Biblio

In sensor-enabled Internet of Things (IoT), nodes are deployed in an open and remote environment, therefore, are vulnerable to a variety of attacks. Recently, trust-based schemes have played a pivotal role in addressing nodes' misbehavior attacks in IoT. However, the existing trust-based schemes apply network wide dissemination of the control packets that consume excessive energy in the quest of trust evaluation, which ultimately weakens the network lifetime. In this context, this paper presents an energy efficient trust evaluation (EETE) scheme that makes use of hierarchical trust evaluation model to alleviate the malicious effects of illegitimate sensor nodes and restricts network wide dissemination of trust requests to reduce the energy consumption in clustered-sensor enabled IoT. The proposed EETE scheme incorporates three dilemma game models to reduce additional needless transmissions while balancing the trust throughout the network. Specially: 1) a cluster formation game that promotes the nodes to be cluster head (CH) or cluster member to avoid the extraneous cluster; 2) an optimal cluster formation dilemma game to affirm the minimum number of trust recommendations for maintaining the balance of the trust in a cluster; and 3) an activity-based trust dilemma game to compute the Nash equilibrium that represents the best strategy for a CH to launch its anomaly detection technique which helps in mitigation of malicious activity. Simulation results show that the proposed EETE scheme outperforms the current trust evaluation schemes in terms of detection rate, energy efficiency and trust evaluation time for clustered-sensor enabled IoT.

Social media have become increasingly popular for the sharing and spreading of user-generated content due to their easy access, fast dissemination, and low cost. Meanwhile, social media also enable the wide propagation of cyber frauds, which leverage fake information sources to reach an ulterior goal. The prevalence of untrustworthy information sources on social media can have significant negative societal effects. In a trustworthy social media system, trust calculation technology has become a key demand for the identification of information sources. Trust, as one of the most complex concepts in network communities, has multi-criteria properties. However, the existing work only focuses on single trust factor, and does not consider the complexity of trust relationships in social computing completely. In this paper, a multi-criteria trustworthiness calculation mechanism called Info-Trust is proposed for information sources, in which identity-based trust, behavior-based trust, relation-based trust, and feedback-based trust factors are incorporated to present an accuracy-enhanced full view of trustworthiness evaluation of information sources. More importantly, the weights of these factors are dynamically assigned by the ordered weighted averaging and weighted moving average (OWA-WMA) combination algorithm. This mechanism surpasses the limitations of existing approaches in which the weights are assigned subjectively. The experimental results based on the real-world datasets from Sina Weibo demonstrate that the proposed mechanism achieves greater accuracy and adaptability in trustworthiness identification of the network information.

Trust is an important topic in today's interconnected world. Breaches of trust in today's systems has had profound effects upon us all, and they are very difficult and costly to fix especially when caused by flaws in the system's architecture. Trust modeling can expose these types of issues, but modeling trust in complex multi-tiered system architectures can be very difficult. Often experts have differing views of trust and how it applies to systems within their domain. This work presents a graph-based modeling methodology that normalizes the application of trust across disparate system domains allowing the modeling of complex intersystem trust relationships. An algorithm is proposed that applies graph theory to model, validate and evaluate trust in system architectures. Also, it provides the means to apply metrics to compare and prioritize the effectiveness of trust management in system and component architectures. The results produced by the algorithm can be used in conjunction with systems engineering processes to ensure both trust and the efficient use of resources.

Mobile cloud computing has the features of resource constraints, openness, and uncertainty which leads to the high uncertainty on its quality of service (QoS) provision and serious security risks. Therefore, when faced with complex service requirements, an efficient and reliable service composition approach is extremely important. In addition, preference learning is also a key factor to improve user experiences. In order to address them, this paper introduces a three-layered trust-enabled service composition model for the mobile cloud computing systems. Based on the fuzzy comprehensive evaluation method, we design a novel and integrated trust management model. Service brokers are equipped with a learning module enabling them to better analyze customers' service preferences, especially in cases when the details of a service request are not totally disclosed. Because traditional methods cannot totally reflect the autonomous collaboration between the mobile cloud entities, a prototype system based on the multi-agent platform JADE is implemented to evaluate the efficiency of the proposed strategies. The experimental results show that our approach improves the transaction success rate and user satisfaction.

The integration of Internet of Things (IoT) and edge computing is currently a new research hotspot. However, the lack of trust between IoT edge devices has hindered the universal acceptance of IoT edge computing as outsourced computing services. In order to increase the adoption of IoT edge computing applications, first, IoT edge computing architecture should establish efficient trust calculation mechanism to alleviate the concerns of numerous users. In this paper, a reliable and lightweight trust mechanism is originally proposed for IoT edge devices based on multi-source feedback information fusion. First, due to the multi-source feedback mechanism is used for global trust calculation, our trust calculation mechanism is more reliable against bad-mouthing attacks caused by malicious feedback providers. Then, we adopt lightweight trust evaluating mechanism for cooperations of IoT edge devices, which is suitable for largescale IoT edge computing because it facilitates low-overhead trust computing algorithms. At the same time, we adopt a feedback information fusion algorithm based on objective information entropy theory, which can overcome the limitations of traditional trust schemes, whereby the trust factors are weighted manually or subjectively. And the experimental results show that the proposed trust calculation scheme significantly outperforms existing approaches in both computational efficiency and reliability.

Exclusive-or (XOR) operations are common in cryptographic protocols, in particular in RFID protocols and electronic payment protocols. Although there are numerous applications, due to the inherent complexity of faithful models of XOR, there is only limited tool support for the verification of cryptographic protocols using XOR. The Tamarin prover is a state-of-the-art verification tool for cryptographic protocols in the symbolic model. In this paper, we improve the underlying theory and the tool to deal with an equational theory modeling XOR operations. The XOR theory can be freely combined with all equational theories previously supported, including user-defined equational theories. This makes Tamarin the first tool to support simultaneously this large set of equational theories, protocols with global mutable state, an unbounded number of sessions, and complex security properties including observational equivalence. We demonstrate the effectiveness of our approach by analyzing several protocols that rely on XOR, in particular multiple RFID-protocols, where we can identify attacks as well as provide proofs.

This paper addresses the nature of data and knowledge, the relation between them, the variety of views as a characteristic of Big Data regarding that data may come from many different sources/views from different viewpoints, and the associated essential issues of data provenance, knowledge provenance, scientific computing integrity, and trust in the data science process. Towards the direction of data-intensive science and engineering, it is of paramount importance to ensure Scientific Computing Integrity (SCI). A failure of SCI may be caused by malicious attacks, natural environmental changes, faults of scientists, operations mistakes, faults of supporting systems, faults of processes, and errors in the data or theories on which a research relies. The complexity of scientific workflows and large provenance graphs as well as various causes for SCI failures make ensuring SCI extremely difficult. Provenance and trust play critical role in evaluating SCI. This paper reports our progress in building a model for provenance-based trust reasoning about SCI.

Feature of modern scientific information systems is their integration with computing applications, providing distributed computer simulation and intellectual processing of Big Data using high-efficiency computing. Often these software systems include legacy applications in different programming languages, with non-standardized interfaces. To solve the problem of applications integration, containerization systems are using that allow to configure environment in the shortest time to deploy software system. However, there are no such systems for computer simulation systems with large number of nodes. The article considers the actual task of combining containers into a cluster, integrating legacy applications to manage the distributed software system MD-SLAG-MELT v.14, which supports high-performance computing and visualization of the computer experiments results. Testing results of the container cluster including automatic load sharing module for MD-SLAG-MELT system v.14. are given.

Live VM migration is the most vulnerable process in cloud federations for DDOS attacks, loss of data integrity, confidentiality, unauthorized access and injection of malicious viruses on VM disk images. We have scrutinized following set of crucial security features which are; authorization, confidentiality, replay protection (accountability), integrity, mutual authentication and source non-repudiation (availability) to cater different threats and vulnerabilities during live VM migration. The investigated threats and vulnerabilities are catered and implemented in a proposed solution, presented in this paper. Six security features-authorization, confidentiality, replay protection, integrity, mutual authentication and source non-repudiation are focused and modular implementation has been done. Solution is validated in AVISPA tool in modules for threats for all the notorious security requirements and no outbreak were seen.

Trust Relationships have shown great potential to improve recommendation quality, especially for cold start and sparse users. Since each user trust their friends in different degrees, there are numbers of works been proposed to take Trust Strength into account for recommender systems. However, these methods ignore the information of trust directions between users. In this paper, we propose a novel method to adaptively learn directive trust strength to improve trust-aware recommender systems. Advancing previous works, we propose to establish direction of trust strength by modeling the implicit relationships between users with roles of trusters and trustees. Specially, under new trust strength with directions, how to compute the directive trust strength is becoming a new challenge. Therefore, we present a novel method to adaptively learn directive trust strengths in a unified framework by enforcing the trust strength into range of [0, 1] through a mapping function. Our experiments on Epinions and Ciao datasets demonstrate that the proposed algorithm can effectively outperform several state-of-art algorithms on both MAE and RMSE metrics.

Quantum technology is a new field of physics and engineering. In emerging areas like Quantum Cryptography, Quantum Computing etc, Quantum circuits play a key role. Quantum circuit is a model for Quantum computation, the computation process of Quantum gates are based on reversible logic. Encoder and Decoder are designed using Quantum gates, and synthesized in the QCAD simulator. Quantum error correction (QEC) is essential to protect quantum information from errors due to quantum noise and decoherence. It is also use to achieve fault-tolerant quantum computation that deals with noise on stored information, faulty quantum gates and faulty measurements.

The use of Knuth's Rule and Bayesian Blocks constant piecewise models for characterization of RFID traffic has been proposed already. This study presents an evaluation of the application of those two modeling techniques for various RFID traffic patterns. The data sets used in this study consist of time series of binned RFID command counts. More specifically., we compare the shape of several empirical plots of raw data sets we obtained from experimental RIFD readings., against the constant piecewise graphs produced as an output of the two modeling algorithms. One issue limiting the applicability of modeling techniques to RFID traffic is the fact that there are a large number of various RFID applications available. We consider this phenomenon to present the main motivation for this study. The general expectation is that the RFID traffic traces from different applications would be sequences with different histogram shapes. Therefore., no modeling technique could be considered universal for modeling the traffic from multiple RFID applications., without first evaluating its model performance for various traffic patterns. We postulate that differences in traffic patterns are present if the histograms of two different sets of RFID traces form visually different plot shapes.

Transactive energy systems (TES) are emerging as a transformative solution for the problems that distribution system operators face due to an increase in the use of distributed energy resources and rapid growth in scalability of managing active distribution system (ADS). On the one hand, these changes pose a decentralized power system control problem, requiring strategic control to maintain reliability and resiliency for the community and for the utility. On the other hand, they require robust financial markets while allowing participation from diverse prosumers. To support the computing and flexibility requirements of TES while preserving privacy and security, distributed software platforms are required. In this paper, we enable the study and analysis of security concerns by developing Transactive Energy Security Simulation Testbed (TESST), a TES testbed for simulating various cyber attacks. In this work, the testbed is used for TES simulation with centralized clearing market, highlighting weaknesses in a centralized system. Additionally, we present a blockchain enabled decentralized market solution supported by distributed computing for TES, which on one hand can alleviate some of the problems that we identify, but on the other hand, may introduce newer issues. Future study of these differing paradigms is necessary and will continue as we develop our security simulation testbed.

Transition noise and remanence noise are the two most important types of media noise in heat-assisted magnetic recording. We examine two methods (spatial splitting and principal components analysis) to distinguish them: both techniques show similar trends with respect to applied field and grain pitch (GP). It was also found that PW50can be affected by GP and reader design, but is almost independent of write field and bit length (larger than 50 nm). Interestingly, our simulation shows a linear relationship between jitter and PW50NSRrem, which agrees qualitatively with experimental results.

Cloud storage brokerage systems abstract cloud storage complexities by mediating technical and business relationships between cloud stakeholders, while providing value-added services. This however raises security challenges pertaining to the integration of disparate components with sometimes conflicting security policies and architectural complexities. Assessing the security risks of these challenges is therefore important for Cloud Storage Brokers (CSBs). In this paper, we present a threat modeling schema to analyze and identify threats and risks in cloud brokerage brokerage systems. Our threat modeling schema works by generating attack trees, attack graphs, and data flow diagrams that represent the interconnections between identified security risks. Our proof-of-concept implementation employs the Common Configuration Scoring System (CCSS) to support the threat modeling schema, since current schemes lack sufficient security metrics which are imperatives for comprehensive risk assessments. We demonstrate the efficiency of our proposal by devising CCSS base scores for two attacks commonly launched against cloud storage systems: Cloud sStorage Enumeration Attack and Cloud Storage Exploitation Attack. These metrics are then combined with CVSS based metrics to assign probabilities in an Attack Tree. Thus, we show the possibility combining CVSS and CCSS for comprehensive threat modeling, and also show that our schemas can be used to improve cloud security.

Approaches for the automatic analysis of security policies on source code level cannot trivially be applied to binaries. This is due to the lacking high-level semantics of low-level object code, and the fundamental problem that control-flow recovery from binaries is difficult. We present a novel approach to recover the control-flow of binaries that is both safe and efficient. The key idea of our approach is to use the information contained in security mechanisms to approximate the targets of computed branches. To achieve this, we first define a restricted control transition intermediate language (RCTIL), which restricts the number of possible targets for each branch to a finite number of given targets. Based on this intermediate language, we demonstrate how a safe model of the control flow can be recovered without data-flow analyses. Our evaluation shows that that makes our solution more efficient than existing solutions.

Industry 4.0 is based on the CPS architecture since it is the next generation in the industry. The CPS architecture is a system based on Cloud Computing technology and Internet of Things where computer elements collaborate for the control of physical entities. The security framework in this architecture is necessary for the protection of two parts (physical and information) so basically, security in CPS is classified into two main parts: information security (data) and security of control. In this work, we propose two models to solve the two problems detected in the security framework. The first proposal SCCAF (Smart Cloud Computing Adoption Framework) treats the nature of information that serves for the detection and the blocking of the threats our basic architecture CPS. The second model is a modeled detector related to the physical nature for detecting node information.

In Mobile Ad hoc Networks (MANET) the nodes act as a host as well as a router thereby forming a self-organizing network that does not rely upon fixed infrastructure, other than gateways to other networks. MANET provides a quick to deploy flexible networking capability with a dynamic topology due to node mobility. MANET nodes transmit, relay and receive traffic from neighbor nodes as the network topology changes. Security is important for MANET and trust computation is used to improve collaboration between nodes. MANET trust frameworks utilize real-time trust computations to maintain the trust state for nodes in the network. If the trust computation is not resilient against attack, the trust values computed could be unreliable. This paper proposes an Artificial Immune System based approach to compute trust and thereby provide a resilient reputation mechanism.

Our previous work, which can be referred to as EMPRESS 1.0, showed that rich metadata management provides a relatively low-overhead approach to facilitating insight from scale-up scientific applications. However, this system did not provide the functionality needed for a viable production system or address whether such a system could scale. Therefore, we have extended our previous work to create EMPRESS 2.0, which incorporates the features required for a useful production system. Through a discussion of EMPRESS 2.0, this paper explores how to incorporate rich query functionality, fault tolerance, and atomic operations into a scalable, storage system independent metadata management system that is easy to use. This paper demonstrates that such a system offers significant performance advantages over HDF5, providing metadata querying that is 150X to 650X faster, and can greatly accelerate post-processing. Finally, since the current implementation of EMPRESS 2.0 relies on an RDBMS, this paper demonstrates that an RDBMS is a viable technology for managing data-oriented metadata.

Recent insights on language and vision with neural networks have been successfully applied to simple single-image visual question answering. However, to tackle real-life question answering problems on multimedia collections such as personal photos, we have to look at whole collections with sequences of photos or videos. When answering questions from a large collection, a natural problem is to identify snippets to support the answer. In this paper, we describe a novel neural network called Focal Visual-Text Attention network (FVTA) for collective reasoning in visual question answering, where both visual and text sequence information such as images and text metadata are presented. FVTA introduces an end-to-end approach that makes use of a hierarchical process to dynamically determine what media and what time to focus on in the sequential data to answer the question. FVTA can not only answer the questions well but also provides the justifications which the system results are based upon to get the answers. FVTA achieves state-of-the-art performance on the MemexQA dataset and competitive results on the MovieQA dataset.

Anomaly detection on security logs is receiving more and more attention. Authentication events are an important component of security logs, and being able to produce trustful and accurate predictions minimizes the effort of cyber-experts to stop false attacks. Observed events are classified into Normal, for legitimate user behavior, and Malicious, for malevolent actions. These classes are consistently excessively imbalanced which makes the classification problem harder; in the commonly used Los Alamos dataset, the malicious class comprises only 0.00033% of the total. This work proposes a novel method to extract advanced composite features, and a supervised learning technique for classifying authentication logs trustfully; the models are Random Forest, LogitBoost, Logistic Regression, and ultimately Majority Voting which leverages the predictions of the previous models and gives the final prediction for each authentication event. We measure the performance of our experiments by using the False Negative Rate and False Positive Rate. In overall we achieve 0 False Negative Rate (i.e. no attack was missed), and on average a False Positive Rate of 0.0019.

Vehicular Ad-hoc NETwork (VANET) is a vital transportation technology that facilitates the vehicles to share sensitive information (such as steep-curve warnings and black ice on the road) with each other and with the surrounding infrastructure in real-time to avoid accidents and enable comfortable driving experience.To achieve these goals, VANET requires a secure environment for authentic, reliable and trusted information dissemination among the network entities. However, VANET is prone to different attacks resulting in the dissemination of compromised/false information among network nodes. One way to manage a secure and trusted network is to introduce trust among the vehicular nodes. To this end, various Trust Models (TMs) are developed for VANET and can be broadly categorized into three classes, Entity-oriented Trust Models (ETM), Data oriented Trust Models (DTM) and Hybrid Trust Models (HTM). These TMs evaluate trust based on the received information (data), the vehicle (entity) or both through different mechanisms. In this paper, we present a comparative study of the three TMs. Furthermore, we evaluate these TMs against the different trust, security and quality-of-service related benchmarks. Simulation results revealed that all these TMs have deficiencies in terms of end-to-end delays, event detection probabilities and false positive rates. This study can be used as a guideline for researchers to design new efficient and effective TMs for VANET.

In view of the great threat posed by malware and the rapid growing trend about malware variants, it is necessary to determine the category of new samples accurately for further analysis and taking appropriate countermeasures. The network behavior based classification methods have become more popular now. However, the behavior profiling models they used usually only depict partial network behavior of samples or require specific traffic selection in advance, which may lead to adverse effects on categorizing advanced malware with complex activities. In this paper, to overcome the shortages of traditional models, we raise a comprehensive behavior model for profiling the behavior of malware network activities. And we also propose a corresponding malware classification method which can extract and compare the major behavior of samples. The experimental and comparison results not only demonstrate our method can categorize samples accurately in both criteria, but also prove the advantage of our profiling model to two other approaches in accuracy performance, especially under scenario based criteria.

The Machine Type Communication Devices (MTCDs) are usually based on Internet Protocol (IP), which can cause billions of connected objects to be part of the Internet. The enormous amount of data coming from these devices are quite heterogeneous in nature, which can lead to security issues, such as injection attacks, ballot stuffing, and bad mouthing. Consequently, this work considers machine learning trust evaluation as an effective and accurate option for solving the issues associate with security threats. In this paper, a comparative analysis is carried out with five different machine learning approaches: Naive Bayes (NB), Decision Tree (DT), Linear and Radial Support Vector Machine (SVM), KNearest Neighbor (KNN), and Random Forest (RF). As a critical element of the research, the recommendations consider different Machine-to-Machine (M2M) communication nodes with regard to their ability to identify malicious and honest information. To validate the performances of these models, two trust computation measures were used: Receiver Operating Characteristics (ROCs), Precision and Recall. The malicious data was formulated in Matlab. A scenario was created where 50% of the information were modified to be malicious. The malicious nodes were varied in the ranges of 10%, 20%, 30%, 40%, and the results were carefully analyzed.

We present the IT solution for remote modeling of cryptographic protocols and other cryptographic primitives and a number of education-oriented capabilities based on them. These capabilities are provided at the Department of Mathematical Modeling using the MPEI algebraic processor, and allow remote participants to create automata models of cryptographic protocols, use and manage them in the modeling process. Particular attention is paid to the IT solution for modeling of the private communication and key distribution using the processor combined with the Kerberos protocol. This allows simulation and studying of key distribution protocols functionality on remote computers via the Internet. The importance of studying cryptographic primitives for future IT specialists is emphasized.