Biblio

Hash-based data structures and algorithms are currently flourishing on the Internet. It is an effective way to store large amounts of information, especially for applications related to measurement, monitoring and security. At present, there are many hash table algorithms such as: Cuckoo Hash, Peacock Hash, Double Hash, Link Hash and D-left Hash algorithm. However, there are still some problems in these hash table algorithms, such as excessive memory space, long insertion and query operations, and insertion failures caused by infinite loops that require rehashing. This paper improves the kick-out mechanism of the Cuckoo Hash algorithm, and proposes a new hash table structure- Odd-Even Hash (OE Hash) algorithm. The experimental results show that OE Hash algorithm is more efficient than the existing Link Hash algorithm, Linear Hash algorithm, Cuckoo Hash algorithm, etc. OE Hash algorithm takes into account the performance of both query time and insertion time while occupying the least space, and there is no insertion failure that leads to rehashing, which is suitable for massive data storage.

With the development of the digital development transformation of the power grid, the classification of power unstructured encrypted data is an important basis for data security protection. However, most studies focus on exact match classification or single-keyword fuzzy match classification. This paper proposes a fuzzy matching classification method for power unstructured encrypted data. The data owner generates an index vector based on the power unstructured file, and the data user generates a query vector by querying the file through the same process. The index and query vector are uploaded to the cloud server in encrypted form, and the cloud server calculates the relevance score and sorts it, and returns the classification result with the highest score to the user. This method realizes the multi-keyword fuzzy matching classification of unstructured encrypted data of electric power, and through the experimental simulation of a large number of data sets, the effect and feasibility of the method are proved.

Volumetric Distributed Denial of Service attacks forcefully disrupt the availability of online services by congesting network links with arbitrary high-volume traffic. This brute force approach has collateral impact on the upstream network infrastructure, making early attack traffic removal a key objective. To reduce infrastructure load and maintain service availability, we introduce ReCEIF, a topology-independent mitigation strategy for early, rule-based ingress filtering leveraging deep reinforcement learning. ReCEIF utilizes hierarchical heavy hitters to monitor traffic distribution and detect subnets that are sending high-volume traffic. Deep reinforcement learning subsequently serves to refine hierarchical heavy hitters into effective filter rules that can be propagated upstream to discard traffic originating from attacking systems. Evaluating all filter rules requires only a single clock cycle when utilizing fast ternary content-addressable memory, which is commonly available in software defined networks. To outline the effectiveness of our approach, we conduct a comparative evaluation to reinforcement learning-based router throttling.

Steganography is one of the techniques for secure transformation of data which aims at hiding information inside other media in such a way that no one will notice. The cover media that can accommodate secret information include text, audio, image, and video. Images are the most popular covering media in steganography, due to the fact that, they are heavily used in daily applications and have high redundancy in representation. In this paper, we propose an adaptive steganography algorithm for hiding information in RGB images. To minimize visual perceptible distortion, the proposed algorithm uses edge pixels for embedding data. It detects the edge pixels in the image using the Sobel filter. Then, the message is embedded into the LSBs of the blue channel of the edge pixels. To resist statistical attacks, the distribution of the blue channel of the edge pixels is used when embedding data in the cover image. The experimental results showed that the algorithm offers high capacity for hiding data in cover images; it does not distort the quality of the stego image; it is robust enough against statistical attacks; and its execution time is short enough for online data transfer. Also, the results showed that the proposed algorithm outperforms similar approaches in all evaluation metrics.

In order to protect the safety of power grid, improve the early warning precision of false data injection. This paper presents a dynamic detection model for false data injection attacks. Based on the characteristics of APT attacks, a model of attack characteristics for trusted regions is constructed. In order to realize the accurate state estimation, unscented Kalman filtering algorithm is used to estimate the state of nonlinear power system and realize dynamic attack detection. Experimental results show that the precision of this method is higher than 90%, which verifies the effectiveness of this paper in attack detection.

Information system security is very important and very complicated, security is to prevent potential crisis. To detect both from external invasion behavior, also want to check the internal unauthorized behavior. Presented here ABHIDS hybrid intrusion detection system model, designed a component Agent, controller, storage, filter, manager component (database), puts forward a new detecting DDoS attacks (trinoo) algorithm and the implementation. ABHIDS adopts object-oriented design method, a study on intrusion detection can be used as a working mechanism of the algorithms and test verification platform.

Traditional DDoS attacks mainly send massive data packets through the attacking machine, consuming the network resources or server resources of the target server, making users unable to use server resources to achieve the purpose of denial of service. This type of attack is called a Flooding-based DDoS (FDDoS) attack. It has the characteristics of large traffic and suddenness. However, Low-rate DDoS (LDDoS) attack is a new type of DDoS attack. LDDoS utilize the TCP congestion control mechanism and sends periodic pulses to attack, which can seriously reduce the TCP flow throughput of the attacked link. It has the characteristics of small traffic and strong concealment. Each of these two DDoS attack methods has its own hard-to-handle characteristics, so that there is currently no particularly effective method to prevent such attacks. This paper uses time-frequency analysis to classify and filter DDoS traffic. The proposed filtering method is designed as a system in the actual environment. Experimental results show that the designed filtering algorithm can resist not only FDDoS attacks, but also LDDoS attacks.

The process of Big data storage has become challenging due to the expansion of extensive data; data providers will offer encrypted data and upload to Big data. However, the data exchange mechanism is unable to accommodate encrypted data. Particularly when a large number of users share the scalable data, the scalability becomes extremely limited. Using a contemporary privacy protection system to solve this issue and ensure the security of encrypted data, as well as partially homomorphic re-encryption and decryption (PHRED). This scheme has the flexibility to share data by ensuring user's privacy with partially trusted Big Data. It can access to strong unforgeable scheme it make the transmuted cipher text have public and private key verification combined identity based Augmented Homomorphic Re Encryption Decryption(AHRED) on paillier crypto System with Laplacian noise filter the performance of the data provider for privacy preserving big data.

Image edge is considered to be the most important attribute to provide valuable image perception information. At present, video image data is developing towards high resolution and high frame number. The image data processing capacity is huge, so the processing speed is very strict to meet the real-time performance of image data transmission. In this context, we present a method to accelerate the real-time video image edge detection. FPGA is used as the development platform. The real-time edge detection algorithm of image data with 1280x720 resolution and 30 frame/s, combined with median filter, Sobel edge detection algorithm and corrosion expansion algorithm, makes the running time of image processing module shorter. The color image of the video image collected by camera is processed. The HDMI interface shows that the scheme has achieved ideal results in the FPGA hardware platform simulation model, greatly improves the efficiency of the algorithm, and provides a guarantee for the speed and stability of the real-time image processing system.

Implementing the color images encryption is a challenging field of the research for IOT applications. An exponential growth in imaging cameras in IOT uses makes it critical to design the robust image security algorithms. It is also observed that performance of existing encryption methods degrades under the presence of noisy environments. This is the major concern of evaluating the encryption method in this paper. The prime concern of this paper is to design the fast efficient color images encryption algorithm by designing an efficient and robustness RSA encryption algorithm. Method takes the advantage of both preprocessing and the Gaussian pyramid (GP) approach for encryption. To improve the performance it is proposed to use the LAB color space and implement the RSA encryption on luminance (L) component using the GP domain. The median filter and image sharpening is used for preprocessing. The goal is to improve the performance under highly noisy imaging environment. The performance is compared based on the crypto weights and on the basis of visual artifacts and entropy analysis. The decrypted outputs are again converted to color image output. Using the LAB color space is expected to improve the entropy performance of the image. Result of proposed encryption method is evaluated under the different types of the noisy attacks over the color images and also performance is compared with state of art encryption methods. Significant improvement speed of the algorithm is compared in terms of the elapsed time

The fusion of infrared and visible images using traditional multi-scale decomposition methods often leads to the loss of detailed information or the blurring of image edges, which is because the contour information and the detailed information within the contour cannot be retained simultaneously in the fusion process. To obtain high-quality fused images, a hybrid multi-scale decomposition fusion method using co-occurrence and Gaussian filters is proposed in this research. At first, by making full use of the smoothing effect of the Gaussian filter and edge protection characteristic of the co-occurrence filter, source images are decomposed into multiple hierarchical structures with different characteristics. Then, characteristics of sub-images at each level are analyzed, and the corresponding fusion rules are designed for images at different levels. At last, the final fused image obtained by combining fused sub-images of each level has rich scene information and clear infrared targets. Compared with several traditional multi-scale fusion algorithms, the proposed method has great advantages in some objective evaluation indexes.

Over the past few years computer vision has become the essential aspect of modern era of technology. This computer vision is manly based on image processing whereas the image processing includes three important aspects as image filtering, image compression & image security. The image filtering can be achieved by using various filtering techniques but the PSNR & operating frequency are the most challenging aspects of image filtering. This paper mainly focused on overcoming the challenges appears while removing the salt & pepper noise with conventional median filtering by developing improved adaptive moving window architecture median filter & comparing its performance to have improved performance in terms of PSNR & operating frequency.

Experienced developers of safety-critical and security-critical systems have long emphasized the importance of applying the highest degree of scrutiny to a system's I/O boundaries. From a safety perspective, input validation is a traditional “best practice.” For security-critical architecture and design, identification of the attack surface has emerged as a primary analysis technique. One of our current research focus areas concerns the identification of and mitigation against attacks along that surface, using mathematically-based tools. We are motivated in these efforts by emerging application areas, such as assured autonomy, that feature a high degree of network connectivity, require sophisticated algorithms and data structures, are subject to stringent accreditation/certification, and encourage hardware/software co-design approaches. We have conducted several experiments employing a state-of-the-art toolchain, due to Russinoff and O'Leary, and originally designed for use in floating-point hardware verification, to determine its suitability for the creation of safety-critical/security-critical input filters. We focus first on software implementation, but extending to hardware as well as hardware/software co-designs. We have implemented a high-assurance filter for JSON-formatted data used in an Unmanned Aerial Vehicle (UAV) application. Our JSON filter is built using a table-driven lexer/parser, supported by mathematically-proven lexer and parser table generation technology, as well as verified data structures. Filter behavior is expressed in a subset of Algorithmic C, which defines a set of C++ header files providing support for hardware design, including the peculiar bit widths utilized in that discipline, and enables compilation to both hardware and software platforms. The Russinoff-O'Leary Restricted Algorithmic C (RAC) toolchain translates Algorithmic C source to the Common Lisp subset supported by the ACL2 theorem prover; once in ACL2, filter behavior can be mathematically verified. We describe how we utilize RAC to translate our JSON filter to ACL2, present proofs of correctness for its associated data types, and describe validation and performance results obtained through the use of concrete test vectors.

In VANETs, pseudonyms are often used to replace the identity of vehicles in communication. When vehicles drive out of the network or misbehave, their pseudonym certificates need to be revoked by the certificate authority (CA). The certificate revocation lists (CRLs) are usually used to store the revoked certificates before their expiration. However, using CRLs would incur additional storage, communication and computation overhead. Some existing schemes have proposed to use Bloom Filter to compress the original CRLs, but they are unable to delete the expired certificates and introduce the false positive problem. In this paper, we propose an improved pseudonym certificates revocation scheme, using Cuckoo Filter for compression to reduce the impact of these problems. In order to optimize deletion efficiency, we propose the concept of Certificate Expiration List (CEL) which can be implemented with priority queue. The experimental results show that our scheme can effectively reduce the storage and communication overhead of pseudonym certificates revocation, while retaining moderately low false positive rates. In addition, our scheme can also greatly improve the lookup performance on CRLs, and reduce the revocation operation costs by allowing deletion.

Most traditional recommendation algorithms only consider the binary relationship between users and projects, these can basically be converted into score prediction problems. But most of these algorithms ignore the users's interests, potential work factors or the other social factors of the recommending products. In this paper, based on the existing trustworthyness model and similarity measure, we puts forward the concept of trust similarity and design a joint interest-content recommendation framework to suggest users which videos to watch in the online video site. In this framework, we first analyze the user's viewing history records, tags and establish the user's interest characteristic vector. Then, based on the updated vector, users should be clustered by sparse subspace clust algorithm, which can improve the efficiency of the algorithm. We certainly improve the calculation of similarity to help users find better neighbors. Finally we conduct experiments using real traces from Tencent Weibo and Youku to verify our method and evaluate its performance. The results demonstrate the effectiveness of our approach and show that our approach can substantially improve the recommendation accuracy.

In order to improve the accuracy of similarity, an improved collaborative filtering algorithm based on trust and information entropy is proposed in this paper. Firstly, the direct trust between the users is determined by the user's rating to explore the potential trust relationship of the users. The time decay function is introduced to realize the dynamic portrayal of the user's interest decays over time. Secondly, the direct trust and the indirect trust are combined to obtain the overall trust which is weighted with the Pearson similarity to obtain the trust similarity. Then, the information entropy theory is introduced to calculate the similarity based on weighted information entropy. At last, the trust similarity and the similarity based on weighted information entropy are weighted to obtain the similarity combing trust and information entropy which is used to predicted the rating of the target user and create the recommendation. The simulation shows that the improved algorithm has a higher accuracy of recommendation and can provide more accurate and reliable recommendation service.

The laser security code has been widely used for providing guarantee for ensuring quality of productions and maintaining market circulation order. The laser security code is printed on the surface of the productions, and it may be disturbed by printing method, printing position, package texture and background, which will make the laser security code cannot work normally. The image enhancement algorithm combining with bilateral filter and contrast limited adaptive histogram equalization is provided, which can realize the enhanced display of laser security code in strong interference background. The performance of this algorithm is analyzed and evaluated by experiments, and it can prove that the indexes of this algorithm are better than others.

ECG signals are often corrupted by 50 Hz noise, the frequency from the power supply. So it becomes quite necessary to remove Power Line Interference (PLI) from the ECG signal. The reference ECG signal data was taken from the MIT-BIH database. Different filtering techniques comprising of Discrete Wavelet Transform (DWT), Normalized Least Mean Square (NLMS) filter, Finite Impulse Response (FIR) filter and Infinite Impulse Response (IIR) filter were used in this paper for denoising the ECG signal which was corrupted by the PLI. Later, the comparison was made among the methods, to find the best methodology to denoise the corrupted ECG signal. The parameters that were used for the comparison are Mean Square Error (MSE), Mean Absolute Error (MAE), Signal to Noise Ratio (SNR) and Peak Signal to Noise Ratio (PSNR). Higher values of SNR & PSNR and lower values of MSE & MAE define the best denoising algorithm.

Short Message Service is now-days the most used way of communication in the electronic world. While many researches exist on the email spam detection, we haven't had the insight knowledge about the spam done within the SMS's. This might be because the frequency of spam in these short messages is quite low than the emails. This paper presents different ways of analyzing spam for SMS and a new pre-processing way to get the actual dataset of spam messages. This dataset was then used on different algorithm techniques to find the best working algorithm in terms of both accuracy and recall. Random Forest algorithm was then implemented in a real world application library written in C\# for cross platform .Net development. This library is capable of using a prebuild model for classifying a new dataset for spam and ham.

Machine learning (ML) algorithms provide a good solution for many security sensitive applications, they themselves, however, face the threats of adversary attacks. As a key problem in machine learning, how to design robust feature selection algorithms against these attacks becomes a hot issue. The current researches on defending evasion attacks mainly focus on wrapped adversarial feature selection algorithm, i.e., WAFS, which is dependent on the classification algorithms, and time cost is very high for large-scale data. Since mRMR (minimum Redundancy and Maximum Relevance) algorithm is one of the most popular filter algorithms for feature selection without considering any classifier during feature selection process. In this paper, we propose a novel adversary-aware feature selection algorithm under filter model based on mRMR, named FAFS. The algorithm, on the one hand, takes the correlation between a single feature and a label, and the redundancy between features into account; on the other hand, when selecting features, it not only considers the generalization ability in the absence of attack, but also the robustness under attack. The performance of four algorithms, i.e., mRMR, TWFS (Traditional Wrapped Feature Selection algorithm), WAFS, and FAFS is evaluated on spam filtering and PDF malicious detection in the Perfect Knowledge attack scenarios. The experiment results show that FAFS has a better performance under evasion attacks with less time complexity, and comparable classification accuracy.

Nowadays, Internet Service Providers (ISPs) have been depending on Deep Packet Inspection (DPI) approaches, which are the most precise techniques for traffic identification and classification. However, constructing high performance DPI approaches imposes a vigilant and an in-depth computing system design because the demands for the memory and processing power. Membership query data structures, specifically Bloom filter (BF), have been employed as a matching check tool in DPI approaches. It has been utilized to store signatures fingerprint in order to examine the presence of these signatures in the incoming network flow. The main issue that arise when employing Bloom filter in DPI approaches is the need to use k hash functions which, in turn, imposes more calculations overhead that degrade the performance. Consequently, in this paper, a new design and implementation for a DPI approach have been proposed. This DPI utilizes a membership query data structure called Cuckoo filter (CF) as a matching check tool. CF has many advantages over BF like: less memory consumption, less false positive rate, higher insert performance, higher lookup throughput, support delete operation. The achieved experiments show that the proposed approach offers better performance results than others that utilize Bloom filter.

With the rapid development of the information technology, more and more high-speed networks came out. The 4G LTE network as a recently emerging network has gradually entered the mainstream of the communication network. This paper proposed an effective content-based information filtering based on the 4G LTE high-speed network by combing the content-based filter and traditional simple filter. Firstly, raw information is pre-processed by five-tuple filter. Secondly, we determine the topics and character of the source data by key nearest neighbor text classification after minimum-risk Bayesian classification. Finally, the improved AdaBoost algorithm achieves the four-level content-based information filtering. The experiments reveal that the effective information filtering method can be applied to the network security, big data analysis and other fields. It has high research value and market value.

Spam Filtering is an adversary application in which data can be purposely employed by humans to attenuate their operation. Statistical spam filters are manifest to be vulnerable to adversarial attacks. To evaluate security issues related to spam filtering numerous machine learning systems are used. For adversary applications some Pattern classification systems are ordinarily used, since these systems are based on classical theory and design approaches do not take into account adversarial settings. Pattern classification system display vulnerabilities (i.e. a weakness that grants an attacker to reduce assurance on system's information) to several potential attacks, allowing adversaries to attenuate their effectiveness. In this paper, security evaluation of spam email using pattern classifier during an attack is addressed which degrade the performance of the system. Additionally a model of the adversary is used that allows defining spam attack scenario.

A robust appearance model is usually required in visual tracking, which can handle pose variation, illumination variation, occlusion and many other interferences occurring in video. So far, a number of tracking algorithms make use of image samples in previous frames to update appearance models. There are many limitations of that approach: 1) At the beginning of tracking, there exists no sufficient amount of data for online update because these adaptive models are data-dependent and 2) in many challenging situations, robustly updating the appearance models is difficult, which often results in drift problems. In this paper, we proposed a tracking algorithm based on compressive sensing theory and particle filter framework. Features are extracted by random projection with data-independent basis. Particle filter is employed to make a more accurate estimation of the target location and make much of the updated classifier. The robustness and the effectiveness of our tracker have been demonstrated in several experiments.

Efficient and secure search on encrypted data is an important problem in computer science. Users having large amount of data or information in multiple documents face problems with their storage and security. Cloud services have also become popular due to reduction in cost of storage and flexibility of use. But there is risk of data loss, misuse and theft. Reliability and security of data stored in the cloud is a matter of concern, specifically for critical applications and ones for which security and privacy of the data is important. Cryptographic techniques provide solutions for preserving the confidentiality of data but make the data unusable for many applications. In this paper we report a novel approach to securely store the data on a remote location and perform search in constant time without the need for decryption of documents. We use bloom filters to perform simple as well advanced search operations like case sensitive search, sentence search and approximate search.