Biblio

Information sharing through internet has becoming challenge due to high-risk factor of attacks to the information being transferred. In this paper, a novel image-encryption edge based Image steganography technique is proposed. The proposed algorithm uses logistic map for encrypting the information prior to transmission. Laplacian of Gaussian (LoG) edge operator is used to find edge areas of the colored-cover-image. Simulation analysis demonstrates that the proposed algorithm has a good amount of payload along with better results of security analysis. The proposed scheme is compared with the existing-methods.

Information security of logistics services. Information security of logistics services is understood as a complex activity aimed at using information and means of its processing in order to increase the level of protection and normal functioning of the object's information environment. At the same time the main recommendations for ensuring information security of logistics processes include: logistics support of processes for ensuring the security of information flows of the enterprise; assessment of the quality and reliability of elements, reliability and efficiency of obtaining information about the state of logistics processes. However, it is possible to assess the level of information security within the organization's controlled part of the supply chain through levels and indicators. In this case, there are four levels and elements of information security of supply chains.

In order to improve the security and encryption efficiency of multi image cross hybrid encryption, a multi image cross hybrid encryption method based on combined chaotic system is proposed. On the basis of chaos theory, the characteristics of Logistic chaotic system and Lorenz chaotic system are analyzed, and Logistic chaotic system and Lorenz chaotic system are combined to form a combined chaotic system. In order to improve the security of multi image encryption, the plaintext image is preprocessed before encryption. The preprocessing process is embedding random number sequence in the plaintext image. Based on the random number embedded image, the combined chaotic system is applied to the multi image cross chaotic encryption method. Experimental results show that the proposed method has high encryption security and high encryption efficiency.

Incipient faults are faults at their initial stages and occur before permanent faults occur. It is very important to detect incipient faults timely and accurately for the safe and stable operation of the power system. At present, most of the detection methods for incipient faults are designed for the detection of a single device’s incipient fault, but a unified detection for multiple devices cannot be achieved. In order to increase the fault detection capability and enable detection expandability, this paper proposes a waveform vector embedding (WVE) method to embed incipient fault waveforms of different devices into waveform vectors. Then, we utilize the waveform vectors and formulate them into a waveform dictionary. To improve the efficiency of embedding the waveform signature into the learning process, we build a loss function that prevents overflow and overfitting of softmax function during when learning power system waveforms. We use the real data collected from an IEEE Power & Energy Society technical report to verify the feasibility of this method. For the result verification, we compare the superiority of this method with Logistic Regression and Support Vector Machine in different scenarios.

Peer code review has been found to be effective in identifying security vulnerabilities. However, despite practicing mandatory code reviews, many Open Source Software (OSS) projects still encounter a large number of post-release security vulnerabilities, as some security defects escape those. Therefore, a project manager may wonder if there was any weakness or inconsistency during a code review that missed a security vulnerability. Answers to this question may help a manager pinpointing areas of concern and taking measures to improve the effectiveness of his/her project's code reviews in identifying security defects. Therefore, this study aims to identify the factors that differentiate code reviews that successfully identified security defects from those that missed such defects. With this goal, we conduct a case-control study of Chromium OS project. Using multi-stage semi-automated approaches, we build a dataset of 516 code reviews that successfully identified security defects and 374 code reviews where security defects escaped. The results of our empirical study suggest that the are significant differences between the categories of security defects that are identified and that are missed during code reviews. A logistic regression model fitted on our dataset achieved an AUC score of 0.91 and has identified nine code review attributes that influence identifications of security defects. While time to complete a review, the number of mutual reviews between two developers, and if the review is for a bug fix have positive impacts on vulnerability identification, opposite effects are observed from the number of directories under review, the number of total reviews by a developer, and the total number of prior commits for the file under review.

Information security has become a crucial issue not only from the technical standpoint, but also from the managerial standpoint. The necessity for organizations to understand and manage cyber risk has led to the rise of a plethora of risk assessment methods and tools. These approaches are often difficult to interpret and complex to manage for organizations. In this paper, we propose a simple and quantitative method for the estimation of the likelihood of occurrence of a cyber incident. Our approach uses a generalized logistic function and a cumulative geometric distribution to combine the maturity and the complexity of the technical infrastructure of an organization with its attractiveness towards cyber criminals.

SMS (Short Message Service)-based authentication is widely used as a simple and secure multi-factor authentication, where OTP (One Time Password) is sent to user’s mobile phone via SMS. However, SMS authentication is vulnerable to Password Reset Man in the Middle Attack (PRMitM). In this attack, the attacker makes a victim perform password reset OTP for sign-up verification OTP. If the victim enters OTP to a malicious man-in-the-middle site, the attacker can overtake the victim’s account.We find new smartphone useful functions may increase PR-MitM attack risks. SMS push notification informs us an arrival of message by showing only beginning of the message. Hence, those who received SMS OTP do not notice the cautionary notes and the name of the sender that are supposed to show below the code, which may lead to be compromised. Auto-fill function, which allow us to input authentication code with one touch, is also vulnerable for the same reason.In this study, we conduct a user study to investigate the effect of new smartphone functions incurring PRMitM attack.

The special feature of the thing-user centric communication is that thing-users can form a society autonomously and collaborate to solve problems. To share experiences and knowledge, thing-users form, join, and leave communities. The thing-user, who needs a help from other thing-users to accomplish a mission, searches thing-user communities and nominates thing-users of the discovered communities to organize a collaborative work group. Thing-user community should perform autonomously the social construction process and need principles and procedures for the community formation and collaboration within the thing-user communities. This paper defines thing-user communities and proposes an organizational structure for the thing-user community formation.

Cyber-Physical Systems (CPS) such as intelligent connected vehicles, smart farming and smart logistics are constantly generating tons of data and requiring real-time data processing capabilities. Therefore, Edge Computing which provisions computing resources close to the End Devices from the network edge is becoming the ideal platform for CPS. However, it also brings many issues and one of the most prominent challenges is how to ensure the development of trustworthy smart services given the dynamic and distributed nature of Edge Computing. To tackle this challenge, this paper proposes a novel Federated Learning based Edge Computing platform for CPS, named “FengHuoLun”. Specifically, based on FengHuoLun, we can: 1) implement smart services where machine learning models are trained in a trusted Federated Learning framework; 2) assure the trustworthiness of smart services where CPS behaviours are tested and monitored using the Federated Learning framework. As a work in progress, we have presented an overview of the FengHuoLun platform and also some preliminary studies on its key components, and finally discussed some important future research directions.

The paper presents shared memory implementation of chaotic RGB LSB steganography technique, The proposed technique involves hiding the secret information into RGB components of the cover image. Chaotic logistic map has been used to generate highly random numbers for enhancing the security of embedded information. Encryption and decryption process is parallelized using OpenMP API in multicore environment, and results show significant speed up and highly scalable results even with large amount of data.

Current programming models for developing Internet of Things (IoT) applications are logically centralized and ill-suited for most IoT applications. We contribute Protocols over Things, a decentralized programming model that represents an IoT application via a protocol between the parties involved and provides improved performance over network-level delivery guarantees.

We present CrypTFlow, a first of its kind system that converts TensorFlow inference code into Secure Multi-party Computation (MPC) protocols at the push of a button. To do this, we build three components. Our first component, Athos, is an end-to-end compiler from TensorFlow to a variety of semihonest MPC protocols. The second component, Porthos, is an improved semi-honest 3-party protocol that provides significant speedups for TensorFlow like applications. Finally, to provide malicious secure MPC protocols, our third component, Aramis, is a novel technique that uses hardware with integrity guarantees to convert any semi-honest MPC protocol into an MPC protocol that provides malicious security. The malicious security of the protocols output by Aramis relies on integrity of the hardware and semi-honest security of MPC. Moreover, our system matches the inference accuracy of plaintext TensorFlow.We experimentally demonstrate the power of our system by showing the secure inference of real-world neural networks such as ResNet50 and DenseNet121 over the ImageNet dataset with running times of about 30 seconds for semi-honest security and under two minutes for malicious security. Prior work in the area of secure inference has been limited to semi-honest security of small networks over tiny datasets such as MNIST or CIFAR. Even on MNIST/CIFAR, CrypTFlow outperforms prior work.

Phishing attacks are the most common form of attacks that can happen over the internet. This method involves attackers attempting to collect data of a user without his/her consent through emails, URLs, and any other link that leads to a deceptive page where a user is persuaded to commit specific actions that can lead to the successful completion of an attack. These attacks can allow an attacker to collect vital information of the user that can often allow the attacker to impersonate the victim and get things done that only the victim should have been able to do, such as carry out transactions, or message someone else, or simply accessing the victim's data. Many studies have been carried out to discuss possible approaches to prevent such attacks. This research work includes three machine learning algorithms to predict any websites' phishing status. In the experimentation these models are trained using URL based features and attempted to prevent Zero-Day attacks by using proposed software proposal that differentiates the legitimate websites and phishing websites by analyzing the website's URL. From observations, the random forest classifier performed with a precision of 97%, a recall 99%, and F1 Score is 97%. Proposed model is fast and efficient as it only works based on the URL and it does not use other resources for analysis, as was the case for past studies.

An efficient and reversible meaningful image encryption scheme is proposed in this paper. The plain image is first compressed and encrypted simultaneously by Adaptive Block Compressive Sensing (ABCS) framework to create a noise-like secret image. Next, Least Significant Bit (LSB) embedding is employed to embed the secret image into a carrier image to generate the final meaningful cipher image. In this scheme, ABCS improves the compression and efficiency performance, and the embedding and extraction operations are absolutely reversible. The simulation results and security analyses are presented to demonstrate the effectiveness, compression, secrecy of the proposed scheme.

One of the emerging methodologies nowadays in the field of cryptography based on human DNA sequences. As the research says that even a limited quantity of DNA can store gigantic measure of information likewise DNA can process and transmit the information, such potential of DNA give rise to the idea of DNA cryptography. A synopsis of the research carried out in DNA based security presented in this paper. Included deliberation contain encryption algorithms based on random DNA, chaotic systems, polymerase chain reaction, coupled map lattices, and other common encryption algorithms. Purpose of algorithms are specific or general as some of them are only designed to encrypt the images or more specific images like medical images or text data and others designed to use it as general for images and text data. We discussed divergent techniques that proposed earlier based on random sample DNA, medical image encryption, image encryption, and cryptanalysis done on various algorithms. With the help of this paper, one can understand the existing algorithms and can design a DNA based encryption algorithm.

The purpose of this paper is to improve the safety of chaotic image encryption algorithm. Firstly, to achieve this goal, it put forward two improved chaotic system logistic and henon, which covered an promoted henon chaotic system with better probability density, and an 2-dimension logistic chaotic system with high Lyapunov exponents. Secondly, the chaotic key stream was generated by the new 2D logistic chaotic system and optimized henon mapping, which mixed in dynamic proportions. The conducted sequence has better randomness and higher safety for image cryptosystem. Thirdly, we proposed algorithm takes advantage of the compounded chaotic system Simulation experiment results and security analysis showed that the proposed scheme was more effective and secure. It can resist various typical attacks, has high security, satisfies the requirements of image encryption theoretical.

Security is one of the more challenging problem for wireless Ad-Hoc networks specially in MANT due their features like dynamic topology, no centralized infrastructure, open architecture, etc. that make its more prone to different attacks. These attacks can be passive or active. The passive attack it hard to detect it in the network because its targets the confidential of data packet by eavesdropping on it. Therefore, the privacy preservation for data packets payload which it transmission over MANET has been a major part of concern. especially for safety-sensitive applications such as, privacy conference meetings, military applications, etc. In this paper it used symmetric cryptography to provide privacy for data packet by proposed modified AES based on five proposed which are: Key generation based on multi chaotic system, new SubByte, new ShiftRows, Add-two-XOR, Add-Shiftcycl.

With the rapid development of the Internet of vehicles, there is a huge amount of multimedia data becoming a hidden trouble in the Internet of Things. Therefore, it is necessary to process and store them in real time as a way of big data curation. In this paper, a method of real-time processing and storage based on CDN in vehicle monitoring system is proposed. The MPEG-DASH standard is used to process the multimedia data by dividing them into MPD files and media segments. A real-time monitoring system of vehicle on the basis of the method introduced is designed and implemented.

This paper proposes a triple-layer, high capacity, message security scheme. The first two layers are of a cryptographic nature, whereas the third layer is of a steganographic nature. In the first layer, AES-128 encryption is performed on the secret message. In the second layer, a chaotic logistic map encryption is applied on the output of the first secure layer to increase the security of the scheme. In the third layer of security, a 2D image steganography technique is performed, where the least significant bit (LSB) -embedding is done according to a zigzag pattern in each of the three color planes of the cover image (i.e. RGB). The distinguishing feature of the proposed scheme is that the secret data is hidden in a zigzag manner that cannot be predicted by a third party. Moreover, our scheme achieves higher values of peak signal to noise ratio (PPSNR), mean square error (MSE), the structural similarity index metric (SSIM), normal cross correlation (NCC) and image fidelity (IF) compared to its counterparts form the literature. In addition, a histogram analysis as well as the high achieved capacity are magnificent indicators for a reliable and high capacity steganographic scheme.

The purpose of this paper is to improve the safety of chaotic image encryption algorithm. Firstly, to achieve this goal, it put forward two improved chaotic system logistic and henon, which covered an promoted henon chaotic system with better probability density, and an 2-dimension logistic chaotic system with high Lyapunov exponents. Secondly, the chaotic key stream was generated by the new 2D logistic chaotic system and optimized henon mapping, which mixed in dynamic proportions. The conducted sequence has better randomness and higher safety for image cryptosystem. Thirdly, we proposed algorithm takes advantage of the compounded chaotic system Simulation experiment results and security analysis showed that the proposed scheme was more effective and secure. It can resist various typical attacks, has high security, satisfies the requirements of image encryption theoretical.

Chaotic dynamics is widely used to design pseudo-random number generators and for other applications, such as secure communications and encryption. This paper aims to study the dynamics of the discrete-time chaotic maps in the digital (i.e., finite-precision) domain. Differing from the traditional approaches treating a digital chaotic map as a black box with different explanations according to the test results of the output, the dynamical properties of such chaotic maps are first explored with a fixed-point arithmetic, using the Logistic map and the Tent map as two representative examples, from a new perspective with the corresponding state-mapping networks (SMNs). In an SMN, every possible value in the digital domain is considered as a node and the mapping relationship between any pair of nodes is a directed edge. The scale-free properties of the Logistic map's SMN are proved. The analytic results are further extended to the scenario of floating-point arithmetic and for other chaotic maps. Understanding the network structure of a chaotic map's SMN in digital computers can facilitate counteracting the undesirable degeneration of chaotic dynamics in finite-precision domains, also helping to classify and improve the randomness of pseudo-random number sequences generated by iterating the chaotic maps.

Adversarial attacks have been the hot research field in artificial intelligence security. Decision-based black-box adversarial attacks are much more appropriate in the real-world scenarios, where only the final decisions of the targeted deep neural networks are accessible. However, since there is no available guidance for searching the imperceptive adversarial perturbation, boundary attack, one of the best performing decision-based black-box attacks, carries out computationally expensive search. For improving attack efficiency, we propose a novel black box explanation guided decision-based black-box adversarial attack. Firstly, the problem of decision-based adversarial attacks is modeled as a derivative-free and constraint optimization problem. To solve this optimization problem, the black box explanation guided constrained random search method is proposed to more quickly find the imperceptible adversarial example. The insights into the targeted deep neural networks explored by the black box explanation are fully used to accelerate the computationally expensive random search. Experimental results demonstrate that our proposed attack improves the attack efficiency by 64% compared with boundary attack.

Network covert channels are used in various cyberattacks, including disclosure of sensitive information and enabling stealth tunnels for botnet commands. With time and technology, covert channels are becoming more prevalent, complex, and difficult to detect. The current methods for detection are protocol and pattern specific. This requires the investment of significant time and resources into application of various techniques to catch the different types of covert channels. This paper reviews several patterns of network storage covert channels, describes generation of network traffic dataset with covert channels, and proposes a generic, protocol-independent approach for the detection of network storage covert channels using a supervised machine learning technique. The implementation of the proposed generic detection model can lead to a reduction of necessary techniques to prevent covert channel communication in network traffic. The datasets we have generated for experimentation represent storage covert channels in the IP, TCP, and DNS protocols and are available upon request for future research in this area.

In this paper, new image encryption based on singular value decomposition (SVD), fractional discrete cosine transform (FrDCT) and the chaotic system is proposed for the security of medical image. Reliability, vitality, and efficacy of medical image encryption are strengthened by it. The proposed method discusses the benefits of FrDCT over fractional Fourier transform. The key sensitivity of the proposed algorithm for different medical images inspires us to make a platform for other researchers. Theoretical and statistical tests are carried out demonstrating the high-level security of the proposed algorithm.

In this paper, an image encryption scheme based on dynamic DNA sequence and two dimension logistic map is proposed. Firstly two different pseudo random sequences are generated using two dimension Sine-Henon alteration map. These sequences are used for altering the positions of each pixel of plain image row wise and column wise respectively. Secondly each pixels of distorted image and values of random sequences are converted into a DNA sequence dynamically using one dimension logistic map. Reversible DNA operations are applied between DNA converted pixel and random values. At last after decoding the results of DNA operations cipher image is obtained. Different theoretical analyses and experimental results proved the effectiveness of this algorithm. Large key space proved that it is possible to protect different types of attacks using our proposed encryption scheme.