Biblio

In this paper, we propose a new ordered statistics decoding (OSD) for linear block codes, which is referred to as local constraint-based OSD (LC-OSD). Distinguished from the conventional OSD, which chooses the most reliable basis (MRB) for re-encoding, the LC-OSD chooses an extended MRB on which local constraints are naturally imposed. A list of candidate codewords is then generated by performing a serial list Viterbi algorithm (SLVA) over the trellis specified with the local constraints. To terminate early the SLVA for complexity reduction, we present a simple criterion which monitors the ratio of the bound on the likelihood of the unexplored candidate codewords to the sum of the hard-decision vector’s likelihood and the up-to-date optimal candidate’s likelihood. Simulation results show that the LC-OSD can have a much less number of test patterns than that of the conventional OSD but cause negligible performance loss. Comparisons with other complexity-reduced OSDs are also conducted, showing the advantages of the LC-OSD in terms of complexity.

Nowadays, improving the reliability and security of the transmitted data has gained more attention with the increase in emerging power-limited and lightweight communication devices. Also, the transmission needs to meet specific latency requirements. Combining data encryption and encoding in one physical layer block has been exploited to study the effect on security and latency over traditional sequential data transmission. Some of the current works target secure error-correcting codes that may be candidates for post-quantum computing. However, modifying the popularly used channel coding techniques to guarantee secrecy and maintain the same error performance and complexity at the decoder is challenging since the structure of the channel coding blocks is altered which results in less optimal decoding performance. Also, the redundancy nature of the error-correcting codes complicates the encryption method. In this paper, we briefly review the proposed security schemes on Turbo codes. Then, we propose a secure turbo code design and compare it with the relevant security schemes in the literature. We show that the proposed method is more secure without adding complexity.

Nowadays, network information security is of great concern, and the measurement of the trustworthiness of terminal devices is of great significance to the security of the entire network. The measurement method of terminal device security trust still has the problems of high complexity, lack of universality. In this paper, the device fingerprint library of device access network terminal devices is first established through the device fingerprint mixed collection method; Secondly, the software and hardware features of the device fingerprint are used to increase the uniqueness of the device identification, and the multi- dimensional standard metric is used to measure the trustworthiness of the terminal device; Finally, Block chain technology is used to store the fingerprint and standard model of network access terminal equipment on the chain. To improve the security level of network access devices, a device access method considering the trust of terminal devices from multiple perspectives is implemented.

The botnet-based network assault are one of the most serious security threats overlay the Internet this day. Although significant progress has been made in this region of research in recent years, it is still an ongoing and challenging topic to virtually direction the threat of botnets due to their continuous evolution, increasing complexity and stealth, and the difficulties in detection and defense caused by the limitations of network and system architectures. In this paper, we propose a novel and efficient botnet detection method, and the results of the detection method are validated with the CTU-13 dataset.

This paper presents CaptchaGG, a model for recognizing linear graphical CAPTCHAs. As in the previous society, CAPTCHA is becoming more and more complex, but in some scenarios, complex CAPTCHA is not needed, and usually, linear graphical CAPTCHA can meet the corresponding functional scenarios, such as message boards of websites and registration of accounts with low security. The scheme is based on convolutional neural networks for feature extraction of CAPTCHAs, recurrent neural forests A neural network that is too complex will lead to problems such as difficulty in training and gradient disappearance, and too simple will lead to underfitting of the model. For the single problem of linear graphical CAPTCHA recognition, the model which has a simple architecture, extracting features by convolutional neural network, sequence modeling by recurrent neural network, and finally classification and recognition, can achieve an accuracy of 96% or more recognition at a lower complexity.

In this work, we consider the application of the nonstationary channel polarization theory on the wiretap channel model with non-stationary blocks. Particularly, we present a time-bit coding scheme which is a secure polar codes that constructed on the virtual bit blocks by using the non-stationary channel polarization theory. We have proven that this time-bit coding scheme achieves reliability, strong security and the secrecy capacity. Also, compared with regular secure polar coding methods, our scheme has a lower coding complexity for non-stationary channel blocks.

A long-standing open question in computational learning theory is to prove NP-hardness of learning efficient programs, the setting of which is in between proper learning and improper learning. Ko (COLT’90, SICOMP’91) explicitly raised this open question and demonstrated its difficulty by proving that there exists no relativizing proof of NP-hardness of learning programs. In this paper, we overcome Ko’s relativization barrier and prove NP-hardness of learning programs under randomized polynomial-time many-one reductions. Our result is provably non-relativizing, and comes somewhat close to the parameter range of improper learning: We observe that mildly improving our inapproximability factor is sufficient to exclude Heuristica, i.e., show the equivalence between average-case and worst-case complexities of N P. We also make progress on another long-standing open question of showing NP-hardness of the Minimum Circuit Size Problem (MCSP). We prove NP-hardness of the partial function variant of MCSP as well as other meta-computational problems, such as the problems MKTP* and MINKT* of computing the time-bounded Kolmogorov complexity of a given partial string, under randomized polynomial-time reductions. Our proofs are algorithmic information (a.k. a. Kolmogorov complexity) theoretic. We utilize black-box pseudorandom generator constructions, such as the Nisan-Wigderson generator, as a one-time encryption scheme secure against a program which “does not know” a random function. Our key technical contribution is to quantify the “knowledge” of a program by using conditional Kolmogorov complexity and show that no small program can know many random functions.

Adversarial attacks have recently been proposed to scrutinize the security of deep neural networks. Most blackbox adversarial attacks, which have partial access to the target through queries, are target-specific; e.g., they require a well-trained surrogate that accurately mimics a given target. In contrast, target-agnostic black-box attacks are developed to attack any target; e.g., they learn a generalized surrogate that can adapt to any target via fine-tuning on samples queried from the target. Despite their success, current state-of-the-art target-agnostic attacks require tremendous fine-tuning steps and consequently an immense number of queries to the target to generate successful attacks. The high query complexity of these attacks makes them easily detectable and thus defendable. We propose a novel query-efficient target-agnostic attack that trains a generalized surrogate network to output the adversarial directions iv.r.t. the inputs and equip it with an effective fine-tuning strategy that only fine-tunes the surrogate when it fails to provide useful directions to generate the attacks. Particularly, we show that to effectively adapt to any target and generate successful attacks, it is sufficient to fine-tune the surrogate with informative samples that help the surrogate get out of the failure mode with additional information on the target’s local behavior. Extensive experiments on CIFAR10 and CIFAR-100 datasets demonstrate that the proposed target-agnostic approach can generate highly successful attacks for any target network with very few fine-tuning steps and thus significantly smaller number of queries (reduced by several order of magnitudes) compared to the state-of-the-art baselines.

The globalization of the integrated circuit (IC) manufacturing industry has lured the adversary to come up with numerous malicious activities in the IC supply chain. Logic locking has risen to prominence as a proactive defense strategy against such threats. CAS-Lock (proposed in CHES'20), is an advanced logic locking technique that harnesses the concept of single-point function in providing SAT-attack resiliency. It is claimed to be powerful and efficient enough in mitigating existing state-of-the-art attacks against logic locking techniques. Despite the security robustness of CAS-Lock as claimed by the authors, we expose a serious vulnerability and by exploiting the same we devise a novel attack algorithm against CAS-Lock. The proposed attack can not only reveal the correct key but also the exact AND/OR structure of the implemented CAS-Lock design along with all the key gates utilized in both the blocks of CAS-Lock. It simply relies on the externally observable Distinguishing Input Patterns (DIPs) pertaining to a carefully chosen key simulation of the locked design without the requirement of structural analysis of any kind of the locked netlist. Our attack is successful against various AND/OR cascaded-chain configurations of CAS-Lock and reports 100% success rate in recovering the correct key. It has an attack complexity of \$\textbackslashmathcalO(m)\$, where \$m\$ denotes the number of DIPs obtained for an incorrect key simulation.

Steganography is the technique of hiding a confidential message in an ordinary message where the extraction of embedded information is done at its destination. Among the different carrier files formats; digital images are the most popular. This paper presents a Wavelet-based method for hiding secret information in digital images where skin areas are identified and used as a region of interest. The work presented here is an extension of a method published earlier by the authors that utilized a rule-based approach to detect skin regions. The proposed method, proposed embedding the secret data into the integer Wavelet coefficients of the approximation sub-band of the cover image. When compared to the original technique, experimental results showed a lower error percentage between skin maps detected before the embedding and during the extraction processes. This eventually increased the similarity between the original and the retrieved secret image.

In this paper we propose a novel integrated DC/DC converter featuring a single-input-multiple-output architecture for emerging System-on-Chip applications to improve load transient response and power side-channel security. The converter is able to provide multiple outputs ranging from 0.3V to 0.92V using a global 1V input. By using modularized circuit blocks, the converter can be extended to provide higher power or more outputs with minimal design complexity. Performance metrics including power efficiency and load transient response can be well maintained as well. Implemented in 32nm technology, single output efficiency can reach to 88% for the post layout models. By enabling delay blocks and circuits sharing, the Pearson correlation coefficient of input and output can be reduced to 0.1 under rekeying test. The reference voltage tracking speed is up to 31.95 V/μs and peak load step response is 53 mA/ns. Without capacitors, the converter consumes 2.85 mm2 for high power version and only 1.4 mm2 for the low power case.

With the growing number of IoT applications and devices, IoT security breaches are a dangerous reality. Cost pressure and complexity of security tests for embedded systems and networked infrastructure are often the excuse for skipping them completely. In our paper we introduce SecLab security test lab to overcome that problem. Based on a flexible and lightweight architecture, SecLab allows developers and IoT security specialists to harden their systems with a low entry hurdle. The open architecture supports the reuse of existing external security test libraries and scalability for the assessment of complex IoT Systems. A reference implementation of security tests in a realistic IoT application scenario proves the approach.

The purpose of this research work is to develop an approach based on risk management with a view to provide managers and decision-makers with assistance and appropriate guidelines to combine Lean and Green in a successful and integrated way. Risk cannot be managed if not well-identified; hence, a classification of supply chain risks in a Lean Green context was provided. Subsequently to risk identification an approach based on Weighted Product Method (WPM) was proposed; for risk assessment and prioritization, for its ease of use, flexibility and board adaptability. The output of this analysis provides visibility about organization's position toward desired performance and underlines crucial risks to be addressed which marks the starting point of the way to performance improvement. A case study was introduced to demonstrate the applicability and relevance of the developed framework.

It is well-known that the most existing machine learning (ML)-based safety-critical applications are vulnerable to carefully crafted input instances called adversarial examples (AXs). An adversary can conveniently attack these target systems from digital as well as physical worlds. This paper aims to the generation of robust physical AXs against face recognition systems. We present a novel smoothness loss function and a patch-noise combo attack for realizing powerful physical AXs. The smoothness loss interjects the concept of delayed constraints during the attack generation process, thereby causing better handling of optimization complexity and smoother AXs for the physical domain. The patch-noise combo attack combines patch noise and imperceptibly small noises from different distributions to generate powerful registration-based physical AXs. An extensive experimental analysis found that our smoothness loss results in robust and more transferable digital and physical AXs than the conventional techniques. Notably, our smoothness loss results in a 1.17 and 1.97 times better mean attack success rate (ASR) in physical white-box and black-box attacks, respectively. Our patch-noise combo attack furthers the performance gains and results in 2.39 and 4.74 times higher mean ASR than conventional technique in physical world white-box and black-box attacks, respectively.

Unmanned autonomous vehicles (UAVs) have been receiving high interest lately due to their wide range of potential deployment options that can touch all aspects of our life and economy, such as transportation, delivery, healthcare, surveillance. However, UAVs have also introduced many new vulnerabilities and attack surfaces that can be exploited by cyberattacks. Due to their complexity, autonomous operations, and being relatively new technologies, cyberattacks can be persistent, complex, and can propagate rapidly to severely impact the main UAV functions such as mission management, support, processing operations, maneuver operations, situation awareness. Furthermore, such cyberattacks can also propagate among other UAVs or even their control stations and may even endanger human life. Hence, we need self-protection techniques with an autonomic management approach. In this paper we present our approach to implement self-protection of UAVs (SP-UAV) such that they can continue their critical functions despite cyberattacks targeting UAV operations or services. We present our design approach and implementation using a unified management interface based on three ports: Configuration, observer, and control ports. We have implemented the SP-UAV using C and demonstrated using different attack scenarios how we can apply autonomic responses without human involvement to tolerate cyberattacks against the UAV operations.

Acoustic wave (AW) synthesis methodologies have become popular among AW filter designers because they provide a fast and precise seed to start with the design of AW devices. Nowadays, with the increasing complexity of carrier aggregation, there is a strong necessity to develop synthesis methods more focused on multiport filtering schemes. However, when dealing with multiport filtering functions, numerical accuracy plays an important role to succeed with the synthesis process since polynomial degrees are much higher as compared to the standalone filter case. In addition to polynomial degree, the number set of polynomial coefficients is also an important source of error during the extraction of the circuital elements of the filter. Nonetheless, in this paper is demonstrated that coupling matrix approaches are the best choice when the objective is to synthesize filtering functions with complex roots in their characteristic polynomials, which is the case of the channel polynomials of the multiport device.

We are interested in the design of generative networks. The training of these mathematical structures is mostly performed with the help of adversarial (min-max) optimization problems. We propose a simple methodology for constructing such problems assuring, at the same time, consistency of the corresponding solution. We give characteristic examples developed by our method, some of which can be recognized from other applications, and some are introduced here for the first time. We present a new metric, the likelihood ratio, that can be employed online to examine the convergence and stability during the training of different Generative Adversarial Networks (GANs). Finally, we compare various possibilities by applying them to well-known datasets using neural networks of different configurations and sizes.

Currently, the increasing complexity of DDoS attacks makes it difficult for modern security systems to track them. Machine learning techniques are increasingly being used in such systems as they are well established. However, a new problem arose: the creation of informative datasets. Generative adversarial networks can help create large, high-quality datasets for machine learning training. The article discusses the issue of using generative adversarial networks to generate new patterns of network attacks for the purpose of their further use in training.

Many popular metrics used for the quantification of the quality or complexity of a codebase (e.g. cyclomatic complexity) were developed in the 1970s or 1980s when source code sizes were significantly smaller than they are today, and before a number of modern programming language features were introduced in different languages. Thus, the many thresholds that were suggested by researchers for deciding whether a given function is lacking in a given quality dimension need to be updated. In the pursuit of this goal, we study a number of open-source high-performance codes, each of which has been in development for more than 15 years—a characteristic which we take to imply good design to score them in terms of their source codes' quality and to relax the above-mentioned thresholds. First, we employ the LLVM/Clang compiler infrastructure and introduce a Clang AST tool to gather AST-based metrics, as well as an LLVM IR pass for those based on a source code's static call graph. Second, we perform statistical analysis to identify the reference thresholds of 22 code quality and callgraph-related metrics at a fine grained level.

An effective response against information security violations in the technical systems remains relevant challenge nowadays, when their number, complexity, and the level of possible losses are growing. The violation can be caused by the set of the intruder's consistent actions. In the area of countermeasure selection for a proactive and reactive response against security violations, there are a large number of techniques. The techniques based on graph models seem to be promising. These models allow representing the set of actions caused the violation. Their advantages include the ability to forecast violations for timely decision-making on the countermeasures, as well as the ability to analyze and consider the coverage of countermeasures in terms of steps caused the violation. The paper proposes and describes a decision support method for responding against information security violations in the technical systems based on the graph models, as well as the developed models, including the countermeasure model and the graph representing the set of actions caused the information security violation.

This paper investigates the impact of the delay resulting from a blockchain, a promising security measure, for a hierarchical control system of inverters connected to the grid. The blockchain communication network is designed at the secondary control layer for resilience against cyberattacks. To represent the latency in the communication channel, a model is developed based on the complexity of the blockchain framework. Taking this model into account, this work evaluates the plant’s performance subject to communication delays, introduced by the blockchain, among the hierarchical control agents. In addition, this article considers an optimal model-based control strategy that performs the system’s internal control loop. The work shows that the blockchain’s delay size influences the convergence of the power supplied by the inverter to the reference at the point of common coupling. In the results section, real-time simulations on OPAL-RT are performed to test the resilience of two parallel inverters with increasing blockchain complexity.

In Cloud Computing, a wide range of virtual platforms are integrated and offer users a flexible pay-as-you-need service. Compared to conventional computing systems, the provision of an acceptable degree of resilience to cloud services is a daunting challenge due to the complexities of the cloud environment and the need for efficient technology that could sustain cloud advantages over other technologies. For a cloud guest resilience service solution, we provide architectural design, installation specifics, and performance outcomes throughout this article. Virtual Machine Manager (VMM) enables execution statistical test of the virtual machine states to be monitored and avoids to reach faulty states.

Existing security models are highly linear and fail to capture the rich interactions that occur across security technology, infrastructure, cybersecurity, and human/organizational components. In this work, we will leverage insights from resilience science, complex system theory, and network theory to develop a next-generation security model based on these interactions to address challenges in complex, nonlinear risk environments and against innovative and disruptive technologies. Developing such a model is a key step forward toward a dynamic security paradigm (e.g., shifting from detection to anticipation) and establishing the foundation for designing next-generation physical security systems against evolving threats in uncontrolled or contested operational environments.

Mobile devices have been widely used to deploy security-sensitive applications such as mobile payments, mobile offices etc. SM2 digital signature technology is critical in these applications to provide the protection including identity authentication, data integrity, action non-repudiation. Since mobile devices are prone to being stolen or lost, several server-aided SM2 cooperative signature schemes have been proposed for the mobile scenario. However, existing solutions could not well fit the high-concurrency scenario which needs lightweight computation and communication complexity, especially for the server sides. In this paper, we propose a SM2 cooperative signature algorithm (SM2-CSA) for the high-concurrency scenario, which involves only one-time client-server interaction and one elliptic curve addition operation on the server side in the signing procedure. Theoretical analysis and practical tests shows that SM2-CSA can provide better computation and communication efficiency compared with existing schemes without compromising the security.

In this paper, we investigate how to automatically persist versioned data structures in distributed settings (e.g. cloud + edge) using append-only storage. By doing so, we facilitate resiliency by enabling program state to survive program activations and termination, and program-level data structures and their version information to be accessed programmatically by multiple clients (for replay, provenance tracking, debugging, and coordination avoidance, and more). These features are useful in distributed, failure-prone contexts such as those for heterogeneous and pervasive Internet of Things (IoT) deployments. We prototype our approach within an open-source, distributed operating system for IoT. Our results show that it is possible to achieve algorithmic complexities similar to those of in-memory versioning but in a distributed setting.