Biblio

This paper puts forward a dynamic reduction method of renewable energy based on N-1 safety standard of power system, which is suitable for high-voltage distribution network and can reduce the abandoned amount of renewable energy to an ideal level. On the basis of AC sensitivity coefficient, the optimization method of distribution factor suitable for single line or multi-line disconnection is proposed. Finally, taking an actual high-voltage distribution network in Germany as an example, the simulation results show that the proposed method can effectively limit the line load, and can greatly reduce the line load with less RES reduction.

In recent times, major cybersecurity breaches and cyber fraud had huge negative impact on victim organisations. The biggest impact made on major areas of business activities. Majority of organisations facing cybersecurity adversity and advanced threats suffers from huge financial and reputation loss. The current security technologies, policies and processes are providing necessary capabilities and cybersecurity mechanism to solve cyber threats and risks. However, current solutions are not providing required mechanism for decision making on impact of cybersecurity breaches and fraud. In this paper, we are reporting initial findings and proposing conceptual solution. The paper is aiming to provide a novel model for Cybersecurity Economics and Analysis (CEA). We will contribute to increasing harmonization of European cybersecurity initiatives and reducing fragmented practices of cybersecurity solutions and also helping to reach EU Digital Single Market goal. By introducing Cybersecurity Readiness Level Metrics the project will measure and increase effectiveness of cybersecurity programs, while the cost-benefit framework will help to increase the economic and financial viability, effectiveness and value generation of cybersecurity solutions for organisation's strategic, tactical and operational imperative. The ambition of the research development and innovation (RDI) is to increase and re-establish the trust of the European citizens in European digital environments through practical solutions.

In IoT scenarios, computational and communication costs on the user side are important problems. In most expressive ABE schemes, there is a linear relationship between the access structure size and the number of heavy pairing operations that are used in the decryption process. This property limits the application of ABE. We propose an expressive CP-ABE with the constant number of pairings in the decryption process. The simulation shows that the proposed scheme is highly efficient in encryption and decryption processes. In addition, we use the outsourcing method in decryption to get better performance on the user side. The main burden of decryption computations is done by the cloud without revealing any information about the plaintext. We introduce a new revocation method. In this method, the users' communication channels aren't used during the revocation process. These features significantly reduce the computational and communication costs on the user side that makes the proposed scheme suitable for applications such as IoT. The proposed scheme is selectively CPA-secure in the standard model.

This paper considers the covert identification problem in which a sender aims to reliably convey an identification (ID) message to a set of receivers via a binary-input discrete memoryless channel (BDMC), and simultaneously to guarantee that the communication is covert with respect to a warden who monitors the communication via another independent BDMC. We prove a square-root law for the covert identification problem. This states that an ID message of size exp(exp($\Theta$($\surd$ n)) can be transmitted over n channel uses. We then characterize the exact pre-constant in the $\Theta$($\cdot$) notation. This constant is referred to as the covert identification capacity. We show that it equals the recently developed covert capacity in the standard covert communication problem, and somewhat surprisingly, the covert identification capacity can be achieved without any shared key between the sender and receivers. The achievability proof relies on a random coding argument with pulse-position modulation (PPM), coupled with a second stage which performs code refinements. The converse proof relies on an expurgation argument as well as results for channel resolvability with stringent input constraints.

Aiming at ensure the security and self-control of heterogeneous alliance network, this paper proposes a novel structure of identity authentication based on domestic commercial cryptography with blockchain in the heterogeneous alliance network. The domestic commercial cryptography, such as SM2, SM3, SM4, SM9 and ZUC, is adopted to solve the encryption, decryption, signature and verification of blockchain, whose key steps of data layer are solved by using domestic commercial cryptographic algorithms. In addition, it is the distributed way to produce the public key and private key for the security of the keys. Therefore, the cross domain identity authentication in the heterogeneous alliance network can be executed safely and effectively.

Internet of Things (IoT) devices are ubiquitous, with web cameras, smart refrigerators, and digital assistants appearing in homes, offices, and public spaces. However, these devices are lacking in security measures due to their low time to market and insufficient funding for security research and development. In order to improve the security of IoTs, we have defined novel security metrics based on generic IoT characteristics. Furthermore, we have developed automation for experimentation with IoT devices that results to repeatable and reproducible calculations of security metrics within a realistic IoT testbed. Our results demonstrate that repeatable IoT security measurements are feasible with automation. They prove quantitatively intuitive hypotheses. For example, an large number of inbound / outbound network connections contributes to higher probability of compromise or measuring password strength leads to a robust estimation of IoT security.

Software Defined Networking (SDN) has changed the way of designing and managing networks through programmability. However, programmability also introduces security threats. In this work we address the issue of malicious hosts running malicious applications that bypass the standard SDN based detection mechanisms. The SDN security system we are proposing periodically monitors the system calls utilization of the different SDN applications installed, learns from past system behavior using machine learning classifiers, and thus accurately detects the existence of an unusual activity or a malicious application.

In contrast to traditional grids, smart grids can help utilities save energy, thereby reducing operating costs. In the smart grid, the quality of monitoring and control can be fully improved by combining computing and intelligent communication knowledge. However, this will expose the system to FDI attacks, and the system is vulnerable to intrusion. Therefore, it is very important to detect such erroneous data injection attacks and provide an algorithm to protect the system from such attacks. In this paper, a FDI detection method based on LSTM has been proposed, which is validated by the simulation on the ieee-14 bus platform.

Natural Language Processing is being used in every field of human to machine interaction. Database queries although have a confined set of instructions, but still found to be complex and dedicated human resources are required to write, test, optimize and execute structured query language statements. This makes it difficult, time-consuming and many a time inaccurate too. Such difficulties can be overcome if the queries are formed dynamically with standard procedures. In this work, parsing, lexical analysis, synonym detection and formation processes of the natural language processing are being proposed to be used for dynamically generating SQL queries and optimization of them for fast processing with high accuracy. NLP parsing of the user inputted text for retrieving, creation and insertion of data are being proposed to be created dynamically from English text inputs. This will help users of the system to generate reports from the data as per the requirement without the complexities of SQL. The proposed system will not only generate queries dynamically but will also provide high accuracy and performance.

Modern digital signature schemes can provide more guarantees than the standard notion of (strong) unforgeability, such as offering security even in the presence of maliciously generated keys, or requiring to know a message to produce a signature for it. The use of signature schemes that lack these properties has previously enabled attacks on real-world protocols. In this work we revisit several of these notions beyond unforgeability, establish relations among them, provide the first formal definition of non re-signability, and a transformation that can provide these properties for a given signature scheme in a provable and efficient way.Our results are not only relevant for established schemes: for example, the ongoing NIST PQC competition towards standardizing post-quantum signature schemes has six finalists in its third round. We perform an in-depth analysis of the candidates with respect to their security properties beyond unforgeability. We show that many of them do not yet offer these stronger guarantees, which implies that the security guarantees of these post-quantum schemes are not strictly stronger than, but instead incomparable to, classical signature schemes. We show how applying our transformation would efficiently solve this, paving the way for the standardized schemes to provide these additional guarantees and thereby making them harder to misuse.

A standard requirement for a signature scheme is that it is existentially unforgeable under chosen message attacks (EUF-CMA), alongside other properties of interest such as strong unforgeability (SUF-CMA), and resilience against key substitution attacks.Remarkably, no detailed proofs have ever been given for these security properties for EdDSA, and in particular its Ed25519 instantiations. Ed25519 is one of the most efficient and widely used signature schemes, and different instantiations of Ed25519 are used in protocols such as TLS 1.3, SSH, Tor, ZCash, and WhatsApp/Signal. The differences between these instantiations are subtle, and only supported by informal arguments, with many works assuming results can be directly transferred from Schnorr signatures. Similarly, several proofs of protocol security simply assume that Ed25519 satisfies properties such as EUF-CMA or SUF-CMA.In this work we provide the first detailed analysis and security proofs of Ed25519 signature schemes. While the design of the schemes follows the well-established Fiat-Shamir paradigm, which should guarantee existential unforgeability, there are many side cases and encoding details that complicate the proofs, and all other security properties needed to be proven independently.Our work provides scientific rationale for choosing among several Ed25519 variants and understanding their properties, fills a much needed proof gap in modern protocol proofs that use these signatures, and supports further standardisation efforts.

UPI (Unified Payments Interface) is a framework in India wherein customers can send payments to merchants from their smartphones. The framework consists of UPI servers that are connected to the banks at the sender and receiver ends. To send and receive payments, customers and merchants would have to first register themselves with UPI servers by executing a registration protocol using payment apps such as BHIM, PayTm, Google Pay, and PhonePe. Weaknesses were recently reported on these protocols that allow attackers to make money transfers on behalf of innocent customers and even empty their bank accounts. But the reported weaknesses were found after informal and manual analysis. However, as history has shown, formal analysis of cryptographic protocols often reveals flaws that could not be discovered with manual inspection. In this paper, we model UPI protocols in the pattern of traditional cryptographic protocols such that they can be rigorously studied and analyzed using formal methods. The modeling simplifies many of the complexities in the protocols, making it suitable to analyze and verify UPI protocols with popular analysis and verification tools such as the Constraint Solver, ProVerif and Tamarin. Our modeling could also be used as a general framework to analyze and verify many other financial payment protocols than just UPI protocols, giving it a broader applicability.

This paper deals with a problem that arises in vertical composition of protocols, i.e., when a channel protocol is used to encrypt and transport arbitrary data from an application protocol that uses the channel. Our work proves that we can verify that the channel protocol ensures its security goals independent of a particular application. More in detail, we build a general paradigm to express vertical composition of an application protocol and a channel protocol, and we give a transformation of the channel protocol where the application payload messages are replaced by abstract constants in a particular way that is feasible for standard automated verification tools. We prove that this transformation is sound for a large class of channel and application protocols. The requirements that channel and application have to satisfy for the vertical composition are all of an easy-to-check syntactic nature.

As an innovative type of decentralized model, blockchain is a growing list of blocks linked by cryptography. Blockchain incorporates anonymity protocol, distributed data storage, consensus algorithm, and smart contract. The anonymity protocols in blockchain are significant in that they could protect users from leaking their personal information. In this paper, we will conduct a detailed review and comparison of anonymity protocols used in three famous cryptocurrencies, namely Bitcoin, Zcash, and Ethereum.

Vehicle Ad-hoc Networks (VANETs) have recently become an active research area. This is because of its important applications in the transportation field in which vehicles have severe position during activities of daily living in persons. In this paper, the basic background of the VANET from the Intelligent Transportation System (ITS), Mobile Ad-hoc Networks (MANETs), VANET standard and VANET characteristics are discussed. Second, the architecture from components and communications of the system are presented. Then, the critical challenges and future perspectives in this field are comprehensively reviewed. This paper could serve as a guide and reference in the design and development of any new techniques for VANETs. Moreover, this paper may help researchers and developers in the selection of the main features of VANET for their goals in one single document.

In recent years, cyber security has become a challenging task to protect the networks and computing systems from various types of digital attacks. Therefore, to preserve these systems, various innovative methods have been reported and implemented in practice. However, still more research work needs to be carried out to have malware free computing system. In this paper, an attempt has been made to develop simple but reliable ML based malware detection systems which can be implemented in practice. Keeping this in view, the present paper has proposed and compared the performance of three ML based malware detection systems applicable for computer systems. The proposed methods include k-NN, RF and LR for detection purpose and the features extracted comprise of Byte and ASM. The performance obtained from the simulation study of the proposed schemes has been evaluated in terms of ROC, Log loss plot, accuracy, precision, recall, specificity, sensitivity and F1-score. The analysis of the various results clearly demonstrates that the RF based malware detection scheme outperforms the model based on k-NN and LR The efficiency of detection of proposed ML models is either same or comparable to deep learning-based methods.

Security plays a paradigmatic role in the area of networking. The main goal of security is to protect these networks which contains confidential data against various kinds of attacks. By changing parameters like key size, increasing the rounds of iteration and finally using confusion box as the S-box, the strength of the cryptographic algorithms can be incremented. By using the Data Encryption Standard (DES), the images can be secured with the help of Dynamic S-boxes. Each of these 8 S-boxes contain 64 elements. Each row contains elements in the range 0–15 and are unique. Our proposed system generates these S-boxes dynamically depending on the key. The evaluation of this Dynamic S-box and DES shows much fruitful results over factors like Non-linearity, Strict Avalanche criterion, Balance, memory and time required for implementation using images.

Modern vehicles become increasingly digitalized with advanced information technology-based solutions like advanced driving assistance systems and vehicle-to-x communications. These systems are complex and interconnected. Rising complexity and increasing outside exposure has created a steadily rising demand for more cyber-secure systems. Thus, also standardization bodies and regulators issued standards and regulations to prescribe more secure development processes. This security, however, also has to be validated and verified. In order to keep pace with the need for more thorough, quicker and comparable testing, today's generally manual testing processes have to be structured and optimized. Based on existing and emerging standards for cybersecurity engineering, this paper therefore outlines a structured testing process for verifying and validating automotive cybersecurity, for which there is no standardized method so far. Despite presenting a commonly structured framework, the process is flexible in order to allow implementers to utilize their own, accustomed toolsets.

Attribute-based encryption (ABE) is an access control mechanism where a sender encrypts messages according to an attribute set for multiple receivers. With fine-grained access control, it has been widely applied to cloud storage and file sharing systems. In such a mechanism, it is a challenge to achieve the revocation efficiently on a specific user since different users may share common attributes. Thus, dynamic membership is a critical issue to discuss. On the other hand, most works on LSSS-based ABE do not address the situation about threshold on the access structure, and it lowers the diversity of access policies. This manuscript presents an efficient attribute-based encryption scheme with dynamic membership by using LSSS. The proposed scheme can implement threshold gates in the access structure. Furthermore, it is the first ABE supporting complete dynamic membership that achieves the CCA security in the standard model, i.e. without the assumption of random oracles.

The internal laboratory directed research and development (LDRD) project Infrastructure eXpression (IX) at the Idaho National Laboratory (INL), is based on codifying infrastructure to support automatic applicability to emerging cyber issues, enabling automated cyber responses, codifying attack surfaces, and analysis of cyber impacts to our nation's most critical infrastructure. IX uses the Structured Threat Information eXpression (STIX) open international standard version 2.1 which supports STIX Cyber Observable (SCO) to codify infrastructure characteristics and exposures. Using these codified infrastructures, STIX Relationship Objects (SRO) connect to STIX Domain Objects (SDO) used for modeling cyber threat used to create attack surfaces integrated with specific infrastructure. This IX model creates a shareable, actionable and implementable attack surface that is updateable with emerging threat or infrastructure modifications. Enrichment of cyber threat information includes attack patterns, indicators, courses of action, malware and threat actors. Codifying infrastructure in IX enables creation of software and hardware bill of materials (SBoM/HBoM) information, analysis of emerging cyber vulnerabilities including supply chain threat to infrastructure.

This study offers an alternative to current implementations of key exchange by utilizing NFC technologies within android mobile devices. Supporting key exchange protocols along with cryptographic algorithms are offered, which meet current security standards whilst maintaining a short key length for optimal transfer between devices. Peer-to-peer and Host Card Emulation operational modes are observed to determine the best suited approach for key exchange. The proposed model offers end to end encryption between Client-Client as opposed to the usual Client-Server encryption offered by most Instant Messaging applications.

We showcase the capabilities of V2Verifier, a new open-source software-defined radio (SDR) testbed for vehicle-to-vehicle (V2V) communications security, to expose the strengths and vulnerabilities of current V2V security systems based on the IEEE 1609.2 standard. V2Verifier supports both major V2V technologies and facilitates a broad range of experimentation with upper- and lower-layer attacks using a combination of SDRs and commercial V2V on-board units (OBUs). We demonstrate two separate attacks (jamming and replay) against Dedicated Short Range Communication (DSRC) and Cellular Vehicle-to-Everything (C-V2X) technologies, experimentally quantifying the threat posed by these types of attacks. We also use V2Verifier's open-source implementation to show how the 1609.2 standard can effectively mitigate certain types of attacks (e.g., message replay), facilitating further research into the security of V2V.

Blockchain is a decentralized technology that provides untampered and anonymous security service to users. Without relying on trusted third party, it can establish the value transfer between nodes and reduce the transaction costs. Mature public key cryptosystem and signature scheme are important basis of blockchain security. Currently, most of the public key cryptosystems are based on classic difficult problems such as RSA and ECC. However, the above asymmetric cryptosystems are no longer secure with the development of quantum computing technology. To resist quantum attacks, researchers have proposed encryption schemes based on lattice recently. Although existing schemes have theoretical significance in blockchain, they are not suitable for the practical application due to the large size of key and signature. To tackle the above issues, this paper proposes an anti-quantum signature scheme over ideal lattice in blockchain. First, we transfer the signature scheme from the standard lattice to the ideal lattice, which reduces the size of public key. Afterwards, a novel signature scheme is proposed to reduce both the size of the private and public key significantly. Finally, we theoretically prove the security of our ideal lattice-based signature scheme with a reduction to the hardness assumption of Ideal Small Integer Sulotion problem which can resist quantum attacks. The efficiency analysis demonstrates that our signature scheme can be practically used in blockchain.

The Internet of Things (IoT) has enabled the rapid pace of the use of communication technology and infiltration of technical systems in a digital world. In terms of power systems generation and operation, a reliable solution for substation automation and smart grid communication is the IEC 61850 standard. It has a robust modelling structure for monitoring, protection, and control and management systems in substations and across the grid. Modern communication technologies are destined for internet use for remote monitoring, settings, and data recovery. However, the communication network is exposed to cyber threats and evident risks in security defense of automated power systems. To tackle these vulnerabilities, the IEC 62351 standard aims to improve security in handling the communication and data transfers in power system automation. This paper discusses the different security measures in communication, information and cyber security solutions in power systems. To further illustrate the novel communication and security schemes of digital substations, a case study using the Victoria University Zone Substation (VUZS) simulator for cybersecurity assessment has been instigated.

Software Defined Network (SDN) is a new paradigm in network architecture. The basic concept of SDN itself is to separate the control plane and forwarding plane explicitly. In the last few years, SDN technology has become one of the exciting topics for researchers, the development of SDN which was carried out, one of which was implementing the Internet of Things (IoT) devices in the SDN network architecture model. Mininet-IoT is developing the Mininet network emulator by adding virtualized IoT devices, 6LoWPAN based on wireless Linux standards, and 802.15.4 wireless simulation drivers. Mininet-IoT expands the Mininet code class by adding or modifying functions in it. This research will discuss the performance of the 6LoWPAN device on the internet of things (IoT) network by applying the SDN paradigm. We use the Mininet-IoT emulator and the Open Network Operating System (ONOS) controller using the internet of things (IoT) IPv6 forwarding. Performance testing by comparing some of the topologies of the addition of host, switch, and cluster. The test results of the two scenarios tested can be concluded; the throughput value obtained has decreased compared to the value of back-traffic traffic. While the packet loss value obtained is on average above 15%. Jitter value, delay, throughput, and packet loss are still in the category of enough, good, and very good based on TIPHON and ITU-T standards.