Biblio

With the developing technology, cyber threats are developing rapidly, and the motivations and targets of cyber attackers are changing. In order to combat these threats, cyber threat information that provides information about the threats and the characteristics of the attackers is needed. In addition, it is of great importance to cooperate with other stakeholders and share experiences so that more information about threat information can be obtained and necessary measures can be taken quickly. In this context, in this study, it is stated that the establishment of a cooperation mechanism in which cyber threat information is shared will contribute to the cyber security capacity of organizations. And using the Zack Information Gap analysis, the deficiency of organizations in sharing threat information were determined and suggestions were presented. In addition, there are cooperation mechanisms in the USA and the EU where cyber threat information is shared, and it has been evaluated that it would be beneficial to establish a similar mechanism in our country. Thus, it is evaluated that advanced or unpredictable cyber threats can be detected, the cyber security capacities of all stakeholders will increase and a safer cyber ecosystem will be created. In addition, it is possible to collect, store, distribute and share information about the analysis of cyber incidents and malware analysis, to improve existing cyber security products or to encourage new product development, by carrying out joint R&D studies among the stakeholders to ensure that domestic and national cyber security products can be developed. It is predicted that new analysis methods can be developed by using technologies such as artificial intelligence and machine learning.

While various encryption algorithms ensure data security, it is essential to determine the accuracy and loss values and performance status in the analyzes made to determine encrypted data by deep learning. In this research, the analysis steps made by applying deep learning methods to encrypted cifar10 picture data are presented practically. The data was tried to be estimated by training with VGG16, VGG19, ResNet50 deep learning models. During this period, the network’s performance was tried to be measured, and the accuracy and loss values in these calculations were shown graphically.

The ubiquity of wireless communication systems has resulted in extensive concern regarding their security issues. Combination of signaling and secrecy coding can provide greater improvement of confidentiality than tradition methods. In this work, we mainly focus on the secrecy coding design for physical layer security in wireless communications. When the main channel and wiretap channel are noisy, we propose a McEliece secure coding method based on LDPC which can guarantee both reliability between intended users and information security with respect to eavesdropper simultaneously. Simulation results show that Bob’s BER will be significantly decreased with the SNR increased, while Eve get a BER of 0.5 no matter how the SNR changes.

Although several different attacks or modern security mechanisms have been proposed, the captchas created by the numbers and the letters are still used by some websites or applications to protect their information security. The reason is that the labels of the captcha data are difficult to collect for the attacker, and protector can easily control the various parameters of the captchas: like the noise, the font type, the font size, and the background color, then make this security mechanism update with the increased attack methods. It can against attacks in different situations very effectively. This paper presents a method to recognize the different text-based captchas based on a system constituted by the denoising autoencoder and the Convolutional Recurrent Neural Network (CRNN) model with the Connectionist Temporal Classification (CTC) structure. We show that our approach has a better performance for recognizing, and it solves the identification problem of indefinite character length captchas efficiently.

Blockchain technology relies on a growing number of globally distributed ledgers known as blockchain. This technology was used for the creation of the cryptocurrency known as bitcoin that allows transactions to be carried out quickly and easily, without the need to use an intermediary "financial institution". The information is sent trough the protocols known as: PoW (Proof of Work) and PoS (Proof of Stake), which must guarantee confidentiality, integrity and availability of the information. The present work shows the result of a bibliographic review on the evolution of the blockchain, the PoW and PoS protocols; as well as the application of these within the framework of Ecuadorian legislation with emphasis on the evolution of risks of the PoW protocol.

The theoretical basis made it possible to implement software for automated secure biometric verification and personal identification, which can be used by information security systems (including access control and management systems). The work is devoted to solving an urgent problem - the development of methods and algorithms for generating a key for a storage device based on biometric parameters. Biometric cryptosystems take advantage of biometrics to improve the security of encryption keys. The ability not to store a key that is derived from biometric data is a direct advantage of the method of generating cryptographic keys from biometric data of users over other existing encryption methods.

Biometric methods are the most effective and accurate authentication methods. However, a significant drawback of such methods is the storage of authentication information in clear text. The article is devoted to solving this problem by means of symmetric encryption method and the method of dividing the memory space. The method of symmetric encryption ensures confidentiality during storage and transmission of biometric characteristics, the method of dividing the memory space provides an increase of information security level during processing of biometric characteristics.

Honeypots are widely used to increase the security of systems and networks, but they only observe the activities that are done against them. A honeypot will not be able to detect an exploit in another system unless it interacts directly with it. In addition to the weakness caused by the normal behavior of honeypots, our research shows that honeypots may succumb to back door attacks. To prove this claim, a backdoor attack is performed on the popular Honeypot system. Experimental results show that the Kfsensor Honeypot is bypassed using a backdoor attack, and network protection is disabled even with the Honeypot enabled.

Generally, the defense measures taken against new cyber-attack methods are insufficient for cybersecurity risk management. Contrary to classical attack methods, the existence of undiscovered attack types called’ zero-day attacks’ can invalidate the actions taken. It is possible with honeypot systems to implement new security measures by recording the attacker’s behavior. The purpose of the honeypot is to learn about the methods and tools used by the attacker or malicious activity. In particular, it allows us to discover zero-day attack types and develop new defense methods for them. Attackers have made protocols such as SSH (Secure Shell) and Telnet, which are widely used for remote access to devices, primary targets. In this study, SSHTelnet honeypot was established using Cowrie software. Attackers attempted to connect, and attackers record their activity after providing access. These collected attacker log records and files uploaded to the system are published on Github to other researchers1. We shared the observations and analysis results of attacks on SSH and Telnet protocols with honeypot.

Homomorphic encryption allows users to perform mathematical operations on open data in encrypted form by performing homomorphically appropriate operations on encrypted data without knowing the decryption function (key). Nowadays such possibilities for cryptoalgorithm are very important in many areas such as data storage, cloud computing, cryptocurrency, and mush more. In 2009 a system of fully homomorphic encryption was constructed, in the future, many works were done based on it. In this work, is performed the implementation of ideal lattices for constructing homomorphic operations over ciphertexts. The idea, presented in this work, allows to separate relations between homomorphic and security parts of a lattice-based homomorphic encryption system.

Cryptographic algorithms are playing an important role in the information security field. Strong and unbreakable algorithms provide high security and good throughput. The strength of any encryption algorithm is basically based on the degree of difficulty to obtain the encryption key by such cyber-attacks as brute. It is supposed that the bigger the key size, the more difficult it is to compute the key. But increasing the key size will increase both the computational complexity and the processing time of algorithms. In this paper, we proposed a reliable, effective, and more secure symmetric stream cipher algorithm for encryption and decryption called Symmetric Cipher based on Key Hashing Algorithm (SCKHA). The idea of this algorithm is based on hashing and splitting the encryption symmetric key. Hashing the key will hide the encrypted key to prevent any intruder from forging the hash code, and, thus, it satisfies the purpose of security, authentication, and integrity for a message on the network. In addition, the algorithm is secure against a brute-force attack by increasing the resources it takes for testing each possible key. Splitting the hashed value of the encryption key will divide the hashed key into two key chunks. The encryption process performed using such one chunk based on some calculations on the plaintext. This algorithm has three advantages that are represented in computational simplicity, security and efficiency. Our algorithm is characterized by its ability to search on the encrypted data where the plaintext character is represented by two ciphertext characters (symbols).

Algorithms for unsupervised anomaly detection have proven their effectiveness and flexibility, however, first it is necessary to calculate with what ratio a certain class begins to be considered anomalous by the autoencoder. For this reason, we propose to conduct a study of the efficiency of autoencoders depending on the ratio of anomalous and non-anomalous classes. The emergence of high-speed networks in electric power systems creates a tight interaction of cyberinfrastructure with the physical infrastructure and makes the power system susceptible to cyber penetration and attacks. To address this problem, this paper proposes an innovative approach to develop a specification-based intrusion detection framework that leverages available information provided by components in a contemporary power system. An autoencoder is used to encode the causal relations among the available information to create patterns with temporal state transitions, which are used as features in the proposed intrusion detection. This allows the proposed method to detect anomalies and cyber attacks.

In order to solve the problem of quantitative assessment of information security risks in industrial control systems, this paper proposes a method of information security risk assessment for industrial control systems based on modular hybrid genetic algorithm. Combining with the characteristics of industrial control systems, the use of hybrid genetic algorithm evidence theory to identify, evaluate and assess assets and threats, and ultimately come to the order of the size of the impact of security threats on the specific industrial control system information security. This method can provide basis for making decisions to reduce information security risks in the control system from qualitative and quantitative aspects.

With powerful ability to organize, retrieve and share information, cloud computing technology has effectively improved the development of intelligent learning ecological Communities. The study finds development create a security atmosphere with all homomorphic encryption technology, virtualization technology to prevent the leakage and loss of information data. The result provided a helpful guideline to build a security environment for intelligent ecological communities.

The application of intelligent video terminal has spread in all aspects of production and life, such as urban transportation, enterprises, hospitals, banks, and families. In recent years, intelligent video terminals, video recorders and other video monitoring system components are frequently exposed to high risks of security vulnerabilities, which is likely to threaten the privacy of users and data security. Therefore, it is necessary to strengthen the security research and testing of intelligent video terminals, and formulate reinforcement and protection strategies based on the evaluation results, in order to ensure the confidentiality, integrity and availability of data collected and transmitted by intelligent video terminals.

Intelligent networked vehicles are rapidly developing in intelligence and networking. The communication architecture is becoming more complex, external interfaces are richer, and data types are more complex. Different from the information security of the traditional Internet of Things, the scenarios that need to be met for the security of the Internet of Vehicles are more diverse and the security needs to be more stable. Based on the security technology of traditional Internet of Things, password application is the main protection method to ensure the privacy and non-repudiation of data communication. This article mainly elaborates the application of security protection methods using password-related protection technologies in car-side scenarios and summarizes the security protection recommendations of contemporary connected vehicles in combination with the secure communication architecture of the Internet of Vehicles.

The intelligent connected vehicle industry has entered a period of opportunity, industry data is accumulating rapidly, and the formulation of industry standards to regulate big data management and application is imminent. As the basis of data security, data classification has received unprecedented attention. By combing through the research and development status of data classification in various industries, this article combines industry characteristics and re-examines the framework of industry data classification from the aspects of information security and data assetization, and tries to find the balance point between data security and data value. The intelligent networked automobile industry provides support for big data applications, this article combines the characteristics of the connected vehicle industry, re-examines the data characteristics of the intelligent connected vehicle industry from the 2 aspects as information security and data assetization, and eventually proposes a scene-based hierarchical framework. The framework includes the complete classification process, model, and quantifiable parameters, which provides a solution and theoretical endorsement for the construction of a big data automatic classification system for the intelligent connected vehicle industry and safe data open applications.

This research concerns the detection of unauthorised access within hospital networks through the real-time analysis of audit logs. Privacy is a primary concern amongst patients due to the rising adoption of Electronic Patient Record (EPR) systems. There is growing evidence to suggest that patients may withhold information from healthcare providers due to lack of Trust in the security of EPRs. Yet, patient record data must be available to healthcare providers at the point of care. Ensuring privacy and confidentiality of that data is challenging. Roles within healthcare organisations are dynamic and relying on access control is not sufficient. Through proactive monitoring of audit logs, unauthorised accesses can be detected and presented to an analyst for review. Advanced data analytics and visualisation techniques can be used to aid the analysis of big data within EPR audit logs to identify and highlight pertinent data points. Employing a human-in-the-loop model ensures that suspicious activity is appropriately investigated and the data analytics is continuously improving. This paper presents a system that employs a Human-in-the-Loop Machine Learning (HILML) algorithm, in addition to a density-based local outlier detection model. The system is able to detect 145 anomalous behaviours in an unlabelled dataset of 1,007,727 audit logs. This equates to 0.014% of the EPR accesses being labelled as anomalous in a specialist Liverpool (UK) hospital.

In the computer era, various digital devices are used along with networking technology for data communication in secured manner. But sometimes these systems are misused by the attackers. Information security with the high efficiency devices, tools are utilized for protecting the communication media and valuable data. In case of any unwanted incidents and security breaches, digital forensics methods and measures are well utilized for detecting the type of attacks, sources of attacks, their purposes. By utilizing information related to security measures, digital forensics evidences with suitable methodologies, digital forensics investigators detect the cyber-crimes. It is also necessary to prove the cyber-crimes before the law enforcement department. During this process investigators type to collect different types of information from the digital devices concerned to the cyber-attack. One of the major tasks of the digital investigator is collecting and managing the seizure records from the crime-scene. The present paper discusses the seizure record framework for digital forensics investigations.

Containers that can be easily created, transported and scaled with the use of container-based virtualization technologies work better than classical virtualization technologies and provide efficient resource usage. The Docker platform is one of the most widely used solutions among container-based virtualization technologies. The OS-level virtualization of the Docker platform and the container’s use of the host operating system kernel may cause security problems. In this study, a method including static and dynamic analysis has been proposed to ensure Docker image and container security. In the static analysis phase of the method, the packages of the images are scanned for vulnerabilities and malware. In the dynamic analysis phase, Docker containers are run for a certain period of time, after the open port scanning, network traffic is analyzed with the Snort3. Seven Docker images are analyzed and the results are shared.

Vulnerability analysis is an integral part of an overall security program. Through identifying known security flaws and weaknesses, vulnerability identification tools help security practitioners to remediate the existing vulnerabilities on the networks. Thus, it is crucial that the results of such tools are complete, accurate, timely and they produce vulnerability results with minimum or no side-effects on the networks. To achieve these goals, Active Vulnerability Scanning (AVS) or Passive Vulnerability Detection (PVD) approaches can be used by network-based vulnerability scanners. In this work, we evaluate these two approaches with respect to efficiency and effectiveness. For the effectiveness analysis, we compare these two approaches empirically on a test environment and evaluate their outcomes. According to total amount of accuracy and precision, the PVD results are higher than AVS. As a result of our analysis, we conclude that PVD returns more complete and accurate results with considerably shorter scanning periods and with no side-effects on networks, compared to the AVS.

Data security and privacy have become an important problem while big data systems are growing dramatically fast in various application fields. Paillier additive homomorphic cryptosystem is widely used in information security fields such as big data security, communication security, cloud computing security, and artificial intelligence security. However, how to improve its computational performance is one of the most critical problems in practice. In this paper, we propose two modifications to improve the performance of the Paillier cryptosystem. Firstly, we introduce a key generation method to generate the private key with low Hamming weight, and this can be used to accelerate the decryption computation of the Paillier cryptosystem. Secondly, we propose an acceleration method based on Hensel lifting in the Paillier cryptosystem. This method can obtain a faster and improved decryption process by showing the mathematical analysis of the decryption algorithm.

To address the concerns posed by certain security attacks on communication protocol, this paper proposes a Quantum Key Exchange algorithm coupled with an encoding scheme based on Fermat Numbers and DNA sequences. The concept of Watson-Crick’s transformation of DNA sequences and random property of the Fermat Numbers is applied for protection of the communication system by means of dual encryption. The key generation procedure is governed by a quantum bit rotation mechanism. The total process is illustrated with an example. Also, security analysis of the encryption and decryption process is also discussed.

This article reports results about the development of the algorithm that allows to increase the information security of OFDM communication system based on the discrete-nonlinear Colpitts system with dynamic chaos. Proposed system works on two layers: information and transport. In the first one, Arnold Transform was applied. The second one, transport level security was provided by QAM constellation mixing. Correlation coefficients, Shannon's entropy and peak-to-average power ratio (PAPR) were estimated.

In this work, the algorithm of increasing the information security of a communication system with Orthogonal Frequency Division Multiplexing (OFDM) was achieved by using a discrete-nonlinear Duffing system with dynamic chaos. The main idea of increasing information security is based on scrambling input information on three levels. The first one is mixing up data order, the second is scrambling data values and the final is mixing symbols at the Quadrature Amplitude Modulation (QAM) plot constellation. Each level's activities were made with the use of pseudorandom numbers set, generated by the discrete-nonlinear Duffing system with dynamic chaos.