Biblio

Biometrics as a means of personal authentication has demonstrated strong viability in the past decade. However, directly deriving a unique cryptographic key from biometric data is a non-trivial task due to the fact that biometric data is usually noisy and presents large intra-class variations. Moreover, biometric data is permanently associated with the user, which leads to security and privacy issues. Cancellable biometrics and bio-cryptosystem are two main branches to address those issues, yet both approaches fall short in terms of accuracy performance, security, and privacy. In this paper, we propose a Bio-Crypto system on fingerprint Cancellable template (Bio-CanCrypto), which bridges cancellable biometrics and bio-cryptosystem to achieve a middle-ground for alleviating the limitations of both. Specifically, a cancellable transformation is applied on a fixed-length fingerprint feature vector to generate cancellable templates. Next, an LDPC coding mechanism is introduced into a reusable fuzzy extractor scheme and used to extract the stable cryptographic key from the generated cancellable templates. The proposed system can achieve both cancellability and reusability in one scheme. Experiments are conducted on a public fingerprint dataset, i.e., FVC2002. The results demonstrate that the proposed LDPC coded reusable fuzzy extractor is effective and promising.

Modern malware indicators utilized by the current top threat feeds are easily bypassed and generated through enigmatic methods, leading to a lack of detection capabilities for cyber defenders. Static hash-based algorithms such as MD5 or SHA generate indicators that are rendered obsolete by modifying a single byte of the source file. Conversely, fuzzy hash-based algorithms such as SSDEEP and TLSH are more robust to alterations of source information; however, these methods often utilize context boundaries that are hard to define or not based on meaningful information. In previous work, a custom binary analysis tool was created called @DisCo. In this study, four current ransomware campaigns were analyzed using TLSH fuzzy hashing and the @DisCo tool. While TLSH works on the binary level of the entire program, @DisCo works at an intermediate function level. The results from each analysis method were compared to provide validation between the two as well as introduce a narrative for using combinations of these types of methods for the creation of stronger indicators of compromise.

We use discrete-time adaptive control theory to design a novel false data injection (FDI) attack against automatic generation control (AGC), a critical system that maintains a power grid at its requisite frequency. FDI attacks can cause equipment damage or blackouts by falsifying measurements in the streaming sensor data used to monitor the grid's operation. Compared to prior work, the proposed attack (i) requires less knowledge on the part of the attacker, such as correctly forecasting the future demand for power; (ii) is stealthier in its ability to bypass standard methods for detecting bad sensor data and to keep the false sensor readings near historical norms until the attack is well underway; and (iii) can sustain the frequency excursion as long as needed to cause real-world damage, in spite of AGC countermeasures. We validate the performance of the proposed attack on realistic 37-bus and 118-bus setups in PowerWorld, an industry-strength power system simulator trusted by real-world operators. The results demonstrate the attack's improved stealthiness and effectiveness compared to prior work.

Many popular metrics used for the quantification of the quality or complexity of a codebase (e.g. cyclomatic complexity) were developed in the 1970s or 1980s when source code sizes were significantly smaller than they are today, and before a number of modern programming language features were introduced in different languages. Thus, the many thresholds that were suggested by researchers for deciding whether a given function is lacking in a given quality dimension need to be updated. In the pursuit of this goal, we study a number of open-source high-performance codes, each of which has been in development for more than 15 years—a characteristic which we take to imply good design to score them in terms of their source codes' quality and to relax the above-mentioned thresholds. First, we employ the LLVM/Clang compiler infrastructure and introduce a Clang AST tool to gather AST-based metrics, as well as an LLVM IR pass for those based on a source code's static call graph. Second, we perform statistical analysis to identify the reference thresholds of 22 code quality and callgraph-related metrics at a fine grained level.

Centrality measures on graphs have found applications in a large number of domains including modeling the spread of an infection/disease, social network analysis, and transportation networks. As a result, parallel algorithms for computing various centrality metrics on graphs are gaining significant research attention in recent years. In this paper, we study parallel algorithms for the percolation centrality measure which extends the betweenness-centrality measure by incorporating a time dependent state variable with every node. We present parallel algorithms that compute the source-based and source-destination variants of the percolation centrality values of nodes in a network. Our algorithms extend the algorithm of Brandes, introduce optimizations aimed at exploiting the structural properties of graphs, and extend the algorithmic techniques introduced by Sariyuce et al. [26] in the context of centrality computation. Experimental studies of our algorithms on an Intel Xeon(R) Silver 4116 CPU and an Nvidia Tesla V100 GPU on a collection of 12 real-world graphs indicate that our algorithmic techniques offer a significant speedup.

The fifth-generation (5G) mobile telecom network has been garnering interest in both academia and industry, with better flexibility and higher performance compared to previous generations. Along with functionality improvements, new attack vectors also made way. Network operators and regulatory organizations wish to have a more precise idea about the security posture of 5G environments. Meanwhile, various security metrics for IT environments have been around and attracted the community’s attention. However, 5G-specific factors are less taken into consideration.This paper considers such 5G-specific factors to identify potential gaps if existing security metrics are to be applied to the 5G environments. In light of the layered nature and multi-ownership, the paper proposes a new approach to the modular computation of security metrics based on cross-layer projection as a means of information sharing between layers. Finally, the proposed approach is evaluated through simulation.

The presence of experts, such as a data protection officer (DPO) and a privacy engineer is essential in Privacy Requirements Engineering. This task is carried out in various forms including threat modeling and privacy impact assessment. The knowledge required for performing privacy threat modeling can be a serious challenge for a novice privacy engineer. We aim to bridge this gap by developing an automated approach via machine learning that is able to detect privacy-related entities in the user stories. The relevant entities include (1) the Data Subject, (2) the Processing, and (3) the Personal Data entities. We use a state-of-the-art Named Entity Recognition (NER) model along with contextual embedding techniques. We argue that an automated approach can assist agile teams in performing privacy requirements engineering techniques such as threat modeling, which requires a holistic understanding of how personally identifiable information is used in a system. In comparison to other domain-specific NER models, our approach achieves a reasonably good performance in terms of precision and recall.

The fusion of peer-to-peer (P2P) fog network and the traditional three-tier fog computing architecture allows fog devices to conjointly pool their resources together for improved service provisioning and better bandwidth utilization. However, any unauthorized access to the fog network may have calamitous consequences. In this paper, a new lightweight two-party authenticated and key agreement (AKA) protocol is proposed for fog-to-fog collaboration. The security analysis of the protocol reveals that it is resilient to possible attacks. Moreover, the validation of the protocol conducted using the broadly-accepted Automated Verification of internet Security Protocols and Applications (AVISPA) shows that it is safe for practical deployment. The performance evaluation in terms of computation and communication overheads demonstrates its transcendence over the state-of-the-art protocols.

Fog computing plays a critical role in the provisioning of computing tasks in the context of Internet of Things (IoT) services. However, the security of IoT services against breaches and attacks relies heavily on the security of fog resources, which must be properly implemented and managed. Increasing security investments and integrating the security aspect into the core processes and operations of fog computing including resource management will increase IoT service protection as well as the trustworthiness of fog service providers. However, this requires careful modeling of the security requirements of IoT services as well as theoretical and experimental evaluation of the tradeoff between security and performance in fog infrastructures. To this end, this paper explores a new model for fog resource allocation according to security and Quality of Service (QoS). The problem is modeled as a multi-objective linear optimization problem and solved using conventional, off-the-shelf optimizers by applying the preemptive method. Specifically, two objective functions were defined: one representing the satisfaction of the security design requirements of IoT services and another that models the communication delay among the different virtual machines belonging to the same service request, which might be deployed on different intermediary fog nodes. The simulation results show that the optimization is efficient and achieves the required level of scalability in fog computing. Moreover, a tradeoff needs to be pondered between the two criteria during the resource allocation process.

With the rapid improvement of China's industrial production level, there are an increasing number of industrial enterprises and kinds of products. The quality and safety supervision of industrial products is an important step to ensure people's livelihood safety. The current supervision includes a number of processes, such as risk monitoring, public opinion analysis, supervision, spot check and postprocessing. The lack of effective information integration and sharing between the above processes cannot support the implementation of whole-chain regulation well. This paper proposes a whole-chain supervision method of industrial product quality and safety based on a knowledge graph, which integrates massive and complex data of the whole chain and visually displays the relationships between entities in the regulatory process. This method can effectively solve the problem of information islands and track and locate the quality problems of large-scale industrial products.

{With the rapid development of economic globalization, cooperation between countries, between enterprises, has become a key factor whether country and enterprises can make great economic progress. In these cooperation processes, it is necessary to trace the source of business data or log data for auditing and accountability. However, multi-party enterprises participating in cooperation often do not trust each other, and the separate accounting of the enterprises leads to isolated islands of information, which makes it difficult to trace the entire life cycle of the data. Therefore, there is an urgent need for a mechanism that can establish distributed trustworthiness among multiparty organizations that do not trust each other, and provide a tamper-resistant data storage mechanism to achieve credible traceability of data. This work proposes a data traceability platform architecture design plan for supply chain management based on the multi-disciplinary knowledge and technology of the Fabric Alliance chain architecture, perceptual identification technology, and cryptographic knowledge. At the end of the paper, the characteristics and shortcomings of data traceability of this scheme are evaluated.

Supply chain security threats pose new challenges to security risk modeling techniques for complex ICT systems such as the IoT. With established techniques drawn from attack trees and reliability analysis providing needed points of reference, graph-based analysis can provide a framework for considering the role of suppliers in such systems. We present such a framework here while highlighting the need for a component-centered model. Given resource limitations when applying this model to existing systems, we study various classes of uncertainties in model development, including structural uncertainties and uncertainties in the magnitude of estimated event probabilities. Using case studies, we find that structural uncertainties constitute a greater challenge to model utility and as such should receive particular attention. Best practices in the face of these uncertainties are proposed.

With the development of cloud computing, remote attestation of virtual machines has received extensive attention. However, the current schemes mainly concentrate on the single prover, and the attestation of a large-scale virtualization environment will cause TPM bottleneck and network congestion, resulting in low efficiency of attestation. This paper proposes CloudTA, an extensible remote attestation architecture. CloudTA groups all virtual machines on each cloud server and introduces an integrity measurement group (IMG) to measure virtual machines and generate trusted evidence by a group. Subsequently, the cloud server reports the physical platform and VM group's trusted evidence for group verification, reducing latency and improving efficiency. Besides, CloudTA designs a hybrid high concurrency communication framework for supporting remote attestation of large-scale virtual machines by combining active requests and periodic reports. The evaluation results suggest that CloudTA has good efficiency and scalability and can support remote attestation of ten thousand virtual machines.

Identification of source code authorship is vital for attribution. In this work, a machine learning framework is described to identify source code authorship. The framework integrates the features extracted using natural language processing based approaches and abstract syntax tree of the code. We evaluate the methodology on Google Code Jam dataset. We present the performance measures of the logistic regression and deep learning on the dataset.

This work describes a concept for extending the Network Time Security (NTS) protocol to enable implementation- independent communication between the NTS key establishment (NTS-KE) server and the connected time server(s). It Alls a specification gap left by RFC 8915 for securing the Network Time Protocol (NTP) and enables the centralized and public deployment of an NTS key management server that can support both secured NTP and secured PTP.

X-ray radiography has been used to diagnose a wide variety of experiments at the Z facility including inertial confinement fusion capsule implosions, the growth of the magneto-Rayleigh-Taylor instability in solid liners, and the development of helical structures in axially magnetized liner implosions. In these experiments, the Z Beamlet laser (1 kJ, 1 ns) was used to generate the x-ray source. An alternate x-ray source is desirable in experiments where the Z Beamlet laser is used for another purpose (e.g., preheating the fuel in magnetized liner inertial fusion experiments) or when multiple radiographic lines of sight are necessary.

This paper develops a glocal (global-local) attack detection framework to detect stealthy cyber-physical attacks, namely covert attack and zero-dynamics attack, against a class of multi-agent control systems seeking average consensus. The detection structure consists of a global (central) observer and local observers for the multi-agent system partitioned into clusters. The proposed structure addresses the scalability of the approach and the privacy preservation of the multi-agent system’s state information. The former is addressed by using decentralized local observers, and the latter is achieved by imposing unobservability conditions at the global level. Also, the communication graph model is subject to topology switching, triggered by local observers, allowing for the detection of stealthy attacks by the global observer. Theoretical conditions are derived for detectability of the stealthy attacks using the proposed detection framework. Finally, a numerical simulation is provided to validate the theoretical findings.

This work investigates the problem of analyzing privacy of abrupt changes for general Markov processes. These processes may be affected by changes, or exogenous signals, that need to remain private. Privacy refers to the disclosure of information of these changes through observations of the underlying Markov chain. In contrast to previous work on privacy, we study the problem for an online sequence of data. We use theoretical tools from optimal detection theory to motivate a definition of online privacy based on the average amount of information per observation of the stochastic system in consideration. Two cases are considered: the full-information case, where the eavesdropper measures all but the signals that indicate a change, and the limited-information case, where the eavesdropper only measures the state of the Markov process. For both cases, we provide ways to derive privacy upper-bounds and compute policies that attain a higher privacy level. It turns out that the problem of computing privacy-aware policies is concave, and we conclude with some examples and numerical simulations for both cases.

We consider a graph property known as r-robustness of the random K-out graphs. Random K-out graphs, denoted as \$\textbackslashtextbackslashmathbbH(n;K)\$, are constructed as follows. Each of the n nodes select K distinct nodes uniformly at random, and then an edge is formed between these nodes. The orientation of the edges is ignored, resulting in an undirected graph. Random K-out graphs have been used in many applications including random (pairwise) key predistribution in wireless sensor networks, anonymous message routing in crypto-currency networks, and differentially-private federated averaging. r-robustness is an important metric in many applications where robustness of networks to disruptions is of practical interest, and r-robustness is especially useful in analyzing consensus dynamics. It was previously shown that consensus can be reached in an r-robust network for sufficiently large r even in the presence of some adversarial nodes. r-robustness is also useful for resilience against adversarial attacks or node failures since it is a stronger property than r-connectivity and thus can provide guarantees on the connectivity of the graph when up to r – 1 nodes in the graph are removed. In this paper, we provide a set of conditions for Kn and n that ensure, with high probability (whp), the r-robustness of the random K-out graph.

Security has become a significant factor of Internet of Things (IoT) and Cyber Physical Systems (CPS) wherein the devices usually vary in computing power and intrinsic hardware features. It is necessary to use security-by-design method in the development of these systems. This paper focuses on the security design issue about this sort of heterogeneous embedded systems and proposes a systematic approach aiming to achieve optimal security design objective.

Traffic Signal Control using Reinforcement Learning has been proved to have potential in alleviating traffic congestion in urban areas. Although research has been conducted in this field, it is still an open challenge to find an effective but low-cost solution to this problem. This paper presents multiple deep reinforcement learning-based traffic signal control systems that can help regulate the flow of traffic at intersections and then compares the results. The proposed systems are coupled with SUMO (Simulation of Urban MObility), an agent-based simulator that provides a realistic environment to explore the outcomes of the models.

Empathy is a fundamental mechanism of human interactions. As such, it should be an integral part of Human-Computer Interaction systems to make them more relatable. With this work, we focused on conversational scenarios where integrating empathy is crucial to perceive the computer like a human. As a result, we derived the high-level architecture of an Empathetic Conversational Agent we are willing to implement. We relied on theories about artificial empathy to derive the function approximating this mechanism and selected the conversational aspects to control for an empathetic interaction. In particular, we designed a core empathetic controller manages the empathetic responses, predicting, at each turn, the high-level content of the response. The derived architecture integrates empathy in a task-agnostic manner; hence we can employ it in multiple scenarios by changing the objective of the controller.

Smart assistants, like Amazon's Alexa or Apple's Siri, have become commonplace in many people's lives, appearing in their phones and homes. Despite their ubiquity, these conversational AI agents still largely remain a mystery to many, in terms of how they work and what they can do. To lower the barrier to entry to understanding and creating these agents for young students, we expanded on Convo, a conversational programming agent that can respond to both voice and text inputs. The previous version of Convo focused on teaching only programming skills, so we created a simple, intuitive user interface for students to use those programming skills to train and create their own conversational AI agents. We also developed a curriculum to teach students about key concepts in AI and conversational AI in particular. We ran a 3-day workshop with 15 participating middle school students. Through the data collected from the pre- and post-workshop surveys as well as a mid-workshop brainstorming session, we found that after the workshop, students tended to think that conversational AI agents were less intelligent than originally perceived, gained confidence in their abilities to build these agents, and learned some key technical concepts about conversational AI as a whole. Based on these results, we are optimistic about CONVO'S ability to teach and empower students to develop conversational AI agents in an intuitive way.

In the ever evolving Internet threat landscape, Distributed Denial-of-Service (DDoS) attacks remain a popular means to invoke service disruption. DDoS attacks, however, have evolved to become a tool of deceit, providing a smokescreen or distraction while some other underlying attack takes place, such as data exfiltration. Knowing the intent of a DDoS, and detecting underlying attacks which may be present concurrently with it, is a challenging problem. An entity whose network is under a DDoS attack may not have the support personnel to both actively fight a DDoS and try to mitigate underlying attacks. Therefore, any system that can detect such underlying attacks should do so only with a high degree of confidence. Previous work utilizing flow aggregation techniques with multi-class anomaly detection showed promise in both DDoS detection and detecting underlying attacks ongoing during an active DDoS attack. In this work, we head in the opposite direction, utilizing flow segmentation and concurrent flow feature aggregation, with the primary goal of greatly reduced detection times of both DDoS and underlying attacks. Using the same multi-class anomaly detection approach, we show greatly improved detection times with promising detection performance.

This paper presents a new framework for SATCOM jamming resiliency in the presence of a smart adversary jammer that can prioritize specific channels to attack with a non-uniform probability of distribution. We first develop a model and a defense action strategy based on a Markov decision process (MDP). We propose a greedy algorithm for the MDP-based defense algorithm's policy to optimize the expected user's immediate and future discounted rewards. Next, we remove the assumption that the user has specific information about the attacker's pattern and model. We develop a Q-learning algorithm-a reinforcement learning (RL) approach-to optimize the user's policy. We show that the Q-learning method provides an attractive defense strategy solution without explicit knowledge of the jammer's strategy. Computer simulation results show that the MDP-based defense strategies are very efficient; they offer a significant data rate advantage over the simple random hopping approach. Also, the proposed Q-learning performance can achieve close to the MDP approach without explicit knowledge of the jammer's strategy or attacking model.