Biblio

As a new service-oriented computing paradigm, cloud computing facilitates users to share and use resources. However, due to the dynamic and openness of its operating environment, only relying on traditional identity authentication technology can no longer fully meet the security requirements of cloud computing. The trust evaluation of user behavior has become the key to improve the security of cloud computing. Therefore, in view of some problems existing in our current research on user behavior trust, this paper optimizes and improves the construction of the evaluation index system and the calculation of trust value, and proposes a cloud end-user behavior trust evaluation model based on sliding window. Finally, the model is proved to be scientific and effective by simulation experiments, which has certain significance for the security protection of cloud resources.

We propose a voting ensemble of models trained by using block-wise transformed images with secret keys against black-box attacks. Although key-based adversarial defenses were effective against gradient-based (white-box) attacks, they cannot defend against gradient-free (black-box) attacks without requiring any secret keys. In the proposed ensemble, a number of models are trained by using images transformed with different keys and block sizes, and then a voting ensemble is applied to the models. Experimental results show that the proposed defense achieves a clean accuracy of 95.56 % and an attack success rate of less than 9 % under attacks with a noise distance of 8/255 on the CIFAR-10 dataset.

A modular static analysis decomposes a program's analysis into analyses of its parts, or components. An intercomponent analysis instructs an intra-component analysis to analyse each component independently of the others. Additional analyses are scheduled for newly discovered components, and for dependent components that need to account for newly discovered component information. Modular static analyses are scalable, can be tuned to a high precision, and support the analysis of programs that are highly dynamic, featuring e.g., higher-order functions or dynamically allocated processes.In this paper, we present the engineering aspects of MAF, a static analysis framework for implementing modular analyses for higher-order languages. For any such modular analysis, the framework provides a reusable inter-component analysis and it suffices to implement its intra-component analysis. The intracomponent analysis can be composed from several interdependent and reusable Scala traits. This design facilitates changing the analysed language, as well as the analysis precision with minimal effort. We illustrate the use of MAF through its instantiation for several different analyses of Scheme programs.

This paper explores a practical approach to securing large wireless networks by applying Physical Layer Security (PLS). To date, PLS has mostly been seen as an information theory concept with few practical implementations. We present an Access Point (AP) selection algorithm that uses PLS to find an AP that offers the highest secrecy capacity to a legitimate user. We then propose an implementation of this algorithm using the novel concept of spectrum programming which extends Software-Defined Networking to the physical and data-link layers and makes wireless network management and control more flexible and scalable than traditional platforms. Our Wi-Fi network evaluation results show that our approach outperforms conventional solutions in terms of security, but at the expense of communication capacity, thus identifying a trade-off between security and performance. These results encourage implementation and extension to further wireless technologies.

In the Bitcoin mining network, miners contribute computation power to solve crypto-puzzles in exchange for financial rewards. Due to the randomness and the competitiveness of mining, individual miners tend to join mining pools for low risks and steady incomes. Usually, a pool is managed by its central operator, who charges fees for providing risk-sharing services. This paper presents a hierarchical distributed computation paradigm where miners can distribute their power among multiple pools. By adding virtual pools, we separate miners’ dual roles of being the operator as well as being the member when solo mining. We formulate a multi-leader multi-follower Stackelberg game to study the joint utility maximization of pool operators and miners, thereby addressing a computation power allocation problem. We investigate two practical pool operation modes, a uniform-share-difficulty mode and a nonuniform-share-difficulty mode. We derive analytical results for the Stackelberg equilibrium of the game under both modes, based on which optimal strategies are designed for all operators and miners. Numerical evaluations are presented to verify the proposed model.

We study a game-theoretic model of the interactions between a Cyber-Physical System’s (CPS) operator (the defender) against an attacker who launches stepping-stone attacks to reach critical assets within the CPS. We consider that, in addition to optimally allocating its security budget to protect the assets, the defender may choose to modify the CPS through network design interventions. In particular, we propose and motivate four ways in which the defender can introduce additional nodes in the CPS: these nodes may be intended as additional safeguards, be added for functional or structural redundancies, or introduce additional functionalities in the system. We analyze the security implications of each of these design interventions, and evaluate their impacts on the security of an automotive network as our case study. We motivate the choice of the attack graph for this case study and elaborate how the parameters in the resulting security game are selected using the CVSS metrics and the ISO-26262 ASIL ratings as guidance. We then use numerical experiments to verify and evaluate how our proposed network interventions may be used to guide improvements in automotive security.

5G and beyond 5G low power wireless networks make Internet of Things (IoT) and Cyber-Physical Systems (CPS) applications capable of serving massive amounts of devices and machines. Due to the broadcast nature of wireless networks, it is crucial to secure the communication between these devices and machines from spoofing and interception attacks. This paper is concerned with the security of carrier frequency offset (CFO) based continuous physical layer authentication. The interaction between an attacker and a defender is modeled as a dynamic discrete leader-follower game with imperfect information. In the considered model, a legitimate user (Alice) communicates with the defender/operator (Bob) and is authorized by her CFO continuously. The attacker (Eve), by listening/eavesdropping the communication between Alice and Bob, tries to learn the CFO characteristics of Alice and aims to inject malicious packets to Bob by impersonating Alice. First, by showing that the optimal attacker strategy is a threshold policy, an optimization problem of the attacker with exponentially growing action space is reduced to a tractable integer optimization problem with a single parameter, then the corresponding defender cost is derived. Extensive simulations illustrate the characteristics of optimal strategies/utilities of the players depending on the actions, and show that the defender’s optimal false positive rate causes attack success probabilities to be in the order of 0.99. The results show the importance of the parameters while finding the balance between system security and efficiency.

The user's access history can be used as an important reference factor in determining whether to allow the current access request or not. And it is often ignored by the existing access control models. To make up for this defect, a Dynamic Trust - game theoretic Access Control model is proposed based on the previous work. This paper proposes a method to quantify the user's trust in the cloud environment, which uses identity trust, behavior trust, and reputation trust as metrics. By modeling the access process as a game and introducing the user's trust value into the pay-off matrix, the mixed strategy Nash equilibrium of cloud user and service provider is calculated respectively. Further, a calculation method for the threshold predefined by the service provider is proposed. Authorization of the access request depends on the comparison of the calculated probability of the user's adopting a malicious access policy with the threshold. Finally, we summarize this paper and make a prospect for future work.

Spear phishing emails target to specific individual or organization, they are more elaborated, targeted, and harmful than phishing emails. The attackers usually harvest information about the recipient in any available ways, then create a carefully camouflaged email and lure the recipient to perform dangerous actions. In this paper we present a new effective approach to detect spear phishing emails based on machine learning. Firstly we extracted 21 Stylometric features from email, 3 forwarding features from Email Forwarding Relationship Graph Database(EFRGD), and 3 reputation features from two third-party threat intelligence platforms, Virus Total(VT) and Phish Tank(PT). Then we made an improvement on Synthetic Minority Oversampling Technique(SMOTE) algorithm named KM-SMOTE to reduce the impact of unbalanced data. Finally we applied 4 machine learning algorithms to distinguish spear phishing emails from non-spear phishing emails. Our dataset consists of 417 spear phishing emails and 13916 non-spear phishing emails. We were able to achieve a maximum recall of 95.56%, precision of 98.85% and 97.16% of F1-score with the help of forwarding features, reputation features and KM-SMOTE algorithm.

This paper investigates what cues people use to spot a phishing email when the email is spoken back to them by the Alexa voice assistant, instead of read on a screen. We configured Alexa to read there emails to a sample of 52 participants and ask for their phishing evaluations. We also asked a control group of another 52 participants to evaluate these emails on a regular screen to compare the plausibility of phishing pretexting in voice assistant environments. The results suggest that Alexa can be used for pretexting users that lack phishing awareness to receive and act upon a relatively urgent email from an authoritative sender. Inspecting the sender (authority cue”) and relying on their personal experiences helped participants with higher phishing awareness to use Alexa towards a preliminary email screening to flag an email as potentially “phishing.”

Recently, the threats of phishing attacks have in-creased. As a countermeasure against phishing attacks, phishing detection systems using deep learning techniques have been considered. However, deep learning techniques are vulnerable to adversarial examples (AEs) that intentionally cause misclassification. When AEs are applied to a deep-learning-based phishing detection system, they pose a significant security risk. Therefore, in this paper, we assess the vulnerability of a phishing detection system by inputting AEs generated based on a dataset that consists of phishing sites’ URLs. Moreover, we consider countermeasures against AEs and clarify whether these defense methods can prevent misclassification.

Training on cues to deception is one of the promising ways of addressing humans’ poor performance in deception detection. However, the effect of training may be subject to the context of deception and the design of training. This study aims to investigate the effect of verbal cue training on the performance of phishing email detection by comparing different designs of training and examining the effect of topic familiarity. Based on the results of a lab experiment, we not only confirm the effect of training but also provide suggestions on how to design training to better facilitate the detection of phishing emails. In addition, our results also discover the effect of topic familiarity on phishing detection. The findings of this study have significant implications for the mitigation and intervention of online deception.

With the increase of the number of network threats, the knowledge graph is an effective method to quickly analyze the network threats from the mass of network security texts. Named entity recognition in network security domain is an important task to construct knowledge graph. Aiming at the problem that key Chinese entity information in network security related text is difficult to identify, a named entity recognition model in network security domain based on BERT-BiLSTM-CRF is proposed to identify key named entities in network security related text. This model adopts the BERT pre-training model to obtain the word vectors of the preceding and subsequent text information, and the obtained word vectors will be input to the subsequent BiLSTM module and CRF module for encoding and sorting. The test results show that this model has a good effect on the data set of network security domain. The recognition effect of this model is better than that of LSTM-CRF, BERT-LSTM-CRF, BERT-CRF and other models, and the F1=93.81%.

Mobile edge computing (MEC) emerges recently to help process the computation-intensive and delay-sensitive applications of resource limited mobile devices in support of MEC servers. Due to the wireless offloading, MEC faces many security challenges, like eavesdropping and privacy leakage. The anti-eavesdropping offloading or privacy preserving offloading have been studied in existing researches. However, both eavesdropping and privacy leakage may happen in the meantime in practice. In this paper, we propose a privacy preserved secure offloading scheme aiming to minimize the energy consumption, where the location privacy, usage pattern privacy and secure transmission against the eavesdropper are jointly considered. We formulate this problem as a constrained Markov decision process (CMDP) with the constraints of secure offloading rate and pre-specified privacy level, and solve it with reinforcement learning (RL). It can be concluded from the simulation that this scheme can save the energy consumption as well as improve the privacy level and security of the mobile device compared with the benchmark scheme.

In a beyond-5G (B5G) scenario, we consider a virtual private mobile network (VPMN), i.e., a set of user equipments (UEs) directly communicating in a device-to-device (D2D) fashion, and connected to the cellular network by multiple gateways. The purpose of the VPMN is to hide the position of the VPMN UEs to the mobile network operator (MNO). We investigate the design and performance of packet routing inside the VPMN. First, we note that the routing that maximizes the rate between the VPMN and the cellular network leads to an unbalanced use of the gateways by each UE. In turn, this reveals information on the location of the VPMN UEs. Therefore, we derive a routing algorithm that maximizes the VPMN rate, while imposing for each UE the same data rate at each gateway, thus hiding the location of the UE. We compare the performance of the resulting solution, assessing the location privacy achieved by the VPMN, and considering both the case of single hop and multihop in the transmissions from the UEs to the gateways.

Fitbit Versa is the most popular of its predecessors and successors in the Fitbit faction. Increasingly data stored on these smart fitness devices, their linked applications and cloud datacenters are being used for criminal convictions. There is limited research for investigators on wearable devices and specifically exploring evidence identification and methods of extraction. In this paper we present our analysis of Fitbit Versa using Cellebrite UFED and MSAB XRY. We present a clear scope for investigation and data significance based on the findings from our experiments. The data recovery will include logical and physical extractions using devices running Android 9 and iOS 12, comparing between Cellebrite and XRY capabilities. This paper discusses databases and datatypes that can be recovered using different extraction and analysis techniques, providing a robust outlook of data availability. We also discuss the accuracy of recorded data compared to planned test instances, verifying the accuracy of individual data types. The verifiable accuracy of some datatypes could prove useful if such data was required during the evidentiary processes of a forensic investigation.

In the Internet of Things, it is more important than ever to effectively address the problem of secure transmission based on steganographic substitution by synthesizing digital sensor data. In this case, the degree to which the grayscale message is obscured is a necessary issue. To ensure information security in IoT systems, various methods are used and information security problems are solved to one degree or another. The article proposes a method and algorithm for a computer image in grayscale, in which the value of each pixel is one sample, representing the amount of light, carrying only information about the intensity. The proposed method in grayscale using steganographic coding provides a secure implementation of data transmission in the IoT system. Study results were analyzed using PSNR (Peak Signal to Noise Ratio).

Internet of Things (IoT) is defined as the connection between places and physical objects (i.e., things) over the internet/network via smart computing devices. IoT is a rapidly emerging paradigm that now encompasses almost every aspect of our modern life. As such, it is crucial to ensure IoT devices follow strict security requirements. At the same time, the prevalence of IoT devices offers developers a chance to design and develop Machine Learning (ML)-based intelligent software systems using their IoT devices. However, given the diversity of IoT devices, IoT developers may find it challenging to introduce appropriate security and ML techniques into their devices. Traditionally, we learn about the IoT ecosystem/problems by conducting surveys of IoT developers/practitioners. Another way to learn is by analyzing IoT developer discussions in popular online developer forums like Stack Overflow (SO). However, we are aware of no such studies that focused on IoT developers’ security and ML-related discussions in SO. This paper offers the results of preliminary study of IoT developer discussions in SO. First, we collect around 53K IoT posts (questions + accepted answers) from SO. Second, we tokenize each post into sentences. Third, we automatically identify sentences containing security and ML-related discussions. We find around 12% of sentences contain security discussions, while around 0.12% sentences contain ML-related discussions. There is no overlap between security and ML-related discussions, i.e., IoT developers discussing security requirements did not discuss ML requirements and vice versa. We find that IoT developers discussing security issues frequently inquired about how the shared data can be stored, shared, and transferred securely across IoT devices and users. We also find that IoT developers are interested to adopt deep neural network-based ML models into their IoT devices, but they find it challenging to accommodate those into their resource-constrained IoT devices. Our findings offer implications for IoT vendors and researchers to develop and design novel techniques for improved security and ML adoption into IoT devices.

Decentralized Identifiers (DIDs) and Self-Sovereign Identity (SSI) are emerging decentralized identity solutions. DIDs allow legal entities like organizations to create and fully control their identifiers while building the necessary infrastructure for SSI, enabling entities like persons, organizations, or machines to fully control and own their digital identities without the involvement of an intermediate central authority. DIDs are identifiers that are used to reference entities unambiguously and, together with DID Documents stored in a verifiable data registry, establish a new, decentralized public-key infrastructure. An SSI-based digital identity may be composed of many different claims certified by an issuer. Examples are the identity holder’s name, age, gender, university degree, driving license, or other attributes. What makes SSI unique compared to other identity management solutions is that the users keep their digital identities in storage of their choice and thus determine their distribution and processing.With this privacy-by-design approach, the emergence of DIDs and SSI can shape the architecture of the future Internet and its applications, which will impact the future of mobile networks. While 5G networks are currently being rolled out, a discussion about the new capabilities of 6G networks, which are still in the distant future, has long since begun. In addition to even faster access, shorter delays, and new applications, features such as human-centricity, data protection, and privacy are being addressed in particular in the discussions. These latter points make DIDs, SSI, and related concepts and architectures promising candidates for 6G adoption.The talk gives a brief introduction to DIDs and SSI and then discusses the benefits and drawbacks the integration of these technologies into 6G may have. Furthermore, the talk identifies different use cases and identifies the system components and functions of cellular networks affected by a 6G integration.

With smart vehicles interconnected with multiple systems and other entities, whether they are people or IoT devices, the importance of a digital identity for them has emerged. We present in this paper how a Self-Sovereign Identities combined with blockchain can provide a solution to this end, in order to decentralize the identity management and provide them with capabilities to identify the other entities they interact with. Such entities can be the owners of the vehicles, other drivers and workshops that act as service providers. Two use cases are examined along with the interactions between the participants, to demonstrate how a decentralized identity management solution can take care of the necessary authentication and authorization processes. Finally, we test the system and provide the measurements to prove its feasibility in real-life deployments.

Existing digital identity management systems fail to deliver the desirable properties of control by the users of their own identity data, credibility of disclosed identity data, and network-level anonymity. The recently proposed Self-Sovereign Identity (SSI) approach promises to give users these properties. However, we argue that without addressing privacy at the network level, SSI systems cannot deliver on this promise. In this paper we present the design and analysis of our solution TCID, created in collaboration with the Dutch government. TCID is a system consisting of a set of components that together satisfy seven functional requirements to guarantee the desirable system properties. We show that the latency incurred by network-level anonymization in TCID is significantly larger than that of identity data disclosure protocols but is still low enough for practical situations. We conclude that current research on SSI is too narrowly focused on these data disclosure protocols.

Cyber Threat Intelligence (CTI) sharing platforms are valuable tools in cybersecurity. However, despite the fact that effective CTI exchange highly depends on human aspects, cyber behavior in CTI sharing platforms has been notably less investigated by the security research community.Motivated by this research gap, we ground our work in the concrete challenge of understanding users’ perceptions of information sharing in CTI platforms. To this end, we propose a conceptual workflow and toolchain that would seek to verify whether users have an accurate comprehension of how far information travels when shared in a CTI sharing platform.We contextualize our concept within MISP as a use case, and discuss the benefits of our socio-technical approach as a potential tool for security analysis, simulation, or education/training support. We conclude with a brief outline of future work that would seek to evaluate and validate the proposed model.

System logs record valuable information about the runtime status of IT systems. Therefore, system logs are a naturally excellent source of information for anomaly detection. Most of the existing studies on log-based anomaly detection construct a detection model to identify anomalous logs. Generally, the model treats historical logs as natural language sequences and learns the normal patterns from normal log sequences, and detects deviations from normal patterns as anomalies. However, the majority of existing methods focus on sequential and quantitative information and ignore semantic information hidden in log sequence so that they are inefficient in anomaly detection. In this paper, we propose a novel framework for automatically detecting log anomalies by utilizing an attention-based Bi-LSTM model. To demonstrate the effectiveness of our proposed model, we evaluate the performance on a public production log dataset. Extensive experimental results show that the proposed approach outperforms all comparison methods for anomaly detection.

Cyber security is reliant on the actions of both machine and human and remains a domain of importance and continual evolution. While the study of human behavior has grown, less attention has been paid to the adversarial operator. Cyber environments consist of complex and dynamic situations where decisions are made with incomplete information. In such scenarios people form strategies based on simplified models of the world and are often efficient and effective, yet may result in judgement or decision-making bias. In this paper, we examine an initial list of biases affecting adversarial cyber actors. We use subject matter experts to derive examples and demonstrate these biases likely exist, and play a role in how attackers operate.

The need for cyber defense research is growing as more cyber-attacks are directed at critical infrastructure and other sensitive networks. Traditionally, the focus has been on hardening system defenses. However, other techniques are being explored including cyber and psychological deception which aim to negatively impact the cognitive and emotional state of cyber attackers directly through the manipulation of network characteristics. In this study, we present a preliminary analysis of survey data collected following a controlled experiment in which over 130 professional red teamers participated in a network penetration task that included cyber deception and psychological deception manipulations [7]. Thematic and inductive analysis of previously un-analyzed open-ended survey responses revealed factors associated with affective states. These preliminary results are a first step in our analysis efforts and show that there are potentially several distinct dimensions of cyber-behavior that induce negative affective states in cyber attackers, which may serve as potential avenues for supplementing traditional cyber defense strategies.