Biblio

The 6G wireless communication networks are being studied to build a powerful networking system with global coverage, enhanced spectral/energy/cost efficiency, better intelligent level and security. This paper presents a four-in-one networking paradigm named 3CL-Net that would broaden and strengthen the capabilities of current networking by introducing ubiquitous computing, caching, and intelligence over the communication connection to build 6G-required capabilities. To evaluate the practicability of 3CL-Net, this paper designs a platform based on the 3CL-Net architecture. The platform adopts leader-followers structure that could support all functions of 3CL-Net, but separate missions of 3CL-Net into two parts. Moreover, this paper has implemented part of functions as a prototype, on which some experiments are carried out. The results demonstrate that 3CL-Net is potential to be a practical and effective network paradigm to meet future requirements, meanwhile, 3CL-Net could motivate designs of related platforms as well.

The Industrial Internet expands the attack surface of industrial control systems(ICS), bringing cybersecurity threats to industrial controllers located in operation technology(OT) networks. Honeypot technology is an important means to detect network attacks. However, the existing honeypot system cannot simulate business logic and is difficult to resist highly concealed APT attacks. This paper proposes a high-simulation ICS security defense framework based on virtualization technology. The framework utilizes virtualization technology to build twins for protected control systems. The architecture can infer the execution results of control instructions in advance based on actual production data, so as to discover hidden attack behaviors in time. This paper designs and implements a prototype system and demonstrates the effectiveness and potential of this architecture for ICS security.

On the one hand, laparoscopic surgery as medical state-of-the-art method is minimal invasive, and thus less stressful for patients. On the other hand, laparoscopy implies higher demands on physicians, such as mental load or preparation time, hence appropriate technical support is essential for quality and suc-cess. Medical Digital Twins provide an integrated and virtual representation of patients' and organs' data, and thus a generic concept to make complex information accessible by surgeons. In this way, minimal invasive surgery could be improved significantly, but requires also a much more complex software system to achieve the various resulting requirements. The biggest challenges for these systems are the safe and precise mapping of the digital twin to reality, i.e. dealing with deformations, movement and distortions, as well as balance out the competing requirement for intuitive and immersive user access and security. The case study ARAILIS is presented as a proof in concept for such a system and provides a starting point for further research. Based on the insights delivered by this prototype, a vision for future Medical Digital Twins in surgery is derived and discussed.

Thousands of crowded events take place every year. Often, management does not properly implement and manage privacy and security of data of the participants and personnel of the events. Crowds are also prone to significant security issues and become vulnerable to terrorist attacks. The aim of this paper is to propose a privacy and security framework for large, crowded events like the Hajj, Kumbh, Arba'een, and many sporting events and musical concerts. The proposed framework uses the latest technologies including Internet of Things, and Fog computing, especially in the Location based Services environments. The proposed framework can also be adapted for many other scenarios and situations.

Research data sharing requires provision of adequate security. The requirements for data privacy are extremely demanding for medical data that is reused for research purposes. To address these requirements, the research institutions must implement adequate security measurements, and this demands large effort and costs to do it properly. The usage of adequate access controls and data encryption are key approaches to effectively protect research data confidentiality; however, the management of the encryption keys is challenging. There are novel mechanisms that can be explored for managing access to the encryption keys and encrypted files. These mechanisms guarantee that data are accessed by authorised users and that auditing is possible. In this paper we explore these mechanisms to implement a secure research medical data sharing system. In the proposed system, the research data are stored on a secure cloud system. The data are partitioned into subsets, each one encrypted with a unique key. After the authorisation process, researchers are given rights to use one or more of the keys and to selectively access and decrypt parts of the dataset. Our proposed solution offers automated fine-grain access control to research data, saving time and work usually made manually. Moreover, it maximises and fortifies users' trust in data sharing through secure clouds solutions. We present an initial evaluation and conclude with a discussion about the limitations, open research questions and future work around this challenging topic.

With Covid19 being endemic, it is very essential to continue proper physical hygiene protocols even today to avoid escalation. To ensure hygiene inside educational institutions, many governing bodies-imposed protocols to insist students wear hand gloves and facemasks. Such an implementation, however, has increased surgical waste in and around educational institutions, and also there is a rise in allergies due to the constant use of hand gloves by the students. Hence, a prototype of a hand sanitization-based attendance monitoring system has been proposed in the current research paper. This proposed sanitizer with attendance through remote monitoring (SWARM) uses Raspberry Pi devices to capture the image of a student’s identity card holding the registration number and through a bar code analysis module of computer vision, the ID number is extracted. This ID number is compared with a master attendance file to mark the students’ presence and then the updated file is shared with the concerned teacher via email. Such a setup is installed in the laboratory premise, thereby reducing the unnecessary use and disposal of surgical waste within the educational premise.

Legacy programs are normally monolithic (that is, all code runs in a single process and is not partitioned), and a bug in a program may result in the entire program being vulnerable and therefore untrusted. Program partitioning can be used to separate a program into multiple partitions, so as to isolate sensitive data or privileged operations. Manual program partitioning requires programmers to rewrite the entire source code, which is cumbersome, error-prone, and not generic. Automatic program partitioning tools can separate programs according to the dependency graph constructed based on data or programs. However, programmers still need to manually implement remote service interfaces for inter-partition communication. Therefore, in this paper, we propose AutoSlicer, whose purpose is to partition a program more automatically, so that the programmer is only required to annotate sensitive data. AutoSlicer constructs accurate data dependency graphs (DDGs) by enabling execution flow graphs, and the DDG-based partitioning algorithm can compute partition information based on sensitive annotations. In addition, the code refactoring toolchain can automatically transform the source code into sensitive and insensitive partitions that can be deployed on the remote procedure call framework. The experimental evaluation shows that AutoSlicer can effectively improve the accuracy (13%-27%) of program partitioning by enabling EFG, and separate real-world programs with a relatively smaller performance overhead (0.26%-9.42%).

Embedded devices are becoming increasingly pervasive in safety-critical systems of the emerging cyber-physical world. While trusted execution environments (TEEs), such as ARM TrustZone, have been widely deployed in mobile platforms, little attention has been given to deployment on real-time cyber-physical systems, which present a different set of challenges compared to mobile applications. For safety-critical cyber-physical systems, such as autonomous drones or automobiles, the current TEE deployment paradigm, which focuses only on confidentiality and integrity, is insufficient. Computation in these systems also needs to be completed in a timely manner (e.g., before the car hits a pedestrian), putting a much stronger emphasis on availability.To bridge this gap, we present RT-TEE, a real-time trusted execution environment. There are three key research challenges. First, RT-TEE bootstraps the ability to ensure availability using a minimal set of hardware primitives on commodity embedded platforms. Second, to balance real-time performance and scheduler complexity, we designed a policy-based event-driven hierarchical scheduler. Third, to mitigate the risks of having device drivers in the secure environment, we designed an I/O reference monitor that leverages software sandboxing and driver debloating to provide fine-grained access control on peripherals while minimizing the trusted computing base (TCB).We implemented prototypes on both ARMv8-A and ARMv8-M platforms. The system is tested on both synthetic tasks and real-life CPS applications. We evaluated rover and plane in simulation and quadcopter both in simulation and with a real drone.

As cyber-physical systems are becoming more wide spread, it is imperative to secure these systems. In the real world these systems produce large amounts of data. However, it is generally impractical to test security techniques on operational cyber-physical systems. Thus, there exists a need to have realistic systems and data for testing security of cyber-physical systems [1]. This is often done in testbeds and cyber ranges. Most cyber ranges and testbeds focus on traditional network systems and few incorporate cyber-physical components. When they do, the cyber-physical components are often simulated. In the systems that incorporate cyber-physical components, generally only the network data is analyzed for attack detection and diagnosis. While there is some study in using physical signals to detect and diagnosis attacks, this data is not incorporated into current testbeds and cyber ranges. This study surveys currents testbeds and cyber ranges and demonstrates a prototype testbed that includes cyber-physical components and sensor data in addition to traditional cyber data monitoring.

The SPECTRE family of speculative execution attacks has required a rethinking of formal methods for security. Approaches based on operational speculative semantics have made initial inroads towards finding vulnerable code and validating defenses. However, with each new attack grows the amount of microarchitectural detail that has to be integrated into the underlying semantics. We propose an alternative, lightweight and axiomatic approach to specifying speculative semantics that relies on insights from memory models for concurrency. We use the CAT modeling language for memory consistency to specify execution models that capture speculative control flow, store-to-load forwarding, predictive store forwarding, and memory ordering machine clears. We present a bounded model checking framework parameterized by our speculative CAT models and evaluate its implementation against the state of the art. Due to the axiomatic approach, our models can be rapidly extended to allow our framework to detect new types of attacks and validate defenses against them.

In recent years, as an important part of the Internet, web applications have gradually penetrated into life. Now enterprises, units and institutions are using web applications regardless of size. Intrusion detection to effectively identify malicious traffic has become an inevitable requirement for the development of network security technology. In addition, the proportion of deserialization vulnerabilities is increasing. Traditional intrusion detection mostly focuses on the identification of SQL injection, XSS, and command execution, and there are few studies on the identification of deserialization attack traffic. This paper use a method to extracts relevant features from the deserialized traffic or even the obfuscated deserialized traffic by reorganizing the traffic and running the relevant content through simulation, and combines deep learning technology to make judgments to efficiently identify deserialization attacks. Finally, a prototype system was designed to capture related attacks in real-world. The technology can be used in the field of malicious traffic detection and help combat Internet crimes in the future.

Key challenges faced in the Internet today can be enumerated as follows: (1) complex route discovery mechanisms (2) latency and instability during link or device failure recovery (3) inadequacy in extending routing and addressing to limited domains, (4) complex interworking of multiple routing protocols at border routers. Routing table sizes increase with increasing number of networks indicating a scalability issue. One approach to address this spiraling complexity and performance challenges is to start fresh and re-think Internet routing and addressing. The Expedited Internet Bypass protocol (EIBP) is such a clean slate approach. In the interim, EIBP works in parallel with IP and has no dependency on layer 3 protocols. We demonstrated EIBP for routing and forwarding in an Autonomous system (AS) in our earlier work. In this article, we demonstrate EIBP for inter-AS routing. We compare EIBP's inter-AS operations and performance to Open Shortest Path First (OSPF) and Border Gateway Protocol (BGP) deployed in an intra-AS, inter-AS communications scenario with two AS.

Browsers are one of the most widely used types of software around the world. This prevalence makes browsers a prime target for cyberattacks. To mitigate these threats, users can practice safe browsing habits and take advantage of the security features available to browsers. These protections, however, could be severely crippled if the browser itself were malicious. Presented in this paper is the concept of the evil-twin browser (ETB), a clone of a legitimate browser that looks and behaves identically to the original browser, but discreetly performs other tasks that harm a user's security. To better understand the concept of the evil-twin browser, a prototype ETB named ChroNe was developed. The creation and installation process of ChroN e is discussed in this paper. This paper also explores the motivation behind creating such a browser, examines existing relevant work, inspects the open-source codebase Chromium that assisted in ChroNe's development, and discusses relevant topics like ways to deliver an ETB, the capabilities of an ETB, and possible ways to defend against ETBs.

Bitcoin P2P networking is especially vulnerable to networking threats because it is permissionless and does not have the security protections based on the trust in identities, which enables the attackers to manipulate the identities for Sybil and spoofing attacks. The Bitcoin node keeps track of its peer’s networking misbehaviors through ban scores. In this paper, we investigate the security problems of the ban-score mechanism and discover that the ban score is not only ineffective against the Bitcoin Message-based DoS (BM-DoS) attacks but also vulnerable to the Defamation attack as the network adversary can exploit the ban score to defame innocent peers. To defend against these threats, we design an anomaly detection approach that is effective, lightweight, and tailored to the networking threats exploiting Bitcoin’s ban-score mechanism. We prototype our threat discoveries against a real-world Bitcoin node connected to the Bitcoin Mainnet and conduct experiments based on the prototype implementation. The experimental results show that the attacks have devastating impacts on the targeted victim while being cost-effective on the attacker side. For example, an attacker can ban a peer in two milliseconds and reduce the victim’s mining rate by hundreds of thousands of hash computations per second. Furthermore, to counter the threats, we empirically validate our detection countermeasure’s effectiveness and performances against the BM-DoS and Defamation attacks.

Verifiable Dynamic Searchable Symmetric Encryption (VDSSE) enables users to securely outsource databases (document sets) to cloud servers and perform searches and updates. The verifiability property prevents users from accepting incorrect search results returned by a malicious server. However, we discover that the community currently only focuses on preventing malicious behavior from the server but ignores incorrect updates from the client, which are very likely to happen since there is no record on the client to check. Indeed most existing VDSSE schemes are not sufficient to tolerate incorrect updates from the client. For instance, deleting a nonexistent keyword-identifier pair can break their correctness and soundness. In this paper, we demonstrate the vulnerabilities of a type of existing VDSSE schemes that fail them to ensure correctness and soundness properties on incorrect updates. We propose an efficient fault-tolerant solution that can consider any DSSE scheme as a black-box and make them into a fault-tolerant VDSSE in the malicious model. Forward privacy is an important property of DSSE that prevents the server from linking an update operation to previous search queries. Our approach can also make any forward secure DSSE scheme into a fault-tolerant VDSSE without breaking the forward security guarantee. In this work, we take FAST [1] (TDSC 2020), a forward secure DSSE, as an example, implement a prototype of our solution, and evaluate its performance. Even when compared with the previous fastest forward private construction that does not support fault tolerance, the experiments show that our construction saves 9× client storage and has better search and update efficiency.

The widespread adoption of eCommerce, iBanking, and eGovernment institutions has resulted in an exponential rise in the use of web applications. Due to a large number of users, web applications have become a prime target of cybercriminals who want to steal Personally Identifiable Information (PII) and disrupt business activities. Hence, there is a dire need to audit the websites and ensure information security. In this regard, several web vulnerability scanners are employed for vulnerability assessment of web applications but attacks are still increasing day by day. Therefore, a considerable amount of research has been carried out to measure the effectiveness and limitations of the publicly available web scanners. It is identified that most of the publicly available scanners possess weaknesses and do not generate desired results. In this paper, the evaluation of publicly available web vulnerability scanners is performed against the top ten OWASP11OWASP® The Open Web Application Security Project (OWASP) is an online community that produces comprehensive articles, documentation, methodologies, and tools in the arena of web and mobile security. vulnerabilities and their performance is measured on the precision of their results. Based on these results, we proposed an Integrated Multi-Agent Blackbox Security Assessment Tool (SAT) for the security assessment of web applications. Research has proved that the vulnerabilities assessment results of the SAT are more extensive and accurate.

Thefts problem in household needs to be anticipated with home security system. One of simple methods is using automatic solenoid door lock system, so that it is difficult to be duplicated and will reduce the chance of theft action when the house is empty. Therefore, a home security system prototype that can be accessed by utilizing biometric fingerprint, Radio Frequency Identification (RFID), and keypad sensors was designed and tested. Arduino Uno works to turn on the door lock solenoid, so door access will be given when authentication is successful. Experimental results show that fingerprint sensor works well by being able to read fingerprints perfectly and the average time required to scan a fingerprint was 3.7 seconds. Meanwhile, Radio Frequency Identification (RFID) sensor detects Electronic-Kartu Tanda Penduduk (E-KTP) and the average time required for Radio Frequency Identification (RFID) to scan the card is about 2.4 seconds. Keypad functions to store password to unlock the door which produces the average time of 3.7 seconds after 10 trials. Average time to open with multi-sensor is 9.8 seconds. However, its drawback is no notification or SMS which directly be accessed by a cellphone or website with Wi-Fi or Telegram applications allow homeowners to monitor their doors from afar as to minimize the number of house thefts.

We use mobile apps on a daily basis and there is an app for everything. We trust these applications with our most personal data. It is therefore important that these apps are as secure and well usable as possible. So far most studies on the maintenance and security of mobile applications have been done on Android applications. We do, however, not know how well these results translate to iOS.This research project aims to close this gap by analysing iOS applications with regards to maintainability and security. Regarding maintainability, we analyse code smells in iOS applications, the evolution of code smells in iOS applications and compare code smell distributions in iOS and Android applications. Regarding security, we analyse the evolution of the third-party library dependency network for the iOS ecosystem. Additionally, we analyse how publicly reported vulnerabilities spread in the library dependency network.Regarding maintainability, we found that the distributions of code smells in iOS and Android applications differ. Code smells in iOS applications tend to correspond to smaller classes, such as Lazy Class. Regarding security, we found that the library dependency network of the iOS ecosystem is not growing as fast as in some other ecosystems. There are less dependencies on average than for example in the npm ecosystem and, therefore, vulnerabilities do not spread as far.

The latest generation of IoT systems incorporate machine learning (ML) technologies on edge devices. This introduces new engineering challenges to bring ML onto resource-constrained hardware, and complications for ensuring system security and privacy. Existing research prescribes iterative processes for machine learning enabled IoT products to ease development and increase product success. However, these processes mostly focus on existing practices used in other generic software development areas and are not specialized for the purpose of machine learning or IoT devices. This research seeks to characterize engineering processes and security practices for ML-enabled IoT systems through the lens of the engineering lifecycle. We collected data from practitioners through a survey (N=25) and interviews (N=4). We found that security processes and engineering methods vary by company. Respondents emphasized the engineering cost of security analysis and threat modeling, and trade-offs with business needs. Engineers reduce their security investment if it is not an explicit requirement. The threats of IP theft and reverse engineering were a consistent concern among practitioners when deploying ML for IoT devices. Based on our findings, we recommend further research into understanding engineering cost, compliance, and security trade-offs.

While 5G Edge Computing along with IoT technology has transformed the future of healthcare data transmission, it presents security vulnerabilities and risks when transmitting patients' confidential information. Currently, there are very few reliable security solutions available for healthcare data that routes through SDN routers in 5G Edge Computing. These solutions do not provide cryptographic security from IoT sensor devices. In this paper, we studied how 5G edge computing integrated with IoT network helps healthcare data transmission for remote medical treatment, explored security risks associated with unsecured data transmission, and finally proposed a cryptographic end-to-end security solution initiated at IoT sensor devices and routed through SDN routers. Our proposed solution with cryptographic security initiated at IoT sensor goes through SDN control plane and data plane in 5G edge computing and provides an end-to-end secured communication from IoT device to doctor's office. A prototype built with two-layer encrypted communication has been lab tested with promising results. This analysis will help future security implementation for eHealth in 5G and beyond networks.

The spread of the Internet of Things (IoT) and cloud services leads to a request for secure communication between devices, known as zero-trust security. The authors have been developing CYber PHysical Overlay Network over Internet Communication (CYPHONIC) to realize secure end-to-end communication among devices. A device requires installing the client program into the devices to realize secure communication over our overlay network. However, some devices refuse additional installation of external programs due to the limitation of system and hardware resources or the effect on system reliability. We proposed new technology, a CYPHONIC adapter, to support these devices. Currently, the CYPHONIC adapter supports only IPv4 virtual addresses and needs to be compatible with general devices that use IPv6. This paper proposes the dual-stack CYPHONIC adapter supporting IPv4/IPv6 virtual addresses for general devices. The prototype implementation shows that the general device can communicate over our overlay network using both IP versions through the proposed CYPHONIC adapter.

Internet Protocol Version 6 (IPv6) is expected for widespread deployment worldwide. Such rapid development of IPv6 may lead to safety problems. The main threats in IPv6 networks are denial of service (DoS) attacks and distributed DoS (DDoS) attacks. In addition to the similar threats in Internet Protocol Version 4 (IPv4), IPv6 has introduced new potential vulnerabilities, which are DoS and DDoS attacks based on Internet Control Message Protocol version 6 (ICMPv6). We divide such new attacks into two categories: pure flooding attacks and source address spoofing attacks. We propose P4-NSAF, a scheme to defend against the above two IPv6 DoS and DDoS attacks in the programmable data plane. P4-NSAF uses Count-Min Sketch to defend against flooding attacks and records information about IPv6 agents into match tables to prevent source address spoofing attacks. We implement a prototype of P4-NSAF with P4 and evaluate it in the programmable data plane. The result suggests that P4-NSAF can effectively protect IPv6 networks from DoS and DDoS attacks based on ICMPv6.

Embedded memory are important components in system-on-chip, which may be crippled by aging and wear faults or Hardware Trojan attacks to compromise run-time security. The current built-in self-test and pre-silicon verification lack efficiency and flexibility to solve this problem. To this end, we address such vulnerabilities by proposing a run-time memory security detecting framework in this paper. The solution builds mainly upon a centralized security detection controller for partially reconfigurable inspection content, and a static memory wrapper to handle access conflicts and buffering testing cells. We show that a field programmable gate array prototype of the proposed framework can pursue 16 memory faults and 3 types Hardware Trojans detection with one reconfigurable partition, whereas saves 12.7% area and 2.9% power overhead compared to a static implementation. This architecture has more scalable capability with little impact on the memory accessing throughput of the original chip system in run-time detection.

As the COVID-19 continues to spread globally, more and more companies are transforming into remote online offices, leading to the expansion of electronic signatures. However, the existing electronic signatures platform has the problem of data-centered management. The system is subject to data loss, tampering, and leakage when an attack from outside or inside occurs. In response to the above problems, this paper designs an electronic signature solution and implements a prototype system based on the consortium blockchain. The solution divides the contract signing process into four states: contract upload, initiation signing, verification signing, and confirm signing. The signing process is mapped with the blockchain-linked data. Users initiate the signature transaction by signing the uploaded contract's hash. The sign state transition is triggered when the transaction is uploaded to the blockchain under the consensus mechanism and the smart contract control, which effectively ensures the integrity of the electronic contract and the non-repudiation of the electronic signature. Finally, the blockchain performance test shows that the system can be applied to the business scenario of contract signing.

AbuSaif is a human-like social robot designed and built at the UAE University's Artificial Intelligence and Robotics Lab. AbuSaif was initially operated by a classical personal computer (PC), like most of the existing social robots. Thus, most of the robot's functionalities are limited to the capacity of that mounted PC. To overcome this, in this study, we propose a web-based platform that shall take the benefits of clustering in cloud computing. Our proposed platform will increase the operational capability and functionality of AbuSaif, especially those needed to operate artificial intelligence algorithms. We believe that the robot will become more intelligent and autonomous using our proposed web platform.