Biblio

Nowadays the provision of online services by government or business organizations has become a standard and necessary operation. Transferring data including the confidential or sensitive information via Internet or insecure network and exchange of them is also increased day by day. As a result, confidential information leakage and cyber threats are also heightened. Confidential information trading became one of the most profitable businesses. Encrypting the data is a solution to secure the data from being exposed. In this paper, we would like to propose a solution for the secure transfer of data using symmetric encryption, asymmetric encryption technologies and Key Generation Server as a mixed hybrid solution. A Symmetric encryption, modified AES algorithm, is used to encrypt data. Digital certificate is used both for data encryption and digital signing to assure data integrity. Key generation server is used to generate the second secret key from the publicly recognized information of a person and this key is used as a second secret key in the modified AES. The proposed hybrid solution can be utilized in any applications that require high confidentiality, integrity of data and non-repudiation.

Data encryption techniques are important for answering the question: How secure is the Internet for sending sensitive data. Keeping data secure while they are sent through the global network is a difficult task. This is because many hackers are fishing these data in order to get some benefits. The researchers have developed various types of encryption algorithms to protect data from attackers. These algorithms are mainly classified into two categories namely symmetric and asymmetric encryption algorithms. This survey sheds light on the recent work carried out on encrypting a text into an image based on the RGB color value and held a comparison between them based on various factors evolved from the literature.

The continuous progress of electronic equipments has influenced car manufacturers, leading to the integration of the latest infotainment technologies and providing connection to external devices, such as mobile phones. Modern cars work with ECUs (Electronic Control Units) that handle user interactions and sensor data, by also sending information to actuators using simple, reliable and efficient networks with fast protocols, like CAN (Controller Area Network). This is the most used vehicular protocol, which allows interconnecting different ECUs, making them interact in a synergic manner. On the down side, there is a security risk related to the exposition of malicious ECU's frames-possibly generated by compromised devices-which can lead to the possibility to remote control all the car equipments (like brakes and others) by an attacker. We propose a solution to this problem, designing an authentication and encryption system above CAN, called AuthentiCAN. Our proposal is tailored for the evolution of CAN called CAN-FD, and avoids the possibility for an attacker to inject malicious frames that are not discarded by the destination ECUs. Also, we avoid the possibility for an attacker to learn the interactions that occur across ECUs, with the objective of maliciously replaying messages-which would lead the actuator's logic to be no longer compliant with the actual data sources. We also present a simulation study of our solution, where we provide an assessment of its overhead, e.g. in terms of reduction of the throughput of data-unit transfer over CAN-FD, caused by the added security features.

This paper presents a new micro-architectural vulnerability on the power management units of modern computers which creates an electromagnetic-based side-channel. The key observations that enable us to discover this sidechannel are: 1) in an effort to manage and minimize power consumption, modern microprocessors have a number of possible operating modes (power states) in which various sub-systems of the processor are powered down, 2) for some of the transitions between power states, the processor also changes the operating mode of the voltage regulator module (VRM) that supplies power to the affected sub-system, and 3) the electromagnetic (EM) emanations from the VRM are heavily dependent on its operating mode. As a result, these state-dependent EM emanations create a side-channel which can potentially reveal sensitive information about the current state of the processor and, more importantly, the programs currently being executed. To demonstrate the feasibility of exploiting this vulnerability, we create a covert channel by utilizing the changes in the processor's power states. We show how such a covert channel can be leveraged to exfiltrate sensitive information from a secured and completely isolated (air-gapped) laptop system by placing a compact, inexpensive receiver in proximity to that system. To further show the severity of this attack, we also demonstrate how such a covert channel can be established when the target and the receiver are several meters away from each other, including scenarios where the receiver and the target are separated by a wall. Compared to the state-of-the-art, the proposed covert channel has \textbackslashtextgreater3x higher bit-rate. Finally, to demonstrate that this new vulnerability is not limited to being used as a covert channel, we demonstrate how it can be used for attacks such as keystroke logging.

This paper explores using chaos-based cryptography for transmitting multimedia data, mainly speech and voice messages, over public communication channels, such as the internet. The secret message to be transmitted is first converted into a one-dimensional time series, that can be cast in a digital/binary format. The main feature of the proposed technique is mapping the two levels of every corresponding bit of the time series into different multiple chaotic orbits, using a simple encryption function. This one-to-many mapping robustifies the encryption technique and makes it resilient to crypto-analysis methods that rely on associating the energy level of the signal into two binary levels, using return map attacks. A chaotic nonautonomous Duffing oscillator is chosen to implement the suggested technique, using three different parameters that are assumed unknown at the receiver side. Synchronization between the transmitter and the receiver and reconstructing the secret message, at the receiver side, is done using a Lyapunov-based adaptive technique. Achieving stable operation, tuning the required control gains, as well as effective utilization of the bandwidth of the public communication channel are investigated. Two different case studies are presented; the first one deals with text that can be expressed as 8-bit ASCII code, while the second one corresponds to an analog acoustic signal that corresponds to the voice associated with pronouncing a short sentence. Advantages and limitation of the proposed technique are highlighted, while suggesting extensions to other multimedia signals, along with their required additional computational effort.

Voice communication is an important need in daily activities whether delivered with or without technology. Telecommunication technology has accommodated this need by providing a wide range of infrastructure, including large varieties of devices used as intermediary and end devices. One of the cellular technologies that is very widely used by the public is GSM (Global System for Mobile), while in the military, trunked radio is still popular. However, the security systems of GSM and trunked radio have limitations. Therefore, this paper proposes a platform to secure voice data over wireless mobile communication by providing end-to-end encryption. This platform is robust to noise, real-time and remains secure. The proposed encryption utilizes multicircular permutations rotated by expanded keys as dynamic keys to scramble the data. We carry out simulations and testbed implementation to prove that application of the proposed method is feasible.

Cipher Text Policy Attribute Based Encryption which is a form of Public Key Encryption has become a renowned approach as a Data access control scheme for data security and confidentiality. It not only provides the flexibility and scalability in the access control mechanisms but also enhances security by fuzzy fined-grained access control. However, schemes are there which for more security increases the key size which ultimately leads to high encryption and decryption time. Also, there is no provision for handling the middle man attacks during data transfer. In this paper, a light-weight and more scalable encryption mechanism is provided which not only uses fewer resources for encoding and decoding but also improves the security along with faster encryption and decryption time. Moreover, this scheme provides an efficient key sharing mechanism for providing secure transfer to avoid any man-in-the-middle attacks. Also, due to fuzzy policies inclusion, chances are there to get approximation of user attributes available which makes the process fast and reliable and improves the performance of legitimate users.

{The paper considers the efficiency of an adaptive non-recursive filter using the adjustment algorithm for weighting coefficients taking into account the constant envelope of the desired signal when receiving signals with multi-position phase shift keying against the background of noise and non-fluctuation interference. Two types of such interference are considered - harmonic and retranslated. The optimal filter parameters (adaptation coefficient and length) are determined by using simulation; the effect of the filter on the noise immunity of a quadrature coherent signal receiver with multi-position phase shift keying for different combinations of interference and their intensity is estimated. It is shown that such an adaptive filter can successfully deal with the most dangerous sighting harmonic interference}.

The ad-hoc network formed by Bluetooth works on radio frequency links. The security aspect of Bluetooth has to be handled more carefully. The radio frequency waves have a characteristic that the waves can pierce the obstructions in the communication path, get rid of the requirement of line of sight between the communicating devices. We propose a software model of man-in-the-middle attack along with unauthorized and authorized transmitter and receiver. Advanced White Gaussian Noise channel is simulated in the designed architecture. The transmitter uses Gaussian Frequency Shift Keying (GFSK) modulation like in Bluetooth. The receiver uses GFSK demodulation. In order to validate the performance of the designed system, bit error rate (BER) measurements are taken with respect to different time intervals. We found that BER drops roughly 18% if hopping duration of 150 seconds is chosen. We propose that a Bluetooth system with hopping rate of 0.006 Hz is used instead of 10Hz.

In-Band Full-Duplex (IBFD) Underwater Acoustic (UWA) communication technology plays a major role in enhancing the performance of Underwater acoustic sensor networks (UWSN). Self-Interference (SI) is one of the main inherent challenges affecting the performance of IBFD UWA communication. To reconstruct the SI signal and counteract the SI effect, this is important to estimate the short range channel through which the SI signal passes. Inaccurate estimation will result in the performance degradation of IBFD UWA communication. From the perspective of engineering implementation, we consider that the UWA communication modem shell has a significant influence on the short-range SI channel, which will limit the efficiency of self-interference cancellation in the analog domain to some degree. Therefore we utilize a simplified model to simulate the influence of the structure of the IBFD UWA communication modem on the receiving end. This paper studies the effect of acoustic-shell coupling on near-end self-interference signal of IBFD UWA communication modem. Some suggestions on the design of shell structure of IBFD UWA communication modem are given.

In this paper, we address the problem of joint user association and power allocation for non-orthogonal multiple access (NOMA) networks with multiple base stations (BSs). A user grouping procedure into orthogonal clusters, as well as an allocation of different physical resource blocks (PRBs) is considered. The problem of interest is mathematically described using the maximization of the weighted sum rate. We apply two different swarm intelligence algorithms, namely, the recently introduced Grey Wolf Optimizer (GWO), and the popular Particle Swarm Optimization (PSO), in order to solve this problem. Numerical results demonstrate that the above-described problem can be satisfactorily addressed by both algorithms.

Jamming attacks target a wireless network creating an unwanted denial of service. 5G is vulnerable to these attacks despite its resilience prompted by the use of millimeter wave bands. Over the last decade, several types of jamming detection techniques have been proposed, including fuzzy logic, game theory, channel surfing, and time series. Most of these techniques are inefficient in detecting smart jammers. Thus, there is a great need for efficient and fast jamming detection techniques with high accuracy. In this paper, we compare the efficiency of several machine learning models in detecting jamming signals. We investigated the types of signal features that identify jamming signals, and generated a large dataset using these parameters. Using this dataset, the machine learning algorithms were trained, evaluated, and tested. These algorithms are random forest, support vector machine, and neural network. The performance of these algorithms was evaluated and compared using the probability of detection, probability of false alarm, probability of miss detection, and accuracy. The simulation results show that jamming detection based random forest algorithm can detect jammers with a high accuracy, high detection probability and low probability of false alarm.

In multi-tenant datacenters, the hardware may be homogeneous but the traffic often is not. For instance, customers who pay an equal amount of money can get an unequal share of the bottleneck capacity when they do not open the same number of TCP connections. To address this problem, several recent proposals try to manipulate the traffic that TCP sends from the VMs. VCC and AC/DC are two new mechanisms that let the hypervisor control traffic by influencing the TCP receiver window (rwnd). This avoids changing the guest OS, but has limitations (it is not possible to make TCP increase its rate faster than it normally would). Seawall, on the other hand, completely rewrites TCP's congestion control, achieving fairness but requiring significant changes to both the hypervisor and the guest OS. There seems to be a need for a middle ground: a method to control TCP's sending rate without requiring a complete redesign of its congestion control. We introduce a minimally-invasive solution that is flexible enough to cater for needs ranging from weighted fairness in multi-tenant datacenters to potentially offering Internet-wide benefits from reduced interflow competition.

Opportunistic spectrum access is one of the emerging techniques for maximizing throughput in congested bands and is enabled by predicting idle slots in spectrum. We propose a kernel-based reinforcement learning approach coupled with a novel budget-constrained sparsification technique that efficiently captures the environment to find the best channel access actions. This approach allows learning and planning over the intrinsic state-action space and extends well to large state spaces. We apply our methods to evaluate coexistence of a reinforcement learning-based radio with a multi-channel adversarial radio and a single-channel carrier-sense multiple-access with collision avoidance (CSMA-CA) radio. Numerical experiments show the performance gains over carrier-sense systems.

The idea to use multiple paths to transport TCP traffic seems very attractive due to its potential benefits it may offer for both redundancy and better utilization of available resources by load balancing. Fixed and mobile network providers employ frequently load-balancers that use multiple paths on either per-flow or per-destination level, but very seldom on per-packet level. Despite of the benefits of packet-level load balancing mechanisms (e.g., low computational complexity and high bandwidth utilization) network providers can't use them mainly because of TCP packet reorderings that harm TCP performance. Emerging network architectures also support multiple paths, but they face with the same obstacle in balancing their load to multiple paths. Indeed, packet level load balancing research is paralyzed by the reordering vulnerability of TCP.A couple of TCP variants exist that deal with TCP packet reordering problem, but due to lack of end-to-end transparency they were not widely deployed and adopted. In this paper, we revisit TCP's packet reorderings problem and present a transparent and light-weight algorithm, Out-of-Order Robustness for TCP with Transparent Acknowledgment (ACK) Intervention (ORTA), to deal with out-of-order deliveries.ORTA works as a transparent thin layer below TCP and hides harmful side-effects of packet-level load balancing. ORTA monitors all TCP flow packets and uses ACK traffic shaping, without any modifications to either TCP sender or receiver sides. Since it is transparent to TCP end-points, it can be easily deployed on TCP sender end-hosts (EHs), gateway (GW) routers, or access points (APs). ORTA opens a door for network providers to use per-packet load balancing.The proposed ORTA algorithm is implemented and tested in NS-2. The results show that ORTA can prevent TCP performance decrease when per-packet load balancing is used.

In this paper, we investigate the local secure connectivity in terms of the probability of existing a secure wireless connection between two legitimate users and the isolated security probability of a legitimate user in stochastic wireless networks. Specifically, the closed-form expressions of the probability that there is a secure wireless communication between two legitimate users are derived first. Then, based on these equations, the corresponding isolated secure probability are given. The characteristics of local secure connectivity are examined in four scenarios combined from two wireless channel conditions (deterministic/Rayleigh fading) and two eavesdropper configurations (non-colluding/colluding). All the derived mathematical equations are validated by the Monte-Carlo simulation. The obtained numerical results in this paper reveal some interesting features of the impact of eavesdropper collusion, wireless channel fading, and density ratio on the secure connection probability and the isolated security probability of legitimate user in stochastic networks.

Today, most embedded systems use Dynamic Voltage and Frequency Scaling (DVFS) to minimize energy consumption and maximize performance. The DVFS technique works by regulating the important parameters that govern the amount of energy consumed in a system, voltage and frequency. For the implementation of this technique, the operating system (OS) includes software applications that dynamically control a voltage regulator or a frequency regulator or both. In this paper, we demonstrate for the first time a malicious use of the frequency regulator against a TrustZone-enabled System-on-Chip (SoC). We demonstrate a use of frequency scaling to create covert channel in a TrustZone-enabled heterogeneous SoC. We present four proofs of concept to transfer sensitive data from a secure entity in the SoC to a non-secure one. The first proof of concept is from a secure ARM core to outside of SoC. The second is from a secure ARM core to a non-secure one. The third is from a non-trusted third party IP embedded in the programmable logic part of the SoC to a non-secure ARM core. And the last proof of concept is from a secure third party IP to a non-secure ARM core.

In this work, communication secrecy in the physical layer for various radio frequencies is examined. Frequencies with the highest level of secrecy in 1-1000 GHz range and their level of communication secrecy are derived. The concept of ultimate secrecy in wireless communications is proposed. Attenuation lines and ranges of both detection and ultimate secrecy are calculated for transmitter powers from 1 W to 1000 W. From results, frequencies with the highest potential to apply bandwidth saving method known as frequency reuse are devised. Commonly used secrecy benchmarks for the given conditions are calculated. Frequencies with the highest attenuation are devised and their ranges of both detection and ultimate secrecy are calculated.

Mobile Ad-hoc Networks (MANETs) are formed when a group of mobile nodes, communicate through wireless links in the absence of central administration. These features make them more vulnerable to several attacks like identity spoofing which leads to identity disclosure. Providing anonymity and privacy for identity are critical issues, especially when the size of such networks scales up. to avoid the centralization problem for key distribution in MANETs. This paper proposes a key distribution scheme for clustered ad-hoc networks. The network is divided into groups of clusters, and each cluster head is responsible for distributing periodically updated security keys among cluster members, for protecting privacy through encryption. Also, an authentication scheme is proposed to ensure the confidentiality of new members to the cluster. The simulation study proves the effectiveness of the proposed scheme in terms of availability and overhead. It scales well for high dense networks and gives less packet drop rate compared to its centralized counterpart in the presence of malicious nodes.

Communication is an essential part of everyday life, both as a social interaction and collaboration to achieve goals. Wireless technology has effectively release the users to roam more freely to achieving collaboration and communication. The principle attraction of mobile ad hoc networks (MANET) are their set-up less and decentralized action. However, mobile ad hoc networks are seen as relatively easy targets for attackers. Security in mobile ad hoc network is provided by encrypting the data when exchanging messages and key management. Cryptography is therefore vital to ensure privacy of message and robustness against disruption. The proposed scheme public string based threshold cryptography (PSTC) describes the new scheme based on threshold cryptography that provides reasonably secure and robust cryptography scheme for mobile ad hoc networks. The scheme is implemented and simulated in ns-2. The scheme is based on trust value and analyze against Denial of Service attack as node found the attacker, the node reject all packet from that attacker. In proposed scheme whole network is compromised only when all nodes of network is compromised because threshold nodes only sharing public string not the master private key. The scheme provides confidentiality and integrity. The default threshold value selected is 2 according to time and space analysis.

Due to their low complexity and robustness in nature, wireless sensor networks are a key component in cyber-physical system. The integration of wireless sensor network in cyber-physical system provides immense benefits in distributed controlled environment. However, the open nature of the wireless medium makes resource-constrained WSN vulnerable to unauthorized interception and detection. Privacy is becoming one of the major issues that jeopardize the successful deployment of WSN. In this paper, we propose a scheme named HASHA to provide location privacy. Different from previous approaches, HASHA protect nodes' location privacy at data link layer. It is well known that payload at data link layer frame is well protected through cryptosystem, but addresses at data link layer leaves unprotected. The adversaries can identify nodes in the network easily by capturing frames and check the source and destination addresses. If both addresses are well protected and unknown to the adversaries, they cannot identify nodes of the targeted networks, rendering it very difficult to launch traffic analysis and locate subjects. Simulation and analytical results demonstrate that our scheme provides stronger privacy protection and requires much less energy.

Nowadays citizens live in a world where communication technologies offer opportunities for new interactions between people and society. Clearly, e-government is changing the way citizens relate to their government, moving the interaction of physical environment and management towards digital participation. Therefore, it is necessary for e-government to have procedures in place to prevent and lessen the negative impact of an attack or intrusion by third parties. In this research work, he focuses on the implementation of anonymous communication in a proof of concept application called “Delta”, whose function is to allow auctions and offers of products, thus marking the basis for future implementations in e-government services.

The measurement and provision of precise and up-to-date traffic-related key performance indicators is a key element and crucial factor for intelligent traffic control systems in upcoming smart cities. The street network is considered as a highly-dynamic Cyber Physical System (CPS) where measured information forms the foundation for dynamic control methods aiming to optimize the overall system state. Apart from global system parameters like traffic flow and density, specific data, such as velocity of individual vehicles as well as vehicle type information, can be leveraged for highly sophisticated traffic control methods like dynamic type-specific lane assignments. Consequently, solutions for acquiring these kinds of information are required and have to comply with strict requirements ranging from accuracy over cost-efficiency to privacy preservation. In this paper, we present a system for classifying vehicles based on their radio-fingerprint. In contrast to other approaches, the proposed system is able to provide real-time capable and precise vehicle classification as well as cost-efficient installation and maintenance, privacy preservation and weather independence. The system performance in terms of accuracy and resource-efficiency is evaluated in the field using comprehensive measurements. Using a machine learning based approach, the resulting success ratio for classifying cars and trucks is above 99%.

In this paper, the physical layer (PHY)security performance of a dual-hop cooperative relaying in a cognitive-radio system in the presence of an eavesdropper is investigated. The dual-hop transmission is composed of an asymmetric radio frequency (RF)link and a free space optical (FSO)link. In the considered system, an unlicensed secondary user (SU)uses the spectrum which is shared by a licensed primary user (PU)in a controlled manner to keep the interference at PU receiver, below a predefined value. Furthermore, among M available relays, one relay with the best end-to-end signal-to-noise-ratio (SNR)is selected for transmission. It is assumed that all of the RF links follow Rayleigh fading and all of the FSO links follow Gamma-Gamma distribution. Simulations results for some important security metrics, such as the average secrecy capacity (SC), and secrecy outage probability (SOP)are presented, where some practical issues of FSO links such as atmospheric turbulence, and pointing errors are taken into consideration.

Density information has been used as a property of sound to restore objects in a quantitative manner in ultrasound tomography based on backscatter theory. In the traditional method, the authors only study the distorted Born iterative method (DBIM) to create density images using Tikhonov regularization. The downside is that the image quality is still low, the resolution is low, the convergence rate is not high. In this paper, we study the DBIM method to create density images using compressive sampling technique. With compressive sampling technique, the probes will be randomly distributed on the measurement system (unlike the traditional method, the probes are evenly distributed on the measurement system). This approach uses the l1 regularization to restore images. The proposed method will give superior results in image recovery quality, spatial resolution. The limitation of this method is that the imaging time is longer than the one in the traditional method, but the less number of iterations is used in this method.