Biblio

Advances in new Communication and Information innovations has led to a new paradigm known as Internet of Things (IoT). Healthcare environment uses IoT technologies for Patients care which can be used in various medical applications. Patient information is encrypted consistently to maintain the access of therapeutic records by authoritative entities. Healthcare Internet of Things (HIoT) facilitate the access of Patient files immediately in emergency situations. In the proposed system, the Patient directly provides the Key to the Doctor in normal care access. In Emergency care, a Patient shares an Attribute based Key with a set of Emergency Supporting Representatives (ESRs) and access permission to the Doctor for utilizing Emergency key from ESR. The Doctor decrypts the medical records by using Attribute based key and Emergency key to save the Patient's life. The proposed model Secure Information Retrieval using Lightweight Cryptography (SIRLC) reduces the secret key generation time and cipher text size. The performance evaluation indicates that SIRLC is a better option to utilize in Healthcare IoT than Lightweight Break-glass Access Control(LiBAC) with enhanced security and reduced computational complexity.

The problems of random numbers application to the information security of data, communication lines, computer units and automated driving systems are considered. The possibilities for making up quantum generators of random numbers and existing solutions for acquiring of sufficiently random sequences are analyzed. The authors found out the method for the creation of quantum generators on the basis of semiconductor electronic components. The electron-quantum generator based on electrons tunneling is experimentally demonstrated. It is shown that it is able to create random sequences of high security level and satisfying known NIST statistical tests (P-Value\textbackslashtextgreater0.9). The generator created can be used for formation of both closed and open cryptographic keys in computer systems and other platforms and has great potential for realization of random walks and probabilistic computing on the basis of neural nets and other IT problems.

The current paper proposes a method to combine the theoretical concepts of the parallel processing created by the DNA computing and GA environments, with the effectiveness novel mechanism of the distinction and discover of the cryptosystem keys. Three-level contributions to the current work, the first is the adoption of a final key sequence mechanism by the principle of interconnected sequence parts, the second to exploit the principle of the parallel that provides GA in the search for the counter value of the sequences of the challenge to the mechanism of the discrimination, the third, the most important and broadening the breaking of the cipher, is the harmony of the principle of the parallelism that has found via the DNA computing to discover the basic encryption key. The proposed method constructs a combined set of files includes binary sequences produced from substitution of the guess attributes of the binary equations system of the cryptosystem, as well as generating files that include all the prospects of the DNA strands for all successive cipher characters, the way to process these files to be obtained from the first character file, where extract a key sequence of each sequence from mentioned file and processed with the binary sequences that mentioned the counter produced from GA. The aim of the paper is exploitation and implementation the theoretical principles of the parallelism that providing via biological environment with the new sequences recognition mechanism in the cryptanalysis.

Access authentication is a key technology to identify the legitimacy of mobile users when accessing the space-ground integrated networks (SGIN). A hierarchical identity-based signature over lattice (L-HIBS) based mobile access authentication mechanism is proposed to settle the insufficiencies of existing access authentication methods in SGIN such as high computational complexity, large authentication delay and no-resistance to quantum attack. Firstly, the idea of hierarchical identity-based cryptography is introduced according to hierarchical distribution of nodes in SGIN, and a hierarchical access authentication architecture is built. Secondly, a new L-HIBS scheme is constructed based on the Small Integer Solution (SIS) problem to support the hierarchical identity-based cryptography. Thirdly, a mobile access authentication protocol that supports bidirectional authentication and shared session key exchange is designed with the aforementioned L-HIBS scheme. Results of theoretical analysis and simulation experiments suggest that the L-HIBS scheme possesses strong unforgeability of selecting identity and adaptive selection messages under the standard security model, and the authentication protocol has smaller computational overhead and shorter private keys and shorter signature compared to given baseline protocols.

Vehicular networks are susceptible to variety of attacks such as denial of service (DoS) attack, sybil attack and false alert generation attack. Different cryptographic methods have been proposed to protect vehicular networks from these kind of attacks. However, cryptographic methods have been found to be less effective to protect from insider attacks which are generated within the vehicular network system. Misbehavior detection system is found to be more effective to detect and prevent insider attacks. In this paper, we propose a machine learning based misbehavior detection system which is trained using datasets generated through extensive simulation based on realistic vehicular network environment. The simulation results demonstrate that our proposed scheme outperforms previous methods in terms of accurately identifying various misbehavior.

As the next generation of the power system, smart grid develops towards automated and intellectualized. Along with the benefits brought by smart grids, e.g., improved energy conversion rate, power utilization rate, and power supply quality, are the security challenges. One of the most important issues in smart grids is to ensure reliable communication between the secondary equipment. The state-of-art method to ensure smart grid security is to detect cyber attacks by deep learning. However, due to the small number of negative samples, the performance of the detection system is limited. In this paper, we propose a novel approach that utilizes the Generative Adversarial Network (GAN) to generate abundant negative samples, which helps to improve the performance of the state-of-art detection system. The evaluation results demonstrate that the proposed method can effectively improve the performance of the detection system by 4%.

We consider some approaches to the construction of lightweight block ciphers and introduce the definitions for "index of strong nonlinearity" and "index of perfection". For PRESENT, MIDORI, SKINNY, CLEFIA, LILLIPUT mixing and nonlinear properties were evaluated. We obtain the exact values of the exponents for mixing matrices of round functions and the upper bounds for indexes of perfection and strong nonlinearity. It was determined by the experiment that each coordinate function of output block is nonlinear during 500 rounds. We propose the algorithmic realization of 16×16 S-box based on the modified additive generator with lightweight cipher SPECK as a modification which does not demand memory for storage huge substitution tables. The best value of the differential characteristic of such S-box is 18/216, the minimal nonlinearity degree of coordinate functions is equal to 15 and the minimal linear characteristic is 788/215.

This article presents a consensus based distributed energy management optimization algorithm for an islanded microgrid. With the rapid development of renewable energy and distributed generation (DG) energy management is becoming more and more distributed. To solve this problem a multi-agent system based distributed solution is designed in this work which uses lambda-iteration method to solve optimization problem. Moreover, the algorithm is fully distributed and transmission losses are also considered in the modeling process which enhanced the practicality of proposed work. Simulations are performed for different cases on 8-bus microgrid to show the effectiveness of algorithm. Moreover, a scalability test is performed at the end to further justify the expandability performance of algorithm for more advanced networks.

Networks have evolved very rapidly, which allow secret data transformation speedily through the Internet. However, the security of secret data has posed a serious threat due to openness of these networks. Thus, researchers draw their attention on cryptography field for this reason. Due to the traditional cryptographic techniques which are vulnerable to intruders nowadays. Deoxyribonucleic Acid (DNA) considered as a promising technology for cryptography field due to extraordinary data density and vast parallelism. With the help of the various DNA arithmetic and biological operations are also Blum Blum Shub (BBS) generator, a multi-level of DNA encryption algorithm is proposed here. The algorithm first uses the dynamic key generation to encrypt sensitive information as a first level; second, it uses BBS generator to generate a random DNA sequence; third, the BBS-DNA sequence spliced with a DNA Gen Bank reference to produce a new DNA reference. Then, substitution, permutation, and dynamic key are used to scramble the new DNA reference nucleotides locations. Finally, for further enhanced security, an injective mapping is established to combine encrypted information with encrypted DNA reference using Knight tour movement in Hadamard matrix. The National Institute of Standard and Technology (NIST) tests have been used to test the proposed algorithm. The results of the tests demonstrate that they effectively passed all the randomness tests of NIST which means they can effectively resist attack operations.

The adoption of Internet of Things (IoT) technology is increasing at a fast rate. With improving software technologies and growing security threats, there is always a need to upgrade the firmware in the IoT devices. Digital signatures are an integral part of digital communication to cope with the threat of these devices being exploited by attackers to run malicious commands, codes or patches on them. Digital Signatures measure the authenticity of the transmitted data as well as are a source of record keeping (repudiation). This study proposes the adoption of Lamport signature scheme, which is quantum resistant, for authentication of data transmission and its feasibility in IoT devices.

The network attack graph is a powerful tool for analyzing network security, but the generation of a large-scale graph is non-trivial. The main challenge is from the explosion of network state space, which greatly increases time and storage costs. In this paper, three parallel algorithms are proposed to generate scalable attack graphs. An OpenMP-based programming implementation is used to test their performance. Compared with the serial algorithm, the best performance from the proposed algorithms provides a 10X speedup.

Deterministic chaotic systems have been studied and developed in various fields of research. Dynamical systems with chaotic dynamics have different applications in communication, security and computation. Chaotic behaviors can be created by even simple nonlinear systems which can be implemented on low-cost hardware platforms. This paper presents a high-speed and low-cost hardware of three-dimensional chaotic flows without equilibrium. The proposed chaotic hardware is able to reproduce the main mechanism and dynamical behavior of the 3D chaotic flows observed in simulation, then a Chaotic Pseudo Random Number Generator is designed based on a 3D chaotic system. The proposed hardware is implemented with low computational overhead on an FPGA board, as a proof of concept. This low-cost chaotic hardware can be utilized in embedded and lightweight systems for a variety of chaotic based digital systems such as digital communication systems, and cryptography systems based on chaos theory for Security and IoT applications.

A process of critical transmission lines identification in presented here. The criticality is based on network flow, which is essential for power grid connectivity monitoring as well as vulnerability assessment. The proposed method can be utilized as a supplement of traditional situational awareness tool in the energy management system of the power grid control center. At first, a flow network is obtained from topological as well as functional features of the power grid. Then from the duality property of a linear programming problem, the maximum flow problem is converted to a minimum cut problem. Critical transmission lines are identified as a solution of the dual problem. An overall set of transmission lines are identified from the solution of the network flow problem. Simulation of standard IEEE test cases validates the application of the method in finding critical transmission lines of the power grid.

Traditionally, power grid vulnerability assessment methods are separated to the study of nodes vulnerability and edges vulnerability, resulting in the evaluation results are not accurate. A framework for vulnerability assessment is still required for power grid. Thus, this paper proposes a universal method for vulnerability assessment of power grid by establishing a complex network model with uniform weight of nodes and edges. The concept of virtual edge is introduced into the distinct weighted complex network model of power system, and the selection function of edge weight and virtual edge weight are constructed based on electrical and physical parameters. In addition, in order to reflect the electrical characteristics of power grids more accurately, a weighted betweenness evaluation index with transmission efficiency is defined. Finally, the method has been demonstrated on the IEEE 39 buses system, and the results prove the effectiveness of the proposed method.

Due to expansion of Internet and huge dataset, many organizations started to use cloud. Cloud Computing moves the application software and databases to the centralized large data centers, where the management of the data and services may not be fully trustworthy. Due to this cloud faces many threats. In this work, we study the problem of ensuring the integrity of data storage in Cloud Computing. To reduce the computational cost at user side during the integrity verification of their data, the notion of public verifiability has been proposed. Our approach is to create a new entity names Cloud Service Controller (CSC) which will help us to reduce the trust on the Third Party Auditor (TPA). We have strengthened the security model by using AES Encryption with SHA-S12 & tag generation. In this paper we get a brief introduction about the file upload phase, integrity of the file & Proof of Retrievability of the file.

This paper proposes the design of a security policy translator in Interface to Network Security Functions (I2NSF) framework. Also, this paper shows the benefits of designing security policy translations. I2NSF is an architecture for providing various Network Security Functions (NSFs) to users. I2NSF user should be able to use NSF even if user has no overall knowledge of NSFs. Generally, policies which are generated by I2NSF user contain abstract data because users do not consider the attributes of NSFs when creating policies. Therefore, the I2NSF framework requires a translator that automatically finds the NSFs which is required for policy when Security Controller receives a security policy from the user and translates it for selected NSFs. We satisfied the above requirements by modularizing the translator through Automata theory.

While the rapid adaptation of mobile devices changes our daily life more conveniently, the threat derived from malware is also increased. There are lots of research to detect malware to protect mobile devices, but most of them adopt only signature-based malware detection method that can be easily bypassed by polymorphic and metamorphic malware. To detect malware and its variants, it is essential to adopt behavior-based detection for efficient malware classification. This paper presents a system that classifies malware by using common behavioral characteristics along with malware families. We measure the similarity between malware families with carefully chosen features commonly appeared in the same family. With the proposed similarity measure, we can classify malware by malware's attack behavior pattern and tactical characteristics. Also, we apply community detection algorithm to increase the modularity within each malware family network aggregation. To maintain high classification accuracy, we propose a process to derive the optimal weights of the selected features in the proposed similarity measure. During this process, we find out which features are significant for representing the similarity between malware samples. Finally, we provide an intuitive graph visualization of malware samples which is helpful to understand the distribution and likeness of the malware networks. In the experiment, the proposed system achieved 97% accuracy for malware classification and 95% accuracy for prediction by K-fold cross-validation using the real malware dataset.

Blum-Blum-Shub (BBS) is a less complex pseudorandom number generator (PRNG) that requires very large modulus and a squaring operation for the generation of each bit, which makes it computationally heavy and slow. On the other hand, the concept of elliptic curve (EC) point operations has been extended to PRNGs that prove to have good randomness properties and reduced latency, but exhibit dependence on the secrecy of point P. Given these pros and cons, this paper proposes a new BBS-ECPRNG approach such that the modulus is the product of two elliptic curve points, both primes of length, and the number of bits extracted per iteration is by binary fraction. We evaluate the algorithm performance by generating 1000 distinct sequences of 106bits each. The results were analyzed based on the overall performance of the sequences using the NIST standard statistical test suite. The average performance of the sequences was observed to be above the minimum confidence level of 99.7 percent and successfully passed all the statistical properties of randomness tests.

Scan design is a universal design for test (DFT) technology to increase the observability and controllability of the circuits under test by using scan chains. However, it also leads to a potential security problem that attackers can use scan design as a backdoor to extract confidential information. Researchers have tried to address this problem by using secure scan structures that usually have some keys to confirm the identities of users. However, the traditional methods to store intermediate data or keys in memory are also under high risk of being attacked. In this paper, we propose a dynamic-key secure DFT structure that can defend scan-based and memory attacks without decreasing the system performance and the testability. The main idea is to build a scan design key generator that can generate the keys dynamically instead of storing and using keys in the circuit statically. Only specific patterns derived from the original test patterns are valid to construct the keys and hence the attackers cannot shift in any other patterns to extract correct internal response from the scan chains or retrieve the keys from memory. Analysis results show that the proposed method can achieve a very high security level and the security level will not decrease no matter how many guess rounds the attackers have tried due to the dynamic nature of our method.

The identification of transmission sections is used to improve the efficiency of monitoring the operation of the power grid. In order to test the validity of transmission sections identified, an assessment process is necessary. In addition, Transmission betweenness, an index for finding the key transmission lines in the power grid, should also be verified. In this paper, chain attack is assumed to check the weak links in the grid, thus verifying the transmission betweenness implemented for the system. Moreover, the line outage distribution factors (LODFs) are used to quantify the change of power flow when the leading line in transmission sections breaks down, so that the validity of transmission sections can be proved. Case studies based on IEEE 39 and IEEE 118 -bus system proved the effectiveness of the proposed method.

Cryptographic applications need high-quality random number generator (RNG) for strong security and privacy measures. This paper presents RNG based on a hydrogen gas sensor that is fabricated by using microfabrication techniques. The proposed approach extracts the thermal noise information as an entropy source from the gas sensor that is non-deterministic during its operation and using hash function SHA-256 as post processing. This non-deterministic noise is then processed to acquire a random number set fulfilling the NIST 800-22 statistical randomness test suite and it demonstrates that a gas sensor based RNG can provide high-quality random numbers. Secure data transfer is possible by having this method directly without any other hardware where hydrogen gas sensor needs to be used such as petrochemical field, fuel cells, and nuclear reactors.

This paper is concerned with three ensembles of systematic low density generator matrix (LDGM) codes, all of which were provably capacity-achieving in terms of bit error rate (BER). This, however, does not necessarily imply that they achieve the capacity in terms of frame error rate (FER), as seen from a counterexample constructed in this paper. We then show that the first and second ensembles are capacity-achieving under list decoding over binary-input output symmetric (BIOS) memoryless channels. We point out that, in principle, the equivocation due to list decoding can be removed with negligible rate loss by the use of the concatenated codes. Simulation results show that the considered convolutional (spatially-coupled) LDGM code is capacity-approaching with an iterative belief propagation decoding algorithm.

In this work, the unknown cyber-attacks on cyber-physical systems are reconstructed using sliding mode differentiation techniques in concert with the sparse recovery algorithm, when only several unknown attacks out of a long list of possible attacks are considered non-zero. The approach is applied to a model of the electric power system, and finally, the efficacy of the proposed techniques is illustrated via simulations of a real electric power system.

In spite of being a promising technology which will make our lives a lot easier we cannot be oblivious to the fact IoT is not safe from online threat and attacks. Thus, along with the growth of IoT we also need to work on its aspects. Taking into account the limited resources that these devices have it is important that the security mechanisms should also be less complex and do not hinder the actual functionality of the device. In this paper, we propose an ECC based lightweight authentication for IoT devices which deploy RFID tags at the physical layer. ECC is a very efficient public key cryptography mechanism as it provides privacy and security with lesser computation overhead. We also present a security and performance analysis to verify the strength of our proposed approach.

Malware writers often develop malware with automated measures, so the number of malware has increased dramatically. Automated measures tend to repeatedly use significant modules, which form the basis for identifying malware variants and discriminating malware families. Thus, we propose a novel visualization analysis method for researching malware similarity. This method converts malicious Windows Portable Executable (PE) files into local entropy images for observing internal features of malware, and then normalizes local entropy images into entropy pixel images for malware classification. We take advantage of the Jaccard index to measure similarities between entropy pixel images and the k-Nearest Neighbor (kNN) classification algorithm to assign entropy pixel images to different malware families. Preliminary experimental results show that our visualization method can discriminate malware families effectively.