Biblio

Adaptive honeypots are being widely proposed as a more powerful alternative to the traditional honeypot model. Just as with typical honeypots, however, one of the most important concerns of an adaptive honeypot is environment deception in order to make sure an adversary cannot fingerprint the honeypot. The threat of fingerprinting hints at a greater underlying concern, however; this being that honeypots are only effective because an adversary does not know that the environment on which they are operating is a honeypot. What has not been widely discussed in the context of adaptive honeypots is that they actually have an inherently increased level of susceptibility to this threat. Honeypots not only bear increased risks when an adversary knows they are a honeypot rather than a native system, but they are only effective as adaptable entities if one does not know that the honeypot environment they are operating on is adaptive as wekk. Thus, if adaptive honeypots become commonplace - or, instead, if attackers even have an inkling that an adaptive honeypot may exist on any given network, a new attack which could develop is a “blind confusion attack”; a form of connection which simply makes an assumption all environments are adaptive honeypots, and instead of attempting to perform a malicious strike on a given entity, opts to perform non-malicious behavior in specified and/or random patterns to confuse an adaptive network's learning.

The rapid development of the Industry 4.0 initiative highlights the problems of Cyber-security of Industrial Computer Systems and, following global trends in Cyber Defense, the implementation of Artificial Intelligence instruments. The authors, having certain achievement in the implementation of Artificial Intelligence tools in Cyber Protection of Information Systems and, more precisely, creating and successfully experimenting with a hybrid model of Intrusion Detection and Prevention System (IDPS), decided to study and experiment with the possibility of applying a similar model to Industrial Control Systems. This raises the question: can the experience of applying Artificial Intelligence methods in Information Systems, where this development went beyond the experimental phase and has entered into the real implementation phase, be useful for experimenting with these methods in Industrial Systems.

How to develop AI systems that can explain how they made decisions is one of the important and hot topics today. Inspired by the dual-process theory in psychology, this paper proposes a human-in-the-loop approach to develop System-2 AI that makes an inference logically and outputs interpretable explanation. Our proposed method first asks crowd workers to raise understandable features of objects of multiple classes and collect training data from the Internet to generate classifiers for the features. Logical decision rules with the set of generated classifiers can explain why each object is of a particular class. In our preliminary experiment, we applied our method to an image classification of Asian national flags and examined the effectiveness and issues of our method. In our future studies, we plan to combine the System-2 AI with System-1 AI (e.g., neural networks) to efficiently output decisions.

The design of public-key cryptography algorithm based on LWE hard problem is a hot topic in the field of post-quantum cryptography. In this paper, we design a new homomorphic encryption algorithm based on LWE problem. Firstly, to solve the problem that the existing encryption algorithms can only encrypt a single 0 or 1 bit, a new encryption algorithm based on LWE over integer is proposed, and its correctness and security are proved by theoretical analysis. Secondly, an additive homomorphism algorithm is constructed based on the algorithm, and the correctness of the algorithm is proved. The homomorphism algorithm can carry out multi-level homomorphism addition under certain parameters. Finally, the public key cryptography algorithm and homomorphic encryption algorithm are simulated through experiments, which verifies the correctness of the algorithm again, and compares the efficiency of the algorithm with existing algorithms. The experimental data shows that the algorithm has certain efficiency advantages.

In new technological world pervasive computing plays the important role in data computing and communication. The pervasive computing provides the mobile environment for decentralized computational services at anywhere, anytime at any context and location. Pervasive computing is flexible and makes portable devices and computing surrounded us as part of our daily life. Devices like Laptop, Smartphones, PDAs, and any other portable devices can constitute the pervasive environment. These devices in pervasive environments are worldwide and can receive various communications including audio visual services. The users and the system in this pervasive environment face the challenges of user trust, data privacy and user and device node identity. To give the feasible determination for these challenges. This paper aims to propose a dynamic learning in pervasive computing environment refer the challenges proposed efficient security model (ESM) for trustworthy and untrustworthy attackers. ESM model also compared with existing generic models; it also provides better accuracy rate than existing models.

A smart home provides better living environment by allowing remote Internet access for controlling the home appliances and devices. Security of smart homes is an important application area commonly using Passive Infrared Sensors (PIRs), image capture and analysis but such solutions sometimes fail to detect an event. An unambiguous person detection is important for security applications so that no event is missed and also that there are no false alarms which result in waste of resources. Cloud platforms provide deep learning and IoT services which can be used to implement an automated and failsafe security application. In this paper, we demonstrate reliable person detection for indoor and outdoor scenarios by integrating an application running on an edge device with AWS cloud services. We provide results for identifying a person before authorizing entry, detecting any trespassing within the boundaries, and monitoring movements within the home.

Recently, federated learning (FL), as an advanced and practical solution, has been applied to deal with privacy-preserving issues in distributed multi-party federated modeling. However, most existing FL methods focus on the same privacy-preserving budget while ignoring various privacy requirements of participants. In this paper, we for the first time propose an algorithm (PLU-FedOA) to optimize the deep neural network of horizontal FL with personalized local differential privacy. For such considerations, we design two approaches: PLU, which allows clients to upload local updates under differential privacy-preserving of personally selected privacy level, and FedOA, which helps the server aggregates local parameters with optimized weight in mixed privacy-preserving scenarios. Moreover, we theoretically analyze the effect on privacy and optimization of our approaches. Finally, we verify PLU-FedOA on real-world datasets.

With big data and artificial intelligence, we conduct the research of the buyers' identification and involvement, and their investments such as time, experience and consultation in various channels are analyzed and iterated. We establish a set of AI channel governance system with the functions of members' behavior monitoring, transaction clearing and deterrence; Through the system, the horizontal spillover effect of their behavior is controlled. Thus, their unfair perception can be effectively reduced and the channel performance can be improved as well.

Deep learning has been used in a wide range of applications like computer vision, natural language processing and image detection. The advancement in deep learning algorithms in image detection and manipulation has led to the creation of deepfakes, deepfakes use deep learning algorithms to create fake images that are at times very hard to distinguish from real images. With the rising concern around personal privacy and security, Many methods to detect deepfake images have emerged, in this paper the use of deep learning for creating as well as detecting deepfakes is explored, this paper also propose the use of deep learning image enhancement method to improve the quality of deepfakes created.

The goal of this study is to find whether exposure to Deepfake videos makes people better at detecting Deepfake videos and whether it is a better strategy against fighting Deepfake. For this study a group of people from Bangladesh has volunteered. This group were exposed to a number of Deepfake videos and asked subsequent questions to verify improvement on their level of awareness and detection in context of Deepfake videos. This study has been performed in two phases, where second phase was performed to validate any generalization. The fake videos are tailored for the specific audience and where suited, are created from scratch. Finally, the results are analyzed, and the study’s goals are inferred from the obtained data.

The fusion of infrared and visible images using traditional multi-scale decomposition methods often leads to the loss of detailed information or the blurring of image edges, which is because the contour information and the detailed information within the contour cannot be retained simultaneously in the fusion process. To obtain high-quality fused images, a hybrid multi-scale decomposition fusion method using co-occurrence and Gaussian filters is proposed in this research. At first, by making full use of the smoothing effect of the Gaussian filter and edge protection characteristic of the co-occurrence filter, source images are decomposed into multiple hierarchical structures with different characteristics. Then, characteristics of sub-images at each level are analyzed, and the corresponding fusion rules are designed for images at different levels. At last, the final fused image obtained by combining fused sub-images of each level has rich scene information and clear infrared targets. Compared with several traditional multi-scale fusion algorithms, the proposed method has great advantages in some objective evaluation indexes.

Unit Commitment (UC) problem is one of the most fundamental constrained optimization problems in the planning and operation of electric power systems and electricity markets. Solving a large-scale UC problem requires a lot of computational effort which can be improved using data driven approaches. In practice, a UC problem is solved multiple times a day with only minor changes in the input data. Hence, this aspect can be exploited by using the historical data to solve the problem. In this paper, an Artificial Intelligence (AI) based approach is proposed to solve a Security Constrained UC problem. The proposed algorithm was tested through simulations on a 4-bus power system and satisfactory results were obtained. The results were compared with those obtained using IBM CPLEX MIQP solver.

Cross-site scripting (XSS) attack is a kind of code injection that allows an attacker to inject malicious scripts code into a trusted web application. When a user tries to request the injected web page, he is not aware that the malicious script code might be affecting his computer. Nowadays, attackers are targeting the web applications that holding a sensitive data (e.g., bank transaction, e-mails, healthcare, and e-banking) to steal users' information and gain full access to the data which make the web applications to be more vulnerable. In this research, we applied three approaches to find a solution to this most challenging attacks issues. In the first approach, we implemented Random Forest (RF), Logistic Regression (LR), k-Nearest Neighbors (k-NN), and Support Vector Machine (SVM) algorithms to discover and classify XSS attack. In the second approach, we implemented the Content Security Policy (CSP) approach to detect XSS attacks in real-time. In the last approach, we propose a new approach that combines the Web Application Firewall (WAF), Intrusion Detection System (IDS), and Intrusion Prevention System (IPS) to detect and prevent XSS attack in real-time. Our experiment results demonstrated the high performance of AI algorithms. The CSP approach shows the results for the detection system report in real-time. In the third approach, we got more expected system results that make our third model system a more powerful tool to address this research problem than the other two approaches.

The security and privacy concerns along with the amount of data that is required to be processed on regular basis has pushed processing to the edge of the computing systems. Deploying advanced Neural Networks (NN), such as deep neural networks (DNNs) and spiking neural networks (SNNs), that offer state-of-the-art results on resource-constrained edge devices is challenging due to the stringent memory and power/energy constraints. Moreover, these systems are required to maintain correct functionality under diverse security and reliability threats. This paper first discusses existing approaches to address energy efficiency, reliability, and security issues at different system layers, i.e., hardware (HW) and software (SW). Afterward, we discuss how to further improve the performance (latency) and the energy efficiency of Edge AI systems through HW/SW-level optimizations, such as pruning, quantization, and approximation. To address reliability threats (like permanent and transient faults), we highlight cost-effective mitigation techniques, like fault-aware training and mapping. Moreover, we briefly discuss effective detection and protection techniques to address security threats (like model and data corruption). Towards the end, we discuss how these techniques can be combined in an integrated cross-layer framework for realizing robust and energy-efficient Edge AI systems.

In this paper, we present a theoretical approach concerning the econometric modelling for the estimation of cyber-security risk, with the use of time-series analysis methods and alternatively with Machine Learning (ML) based, deep learning methodology. Also we present work performed in the framework of SAINT H2020 Project [1], concerning innovative data mining techniques, based on automated web scrapping, for the retrieving of the relevant time-series data. We conclude with a review of emerging challenges in cyber-risk assessment brought by the rapid development of adversarial AI.

This paper discusses DDoS attacks, their current threat level and IDS systems, which are one of the main tools to protect against them. It focuses on the problems encountered by IDS systems in detecting DDoS attacks and the difficulties and challenges of integrating them with artificial intelligence systems today.

The rapid rise of the Dark Web and supportive technologies has served as the backbone facilitating online illegal activity worldwide. These illegal activities supported by anonymisation technologies such as Tor has made it increasingly elusive to law enforcement agencies. Despite several successful law enforcement operations, illegal activity on the Dark Web is still growing. There are approaches to monitor, mine, and research the Dark Web, all with varying degrees of success. Given the complexity and dynamics of the services offered, we recognize the need for in depth analysis of the Dark Web with regard to its infrastructures, actors, types of abuse and their relationships. This involves the challenging task of information extraction from the very heterogeneous collection of web pages that make up the Dark Web. Most providers develop their services on top of standard frameworks such as WordPress, Simple Machine Forum, phpBB and several other frameworks to deploy their services. As a result, these service providers publish significant number of pages based on similar structural and stylistic templates. We propose an efficient, scalable, repeatable and accurate approach to cluster Dark Web pages based on those structural and stylistic features. Extracting relevant information from those clusters should make it feasible to conduct in depth Dark Web analysis. This paper presents our clustering algorithm to accelerate information extraction, and as a result improve attribution of digital traces to infrastructures or individuals in the fight against cyber crime.

Artificial intelligence technology is becoming more active in all areas of our lives day by day. This technology affects our daily life by more developing in areas such as industry 4.0, security and education. Deep reinforcement learning is one of the most developed algorithms in the field of artificial intelligence. In this study, it is aimed that three different robots in a limited area learn to move without hitting each other, fixed obstacles and the boundaries of the field. These robots have been trained using the deep reinforcement learning approach and Proximal policy optimization (PPO) policy. Instead of uses value-based methods with the discrete action space, PPO that can easily manipulate the continuous action field and successfully determine the action of the robots has been proposed. PPO policy achieves successful results in multi-agent problems, especially with the use of the Actor-Critic network. In addition, information is given about environment control and learning approaches for swarm behavior. We propose parameter sharing and behavior-based method for this study. Finally, trained model is recorded and tested in 9 different environments where the obstacles are located differently. With our method, robots can perform their tasks in closed environments in the real world without damaging anyone or anything.

Securing communication between any two wireless devices or users is challenging without compromising sensitive/personal data. To address this problem, we have developed an artificial intelligence (AI) algorithm to secure communication on virtualized wireless networks. To detect cyberattacks in a virtualized environment is challenging compared to traditional wireless networks setting. However, we successfully investigate an efficient cyberattack detection algorithm using an AI algorithm in a Bayesian learning model for detecting cyberattacks on the fly. We have studied the results of Random Forest and deep neural network (DNN) models to detect the cyberattacks on a virtualized wireless network, having considered the required transmission power as a threshold value to classify suspicious activities in our model. We present both formal mathematical analysis and numerical results to support our claims. The numerical results show our accuracy in detecting cyberattacks in the proposed Bayesian model is better than Random Forest and DNN models. We have also compared both models in terms of detection errors. The performance comparison results show our proposed approach outperforms existing approaches in detection accuracy, precision, and recall.

Advances in information and communication technologies – global Internet, social media, Internet of Things, and a range of related science-driven innovations and generative and emergent technologies – continue to shape a dynamic communication and information ecosystem for which there is no precedent. These advances are powerful in many ways. Foremost among these in terms of salience, ubiquity, pervasiveness, and expansion in scale and scope is the broad area of artificial intelligence. They have created a new global ecology; yet they remain opaque and must be better understood—an ecology of “knowns” that is evolving in ways that remain largely “unknown.” Especially compelling is the acceleration of Artificial Intelligence – in all its forms – with far-ranging applications shaping a new global ecosystem for which there is no precedent. This chapter presents a brief view of the most pressing challenges, articulates the logic for worldwide agreement to retain the rule of law in the international system, and presents salient features of an emergent International Accord on Artificial Intelligence. The Framework for Artificial Intelligence International Accord (AIIA) is an initial response to this critical gap in the system of international rules and regulations.

Controller area network is the serial communication protocol, which broadcasts the message on the CAN bus. The transmitted message is read by all the nodes which shares the CAN bus. The message can be eavesdropped and can be re-used by some other node by changing the information or send it by duplicate times. The message reused after some delay is replay attack. In this paper, the CAN network with three CAN nodes is implemented using the universal verification components and the replay attack is demonstrated by creating the faulty node. Two types of replay attack are implemented in this paper, one is to replay the entire message and the other one is to replay only the part of the frame. The faulty node uses the first replay attack method where it behaves like the other node in the network by duplicating the identifier. CAN frame except the identifier is reused in the second method which is hard to detect the attack as the faulty node uses its own identifier and duplicates only the data in the CAN frame.

Cyber-defense systems are being developed to automatically ingest Cyber Threat Intelligence (CTI) that contains semi-structured data and/or text to populate knowledge graphs. A potential risk is that fake CTI can be generated and spread through Open-Source Intelligence (OSINT) communities or on the Web to effect a data poisoning attack on these systems. Adversaries can use fake CTI examples as training input to subvert cyber defense systems, forcing their models to learn incorrect inputs to serve the attackers' malicious needs. In this paper, we show how to automatically generate fake CTI text descriptions using transformers. Given an initial prompt sentence, a public language model like GPT-2 with fine-tuning can generate plausible CTI text that can mislead cyber-defense systems. We use the generated fake CTI text to perform a data poisoning attack on a Cybersecurity Knowledge Graph (CKG) and a cybersecurity corpus. The attack introduced adverse impacts such as returning incorrect reasoning outputs, representation poisoning, and corruption of other dependent AI-based cyber defense systems. We evaluate with traditional approaches and conduct a human evaluation study with cyber-security professionals and threat hunters. Based on the study, professional threat hunters were equally likely to consider our fake generated CTI and authentic CTI as true.

Aiming at the fact that the existing feature quantities cannot well identify the magnetizing inrush current during remanence and bias and the huge number of feature quantities, a new identification method using empirical mode decomposition energy index and artificial intelligence algorithm is proposed in 'this paper. Decomposition and denoising are realized through empirical mode decomposition, and then the corresponding energy index is obtained for the waveform of each inherent modal component and simplified by the mean impact value method. Finally, the accuracy of prediction using artificial intelligence algorithm is close to 100%. This reflects the practicality of the method proposed in 'this article.

Reusability is demarcated as the way of utilizing existing software components in software development. It plays a significant role in component-based software engineering. Extracting the components from the source code and checking the reusability factors is the most crucial part. Software Intelligence, a combination of data mining and artificial intelligence, helps to cope with the extraction and detection of reusability factor of the component. In this work prediction of reusability factor is considered. This paper proposes a hybrid PSO-NSGA III approach to detect whether the extracted component is reusable or not. The existing models lack in tuning the hyper parameters for prediction, which is considered in this work. The proposed approach was compared with four models, showing better outcomes in terms of performance metrics.

The envisioned massive deployment of network slices in 5G and beyond mobile systems makes the shift towards zero-touch, scalable and secure slice lifecycle management a necessity. This is to harvest the benefits of network slicing in enabling profitable services. These benefits will not be attained without ensuring a high level security of the created network slices and the underlying infrastructure, above all in a zero-touch automated fashion. In this vein, this paper presents the architecture of an innovative network slicing security orchestration framework, being developed within the EU H2020 MonB5G project. The framework leverages the potential of Security as a Service (SECaaS) and Artificial Intelligence (AI) to foster fully-distributed, autonomic and fine-grained management of network slicing security from the node level to the end-to-end and inter-slice levels.