Biblio

Emerging technologies change the qualities of modern healthcare by employing smart systems for patient monitoring. To well use the data surrounding the patient, tiny sensing devices and smart gateways are involved. These sensing systems have been used to collect and analyze the real-time data remotely in Internet of Medical Thinks (IoM). Since the patient sensed information is so sensitive, the security and privacy of medical data are becoming challenging problem in IoM. It is then important to ensure the security, privacy and integrity of the transmitted data by designing a secure and a lightweight authentication protocol for the IoM. In this paper, in order to improve the authentication and communications in health care applications, we present a novel secure and anonymous authentication scheme. We will use elliptic curve cryptography (ECC) with random numbers generated by fuzzy logic. We simulate IoM scheme using network simulator 3 (NS3) and we employ optimized link state routing protocol (OLSR) algorithm and ECC at each node of the network. We apply some attack algorithms such as Pollard’s ρ and Baby-step Giant-step to evaluate the vulnerability of the proposed scheme.

The security and privacy of the network in Internet of Things (IoT) systems are becoming more critical as we are more dependent on smart systems. Considering that packets are exchanged between the end user and the sensing devices, it is then important to ensure the security, privacy, and integrity of the transmitted data by designing a secure and a lightweight authentication protocol for IoT systems. In this article, in order to improve the authentication and the encryption in IoT systems, we present a novel method of authentication and encryption based on elliptic curve cryptography (ECC) using random numbers generated by fuzzy logic. We evaluate our novel key generation method by using standard randomness tests, such as: frequency test, frequency test with mono block, run test, discrete Fourier transform (DFT) test, and advanced DFT test. Our results show superior performance compared to existing ECC based on shift registers. In addition, we apply some attack algorithms, such as Pollard’s \textbackslashrho and Baby-step Giant-step, to evaluate the vulnerability of the proposed scheme.

Nowadays, physical tampering and counterfeiting of electronic devices are still an important security problem and have a great impact on large-scale and distributed applications, such as Internet-of-Things. Physical Unclonable Functions (PUFs) have the potential to be a fundamental means to guarantee intrinsic hardware security, since they promise immunity against most of known attack models. However, inner nature of PUF circuits hinders a wider adoption since responses turn out to be noisy and not stable during time. To overcome this issue, most of PUF implementations require a fuzzy extraction scheme, able to recover responses stability by exploiting error correction codes (ECCs). In this paper, we propose a Reed-Muller (RM) ECC design, meant to be embedded into a fuzzy extractor, that can be efficiently configured in terms of area/delay constraints in order to get reliable responses from PUFs. We provide implementation details and experimental evidences of area/delay efficiency through syntheses on medium-range FPGA device.

The emergence of the Internet of Things with its constraints obliges researchers in this field to find light and accurate solutions to secure the data exchange. This document presents secure authentication using biometrics coupled with an effective key agreement scheme to save time and energy. In our scheme, the agreed key is used to encrypt transmission data between different IoT actors. While the fuzzy extractor based on the fuzzy vault principle, is used as authentication and as key agreement scheme. Besides, our system incorporates the Reed Solomon and Hamming codes to give some tolerance to errors. The experimental results have been discussed according to several recognition rates and computation times. Indeed, the recognition rate results have been compared to other works to validate our system. Also, we clarify how our system resists to specific transmission attacks without affecting lightness and accuracy.

Nowadays, biometric is a most technique to authenticate /identify human been, because its resistance against theft, loss or forgetfulness. However, biometric is subject to different transmission attacks. Today, the protection of the sensitive biometric information is a big challenge, especially in current wireless networks such as internet of things where the transmitted data is easy to sniffer. For that, this paper proposes an Eigens-Fingerprint-based biometric cryptosystem, where the biometric feature vectors are extracted by the Principal Component Analysis technique with an appropriate quantification. The key-binding principle incorporated with bit-wise and byte-wise correcting code is used for encrypting data and sharing key. Several recognition rates and computation time are used to evaluate the proposed system. The findings show that the proposed cryptosystem achieves a high security without decreasing the accuracy.

Physical Unclonable Functions (PUFs) are considered as an attractive low-cost security anchor. The unique features of PUFs are dependent on the Nanoscale variations introduced during the manufacturing variations. Most PUFs exhibit an unreliability problem due to aging and inherent sensitivity to the environmental conditions. As a remedy to the reliability issue, helper data algorithms are used in practice. A helper data algorithm generates and stores the helper data in the enrollment phase in a secure environment. The generated helper data are used then for error correction, which can transform the unique feature of PUFs into a reproducible key. The key can be used to encrypt secret data in the security scheme. In contrast, this work shows that the fuzzy PUFs can be used to secret important data directly by an error-tolerant protocol without the enrollment phase and error-correction algorithm. In our proposal, the secret data is locked in a vault leveraging the unique fuzzy pattern of PUF. Although the noise exists, the data can then be released only by this unique PUF. The evaluation was performed on the most prominent intrinsic PUF - DRAM PUF. The test results demonstrate that our proposal can reach an acceptable reconstruction rate in various environment. Finally, the security analysis of the new proposal is discussed.

Modern malware indicators utilized by the current top threat feeds are easily bypassed and generated through enigmatic methods, leading to a lack of detection capabilities for cyber defenders. Static hash-based algorithms such as MD5 or SHA generate indicators that are rendered obsolete by modifying a single byte of the source file. Conversely, fuzzy hash-based algorithms such as SSDEEP and TLSH are more robust to alterations of source information; however, these methods often utilize context boundaries that are hard to define or not based on meaningful information. In previous work, a custom binary analysis tool was created called @DisCo. In this study, four current ransomware campaigns were analyzed using TLSH fuzzy hashing and the @DisCo tool. While TLSH works on the binary level of the entire program, @DisCo works at an intermediate function level. The results from each analysis method were compared to provide validation between the two as well as introduce a narrative for using combinations of these types of methods for the creation of stronger indicators of compromise.

Secrete message protection has become a focal point of the network security domain due to the problems of violating the network use policies and unauthorized access of the public network. These problems have led to data protection techniques such as cryptography, and steganography. Cryptography consists of encrypting secrete message to a ciphertext format and steganography consists of concealing the secrete message in codes that make up a digital file, such as an image, audio, and video. Steganography, which is different from cryptography, ensures hiding a secret message for secure transmission over the public network. This paper presents a steganographic approach using digital images for data hiding that aims to providing higher performance by combining fuzzy logic type I to pre-process the cover image and difference expansion techniques. The previous methods have used the original cover image to embed the secrete message. This paper provides a new method that first identifies the edges of a cover image and then proceeds with a difference expansion to embed the secrete message. The experimental results of this work identified an improvement of 10% of the existing method based on increased payload capacity and the visibility of the stego image.

Biometrics as a means of personal authentication has demonstrated strong viability in the past decade. However, directly deriving a unique cryptographic key from biometric data is a non-trivial task due to the fact that biometric data is usually noisy and presents large intra-class variations. Moreover, biometric data is permanently associated with the user, which leads to security and privacy issues. Cancellable biometrics and bio-cryptosystem are two main branches to address those issues, yet both approaches fall short in terms of accuracy performance, security, and privacy. In this paper, we propose a Bio-Crypto system on fingerprint Cancellable template (Bio-CanCrypto), which bridges cancellable biometrics and bio-cryptosystem to achieve a middle-ground for alleviating the limitations of both. Specifically, a cancellable transformation is applied on a fixed-length fingerprint feature vector to generate cancellable templates. Next, an LDPC coding mechanism is introduced into a reusable fuzzy extractor scheme and used to extract the stable cryptographic key from the generated cancellable templates. The proposed system can achieve both cancellability and reusability in one scheme. Experiments are conducted on a public fingerprint dataset, i.e., FVC2002. The results demonstrate that the proposed LDPC coded reusable fuzzy extractor is effective and promising.

The mechanism of Fog computing is a distributed infrastructure to provide the computations as same as cloud computing. The fog computing environment provides the storage and processing of data in a distributed manner based on the locality. Fog servicing is better than cloud service for working with smart devices and users in a same locale. However the fog computing will inherit the features of the cloud, it also suffers from many security issues as cloud. One such security issue is authentication with efficient key management between the communicating entities. In this paper, we propose a secured two-way authentication scheme with efficient management of keys between the user mobile device and smart devices under the control of the fog server. We made use of operations such as one-way hash (SHA-512) functions, bitwise XOR, and fuzzy extractor function to make the authentication system to be better. We have verified the proposed scheme for its security effectiveness by using a well-used analysis tool ProVerif. We also proved that it can resist multiple attacks and the security overhead is reduced in terms of computation and communication cost as compared to the existing methods.

Identity based digital signature is an important research topic of public key cryptography, which can effectively guarantee the authentication, integrity and unforgeability of data. In this paper, a new fuzzy multi-identity based signature scheme is proposed. It is proved that the scheme is existentially unforgeable against adaptively chosen message attack, and the security of the signature scheme can be reduced to CDH assumption. The storage cost and the communication overhead are small, therefore the new fuzzy multi-identity based signature (FMIBS) scheme can be implemented efficiently.

Currently, air pollution is still a problem that requires special attention, especially in big cities. Air pollution can come from motor vehicle fumes, factory smoke or other particles. To overcome these problems, a system is made that can monitor environmental conditions in order to know the good and bad of air quality in an environment and is expected to be a solution to reduce air pollution that occurs. The system created will utilize the Wireless Sensor Network (WSN) combined with Waspmote Smart Environment PRO, so that later data will be obtained in the form of temperature, humidity, CO levels and CO2 levels. From the sensor data that has been processed on Waspmote, it will then be used as input for data processing using a fuzzy algorithm. The classification obtained from sensor data processing using fuzzy to monitor environmental conditions there are 5 classifications, namely Very Good, Good, Average, Bad and Dangerous. Later the data that has been collected will be distributed to Meshlium as a gateway and will be stored in the database. The process of sending information between one party to another needs to pay attention to the confidentiality of data and information. The final result of the implementation of this research is that the system is able to classify values using fuzzy algorithms and is able to secure text data that will be sent to the database via Meshlium, and is able to display data sent to the website in real time.

With the development of the digital development transformation of the power grid, the classification of power unstructured encrypted data is an important basis for data security protection. However, most studies focus on exact match classification or single-keyword fuzzy match classification. This paper proposes a fuzzy matching classification method for power unstructured encrypted data. The data owner generates an index vector based on the power unstructured file, and the data user generates a query vector by querying the file through the same process. The index and query vector are uploaded to the cloud server in encrypted form, and the cloud server calculates the relevance score and sorts it, and returns the classification result with the highest score to the user. This method realizes the multi-keyword fuzzy matching classification of unstructured encrypted data of electric power, and through the experimental simulation of a large number of data sets, the effect and feasibility of the method are proved.

This paper proposes a novel extension of blockchain systems with fuzzy ontologies. The main advantage is to let the users have flexible restrictions, represented using fuzzy sets, and to develop smart contracts where there is a partial agreement among the involved parts. We propose a general architecture based on four fuzzy ontologies and a process to develop and run the smart contracts, based on a reduction to a well-known fuzzy ontology reasoning task (Best Satisfiability Degree). We also investigate different operators to compute Pareto-optimal solutions and implement our approach in the Ethereum blockchain.

Transmitting data through the internet may have severe security risks due to illegal access done by attackers. Some methods have been introduced to overcome this issue, such as cryptography and steganography. Nevertheless, some problems still arise, such as the quality of the stego data. Specifically, it happens if the stego is shared with some users. In this research, a shared-secret mechanism is combined with steganography. For this purpose, the fuzzy logic edge detection and Prediction Error (PE) methods are utilized to hide private data. The secret sharing process is carried out after data embedding in the cover image. This sharing mechanism is performed on image pixels that have been converted to PE values. Various Peak Signal to Noise Ratio (PSNR) values are obtained from the experiment. It is found that the number of participants and the threshold do not significantly affect the image quality of the shares.

Cloud computing is preferred because of its numerous improvements, such as data security, low maintenance cost, unlimited storage capacity and consistent backups. However, legitimate users take advantage of cloud storage services for storing a considerable amount of sensitive data. After storing data on the cloud, data users pass on control over data to cloud administrators. Although for assuring data security, sensitive information needs to be encrypted before deploying it on the cloud server. In traditional searchable encryption, encrypted data can be searched using keywords on a cloud server without knowing data details, and users can retrieve certain specific files of interest after authentication. However, the results are only related to the exact matching keyword searches. This drawback affects system usability and efficiency, due to which existing encryption methods are unsuitable in cloud computing. To avoid the above problems, this study includes as follows: Firstly, we analyze all fuzzy keyword search techniques that are wildcard based, gram based and trie-traverse. Secondly, we briefly describe certificateless cryptography and suggest a certificateless searchable encryption scheme. Finally, this study gives easy access to developing a fuzzy keyword searchable system for a new researcher to combine the above two points. It provides easy access and efficient search results.

Physical unclonable functions (PUFs) are used to create unique device identifiers from their inherent fabrication variability. Unstable readings and variation of the PUF response over time are key issues that limit the applicability of PUFs in real-world systems. In this project, we developed a fuzzy extractor (FE) to generate robust cryptographic keys from ReRAM-based PUFs. We tested the efficiency of the proposed FE using BCH and Polar error correction codes. We use ReRAM-based PUFs operating in pre-forming range to generate binary cryptographic keys at ultra-low power with an objective of tamper sensitivity. We investigate the performance of the proposed FE with real data using the reading of the resistance of pre-formed ReRAM cells under various noise conditions. The results show a bit error rate (BER) in the range of 10−5 for the Polar-codes based method when 10% of the ReRAM cell array is erroneous at Signal to Noise Ratio (SNR) of 20dB.This error rate is achieved by using helper data length of 512 bits for a 256 bit cryptographic key. Our method uses a 2:1 ratio for helper data and key, much lower than the majority of previously reported methods. This property makes our method more robust against helper data attacks.

Recently, new perspective areas of chaotic encryption have evolved, including fuzzy logic encryption. The presented work proposes an image encryption system based on two chaotic mapping that uses fuzzy logic. The paper also presents numerical calculations of some parameters of statistical analysis, such as, histogram, entropy of information and correlation coefficient, which confirm the efficiency of the proposed algorithm.

When building the architecture of cyber defense systems, one of the important tasks is to create a methodology for current diagnostics of cybersecurity status of information systems and objects of information activity. The complexity of this procedure is that having a strong security level of the object at the software level does not mean that such power is available at the hardware level or at the cryptographic level. There are always weaknesses in all levels of information security that criminals are constantly looking for. Therefore, the task of promptly calculating the likelihood of possible negative consequences from the successful implementation of cyberattacks is an urgent task today. This paper proposes an approach of obtaining an instantaneous calculation of the probabilities of negative consequences from the successful implementation of cyberattacks on objects of information activity on the basis of delayed differential equation theory and the mechanism of constructing a logical Fuzzy function. This makes it possible to diagnose the security status of the information system.

We are answering the question whenever systems with convolutional neural network classifier trained over plain and encrypted data keep the ordering according to accuracy. Our motivation is need for designing convolutional neural network classifiers when data in their plain form are not accessible because of private company policy or sensitive data gathered by police. We propose to use a combination of fully connected autoencoder together with a convolutional neural network classifier. The autoencoder transforms the data info form that allows the convolutional classifier to be trained. We present three experiments that show the ordering of systems over plain and encrypted data. The results show that the systems indeed keep the ordering, and thus a NN designer can select appropriate architecture over encrypted data and later let data owner train or fine-tune the system/CNN classifier on the plain data.

Blockchain technology is attracting attention as an innovative system for decentralized payments in fields such as financial area. On the other hand, in a decentralized environment, management of a secret key used for user authentication and digital signature becomes a big issue because if a user loses his/her secret key, he/she will also lose assets on the blockchain. This paper describes the secret key management issues in blockchain systems and proposes a solution using a biometrics-based digital signature scheme. In our proposed system, a secret key to be used for digital signature is generated from the user's biometric information each time and immediately deleted from the memory after using it. Therefore, our blockchain system has the advantage that there is no need for storage for storing secret keys throughout the system. As a result, the user does not have a risk of losing the key management devices and can prevent attacks from malware that steals the secret key.

YARA rules utilises string or pattern matching to perform malware analysis and is one of the most effective methods in use today. However, its effectiveness is dependent on the quality and quantity of YARA rules employed in the analysis. This can be managed through the rule optimisation process, although, this may not necessarily guarantee effective utilisation of YARA rules and its generated findings during its execution phase, as the main focus of YARA rules is in determining whether to trigger a rule or not, for a suspect sample after examining its rule condition. YARA rule conditions are Boolean expressions, mostly focused on the binary outcome of the malware analysis, which may limit the optimised use of YARA rules and its findings despite generating significant information during the execution phase. Therefore, this paper proposes embedding fuzzy rules with YARA rules to optimise its performance during the execution phase. Fuzzy rules can manage imprecise and incomplete data and encompass a broad range of conditions, which may not be possible in Boolean logic. This embedding may be more advantageous when the YARA rules become more complex, resulting in multiple complex conditions, which may not be processed efficiently utilising Boolean expressions alone, thus compromising effective decision-making. This proposed embedded approach is applied on a collected malware corpus and is tested against the standard and enhanced YARA rules to demonstrate its success.

Malware has remained a consistent threat since its emergence, growing into a plethora of types and in large numbers. In recent years, numerous new malware variants have enabled the identification of new attack surfaces and vectors, and have become a major challenge to security experts, driving the enhancement and development of new malware analysis techniques to contain the contagion. One of the preliminary steps of malware analysis is to remove the abundance of counterfeit malware samples from the large collection of suspicious samples. This process assists in the management of man and machine resources effectively in the analysis of both unknown and likely malware samples. Hashing techniques are one of the fastest and efficient techniques for performing this preliminary analysis such as fuzzy hashing and import hashing. However, both hashing methods have their limitations and they may not be effective on their own, instead the combination of two distinctive methods may assist in improving the detection accuracy and overall performance of the analysis. This paper proposes a Fuzzy-Import hashing technique which is the combination of fuzzy hashing and import hashing to improve the detection accuracy and overall performance of malware analysis. This proposed Fuzzy-Import hashing offers several benefits which are demonstrated through the experimentation performed on the collected malware samples and compared against stand-alone techniques of fuzzy hashing and import hashing.

Ransomware attacks are a prevalent cybersecurity threat to every user and enterprise today. This is attributed to their polymorphic behaviour and dispersion of inexhaustible versions due to the same ransomware family or threat actor. A certain ransomware family or threat actor repeatedly utilises nearly the same style or codebase to create a vast number of ransomware versions. Therefore, it is essential for users and enterprises to keep well-informed about this threat landscape and adopt proactive prevention strategies to minimise its spread and affects. This requires a technique to detect ransomware samples to determine the similarity and link with the known ransomware family or threat actor. Therefore, this paper presents a detection method for ransomware by employing a combination of a similarity preserving hashing method called fuzzy hashing and a clustering method. This detection method is applied on the collected WannaCry/WannaCryptor ransomware samples utilising a range of fuzzy hashing and clustering methods. The clustering results of various clustering methods are evaluated through the use of the internal evaluation indexes to determine the accuracy and consistency of their clustering results, thus the effective combination of fuzzy hashing and clustering method as applied to the particular ransomware corpus. The proposed detection method is a static analysis method, which requires fewer computational overheads and performs rapid comparative analysis with respect to other static analysis methods.

Ransomware is currently one of the most significant cyberthreats to both national infrastructure and the individual, often requiring severe treatment as an antidote. Triaging ran-somware based on its similarity with well-known ransomware samples is an imperative preliminary step in preventing a ransomware pandemic. Selecting the most appropriate triaging method can improve the precision of further static and dynamic analysis in addition to saving significant t ime a nd e ffort. Currently, the most popular and proven triaging methods are fuzzy hashing, import hashing and YARA rules, which can ascertain whether, or to what degree, two ransomware samples are similar to each other. However, the mechanisms of these three methods are quite different and their comparative assessment is difficult. Therefore, this paper presents an evaluation of these three methods for triaging the four most pertinent ransomware categories WannaCry, Locky, Cerber and CryptoWall. It evaluates their triaging performance and run-time system performance, highlighting the limitations of each method.