Biblio

We present a security analysis of several gesture CAPTCHA challenges designed to operate on mobiles. Mobile gesture CAPTCHA challenges utilize the accelerometer and the gyroscope inputs from a mobile to allow a human to solve a simple test by physically manipulating the device. We have evaluated the security of gesture CAPTCHA in mobile devices and found them resistant to a range of common automated attacks. Our study has shown that using an accelerometer and the gyroscope readings as an input to solve the CAPTCHA is difficult for malware, but easy for a real user. Gesture CAPTCHA is effective in differentiating between humans and machines.

The usage of connected devices and their role within our daily- and business life gains more and more impact. In addition, various derivations of Cyber-Physical Systems (CPS) reach new business fields, like smart healthcare or Industry 4.0. Although these systems do bring many advantages for users by extending the overall functionality of existing systems, they come with several challenges, especially for system engineers and architects. One key challenge consists in achieving a sufficiently high level of security within the CPS environment, as sensitive data or safety-critical functions are often integral parts of CPS. Being system of systems (SoS), CPS complexity, unpredictability and heterogeneity complicate analyzing the overall level of security, as well as providing a way to detect ongoing attacks. Usually, security metrics and frameworks provide an effective tool to measure the level of security of a given component or system. Although several comprehensive surveys exist, an assessment of the effectiveness of the existing solutions for CPS environments is insufficiently investigated in literature. In this work, we address this gap by benchmarking a carefully selected variety of existing security metrics in terms of their usability for CPS. Accordingly, we pinpoint critical CPS challenges and qualitatively assess the effectiveness of the existing metrics for CPS systems.

The importance of Cyber-Physical Systems (CPS) gains more and more weight in our daily business and private life. Although CPS build the backbone for major trends, like Industry 4.0 and connected vehicles, they also propose many new challenges. One major challenge can be found in achieving a high level of security within such highly connected environments, in which an unpredictable number of heterogeneous systems with often-distinctive characteristics interact with each other. In order to develop high-level security solutions, system designers must eventually know the current level of security of their specification. To this end, security metrics and scoring frameworks are essential, as they quantitatively express security of a given design or system. However, existing solutions may not be able to handle the proposed challenges of CPS, as they mainly focus on one particular system and one specific attack. Therefore, we aim to elaborate a security scoring mechanism, which can efficiently be used in CPS, while considering all essential information. We break down each system within the CPS into its core functional blocks and analyze a variety of attacks in terms of exploitability, scalability of attacks, as well as potential harm to targeted assets. With this approach, we get an overall assessment of security for the whole CPS, as it integrates the security-state of all interacting systems. This allows handling the presented complexity in CPS in a more efficient way, than existing solutions.

Moving Target Defence (MTD) has been recently proposed and is an emerging proactive approach which provides an asynchronous defensive strategies. Unlike traditional security solutions that focused on removing vulnerabilities, MTD makes a system dynamic and unpredictable by continuously changing attack surface to confuse attackers. MTD can be utilized in cloud computing to address the cloud's security-related problems. There are many literature proposing MTD methods in various contexts, but it still lacks approaches to evaluate the effectiveness of proposed MTD method. In this paper, we proposed a combination of Shuffle and Diversity MTD techniques and investigate on the effects of deploying these techniques from two perspectives lying on two groups of security metrics (i) system risk: which is the cloud providers' perspective and (ii) attack cost and return on attack: which are attacker's point of view. Moreover, we utilize a scalable Graphical Security Model (GSM) to enhance the security analysis complexity. Finally, we show that combining MTD techniques can improve both aforementioned two groups of security metrics while individual technique cannot.

Internet of Things (IoT) is a sophisticated concept of the traditional internet. In IoT, all things in our lives can be connected with the internet or with each other to exchange data and perform specific functions through the network. However, combining several devices-especially by unskilled users-may pose a number of security risks. In addition, some commonly used communication protocols in the IoT area are not secure. Security, on the other hand, increases overhead by definition, resulting in performance degradation. The Message Queuing Telemetry Transport (MQTT) protocol is a lightweight protocol and can be considered as one of the most popular IoT protocols, it is a publish/subscribe messaging transport protocol that uses a client-server architecture. MQTT is built to run over TCP protocol, thus it does not provide any level of security by default. Therefore, Transport Layer Security (TLS) can be used to ensure the security of the MQTT protocol. This paper analyzed the impact on the performance and security of the MQTT protocol in two cases. The first case, when using TLS protocol to support the security of the MQTT protocol. The second case, using the traditional MQTT without providing any level of security for the exchanged data. The results indicated that there is a tradeoff between the performance and the security when using MQTT protocol with and without the presence of TLS protocol.

Computing systems today have a large number of security configuration settings that enforce security properties. However, vulnerabilities and incorrect configuration increase the potential for attacks. Provable verification and simulation tools have been introduced to eliminate configuration conflicts and weaknesses, which can increase system robustness against attacks. Most of these tools require special knowledge in formal methods and precise specification for requirements in special languages, in addition to their excessive need for computing resources. Video games have been utilized by researchers to make educational software more attractive and engaging. Publishing these games for crowdsourcing can also stimulate competition between players and increase the game educational value. In this paper we introduce a game interface, called NetMaze, that represents the network configuration verification problem as a video game and allows for attack analysis. We aim to make the security analysis and hardening usable and accurately achievable, using the power of video games and the wisdom of crowdsourcing. Players can easily discover weaknesses in network configuration and investigate new attack scenarios. In addition, the gameplay scenarios can also be used to analyze and learn attack attribution considering human factors. In this paper, we present a provable mapping from the network configuration to 3D game objects.
 

Various communication protocols are currently used in the Internet of Things (IoT) devices. One of the protocols that are already standardized by ISO is MQTT protocol (ISO / IEC 20922: 2016). Many IoT developers use this protocol because of its minimal bandwidth requirement and low memory consumption. Sometimes, IoT device sends confidential data that should only be accessed by authorized people or devices. Unfortunately, the MQTT protocol only provides authentication for the security mechanism which, by default, does not encrypt the data in transit thus data privacy, authentication, and data integrity become problems in MQTT implementation. This paper discusses several reasons on why there are many IoT system that does not implement adequate security mechanism. Next, it also demonstrates and analyzes how we can attack this protocol easily using several attack scenarios. Finally, after the vulnerabilities of this protocol have been examined, we can improve our security awareness especially in MQTT protocol and then implement security mechanism in our MQTT system to prevent such attack.

Validating security properties of complex distributed systems is a challenging problem by itself, let alone when the work needs to be performed under tight budget and time constraints on prototype systems with components at various maturity levels. This paper described a tailored approach to security evaluations involving a strategic combination of model-based quantification, emulation, and logical argumentation. By customizing the evaluation to fit existing budget and timelines, validators can achieve the most appropriate validation process, trading off fidelity with coverage across a number of different defense components and different maturity levels. We successfully applied this process to the validation of an overlay proxy network, analyzing the impact of five different defense attributes (together with combinations thereof) on access path establishment and anonymity.

In spite of numerous advantages of biometrics-based personal authentication systems over traditional security systems based on token or knowledge, they are vulnerable to attacks that can decrease their security considerably. In this paper, we propose a new hardware solution to protect biometric templates such as fingerprint. The proposed scheme is based on chaotic N × N grid multi-scroll system and it is implemented on Xilinx FPGA. The hardware implementation is achieved by applying numerical solution methods in our study, we use EM (Euler Method). Simulation and experimental results show that the proposed scheme allows a low cost image encryption for embedded systems while still providing a good trade-off between performance and hardware resources. Indeed, security analysis performed to the our scheme, is strong against known different attacks, such as: brute force, statistical, differential, and entropy. Therefore, the proposed chaos-based multiscroll encryption algorithm is suitable for use in securing embedded biometric systems.

Cryptographic protocols are the basis for the security of any protected system, including the electronic voting system. One of the most effective ways to analyze protocol security is to use verifiers. In this paper, the formal verifier SPIN was used to analyze the security of the cryptographic protocol for e-voting, which is based on model checking using linear temporal logic (LTL). The cryptographic protocol of electronic voting is described. The main structural units of the Promela language used for simulation in the SPIN verifier are described. The model of the electronic voting protocol in the language Promela is given. The interacting parties, transferred data, the order of the messages transmitted between the parties are described. Security of the cryptographic protocol using the SPIN tool is verified. The simulation of the protocol with active intruder using the man in the middle attack (MITM) to substitute data is made. In the simulation results it is established that the protocol correctly handles the case of an active attack on the parties' authentication.

Cloud storage offers a considerable efficiency and security to the user's data and provide high flexibility to the user. The hackers make attempt of several attacks to steal the data that increase the concern of data security in cloud. The Third Party Auditing (TPA) method is introduced to check the data integrity. There are several TPA methods developed to improve the privacy and efficiency of the data integrity checking method. Various methods involved in TPA, have been analyzed in this review in terms of function, security and overall performance. Merkel Hash Tree (MHT) method provides efficiency and security in checking the integrity of data. The computational overhead of the proof verify is also analyzed in this review. The communication cost of the most TPA methods observed as low and there is a need of improvement in security of the public auditing.

As cloud computing becomes increasingly pervasive, it is critical for cloud providers to support basic security controls. Although major cloud providers tout such features, relatively little is known in many cases about their design and implementation. In this paper, we describe several security features in OpenStack, a widely-used, open source cloud computing platform. Our contributions to OpenStack range from key management and storage encryption to guaranteeing the integrity of virtual machine (VM) images prior to boot. We describe the design and implementation of these features in detail and provide a security analysis that enumerates the threats that each mitigates. Our performance evaluation shows that these security features have an acceptable cost-in some cases, within the measurement error observed in an operational cloud deployment. Finally, we highlight lessons learned from our real-world development experiences from contributing these features to OpenStack as a way to encourage others to transition their research into practice.

The suggested IsoQuadratic Exponentiation Randomized isocryptosystem design is the unique approach for public key encipher algorithm using IsoPartial Discrete Logarithm Problem and preservation of the recommended IsoQuadratic Exponentiation Randomized isocryptosystem be established against hardness of IsoPartial Discrete Logarithm Problem. Therewith, we demonstrated the possibility of an additional secured algorithm. The offered unique IsoQuadratic Exponentiation Randomized isocryptosystem is suitable for low bandwidth transmission, low storage and low numeration in cyberspace.

This paper presents an efficiency and adaptive cryptographic protocol to ensure users' privacy and data integrity in RFID system. Radio Frequency Identification technology offers more intelligent systems and applications, but privacy and security issues have to be addressed before and after its adoption. The design of the proposed model is based on clustering configuration of the involved tags where they interchange the data with the reader whenever it sends a request. This scheme provides a strong mutual authentication framework that suits for real heterogeneous RFID applications such as in supply-chain management systems, healthcare monitoring and industrial environment. In addition, we contribute with a mathematical analysis to the delay analysis and optimization in a clustering topology tag-based. Finally, a formal security and proof analysis is demonstrated to prove the effectiveness of the proposed protocol and that achieves security and privacy.

EPC Gen2 tags are working as international RFID standards for the use in the supply chain worldwide, such tags are computationally weak devices and unable to perform even basic symmetric-key cryptographic operations. For this reason, to implement robust and secure pseudo-random number generators (PRNG) is a challenging issue for low-cost Radio-frequency identification (RFID) tags. In this paper, we study the security of LFSR-based PRNG implemented on EPC Gen2 tags and exploit LFSR-based PRNG to provide a better constructions. We provide a cryptanalysis against the J3Gen which is LFSR-based PRNG and proposed by Sugei et al. [1], [2] for EPC Gen2 tags using distinguish attack and make observations on its input using NIST randomness test. We also test the PRNG in EPC Gen2 RFID Tags by using the NIST SP800-22. As a counter-measure, we propose two modified models based on the security analysis results. We show that our results perform better than J3Gen in terms of computational and statistical property.

In recent years, real-world attacks against PKI take place frequently. For example, malicious domains' certificates issued by compromised CAs are widespread, and revoked certificates are still trusted by clients. In spite of a lot of research to improve the security of SSL/TLS connections, there are still some problems unsolved. On one hand, although log-based schemes provided certificate audit service to quickly detect CAs' misbehavior, the security and data consistency of log servers are ignored. On the other hand, revoked certificates checking is neglected due to the incomplete, insecure and inefficient certificate revocation mechanisms. Further, existing revoked certificates checking schemes are centralized which would bring safety bottlenecks. In this paper, we propose a blockchain-based public and efficient audit scheme for TLS connections, which is called Certchain. Specially, we propose a dependability-rank based consensus protocol in our blockchain system and a new data structure to support certificate forward traceability. Furthermore, we present a method that utilizes dual counting bloom filter (DCBF) with eliminating false positives to achieve economic space and efficient query for certificate revocation checking. The security analysis and experimental results demonstrate that CertChain is suitable in practice with moderate overhead.

In 2020, Omar and abed proposed a new noise-free fully homomorphic encryption scheme that allows arbitrary computations on encrypted data without decryption. However, they did not provide a sufficient security analysis of the proposed scheme and just stated that it is secure under the integer factorization assumption. In this paper, we present known plaintext attacks on their scheme and illustrate them with toy examples. Our attack algorithms are quite simple: They require several times of greatest common divisor (GCD) computations using only a few pair of message and ciphertext.

Modeling and analyzing security of networked systems is an important problem in the emerging Science of Security and has been under active investigation. In this paper, we propose a new approach towards tackling the problem. Our approach is inspired by the shock model and random environment techniques in the Theory of Reliability, while accommodating security ingredients. To the best of our knowledge, our model is the first that can accommodate a certain degree of adaptiveness of attacks, which substantially weakens the often-made independence and exponential attack inter-arrival time assumptions. The approach leads to a stochastic process model with two security metrics, and we attain some analytic results in terms of the security metrics.

Over recent years, we have seen a significant rise in popularity of autonomous vehicle. Several researches have shown the severity of security threats that autonomous vehicles face -for example, Miller and Valasek (2015) were able to remotely take complete control over a 2014 Jeep Cherokee in a so called "Jeephack" [1]. This paper analyses the threats that the Electrical and Electronic (E/E) architecture of an autonomous vehicle has to face and rank those threats by severity. To achieve this, the Microsoft's STRIDE threat analysis technique was applied and 13 threats were identified. These are sorted by their Common Vulnerability Scoring System (CVSS) scores. Potential mitigation methods are then suggested for the five topmost severe threats.

In the context of cybersecurity systems, trust is the firm belief that a system will behave as expected. Trustworthiness is the proven property of a system that is worthy of trust. Therefore, trust is ephemeral, i.e. trust can be broken; trustworthiness is perpetual, i.e. trustworthiness is verified and cannot be broken. The gap between these two concepts is one which is, alarmingly, often overlooked. In fact, the pressure to meet with the pace of operations for mission critical cross domain solution (CDS) development has resulted in a status quo of high-risk, ad hoc solutions. Trustworthiness, proven through formal verification, should be an essential property in any hardware and/or software security system. We have shown, in "vCDS: A Virtualized Cross Domain Solution Architecture", that developing a formally verified CDS is possible. virtual CDS (vCDS) additionally comes with security guarantees, i.e. confidentiality, integrity, and availability, through the use of a formally verified trusted computing base (TCB). In order for a system, defined by an architecture description language (ADL), to be considered trustworthy, the implemented security configuration, i.e. access control and data protection models, must be verified correct. In this paper we present the first and only security auditing tool which seeks to verify the security configuration of a CDS architecture defined through ADL description. This tool is useful in mitigating the risk of existing solutions by ensuring proper security enforcement. Furthermore, when coupled with the agile nature of vCDS, this tool significantly increases the pace of system delivery.

Cyber-physical systems (CPS) are state-of-the-art communication environments that offer various applications with distinct requirements. However, security in CPS is a nonnegotiable concept, since without a proper security mechanism the applications of CPS may risk human lives, the privacy of individuals, and system operations. In this paper, we focus on PHY-layer security approaches in CPS to prevent passive eavesdropping attacks, and we propose an integration of physical layer operations to enhance security. Thanks to the McEliece cryptosystem, error injection is firstly applied to information bits, which are encoded with the forward error correction (FEC) schemes. Golay and Hamming codes are selected as FEC schemes to satisfy power and computational efficiency. Then obtained codewords are transmitted across reliable intermediate relays to the legitimate receiver. As a performance metric, the decoding frame error rate of the eavesdropper is analytically obtained for the fragmentary existence of significant noise between relays and Eve. The simulation results validate the analytical calculations, and the obtained results show that the number of low-quality channels and the selected FEC scheme affects the performance of the proposed model.

In modern cyber-physical systems and wireless sensor networks the complexity of crisis management processes is caused by a variety of software/hardware assets and communication protocols, the necessity of their collaborative function, possible inconsistency of data flows between particular devices and increased requirements to cyber-physical security. A crisis management oriented model of a communicational mobile network is constructed. A general architecture of network nodes by the use of XBee circuits, Arduino microcontrollers and connecting equipment are developed. An analysis of possible cyber-physical security events on the base of existing intruder models is performed. A series of experiments on modeling attacks on network nodes is conducted. Possible ways for attack revelations by means of components for security event collection and data correlation is discussed.

Homomorphic encryption technology can settle a dispute of data privacy security in cloud environment, but there are many problems in the process of access the data which is encrypted by a homomorphic algorithm in the cloud. In this paper, on the premise of attribute encryption, we propose a fully homomorphic encrypt scheme which based on attribute encryption with LSSS matrix. This scheme supports fine-grained cum flexible access control along with "Query-Response" mechanism to enable users to efficiently retrieve desired data from cloud servers. In addition, the scheme should support considerable flexibility to revoke system privileges from users without updating the key client, it reduces the pressure of the client greatly. Finally, security analysis illustrates that the scheme can resist collusion attack. A comparison of the performance from existing CP-ABE scheme, indicates that our scheme reduces the computation cost greatly for users.

In recent days, cloud computing is one of the emerging fields. It is a platform to maintain the data and privacy of the users. To process and regulate the data with high security, the access control methods are used. The cloud environment always faces several challenges such as robustness, security issues and so on. Conventional methods like Cipher text-Policy Attribute-Based Encryption (CP-ABE) are reflected in providing huge security, but still, the problem exists like the non-existence of attribute revocation and minimum efficient. Hence, this research work particularly on the attribute-based mechanism to maximize efficiency. Initially, an objective coined out in this work is to define the attributes for a set of users. Secondly, the data is to be re-encrypted based on the access policies defined for the particular file. The re-encryption process renders information to the cloud server for verifying the authenticity of the user even though the owner is offline. The main advantage of this work evaluates multiple attributes and allows respective users who possess those attributes to access the data. The result proves that the proposed Data sharing scheme helps for Revocation under a fine-grained attribute structure.

It is technically challenging to conduct a security analysis of a dynamic network, due to the lack of methods and techniques to capture different security postures as the network changes. Graphical Security Models (e.g., Attack Graph) are used to assess the security of network systems, but it typically captures a snapshot of a network state to carry out the security analysis. To address this issue, we propose a new Graphical Security Model named Time-independent Hierarchical Attack Representation Model (Ti-HARM) that captures security of multiple network states by taking into account the time duration of each network state and the visibility of network components (e.g., hosts, edges) in each state. By incorporating the changes, we can analyse the security of dynamic networks taking into account all the threats appearing in different network states. Our experimental results show that the Ti-HARM can effectively capture and assess the security of dynamic networks which were not possible using existing graphical security models.