Biblio

Training deep neural networks is a computationally expensive task. Furthermore, models are often derived from proprietary datasets that have been carefully prepared and labelled. Hence, creators of deep learning models want to protect their models against intellectual property theft. However, this is not always possible, since the model may, e.g., be embedded in a mobile app for fast response times. As a countermeasure watermarks for deep neural networks have been developed that embed secret information into the model. This information can later be retrieved by the creator to prove ownership. Uchida et al. proposed the first such watermarking method. The advantage of their scheme is that it does not compromise the accuracy of the model prediction. However, in this paper we show that their technique modifies the statistical distribution of the model. Using this modification we can not only detect the presence of a watermark, but even derive its embedding length and use this information to remove the watermark by overwriting it. We show analytically that our detection algorithm follows consequentially from their embedding algorithm and propose a possible countermeasure. Our findings shall help to refine the definition of undetectability of watermarks for deep neural networks.

The CPS standard can be more objective to evaluate the effect of control behavior in each control area on the interconnected power grid. The CPS standard is derived from statistical methods emphasizing the long-term control performance of AGC, which is beneficial to the frequency control of the power grid by mutual support between the various power grids in the case of an accident. Moreover, CPS standard reduces the wear of the equipment caused by the frequent adjustment of the AGC unit. The key is to adjust the AGC control strategy to meet the performance of CPS standard. This paper proposed a dynamic optimal CPS control methodology for interconnected power systems based on model predictive control which can achieve optimal control under the premise of meeting the CPS standard. The effectiveness of the control strategy is verified by simulation examples.

Cyber-physical systems (CPS) research leverages the expertise of researchers from multiple domains to engineer complex systems of interacting physical and computational components. An approach called co-simulation is often used in CPS conceptual design to integrate the specialized tools and simulators from each of these domains into a joint simulation for the evaluation of design decisions. Many co-simulation platforms are being developed to expedite CPS conceptualization and realization, but most use intrusive modeling and communication libraries that require researchers to either abandon their existing models or spend considerable effort to integrate them into the platform. A significant number of these co-simulation platforms use the High Level Architecture (HLA) standard that provides a rich set of services to facilitate distributed simulation. This paper introduces a simple gateway that can be readily implemented without co-simulation expertise to adapt existing models and research infrastructure for use in HLA. An open-source implementation of the gateway has been developed for the National Institute of Standards and Technology (NIST) co-simulation platform called the Universal CPS Environment for Federation (UCEF).

This article describes an approach to identification and certification in decentralized environment. The protocol proposes a way of integration for blockchain technology and web-of-trust concept to create decentralized public key infrastructure with flexible management for user identificators. Besides changing the current public key infrastructure, this system can be used in the Internet of Things (IoT). Each individual IoT sensor must correctly communicate with other components of the system it's in. To provide safe interaction, components should exchange encrypted messages with ability to check their integrity and authenticity, which is presented by this scheme.

Cyber breaches can result in disruption to business operations, reputation damage as well as directly affecting the financial stability of the targeted corporations, with potential impacts on future profits and stock values. Automatic network-stream monitoring becomes necessary for cyber situation awareness, and time-series anomaly detection plays an important role in network stream monitoring. This study surveyed recent research on time-series analysis methods in respect of parametric and non-parametric techniques, and popular machine learning platforms for data analysis on streaming data on both single server and cloud computing environments. We believe it provides a good reference for researchers in both academia and industry to select suitable (time series) data analysis techniques, and computing platforms, dependent on the data scale and real-time requirements.

Modern operating systems are typical multitasking systems: Running multiple tasks at the same time. Therefore, a large number of system calls belonging to different processes are invoked at the same time. By associating these invocations, one can construct the system dependency graph. In rapidly evolving system dependency graphs, how to quickly find outliers is an urgent issue for intrusion detection. Clustering analysis based on graph similarity will help solve this problem. In this paper, an extended Weisfeiler-Lehman(WL) kernel is proposed. Firstly, an embedded vector with indefinite dimensions is constructed based on the original dependency graph. Then, the vector is compressed with Simhash to generate a fingerprint. Finally, anomaly detection based on clustering is carried out according to these fingerprints. Our scheme can achieve prominent detection with high efficiency. For validation, we choose StreamSpot, a relevant prior work, to act as benchmark, and use the same data set as it to carry out evaluations. Experiments show that our scheme can achieve the highest detection precision of 98% while maintaining a perfect recall performance. Moreover, both quantitative and visual comparisons demonstrate the outperforming clustering effect of our scheme than StreamSpot.

Today the frequency of technological transformations is very high. In order to cope up with these, there is a demand for fast processing and secured algorithms should be proposed for data exchange. In this paper, Advanced Encryption Standard (AES) is modified using DNA cryptography for fast processing and dynamic S-boxes are introduced to develop an attack resistant algorithm. This is strengthened by combining symmetric and asymmetric algorithms. Diffie-Hellman key exchange is used for AES key generation and also for secret number generation used for creation of dynamic S-boxes. The proposed algorithm is fast in computation and can resist cryptographic attacks like linear and differential cryptanalysis attacks.

Quick UDP Internet Connections (QUIC) is an experimental transport protocol designed to primarily reduce connection establishment and transport latency, as well as to improve security standards with default end-to-end encryption in HTTPbased applications. QUIC is a multiplexed and secure transport protocol fostered by Google and its design emerged from the urgent need of innovation in the transport layer, mainly due to difficulties extending TCP and deploying new protocols. While still under standardisation, a non-negligble fraction of the Internet's traffic, more than 7% of a European Tier1-ISP, is already running over QUIC and it constitutes more than 30% of Google's egress traffic [1].

A semi-quantum key distribution (SQKD) protocol allows two users A and B to establish a shared secret key that is secure against an all-powerful adversary E even when one of the users (e.g., B) is semi-quantum or classical in nature while the other is fully-quantum. A mediated SQKD protocol allows two semi-quantum users to establish a key with the help of an adversarial quantum server. We introduce the concept of a multi-mediated SQKD protocol where two (or more) adversarial quantum servers are used. We construct a new protocol in this model and show how it can withstand high levels of quantum noise, though at a cost to efficiency. We perform an information theoretic security analysis and, along the way, prove a general security result applicable to arbitrary MM-SQKD protocols. Finally, a comparison is made to previous (S)QKD protocols.

The interest over building security-based solutions to reduce the vulnerability exploits and mitigate the risks associated with smart homes in IoT is growing. However, our investigation identified to architect and implement distributed security mechanisms is still a challenge because is necessary to handle security and privacy in IoT middleware with a strong focus. Our investigation, it was identified the significant proportion of the systems that did not address security and did not describe the security approach in any meaningful detail. The idea proposed in this work is to provide middleware aim to implement security mechanisms in smart home and contribute as how guide to beginner developers' IoT middleware. The advantages of using MidSecThings are to avoid leakage data, unavailable service, unidentification action and not authorized access over IoT devices in smart home.

With the prevalence of Internet of Things (IoT) devices and systems, touching almost every single aspect of our modern life, one core factor that will determine whether this technology will succeed, and gain people trust, or fail is security. This technology aimed to facilitate and improve the quality of our life; however, it is hysterical and fast growth makes it an attractive and prime target for a whole variety of hackers posing a significant risk to our technology and IT infrastructures at both enterprise and individual levels. This paper discusses and identifies some critical aspects from software security perspective that need to be addressed and considered when designing IoT applications. This paper mainly concerned with potential security issues of the applications running on IoT devices including insecure interfaces, insecure software, constrained application protocol and middleware security. This effort is part of a funded research project that investigates internet of things (IoT) security and privacy issues related to architecture, connectivity and data collection.

SPARQL is a standard query language for knowledge graphs (KGs). However, it is hard to find correct answer if KGs are incomplete or incorrect. Knowledge graph embedding (KGE) enables answering queries on such KGs by inferring unknown knowledge and removing incorrect knowledge. Hence, our long-term goal in this line of research is to propose a new framework that integrates KGE and SPARQL, which opens various research problems to be addressed. In this paper, we solve one of the most critical problems, that is, optimizing the performance of nearest neighbor (NN) search. In our evaluations, we demonstrate that the search time of state-of-the-art NN search algorithms is improved by 40% without sacrificing answer accuracy.

The paper reviews a project on the automation of term system construction. TSBuilder (Term System Builder) was developed in 2014 as a multilayer Rosenblatt's perceptron for supervised machine learning, namely 1-3 word terms identification in natural language texts and their rigid categorization. The program is being modified to reduce the rigidity of categorization which will bring text mining more in line with human thinking.We are expanding the range of parameters (semantical, morphological, and syntactical) for categorization, removing the restriction of the term length of three words, using convolution on a continuous sequence of terms, and present the probabilities of a term falling into different categories. The neural network will not assign a single category to a term but give N answers (where N is the number of predefined classes), each of which O ∈ [0, 1] is the probability of the term to belong to a given class.

The exponential growth of the Internet and its users and the emergence of Web 2.0 have caused a large volume of textual data to be created. Automatic analysis of such data can be used in making decisions. As online text is created by different producers with different styles of writing, pre-processing is a necessity prior to any processes related to natural language tasks. An essential part of textual preprocessing prior to the recognition of the word vocabulary is normalization, which includes the correction of spaces that particularly in the Persian language this includes both full-spaces between words and half-spaces. Through the review of user comments within social media services, it can be seen that in many cases users do not adhere to grammatical rules of inserting both forms of spaces, which increases the complexity of the identification of words and henceforth, reducing the accuracy of further processing on the text. In this study, current issues in the normalization and tokenization of preprocessing tools within the Persian language and essentially identifying and correcting the separation of words are and the correction of spaces are proposed. The results obtained and compared to leading preprocessing tools highlight the significance of the proposed methodology.

As recently studied, network-on-chip (NoC) suffers growing threats from hardware trojans (HTs), leading to performance degradation or information leakage when it provides communication service in many/multi-core systems. Therefore, defense techniques against NoC HTs experience rapid development in recent years. However, to the best of our knowledge, there are few standard benchmarks developed for the defense techniques evaluation. To address this issue, in this paper, we design a suite of benchmarks which involves multiple NoCs with different HTs, so that researchers can compare various HT defense methods fairly by making use of them. We first briefly introduce the features of target NoC and its infected modules in our benchmarks, and then, detail the design of our NoC HTs in a one-by-one manner. Finally, we evaluate our benchmarks through extensive simulations and report the circuit cost of NoC HTs in terms of area and power consumption, as well as their effects on NoC performance. Besides, comprehensive experiments, including functional testing and side channel analysis are performed to assess the stealthiness of our HTs.

We present a unified communication architecture for security requirements in the industrial internet of things. Formulating security requirements in the language of OPC UA provides a unified method to communicate and compare security requirements within a heavily heterogeneous landscape of machines in the field. Our machine-readable data model provides a fully automatable approach for security requirement communication within the rapidly evolving fourth industrial revolution, which is characterized by high-grade interconnection of industrial infrastructures and self-configuring production systems. Capturing security requirements in an OPC UA compliant and unified data model for industrial control systems enables strong use cases within modern production plants and future supply chains. We implement our data model as well as an OPC UA server that operates on this model to show the feasibility of our approach. Further, we deploy and evaluate our framework within a reference project realized by 14 industrial partners and 7 research facilities within Germany.

The defense-in-depth approach has been widely recommended for designing critical information infrastructure, however, the lack of holistic design guidelines makes it difficult for many organizations to adopt the concept. Therefore, this paper proposes a holistic architectural framework and guidelines based on ring-based nested network zones for designing such highly secured information systems. This novel security architectural framework and guidelines offer the overall structural design and implementation options for holistically designing the N-tier/shared nothing system architectures. The implementation options, e.g. for the zone's perimeters, are recommended to achieve different capability levels of security or to trade off among different required security attributes. This framework enables the adaptive capability suitable for different real-world contexts. This paper also proposes an attack-hops verification approach as a tool to evaluate the architectural design.

In today's world web applications have become an instant means for information broadcasting. At present, man has become so dependent on web applications that everything done through electronic means like e-banking, e-shopping, online payment of bills etc. Due to an unauthorized admittance might threat customer's or user's confidentiality, integrity and authority. SQL injection considered as most Spartan dangerous coercions to the databases of web applications. current scenario databases are highly susceptible to SQL Injection[4] . SQL Injection is one of the most popular and dangerous hacking or cracking technique . In this work authors projected a novel approach to mitigate SQL Injection Attacks in a database. We have illustrated a technique or method prevent SQLIA by incorporating a hybrid encryption in form of Advanced Encryption Standard (AES) and Elliptical Curve Cryptography (ECC) [5]. In this research paper integrated approach of encryption method is followed to prevent the databases of the web applications against SQL Injection Attack. Incidentally if an invader gains access to the database, then it can cause severe damage and ends up with retrieves data or information. So to prevent these type of attacks a combined approach is projected , Advanced Encryption Standard (AES) at login phase to prevent the unauthorized access to databases and on the other hand Elliptical Curve Cryptography (ECC) to encode the database so that without the key no one can access the database information [3]. This research paper illustrates the technique to prevent SQL Injection Attack.

Cryptography is one of the most important sciences today because of the importance of data and the possibility of sharing data via the Internet. Therefore, data must be preserved when stored or transmitted over the Internet. Encryption is used as a solution to protect information during the transmission via an open channel. If the information is obtained illegally, the opponent/ enemy will not be able to understand the information due to encryption. In this paper we have developed a cryptosystem for testing the concepts of multi security level. The information is encrypted using more than one encryption algorithm based on the security level. The proposed cryptosystem concerns of Encryption Based on Multilevel Security (MLS) Model for DBMS. The cryptosystem is designed for both encryption and decryption.

Adversarial examples that fool machine learning models, particularly deep neural networks, have been a topic of intense research interest, with attacks and defenses being developed in a tight back-and-forth. Most past defenses are best effort and have been shown to be vulnerable to sophisticated attacks. Recently a set of certified defenses have been introduced, which provide guarantees of robustness to norm-bounded attacks. However these defenses either do not scale to large datasets or are limited in the types of models they can support. This paper presents the first certified defense that both scales to large networks and datasets (such as Google's Inception network for ImageNet) and applies broadly to arbitrary model types. Our defense, called PixelDP, is based on a novel connection between robustness against adversarial examples and differential privacy, a cryptographically-inspired privacy formalism, that provides a rigorous, generic, and flexible foundation for defense.

Research has observed context factors like occasion and time as influential factors for predicting whether or not to share a location with online friends. In other domains like social networks, personality was also found to play an important role. Furthermore, users are seeking a fine-grained disclosement policy that also allows them to display an obfuscated location, like the center of the current city, to some of their friends. In this paper, we observe which context factors and personality measures can be used to predict the correct privacy level out of seven privacy levels, which include obfuscation levels like center of the street or current city. Our results show that a prediction is possible with a precision 20% better than a constant value. We will give design indications to determine which context factors should be recorded, and how much the precision can be increased if personality and privacy measures are recorded using either a questionnaire or automated text analysis.

Research has observed context factors like occasion and time as influential factors for predicting whether or not to share a location with online friends. In other domains like social networks, personality was also found to play an important role. Furthermore, users are seeking a fine-grained disclosement policy that also allows them to display an obfuscated location, like the center of the current city, to some of their friends. In this paper, we observe which context factors and personality measures can be used to predict the correct privacy level out of seven privacy levels, which include obfuscation levels like center of the street or current city. Our results show that a prediction is possible with a precision 20% better than a constant value. We will give design indications to determine which context factors should be recorded, and how much the precision can be increased if personality and privacy measures are recorded using either a questionnaire or automated text analysis.

Botnet has been evolving over time since its birth. Nowadays, P2P (Peer-to-Peer) botnet has become a main threat to cyberspace security, owing to its strong concealment and easy expansibility. In order to effectively detect P2P botnet, researchers often focus on the analysis of network traffic. For the sake of enriching P2P botnet detection methods, the author puts forward a new sight of applying distributed threat intelligence sharing system to P2P botnet detection. This system aims to fight against distributed botnet by using distributed methods itself, and then to detect botnet in real time. To fulfill the goal of botnet detection, there are 3 important parts: the threat intelligence sharing and evaluating system, the BAV quantitative TI model, and the AHP and HMM based analysis algorithm. Theoretically, this method should work on different types of distributed cyber threat besides P2P botnet.

WireGuard is a free and open source Virtual Private Network (VPN) that aims to replace IPsec and OpenVPN. It is based on a new cryptographic protocol derived from the Noise Protocol Framework. This paper presents the first mechanised cryptographic proof of the protocol underlying WireGuard, using the CryptoVerif proof assistant. We analyse the entire WireGuard protocol as it is, including transport data messages, in an ACCE-style model. We contribute proofs for correctness, message secrecy, forward secrecy, mutual authentication, session uniqueness, and resistance against key compromise impersonation, identity mis-binding, and replay attacks. We also discuss the strength of the identity hiding provided by WireGuard. Our work also provides novel theoretical contributions that are reusable beyond WireGuard. First, we extend CryptoVerif to account for the absence of public key validation in popular Diffie-Hellman groups like Curve25519, which is used in many modern protocols including WireGuard. To our knowledge, this is the first mechanised cryptographic proof for any protocol employing such a precise model. Second, we prove several indifferentiability lemmas that are useful to simplify the proofs for sequences of key derivations.

Despite the wide of range of research and technologies that deal with the problem of routing in computer networks, there remains a gap between the level of network hardware administration and the level of business requirements and constraints. Not much has been accomplished in literature in order to have a direct enforcement of such requirements on the network. This paper presents a new solution in specifying and directly enforcing security policies to control the routing configuration in a software-defined network by using Row-Level Security checks which enable fine-grained security policies on individual rows in database tables. We show, as a first step, how a specific class of such policies, namely multilevel security policies, can be enforced on a database-defined network, which presents an abstraction of a network's configuration as a set of database tables. We show that such policies can be used to control the flow of data in the network either in an upward or downward manner.