Biblio

We set up a framework for the formal proofs of RFID protocols in the computational model. We rely on the so-called computationally complete symbolic attacker model. Our contributions are: 1) to design (and prove sound) axioms reflecting the properties of hash functions (Collision-Resistance, PRF). 2) to formalize computational unlinkability in the model. 3) to illustrate the method, providing the first formal proofs of unlinkability of RFID protocols, in the omputational model.

Radio Frequency IDentification(RFID) is one of the most important sensing techniques for Internet of Things(IoT) and RFID systems have been applied to various different fields. But an RFID system usually uses open wireless radio wave to communicate and this will lead to a serious threat to its privacy and security. The current popular RFID tags are some low-cost passive tags. Their computation and storage resources are very limited. It is not feasible for them to complete some complicated cryptographic operations. So it is very difficult to protect the security and privacy of an RFID system. Lightweight authentication protocol is considered as an effective approach. Many typical authentication protocols usually use Hash functions so that they require more computation and storage resources. Based on CRC function, we propose a lightweight RFID authentication protocol, which needs less computation and storage resources than Hash functions. This protocol exploits an on-chip CRC function and a pseudorandom number generator to ensure the anonymity and freshness of communications between reader and tag. It provides forward security and confidential communication. It can prevent eavesdropping, location trace, replay attack, spoofing and DOS-attack effectively. It is very suitable to be applied to RFID systems.

The UHF Radiofrequency Identification technology offers nowadays a viable technological solution for the implementation of low-level environmental monitoring of connected critical infrastructures to be protected from both physical threats and cyber attacks. An RFID sensor network was developed within the H2020 SCISSOR project, by addressing the design of both hardware components, that is a new family of multi-purpose wireless boards, and of control software handling the network topology. The hierarchical system is able to the detect complex, potentially dangerous, events such as the un-authorized access to a restricted area, anomalies of the electrical equipments, or the unusual variation of environmental parameters. The first real-world test-bed has been deployed inside an operational smart-grid on the Favignana Island. Currently, the network is fully working and remotely accessible.

This work investigates the anonymous tag cardinality estimation problem in radio frequency identification systems with frame slotted aloha-based protocol. Each tag, instead of sending its identity upon receiving the reader's request, randomly responds by only one bit in one of the time slots of the frame due to privacy and security. As a result, each slot with no response is observed as in an empty state, while the others are non-empty. Those information can be used for the tag cardinality estimation. Nevertheless, under effects of fading and noise, time slots with tags' response might be observed as empty, while those with no response might be detected as non-empty, which is known as a false detection phenomenon. The performance of conventional estimation methods is, thus, degraded because of inaccurate observations. In order to cope with this issue, we propose a new estimation algorithm using expectation-maximization method. Both the tag cardinality and a probability of false detection are iteratively estimated to maximize a likelihood function. Computer simulations will be provided to show the merit of the proposed method.

The tree-based tags anti-collision algorithm is an important method in the anti-collision algorithms. In this paper, several typical tree algorithms are evaluated. The comparison of algorithms is summarized including time complexity, communication complexity and recognition, and the characteristics and disadvantages of each algorithm are pointed out. Finally, the improvement strategies of tree anti-collision algorithm are proposed, and the future research directions are also prospected.

Radio frequency identification (RFID) is one of the key technologies of Internet of Things, which have many security issues in an open environment. In order to solve the communication problem between RFID tags and readers, security protocols has been improved constantly as the first choice. But the form of attack is also changing constantly with the development of technology. In this paper we classify the security protocols and introduce some problems in the recent security protocols.

Once we had tried to propose an unbreakable CAPTCHA and we reached a result that limitation of time is effect to prevent computers from recognizing characters accurately while computers can finally recognize all text-based CAPTCHA in unlimited time. One of the existing usual ways to prevent computers from recognizing characters is distortion, and adding noise is also effective for the prevention. However, these kinds of prevention also make recognition of characters by human beings difficult. As a solution of the problems, an effective text-based CAPTCHA algorithm with amodal completion was proposed by our team. Our CAPTCHA causes computers a large amount of calculation costs while amodal completion helps human beings to recognize characters momentarily. Our CAPTCHA has evolved with aftereffects and combinations of complementary colors. We evaluated our CAPTCHA with deep learning which is attracting the most attention since deep learning is faster and more accurate than existing methods for recognition with computers. In this paper, we add jagged lines to edges of characters since edges are one of the most important parts for recognition in deep learning. In this paper, we also evaluate that how much the jagged lines decrease recognition of human beings and how much they prevent computers from the recognition. We confirm the effects of our method to deep learning.

Using shape context descriptors in the distance uneven grouping and its more extensive description of the shape feature, so this descriptor has the target contour point set deformation invariance. However, the twisted adhesions verification code have more outliers and more serious noise, the above-mentioned invariance of the shape context will become very bad, in order to solve the above descriptors' limitations, this article raise a new algorithm based on the relative shape context and point pattern matching to identify codes. And also experimented on the CSDN site's verification code, the result is that the recognition rate is higher than the traditional shape context and the response time is shorter.

We always use CAPTCHA(Completely Automated Public Turing test to Tell Computers and Humans Apart) to prevent automated bot for data entry. Although there are various kinds of CAPTCHAs, text-based scheme is still applied most widely, because it is one of the most convenient and user-friendly way for daily user [1]. The fact is that segmentations of different types of CAPTCHAs are not always the same, which means one of CAPTCHA's bottleneck is the segmentation. Once we could accurately split the character, the problem could be solved much easier. Unfortunately, the best way to divide them is still case by case, which is to say there is no universal way to achieve it. In this paper, we present a novel algorithm to achieve state-of-the-art performance, what was more, we also constructed a new convolutional neural network as an add-on recognition part to stabilize our state-of-the-art performance of the whole CAPTCHA system. The CAPTCHA datasets we are using is from the State Administration for Industry& Commerce of the People's Republic of China. In this datasets, there are totally 33 entrances of CAPTCHAs. In this experiments, we assume that each of the entrance is known. Results are provided showing how our algorithms work well towards these CAPTCHAs.

We draw a formal connection between using synthetic training data to optimize neural network parameters and approximate, Bayesian, model-based reasoning. In particular, training a neural network using synthetic data can be viewed as learning a proposal distribution generator for approximate inference in the synthetic-data generative model. We demonstrate this connection in a recognition task where we develop a novel Captcha-breaking architecture and train it using synthetic data, demonstrating both state-of-the-art performance and a way of computing task-specific posterior uncertainty. Using a neural network trained this way, we also demonstrate successful breaking of real-world Captchas currently used by Facebook and Wikipedia. Reasoning from these empirical results and drawing connections with Bayesian modeling, we discuss the robustness of synthetic data results and suggest important considerations for ensuring good neural network generalization when training with synthetic data.

To address increasing problems caused by cyber attacks, we leverage Software Defined networks and Network Function Virtualisation governed by a SARNET-agent to enable autonomous response and attack mitigation. A Secure Autonomous Response Network (SARNET) uses a control loop to constantly assess the security state of the network by means of observables. Using a prototype we introduce the metrics impact and effectiveness and show how they can be used to compare and evaluate countermeasures. These metrics become building blocks for self learning SARNET which exhibit true autonomous response.

Cloud computing is a remarkable model for permitting on-demand network access to an elastic collection of configurable adaptive resources and features including storage, software, infrastructure, and platform. However, there are major concerns about security-related issues. A very critical security function is user authentication using passwords. Although many flaws have been discovered in password-based authentication, it remains the most convenient approach that people continue to utilize. Several schemes have been proposed to strengthen its effectiveness such as salted hashes, one-time password (OTP), single-sign-on (SSO) and multi-factor authentication (MFA). This study proposes a new authentication mechanism by combining user's password and modified characters of CAPTCHA to generate a passkey. The modification of the CAPTCHA depends on a secret agreed upon between the cloud provider and the user to employ different characters for some characters in the CAPTCHA. This scheme prevents various attacks including short-password attack, dictionary attack, keylogger, phishing, and social engineering. Moreover, it can resolve the issue of password guessing and the use of a single password for different cloud providers.

Summary form only given. Strong light-matter coupling has been recently successfully explored in the GHz and THz [1] range with on-chip platforms. New and intriguing quantum optical phenomena have been predicted in the ultrastrong coupling regime [2], when the coupling strength Ω becomes comparable to the unperturbed frequency of the system ω. We recently proposed a new experimental platform where we couple the inter-Landau level transition of an high-mobility 2DEG to the highly subwavelength photonic mode of an LC meta-atom [3] showing very large Ω/ωc = 0.87. Our system benefits from the collective enhancement of the light-matter coupling which comes from the scaling of the coupling Ω ∝ √n, were n is the number of optically active electrons. In our previous experiments [3] and in literature [4] this number varies from 104-103 electrons per meta-atom. We now engineer a new cavity, resonant at 290 GHz, with an extremely reduced effective mode surface Seff = 4 × 10-14 m2 (FE simulations, CST), yielding large field enhancements above 1500 and allowing to enter the few (\textbackslashtextless;100) electron regime. It consist of a complementary metasurface with two very sharp metallic tips separated by a 60 nm gap (Fig.1(a, b)) on top of a single triangular quantum well. THz-TDS transmission experiments as a function of the applied magnetic field reveal strong anticrossing of the cavity mode with linear cyclotron dispersion. Measurements for arrays of only 12 cavities are reported in Fig.1(c). On the top horizontal axis we report the number of electrons occupying the topmost Landau level as a function of the magnetic field. At the anticrossing field of B=0.73 T we measure approximately 60 electrons ultra strongly coupled (Ω/ω- \textbackslashtextbar\textbackslashtextbar

Tor is the most widely used anonymity network, currently serving millions of users each day. However, there is no access control in place for all these users, leaving the network vulnerable to botnet abuse and attacks. For example, criminals frequently use exit relays as stepping stones for attacks, causing service providers to serve CAPTCHAs to exit relay IP addresses or blacklisting them altogether, which leads to severe usability issues for legitimate Tor users. To address this problem, we propose TorPolice, the first privacy-preserving access control framework for Tor. TorPolice enables abuse-plagued service providers such as Yelp to enforce access rules to police and throttle malicious requests coming from Tor while still providing service to legitimate Tor users. Further, TorPolice equips Tor with global access control for relays, enhancing Tor's resilience to botnet abuse. We show that TorPolice preserves the privacy of Tor users, implement a prototype of TorPolice, and perform extensive evaluations to validate our design goals.

Audio-CAPTCHA prevents malicious bots from attacking Web services and provides Web accessibility for visually-impaired persons. Most of the conventional methods employ statistical noise to distort sounds and let users remember and spell the words, which are difficult and laborious work for humans. In this paper, we utilize the difficulty on speaker-independent recognition for ASR machines instead of distortion with statistical noise. Our scheme synthesizes various voices by changing voice speed, pitch and native language of speakers. Moreover, we employ semantic identification problems between random phoneme sequences and meaningful words to release users from remembering and spelling words, so it improves the accuracy of humans and usability. We also evaluated our scheme in several experiments.

CAPTCHA is a type of challenge-response test to ensure that the response is only generated by humans and not by computerized robots. CAPTCHA are getting harder as because usage of latest advanced pattern recognition and machine learning algorithms are capable of solving simpler CAPTCHA. However, some enhancement procedures make the CAPTCHAs too difficult to be recognized by the human. This paper resolves the problem by next generation human-friendly mini game-CAPTCHA for quantifying the usability of CAPTCHAs.

Summary form only given. Strong light-matter coupling has been recently successfully explored in the GHz and THz [1] range with on-chip platforms. New and intriguing quantum optical phenomena have been predicted in the ultrastrong coupling regime [2], when the coupling strength Ω becomes comparable to the unperturbed frequency of the system ω. We recently proposed a new experimental platform where we couple the inter-Landau level transition of an high-mobility 2DEG to the highly subwavelength photonic mode of an LC meta-atom [3] showing very large Ω/ωc = 0.87. Our system benefits from the collective enhancement of the light-matter coupling which comes from the scaling of the coupling Ω ∝ √n, were n is the number of optically active electrons. In our previous experiments [3] and in literature [4] this number varies from 104-103 electrons per meta-atom. We now engineer a new cavity, resonant at 290 GHz, with an extremely reduced effective mode surface Seff = 4 × 10-14 m2 (FE simulations, CST), yielding large field enhancements above 1500 and allowing to enter the few (\textbackslashtextless;100) electron regime. It consist of a complementary metasurface with two very sharp metallic tips separated by a 60 nm gap (Fig.1(a, b)) on top of a single triangular quantum well. THz-TDS transmission experiments as a function of the applied magnetic field reveal strong anticrossing of the cavity mode with linear cyclotron dispersion. Measurements for arrays of only 12 cavities are reported in Fig.1(c). On the top horizontal axis we report the number of electrons occupying the topmost Landau level as a function of the magnetic field. At the anticrossing field of B=0.73 T we measure approximately 60 electrons ultra strongly coupled (Ω/ω- \textbackslashtextbar\textbackslashtextbar

Authentication of smartphone users is important because a lot of sensitive data is stored in the smartphone and the smartphone is also used to access various cloud data and services. However, smartphones are easily stolen or co-opted by an attacker. Beyond the initial login, it is highly desirable to re-authenticate end-users who are continuing to access security-critical services and data. Hence, this paper proposes a novel authentication system for implicit, continuous authentication of the smartphone user based on behavioral characteristics, by leveraging the sensors already ubiquitously built into smartphones. We propose novel context-based authentication models to differentiate the legitimate smartphone owner versus other users. We systematically show how to achieve high authentication accuracy with different design alternatives in sensor and feature selection, machine learning techniques, context detection and multiple devices. Our system can achieve excellent authentication performance with 98.1% accuracy with negligible system overhead and less than 2.4% battery consumption.

The introduction of automation in cyber-physical systems (CPS) has raised major safety and security concerns. One attack vector is the sensing unit whose measurements can be manipulated by an adversary through attacks such as denial of service and delay injection. To secure an autonomous CPS from such attacks, we use a challenge response authentication (CRA) technique for detection of attack in active sensors data and estimate safe measurements using the recursive least square algorithm. For demonstrating effectiveness of our proposed approach, a car-follower model is considered where the follower vehicle's radar sensor measurements are manipulated in an attempt to cause a collision.

Wireless Sensor Network (WSN) are spread everywhere throughout the world and are ordinarily used to gather physical data from the encompassing scene. WSN play a focal part in the Internet of Things (IoT) vision. WSN is rising as a noticeable component in the middleware connecting together the Internet of Things (IoT) and the Web of Things (WoT). But the integration of WSN to WoT brings new challenges that cannot be solved in a satisfactory way with traditional layer of security. This paper examined the security issue of integration between WSN and WoT, aiming to shed light on how the WSN and WoT security issue are understood and applied, both in academia and industries. This paper introduces security perfective of integration WSN to WoT which offers capabilities to identify and connect worldwide physical objects into a unified system. As a part of the integration, serious concerns are raised over access of personal information pertaining to device (smart thing) and individual privacy. The motivation of this paper is to summarizes the security threats of the integration and suggestion to mitigate the threat.

Internet of Things (IoT) is a growing topic of interest along with 5G. Billions of IoT devices are expected to connect to the Internet in the near future. These devices differ from the traditional devices operated in the Internet. We observe that Information Centric Networking (ICN), is a more suitable architecture for the IoT compared to the prevailing IP basednetwork. However, we observe that recent works that propose to use ICN for IoT, either do not cover the need to integrate Sensor Networks with the Internet to realize IoT or do so inefficiently. Fog computing is a promising technology that has many benefits to offer especially for IoT. In this work, we discover a need to integrate various heterogeneous Sensor Networks with the Internet to realize IoT and propose FOGG: A Fog Computing Based Gateway to Integrate Sensor Networks to Internet. FOGG uses a dedicated device to function as an IoT gateway. FOGG provides the needed integration along with additional services like name/protocol translation, security and controller functionalities.

Traditionally, utility crews have used faulted circuit indicators (FCIs) to locate faulted line sections. FCIs monitor current and provide a local visual indication of recent fault activity. When a fault occurs, the FCIs operate, triggering a visual indication that is either a mechanical target (flag) or LED. There are also enhanced FCIs with communications capability, providing fault status to the outage management system (OMS) or supervisory control and data acquisition (SCADA) system. Such quickly communicated information results in faster service restoration and reduced outage times. For distribution system protection, protection devices (such as recloser controls) must coordinate with downstream devices (such as fuses or other recloser controls) to clear faults. Furthermore, if there are laterals on a feeder that are protected by a recloser control, it is desirable to communicate to the recloser control which lateral had the fault in order to enhance tripping schemes. Because line sensors are typically placed along distribution feeders, they are capable of sensing fault status and characteristics closer to the fault. If such information can be communicated quickly to upstream protection devices, at protection speeds, the protection devices can use this information to securely speed up distribution protection scheme operation. With recent advances in low-power electronics, wireless communications, and small-footprint sensor transducers, wireless line sensors can now provide fault information to the protection devices with low latencies that support protection speeds. This paper describes the components of a wireless protection sensor (WPS) system, its integration with protection devices, and how the fault information can be transmitted to such devices. Additionally, this paper discusses how the protection devices use this received fault information to securely speed up the operation speed of and improve the selectivity of distribution protection schemes, in add- tion to locating faulted line sections.

Safety and non-safety applications in the external communication systems of self-driving vehicles require authentication of control data, cooperative awareness messages and notification messages. Traditional security systems can prevent attackers from hacking or breaking important system functionality in autonomous vehicles. This paper presents a novel security system designed to protect vehicular ad hoc networks in self-driving and semi-autonomous vehicles that is based on Integrated Circuit Metric technology (ICMetrics). ICMetrics has the ability to secure communication systems in autonomous vehicles using features of the autonomous vehicle system itself. This security system is based on unique extracted features from vehicles behaviour and its sensors. Specifically, features have been extracted from bias values of infrared sensors which are used alongside semantically extracted information from a trace file of a simulated vehicular ad hoc network. The practical experimental implementation and evaluation of this system demonstrates the efficiency in identifying of abnormal/malicious behaviour typical for an attack.

This article is about study of honeypots. In this work, we use some honeypot sensors deployment and analysis to identify, currently, what are the main attacks and security breaches explored by attackers to compromise systems. For example, a common server or service exposed to the Internet can receive a million of hits per day, but sometimes would not be easy to identify the difference between legitimate access and an attacker trying to scan, and then, interrupt the service. Finally, the objective of this research is to investigate the efficiency of the honeypots sensors to identify possible safety gaps and new ways of attacks. This research aims to propose some guidelines to avoid or minimize the damage caused by these attacks in real systems.

A Software-Defined Wireless Sensor Network (SD-WSN) is a recently developed model which is expected to play a large role not only in the development of the Internet of Things (IoT) paradigm but also as a platform for other applications such as smart water management. This model makes use of a Software-Defined Networking (SDN) approach to manage a Wireless Sensor Network (WSN) in order to solve most of the inherent issues surrounding WSNs. One of the most important aspects of any network, is security. This is an area that has received little attention within the development of SDWSNs, as most research addresses security concerns within SDN and WSNs independently. There is a need for research into the security of SDWSN. Some concepts from both SDN and WSN security can be adjusted to suit the SDWSN model while others cannot. Further research is needed into consolidating SDN and WSN security measures to consider security in SDWSN. Threats, challenges and potential solutions to securing SDWSN are presented by considering both the WSN and SDN paradigms.