Biblio

Data and veracious information are an important feature of any organization; it takes special care as a like asset of the organization. Cloud computing system main target to provide service to the user like high-speed access user data for storage and retrieval. Now, big concern is data protection in cloud computing technology as because data leaking and various malicious attacks happened in cloud computing technology. This study provides user data protection in the cloud storage device. The article presents the architecture of a data security hybrid infrastructure that protects and stores the user data from the unauthenticated user. In this hybrid model, we use a different type of security model.

What do we need to do to protect our personal information? IoT devices such as smartphones, smart watches, and home appliances are widespread. Encryption is required not only to prevent eavesdropping on communications but also to prevent information leakage from cloud services due to unauthorized access. Therefore, attention is being paid to fully homomorphic encryption (FHE) that allows addition and multiplication between ciphertexts. However, FHE with this convenient function has a drawback that the encryption requires huge volume of calculation and the ciphertext is large. Therefore, if FHE is used on a device with limited computational resources such as an IoT device, the load on the IoT device will be too heavy. In this research, we propose a system that can safely and effectively utilize data without imposing a load on IoT devices. In this system, somewhat homomorphic encryption (SHE), which is a lightweight cryptosystem compared with FHE, is combined with FHE. The results of the experiment confirmed that the load on the IoT device can be reduced to approximately 1/1400 compared to load of the system from previous research.

This project is an extension of ongoing research on Fully Homomorphic Encryption - Arithmetic Circuit Homomorphic Encryption. This paper focus on the implementation of pairing algorithm Supersingular Isogeny Diffie Hellman Key Exchange into Arithmetic Circuit Homomorphic Encryption as well as comparison and analyse with Elliptic Curve Diffie Hellman. Next, the paper will discuss on the latencies incurred due to pairing sessions between machines, key generations, key sizes, CPU usage and overall latency for the two respective key exchange methods to be compared against each other.

With the rapid development of urbanization, community security and public security have become an important social issue. As conventional patrol methods can not effectively ensure effective supervision, this paper studies the application of NFC (Near Field Communication) technology in intelligent security system, designs and constructs a set of intelligent security system suitable for public security patrol or security patrol combined with current cloud service technology. The system can not only solve the digital problem of patrol supervision in the current public security, but also greatly improve the efficiency of security and improve the service quality of the industry through the application of intelligent technology.

Internet Protocol (IP) address holds a probative value to the identification process in digital forensics. The decimal digit is a unique identifier that is beneficial in many investigations (i.e., network, email, memory). IP addresses can reveal important information regarding the device that the user uses during Internet activity. One of the things that IP addresses can essentially help digital forensics investigators in is the identification of the user machine and tracing evidence based on network artifacts. Unfortunately, it appears that some of the well-known digital forensic tools only provide functions to recover IP addresses from a given forensic image. Thus, there is still a gap in answering if IP addresses found in a smartphone can help reveal the user’s location and be used to aid investigators in identifying IP addresses that complement the user’s physical location. Furthermore, the lack of utilizing IP mapping and visualizing techniques has resulted in the omission of such digital evidence. This research aims to emphasize the importance of geolocation data in digital forensic investigations, propose an IP visualization technique considering several sources of evidence, and enhance the investigation process’s speed when its pertained to IP addresses using spatial analysis. Moreover, this research proposes a proof-of-concept (POC) standalone tool that can match critical IP addresses with approximate geolocations to fill the gap in this area.

This paper integrates Software-Defined Networking (SDN) and Information -Centric Networking (ICN) framework to enable low latency-based stateful routing and caching management by leveraging a novel forwarding and caching strategy. The framework is implemented in a clean- slate environment that does not rely on the TCP/IP principle. It utilizes Pending Interest Tables (PIT) instead of Forwarding Information Base (FIB) to perform data dissemination among peers in the proposed IC-SDN framework. As a result, all data exchanged and cached in the system are organized in chunks with the same interest resulting in reduced packet overhead costs. Additionally, we propose an efficient caching strategy that leverages in- network caching and naming of contents through an IC-SDN controller to support off- path caching. The testbed evaluation shows that the proposed IC-SDN implementation achieves an increased throughput and reduced latency compared to the traditional information-centric environment, especially in the high load scenarios.

Security is a requirement in society, yet its wide implementation is held back because of high expenses, and barriers to the use of technology. Experimental implementation of security at low cost will only help in promoting the technology at more affordable prices. This paper describes the design of a security system of surveillance using Raspberry Pi and Arduino UNO. The design senses the presence of \$a\$ human in a surveillance area and immediately sets off the buzzer and simultaneously starts capturing video of the motion it had detected and stores it in a folder. When the design senses a motion, it immediately sends an SMS to the user. The user of this design can see the live video of the motion it detects using the internet connection from a remote area. Our objective of making a low-cost surveillance area security system has been mostly fulfilled. Although this is a low-cost project, features can be compared with existing commercially available systems.

Radio is the most important part of any wireless network. Radio Access Network (RAN) has been virtualized and disaggregated into different functions whose location is best defined by the requirements and economics of the use case. This Virtualized RAN (vRAN) architecture separates network functions from the underlying hardware and so 5G can leverage virtualization of the RAN to implement these functions. The easy expandability and manageability of the vRAN support the expansion of the network capacity and deployment of new features and algorithms for streamlining resource usage. In this paper, we try to address the problem of scheduling 5G vRAN with mid-haul network capacity constraints as a combinatorial optimization problem. We transformed it to a Quadratic Unconstrained Binary Optimization (QUBO) problem by using a newly proposed quantum-based algorithm and compared our implementation with existing classical algorithms. This work has demonstrated the advantage of quantum computers in solving a particular optimization problem in the Telecommunication domain and paves the way for solving critical real-world problems using quantum computers faster and better.

Cloud computing has changed how humans use their technological expertise. It indicates a transition in the use of computers as utilitarian instruments with radical applications in general. However, as technology advances, the number of hazards increases and crucial data protection has become increasingly challenging due to extensive internet use. Every day, new encryption methods are developed, and much research is carried out in the search for a reliable cryptographic algorithm. The AES algorithm employs an overly simplistic algebraic structure. Each block employs the same encryption scheme, and AES is subject to brute force and MITM attacks. AES have not provide d sufficient levels of security; the re is still a need to put further le vels of protection over them. In this regard, DNA cryptography allows you to encrypt a large quantity of data using only a few amount of DNA. This paper combines two methodologies, a DNA-based algorithm and the AES Algorithm, to provide a consi derably more secure data security platform. The DNA cryptography technology and the AES approach are utilized for data encryption and decryption. To improve cloud security, DNA cryptography and AES provide a technologically ideal option.

The advantage of elliptic curve (EC) cryptographic systems is that they provide equivalent security even with small key lengths. However, the development of modern computing technologies leads to an increase in the length of keys. In this case, it is recommended to use a secret parameter to ensure sufficient access without increasing the key length. To achieve this result, the initiation of an additional secret parameter R into the EC equation is used to develop an EC-based key distribution algorithm. The article describes the algebraic structure of an elliptic curve with a secret parameter.

Cyber Physical Systems (CPS) are characterized by their ability to integrate the physical and information or cyber worlds. Their deployment in critical infrastructure have demonstrated a potential to transform the world. However, harnessing this potential is limited by their critical nature and the far reaching effects of cyber attacks on human, infrastructure and the environment. An attraction for cyber concerns in CPS rises from the process of sending information from sensors to actuators over the wireless communication medium, thereby widening the attack surface. Traditionally, CPS security has been investigated from the perspective of preventing intruders from gaining access to the system using cryptography and other access control techniques. Most research work have therefore focused on the detection of attacks in CPS. However, in a world of increasing adversaries, it is becoming more difficult to totally prevent CPS from adversarial attacks, hence the need to focus on making CPS resilient. Resilient CPS are designed to withstand disruptions and remain functional despite the operation of adversaries. One of the dominant methodologies explored for building resilient CPS is dependent on machine learning (ML) algorithms. However, rising from recent research in adversarial ML, we posit that ML algorithms for securing CPS must themselves be resilient. This article is therefore aimed at comprehensively surveying the interactions between resilient CPS using ML and resilient ML when applied in CPS. The paper concludes with a number of research trends and promising future research directions. Furthermore, with this article, readers can have a thorough understanding of recent advances on ML-based security and securing ML for CPS and countermeasures, as well as research trends in this active research area.

The 5G technology will play a crucial role in global economic growth through numerous industrial developments. However, it is essential to ensure the security of these developed systems, while 5G brings unique security challenges. This paper contributes explicitly to the need for an effective Vulnerability Assessment Approach (VAA) to identify and assess the vulnerabilities in 5G networks in an accurate, salable, and dynamic way. The proposed approach develops an optimized mechanism based on the Technique for Order Preference by Similarity to an Ideal Solution (TOPSIS) to analyze the vulnerabilities in 5G Edge networks from the attacker perspective while considering the dynamic and scalable Edge properties. Furthermore, we introduce a cloud-based 5G Edge security testbed to test and evaluate the accuracy, scalability, and performance of the proposed VAA.

Nowadays security of shared resources and big data is an important and critical issue. With the growth of information technology and social networks, data and resources are shared in the distributed environment such as cloud and fog computing. Various access control models protect the shared resources from unauthorized users or malicious intruders. Despite the attribute-based access control model that meets the complex security requirement of todays' new computing technologies, considerable anomalies and conflicts in ABAC policies affect the efficiency of the security system. One important and toughest task is policy validation thus to detect and eliminate anomalies and conflicts in policies. Though the previous researches identified anomalies, failed to detect and analyze all considerable anomalies that results vulnerable to hacks and attacks. The primary objective of this paper is to study and analyze the possible anomalies and conflicts in ABAC security policies. We have discussed and analyzed considerable conflicts in policies based on previous researches. This paper can provide a detailed review of anomalies and conflicts in security policies.

Quantum computers have the potential to outshine classical alternatives in solving specific problems, under the assumption of mature enough hardware. A specific subset of these problems relate to military applications. In this paper we consider the state-of-the-art of quantum technologies and different applications of this technology. Additionally, four use-cases of quantum computing specific for military applications are presented. These use-cases are directly in line with the 2021 AI strategic agenda of the Netherlands Ministry of Defense.

In this paper, a blockchain based scheme is proposed to provide registration, mutual authentication and data sharing in wireless sensor network. The proposed model consists of three types of nodes: coordinators, cluster heads and sensor nodes. A consortium blockchain is deployed on coordinator nodes. The smart contracts execute on coordinators to record the identities of legitimate nodes. Moreover, they authenticate nodes and facilitate in data sharing. When a sensor node communicate and accesses data of any other sensor node, both nodes mutually authenticate each other. The smart contract of data sharing is used to provide a secure communication and data exchange between sensor nodes. Moreover, the data of all the nodes is stored on the decentralized storage called interplanetary file system. The simulation results show the response time of IPFS and message size during authentication and registration.

This study used the support vector machine (SVM) algorithm to predict Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks on a proxy server. Proxy-servers are prone to attacks such as DoS and DDoS and existing detection and prediction systems are inefficient. Three convex optimization problems using the Gaussian, linear and non-linear kernel methods were solved using the SVM module to detect the attacks. The SVM module and proxy server were implemented in Python and javascript respectively and made to run on a local network. Four other computers running on the same network where made to each communicate with the proxy server (two dedicated to attack the server). The server was able to detect and filter out the malicious requests from the attacking clients. Hence, the SVM module can effectively predict cyber attacks and can be integrated into any server to detect such attacks for improved security.

In contrast to traditional grids, smart grids can help utilities save energy, thereby reducing operating costs. In the smart grid, the quality of monitoring and control can be fully improved by combining computing and intelligent communication knowledge. However, this will expose the system to FDI attacks, and the system is vulnerable to intrusion. Therefore, it is very important to detect such erroneous data injection attacks and provide an algorithm to protect the system from such attacks. In this paper, a FDI detection method based on LSTM has been proposed, which is validated by the simulation on the ieee-14 bus platform.

Effective identification of Internet of things devices in cyberspace is of great significance to the protection of Cyberspace Security. However, there are a large number of such devices in cyberspace, which can not be identified by the existing methods of identifying IoT devices because of the lack of key information such as manufacturer name and device name in the response message. Their existence brings hidden danger to Cyberspace Security. In order to identify the IoT devices with missing key information in these response messages, this paper proposes an IoT device identification method, IoTCatcher. IoTCatcher uses HTTP response message and the structure and style characteristics of HTML document, and based on natural language processing technology and text similarity technology, classifies and compares the IoT devices whose response message lacks key information, so as to generate their device finger information. This paper proves that the recognition precision of IoTCatcher is 95.29%, and the recall rate is 91.01%. Compared with the existing methods, the overall performance is improved by 38.83%.

The purpose of using the Internet has changed from "connecting to computers" to "acquiring content". So, the ICN (Information Centric Network) has been proposed to fit this purpose. In this research, we focus on the architecture of NDN (named data networking). The NFD (NDN forwarding daemon) is a network forwarder that implements the NDN protocol. The ndnSIM is a simulator of NDN. From ndnSIM version 2.8, a part of content store implementation has been removed from the simulator and it becomes to use content store implementation of NFD. In this poster, we select two caching functions, probabilistic caching and expired deletion, which are removed from ndnSIM 2.8 and not included in NFD. We port these functions to NFD for a more practical implementation. Under a certain network, we were able to confirm that previous and ported functions provided equivalent functions. It was also possible to simulate in version ndnSIM 2.8 using the ported functions.

Data-Centric Networking (DCN) is a research project based on Named Data Networking (NDN), which focuses on the high-performance name-based forwarder, distributed pub/sub data distribution platform, distributed network storage, in-network processing platform, and blockchain-based data trading platform. In this paper, we present a design of real-time public Internet of Things (IoT) data distribution platform which is based on a Data-Centric Networking (DCN) distributed pub/sub data distribution platform.

In order to protect user privacy and provide better access control in Internet of Things (IoT) environments, designing an appropriate two-party authentication and key exchange protocol is a prominent challenge. In this paper, we propose a lightweight certificateless non-interactive authentication and key exchange (CNAKE) protocol for mutual authentication between remote users and smart devices. Based on elliptic curves, our lightweight protocol provides high security performance, realizes non-interactive authentication between the two entities, and effectively reduces communication overhead. Under the random oracle model, the proposed protocol is provably secure based on the Computational Diffie-Hellman and Bilinear Diffie-Hellman hardness assumption. Finally, through a series of experiments and comprehensive performance analysis, we demonstrate that our scheme is fast and secure.

Memory Denial of Service (DoS) attacks are easy-to-launch, hard to detect, and significantly impact their targets. In memory DoS, the attacker targets the memory of his Virtual Machine (VM) and, due to hardware isolation issues, the attack affects the co-resident VMs. Theoretically, we can deploy VM migration as Moving Target Defense (MTD) against memory DoS. However, the current literature lacks empirical evidence supporting this hypothesis. Moreover, there is a need to evaluate how the VM migration timing impacts the potential MTD protection. This practical experience report presents an experiment on VM migration-based MTD against memory DoS. We evaluate the impact of memory DoS attacks in the context of two applications running in co-hosted VMs: machine learning and OLTP. The results highlight that the memory DoS attacks lead to more than 70% reduction in the applications' performance. Nevertheless, timely VM migrations can significantly mitigate the attack effects in both considered applications.

Space systems provide many critical functions to the military, federal agencies, and infrastructure networks. Nation-state adversaries have shown the ability to disrupt critical infrastructure through cyber-attacks targeting systems of networked, embedded computers. Moving target defenses (MTDs) have been proposed as a means for defending various networks and systems against potential cyber-attacks. MTDs differ from many cyber resilience technologies in that they do not necessarily require detection of an attack to mitigate the threat. We devised a MTD algorithm and tested its application to a real-time network. We demonstrated MTD usage with a real-time protocol given constraints not typically found in best-effort networks. Second, we quantified the cyber resilience benefit of MTD given an exfiltration attack by an adversary. For our experiment, we employed MTD which resulted in a reduction of adversarial knowledge by 97%. Even when the adversary can detect when the address changes, there is still a reduction in adversarial knowledge when compared to static addressing schemes. Furthermore, we analyzed the core performance of the algorithm and characterized its unpredictability using nine different statistical metrics. The characterization highlighted the algorithm has good unpredictability characteristics with some opportunity for improvement to produce more randomness.

In this paper, we propose a relational anonymous P2P communication network evaluation model based on Markov chain (AEMC), and show how to extend our model to the anonymous evaluation of sender and receiver relationship anonymity when the attacker attacks the anonymous P2P communication network and obtains some information. Firstly, the constraints of the evaluation model (the attacker assumption for message tracing) are specified in detail; then the construction of AEMC anonymous evaluation model and the specific evaluation process are described; finally, the simulation experiment is carried out, and the evaluation model is applied to the probabilistic anonymous evaluation of the sender and receiver relationship of the attacker model, and the evaluation is carried out from the perspective of user (message).

With the emergence and development of quantum computers, the traditional public-key cryptography (PKC) is facing the risk of being cracked. In order to resist quantum attacks and ensure long-term communication security, NIST launched a global collection of Post Quantum Cryptography (PQC) standards in 2016, and it is currently in the third round of selection. There are three Lattice-based PKC algorithms that stand out, and NTRU is one of them. In this article, we proposed the first complete and compact full hardware implementation of NTRU algorithm submitted in the third round. By using one structure to complete the design of the three types of complex polynomial multiplications in the algorithm, we achieved better performance while reducing area costs.