Biblio

Wear and tear are essential in establishing the market value of an asset. From shutter counters on DSLRs to odometers inside cars, specific counters, that encode the degree of wear, exist on most products. But malicious modification of the information that they report was always a concern. Our work explores a solution to this problem by using the blockchain technology, a layered encoding of product attributes and identity-based cryptography. Merging such technologies is essential since blockchains facilitate the construction of a distributed database that is resilient to adversarial modifications, while identity-based signatures set room for a more convenient way to check the correctness of the reported values based on the name of the product and pseudonym of the owner alone. Nonetheless, we reinforce security by using ownership cards deployed around NFC tokens. Since odometer fraud is still a major practical concern, we discuss a practical scenario centered on vehicles, but the framework can be easily extended to many other assets.

We study a model where a data collector obtains data from users through a payment mechanism to learn the underlying state from the elicited data. The private signal of each user represents her individual knowledge about the state. Through social interactions, each user can also learn noisy versions of her friends' signals, which is called group signals. Based on both her private signal and group signals, each user makes strategic decisions to report a privacy-preserved version of her data to the data collector. We develop a Bayesian game theoretic framework to study the impact of social learning on users' data reporting strategies and devise the payment mechanism for the data collector accordingly. Our findings reveal that, the Bayesian-Nash equilibrium can be in the form of either a symmetric randomized response (SR) strategy or an informative non-disclosive (ND) strategy. A generalized majority voting rule is applied by each user to her noisy group signals to determine which strategy to follow. When a user plays the ND strategy, she reports privacy-preserving data completely based on her group signals, independent of her private signal, which indicates that her privacy cost is zero. Both the data collector and the users can benefit from social learning which drives down the privacy costs and helps to improve the state estimation at a given payment budget. We derive bounds on the minimum total payment required to achieve a given level of state estimation accuracy.

Smart meters enable improvements in electricity distribution system efficiency at some cost in customer privacy. Users with home batteries can mitigate this privacy loss by applying charging policies that mask their underlying energy use. A battery charging policy is proposed and shown to provide universal privacy guarantees subject to a constraint on energy cost. The guarantee bounds our strategy's maximal information leakage from the user to the utility provider under general stochastic models of user energy consumption. The policy construction adapts coding strategies for non-probabilistic permuting channels to this privacy problem.

We consider a cloud-based control architecture for a linear plant with Gaussian process noise, where the state of the plant contains a client's sensitive information. We assume that the cloud tries to estimate the state while executing a designated control algorithm. The mutual information between the client's actual state and the cloud's estimate is adopted as a measure of privacy loss. We discuss the necessity of uplink and downlink privacy masks. After observing that privacy is not necessarily a monotone function of the noise levels of privacy masks, we discuss the joint design procedure for uplink and downlink privacy masks. Finally, the trade-off between privacy and control performance is explored.

Control algorithms, like model predictive control, can be computationally expensive and may benefit from being executed over the cloud. This is especially the case for nodes at the edge of a network since they tend to have reduced computational capabilities. However, control over the cloud requires transmission of sensitive data (e.g., system dynamics, measurements) which undermines privacy of these nodes. When choosing a method to protect the privacy of these data, efficiency must be considered to the same extent as privacy guarantees to ensure adequate control performance. In this paper, we review a transformation-based method for protecting privacy, previously introduced by the authors, and quantify the level of privacy it provides. Moreover, we also consider the case of adversaries with side knowledge and quantify how much privacy is lost as a function of the side knowledge of the adversary.

With the popularity of smart devices and the widespread use of the Wi-Fi-based indoor localization, edge computing is becoming the mainstream paradigm of processing massive sensing data to acquire indoor localization service. However, these data which were conveyed to train the localization model unintentionally contain some sensitive information of users/devices, and were released without any protection may cause serious privacy leakage. To solve this issue, we propose a lightweight differential privacy-preserving mechanism for the edge computing environment. We extend ε-differential privacy theory to a mature machine learning localization technology to achieve privacy protection while training the localization model. Experimental results on multiple real-world datasets show that, compared with the original localization technology without privacy-preserving, our proposed scheme can achieve high accuracy of indoor localization while providing differential privacy guarantee. Through regulating the value of ε, the data quality loss of our method can be controlled up to 8.9% and the time consumption can be almost negligible. Therefore, our scheme can be efficiently applied in the edge networks and provides some guidance on indoor localization privacy protection in the edge computing.

With the popularity of Internet applications and rapid development, data using and sharing process may lead to the sensitive information divulgence. To deal with the privacy protection issue more effectively, in this paper, we propose the associated data sets protection model based on game theory from the point of view of realizing benefits from the access of privacy is about happen, quantify the extent to which visitors gain sensitive information, then compares the tolerance of the sensitive information owner and finally decides whether to allow the visitor to make an access request.

More and more security and privacy issues are arising as new technologies, such as big data and cloud computing, are widely applied in nowadays. For decreasing the privacy breaches in access control system under opening and cross-domain environment. In this paper, we suggest a game and risk based access model for privacy preserving by employing Shannon information and game theory. After defining the notions of Privacy Risk and Privacy Violation Access, a high-level framework of game theoretical risk based access control is proposed. Further, we present formulas for estimating the risk value of access request and user, construct and analyze the game model of the proposed access control by using a multi-stage two player game. There exists sub-game perfect Nash equilibrium each stage in the risk based access control and it's suitable to protect the privacy by limiting the privacy violation access requests.

The confinement of light in three dimensions (3D) is an active research topic in Nanophotonics, since it allows for ultimate control over photons [1]. A powerful tool to this end is a 3D photonic band gap crystal with a tailored defect that acts as a cavity or even a waveguide [2]. When a one-dimensional array of cavities is coupled, an intricate waveguiding system appears, known as a CROW (coupled resonator optical waveguide) [3]. Remarkably, 3D superlattices of coupled cavities that resonate inside a 3D band gap have not been studied to date. Recently, theoretical work has predicted the occurrence of "Cartesian light", wherein light propagates by hopping only in high symmetry directions in space [4]. This represents the optical analog of the Anderson model for spins or electrons that is relevant for neuromorphic computing and may lead to intricate lasing [5].

In this advanced era, it is important to keep up an abnormal state of security for online exchanges. Public Key cryptography assumes an indispensable job in the field of security. Rivest, Shamir and Adleman (RSA) algorithm is being utilized for quite a long time to give online security. RSA is considered as one of the famous Public Key cryptographic algorithm. Nevertheless, a few fruitful assaults are created to break this algorithm because of specific confinements accepted in its derivation. The algorithm's security is principally founded on the issue of factoring large number. If the process factorization is done then, at that point the entire algorithm can end up fragile. This paper presents a methodology which is more secure than RSA algorithm by doing some modifications in it. Public Key exponent n, which is termed as common modulus replaced by phony modulus to avoid the factorization attack and it is constructed by Mersenne prime numbers to provide more efficiency and security. Paper presents a comparative analysis of the proposed algorithm with the conventional RSA algorithm and Dual RSA.

A Unique Object (UNO) is a physical object with unique characteristics that can be measured externally. The usually analogue measurement can be converted into a digital representation - a fingerprint - which uniquely identifies the object. For practical applications it is necessary that measurements can be performed without the need of specialist equipment or complex measurement setup. Furthermore, a UNO should be able to defeat simulation attacks; an attacker may replace the UNO with a device or system that produces the expected measurement. Recently a novel type of UNOs based on Quantum Dots (QDs) and exhibiting unique photo-luminescence properties has been proposed. The uniqueness of these UNOs is based on quantum effects that can be interrogated using a light source and a camera. The so called Quantum Confinement UNO (QCUNO) responds uniquely to different light excitation levels which is exploited for simulation attack protection, as opposed to focusing on features too small to reproduce and therefore difficult to measure. In this paper we describe methods for extraction of fingerprints from the QCUNO. We evaluate our proposed methods using 46 UNOs in a controlled setup. Focus of the evaluation are entropy, error resilience and the ability to detect simulation attacks.

The massive adoption of mobile devices by both individuals and companies is raising many security concerns. The fact that such devices are handling sensitive data makes them a target for attackers. Many attack prevention mechanisms are deployed with a last line of defense that focuses on the containment principle. Currently, iOS treats each 3rd party application alike which may lead to security flaws. We propose a framework in which each application has a custom sandboxed environment. We investigated the current confinement architecture used by Apple and built a solution on top of it.

Wireless Sensor Networks (WSNs) utilizes many dedicated sensors for large scale networks in order to record and monitor the conditions over the environment. Cluster-Based Wireless Sensor Networks (CBWSNs) elucidates essential challenges like routing, load balancing, and lifetime of a network and so on. Conversely, security relies a major challenge in CBWSNs by limiting its resources or not forwarding the data to the other clusters. Wireless Sensor Networks utilize different security methods to offer secure information transmission. Encryption of information records transferred into various organizations thus utilizing a very few systems are the normal practices to encourage high information security. For the most part, such encoded data and also the recovery of unique data depend on symmetric or asymmetric key sets. Collectively with the evolution of security advances, unfruitful or unauthorized endeavors have been made by different illicit outsiders to snip the transmitted information and mystery keys deviously, bother the transmission procedure or misshape the transmitted information and keys. Sometimes, the limitations made in the correspondence channel, transmitting and receiving devices might weaken information security and discontinue a critical job to perform. Thus, in this paper we audit the current information security design and key management framework in WSN. Based on this audit and recent security holes, this paper recommends a plausible incorporated answer for secure transmission of information and mystery keys to address these confinements. Thus, consistent and secure clusters is required to guarantee appropriate working of CBWSNs.

Responding to network security incidents requires interference with ongoing attacks to restore the security of services running on production systems. This approach prevents damage, but drastically impedes the collection of threat intelligence and the analysis of vulnerabilities, exploits, and attack strategies. We propose the live confinement of suspicious microservices into a sandbox network that allows to monitor and analyze ongoing attacks under quarantine and that retains an image of the vulnerable and open production network. A successful sandboxing requires that it happens completely transparent to and cannot be detected by an attacker. Therefore, we introduce a novel metric to measure the Quality of Deception (QoD) and use it to evaluate three proposed network deception mechanisms. Our evaluation results indicate that in our evaluation scenario in best case, an optimal QoD is achieved. In worst case, only a small downtime of approx. 3s per microservice (MS) occurs and thus a momentary drop in QoD to 70.26% before it converges back to optimum as the quarantined services are restored.

Cyber attacks against automobiles have increased over the last decade due to the expansion in attack surfaces. This is the result of modern automobiles having connections such as Bluetooth, WiFi, and other broadband services. While there has been numerous proposed solutions in the literature, none have been widely adopted as maintaining real-time message deliverability in the Controller Area Networks (CAN) outweighs proposed security solutions. Through iterative research, we have developed a solution which mitigates an attacker's impact on the CAN bus by using CAN's inherent features of arbitration, error detection and signaling, and fault confinement mechanism. The solution relies on an access controller and message priority thresholds added to the CAN data-link layer. The results provide no time delay for non-malicious traffic and mitigates bus impact of a subverted node attempting to fabricate messages at an unauthorized priority level.

The sheer size of IoT networks being deployed today presents an "attack surface" and poses significant security risks at a scale never before encountered. In other words, a single device/node in a network that becomes infected with malware has the potential to spread malware across the network, eventually ceasing the network functionality. Simply detecting and quarantining the malware in IoT networks does not guarantee to prevent malware propagation. On the other hand, use of traditional control theory for malware confinement is not effective, as most of the existing works do not consider real-time malware control strategies that can be implemented using uncertain infection information of the nodes in the network or have the containment problem decoupled from network performance. In this work, we propose a two-pronged approach, where a runtime malware detector (HaRM) that employs Hardware Performance Counter (HPC) values to detect the malware and benign applications is devised. This information is fed during runtime to a stochastic model predictive controller to confine the malware propagation without hampering the network performance. With the proposed solution, a runtime malware detection accuracy of 92.21% with a runtime of 10ns is achieved, which is an order of magnitude faster than existing malware detection solutions. Synthesizing this output with the model predictive containment strategy lead to achieving an average network throughput of nearly 200% of that of IoT networks without any embedded defense.

The application of line current differential relays (LCDRs) to protect transmission lines has recently proliferated. However, the reliance of LCDRs on digital communication channels has raised growing cyber-security concerns. This paper investigates the impacts of false data injection attacks (FDIAs) on the performance of LCDRs. It also develops coordinated attacks that involve multiple components, including LCDRs, and can cause false line tripping. Additionally, this paper proposes a technique for detecting FDIAs against LCDRs and differentiating them from actual faults in two-terminal lines. In this method, when an LCDR detects a fault, instead of immediately tripping the line, it calculates and measures the superimposed voltage at its local terminal, using the proposed positive-sequence (PS) and negative-sequence (NS) submodules. To calculate this voltage, the LCDR models the protected line in detail and replaces the rest of the system with a Thevenin equivalent that produces accurate responses at the line terminals. Afterwards, remote current measurement is utilized by the PS and NS submodules to compute each sequence's superimposed voltage. A difference between the calculated and the measured superimposed voltages in any sequence reveals that the remote current measurements are not authentic. Thus, the LCDR's trip command is blocked. The effectiveness of the proposed method is corroborated using simulation results for the IEEE 39-bus test system. The performance of the proposed method is also tested using an OPAL real-time simulator.

The growing number of attacks against cyber-physical systems in recent years elevates the concern for cybersecurity of industrial control systems (ICSs). The current efforts of ICS cybersecurity are mainly based on firewalls, data diodes, and other methods of intrusion prevention, which may not be sufficient for growing cyber threats from motivated attackers. To enhance the cybersecurity of ICS, a cyber-attack detection system built on the concept of defense-in-depth is developed utilizing network traffic data, host system data, and measured process parameters. This attack detection system provides multiple-layer defense in order to gain the defenders precious time before unrecoverable consequences occur in the physical system. The data used for demonstrating the proposed detection system are from a real-time ICS testbed. Five attacks, including man in the middle (MITM), denial of service (DoS), data exfiltration, data tampering, and false data injection, are carried out to simulate the consequences of cyber attack and generate data for building data-driven detection models. Four classical classification models based on network data and host system data are studied, including k-nearest neighbor (KNN), decision tree, bootstrap aggregating (bagging), and random forest (RF), to provide a secondary line of defense of cyber-attack detection in the event that the intrusion prevention layer fails. Intrusion detection results suggest that KNN, bagging, and RF have low missed alarm and false alarm rates for MITM and DoS attacks, providing accurate and reliable detection of these cyber attacks. Cyber attacks that may not be detectable by monitoring network and host system data, such as command tampering and false data injection attacks by an insider, are monitored for by traditional process monitoring protocols. In the proposed detection system, an auto-associative kernel regression model is studied to strengthen early attack detection. The result shows that this approach detects physically impactful cyber attacks before significant consequences occur. The proposed multiple-layer data-driven cyber-attack detection system utilizing network, system, and process data is a promising solution for safeguarding an ICS.

Cognitive Radio is a prominent solution for effective spectral resource utilization. The rapidly growing device to device (D2D) communications and the next generation networks urge the cognitive radio networks to facilitate wideband spectrum sensing in order to assure newer spectral opportunities. As Nyquist sampling rates are formidable owing to complexity and cost of the ADCs, compressive sampling approaches are becoming increasingly popular. One such approach exploited in this paper is the Modulated Wideband Converter (MWC) to recover the spectral support. On the multiple measurement vector (MMV) framework provided by the MWC, threshold based Orthogonal Matching Pursuit (OMP) and Sparse Bayesian Learning (SBL) algorithms are employed for support recovery. We develop a Graphical User Interface (GUI) that assists a beginner to simulate the RF front-end of a MWC and thereby enables the user to explore support recovery as a function of Signal to Noise Ratio (SNR), number of measurement vectors and threshold. The GUI enables the user to explore spectrum sensing in DVB-T, 3G and 4G bands and recovers the support using OMP or SBL approach. The results show that the performance of SBL is better than that of OMP at a lower SNR values.

From the point of view of statistical signal processing, the dynamic range for one-bit quantisers with time-varying thresholds is studied. Maximum tolerable amplitudes, minimum detectable amplitudes and dynamic ranges of this one-bit sampling approach and uniform quantisers, such as N-bits analogue-to-digital converters (ADCs), are derived and simulated. The results reveal that like conventional ADCs, the dynamic ranges of one-bit sampling approach are linearly proportional to the Gaussian noise standard deviations, while one-bit sampling's dynamic ranges are lower than N-bits ADC under the same noise levels.

In this paper, a novel method for tomographic microwave imaging based on the Compressive Processing (CP) paradigm is proposed. The retrieval of the dielectric profiles of the scatterers is carried out by efficiently solving both the sampling and the sensing problems suitably formulated under the first order Born approximation. Selected numerical results are presented in order to show the improvements provided by the CP with respect to conventional compressive sensing (CSE) approaches.

We propose a novel hybrid imaging system to acquire 4D high-speed hyperspectral (HSHS) videos with high spatial and spectral resolution. The proposed system consists of two branches: one branch performs Nyquist sampling in the temporal dimension while integrating the whole spectrum, resulting in a high-frame-rate panchromatic video; the other branch performs compressive sampling in the spectral dimension with longer exposures, resulting in a low-frame-rate hyperspectral video. Owing to the high light throughput and complementary sampling, these two branches jointly provide reliable measurements for recovering the underlying HSHS video. Moreover, the panchromatic video can be used to learn an over-complete 3D dictionary to represent each band-wise video sparsely, thanks to the inherent structural similarity in the spectral dimension. Based on the joint measurements and the self-adaptive dictionary, we further propose a simultaneous spectral sparse (3S) model to reinforce the structural similarity across different bands and develop an efficient computational reconstruction algorithm to recover the HSHS video. Both simulation and hardware experiments validate the effectiveness of the proposed approach. To the best of our knowledge, this is the first time that hyperspectral videos can be acquired at a frame rate up to 100fps with commodity optical elements and under ordinary indoor illumination.

In this paper, we consider the problem of joint target detection and tracking in compressive sampling and processing (CSP-JDT). CSP can process the compressive samples of sparse signals directly without signal reconstruction, which is suitable for handling high-resolution radar signals. However, in CSP, the radar target detection and tracking problems are usually solved separately or by a two-stage strategy, which cannot obtain a globally optimal solution. To jointly optimize the target detection and tracking performance and inspired by the optimal Bayes joint decision and estimation (JDE) framework, a jointly optimized target detection and tracking algorithm in CSP is proposed. Since detection and tracking are highly correlated, we first develop a measurement matrix construction method to acquire the compressive samples, and then a joint CSP Bayesian approach is developed for target detection and tracking. The experimental results demonstrate that the proposed method outperforms the two-stage algorithms in terms of the joint performance metric.

We investigate an implementation of a compressive sampling (CS) stepped frequency ground penetrating radar. Due to the small number of targets, the B-scan is represented as a sparse image. Due to the nature of stepped frequency radar, smaller number of random frequencies can be used to obtain each A-scan (sparse delays). Also, the measurements obtained from different antenna positions can be reduced to a smaller number of random antenna positions. We also use the structure in the B-scan, i.e. the shape of the targets, which can be known, for instance, when detecting land mines. We demonstrate our method using radar data available from the Web from the land mine targets buried in the ground. We use group sparsity, i.e. we assume that the targets have some non-zero (and presumably known) dimension in the cross-range coordinate of the B-scan. For such targets, we also use the Markov chain model for the targets, where we simultaneously estimate the model parameters using the EMturboGAMP algorithm. Both approaches result in improved performance.

We propose a time-adaptive sampling method and demonstrate a sampling-time-adaptive single-photon compressive imaging system. In order to achieve self-adapting adjustment of sampling time, the theory of threshold of light intensity estimation accuracy is deduced. According to this threshold, a sampling control module, based on field-programmable gate array, is developed. Finally, the advantage of the time-adaptive sampling method is proved experimentally. Imaging performance experiments show that the time-adaptive sampling method can automatically adjust the sampling time for the change of light intensity of image object to obtain an image with better quality and avoid speculative selection of sampling time.