Biblio

Cyber security is reliant on the actions of both machine and human and remains a domain of importance and continual evolution. While the study of human behavior has grown, less attention has been paid to the adversarial operator. Cyber environments consist of complex and dynamic situations where decisions are made with incomplete information. In such scenarios people form strategies based on simplified models of the world and are often efficient and effective, yet may result in judgement or decision-making bias. In this paper, we examine an initial list of biases affecting adversarial cyber actors. We use subject matter experts to derive examples and demonstrate these biases likely exist, and play a role in how attackers operate.

The progression of cryptographic attacks in the ICT era doubtless leads to the development of new cryptographic algorithms and assessment, and evaluation of the existing ones. In this paper, the artificial intelligence application, through the fuzzy analytic hierarchy process (FAHP) implementation, is used to rank criteria and sub-criteria on which the algorithms are based to determine the most promising criteria and optimize their use. Out of fifteen criteria, security soundness, robustness and hardware failure distinguished as significant ones.

Reward functions are critical hyperparameters with commercial values for individual or distributed reinforcement learning (RL), as slightly different reward functions result in significantly different performance. However, existing inverse reinforcement learning (IRL) methods can be utilized to approximate reward functions just based on collected expert trajectories through observing. Thus, in the real RL process, how to generate a polluted trajectory and perform an adversarial attack on IRL for protecting reward functions has become the key issue. Meanwhile, considering the actual RL cost, generated adversarial trajectories should be minimal and non-catastrophic for ensuring normal RL performance. In this work, we propose a novel approach to craft adversarial trajectories disguised as expert ones, for decreasing the IRL performance and realize the anti-IRL ability. Firstly, we design a reward clustering-based metric to integrate both advantages of fine- and coarse-grained IRL assessment, including expected value difference (EVD) and mean reward loss (MRL). Further, based on such metric, we explore an adversarial attack based on agglomerative nesting algorithm (AGNES) clustering and determine targeted states as starting states for reward perturbation. Then we employ the intrinsic fear model to predict the probability of imminent catastrophe, supporting to generate non-catastrophic adversarial trajectories. Extensive experiments of 7 state-of-the-art IRL algorithms are implemented on the Object World benchmark, demonstrating the capability of our proposed approach in (a) decreasing the IRL performance and (b) having minimal and non-catastrophic adversarial trajectories.

The proposed method allows us to determine the predicted value of the complex systems information security risk and its confidence interval using regression analysis and fuzzy logic in terms of the risk dependence on various factors: the value of resources, the level of threats, potential damage, the level of costs for creating and operating the system, the information resources control level.

The mechanism of Fog computing is a distributed infrastructure to provide the computations as same as cloud computing. The fog computing environment provides the storage and processing of data in a distributed manner based on the locality. Fog servicing is better than cloud service for working with smart devices and users in a same locale. However the fog computing will inherit the features of the cloud, it also suffers from many security issues as cloud. One such security issue is authentication with efficient key management between the communicating entities. In this paper, we propose a secured two-way authentication scheme with efficient management of keys between the user mobile device and smart devices under the control of the fog server. We made use of operations such as one-way hash (SHA-512) functions, bitwise XOR, and fuzzy extractor function to make the authentication system to be better. We have verified the proposed scheme for its security effectiveness by using a well-used analysis tool ProVerif. We also proved that it can resist multiple attacks and the security overhead is reduced in terms of computation and communication cost as compared to the existing methods.

Cloud computing is a modern type of service that provides each consumer with a large-scale computing tool. Different cyber-attacks can potentially target cloud computing systems, as most cloud computing systems offer services to so many people who are not known to be trustworthy. Therefore, to protect that Virtual Machine from threats, a cloud computing system must incorporate some security monitoring framework. There is a tradeoff between the security level of the security system and the performance of the system in this scenario. If a strong security is required then a stronger security service using more rules or patterns should be incorporated and then in proportion to the strength of security, it needs much more computing resources. So the amount of resources allocated to customers is decreasing so this research work will introduce a new way of security system in cloud environments to the VM in this research. The main point of Fog computing is to part of the cloud server's work in the ongoing study tells the step-by-step cloud server to change gigantic information measurement because the endeavor apps are relocated to the cloud to keep the framework cost. So the cloud server is devouring and changing huge measures of information step by step so it is rented to keep up the problem and additionally get terrible reactions in a horrible device environment. Cloud computing and Fog computing approaches were combined in this paper to review data movement and safe information about MDHC.

Pooling together samples and testing the resulting mixture is gaining considerable interest as a potential method to markedly increase the rate of testing for SARS-CoV-2, given the resource limited conditions. Such pooling can also be employed for carrying out large scale diagnostic testing of other infectious diseases, especially when the available resources are limited. Therefore, it has become important to design a user-friendly tool to assist clinicians and policy makers, to determine optimal testing pool and sub-pool sizes for their specific scenarios. We have developed such a tool; the calculator web application is available at https://riteshsingh.github.io/poolsize/. The algorithms employed are described and analyzed in this paper, and their application to other scientific fields is also discussed. We find that pooling always reduces the expected number of tests in all the conditions, at the cost of test sensitivity. The No sub-pooling optimal pool size calculator will be the most widely applicable one, because limitations of sample quantity will restrict sub-pooling in most conditions.

Today’s edge networks continue to see an increasing number of deployed IoT devices. These IoT devices aim to increase productivity and efficiency; however, they are plagued by a myriad of vulnerabilities. Industry and academia have proposed protecting these devices by deploying a “bolt-on” security gateway to these edge networks. The gateway applies security protections at the network level. While security gateways are an attractive solution, they raise a fundamental concern: Can the bolt-on security gateway be trusted? This paper identifies key challenges in realizing this goal and sketches a roadmap for providing trust in bolt-on edge IoT security gateways. Specifically, we show the promise of using a micro-hypervisor driven approach for delivering practical (deployable today) trust that is catered to both end-users and gateway vendors alike in terms of cost, generality, capabilities, and performance. We describe the challenges in establishing trust on today’s edge security gateways, formalize the adversary and trust properties, describe our system architecture, encode and prove our architecture trust properties using the Alloy formal modeling language. We foresee our trustworthy security gateway architecture becoming a practical and extensible formal foundation towards realizing robust trust properties on today’s edge security gateway implementations.

The Internet of Drones (IoD) is a distributed network control system that mainly manages unmanned aerial vehicle access to controlled airspace and provides navigation between so-called nodes. Securing the transmission of real-time information from the nodes in these applications is essential. The limited drone nodes, data storage, computing and communication capabilities necessitate the need to design an effective and secure authentication scheme. Recently, research has proposed remote user authentication and the key agreement on IoD and claimed that their schemes satisfied all security issues in these networks. However, we found that their schemes may lead to losing access to the drone system due to the corruption of using a key management system and make the system completely unusable. To solve this drawback, we propose a lightweight and anonymous two-factor authentication scheme for drones. The proposed scheme is based on an asymmetric cryptographic method to provide a secure system and is more suitable than the other existing schemes by securing real-time information. Moreover, the comparison shows that the proposed scheme minimized the complexity of communication and computation costs.

In order to improve the security and reliability of information system and reduce the risk of vulnerability intrusion and attack, an automatic patch installation method of operating systems based on deep learning is proposed, If the installation is successful, the basic information of the system will be returned to the visualization server. If the installation fails, it is recommended to upgrading manually and display it on the patch detection visualization server. Through the practical application of statistical analysis, the statistical results show that the proposed method is significantly better than the original and traditional installation methods, which can effectively avoid the problem of client repeated download, and greatly improve the success rate of patch automatic upgrades. It effectively saves the upgrade cost and ensures the security and reliability of the information system.

Object-oriented program (OOP) is very popular in these years for its advantages, but the testing method for OOP is still not mature enough. To deal with the problem that it is impossible to generate the probability density function by simply numeralizing a point in the test case caused by the complex structure of the object-oriented test case, we propose the Adaptive Random Testing through Test Profile for Object-Oriented software (ARTTP-OO). It generates a test case at the edge of the input field and calculates the distance between object-oriented test cases using Object and Method Invocation Sequence Similarity (OMISS) metric formula. And the probability density function is generated by the distance to select the test cases, thereby realizing the application of ARTTP algorithm in OOP. The experimental results indicate the proposed ARTTP-OO consumes less time cost without reducing the detection effectiveness.

The ever-increasing cost and complexity of cutting-edge manufacturing and test processes have migrated the semiconductor industry towards a globalized business model. With many untrusted entities involved in the supply chain located across the globe, original intellectual property (IP) owners face threats such as IP theft/piracy, tampering, counterfeiting, reverse engineering, and overproduction. Logic locking has emerged as a promising solution to protect integrated circuits (ICs) against supply chain vulnerabilities. It inserts key gates to corrupt circuit functionality for incorrect key inputs. A logic-locked chip test can be performed either before or after chip activation (becoming unlocked) by loading the unlocking key into the on-chip tamperproof memory. However, both pre-activation and post-activation tests suffer from lower test coverage, higher test cost, and critical security vulnerabilities. To address the shortcomings, we propose LL-ATPG, a logic-locking aware test method that applies a set of valet (dummy) keys based on a target test coverage to perform manufacturing test in an untrusted environment. LL-ATPG achieves high test coverage and minimizes test time overhead when testing the logic-locked chip before activation without sharing the unlocking key. We perform security analysis of LL-ATPG and experimentally demonstrate that sharing the valet keys with the untrusted foundry does not create additional vulnerability for the underlying locking method.

Pairings on elliptic curves are exploited for pairing-based cryptography, e.g., ID-based encryption and group signature authentication. For secure cryptography, it is important to choose the curves that have resistance to a special variant of the tower number field sieve (TNFS) that is an attack for the finite fields. However, for the pairings on several curves with embedding degree \$k=\10,11,13,14\\$ resistant to the special TNFS, efficient algorithms for computing the final exponentiation constructed by the lattice-based method have not been provided. For these curves, the authors present efficient algorithms with the calculation costs in this manuscript.

Nowadays, with the continuous increase in oil prices and the worldwide shift towards clean energy, all-electric vehicles are booming. Thence, these vehicles need widespread charging systems operating securely and reliably. Consequently, these charging systems need the most robust cybersecurity measures and strong authentication mechanisms to protect its user. This paper presents a new security scheme leveraging human biometrics in terms of iris recognition to defend against multiple types of cyber-attacks such as fraudulent identities, man-in-the-middle attacks, or unauthorized access to electric vehicle charging stations. Fundamentally, the proposed scheme implements a security mechanism based on the inherently unique characteristics of human eye biometric. The objective of the proposed scheme is to enhance the security of electric vehicle charging stations by using a low-cost and efficient authentication using k-Nearest Neighbours (KNN), which is a lightweight encryption algorithm.We tested our system on high-quality images obtained from the standard IITD iris database to search over the encrypted database and authenticate a legitimate user. The results showed that our proposed technique had minimal communication and computation overhead, which is quite suitable for the resource-limited charging station devices. Furthermore, we proved that our scheme outperforms other existing techniques.

In view of the continuous progress of current science and technology, cloud computing has been widely used in various fields. This paper proposes a secure data storage architecture based on cloud computing. The architecture studies the security issues of cloud computing from two aspects: data storage and data security, and proposes a data storage mode based on Cache and a data security mode based on third-party authentication, thereby improving the availability of data, from data storage to transmission. Corresponding protection measures have been established to realize effective protection of cloud data.

In recent years, blockchain-based cryptocurren-cies have attracted much attention. Attacks targeting cryptocurrencies and related services directly profit an attacker if successful. Related studies have reported attacks targeting configuration-vulnerable nodes in Ethereum using a method called honeypots to observe malicious user attacks. They have analyzed 380 million observed requests and showed that attacks had to that point taken at least 4193 Ether. However, long-term observations using honeypots are difficult because the cost of maintaining honeypots is high. In this study, we analyze the behavior of malicious users using our honeypot system. More precisely, we clarify the pre-investigation that a malicious user performs before attacks. We show that the cost of maintaining a honeypot can be reduced. For example, honeypots need to belong in Ethereum's P2P network but not to the mainnet. Further, if they belong to the testnet, the cost of storage space can be reduced.

The article proposes a general approach to the implementation of encryption schemes based on the group of automorphisms of the Hermitian functional field. The three-parameter group is used with logarithmic captions outside the center of the group. This time we applied for an encryption scheme based on a Hermitian function field with homomorphic encryption. The use of homomorphic encryption is an advantage of this implementation. The complexity of the attack and the size of the encrypted message depends on the strength of the group.

The Internet of Battlefield Things (IoBT) is a dynamically composed network of intelligent sensors and actuators that operate as a command and control, communications, computers, and intelligence complex-system with the aim to enable multi-domain operations. The use of artificial intelligence can help transform the IoBT data into actionable insight to create information and decision advantage on the battlefield. In this work, we focus on how accounting for uncertainty in IoBT systems can result in more robust and safer systems. Human trust in these systems requires the ability to understand and interpret how machines make decisions. Most real-world applications currently use deterministic machine learning techniques that cannot incorporate uncertainty. In this work, we focus on the machine learning task of classifying vehicles from their audio recordings, comparing deterministic convolutional neural networks (CNNs) with Bayesian CNNs to show that correctly estimating the uncertainty can help lead to robust decision-making in IoBT.

With advantages of low cost, high mobility, and flexible deployment, unmanned aerial vehicle (UAVs) are employed to efficiently detect abnormal vehicle behaviors (AVBs) in the internet of vehicles (IoVs). However, due to limited resources including battery, computing, and communication, UAVs are selfish to work cooperatively. To solve the above problem, in this paper, a game theoretical UAV incentive scheme in IoVs is proposed. Specifically, the abnormal behavior model is first constructed, where three model categories are defined: velocity abnormality, distance abnormality, and overtaking abnormality. Then, the barging pricing framework is designed to model the interactions between UAVs and IoVs, where the transaction prices are determined with the abnormal behavior category detected by UAVs. At last, simulations are conducted to verify the feasibility and effectiveness of our proposed scheme.

Internal attacks are one of the biggest cybersecurity issues to companies and businesses. Despite the implemented perimeter security systems, the risk of adversely affecting the security and privacy of the organization’s information remains very high. Actually, the detection of such a threat is known to be a very complicated problem, presenting many challenges to the research community. In this paper, we investigate the effectiveness and usefulness of using Autoencoder and Variational Autoencoder deep learning algorithms to automatically defend against insider threats, without human intervention. The performance evaluation of the proposed models is done on the public CERT dataset (CERT r4.2) that contains both benign and malicious activities generated from 1000 simulated users. The comparison results with other models show that the Variational Autoencoder neural network provides the best overall performance with a higher detection accuracy and a reasonable false positive rate.

Discovering vulnerabilities is an information-intensive task that requires a developer to locate the defects in the code that have security implications. The task is difficult due to the growing code complexity and some developer's lack of security expertise. Although tools have been created to ease the difficulty, no single one is sufficient. In practice, developers often use a combination of tools to uncover vulnerabilities. Yet, the basis on which different tools are composed is under explored. In this paper, we examine the composition base by taking advantage of the tool design patterns informed by foraging theory. We follow a design science methodology and carry out a three-step empirical study: mapping 34 foraging-theoretic patterns in a specific vulnerability discovery tool, formulating hypotheses about the value and cost of foraging when considering two composition scenarios, and performing a human-subject study to test the hypotheses. Our work offers insights into guiding developers' tool usage in detecting software vulnerabilities.

This paper integrates Software-Defined Networking (SDN) and Information -Centric Networking (ICN) framework to enable low latency-based stateful routing and caching management by leveraging a novel forwarding and caching strategy. The framework is implemented in a clean- slate environment that does not rely on the TCP/IP principle. It utilizes Pending Interest Tables (PIT) instead of Forwarding Information Base (FIB) to perform data dissemination among peers in the proposed IC-SDN framework. As a result, all data exchanged and cached in the system are organized in chunks with the same interest resulting in reduced packet overhead costs. Additionally, we propose an efficient caching strategy that leverages in- network caching and naming of contents through an IC-SDN controller to support off- path caching. The testbed evaluation shows that the proposed IC-SDN implementation achieves an increased throughput and reduced latency compared to the traditional information-centric environment, especially in the high load scenarios.

In contrast to traditional physical servers, a custom-built system utilizing a bare-metal hypervisor virtual server environment provides advantages of both cost savings and flexibility in terms of systems configuration. This system is designed to facilitate hands-on experience for Computer Science students, particularly those specializing in systems administration and computer networking. This multi-purpose and functional system uses an automatic advanced virtual server reservation system (AAVSRsv), written in C++, to schedule and manage virtual servers. The use of such a system could be extended to additional courses focusing on such topics as cloud computing, database systems, information assurance, as well as ethical hacking and system defense. The design can also be replicated to offer training sessions to other information technology professionals.

This paper proposes a scheme for secure telecommunication based on synchronizing a chaotic Liu system with a nontrivial Lyapunov candidate, which allows for the control signal to act only on one state of the slave system. The proposal has the advantages of being robust against disturbances (internal and external) and simple, which is essential because it leads to significant cost reductions when implemented using analog electronics. A simulation study, which considers the presence of disturbances, is used to validate the theoretical results and show the easy implementation of the proposed approach.

The impending threat of large-scale quantum computers to classical RSA and ECC-based public-key cryptographic schemes prompted NIST to initiate a global level standardization process for post-quantum cryptography. This process which started in 2017 with 69 submissions is currently in its third and final round with seven main candidates and eight alternate candidates, out of which seven (7) out of the fifteen (15) candidates are schemes based on hard problems over structured lattices, known as lattice-based cryptographic schemes. Among the various parameters such as theoretical post-quantum (PQ) security guarantees, implementation cost and performance, resistance against physical attacks such as Side-Channel Analysis (SCA) and Fault Injection Analysis (FIA) has also emerged as an important criterion for standardization in the final round [1]. This is especially relevant for adoption of PQC in embedded devices, which are most likely used in environments where an attacker can have unimpeded physical access to the device.