Biblio

Digital forensics is essential when performing in-depth crime investigations and evidence extraction, especially in the field of the Internet of Things, where there is a ton of information every second boosted with latest and smartest technological devices. However, the enormous growth of data and the nature of its complexity could constrain the data examination process since traditional data acquisition techniques are not applicable nowadays. Therefore, if the knowledge gap between digital forensics and the Internet of Things is not bridged, investigators will jeopardize the loss of a possible rich source of evidence that otherwise could act as a lead in solving open cases. The work aims to introduce examples of employing the latest Internet of Things forensics approaches as a panacea in this regard. The paper covers a variety of articles presenting the new Blockchain, fog, and video-based applications that can aid in easing the process of digital forensics investigation with a focus on the Internet of Things. The results of the review indicated that the above current trends are very promising procedures in the field of Internet of Things digital forensics and need to be explored and applied more actively.

With the inundation of more cost effective and improved flight performance Unmanned Aerial Vehicles (UAVs) into the consumer market, we have seen more uses of these for both leisure and business purposes. As such, demand for digital forensic examination on these devices has seen an increase as well. This research will explore and discuss the forensic examination process on one of the more popular brands of UAV in Singapore, namely DJI. The findings are from the examination of the exposed File Transfer Protocol (FTP) channel and the extraction of the Data-at-Rest on the memory chip of the drone. The extraction was done using the Chip-Off and Chip-On technique.

Artificial Intelligence (AI) technology is developing rapidly, permeating every aspect of human life. Although the integration between AI and communication contributes to the flourishing development of wireless communication, it induces severer security problems. As a supplement to the upper-layer cryptography protocol, physical layer security has become an intriguing technology to ensure the security of wireless communication systems. However, most of the current physical layer security research does not consider the intelligence and mobility of collusive eavesdroppers. In this paper, we consider a MIMO system model with a friendly intelligent jammer against multiple collusive intelligent eavesdroppers, and zero-sum game is exploited to formulate the confrontation of them. The Nash equilibrium is derived by convex optimization and alternative optimization in the free-space scenario of a single user system. We propose a zero-sum game deep learning algorithm (ZGDL) for general situations to solve non-convex game problems. In terms of the effectiveness, simulations are conducted to confirm that the proposed algorithm can obtain the Nash equilibrium.

Web services are growing demand with fundamental advancements and have given more space to researchers for improving security of all real world applications. Accessing and get authenticated in many applications on web services, user discloses their password and other privacy data to the server for authentication purposes. These shared information should be maintained by the server with high security, otherwise it can be used for illegal purposes for any authentication breach. Protecting the applications from various attacks is more important. Comparing the security threats, insider attacks are most challenging to identify due to the fact that they use the authentication of legitimate users and their privileges to access the application and may cause serious threat to the application. Insider attacks has been studied in previous researchers with different security measures, however there is no much strong work proposed. Various security protocols were proposed for defending insider attackers. The proposed work focused on insider attack protection through Elgamal cryptography technique. The proposed work is much effective on insider attacks and also defends against various attacks. The proposed protocol is better than existing works. The key computation cost and communication cost is relatively low in this proposed work. The proposed work authenticates the application by parallel process of two way authentication mechanism through Elgamal algorithm.

The 5G research community is increasingly leveraging the innovative features offered by Information Centric Networking (ICN). However, ICN’s fundamental features, such as in-network caching, make access control enforcement more challenging in an ICN-based 5G deployment. To address this shortcoming, we propose a Blockchain-based Decentralized Authentication Protocol (BDAP) which enables efficient and secure mobile user authentication in an ICN-based 5G network. We show that BDAP is robust against a variety of attacks to which mobile networks and blockchains are particularly vulnerable. Moreover, a preliminary performance analysis suggests that BDAP can reduce the authentication delay compared to the standard 5G authentication protocols.

Remotely connected devices have been adopted in several industrial control systems (ICS) recently due to the advancement in the Industrial Internet of Things (IIoT). This led to new security vulnerabilities because of the expansion of the attack surface. Moreover, cybersecurity incidents in critical infrastructures are increasing. In the ICS, RS-485 cables are widely used in its network for serial communication between each component. However, almost 30 years ago, most of the industrial network protocols implemented over RS-485 such as Modbus were designed without security features. Therefore, anomaly detection is required in industrial control networks to secure communication in the systems. The goal of this paper is to study unsupervised anomaly detection in RS-485 traffic using autoencoders. Five threat scenarios in the physical layer of the industrial control network are proposed. The novelty of our method is that RS-485 traffic is collected indirectly by an analog-to-digital converter. In the experiments, multilayer perceptron (MLP), 1D convolutional, Long Short-Term Memory (LSTM) autoencoders are trained to detect anomalies. The results show that three autoencoders effectively detect anomalous traffic with F1-scores of 0.963, 0.949, and 0.928 respectively. Due to the indirect traffic collection, our method can be practically applied in the industrial control network.

Digitalization has occurred in almost all industries, one of them is health industry. Patients” medical records are now easier to be accessed and managed as all related data are stored in data storages or repositories. However, this system is still under development as number of patients still increasing. Lack of standardization might lead to patients losing their right to control their own data. Therefore, implementing private blockchain system with Self-Sovereign Identity (SSI) concept for identity management in health industry is a viable notion. With SSI, the patients will be benefited from having control over their own medical records and stored with higher security protocol. While healthcare providers will benefit in Know You Customer (KYC) process, if they handle new patients, who move from other healthcare providers. It will eliminate and shorten the process of updating patients' medical records from previous healthcare providers. Therefore, we suggest several flows in implementing blockchain for digital identity in healthcare industry to help overcome lack of patient's data control and KYC in current system. Nevertheless, implementing blockchain on health industry requires full attention from surrounding system and stakeholders to be realized.

Unmanned Aerial Vehicle (UAV)-based streaming media transmission may become unstable when the bit rate generated by the source load exceeds the channel capacity owing to the UAV location and speed change. The change of the location can affect the network connection, leading to reduced transmission rate; the change of the flying speed can increase the video payload due to more I-frames. To improve the transmission reliability, in this paper we design a Client-Server-Ground&User (C-S-G&U) framework, and propose an algorithm of splitting-merging stream (SMS) for multi-link concurrent transmission. We also establish multiple transport links and configure the routing rules for the cross-layer design. The multi-link transmission can achieve higher throughput and significantly smaller end-to-end delay than a single-link especially in a heavy load situation. The audio and video data are packaged into the payload by the Real-time Transport Protocol (RTP) before being transmitted over the User Datagram Protocol (UDP). The forward error correction (FEC) algorithm is implemented to promote the reliability of the UDP transmission, and an encryption algorithm to enhance security. In addition, we propose a Quality of Service (QoS) strategy so that the server and the user can control the UAV to adapt its transmission mode dynamically, according to the load, delay, and packet loss. Our design has been implemented on an engineering platform, whose efficacy has been verified through comprehensive experiments.

The security and privacy of the network in Internet of Things (IoT) systems are becoming more critical as we are more dependent on smart systems. Considering that packets are exchanged between the end user and the sensing devices, it is then important to ensure the security, privacy, and integrity of the transmitted data by designing a secure and a lightweight authentication protocol for IoT systems. In this article, in order to improve the authentication and the encryption in IoT systems, we present a novel method of authentication and encryption based on elliptic curve cryptography (ECC) using random numbers generated by fuzzy logic. We evaluate our novel key generation method by using standard randomness tests, such as: frequency test, frequency test with mono block, run test, discrete Fourier transform (DFT) test, and advanced DFT test. Our results show superior performance compared to existing ECC based on shift registers. In addition, we apply some attack algorithms, such as Pollard’s \textbackslashrho and Baby-step Giant-step, to evaluate the vulnerability of the proposed scheme.

Without security, any network system loses its efficiency, reliability, and resilience. With the huge integration of the ICT capabilities, the Electric Vehicle (EV) as a transportation form in cities is becoming more and more affordable and able to reply to citizen and environmental expectations. However, the EV vulnerability to cyber-attacks is increasing which intensifies its negative impact on societies. This paper targets the cybersecurity issues for Connected Electric Vehicles (CEVs) in parking lots where a peer-to-peer(P2P) energy transaction system is launched. A False Data Injection Attack (FDIA) on the electricity price signal is considered and a Machine Learning/SVM classification protocol is used to detect and extract the right values. Simulation results are conducted to prove the effectiveness of this proposed model.

Geospatial fog computing system offers various benefits as a platform for geospatial computing services closer to the end users, including very low latency, good mobility, precise position awareness, and widespread distribution. In recent years, it has grown quickly. Fog nodes' security is susceptible to a number of assaults, including denial of service and resource abuse, because to their widespread distribution, complex network environments, and restricted resource availability. This paper proposes a Quantum Key Distribution (QKD)-based geospatial quantum fog computing environment that offers a symmetric secret key negotiation protocol that can preserve information-theoretic security. In QKD, after being negotiated between any two fog nodes, the secret keys can be given to several users in various locations to maintain forward secrecy and long-term protection. The new geospatial quantum fog computing environment proposed in this work is able to successfully withstand a variety of fog computing assaults and enhances information security.

With the ubiquitous advancement in smart medical devices and systems, the potential of Remote Patient Monitoring (RPM) network is evolving in modern healthcare systems. The medical professionals (doctors, nurses, or medical experts) can access vitals and sensitive physiological information about the patients and provide proper treatment to improve the quality of life through the RPM network. However, the wireless nature of communication in the RPM network makes it challenging to design an efficient mechanism for secure communication. Many authentication schemes have been proposed in recent years to ensure the security of the RPM network. Pseudonym, digital signature, and Authenticated Key Exchange (AKE) protocols are used for the Internet of Medical Things (IoMT) to develop secure authorization and privacy-preserving communication. However, traditional authentication protocols face overhead challenges due to maintaining a large set of key-pairs or pseudonyms results on the hospital cloud server. In this research work, we identify this research gap and propose a novel secure and efficient privacy-preserving authentication scheme using cuckoo filters for the RPM network. The use of cuckoo filters in our proposed scheme provides an efficient way for mutual anonymous authentication and a secret shared key establishment process between medical professionals and patients. Moreover, we identify the misbehaving sensor nodes using a correlation-based anomaly detection model to establish secure communication. The security analysis and formal security validation using SPAN and AVISPA tools show the robustness of our proposed scheme against message modification attacks, replay attacks, and man-in-the-middle attacks.

Pairings on elliptic curves are used for innovative protocols such as ID-based encryption and zk-SNARKs. To make the pairings secure, it is important to consider the STNFS which is the special number field sieve algorithm for discrete logarithms in the finite field. The Fotiadis-Konstantinou curve with embedding degree 12(FK12), is known as one of the STNFS secure curves. To an efficient pairing on the FK12 curve, there are several previous works that focus on final exponentiation. The one is based on lattice-based method to decompose the hard part of final exponentiation and addition chain. However, there is a possibility to construct a more efficient calculation algorithm by using the relations appeared in the decomposition calculation algorithm than that of the previous work. In this manuscript, the authors propose a relation of the decomposition and verify the effectiveness of the proposed method from the execution time.

Redactable blockchain allows modifiers or voting committees with modification privileges to edit the data on the chain. Among them, trapdoor holders in chameleon-based hash redactable blockchains can quickly compute hash collisions for arbitrary data without breaking the link of the hash-chain. However, chameleon-based hash redactable blockchain schemes have difficulty solving issues such as editing operations with different granularity or conflicts and auditing modifiers that abuse editing privileges. To address the above challenges, we propose a redactable blockchain with Cross-audit and Diversity Editing (CDEdit). The proposed scheme distributes subdivided transaction-level and block-level tokens to the matching modifier committee to weaken the influence of central power. A number of modifiers are unpredictably selected based on reputation value proportions and the mapping of the consistent hash ring to enable diversity editing operations, and resist Sybil attacks. Meanwhile, an adaptive cross-auditing protocol is proposed to adjust the roles of modifiers and auditors dynamically. This protocol imposes a reputation penalty on the modifiers of illegal edits and solves the problems of abuse of editing privileges and collusion attacks. In addition, We used ciphertext policy attribute-based encryption (CP-ABE) and chameleon hashes with ephemeral trapdoor (CHET) for data modification, and present a system steps and security analysis of CDEdit. Finally, the extensive comparisons and evaluations show that our scheme costs less time overhead than other schemes and is suitable for complex application scenarios, e.g. IoT data management.

The security of embedded systems is particularly crucial given the prevalence of embedded devices in daily life, business, and national defense. Firmware for embedded systems poses a serious threat to the safety of society, business, and the nation because of its robust concealment, difficulty in detection, and extended maintenance cycle. This technology is now an essential part of the contemporary experience, be it in the smart office, smart restaurant, smart home, or even the smart traffic system. Despite the fact that these systems are often fairly effective, the rapid expansion of embedded systems in smart cities have led to inconsistencies and misalignments between secured and unsecured systems, necessitating the development of secure, hacker-proof embedded systems. To solve this issue, we created a sizable, original, and objective dataset that is based on the latest Linux vulnerabilities for identifying the embedded system vulnerabilities and we modified a cutting-edge machine learning model for the Linux Kernel. The paper provides an updated EVDD and analysis of an extensive dataset for embedded system based vulnerability detection and also an updated state of the art deep learning model for embedded system vulnerability detection. We kept our dataset available for all researchers for future experiments and implementation.

Security troubles of restricted sources communications are vital. Existing safety answers aren't sufficient for restricted sources gadgets in phrases of Power Area and Ef-ficiency‘. Elliptic curves cryptosystem (ECC) is area efficent for restricted sources gadgets extra than different uneven cryp-to systems because it gives a better safety degree with equal key sizes compared to different present techniques. In this paper, we studied a lightweight hybrid encryption technique that makes use of set of rules primarily based totally on AES for the Plain text encription and Elliptic Curve Diffie-Hellman (ECDH) protocol for Key encryption. The simplicity of AES implementation makes it light weight and the complexity of ECDH make it secure. The design is simulated using Spyder Tool, Modelsim and Implemented using Xilinx Vivado the effects display that the proposed lightweight Model offers a customary security degree with decreased computing capacity. we proposed a key authentication system for enhanced security along with an Idea to implement the project with multimedia input on FPGA

Counterfeited products are a significant problem in both developed and developing countries and has become more critical as an aftermath of COVID-19, exclusively for drugs and medical equipment’s. In this paper, an innovative approach is proposed to resist counterfeiting which is based on the principles of Synthetic DNA. The proposed encryption approach has employed the distinctive features of synthetic DNA in amalgamation with DNA encryption to provide information security and functions as an anticounterfeiting method that ensures usability. The scheme’s security analysis and proof of concept are detailed. Scyther is used to carry out the formal analysis of the scheme, and all of the modeled assertions are verified without any attacks.

In this paper, the distributed security control problem of connected vehicle systems (CVSs) is investigated under denial of service (DoS) attacks and uncertain dynamics. DoS attacks usually block communication channels, resulting in the vehicle inability to receive data from the neighbors. In severe cases, it will affect the control performance of CVSs and even cause vehicle collision and life threats. In order to keep the vehicle platoon stable when the DoS attacks happen, we introduce a random characteristic to describe the impact of the packet loss behavior caused by them. Dependent on the length of the lost packets, we propose a security platoon control protocol to deal with it. Furthermore, the security platoon control problem of CVSs is transformed into a stable problem of Markov jump systems (MJSs) with uncertain parameters. Next, the Lyapunov function method and linear matrix inequations (LMI) are used to analyze the internal stability and design controller. Finally, several simulation results are presented to illustrate the effectiveness of the proposed method.

With the variety of cloud services, the cloud service provider delivers the machine learning service, which is used in many applications, including risk assessment, product recommen-dation, and image recognition. The cloud service provider initiates a protocol for the classification service to enable the data owners to request an evaluation of their data. The owners may not entirely rely on the cloud environment as the third parties manage it. However, protecting data privacy while sharing it is a significant challenge. A novel privacy-preserving model is proposed, which is based on differential privacy and machine learning approaches. The proposed model allows the various data owners for storage, sharing, and utilization in the cloud environment. The experiments are conducted on Blood transfusion service center, Phoneme, and Wilt datasets to lay down the proposed model's efficiency in accuracy, precision, recall, and Fl-score terms. The results exhibit that the proposed model specifies high accuracy, precision, recall, and Fl-score up to 97.72%, 98.04%, 97.72%, and 98.80%, respectively.

The Zero Trust Architecture is an important part of the industrial Internet security protection standard. When analyzing industrial data for enterprise-level or industry-level applications, differential privacy (DP) is an important technology for protecting user privacy. However, the centralized and local DP used widely nowadays are only applicable to the networks with fixed trust relationship and cannot cope with the dynamic security boundaries in Zero Trust Architecture. In this paper, we design a differential privacy scheme that can be applied to Zero Trust Architecture. It has a consistent privacy representation and the same noise mechanism in centralized and local DP scenarios, and can balance the strength of privacy protection and the flexibility of privacy mechanisms. We verify the algorithm in the experiment, that using maximum expectation estimation method it is able to obtain equal or even better result of the utility with the same level of security as traditional methods.

The Manufacturer Usage Description (MUD) standard aims to reduce the attack surface for IoT devices by locking down their behavior to a formally-specified set of network flows (access control entries). Formal network behaviors can also be systematically and rigorously verified in any operating environment. Enforcing MUD flows and monitoring their activity in real-time can be relatively effective in securing IoT devices; however, its scope is limited to endpoints (domain names and IP addresses) and transport-layer protocols and services. Therefore, misconfigured or compromised IoTs may conform to their MUD-specified behavior but exchange unintended (or even malicious) contents across those flows. This paper develops PicP-MUD with the aim to profile the information content of packet payloads (whether unencrypted, encoded, or encrypted) in each MUD flow of an IoT device. That way, certain tasks like cyber-risk analysis, change detection, or selective deep packet inspection can be performed in a more systematic manner. Our contributions are twofold: (1) We analyze over 123K network flows of 6 transparent (e.g., HTTP), 11 encrypted (e.g., TLS), and 7 encoded (e.g., RTP) protocols, collected in our lab and obtained from public datasets, to identify 17 statistical features of their application payload, helping us distinguish different content types; and (2) We develop and evaluate PicP-MUD using a machine learning model, and show how we achieve an average accuracy of 99% in predicting the content type of a flow.

Attack detection in enterprise networks is increasingly faced with large data volumes, in part high data bursts, and heavily fluctuating data flows that often cause arbitrary discarding of data packets in overload situations which can be used by attackers to hide attack activities. Attack detection systems usually configure a comprehensive set of signatures for known vulnerabilities in different operating systems, protocols, and applications. Many of these signatures, however, are not relevant in each context, since certain vulnerabilities have already been eliminated, or the vulnerable applications or operating system versions, respectively, are not installed on the involved systems. In this paper, we present an approach for clustering data flows to assign them to dedicated analysis units that contain only signature sets relevant for the analysis of these flows. We discuss the performance of this clustering and show how it can be used in practice to improve the efficiency of an analysis pipeline.

The requirements of much larger file sizes, different storage formats, and immersive viewing conditions pose significant challenges to the goals of compressing VR content. At the same time, the great potential of deep learning to advance progress on the video compression problem has driven a significant research effort. Because of the high bandwidth requirements of VR, there has also been significant interest in the use of space-variant, foveated compression protocols. We have integrated these techniques to create an end-to-end deep learning video compression framework. A feature of our new compression model is that it dispenses with the need for expensive search-based motion prediction computations by using displaced frame differences. We also implement foveation in our learning based approach, by introducing a Foveation Generator Unit (FGU) that generates foveation masks which direct the allocation of bits, significantly increasing compression efficiency while making it possible to retain an impression of little to no additional visual loss given an appropriate viewing geometry. Our experiment results reveal that our new compression model, which we call the Foveated MOtionless VIdeo Codec (Foveated MOVI-Codec), is able to efficiently compress videos without computing motion, while outperforming foveated version of both H.264 and H.265 on the widely used UVG dataset and on the HEVC Standard Class B Test Sequences.

With Covid19 being endemic, it is very essential to continue proper physical hygiene protocols even today to avoid escalation. To ensure hygiene inside educational institutions, many governing bodies-imposed protocols to insist students wear hand gloves and facemasks. Such an implementation, however, has increased surgical waste in and around educational institutions, and also there is a rise in allergies due to the constant use of hand gloves by the students. Hence, a prototype of a hand sanitization-based attendance monitoring system has been proposed in the current research paper. This proposed sanitizer with attendance through remote monitoring (SWARM) uses Raspberry Pi devices to capture the image of a student’s identity card holding the registration number and through a bar code analysis module of computer vision, the ID number is extracted. This ID number is compared with a master attendance file to mark the students’ presence and then the updated file is shared with the concerned teacher via email. Such a setup is installed in the laboratory premise, thereby reducing the unnecessary use and disposal of surgical waste within the educational premise.

Machine learning-based DDoS attack detection methods are mostly implemented at the packet level with expensive computational time costs, and the space cost of those sketch-based detection methods is uncertain. This paper proposes a two-stage DDoS attack detection algorithm combining time series-based multi-dimensional sketch and machine learning technologies. Besides packet numbers, total lengths, and protocols, we construct the time series-based multi-dimensional sketch with limited space cost by storing elephant flow information with the Boyer-Moore voting algorithm and hash index. For the first stage of detection, we adopt CNN to generate sketch-level DDoS attack detection results from the time series-based multi-dimensional sketch. For the sketch with potential DDoS attacks, we use RNN with flow information extracted from the sketch to implement flow-level DDoS attack detection in the second stage. Experimental results show that not only is the detection accuracy of our proposed method much close to that of packet-level DDoS attack detection methods based on machine learning, but also the computational time cost of our method is much smaller with regard to the number of machine learning operations.