Biblio

Aiming at group shilling attacks in recommender systems, a shilling group detection approach based on triangle dense subgraph mining is proposed. First, the user relation graph is built by mining the relations among users in the rating dataset. Second, the improved triangle dense subgraph mining method and the personalizing PageRank seed expansion algorithm are used to divide candidate shilling groups. Finally, the suspicious degrees of candidate groups are calculated using several group detection indicators and the attack groups are obtained. Experiments indicate that our method has better detection performance on the Amazon and Yelp datasets than the baselines.

True random number generators (TRNG) are widely used to generate encryption keys in information security systems [1]–[2]. In TRNG, entropy source is a critical module who provides the source of randomness of output bit stream. The unavoidable electrical noise in circuit becomes an ideal entropy source due to its unpredictability. Among the methods of capturing electrical noise, ring oscillator-based entropy source makes the TRNG most robust to deterministic noise and 1/f noise which means the strongest anti-interference capability, so it is simple in structure and easy to integrate [3]. Thus, great research attention has focused on ring oscillator-based TRNGs [3] –[7]. In [4], a high-speed TRNG with 100Mbps output bit rate was proposed, but it took up too much power and area. A TRNG based on tetrahedral ring oscillator was proposed in [5]. Its power consumption was very low but the output bit rate was also very low. A ring oscillator-based TRNG with low output bit rate but high power was proposed in [7]. In a word, none of the above architectures achieve an appropriate compromise between bit rate and power consumption. This work presents a new feedback architecture of TRNG based on tetrahedral ring oscillator. The output random bit stream generates a relative random control voltage that acts on the transmission gates in oscillator through a feedback loop, thus increasing phase jitter of the oscillator and improving output bit rate. Furthermore, an XOR chain-based post-processing unit is added to eliminate the statistical deviations and correlations between raw bits.

Symbiotic radio (SR) has recently emerged as a promising technology to boost spectrum efficiency of wireless communications by allowing reflective communications underlying the active RF communications. In this paper, we leverage SR to boost physical layer security by using an array of passive reflecting elements constituting the intelligent reflecting surface (IRS), which is reconfigurable to induce diverse RF radiation patterns. In particular, by switching the IRS's phase shifting matrices, we can proactively create dynamic channel conditions, which can be exploited by the transceivers to extract common channel features and thus used to generate secret keys for encrypted data transmissions. As such, we firstly present the design principles for IRS-assisted key generation and verify a performance improvement in terms of the secret key generation rate (KGR). Our analysis reveals that the IRS's random phase shifting may result in a non-uniform channel distribution that limits the KGR. Therefore, to maximize the KGR, we propose both a heuristic scheme and deep reinforcement learning (DRL) to control the switching of the IRS's phase shifting matrices. Simulation results show that the DRL approach for IRS-assisted key generation can significantly improve the KGR.

Cyber ranges are proven to be effective towards the direction of cyber security training. Nevertheless, the existing literature in the area of cyber ranges does not cover, to our best knowledge, the field of 5G security training. 5G networks, though, reprise a significant field for modern cyber security, introducing a novel threat landscape. In parallel, the demand for skilled cyber security specialists is high and still rising. Therefore, it is of utmost importance to provide all means to experts aiming to increase their preparedness level in the case of an unwanted event. The EU funded SPIDER project proposes an innovative Cyber Range as a Service (CRaaS) platform for 5G cyber security testing and training. This paper aims to present the evaluation framework, followed by SPIDER, for the extraction of the user requirements. To validate the defined user requirements, SPIDER leveraged of questionnaires which included both closed and open format questions and were circulated among the personnel of telecommunication providers, vendors, security service providers, managers, engineers, cyber security personnel and researchers. Here, we demonstrate a selected set of the most critical questions and responses received. From the conducted analysis we reach to some important conclusions regarding 5G testing and training capabilities that should be offered by a cyber range, in addition to the analysis of the different perceptions between cyber security and 5G experts.

Considering the influence of load, This paper proposes a robust analysis method of cyber-physical power system based on the evolution of adjacency matrix. This method uses the load matrix to detect whether the system has overload failure, utilizes the reachable matrix to detect whether the system has unconnected failure, and uses the dependency matrix to reveal the cascading failure mechanism in the system. Finally, analyze the robustness of the cyber-physical power system. The IEEE30 standard node system is taken as an example for simulation experiment, and introduced the connectivity index and the load loss ratio as evaluation indexes. The robustness of the system is evaluated and analyzed by comparing the variation curves of connectivity index and load loss ratio under different tolerance coefficients. The results show that the proposed method is feasible, reduces the complexity of graph-based attack methods, and easy to research and analyze.

Cognitive radio primary network secure communication strategy based on secondary user energy harvesting and primary user destination assistance is investigated to guarantee primary user secure communication in cognitive radio network. In the proposed strategy, the primary network selects the best secondary user to forward the traffic from a primary transmitter (PT) to a primary receiver (PR). The best secondary user implements beamforming technique to assist primary network for secure communication. The remaining secondary transmitters harvest energy and transmit information to secondary receiver over the licensed primary spectrum. In order to further enhance the security of primary network and increase the harvested energy for the remaining secondary users, a destination-assisted jamming signal transmission strategy is proposed. In this strategy, artificial noise jamming signal transmitted by PR not only confuses eavesdropper, but also be used to power the remaining secondary users. Simulation results demonstrate that, the proposed strategy allows secondary users to communicate in the licensed primary spectrum. It enhances primary network secure communication performance dramatically with the joint design of secondary user transmission power and beamforming vectors. Furthermore, physical layer security of primary and secondary network can also be guaranteed via the proposed cognitive radio primary network secure communication strategy.

We consider that in order to improve the utilization rate of spectrum resources and the security rate of unmanned aerial vehicle (UAV) Communication system, a secure transmission scheme of UAV relay assisted cognitive radio network (CRN) is proposed. In the presence of primary users and eavesdroppers, the UAV acts as the decoding and forwarding mobile relay to assist the secure transmission from the source node to the legitimate destination node. This paper optimizes the flight trajectory and transmission power of the UAV relay to maximize the security rate. Since the design problem is nonconvex, the original problem is approximated to a convex constraint by constructing a surrogate function with nonconvex constraints, and an iterative algorithm based on continuous convex approximation is used to solve the problem. The simulation results show that the algorithm can effectively improve the average security rate of the secondary system and successfully optimize the UAV trajectory.

The ubiquity of wireless communication systems has resulted in extensive concern regarding their security issues. Combination of signaling and secrecy coding can provide greater improvement of confidentiality than tradition methods. In this work, we mainly focus on the secrecy coding design for physical layer security in wireless communications. When the main channel and wiretap channel are noisy, we propose a McEliece secure coding method based on LDPC which can guarantee both reliability between intended users and information security with respect to eavesdropper simultaneously. Simulation results show that Bob’s BER will be significantly decreased with the SNR increased, while Eve get a BER of 0.5 no matter how the SNR changes.

This paper for the first time investigate the security and reliability performance of ultra-reliable low-latency communication (URLLC) systems in the presence of randomly distributed eavesdroppers, where the impact of short blocklength codes and imperfect channel estimation are jointly considered. Based on the finite-blocklength information theory, we first derive a closed-form approximation of transmission error probability to describe the degree of reliability loss. Then, we also derive an asymptotic expression of intercept probability to characterize the security performance, where the impact of secrecy protected zone is also considered. Simulation and numerical results validate the accuracy of theoretical approximations, and illustrate the tradeoff between security and reliability. That is, the intercept probability of URLLC systems can be suppressed by loosening the reliability requirement, and vice versa. More importantly, the theoretical analysis and methodologies presented in this paper can offer some insights and design guidelines for supporting secure URLLC applications in the future 6G wireless networks.

With the increase of computing power of quantum computers, classical cryptography schemes such as RSA and ECC are no longer secure in the era of quantum computers. The Cryptosystem based on coding has the advantage of resisting quantum computing and has a good application prospect in the future. McEliece Public Key Cryptography is a cryptosystem based on coding theory, whose security can be reduced to the decoding problem of general linear codes and can resist quantum attacks. Therefore, this paper proposes a cryptosystem based on the Polar-LDPC Concatenated Codes, which is an improvement on the original McEliece cipher scheme. The main idea is to take the generation matrix of Polar code and LDPC code as the private key, and the product of their hidden generation matrix as the public key. The plain text is encoded by Polar code and LDPC code in turn to obtain the encrypted ciphertext. The decryption process is the corresponding decoding process. Then, the experimental data presented in this paper prove that the proposed scheme can reduce key size and improve security compared with the original McEliece cryptosystem under the condition of selecting appropriate parameters. Moreover, compared with the improvement schemes based on McEliece proposed in recent years, the proposed scheme also has great security advantages.

In this paper, we propose a twice chaotic encryption scheme to improve the security of CO-OFDM/OQAM system. Simulation results show that the proposed scheme enhance the physical-layer security within the acceptable performance penalty.

In this paper, we propose a Chaotic Constellation Masking (CCM) encryption method based on henon mapping to enhance the security of CO-OFDM/OQAM system. Simulation results indicate the capability of the CCM method improving system security.

Blockchain started with Bitcoin, but it is higher than Bitcoin. With the deepening of applied research on blockchain technology, this new technology has brought new vitality to many industries. People admire the decentralized nature of the blockchain and hope to solve the problems caused by the operation of traditional centralized institutions in a more fair and effective way. Of course, as an emerging technology, blockchain has many areas for improvement. This article explains the blockchain technology from many aspects. Starting from the typical architecture of the blockchain, the data structure and system model of the blockchain are first introduced. Then it expounds the development of consensus algorithms and compares typical consensus algorithms. Later, the focus will be on smart contracts and their application platforms. After analyzing some of the challenges currently faced by the blockchain technology, some scenarios where the blockchain is currently developing well are listed. Finally, it summarizes and looks forward to the blockchain technology.

Bitcoin is a representative cryptocurrency system using a permissionless peer-to-peer (P2P) network as its communication infrastructure. A number of attacks against Bitcoin have been discovered over the past years, including the Eclipse and EREBUS Attacks. In this paper, we present a new attack against Bitcoin’s P2P networking, dubbed ConMan because it leverages connection manipulation. ConMan achieves the same effect as the Eclipse and EREBUS Attacks in isolating a target (i.e., victim) node from the rest of the Bitcoin network. However, ConMan is different from these attacks because it is an active and deterministic attack, and is more effective and efficient. We validate ConMan through proof-of-concept exploitation in an environment that is coupled with real-world Bitcoin node functions. Experimental results show that ConMan only needs a few minutes to fully control the peer connections of a target node, which is in sharp contrast to the tens of days that are needed by the Eclipse and EREBUS Attacks. Further, we propose several countermeasures against ConMan. Some of them would be effective but incompatible with the design principles of Bitcoin, while the anomaly detection approach is positively achievable. We disclosed ConMan to the Bitcoin Core team and received their feedback, which confirms ConMan and the proposed countermeasures.

In the big data cloud computing environment, data security issues have become a focus of attention. This paper delivers an overview of conceptions, characteristics and advanced technologies for big data cloud computing. Security issues of data quality and privacy control are elaborated pertaining to data access, data isolation, data integrity, data destruction, data transmission and data sharing. Eventually, a virtualization architecture and related strategies are proposed to against threats and enhance the data security in big data cloud environment.

Fully homomorphic encryption (FHE) provides effective security assurance for privacy computing in cloud environments. But the existing FHE schemes are generally faced with challenges including using single-bit encryption and large ciphertext noise, which greatly affects the encryption efficiency and practicability. In this paper, a low-noise FHE scheme supporting multi-bit encryption is proposed based on the HAO scheme. The new scheme redesigns the encryption method without changing the system parameters and expands the plaintext space to support the encryption of integer matrices. In the process of noise reduction, we introduce a PNR method and use the subGaussian distribution theory to analyze the ciphertext noise. The security and the efficiency analysis show that the improved scheme can resist the chosen plaintext attack and effectively reduce the noise expansion rate. Comparative experiments show that the scheme has high encryption efficiency and is suitable for the privacy-preserving computation of integer matrices.

In-vehicle CAN (Controller Area Network) bus network does not have any network security protection measures, which is facing a serious network security threat. However, most of the intrusion detection solutions requiring extensive computational resources cannot be implemented in in- vehicle network system because of the resource constrained ECUs. To add additional hardware or to utilize cloud computing, we need to solve the cost problem and the reliable communication requirement between vehicles and cloud platform, which is difficult to be applied in a short time. Therefore, we need to propose a short-term solution for automobile manufacturers. In this paper, we propose a signature-based light-weight intrusion detection system, which can be applied directly and promptly to vehicle's ECUs (Electronic Control Units). We detect the anomalies caused by several attack modes on CAN bus from real-world scenarios, which provide the basis for selecting signatures. Experimental results show that our method can effectively detect CAN traffic related anomalies. For the content related anomalies, the detection ratio can be improved by exploiting the relationship between the signals.

With advantages of low cost, high mobility, and flexible deployment, unmanned aerial vehicle (UAVs) are employed to efficiently detect abnormal vehicle behaviors (AVBs) in the internet of vehicles (IoVs). However, due to limited resources including battery, computing, and communication, UAVs are selfish to work cooperatively. To solve the above problem, in this paper, a game theoretical UAV incentive scheme in IoVs is proposed. Specifically, the abnormal behavior model is first constructed, where three model categories are defined: velocity abnormality, distance abnormality, and overtaking abnormality. Then, the barging pricing framework is designed to model the interactions between UAVs and IoVs, where the transaction prices are determined with the abnormal behavior category detected by UAVs. At last, simulations are conducted to verify the feasibility and effectiveness of our proposed scheme.

This paper summarizes the types and contents of enterprise big data information, analyzes the demand and characteristics of enterprise shared data information based on the Internet of things, and analyzes the current situation of enterprise big data fusion at home and abroad. Firstly, using the idea of the Internet of things for reference, the intelligent sensor is used as the key component of data acquisition, and the multi energy data acquisition technology is discussed. Then the data information of entity enterprises is taken as the research object and a low energy consumption transmission method based on data fusion mechanism for industrial ubiquitous Internet of things is proposed. Finally, a network monitoring and data fusion platform for the industrial Internet of things is implemented. The monitoring node networking and platform usability test are also performed. It is proved that the scheme can achieve multi parameter, real-time, high reliable network intelligent management.

The application of intelligent video terminal has spread in all aspects of production and life, such as urban transportation, enterprises, hospitals, banks, and families. In recent years, intelligent video terminals, video recorders and other video monitoring system components are frequently exposed to high risks of security vulnerabilities, which is likely to threaten the privacy of users and data security. Therefore, it is necessary to strengthen the security research and testing of intelligent video terminals, and formulate reinforcement and protection strategies based on the evaluation results, in order to ensure the confidentiality, integrity and availability of data collected and transmitted by intelligent video terminals.

With the rapid construction and popularization of smart grid, the security of data in smart grid has become the basis for the safe and stable operation of smart grid. This paper proposes a data security threat discovery model for smart grid. Based on the prediction data analysis method, combined with migration learning technology, it analyzes different data, uses data matching process to classify the losses, and accurately predicts the analysis results, finds the security risks in the data, and prevents the illegal acquisition of data. The reinforcement learning and training process of this method distinguish the effective authentication and illegal access to data.

Insider threat makes enterprises or organizations suffer from the loss of property and the negative influence of reputation. User behavior analysis is the mainstream method of insider threat detection, but due to the lack of fine-grained detection and the inability to effectively capture the behavior patterns of individual users, the accuracy and precision of detection are insufficient. To solve this problem, this paper designs an insider threat detection method based on user historical behavior and attention mechanism, including using Long Short Term Memory (LSTM) to extract user behavior sequence information, using Attention-based on user history behavior (ABUHB) learns the differences between different user behaviors, uses Bidirectional-LSTM (Bi-LSTM) to learn the evolution of different user behavior patterns, and finally realizes fine-grained user abnormal behavior detection. To evaluate the effectiveness of this method, experiments are conducted on the CMU-CERT Insider Threat Dataset. The experimental results show that the effectiveness of this method is 3.1% to 6.3% higher than that of other comparative model methods, and it can detect insider threats in different user behaviors with fine granularity.

Insider threats are the cyber attacks from the trusted entities within an organization. An insider attack is hard to detect as it may not leave a footprint and potentially cause huge damage to organizations. Anomaly detection is the most common approach for insider threat detection. Lack of real-world data and the skewed class distribution in the datasets makes insider threat analysis an understudied research area. In this paper, we propose a Conditional Generative Adversarial Network (CGAN) to enrich under-represented minority class samples to provide meaningful and diverse data for anomaly detection from the original malicious scenarios. Comprehensive experiments performed on benchmark dataset demonstrates the effectiveness of using CGAN augmented data, and the capability of multi-class anomaly detection for insider activity analysis. Moreover, the method is compared with other existing methods against different parameters and performance metrics.

Return address authentication mechanisms protect return addresses by calculating and checking their message authentication codes (MACs) at runtime. However, these works only provide empirical analysis on their security, and it is still unclear whether the attacker can bypass these defenses by launching reuse attacks.In this paper, we present a solution to quantitatively analysis the security of return address authentication mechanisms against reuse attacks. Our solution utilizes some libc functions that could leakage data from memory. First, we perform reaching definition analysis to identify the source of parameters of these functions. Then we infer how many MACs could be observed at runtime by modifying these parameters. Afterward, we select the gadgets that could be exploited by reusing these observed MACs. Finally, we stitch desired gadget to craft attacks. We evaluated our solution on 5 real-word applications and successfully crafted reuse attacks on 3 of them. We find that the larger an application is, the more libc functions and gadgets can be found and reused, and furthermore, the more likely the attack is successfully crafted.

The widespread adoption of DEP has made most modern attacks follow the same general steps: Attackers try to construct code-reuse attacks by using vulnerable indirect branch instructions in shared objects after successful exploits on memory vulnerabilities. In response to code-reuse attacks, researchers have proposed a large number of defenses. However, most of them require access to source code and/or specific hardware features. These limitations hinder the deployment of these defenses much.In this paper, we propose an address-based code-reuse attack mitigation for shared objects at the binary-level. We emphasize that the execution of indirect branch instruction must follow several principles we propose. More specifically, we first reconstruct function boundaries at the program’s dynamic-linking stage by combining shared object’s dynamic symbols with binary-level instruction analysis. We then leverage static instrumentation to hook vulnerable indirect branch instructions to a novel target address computation and validation routine. At runtime, AddrArmor will protect against code-reuse attacks based on the computed target address.Our experimental results show that AddrArmor provides a strong line of defense against code reuse attacks, and has an acceptable performance overhead of about 6.74% on average using SPEC CPU 2006.