Biblio

Traditional magnetic mirrors are appealing because of their comparably simple geometry which lends itself to cost-effective construction. However, magnetic mirrors suffer from several inherent problems that make them poor choices for confining and heating plasmas. The chief concerns are the loss-cone instability which continuously saps hot particles from the trap and the interchange instability which effectively transports hot plasma from the core of the trap to the edges where it is lost to the walls. Centrifugal confinement schemes address these concerns with the addition of supersonic poloidal rotation which can effectively shut off the loss-cone. In addition, velocity shear in the flow may mitigate or even turn off the interchange instability if high enough rotation speeds can be achieved. Previous experiments have verified the efficacy of centrifugal confinement but have been unable to achieve sufficient rotation velocities to entirely shut down the interchange modes. [1] The rotation velocity in these experiments was limited by the Critical-Ionization-Velocity (CIV) instability. [3] We plan an experiment to verify that the CIV is the limiting factor in supersonic plasma centrifuges and to explore strategies for avoiding the CIV limit and achieving sufficient rotation speeds to enable stable plasma confinement.

Despite the strict measures taken by authorities for children safety, crime against children is increasing. To curb this crime, it is important to improve the safety of children. School authorities can be severely penalized for these incidents, hence monitoring the school bus is significantly important in limiting these incidents. The developing worry of families for the security and insurance of their kids has started incredible interest in creating strong frameworks that give successful following and oversight of kids driving among home and school. Coordinated transport following permits youngsters to partake more in their normal schoolwork longer than trusting that a transport will be late with the assistance of notice and guarantees the security of every understudy. These days, reacting to the necessities existing apart from everything else, numerous instructive foundations have begun to push more towards a compelling global positioning framework of their vehicles that ensures the wellbeing of their understudies. Effective transport following is accomplished by procuring the geographic directions utilizing the GPS module and communicating the informationto a distant server. The framework depends on prepared to-utilize inactive RFID peruses. Make a message pop-up from the server script subsequent to checking the understudy's RFID tag be. The RFID examine exhibiting that the understudy boarded the vehicle to the specific trained professionals and the parent. Successful transport following permits school specialists, guardians, and drivers to precisely design their schedules while protecting kids from the second they get on until they get off the transport. The framework overall makes it conceivable to educate the administration regarding crises or protests. A variety of reports can be generated for different school-wide real-time bus and vehicle activities. This paper reviews the various smart security transport systems proposed for providing security features.

Nowadays, data is essential in several fields, such as science, finance, medicine, and transportation, which means its value continues to rise. Relational databases are vulnerable to copyright threats when transmitted and shared as a carrier of data. The watermarking technique is seen as a partial solution to the problem of securing copyright ownership. However, most of them are currently restricted to numerical attributes in relational databases, limiting their versatility. Furthermore, they modify the source data to a large extent, failing to keep the characteristics of the original database, and they are susceptible to solid malicious attacks. This paper proposes a new robust reversible watermarking technique, Fields Based Inserting Position Tuples algorithm (FBIPT), for relational databases. FBIPT does not modify the original database directly; instead, it inserts some position tuples based on three Fields―Group Field, Feature Field, and Control Field. Field information can be calculated by numeric attributes and any attribute that can be transformed into binary bits. FBIPT technique retains all the characteristics of the source database, and experimental results prove the effectiveness of FBIPT and show its highly robust performance compared to state-of-the-art watermarking schemes.

CAPTCHA (Completely Automated Public Turing Test to tell Computers and Humans Apart) is a widely used challenge-measures to distinguish humans and computer automated programs apart. Several existing CAPTCHAs are reliable for normal users, whereas visually impaired users face a lot of problems with the CAPTCHA authentication process. CAPTCHAs such as Google reCAPTCHA alternatively provides audio CAPTCHA, but many users find it difficult to decipher due to noise, language barrier, and accent of the audio of the CAPTCHA. Existing CAPTCHA systems lack user satisfaction on smartphones thus limiting its use. Our proposed system potentially solves the problem faced by visually impaired users during the process of CAPTCHA authentication. Also, our system makes the authentication process generic across users as well as platforms.

Human multi-robot system (MRS) collaboration is demonstrating potentials in wide application scenarios due to the integration of human cognitive skills and a robot team’s powerful capability introduced by its multi-member structure. However, due to limited human cognitive capability, a human cannot simultaneously monitor multiple robots and identify the abnormal ones, largely limiting the efficiency of the human-MRS collaboration. There is an urgent need to proactively reduce unnecessary human engagements and further reduce human cognitive loads. Human trust in human MRS collaboration reveals human expectations on robot performance. Based on trust estimation, the work between a human and MRS will be reallocated that an MRS will self-monitor and only request human guidance in critical situations. Inspired by that, a novel Synthesized Trust Learning (STL) method was developed to model human trust in the collaboration. STL explores two aspects of human trust (trust level and trust preference), meanwhile accelerates the convergence speed by integrating active learning to reduce human workload. To validate the effectiveness of the method, tasks "searching victims in the context of city rescue" were designed in an open-world simulation environment, and a user study with 10 volunteers was conducted to generate real human trust feedback. The results showed that by maximally utilizing human feedback, the STL achieved higher accuracy in trust modeling with a few human feedback, effectively reducing human interventions needed for modeling an accurate trust, therefore reducing human cognitive load in the collaboration.

Wireless communications networks are an integral part of intelligent systems that enhance the automation of various activities and operations embarked by humans. For example, the development of intelligent devices imbued with sensors leverages emerging technologies such as machine learning (ML) and artificial intelligence (AI), which have proven to enhance military operations through communication, control, intelligence gathering, and situational awareness. However, growing concerns in cybersecurity imply that attackers are always seeking to take advantage of the widened attack surface to launch adversarial attacks which compromise the activities of legitimate users. To address this challenge, we leverage on deep learning (DL) and the principle of cyber-deception to propose a method for defending wireless networks from the activities of jammers. Specifically, we use DL to regulate the power allocated to users and the channel they use to communicate, thereby luring jammers into attacking designated channels that are considered to guarantee maximum damage when attacked. Furthermore, by directing its energy towards the attack on a specific channel, other channels are freed up for actual transmission, ensuring secure communication. Through simulations and experiments carried out, we conclude that this approach enhances security in wireless communication systems.

The metal oxide arrester (MOA, shortly) is installed on the line side of the substation, which is the first line of defense for the overvoltage limitation of lightning intrusion wave. In order to deeply limit the switching overvoltage and cancel the closing resistance of the circuit breaker, the arrester is replaced by the controllable metal oxide arrester (CMOA, shortly) in the new technology. The controllable switch of CMOA can be mechanical switch or thyristor switch. Thyristor switches are sensitive to the current and current change rate (di/dt) under lightning intrusion wave. If the switch cannot withstand, appropriate protective measures must be taken to ensure the safe operation of the controllable switch under this working condition. The 1000kV West Beijing to Shijiazhuang UHV AC transmission and transformation expansion project is the first project of pilot application of CMOA. CMOA were installed at both ends of the outgoing branch of Dingtai line I. In order to study the influence of lightning intrusion wave on the controllable switch of CMOA, this paper selected this project to simulate the lightning stroke on the incoming section of Dingtai line I in Beijing West substation in the process of system air closing or single-phase reclosing, and obtained the current and di/dt of the controllable switch through CMOA under this working condition. Then the performances of mechanical and thyristor control switches were checked respectively. The results showed that the mechanical switch could withstand without protective measures. The tolerance of thyristor switch to i and di/dt exceeded the limit value, and measures should be taken to protect and limit it. In this paper, the protection measures of current limiting reactor were given, and the limiting effect of the protection measures was verified by simulation and test. It could fully meet the requirements and ensure the safe operation of thyristor controllable switch.

Fulcrum decoders can trade off between computational complexity and the number of received packets. This allows heterogeneous nodes to decode at different level of complexity in accordance with their computing power. Variations of Fulcrum codes, like dynamic sparsity and expansion packets (DSEP) have significantly reduced the encoders and decoders' complexity by using dynamic sparsity and expansion packets. However, limited effort had been done for recoders of Fulcrum codes and their variations, limiting their full potential when being deployed at multi-hop networks. In this paper, we investigate the drawback of the conventional Fulcrum recoding and introduce a novel recoding scheme for the family of Fulcrum codes by limiting the buffer size, and thus memory needs. Our evaluations indicate that DSEP recoding mechamism increases the recoding goodput by 50%, and reduces the decoding overhead by 60%-90% while maintaining high decoding goodput at receivers and small memory usage at recoders compared with the conventional Fulcrum recoding. This further reduces the resources needed for Fulcrum codes at the recoders.

Emerging non-volatile memory technology enables non-volatile main memory (NVMM) that can provide larger capacity and better energy-saving opportunities than DRAMs. However, its non-volatility raises security concerns, where the data in NVMMs can be taken if the memory is stolen. Memory encryption protects the data by limiting it always stays encrypted outside the processor boundary. However, the decryption latency before the data being used by the processor brings new performance burdens. Unlike DRAM-based main memory, such performance overhead worsens on the NVMM due to the slow latency. In this paper, we will introduce optimizations that can be used to re-design the encryption scheme. In our tests, our two new designs, 3-level split counter mode encryption and 8-block split counter mode encryption, improved performance by 26% and 30% at maximum and by 8% and 9% on average from the original encryption scheme, split counter encryption.

Internet of Things (IoT) devices have rooted themselves in the everyday life of billions of people. Thus, researchers have applied automated bug finding techniques to improve their overall security. However, due to the difficulties in extracting and emulating custom firmware, black-box fuzzing is often the only viable analysis option. Unfortunately, this solution mostly produces invalid inputs, which are quickly discarded by the targeted IoT device and do not penetrate its code. Another proposed approach is to leverage the companion app (i.e., the mobile app typically used to control an IoT device) to generate well-structured fuzzing inputs. Unfortunately, the existing solutions produce fuzzing inputs that are constrained by app-side validation code, thus significantly limiting the range of discovered vulnerabilities.In this paper, we propose a novel approach that overcomes these limitations. Our key observation is that there exist functions inside the companion app that can be used to generate optimal (i.e., valid yet under-constrained) fuzzing inputs. Such functions, which we call fuzzing triggers, are executed before any data-transforming functions (e.g., network serialization), but after the input validation code. Consequently, they generate inputs that are not constrained by app-side sanitization code, and, at the same time, are not discarded by the analyzed IoT device due to their invalid format. We design and develop Diane, a tool that combines static and dynamic analysis to find fuzzing triggers in Android companion apps, and then uses them to fuzz IoT devices automatically. We use Diane to analyze 11 popular IoT devices, and identify 11 bugs, 9 of which are zero days. Our results also show that without using fuzzing triggers, it is not possible to generate bug-triggering inputs for many devices.

With the advance in artificial intelligence and high-dimensional data analysis, federated learning (FL) has emerged to allow distributed data providers to collaboratively learn without direct access to local sensitive data. However, limiting access to individual provider’s data inevitably incurs security issues. For instance, backdoor attacks, one of the most popular data poisoning attacks in FL, severely threaten the integrity and utility of the FL system. In particular, backdoor attacks launched by multiple collusive attackers, i.e., distributed backdoor attacks, can achieve high attack success rates and are hard to detect. Existing defensive approaches, like model inspection or model sanitization, often require to access a portion of local training data, which renders them inapplicable to the FL scenarios. Recently, the norm clipping approach is developed to effectively defend against distributed backdoor attacks in FL, which does not rely on local training data. However, we discover that adversaries can still bypass this defense scheme through robust training due to its unchanged norm clipping threshold. In this paper, we propose a novel defense scheme to resist distributed backdoor attacks in FL. Particularly, we first identify that the main reason for the failure of the norm clipping scheme is its fixed threshold in the training process, which cannot capture the dynamic nature of benign local updates during the global model’s convergence. Motivated by it, we devise a novel defense mechanism to dynamically adjust the norm clipping threshold of local updates. Moreover, we provide the convergence analysis of our defense scheme. By evaluating it on four non-IID public datasets, we observe that our defense scheme effectively can resist distributed backdoor attacks and ensure the global model’s convergence. Noticeably, our scheme reduces the attack success rates by 84.23% on average compared with existing defense schemes.

Many people are becoming more reliant on internet social media sites like Facebook. Users can utilize these networks to reveal articles to them and engage with your peers. Several of the data transmitted from these connections is intended to be confidential. However, utilizing publicly available data and learning algorithms, it is feasible to forecast concealed informative data. The proposed research work investigates the different ways to initiate deduction attempts on freely released photo sharing data in order to envisage concealed informative data. Next, this research study offers three distinct sanitization procedures that could be used in a range of scenarios. Moreover, the effectualness of all these strategies and endeavor to utilize collective teaching and research to reveal important bits of the data set are analyzed. It shows how, by using the sanitization methods presented here, a user may lower the accuracy by including both global and interpersonal categorization techniques.

Edge data caching has attracted tremendous attention in recent years. Service providers can consider caching data on nearby locations to provide service for their app users with relatively low latency. The key to enhance the user experience is appropriately choose to cache data on the suitable edge servers to achieve the service providers' objective, e.g., minimizing data retrieval latency and minimizing data caching cost, etc. However, Quality of Experience (QoE), which impacts service providers' caching benefit significantly, has not been adequately considered in existing studies of edge data caching. This is not a trivial issue because QoE and Quality-of-Service (QoS) are not correlated linearly. It significantly complicates the formulation of cost-effective edge data caching strategies under the caching budget, limiting the number of cache spaces to hire on edge servers. We consider this problem of QoE-aware edge data caching in this paper, intending to optimize users' overall QoE under the caching budget. We first build the optimization model and prove the NP-completeness about this problem. We propose a heuristic approach and prove its approximation ratio theoretically to solve the problem of large-scale scenarios efficiently. We have done extensive experiments to demonstrate that the MPSG algorithm we propose outperforms state-of-the-art approaches by at least 68.77%.

IoT devices have evolved with the goal of becoming more connected. However, for security it is necessary to reduce the attack surface by allowing only necessary devices to be connected. In addition, as the number of IoT devices increases, DDoS attacks targeting IoT devices also increase. In this paper, we propose a method to apply the zero trust concept of SDP as a way to enhance security and prevent DDoS attacks in the IoT device network to which the OCF platform, one of the IoT standard platforms, is applied. The protocol proposed in this paper needs to perform additional functions in IoT devices, and the processing overhead due to the functions is 62.6ms on average. Therefore, by applying the method proposed in this paper, although there is a small amount of processing overhead, DDoS attacks targeting the IoT network can be defended and the security of the IoT network can be improved.

The widespread use of powerful mobile devices has deeply affected the mix of traffic traversing both the Internet and enterprise networks (with bring-your-own-device policies). Traffic encryption has become extremely common, and the quick proliferation of mobile apps and their simple distribution and update have created a specifically challenging scenario for traffic classification and its uses, especially network-security related ones. The recent rise of Deep Learning (DL) has responded to this challenge, by providing a solution to the time-consuming and human-limited handcrafted feature design, and better clas-sification performance. The counterpart of the advantages is the lack of interpretability of these black-box approaches, limiting or preventing their adoption in contexts where the reliability of results, or interpretability of polices is necessary. To cope with these limitations, eXplainable Artificial Intelligence (XAI) techniques have seen recent intensive research. Along these lines, our work applies XAI-based techniques (namely, Deep SHAP) to interpret the behavior of a state-of-the-art multimodal DL traffic classifier. As opposed to common results seen in XAI, we aim at a global interpretation, rather than sample-based ones. The results quantify the importance of each modality (payload- or header-based), and of specific subsets of inputs (e.g., TLS SNI and TCP Window Size) in determining the classification outcome, down to per-class (viz. application) level. The analysis is based on a publicly-released recent dataset focused on mobile app traffic.

Attribution methods can provide powerful insights into the reasons for a classifier's decision. We argue that a key desideratum of an explanation method is its robustness to input hyperparameters which are often randomly set or empirically tuned. High sensitivity to arbitrary hyperparameter choices does not only impede reproducibility but also questions the correctness of an explanation and impairs the trust of end-users. In this paper, we provide a thorough empirical study on the sensitivity of existing attribution methods. We found an alarming trend that many methods are highly sensitive to changes in their common hyperparameters e.g. even changing a random seed can yield a different explanation! Interestingly, such sensitivity is not reflected in the average explanation accuracy scores over the dataset as commonly reported in the literature. In addition, explanations generated for robust classifiers (i.e. which are trained to be invariant to pixel-wise perturbations) are surprisingly more robust than those generated for regular classifiers.

Information security is a top priority in government and industry because high consequence cyber incidents continue with regularity. The blue teamers that protect cyber systems cannot stop or even know about all these incidents, so they must take measures to tolerate these incursions in addition to preventing and detecting them. We propose dynamically compartmentalizing subject networks into collaboration zones and limiting the communication between these zones. In this article, we demonstrate this technique's effect on the attacker and the defender for various parameter settings using discrete-time simulation. Based on our results, we conclude that dynamic cyber zone defense is a viable intrusion tolerance technique and should be considered for technology transfer.

An unobservable false data injection (FDI) attack on AC state estimation (SE) is introduced and its consequences on the physical system are studied. With a focus on understanding the physical consequences of FDI attacks, a bi-level optimization problem is introduced whose objective is to maximize the physical line flows subsequent to an FDI attack on DC SE. The maximization is subject to constraints on both attacker resources (size of attack) and attack detection (limiting load shifts) as well as those required by DC optimal power flow (OPF) following SE. The resulting attacks are tested on a more realistic non-linear system model using AC state estimation and ACOPF, and it is shown that, with an appropriately chosen sub-network, the attacker can overload transmission lines with moderate shifts of load.

As the use of low-power and low resource embedded devices continues to increase dramatically with the introduction of new Internet of Things (IoT) devices, security techniques are necessary which are compatible with these devices. This research advances the knowledge in the area of cyber security for the IoT through the exploration of a moving target defense to apply for limiting the time attackers may conduct reconnaissance on embedded systems while considering the challenges presented from IoT devices such as resource and performance constraints. We introduce the design and optimizations for a Micro-Moving Target IPv6 Defense including a description of the modes of operation, needed protocols, and use of lightweight hash algorithms. We also detail the testing and validation possibilities including a Cooja simulation configuration, and describe the direction to further enhance and validate the security technique through large scale simulations and hardware testing followed by providing information on other future considerations.

As Internet of things (IoT) continue to ensconce into our homes, offices, hospitals, electricity grids and other walks of life, the stakes are too high to leave security to chance. IoT devices are resource constrained devices and hence it is very easy to exhaust them of their resources or deny availability. One of the most prominent attacks on the availability is the Distributed Denial of service (DDoS) attack. Although, DDoS is not a new Internet attack but a large number of new, constrained and globally accessible IoT devices have escalated the attack surface beyond imagination. This paper provides a broad anatomy of IoT protocols and their inherent weaknesses that can enable attackers to launch successful DDoS attacks. One of the major contributions of this paper is the implementation and demonstration of UDP (User Datagram Protocol) flood attack in the Contiki operating system, an open-source operating system for the IoT. This attack has been implemented and demonstrated in Cooja simulator, an inherent feature of the Contiki operating system. Furthermore, in this paper, a rate limiting mechanism is proposed that must be incorporated in the Contiki OS to mitigate UDP flood attacks. This proposed scheme reduces CPU power consumption of the victim by 9% and saves the total transmission power of the victim by 55%.

In this paper, the correctness of the routing algorithm for the distributed key-value store based on order preserving linear hashing and Skip Graph is proved. In this system, data are divided by linear hashing and Skip Graph is used for overlay network. The routing table of this system is very uniform. Then, short detours can exist in the route of forwarding. By using these detours, the number of hops for the query forwarding is reduced.