Biblio

Machine learning experts prefer to think of their input as a single, homogeneous, and consistent data set. However, when analyzing large volumes of data, the entire data set may not be manageable on a single server, but must be stored on a distributed file system instead. Moreover, with the pressing demand to deliver explainable models, the experts may no longer focus on the machine learning algorithms in isolation, but must take into account the distributed nature of the data stored, as well as the impact of any data pre-processing steps upstream in their data analysis pipeline. In this paper, we make the point that even basic transformations during data preparation can impact the model learned, and that this is exacerbated in a distributed setting. We then sketch our vision of end-to-end explainability of the model learned, taking the pre-processing into account. In particular, we point out the potentials of linking the contributions of research on data provenance with the efforts on explainability in machine learning. In doing so, we highlight pitfalls we may experience in a distributed system on the way to generating more holistic explanations for our machine learning models.

Random number generators play a pivotal role in generating security primitives, e.g., encryption keys, nonces, initial vectors, and random masking for side-channel countermeasures. A quantum entropy source based on radioactive isotope decay can be exploited to generate random numbers with sufficient entropy. If a deterministic random bit generator (DRBG) is combined for post-processing, throughput of the quantum random number generator (QRNG) can be improved. However, general DRBGs are susceptible to side-channel attacks. In this paper, we propose a framework called SCR-QRNG framework, which offers Side-Channel Resistant primitives using QRNG. The QRNG provides sources of randomness for modulating the clock frequency of a DRBG to obfuscate side-channel leakages, and to generate unbiased random numbers for security primitives. The QRNG has robustness against power side-channel attacks and is in compliance with NIST SP 800-22/90B and BSI AIS 31. We fabricate a quantum entropy chip, and implement a PCB module for a random frequency clock generator and a side-channel resistant QRNG on an FPGA.

To discuss secure key generation from imperfect random numbers, we address the secure key generation length. There are several studies for its asymptotic expansion up to the order √n or log n. However, these expansions have errors of the order o(√n) or o(log n), which does not go to zero asymptotically. To resolve this problem, we derive the asymptotic expansion up to the constant order for upper and lower bounds of these optimal values. While the expansions of upper and lower bonds do not match, they clarify the ranges of these optimal values, whose errors go to zero asymptotically.

OpenSSL is an open source library that implements the Secure Socket Layer (SSL), a security protocol used by the TCP/IP layer. All cryptographic systems require random number generation for many reasons, such as cryptographic key generation and protocol challenge/response, OpenSSL is also the same. OpenSSL can be run on a variety of operating systems. especially when generating random numbers on Unix-like operating systems, it can use /dev /(u)random [6], as a seed to add randomness. In this paper, we analyze the process provided by OpenSSL when random number generation is required. We also provide considerations for application developers and OpenSSL users to use /dev/urandom and real-time clock (nanoseconds of timespec structure) as a seed to generate cryptographic random numbers in the Unix family.

Random numbers are important tools for generating secret keys, encrypting messages, or masking the content of certain protocols with a random sequence that can be deterministically generated. The lack of assurance about the random numbers generated can cause serious damage to cryptographic protocols, prompting vulnerabilities to be exploited by the attackers. In this paper, a new pseudo - random number generator algorithm that uses dynamic system clock converted to Epoch Timestamp as PRNG seed was developed. The algorithm uses a Linear Congruential Generator (LCG) algorithm that produces a sequence of pseudo - randomized numbers that performs mathematical operations to transform numbers that appears to be unrelated to the Seed. Simulation result shows that the new PRNG algorithm does not generate repeated random numbers based on the frequency of iteration, a good indicator that the key for random numbers is secured. Numerical analysis using NIST Test Suite results concerning to random sequences generated random numbers has a total average of 0.342 P-value. For a p-value ≥ 0.001, a sequence would be considered to be random with a confidence of 99.9%. This shows that robustness and unpredictability were achieved. Hence, It is highly deterministic in nature and has a good quality of Pseudo-Random Numbers. It is therefore a good source of a session key generation for encryption, reciprocal in the authentication schemes and other cryptographic algorithm parameters that improve and secure data from any type of security attack.

Efficiently searchable and easily deployable encryption schemes enable an untrusted, legacy service such as a relational database engine to perform searches over encrypted data. The ease with which such schemes can be deployed on top of existing services makes them especially appealing in operational environments where encryption is needed but it is not feasible to replace large infrastructure components like databases or document management systems. Unfortunately all previously known approaches for efficiently searchable and easily deployable encryption are vulnerable to inference attacks where an adversary can use knowledge of the distribution of the data to recover the plaintext with high probability. We present a new efficiently searchable, easily deployable database encryption scheme that is provably secure against inference attacks even when used with real, low-entropy data. We implemented our constructions in Haskell and tested databases up to 10 million records showing our construction properly balances security, deployability and performance.

The analysis of applied tasks and methods of entropy signal processing are carried out in this article. The theoretical comments about the specific schemes of special processors for the determination of probability and correlation activity are given. The perspective of the influence of probabilistic entropy of C. Shannon as cipher signal receivers is reviewed. Examples of entropy-manipulated signals and system characteristics of the proposed special processors are given.

In this research project, we are interested by finding solutions to the problem of image analysis and processing in the encrypted domain. For security reasons, more and more digital data are transferred or stored in the encrypted domain. However, during the transmission or the archiving of encrypted images, it is often necessary to analyze or process them, without knowing the original content or the secret key used during the encryption phase. We propose to work on this problem, by associating theoretical aspects with numerous applications. Our main contributions concern: data hiding in encrypted images, correction of noisy encrypted images, recompression of crypto-compressed images and secret image sharing.

Security down to hardware (HW) has become a fundamental requirement in highly-connected and ubiquitously deployed systems, as a result of the recent discovery of a wide range of vulnerabilities in commercial devices, as well as the affordability of several attacks that were traditionally considered unlikely. HW security is now a fundamental requirement in view of the massive attack surface that they expose, and the substantial power penalty entailed by solutions at higher levels of abstraction.In large-scale networks of connected devices, attacks need to be counteracted at low cost down to individual nodes, which need to be identified or authenticated securely, and protect confidentiality and integrity of the data that is sensed, stored, processed and wirelessly exchanged. In many security-sensitive applications, physical attacks against individual chips need to be counteracted to truly enable an end-to-end chain of trust from nodes to cloud and actuation (i.e., always-on security). These requirements have motivated the on-going global research and development effort to assure hardware security at low cost and power penalty down to low-end devices (i.e., ubiquitous security).This paper provides a fresh overview of the fundamentals, the design requirements and the state of the art in primitives for HW security. Challenges and future directions are discussed using recent silicon demonstrations as case studies.

Distributed Denial of Service attack is very harmful to software-defined networking. Effective defense measures are the key to ensure SDN security. An adaptive moving target defense scheme based on end information hopping for SDN is proposed. The source address entropy value and the flow rate method are used to detect the network condition. According to the detection result, the end information is adjusted by time adaptive or space adaptive. A model of active network defense is constructed. The experimental results show that the proposed scheme enhances the anti-attack capability and serviceability compared with other methods, and has greater dynamics and flexibility.

Fuzzy k-modes (FKM) are variants of fuzzy c-means used for categorical data. The FKM algorithms generally treat feature components with equal importance. However, in clustering process, different feature weights need to be assigned for feature components because some irrelevant features may degrade the performance of the FKM algorithms. In this paper, we propose a novel algorithm, called feature-weighted fuzzy k-modes (FW-FKM), to improve FKM with a feature-weight entropy term such that it can automatically compute different feature weights for categorical data. Some numerical and real data sets are used to compare FW-FKM with some existing methods in the literature. Experimental results and comparisons actually demonstrate these good aspects of the proposed FW-FKM with its effectiveness and usefulness in practice.

The Distributed Denial of Service attack is one of the most common attacks and it is hard to mitigate, however, it has become more difficult while dealing with the Low-rate DoS (LDoS) attacks. The LDoS exploits the vulnerability of TCP congestion-control mechanism by sending malicious traffic at the low constant rate and influence the victim machine. Recently, machine learning approaches are applied to detect the complex DDoS attacks and improve the efficiency and robustness of the intrusion detection system. In this research, the algorithm is designed to balance the detection rate and its efficiency. The detection algorithm combines the Power Spectral Density (PSD) entropy function and Support Vector Machine to detect LDoS traffic from normal traffic. In our solution, the detection rate and efficiency are adjustable based on the parameter in the decision algorithm. To have high efficiency, the detection method will always detect the attacks by calculating PSD-entropy first and compare it with the two adaptive thresholds. The thresholds can efficiently filter nearly 19% of the samples with a high detection rate. To minimize the computational cost and look only for the patterns that are most relevant for detection, Support Vector Machine based machine learning model is applied to learn the traffic pattern and select appropriate features for detection algorithm. The experimental results show that the proposed approach can detect 99.19% of the LDoS attacks and has an O (n log n) time complexity in the best case.

The natural redundancy in video data due to its spatio-temporal correlation of neighbouring pixels require highly complex encryption process to successfully cipher the data. Conventional encryption methods are based on lengthy keys and higher number of rounds which are inefficient for low powered, small battery operated devices. Motivated by the success of lightweight encryption methods specially designed for IoT environment, herein an efficient method for video encryption is proposed. The proposed technique is based on a recently proposed encryption algorithm named Secure IoT (SIT), which utilizes P and Q functions of the KHAZAD cipher to achieve high encryption at low computation cost. Extensive simulations are performed to evaluate the efficacy of the proposed method and results are compared with Secure Force (SF-64) cipher. Under all conditions the proposed method achieved significantly improved results.

Information security is winding up noticeably more vital in information stockpiling and transmission. Images are generally utilised for various purposes. As a result, the protection of image from the unauthorised client is critical. Established encryption techniques are not ready to give a secure framework. To defeat this, image encryption is finished through DNA encoding which is additionally included with confused 1D and 2D logistic maps. The key communication is done through the quantum channel using the BB84 protocol. To recover the encrypted image DNA decoding is performed. Since DNA encryption is invertible, decoding can be effectively done through DNA subtraction. It decreases the complexity and furthermore gives more strength when contrasted with traditional encryption plans. The enhanced strength of the framework is measured utilising measurements like NPCR, UACI, Correlation and Entropy.

Data have become an important asset for analysis and behavioral prediction, especially correlations between data. Privacy protection has aroused academic and social concern given the amount of personal sensitive information involved in data. However, existing works assume that the records are independent of each other, which is unsuitable for associated data. Many studies either fail to achieve privacy protection or lead to excessive loss of information while applying data correlations. Differential privacy, which achieves privacy protection by injecting random noise into the statistical results given the correlation, will improve the background knowledge of adversaries. Therefore, this paper proposes an information entropy differential privacy solution for correlation data privacy issues based on rough set theory. Under the solution, we use rough set theory to measure the degree of association between attributes and use information entropy to quantify the sensitivity of the attribute. The information entropy difference privacy is achieved by clustering based on the correlation and adding personalized noise to each cluster while preserving the correlations between data. Experiments show that our algorithm can effectively preserve the correlation between the attributes while protecting privacy.

Dozens of signature and anomaly based solutions have been proposed to detect malicious activities in computer networks. However, the number of successful attacks are increasing every day. In this paper, we developed a novel entropy based technique, called Edmund, to detect and mitigate Network attacks. While analyzing full payload network traffic was not recommended due to users' privacy, Edmund used netflow data to detect abnormal behavior. The experimental results showed that Edmund was able to highly accurate detect (around 95%) different application, transport, and network layers attacks. It could identify more than 100K malicious flows raised by 1168 different attackers in our campus. Identifying the attackers, is a great feature, which enables the network administrators to mitigate DDoS effects during the attack time.

The integration of Internet of Things (IoT) and edge computing is currently a new research hotspot. However, the lack of trust between IoT edge devices has hindered the universal acceptance of IoT edge computing as outsourced computing services. In order to increase the adoption of IoT edge computing applications, first, IoT edge computing architecture should establish efficient trust calculation mechanism to alleviate the concerns of numerous users. In this paper, a reliable and lightweight trust mechanism is originally proposed for IoT edge devices based on multi-source feedback information fusion. First, due to the multi-source feedback mechanism is used for global trust calculation, our trust calculation mechanism is more reliable against bad-mouthing attacks caused by malicious feedback providers. Then, we adopt lightweight trust evaluating mechanism for cooperations of IoT edge devices, which is suitable for largescale IoT edge computing because it facilitates low-overhead trust computing algorithms. At the same time, we adopt a feedback information fusion algorithm based on objective information entropy theory, which can overcome the limitations of traditional trust schemes, whereby the trust factors are weighted manually or subjectively. And the experimental results show that the proposed trust calculation scheme significantly outperforms existing approaches in both computational efficiency and reliability.

In order to make up for the shortcomings of traditional evaluation methods neglecting node difference, a vulnerability assessment method considering node heterogeneity for cyber physical power system (CPPS) is proposed. Based on the entropy of the power flow and complex network theory, we establish heterogeneity evaluation index system for CPPS, which considers the survivability of island survivability and short-term operation of the communication network. For mustration, hierarchical CPPS model and distributed CPPS model are established respectively based on partitioning characteristic and different relationships of power grid and communication network. Simulation results show that distributed system is more robust than hierarchical system of different weighting factor whether under random attack or deliberate attack and a hierarchical system is more sensitive to the weighting factor. The proposed method has a better recognition effect on the equilibrium of the network structure and can assess the vulnerability of CPPS more accurately.

In this paper, we introduce a two-step method for estimating the strength of user-created graphical passwords based on the eye-gaze behaviour during password composition. First, the individuals' gaze patterns, represented by the unique fixations on each area of interest (AOI) and the total fixation duration per AOI, are calculated. Second, the gaze-based entropy of the individual is calculated. To investigate whether the proposed metric is a credible predictor of the password strength, we conducted two feasibility studies. Results revealed a strong positive correlation between the strength of the created passwords and the gaze-based entropy. Hence, we argue that the proposed gaze-based metric allows for unobtrusive prediction of the strength of the password a user is going to create and enables intervention to the password composition for helping users create stronger passwords.

Defect prediction is an active topic in software quality assurance, which can help developers find potential bugs and make better use of resources. To improve prediction performance, this paper introduces cross-entropy, one common measure for natural language, as a new code metric into defect prediction tasks and proposes a framework called DefectLearner for this process. We first build a recurrent neural network language model to learn regularities in source code from software repository. Based on the trained model, the cross-entropy of each component can be calculated. To evaluate the discrimination for defect-proneness, cross-entropy is compared with 20 widely used metrics on 12 open-source projects. The experimental results show that cross-entropy metric is more discriminative than 50% of the traditional metrics. Besides, we combine cross-entropy with traditional metric suites together for accurate defect prediction. With cross-entropy added, the performance of prediction models is improved by an average of 2.8% in F1-score.

We report a an experimental study of device-independent quantum random number generation based on an detection-loophole free Bell test with entangled photons. After considering statistical fluctuations and applying an 80 Gb × 45.6 Mb Toeplitz matrix hashing, we achieve a final random bit rate of 114 bits/s, with a failure probability less than 10-5.

Todays analyzing web weaknesses and vulnerabilities in order to find security attacks has become more urgent. In case there is a communication contrary to the system security policies, a covert channel has been created. The attacker can easily disclosure information from the victim's system with just one public access permission. Covert timing channels, unlike covert storage channels, do not have memory storage and they draw less attention. Different methods have been proposed for their identification, which generally benefit from the shape of traffic and the channel's regularity. In this article, an entropy-based detection method is designed and implemented. The attacker can adjust the amount of channel entropy by controlling measures such as changing the channel's level or creating noise on the channel to protect from the analyst's detection. As a result, the entropy threshold is not always constant for detection. By comparing the entropy from different levels of the channel and the analyst, we conclude that the analyst must investigate traffic at all possible levels.

Covert channels are used to hidden transmit information and violate the security policy. What is more it is possible to construct covert channel in such manner that protection system is not able to detect it. IP timing covert channels are objects for research in the article. The focus of the paper is the research of how one can counteract an information leakage by dummy traffic generation. The covert channel capacity formula has been obtained in case of counteraction. In conclusion, the examples of counteraction tool parameter calculation are given.

The purpose of this research is to propose a new mathematical model, designed to evaluate the security of cryptosystems. This model is a mixture of ideas from two basic mathematical theories, information theory and game theory. The role of information theory is assigning the model with security criteria of the cryptosystems. The role of game theory was to produce the value of the game which is representing the outcome of these criteria, which finally refers to cryptosystem's security. The proposed model support an accurate and mathematical way to evaluate the security of cryptosystems by unifying the criteria resulted from information theory and produce a unique reasonable value.

Despite recent regulations and growing user awareness, undesired browser tracking is increasing. In addition to cookies, browser fingerprinting is a stateless technique that exploits a device's configuration for tracking purposes. In particular, browser fingerprinting builds on attributes made available from Javascript and HTTP headers to create a unique and stable fingerprint. For example, browser plugins have been heavily exploited by state-of-the-art browser fingerprinters as a rich source of entropy. However, as browser vendors abandon plugins in favor of extensions, fingerprinters will adapt. We present FP-TESTER, an approach to automatically test the effectiveness of browser fingerprinting countermeasure extensions. We implement a testing toolkit to be used by developers to reduce browser fingerprintability. While countermeasures aim to hinder tracking by changing or blocking attributes, they may easily introduce subtle side-effects that make browsers more identifiable, rendering the extensions counterproductive. FP-TESTER reports on the side-effects introduced by the countermeasure, as well as how they impact tracking duration from a fingerprinter's point-of-view. To the best of our knowledge, FP-TESTER is the first tool to assist developers in fighting browser fingerprinting and reducing the exposure of end-users to such privacy leaks.