Biblio

Current power sensitive data security protection adopts classification and grading protection. Company classification and grading are mainly in formulating specifications. Data classification and grading processing is carried out manually, which is heavy and time-consuming, while traditional data identification mainly relies on rules for data identification, the level of automation and intelligence is low, and there are many problems in recognition accuracy. Data classification and classification is the basis of data security protection. Sensitive data identification is the key to data classification and classification, and it is also the first step to achieve accurate data security protection. This paper proposes an intelligent identification and tracking technology of sensitive data for electric power big data, which can improve the ability of data classification and classification, help the realization of data classification and classification, and provide support for the accurate implementation of data security capabilities.

We propose a human-operator guided planning approach to pushing-based manipulation in clutter. Most recent approaches to manipulation in clutter employs randomized planning. The problem, however, remains a challenging one where the planning times are still in the order of tens of seconds or minutes, and the success rates are low for difficult instances of the problem. We build on these control-based randomized planning approaches, but we investigate using them in conjunction with human-operator input. In our framework, the human operator supplies a high-level plan, in the form of an ordered sequence of objects and their approximate goal positions. We present experiments in simulation and on a real robotic setup, where we compare the success rate and planning times of our human-in-the-loop approach with fully autonomous sampling-based planners. We show that with a minimal amount of human input, the low-level planner can solve the problem faster and with higher success rates.

This demo presents a new approach to detecting and countering the aLTEr attack by proactively searching for the threat and automatically remediating it. These processes leverage AI/ML techniques and the automation framework offered by the MonB5G architecture.

Security and privacy threat modeling is commonly applied to systematically identify and address design-level security and privacy concerns in the early stages of architecture and design. Identifying and resolving these threats should remain a continuous concern during the development lifecycle. Especially with contemporary agile development practices, a single-shot upfront analysis becomes quickly outdated. Despite it being explicitly recommended by experts, existing threat modeling approaches focus largely on early development phases and provide limited support during later implementation phases.In this paper, we present an integrated threat analysis toolchain to support automated, continuous threat elicitation, assessment, and mitigation as part of a continuous integration pipeline in the GitLab DevOps platform. This type of automation allows for continuous attention to security and privacy threats during development at the level of individual commits, supports monitoring and managing the progress in addressing security and privacy threats over time, and enables more advanced and fine-grained analyses such as assessing the impact of proposed changes in different code branches or merge/pull requests by analyzing the changes to the threat model.

The extraordinary number of alerts generated by network intrusion detection systems (NIDS) can desensitize security analysts tasked with incident response. Security information and event management systems (SIEMs) perform some rudimentary automation but cannot replicate the decision-making process of a skilled analyst. Machine learning and artificial intelligence (AI) can detect patterns in data with appropriate training. In practice, the majority of the alert data comprises false alerts, and true alerts form only a small proportion. Consequently, a naive engine that classifies all security alerts into the majority class can yield a superficial high accuracy close to 100%. Without any correction for the class imbalance, the false alerts will dominate algorithmic predictions resulting in poor generalization performance. We propose a machine-learning approach to address the class imbalance problem in multi-appliance security alert data and automate the security alert analysis process performed in security operations centers (SOCs). We first used the neighborhood cleaning rule (NCR) to identify and remove ambiguous, noisy, and redundant false alerts. Then, we applied the support vector machine synthetic minority oversampling technique (SVMSMOTE) to generate synthetic training true alerts. Finally, we fit and evaluated the decision tree and random forest classifiers. In the experiments, using alert data from eight security appliances, we demonstrated that the proposed method can significantly reduce the need for manual auditing, decreasing the number of uninspected alerts and achieving a performance of 99.524% in recall.

In recent years, the development of deep learning has brought new ideas to internal threat detection. In this paper, three common deep learning algorithms for threat detection are optimized and innovated, and feature embedding, drift detection and sample weighting are introduced into FCNN. Adaptive multi-iteration method is introduced into Support Vector Data Description (SVDD). A dynamic threshold adjustment mechanism is introduced in VAE. In threat detection, three methods are used to detect the abnormal behavior of users, and the intersection of output results is taken as the final threat judgment basis. Experiments on cert r6.2 data set show that this method can significantly reduce the false positive rate.

Vision systems, i.e., systems that enable the detection and tracking of objects in images, have gained substantial importance over the past decades. They are used in quality assurance applications, e.g., for finding surface defects in products during manufacturing, surveillance, but also automated driving, requiring reliable behavior. Interestingly, there is only little work on quality assurance and especially testing of vision systems in general. In this paper, we contribute to the area of testing vision software, and present a framework for the automated generation of tests for systems based on vision and image recognition with the focus on easy usage, uniform usability and expandability. The framework makes use of existing libraries for modifying the original images and to obtain similarities between the original and modified images. We show how such a framework can be used for testing a particular industrial application on identifying defects on riblet surfaces and present preliminary results from the image classification domain.

With the rapid development of the Internet, network traffic is becoming more complex and diverse. At the same time, malicious traffic is growing. This seriously threatens the security of networks and information. However, the current DPI (Deep Packet Inspect) engine based on x86 architecture is slow in monitoring speed, which cannot meet the needs. Generally, two factors affect the detection rate: CPU and memory; The efficiency of data packet acquisition, and multi regular expression matching. Under these circumstances, this paper presents an efficient implementation of the DPI engine based on a generic x86 platform. DPDK is used as the platform of network data packets acquisition and processing. Using the multi-queue of the NIC (network interface controller) and the customized symmetric RSS key, the network traffic is divided and reorganized in the form of conversation. The core of traffic identification is hyperscan, which uses a flow pattern to match the packets load of a single conversation efficiently. It greatly reduces memory requirements. The method makes full use of the system resources and takes into account the advantages of high efficiency of hardware implementation. And it has a remarkable improvement in the efficiency of recognition.

This paper designs a data anomaly detection method for power grid data centers. The method uses cloud computing architecture to realize the storage and calculation of large amounts of data from power grid data centers. After that, the STL decomposition method is used to decompose the grid data, and then the decomposed residual data is used for anomaly analysis to complete the detection of abnormal data in the grid data. Finally, the feasibility of the method is verified through experiments.

A real or potential threat to various large and small security objects, which comes from both internal and external attackers, determines one or another activities to ensure internal and external security. These actions depend on the spheres of life of state and society, which are targeted by the security threats. These threats can be conveniently classified into political threats (or threats to the existing constitutional order), economic, military, informational, technogenic, environmental, corporate, and other threats. The article discusses a model of an information system, which main criterion is the system security based on the concept of risk. When considering the model, it was determined that it possess multi-criteria aspects. Therefore the establishing the quantitative and qualitative characteristics is a complex and dynamic task. The paper proposes to use the mathematical apparatus of the teletraffic theory in one of the elements of the protected system, namely, in the end-to-end security subsystem.

Internet of Things (IoT) devices are ubiquitous, with web cameras, smart refrigerators, and digital assistants appearing in homes, offices, and public spaces. However, these devices are lacking in security measures due to their low time to market and insufficient funding for security research and development. In order to improve the security of IoTs, we have defined novel security metrics based on generic IoT characteristics. Furthermore, we have developed automation for experimentation with IoT devices that results to repeatable and reproducible calculations of security metrics within a realistic IoT testbed. Our results demonstrate that repeatable IoT security measurements are feasible with automation. They prove quantitatively intuitive hypotheses. For example, an large number of inbound / outbound network connections contributes to higher probability of compromise or measuring password strength leads to a robust estimation of IoT security.

The need to achieve a suitable level of security in Cyber-Physical Systems (CPS) presents a major challenge for engineers. The unpredictable communication of highly constrained, but safety-relevant systems in a heterogeneous environment, significantly impacts the number and severity of vulnerabilities. Consequently, if security-related weaknesses can successfully be exploited by attackers, the functionality of critical infrastructure could be denied or malfunction. This might consequently threaten life or leak sensitive information. A toolkit to quantitatively express security is essential for security engineers in order to define security-enhancing measurements. For this purpose, security scoring frameworks, like the established Common Vulnerability Scoring System can be used. However, existing security scoring frameworks may not be able to handle the proposed challenges and characteristics of CPS. Therefore, in this work, we aim to elaborate a security scoring system that is tailored to the needs of CPS. In detail, we analyze security on a System-of-Systems level, while considering multiple attacks, as well as potential side effects to other security-related objects. The positive effects of integrated mitigation concepts should also be abbreviated by our proposed security score. Additionally, we generate the security score for interacting AUTOSAR platforms in a highly-connected Vehicle-to-everything (V2x) environment. We refer to this highly relevant use case scenario to underline the benefits of our proposed scoring framework and to prove its effectiveness in CPS.

Security baseline hardening is a baseline configuration framework aims to improve the robustness of the operating system, lowering the risk and impact of breach incidents. In typical best practice, the security baseline hardening requires to have regular check and follow-up to keep the system in-check, this set of activities are called "Security Baseline Audit". The Security Baseline Audit process is responsible by the IT department. In terms of business, this process consumes a fair number of resources such as man-hour, time, and technical knowledge. In a huge production environment, the resources mentioned can be multiplied by the system's amount in the production environment. This research proposes improving the process with automation while maintaining the quality and security level at the standard. Robot Framework, a useful and flexible opensource automation framework, is being utilized in this research following with a very successful result where the configuration is aligned with CIS (Center for Internet Security) run by the automation process. A tremendous amount of time and process are decreased while the configuration is according to this tool's standard.

Network security is of vital importance, and Information Technology admins must always be vigilant. But they often lack the expertise and skills required to harden the network properly, in with the emergence of security threats. The router plays a significant role in maintaining operational security for an organization. When it comes to information security, information security professionals mainly focus on protecting items such as firewalls, virtual private networks, etc. Routers are the foundation of any network's communication method, which means all the network information passes through the routers, making them a desirable target. The proposed automation of the router security hardening solution will immediately improve the security of routers and ensure that they are updated and hardened with minimal human intervention and configuration changes. This is specially focused on small and medium-sized organizations lacking workforce and expertise on network security and will help secure the routers with less time consumption, cost, and increased efficiency. The solution consists of four primary functions, initial configuration, vulnerability fixing, compliance auditing, and rollback. These focus on all aspects of router security in a network, from its configuration when it is initially connected to the network to checking its compliance errors, continuously monitoring the vulnerabilities that need to be fixed, and ensuring that the behavior of the devices is stable and shows no abnormalities when it comes to configuration changes.

The annotated dataset is the foundation for Supervised Natural Language Processing. However, the cost of obtaining dataset is high. In recent years, the Few-Shot Learning has gradually attracted the attention of researchers. From the definition, in this paper, we conclude the difference in Few-Shot Learning between Natural Language Processing and Computer Vision. On that basis, the current Few-Shot Learning on Natural Language Processing is summarized, including Transfer Learning, Meta Learning and Knowledge Distillation. Furthermore, we conclude the solutions to Few-Shot Learning in Natural Language Processing, such as the method based on Distant Supervision, Meta Learning and Knowledge Distillation. Finally, we present the challenges facing Few-Shot Learning in Natural Language Processing.

Art is the perfect way for people to express their emotions in a way that words are unable to do. By simply looking at art, we can understand a person’s creativity and thoughts. In former times, artists spent a great deal of time creating an image of varied styles. In the current deep learning era, we are able to create images of different styles as we prefer within a short period of time. Neural style transfer is the most popular and widely used deep learning application that applies the desired style to the content image, which in turn generates an output image that is a combination of both style and the content of the original image. In this paper we have implemented the neural style transfer model with two architectures namely Vgg19 and Alexnet. This paper compares the output-styled image and the total loss obtained through VGG19 and Alexnet architectures. In addition, three different activation functions are used to compare quality and total loss of output styled images within Alexnet architectures.

Arbitrary style transfer means that stylized images can be generated from a set of arbitrary input image pairs of content images and style images. Recent arbitrary style transfer algorithms lead to distortion of content or incompletion of style transfer because network need to make a balance between the content structure and style. In this paper, we introduce a dual attention network based on style attention and channel attention, which can flexibly transfer local styles, pay more attention to content structure, keep content structure intact and reduce unnecessary style transfer. Experimental results show that the network can synthesize high quality stylized images while maintaining real-time performance.

In protocol verification we observe a wide spectrum from fully automated methods to interactive theorem proving with proof assistants like Isabelle/HOL. The latter provide overwhelmingly high assurance of the correctness, which automated methods often cannot: due to their complexity, bugs in such automated verification tools are likely and thus the risk of erroneously verifying a flawed protocol is non-negligible. There are a few works that try to combine advantages from both ends of the spectrum: a high degree of automation and assurance. We present here a first step towards achieving this for a more challenging class of protocols, namely those that work with a mutable long-term state. To our knowledge this is the first approach that achieves fully automated verification of stateful protocols in an LCF-style theorem prover. The approach also includes a simple user-friendly transaction-based protocol specification language embedded into Isabelle, and can also leverage a number of existing results such as soundness of a typed model

Blockchain is opening up new avenues for the development of new sorts of digital services. In this article, we'll employ the transparent Blockchain method to propose a system for collecting data from many sources and databases for use in local and national elections. The Blockchain-based system will be safe, trustworthy, and private. It will assist to know the overall count of the candidates who participated and it functions in the same way as people's faith in their governments does. Blockchain technology is the one that handles the actual vote. We use the secure hash algorithm for resolving this problem and tried to bring a solution through the usage of this booming technology. A centralized database in a blockchain system keeps track of the secure electronic interactions of users in a peer-to-peer network.

The unmatched threat of Android malware has tremendously increased the need for analyzing prominent malware samples. There are remarkable efforts in static and dynamic malware analysis using static features and API calls respectively. Nonetheless, there is a void to classify Android malware by analyzing its behavior using multiple dynamic characteristics. This paper proposes EntropLyzer, an entropy-based behavioral analysis technique for classifying the behavior of 12 eminent Android malware categories and 147 malware families taken from CCCS-CIC-AndMal2020 dataset. This work uses six classes of dynamic characteristics including memory, API, network, logcat, battery, and process to classify and characterize Android malware. Results reveal that the entropy-based analysis successfully determines the behavior of all malware categories and most of the malware families before and after rebooting the emulator.

The Robot Operation System (ROS) is widely used in academia as well as the industry to build custom robot applications. Successful cyberattacks on robots can result in a loss of control for the legitimate operator and thus have a severe impact on safety if the robot is moving uncontrollably. A high level of security thus needs to be mandatory. Neither ROS 1 nor 2 in their default configuration provide protection against network based attackers. Multiple protection mechanisms have been proposed that can be used to overcome this. Unfortunately, it is unclear how effective and usable each of them are. We provide a structured analysis of the requirements these protection mechanisms need to fulfill by identifying realistic, network based attacker models and using those to derive relevant security requirements and other evaluation criteria. Based on these criteria, we analyze the protection mechanisms available and compare them to each other. We find that none of the existing protection mechanisms fulfill all of the security requirements. For both ROS 1 and 2, we discuss which protection mechanism are most relevant and give hints on how to decide on one. We hope that the requirements we identify simplify the development or enhancement of protection mechanisms that cover all aspects of ROS and that our comparison helps robot operators to choose an adequate protection mechanism for their use case.

Modern Industrial Automation & Control Systems (IACS) are essential part of the critical infrastructures and services. They are used in health, power, water, and transportation systems, and the impact of cyberattacks on IACS could be severe, resulting, for example, in damage to the environment, public or employee safety or health. Thus, building IACS safe and secure against cyberattacks is extremely important. The attacker model is one of the key elements in risk assessment and other security related information system management tasks. The aim of the study is to specify the attacker's profile based on the analysis of network and system events. The paper presents an approach to the selection of attacker's profile attributes from raw network and system events of the Linux OS. To evaluate the approach the experiments were performed on data collected within the Global CPTC 2019 competition.

Today technological changes make the probability of more complex things made into simple tasks with more accuracy in major areas and mostly in Manufacturing Industry. Internet of things contributes its major part in automation which helps human to make life easy by monitoring and directed to a related person with in a fraction of second. Continuous advances and improvement in computer vision, mobile computing and tablet screens have led to a revived interest in Augmented Reality the Augmented Reality makes the complex automation into an easier task by making more realistic real time animation in monitoring and automation on Internet of Things (eg like temperature, time, object information, installation manual, real time testing).In order to identify and link the augmented content, like object control of home appliances, industrial appliances. The AR-IoT will have a much cozier atmosphere and enhance the overall Interactivity of the IoT environment. Augmented Reality applications use a myriad of data generated by IoT devices and components, AR helps workers become more competitive and productive with the realistic environment in IoT. Augmented Reality and Internet of Things together plays a critical role in the development of next generation technologies. This paper describes the concept of how Augmented Reality can be integrated with industry(AR-IoT)4.0 and how the sensors are used to monitoring objects/things contiguously round the clock, and make the process of converting real-time physical objects into smart things for the upcoming new era with AR-IoT.

Cybersecurity is becoming very crucial in the today's world where technology is now not limited to just computers, smartphones, etc. It is slowly entering into things that are used on daily basis like home appliances, automobiles, etc. Thus, opening a new door for people with wrong intent. With the increase in speed of technology dealing with such issues also requires quick response from security people. Thus, dealing with huge variety of devices quickly will require some extent of automation in this field. Generating threat intelligence automatically and also including those which are multilingual will also add plus point to prevent well known major attacks. Here we are proposing an AI based SOAR system in which the data from various sources like firewalls, IDS, etc. is collected with individual event profiling using a deep-learning detection method. For this the very first step is that the collected data from different sources will be converted into a standardized format i.e. to categorize the data collected from different sources. For standardized format Here our system finds out about the true positive alert for which the appropriate/ needful steps will be taken such as the generation of Indicators of Compromise report and the additional evidences with the help of Security Information and Event Management system. The security alerts will be notified to the security teams with the degree of threat.

In order to overcome a series of problems in the application process of traditional communication engineering in the new era, such as information security, this paper proposes a novel communication engineering application system based on artificial intelligence technology. The application system fully combines the artificial intelligence technology, and applies the artificial intelligence thinking to the reform of traditional communication engineering. Based on this, the application strategy also fully combines the application and development of 5g technology, and strengthens the security of communication engineering in the application process from many aspects. The results show that the application system can give full play to the role of artificial intelligence technology and improve the security of communication process as much as possible, which lays a good foundation for the further development of 5g technology.