Biblio

Security plays a major role in data transmission and reception. Providing high security is indispensable in communication systems. The RSA (Rivest-Shamir-Adleman) cryptosystem is used widely in cryptographic applications as it offers highly secured transmission. RSA cryptosystem uses Montgomery multipliers and it involves modular exponentiation process which is attained by performing repeated modular-multiplications. This leads to high latency and owing to improve the speed of multiplier, highly efficient modular multiplication methodology needs to be applied. In the conventional methodology, Carry Save Adder (CSA) is used in the multiplication and it consumes more area and it has larger delay, but in the suggested methodology, the Reverse Carry Propagate (RCP) adder is used in the place of CSA adder and the obtained output shows promising results in terms of area and latency. The simulation is done with Xilinx ISE design suite. The proposed multiplier can be used effectively in signal processing, image processing and security based applications.

With the maturity of Internet of things technology, massive data transmission has become the focus of research. In order to solve the problem of low speed of traditional hybrid data fast distribution algorithm for wireless sensor networks, a hybrid data fast distribution algorithm for wireless sensor networks based on visual Internet of things is designed. The logic structure of mixed data input gate in wireless sensor network is designed through the visual Internet of things. The objective function of fast distribution of mixed data in wireless sensor network is proposed. The number of copies of data to be distributed is dynamically calculated and the message deletion strategy is determined. Then the distribution parameters are calibrated, and the fitness ranking is performed according to the distribution quantity to complete the algorithm design. The experimental results show that the distribution rate of the designed algorithm is significantly higher than that of the control group, which can solve the problem of low speed of traditional data fast distribution algorithm.

With the rapid development of smart grid, the data generated by grid services are growing rapidly, and the requirements for time delay are becoming more and more stringent. The storage and computing capacity of the existing terminal equipment can not meet the needs of high bandwidth and low delay of the system at the same time. Fortunately, mobile edge computing (MEC) can provide users with nearby storage and computing services at the network edge, this can give an option to simultaneously meet the requirement of high bandwidth and low delay. Aiming at the problem of service offload scheduling in edge computing, this paper proposes a delay optimized task offload algorithm based on task priority classification. Firstly, the priority of power grid services is divided by using analytic hierarchy process (AHP), and the processing efficiency and quality of service of emergency tasks are guaranteed by giving higher weight coefficients to delay constraints and security levels. Secondly, the service is initialized and unloaded according to the task preprocessing time. Finally, the reasonable subchannel allocation is carried out based on the task priority design decision method. Simulation results show that compared with the traditional approaches, our algorithm can effectively improve the overall system revenue and reduce the average user task delay.

The construction of a strong and smart grid is inseparable from the advancement of the power system, and the effective application of modern communication technologies allows the traditional grid to better transform into the energy Internet. With the advent of 5G, people pay close attention to the application of network slicing, not only as an emerging technology, but also as a new business model. In this article, we consider the delay requirements of certain services in the power grid. First, we analyze the security issues in network slicing and model the 5G core network slicing supply as a mixed integer linear programming problem. On this basis, a heuristic algorithm is proposed. According to the topological properties, resource utilization and delay of the slice nodes, the importance of them is sorted using the VIKOR method. In the slice link configuration stage, the shortest path algorithm is used to obtain the slice link physical path. Considering the delay of the slice link, a strategy for selecting the physical path is proposed. Simulations show that the scheme and algorithm proposed in this paper can achieve a high slice configuration success rate while ensuring the end-to-end delay requirements of the business, and meet the 5G core network slice security requirements.

This paper studies the use of Supervisory Control Theory to design and implement post-fault restoration schemes in a HVDC grid. Our study focuses on the synthesis of discrete controllers and on the management of variable control rules during the execution of the protection strategy. The resulting supervisory control system can be proven "free of deadlocks" in the sense that designated tasks are always completed.

Internet of Things (IoT) is penetrating into every aspect of our personal lives including our body, our home and our living environment which poses numerous security challenges. The number of heterogeneous connected devices is increasing exponentially in IoT, which in turn increases the attack surface of IoT. This forces the need for uniform, distributed security mechanism which can efficiently detect the attack at faster rate in highly scalable IoT environment. The proposed work satisfies this requirement by providing a security framework which combines Fog computing and Software Defined Networking (SDN). The experimental results depicts the effectiveness in protecting the IoT applications at faster rate

The router's buffer size imposes significant impli-cations on the performance of the network. Network operators nowadays configure the router's buffer size manually and stati-cally. They typically configure large buffers that fill up and never go empty, increasing the Round-trip Time (RTT) of packets significantly and decreasing the application performance. Few works in the literature dynamically adjust the buffer size, but are implemented only in simulators, and therefore cannot be tested and deployed in production networks with real traffic. Previous work suggested setting the buffer size to the Bandwidth-delay Product (BDP) divided by the square root of the number of long flows. Such formula is adequate when the RTT and the number of long flows are known in advance. This paper proposes a system that leverages programmable switches as passive instruments to measure the RTT and count the number of flows traversing a legacy router. Based on the measurements, the programmable switch dynamically adjusts the buffer size of the legacy router in order to mitigate the unnecessary large queuing delays. Results show that when the buffer is adjusted dynamically, the RTT, the loss rate, and the fairness among long flows are enhanced. Additionally, the Flow Completion Time (FCT) of short flows sharing the queue is greatly improved. The system can be adopted in campus, enterprise, and service provider networks, without the need to replace legacy routers.

Nearest neighbor (NN) search is an essential operation in many applications, such as one/few-shot learning and image classification. As such, fast and low-energy hardware support for accurate NN search is highly desirable. Ternary content-addressable memories (TCAMs) have been proposed to accelerate NN search for few-shot learning tasks by implementing \$L\$∞ and Hamming distance metrics, but they cannot achieve software-comparable accuracies. This paper proposes a novel distance function that can be natively evaluated with multi-bit content-addressable memories (MCAMs) based on ferroelectric FETs (Fe-FETs) to perform a single-step, in-memory NN search. Moreover, this approach achieves accuracies comparable to floating-point precision implementations in software for NN classification and one/few-shot learning tasks. As an example, the proposed method achieves a 98.34% accuracy for a 5-way, 5-shot classification task for the Omniglot dataset (only 0.8% lower than software-based implementations) with a 3-bit MCAM. This represents a 13% accuracy improvement over state-of-the-art TCAM-based implementations at iso-energy and iso-delay. The presented distance function is resilient to the effects of FeFET device-to-device variations. Furthermore, this work experimentally demonstrates a 2-bit implementation of FeFET MCAM using AND arrays from GLOBALFOUNDRIES to further validate proof of concept.

This paper examines the fast approaching highly secure and content centric data sharing architecture Named Data Networking. The content name plays the key role in NDN. Most of the users are interested only in the content or information and thereby the host centric internet architecture is losing its importance. Different naming conventions and caching strategies used in Named Data Networking based applications have been discussed in this study. The convergence of NDN with the vehicular networks and the ongoing studies in it will make the path to Intelligent Transportation system more optimized and efficient. It describes the future internet and this idea has taken root in most of the upcoming IOT applications which are going to conquer every phase of life. Though it is in its infancy stage of development, NDN will soon take over traditional IP Architecture.

In this paper, we propose models and schemes for coded and uncoded packet transmission over time invariant (TIC) and time variant (TVC) channels. We provide an approximation of the delay induced assuming fmite number of time slots to transmit a given number of packets. We propose an adaptive physical layer (PHY)-aware coded scheme that designs smart acknowledgments (ACK) via an optimal selection of coded packets to transmit at a given SNR. We apply our proposed schemes to channels with complex fading behavior and high round trip (RTT) delays. We compare the accuracy of TVC coded scheme to the TIC coded scheme, and we show the throughput-delay efficacy of adaptive coded schemes driven by PHY-awareness in the mitigation of high RTT environments, with up to 3 fold gains.

Controller area network is the serial communication protocol, which broadcasts the message on the CAN bus. The transmitted message is read by all the nodes which shares the CAN bus. The message can be eavesdropped and can be re-used by some other node by changing the information or send it by duplicate times. The message reused after some delay is replay attack. In this paper, the CAN network with three CAN nodes is implemented using the universal verification components and the replay attack is demonstrated by creating the faulty node. Two types of replay attack are implemented in this paper, one is to replay the entire message and the other one is to replay only the part of the frame. The faulty node uses the first replay attack method where it behaves like the other node in the network by duplicating the identifier. CAN frame except the identifier is reused in the second method which is hard to detect the attack as the faulty node uses its own identifier and duplicates only the data in the CAN frame.

Ad Hoc Network is wireless networks that get more attention from past to present. Mobile ad hoc network (MANET) is one of the types of ad hoc networks, it deployed rapidly because it infrastructure-less. A node in a mobile ad hoc network communicates through wireless links without wired channels. When source nodes want to communicate with the destination outside its transmission range it uses multi-hop mechanisms. The intermediate node forwards the data packet to the next node until the data packet reaches its destination. Due wireless links and lack of centralized administration device, mobile ad hoc network is more vulnerable for security attacks. The rushing attack is one of the most dangerous attacks in the on-demand routing protocol of mobile ad hoc networks. Rushing attack highly transmits route request with higher transmission power than the genuine nodes and become participate between source and destination nodes, after that, it delays or drop actual data pass through it. In this study, the researcher incorporates rushing attack in one of the most commonly used mobile ad hoc network routing protocols namely Ad hoc on-demand multipath distance vector and provides a rushing attack prevention method based on the time threshold value and random route selection. Based on the time RREQ arrives a node takes a decision, if the RREQ packet arrives before threshold value, the RREQ packet consider as came from an attacker and discarded else RREQ packet received then randomly select RREQ to forward. In this study performance metrics like packet delivery ratio, end-to-end delay and throughput have been evaluated using Network simulation (NS-2.35). As a result of simulation shows newly proposed prevention mechanism improves network performance in all cases than the network under attacker. For example, the average packet delivery ratio enhanced from 54.37% to 97.69%, throughput increased from 20.84bps to 33.06bpsand the average delay decreased from 1147.22ms to 908.04ms. It is concluded that the new proposed techniques show improvement in all evaluated performance metrics.

In order to meet the actual needs of operating system localization and high-security operating system, this paper proposes a multi-core embedded high-security operating system inter-core communication mechanism centered on private memory on the core based on the cache mechanism of DSP processors such as Feiteng design. In order to apply it to the multi-core embedded high-security operating system, this paper also combines the priority scheduling scheme used in the design of our actual operating system to analyze the certainty of inter-core communication. The analysis result is: under this communication mechanism There is an upper limit for end-to-end delay, so the certainty of the communication mechanism is guaranteed and can be applied to multi-core high-security embedded operating systems.

The steady growing trend of user demand in using various 4G mobile broadband applications obligates telecom operators to thoroughly plan a precise Quality of Service (QoS) contract with its subscribers. This directly reveals a challenge in figuring out a sophisticated behavior of radio resources (RBs) at the base station to effectively handle the oscillated loads to fulfill their QoS profiles. This paper elaborates on the above issue by analyzing the behavior of the downlink packet scheduling scheme and proposes a solution to bridge between the two major QoS indicators for Real-Time (RT) services, that are, throughput and delay. The proposed scheduling scheme emphasizes that a prior RBs planning indeed has an immense impact on the behavior of the deployed scheduling rule, particularly, when heterogeneous flows share the channel capacity. System-level simulations are performed to evaluate the proposed scheduling scheme in a comparative manner. The numerical results of throughput and delay assured that diverse QoS profiles can be satisfied in case of considering RBs planning.

In proof-of-stake (PoS) blockchains, stakeholders that extend the chain are selected according to the amount of stake they own. In S&P 2019 the "Ouroboros Crypsinous" system of Kerber et al. (and concurrently Ganesh et al. in EUROCRYPT 2019) presented a mechanism that hides the identity of the stakeholder when adding blocks, hence preserving anonymity of stakeholders both during payment and mining in the Ouroboros blockchain. They focus on anonymizing the messages of the blockchain protocol, but suggest that potential identity leaks from the network-layer can be removed as well by employing anonymous broadcast channels.In this work we show that this intuition is flawed. Even ideal anonymous broadcast channels do not suffice to protect the identity of the stakeholder who proposes a block.We make the following contributions. First, we show a formal network-attack against Ouroboros Crypsinous, where the adversary can leverage network delays to distinguish who is the stakeholder that added a block on the blockchain. Second, we abstract the above attack and show that whenever the adversary has control over the network delay – within the synchrony bound – loss of anonymity is inherent for any protocol that provides liveness guarantees. We do so, by first proving that it is impossible to devise a (deterministic) state-machine replication protocol that achieves basic liveness guarantees and better than (1-2f) anonymity at the same time (where f is the fraction of corrupted parties). We then connect this result to the PoS setting by presenting the tagging and reverse tagging attack that allows an adversary, across several executions of the PoS protocol, to learn the stake of a target node, by simply delaying messages for the target. We demonstrate that our assumption on the delaying power of the adversary is realistic by describing how our attack could be mounted over the Zcash blockchain network (even when Tor is used). We conclude by suggesting approaches that can mitigate such attacks.

MANET stands for Mobile ad-hoc network, which is also known as a wireless network. It provides a routable networking environment which does not have a centralized infrastructure. MANET is used in many important sectors like economic sector (corporate field), security sector (military field), education sector (video conferences and lectures), law sector (law enforcement) and many more. Even though it plays a vital role in different sectors and improves its economic growth, security is a major concern in MANET. Due to lack of inbuilt security, several attacks like data traffic attack, control traffic attack. The wormhole is a kind of control traffic attack which forms wormhole link between nodes. In this paper, we have proposed an approach to detect and get rid of the wormhole attack. The proposed approach is based on trust values, which will decide whether nodes are affected by using parameters like receiving time and data rate. On evaluation, we have concluded that the wormhole attack decreases the network's performance while using trusted approach its value increases. Means PDR and throughput return best results for the affected network while in case of end to end delay it returns similar results as of unaffected network.

In Mobile Ad-hoc Network based Internet of things (MANET-IoT), nodes are mobile, infrastructure less, managed and organized by themselves that have important role in many areas such as Mobile Computing, Military Sector, Sensor Networks Commercial Sector, medical etc. One major problem in MANET based IoT is security because nodes are mobile, having not any central administrator and are also not reliable. So, MANET-IoT is more defenseless to denial-of-service attacks for-example Blackhole, Wormhole, Gray-hole etc. To compare the performance of network under different attacks for checking which attack is more affecting the performance of network, we implemented Blackhole and Wormhole attack by modifying AODV routing protocol in NS-3. After preprocessing of data that is obtained by using Flow-monitor module, we calculated performance parameters such as Average Throughput, Average Packet Delivery Ratio, Average End to End Delay, Average Jitter-Sum and compared it with no. of nodes in MANET-IoT network. Throughput and goodput performance of each node in the network is also calculated by using Trace metric module and compared with each node in the network. This approach is also very helpful for further research in MANET-IoT Security.

Mobile Ad Hoc Network (MANET) is one of the types of Ad-hoc Network which is comprised of wireless in a network. The main problem in this research is the vulnerability of the protocol routing Dymo against jellyfish attack, so it needs detection from a jellyfish attack. This research implements the DELPHI method to detect jellyfish attacks on a DYMO protocol which has better performance because the Delay Per-Hop Indicator (DELPHI) gathers the amount of hop and information delay from the disjoint path and calculates the delays per-hop as an indicator of a jellyfish attack. The evaluation results indicate an increase in the end-to-end delay average, start from 112.59s in 10 nodes increased to 143.732s in 30 nodes but reduced to 84,2142s in 50 nodes. But when the DYMO routing did not experience any jellyfish attacks both the delivery ratio and throughput are decreased. The delivery ratio, where decreased from 10.09% to 8.19% in 10 nodes, decreased from 20.35% to 16.85%, and decreased from 93.5644% to 82.825% in 50 nodes. As for the throughput, for 10 nodes decreased from 76.7677kbps to 68.689kbps, for 30 nodes decreased from 100kbps to 83.5821kbps and for 50 nodes decreased from 18.94kbps to 15.94kbps.

The power communication network generates a large amount of data. The existing security monitoring method needs to use a large transmission bandwidth in the process of data processing, which leads to the decrease of real-time response. Therefore, an automatic monitoring method of power communication network security based on edge computing is proposed. The paper establishes the power communication monitoring network architecture by combining RFID identification sensor network and wireless communication network. The edge calculation is embedded to the edge side of the power communication network, and the data processing model of power communication is established. Based on linear discriminant analysis, the paper designs a network security situation awareness assessment model, and uses this model to evaluate the real-time data collected by the power communication network. According to the evaluation results, the probability of success of intrusion attack is calculated and the security risk monitoring is carried out for the intrusion attack. The experimental results show that compared with the existing monitoring methods, the edge based security monitoring method can effectively reduce communication delay, improve the real-time response, and then improve the intelligent level of power communication network.

Increasingly, the transportation industry has moved towards automation to improve safety, fuel efficiency, and system productivity. However, the increased scrutiny that automated vehicles (AV) face over functional safety has hindered the industry's unbridled confidence in self-driving technologies. As AVs are cyber-physical systems, they utilize distributed control to accomplish a range of safety-critical driving tasks. The Operation Systems (OS) serve as the core of these control systems. Therefore, their designs and implementation must incorporate ways to protect AVs against what must be assumed to be inevitable cyberattacks to meet the overall AV functional safety requirements. This paper investigates the connection between functional safety and cybersecurity in the context of OS. This study finds that risks due to delays can worsen by potential cybersecurity vulnerabilities through a case example of an automated vehicle following. Furthermore, attack surfaces and cybersecurity countermeasures for protecting OSs from security breaches are addressed.

Cloud computing enables users and organizations to conveniently store and share data in large volumes and to enjoy on-demand services. Security and the protection of big data sharing from various attacks is the most challenging issue. Proxy re-encryption (PRE) is an effective method to improve the security of data sharing in the cloud environment. However, in PRE schemes, offloading big data for re-encryption will impose a heavy computational burden on the cloud proxy server, resulting in an increased computation delay and response time for the users. In this paper, we propose a novel parallel PRE workload distribution scheme to dynamically route the big data re-encryption process into the fog of the network. Moreover, this paper proposes a dynamic load balancing technique to avoid an excessive workload for the fog nodes. It also uses lightweight asymmetric cryptography to provide end-to-end security for the big data sharing between users. Within the proposed scheme, the offloading overhead on the centralized cloud server is effectively mitigated. Meanwhile, the processing delay incurred by the big data re-encryption process is efficiently improved.

In smart girds, supervisory control and data acquisition (SCADA) systems have to protect data from advanced persistent threats (APTs), which exploit vulnerabilities of the power infrastructures to launch stealthy and targeted attacks. In this paper, we propose a reinforcement learning-based APT defense scheme for the control center to choose the detection interval and the number of Central Processing Units (CPUs) allocated to the data concentrators based on the data priority, the size of the collected meter data, the history detection delay, the previous number of allocated CPUs, and the size of the labeled compromised meter data without the knowledge of the attack interval and attack CPU allocation model. The proposed scheme combines deep learning and policy-gradient based actor-critic algorithm to accelerate the optimization speed at the control center, where an actor network uses the softmax distribution to choose the APT defense policy and the critic network updates the actor network weights to improve the computational performance. The advantage function is applied to reduce the variance of the policy gradient. Simulation results show that our proposed scheme has a performance gain over the benchmarks in terms of the detection delay, data protection level, and utility.

Satisfying security requirements for Mobile Ad-hoc Networks (MANETs) is a key challenge due to the limited power budget for the nodes composing those networks. Therefore, it is essential to exploit lightweight cryptographic algorithms to preserve the confidentiality of the messages being transmitted between different nodes in MANETs. At the heart of such algorithms lies the Elliptic Curve Cryptography (ECC). The importance of ECC lies in offering equivalent security with smaller key sizes, which results in faster computations, lower power consumption, as well as memory and bandwidth savings. However, when exploiting ECC in MANETs, it is essential to properly choose the parameters of ECC such that an acceptable level of confidentiality is achieved without entirely consuming the power budget of nodes. In addition, the delay of the communication should not abruptly increase. In this paper, we study the effect of changing the prime number use in ECC on power consumption, delay, and the security of the nodes in MANETs. Once a suitable prime number is chosen, a comparative analysis is conducted between two reactive routing protocols, namely, Ad-hoc on Demand Distance Vector (AODV) and Dynamic Source Routing (DSR) in terms of power consummation and delay. Experimental results show that a prime number value of 197 for ECC alongside with DSR for routing preserve an acceptable level of security for MANETs with low average power consumption and low average delay in the communication.

The whole Software-Defined Networking (SDN) system might be out of service when the control plane is overloaded by control plane saturation attacks. In this attack, a malicious host can manipulate massive table-miss packets to exhaust the control plane resources. Even though many studies have focused on this problem, systems still suffer from more influenced switches because of centralized mitigation policies, and long recovery delay because of the remaining attack flows. To solve these problems, we propose FSDM, a Fast recovery Saturation attack Detection and Mitigation framework. For detection, FSDM extracts the distribution of Control Channel Occupation Rate (CCOR) to detect the attack and locates the port that attackers come from. For mitigation, with the attacker's location and distributed Mitigation Agents, FSDM adopts different policies to migrate or block attack flows, which influences fewer switches and protects the control plane from resource exhaustion. Besides, to reduce the system recovery delay, FSDM equips a novel functional module called Force\_Checking, which enables the whole system to quickly clean up the remaining attack flows and recovery faster. Finally, we conducted extensive experiments, which show that, with the increasing of attack PPS (Packets Per Second), FSDM only suffers a minor recovery delay increase. Compared with traditional methods without cleaning up remaining flows, FSDM saves more than 81% of ping RTT under attack rate ranged from 1000 to 4000 PPS, and successfully reduced the delay of 87% of HTTP requests time under large attack rate ranged from 5000 to 30000 PPS.

Wireless Sensor Network (WSN) is considered as the backbone of Internet of Things (IoT) networks. Authentication is the most important phase that guarantees secure access to such networks but it is more critical than that in traditional Internet because the communications are established between constrained devices that could not compute heavy cryptographic primitives. In this paper, we are studying with real experimentation the efficiency of HIP Diet EXchange header (HIP DEX) protocol over IPv6 over Low Power Wireless Personal Area Networks (6LoWPAN) in IoT. The adopted application layer protocol is Constrained Application Protocol (CoAP) and as a routing protocol, the Routing Protocol for Low power and lossy networks (RPL). The evaluation concerns the total End-to-End transmission delays during the authentication process between the communicating peers regarding the processing, propagation, and queuing times' overheads results. Most importantly, we propose an efficient handshake packets' compression header, and we detailed a comparison of the above evaluation's criteria before and after the proposed compression. Obtained results are very encouraging and reinforce the efficiency of HIP DEX in IoT networks during the handshake process of constrained nodes.