Biblio

Although several different attacks or modern security mechanisms have been proposed, the captchas created by the numbers and the letters are still used by some websites or applications to protect their information security. The reason is that the labels of the captcha data are difficult to collect for the attacker, and protector can easily control the various parameters of the captchas: like the noise, the font type, the font size, and the background color, then make this security mechanism update with the increased attack methods. It can against attacks in different situations very effectively. This paper presents a method to recognize the different text-based captchas based on a system constituted by the denoising autoencoder and the Convolutional Recurrent Neural Network (CRNN) model with the Connectionist Temporal Classification (CTC) structure. We show that our approach has a better performance for recognizing, and it solves the identification problem of indefinite character length captchas efficiently.

Completely Automated Public Turing Tests (CAPTCHA) have been used to differentiate between computers and humans for quite some time now. There are many different varieties of CAPTCHAs - text-based, image-based, audio, video, arithmetic, etc. However, not all varieties are suitable for the visually impaired. As time goes by and Spambots and APIs grow more accurate, the CAPTCHA tests have been constantly updated to stay relevant, but that has not happened with the audio CAPTCHA. There exists an audio CAPTCHA intended for the blind/visually impaired but many blind/visually impaired find it difficult to solve. We propose an alternative to the existing system, which would make use of unique sound samples layered with music generated through GANs (Generative Adversarial Networks) along with noise and other layers of sounds to make it difficult to dissect. The user has to count the number of times the unique sound was heard in the sample and then input that number. Since there are no letters or numbers involved in the samples, speech-to-text bots/APIs cannot be used directly to decipher this system. Also, any user regardless of their native language can comfortably use this system.

This paper presents a design concept of an innovative CAPTCHA that can filter the color-vision–recognition states of different users. It can simultaneously verify the real-human-user identity, differentiate between the color-vision needs, and decide the content to be presented automatically.

Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA) is a type of automatic program to determine whether the user is human or not. The most common type of CAPTCHA is a kind of message interpretation by twisting the letters and adding slight noises in the background, plays a role of verification code. In this paper, we will introduce the basis of Convolutional Neural Network first. Then based on the handwritten digit recognition using CNN, we will develop a network for CAPTCHA image recognition.

CAPTCHA or Completely Automated Public Turing test to Tell Computers and Humans Apart is a technique to distinguish between humans and computers by generating and evaluating tests that can be passed by humans but not computer bots. However, captchas are not foolproof, and they can be bypassed which raises security concerns. Hence, sites over the internet remain open to such vulnerabilities. This research paper identifies the vulnerabilities found in some of the commonly used captcha schemes by cracking them using Deep Learning techniques. It also aims to provide solutions to safeguard against these vulnerabilities and provides recommendations for the generation of secure captchas.

CAPTCHA (Completely Automated Public Turing Test to tell Computers and Humans Apart) is a widely used challenge-measures to distinguish humans and computer automated programs apart. Several existing CAPTCHAs are reliable for normal users, whereas visually impaired users face a lot of problems with the CAPTCHA authentication process. CAPTCHAs such as Google reCAPTCHA alternatively provides audio CAPTCHA, but many users find it difficult to decipher due to noise, language barrier, and accent of the audio of the CAPTCHA. Existing CAPTCHA systems lack user satisfaction on smartphones thus limiting its use. Our proposed system potentially solves the problem faced by visually impaired users during the process of CAPTCHA authentication. Also, our system makes the authentication process generic across users as well as platforms.

CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) is commonly utilized as a technology for avoiding attacks to Web sites by bots. State-of-the-art CAPTCHAs vary in difficulty based on the client's behavior, allowing for efficient bot detection without sacrificing simplicity. In this research, we focus on detecting bots by supervised machine learning from access-log time series in the past. We have analysed access logs to several Web services which are using a commercial cloud-based CAPTCHA service, Capy Puzzle CAPTCHA. Experiments show that bot detection in attacks over a month can be performed with high accuracy by precursory analysis of the access log in only the first day as training data. In addition, we have manually analyzed the data that are found to be False Positive in the discrimination results, and it is found that the proposed model actually detects access by bots, which had been overlooked in the first-stage manual discrimination of flags in preparation of training data.

A 'Completely Automated Public Turing test to tell Computers and Humans Apart' or better known as CAPTCHA is a image based test used to determine the authenticity of a user (ie. whether the user is human or not). In today's world, almost all the web services, such as online shopping sites, require users to solve CAPTCHAs that must be read and typed correctly. The challenge is that recognizing the CAPTCHAs is a relatively easy task for humans, but it is still hard to solve for computers. Ideally, a well-designed CAPTCHA should be solvable by humans at least 90% of the time, while programs using appropriate resources should succeed in less than 0.01% of the cases. In this paper, a deep neural network architecture is presented to extract text from CAPTCHA images on various platforms. The central theme of the paper is to develop an efficient & intelligent model that converts image-based CAPTCHA to text. We used convolutional neural network based architecture design instead of the traditional methods of CAPTCHA detection using image processing segmentation modules. The model consists of seven layers to efficiently correlate image features to the output character sequence. We tried a wide variety of configurations, including various loss and activation functions. We generated our own images database and the efficacy of our model was proven by the accuracy levels of 99.7%.

With the developing of computer technology, Convolutional Neural Network (CNN) has made big development in both application region and research field. However, CAPTCHA (one Turing Test to tell difference between computer and human) technology is also widely used in many websites verification process and it has received great attention from researchers. In this essay, we introduced the CNN based on tensorflow framework and use the MINIST data set which is used in handwritten digit recognition to analyze the parameters and the structure of the CNN model. Moreover, we use different activation functions and compares them with different epochs. We also analyze many problems during the experiment to make the original data and the result more accurate.

In November 2019, the government of Iran enforced a week-long total Internet blackout that prevented the majority of Internet connectivity into and within the nation. This work elaborates upon the Iranian Internet blackout by characterizing the event through Internet-scale, near realtime network traffic measurements. Beginning with an investigation of compromised machines scanning the Internet, nearly 50 TB of network traffic data was analyzed. This work discovers 856,625 compromised IP addresses, with 17,182 attributed to the Iranian Internet space. By the second day of the Internet shut down, these numbers dropped by 18.46% and 92.81%, respectively. Empirical analysis of the Internet-of-Things (IoT) paradigm revealed that over 90% of compromised Iranian hosts were fingerprinted as IoT devices, which saw a significant drop throughout the shutdown (96.17% decrease by the blackout's second day). Further examination correlates BGP reachability metrics and related data with geolocation databases to statistically evaluate the number of reachable Iranian ASNs (dropping from approximately 1100 to under 200 reachable networks). In-depth investigation reveals the top affected ASNs, providing network forensic evidence of the longitudinal unplugging of such key networks. Lastly, the impact's interruption of the Bitcoin cryptomining market is highlighted, disclosing a massive spike in unsuccessful (i.e., pending) transactions. When combined, these network traffic measurements provide a multidimensional perspective of the Iranian Internet shutdown.

The Border Gateway Protocol (BGP) is in charge of the route exchange at the Internet scale. Anomalies in BGP can have several causes (mis-configuration, outage and attacks). These anomalies are classified into large or small scale anomalies. Machine learning models are used to analyze and detect anomalies from the complex data extracted from BGP behavior. Two types of data representation can be used inside the machine learning models: a graph representation of the network (graph features) or a statistical computation on the data (statistical features). In this paper, we evaluate and compare the accuracy of machine learning models using graph features and statistical features on both large and small scale BGP anomalies. We show that statistical features have better accuracy for large scale anomalies, and graph features increase the detection accuracy by 15% for small scale anomalies and are well suited for BGP small scale anomaly detection.

An experimental network environment plays an important role to examine new systems and protocols. We have developed an experimental network construction tool called LiONv1 (Lightweight On-Demand Networking, ver.1). LiONv1 satisfies the following four requirements: programmer-friendly configuration file based on Infrastructure as Code, multiple virtualization technologies for virtual nodes, physical topology conscious virtual node placement, and L3 protocol agnostic virtual networks. None of existing experimental network environments satisfy all the four requirements. In this paper, we develop LiONv2 which satisfies three more requirements: diversity of available network devices, Internet-scale deployment, and disaggregation of network configuration and device configuration. LiONv2 employs NETCONF and YANG to achieve diversity of available network devices and Internet-scale deployment. LiONv2 also defines two YANG models which disaggregate network configuration and device configuration. LiONv2 is implemented in Go and C languages with public libraries for Go. Measurement results show that construction time of a virtual network is irrelevant to the number of virtual nodes if a single virtual node is created per physical node.

The COVID-19 pandemic introduced novel incentives for adversaries to exploit the state of turmoil. As we have witnessed with the increase in for instance phishing attacks and domain name registrations piggybacking the COVID-19 brand name. In this paper, we perform an analysis at Internet-scale of COVID-19 domain name registrations during the early stages of the virus' spread, and investigate the rationales behind them. We leverage the DomainTools COVID-19 Threat List and additional measurements to analyze over 150,000 domains registered between January 1st 2020 and May 1st 2020. We identify two key rationales for covid-related domain registrations. Online marketing, by either redirecting traffic or hosting a commercial service on the domain, and domain parking, by registering domains containing popular COVID-19 keywords, presumably anticipating a profit when reselling the domain later on. We also highlight three public policy take-aways that can counteract this domain registration behavior.

The Internet-of-Things (IoT) paradigm at large continues to be compromised, hindering the privacy, dependability, security, and safety of our nations. While the operational security communities (i.e., CERTS, SOCs, CSIRT, etc.) continue to develop capabilities for monitoring cyberspace, tools which are IoT-centric remain at its infancy. To this end, we address this gap by innovating an actionable Cyber Threat Intelligence (CTI) feed related to Internet-scale infected IoT devices. The feed analyzes, in near real-time, 3.6TB of daily streaming passive measurements ( ≈ 1M pps) by applying a custom-developed learning methodology to distinguish between compromised IoT devices and non-IoT nodes, in addition to labeling the type and vendor. The feed is augmented with third party information to provide contextual information. We report on the operation, analysis, and shortcomings of the feed executed during an initial deployment period. We make the CTI feed available for ingestion through a public, authenticated API and a front-end platform.

Intrusion Detection System (IDS) is a system that could detect suspicious activity in a network. Two approaches are known for IDS, namely signature-based and anomaly-based. The anomaly-based detection method was chosen to detect suspicious and abnormal activity for the system that cannot be performed by the signature-based method. In this study, attack testing was carried out using three DoS tools, namely the LOIC, Torshammer, and Xerxes tools, with a test scenario using IDS and without IDS. From the test results that have been carried out, IDS has successfully detected the attacks that were sent, for the delivery of the most consecutive attack packages, namely Torshammer, Xerxes, and LOIC. In the detection of Torshammer attack tools on the target FTP Server, 9421 packages were obtained, for Xerxes tools as many as 10618 packages and LOIC tools as many as 6115 packages. Meanwhile, attacks on the target Web Server for Torshammer tools were 299 packages, for Xerxes tools as many as 530 packages, and for LOIC tools as many as 103 packages. The accuracy of the IDS performance results is 88.66%, the precision is 88.58% and the false positive rate is 63.17%.

Cloud Computing is a favored choice of any IT organization in the current context since that provides flexibility and pay-per-use service to the users. Moreover, due to its open and inclusive architecture which is accessible to attackers. Security and privacy are a big roadblock to its success. For any IT organization, intrusion detection systems are essential to the detection and endurance of effective detection system against attacker aggressive attacks. To recognize minor occurrences and become significant breaches, a fully managed intrusion detection system is required. The most prevalent approach for intrusion detection on the cloud is the Intrusion Detection System (IDS). This research introduces a cloud-based deep learning-LSTM IDS model and evaluates it to a hybrid Stacked Contractive Auto Encoder (SCAE) + Support Vector Machine (SVM) IDS model. Deep learning algorithms like basic machine learning can be built to conduct attack detection and classification simultaneously. Also examine the detection methodologies used by certain existing intrusion detection systems. On two well-known Intrusion Detection datasets (KDD Cup 99 and NSL-KDD), our strategy outperforms current methods in terms of accurate detection.

Intrusion Detection System (IDS) is used to identify malicious traffic on the network. Apart from rule-based IDS, machine learning and deep learning based on IDS are also being developed to improve the accuracy of IDS detection. In this study, the public dataset CIC IDS 2017 was used in developing deep learning-based IDS because this dataset contains the new types of attacks. In addition, this dataset also meets the criteria as an intrusion detection dataset. The dataset was split into train data, validation data and test data. We proposed Bidirectional Long-Short Term Memory (LSTM) for building neural network. We created 24 scenarios with various changes in training parameters which were trained for 100 epochs. The training parameters used as research variables are optimizer, activation function, and learning rate. As addition, Dropout layer and L2-regularizer were implemented on every scenario. The result shows that the model used Adam optimizer, Tanh activation function and a learning rate of 0.0001 produced the highest accuracy compared to other scenarios. The accuracy and F1 score reached 97.7264% and 97.7516%. The best model was trained again until 1000 iterations and the performance increased to 98.3448% in accuracy and 98.3793% in F1 score. The result exceeded several previous works on the same dataset.

Cyber-Physical Systems (CPS) suffer from extendable vulnerabilities due to the convergence of the physical world with the cyber world, which makes it victim to a number of sophisticated cyber-attacks. The motives behind such attacks range from criminal enterprises to military, economic, espionage, political, and terrorism-related activities. Many governments are more concerned than ever with securing their critical infrastructure. One of the effective means of detecting threats and securing their infrastructure is the use of Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS). A number of studies have been conducted and proposed to assess the efficacy and effectiveness of IDS through the use of self-learning techniques, especially in the Industrial Control Systems (ICS) era. This paper investigates and analyzes the utilization of IDS systems and their proposed solutions used to enhance the effectiveness of such systems for CPS. The targeted data extraction was from 2011 to 2021 from five selected sources: IEEE, ACM, Springer, Wiley, and ScienceDirect. After applying the inclusion and exclusion criteria, 20 primary studies were selected from a total of 51 studies in the field of threat detection in CPS, ICS, SCADA systems, and the IoT. The outcome revealed the trends in recent research in this area and identified essential techniques to improve detection performance, accuracy, reliability, and robustness. In addition, this study also identified the most vulnerable target layer for cyber-attacks in CPS. Various challenges, opportunities, and solutions were identified. The findings can help scholars in the field learn about how machine learning (ML) methods are used in intrusion detection systems. As a future direction, more research should explore the benefits of ML to safeguard cyber-physical systems.

The industry of telecommunications is being transformed towards 5G technology, because it has to deal with the emerging and existing use cases. Because, 5G wireless networks need rather large data rates and much higher coverage of the dense base station deployment with the bigger capacity, much better Quality of Service - QoS, and the need very low latency [1–3]. The provision of the needed services which are envisioned by 5G technologies need the new service models of deployment, networking architectures, processing technologies and storage to be defined. These technologies will cause the new problems for the cybersecurity of 5G systems and the security of their functionality. The developers and researchers working in this field make their best to secure 5G systems. The researchers showed that 5G systems have the security challenges. The researchers found the vulnerabilities in 5G systems which allow attackers to integrate malicious code into the system and make the different types of the illegitimate actions. MNmap, Battery drain attacks and MiTM can be successfully implemented on 5G. The paper makes the analysis of the existing cyber security problems in 5G technology. Based on the analysis, we suggest the novel Intrusion Detection System - IDS by means of the machine-learning algorithms. In the related papers the scientists offer to use NSL-KDD in order to train IDS. In our paper we offer to train IDS using the big datasets of DOS/DDOS attacks, besides of training using NSL-KDD. The research also offers the methodology of integration of the offered intrusion detection systems into an standard architecture of 5G. The paper also offers the pseudo code of the designed system.

In-vehicle CAN (Controller Area Network) bus network does not have any network security protection measures, which is facing a serious network security threat. However, most of the intrusion detection solutions requiring extensive computational resources cannot be implemented in in- vehicle network system because of the resource constrained ECUs. To add additional hardware or to utilize cloud computing, we need to solve the cost problem and the reliable communication requirement between vehicles and cloud platform, which is difficult to be applied in a short time. Therefore, we need to propose a short-term solution for automobile manufacturers. In this paper, we propose a signature-based light-weight intrusion detection system, which can be applied directly and promptly to vehicle's ECUs (Electronic Control Units). We detect the anomalies caused by several attack modes on CAN bus from real-world scenarios, which provide the basis for selecting signatures. Experimental results show that our method can effectively detect CAN traffic related anomalies. For the content related anomalies, the detection ratio can be improved by exploiting the relationship between the signals.

Big data continues to grow in the manufacturing domain due to increasing interconnectivity on the shop floor in the course of the fourth industrial revolution. The optimization of machines based on either real-time or historical machine data provides benefits to both machine producers and operators. In order to be able to make use of these opportunities, it is necessary to access the machine data, which can include sensitive information such as intellectual property. Employing the use case of machine tools, this paper presents a solution enabling industrial data sharing and cloud collaboration while protecting sensitive information. It employs the edge computing paradigm to apply differential privacy to machine data in order to protect sensitive information and simultaneously allow machine producers to perform the necessary calculations and analyses using this data.

This paper presents a high-level circuit obfuscation technique to prevent the theft of intellectual property (IP) of integrated circuits. In particular, our technique protects a class of circuits that relies on constant multiplications, such as neural networks and filters, where the constants themselves are the IP to be protected. By making use of decoy constants and a key-based scheme, a reverse engineer adversary at an untrusted foundry is rendered incapable of discerning true constants from decoys. The time-multiplexed constant multiplication (TMCM) block of such circuits, which realizes the multiplication of an input variable by a constant at a time, is considered as our case study for obfuscation. Furthermore, two TMCM design architectures are taken into account; an implementation using a multiplier and a multiplierless shift-adds implementation. Optimization methods are also applied to reduce the hardware complexity of these architectures. The well-known satisfiability (SAT) and automatic test pattern generation (ATPG) based attacks are used to determine the vulnerability of the obfuscated designs. It is observed that the proposed technique incurs small overheads in area, power, and delay that are comparable to the hardware complexity of prominent logic locking methods. Yet, the advantage of our approach is in the insight that constants - instead of arbitrary circuit nodes - become key-protected.

USB flash drives are used widely to store or transfer data among the employees in the company. There was greater concern about leaks of information especially company crown jewel or intellectual property data inside the USB flash drives because of theft, loss, negligence or fraud. This study is a real case in XYZ company which aims to find remaining the company’s crown jewel or intellectual property data inside the USB flash drives that belong to the employees. The research result showed that sensitive information (such as user credentials, product recipes and customer credit card data) could be recovered from the employees’ USB flash drives. It could obtain a high-risk impact on the company as reputational damage and sabotage product from the competitor. This result will help many companies to increase security awareness in protecting their crown jewel by having proper access control and to enrich knowledge regarding digital forensic for investigation in the company or enterprise.

Aggressive time-to-market constraints and enormous hardware design and fabrication costs have pushed the semiconductor industry toward hardware Intellectual Properties (IP) core design. However, the globalization of the integrated circuits (IC) supply chain exposes IP providers to theft and illegal redistribution of IPs. Watermarking and fingerprinting are proposed to detect IP piracy. Nevertheless, they come with additional hardware overhead and cannot guarantee IP security as advanced attacks are reported to remove the watermark, forge, or bypass it. In this work, we propose a novel methodology, GNN4IP, to assess similarities between circuits and detect IP piracy. We model the hardware design as a graph and construct a graph neural network model to learn its behavior using the comprehensive dataset of register transfer level codes and gate-level netlists that we have gathered. GNN4IP detects IP piracy with 96% accuracy in our dataset and recognizes the original IP in its obfuscated version with 100% accuracy.

Ever since Machine Learning as a Service emerges as a viable business that utilizes deep learning models to generate lucrative revenue, Intellectual Property Right (IPR) has become a major concern because these deep learning models can easily be replicated, shared, and re-distributed by any unauthorized third parties. To the best of our knowledge, one of the prominent deep learning models - Generative Adversarial Networks (GANs) which has been widely used to create photorealistic image are totally unprotected despite the existence of pioneering IPR protection methodology for Convolutional Neural Networks (CNNs). This paper therefore presents a complete protection framework in both black-box and white-box settings to enforce IPR protection on GANs. Empirically, we show that the proposed method does not compromise the original GANs performance (i.e. image generation, image super-resolution, style transfer), and at the same time, it is able to withstand both removal and ambiguity attacks against embedded watermarks. Codes are available at https://github.com/dingsheng-ong/ipr-gan.