Biblio

In recent years, technological advancements in the AI and VR fields have increasingly often been paired with considerations on ethics and safety aimed at mitigating unintentional design failures. However, cybersecurity-oriented AI and VR safety research has emphasized the need to additionally appraise instantiations of intentional malice exhibited by unethical actors at pre- and post-deployment stages. On top of that, in view of ongoing malicious deepfake developments that can represent a threat to the epistemic security of a society, security-aware AI and VR design strategies require an epistemically-sensitive stance. In this vein, this paper provides a theoretical basis for two novel AIVR safety research directions: 1) VR as immersive testbed for a VR-deepfake-aided epistemic security training and 2) AI as catalyst within a deepfake-aided so-called cyborgnetic creativity augmentation facilitating an epistemically-sensitive threat modelling. For illustration, we focus our use case on deepfake text – an underestimated deepfake modality. In the main, the two proposed transdisciplinary lines of research exemplify how AIVR safety to defend against unethical actors could naturally converge toward AIVR ethics whilst counteracting epistemic security threats.

Virtual worlds was becoming increasingly popular in a variety of fields, including education, business, space exploration, and video games. Establishing the security of virtual worlds was becoming more critical as they become more widely used. Virtual users were identified using a behavioral biometric system. Improve the system's ability to identify objects by fusing scores from multiple sources. Identification was based on a review of user interactions in virtual environments and a comparison with previous recordings in the database. For behavioral biometric systems like the one described, it appears that score-level biometric fusion was a promising tool for improving system performance. As virtual worlds become more immersive, more people will want to participate in them, and more people will want to be able to interact with each other. Each region of the Meta-verse was given a glimpse of the current state of affairs and the trends to come. As hardware performance and institutional and public interest continue to improve, the Meta-verse's development is hampered by limitations like computational method limits and a lack of realized collaboration between virtual world stakeholders and developers alike. A major goal of the proposed research was to verify the accuracy of the biometric system to enhance the security in virtual world. In this study, the precision of the proposed work was compared to that of previous work.

This Innovative Practice Work-in-Progress paper presents a virtual, proactive, and collaborative learning paradigm that can engage learners with different backgrounds and enable effective retention and transfer of the multidisciplinary AI-cybersecurity knowledge. While progress has been made to better understand the trustworthiness and security of artificial intelligence (AI) techniques, little has been done to translate this knowledge to education and training. There is a critical need to foster a qualified cybersecurity workforce that understands the usefulness, limitations, and best practices of AI technologies in the cybersecurity domain. To address this import issue, in our proposed learning paradigm, we leverage multidisciplinary expertise in cybersecurity, AI, and statistics to systematically investigate two cohesive research and education goals. First, we develop an immersive learning environment that motivates the students to explore AI/machine learning (ML) development in the context of real-world cybersecurity scenarios by constructing learning models with tangible objects. Second, we design a proactive education paradigm with the use of hackathon activities based on game-based learning, lifelong learning, and social constructivism. The proposed paradigm will benefit a wide range of learners, especially underrepresented students. It will also help the general public understand the security implications of AI. In this paper, we describe our proposed learning paradigm and present our current progress of this ongoing research work. In the current stage, we focus on the first research and education goal and have been leveraging cost-effective Minecraft platform to develop an immersive learning environment where the learners are able to investigate the insights of the emerging AI/ML concepts by constructing related learning modules via interacting with tangible AI/ML building blocks.

With novel 3D imaging technology based on computed tomography (CT) set to replace the current 2D X-ray systems, airports face the challenge of adequately preparing airport security officers (screeners) through knowledge building. Virtual reality (VR) bears the potential to greatly facilitate this process by allowing learners to experience and engage in immersive virtual scenarios as if they were real. However, while general aspects of immersion have been explored frequently, less is known about the benefits of immersive technology for instructional purposes in practical settings such as airport security.In the present study, we evaluated how different display technologies (2D vs VR) and segmentation (system-paced vs learner-paced) affected screeners' objective and subjective knowledge gain, cognitive load, as well as aspects of motivation and technology acceptance. By employing a 2 x 2 between-subjects design, four experimental groups experienced uniform learning material featuring information about 3D CT technology and its application in airport security: 2D system-paced, 2D learner-paced, VR system-paced, and VR learner-paced. The instructional material was presented as an 11 min multimedia lesson featuring words (i.e., narration, onscreen text) and pictures in dynamic form (i.e., video, animation). Participants of the learner-paced groups were prompted to initialize the next section of the multimedia lesson by pressing a virtual button after short segments of information. Additionally, a control group experiencing no instructional content was included to evaluate the effectiveness of the instructional material. The data was collected at an international airport with screeners having no prior 3D CT experience (n=162).The results show main effects on segmentation for objective learning outcomes (favoring system-paced), germane cognitive load on display technology (supporting 2D). These results contradict the expected benefits of VR and segmentation, respectively. Overall, the present study offers valuable insight on how to implement instructional material for a practical setting.

This paper is a conceptual paper that explores how the sensemaking process by intelligence analysts completed within a cognitive immersive environment might be impacted by the inclusion of a progressive dialog system. The tools enabled in the sensemaking room (a specific instance within the cognitive immersive environment) were informed by tools from the intelligence analysis domain. We explore how a progressive dialog system would impact the use of tools such as the collaborative brainstorming exercise [1]. These structured analytic techniques are well established in intelligence analysis training literature, and act as ways to access the intended users' cognitive schema as they use the cognitive immersive room and move through the sensemaking process. A prior user study determined that the sensemaking room encouraged users to be more concise and representative with information while using the digital brainstorming tool. We anticipate that addition of the progressive dialog function will enable a more cohesive link between information foraging and sensemaking behaviors for analysts.

From the past few years cloud services are so popular and are being used by many people from various domains for various purposes such as data storage, e-mails, backing up data and much more. While there were many options to perform such things why did people choose cloud? The answer is clouds are more flexible, convenient, reliable and efficient. Coming to security of data over cloud, it is secure to store data over cloud rather than storing data locally as there is chance of some computer breakdown or any natural disaster may also occur. There are also many threats for data security over cloud namely data breaching, lack of access-key management and much more. As the data has been processed and being stored online for various purposes, there is a clear requirement for data security. Many organizations face various challenges while storing their data over cloud such as data leakages, account hijacking, insufficient credentials and so on. So to overcome these challenges and safeguard the data, various encryption techniques were implemented. However, even though encryption is used, the data still needs to be decrypted in order to do any type of operation. As a result, we must choose a manner in which the data can be analyzed, searched for, or used in any other way without needing to be decoded. So, the objective is to introduce a technique that goes right for the above conditions mentioned and for data security over cloud.

The student's fault is not the only cause of dropping out of school. Often, cases of dropping out of school are only associated with too general problems. However, sensitive issues that can be detrimental to certain parties in this regard, such as the institution's reputation, are usually not made public. To overcome this, an in-depth analysis of these cases is needed for proper handling. Many risks are associated with creating a single repository for this sensitive information. Therefore, some encryption is required to ensure data is not leaked. However, encryption at rest and in transit is insufficient as data leakage is a considerable risk during processing. In addition, there is also a risk of abuse of authority by insiders so that no single entity is allowed to have access to all data. Homomorphic encryption presents a viable solution to this challenge. Data may be aggregated under the security provided by Homomorphic Encryption. This method makes the data available for computation without being decrypted first and without paying the risk of having a single repository.

In 2020, Omar and abed proposed a new noise-free fully homomorphic encryption scheme that allows arbitrary computations on encrypted data without decryption. However, they did not provide a sufficient security analysis of the proposed scheme and just stated that it is secure under the integer factorization assumption. In this paper, we present known plaintext attacks on their scheme and illustrate them with toy examples. Our attack algorithms are quite simple: They require several times of greatest common divisor (GCD) computations using only a few pair of message and ciphertext.

Cloud computing has been widely used because of its low price, high reliability, and generality of services. However, considering that cloud computing transactions between users and service providers are usually asynchronous, data privacy involving users and service providers may lead to a crisis of trust, which in turn hinders the expansion of cloud computing applications. In this paper, we propose DPP, a data privacy-preserving cloud computing scheme based on homomorphic encryption, which achieves correctness, compatibility, and security. DPP implements data privacy-preserving by introducing homomorphic encryption. To verify the security of DPP, we instantiate DPP based on the Paillier homomorphic encryption scheme and evaluate the performance. The experiment results show that the time-consuming of the key steps in the DPP scheme is reasonable and acceptable.

Homomorphic encryption (HE) facilitates computing over encrypted data without using the secret keys. It is currently inefficient for practical implementation on the Internet of Things (IoT). However, the performance of these HE schemes may increase with optimized libraries and hardware capabilities. Thus, implementing and analyzing HE schemes and protocols on resource-constrained devices is essential to deriving optimized and secure schemes. This paper develops an energy profiling framework for homomorphic encryption on IoT devices. In particular, we analyze energy consumption and performance such as CPU and Memory utilization and execution time of numerous HE schemes using SEAL and HElib libraries on the Raspberry Pi 4 hardware platform and study energy-performance-security trade-offs. Our analysis reveals that HE schemes can incur a maximum of 70.07% in terms of energy consumption among the libraries. Finally, we provide guidelines for optimization of Homomorphic Encryption by leveraging multi-threading and edge computing capabilities for IoT applications. The insights obtained from this study can be used to develop secure and resource-constrained implementation of Homomorphic encryption depending on the needs of IoT applications.

With the development of sensor technology, people put forward a higher level, more diversified demand for portable rangefinders. However, its data storage method has not been developed in a large scale and breakthrough. This paper studies the design of portable sensor data storage system based on homomorphic encryption algorithm, which aims to maintain the security of sensor data storage through homomorphic encryption algorithm. This paper analyzes the functional requirements of the sensor data storage system, puts forward the overall design scheme of the system, and explains in detail the requirements and indicators for the specific realization of each part of the function. Analyze the different technical resources currently used in the storage system field, and dig deep into the key technologies that match the portable sensor data storage system. This paper has changed the problem of cumbersome operation steps and inconvenient data recovery in the sensor data storage system. This paper mainly uses the method of control variables and data comparison to carry out the experiment. The experimental results show that the success rate of the sensor data storage system under the homomorphic encryption algorithm is infinitely close to 100% as the number of data blocks increases.

This paper presents topological sorting methods to minimize the multiplicative depth of encrypted arithmetic expressions. The research aims to increase compatibility between nonlinear dynamic control schemes and homomorphic encryption methods, which are known to be limited by the quantity of multiplicative operations. The proposed method adapts rewrite rules originally developed for encrypted binary circuits to depth manipulation of arithmetic circuits. The paper further introduces methods to normalize circuit paths that have incompatible depth. Finally, the paper provides benchmarks demonstrating the improved depth in encrypted computed torque control of a dynamic manipulator and discusses how achieved improvements translate to increased cybersecurity.

Cloud computing plays major role in the development of accessing clouduser’s document and sensitive information stored. It has variety of content and representation. Cyber security and attacks in the cloud is a challenging aspect. Information security attains a vital part in Cyber Security management. It involves actions intended to reduce the adverse impacts of such incidents. To access the documents stored in cloud safely and securely, access control will be introduced based on cloud users to access the user’s document in the cloud. To achieve this, it is highly required to combine security components (e.g., Access Control, Usage Control) in the security document to get automatic information. This research work has proposed a Role Key Homomorphic Encryption Algorithm (RKHEA) to monitor the cloud users, who access the services continuously. This method provides access creation of session-based key to store the singularized encryption to reduce the key size from random methods to occupy memory space. It has some terms and conditions to be followed by the cloud users and also has encryption method to secure the document content. Hence the documents are encrypted with the RKHEA algorithm based on Service Key Access (SKA). Then, the encrypted key will be created based on access control conditions. The proposed analytics result shows an enhanced control over the documents in cloud and improved security performance.

Fully homomorphic encryption technologies allow you to operate on encrypted data without disclosing it, therefore they have a lot of potential for solving personal data storage and processing issues. Because of the increased interest in these technologies, various software tools and libraries that allow completely homomorphic encryption have emerged. However, because this subject of cryptography is still in its early stages, standards and recommendations for the usage of completely homomorphic encryption algorithms are still being developed. The paper presents the main areas of application of homomorphic encryption. The analysis of existing developments in the field of homomorphic encryption is carried out. The analysis showed that existing library implementations do not support the division and subtraction operation. The analysis revealed the need to develop a library of fully homomorphic encryption, which allows performing all mathematical operations on them (addition, difference, multiplication and division), as well as the relevance of developing its own implementation of a library of homomorphic encryption on integers. Then, implement the development of a fully homomorphic encryption library in C++ and on an ESP 32 microcontroller. The ability to perform four operations (addition, difference, multiplication and division) on encrypted data will expand the scope of application of homomorphic encryption. A method of homomorphic division and subtraction is proposed that allows performing the division and subtraction operation on homomorphically encrypted data. The level of security, the types of operations executed, the maximum length of operands, and the algorithm's running time are all described as a consequence of numerical experimentation with parameters.

Homomorphic encryption is suitable for a machine learning in the cloud such as a privacy-preserving machine learning. However, ordinary homomorphic public key encryption has a problem that public key holders can generate ciphertexts and anyone can execute homomorphic operations. In this paper, we will propose a solution based on the Keyed Homomorphic-Public Key Encryption proposed by Emura et al.

Currently, mobile ad hoc networks (MANETs) are widely used due to its self-configuring feature. However, it is vulnerable to the malicious jammers in practice. Traditional anti-jamming approaches, such as channel hopping based on deterministic sequences, may not be the reliable solution against intelligent jammers due to its fixed patterns. To address this problem, we propose a distributed game theory-based multi-agent anti-jamming (DMAA) algorithm in this paper. It enables each user to exploit all information from its neighboring users before the network attacks, and derive dynamic local policy knowledge to overcome intelligent jamming attacks efficiently as well as guide the users to cooperatively hop to the same channel with high probability. Simulation results demonstrate that the proposed algorithm can learn an optimal policy to guide the users to avoid malicious jamming more efficiently and rapidly than the random and independent Q-learning baseline algorithms,

This paper considers network protection games for a heterogeneous network system with N nodes against cyber-attackers of two different types of intentions. The first type tries to maximize damage based on the value of each net-worked node, while the second type only aims at successful infiltration. A defender, by applying defensive resources to networked nodes, can decrease those nodes' vulnerabilities. Meanwhile, the defender needs to balance the cost of using defensive resources and potential security benefits. Existing literature shows that, in a Nash equilibrium, the defender should adopt different resource allocation strategies against different types of attackers. However, it could be difficult for the defender to know the type of incoming cyber-attackers. A Bayesian game is investigated considering the case that the defender is uncertain about the attacker's type. We demonstrate that the Bayesian equilibrium defensive resource allocation strategy is a mixture of the Nash equilibrium strategies from the games against the two types of attackers separately.

Cyberspace is vulnerable to continuous malicious attacks. Traceability of network attacks is an effective defense means to curb and counter network attacks. In this paper, the evolutionary game model is used to analyze the network attack and defense behavior. On the basis of the quantification of attack and defense benefits, the replication dynamic learning mechanism is used to describe the change process of the selection probability of attack and defense strategies, and finally the evolutionary stability strategies and their solution curves of both sides are obtained. On this basis, the attack behavior is analyzed, and the probability curve of attack strategy and the optimal attack strategy are obtained, so as to realize the effective traceability of attack behavior.

At present, the research on the network security problem of underwater wireless sensors is still few, and since the underwater environment is exposed, passive security defense technology is not enough to deal with unknown security threats. Aiming at this problem, this paper proposes an offensive and defensive game model from the finite rationality of the network attack and defense sides, combined with evolutionary game theory. The replicated dynamic equation is introduced to analyze the evolution trend of strategies under different circumstances, and the selection algorithm of optimal strategy is designed, which verifies the effectiveness of this model through simulation and provides guidance for active defense technology.

In this short paper, we survey some work at the intersection of Artificial Intelligence (AI) and security that are based on game theoretic considerations, and particularly focus on the author's (our) contribution in these areas. One half of this paper focuses on applications of game theoretic and learning reasoning for addressing security applications such as in public safety and wildlife conservation. In the second half, we present recent work that attacks the learning components of these works, leading to sub-optimal defense allocation. We finally end by pointing to issues and potential research problems that can arise due to data quality in the real world.

Cyber physical system (CPS) Critical infrastructures (CIs) like the power and energy systems are increasingly becoming vulnerable to cyber attacks. Mitigating cyber risks in CIs is one of the key objectives of the design and maintenance of these systems. These CPS CIs commonly use legacy devices for remote monitoring and control where complete upgrades are uneconomical and infeasible. Therefore, risk assessment plays an important role in systematically enumerating and selectively securing vulnerable or high-risk assets through optimal investments in the cybersecurity of the CPS CIs. In this paper, we propose a CPS CI security framework and software tool, CySec Game, to be used by the CI industry and academic researchers to assess cyber risks and to optimally allocate cybersecurity investments to mitigate the risks. This framework uses attack tree, attack-defense tree, and game theory algorithms to identify high-risk targets and suggest optimal investments to mitigate the identified risks. We evaluate the efficacy of the framework using the tool by implementing a smart grid case study that shows accurate analysis and feasible implementation of the framework and the tool in this CPS CI environment.

Rational and smart decision making by means of strategic interaction and mathematical modelling is the key aspect of Game theory. Security games based on game theory are used extensively in cyberspace for various levels of security. The contemporary security issues can be modelled and analyzed using game theory as a robust mathematical framework. The attackers, defenders and the adversarial as well as defensive interactions can be captured using game theory. The security games equilibrium evaluation can help understand the attackers' strategies and potential threats at a deeper level for efficient defense. Wireless sensor network (WSN) designs are greatly benefitted by game theory. A deep learning adversarial network algorithm is used in combination with game theory enabling energy efficiency, optimal data delivery and security in a WSN. The trade-off between energy resource utilization and security is balanced using this technique.

The paper introduces and develops the new concept of current-mode multifunctional circuit, a computational structure that is able to implement, using the same functional core, a multitude of circuit functions: amplifying, squaring, square-rooting, multiplying, exponentiation or generation of any continuous mathematical function. As a single core computes a large number of circuit functions, the original approach of analog signal processing from the perspective of multifunctional structures presents the important advantages of a much smaller power consumption and design costs per implemented function comparing with classical designs. The current-mode operation, associated with the original concrete implementation of the proposed structure increase the accuracy of computed functions and the frequency behaviour of the designed circuit. Additionally, the temperature-caused errors are almost removed by specific design techniques. It will be also shown a new method for third-order approximating the exponential function using an original approximation function. A generalization of this method will represent the functional basis for realizing an improved accuracy function synthesizer circuit with a simple implementation in CMOS technology. The proposed circuits are compatible with low-power low voltage operations.

We discuss the performance of a new quantumsafe multivariate digital signature scheme proposed recently, called the Multivariate Polynomial Public Key Digital Signature (MPPK DS) scheme. Leveraging MPPK KEM or key exchange mechanism, the MPPK DS scheme is established using modular exponentiation with a randomly chosen secret base from a prime field. The security of the MPPK DS algorithm largely benefits from a generalized safe prime associated with the said field and the Euler totient function. We can achieve NIST security levels I, III, and V over a 64-bit prime field, with relatively small public key sizes of 128 bytes, 192 bytes, and 256 bytes for security levels I, III, and V, respectively. The signature sizes are 80 bytes for level I, 120 bytes for level III, and 160 bytes for level V. The MPPK DS scheme offers probabilistic procedures for signing and verification. That is, for each given signing message, a signer can randomly pick a base integer to be used for modular exponentiation with a private key, and a verifier can verify the signature with the digital message, based on the verification relationship, using any randomly selected noise variables. The verification process can be repeated as many times as the verifier wishes for different noise values, however, for a true honest signature, the verification will always pass. This probabilistic feature largely restricts an adversary to perform spoofing attacks. In this paper, we conduct some performance analyses by implementing MPPK DS in Java. We compare its performance with benchmark performances of NIST PQC Round 3 finalists: Rainbow, Dilithium, and Falcon. Overall, the MPPK DS scheme demonstrates equivalent or better performance, and much smaller public key, as well as signature sizes, compared to the three NIST PQC Round 3 finalists.

With the increasing awareness of privacy protection and data security, people’s concerns over the confidentiality of sensitive data still limit the application of distributed artificial intelligence. In fact, a new encryption form, called homomorphic encryption(HE), has achieved a balance between security and operability. In particular, one of the HE schemes named Paillier has been adopted to protect data privacy in distributed artificial intelligence. However, the massive computation of modular multiplication in Paillier greatly affects the speed of encryption and decryption. In this paper, we propose a fast CRT-Paillier scheme to accelerate its decryption process. We first introduce the Montgomery algorithm to the CRT-Paillier to improve the process of the modular exponentiation, and then compute the modular exponentiation in parallel by using OpenMP. The experimental results show that our proposed scheme has greatly heightened its decryption speed while preserving the same security level. Especially, when the key length is 4096-bit, its speed of decryption is about 148 times faster than CRT-Paillier.