Biblio

Information security is winding up noticeably more vital in information stockpiling and transmission. Images are generally utilised for various purposes. As a result, the protection of image from the unauthorised client is critical. Established encryption techniques are not ready to give a secure framework. To defeat this, image encryption is finished through DNA encoding which is additionally included with confused 1D and 2D logistic maps. The key communication is done through the quantum channel using the BB84 protocol. To recover the encrypted image DNA decoding is performed. Since DNA encryption is invertible, decoding can be effectively done through DNA subtraction. It decreases the complexity and furthermore gives more strength when contrasted with traditional encryption plans. The enhanced strength of the framework is measured utilising measurements like NPCR, UACI, Correlation and Entropy.

The paper discusses the architectural, algorithmic and computing aspects of creating and operating a class of expert system for managing technological safety of an enterprise, in conditions of a large flow of diagnostic variables. The algorithm for finding a faulty technological chain uses expert information, formed as a set of evidence on the influence of diagnostic variables on the correctness of the technological process. Using the Dempster-Schafer trust function allows determining the overall probability measure on subsets of faulty process chains. To combine different evidence, the orthogonal sums of the base probabilities determined for each evidence are calculated. The procedure described above is converted into the rules of the knowledge base production. The description of the developed prototype of the expert system, its architecture, algorithmic and software is given. The functionality of the expert system and configuration tools for a specific type of production are under discussion.

A physical layer network coding (PLNC) is a highly efficient scheme for exchanging information between two nodes. Since the relay receives the interfered signal between two signals sent by two nodes, it hardly decodes any information from received signal. Therefore, the secure wireless communication link to the untrusted relay is constructed. The two nodes optimize the transmit power control for maximizing the secure capacity but these depend on the channel state information informed by the relay station. Therefore, the untrusted relay disguises the informed CSI for exploiting the information from two nodes. This paper constructs the game of two optimizations between the legitimate two nodes and the untrusted relay for clarifying the security of PLNC with untrusted relay.

Today's network is distributed and heterogeneous in nature and has numerous applications which affect day to day life, such as e-Banking, e-Booking of tickets, on line shopping etc. Hence the security of the network is crucial. Threats in the network can be due to intrusions. Such threats can be observed and handled using Intrusion Detection System. The security can be achieved using intrusion detection system, which observes the data traffic and identifies it as an intrusion or not. The objective of this paper is to design a model using game theoretic approach for intrusion detection. Game model is designed by defining players, strategies and utility functions to identify the Probe attacks. This model is tested with NSLKDD data set. The model is the Probe attacks are identified by dominated strategies elimination method. Experimental results shows that game model identifies the attacks with good detection rate.

In self-organized wireless network, such as ad hoc network, sensor network or mesh network, nodes are independent individuals which have different benefit; Therefore, selfish nodes refuse to forward packets for other nodes in order to save energy which causes the network fault. At the same time, some nodes may be malicious, whose aim is to damage the network. In this paper, we analyze the cooperation stimulation and security in self-organized wireless networks under a game theoretic framework. We first analyze a four node wireless network in which nodes share the channel by relaying for others during its idle periods in order to help the other nodes, each node has to use a part of its available channel capacity. And then, the fault tolerance and security problem is modeled as a non-cooperative game in which each player maximizes its own utility function. The goal of the game is to maximize the utility function in the giving condition in order to get better network efficiency. At last, for characterizing the efficiency of Nash equilibria, we analyze the so called price of anarchy, as the ratio between the objective function at the worst Nash equilibrium and the optimal objective function. Our results show that the players can get the biggest payoff if they obey cooperation strategy.

Performance of routing is severely degraded when misbehaving nodes drop packets instead of properly forwarding them. In this paper, we propose a Game-Theoretic Adaptive Multipath Routing (GTAMR) protocol to detect and punish selfish or malicious nodes which try to drop information packets in routing phase and defend against collaborative attacks in which nodes try to disrupt communication or save their power. Our proposed algorithm outranks previous schemes because it is resilient against attacks in which more than one node coordinate their misbehavior and can be used in networks which wireless nodes use directional antennas. We then propose a game theoretic strategy, ERTFT, for nodes to promote cooperation. In comparison with other proposed TFT-like strategies, ours is resilient to systematic errors in detection of selfish nodes and does not lead to unending death spirals.

We develop an auction framework for privacy-preserving data aggregation in mobile crowdsensing, where the platform plays the role as an auctioneer to recruit workers for a sensing task. In this framework, the workers are allowed to report privacy-preserving versions of their data to protect their data privacy; and the platform selects workers based on their sensing capabilities, which aims to address the drawbacks of game-theoretic models that cannot ensure the accuracy level of the aggregated result, due to the existence of multiple Nash Equilibria. Observe that in this auction based framework, there exists externalities among workers' data privacy, because the data privacy of each worker depends on both her injected noise and the total noise in the aggregated result that is intimately related to which workers are selected to fulfill the task. To achieve a desirable accuracy level of the data aggregation in a cost-effective manner, we explicitly characterize the externalities, i.e., the impact of the noise added by each worker on both the data privacy and the accuracy of the aggregated result. Further, we explore the problem structure, characterize the hidden monotonicity property of the problem, and determine the critical bid of workers, which makes it possible to design a truthful, individually rational and computationally efficient incentive mechanism. The proposed incentive mechanism can recruit a set of workers to approximately minimize the cost of purchasing private sensing data from workers subject to the accuracy requirement of the aggregated result. We validate the proposed scheme through theoretical analysis as well as extensive simulations.

The reverse k-nearest neighbours search is a fundamental primitive in multi-dimensional (i.e. multi-attribute) databases with applications in location-based services, online recommendations, statistical classification, pat-tern recognition, graph algorithms, computer games development, and so on. Despite the relevance and popularity of the query, no solution has yet been put forward that supports it in encrypted databases while protecting at the same time the privacy of both the data and the queries. With the outsourcing of massive datasets in the cloud, it has become urgent to find ways of ensuring the fast and secure processing of this query in untrustworthy cloud computing. This paper presents searchable encryption schemes which can efficiently and securely enable the processing of the reverse k-nearest neighbours query over encrypted multi-dimensional data, including index-based search schemes which can carry out fast query response that preserves data confidentiality and query privacy. The proposed schemes resist practical attacks operating on the basis of powerful background knowledge and their efficiency is confirmed by a theoretical analysis and extensive simulation experiments.

The timing characteristics of cache, a high-speed storage between the fast CPU and the slow memory, may reveal sensitive information of a program, thus allowing an adversary to conduct side-channel attacks. Existing methods for detecting timing leaks either ignore cache all together or focus only on passive leaks generated by the program itself, without considering leaks that are made possible by concurrently running some other threads. In this work, we show that timing-leak-freedom is not a compositional property: a program that is not leaky when running alone may become leaky when interleaved with other threads. Thus, we develop a new method, named adversarial symbolic execution, to detect such leaks. It systematically explores both the feasible program paths and their interleavings while modeling the cache, and leverages an SMT solver to decide if there are timing leaks. We have implemented our method in LLVM and evaluated it on a set of real-world ciphers with 14,455 lines of C code in total. Our experiments demonstrate both the efficiency of our method and its effectiveness in detecting side-channel leaks.

Applications in C/C++ are notoriously prone to memory corruptions. With significant research efforts devoted to this area of study, the security threats posed by previously popular vulnerabilities, such as stack and heap overflows, are not as serious as before. Instead, we have seen the meteoric rise of attacks exploiting use-after-free (UaF) vulnerabilities in recent years, which root in pointers pointing to freed memory (i.e., dangling pointers). Although various approaches have been proposed to harden software against UaF, none of them can achieve robustness and efficiency at the same time. In this paper, we present a novel defense called pSweeper to robustly protect against UaF exploits with low overhead, and pinpoint the root-causes of UaF vulnerabilities with one safe crash. The success of pSweeper lies in its two unique and innovative design ideas, concurrent pointer sweeping (CPW) and object origin tracking (OOT). CPW exploits the increasingly available multi-cores on modern PCs and outsources the heavyweight security checks and enforcement to dedicated threads that can run on spare cores. Specifically, CPW iteratively sweeps all live pointers in a concurrent thread to find dangling pointers. This design is quite different from previous work that requires to track every pointer propagation to maintain accurate point-to relationship between pointers and objects. OOT can help to pinpoint the root-causes of UaF by informing developers of how a dangling pointer is created, i.e., how the problematic object is allocated and freed. We implement a prototype of pSweeper and validate its efficacy in real scenarios. Our experimental results show that pSweeper is effective in defeating real-world UaF exploits and efficient when deployed in production runs.

Formal security verification of firmware interacting with hardware in modern Systems-on-Chip (SoCs) is a critical research problem. This faces the following challenges: (1) design complexity and heterogeneity, (2) semantics gaps between software and hardware, (3) concurrency between firmware/hardware and between Intellectual Property Blocks (IPs), and (4) expensive bit-precise reasoning. In this paper, we present a co-verification methodology to address these challenges. We model hardware using the Instruction-Level Abstraction (ILA), capturing firmware-visible behavior at the architecture level. This enables integrating hardware behavior with firmware in each IP into a single thread. The co-verification with multiple firmware across IPs is formulated as a multi-threaded program verification problem, for which we leverage software verification techniques. We also propose an optimization using abstraction to prevent expensive bit-precise reasoning. The evaluation of our methodology on an industry SoC Secure Boot design demonstrates its applicability in SoC security verification.

Use-After-Free (UAF) vulnerabilities are caused by the program operating on a dangling pointer and can be exploited to compromise critical software systems. While there have been many tools to mitigate UAF vulnerabilities, UAF remains one of the most common attack vectors. UAF is particularly di cult to detect in concurrent programs, in which a UAF may only occur with rare thread schedules. In this paper, we present a novel technique, UFO, that can precisely predict UAFs based on a single observed execution trace with a provably higher detection capability than existing techniques with no false positives. The key technical advancement of UFO is an extended maximal thread causality model that captures the largest possible set of feasible traces that can be inferred from a given multithreaded execution trace. By formulating UAF detection as a constraint solving problem atop this model, we can explore a much larger thread scheduling space than classical happens-before based techniques. We have evaluated UFO on several real-world large complex C/C++ programs including Chromium and FireFox. UFO scales to real-world systems with hundreds of millions of events in their execution and has detected a large number of real concurrency UAFs.

It is a research hotspot that using blockchain technology to solve the security problems of the Internet of Things (IoT). Although many related ideas have been proposed, there are very few literatures with theoretical and data support. This paper focuses on the research of model construction and performance evaluation. First, an IoT security model is established based on blockchain and InterPlanetary File System (IPFS). In this model, many security risks of traditional IoT architectures can be avoided, and system performance is significantly improved in distributed large capacity storage, concurrency and query. Secondly, the performance of the proposed model is evaluated through the average latency and throughput, which are meaningful for further research and optimization of this direction. Analysis and test results demonstrate the effectiveness of the blockchain-based security model.

Just like bugs in single-threaded programs can lead to vulnerabilities, bugs in multithreaded programs can also lead to concurrency attacks. We studied 31 real-world concurrency attacks, including privilege escalations, hijacking code executions, and bypassing security checks. We found that compared to concurrency bugs' traditional consequences (e.g., program crashes), concurrency attacks' consequences are often implicit, extremely hard to be observed and diagnosed by program developers. Moreover, in addition to bug-inducing inputs, extra subtle inputs are often needed to trigger the attacks. These subtle features make existing tools ineffective to detect concurrency attacks. To tackle this problem, we present OWL, the first practical tool that models general concurrency attacks' implicit consequences and automatically detects them. We implemented OWL in Linux and successfully detected five new concurrency attacks, including three confirmed and fixed by developers, and two exploited from previously known and well-studied concurrency bugs. OWL has also detected seven known concurrency attacks. Our evaluation shows that OWL eliminates 94.1% of the reports generated by existing concurrency bug detectors as false positive, greatly reducing developers' efforts on diagnosis. All OWL source code, concurrency attack exploit scripts, and results are available on github.com/hku-systems/owl.

The network attack graph is a powerful tool for analyzing network security, but the generation of a large-scale graph is non-trivial. The main challenge is from the explosion of network state space, which greatly increases time and storage costs. In this paper, three parallel algorithms are proposed to generate scalable attack graphs. An OpenMP-based programming implementation is used to test their performance. Compared with the serial algorithm, the best performance from the proposed algorithms provides a 10X speedup.

We study a game theoretic model where a coalition of processors might collude to bias the outcome of the protocol, where we assume that the processors always prefer any legitimate outcome over a non-legitimate one. We show that the problems of Fair Leader Election and Fair Coin Toss are equivalent, and focus on Fair Leader Election. Our main focus is on a directed asynchronous ring of n processors, where we investigate the protocol proposed by Abraham et al. [4] and studied in Afek et al. [5]. We show that in general the protocol is resilient only to sub-linear size coalitions. Specifically, we show that Ω( p n logn) randomly located processors or Ω( 3 √ n) adversarially located processors can force any outcome. We complement this by showing that the protocol is resilient to any adversarial coalition of size O( 4 √ n). We propose a modification to the protocol, and show that it is resilient to every coalition of size ?( √ n), by exhibiting both an attack and a resilience result. For every k ≥ 1, we define a family of graphs Gk that can be simulated by trees where each node in the tree simulates at most k processors. We show that for every graph in Gk , there is no fair leader election protocol that is resilient to coalitions of size k. Our result generalizes a previous result of Abraham et al. [4] that states that for every graph, there is no fair leader election protocol which is resilient to coalitions of size ?n/2 ?.

Secure network coding realizes the secrecy of the message when the message is transmitted via noiseless network and a part of edges or a part of intermediate nodes are eavesdropped. In this framework, if the channels of the network has noise, we apply the error correction to noisy channel before applying the secure network coding. In contrast, secure physical layer network coding is a method to securely transmit a message by a combination of coding operation on nodes when the network is given as a set of noisy channels. In this paper, we give several examples of network, in which, secure physical layer network coding realizes a performance that cannot be realized by secure network coding.

With the development of wireless communication, the reliability and the security of data is very significant for the wireless communication. In this paper, a delayed feedback chaotic encryption algorithm based on polar codes is proposed. In order to protect encoding information, we make uses of wireless channels to extract binary keys. The extracted binary keys will be used as the initial value of chaotic system to produce chaotic sequences. Besides, we use the chain effects of delayed feedback, which increase the difficulty of cryptanalysis. The results of the theoretical analyses and simulations show that the algorithm could guarantee the security of data transmission without affecting reliability.

As a result of increasing the interest in developing the communication systems that use public channels for transmitting information, many channel problems are raised up. Among these problems, the important one should be addressed is the information security. This paper presents a proposed communication system with high security uses two encryption levels based on chaotic systems. The first level is chaotic scrambling, while the second one is chaotic masking. This configuration increases the information security since the key space becomes too large. The MATLAB simulation results showed that the Segmental Spectral Signal to Noise Ratio (SSSNR) of the first level (chaotic scrambling) is reduced by -5.195 dB comparing to time domain scrambling. Furthermore, in the second level (chaotic masking), the SSSNR is reduced by -20.679 dB. It is also showed that when the two levels are combined, the overall reduction obtained is -21.755 dB.

This paper explores using chaos-based cryptography for transmitting multimedia data, mainly speech and voice messages, over public communication channels, such as the internet. The secret message to be transmitted is first converted into a one-dimensional time series, that can be cast in a digital/binary format. The main feature of the proposed technique is mapping the two levels of every corresponding bit of the time series into different multiple chaotic orbits, using a simple encryption function. This one-to-many mapping robustifies the encryption technique and makes it resilient to crypto-analysis methods that rely on associating the energy level of the signal into two binary levels, using return map attacks. A chaotic nonautonomous Duffing oscillator is chosen to implement the suggested technique, using three different parameters that are assumed unknown at the receiver side. Synchronization between the transmitter and the receiver and reconstructing the secret message, at the receiver side, is done using a Lyapunov-based adaptive technique. Achieving stable operation, tuning the required control gains, as well as effective utilization of the bandwidth of the public communication channel are investigated. Two different case studies are presented; the first one deals with text that can be expressed as 8-bit ASCII code, while the second one corresponds to an analog acoustic signal that corresponds to the voice associated with pronouncing a short sentence. Advantages and limitation of the proposed technique are highlighted, while suggesting extensions to other multimedia signals, along with their required additional computational effort.

Security often requires that the data must be kept safe from unauthorized access. And the best line of speech communication is security. However, most computers are interconnected with each other openly, thereby exposing them and the communication channels that person uses. Speech cryptography secures information by protecting its confidentiality. It can also be used to protect information about the integrity and authenticity of data. Stronger cryptographic techniques are needed to ensure the integrity of data stored on a machine that may be infected or under attack. So far speech cryptography is used in many forms but using it with Audio file is another stronger technique. The process of cryptography happens with audio file for transferring more secure sensitive data. The audio file is encrypted and decrypted by using Lorenz 3D mapping and then 3D mapping function is converted into 2D mapping function by using euler's numerical resolution and strong algorithm provided by using henon mapping and then decrypted by using reverse of encryption. By implementing this, the resultant audio file will be in secured form.

The Data Encryption Standard (DES) of the multimedia cryptography possesses the weak point of key conducting that is why it reaches to the triple form of DES. However, the triple DES obtains the better characteristic to secure the protection of data to against the attacks, it still contains an extremely inappropriate performance (speed) and efficiency in doing so. This paper provides the effective performance and the results of a single and triple chaotic cryptography using chaos in digital filter, compare to DES and triple DES. This comparison has been made pair-to-pair of single structure respectively to the triple form. Finally the implementation aspects of a single chaotic cryptography using chaos in digital filter can stand efficiently as better performance speed with the small complexity algorithm, points out the resemblances to DES and triple DES with the similar security confirmation results without reaching to the triple form of the structure. Simulation has been conducted using Matlab simulation with the input of grayscale image.

A secure voice communications channel is on demand to avoid unwanted eavesdropping of voice messages. This paper reports the development of communicaiton channel prototype equipped with Chaotic cryptographic algorithm with Cipher Feedback mode, implemented on FPGA due to its high processing speed and low delay required for voice channel. Two Spartan-3 FPGA board was used for the purpose, one as transmitter in encryption process and the other as receiver of decryption process. The experimental tests reveal that the voice channel is successfully secured using the encryption-decription cycle for asynchronous communication. In the non-ecrypted channel, the average values of MSE, delay, and THD-N parameters are 0.3513 V2, 202 μs, and 17.52%, respectively, while the secured channel produce MSE of 0.3794 V2, delay 202 μs, and THD-N 20.45%. Therefore, the original information sent in the encrypted channel can be restored with similar quality compared to the non-encrypted channel.

Deterministic chaotic systems have been studied and developed in various fields of research. Dynamical systems with chaotic dynamics have different applications in communication, security and computation. Chaotic behaviors can be created by even simple nonlinear systems which can be implemented on low-cost hardware platforms. This paper presents a high-speed and low-cost hardware of three-dimensional chaotic flows without equilibrium. The proposed chaotic hardware is able to reproduce the main mechanism and dynamical behavior of the 3D chaotic flows observed in simulation, then a Chaotic Pseudo Random Number Generator is designed based on a 3D chaotic system. The proposed hardware is implemented with low computational overhead on an FPGA board, as a proof of concept. This low-cost chaotic hardware can be utilized in embedded and lightweight systems for a variety of chaotic based digital systems such as digital communication systems, and cryptography systems based on chaos theory for Security and IoT applications.

The paper presents a cryptanalysis of an enhanced sub-image encryption method recently proposed by Wang et al. in Optics and Lasers in Engineering 86(2016). Their paper shows that a parallel sub-image encryption method proposed by Mirzaei et al. in Nonlinear Dyn. 67(2012) could be attacked by chosen plaintext attack and proposed an enhanced sub-image encryption method claimed to completely resist the chosen plaintext attack. However, the enhanced sub-image encryption method also has some weakness, such as the key streams are independent with the plain-image. In this paper, one chosen plaintext attack type of cryptanalysis is presented for the enhanced sub-image encryption method and completely broken the enhanced sub-image encryption method. The experimental results indicate that the enhanced sub-image encryption method is weak against chosen plaintext attack and should be improved for practical application.