Biblio

With the advent of information and communication technology, the digital space is becoming a playing ground for criminal activities. Criminals typically prefer darkness or a hidden place to perform their illegal activities in a real-world while sometimes covering their face to avoid being exposed and getting caught. The same applies in a digital world where criminals prefer features which provide anonymity or hidden features to perform illegal activities. It is from this spirit the Darkweb is attracting all kinds of criminal activities conducted over the Internet such as selling drugs, illegal weapons, child pornography, assassination for hire, hackers for hire, and selling of malicious exploits, to mention a few. Although the anonymity offered by Darkweb can be exploited as a tool to arrest criminals involved in cybercrime, an in-depth research is needed to advance criminal investigation on Darkweb. Analysis of illegal activities conducted in Darkweb is in its infancy and faces several challenges like lack of standard operating procedures. This study proposes progressive standard operating procedures (SOPs) for Darkweb forensics investigation. We provide the four stages of SOP for Darkweb investigation. The proposed SOP consists of the following stages; identification and profiling, discovery, acquisition and preservation, and the last stage is analysis and reporting. In each stage, we consider the objectives, tools and expected results of that particular stage. Careful consideration of this SOP revealed promising results in the Darkweb investigation.

Insider threats are steadily increasing, and the damage is also enormous. To prevent insider threats, security solutions, such as DLP, SIEM, etc., are being steadily developed. However, they have limitations due to the high rate of false positives. In this paper, we propose a data analysis method and methodology for responding to a technology leak incident. The future study may be performed based on the proposed methodology.

In 2020, Omar and abed proposed a new noise-free fully homomorphic encryption scheme that allows arbitrary computations on encrypted data without decryption. However, they did not provide a sufficient security analysis of the proposed scheme and just stated that it is secure under the integer factorization assumption. In this paper, we present known plaintext attacks on their scheme and illustrate them with toy examples. Our attack algorithms are quite simple: They require several times of greatest common divisor (GCD) computations using only a few pair of message and ciphertext.

The data sharing is a helpful and financial assistance provided by CC. Information substance security also rises out of it since the information is moved to some cloud workers. To ensure the sensitive and important data; different procedures are utilized to improve access manage on collective information. Here strategies, Cipher text-policyattribute based encryption (CP-ABE) might create it very helpful and safe. The conventionalCP-ABE concentrates on information privacy only; whereas client's personal security protection is a significant problem as of now. CP-ABE byhidden access (HA) strategy makes sure information privacy and ensures that client's protection isn't exposed also. Nevertheless, the vast majority of the current plans are ineffectivein correspondence overhead and calculation cost. In addition, the vast majority of thismechanism takes no thought regardingabilityauthenticationor issue of security spillescapein abilityverificationstage. To handle the issues referenced over, a security protectsCP-ABE methodby proficient influenceauthenticationis presented in this manuscript. Furthermore, its privacy keys accomplish consistent size. In the meantime, the suggestedplan accomplishes the specific safetyin decisional n-BDHE issue and decisional direct presumption. The computational outcomes affirm the benefits of introduced method.

This research studies the effect of a countdown timer and a count-up timer on the keystroke pattern of the student and finds out whether changing the timer type changes the keystroke pattern. It also points out which timer affects more students in a timer environment during exams. We used two hypothesis testing statistical Algorithms, namely, the Two-Sample T-Test and One-way ANOVA Test, for analysis to identify the effect of different times our whether significant differences were found in the keystroke pattern or not when different timers were used. The supporting results have been found with determines that timer change can change the keystroke pattern of the student and from the study of hypothesis testing, different students result from different types of stress when they are under different timer environments.

Recently, as the use of Internet of Things (IoT) devices has expanded, security issues have emerged. As a solution to the IoT security problem, PUF (Physical Unclonable Function) technology has been proposed, and research on key generation or device authentication using it has been actively conducted. In this paper, we propose a method to apply PUF-based device authentication technology to the Open Connectivity Foundation (OCF) open platform. The proposed method can greatly improve the security level of IoT open platform by utilizing PUF technology.

Software-Defined Networking (SDN) can be a good option to support Industry 4.0 (4IR) and 5G wireless networks. SDN can also be a secure networking solution that improves the security, capability, and programmability in the networks. In this paper, we present and analyze an SDN-based security architecture for 4IR with 5G. SDN is used for increasing the level of security and reliability of the network by suitably dividing the whole network into data, control, and applications planes. The SDN control layer plays a beneficial role in 4IR with 5G scenarios by managing the data flow properly. We also evaluate the performance of the proposed architecture in terms of key parameters such as data transmission rate and response time.

One of the key topics in network security research is the autonomous COA (Couse-of-Action) attack search method. Traditional COA attack search methods that passively search for attacks can be difficult, especially as the network gets bigger. To address these issues, new autonomous COA techniques are being developed, and among them, an intelligent spatial algorithm is designed in this paper for efficient operations in scalable networks. On top of the spatial search, a Monte-Carlo (MC)-based temporal approach is additionally considered for taking care of time-varying network behaviors. Therefore, we propose a spatio-temporal attack COA search algorithm for scalable and time-varying networks.

In this short position paper, we discuss several potential security concerns that can be found at the physical layer of 6th-generation (6G) cellular networks. Discussion on 6G cellular networks is still at its early stage and thus several candidate radio technologies have been proposed but no single technology has yet been finally selected for 6G systems. Among several radio technologies, we focus on three promising ones for 6G physical-layer technologies: reconfigurable intelligent surface (RIS), Open-RAN (O-RAN), and full-duplex radios. We hope this position paper will spark more active discussion on the security concerns in these new radio technologies.

While digitization of distribution grids through information and communications technology brings numerous benefits, it also increases the grid's vulnerability to serious cyber attacks. Unlike conventional systems, attacks on many industrial control systems such as power grids often occur in multiple stages, with the attacker taking several steps at once to achieve its goal. Detection mechanisms with situational awareness are needed to detect orchestrated attack steps as part of a coherent attack campaign. To provide a foundation for detection and prevention of such attacks, this paper addresses the detection of multi-stage cyber attacks with the aid of a graph-based cyber intelligence database and alert correlation approach. Specifically, we propose an approach to detect multi-stage attacks by lever-aging heterogeneous data to form a knowledge base and employ a model-based correlation approach on the generated alerts to identify multi-stage cyber attack sequences taking place in the network. We investigate the detection quality of the proposed approach by using a case study of a multi-stage cyber attack campaign in a future-orientated power grid pilot.

Steganography security is the main concern in today’s informative world. The fact is that communication takes place to hide information secretly. Steganography is the technique of hiding secret data within an ordinary, non-secret, file, text message and images. This technique avoids detection of the secret data then extracted at its destination. The main reason for using steganography is, we can hide any secret message behind its ordinary file. This work presents a unique technique for image steganography based on a 512-bit algorithm. The secure stego image is a very challenging task to give protection. Therefore we used the least significant bit (LSB) techniques for implementing stego and cover image. However, data encryption and decryption are used to embedded text and replace data into the least significant bit (LSB) for better approaches. Android-based interface used in encryption-decryption techniques that evaluated in this process.Contribution—this research work with 512-bit data simultaneously in a block cipher to reduce the time complexity of a system, android platform used for data encryption decryption process. Steganography model works with stego image that interacts with LSB techniques for data hiding.

Recently, it is predicted that interworking between heterogeneous devices will be accelerated due to the openness of the IoT (Internet of Things) platform, but various security threats are also expected to increase. However, most IoT open platforms remain at the level that utilizes existing security technologies. Therefore, a more secure security technology is required to prevent illegal copying and leakage of important data through stealing, theft, and hacking of IoT devices. In addition, a technique capable of ensuring interoperability with existing standard technologies is required. This paper proposes an IoT device authentication method based on PUF (Physical Unclonable Function) that operates on an IoT open platform. By utilizing PUF technology, the proposed method can effectively respond to the threat of exposure of the authentication key of the existing IoT open platform. Above all, the proposed method can contribute to compatibility and interoperability with existing technologies by providing a device authentication method that can be effectively applied to the OCF Iotivity standard specification, which is a representative IoT open platform.

Dew Computing (DC) is a comparatively modern field with a wide range of applications. By examining how technological advances such as fog, edge and Dew computing, and distributed intelligence force us to reconsider traditional Cloud Computing (CC) to serve the Internet of Things. A new dew estimation theory is presented in this article. The revised definition is as follows: DC is a software and hardware cloud-based company. On-premises servers provide autonomy and collaborate with cloud networks. Dew Calculation aims to enhance the capabilities of on-premises and cloud-based applications. These categories can result in the development of new applications. In the world, there has been rapid growth in Information and Communication Technology (ICT), starting with Grid Computing (GC), CC, Fog Computing (FC), and the latest Edge Computing (EC) technology. DC technologies, infrastructure, and applications are described. We’ll go through the newest developments in fog networking, QoE, cloud at the edge, platforms, security, and privacy. The dew-cloud architecture is an option concerning the current client-server architecture, where two servers are located at opposite ends. In the absence of an Internet connection, a dew server helps users browse and track their details. Data are primarily stored as a local copy on the dew server that starts the Internet and is synchronized with the cloud master copy. The local dew pages, a local online version of the current website, can be browsed, read, written, or added to the users. Mapping between different Local Dew sites has been made possible using the dew domain name scheme and dew domain redirection.

The aim of this study is to determine the current challenges related to security and trust issues in digital supply chains. The development of information and communication technologies (ICT) has improved the efficiency of supply chains, while creating new vulnerabilities and increasing the likelihood of security threats. Previous studies lack the physical security aspect, so the emphasis is on the security of cyber-physical systems. In order to achieve the goal of the study, traditional and digital supply chains, their security risks and main differences were examined. A security framework for cyber-physical risks in digital supply chains was developed.

To make supply chains sustainable and smart, companies can use information and communication technologies to manage procurement, sourcing, conversion, logistics, and customer relationship management activities. Characterized by profit, people, and planet, the supply chain processes of creating values and managing risks are expected to be digitally transformed. Once digitized, datafied, and networked, supply chains can account for substantial progress towards sustainability. Given the lack of clarity on the concepts of resilience and human rights for the supply chain, especially with the recent advancement of social media, big data, artificial intelligence, and cloud computing, the study conducts a scoping review. To identify the size, scope, and themes, it collected 180 articles from the Web of Science bibliographic database. The bibliometric findings reveal the overall conceptual and intellectual structure, and the gaps for further research and development. The concept of resilience can be enriched, for instance, by the environmental, social, and governance (ESG) concerns. The enriched notion of resilience can also be expressed in digitized, datafied, and networked forms.

Securing the supply chain of information and communications technology (ICT) has recently emerged as a critical concern for national security and integrity. With the proliferation of Internet of Things (IoT) devices and their increasing role in controlling real world infrastructure, there is a need to analyze risks in networked systems beyond established security analyses. Existing methods in literature typically leverage attack and fault trees to analyze malicious activity and its impact. In this paper, we develop RIoTS, a security risk assessment framework borrowing from system reliability theory to incorporate the supply chain. We also analyze the impact of grouping within suppliers that may pose hidden risks to the systems from malicious supply chain actors. The results show that the proposed analysis is able to reveal hidden threats posed to the IoT ecosystem from potential supplier collusion.

In modern power grids (PGs), load frequency control (LFC) is effectively employed to preserve the frequency within the allowable ranges. However, LFC dependence on information and communication technologies (ICTs) makes PGs vulnerable to cyber attacks. Manipulation of measured data and control commands known as false data injection attacks (FDIAs) can negatively affect grid frequency performance and destabilize PG. This paper investigates the frequency performance of an isolated PG under coordinated FDIAs. A control scheme based on the combination of a Kalman filter, a chi-square detector, and a linear quadratic Gaussian controller is proposed to detect and mitigate the coordinated FDIAs. The efficiency of the proposed control scheme is evaluated under two types of scaling and exogenous FDIAs. The simulation results demonstrate that the proposed control scheme has significant capabilities to detect and mitigate the designed FDIAs.

Facial expression recognition has long been established as a subject of continuous research in various fields. In this study, feature extraction was conducted by calculating the distance between facial landmarks in an image. The extracted features of the relationship between each landmark and analysis were used to classify five facial expressions. We increased the data and label reliability based on our labeling work with multiple observers. Additionally, faces were recognized from the original data, and landmark coordinates were extracted and used as features. A genetic algorithm was used to select features that were relatively more helpful for classification. We performed facial recognition classification and analysis using the method proposed in this study, which showed the validity and effectiveness of the proposed method.

Recently, most of the processes are being computerized, due to the development of information and communication technology. In proportion to this, cyber-attacks are also increasing, and state-sponsored cyber-attacks are becoming a great threat to the country. These attacks are often composed of stages and proceed step-by-step, so for defense, it is necessary to predict the next action and perform appropriate mitigation. To this end, the paper proposes a mitigation-based performance evaluation method. We developed the new true positive which can have a value between 0 and 1 according to the mitigation. The experiment result and case studies show that the proposed method can effectively measure forecasting results under cyber security defense system.

in this paper, we describe a method for detecting abnormal pedestrians or cars by expressing the behavioral characteristics of pedestrians on a global surveillance map in a video security system using CCTV and patrol robots. This method converts a large amount of video surveillance data into a compressed map shape format to efficiently transmit and process data. By using deep learning auto-encoder and CNN algorithm, pedestrians belonging to the abnormal category can be detected in two steps. In the case of the first-stage abnormal candidate extraction, the normal detection rate was 87.7%, the abnormal detection rate was 88.3%, and in the second stage abnormal candidate filtering, the normal detection rate was 99.8% and the abnormal detection rate was 96.5%.

The growth of inter-dependency intricacies of Supervisory Control and Data Acquisition (SCADA) systems in industrial operations generates a likelihood of increased vulnerability to malicious threats and machine learning approaches have been extensively utilized in the research for vulnerability detection. Nonetheless, to improve security, an enhanced vulnerability detection using hyper-parameter-tune machine learning is proposed for early detection, classification and mitigation of SCADA communication and transmission networks by classifying benign, or malicious DNS attacks. The proposed scheme, an ensemble optimizer (GentleBoost) upon hyper-parameter tuning, gave a comparative achievement. From the simulation results, the proposed scheme had an outstanding performance within the shortest possible time with an accuracy of 99.49%, 99.23% for precision, and a recall rate of 99.75%. Also, the model was compared to other contemporary algorithms and outperformed all the other algorithms proving to be an approach to keep abreast of the SCADA network vulnerabilities and attacks.

Deepfake detection techniques have been widely studied to resolve security issues. However, existing techniques mainly focused on RGB channel-based analysis, which still shows incomplete detection accuracy. In this paper, we validate the performance of Gray channel-based deepfake detection. To compare RGB channel-based analysis and Gray channel-based analysis in deepfake detection, we quantitatively measured the performance by using popular CNN models, deepfake datasets, and evaluation indicators. Our experimental results confirm that Gray channel-based deepfake detection outperforms RGB channel-based deepfake detection in terms of accuracy and analysis time.

This paper proposes a method of encrypting data stored in the blockchain network by applying ciphertext-policy attribute-based encryption (CP-ABE) and symmetric key algorithm. This method protects the confidentiality and privacy of data that is not protected in blockchain networks, and stores data in a more efficient way than before. The proposed model has the same characteristics of CP-ABE and has a faster processing speed than when only CP-ABE is used.

Recent developments in deepfake technology are increasing new security threats. To solve these issues, various detection methods have been proposed including the methods utilizing biological signals captured by R-PPG. However, existing methods have limitations in terms of detection accuracy and generalized performance. In this paper, we present our approach for R-PPG-based BPM (Beats Per Minute) analysis for effective deepfake detection. With the selected deepfake datasets, we performed (a) comparison and analysis of conditions for BPM processing, and (b) BPM extraction by dividing the face into 16 regions and comparison of BPM in each region. The results showed that our proposed BPM-related properties are effective in deepfake detection.

This paper contains analysis of methods of increasing the information protection from unauthorized access using a multifactor authentication algorithm; figuring out the best, most efficient and secure method of scanning biometric data; development of a method to store and compare a candidate’s and existisng system user’s information in steganographic space. The urgency of the work is confirmed by the need to increase information security of special infocommunication systems with the help of biometric information and protection of this information from intruders by means of steganographic transformation.