Biblio

In this paper, we propose a multidimensional trust model for vehicular networks. Our model evaluates the trustworthiness of each vehicle using two main modes: 1) Direct Trust Computation DTC related to a direct connection between source and target nodes, 2) Indirect Trust Computation ITC related to indirectly communication between source and target nodes. The principal characteristics of this model are flexibility and high fault tolerance, thanks to an automatic trust scores assessment. In our extensive simulations, we use Total Cost Rate to affirm the performance of the proposed trust model.

Cyber-physical systems are vulnerable to attacks that can cause them to reach undesirable states. This paper provides a theoretical solution for increasing the resiliency of control systems through the use of a high-authority supervisor that monitors and regulates control signals sent to the actuator. The supervisor aims to determine the control signal limits that provide maximum freedom of operation while protecting the system. For this work, a cyber attack is assumed to overwrite the signal to the actuator with Gaussian noise. This assumption permits the propagation of a state covariance matrix through time. Projecting the state covariance matrix on the state space reveals a confidence ellipse that approximates the reachable set. The standard deviation is found so that the confidence ellipse is tangential to the danger area in the state space. The process is applied to ship dynamics where an ellipse in the state space is transformed to an arc in the plane of motion. The technique is validated through the simulation of a ship traveling through a narrow channel while under the influence of a cyber attack.

Most of existing audio fingerprinting systems have limitations to be used for high-specific audio retrieval at scale. In this work, we generate a low-dimensional representation from a short unit segment of audio, and couple this fingerprint with a fast maximum inner-product search. To this end, we present a contrastive learning framework that derives from the segment-level search objective. Each update in training uses a batch consisting of a set of pseudo labels, randomly selected original samples, and their augmented replicas. These replicas can simulate the degrading effects on original audio signals by applying small time offsets and various types of distortions, such as background noise and room/microphone impulse responses. In the segment-level search task, where the conventional audio fingerprinting systems used to fail, our system using 10x smaller storage has shown promising results. Our code and dataset are available at https://mimbres.github.io/neural-audio-fp/.

In this paper, we present FireBugs for Finding and Repairing Bugs based on security patterns. For the common misuse patterns of cryptography APIs (crypto APIs), we encode common cryptography rules into the pattern representations for bug detection and program repair regarding cryptography rule violations. In the evaluation, we conducted a case study to assess the bug detection capability by applying FireBugs to datasets mined from both open source and commercial projects. Also, we conducted a user study with professional software engineers at Mutual of Omaha Insurance Company to estimate the program repair capability. This evaluation showed that FireBugs can help professional engineers develop various cryptographic requirements in a resilient application.

With the continuous development of Internet technology, people pay more and more attention to private security. In particular, third-party tracking is a major factor affecting privacy security. So far, the most effective way to prevent third-party tracking is to create a blacklist. However, blacklist generation and maintenance need to be carried out manually which is inefficient and difficult to maintain. In order to generate blacklists more quickly and accurately in this era of big data, this paper proposes a machine learning system MFTrackerDetector against third-party tracking. The system is based on the theory of structural hole and only detects third-party trackers. The system consists of two subsystems, DMTrackerDetector and DFTrackerDetector. DMTrackerDetector is a JavaScript-based subsystem and DFTrackerDetector is a Flash-based subsystem. Because tracking code and non-tracking code often call different APIs, DMTrackerDetector builds a classifier using all the APIs in JavaScript as features and extracts the API features in JavaScript through dynamic analysis. Unlike static analysis method, the dynamic analysis method can effectively avoid code obfuscation. DMTrackerDetector eventually generates a JavaScript-based third-party tracker list named Jlist. DFTrackerDetector constructs a classifier using all the APIs in ActionScript as features and extracts the API features in the flash script through static analysis. DFTrackerDetector finally generates a Flash-based third-party tracker list named Flist. DFTrackerDetector achieved 92.98% accuracy in the Flash test set and DMTrackerDetector achieved 90.79% accuracy in the JavaScript test set. MFTrackerDetector eventually generates a list of third-party trackers, which is a combination of Jlist and Flist.

Application programming interfaces (APIs) are a vital part of every online business. APIs are responsible for transferring data across systems within a company or to the users through the web or mobile applications. Security is a concern for any public-facing application. The objective of this study is to analyze incoming requests to a target API and flag any malicious activity. This paper proposes a solution using sequence models to identify whether or not an API request has SQL, XML, JSON, and other types of malicious injections. We also propose a novel heuristic procedure that minimizes the number of false positives. False positives are the valid API requests that are misclassified as malicious by the model.

Formal languages are ubiquitous wherever software systems need to exchange or store data. Unparsing into and parsing from such languages is an error-prone process that has spawned an entire class of security vulnerabilities. There has been ample research into finding vulnerabilities on the parser side, but outside of language specific approaches, few techniques targeting unparser vulnerabilities exist. This work presents a language-agnostic approach for spotting injection vulnerabilities in unparsers. It achieves this by mining unparse trees using dynamic taint analysis to extract language keywords, which are leveraged for guided fuzzing. Vulnerabilities can thus be found without requiring prior knowledge about the formal language, and in fact, the approach is even applicable where no specification thereof exists at all. This empowers security researchers and developers alike to gain deeper understanding of unparser implementations through examination of the unparse trees generated by the approach, as well as enabling them to find new vulnerabilities in poorly-understood software. This work presents a language-agnostic approach for spotting injection vulnerabilities in unparsers. It achieves this by mining unparse trees using dynamic taint analysis to extract language keywords, which are leveraged for guided fuzzing. Vulnerabilities can thus be found without requiring prior knowledge about the formal language, and in fact, the approach is even applicable where no specification thereof exists at all. This empowers security researchers and developers alike to gain deeper understanding of unparser implementations through examination of the unparse trees generated by the approach, as well as enabling them to find new vulnerabilities in poorly-understood software.

Reliable group communication is an important cornerstone for various applications in the domain of Industrial Internet of Things (IIoT). Yet, despite various proposals, state-of- the-art (open) protocol stacks for IPv6-enabled Low Power and Lossy Networks (LLNs) have little to offer, regarding standardized or agreed-upon protocols for correct multicast routing, not to mention reliable multicast. We present an informal computational model, which allows us to analyze the respective candidates for multicast routing. Further, we focus on the IEEE 802.15.4/6LoWPAN stack and discuss prominent multicast routing protocols and how they fit into this model.

Low power and lossy networks (LLNs) devices resource-constrained nature make it difficult to implement security mechanisms to defend against RPL routing attacks. RPLs inbuilt security functions are not efficient in preventing a wide majority of routing attacks. RPLs optional security schemes can defend against external attacks, but cannot mitigate internal attacks. Moreover, RPL does not have any mechanism to verify the integrity of control messages used to keep topology updated and route the traffic. All these factors play a major role in increasing the RPLs threat level against routing attacks. In this paper, a comparative literature review of various researchers suggesting security mechanisms to mitigate security attacks aimed at RPL has been performed and methods have been contrasted.

In MANET's (MOBILE Adhoc Network), the origin node will communicate the target node with the help of in-between nodes by Multi-hop communication to save power [1]. Thus, the main objective in MANETs is to identify the feasible route such that the parcels of the data can be done in an organized manner. So, the nodes in the selected route are honest and reliable. However, bad behavior nodes may affect routing performance. This work aims to discover the route does not have egotistic nodes, i.e., nodes which having honest & energy are less not considered for the route between origin and target. The proposed procedure holds the input from the end-user and results in the boundary values i.e. avg. throughput, appropriateness and drop fraction of egotistic nodes were stored in a result location. After the simulation, the discovered route by using the proposed protocol improves the overall network performance for output parameters.

Most organizations use web applications for sharing resources and communication via the internet and information security is one of the biggest concerns in most organizations. Web applications are becoming vulnerable to threats and malicious attacks every day, which lead to violation of confidentiality, integrity, and availability of information assets.We have proposed and implemented a new automated tool for the identification and mitigation of Cross-Site Request Forgery (CSRF) vulnerability. A secret token pattern based has been used in the automated tool, which applies effective security mechanism on PHP based web applications, without damaging the content and its functionalities, where the authenticated users can perform web activities securely.

The recent spurt of incidents related to copyrights and security breaches has led to the monetary loss of several digital content creators and publishers. These incidents conclude that the existing system lacks the ability to uphold the integrity of their published content. Moreover, some of the digital content owners rely on third parties, results in lack of ability to provide provenance of digital media. The question that needs to be addressed today is whether modern technologies can be leveraged to suppress such incidents and regain the confidence of creators and the audience. Fortunately, this paper presents a unique framework that empowers digital content creators to have complete control over the place of its origin, accessibility and impose restrictions on unauthorized alteration of their content. This framework harnesses the power of the Ethereum platform, a part of Blockchain technology, and uses S mart Contracts as a key component empowering the creators with enhanced control of their content and the corresponding audience.

The following topics are dealt with: learning (artificial intelligence); neural nets; feature extraction; pattern classification; convolutional neural nets; computer network security; security of data; recurrent neural nets; data privacy; and cloud computing.

Within a framework for verifying parametric network protocols through induction, one needs to find invariants based on a protocol instance of a small number of nodes. In this paper, we propose a new approach to accelerate parameterized verification by adopting decision trees to represent the state space of a protocol instance. Such trees can be considered as a knowledge base that summarizes all behaviors of the protocol instance. With this knowledge base, we are able to efficiently construct an oracle to effectively assess candidates of invariants of the protocol, which are suggested by an invariant finder. With the discovered invariants, a formal proof for the correctness of the protocol can be derived in the framework after proper generalization. The effectiveness of our method is demonstrated by experiments with typical benchmarks.

Blockchain become a suitable platform for peer to peer energy trade as it facilitates secure interactions among parties with trust or a mutual trusted 3rd party. However, the scalability issue of blockchains is a problem for real-time energy trade to be completed within a small time duration. In this paper, we use offline channels for blockchains to circumvent scalability problems of blockchains for peer to peer energy trade with small trade duration. We develop algorithms to find stable coalitions for energy trade using blockchain offline channels. We prove that our solution is secure against adversarial prosumer behaviors, it supports real-time trade as the algorithm is guaranteed to find and record stable coalitions before a fixed time, and the coalition structure generated by the algorithm is efficient.

The characteristics of resource sharing and centralized deployment of network function virtualization (NFV) make the physical boundary under the traditional closed management mode disappear, bringing many new security threats to the network. To improve the security of the NFV network, this paper proposes a network function virtualization security architecture based on mimic defense. At the same time, to ensure the differences between heterogeneous entities, a genetic algorithm-based heterogeneous entities pool construction method is proposed. Simulation results show that this method can effectively guarantee the difference between heterogeneous entities and increase the difficulty of attackers.

Attacks targeting several millions of non-internet based application users are on the rise. These applications such as SMS and USSD typically do not benefit from existing multi-factor authentication methods due to the nature of their interaction interfaces and mode of operations. To address this problem, we propose an approach that augments blockchain with multi-factor authentication based on evidence from blockchain transactions combined with risk analysis. A profile of how a user performs transactions is built overtime and is used to analyse the risk level of each new transaction. If a transaction is flagged as high risk, we generate n-factor layers of authentication using past endorsed blockchain transactions. A demonstration of how we used the proposed approach to authenticate critical financial transactions in a blockchain-based asset financing platform is also discussed.

Mobile Ad Hoc Networks (MANETs) are infrastructure-less networks that are mainly used for establishing communication during the situation where wired network fails. Security related information collection is a fundamental part of the identification of attacks in Mobile Ad Hoc Networks (MANETs). A node should find accessible routes to remaining nodes for information assortment and gather security related information during route discovery for choosing secured routes. During data communication, malicious nodes enter the network and cause disturbances during data transmission and reduce the performance of the system. In this manuscript, a Time Interval Based Blockchain Model (TIBBM) for security related information assortment that identifies malicious nodes in the MANET is proposed. The proposed model builds the Blockchain information structure which is utilized to distinguish malicious nodes at specified time intervals. To perform a malicious node identification process, a Network Block Monitoring Node (NBMN) is selected after route selection and this node will monitor the blocks created by the nodes in the routing table. At long last, NBMN node understands the location of malicious nodes by utilizing the Blocks created. The proposed model is compared with the traditional malicious node identification model and the results show that the proposed model exhibits better performance in malicious node detection.

Signature-based malware detection is not always effective at detecting polymorphic variants of known malware. Malware signatures are devised to counter known threats, which also limits efficacy against new forms of malware. However, existing signatures do present the ability to classify malware based upon known malicious behavior which occurs on a victim computer. In this paper we present a method of classifying malware by family type through behavioral analysis, where the frequency of system function calls is used to fingerprint the actions of specific malware families. This in turn allows us to demonstrate a machine learning classifier which is capable of distinguishing malware by family affiliation with high accuracy.

Internet of Things (IoT) combines the internet and physical objects to transfer information among the objects. In the emerging IoT networks, providing security is the major issue. IoT device is exposed to various security issues due to its low computational efficiency. In recent years, the Intrusion Detection System valuable tool deployed to secure the information in the network. This article exposes the Intrusion Detection System (IDS) based on deep learning and machine learning to overcome the security attacks in IoT networks. Long Short-Term Memory (LSTM) and K-Nearest Neighbor (KNN) are used in the attack detection model and performances of those algorithms are compared with each other based on detection time, kappa statistic, geometric mean, and sensitivity. The effectiveness of the developed IDS is evaluated by using Bot-IoT datasets.

Energy efficiency evaluation (EEE) is a research difficulty in the field of cloud computing. The current research mainly considers the relevant energy efficiency indicators of cloud systems and weights the interrelationship between energy consumption, system performance and QoS requirements. However, it lacks a combination of subjective and objective, qualitative and quantitative evaluation method to accurately evaluate the energy efficiency of cloud systems. We propose a novel EEE method based on the QoS parameter specification for cloud systems (EEE-QoS). Firstly, it reduces the metric values that affect QoS requirements to the same dimension range and then establishes a belief rule base (BRB). The best-worst method is utilized to determine the initial weights of the premise attributes in the BRB model. Then, the BRB model parameters are optimized by the mean-square error, the activation weight is calculated, and the activation rules of the evidence reasoning algorithm are integrated to evaluate the belief of the conclusion. The quantitative and qualitative evaluation of the energy efficiency of cloud systems is realized. The experiments show that the proposed method can accurately and objectively evaluate the energy efficiency of cloud systems.

The accelerated growth of computing technologies has provided interdisciplinary teams a platform for producing innovative research at an unprecedented speed. Advanced scientific cyberinfrastructures, in particular, provide data storage, applications, software, and other resources to facilitate the development of critical scientific discoveries. Users of these environments often rely on custom developed virtual machine (VM) images that are comprised of a diverse array of open source applications. These can include vulnerabilities undetectable by conventional vulnerability scanners. This research aims to identify the installed applications, their vulnerabilities, and how they vary across images in scientific cyberinfrastructure. We propose a novel unsupervised graph embedding framework that captures relationships between applications, as well as vulnerabilities identified on corresponding GitHub repositories. This embedding is used to cluster images with similar applications and vulnerabilities. We evaluate cluster quality using Silhouette, Calinski-Harabasz, and Davies-Bouldin indices, and application vulnerabilities through inspection of selected clusters. Results reveal that images pertaining to genomics research in our research testbed are at greater risk of high-severity shell spawning and data validation vulnerabilities.

Conversational agents (CAs), often referred to as chatbots, are being widely deployed within existing commercial frameworks and online service websites. As society moves further into incorporating data rich systems, like the internet of things (IoT), into daily life, it is expected that conversational agents will take on an increasingly important role to help users manage these complex systems. In this, the concept of personality is becoming increasingly important, as we seek for more human-friendly ways to interact with these CAs. In this work a conceptual framework is proposed that considers how existing standard psychological and persona models could be mapped to different kinds of CA functionality outside of strictly dialogue. As CAs become more diverse in their abilities, and more integrated with different kinds of systems, it is important to consider how function can be impacted by the design of agent personality, whether intentionally designed or not. Based on this framework, derived archetype classes of CAs are presented as starting points that can hopefully aid designers, developers, and the curious, into thinking about how to work toward better CA personality development.

Using erasure codes increases consumption of network traffic and disk I/O tremendously when systems recover data, resulting in high latency of degraded reads. In order to mitigate this problem, we present an adaptive storage scheme based on data access skew, a fact that most data accesses are applied in a small fraction of data. In this scheme, we use both Local Reconstruction Code (LRC), whose recovery cost is low, to store frequently accessed data, and Hitchhiker (HH) code, which guarantees minimum storage cost, to store infrequently accessed data. Besides, an efficient switching algorithm between LRC and HH code with low network and computation costs is provided. The whole system will benefit from low degraded read latency while keeping a low storage overhead, and code-switching will not become a bottleneck.

The objective of the project is to structure a portable application for inspecting and putting away information through a distributed storage administration. The information is remotely put away in the cloud. In some distributed storage frameworks, the cloud record may contain some touchy data. Scrambling the entire shared record doesn't permit different clients to get to it. In the current framework the client needs to use the biometric information to guarantee the character of the client and afterward a marking key will be checked which is to ensure the personality and security of the client. The principle downside of utilizing the biometric information is that it can't be coordinated precisely because of the elements that influence the difference in biometric information. A reference id made is naturally changed over to the QR code and it is checked utilizing a scanner and the specific record is downloaded. This record whenever erased or lost in the customer's inward stockpiling it very well may be recovered again from the cloud.