Biblio

With the inundation of more cost effective and improved flight performance Unmanned Aerial Vehicles (UAVs) into the consumer market, we have seen more uses of these for both leisure and business purposes. As such, demand for digital forensic examination on these devices has seen an increase as well. This research will explore and discuss the forensic examination process on one of the more popular brands of UAV in Singapore, namely DJI. The findings are from the examination of the exposed File Transfer Protocol (FTP) channel and the extraction of the Data-at-Rest on the memory chip of the drone. The extraction was done using the Chip-Off and Chip-On technique.

Modular exponentiation (ME) is a complex operation for several public-key cryptosystems (PKCs). Moreover, ME is expensive for resource-constrained devices in terms of computation time and energy consumption, especially when the exponent is large. ME is defined as the task of raising an integer x to power k and reducing the result modulo some integer n. Several methods to calculate ME have been proposed. In this paper, we present the efficient ME methods. We then implement the methods using different security levels of RSA keys on a Raspberry Pi. Finally, we give the fast ME method.

With the recent advancements in automated communication technology, many traditional businesses that rely on face-to-face communication have shifted to online portals. However, these online platforms often lack the personal touch essential for customer service. Research has shown that face-to- face communication is essential for building trust and empathy with customers. A multimodal embodied conversation agent (ECA) can fill this void in commercial applications. Such a platform provides tools to understand the user’s mental state by analyzing their verbal and non-verbal behaviour and allows a human-like avatar to take necessary action based on the context of the conversation and as per social norms. However, the literature to understand the impact of ECA agents on commercial applications is limited because of the issues related to platform and scalability. In our work, we discuss some existing work that tries to solve the issues related to scalability and infrastructure. We also provide an overview of the components required for developing ECAs and their deployment in various applications.

Nowadays big shopping marts are expanding their business all over the world but not all marts are fully protected with the advanced security system. Very often we come across cases where people take the things out of the mart without billing. These marts require some advanced features-based security system for them so that they can run an efficient and no-loss business. The idea we are giving here can not only be implemented in marts to enhance their security but can also be used in various other fields to cope up with the incompetent management system. Several issues of the stores like regular stock updating, placing orders for new products, replacing products that have expired can be solved with the idea we present here. We also plan on making the slow processes of billing and checking out of the mart faster and more efficient that would result in customer satisfaction.

Key challenges faced in the Internet today can be enumerated as follows: (1) complex route discovery mechanisms (2) latency and instability during link or device failure recovery (3) inadequacy in extending routing and addressing to limited domains, (4) complex interworking of multiple routing protocols at border routers. Routing table sizes increase with increasing number of networks indicating a scalability issue. One approach to address this spiraling complexity and performance challenges is to start fresh and re-think Internet routing and addressing. The Expedited Internet Bypass protocol (EIBP) is such a clean slate approach. In the interim, EIBP works in parallel with IP and has no dependency on layer 3 protocols. We demonstrated EIBP for routing and forwarding in an Autonomous system (AS) in our earlier work. In this article, we demonstrate EIBP for inter-AS routing. We compare EIBP's inter-AS operations and performance to Open Shortest Path First (OSPF) and Border Gateway Protocol (BGP) deployed in an intra-AS, inter-AS communications scenario with two AS.

Cyberattacks have been progressed in the fields of Internet of Things, and artificial intelligence technologies using the advanced persistent threat (APT) method recently. The damage caused by ransomware is rapidly spreading among APT attacks, and the range of the damages of individuals, corporations, public institutions, and even governments are increasing. The seriousness of the problem has increased because ransomware has been evolving into an intelligent ransomware attack that spreads over the network to infect multiple users simultaneously. This study used open source endpoint detection and response tools to build and test a framework environment that enables systematic ransomware detection at the network and system level. Experimental results demonstrate that the use of EDR tools can quickly extract ransomware attack features and respond to attacks.

Next Word Prediction involves guessing the next word which is most likely to come after the current word. The system suggests a few words. A user can choose a word according to their choice from a list of suggested word by system. It increases typing speed and reduces keystrokes of the user. It is also useful for disabled people to enter text slowly and for those who are not good with spellings. Previous studies focused on prediction of the next word in different languages. Some of them are Bangla, Assamese, Ukraine, Kurdish, English, and Hindi. According to Census 2011, 43.63% of the Indian population uses Hindi, the national language of India. In this work, deep learning techniques are proposed to predict the next word in Hindi language. The paper uses Long Short Term Memory and Bidirectional Long Short Term Memory as the base neural network architecture. The model proposed in this work outperformed the existing approaches and achieved the best accuracy among neural network based approaches on IITB English-Hindi parallel corpus.

Micro grid is a small-scale power supply network designed to provide electricity to small community with integrated renewable energy sources. A micro grid can be integrated to the utility grid. Due to lack of computerized analysis, mechanical switches causing slow response time, poor visibility and situational awareness blackouts are caused due to cascading of faults. This paper presents a brief survey on communication technologies used in smart grid and its extension to micro grid. By integration of communication network, device control, information collection and remote management an intelligent power management system can be achieved

The Network Security and Risk (NSR) management team in an enterprise is responsible for maintaining the network which includes switches, routers, firewalls, controllers, etc. Due to the ever-increasing threat of capitalizing on the vulnerabilities to create cyber-attacks across the globe, a major objective of the NSR team is to keep network infrastructure safe and secure. NSR team ensures this by taking proactive measures of periodic audits of network devices. Further external auditors are engaged in the audit process. Audit information is primarily stored in an internal database of the enterprise. This generic approach could result in a trust deficit during external audits. This paper proposes a method to improve the security and integrity of the audit information by using blockchain technology, which can greatly enhance the trust factor between the auditors and enterprises.

An approach to substantiating the choice of a discipline for the maintenance of a redundant computer system, with the possible use of node resources saved after failures, is considered. The choice is aimed at improving the reliability and profitability of the system, taking into account the operational costs of restoring nodes. Models of reliability of systems with service disciplines are proposed, providing both the possibility of immediate recovery of nodes after failures, and allowing degradation of the system when using node resources stored after failures in it. The models take into account the conditions of the admissibility or inadmissibility of the loss of information accumulated during the operation of the system. The operating costs are determined, taking into account the costs of restoring nodes for the system maintenance disciplines under consideration

Artificial intelligence(AI) is used in decision support systems which learn and perceive features as a function of the number of layers and the weights computed during training. Due to their inherent black box nature, it is insufficient to consider accuracy, precision and recall as metrices for evaluating a model's performance. Domain knowledge is also essential to identify features that are significant by the model to arrive at its decision. In this paper, we consider a use case of face mask recognition to explain the application and benefits of XAI. Eight models used to solve the face mask recognition problem were selected. GradCAM Explainable AI (XAI) is used to explain the state-of-art models. Models that were selecting incorrect features were eliminated even though, they had a high accuracy. Domain knowledge relevant to face mask recognition viz., facial feature importance is applied to identify the model that picked the most appropriate features to arrive at the decision. We demonstrate that models with high accuracies need not be necessarily select the right features. In applications requiring rapid deployment, this method can act as a deciding factor in shortlisting models with a guarantee that the models are looking at the right features for arriving at the classification. Furthermore, the outcomes of the model can be explained to the user enhancing their confidence on the AI model being deployed in the field.

The growing complexity of wireless networks has sparked an upsurge in the use of artificial intelligence (AI) within the telecommunication industry in recent years. In network slicing, a key component of 5G that enables network operators to lease their resources to third-party tenants, AI models may be employed in complex tasks, such as short-term resource reservation (STRR). When AI is used to make complex resource management decisions with financial and service quality implications, it is important that these decisions be understood by a human-in-the-loop. In this paper, we apply state-of-the-art techniques from the field of Explainable AI (XAI) to the problem of STRR. Using real-world data to develop an AI model for STRR, we demonstrate how our XAI methodology can be used to explain the real-time decisions of the model, to reveal trends about the model’s general behaviour, as well as aid in the diagnosis of potential faults during the model’s development. In addition, we quantitatively validate the faithfulness of the explanations across an extensive range of XAI metrics to ensure they remain trustworthy and actionable.

This article is devoted to the existing standards for assessing the state of information security, which provides a classification and comparative analysis of standards for assessing the state of information.

Due to the difficulty of obtaining a database of original images that are required in the classification process to detect tampering, this paper presents a technique for detecting image tampering such as image steganography in the spatial domain. The system depends on deriving the auto-correlation function of the image histogram, then applying a high-pass filter with a threshold. This technique can be used to decide which image is cover or a stego image, without adopting the original image. The results have eventually revealed the validity of this system. Although this study has focused on least-significant-bit (LSB) steganography, we expect that it could be extended to other types of image tapering.

With the increase of the number of network threats, the knowledge graph is an effective method to quickly analyze the network threats from the mass of network security texts. Named entity recognition in network security domain is an important task to construct knowledge graph. Aiming at the problem that key Chinese entity information in network security related text is difficult to identify, a named entity recognition model in network security domain based on BERT-BiLSTM-CRF is proposed to identify key named entities in network security related text. This model adopts the BERT pre-training model to obtain the word vectors of the preceding and subsequent text information, and the obtained word vectors will be input to the subsequent BiLSTM module and CRF module for encoding and sorting. The test results show that this model has a good effect on the data set of network security domain. The recognition effect of this model is better than that of LSTM-CRF, BERT-LSTM-CRF, BERT-CRF and other models, and the F1=93.81%.

In this paper, internet is among the basic necessities of life. Internet has changed each and everybody's lives. So confidentiality of messages is very important over the internet. Steganography is the science of sending secret messages between the sender and intended receiver. It is such a technique that makes the exchange of covert messages possible. Each time a carrier is to be used for achieving steganography. The carrier plays a major role in establishing covert communication channel. This survey paper introduces steganography and its carriers. This paper concentrates on network protocols to be used as a carrier of steganograms. There are a number of protocols available to do so in the networks. Network steganography describes various methods used for transmitting data over a network without it being detected. Most of the methods proposed for hiding data in a network do not offer an additional protection to the covert data as it is sent as plain text. This paper presents a framework that offers the protection to the covert data by encrypting it and compresses it for gain in efficiency.

The report examines approaches to assessing the information security of data transmission networks (DTN). The analysis of methods for quantitative assessment of information security risks is carried out. A methodological approach to the assessment of IS DTN based on the risk-oriented method is presented. A method for assessing risks based on the mathematical apparatus of the queening systems (QS) is considered and the problem of mathematical modeling is solved.

The paper considers the issue of assessing threats to information security in industrial automation and telecommunication systems in order to improve the efficiency of their security systems. A method for determining a quantitative indicator of threats is proposed, taking into account the probabilistic nature of the process of implementing negative impacts on objects of both industrial and telecommunications systems. The factors that contribute and (or) initiate them are also determined, the dependences of the formal definition of the quantitative indicator of threats are obtained. Methods for a quantitative threat assessment as well as the degree of this threat are presented in the form of a mathematical model in order to substantiate and describe the method for determining a threat to industrial automation systems. Recommendations necessary for obtaining expert assessments of negative impacts on the informatisation objects and information security systems counteracting are formulated to facilitate making decisions on the protection of industrial and telecommunication systems.

Nowadays, children, teens, and almost everyone around us tend to receive abundant and frequent advice regarding the usefulness of syllabification. Not only does it improve pronunciation, but it also makes it easier for us to read unfamiliar words in chunks of syllables rather than reading them all at once. Within this paper, we have designed, implemented, and presented a Turing machine-based syllable splitter. A Turing machine forms the theoretical basis for all modern computers and can be used to solve universal problems. On the other hand, a syllable splitter is used to hyphenate words into their corresponding syllables. We have proposed our work by illustrating the various states of the Turing machine, along with the rules it abides by, its machine specifications, and transition function. In addition to this, we have implemented a Graphical User Interface to stimulate our Turing machine to analyze our results better.

Structured Query Language (SQL) is extensively used for storing, manipulating and retrieving information in the relational database management system. Using SQL statements, attackers will try to gain unauthorized access to databases and launch attacks to modify/retrieve the stored data, such attacks are called as SQL injection attacks. Such SQL Injection (SQLi) attacks tops the list of web application security risks of all the times. Identifying and mitigating the potential SQL attack statements before their execution can prevent SQLi attacks. Various techniques are proposed in the literature to mitigate SQLi attacks. In this paper, a random decision forest approach is introduced to mitigate SQLi attacks. From the experimental results, we can infer that the proposed approach achieves a precision of 97% and an accuracy of 95%.

Cyber ranges are proven to be effective towards the direction of cyber security training. Nevertheless, the existing literature in the area of cyber ranges does not cover, to our best knowledge, the field of 5G security training. 5G networks, though, reprise a significant field for modern cyber security, introducing a novel threat landscape. In parallel, the demand for skilled cyber security specialists is high and still rising. Therefore, it is of utmost importance to provide all means to experts aiming to increase their preparedness level in the case of an unwanted event. The EU funded SPIDER project proposes an innovative Cyber Range as a Service (CRaaS) platform for 5G cyber security testing and training. This paper aims to present the evaluation framework, followed by SPIDER, for the extraction of the user requirements. To validate the defined user requirements, SPIDER leveraged of questionnaires which included both closed and open format questions and were circulated among the personnel of telecommunication providers, vendors, security service providers, managers, engineers, cyber security personnel and researchers. Here, we demonstrate a selected set of the most critical questions and responses received. From the conducted analysis we reach to some important conclusions regarding 5G testing and training capabilities that should be offered by a cyber range, in addition to the analysis of the different perceptions between cyber security and 5G experts.

In this paper is devoted a creation cryptographic protocol for the division of mutual authentication and session key. For secure protocols, suitable cryptographic algorithms were monitored.

Name Data Networking (NDN) is a clean-slate network redesign that uses content names for routing and addressing. Facing the fact that TCP/IP is deeply entrenched in the current Internet architecture, NDN has made slow progress in industrial promotion. Meanwhile, new architectures represented by SDN, P4, etc., provide a flexible and programmable approach to network research. As a result, a centralized NDN routing mechanism is needed in the scenario for network integration between NDN and TCP/IP. Combining the NLSR protocol and the P4 environment, we introduce an efficient NDN routing mechanism that offers extensible NDN routing services (e.g., resources-location management and routing calculation) which can be programmed in the control plane. More precisely, the proposed mechanism allows the programmable switches to transmit NLSR packets to the control plane with the extended data plane. The NDN routing services are provided by control plane application which framework bases on resource-location mapping to achieve part of the NLSR mechanism. Experimental results show that the proposed mechanism can reduce the number of routing packets significantly, and introduce a slight overhead in the controller compared with NLSR simulation.

This paper proposes a scheme for secure telecommunication based on synchronizing a chaotic Liu system with a nontrivial Lyapunov candidate, which allows for the control signal to act only on one state of the slave system. The proposal has the advantages of being robust against disturbances (internal and external) and simple, which is essential because it leads to significant cost reductions when implemented using analog electronics. A simulation study, which considers the presence of disturbances, is used to validate the theoretical results and show the easy implementation of the proposed approach.

Radio is the most important part of any wireless network. Radio Access Network (RAN) has been virtualized and disaggregated into different functions whose location is best defined by the requirements and economics of the use case. This Virtualized RAN (vRAN) architecture separates network functions from the underlying hardware and so 5G can leverage virtualization of the RAN to implement these functions. The easy expandability and manageability of the vRAN support the expansion of the network capacity and deployment of new features and algorithms for streamlining resource usage. In this paper, we try to address the problem of scheduling 5G vRAN with mid-haul network capacity constraints as a combinatorial optimization problem. We transformed it to a Quadratic Unconstrained Binary Optimization (QUBO) problem by using a newly proposed quantum-based algorithm and compared our implementation with existing classical algorithms. This work has demonstrated the advantage of quantum computers in solving a particular optimization problem in the Telecommunication domain and paves the way for solving critical real-world problems using quantum computers faster and better.