penalty of data loss. To address the issues above, we propose an accountable dynamic storage integrity verification (ADS-IV) scheme which provides means to detect or eliminate misbehavior of all participants. In the meanwhile, we modify the Invertible Bloom Filter (IBF) to recover the corrupted data and use the Mahalanobis distance to calculate the degree of damage. We prove that our scheme is secure under Computational Diffie-Hellman (CDH) assumption and Discrete Logarithm (DL) assumption and that the audit process is privacy-preserving. The experimental results demonstrate that the computational complexity of the audit is constant; the storage overhead is \$O(\textbackslashtextbackslashsqrt n )\$, which is only 1/400 of the size of the original data; and the whole communication overhead is O(1).As a result, the proposed scheme is not only suitable for large-scale cloud data storage systems, but also for systems with sensitive data, such as banking systems, medical systems, and so on.

Digital signature is more appropriate for message security in Wireless Sensors Networks (WSNs), which is energy-limited, than costly encryption. However, it meets with difficulty of verification when a large amount of message-signature pairs swarm into the central node in WSNs. In this paper, a scalable group testing algorithm based on Latin square (SGTLS) is proposed, which focus on both batch verification of signatures and invalid signature identification. To address the problem of long time-delay during individual verification, we adapt aggregate signature for batch verification so as to judge whether there are any invalid signatures among the collection of signatures once. In particular, when batch verification fails, an invalid signature identification algorithm is presented based on scalable OR-checking matrix of Latin square, which can adjust the number of group testing by itself with the variation of invalid signatures. Comprehensive analyses show that SGTLS has more advantages, such as scalability, suitability for parallel computing and flexible design (Latin square is popular), than other algorithm.

In dynamic control centers, conventional SCADA systems are enhanced with novel assistance functionalities to increase existing monitoring and control capabilities. To achieve this, different key technologies like phasor measurement units (PMU) and Digital Twins (DT) are incorporated, which give rise to new cyber-security challenges. To address these issues, a four-stage threat analysis approach is presented to identify and assess system vulnerabilities for novel dynamic control center architectures. For this, a simplified risk assessment method is proposed, which allows a detailed analysis of the different system vulnerabilities considering various active and passive cyber-attack types. Qualitative results of the threat analysis are presented and discussed for different use cases at the control center and substation level.

This paper builds an Augmented Reality Sandbox (AR Sandbox) system based on augmented reality technology, and performs a 3D reconstruction for the sandbox terrain using the depth sensor Microsoft Kinect in the AR Sandbox, as an entry point to pave the way for later development of related metaverse applications, such as the metaverse architecting and visual interactive modeling. The innovation of this paper is that for the AR Sandbox scene, a 3D reconstruction method based on depth sensor is proposed, which can automatically cut off the edge of the sandbox table in Kinect field of view, and accurately and completely reconstruct the sandbox terrain in Matlab.

Arbitrary style transfer means that stylized images can be generated from a set of arbitrary input image pairs of content images and style images. Recent arbitrary style transfer algorithms lead to distortion of content or incompletion of style transfer because network need to make a balance between the content structure and style. In this paper, we introduce a dual attention network based on style attention and channel attention, which can flexibly transfer local styles, pay more attention to content structure, keep content structure intact and reduce unnecessary style transfer. Experimental results show that the network can synthesize high quality stylized images while maintaining real-time performance.

Polymerization process is a process in the production of polyester fiber, and its reaction parameter intrinsic viscosity has an important influence on the properties of the final polyester fiber. In this paper, a feature selection extreme learning machine model based on binary encoding Atom Search Optimization algorithm is proposed and applied to the polymerization process of polyester fiber production. Firstly, the distance measure of K-NearestNeighbor algorithm, combined with binary coding, and Atom Search Optimization algorithm are used to select features of industrial data to obtain the optimal data set. According to the data set, atom search optimization algorithm is used to optimize the weight and threshold of extreme learning machine and the activation function of the improved extreme learning machine. A prediction model with root mean square error as fitness function was established and applied to polyester production process. The simulation results show that the model has good prediction accuracy, which can be used for reference in the follow-up industrial production.

The initially designed internet aimed to create a communication network. The hosts share specific IP addresses to establish a communication channel to transfer messages. However, with the advancement of internet technologies as well as recent growth in various applications such as social networking, web sites, and number of smart phone users, the internet today act as distribution network. The content distribution for large volume traffic on internet mainly suffers from two issues 1) IP addresses allocation for each request message and 2) Real time content delivery. Moreover, users nowadays care only about getting data irrespective of its location. To meet need of the hour for content centric networking (CCN), Information centric networking (ICN) has been proposed as the future internet architecture. Named data networks (NDN) found its roots under the umbrella of ICN as one of its project to overcome the above listed issues. NDN is based on the technique of providing named data retrieval from intermediate nodes. This conceptual shift raises questions on its design, services and challenges. In this paper, we contribute by presenting architectural design of NDN with its routing and forwarding mechanism. Subsequently, we cover services offered by NDN for request-response message communication. Furthermore, the challenges faced by NDN for its implementation has been discussed in last.

In photovoltaic (PV) systems, machine learning-based methods have been used for fault detection and diagnosis in the past years, which require large amounts of data. However, fault types in a single PV station are usually insufficient in practice. Due to insufficient and non-identically distributed data, packet loss and privacy concerns, it is difficult to train a model for diagnosing all fault types. To address these issues, in this paper, we propose a decentralized federated learning (FL)-based fault diagnosis method for insulated gate bipolar transistor (IGBT) open-circuits in PV inverters. All PV stations use the convolutional neural network (CNN) to train local diagnosis models. By aggregating neighboring model parameters, each PV station benefits from the fault diagnosis knowledge learned from neighbors and achieves diagnosing all fault types without sharing original data. Extensive experiments are conducted in terms of non-identical data distributions, various transmission channel conditions and whether to use the FL framework. The results are as follows: 1) Using data with non-identical distributions, the collaboratively trained model diagnoses faults accurately and robustly; 2) The continuous transmission and aggregation of model parameters in multiple rounds make it possible to obtain ideal training results even in the presence of packet loss; 3) The proposed method allows each PV station to diagnose all fault types without original data sharing, which protects data privacy.

In the multivariable fault diagnosis of industrial process, due to the existence of correlation between variables, the result of fault diagnosis will inevitably appear "smearing" effect. Although the fault diagnosis method based on the contribution of multi-dimensional reconstruction is helpful when multiple faults occur. But in order to correctly isolate all the fault variables, this method will become very inefficient due to the combination of variables. In this paper, a fault diagnosis method based on kNN and MRBC is proposed to fundamentally avoid the corresponding influence of "smearing", and a fast variable selection strategy is designed to accelerate the process of fault isolation. Finally, simulation study on a benchmark process verifies the effectiveness of the method, in comparison with the traditional method represented by FDA-based method.

When a fault occurs in power grid, the analytic model for power grid fault diagnosis could generate multiple solutions under one or more protective relays (PRs) and/or circuit breakers (CBs) malfunctioning, and/or one or more their alarm information failing. Hence, this paper, calling the electrical quantities, presents an optimal solution discrimination method, which determines the optimal solution by constructing the electrical criteria of suspicious faulty components. Furthermore, combining the established electrical criteria with the existing analytic model, a hierarchical fault diagnosis mode is proposed. It uses the analytic model for the first level diagnosis based on the switching quantities. Thereafter, aiming at multiple solutions, it applies the electrical criteria for the second level diagnosis to determine the diagnostic result. Finally, the examples of fault diagnosis demonstrate the feasibility and effectiveness of the developed method.

The output of rolling bearings, as one of the most widely used support elements, has a significant impact on the equipment's stability and protection. Automatic and effective mining of features representing performance condition plays an important role in ensuring its reliability. However, in the actual process, there are often differences in the quality of features extracted from feature engineering, and this difference cannot be evaluated by commonly used methods, such as correlation metric and monotonicity metric. In order to accurately and automatically evaluate and select effective features, a novel assessment metric is established based on the attributes of the feature itself. Firstly, the features are extracted from different domains, which contain differential information, and a feature set is constructed. Secondly, the performances of the features are evaluated and selected based on internal distance and external distance, which is a novel feature evaluation model for classification task. Finally, an adaptive boosting strategy that combines multiple weak learners is adopted to achieve the fault identification at different severities and orientations. One experimental bearing dataset is adopted to analyze, and effectiveness and accuracy of proposed metric index is verified.

The core looseness fault is an important part of transformer fault. The state of the core can be obtained by analyzing the vibration signal. Vibration analysis method has been used in transformer condition monitoring and fault diagnosis for many years, while different methods produce different results. In order to select the correct method in engineering application, five kinds of joint time-frequency analysis methods, such as short-time Fourier transform, Wigner-Ville distribution, S transform, wavelet transform and empirical mode decomposition are compared, and the advantages and disadvantages of these methods for dealing with the vibration signal of transformer core are analyzed in this paper. It indicates that wavelet transform and empirical mode decomposition have more advantages in the diagnosis of core looseness fault. The conclusions have referential significance for the diagnosis of transformer faults in engineering.

Verification code recognition system based on convolutional neural network. In order to strengthen the network security defense work, this paper proposes a novel verification code recognition system based on convolutional neural network. The system combines Internet technology and big data technology, combined with advanced captcha technology, can prevent hackers from brute force cracking behavior to a certain extent. In addition, the system combines convolutional neural network, which makes the verification code combine numbers and letters, which improves the complexity of the verification code and the security of the user account. Based on this, the system uses threshold segmentation method and projection positioning method to construct an 8-layer convolutional neural network model, which enhances the security of the verification code input link. The research results show that the system can enhance the complexity of captcha, improve the recognition rate of captcha, and improve the security of user accounting.

Any technique to ensure memory safety requires knowledge of (a) precise array bounds and (b) the data types accessed by memory load/store and pointer move instructions (called, owners) in the program. While this information can be effectively derived by compiler-level approaches much of this information may be lost during the compilation process and become unavailable to binary-level tools. In this work we conduct the first detailed study on how accurately can this information be extracted or reconstructed by current state-of-the-art static reverse engineering (RE) platforms for binaries compiled with and without debug symbol information. Furthermore, it is also unclear how the imprecision in array bounds and instruction owner information that is obtained by the RE tools impacts the ability of techniques to detect illegal memory accesses at run-time. We study this issue by designing, building, and deploying a novel binary-level technique to assess the properties and effectiveness of the information provided by the static RE algorithms in the first stage to guide the run-time instrumentation to detect illegal memory accesses in the decoupled second stage. Our work explores the limitations and challenges for static binary analysis tools to develop accurate binary-level techniques to detect memory errors.