Biblio

With the rapid growth of online services, the number of online accounts proliferates. The security of a single user account no longer depends merely on its own service provider but also the accounts on other service platforms (We refer to this online account environment as Online Account Ecosystem). In this paper, we first uncover the vulnerability of Online Account Ecosystem, which stems from the defective multi-factor authentication (MFA), specifically the ones with SMS-based verification, and dependencies among accounts on different platforms. We propose Chain Reaction Attack that exploits the weakest point in Online Account Ecosystem and can ultimately compromise the most secure platform. Furthermore, we design and implement ActFort, a systematic approach to detect the vulnerability of Online Account Ecosystem by analyzing the authentication credential factors and sensitive personal information as well as evaluating the dependency relationships among online accounts. We evaluate our system on hundreds of representative online services listed in Alexa in diversified fields. Based on the analysis from ActFort, we provide several pragmatic insights into the current Online Account Ecosystem and propose several feasible countermeasures including the online account exposed information protection mechanism and the built-in authentication to fortify the security of Online Account Ecosystem.

This paper contains analysis of methods of increasing the information protection from unauthorized access using a multifactor authentication algorithm; figuring out the best, most efficient and secure method of scanning biometric data; development of a method to store and compare a candidate’s and existisng system user’s information in steganographic space. The urgency of the work is confirmed by the need to increase information security of special infocommunication systems with the help of biometric information and protection of this information from intruders by means of steganographic transformation.

SMS (Short Message Service)-based authentication is widely used as a simple and secure multi-factor authentication, where OTP (One Time Password) is sent to user’s mobile phone via SMS. However, SMS authentication is vulnerable to Password Reset Man in the Middle Attack (PRMitM). In this attack, the attacker makes a victim perform password reset OTP for sign-up verification OTP. If the victim enters OTP to a malicious man-in-the-middle site, the attacker can overtake the victim’s account.We find new smartphone useful functions may increase PR-MitM attack risks. SMS push notification informs us an arrival of message by showing only beginning of the message. Hence, those who received SMS OTP do not notice the cautionary notes and the name of the sender that are supposed to show below the code, which may lead to be compromised. Auto-fill function, which allow us to input authentication code with one touch, is also vulnerable for the same reason.In this study, we conduct a user study to investigate the effect of new smartphone functions incurring PRMitM attack.

In the growth of financial industries, the electronic payments system is a newest topic, which is to be replaced in the near future by electronic or online transaction. With the advancement of the technology, there is a strong need to build and enforce safe authentication schemes to protect user sensitive information against security threats. Protection is becoming increasingly important for companies today, and so the need for authentication is more essential than before. In single-factor authentication, there are many security problems such as password schemes. Additionally, invaders will try various ways of stealing passwords including, dictionary attacks, brute force attack, password divination, shoulder surfing, etc. This paper provides a multi-authentication system for electronic payments to address the problem. The proposed technique here combines password, biometric and OTP verification for a more reliable user authentication using a multi-factor authentication. The proposed system has three phases, namely: registration phase, an authentication phase, and transaction phase. Our proposed approach has been found to boost security efficacy for various forms of assault and authentication layers dependent on password based attacks.

Various methods for face validation-based authentication systems have been applied in a number of access control applications. However, using only one biometric factor such as facial data may limit accuracy and use, and is not practical in a real environment. This paper presents the implementation of a face time attendance system with an additional factor, a QR code to improve accuracy. This two- factor authentication system was developed in the form of a kiosk with a contactless process, which emerged due to the COVID-19 pandemic. The experiment was conducted at a well- known training event in Thailand. The proposed two-factor system was evaluated in terms of accuracy and satisfaction. Additionally, it was compared to a traditional single-factor system using only face recognition. The results confirm that the proposed two-factor scheme is more effective and did not incorrectly identify any users.

Cloud Computing is a technology which provides flexibility through scalability. Like, Cloud computing, nowadays, Fog computing is considered more revolutionary and dynamic technology. But the main problem with the Fog computing is to take care of its security as in this also person identification is done by single Sign-In system. To come out from the security problem raised in Fog computing, an innovative approach has been suggested here. In the present paper, an approach has been proposed that combines different biometric techniques to verify the authenticity of a person and provides a complete model that will be able to provide a necessary level of verification and security in fog computing. In this model, several biometric techniques have been used and each one of them individually helps extract out more authentic and detailed information after every step. Further, in the presented paper, different techniques and methodologies have been examined to assess the usefulness of proposed technology in reducing the security threats. The paper delivers a capacious technique for biometric authentication for bolstering the fog security.

Zero- Knowledge Proof is a cryptographic protocol exercised to render privacy and data security by securing the identity of users and using services anonymously. It finds numerous applications; authentication is one of them. A Zero-Knowledge Proof-based authentication system is discussed in this paper. Advanced Encryption Standard (AES) and Secure Remote Password (SRP) protocol have been used to design and build the ZKP based authentication system. SRP is a broadly used Password Authenticated Key Exchange (PAKE) protocol. The proposed method overcomes several drawbacks of traditional and commonly used authentication systems such as a simple username and plaintext password-based system, multi-factor authentication system and others.

Multi-Factor Authentication is an electronic authentication method in which a computer user is granted access to an application or a website only after successfully presenting two or more factors, or pieces of evidence. It is the first step to protect systems against intruders since the traditional log-in methods (username and password) are not completely protected from hackers, since they can guess them easily using tools. Current Systems use additional methods to increase security, such as using two-factor authentication based on a one-time password via mobile or email, or authentication based on biometrics (fingerprint, eye iris or retina, and face recognition) or via token devices. However, these methods require additional hardware equipment with high cost at the level of small and medium companies. This paper proposes a multi-factor authentication system that combines ease of use and low-cost factors. The system does not need any special settings or infrastructure. It relies on graphical passwords, so the user, in registration phase, chooses three images and memorizes them. In the login phase, the user needs only to choose the correct images that he considered during the registration process in a specific order. The proposed system overcomes many different security threats, such as key-loggers, screen capture attack or shoulder surfing. The proposed method was applied to 170 participants, 75% of them are males and 25% are females, classified according to their age, education level, web experience. One-third of them did not have sufficient knowledge about various security threats.

To improve the security and reliability of the system in case of sensor failure, a fault diagnosis algorithm based on neural network is proposed to locate the fault quickly and reconstruct the control system in this paper. Firstly, the typical airborne sensors are introduced and their common failure modes are analyzed. Then, a new method of complex feature extraction using wavelet packet is put forward to extract the fault characteristics of UAV sensors. Finally, the observer method based on BP neural network is adopted to train and acquire data offline, and to detect and process single or multiple sensor faults online. Matlab simulation results show that the algorithm has good diagnostic accuracy and strong generalization ability, which also has certain practicability in engineering.

Spin-transfer torque magnetoresistive random-access memories (STT-MRAMs) are gradually superseding conventional SRAMs as last-level cache in System-on-Chip designs. Their manufacturing process includes trimming a reference resistance in STT-MRAM modules to reliably determine the logic values of 0 and 1 during read operations. Typically, an on-chip trimming routine consists of multiple runs of a test algorithm with different settings of a trimming port. It may inherently produce a large number of mismatches. Diagnosis of such a sizeable volume of errors by means of existing memory built-in self-test (MBIST) schemes is either infeasible or a time-consuming and expensive process. In this paper, we propose a new memory fault diagnosis scheme capable of handling STT-MRAM-specific error rates in an efficient manner. It relies on a convolutional reduction of memory outputs and continuous shifting of the resultant data to a tester through a few output channels that are typically available in designs using an on-chip test compression technology, such as the embedded deterministic test. It is shown that processing the STT-MRAM output by using a convolutional compactor is a preferable solution for this type of applications, as it provides a high diagnostic resolution while incurring a low hardware overhead over traditional MBIST logic.

In this paper, a multiple switches open-fault diagnostic method using ANNs (Artificial Neural Networks) for three-phase PWM (Pulse Width Modulation) converters is proposed. When an open-fault occurs on switches in the converter, the stator currents can include dc and harmonic components. Since these abnormal currents cannot be easily cut off by protection circuits, secondary faults can occur in peripherals. Therefore, a method of diagnosing the open-fault is required. For open-faults for single switch and double switches, there are 21 types of fault modes depending on faulty switches. In this paper, these fault modes are localized by using the dc component and THD (Total Harmonics Distortion) in fault currents. For obtaining the dc component and THD in the currents, an ADALINE (Adaptive Linear Neuron) is used. For localizing fault modes, two ANNs are used in series; the 21 fault modes are categorized into six sectors by the first ANN of using the dc components, and then the second ANN localizes fault modes by using both the dc and THDs of the d-q axes current in each sector. Simulations and experiments confirm the validity of the proposed method.

In order to increase the availability and reliability of photovoltaic (PV) systems, fault diagnosis and condition monitoring of inverters are of crucial means to meet the goals. Numerous methods are implemented for fault diagnosis of PV inverters, providing robust features and handling massive amount of data. However, existing methods rely on simplistic frameworks that are incapable of inspecting a wide range of intrinsic and explicit features, as well as being time-consuming. In this paper, a novel method based on a multilayer deep belief network (DBN) is suggested for fault diagnosis, which allows the framework to discover the probabilistic reconstruction across its inputs. This approach equips a robust hierarchical generative model for exploiting features associated with faults, interprets functions that are highly variable, and needs lesser prior information. Moreover, the method instantaneously categorizes the fault conditions, which eventually strengthens the adaptability of applying it on a variety of diagnostic problems in an inverter domain. The proposed method is evaluated using multiple input signals at different sampling frequencies. To evaluate the efficacy of DBN, a test model based on a three-phase 2-level grid-tied PV inverter was used. The results show that the method is capable of achieving precise diagnosis operations.

In photovoltaic (PV) systems, machine learning-based methods have been used for fault detection and diagnosis in the past years, which require large amounts of data. However, fault types in a single PV station are usually insufficient in practice. Due to insufficient and non-identically distributed data, packet loss and privacy concerns, it is difficult to train a model for diagnosing all fault types. To address these issues, in this paper, we propose a decentralized federated learning (FL)-based fault diagnosis method for insulated gate bipolar transistor (IGBT) open-circuits in PV inverters. All PV stations use the convolutional neural network (CNN) to train local diagnosis models. By aggregating neighboring model parameters, each PV station benefits from the fault diagnosis knowledge learned from neighbors and achieves diagnosing all fault types without sharing original data. Extensive experiments are conducted in terms of non-identical data distributions, various transmission channel conditions and whether to use the FL framework. The results are as follows: 1) Using data with non-identical distributions, the collaboratively trained model diagnoses faults accurately and robustly; 2) The continuous transmission and aggregation of model parameters in multiple rounds make it possible to obtain ideal training results even in the presence of packet loss; 3) The proposed method allows each PV station to diagnose all fault types without original data sharing, which protects data privacy.

In the multivariable fault diagnosis of industrial process, due to the existence of correlation between variables, the result of fault diagnosis will inevitably appear "smearing" effect. Although the fault diagnosis method based on the contribution of multi-dimensional reconstruction is helpful when multiple faults occur. But in order to correctly isolate all the fault variables, this method will become very inefficient due to the combination of variables. In this paper, a fault diagnosis method based on kNN and MRBC is proposed to fundamentally avoid the corresponding influence of "smearing", and a fast variable selection strategy is designed to accelerate the process of fault isolation. Finally, simulation study on a benchmark process verifies the effectiveness of the method, in comparison with the traditional method represented by FDA-based method.

When a fault occurs in power grid, the analytic model for power grid fault diagnosis could generate multiple solutions under one or more protective relays (PRs) and/or circuit breakers (CBs) malfunctioning, and/or one or more their alarm information failing. Hence, this paper, calling the electrical quantities, presents an optimal solution discrimination method, which determines the optimal solution by constructing the electrical criteria of suspicious faulty components. Furthermore, combining the established electrical criteria with the existing analytic model, a hierarchical fault diagnosis mode is proposed. It uses the analytic model for the first level diagnosis based on the switching quantities. Thereafter, aiming at multiple solutions, it applies the electrical criteria for the second level diagnosis to determine the diagnostic result. Finally, the examples of fault diagnosis demonstrate the feasibility and effectiveness of the developed method.

The fabricated circuitries are getting massive and denser with every passing year due to which a normal automatic test pattern generation technique to detect only the single stuck-at faults will overlook the multiple stuck-at faults. But generating test patterns that can detect all possible multiple stuck-at fault is practically not possible. Hence, this paper proposes a method, where multiple faults can be detected by using test vectors for detecting single stuck-at faults. Here, the patterns for detecting single faults are generated and their ability to detect multiple stuck-at faults is also analyzed. From the experimental results it was observed that, the generated vectors for single faults cover maximum number of the multiple faults and then new test vectors are generated for the undetermined faults. The generated vectors are optimized for the compact test patterns in order to reduce the test power.

The output of rolling bearings, as one of the most widely used support elements, has a significant impact on the equipment's stability and protection. Automatic and effective mining of features representing performance condition plays an important role in ensuring its reliability. However, in the actual process, there are often differences in the quality of features extracted from feature engineering, and this difference cannot be evaluated by commonly used methods, such as correlation metric and monotonicity metric. In order to accurately and automatically evaluate and select effective features, a novel assessment metric is established based on the attributes of the feature itself. Firstly, the features are extracted from different domains, which contain differential information, and a feature set is constructed. Secondly, the performances of the features are evaluated and selected based on internal distance and external distance, which is a novel feature evaluation model for classification task. Finally, an adaptive boosting strategy that combines multiple weak learners is adopted to achieve the fault identification at different severities and orientations. One experimental bearing dataset is adopted to analyze, and effectiveness and accuracy of proposed metric index is verified.

In this work, a novel approach to detect and diagnose single and combined faults in the Induction Motor (IM) is proposed. In Condition Monitoring Systems (CMS) based on the Motor Current Signature Analysis (MCSA), the simultaneous occurrence of multiple faults is a major challenge. An innovative technique called Multiple Windowed Harmonic Wavelet Packet Transform (MWHWPT) is used in order to discriminate between the faulty components of the IM, even during compound faults. Thus, each motor component is monitored by a specific Fault Index (FI) which allows the fault diagnosis without the need for a classifier. The tests carried on Rotor and Bearing faults show high fault diagnosis rate even during compound faults and proves the competitive performance of the proposed approach with literature works.

The core looseness fault is an important part of transformer fault. The state of the core can be obtained by analyzing the vibration signal. Vibration analysis method has been used in transformer condition monitoring and fault diagnosis for many years, while different methods produce different results. In order to select the correct method in engineering application, five kinds of joint time-frequency analysis methods, such as short-time Fourier transform, Wigner-Ville distribution, S transform, wavelet transform and empirical mode decomposition are compared, and the advantages and disadvantages of these methods for dealing with the vibration signal of transformer core are analyzed in this paper. It indicates that wavelet transform and empirical mode decomposition have more advantages in the diagnosis of core looseness fault. The conclusions have referential significance for the diagnosis of transformer faults in engineering.

This paper presents a method to improve the diagnosability of power network under multiple faults. In this paper, the steps of fault diagnosis are as follows: first, constructing finite automata model of the diagnostic system; then, a fault diagnoser model is established through coupling operation and trajectory reasoning mechanism; finally, the diagnosis results are obtained through this model. In this paper, the judgment basis of diagnosability is defined. Then, based on the existing diagnosis results, the information available can be increased by adding sensor devices, to achieve the purpose of diagnosability in the case of multiple faults of the system.

In today's digital era, data is most important in every phase of work. The storage and processing on data with security is the need of each and every application field. Data need to be tamper resistant due to possibility of alteration. Data can be represented and stored in heterogeneous format. There are chances of attack on information which is vital for particular organization. With rapid increase in cyber crime, attackers behave maliciously to alter those data. But it is having great impact on forensic evidences which is required for provenance. Therefore, it is required to maintain the reliability and provenance of digital evidences as it travels through various stages during forensic investigation. In this approach, there is a forensic chain in which generated report passes through various levels or intermediaries such as pathology laboratory, doctor, police department etc. To build the transparent system with immutability of forensic evidences, blockchain technology is more suitable. Blockchain technology provides the transfer of assets or evidence reports in transparent environment without central authority. In this paper blockchain based secure system for forensic evidences is proposed. The proposed system is implemented on Ethereum platform. The tampering of forensic evidence can be easily traced at any stage by anyone in the forensic chain. The security enhancement of forensic evidences is achieved through implementation on Ethereum platform with high integrity, traceability and immutability.

The globalized supply chain in the semiconductor industry raises several security concerns such as IC overproduction, intellectual property piracy and design tampering. Logic locking has emerged as a Design-for-Trust countermeasure to address these issues. Original logic locking proposals provide a high degree of output corruption – i.e., errors on circuit outputs – unless it is unlocked with the correct key. This is a prerequisite for making a manufactured circuit unusable without the designer’s intervention. Since the introduction of SAT-based attacks – highly efficient attacks for retrieving the correct key from an oracle and the corresponding locked design – resulting design-based countermeasures have compromised output corruption for the benefit of better resilience against such attacks. Our proposed logic locking scheme, referred to as SKG-Lock, aims to thwart SAT-based attacks while maintaining significant output corruption. The proposed provable SAT-resilience scheme is based on the novel concept of decoy key-inputs. Compared with recent related works, SKG-Lock provides higher output corruption, while having high resistance to evaluated attacks.

In the past few years, the blockchain emerged as peer-to-peer distributed ledger technology for recording transactions, maintained by many peers without any central trusted regulatory authority through distributed public-key cryptography and consensus mechanism. It has not only given the birth of cryptocurrencies, but it also resolved various security, privacy and transparency issues of decentralized systems. This article discussed the blockchain basics overview, architecture, and blockchain security components such as hash function, Merkle tree, digital signature, and Elliptic curve cryptography (ECC). In addition to the core idea of blockchain, we focus on ECC's significance in the blockchain. We also discussed why RSA and other key generation mechanisms are not suitable for blockchain-based IoT applications. We also analyze many possible blockchain-based applications where ECC algorithm is better than other algorithms concerning security and privacy assurance. At the end of the article, we will explain the comparative analysis of ECC and RSA.

The Bitcoin blockchain is managed by an underlying peer-to-peer network. This network is responsible for the propagation of transactions carried out by users via the blocks (which contain the validated transactions), and to ensure consensus between the different nodes. The quality and safety of this network are therefore particularly essential. In this work, we present an open dataset on the peers composing the Bitcoin P2P Network that was made following a well defined and reproducible methodology. We also provide a first analysis of the dataset on three criteria: the number of public nodes and their client version and geographical distribution.

Blockchain is opening up new avenues for the development of new sorts of digital services. In this article, we'll employ the transparent Blockchain method to propose a system for collecting data from many sources and databases for use in local and national elections. The Blockchain-based system will be safe, trustworthy, and private. It will assist to know the overall count of the candidates who participated and it functions in the same way as people's faith in their governments does. Blockchain technology is the one that handles the actual vote. We use the secure hash algorithm for resolving this problem and tried to bring a solution through the usage of this booming technology. A centralized database in a blockchain system keeps track of the secure electronic interactions of users in a peer-to-peer network.