Visible to the public Biblio

Filters: Keyword is Time factors  [Clear All Filters]
2023-07-21
Gao, Kai, Cheng, Xiangyu, Huang, Hao, Li, Xunhao, Yuan, Tingyu, Du, Ronghua.  2022.  False Data Injection Attack Detection in a Platoon of CACC in RSU. 2022 IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom). :1324—1329.
Intelligent connected vehicle platoon technology can reduce traffic congestion and vehicle fuel. However, attacks on the data transmitted by the platoon are one of the primary challenges encountered by the platoon during its travels. The false data injection (FDI) attack can lead to road congestion and even vehicle collisions, which can impact the platoon. However, the complexity of the cellular - vehicle to everything (C-V2X) environment, the single source of the message and the poor data processing capability of the on board unit (OBU) make the traditional detection methods’ success rate and response time poor. This study proposes a platoon state information fusion method using the communication characteristics of the platoon in C-V2X and proposes a novel platoon intrusion detection model based on this fusion method combined with sequential importance sampling (SIS). The SIS is a measured strategy of Monte Carlo integration sampling. Specifically, the method takes the status information of the platoon members as the predicted value input. It uses the leader vehicle status information as the posterior probability of the observed value to the current moment of the platoon members. The posterior probabilities of the platoon members and the weights of the platoon members at the last moment are used as input to update the weights of the platoon members at the current moment and obtain the desired platoon status information at the present moment. Moreover, it compares the status information of the platoon members with the desired status information to detect attacks on the platoon. Finally, the effectiveness of the method is demonstrated by simulation.
2023-06-22
Kumar, Anmol, Somani, Gaurav.  2022.  DDoS attack mitigation in cloud targets using scale-inside out assisted container separation. IEEE INFOCOM 2022 - IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS). :1–6.
From the past few years, DDoS attack incidents are continuously rising across the world. DDoS attackers have also shifted their target towards cloud environments as majority of services have shifted their operations to cloud. Various authors proposed distinct solutions to minimize the DDoS attacks effects on victim services and co-located services in cloud environments. In this work, we propose an approach by utilizing incoming request separation at the container-level. In addition, we advocate to employ scale-inside out [10] approach for all the suspicious requests. In this manner, we achieve the request serving of all the authenticated benign requests even in the presence of an attack. We also improve the usages of scale-inside out approach by applying it to a container which is serving the suspicious requests in a separate container. The results of our proposed technique show a significant decrease in the response time of benign users during the DDoS attack as compared with existing solutions.
2023-03-17
Al-Zahrani, Basmah, Alshehri, Suhair, Cherif, Asma, Imine, Abdessamad.  2022.  Property Graph Access Control Using View-Based and Query-Rewriting Approaches. 2022 IEEE/ACS 19th International Conference on Computer Systems and Applications (AICCSA). :1–2.
Managing and storing big data is non-trivial for traditional relational databases (RDBMS). Therefore, the NoSQL (Not Only SQL) database management system emerged. It is ca-pable of handling the vast amount and the heterogeneity of data. In this research, we are interested in one of its trending types, the graph database, namely, the Directed Property Graph (DPG). This type of database is powerful in dealing with complex relationships (\$\textbackslashmathrme.\textbackslashmathrmg\$., social networks). However, its sen-sitive and private data must be protected against unauthorized access. This research proposes a security model that aims at exploiting and combining the benefits of Access Control, View-Based, and Query-Rewriting approaches. This is a novel combination for securing DPG.
ISSN: 2161-5330
2023-02-17
Rahman, Anichur, Hasan, Kamrul, Jeong, Seong–Ho.  2022.  An Enhanced Security Architecture for Industry 4.0 Applications based on Software-Defined Networking. 2022 13th International Conference on Information and Communication Technology Convergence (ICTC). :2127–2130.
Software-Defined Networking (SDN) can be a good option to support Industry 4.0 (4IR) and 5G wireless networks. SDN can also be a secure networking solution that improves the security, capability, and programmability in the networks. In this paper, we present and analyze an SDN-based security architecture for 4IR with 5G. SDN is used for increasing the level of security and reliability of the network by suitably dividing the whole network into data, control, and applications planes. The SDN control layer plays a beneficial role in 4IR with 5G scenarios by managing the data flow properly. We also evaluate the performance of the proposed architecture in terms of key parameters such as data transmission rate and response time.
ISSN: 2162-1241
Djoyo, Brata Wibawa, Nurzaqia, Safira, Budiarti, Salsa Imbartika, Agustin, Syerina.  2022.  Examining the Determinant Factors of Intention to Use of Quick Response Code Indonesia Standard (QRIS) as a Payment System for MSME Merchants. 2022 International Conference on Information Management and Technology (ICIMTech). :676–681.
This study purpose was to examine the determinant factors that affect the Micro, Small, and Medium Enterprise (MSME) merchants who had the intention to use Quick Response Code Indonesian Standard (QRIS) as a payment system. QRIS was expected to be applied by merchants to diminish the virus spread and keep the circulation of money safe; but there were not many merchants using the QRIS as a payment method. The factors MSME merchant might not use the QRIS were related to perceived usefulness, perceived security, perceived ease of use, and trust. The population was MSMEs in South Tangerang City who did not use QRIS yet and the population was unknown. Using the Lemeshow formula, obtained a sample of 115 people, and the sampling technique used purposive sampling. Then data were analyzed using multi-regression analysis and processed by SPSS. The results indicated that perceived usefulness and perceived security had a significant affect on trust, whereas trust and ease of use significant affect the intention to use QRIS. Moreover, trust was able to mediate the perceived usefulness to intention to use. Since ease of use had no significant affect on trust, then the mediation given by trust to perceived ease of use had no significant affect on intention to use.
2023-02-02
Yin, Tingting, Zhang, Chao, Ni, Yuandong, Wu, Yixiong, Wong, Taiyu, Luo, Xiapu, Li, Zheming, Guo, Yu.  2022.  An Empirical Study on Implicit Constraints in Smart Contract Static Analysis. 2022 IEEE/ACM 44th International Conference on Software Engineering: Software Engineering in Practice (ICSE-SEIP). :31–32.

Smart contracts are usually financial-related, which makes them attractive attack targets. Many static analysis tools have been developed to facilitate the contract audit process, but not all of them take account of two special features of smart contracts: (1) The external variables, like time, are constrained by real-world factors; (2) The internal variables persist between executions. Since these features import implicit constraints into contracts, they significantly affect the performance of static tools, such as causing errors in reachability analysis and resulting in false positives. In this paper, we conduct a systematic study on implicit constraints from three aspects. First, we summarize the implicit constraints in smart contracts. Second, we evaluate the impact of such constraints on the state-of-the-art static tools. Third, we propose a lightweight but effective mitigation method named ConSym to deal with such constraints and integrate it into OSIRIS. The evaluation result shows that ConSym can filter out 96% of false positives and reduce false negatives by two-thirds.

2023-01-05
Yang, Haonan, Zhong, Yongchao, Yang, Bo, Yang, Yiyu, Xu, Zifeng, Wang, Longjuan, Zhang, Yuqing.  2022.  An Overview of Sybil Attack Detection Mechanisms in VFC. 2022 52nd Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshops (DSN-W). :117–122.
Vehicular Fog Computing (VFC) has been proposed to address the security and response time issues of Vehicular Ad Hoc Networks (VANETs) in latency-sensitive vehicular network environments, due to the frequent interactions that VANETs need to have with cloud servers. However, the anonymity protection mechanism in VFC may cause the attacker to launch Sybil attacks by fabricating or creating multiple pseudonyms to spread false information in the network, which poses a severe security threat to the vehicle driving. Therefore, in this paper, we summarize different types of Sybil attack detection mechanisms in VFC for the first time, and provide a comprehensive comparison of these schemes. In addition, we also summarize the possible impacts of different types of Sybil attacks on VFC. Finally, we summarize challenges and prospects of future research on Sybil attack detection mechanisms in VFC.
2022-12-06
Mbarek, Bacem, Ge, Mouzhi, Pitner, Tomás.  2022.  Precisional Detection Strategy for 6LoWPAN Networks in IoT. 2022 IEEE International Conference on Systems, Man, and Cybernetics (SMC). :1006-1011.

With the rapid development of the Internet of Things (IoT), a large amount of data is exchanged between various communicating devices. Since the data should be communicated securely between the communicating devices, the network security is one of the dominant research areas for the 6LoWPAN IoT applications. Meanwhile, 6LoWPAN devices are vulnerable to attacks inherited from both the wireless sensor networks and the Internet protocols. Thus intrusion detection systems have become more and more critical and play a noteworthy role in improving the 6LoWPAN IoT networks. However, most intrusion detection systems focus on the attacked areas in the IoT networks instead of precisely on certain IoT nodes. This may lead more resources to further detect the compromised nodes or waste resources when detaching the whole attacked area. In this paper, we therefore proposed a new precisional detection strategy for 6LoWPAN Networks, named as PDS-6LoWPAN. In order to validate the strategy, we evaluate the performance and applicability of our solution with a thorough simulation by taking into account the detection accuracy and the detection response time.

2022-12-01
Bindschadler, Duane, Hwangpo, Nari, Sarrel, Marc.  2022.  Metrics for Flight Operations: Application to Europa Clipper Tour Selection. 2022 IEEE Aerospace Conference (AERO). :1—12.

Objective measures are ubiquitous in the formulation, design and implementation of deep space missions. Tour durations, flyby altitudes, propellant budgets, power consumption, and other metrics are essential to developing and managing NASA missions. But beyond the simple metrics of cost and workforce, it has been difficult to identify objective, quantitative measures that assist in evaluating choices made during formulation or implementation phases in terms of their impact on flight operations. As part of the development of the Europa Clipper Mission system, a set of operations metrics have been defined along with the necessary design information and software tooling to calculate them. We have applied these methods and metrics to help assess the impact to the flight team on the six options for the Clipper Tour that are currently being vetted for selection in the fall of 2021. To generate these metrics, the Clipper MOS team first designed the set of essential processes by which flight operations will be conducted, using a standard approach and template to identify (among other aspects) timelines for each process, along with their time constraints (e.g., uplinks for sequence execution). Each of the resulting 50 processes is documented in a common format and concurred by stakeholders. Process timelines were converted into generic schedules and workforce-loaded using COTS scheduling software, based on the inputs of the process authors and domain experts. Custom code was generated to create an operations schedule for a specific portion of Clipper's prime mission, with instances of a given process scheduled based on specific timing rules (e.g., process X starts once per week on Thursdays) or relative to mission events (e.g., sequence generation process begins on a Monday, at least three weeks before each Europa closest approach). Over a 5-month period, and for each of six Clipper candidate tours, the result was a 20,000+ line, workforce-loaded schedule that documents all of the process-driven work effort at the level of individual roles, along with a significant portion of the level-of-effort work. Post-processing code calculated the absolute and relative number of work hours during a nominal 5 day / 40 hour work week, the work effort during 2nd and 3rd shift, as well as 1st shift on weekends. The resultant schedules and shift tables were used to generate objective measures that can be related to both human factors and to operational risk and showed that Clipper tours which utilize 6:1 resonant (21.25 day) orbits instead of 4:1 resonant (14.17 day) orbits during the first dozen or so Europa flybys are advantageous to flight operations. A similar approach can be extended to assist missions in more objective assessments of a number of mission issues and trades, including tour selection and spacecraft design for operability.

2022-09-30
Dernayka, Iman, Chehab, Ali.  2021.  Blockchain Development Platforms: Performance Comparison. 2021 11th IFIP International Conference on New Technologies, Mobility and Security (NTMS). :1–6.
In this paper, two of the main Blockchain development platforms, Ethereum and EOS.IO are compared. The objective is to help developers select the most appropriate platform as the back-end Blockchain for their apps. A decentralized application was implemented on each of the platforms triggering basic operations and timing them. The simulations were performed on Microsoft’s Azure cloud, running up to 150 Blockchain nodes while recording the user response time, the CPU utilization, and the totally used memory in Mbytes. The results in this study show that although recognized as a major competitor to Ethereum, EOS.IO fails to outperform the Ethereum platform in this experiment, recording a very high response time in comparison to Ethereum.
2022-09-20
Korenda, Ashwija Reddy, Afghah, Fatemeh, Razi, Abolfazl, Cambou, Bertrand, Begay, Taylor.  2021.  Fuzzy Key Generator Design using ReRAM-Based Physically Unclonable Functions. 2021 IEEE Physical Assurance and Inspection of Electronics (PAINE). :1—7.
Physical unclonable functions (PUFs) are used to create unique device identifiers from their inherent fabrication variability. Unstable readings and variation of the PUF response over time are key issues that limit the applicability of PUFs in real-world systems. In this project, we developed a fuzzy extractor (FE) to generate robust cryptographic keys from ReRAM-based PUFs. We tested the efficiency of the proposed FE using BCH and Polar error correction codes. We use ReRAM-based PUFs operating in pre-forming range to generate binary cryptographic keys at ultra-low power with an objective of tamper sensitivity. We investigate the performance of the proposed FE with real data using the reading of the resistance of pre-formed ReRAM cells under various noise conditions. The results show a bit error rate (BER) in the range of 10−5 for the Polar-codes based method when 10% of the ReRAM cell array is erroneous at Signal to Noise Ratio (SNR) of 20dB.This error rate is achieved by using helper data length of 512 bits for a 256 bit cryptographic key. Our method uses a 2:1 ratio for helper data and key, much lower than the majority of previously reported methods. This property makes our method more robust against helper data attacks.
2022-09-16
Singh, Anil, Auluck, Nitin, Rana, Omer, Nepal, Surya.  2021.  Scheduling Real Tim Security Aware Tasks in Fog Networks. 2021 IEEE World Congress on Services (SERVICES). :6—6.
Fog computing extends the capability of cloud services to support latency sensitive applications. Adding fog computing nodes in proximity to a data generation/ actuation source can support data analysis tasks that have stringent deadline constraints. We introduce a real time, security-aware scheduling algorithm that can execute over a fog environment [1 , 2] . The applications we consider comprise of: (i) interactive applications which are less compute intensive, but require faster response time; (ii) computationally intensive batch applications which can tolerate some delay in execution. From a security perspective, applications are divided into three categories: public, private and semi-private which must be hosted over trusted, semi-trusted and untrusted resources. We propose the architecture and implementation of a distributed orchestrator for fog computing, able to combine task requirements (both performance and security) and resource properties.
2022-08-26
de Moura, Ralf Luis, Franqueira, Virginia N. L., Pessin, Gustavo.  2021.  Towards Safer Industrial Serial Networks: An Expert System Framework for Anomaly Detection. 2021 IEEE 33rd International Conference on Tools with Artificial Intelligence (ICTAI). :1197—1205.

Cyber security is a topic of increasing relevance in relation to industrial networks. The higher intensity and intelligent use of data pushed by smart technology (Industry 4.0) together with an augmented integration between the operational technology (production) and the information technology (business) parts of the network have considerably raised the level of vulnerabilities. On the other hand, many industrial facilities still use serial networks as underlying communication system, and they are notoriously limited from a cyber security perspective since protection mechanisms available for ТСР/IР communication do not apply. Therefore, an attacker gaining access to a serial network can easily control the industrial components, potentially causing catastrophic incidents, jeopardizing assets and human lives. This study proposes a framework to act as an anomaly detection system (ADS) for industrial serial networks. It has three ingredients: an unsupervised К-means component to analyse message content, a knowledge-based Expert System component to analyse message metadata, and a voting process to generate alerts for security incidents, anomalous states, and faults. The framework was evaluated using the Proflbus-DP, a network simulator which implements a serial bus system. Results for the simulated traffic were promising: 99.90% for accuracy, 99,64% for precision, and 99.28% for F1-Score. They indicate feasibility of the framework applied to serial-based industrial networks.

2022-06-09
Sethi, Tanmay, Mathew, Rejo.  2021.  A Study on Advancement in Honeypot based Network Security Model. 2021 Third International Conference on Intelligent Communication Technologies and Virtual Mobile Networks (ICICV). :94–97.
Throughout the years, honeypots have been very useful in tracking down attackers and preventing different types of cyber attacks on a very large scale. It's been almost 3 decades since the discover of honeypots and still more than 80% of the companies rely on this system because of intrusion detection features and low false positive rate. But with time, the attackers tend to start discovering loopholes in the system. Hence it is very important to be up to date with the technology when it comes to protecting a computing device from the emerging cyber attacks. Timely advancements in the security model provided by the honeypots helps in a more efficient use of the resource and also leads to better innovations in that field. The following paper reviews different methods of honeypot network and also gives an insight about the problems that those techniques can face along with their solution. Further it also gives the detail about the most preferred solution among all of the listed techniques in the paper.
Jin, Shiyi, Chung, Jin-Gyun, Xu, Yinan.  2021.  Signature-Based Intrusion Detection System (IDS) for In-Vehicle CAN Bus Network. 2021 IEEE International Symposium on Circuits and Systems (ISCAS). :1–5.

In-vehicle CAN (Controller Area Network) bus network does not have any network security protection measures, which is facing a serious network security threat. However, most of the intrusion detection solutions requiring extensive computational resources cannot be implemented in in- vehicle network system because of the resource constrained ECUs. To add additional hardware or to utilize cloud computing, we need to solve the cost problem and the reliable communication requirement between vehicles and cloud platform, which is difficult to be applied in a short time. Therefore, we need to propose a short-term solution for automobile manufacturers. In this paper, we propose a signature-based light-weight intrusion detection system, which can be applied directly and promptly to vehicle's ECUs (Electronic Control Units). We detect the anomalies caused by several attack modes on CAN bus from real-world scenarios, which provide the basis for selecting signatures. Experimental results show that our method can effectively detect CAN traffic related anomalies. For the content related anomalies, the detection ratio can be improved by exploiting the relationship between the signals.

2022-04-19
Zukran, Busra, Siraj, Maheyzah Md.  2021.  Performance Comparison on SQL Injection and XSS Detection using Open Source Vulnerability Scanners. 2021 International Conference on Data Science and Its Applications (ICoDSA). :61–65.

Web technologies are typically built with time constraints and security vulnerabilities. Automatic software vulnerability scanners are common tools for detecting such vulnerabilities among software developers. It helps to illustrate the program for the attacker by creating a great deal of engagement within the program. SQL Injection and Cross-Site Scripting (XSS) are two of the most commonly spread and dangerous vulnerabilities in web apps that cause to the user. It is very important to trust the findings of the site vulnerability scanning software. Without a clear idea of the accuracy and the coverage of the open-source tools, it is difficult to analyze the result from the automatic vulnerability scanner that provides. The important to do a comparison on the key figure on the automated vulnerability scanners because there are many kinds of a scanner on the market and this comparison can be useful to decide which scanner has better performance in term of SQL Injection and Cross-Site Scripting (XSS) vulnerabilities. In this paper, a method by Jose Fonseca et al, is used to compare open-source automated vulnerability scanners based on detection coverage and a method by Yuki Makino and Vitaly Klyuev for precision rate. The criteria vulnerabilities will be injected into the web applications which then be scanned by the scanners. The results then are compared by analyzing the precision rate and detection coverage of vulnerability detection. Two leading open source automated vulnerability scanners will be evaluated. In this paper, the scanner that being utilizes is OW ASP ZAP and Skipfish for comparison. The results show that from precision rate and detection rate scope, OW ASP ZAP has better performance than Skipfish by two times for precision rate and have almost the same result for detection coverage where OW ASP ZAP has a higher number in high vulnerabilities.

2022-04-13
Chu, Hung-Chi, Yan, Chan-You.  2021.  DDoS Attack Detection with Packet Continuity Based on LSTM Model. 2021 IEEE 3rd Eurasia Conference on IOT, Communication and Engineering (ECICE). :44—47.
Most information systems rely on the Internet to provide users with various services. Distributed Denial-of-Service (DDoS) attacks are currently one of the main cyber threats, which causes the system or network disabled. To ensure that the information system can provide services for users normally, it is important to detect the occurrence of DDoS attacks quickly and accurately. Therefore, this research proposes a system based on packet continuity to detect DDoS attacks. On average, it only takes a few milliseconds to collect a certain number of consecutive packets, and then DDoS attacks can be detected. Experimental results show that the accuracy of detecting DDoS attacks based on packet continuity is higher than 99.9% and the system response time is about 5 milliseconds.
2022-03-23
Benadla, Sarra, Merad-Boudia, Omar Rafik.  2021.  The Impact of Sybil Attacks on Vehicular Fog Networks. 2021 International Conference on Recent Advances in Mathematics and Informatics (ICRAMI). :1—6.
The Internet of Vehicles (IoV) is a network that considers vehicles as intelligent machines. They interact and communicate with each other to improve the performance and safety of traffic. IoV solves certain problems, but it has some issues such as response time, which prompted researchers to propose the integration of Fog Computing into vehicular networks. In Vehicular Fog Computing (VFC), the services are provided at the edge of the network to increase data rate and reduce response time. However, in order to satisfy network users, the security and privacy of sensitive data should be guaranteed. Using pseudonyms instead of real identities is one of the techniques considered to preserve the privacy of users, however, this can push malicious vehicles to exploit such a process and launch the Sybil attack by creating several pseudonyms in order to perform various malicious activities. In this paper, we describe the Sybil attack effects on VFC networks and compare them to those in conventional networks, as well as identify the various existing methods for detecting this attack and determine if they are applicable to VFC networks.
2022-03-15
Natalino, Carlos, Manso, Carlos, Vilalta, Ricard, Monti, Paolo, Munõz, Raul, Furdek, Marija.  2021.  Scalable Physical Layer Security Components for Microservice-Based Optical SDN Controllers. 2021 European Conference on Optical Communication (ECOC). :1—4.

We propose and demonstrate a set of microservice-based security components able to perform physical layer security assessment and mitigation in optical networks. Results illustrate the scalability of the attack detection mechanism and the agility in mitigating attacks.

2022-03-08
Ramadhan, Hani, Kwon, Joonho.  2021.  Enhancing Learned Index for A Higher Recall Trajectory K-Nearest Neighbor Search. 2021 IEEE International Conference on Big Data (Big Data). :6006—6007.
Learned indices can significantly shorten the query response time of k-Nearest Neighbor search of points data. However, extending the learned index for k-Nearest Neighbor search of trajectory data may return incorrect results (low recall) and require longer pruning time. Thus, we introduce an enhancement for trajectory learned index which is a pruning step for a learned index to retrieve the k-Nearest Neighbors correctly by learning the query workload. The pruning utilizes a predicted range query that covers the correct neighbors. We show that that our approach has the potential to work effectively in a large real-world trajectory dataset.
2022-02-04
Biswas, Ananda, Dee, Timothy M., Guo, Yunxi, Li, Zelong, Tyagi, Akhilesh.  2021.  Multi-Granularity Control Flow Anomaly Detection with Hardware Counters. 2021 IEEE 7th World Forum on Internet of Things (WF-IoT). :449—454.
Hardware counters are included in processors to count microarchitecture level events affecting performance. When control flow anomalies caused by attacks such as buffer overflow or return oriented programming (ROP) occur, they leave a microarchitectural footprint. Hardware counters reflect such footprints to flag control flow anomalies. This paper is geared towards buffer overflow and ROP control flow anomaly detection in embedded programs. The targeted program entities are main event loops and task/event handlers. Embedded systems also have enhanced need for variable anomaly detection time in order to meet the system response time requirements. We propose a novel repurposing of Patt-Yeh two level branch predictor data structure for abstracting/hashing HW counter signatures to support such variable anomaly detection times. The proposed anomaly detection mechanism is evaluated on some generic benchmark programs and ArduPilot - a popular autopilot software. Experimental evaluation encompasses both Intel X86 and ARM Cortex M processors. DWT within Cortex M provides sufficiently interesting program level event counts to capture these control flow anomalies. We are able to achieve 97-99%+ accuracy with 1-10 micro-second time overhead per anomaly check.
2022-01-31
Zulfa, Mulki Indana, Hartanto, Rudy, Permanasari, Adhistya Erna.  2021.  Performance Comparison of Swarm Intelligence Algorithms for Web Caching Strategy. 2021 IEEE International Conference on Communication, Networks and Satellite (COMNETSAT). :45—51.
Web caching is one strategy that can be used to speed up response times by storing frequently accessed data in the cache server. Given the cache server limited capacity, it is necessary to determine the priority of cached data that can enter the cache server. This study simulated cached data prioritization based on an objective function as a characteristic of problem-solving using an optimization approach. The objective function of web caching is formulated based on the variable data size, count access, and frequency-time access. Then we use the knapsack problem method to find the optimal solution. The Simulations run three swarm intelligence algorithms Ant Colony Optimization (ACO), Genetic Algorithm (GA), and Binary Particle Swarm Optimization (BPSO), divided into several scenarios. The simulation results show that the GA algorithm relatively stable and fast to convergence. The ACO algorithm has the advantage of a non-random initial solution but has followed the pheromone trail. The BPSO algorithm is the fastest, but the resulting solution quality is not as good as ACO and GA.
Peitek, Norman, Apel, Sven, Parnin, Chris, Brechmann, André, Siegmund, Janet.  2021.  Program Comprehension and Code Complexity Metrics: An fMRI Study. 2021 IEEE/ACM 43rd International Conference on Software Engineering (ICSE). :524–536.
Background: Researchers and practitioners have been using code complexity metrics for decades to predict how developers comprehend a program. While it is plausible and tempting to use code metrics for this purpose, their validity is debated, since they rely on simple code properties and rarely consider particularities of human cognition. Aims: We investigate whether and how code complexity metrics reflect difficulty of program comprehension. Method: We have conducted a functional magnetic resonance imaging (fMRI) study with 19 participants observing program comprehension of short code snippets at varying complexity levels. We dissected four classes of code complexity metrics and their relationship to neuronal, behavioral, and subjective correlates of program comprehension, overall analyzing more than 41 metrics. Results: While our data corroborate that complexity metrics can-to a limited degree-explain programmers' cognition in program comprehension, fMRI allowed us to gain insights into why some code properties are difficult to process. In particular, a code's textual size drives programmers' attention, and vocabulary size burdens programmers' working memory. Conclusion: Our results provide neuro-scientific evidence supporting warnings of prior research questioning the validity of code complexity metrics and pin down factors relevant to program comprehension. Future Work: We outline several follow-up experiments investigating fine-grained effects of code complexity and describe possible refinements to code complexity metrics.
2022-01-10
Sahu, Abhijeet, Davis, Katherine.  2021.  Structural Learning Techniques for Bayesian Attack Graphs in Cyber Physical Power Systems. 2021 IEEE Texas Power and Energy Conference (TPEC). :1–6.

Updating the structure of attack graph templates based on real-time alerts from Intrusion Detection Systems (IDS), in an Industrial Control System (ICS) network, is currently done manually by security experts. But, a highly-connected smart power systems, that can inadvertently expose numerous vulnerabilities to intruders for targeting grid resilience, needs automatic fast updates on learning attack graph structures, instead of manual intervention, to enable fast isolation of compromised network to secure the grid. Hence, in this work, we develop a technique to first construct a prior Bayesian Attack Graph (BAG) based on a predefined threat model and a synthetic communication network for a cyber-physical power system. Further, we evaluate a few score-based and constraint-based structural learning algorithms to update the BAG structure based on real-time alerts, based on scalability, data dependency, time complexity and accuracy criteria.

2021-11-08
Karode, Tanakorn, Werapun, Warodom.  2020.  Performance Analysis of Trustworthy Online Review System Using Blockchain. 2020 17th International Conference on Electrical Engineering/Electronics, Computer, Telecommunications and Information Technology (ECTI-CON). :510–513.
Today, the online review system cannot fully support the business since there are fraudulent activities inside. The companies that get low score reviews are induced to raise their score for the market competition capability by paying to the platform for deleting or editing the posted reviews. Moreover, the automatic filtration system of a platform removes some reviews without the awareness of the users. The low transparency platform causes low credibility toward the reviews. Blockchain technology provides exceptionally high transparency since every action can be traced publicly. However, there are some tradeoffs that need to be considered, such as cost and response time. This work tends to find the potential of using Blockchain technology in the online review system by testing four implementation approaches of the Ethereum Smart Contract. The result illustrates that using IPFS to store the data is a practical way of reducing transaction costs. Besides, preventing using Smart Contract states can significantly reduce costs too. The response time for using the Blockchain and IPFS system is slower than the centralized system. However, posting a review does not need a fast response. Thus, it is worthy of trading response time with transparency and cost. In the business view, the review posting with cost causes more difficulty to generate fake reviews. Moreover, there are other advantages over the centralized system, such as the reward system, bogus review voting, and global database. Thus, credibility improvement for a consumer online review system is a potential application of Blockchain technology.