Biblio

A tamper-resistant logical operation method based on integrated nanophotonics is proposed focusing on electromagnetic side-channel attacks. In the proposed method, only the phase of each optical signal is modulated depending on its logical state, which keeps the power of optical signals in optical logic circuits constant. This provides logic-gate-level tamper resistance which is difficult to achieve with CMOS circuits. An optical implementation method based on electronically-controlled phase shifters is then proposed. The electrical part of proposed circuits achieves 300 times less instantaneous current change, which is proportional to intensity of the leaked electromagnetic wave, than a CMOS logic gate.

In recent days cloud domain gains a lot of user attention in order to store and access the data from remote locations connected through the internet. As it is generally known that all the sensitive data come from remote locations will be stored in the centralized storage medium and then try to access the data from that centralized storage space controlled by the cloud server. It is facing a problem like there is no security for the data in terms of user authorization and data authentication from the centralized storage location. Hence, it is required to migrate for a new storage procedure like Decentralized storage of cloud data in which the systems that do not rely on a central authority, so that the collusion resistance can be avoided by maintaining a global identifier. Here, the term de-centralized access means granting multi authorities to control the access for providing more security for the sensitive data. The proposed research study attempts to develop a new scheme by adding a global identifier like Attribute Authority (AA) for providing access keys for the data users who wish to access the sensitive information from the cloud server. The proposed research work attempts to incorporate the composite order bilinear groups scheme for providing access facility for the data users and provide more security for the sensitive data. By conducting various experiments on the proposed model, the obtained result clearly tells that the proposed system is very efficient to access the data in a de-centralized manner by using a global identifier.

The advantage of elliptic curve (EC) cryptographic systems is that they provide equivalent security even with small key lengths. However, the development of modern computing technologies leads to an increase in the length of keys. In this case, it is recommended to use a secret parameter to ensure sufficient access without increasing the key length. To achieve this result, the initiation of an additional secret parameter R into the EC equation is used to develop an EC-based key distribution algorithm. The article describes the algebraic structure of an elliptic curve with a secret parameter.

With the emergence of quantum computers, traditional digital signature schemes based on problems such as large integer solutions and discrete logarithms will no longer be secure, and it is urgent to find effective digital signature schemes that can resist quantum attacks. Lattice cryptography has the advantages of computational simplicity and high security. In this paper, we propose an identity-based digital signature scheme based on the rejection sampling algorithm. Unlike most schemes that use a common Gaussian distribution, this paper uses a bimodal Gaussian distribution, which improves efficiency. The identity-based signature scheme is more convenient for practical application than the traditional certificate-based signature scheme.

The goal of this study is to find whether exposure to Deepfake videos makes people better at detecting Deepfake videos and whether it is a better strategy against fighting Deepfake. For this study a group of people from Bangladesh has volunteered. This group were exposed to a number of Deepfake videos and asked subsequent questions to verify improvement on their level of awareness and detection in context of Deepfake videos. This study has been performed in two phases, where second phase was performed to validate any generalization. The fake videos are tailored for the specific audience and where suited, are created from scratch. Finally, the results are analyzed, and the study’s goals are inferred from the obtained data.

Maintenance of Crop health is essential for the successful farming for both yield and product quality. Pest and disease in crops are serious problem to be monitored. pest and disease occur in different stages or phases of crop development. Due to introduction of genetically modified seeds the natural resistance of crops to prevent them from pest and disease is less. Major crop loss is due to pest and disease attack in crops. It damages the leaves, buds, flowers and fruits of the crops. Affected areas and damage levels of pest and diseases attacks are growing rapidly based on global climate change. Weather Conditions plays a major role in pest and disease attacks in crops. Naked eye inspection of pest and disease is complex and difficult for wide range of field. And at the same time taking lab samples to detect disease is also inefficient and time-consuming process. Early identification of diseases is important to take necessary actions for preventing crop loss and to avoid disease spreads. So, Timely and effective monitoring of crop health is important. Several technologies have been developed to detect pest and disease in crops. In this paper we discuss the various technologies implemented by using AI and Deep Learning for pest and disease detection. And also, briefly discusses their Advantages and limitations on using certain technology for monitoring of crops.

Aiming at the working mechanism of optical backbone network, based on the theory of complex network, the invulnerability evaluation index of optical backbone network is extracted from the physical topology of optical backbone network and the degree of bandwidth satisfaction, finally, the invulnerability evaluation model of optical backbone network is established. At the same time, the evaluation model is verified and analyzed with specific cases, through the comparison of 4 types of attack, the results show that the number of deliberate point attacks ( DP) is 16.7% lower than that of random point attacks ( RP) when the critical collapse state of the network is reached, and the number of deliberate edge attacks ( DE) is at least 10.4% lower than that of random edge attacks ( RE). Therefore, evaluating the importance of nodes and edges and strengthening the protection of key nodes and edges can help optical network effectively resist external attacks and significantly improve the anti-damage ability of optical network, which provides theoretical support for the anti-damage evaluation of optical network and has certain practical significance for the upgrade and reconstruction of optical network.

Security, efficiency and availability are three key factors that affect the application of searchable encryption schemes in mobile cloud computing environments. In order to meet the above characteristics, this paper proposes a certificateless public key encryption with a keyword search (CLPEKS) scheme. In this scheme, a CLPEKS generation method and a Trapdoor generation method are designed to support multiple receivers to query. Based on the elliptic curve scalar multiplication, the efficiencies of encrypting keywords, generating Trapdoors, and testing are improved. By adding a random number factor to the Trapdoor generation, the scheme can resist the internal keyword guessing attacks. Under the random oracle model, it is proved that the scheme can resist keyword guessing attacks. Theoretical analyses and implementation show that the proposed scheme is more efficient than the existing schemes.

Security is a key component of the network. Software Defined Networking (SDN) is a refined form of traditional network management system. It is a new encouraging approach to design-build and manage networks. SDN decouples control plane (software-based router) and data plane (software-based switch), hence it is programmable. Consequently, it facilitates implementation of security based applications for the prevention of DOS attacks. Various solutions have been proposed by researches for handling of DOS attacks in SDN. However, these solutions are very limited in scope, complex, time consuming and change resistant. In this article, we have proposed a novel model driven framework i.e. MDAP (Model Based DOS Attacks Prevention) Framework. Particularly, a meta model is proposed. As tool support, a tree editor and a Sirius based graphical modeling tool with drag drop palette have been developed in Oboe designer community edition. The tool support allows modeling and visualization of simple and complex network topology scenarios. A Model to Text transformation engine has also been made part of framework that generates java code for the Floodlight SDN controller from the modeled scenario. The validity of proposed framework has been demonstrated via case study. The results prove that the proposed framework can effectively handle DOS attacks in SDN with simplicity as per the true essence of MDSE and can be reliably used for the automation of security based applications in order to deny DOS attacks in SDN.

Image hash regimes have been widely used for authenticating content, recovery of images and digital forensics. In this article we propose a new algorithm for image haunting (SSL) with the most stable key points and regional features, strong against various manipulation of content conservation, including multiple combinatorial manipulations. In order to extract most stable keypoint, the proposed algorithm combines the Speed Up Robust Features (SURF) with Saliency detection. The keyboards and characteristics of the local area are then combined in a hash vector. There is also a sperate secret key that is randomly given for the hash vector to prevent an attacker from shaping the image and the new hash value. The proposed hacking algorithm shows that similar or initial images, which have been individually manipulated, combined and even multiple manipulated contents, can be visently identified by experimental result. The probability of collision between hacks of various images is almost nil. Furthermore, the key-dependent security assessment shows the proposed regime safe to allow an attacker without knowing the secret key not to forge or estimate the right havoc value.

Spin-transfer torque magnetoresistive random-access memories (STT-MRAMs) are gradually superseding conventional SRAMs as last-level cache in System-on-Chip designs. Their manufacturing process includes trimming a reference resistance in STT-MRAM modules to reliably determine the logic values of 0 and 1 during read operations. Typically, an on-chip trimming routine consists of multiple runs of a test algorithm with different settings of a trimming port. It may inherently produce a large number of mismatches. Diagnosis of such a sizeable volume of errors by means of existing memory built-in self-test (MBIST) schemes is either infeasible or a time-consuming and expensive process. In this paper, we propose a new memory fault diagnosis scheme capable of handling STT-MRAM-specific error rates in an efficient manner. It relies on a convolutional reduction of memory outputs and continuous shifting of the resultant data to a tester through a few output channels that are typically available in designs using an on-chip test compression technology, such as the embedded deterministic test. It is shown that processing the STT-MRAM output by using a convolutional compactor is a preferable solution for this type of applications, as it provides a high diagnostic resolution while incurring a low hardware overhead over traditional MBIST logic.

In today's digital era, data is most important in every phase of work. The storage and processing on data with security is the need of each and every application field. Data need to be tamper resistant due to possibility of alteration. Data can be represented and stored in heterogeneous format. There are chances of attack on information which is vital for particular organization. With rapid increase in cyber crime, attackers behave maliciously to alter those data. But it is having great impact on forensic evidences which is required for provenance. Therefore, it is required to maintain the reliability and provenance of digital evidences as it travels through various stages during forensic investigation. In this approach, there is a forensic chain in which generated report passes through various levels or intermediaries such as pathology laboratory, doctor, police department etc. To build the transparent system with immutability of forensic evidences, blockchain technology is more suitable. Blockchain technology provides the transfer of assets or evidence reports in transparent environment without central authority. In this paper blockchain based secure system for forensic evidences is proposed. The proposed system is implemented on Ethereum platform. The tampering of forensic evidence can be easily traced at any stage by anyone in the forensic chain. The security enhancement of forensic evidences is achieved through implementation on Ethereum platform with high integrity, traceability and immutability.

The globalized supply chain in the semiconductor industry raises several security concerns such as IC overproduction, intellectual property piracy and design tampering. Logic locking has emerged as a Design-for-Trust countermeasure to address these issues. Original logic locking proposals provide a high degree of output corruption – i.e., errors on circuit outputs – unless it is unlocked with the correct key. This is a prerequisite for making a manufactured circuit unusable without the designer’s intervention. Since the introduction of SAT-based attacks – highly efficient attacks for retrieving the correct key from an oracle and the corresponding locked design – resulting design-based countermeasures have compromised output corruption for the benefit of better resilience against such attacks. Our proposed logic locking scheme, referred to as SKG-Lock, aims to thwart SAT-based attacks while maintaining significant output corruption. The proposed provable SAT-resilience scheme is based on the novel concept of decoy key-inputs. Compared with recent related works, SKG-Lock provides higher output corruption, while having high resistance to evaluated attacks.

Combinatorial designs are powerful structures for key management in wireless sensor networks to address good connectivity and also security against external attacks in large scale networks. Symmetric key foundation is the most appropriate model for secure exchanges in WSNs among the ideal models. The core objective is to enhance and evaluate certain issues like attack on the nodes, to provide better key strength, better connectivity, security in interaction among the nodes. The keys distributed by the base station to cluster head are generated using Symmetric Balanced Incomplete Block Design (SBIBD). The keys distributed by cluster head to its member nodes are generated using Symmetric Balanced Incomplete Block Design (SBIBD) and Keys are refreshed periodically to avoid stale entries. Compromised sensor nodes can be used to insert false reports (spurious reports) in wireless sensor networks. The idea of interaction between the sensor nodes utilizing keys and building up a protected association helps in making sure the network is secure. Compared with similar existing schemes, our approach can provide better security.

In recent years, there have been situations in which the zero-sequence protection of the transformer has been incorrectly operated due to the converter transformer energizing or fault recovery. For converter transformers, maloperation may also occur. However, there is almost no theoretical research on the zero-mode inrush currents of converter transformers. This paper studies the characteristics of the zero-mode inrush currents of the converter transformers, including the relationship between the amplitude and attenuation characteristics of the zero-mode inrush currents of converter transformers, and their relationship with the system resistance, remanence, and closing angle. First, based on the T-type equivalent circuit of the transformer, the equivalent circuit of the zero-mode inrush current of each transformer is obtained. On this basis, the amplitude relationship of the zero-mode inrush currents of different converter transformers is obtained: the zero-mode inrush current of the energizing pole YY transformer becomes larger than the YD transformer, the energized pole YD becomes greater than the YY transformer, and the YY transformer zero-mode inrush current rises from 0. It is also analyzed that the sympathetic interaction will make the attenuation of the converter transformer zero-mode inrush current slower. The system resistance mainly affects the initial attenuation speed, and the later attenuation speed is mainly determined by the converter transformer leakage reactance. Finally, PSCAD modeling and simulation are carried out to verify the accuracy of the theoretical analysis.

Blockchain transactions are signed by private keys. Secure key storage and tamper resistant computing, are critical requirements for deployments of trusted infrastructure. In this paper we identify some threats against blockchain wallets, and we introduce a set of physical and logical countermeasures in order to defeat them. We introduce open software and hardware architectures based on secure elements, which enable detection of cloned device and corrupted software. These technologies are based on resistant computing (javacard), smartcard anti cloning, smartcard self content attestation, applicative firewall, bare metal architecture, remote attestation, dynamic PUF (Physical Unclonable Function), and programming token as root of trust.

This work introduces a new microcomputing node with long-term resistant data security, based on asymmetric and symmetric encryption combined with the modern and established scripting language Python. The presented microcomputing node integrates a MicroPython runtime environment to address a wide audience of application engineers as user base instead of a selected group of embedded engineers, who have deep knowledge in programming IoT devices using C/C++. It combines its scripting capabilities with security features of modern smartcards and secure cellular networking based on 4G.

The Internet of Things (IoT) is a technology that allows connection between devices using the internet to collect and exchange data with each other. Privacy and security have become the most pressing issues in the IoT network, especially in the smart home. Nevertheless, there are still many smart home devices that have not implemented security and privacy policies. This study proposes a remote sensor control system built on ESP32 to implement a smart home through the Message Queuing Telemetry Transport(MQTT) protocol by applying the Advanced Encryption Standard (AES) algorithm with a 256-bit key. It addresses security issues in the smart home by encrypting messages sent from users to sensors. Besides ESP32, the system implementation also uses Raspberry Pi and smartphone with Android applications. The network was analyzed using Wireshark, and it showed that the message sent was encrypted. This implementation could prevent brute force attacks, with the result that it could guarantee the confidentiality of a message. Meanwhile, from several experiments conducted in this study, the difference in the average time of sending encrypted and unencrypted messages was not too significant, i.e., 20 ms.

Federated learning is a privacy-preserving learning system where participants locally update a shared model with their own training data. Despite the advantage that training data are not sent to a server, there is still a risk that a state-of-the-art model inversion attack, which may be conducted by the server, infers training data from the models updated by the participants, referred to as individual models. A solution to prevent such attacks is differential privacy, where each participant adds noise to the individual model before sending it to the server. Differential privacy, however, sacrifices the quality of the shared model in compensation for the fact that participants' training data are not leaked. This paper proposes a federated learning system that is resistant to model inversion attacks without sacrificing the quality of the shared model. The core idea is that each participant divides the individual model into model fragments, shuffles, and aggregates them to prevent adversaries from inferring training data. The other benefit of the proposed system is that the resulting shared model is identical to the shared model generated with the naive federated learning.

When location-based services (LBS) are delivered, location data should be protected against honest-but-curious LBS providers, them being quasi-identifiers. One of the existing approaches to achieving this goal is location k-anonymity, which leverages the presence of a trusted party, called location trusted service (LTS), playing the role of anonymizer. A drawback of this approach is that the location trusted service is a single point of failure and traces all the users. Moreover, the protection is completely nullified if a global passive adversary is allowed, able to monitor the flow of messages, as the source of the query can be identified despite location k-anonymity. In this paper, we propose a distributed and hierarchical LTS model, overcoming both the above drawbacks. Moreover, position notification is used as cover traffic to hide queries and multicast is minimally adopted to hide responses, to keep k-anonymity also against the global adversary, thus enabling the possibility that LBS are delivered within social networks.

Data tracing is an important topic in the era of digital economy when data are considered as one of the core factors in economic activities. However, the current data traceability systems often fail to obtain public trust due to their centralization and opaqueness. Blockchain possesses natural technical features such as data tampering resistance, anonymity, encryption security, etc., and shows great potential of improving the data tracing credibility. In this paper, we propose a blockchain-PROV-based multi-center data provenance solution in where the PROV model standardizes the data record storage and provenance on the blockchain automatically and intelligently. The solution improves the transparency and credibility of the provenance data, such as to help the efficient control and open sharing of data assets.

The paper proposes a method for image content recovery based on digital watermarking. Existing image watermarking systems detect the tampering and can identify the exact positions of tampered regions, but only a few systems can recover the original image content. In this paper, we suggest a method for recovering the regions of interest (ROIs). It embeds the semi-fragile watermark resistant to JPEG compression (for the quality parameter values greater than or equal to the predefined threshold) and such local tamperings as splicing, copy-move, and retouching, whereas is destroyed by any other image modifications. In the experimental part, the performance of the method is shown on the road traffic JPEG images where the ROIs correspond to car license plates. The method is proven to be an efficient tool for recovering the original ROIs and can be integrated into any JPEG semi-fragile watermarking system.

This work focuses on the design and implementation of a microcontroller for apply all the knowledge acquired during Engineering Electronics career. In order to improve the knowledge about RF technologies, security system have been created, which increases the number of applications used in these days. This design utilizes light sensors as the end device for detecting any changes of resistance. The results show that the designed system can send and receive data until 100 meters of distance between module sides (receiver-transmitter). This security system designed using PIC 16F84 microcontroller as entire brain of the system with sensors, has been successfully designed and implement considering some factors such as economy, availability of components and durability in the design process.

The Internet Protocol Version 6 (IPV6) proposed to replace IPV4 to solve scalability challenges and improve quality of service and security. Current implementation of IPv6 uses static value that is determined from the Media Access Control (MAC) address as the Interface Identifier (IID). This results in a deterministic IID for each user that is the same regardless of any network changes. This provides an eavesdropper with the ability to easily track the physical location of the communicating nodes using simple tools, such as ping and traceroute. Moreover, this address generation method provides a means to correlate network traffic with a specific user which can be achieved by filtering the IID and traffic analysis. These serious privacy breaches need to be addressed before widespread deployment of IPv6. In this paper we propose a privacy-enhanced method for generating IID which combines different network parameters. The proposed method generates non-deterministic IIDs that is resistance against correlation attack. We validate our approach using Wireshark, ping and traceroute tools and show that our proposed approach achieves better privacy compared to the existing IID generation methods.

With the remarkable growth of the Internet and communication technologies over the past few decades, Internet of Things (IoTs) is enabling the ubiquitous connectivity of heterogeneous physical devices with software, sensors, and actuators. IoT networks are naturally two layers with the cloud and cellular networks coexisting with the underlaid device-to-device communications. The connectivity of IoTs plays an important role in information dissemination for mission-critical and civilian applications. However, IoT communication networks are vulnerable to cyber attacks including the denial-of-service and jamming attacks, resulting in link removals in the IoT network. In this paper, we develop a heterogeneous IoT network design framework in which a network designer can add links to provide additional communication paths between two nodes or secure links against attacks by investing resources. By anticipating the strategic cyber attacks, we characterize the optimal design of the secure IoT network by first providing a lower bound on the number of links a secure network requires for a given budget of protected links, and then developing a method to construct networks that satisfy the heterogeneous network design specifications. Therefore, each layer of the designed heterogeneous IoT network is resistant to a predefined level of malicious attacks with minimum resources. Finally, we provide case studies on the Internet of Battlefield Things to corroborate and illustrate our obtained results.