Biblio

A sensor network is wireless with tiny nodes and widely used in various applications. To track the event and collect the data from a remote area or a hostile area sensor network is used. A WSN collects wirelessly connected tiny sensors with minimal resources like the battery, computation power, and memory. When a sensor collects data, it must be transferred to the control center through the gateway (Sink), and it must be transferred safely. For secure transfer of data in the network, the routing protocol must be safe and can use the cryptography method for authentication and confidentiality. An essential issue in WSN structure is the key management. WSN relies on the strength of the communicating devices, battery power, and sensor nodes to communicate in the wireless environment over a limited region. Due to energy and memory limitations, the construction of a fully functional network needs to be well arranged. Several techniques are available in the current literature for such key management techniques. Among the distribution of key over the network, sharing private and public keys is the most important. Network security is not an easy problem because of its limited resources, and these networks are deployed in unattended areas where they work without any human intervention. These networks are used to monitor buildings and airports, so security is always a major issue for these networks. In this paper, we proposed a dynamic key management scheme for the clustered sensor network that also supports the addition of a new node in the network later. Keys are dynamically generated and securely distributed to communication parties with the help of a cluster head. We verify the immunity of the scheme against various attacks like replay attack and node captured attacker. A simulation study was also done on energy consumption for key setup and refreshed the keys. Security analysis of scheme shows batter resiliency against node capture attack.

Radar sensors have shown great potential for surveillance and security authentication applications. However, a thorough analysis of their vulnerability to spoofing or replay attacks has not been performed yet. In this paper, the feasibility of performing spoofing attacks to radar sensor is studied and experimentally verified. First, a simple binary phase-shift keying system was used to generate artificial spectral components in the radar's demodulated signal. Additionally, an analog phase shifter was driven by an arbitrary signal generator to mimic the human cardio-respiratory motion. Characteristic time and frequency domain cardio-respiratory human signatures were successfully generated, which opens possibilities to perform spoofing attacks to surveillance and security continuous authentication systems based on microwave radar sensors.

The last couple of years have seen IoT-enabled sensors continuing to experience massive growth. Sensors have enhanced the possibility of large-scale IoT deployments in grid systems, vehicles, homes, and so forth. A network that incorporates different embedded systems has the underlying capability of transmitting information and receiving instructions through distributed sensor networks. Sensors are especially essential in gathering different pieces of information that relate to different IoT devices. However, security has become a critical concern for sensor networks that are enabled by the IoT. This is partly because of their design limitations like limited memory, weak processing capability, weak processing ability, and exposure to entities that are malicious. Even more, some ad hoc wireless sensor networks that are enabled by IoT are to some extent also prone to frequent changes in topology. This dynamic aspect tends to aggravate the security issues that are associated with sensors, thus enhancing the need to find a lasting solution. This paper sheds light on the IoT security requirements with special attention to issues related to sensors.

Physical security is essential to safeguarding critical areas. Here, we focus on the physical security problem in three-dimensional (3D) stealthy lattice wireless sensor networks using a 3D sensor belt around a critical space. Specifically, we propose a theoretical framework to investigate the 3D k-barrier coverage problem, where any path crossing this belt intersects with the sensing range of at least k sensors. Precisely, we study this problem from a tiling viewpoint, where the sensing ranges of the sensors are touching (or kissing) each other. We analyze various 3D deterministic sensor deployment methods yielding simple cubic, body centered cubic, face centered cubic, and hexagonal close-packed lattice wireless sensor networks. First, using the concept of the unit cell covered volume ratio, we prove that none of these 3D lattices guarantee k-barrier coverage. Second, to remedy this problem, we consider the great rhombicuboctahedron (GR), a polyhedral space-filler. We introduce the concept of intruder's abstract paths along a 3D k-barrier covered belt, and compute their number. Also, we propose a polynomial representation for all abstract paths. In addition, we compute the number of sensors deployed over a 3D k-barrier covered belt using GR. Third, we corroborate our analysis with numerical and simulation results.

Wireless Sensor Networks (WSN) are gaining popularity as being the backbone of Cyber physical systems, IOT and various data acquisition from sensors deployed in remote, inaccessible terrains have remote deployment. However due to remote deployment, WSN is an adhoc network of large number of sensors either heli-dropped in inaccessible terrain like volcanoes, Forests, border areas are highly energy deficient and available in large numbers. This makes it the right soup to become vulnerable to various kinds of Security attacks. The lack of energy and resources makes it deprived of developing a robust security code for mitigation of various kinds of attacks. Many attempts have been made to suggest a robust security Protocol. But these consume so much energy, bandwidth, processing power, memory and other resources that the sole purpose of data gathering from inaccessible terrain from energy deprived sensors gets defeated. This paper makes an attempt to study the types of attacks on different layers of WSN and the examine the recent trends in development of various security protocols to mitigate the attacks. Further, we have proposed a simple, lightweight but powerful security protocol known as Simple Sensor Security Protocol (SSSP), which captures the uniqueness of WSN and its isolation from internet to develop an energy efficient security solution.

With the continuous improvement of China's scientific and technological level, computer network has become an indispensable part of people's daily life. It can not only effectively improve the efficiency of production and life, and shorten the distance between people, but also further promote the speed of China's social and economic development, which has a positive impact on the realization of China's modernization. Under the new information security demand environment at present, we should pay attention to the related information security work and formulate effective security measures and strategies. In order to effectively prevent these information security problems, people should actively adopt firewall technology, encryption technology, network access control technology and network virus prevention technology for effective protection. This paper analyzes the security problems in the application of wireless sensor networks and explores the mechanism of defending information security, hoping to strengthen the security and stability of wireless sensor networks through effective measures, so that people can better enjoy the convenience brought by the network age.

The total number of photovoltaic power producing facilities whose FIT-based ten-year contract expires by 2023 is expected to reach approximately 1.65 million in Japan. If the number of renewable electricity-producing/consuming facilities reached two million, an enormous number of transactions would be invoked beyond blockchain's scalability.We propose mutually cooperative two novel methods to simultaneously solve scalability, data size, and privacy problems in blockchain-based trading platforms for renewable energy environmental value. One is a management scheme of electricity production resources (EPRs) using an extended UTXO token. The other is a data aggregation scheme that aggregates a significant number of smart meter records with evidentiality using zero-knowledge proof (ZKP).

The main purpose to ensure the security for confidential medical data is to develop and implement the architecture of a medical cloud system, for storage, systematization, and processing of survey results (for example EEG) jointly with an algorithm for ensuring the protection of confidential data based on a fully homomorphic cryptosystem. The most optimal algorithm based on the test results (analysis of the time of encryption, decryption, addition, multiplication, the ratio of the signal-to-noise of the ciphertext to the open text), has been selected between two potential applicants for using (BFV and CKKS schemes). As a result, the CKKS scheme demonstrates maximal effectiveness in the context of the criticality of the requirements for an important level of security.

The 5G technology will play a crucial role in global economic growth through numerous industrial developments. However, it is essential to ensure the security of these developed systems, while 5G brings unique security challenges. This paper contributes explicitly to the need for an effective Vulnerability Assessment Approach (VAA) to identify and assess the vulnerabilities in 5G networks in an accurate, salable, and dynamic way. The proposed approach develops an optimized mechanism based on the Technique for Order Preference by Similarity to an Ideal Solution (TOPSIS) to analyze the vulnerabilities in 5G Edge networks from the attacker perspective while considering the dynamic and scalable Edge properties. Furthermore, we introduce a cloud-based 5G Edge security testbed to test and evaluate the accuracy, scalability, and performance of the proposed VAA.

Traditional grid-centric data storage methods are vulnerable to network attacks or failures due to downtime, causing problems such as data loss or tampering. The security of data storage can be effectively improved by establishing an alliance chain. However, the existing consortium chain consensus algorithm has low scalability, and the consensus time will explode as the number of nodes increases. This paper proposes an improved consensus algorithm (MSBFT) based on multi-signature to address this problem, which spreads data by establishing a system communication tree, reducing communication and network transmission costs, and improving system scalability. By generating schnorr multi-signature as the shared signature of system nodes, the computational cost of verification between nodes is reduced. At the end of the article, simulations prove the superiority of the proposed method.

In view of the current status of Internet of Things applications and related security problems, the architecture system of Internet of Things applications based on block chain is introduced. First, it introduces the concepts related to blockchain technology, introduces the architecture system of iot application based on blockchain, and discusses its overall architecture design, key technologies and functional structure design. The product embodies the whole process of the Internet of Things platform on the basis of blockchain, which builds an infrastructure based on the Internet of Things and solves the increasingly serious security problems in the Internet of Things through the technical characteristics of decentralization.

Cloud storage, in general, is a collection of Computer Technology resources provided to consumers over the internet on a leased basis. Cloud storage has several advantages, including simplicity, reliability, scalability, convergence, and cost savings. One of the most significant impediments to cloud computing's growth is security. This paper proposes a security approach based on cloud security. Cloud security now plays a critical part in everyone's life. Due to security concerns, data is shared between cloud service providers and other users. In order to protect the data from unwanted access, the Security Service Algorithm (SSA), which is called as MONcrypt is used to secure the information. This methodology is established on the obfuscation of data techniques. The MONcrypt SSA is a Security as a Service (SaaS) product. When compared to current obfuscation strategies, the proposed methodology offers a better efficiency and smart protection. In contrast to the current method, MONcrypt eliminates the different dimensions of information that are uploaded to cloud storage. The proposed approach not only preserves the data's secrecy but also decreases the size of the plaintext. The exi sting method does not reduce the size of data until it has been obfuscated. The findings show that the recommended MONcrypt offers optimal protection for the data stored in the cloud within the shortest amount of time. The proposed protocol ensures the confidentiality of the information while reducing the plaintext size. Current techniques should not reduce the size of evidence once it has been muddled. Based on the findings, it is clear that the proposed MONcrypt provides the highest level of protection in the shortest amount of time for rethought data.

Internet of Things (IoT) is one relatively new technology, which aims to make our lives easier by automating our daily processes. This article would aim to deliver an idea how to prevent the IoT technology, delivering maliciously and bad things and how to scale. The intention of this research is to explain how a specific implementation of a Blockchain network, enterprise-grade permissioned distributed ledger framework called Hyperledger Fabric, can be used to resolve the security and scalability issues in an IoT network.

With the development of cloud computing technology, cloud services have been used by more and more traditional applications and products because of their unique advantages such as virtualization, high scalability and universality. In the cloud computing environment, computer networks often encounter security problems such as external attacks, hidden dangers in the network and hidden dangers in information sharing. The network security level protection system is the basic system of national network security work, which is the fundamental guarantee for promoting the healthy development of informatization and safeguarding national security, social order and public interests. This paper studies cloud computing security from the perspective of level protection, combining with the characteristics of cloud computing security. This scheme is not only an extension of information system level protection, but also a study of cloud computing security, aiming at cloud computing security control from the perspective of level protection.

Sharding is considered to be the most promising solution to overcome and to improve the scalability limitations of blockchain networks. By doing this, the transaction throughput increases, at the same time compromises the security of blockchain networks. In this paper, a probability distribution model is proposed to analyze this trade-off between scalability and security of sharding-based blockchain networks. For this purpose hypergeometric distribution and Chebyshev's Inequality are mainly used. The upper bounds of hypergeometric distributed transaction processing and failure probabilities for shards are mainly evaluated. The model validation is accomplished with Class A (Omniledger, Elastico, Harmony, and Zilliqa), and Class B (RapidChain) sharding protocols. This validation shows that Class B protocols have a better performance compared to Class A protocols. The proposed model observes the transaction processing and failure probabilities are increased when shard size is reduced or the number of shards increased in sharding-based blockchain networks. This trade-off between the scalability and the security decides on the shard size of the blockchain network based on the real-world application and the blockchain platform. This explains the scalability trilemma in blockchain networks claiming that decentralization, scalability, and security cannot be met at primary grounds. In conclusion, this paper presents a comprehensive analysis providing essential directions to develop sharding protocols in the future to enhance the performance and the best-cost benefit of sharing-based blockchains by improving the scalability and the security at the same time.

This paper studies the technology of generating DDPG (deep deterministic policy gradient) by using the deep dual network and experience pool network structure, and puts forward the sampling strategy gradient algorithm to randomly select actions according to the learned strategies (action distribution) in the continuous action space, based on the dispatching control system of the power dispatching control center of a super city power grid, According to the actual characteristics and operation needs of urban power grid, The developed refined artificial intelligence on-line security analysis and emergency response plan intelligent generation function realize the emergency response auxiliary decision-making intelligent generation function. According to the hidden danger of overload and overload found in the online safety analysis, the relevant load lines of the equipment are searched automatically. Through the topology automatic analysis, the load transfer mode is searched to eliminate or reduce the overload or overload of the equipment. For a variety of load transfer modes, the evaluation index of the scheme is established, and the optimal load transfer mode is intelligently selected. Based on the D5000 system of Metropolitan power grid, a multi-objective and multi resource coordinated security risk decision-making assistant system is implemented, which provides integrated security early warning and decision support for the main network and distribution network of city power grid. The intelligent level of power grid dispatching management and dispatching operation is improved. The state reality network can analyze the joint state observations from the action reality network, and the state estimation network uses the actor action as the input. In the continuous action space task, DDPG is better than dqn and its convergence speed is faster.

Cyber-attacks toward cyber-physical systems are one of the main concerns of smart grid's operators. However, many of these cyber-attacks, are toward unmanned substations where the cyber-attackers needs to be close enough to substation to malfunction protection and control systems in substations, using Electromagnetic signals. Therefore, in this paper, a new threat detection algorithm is proposed to prevent possible cyber-attacks toward unmanned substations. Using surveillance camera's streams and based on You Only Look Once (YOLO) V3, suspicious objects in the image are detected. Then, using Intersection over Union (IOU) and Generalized Intersection Over Union (GIOU), threat distance is estimated. Finally, the estimated threats are categorized into three categories using color codes red, orange and green. The deep network used for detection consists of 106 convolutional layers and three output prediction with different resolutions for different distances. The pre-trained network is transferred from Darknet-53 weights trained on 80 classes.

Information security has become a crucial issue not only from the technical standpoint, but also from the managerial standpoint. The necessity for organizations to understand and manage cyber risk has led to the rise of a plethora of risk assessment methods and tools. These approaches are often difficult to interpret and complex to manage for organizations. In this paper, we propose a simple and quantitative method for the estimation of the likelihood of occurrence of a cyber incident. Our approach uses a generalized logistic function and a cumulative geometric distribution to combine the maturity and the complexity of the technical infrastructure of an organization with its attractiveness towards cyber criminals.

New services and products are increasingly becoming integral parts of our daily lives rising our technological dependence, as well as our exposure to risks from cyber. Critical sectors such as transport are progressively depending on digital technologies to run their core operations and develop novel solutions to exploit the economic strengths of the European Union. However, despite the fact that the continuously increasing number of visitors, entering the European Union through land-border crossing points or seaports, brings tremendous economic benefits, novel border control solutions, such as mobile devices for passenger identification for land and sea border control, are essential to accurately identify passengers ``on the fly'' while ensuring their comfort. However, the highly confidential personal data managed by these devices makes them an attractive target for cyberattacks. Therefore, novel secure and usable user authentication mechanisms are required to increase the level of security of this kind of devices without interrupting border control activities. Towards this direction, we, firstly, discuss risk-based and adaptive authentication for mobile devices as a suitable approach to deal with the security vs. usability challenge. Besides that, a novel risk-based adaptive user authentication mechanism is proposed for mobile passenger identification devices used by border control officers at land and sea borders.

In this paper, we present a theoretical approach concerning the econometric modelling for the estimation of cyber-security risk, with the use of time-series analysis methods and alternatively with Machine Learning (ML) based, deep learning methodology. Also we present work performed in the framework of SAINT H2020 Project [1], concerning innovative data mining techniques, based on automated web scrapping, for the retrieving of the relevant time-series data. We conclude with a review of emerging challenges in cyber-risk assessment brought by the rapid development of adversarial AI.

A real or potential threat to various large and small security objects, which comes from both internal and external attackers, determines one or another activities to ensure internal and external security. These actions depend on the spheres of life of state and society, which are targeted by the security threats. These threats can be conveniently classified into political threats (or threats to the existing constitutional order), economic, military, informational, technogenic, environmental, corporate, and other threats. The article discusses a model of an information system, which main criterion is the system security based on the concept of risk. When considering the model, it was determined that it possess multi-criteria aspects. Therefore the establishing the quantitative and qualitative characteristics is a complex and dynamic task. The paper proposes to use the mathematical apparatus of the teletraffic theory in one of the elements of the protected system, namely, in the end-to-end security subsystem.

Companies like Netflix increasingly use the cloud to deploy their business processes. Those processes often involve partnerships with other companies, and can be modeled as workflows where the owner of the data at risk interacts with contractors to realize a sequence of tasks on the data to be secured.In practice, access control is an essential building block to deploy these secured workflows. This component is generally managed by administrators using high-level policies meant to represent the requirements and restrictions put on the workflow. Handling access control with a high-level scheme comes with the benefit of separating the problem of specification, i.e. defining the desired behavior of the system, from the problem of implementation, i.e. enforcing this desired behavior. However, translating such high-level policies into a deployed implementation can be error-prone.Even though semi-automatic and automatic tools have been proposed to assist this translation, policy verification remains highly challenging in practice. In this paper, our aim is to define and propose structures assisting the checking and correction of potential errors introduced on the ground due to a faulty translation or corrupted deployments. In particular, we investigate structures with formal foundations able to naturally model policies. Metagraphs, a generalized graph theoretic structure, fulfill those requirements: their usage enables to compare high-level policies to their implementation. In practice, we consider Rego, a language used by companies like Netflix and Plex for their release process, as a valuable representative of most common policy languages. We propose a suite of tools transforming and checking policies as metagraphs, and use them in a global framework to show how policy verification can be achieved with such structures. Finally, we evaluate the performance of our verification method.

Artificial intelligence (AI) technologies have given the cyber security industry a huge leverage with the possibility of having significantly autonomous models that can detect and prevent cyberattacks – even though there still exist some degree of human interventions. AI technologies have been utilized in gathering data which can then be processed into information that are valuable in the prevention of cyberattacks. These AI-based cybersecurity frameworks have commendable scalability about them and are able to detect malicious activities within the cyberspace in a prompter and more efficient manner than conventional security architectures. However, our one or two completed studies did not provide a complete and clear analyses to apply different machine learning algorithms on different media systems. Because of the existing methods of attack and the dynamic nature of malware or other unwanted software (adware etc.) it is important to automatically and systematically create, update and approve malicious packages that can be available to the public. Some of Complex tests have shown that DNN performs maybe can better than conventional machine learning classification. Finally, we present a multiple, large and hybrid DNN torrent structure called Scale-Hybrid-IDS-AlertNet, which can be used to effectively monitor to detect and review the impact of network traffic and host-level events to warn directly or indirectly about cyber-attacks. Besides this, they are also highly adaptable and flexible, with commensurate efficiency and accuracy when it comes to the detection and prevention of cyberattacks.There has been a multiplicity of AI-based cyber security architectures in recent years, and each of these has been found to show varying degree of effectiveness. Deep Neural Networks, which tend to be more complex and even more efficient, have been the major focus of research studies in recent times. In light of the foregoing, the objective of this paper is to discuss the use of AI methods in fighting cyberattacks like malware and DDoS attacks, with attention on DNN-based models.

Distributed Denial-of-Service (DDoS) attacks pose a huge risk to the network and threaten its stability. A game theoretic approach for intrusion detection and prevention is proposed to avoid DDoS attacks in the internet. Game theory provides a control mechanism that automates the intrusion detection and prevention process within a network. In the proposed system, system-subject interaction is modeled as a 2-player Bayesian signaling zero sum game. The game's Nash Equilibrium gives a strategy for the attacker and the system such that neither can increase their payoff by changing their strategy unilaterally. Moreover, the Intent Objective and Strategy (IOS) of the attacker and the system are modeled and quantified using the concept of incentives. In the proposed system, the prevention subsystem consists of three important components namely a game engine, database and a search engine for computing the Nash equilibrium, to store and search the database for providing the optimum defense strategy. The framework proposed is validated via simulations using ns3 network simulator and has acquired over 80% detection rate, 90% prevention rate and 6% false positive alarms.

Distributed Denial of Service Attacks (DDoS) are most widely used cyber-attacks. Thus, design of DDoS detection mechanisms has attracted attention of researchers. Design of these mechanisms involves building statistical and machine learning models. Most of the work in design of mechanisms is focussed on improving the accuracy of the model. However, due to large volume of network traffic, scalability and performance of these techniques is an important research issue. In this work, we use Apache Spark framework for detection of DDoS attacks. We use NSL-KDD Cup as a benchmark dataset for experimental analysis. The results reveal that random forest performs better than decision trees and distributed processing improves the performance in terms of pre-processing and training time.