Biblio

Estimation for obesity levels is always an important topic in medical field since it can provide useful guidance for people that would like to lose weight or keep fit. The article tries to find a model that can predict obesity and provides people with the information of how to avoid overweight. To be more specific, this article applied dimension reduction to the data set to simplify the data and tried to Figure out a most decisive feature of obesity through Principal Component Analysis (PCA) based on the data set. The article also used some machine learning methods like Support Vector Machine (SVM), Decision Tree to do prediction of obesity and wanted to find the major reason of obesity. In addition, the article uses Artificial Neural Network (ANN) to do prediction which has more powerful feature extraction ability to do this. Finally, the article found that family history of obesity is the most decisive feature, and it may because of obesity may be greatly affected by genes or the family eating diet may have great influence. And both ANN and Decision tree’s accuracy of prediction is higher than 90%.

In recent years, new types of cyber attacks called targeted attacks have been observed. It targets specific organizations or individuals, while usual large-scale attacks do not focus on specific targets. Organizations have published many Word or PDF files on their websites. These files may provide the starting point for targeted attacks if they include hidden data unintentionally generated in the authoring process. Adhatarao and Lauradoux analyzed hidden data found in the PDF files published by security agencies in many countries and showed that many PDF files potentially leak information like author names, details on the information system and computer architecture. In this study, we analyze hidden data of PDF files published on the website of police agencies in Japan and compare the results with Adhatarao and Lauradoux's. We gathered 110989 PDF files. 56% of gathered PDF files contain personal names, organization names, usernames, or numbers that seem to be IDs within the organizations. 96% of PDF files contain software names.

This paper studies Distributed Denial of Service (DDoS) attack detection by adopting the Deep Neural Network (DNN) model in Software Defined Networking (SDN). We first deploy the flow collector module to collect the flow table entries. Considering the detection efficiency of the DNN model, we also design some features manually in addition to the features automatically obtained by the flow table. Then we use the preprocessed data to train the DNN model and make a prediction. The overall detection framework is deployed in the SDN controller. The experiment results illustrate DNN model has higher accuracy in identifying attack traffic than machine learning algorithms, which lays a foundation for the defense against DDoS attack.

Physical-layer key (PLK) generation scheme is a new key generation scheme based on wireless channel reciprocity. However, the security of physical layer keys still lacks sufficient theoretical support in the presence of eavesdropping attacks until now, which affects the promotion in practical applications. By analyzing the propagation mode of multipath signals under non-line-of-sight (nLoS), an improved spatial cross-correlation model is constructed, where the spatial cross-correlation is between eavesdropping channel and legitimate channel. Results show that compared with the multipath and obstacle distribution of the channel, the azimuth and distance between the eavesdropper and the eavesdropped user have a greater impact on the cross-correlation.

The botnet-based network assault are one of the most serious security threats overlay the Internet this day. Although significant progress has been made in this region of research in recent years, it is still an ongoing and challenging topic to virtually direction the threat of botnets due to their continuous evolution, increasing complexity and stealth, and the difficulties in detection and defense caused by the limitations of network and system architectures. In this paper, we propose a novel and efficient botnet detection method, and the results of the detection method are validated with the CTU-13 dataset.

This paper analyzes the problems existing in the existing emergency management technology system in China from various perspectives, and designs the construction of intelligent emergency system in combination with the development of new generation of Internet of Things, big data, cloud computing and artificial intelligence technology. The overall design is based on scientific and technological innovation to lead the reform of emergency management mechanism and process reengineering to build an intelligent emergency technology system characterized by "holographic monitoring, early warning, intelligent research and accurate disposal". To build an intelligent emergency management system that integrates intelligent monitoring and early warning, intelligent emergency disposal, efficient rehabilitation, improvement of emergency standards, safety and operation and maintenance construction.

Data Analytics is at the core of almost all modern ap-plications ranging from science and finance to healthcare and web applications. The evolution of data analytics over the last decade has been dramatic - new methods, new tools and new platforms - with no slowdown in sight. This rapid evolution has pushed the boundaries of data analytics along several axis including scalability especially with the rise of distributed infrastructures and the Big Data era, and interoperability with diverse data management systems such as relational databases, Hadoop and Spark. However, many analytic application developers struggle with the challenge of production deployment. Recent experience suggests that it is difficult to deliver modern data analytics with the level of reliability, security and manageability that has been a feature of traditional SQL DBMSs. In this tutorial, we discuss the advances and innovations introduced at both the infrastructure and algorithmic levels, directed at making analytic workloads scale, while paying close attention to the kind of quality of service guarantees different technology provide. We start with an overview of the classical centralized analytical techniques, describing the shift towards distributed analytics over non-SQL infrastructures. We contrast such approaches with systems that integrate analytic functionality inside, above or adjacent to SQL engines. We also explore how Cloud platforms' virtualization capabilities make it easier - and cheaper - for end users to apply these new analytic techniques to their data. Finally, we conclude with the learned lessons and a vision for the near future.

According to the characteristics of security threats and massive users in power mobile applications, a mobile application security situational awareness method based on big data architecture is proposed. The method uses open-source big data technology frameworks such as Kafka, Flink, Elasticsearch, etc. to complete the collection, analysis, storage and visual display of massive power mobile application data, and improve the throughput of data processing. The security situation awareness method of power mobile application takes the mobile terminal threat index as the core, divides the risk level for the mobile terminal, and predicts the terminal threat index through support vector machine regression algorithm (SVR), so as to construct the security profile of the mobile application operation terminal. Finally, through visualization services, various data such as power mobile applications and terminal assets, security operation statistics, security strategies, and alarm analysis are displayed to guide security operation and maintenance personnel to carry out power mobile application security monitoring and early warning, banning disposal and traceability analysis and other decision-making work. The experimental analysis results show that the method can meet the requirements of security situation awareness for threat assessment accuracy and response speed, and the related results have been well applied in a power company.

Effective information security risk management is essential for survival of any business that is dependent on IT. In this paper we present an efficient and effective solution to find best parameters for managing cyber risks using artificial intelligence. Genetic algorithm is use as it can provide our required optimization and intelligence. Results show that GA is professional in finding the best parameters and minimizing the risk.

The industrial Internet has built a new industrial manufacturing and service system with all elements, all industrial chains and all value chains connected through the interconnection of people, machines and things. It breaks the relatively closed and credible production environment of traditional industry. But at the same time, the full interconnection of cross-device, cross-system, and cross-region in the industrial Internet also brings a certain network trust crisis. The method proposed in this paper breaking the relatively closed manufacturing environment of traditional industries, extends the network connection object from human to machine equipment, industrial products and industrial services. It provides a safe and credible environment for the development of industrial Internet, and a trust guarantee for the across enterprises entities and data sharing.

Wireless Sensor Networks (WSNs) and their implementations have been the subject of numerous studies over the last two decades. WSN gathers, processes, and distributes wireless data to the database storage center. This study aims to explain the four main components of sensor nodes and the mechanism of WSN's. WSNs have 5 available types that will be discussed and explained in this paper. In addition to that, shortest path routing will be thoroughly analyzed. In “The Protocol”. Reconfigurable logic applications have grown in number and complexity. Shortest path routing is a method of finding paths through a network with the least distance or other cost metric. The efficiency of the shortest path protocol mechanism and the reliability of encryption are both present which adds security and accuracy of location privacy and message delivery. There are different forms of key management, such as symmetric and asymmetric encryption, each with its own set of processing techniques. The use of encryption technique to secure sensor nodes is addressed, as well as how we overcame the problem with the aid of advanced techniques. Our major findings are that adding more security doesn't cost much and by cost we mean energy consumption, throughput and latency.

The semaphore mechanism is an important part of the embedded operating system. Therefore, it is very necessary to ensure its safety. Traditional software testing methods are difficult to ensure 100% coverage of the program. Therefore, it is necessary to adopt a formal verfication method which proves the correctness of the program theoretically. This paper proposes a proof framework based on the theorem proof tool Coq: modeling the semaphore mechanism, extracting important properties from the requirement documents, and finally verifying that the semaphore mechanism can meet these properties, which means the correctness of the semaphore mechanism is proved and also illustrates the feasibility of the verification framework proposed in this paper, which lays a foundation for the verification of other modules of operating systems.

With the rapid development of urbanization, community security and public security have become an important social issue. As conventional patrol methods can not effectively ensure effective supervision, this paper studies the application of NFC (Near Field Communication) technology in intelligent security system, designs and constructs a set of intelligent security system suitable for public security patrol or security patrol combined with current cloud service technology. The system can not only solve the digital problem of patrol supervision in the current public security, but also greatly improve the efficiency of security and improve the service quality of the industry through the application of intelligent technology.

Currently, more and more malicious insiders are making threats, and the detection of insider threats is becoming more challenging. The malicious insider often uses legitimate access privileges and mimic normal behaviors to evade detection, which is difficult to be detected via using traditional defensive solutions. In this paper, we propose DeepMIT, a malicious insider threat detection framework, which utilizes Recurrent Neural Network (RNN) to model user behaviors as time sequences and predict the probabilities of anomalies. This framework allows DeepMIT to continue learning, and the detections are made in real time, that is, the anomaly alerts are output as rapidly as data input. Also, our framework conducts further insight of the anomaly scores and provides the contributions to the scores and, thus, significantly helps the operators to understand anomaly scores and take further steps quickly(e.g. Block insider's activity). In addition, DeepMIT utilizes user-attributes (e.g. the personality of the user, the role of the user) as categorical features to identify the user's truly typical behavior, which help detect malicious insiders who mimic normal behaviors. Extensive experimental evaluations over a public insider threat dataset CERT (version 6.2) have demonstrated that DeepMIT has outperformed other existing malicious insider threat solutions.

Recently, with the development of the cloud environment, users can store their data or share it with other users. However, various security threats can occur in data sharing systems in the cloud environment. To solve this, data sharing systems and access control methods using the CP-ABE method are being studied, but the following problems may occur. First, in an outsourcing server that supports computation, it is not possible to prove that the computed result is a properly computed result when performing the partial decryption process of the ciphertext. Therefore, the user needs to verify the message obtained by performing the decryption process, and verify that the data is uploaded by the data owner through verification. As another problem, because the data owner encrypts data with attribute-based encryption, the number of attributes included in the access structure increases. This increases the size of the ciphertext, which can waste space in cloud storage. Therefore, a ciphertext of a constant size must be output regardless of the number of attributes when generating the ciphertext. In this paper, we proposes a CP-ABE based data sharing system that provides signature-based verifiable outsourcing. It aims at a system that allows multiple users to share data safely and efficiently in a cloud environment by satisfying verifiable outsourcing and constant-sized ciphertext output among various security requirements required by CP-ABE.

Aiming at ensure the security and self-control of heterogeneous alliance network, this paper proposes a novel structure of identity authentication based on domestic commercial cryptography with blockchain in the heterogeneous alliance network. The domestic commercial cryptography, such as SM2, SM3, SM4, SM9 and ZUC, is adopted to solve the encryption, decryption, signature and verification of blockchain, whose key steps of data layer are solved by using domestic commercial cryptographic algorithms. In addition, it is the distributed way to produce the public key and private key for the security of the keys. Therefore, the cross domain identity authentication in the heterogeneous alliance network can be executed safely and effectively.

Traditional grid-centric data storage methods are vulnerable to network attacks or failures due to downtime, causing problems such as data loss or tampering. The security of data storage can be effectively improved by establishing an alliance chain. However, the existing consortium chain consensus algorithm has low scalability, and the consensus time will explode as the number of nodes increases. This paper proposes an improved consensus algorithm (MSBFT) based on multi-signature to address this problem, which spreads data by establishing a system communication tree, reducing communication and network transmission costs, and improving system scalability. By generating schnorr multi-signature as the shared signature of system nodes, the computational cost of verification between nodes is reduced. At the end of the article, simulations prove the superiority of the proposed method.

With the development of technology, the structure of power grid becomes more and more complex, and the amount of data collected is also increasing. In the existing smart power grid, the data collected by sensors need to be uploaded and stored to the trusted central node, but the centralized storage method is easy to cause the malicious attack of the central node, resulting in single point failure, data tampering and other security problems. In order to solve these information security problems, this paper proposes a new data security storage framework based on private blockchain. By using the improved raft algorithm, partial decentralized data storage is used instead of traditional centralized storage. It also introduces in detail the working mechanism of the smart grid data security storage framework, including the process of uploading collected data, data verification, and data block consensus. The security analysis shows the effectiveness of the proposed data storage framework.

In order to improve the status monitoring and management ability of wireless sensor networks, a dynamic data compression method based on grid deduplication is proposed. Grid-based sensor node spatial positioning and big data fusion method are adopted to realize dynamic feature mining of wireless sensor network data, extract feature sequence points of wireless sensor network data, reconstruct wireless sensor network data feature space by adopting spatial grid node recombination, build a statistical detection model of dynamic feature mining of wireless sensor network data by combining grid area grouping compression method, and realize embedded fuzzy control and joint feature distributed adaptive learning. The association matching degree of wireless sensor network data is analyzed. Combining fuzzy subspace compression and big data fusion clustering, the quantitative regression analysis model of wireless sensor network data is established. The time series reorganization of wireless sensor network database is realized by index table name, index column and other information. Compressed sensing method is used in linear fusion subspace to realize data compression and adaptive detection of wireless sensor network. Constraint feature points of wireless sensor network data compression are constructed, and dynamic compression and clustering processing of wireless sensor network data are realized at constraint points. Simulation results show that the feature clustering of data compression in wireless sensor networks is better and the storage space of data is reduced.

Cloud storage technology enables users to outsource local data to cloud service provider (CSP). In spite of its copious advantages, how to ensure the integrity of data has always been a significant issue. A variety of provable data possession (PDP) scheme have been proposed for cloud storage scenarios. However, the participation of centralized trusted third-party auditor (TPA) in most of the previous work has brought new security risks, because the TPA is prone to the single point of failure. Furthermore, the existing schemes do not consider the fair arbitration and lack an effective method to punish the malicious behavior. To address the above challenges, we propose a novel blockchain-based decentralized data integrity auditing scheme without the need for a centralized TPA. By using smart contract technique, our scheme supports automatic compensation mechanism. DO and CSP must first pay a certain amount of ether for the smart contract as deposit. The CSP gets the corresponding storage fee if the integrity auditing is passed. Otherwise, the CSP not only gets no fee but has to compensate DO whose data integrity is destroyed. Security analysis shows that the proposed scheme can resist a variety of attacks. Also, we implement our scheme on the platform of Ethereum to demonstrate the efficiency and effectiveness of our scheme.

The Internet of Things (IoT) provides significant benefits for industry due to connect the devices together through the internet. Attribute-Based Encryption (ABE) is a technique can enforce an access control over data to guarantee the data security. In this paper, we propose an ABE scheme for data in industrial IoT. The scheme achieves both security and high performance. When there is a shared subpolicy among the access policies of a sensor, the scheme optimizes the encryption of the messages. Through analysis and simulation, we show that our solution is security and efficient.

In order to solve the defense problem of wireless network security threats in new energy stations, a new wireless network security risk assessment model which proposes a wireless access security evaluation method for power monitoring system based on fuzzy theory, was established based on the study of security risk assessment methods in this paper. The security evaluation method first divides the security evaluation factor set, then determines the security evaluation weight coefficient, then calculates the network security level membership matrix, and finally combines specific examples to analyze the resulting data. this paper provided new ideas and methods for the wireless access security evaluation of new energy stations.

Chatbots are a computer program that was created to imitate the human during a conversation. In this technological era, humans were replaced by machines for performing most of the work. So chatbots were developed to mimic the conversation a human does with another person. The work a chatbot does ranges from answering simple queries to acting as personal assistant to the boss. There are different kinds of chatbots developed to cater to the needs of the people in different domain. The methodology of creating them also varies depending on their type. In this paper, the various types of chatbots and techniques such as Machine Learning, deep learning and natural language processing used for designing them were discussed in detail.

Key Management in Delay Tolerant Networks (DTN) still remains an unsolved complex problem. Due to peculiar characteristics of DTN, important challenges that make it difficult to design key management architecture are: 1) no systematic requirement analysis is undertaken to define its components, their composition and prescribed functions; and 2) no framework is available for its seamless integration with Bundle Security Protocol (BSP). This paper proposes a Key Management Architecture for DTN (KMAD) to address challenges in DTN key management. The proposed architecture not only provides guidelines for key management in DTN but also caters for seamless integration with BSP. The framework utilizes public key cryptography to provide required security services to enable exchange of keying material, and information about security policy and cipher suites. The framework also supports secure exchange of control and data information in DTNs.

In order to realize the security authentication of information transmission between vehicle nodes in the vehicular ad hoc network, based on the certificateless public key cryptosystem and aggregate signature, a privacy-protected certificateless aggregate signature scheme is proposed, which eliminates the complicated certificate maintenance cost. This solution also solves the key escrow problem. By Communicating with surrounding nodes through the pseudonym of the vehicle, the privacy protection of vehicle users is realized. The signature scheme satisfies the unforgeability of an adaptive selective message attack under a random prophetic machine. The scheme meets message authentication, identity privacy protection, resistance to reply attacks.