Biblio

Throughout the Department of Defense, there are ongoing efforts to increase cybersecurity and improve data transfer in unmanned robotic systems (UxS). This paper explores the performance of the Robot Operating System (ROS) 2, which is built with the Data Distribution Service (DDS) standard as a middleware. Based on how quality of service (QoS) parameters are defined in the robotic middleware interface, it is possible to implement strict delivery requirements to different nodes on a dynamic nodal network with multiple unmanned systems connected. Through this research, different scenarios with varying QoS settings were implemented and compared to baseline values to help illustrate the impact of latency and throughput on data flow. DDS security settings were also enabled to help understand the cost of overhead and performance when secured data is compared to plaintext baseline values. Our experiments were performed using a basic ROS 2 network consisting of two nodes (one publisher and one subscriber). Our experiments showed a measurable latency and throughput change between different QoS profiles and security settings. We analyze the trends and tradeoffs associated with varying QoS and security settings. This paper provides performance data points that can be used to help future researchers and developers make informative choices when using ROS 2 for UxS.

Deep Neural Networks (DNN) have strong capabilities of memories, feature identifications and automatic analyses, solving various complex problems. However, DNN classifiers have obvious fragility that adding several unnoticeable perturbations to the original examples will lead to the errors in the classifier identification. In the field of communications, the adversarial examples will greatly reduce the accuracy of the signal identification, causing great information security risks. Considering the adversarial examples pose a serious threat to the security of the DNN models, studying their generation mechanisms and testing their attack effects are critical to ensuring the information security of the communication networks. This paper will study the generation of the adversarial examples and the influences of the adversarial examples on the accuracy of the DNN-based communication signal identification. Meanwhile, this paper will study the influences of the adversarial examples under the white-box models and black-box models, and explore the adversarial attack influences of the factors such as perturbation levels and iterative steps. The insights of this study would be helpful for ensuring the security of information networks and designing robust DNN communication networks.

The upcoming 5th generation (5G) mobile networks need to support ultra-reliable communication for business and life-critical applications. To do that 5G must offer higher degree of reliability than the current Internet, where networks are often subjected to Internet attacks, such as denial of service (DoS) and unwanted traffic. Besides improving the mitigation of Internet attacks, we propose that ultra-reliable mobile networks should only carry the expected user traffic to achieve a predictable level of reliability under malicious activity. To accomplish this, we introduce device-oriented communication security policies. Mobile networks have classically introduced a policy architecture that includes Policy and Charging Control (PCC) functions in LTE. However, in state of the art, this policy architecture is limited to QoS policies for end devices only. In this paper, we present experimental implementation of a Security Policy Management (SPM) system that accounts communication security interests of end devices. The paper also briefly presents the overall security architecture, where the policies set for devices or services in a network slice providing ultra-reliability, are enforced by a network edge node (via SPM) to only admit the expected traffic, by default treating the rest as unwanted traffic.

Artificial Intelligence also often referred to as machine learning is being labelled to as the future has been into light since more than a decade. Artificial Intelligence designated by the acronym AI has a vast scope of development and the developers have been working on with it constantly. AI is being associated with the existing objects in the world as well as with the ones that are about to arrive to improve them and make them more reliable. AI as it states in its name is intelligence, intelligence shown by the machines to work similar to humans and work on achieving the goals they are being provided with. Another application of AI could be to provide defenses against the present cyber threats, vehicle overrides etc. Also, AI might be intelligence but, in the end, it's still a bunch of codes, hence it is prone to be corrupted or misused by the world. To prevent the misuse of the technologies, it is necessary to deploy them with a sustainable defensive system as well. Obviously, there is going to be a default defense system but it is prone to be corrupted by the hackers or malfunctioning of the intelligence in certain scenarios which can result disastrous especially in case of Robotics. A proposal referred to as the “Guard Masking” has been offered in the following paper, to provide an alternative for securing Artificial Intelligence.

The acceleration of extending popularity of Online Social Networks (OSNs) thanks to various services with which they provide people, is inevitable. This is why in OSNs security as a way to protect private data of users to be abused by unauthoritative people has a vital role to play. Trust evaluation is the security approach that has been utilized since the advent of OSNs. Graph-based approaches are among the most popular methods for trust evaluation. However, graph-based models need to employ limitations in the search process of finding trusted paths. This contributes to a reduction in trust accuracy. In this investigation, a learning-based model which with no limitation is able to find reliable users of any target user, is proposed. Experimental results depict 12% improvement in trust accuracy compares to models based on the graph-based approach.

The concept of federation in 5G and NFV networks aims to provide orchestration of services across multiple administrative domains. Edge robotics, as a field of robotics, implements the robot control on the network edge by relying on low-latency and reliable access connectivity. In this paper, we propose a solution that enables Edge robotics service to expand its service footprint or access coverage over multiple administrative domains. We propose application of Distributed ledger technologies (DLTs) for the federation procedures to enable private, secure and trusty interactions between undisclosed administrative domains. The solution is applied on a real-case Edge robotics experimental scenario. The results show that it takes around 19 seconds to deploy & federate a Edge robotics service in an external/anonymous domain without any service down-time.

Video sharing from closed-circuit television video recording or in social media interaction requires self-authentication for responsible and reliable data sharing. Similarly, surveillance video recording is a powerful method of deterring unlawful activities. A Solution-by-Design can be helpful in terms of making a captured video immutable, as such recordings cannot become a piece of evidence until proven to be unaltered. This paper presents a computationally inexpensive method of preserving a chain-of-evidence in surveillance videos using steganography and hashing. The method conforms to the data protection regulations which are increasingly adopted by governments, and is applicable to network edge storage. Security credentials are stored in a hardware wallet independently of the video capture device itself, while evidential information is stored within video frames themselves, independently of the content. The proposed method has turned out to not only preserve the integrity of the stored video data but also results in very limited degradation of the video data due to steganography. Despite the presence of steganographic information, video frames are still available for common image processing tasks such as tracking and classification.

Ensuring secure transmission over the communication channel is a fundamental responsibility to achieve the implementation objective of universal internet of vehicles (UIoV) efficiently. Characteristics like highly dynamic topology and scalability of UIoV makes it more vulnerable to different types of privacy and security attacks. Considerable scope of improvement in terms of time complexity and performance can be observed within the existing schemes that address the privacy and security aspects of UIoV. In this paper, we present an improvised authentication and lightweight batch verification method for security and privacy in UIoV. The suggested method reduces the message loss rate, which occurred due to the response time delay by implementing some low-cost cryptographic operations like one-way hash function, concatenation, XOR, and bilinear map. Furthermore, the performance analysis proves that the proposed method is more reliable that reduces the computational delay and has a better performance in the delay-sensitive network as compared to the existing schemes. The experimental results are obtained by implementing the proposed scheme on a desktop-based configuration as well as Raspberry Pi 4.

Cloud computing has been envisioned as a next generation information technology (IT) paradigm. The risk of losing data stored with any untrustworthy service provider is the key barrier to widespread uptake of cloud computing. This paper proposes an algebraic signature based remote data possession checking (RDPC) scheme to verify the integrity of the data stored in the cloud. This scheme integrates forward error-correcting codes to enhance the data possession guarantee, which can recover the data when a small amount of file has been deleted. The scheme allows verification without the need for the auditor to compare against the original data, which reduces the communication complexity dramatically. The storage complexity of cloud user is reduced to several bytes' information. Extensive security analysis and simulation show that the proposed scheme is highly provably secure. Finally, experiment results reveal that the computation performance is effective, and bounded by disk I/O.

Due to environmental influence and technology limitation, a wireless sensor/sensors module can neither store or process all raw data locally nor reliably forward it to a destination in heterogeneous IoT environment. As a result, the data collected by the IoT's sensors are inherently noisy, unreliable, and may trigger many false alarms. These false or misleading data can lead to wrong decisions once the data reaches end entities. Therefore, it is highly recommended and desirable to acquire trustworthy data before data transmission, aggregation, and data storing at the end entities/cloud. In this paper, we propose an In-network Generalized Trustworthy Data Collection (IGTDC) framework for trustworthy data acquisition and faulty sensor detection in the IoT environment. The key idea of IGTDC is to allow a sensor's module to examine locally whether the raw data is trustworthy before transmitting towards upstream nodes. It further distinguishes whether the acquired data can be trusted or not before data aggregation at the sink/edge node. Besides, IGTDC helps to recognize a faulty or compromised sensor. For a reliable data collection, we use collaborative IoT technique, gate-level modeling, and programmable logic device (PLD) to ensure that the acquired data is reliable before transmitting towards upstream nodes/cloud. We use a hardware-based technique called “Gray Code” to detect a faulty sensor. Through simulations we reveal that the acquired data in IGTDC framework is reliable that can make a trustworthy data collection for event detection, and assist to distinguish a faulty sensor.

As a key technology in cognitive radio, cooperative spectrum sensing has been paid more and more attention. In cooperative spectrum sensing, multi-user cooperative spectrum sensing can effectively alleviate the performance degradation caused by multipath effect and shadow fading, and improve the spectrum utilization. However, as there may be malicious users in the cooperative sensing users, sending forged false messages to the fusion center or neighbor nodes to mislead them to make wrong judgments, which will greatly reduce the spectrum utilization. To solve this problem, this paper proposes an intelligent anti spectrum sensing data falsification (SSDF) attack algorithm using trust-based non consensus message passing algorithm. In this scheme, only one perception is needed, and the historical propagation path of each message is taken as the basis to calculate the reputation of each cognitive user. Every time a node receives different messages from the same cognitive user, there must be malicious users in its propagation path. We reward the nodes that appear more times in different paths with reputation value, and punish the nodes that appear less. Finally, the real value of the tampered message is restored according to the calculated reputation value. The MATLAB results show that the proposed scheme has a high recovery rate for messages and can identify malicious users in the network at the same time.

As the increasing demands of social services, unmanned aerial vehicles (UAVs)-assisted networks promote the promising prospect for implementing high-rate information transmission and applications. The sensing data can be collected by UAVs, a large number of applications based on UAVs have been realized in the 5G networks. However, the malicious UAVs may provide false information and destroy the services. The 5G UAV communication systems face the security threats. Therefore, this paper develops a novel trust-based security scheme for 5G UAV communication systems. Firstly, the architecture of the 5G UAV communication system is presented to improve the communication performance. Secondly, the trust evaluation scheme for UAVs is developed to evaluate the reliability of UAVs. By introducing the trust threshold, the malicious UAVs will be filtered out from the systems to protect the security of systems. Finally, the simulation results have been demonstrated the effectiveness of the proposed scheme.

Cyber-physical systems (CPS) maintain operation, reliability, and safety performance using state estimation and control methods. Internet connectivity and Internet of Things (IoT) devices are integrated with CPS, such as in smart grids. This integration of Operational Technology (OT) and Information Technology (IT) brings with it challenges for state estimation and exposure to cyber-threats. This research establishes a state estimation baseline, details the integration of IT, evaluates the vulnerabilities, and develops an approach for detecting and responding to cyber-attack data injections. Where other approaches focus on integration of IT cyber-controls, this research focuses on development of classification tools using data currently available in state estimation methods to quantitatively determine the presence of cyber-attack data. The tools may increase computational requirements but provide methods which can be integrated with existing state estimation methods and provide for future research in state estimation based cyber-attack incident response. A robust cyber-resilient CPS includes the ability to detect and classify a cyber-attack, determine the true system state, and respond to the cyber-attack. The purpose of this paper is to establish a means for a cyber aware state estimator given the existence of sub-erroneous outlier detection, cyber-attack data weighting, cyber-attack data classification, and state estimation cyber detection.

This article describes a new way to generate and distribute secret encryption keys, in which the processes of generating a public key and formicating a secret encryption key are performed in algebra with a parameter, the secrecy of which provides increased durability of the key.

Nowadays the use of the Internet is growing; E-voting system has been used by different countries because it reduces the cost and the time which used to consumed by using traditional voting. When the voter wants to access the E-voting system through the web application, there are requirements such as a web browser and a server. The voter uses the web browser to reach to a centralized database. The use of a centralized database for the voting system has some security issues such as Data modification through the third party in the network due to the use of the central database system as well as the result of the voting is not shown in real-time. However, this paper aims to provide an E-voting system with high security by using blockchain. Blockchain provides a decentralized model that makes the network Reliable, safe, flexible, and able to support real-time services.

Remote Attestation (RA) is a security service that detects malware presence on remote IoT devices by verifying their software integrity by a trusted party (verifier). There are three main types of RA: software (SW)-, hardware (HW)-, and hybrid (SW/HW)-based. Hybrid techniques obtain secure RA with minimal hardware requirements imposed on the architectures of existing microcontrollers units (MCUs). In recent years, considerable attention has been devoted to hybrid techniques since prior software-based ones lack concrete security guarantees in a remote setting, while hardware-based approaches are too costly for low-end MCUs. However, one key problem is that many already deployed IoT devices neither satisfy minimal hardware requirements nor support hardware modifications, needed for hybrid RA. This paper bridges the gap between software-based and hybrid RA by proposing a novel RA scheme based on software virtualization. In particular, it proposes a new scheme, called SIMPLE, which meets the minimal hardware requirements needed for secure RA via reliable software. SIMPLE depends on a formally-verified software-based memory isolation technique, called Security MicroVisor (Sμ V). Its reliability is achieved by extending the formally-verified safety and correctness properties to cover the entire software architecture of SIMPLE. Furthermore, SIMPLE is used to construct SIMPLE+, an efficient swarm attestation scheme for static and dynamic heterogeneous IoT networks. We implement and evaluate SIMPLE and SIMPLE+ on Atmel AVR architecture, a common MCU platform.

In recent times, an increasing amount of intelligent electronic devices (IEDs) are being deployed to make power systems more reliable and economical. While these technologies are necessary for realizing a cyber-physical infrastructure for future smart power grids, they also introduce new vulnerabilities in the grid to different cyber-attacks. Traditional methods such as state vector estimation (SVE) are not capable of identifying cyber-attacks while the geometric information is also injected as an attack vector. In this paper, a machine learning based smart grid attack identification method is proposed. The proposed method is carried out by first collecting smart grid power flow data for machine learning training purposes which is later used to classify the attacks. The performance of both the proposed SVM method and the traditional SVE method are validated on IEEE 14, 30, 39, 57 and 118 bus systems, and the performance regarding the scale of the power system is evaluated. The results show that the SVM-based method performs better than the SVE-based in attack identification over a much wider scale of power systems.

Our research team have devoted to extract internal malicious behavior by monitoring the network traffic for many years. We applied the deep learning approach to recognize the malicious patterns within network, but this methodology may lead to more works to examine the results from AI models production. Hence, this paper addressed the scenario to consider the burden of AI, and proposed an idea for long-term reliable detection in the future work.

In this paper, we propose a power allocation scheme in order to improve both secure and reliable performance in the wireless two-hop threshold-selection decode-and-forward (DF) relaying networks, which is so crucial to set a threshold value related the signal-to-noise ratio (SNR) of the source signal at relay nodes for perfect decoding. We adapt the maximal-ratio combining (MRC) receiving SNR from the direct and relaying paths both at the destination and at the eavesdropper. Particularly worth mentioning is that the closed expression form of outage probability and intercept probability is driven, which can quantify the security and reliability, respectively. We also make endeavors to utilize a metric to tradeoff the security and the reliability (SRT) and find out the relevance between them in the balanced case. But beyond that, in the pursuit of tradeoff performance, power allocation tends to depend on the threshold value. In other words, it provides a new method optimizing total power to the source and the relay by the threshold value. The results are obtained from analysis, confirmed by simulation, and predicted by artificial neural networks (ANNs), which is trained with back propagation (BP) algorithm, and thus the feasibility of the proposed method is verified.

Due to their proven efficiency, machine-learning systems are deployed in a wide range of complex real-life problems. More specifically, Spiking Neural Networks (SNNs) emerged as a promising solution to the accuracy, resource-utilization, and energy-efficiency challenges in machine-learning systems. While these systems are going mainstream, they have inherent security and reliability issues. In this paper, we propose NeuroAttack, a cross-layer attack that threatens the SNNs integrity by exploiting low-level reliability issues through a high-level attack. Particularly, we trigger a fault-injection based sneaky hardware backdoor through a carefully crafted adversarial input noise. Our results on Deep Neural Networks (DNNs) and SNNs show a serious integrity threat to state-of-the art machine-learning techniques.

Learning-based approaches often outperform hand-coded algorithmic solutions for many problems in robotics. However, learning long-horizon tasks on real robot hardware can be intractable, and transferring a learned policy from simulation to reality is still extremely challenging. We present a novel approach to model-free reinforcement learning that can leverage existing sub-optimal solutions as an algorithmic prior during training and deployment. During training, our gated fusion approach enables the prior to guide the initial stages of exploration, increasing sample-efficiency and enabling learning from sparse long-horizon reward signals. Importantly, the policy can learn to improve beyond the performance of the sub-optimal prior since the prior's influence is annealed gradually. During deployment, the policy's uncertainty provides a reliable strategy for transferring a simulation-trained policy to the real world by falling back to the prior controller in uncertain states. We show the efficacy of our Multiplicative Controller Fusion approach on the task of robot navigation and demonstrate safe transfer from simulation to the real world without any fine-tuning. The code for this project is made publicly available at https://sites.google.com/view/mcf-nav/home.

Supervisory Control and Data Acquisition (SCADA) systems have been a frequent target of cyberattacks in Industrial Control Systems (ICS). As such systems are a frequent target of highly motivated attackers, researchers often resort to intrusion detection through machine learning techniques to detect new kinds of threats. However, current research initiatives, in general, pursue higher detection accuracies, neglecting the detection of new kind of threats and their proposal detection scope. This paper proposes a novel, reliable host-based intrusion detection for SCADA systems through the Operating System (OS) diversity. Our proposal evaluates, at the OS level, the SCADA communication over time and, opportunistically, detects, and chooses the most appropriate OS to be used in intrusion detection for reliability purposes. Experiments, performed through a variety of SCADA OSs front-end, shows that OS diversity provides higher intrusion detection scope, improving detection accuracy by up to 8 new attack categories. Besides, our proposal can opportunistically detect the most reliable OS that should be used for the current environment behavior, improving by up to 8%, on average, the system accuracy when compared to a single OS approach, in the best case.

Cybersecurity of the supervisory control and data acquisition (SCADA) system, which is the key component of the cyber-physical systems (CPS), is facing big challenges and will affect the reliability of the smart grid. System reliability can be influenced by various cyber threats. In this paper, the reliability of the electric power system considering different cybersecurity issues in the SCADA system is analyzed by using Semi-Markov Process (SMP) and mean time-to-compromise (MTTC). External and insider attacks against the SCADA system are investigated with the SMP models and the results are compared. The system reliability is evaluated by reliability indexes including loss of load probability (LOLP) and expected energy not supplied (EENS) through Monte Carlo Simulations (MCS). The lurking threats of the cyberattacks are also analyzed in the study. Case studies were conducted on the IEEE Reliability Test System (RTS-96). The results show that with the increase of the MTTCs of the cyberattacks, the LOLP values decrease. When insider attacks are considered, both the LOLP and EENS values dramatically increase owing to the decreased MTTCs. The results provide insights into the establishment of the electric power system reliability enhancement strategies.

Software Quality Testing has always been a crucial part of the software development process and lately, there has been a rise in the usage of testing applications. While a well-planned and performed test, regardless of its nature - automated or manual, is a key factor when deciding on the results of the test, it is often not enough to give a more deep and thorough view of the whole process. That can be achieved with properly selected software metrics that can be used for proper risk assessment and evaluation of the development.This paper considers the most commonly used metrics when measuring a performed test and examines metrics that can be applied in the development process.

Digital identity is the key element of digital transformation in representing any real-world entity in the digital form. To ensure a successful digital future the requirement for an effective digital identity is paramount, especially as demand increases for digital services. Several Identity Management (IDM) systems are developed to cope with identity effectively, nonetheless, existing IDM systems have some limitations corresponding to identity and its management such as sovereignty, storage and access control, security, privacy and safeguarding, all of which require further improvement. Self-Sovereign Identity (SSI) is an emerging IDM system which incorporates several required features to ensure that identity is sovereign, secure, reliable and generic. It is an evolving IDM system, thus it is essential to analyse its various features to determine its effectiveness in coping with the dynamic requirements of identity and its current challenges. This paper proposes numerous governing principles of SSI to analyse any SSI ecosystem and its effectiveness. Later, based on the proposed governing principles of SSI, it performs a comparative analysis of the two most popular SSI ecosystems uPort and Sovrin to present their effectiveness and limitations.