Biblio

The reliability of mechanical equipment is very important for the security operation of large-scale equipment. This paper presents a rolling bearing fault diagnosis method based on Variational Mode Decomposition (VMD) and Convolutional Neural Network (CNN). This proposed method includes using VMD and CNN to extend multi-sensor data, extracting detailed features and achieve more robust sensor fusion. Representative features can be extracted automatically from the raw signals. The proposed method can extract features directly from data without prior knowledge. The effectiveness of this method is verified on Case Western Reserve University (CWRU) dataset. Compared with one sensor and traditional approaches using manual feature extraction, the results show the superior diagnosis performance of the proposed method. Because of the end-to-end feature learning ability, this method can be extended to other kinds of sensor mechanical fault diagnosis.

One of the most significant systems in computer network security assurance is the assessment of computer network security. With the goal of finding an effective method for performing the process of security evaluation in a computer network, this paper uses a deep neural network to be responsible for the task of security evaluating. The DNN will be built with python on Spyder IDE, it will be trained and tested by 17 network security indicators then the output that we get represents one of the security levels that have been already defined. The maj or purpose is to enhance the ability to determine the security level of a computer network accurately based on its selected security indicators. The method that we intend to use in this paper in order to evaluate network security is simple, reduces the human factors interferences, and can obtain the correct results of the evaluation rapidly. We will analyze the results to decide if this method will enhance the process of evaluating the security of the network in terms of accuracy.

Multi-factor user authentication (MFUA) becomes increasingly popular due to its superior security comparing with single-factor user authentication. However, existing MFUAs require multiple interactions between users and different authentication components when sensing the multiple factors, leading to extra overhead and bad use experiences. In this paper, we propose a secure and user-friendly MFUA system, namely BioDraw, which utilizes four categories of biometrics (impedance, geometry, composition, and behavior) of human hand plus the pattern-based password to identify and authenticate users. A user only needs to draw a pattern on a RFID tag array, while four biometrics can be simultaneously collected. Particularly, we design a gradient-based pattern recognition algorithm for pattern recognition and then a CNN-LSTM-based classifier for user recognition. Furthermore, to guarantee the systemic security, we propose a novel anti-spoofing scheme, called Binary ALOHA, which utilizes the inhabit randomness of RFID systems. We perform extensive experiments over 21 volunteers. The experiment result demonstrates that BioDraw can achieve a high authentication accuracy (with a false reject rate less than 2%) and is effective in defending against various attacks.

Today, authentication and non-repudiation of actions are essential requirements for almost all mobile services. In this respect, various common identity systems (such as Facebook Login, Google Sign-In, Apple ID and many other) based on OpenID Connect protocol have been introduced that support easier password management for users, and reduce potential risks by securing the service provider and the user. With the widespread use of the Internet, smartphones can offer many services with rich content. The use of common identity systems on mobile devices with a high security level is becoming a more important requirement. At this point, MNOs (Mobile Network Operators) have a significant potential and capability for providing common identity services. The existing solutions based on Mobile Connect standard provide generally low level of assurance. Accordingly, there is an urgent need for a common identity system that provide higher level of assurance and security for service providers. This study presents a multi-factor authentication mechanism called TrustedID system that is based on Mobile Connect and OpenID Connect standards, and ensures higher level of assurance. The proposed system aims to use three identity factors of the user in order to access sensitive mobile services on the smartphone. The proposed authentication system will support improvement of new value-added services and also support the development of mobile ecosystem.

The Classification of devices involved in authentication and classification of authentication systems by type and combination of protocols used are proposed. The system architecture for soft multi-factor authentication designed and simulated.

Fog Computing paradigm extends the cloud computing to the edge of the network to resolve the problem of latency but this introduces new security and privacy issues. So, it is necessary that a user must be authenticated before initiating data exchange in order to preserve the integrity. Secondly, in fog computing, fog node must also be authorized for ensuring the proper behaviour of fog node and validate that the fog node is not corrupted. Hence, we proposed a mutual authentication scheme which verifies both the fog node and the end user before the transfer of data. Traditional authentication protocol uses digital certificate and digital signature which faces the problem of scalability and more complexity respectively. So, in the proposed architecture, the problem of scalability and complexity is reduced to a greater extent compared to traditional authentication techniques. The proposed scheme also ensures multi-factor authentication of the user before sending the data and it is way too efficient.

Attacks targeting several millions of non-internet based application users are on the rise. These applications such as SMS and USSD typically do not benefit from existing multi-factor authentication methods due to the nature of their interaction interfaces and mode of operations. To address this problem, we propose an approach that augments blockchain with multi-factor authentication based on evidence from blockchain transactions combined with risk analysis. A profile of how a user performs transactions is built overtime and is used to analyse the risk level of each new transaction. If a transaction is flagged as high risk, we generate n-factor layers of authentication using past endorsed blockchain transactions. A demonstration of how we used the proposed approach to authenticate critical financial transactions in a blockchain-based asset financing platform is also discussed.

Underwater Wireless Sensor Networks (UWSNs) are liable to malicious attacks due to limited bandwidth, limited power, high propagation delay, path loss, and variable speed. The major differences between UWSNs and Terrestrial Wireless Sensor Networks (TWSNs) necessitate a new mechanism to secure UWSNs. The existing Media Access Control (MAC) and routing protocols have addressed the network performance of UWSNs, but are vulnerable to several attacks. The secure MAC and routing protocols must exist to detect Sybil, Blackhole, Wormhole, Hello Flooding, Acknowledgment Spoofing, Selective Forwarding, Sinkhole, and Exhaustion attacks. These attacks can disrupt or disable the network connection. Hence, these attacks can degrade the network performance and total loss can be catastrophic in some applications, like monitoring oil/gas spills. Several researchers have studied the security of UWSNs, but most of the works detect malicious attacks solely based on a certain predefined threshold. It is not optimal to detect malicious attacks after the threshold value is met. In this paper, we propose a multi-factor authentication model that is based on zero-knowledge proof to detect malicious activities and secure UWSNs from several attacks.

E-learning enables the transfer of skills, knowledge, and education to a large number of recipients. The E-Learning platform has the tendency to provide face-to-face learning through a learning management system (LMS) and facilitated an improvement in traditional educational methods. The LMS saves organization time, money and easy administration. LMS also saves user time to move across the learning place by providing a web-based environment. However, a few students could be willing to exploit such a system's weakness in a bid to cheat if the conventional authentication methods are employed. In this scenario user authentication and surveillance of end user is more challenging. A system with the simultaneous authentication is put forth through multifactor adaptive authentication methods. The proposed system provides an efficient, low cost and human intervention adaptive for e-learning environment authentication and monitoring system.

Multi-factor authentication (MFA) systems are being deployed for user authentication in online and personal device systems, whereas physical spaces mostly rely on single-factor authentication; examples are entering offices and homes, airport security, and classroom attendance. The Internet of Things (IoT) growth and market interest has created a diverse set of low-cost and flexible sensors and actuators that can be used for MFA. However, combining multiple authentication factors in a physical space adds several challenges, such as complex deployment, reduced usability, and increased energy consumption. We introduce MAFIA (Multi-layered Architecture For IoT-based Authentication), a novel architecture for co-located user authentication composed of multiple IoT devices. In MAFIA, we improve the security of physical spaces while considering usability, privacy, energy consumption, and deployment complexity. MAFIA is composed of three layers that define specific purposes for devices, guiding developers in the authentication design while providing a clear understanding of the trade-offs for different configurations. We describe a case study for an Automated Classroom Attendance System, where we evaluated three distinct types of authentication setups and showed that the most secure setup had a greater usability penalty, while the other two setups had similar attributes in terms of security, privacy, complexity, and usability but varied highly in their energy consumption.

Authenticate on the system using only the authentication method based on username and password is not enough to ensure an acceptable level of information security for a critical system. It has been used in a multi factor authentication to increase the information security during the authentication process. However factors like what you have cause an inconvenience to the users, because the users during the authentication process always will need to have a device in their possession that complements the authentication process. By the other side of the biometric factor might change during the time, it needs an auxiliary device that will increase the costs and it also might be dependent from environmental conditions to work appropriately. To avoid some problems that exist in multi factor authentication, this work purposes authentication through semantic representation in OWL (web Ontology Language) tuples of recognized concepts in images as a form to increase the security in the authentication process. A proof of the concept was modeled and implemented, it has a demonstration that the robustness of this authentication system depends on the complexity of relationship in the semantic base (ontology) and in the simplicity of the relationship identified in the images.

Modern control flow attacks circumvent existing defense mechanisms to transfer the program control to attacker chosen malicious code in the program, leaving application vulnerable to attack. Advanced attacks such as Return-Oriented Programming (ROP) attack and its variants, transfer program execution to gadgets (code-snippet that ends with return instruction). The code space to generate gadgets is large and attacks using these gadgets are Turing-complete. One big challenge to harden the program against ROP attack is to confine gadget selection to a limited locations, thus leaving the attacker to search entire code space according to payload criteria. In this paper, we present a novel approach to label the nodes of the Control-Flow Graph (CFG) of a program such that labels of the nodes on a valid control flow edge satisfy a Hamming distance property. The newly encoded CFG enables detection of illegal control flow transitions during the runtime in the processor pipeline. Experimentally, we have demonstrated that the proposed Control Flow Integrity (CFI) implementation is effective against control-flow hijacking and the technique can reduce the search space of the ROP gadgets upto 99.28%. We have also validated our technique on seven applications from MiBench and the proposed labeling mechanism incurs no instruction count overhead while, on average, it increases instruction width to a maximum of 12.13%.

Software} maintainers employ reverse-engineered sequence diagrams to visually understand software behavior, especially when software documentation is absent or outdated. Much research has studied the adoption of reverse-engineered sequence diagrams to visualize program interactions. However, due to the forward-engineering nature of sequence diagrams, visualizing more complex programming scenarios can be challenging. In particular, sequence diagrams represent method invocations as unidirectional arrows. However, in practice, source code may contain compound method invocations that share values/objects implicitly. For example, method invocations can be nested, e.g., fun (foo ()), or chained, e.g., fun (). foo (). The standard notation of sequence diagrams does not have enough expressive power to precisely represent compound scenarios of method invocations. Understanding the flow of information between method invocations simplifies debugging, inspection, and exception handling operations for software maintainers. Despite the research invested to address the limitations of UML sequence diagrams, previous approaches fail to visualize compound scenarios of method invocations. In this paper, we propose sequence diagram extensions to enhance the visualization of (i) three widely used types of compound method invocations in practice (i.e., nested, chained, and recursive) and (ii) lifelines of objects returned from method invocations. We aim through our extensions to increase the level of abstraction and expressiveness of method invocation code. We develop a tool to reverse engineer compound method invocations and generate the corresponding extended sequence diagrams. We evaluate how our proposed extensions can improve the understandability of program interactions using a controlled experiment. We find that program interactions are significantly more comprehensible when visualized using our extensions.

IoT devices are open to traditional control flow integrity (CFI) attacks resulting from buffer overflow and return-oriented programming like techniques. They often have limited computational capacity ruling out many of the traditional heavy-duty software countermeasures. In this work, we deploy hardware/software solutions to detect CFI attacks. Some of the medium capability IoT devices, for example based on Raspberry Pi, contain ARM Cortex A-53 (Pi 3) or Cortex A-73 (Pi 4) processors. These processors include hardware counters to count microarchitecture level events affecting performance. Lighter weight IoT devices, say based on ARM Cortex M4 or M7, include DWT (Debug, Watch & Trace) module. When control flow anomalies caused by attacks such as buffer overflow or return oriented programming (ROP) occur, they leave a microarchitectural footprint. Hardware counters reflect such footprints to flag control flow anomalies. This paper is geared towards buffer overflow and ROP control flow anomaly detection in embedded programs. The targeted program entities are main event loops and task/event handlers. The proposed anomaly detection mechanism is evaluated on ArduPilot [1] - a popular autopilot software on a Raspberry Pi 3 with PMU and DWT. A self-navigation program is evaluated on an iCreate Roomba platform with an ARM Cortex M4 processor with DWT only. We are able to achieve 97-99%+ accuracy with 1-10 micro-second time overhead per control flow anomaly check.

Return-oriented programming (ROP)is a technique used to break data execution protection(DEP). Existing ROP chain automatic construction technology cannot effectively use program controllable memory area. In order to improve the utilization of memory space, this paper proposes a method of ROP chain fragmentation layout. By searching the controllable memory area of the program, a set of layoutable space is formed, and the overall ROP chain is segmented to add jump instructions at the end of each segment, thereby achieving a fragmented layout of the ROP chain. The prototype system ROP-chip based on S2E proved the effectiveness of the fragmented layout of the ROP chain.

Volume, Variety, Velocity, Veracity & Value of data has drawn the attention of many analysts in the last few years. Performance optimization and comparison are the main challenges we face when we talk about the humongous volume of data. Data Analysts use data for activities like forecasting or deep learning and to process these data various tools are available which helps to achieve this task with minimum efforts. Recommendation System plays a crucial role while running any business such as a shopping website or travel agency where the system recommends the user according to their search history, likes, comments, or their past order/booking details. Recommendation System works on various strategies such as Content Filtering, Collaborative Filtering, Neighborhood Methods, or Matrix Factorization methods. For achieving maximum efficiency and accuracy based on the data a specific strategy can be the best case or the worst case for that scenario. Matrix Factorization is the key point of interest in this work. Matrix Factorization strategy includes multiplication of user matrix and item matrix in-order to get a rating matrix that can be recommended to the users. Matrix Multiplication can be achieved by using various algorithms such as Naive Algorithm, Strassen Algorithm, Coppersmith - Winograd (CW) Algorithm. In this work, a new algorithm is proposed to achieve less amount of time and space complexity used in-order for performing matrix multiplication which helps to get the results much faster. By using the Matrix Factorization strategy with various Matrix Multiplication Algorithm we are going to perform a comparative analysis of the same to conclude the proposed algorithm is more efficient.

Recommendation systems, especially collaborative filtering recommenders, are vulnerable to shilling attacks as some profit-driven users may inject fake profiles into the system to alter recommendation outputs. Current shilling attack detection methods are mostly based on feature extraction techniques. The hand-designed features can confine the model to specific domains or datasets while deep learning techniques enable us to derive deeper level features, enhance detection performance, and generalize the solution on various datasets and domains. This paper illustrates the application of two deep learning methods to detect shilling attacks. We conducted experiments on the MovieLens 100K and Netflix Dataset with different levels of attacks and types. Experimental results show that deep learning models can achieve an accuracy of up to 99%.

When users in various web and mobile applications enjoy the convenience of recommendation systems, they are vulnerable to attribute inference attacks. The accumulating online behaviors of users (e.g., clicks, searches, ratings) naturally brings out user preferences, and poses an inevitable threat of privacy that adversaries can infer one's private profiles (e.g., gender, sexual orientation, political view) with AI-based algorithms. Existing defense methods assume the existence of a trusted third party, rely on computationally intractable algorithms, or have impact on recommendation utility. These imperfections make them impractical for privacy preservation in real-life scenarios. In this work, we introduce BiasBooster, a practical proactive defense method based on behavior segmentation, to protect user privacy against attribute inference attacks from user behaviors, while retaining recommendation utility with a heuristic recommendation aggregation module. BiasBooster is a user-centric approach from client side, which proactively divides a user's behaviors into weakly related segments and perform them with several dummy identities, then aggregates real-time recommendations for user from different dummy identities. We estimate its effectiveness of preservation on both privacy and recommendation utility through extensive evaluations on two real-world datasets. A Chrome extension is conducted to demonstrate the feasibility of applying BiasBooster in real world. Experimental results show that compared to existing defenses, BiasBooster substantially reduces the averaged accuracy of attribute inference attacks, with minor utility loss of recommendations.

Cloud computing is applied in various domains, among which social recommender systems are well-received because of their effectivity to provide suggestions for users. Social recommender systems perform well in alleviating cold start problem, but it suffers from shilling attack due to its natural openness. Shilling attack is an injection attack mainly acting on the training process of machine learning, which aims to advance or suppress the recommendation ranking of target items. Some researchers have studied the influence of shilling attacks in two perspectives simultaneously, which are user-item's rating and user-user's relation. However, they take more consideration into user-item's rating, and up to now, the construction of user-user's relation has not been explored in depth. To explore shilling attacks with complex relations, in this paper, we propose two novel attack models based on triangle relations in social networks. Furthermore, we explore the influence of these models on five social recommendation algorithms. The experimental results on three datasets show that the recommendation can be affected by the triangle relation attacks. The attack model combined with triangle relation has a better attack effect than the model only based on rating injection and the model combined with random relation. Besides, we compare the functions of triangle relations in friend recommendation and product recommendation.

With the development of the Internet, the amount of information on the Internet is increasing rapidly, which makes it difficult for people to select the information they really want. A recommendation system is an effective way to solve this problem. Fake users can be injected by criminals to attack the recommendation system; therefore, accurate identification of fake users is a necessary feature of the recommendation system. Existing fake user detection algorithms focus on designing recognition methods for different types of attacks and have limited detection capabilities against unknown or hybrid attacks. The use of deep learning models can automate the extraction of false user scoring features, but neural network models are not applicable to discrete user scoring data. In this paper, random walking is used to rearrange the otherwise discrete user rating data into a rating feature matrix with spatial continuity. The rating data and the text data have some similarity in the distribution mode. By effective analogy, the TextCNN model originally used in NLP domain can be improved and applied to the classification task of rating feature matrix. Combining the ideas of random walking and word vector processing, this paper proposes a TextCNN detection model for user rating data. To verify the validity of the proposed model, the model is tested on MoiveLens dataset against 7 different attack detection algorithms, and exhibits better performance when compared with 4 attack detection algorithms. Especially for the Aop attack, the proposed model has nearly 100% detection performance with F1 - value as the evaluation index.

Recent advances in information filtering have resulted in effective recommender systems that are able to provide online personalized recommendations to millions of users from all over the world. However, most of these systems ignore the explanation purpose while producing recommendations with high-quality results. Moreover, the classification of reviews given to users as explanations is not fully exploited in previous studies. In this paper, we develop a convolutional neural network-based reviews classification method for explainable recommendation systems. The convolutional neural network is used to extract the reviews features for predicting whether the reviews provided as explanations are positive or negative. Based on such additional information, users can understand not only why certain items are recommended for them but also get support to know the nature of such explanations. We conduct experiments on a dataset from Amazon. The experimental results show that our method outperforms state-of-the-art methods.

Recommender systems (RSs) are intelligent systems to help e-commerce users to find their preferred items among millions of available items by considering the profiles of both users and items. These systems need to predict the unknown ratings and then recommend a set of high rated items. Among the others, Collaborative Filtering (CF) is a successful recommendation approach and has been utilized in many real-world systems. CF methods seek to predict missing ratings by considering the preferences of those users who are similar to the target user. A major task in Collaborative Filtering is to identify an accurate set of users and employing them in the rating prediction process. Most of the CF-based methods suffer from the cold-start issue which arising from an insufficient number of ratings in the prediction process. This is due to the fact that users only comment on a few items and thus CF methods faced with a sparse user-item matrix. To tackle this issue, a new collaborative filtering method is proposed that has a trust-aware strategy. The proposed method employs the trust relationships of users as additional information to help the CF tackle the cold-start issue. To this end, the proposed integrated trust relationships in the prediction process by using the Ant Colony Optimization (ACO). The proposed method has four main steps. The aim of the first step is ranking users based on their similarities to the target user. This step uses trust relationships and the available rating values in its process. Then in the second step, graph clustering methods are used to cluster the trust graph to group similar users. In the third step, the users are weighted based on their similarities to the target users. To this end, an ACO process is employed on the users' graph. Finally, those of top users with high similarity to the target user are used in the rating prediction process. The superiority of our method has been shown in the experimental results in comparison with well-known and state-of-the-art methods.

The recommender system is an important application in big data analytics because accurate recommendation items or high-valued suggestions can bring high profit to both commercial companies and customers. To make precise recommendations, a recommender system often needs large and fine-grained data for training. In the current big data era, data often exist in the form of isolated islands, and it is difficult to integrate the data scattered due to privacy security concerns. Moreover, privacy laws and regulations make it harder to share data. Therefore, designing a privacy-preserving recommender system is of paramount importance. Existing privacy-preserving recommender system models mainly adapt cryptography approaches to achieve privacy preservation. However, cryptography approaches have heavy overhead when performing encryption and decryption operations and they lack a good level of flexibility. In this paper, we propose a Locality Sensitive Hashing (LSH) based approach for federated recommender system. Our proposed efficient and scalable federated recommender system can make full use of multiple source data from different data owners while guaranteeing preservation of privacy of contributing parties. Extensive experiments on real-world benchmark datasets show that our approach can achieve both high time efficiency and accuracy under small privacy budgets.

Deep learning classifiers are hugely vulnerable to adversarial examples, and their existence raised cybersecurity concerns in many tasks with an emphasis on malware detection, computer vision, and speech recognition. While there is a considerable effort to investigate attacks and defense strategies in these tasks, only limited work explores the influence of targeted attacks on input data (e.g., images, textual descriptions, audio) used in multimedia recommender systems (MR). In this work, we examine the consequences of applying targeted adversarial attacks against the product images of a visual-based MR. We propose a novel adversarial attack approach, called Target Adversarial Attack against Multimedia Recommender Systems (TAaMR), to investigate the modification of MR behavior when the images of a category of low recommended products (e.g., socks) are perturbed to misclassify the deep neural classifier towards the class of more recommended products (e.g., running shoes) with human-level slight images alterations. We explore the TAaMR approach studying the effect of two targeted adversarial attacks (i.e., FGSM and PGD) against input pictures of two state-of-the-art MR (i.e., VBPR and AMR). Extensive experiments on two real-world recommender fashion datasets confirmed the effectiveness of TAaMR in terms of recommendation lists changing while keeping the original human judgment on the perturbed images.

Collaborative Filtering (CF) is a popular recommendation system that makes recommendations based on similar users' preferences. Though it is widely used, CF is prone to Shilling/Profile Injection attacks, where fake profiles are injected into the CF system to alter its outcome. Most of the existing shilling attacks do not work on online systems and cannot be efficiently implemented in real-world applications. In this paper, we introduce an efficient Multi-Armed-Bandit-based reinforcement learning method to practically execute online shilling attacks. Our method works by reducing the uncertainty associated with the item selection process and finds the most optimal items to enhance attack reach. Such practical online attacks open new avenues for research in building more robust recommender systems. We treat the recommender system as a black box, making our method effective irrespective of the type of CF used. Finally, we also experimentally test our approach against popular state-of-the-art shilling attacks.