Biblio

Digital forensics is concerned with identifying, reporting and responding to security breaches. It is about how to acquire, analyze and report digital evidence and using the technical skills, discovering the traces of Cyber Crime. The field of digital forensics is in high demand due to the constant threats of data breaches and information hacks. Digital Forensics is utilized in the identification and elimination of crimes in any controversy where evidence is preserved in online space. This is the use of specialized techniques for retrieval, authentication and electronic data analysis. Computer forensics deals with the identification, preservation, analysis, documentation and presentation of digital evidence. The paper has analyzed the present-day trends that includes IoT forensics, cloud forensics, network forensics and social media forensics. Recent researches have shown a wide range of threats and cyber-attacks, which requires forensic investigators and forensics scientists to simplify the digital world. Hence, all our research gives a clear view of digital forensics which could be of a great help in forensic investigation. In this research paper we have discussed about the need and way to preserve the digital evidence, so that it is not compromised at any point in time and an unalter evidence can be presented before the court of law.

Construction of immersive architectural wisdom guiding environment based on virtual reality is studied in this paper. Emerging development of the computer smart systems have provided the engineers a novel solution for the platform construction. Network virtualization is currently the most unclear and controversial concept in the industry regarding the definition of virtualization subdivisions. To improve the current study, we use the VR system to implement the platform. The wisdom guiding environment is built through the virtual data modelling and the interactive connections. The platform is implemented through the software. The test on the data analysis accuracy and the interface optimization is conducted.

One of the significant difficulties in network safety is the arrangement of a mechanized and viable digital danger's location strategy. This paper presents an AI procedure for digital dangers recognition, in light of fake neural organizations. The proposed procedure changes large number of gathered security occasions over to singular occasion profiles and utilize a profound learning-based discovery strategy for upgraded digital danger identification. This research work develops an AI-SIEM framework dependent on a blend of occasion profiling for information preprocessing and distinctive counterfeit neural organization techniques by including FCNN, CNN, and LSTM. The framework centers around separating between obvious positive and bogus positive cautions, consequently causing security examiners to quickly react to digital dangers. All trials in this investigation are performed by creators utilizing two benchmark datasets (NSLKDD and CICIDS2017) and two datasets gathered in reality. To assess the presentation correlation with existing techniques, tests are carried out by utilizing the five ordinary AI strategies (SVM, k-NN, RF, NB, and DT). Therefore, the exploratory aftereffects of this examination guarantee that our proposed techniques are fit for being utilized as learning-based models for network interruption discovery and show that despite the fact that it is utilized in reality, the exhibition beats the traditional AI strategies.

Binary Edwards curves (BEC) over finite fields can be used as an additive cyclic elliptic curve group to enable elliptic curve cryptography (ECC), where the most time consuming is scalar multiplication. This operation is computed by means of the group operation, either point addition or point doubling. The most notorious property of these curves is that their group operation is complete, which mitigates the need to verify for special cases. Different formulae for the group operation in BECs have been reported in the literature. Of particular interest are those designed to work with the differential properties of the Montgomery ladder, which offer constant time computation of the scalar multiplication as well as reduced field operations count. In this work, we review and compare the complexity of BEC differential addition and doubling in terms of field operations. We also provide software implementations of scalar multiplications which employ these formulae under a fair scenario. Our work provides insights on the advantages of using BECs in ECC. Our study of the different formulae for group addition in BEC also showcases the advantages and limitations of the different design strategies employed in each case.

Skyline computation is an increasingly popular query, with broad applicability to many domains. Given the trend to outsource databases, and due to the sensitive nature of the data (e.g., in healthcare), it is essential to evaluate skylines on encrypted datasets. Research efforts acknowledged the importance of secure skyline computation, but existing solutions suffer from several shortcomings: (i) they only provide ad-hoc security; (ii) they are prohibitively expensive; or (iii) they rely on assumptions such as the presence of multiple non-colluding parties in the protocol. Inspired by solutions for secure nearest-neighbors, we conjecture that a secure and efficient way to compute skylines is through result materialization. However, materialization is much more challenging for skylines queries due to large space requirements. We show that pre-computing skyline results while minimizing storage overhead is NP-hard, and we provide heuristics that solve the problem more efficiently, while maintaining storage at reasonable levels. Our algorithms are novel and also applicable to regular skyline computation, but we focus on the encrypted setting where materialization reduces the response time of skyline queries from hours to seconds. Extensive experiments show that we clearly outperform existing work in terms of performance, and our security analysis proves that we obtain a small (and quantifiable) data leakage.

In our proposed work the web security has been enhanced using additional security code and an enhanced frame work. Administrator of site is required to specify the security code for particular date and time. On user end user would be capable to login and view authentic code allotted to them during particular time slot. This work would be better in comparison of tradition researches in order to prevent sql injection attack and cross script because proposed work is not just considering the security, it is also focusing on the performance of security system. This system is considering the lot of security dimensions. But in previous system there was focus either on sql injection or cross script. Proposed research is providing versatile security and is available with low time consumption with less probability of unauthentic access.

In the current network security situation, the types of network threats are complex and changeable. With the development of the Internet and the application of information technology, the general trend is opener. Important data and important business applications will face more serious security threats. However, with the development of cloud computing technology, the trend of large-scale deployment of important business applications in cloud centers has greatly increased. The development and use of software-defined networks in cloud data centers have greatly reduced the effect of traditional network security boundary protection. How to find an effective way to protect important applications in open multi-step large-scale cloud data centers is a problem we need to solve. Threat intelligence has become an important means to solve complex network attacks, realize real-time threat early warning and attack tracking because of its ability to analyze the threat intelligence data of various network attacks. Based on the research of threat intelligence, machine learning, cloud central network, SDN and other technologies, this paper proposes an active defense method of network security based on threat intelligence for super-large cloud data centers.

Wireless Sensor Networks (WSN) are gaining popularity as being the backbone of Cyber physical systems, IOT and various data acquisition from sensors deployed in remote, inaccessible terrains have remote deployment. However due to remote deployment, WSN is an adhoc network of large number of sensors either heli-dropped in inaccessible terrain like volcanoes, Forests, border areas are highly energy deficient and available in large numbers. This makes it the right soup to become vulnerable to various kinds of Security attacks. The lack of energy and resources makes it deprived of developing a robust security code for mitigation of various kinds of attacks. Many attempts have been made to suggest a robust security Protocol. But these consume so much energy, bandwidth, processing power, memory and other resources that the sole purpose of data gathering from inaccessible terrain from energy deprived sensors gets defeated. This paper makes an attempt to study the types of attacks on different layers of WSN and the examine the recent trends in development of various security protocols to mitigate the attacks. Further, we have proposed a simple, lightweight but powerful security protocol known as Simple Sensor Security Protocol (SSSP), which captures the uniqueness of WSN and its isolation from internet to develop an energy efficient security solution.

With the continuous improvement of China's scientific and technological level, computer network has become an indispensable part of people's daily life. It can not only effectively improve the efficiency of production and life, and shorten the distance between people, but also further promote the speed of China's social and economic development, which has a positive impact on the realization of China's modernization. Under the new information security demand environment at present, we should pay attention to the related information security work and formulate effective security measures and strategies. In order to effectively prevent these information security problems, people should actively adopt firewall technology, encryption technology, network access control technology and network virus prevention technology for effective protection. This paper analyzes the security problems in the application of wireless sensor networks and explores the mechanism of defending information security, hoping to strengthen the security and stability of wireless sensor networks through effective measures, so that people can better enjoy the convenience brought by the network age.

It has been a hot research topic to detect and mitigate Distributed Denial-of-Service (DDoS) attacks due to the significant increase of serious threat of such attacks. The rapid growth of Internet of Things (IoT) has intensified this trend, e.g. the Mirai botnet and variants. To address this issue, a light-weight DDoS mitigation mechanism was presented. In the proposed scheme, flooding attacks are detected by stochastic queue allocation which can be executed with widespread and inexpensive commercial products at a network edge. However, the detection process is delayed when the number of incoming flows is large because of the randomness of queue allocation. Thus, in this paper we propose an efficient queue allocation algorithm for rapid DDoS mitigation using limited resources. The idea behind the proposed scheme is to avoid duplicate allocation by decreasing the randomness of the existing scheme. The performance of the proposed scheme was confirmed via theoretical analysis and computer simulation. As a result, it was confirmed that malicious flows are efficiently detected and discarded with the proposed algorithm.

As it is easy to ensure the confidentiality of users on the Dark Web, malware and exploit kits are sold on the market, and attack methods are discussed in forums. Some services provide IoT Botnet to perform distributed denial-of-service (DDoS as a Service: DaaS), and it is speculated that the purchase of these services is made on the Dark Web. By crawling such information and storing it in a database, threat intelligence can be obtained that cannot otherwise be obtained from information on the Surface Web. However, crawling sites on the Dark Web present technical challenges. For this paper, we implemented a crawler that can solve these challenges. We also collected information on markets and forums on the Dark Web by operating the implemented crawler. Results confirmed that the dataset collected by crawling contains threat intelligence that is useful for analyzing cyber attacks, particularly those related to IoT Botnet and DaaS. Moreover, by uncovering the relationship with security reports, we demonstrated that the use of data collected from the Dark Web can provide more extensive threat intelligence than using information collected only on the Surface Web.

With the popularity of cloud computing, cloud storage technology has also been widely used. Among them, data integrity verification is a hot research topic. At present, the realization of public auditing has become the development trend of integrity verification. Most existing public auditing schemes rarely consider some indispensable functions at the same time. Thus, in this paper, we propose a comprehensive public auditing scheme (PDBPA) that can simultaneously realize data block privacy protection, data dynamics, and multi- user batch auditing. Our PDBPA scheme is implemented in bilinear pairing. By adding random masking in the audit phase, with the help of the characteristics of homomorphic verifiable tags (HVTs), it can not only ensure that the TPA performs the audit work correctly, but also prevent it from exploring the user’s sensitive data. In addition, by utilizing the modified index hash table (MIHT), data dynamics can be effectively achieved. Furthermore, we provide a specific process for the TPA to perform batch audits for multiple users. Moreover, we formally prove the security of the scheme; while achieving the audit correctness, it can resist three types of attacks.

Industry 4.0 or also known as the fourth industrial revolution poses a great cybersecurity risk for Supervisory control and data acquisition (SCADA) systems. Nowadays, lots of enterprises have turned into renewable energy and are changing the energy dependency to be on wind power. The SCADA systems are often vulnerable against different kinds of cyberattacks and thus allowing intruders to successfully and intrude exfiltrate different wind farm SCADA systems. During our research a future concept testbed of a wind farm SCADA system is going to be introduced. The already existing real-world vulnerabilities that are identified are later on going to be demonstrated against the test SCADA wind farm system.

In today's world, there is rapid progress in the field of artificial intelligence and image captioning. It becomes a fascinating task that has saw widespread interest. The task of image captioning comprises image description engendered based on the hybrid combination of deep learning, natural language processing, and various approaches of machine learning and computer vision. In this work authors emphasize on how the model generates a short description as an output of the input image using the functionalities of Deep Learning and Natural Language Processing, for helping visually impaired people, and can also be cast-off in various web sites to automate the generation of captions reducing the task of recitation with great ease.

The fabricated circuitries are getting massive and denser with every passing year due to which a normal automatic test pattern generation technique to detect only the single stuck-at faults will overlook the multiple stuck-at faults. But generating test patterns that can detect all possible multiple stuck-at fault is practically not possible. Hence, this paper proposes a method, where multiple faults can be detected by using test vectors for detecting single stuck-at faults. Here, the patterns for detecting single faults are generated and their ability to detect multiple stuck-at faults is also analyzed. From the experimental results it was observed that, the generated vectors for single faults cover maximum number of the multiple faults and then new test vectors are generated for the undetermined faults. The generated vectors are optimized for the compact test patterns in order to reduce the test power.

With the reform of the power market(PM), various power applications based on computer networks have also developed. As a network application system supporting the operation of the PM, the technical support system(TSS) of the PM has become increasingly important for its network information security(NIS). The purpose of this article is to study the security protection of computer network information in power systems. This paper proposes an identity authentication algorithm based on digital signatures to verify the legitimacy of system user identities; on the basis of PMI, according to the characteristics of PM access control, a role-based access control model with time and space constraints is proposed, and a role-based access control model is designed. The access control algorithm based on the attribute certificate is used to manage the user's authority. Finally, according to the characteristics of the electricity market data, the data security transmission algorithm is designed and the feasibility is verified. This paper presents the supporting platform for the security test and evaluation of the network information system, and designs the subsystem and its architecture of the security situation assessment (TSSA) and prediction, and then designs the key technologies in this process in detail. This paper implements the subsystem of security situation assessment and prediction, and uses this subsystem to combine with other subsystems in the support platform to perform experiments, and finally adopts multiple manifestations, and the trend of the system's security status the graph is presented to users intuitively. Experimental studies have shown that the residual risks in the power system after implementing risk measures in virtual mode can reduce the risk value of the power system to a fairly low level by implementing only three reinforcement schemes.

In this work a time evolution model is used to help categorize malicious samples. This method can be used in anti-malware testing procedures as well as in detecting cyber-attacks. The time evolution mathematical model can help security experts to better understand the behaviour of malware attacks and malware families. It can be used for estimating much better their spreading and for planning the required defence actions against them. The basic time dependent variable of this model is the Ratio of the malicious files within an investigated time window. To estimate the main characteristics of the time series describing the change of the Ratio values related to a specific malicious file, nonlinear, exponential curve fitting method is used. The free parameters of the model were determined by numerical searching algorithms. The three parameters can be used in the information security field to describe more precisely the behaviour of a piece of malware and a family of malware as well. In the case of malware families, the aggregation of these parameters can provide effective solution for estimating the cyberthreat trends.

Today we live in a hyper-connected world, where a large amount of applications and services are supported by ad hoc networks. They have a decentralized management, are flexible and versatile but their characteristics are in turn their main weaknesses. This work introduces a preliminary analysis of the evolution, trends and the state of the art in the context of the security in ad hoc networks. To this end, two different methodologies are applied: a bibliometric analysis and a Systematic Literature Review. Results show that security in MANETs and VANETs are still an appealing research field. In addition, we realized that there is no clear separation of solutions by line of defense. This is because they are sometimes misclassified by the authors or simply there is no line of defense that totally fit well with the proposed solution. Because of that, new taxonomies including novel definitions of lines of defense are needed. In this work, we propose the use of tolerant or survivable solutions which are the ones that preserve critical system or network services in presence of fault, malfunctions or attacks.

Malware classification helps to understand its purpose and is also an important part of attack detection. And it is also an important part of discovering attacks. Due to continuous innovation and development of artificial intelligence, it is a trend to combine deep learning with malware classification. In this paper, we propose an improved malware image rescaling algorithm (IMIR) based on local mean algorithm. Its main goal of IMIR is to reduce the loss of information from samples during the process of converting binary files to image files. Therefore, we construct a neural network structure based on VGG model, which is suitable for image classification. In the real world, a mass of malware family labels are inaccurate or lacking. To deal with this situation, we propose a novel method to train the deep neural network by Semi-supervised Generative Adversarial Network (SGAN), which only needs a small amount of malware that have accurate labels about families. By integrating SGAN with weak coupling, we can retain the weak links of supervised part and unsupervised part of SGAN. It improves the accuracy of malware classification by making classifiers more independent of discriminators. The results of experimental demonstrate that our model achieves exhibiting favorable performance. The recalls of each family in our data set are all higher than 93.75%.

To ensure organization business and resources sustainability, it is required to establish Business Continuity Management System (BCMS). A key component of BCMS is conducting drills, which enables the organization to assess its readiness, sustainability and resiliency with an adequate planning for business continuation of unforeseen circumstances. The testing of the business services and processes is crucial and failing to conduct drills would lead to improper response and recovery strategies which will result in major financial loses. The drills aim to evaluate IT organization response, IT services recovery, identify observations, lessons learned and areas of improvement. As a result, identified observations are shared with service owners and tracked by BCMS to ensure closing all observations. However, tracking observations in a traditional manual approach is always associated with several challenges. This paper presents our experience in planning, executing, and validating the process of drills, by illustrating how an organization could overcome manual approach challenges with an automated observation tracking system. Additionally, we present our solution results in terms of time management and cost saving.

In recent years, the Internet-of-Things (IoT)-based traffic management system (ITMS) has attracted the attention of researchers from different fields, such as the automotive industry, academia and traffic management, due to its ability to enhance road safety and improve traffic efficiency. ITMS uses the Vehicle Ad-hoc Network (VANET) to communicate messages about traffic conditions or the event on the route to ensure the safety of the commuter. ITMS uses wireless communication technology for communication between different devices. Wireless communication has challenges to privacy and security. Challenges such as confidentiality, authentication, integrity, non-repudiation, identity, trust are major concerns of either security or privacy or both. This paper discusses the features of the traffic system, the features of the traffic management system (TMS) and the features of IoT that can be used in TMS with its challenges. Further, this paper analyses the work done in the last few years with the future scope of IoT in the TMS.

This work investigates the impact of mechanical strain on wake-up behavior of planar HfO2 ferroelectric capacitor-based memory. External in-plane strain was applied using a four-point bending tool and strain impact on remanent polarization and coercive voltage of the ferroelectric was monitored. It was established that compressive strain is beneficial for 2Pr improvement, while tensile strain leads to its degradation, with a sensitivity of -8.4 ± 0.5 % per 0.1 % of strain. Strain-induced polarization rotation is considered to be the most likely mechanism affecting 2Pr At the same time, no strain impact on Vcwas observed in the investigated strain range. The results seen here can be utilized to undertake stress engineering of ferroelectric memory in order to improve its performance.

Containers technology radically changed the ways for packaging applications and deploying them as services in cloud environments. According to the recent report on security predictions of 2020 by Trend Micro, the vulnerabilities in container components deployed with cloud architecture have been one of the top security concerns for development and operations teams in enterprises. Docker is one of the leading container technologies that automate the deployment of applications into containers. Docker Hub is a public repository by Docker for storing and sharing the Docker images. These Docker images are pulled from the Docker Hub repository and the security of images being used from the repositories in any cloud environment could be at risk. Vulnerabilities in Docker images could have a detrimental effect on enterprise applications. In this paper, the focus is on securing the Docker images using vulnerability centric approach (VCA) to detect the vulnerabilities. A set of use cases compliant with the NIST SP 800-190 Application Container Security Guide is developed for audit compliance of Docker container images with the OWASP Container Security Verification Standards (CSVS). In this paper, firs vulnerabilities of Docker container images are identified and assessed using the VCA. Then, a set of use cases to identify presence of the vulnerabilities is developed to facilitate the security audit of the container images. Finally, it is illustrated how the proposed use cases can be mapped with the requirements of the OWASP Container Security Verification Standards. The use cases can serve as a security auditing tool during the development, deployment, and maintenance of cloud microservices applications.

The pervasive use of software systems and current threat environment demand that software systems not only survive cyberattacks, but also bounce back better, stronger, and faster. However, what constitutes a modern software system? Where should the security and resilience mechanisms be-in the application software or in the cloud environment where it runs? In this concept paper, we set up a context to pose these questions and present a roadmap to answer them. We describe challenges to achieving resilience and beyond, and outline potential research directions to stimulate discussion in the workshop.

To break the data barrier of the information island and explore the value of data in the past few years, it has become a trend of uploading data to the cloud by data owners for data sharing. At the same time, they also hope that the uploaded data can still be controlled, which makes access control of cloud data become an intractable problem. As a famous cryptographic technology, ciphertext policy-based attribute encryption (CP-ABE) not only assures data confidentiality but implements fine-grained access control. However, the actual application of CP-ABE has its inherent challenge in attribute revocation. To address this challenge, we proposed an access control solution supporting attribute revocation in cloud computing. Unlike previous attribute revocation schemes, to solve the problem of excessive attribute revocation overhead, we use symmetric encryption technology to encrypt the plaintext data firstly, and then, encrypting the symmetric key by utilizing public-key encryption technology according to the access structure, so that only the key ciphertext is necessary to update when the attributes are revoked, which reduces the spending of ciphertext update to a great degree. The comparative analysis demonstrates that our solution is reasonably efficient and more secure to support attribute revocation and access control after data sharing.