Biblio

Impactful data breaches that exposed the online accounts and financial information of billions of individuals have increased recently because of the digitization of numerous industries. As a result, the need for comprehensive cybersecurity measures has risen, particularly with regard to the safekeeping of user passwords. Strong password storage security ensures that even if an attacker has access to compromised data, they are unable to utilize the passwords in attack vectors like credential-stuffing assaults. Additionally, it will reduce the risk of threats like fraudulent account charges or account takeovers for users. This study compares the performance of several hashing algorithms, including Bcrypt, SHA-256 and MD5 and how bcrypt algorithm outperforms the other algorithms. Reversal of each of the results will be attempted using Rainbow Tables for better understanding of hash reversals and the comparisons are tabulated. The paper provides a detail implementation of bcrypt algorithm and sheds light on the methodology of BCRYPT hashing algorithm results in robust password security. While SHA-256 hashing algorithms are, easily susceptible to simple attacks such as brute force as it a fast algorithm and making bcrypt more favorable.

Currently, mobile ad hoc networks (MANETs) are widely used due to its self-configuring feature. However, it is vulnerable to the malicious jammers in practice. Traditional anti-jamming approaches, such as channel hopping based on deterministic sequences, may not be the reliable solution against intelligent jammers due to its fixed patterns. To address this problem, we propose a distributed game theory-based multi-agent anti-jamming (DMAA) algorithm in this paper. It enables each user to exploit all information from its neighboring users before the network attacks, and derive dynamic local policy knowledge to overcome intelligent jamming attacks efficiently as well as guide the users to cooperatively hop to the same channel with high probability. Simulation results demonstrate that the proposed algorithm can learn an optimal policy to guide the users to avoid malicious jamming more efficiently and rapidly than the random and independent Q-learning baseline algorithms,

The object detection tasks based on edge computing have received great attention. A common concern hasn't been addressed is that edge may be unreliable and uploads the incorrect data to cloud. Existing works focus on the consistency of the transmitted data by edge. However, in cases when the inputs and the outputs are inherently different, the authenticity of data processing has not been addressed. In this paper, we first simply model the tampering detection. Then, bases on the feature insertion and game theory, the tampering detection and economic incentives mechanism (TDEI) is proposed. In tampering detection, terminal negotiates a set of features with cloud and inserts them into the raw data, after the cloud determines whether the results from edge contain the relevant information. The honesty incentives employs game theory to instill the distrust among different edges, preventing them from colluding and thwarting the tampering detection. Meanwhile, the subjectivity of nodes is also considered. TDEI distributes the tampering detection to all edges and realizes the self-detection of edge results. Experimental results based on the KITTI dataset, show that the accuracy of detection is 95% and 80%, when terminal's additional overhead is smaller than 30% for image and 20% for video, respectively. The interference ratios of TDEI to raw data are about 16% for video and 0% for image, respectively. Finally, we discuss the advantage and scalability of TDEI.

The high maneuverability of the unmanned aerial vehicle (UAV), facilitating fast and flexible deployment of communication infrastructures, brings potentially valuable opportunities to the future wireless communication industry. Nevertheless, UAV communication networks are faced with severe security challenges since air to ground (A2G) communications are more vulnerable to eavesdropping attacks than terrestrial communications. To solve the problem, we propose a coding scheme that hierarchically utilizes polar codes in order to address channel multi-state variation for UAV wiretap channels, without the instantaneous channel state information (CSI) known at the transmitter. The theoretical analysis and simulation results show that the scheme achieves the security capacity of the channel and meets the conditions of reliability and security.

In this work, we consider the application of the nonstationary channel polarization theory on the wiretap channel model with non-stationary blocks. Particularly, we present a time-bit coding scheme which is a secure polar codes that constructed on the virtual bit blocks by using the non-stationary channel polarization theory. We have proven that this time-bit coding scheme achieves reliability, strong security and the secrecy capacity. Also, compared with regular secure polar coding methods, our scheme has a lower coding complexity for non-stationary channel blocks.

A critical property of distributed data processing systems is the high level of reliability of such systems. A practical solution to this problem is to place copies of archives of magnetic media in the nodes of the system. These archives are used to restore data destroyed during the processing of requests to this data. The paper shows the impact of the use of archives on the reliability indicators of distributed systems.

STAMP (System Theoretic Accident Model and Processes) is one of the theories that has been attracting attention as a new safety analysis method for complex systems. CAST (Causal Analysis using System Theory) is a causal analysis method based on STAMP theory. The authors investigated an information security incident case, “AIST (National Institute of Advanced Industrial Science and Technology) report on unauthorized access to information systems,” and attempted accident analysis using CAST. We investigated whether CAST could be applied to the cyber security analysis. Since CAST is a safety accident analysis technique, this study was the first to apply CAST to cyber security incidents. Its effectiveness was confirmed from the viewpoint of the following three research questions. Q1:Features of CAST as an accident analysis method Q2:Applicability and impact on security accident analysis Q3:Understanding cyber security incidents with a five-layer model.

Network resilience is crucial to ensure reliable and secure operation of critical infrastructures. Although graph theoretic methods have been developed to quantify the topological resilience of networks, i.e., measuring resilience with respect to connectivity, in this study we propose to use the tools from Topological Data Analysis (TDA), Algebraic Topology, and Optimal Transport (OT). In our prior work, we used these tools to create a resilience metric that bypassed the need to embed a network onto a space. We also hypothesized that embeddings could encode different information about a network and that different embeddings could result in different outcomes when computing resilience. In this paper we attempt to test this hypothesis. We will utilize the WEGL framework to compute the embedding for the considered network and compare the results against our prior work, which did not use an embedding process. To our knowledge, this is the first attempt to study the ramifications of choosing an embedding, thus providing a novel understanding into how to choose an embedding and whether such a choice matters when quantifying resilience.

This paper investigates an asymptotically stable fault tolerant control (FTC) method for nonlinear continuous-time systems (NCTS) with actuator failures via differential game theory (DGT). Based on DGT, the FTC problem can be regarded as a two-player differential game problem with control player and fault player, which is solved by utilizing adaptive dynamic programming technique. Using a critic-only neural network, the cost function is approximated to obtain the solution of the Hamilton-Jacobi-Isaacs equation (HJIE). Then, the FTC strategy can be obtained based on the saddle point of HJIE, and ensures the satisfactory control performance for NCTS. Furthermore, the closed-loop NCTS can be guaranteed to be asymptotically stable, rather than ultimately uniformly bounded in corresponding existing methods. Finally, a simulation example is provided to verify the safe and reliable fault tolerance performance of the designed control method.

Compared with other virtualization technologies, container technology is widely used in edge computing because of its low cost, high reliability, high flexibility and fast portability. However, the use of container technology can alleviate the pressure of massive data, but also bring complex and diverse security problems. Reliable information security risk assessment method is the key to ensure the smooth application of container technology. According to the risk assessment theory, a security risk assessment method for edge computing containers based on dynamic game theory is proposed. Aiming at the complex container security attack and defense process, the container system's security model is constructed based on dynamic game theory. By combining the attack and defense matrix, the Nash equilibrium solution of the model is calculated, and the dynamic process of the mutual game between security defense and malicious attackers is analyzed. By solving the feedback Nash equilibrium solution of the model, the optimal strategies of the attackers are calculated. Finally, the simulation tool is used to solve the feedback Nash equilibrium solution of the two players in the proposed model, and the experimental environment verifies the usability of the risk assessment method.

As a supplement to the cloud computing model, the edge computing model can use edge servers and edge devices to coordinate information processing on the edge of the network to help Internet of Thing (IoT) data storage, transmission, and computing tasks. In view of the complex and changeable situation of edge computing IoT scenarios, this paper proposes a multi-dimensional trust evaluation factor selection scheme. Improve the traditional trusted modeling method based on direct/indirect trust, introduce multi-dimensional trusted decision attributes and rely on the collaboration of edge servers and edge device nodes to infer and quantify the trusted relationship between nodes, and combine the information entropy theory to smoothly weight the calculation results of multi-dimensional decision attributes. Improving the current situation where the traditional trusted assessment scheme's dynamic adaptability to the environment and the lack of reliability of trusted assessment are relatively lacking. Simulation experiments show that the edge computing IoT multi-dimensional trust evaluation model proposed in this paper has better performance than the trusted model in related literature.

In some single-phase systems, power decoupling is necessary to balance the difference between constant power at load side and double-frequency ripple power at AC side. The application of active power decoupling methods aim to smooth this power oscillatory component, but, in general, these methods require the addition of many semiconductor devices and/or energy storage components, which is not lined up with achieving low cost, high efficiency and high power quality. This paper presents the analysis of a new single-phase rectifier based on zeta topology with power decoupling function and power factor correction using only two active switches and without extra reactive components. Its behavior is based on three stages of operation in a switching period, such that the power oscillating component is stored in one of the inherent zeta inductor. The theoretical foundation that justifies its operation is presented, as well as the simulation and experimental results to validate the applied concepts.

This paper for the first time investigate the security and reliability performance of ultra-reliable low-latency communication (URLLC) systems in the presence of randomly distributed eavesdroppers, where the impact of short blocklength codes and imperfect channel estimation are jointly considered. Based on the finite-blocklength information theory, we first derive a closed-form approximation of transmission error probability to describe the degree of reliability loss. Then, we also derive an asymptotic expression of intercept probability to characterize the security performance, where the impact of secrecy protected zone is also considered. Simulation and numerical results validate the accuracy of theoretical approximations, and illustrate the tradeoff between security and reliability. That is, the intercept probability of URLLC systems can be suppressed by loosening the reliability requirement, and vice versa. More importantly, the theoretical analysis and methodologies presented in this paper can offer some insights and design guidelines for supporting secure URLLC applications in the future 6G wireless networks.

Existing compression coding technologies are investigated using a statistical approach. The fundamental strategies used in the process of statistical coding of video information data are analyzed. Factors that have a significant impact on the reliability and efficiency of video delivery in the process of statistical coding are analyzed. A model for estimating the impact of errors in the process of reconstruction of uneven code structures on the quality of recoverable video images is being developed.The influence of errors that occur in data transmission channels on the reliability of the reconstructed video image is investigated.

We study quantum-secure covert-communication over lossy thermal-noise bosonic channels, the quantum mechanical model for many practical channels. We derive the expressions for the covert capacity of these channels: Lno-EA, when Alice and Bob share only a classical secret, and LEA, when they benefit from entanglement assistance. Entanglement assistance alters the fundamental scaling law for covert communication. Instead of Lno-EA$\surd$n-rno-EA(n), rno-EA(n) = o($\surd$n), entanglement assistance allows LEA$\surd$n log n - rEA(n), rEA(n) = o($\surd$n log n), covert bits to be transmitted reliably over n channel uses. However, noise in entanglement storage erases the log n gain from our achievability; work on the matching converse is ongoing.

This paper considers the covert identification problem in which a sender aims to reliably convey an identification (ID) message to a set of receivers via a binary-input discrete memoryless channel (BDMC), and simultaneously to guarantee that the communication is covert with respect to a warden who monitors the communication via another independent BDMC. We prove a square-root law for the covert identification problem. This states that an ID message of size exp(exp($\Theta$($\surd$ n)) can be transmitted over n channel uses. We then characterize the exact pre-constant in the $\Theta$($\cdot$) notation. This constant is referred to as the covert identification capacity. We show that it equals the recently developed covert capacity in the standard covert communication problem, and somewhat surprisingly, the covert identification capacity can be achieved without any shared key between the sender and receivers. The achievability proof relies on a random coding argument with pulse-position modulation (PPM), coupled with a second stage which performs code refinements. The converse proof relies on an expurgation argument as well as results for channel resolvability with stringent input constraints.

We consider the anonymous mutual authentication problem, which consists of a certificate authority, single or multiple verifiers, many legitimate users (provers) and any arbitrary number of illegitimate users. The legal verifier and a legitimate user must be mutually authenticated to each other using the user's key, while the identity of the user must stay unrevealed. An attacker (illegitimate prover) as well as an illegal verifier must fail in authentication. A general interactive information theoretic framework in a finite field is proposed, where the normalized total key rate as a metric for reliability is defined. Maximizing this rate has a trade-off with establishing anonymity. The problem is studied in two different scenarios: centralized scenario (one single verifier performs the authentication process) and distributed scenario (authentication is done by N verifiers, distributively). For both scenarios, achievable schemes, which satisfy the completeness, soundness (at both verifier and prover) and anonymity properties, are proposed. Increasing the size of the field, results in the key rate approaching its upper bound.

The development of control systems of increased reliability is highly relevant due to their widespread introduction in various sectors of human activity, including those where failure of the control system can lead to serious or catastrophic consequences. The increase of the reliability of control systems is directly related with the reliability of control computers (so called intellectual centers) since the computer technology is the basis of modern control systems. One of the possible solutions to the development of highly reliable control computers is the practical implementation of the provisions of the theory of structural stability, which involves the practical solution of two main tasks - this is the task of functional adaptation and the preceding task of functional diagnostics. This article deals with the issues on the assessment of computational complexity of the implementation of the adaptation process of structural and sustainable control computer. The criteria of computational complexity are the characteristics of additionally attracted resources, such as the temporal characteristics of the adaptation process and the characteristics of the involved amount of memory resources of the control computer involved in the implementation of the adaptation process algorithms.

As large-scale linear equation systems are pervasive in many scientific fields, great efforts have been done over the last decade in realizing efficient techniques to solve such systems, possibly relying on High Performance Computing (HPC) infrastructures to boost the performance. In this framework, the ever-growing scale of supercomputers inevitably increases the frequency of faults, making it a crucial issue of HPC application development.A previous study [1] investigated the possibility to enhance the Inhibition Method (IMe) -a linear systems solver for dense unstructured matrices-with fault tolerance to single hard errors, i.e. failures causing one computing processor to stop.This article extends [1] by proposing an efficient technique to obtain fault tolerance to multiple hard errors, which may occur concurrently on different processors belonging to the same or different machines. An improved parallel implementation is also proposed, which is particularly suitable for HPC environments and moves towards the direction of a complete decentralization. The theoretical analysis suggests that the technique (which does not require check pointing, nor rollback) is able to provide fault tolerance to multiple faults at the price of a small overhead and a limited number of additional processors to store the checksums. Experimental results on a HPC architecture validate the theoretical study, showing promising performance improvements w.r.t. a popular fault-tolerant solving technique.

The design of codes for communicating reliably over a statistically well defined channel is an important endeavor involving deep mathematical research and wide-ranging practical applications. In this work, we present the first family of codes obtained via deep learning, which significantly outperforms state-of-the-art codes designed over several decades of research. The communication channel under consideration is the Gaussian noise channel with feedback, whose study was initiated by Shannon; feedback is known theoretically to improve reliability of communication, but no practical codes that do so have ever been successfully constructed. We break this logjam by integrating information theoretic insights harmoniously with recurrent-neural-network based encoders and decoders to create novel codes that outperform known codes by 3 orders of magnitude in reliability and achieve a 3dB gain in terms of SNR. We also demonstrate several desirable properties of the codes: (a) generalization to larger block lengths, (b) composability with known codes, and (c) adaptation to practical constraints. This result also has broader ramifications for coding theory: even when the channel has a clear mathematical model, deep learning methodologies, when combined with channel-specific information-theoretic insights, can potentially beat state-of-the-art codes constructed over decades of mathematical research.

Microgrids are a promising alternative to the traditional distribution systems due to their highly desirable features, such as, reliability, resiliency, and efficiency. This paper covers the design, simulation, and economic analysis of a theoretically designed modern, mixed-use commercial and residential building on a feeder in Charleston, SC, USA. The designed system is simulated in PSCAD/EMTDC. The system combines a natural gas CHP turbine and generator block set, solar photovoltaics (PV), and a battery energy storage system (BESS). It is planned to provide power through a DC lighting bus and an AC to several different commercial load profiles as well as 40 apartments of varying sizes. Additionally, a comprehensive economic analysis is completed with available or estimated pricing to prove the feasibility of such a project.

Shared register emulations on top of message-passing systems provide an illusion of a simpler shared memory system which can make the task of a system designer easier. Numerous shared register applications have a considerably high read-to-write ratio. Thus, having algorithms that make reads more efficient than writes is a fair trade-off.Typically, such algorithms for reads and writes are asymmetric and sacrifice the stringent consistency condition atomicity, as it is impossible to have fast reads for multi-writer atomicity. Safety is a consistency condition that has has gathered interest from both the systems and theory community as it is weaker than atomicity yet provides strong enough guarantees like "strong consistency" or read-my-write consistency. One requirement that is assumed by many researchers is that of the reliable broadcast (RB) primitive, which ensures the "all or none" property during a broadcast. One drawback is that such a primitive takes 1.5 rounds to complete and requires server-to-server communication.This paper implements an efficient multi-writer multi-reader safe register without using a reliable broadcast primitive. Moreover, we provide fast reads or one-shot reads – our read operations can be completed in one round of client-to-server communication. Of course, this comes with the price of requiring more servers when compared to prior solutions assuming reliable broadcast. However, we show that this increased number of servers is indeed necessary as we prove a tight bound on the number of servers required to implement Byzantine-fault tolerant safe registers in a system without reliable broadcast.We extend our results to data stored using erasure coding as well. We present an emulation of single-writer multi-reader safe register based on MDS codes. The usage of MDS codes reduces storage and communication costs. On the negative side, we also show that to use MDS codes and at the same time achieve one-shot reads, we need even more servers.

The reliability of nuclear command, control and communications has long been identified as a critical component of the strategic stability among nuclear states. Advances in offensive cyber weaponry have the potential to negatively impact this reliability, threatening strategic stability. In this paper we present a game theoretic model of preemptive cyber attacks against nuclear command, control and communications. The model is a modification of the classic two-player game of Chicken, a standard game theoretic model for nuclear brinksmanship. We fully characterize equilibria in both the complete information game and two distinct two-sided incomplete information games. We show that when both players have advanced cyber capabilities conflict is more likely in equilibrium, regardless of information structure. On the other hand, when at most one player has advanced cyber capabilities, strategic stability depends on the information structure. Under complete information, asymmetric cyber capabilities have a stabilizing effect in which the player with strong cyber has the resolve to stand firm in equilibrium. Under incomplete information, asymmetric cyber capabilities can have both stabilizing and destabilizing effects depending on prior beliefs over opponent cyber capabilities.

Least-recently-used (LRU) caching and its variants have conventionally been used as a fundamental and critical method to ensure fast and efficient data access in computer and communication systems. Emerging data-intensive applications over unreliable channels, e.g., mobile edge computing and wireless content delivery networks, have imposed new challenges in optimizing LRU caching systems in environments prone to failures. Most existing studies focus on reliable channels, e.g., on wired Web servers and within data centers, which have already yielded good insights with successful algorithms on how to reduce cache miss ratios. Surprisingly, we show that these widely held insights do not necessarily hold true for unreliable channels. We consider a single-hop multi-cache distributed system with data items being dispatched by random hashing. The objective is to achieve efficient cache organization and data placement. The former allocates the total memory space to each of the involved caches. The latter decides data routing strategies and data replication schemes. Analytically we characterize the unreliable LRU caches by explicitly deriving their asymptotic miss probabilities. Based on these results, we optimize the system design. Remarkably, these results sometimes are counterintuitive, differing from the ones obtained for reliable caches. We discover an interesting phenomenon: asymmetric cache organization is optimal even for symmetric channels. Specifically, even when channel unreliability probabilities are equal, allocating the cache spaces unequally can achieve a better performance. We also propose an explicit unequal allocation policy that outperforms the equal allocation. In addition, we prove that splitting the total cache space into separate LRU caches can achieve a lower asymptotic miss probability than resource pooling that organizes the total space in a single LRU cache. These results provide new and even counterintuitive insights that motivate novel designs for caching systems over unreliable channels. They can potentially be exploited to further improve the system performance in real practice.

Summary form only given. Symbolic execution is a systematic program analysis technique which explores multiple program behaviors all at once by collecting and solving symbolic path conditions over program paths. The technique has been recently extended with probabilistic reasoning. This approach computes the conditions to reach target program events of interest and uses model counting to quantify the fraction of the input domain satisfying these conditions thus computing the probability of event occurrence. This probabilistic information can be used for example to compute the reliability of an aircraft controller under different wind conditions (modeled probabilistically) or to quantify the leakage of sensitive data in a software system, using information theory metrics such as Shannon entropy. In this talk we review recent advances in symbolic execution and probabilistic reasoning and we discuss how they can be used to ensure the safety and security of software systems.