Biblio

The paper proposes a method for solving problems of classifying multi-step attacks on wireless sensor networks in the conditions of uncertainty (incompleteness and inconsistency) of the observed signs of attacks. The method aims to eliminate the uncertainty of classification of attacks on networks of this class one the base of the use of neural network approaches to the processing of incomplete and contradictory knowledge on possible attack characteristics. It allows increasing objectivity (accuracy and reliability) of information security monitoring in modern software and hardware systems and Internet of Things networks that actively exploit advantages of wireless sensor networks.

In this research work, an advanced automatic multifunctional compact security system technology is developed using wireless networking system. The security system provides smart security and also alerts the user to avoid the critical circumstances in the daily security issues is held. This system provides a smart solution to the variety of different problems via remote control by the software name Cayenne. This software provides the user to control the system using smart mobile or computer from all over the world and needs to be connected via internet. The system provides general security for essential purposes as the Motion detecting system alerts for any kind of movement inside the area where it is installed, the gas detecting system alerts the user for any type of gas leakage inside the room and also clearing the leaking gas by exhaust fan automatically, the fire detection system detects instantly when a slight fire is emerged also warning the user with alarm, the LDR system is for electrical door lock and it can be controlled by Cayenne using mobile or computer and lastly a home light system which can be turned on/off by the user of Cayenne. Raspberry Pi has been used to connect and control all the necessary equipment. The system provides the most essential security for home and also for corporate world and it is very simple, easy to operate, and consumes small space.

Practical activities usually require the ability to simultaneously work with internal, distributed information resources and access to the Internet. The need to solve this problem necessitates the use of appropriate administrative and technical methods to protect information. Such methods relate to the idea of domain isolation. This paper considers the principles of implementation and properties of an "Endpoint Cloud Terminal" that is general-purpose software tool with built-in security instruments. This apparatus solves the problem by combining an arbitrary number of isolated and independent workplaces on one hardware unit, a personal computer.

In a previous article [1] we proposed a layered framework to support the assessment of the security risks associated with the use of autonomous vehicles in military operations and determine how to manage these risks appropriately. We established consistent terminology and defined the problem space, while exploring the first layer of the framework, namely risks from the mission assurance perspective. In this paper, we develop the second layer of the framework. This layer focuses on the risk assessment of the vehicles themselves and on producing a highlevel security design adequate for the mission defined in the first layer. To support this process, we also define a reference model for autonomous vehicles to use as a common basis for the assessment of risks and the design of the security controls.

Cyber security is becoming a vital part of many information technologies and computing systems. Increasingly, High-Performance Computing systems are used in scientific research, academia and industry. High-Performance Computing applications are specifically designed to take advantage of the parallel nature of High-Performance Computing systems. Current research into High-Performance Computing systems focuses on the improvements in software development, parallel algorithms and computer systems architecture. However, there are no significant efforts in developing common High-Performance Computing security standards. Security of the High-Performance Computing resources is often an add-on to existing varied institutional policies that do not take into account additional requirements for High-Performance Computing security. Also, the users' terminals or portals used to access the High-Performance Computing resources are frequently insecure or they are being used in unprotected networks. In this paper we present Bearicade - a Data-driven Security Orchestration Automation and Response system. Bearicade collects data from the HPC systems and its users, enabling the use of Machine Learning based solutions to address current security issues in the High-Performance Computing systems. The system security is achieved through monitoring, analysis and interpretation of data such as users' activity, server requests, devices used and geographic locations. Any anomaly in users' behaviour is detected using machine learning algorithms, and would be visible to system administrators to help mediate the threats. The system was tested on a university campus grid system by administrators and users. Two case studies, Anomaly detection of user behaviour and Classification of Malicious Linux Terminal Command, have demonstrated machine learning approaches in identifying potential security threats. Bearicade's data was used in the experiments. The results demonstrated that detailed information is provided to the HPC administrators to detect possible security attacks and to act promptly.

IoT devices are open to traditional control flow integrity (CFI) attacks resulting from buffer overflow and return-oriented programming like techniques. They often have limited computational capacity ruling out many of the traditional heavy-duty software countermeasures. In this work, we deploy hardware/software solutions to detect CFI attacks. Some of the medium capability IoT devices, for example based on Raspberry Pi, contain ARM Cortex A-53 (Pi 3) or Cortex A-73 (Pi 4) processors. These processors include hardware counters to count microarchitecture level events affecting performance. Lighter weight IoT devices, say based on ARM Cortex M4 or M7, include DWT (Debug, Watch & Trace) module. When control flow anomalies caused by attacks such as buffer overflow or return oriented programming (ROP) occur, they leave a microarchitectural footprint. Hardware counters reflect such footprints to flag control flow anomalies. This paper is geared towards buffer overflow and ROP control flow anomaly detection in embedded programs. The targeted program entities are main event loops and task/event handlers. The proposed anomaly detection mechanism is evaluated on ArduPilot [1] - a popular autopilot software on a Raspberry Pi 3 with PMU and DWT. A self-navigation program is evaluated on an iCreate Roomba platform with an ARM Cortex M4 processor with DWT only. We are able to achieve 97-99%+ accuracy with 1-10 micro-second time overhead per control flow anomaly check.

In recent years, software defined networking (SDN) has been proposed for enhancing the security of industrial control networks. However, its ability to guarantee the quality of service (QoS) requirements of such networks in the presence of adversarial flow still needs to be investigated. Queueing theory and particularly queueing network models have long been employed to study the performance and QoS characteristics of networks. The latter appears to be particularly suitable to capture the behaviour of SDN owing to the dependencies between layers, planes and components in an SDN architecture. Also, several authors have used queueing network models to study the behaviour of different application of SDN architectures, but none of the existing works have considered the strong periodic network traffic in software-defined industrial control networks. In this paper, we propose a queueing network model for softwaredefined industrial control networks, taking into account the strong periodic patterns of the network traffic in the data plane. We derive the performance measures for the analytical model and apply the queueing network model to study the effect of adversarial flow in software-defined industrial control networks.

A conversational agent (chatbot) is computer software capable of communicating with humans using natural language processing. The crucial part of building any chatbot is the development of conversation. Despite many developments in Natural Language Processing (NLP) and Artificial Intelligence (AI), creating a good chatbot model remains a significant challenge in this field even today. A conversational bot can be used for countless errands. In general, they need to understand the user's intent and deliver appropriate replies. This is a software program of a conversational interface that allows a user to converse in the same manner one would address a human. Hence, these are used in almost every customer communication platform, like social networks. At present, there are two basic models used in developing a chatbot. Generative based models and Retrieval based models. The recent advancements in deep learning and artificial intelligence, such as the end-to-end trainable neural networks have rapidly replaced earlier methods based on hand-written instructions and patterns or statistical methods. This paper proposes a new method of creating a chatbot using a deep neural learning method. In this method, a neural network with multiple layers is built to learn and process the data.

The recent advancement in the automotive sector has led to a technological explosion. As a result, the modern car provides a wide range of features supported by state of the art hardware and software. Unfortunately, while this is the case of most major components, in the same vehicle we find dozens of sensors and sub-systems built over legacy hardware and software with limited computational capabilities. This paper presents LOKI, a lightweight cryptographic key distribution scheme applicable in the case of the classical invehicle communication systems. The LOKI protocol stands out compared to already proposed protocols in the literature due to its ability to use only a single broadcast message to initiate the generation of a new cryptographic key across a group of nodes. It's lightweight key derivation algorithm takes advantage of a reverse hash chain traversal algorithm to generate fresh session keys. Experimental results consisting of a laboratory-scale system based on Vector Informatik's CANoe simulation environment demonstrate the effectiveness of the developed methodology and its seamless impact manifested on the network.

Experienced developers of safety-critical and security-critical systems have long emphasized the importance of applying the highest degree of scrutiny to a system's I/O boundaries. From a safety perspective, input validation is a traditional “best practice.” For security-critical architecture and design, identification of the attack surface has emerged as a primary analysis technique. One of our current research focus areas concerns the identification of and mitigation against attacks along that surface, using mathematically-based tools. We are motivated in these efforts by emerging application areas, such as assured autonomy, that feature a high degree of network connectivity, require sophisticated algorithms and data structures, are subject to stringent accreditation/certification, and encourage hardware/software co-design approaches. We have conducted several experiments employing a state-of-the-art toolchain, due to Russinoff and O'Leary, and originally designed for use in floating-point hardware verification, to determine its suitability for the creation of safety-critical/security-critical input filters. We focus first on software implementation, but extending to hardware as well as hardware/software co-designs. We have implemented a high-assurance filter for JSON-formatted data used in an Unmanned Aerial Vehicle (UAV) application. Our JSON filter is built using a table-driven lexer/parser, supported by mathematically-proven lexer and parser table generation technology, as well as verified data structures. Filter behavior is expressed in a subset of Algorithmic C, which defines a set of C++ header files providing support for hardware design, including the peculiar bit widths utilized in that discipline, and enables compilation to both hardware and software platforms. The Russinoff-O'Leary Restricted Algorithmic C (RAC) toolchain translates Algorithmic C source to the Common Lisp subset supported by the ACL2 theorem prover; once in ACL2, filter behavior can be mathematically verified. We describe how we utilize RAC to translate our JSON filter to ACL2, present proofs of correctness for its associated data types, and describe validation and performance results obtained through the use of concrete test vectors.

Nowadays, industrial control systems are increasingly subject to cyber-attacks. In this regard, the relevance of ICS modeling for security research and for teaching employees the basics of information security is increasing. Most of the existing testbeds for research on information security of industrial control systems are software and hardware solutions that contain elements of industrial equipment. However, when implementing distance-learning programs, it is not possible to fully use such testbeds. This paper describes the approach of complete virtualization of technological processes in ICS based on the open source programmable logic controller OpenPLC. This enables a complete information security training from any device with Internet access. A unique feature of this stand is also the support of several PLCs and a lower-level subsystem implemented by a distributed I/O system. The study describes the implementation scheme of the stand, and several case of reproduction of attacks. Scaling approaches for this solution are also considered.

In this paper is devoted methods for generating keys for cryptographic algorithms. Hash algorithms were analysed and learned linear and nonlinear. It was made up improved key generation algorithm and software.

In order to improve the reliability of power supply in adjacent hydropower stations, the auxiliary power systems of the two stations are connected through a contact transformer. The magnetizing inrush current generated by the connecting transformer of a hydropower station has the characteristics of high frequency, strong energy, and multi-coupling. The harm caused by the connecting transformer is huge. In order to prevent misoperation during the closing process of the connecting transformer, this article aims at the problem of setting the switching current of the connecting transformer of the two hydropower stations, and establishes the analysis model of the excitation inrush current with SimPowerSystem software, and carries out the quantitative simulation calculation of the excitation inrush current of the connecting transformer. A setting strategy for overcurrent protection of tie transformers to suppress the excitation inrush current is proposed. Under the conditions of changing switch closing time, generator load, auxiliary transformer load, tie transformer core remanence, the maximum amplitude of the excitation inrush current is comprehensively judged Value, and then achieve the suppression of the excitation inrush current, and accurately determine the protection setting of the switch.

This Transparent Data Encryption (TDE) can provide enormous benefits to the Relational Databases in the aspects of Data Security, Cryptographic Encryption, and Compliances. For every transaction, the stored data must be decrypted before applying the updates as well as should be encrypted before permanently storing back at the storage level. By adding this extra functionality to the database, the general thinking denotes that the Database (DB) going to hit some performance overhead at the CPU and storage level. However, The Oracle Corporation has adversely claimed that their latest Oracle DB version 19c TDE feature can provide significant improvement in the optimization of CPU and no overhead at the storage level for data processing. Impressively, it is true. the results of this paper prove too. Most interestingly the results also revealed about highly impacted components in the servers which are not yet disclosed in any of the previous research work. This paper completely concentrates on CPU, IO, and RAM performance analysis and identifying the bottlenecks along with possible solutions.

The most important advantage of database is that it can form an intensive management system and serve a large number of information users, which shows the importance of information security in network development. However, there are many problems in the current computer software engineering industry, which seriously hinder the development of computer software engineering, among which the most remarkable and prominent one is that the database programming technology is difficult to be effectively utilized. In this paper, virtualization technology is used to manage the underlying resources of data center with the application background of big data technology, and realize the virtualization of network resources, storage resources and computing resources. It can play a constructive role in the construction of data center, integrate traditional and old resources, realize the computing data center system through virtualization, distributed storage and resource scheduling, and realize the clustering and load balancing of non-relational databases.

As the demand of online data availability increases for sharing data, business analytics, security of available data becomes important issue, data needs to be protected from unauthorized access as well as it needs to provide authority that the data is received from a trusted owner. To provide owners identity digital watermarking technique is used since long time for multimedia data. This paper proposed a technique which supports watermarking on database as most of the data available today is in database format. The characters to be entered as watermark are converted into binary values; these binary values are hidden in the database using space character. Each bit is hidden in each tuple randomly. Ant colony optimization algorithm is proposed to select tuples where watermark bits are inserted. The proposed system is enhanced in terms of security due to use of ant colony optimization and resilient because even if some bits are modified the hidden text remains almost same.

As the amount of information distributed and processed through IoT(Internet of Things) devices is absolutely increased, various security issues are also emerging. Above all, since IoT technology is directly applied to our real life, there is a growing concern that the dangers of the existing cyberspace can be expanded into the real world. In particular, leaks of keys necessary for authentication and data protection of IoT devices are causing economic and industrial losses through illegal copying and data leakage. Therefore, this paper introduces the research trend of hardware and software based key hiding technology to respond to these security threats, and proposes IoT device authentication techniques using them. The proposed method fundamentally prevents the threat of exposure of the authentication key due to various security vulnerabilities by properly integrating hardware and software based key hiding technologies. That is, this paper provides a more reliable IoT device authentication scheme by using key hiding technology for authentication key management.

Penetration testing, also known as Pen testing is usually performed by a testing professional in order to detect security threats involved in a system. Penetration testing can also be viewed as a fake cyber Security attack, done in order to see whether the system is secure and free of vulnerabilities. Penetration testing is widely used for testing both Network and Software, but somewhere it fails to make IoT more secure. In IoT the security risk is growing day-by-day, due to which the IoT networks need more penetration testers to test the security. In the proposed work an effort has been made to compile and aggregate the information regarding VAPT(Vulnerability Assessment and Penetrating Testing) in the area of IoT.

With the development of technology, application of the Internet in daily life is increasing, making our connection with the Internet closer. However, with the improvement of convenience, information security has become more and more important. How to ensure information security in a convenient living environment is a question worth discussing. For instance, the widespread deployment of IP-cameras has made great progress in terms of convenience. On the contrary, it increases the risk of privacy exposure. Poorly designed surveillance devices may be implanted with suspicious software, which might be a thorny issue to human life. To effectively identify vulnerable devices, we design an SDN-based identification system that uses machine learning technology to identify brands and probable model types by identifying packet features. The identifying results make it possible for further vulnerability analysis.

The chapter presents a review of proactive Moving Target Defense (MTD) paradigm and investigates the feasibility and potential of specific MTD approaches for the resource‐constrained Internet of Things (IoT) applications. The aim is not only to provide taxonomy of various MTD approaches but also to advocate MTD techniques in the dynamic network domain in conjunction with the emerging Software Defined Networking (SDN) for more effective proactive IoT defense. The Internet of Battlefield Things (IoBT) and Industrial IoT (IIoT), which subject to more attacks, are identified as two critical IoT domains that can reap from the SDN‐based MTD approaches. Finally, the chapter also discusses potential future research challenges of the MTD approaches in the IoT domain.

This article presents the design and development of a relay switch (RS) to handle electrical loads up to 20A using WiFi technology. The hardware design and the implementation methodology are explained, both for the power supply and for the wireless communication that are embedded in the same small printed circuit board. In the same way, the design of the implemented firmware to operate the developed RS is shown. An ESP-12E module is used to achieve wireless communication of the RS, which can be manipulated through a web page using an MQTT protocol or via and iOS or Arduino app. The developed RS presents at least three differentiators in relation to other similar devices on the market: it can handle a higher electrical load, has a design in accordance with national and international security standards and can use different cybersecurity strategies for wireless communication with the purpose of safe and reliable use. Experimental results using a lamp and a single-phase motor as electrical loads demonstrate an excellent performance and reliability of the developed relay switch.

Mobile apps exploit embedded sensors and wireless connectivity of a device to empower users with portable computations, context-aware communication, and enhanced interaction. Specifically, mobile health apps (mHealth apps for short) are becoming integral part of mobile and pervasive computing to improve the availability and quality of healthcare services. Despite the offered benefits, mHealth apps face a critical challenge, i.e., security of health-critical data that is produced and consumed by the app. Several studies have revealed that security specific issues of mHealth apps have not been adequately addressed. The objectives of this study are to empirically (a) investigate the challenges that hinder development of secure mHealth apps, (b) identify practices to develop secure apps, and (c) explore motivating factors that influence secure development. We conducted this study by collecting responses of 97 developers from 25 countries - across 06 continents - working in diverse teams and roles to develop mHealth apps for Android, iOS, and Windows platform. Qualitative analysis of the survey data is based on (i) 8 critical challenges, (ii) taxonomy of best practices to ensure security, and (iii) 6 motivating factors that impact secure mHealth apps. This research provides empirical evidence as practitioners' view and guidelines to develop emerging and next generation of secure mHealth apps.

This work examines metrics that can be used to measure the ability of agile software development methods to meet security and privacy requirements of communications applications. Many implementations of communication protocols, including those in vehicular networks, occur within regulated environments where agile development methods are traditionally discouraged. We propose a framework and metrics to measure adherence to security, quality and software effectiveness regulations if developers desire the cost and schedule benefits of agile methods. After providing an overview of specific challenges that a regulated environment imposes on communications software development, we proceed to examine the 12 agile principles and how they relate to a regulatory environment. From this review we identify two metrics to measure performance of three key regulatory attributes of software for communications applications, and then recommend an approach of either tools, agile methods or DevOps that is best positioned to satisfy its regulated environment attributes. By considering the recommendations in this paper, managers of software-dominant communications programs in a regulated environment can gain insight into leveraging the benefits of agile methods.

Embedded Systems (ES) development has been historically focused on functionality rather than security, and today it still applies in many sectors and applications. However, there is an increasing number of security threats over ES, and a successful attack could have economical, physical or even human consequences, since many of them are used to control critical applications. A standardized and general accepted security testing framework is needed to provide guidance, common reporting forms and the possibility to compare the results along the time. This can be achieved by introducing security metrics into the evaluation or assessment process. If carefully designed and chosen, metrics could provide a quantitative, repeatable and reproducible value that would reflect the level of security protection of the ES. This paper analyzes the features that a good security metric should exhibit, introduces a taxonomy for classifying them, and finally, it carries out a literature survey on security metrics for the security evaluation of ES. In this review, more than 500 metrics were collected and analyzed. Then, they were reduced to 169 metrics that have the potential to be applied to ES security evaluation. As expected, the 77.5% of them is related exclusively to software, and only the 0.6% of them addresses exclusively hardware security. This work aims to lay the foundations for constructing a security evaluation methodology that uses metrics so as to quantify the security level of an ES.

Moving target defense technology is one of the revolutionary techniques that is “changing the rules of the game” in the field of network technology, according to recent propositions from the US Science and Technology Commission. Building upon a recently-developed approach called Self Cleansing Intrusion Tolerance (SCIT), this paper proposes a moving target defense system that is based on server switching and cleaning. A protected object is maneuvered to improve its safety by exploiting software diversity and thereby introducing randomness and unpredictability into the system. Experimental results show that the improved system increases the difficulty of attack and significantly reduces the likelihood of a system being invaded, thus serving to enhance system security.