Biblio

Vulnerability detection has always been an essential part of maintaining information security, and the existing work can significantly improve the performance of vulnerability detection. However, due to the differences in representation forms and deep learning models, various methods still have some limitations. In order to overcome this defect, We propose a vulnerability detection method VDBWGDL, based on weight graphs and deep learning. Firstly, it accurately locates vulnerability-sensitive keywords and generates variant codes that satisfy vulnerability trigger logic and programmer programming style through code variant methods. Then, the control flow graph is sliced for vulnerable code keywords and program critical statements. The code block is converted into a vector containing rich semantic information and input into the weight map through the deep learning model. According to specific rules, different weights are set for each node. Finally, the similarity is obtained through the similarity comparison algorithm, and the suspected vulnerability is output according to different thresholds. VDBWGDL improves the accuracy and F1 value by 3.98% and 4.85% compared with four state-of-the-art models. The experimental results prove the effectiveness of VDBWGDL.

In this paper, we propose a new ordered statistics decoding (OSD) for linear block codes, which is referred to as local constraint-based OSD (LC-OSD). Distinguished from the conventional OSD, which chooses the most reliable basis (MRB) for re-encoding, the LC-OSD chooses an extended MRB on which local constraints are naturally imposed. A list of candidate codewords is then generated by performing a serial list Viterbi algorithm (SLVA) over the trellis specified with the local constraints. To terminate early the SLVA for complexity reduction, we present a simple criterion which monitors the ratio of the bound on the likelihood of the unexplored candidate codewords to the sum of the hard-decision vector’s likelihood and the up-to-date optimal candidate’s likelihood. Simulation results show that the LC-OSD can have a much less number of test patterns than that of the conventional OSD but cause negligible performance loss. Comparisons with other complexity-reduced OSDs are also conducted, showing the advantages of the LC-OSD in terms of complexity.

Vulnerability discovery is an important field of computer security research and development today. Because most of the current vulnerability discovery methods require large-scale manual auditing, and the code parsing process is cumbersome and time-consuming, the vulnerability discovery effect is reduced. Therefore, for the uncertainty of vulnerability discovery itself, it is the most basic tool design principle that auxiliary security analysts cannot completely replace them. The purpose of this paper is to study the source code vulnerability discovery method based on graph neural network. This paper analyzes the three processes of data preparation, source code vulnerability mining and security assurance of the source code vulnerability mining method, and also analyzes the suspiciousness and particularity of the experimental results. The empirical analysis results show that the types of traditional source code vulnerability mining methods become more concise and convenient after using graph neural network technology, and we conducted a survey and found that more than 82% of people felt that the design source code vulnerability mining method used When it comes to graph neural networks, it is found that the design efficiency has become higher.

Nowadays, improving the reliability and security of the transmitted data has gained more attention with the increase in emerging power-limited and lightweight communication devices. Also, the transmission needs to meet specific latency requirements. Combining data encryption and encoding in one physical layer block has been exploited to study the effect on security and latency over traditional sequential data transmission. Some of the current works target secure error-correcting codes that may be candidates for post-quantum computing. However, modifying the popularly used channel coding techniques to guarantee secrecy and maintain the same error performance and complexity at the decoder is challenging since the structure of the channel coding blocks is altered which results in less optimal decoding performance. Also, the redundancy nature of the error-correcting codes complicates the encryption method. In this paper, we briefly review the proposed security schemes on Turbo codes. Then, we propose a secure turbo code design and compare it with the relevant security schemes in the literature. We show that the proposed method is more secure without adding complexity.

We present a ternary source coding scheme in this paper, which is a special class of low density generator matrix (LDGM) codes. We prove that a ternary linear block LDGM code, whose generator matrix is randomly generated with each element independent and identically distributed, is universal for source coding in terms of the symbol-error rate (SER). To circumvent the high-complex maximum likelihood decoding, we introduce a special class of convolutional LDGM codes, called block Markov superposition transmission of repetition (BMST-R) codes, which are iteratively decodable by a sliding window algorithm. Then the presented BMST-R codes are applied to construct a tandem scheme for Gaussian source compression, where a dead-zone quantizer is introduced before the ternary source coding. The main advantages of this scheme are its universality and flexibility. The dead-zone quantizer can choose a proper quantization level according to the distortion requirement, while the LDGM codes can adapt the code rate to approach the entropy of the quantized sequence. Numerical results show that the proposed scheme performs well for ternary sources over a wide range of code rates and that the distortion introduced by quantization dominates provided that the code rate is slightly greater than the discrete entropy.

Fractional repetition (FR) codes are a special family of regenerating codes with the repair-by-transfer property. The constructions of FR codes are naturally related to combinatorial designs, graphs, and hypergraphs. Given the file size of an FR code, it is desirable to determine the minimum number of storage nodes needed. The problem is related to an extremal graph theory problem, which asks for the minimum number of vertices of an α-regular graph such that any subgraph with k vertices has at most δ edges. In this paper, we present a class of regular graphs for this problem to give the bounds for the minimum number of storage nodes for the FR codes.

Recently, a mechanism that randomly shuffles the data sent and allows securing the communication without the need to encrypt all the information has been proposed. This proposal is ideal for IoT systems with low computational capacity. In this work, we analyze the strength of this proposal from a brute-force attack approach to obtain the original message without knowledge of the applied disordering. It is demonstrated that for a set of 10x10 16-bit data, the processing time and the required memory are unfeasible with current technology. Therefore, it is safe.

Critical infrastructures such as the electricity grid can be severely impacted by cyber-attacks on its supply chain. Hence, having a robust cybersecurity infrastructure and management system for the electricity grid is a high priority. This paper proposes a cyber-security protocol for defense against man-in-the-middle (MiTM) attacks to the supply chain, which uses encryption and cryptographic multi-party authentication. A cyber-physical simulator is utilized to simulate the power system, control system, and security layers. The correctness of the attack modeling and the cryptographic security protocol against this MiTM attack is demonstrated in four different attack scenarios.

Today, social communication through the Internet has become more popular and has become a crucial part of our daily life. Naturally, sending and receiving various data through the Internet has also grown a lot. Keeping important data secure in transit has become a challenge for individuals and even organizations. Therefore, the trinity of confidentiality, integrity, and availability will be essential, and encryption will definitely be one of the best solutions to this problem. Of course, for image data, it will not be possible to use conventional encryption methods for various reasons, such as the redundancy of image data, the strong correlation of adj acent pixels, and the large volume of image data. Therefore, special methods were developed for image encryption. Among the prevalent methods for image encryption is the use of DNA sequences as well as chaos signals. In this paper, a cycling 3D chaotic map and DNA sequences are used to present a new method for color image encryption. Several experimental analyses were performed on the proposed method, and the results proved that the presented method is secure and efficient.

Currently, the rapid development of digital communication and multimedia has made security an increasingly prominent issue of communicating, storing, and transmitting digital data such as images, audio, and video. Encryption techniques such as chaotic map based encryption can ensure high levels of security of data and have been used in many fields including medical science, military, and geographic satellite imagery. As a result, ensuring image data confidentiality, integrity, security, privacy, and authenticity while transferring and storing images over an unsecured network like the internet has become a high concern. There have been many encryption technologies proposed in recent years. This paper begins with a summary of cryptography and image encryption basics, followed by a discussion of different kinds of chaotic image encryption techniques and a literature review for each form of encryption. Finally, by examining the behaviour of numerous existing chaotic based image encryption algorithms, this paper hopes to build new chaotic based image encryption strategies in the future.

E-health, smart health and telemedicine are examples of sophisticated healthcare systems. For end-to-end communication, these systems rely on digital medical information. Although this digitizing saves much time, it is open source. As a result, hackers could potentially manipulate the digital medical image as it is being transmitted. It is harder to diagnose an actual disease from a modified digital medical image in medical diagnostics. As a result, ensuring the security and confidentiality of clinical images, as well as reducing the computing time of encryption algorithms, appear to be critical problems for research groups. Conventional approaches are insufficient to ensure high-level medical image security. So this review paper focuses on depicting advanced methods like DNA cryptography and Chaotic Map as advanced techniques that could potentially help in encrypting the digital image at an effective level. This review acknowledges the key accomplishments expressed in the encrypting measures and their success indicators of qualitative and quantitative measurement. This research study also explores the key findings and reasons for finding the lessons learned as a roadmap for impending findings.

Advanced Encryption Standard (AES) algorithm plays an important role in a data security application. In general S-box module in AES will give maximum confusion and diffusion measures during AES encryption and cause significant path delay overhead. In most cases, either L UTs or embedded memories are used for S- box computations which are vulnerable to attacks that pose a serious risk to real-world applications. In this paper, implementation of the composite field arithmetic-based Sub-bytes and inverse Sub-bytes operations in AES is done. The proposed work includes an efficient multiple round AES cryptosystem with higher-order transformation and composite field s-box formulation with some possible inner stage pipelining schemes which can be used for throughput rate enhancement along with path delay optimization. Finally, input biometric-driven key generation schemes are used for formulating the cipher key dynamically, which provides a higher degree of security for the computing devices.

Efficient large-scale biometric identification is a challenging open problem in biometrics today. Adding biometric information protection by cryptographic techniques increases the computational workload even further. Therefore, this paper proposes an efficient and improved use of coefficient packing for homomorphically protected biometric templates, allowing for the evaluation of multiple biometric comparisons at the cost of one. In combination with feature dimensionality reduction, the proposed technique facilitates a quadratic computational workload reduction for biometric identification, while long-term protection of the sensitive biometric data is maintained throughout the system. In previous works on using coefficient packing, only a linear speed-up was reported. In an experimental evaluation on a public face database, efficient identification in the encrypted domain is achieved on off-the-shelf hardware with no loss in recognition performance. In particular, the proposed improved use of coefficient packing allows for a computational workload reduction down to 1.6% of a conventional homomorphically protected identification system without improved packing.

Databases are at the heart of modern applications and any threats to them can seriously endanger the safety and functionality of applications relying on the services offered by a DBMS. It is therefore pertinent to identify key risks to the secure operation of a database system. This paper identifies the key risks, namely, SQL injection, weak audit trails, access management issues and issues with encryption. A malicious actor can get help from any of these issues. It can compromise integrity, availability and confidentiality of the data present in database systems. The paper also identifies various means and ways to defend against these issues and remedy them. This paper then proceeds to identify from the literature, the potential solutions to these ameliorate the threat from these vulnerabilities. It proposes the usage of encryption to protect the data from being breached and leveraging encrypted databases such as CryptoDB. Better access control norms are suggested to prevent unauthorized access, modification and deletion of the data. The paper also recommends ways to prevent SQL injection attacks through techniques such as prepared statements.

Physical layer secret key exploits the random but reciprocal channel features between legitimate users to encrypt their data against fiber-tapping. We propose a novel tapping-based eavesdropper scheme, leveraging its tapped signals from legitimate users to reconstruct their common features and the secret key.

A novel secure physical layer key generation method for Connected and Autonomous Vehicles (CAVs) against an attacker is proposed under fading and Additive White Gaussian Noise (AWGN). In the proposed method, a random sequence key is added to the demodulated sequence to generate a unique pre-shared key (PSK) to enhance security. Extensive computer simulation results proved that an attacker cannot extract the same legitimate PSK generated by the received vehicle even if identical fading and AWGN parameters are used both for the legitimate vehicle and attacker.

This paper presents a novel authentication method based on a distributed version of Kerberos for UAVs. One of the major problems of UAVs in recent years has been cyber-attacks which allow attackers to control the UAV or access its information. The growing use of UAVs has encouraged us to investigate the methods of their protection especially authentication of their users. In the past, the Kerberos system was rarely used for authentication in UAV systems. In our proposed method, based on a distributed version of Kerberos, we can authenticate multiple ground stations, users, and controllers for one or more UAVs. This method considers most of the security aspects to protect UAV systems mainly in the authentication phase and improves the security of UAVs and ground control stations and their communications considerably.

While 5G Edge Computing along with IoT technology has transformed the future of healthcare data transmission, it presents security vulnerabilities and risks when transmitting patients' confidential information. Currently, there are very few reliable security solutions available for healthcare data that routes through SDN routers in 5G Edge Computing. These solutions do not provide cryptographic security from IoT sensor devices. In this paper, we studied how 5G edge computing integrated with IoT network helps healthcare data transmission for remote medical treatment, explored security risks associated with unsecured data transmission, and finally proposed a cryptographic end-to-end security solution initiated at IoT sensor devices and routed through SDN routers. Our proposed solution with cryptographic security initiated at IoT sensor goes through SDN control plane and data plane in 5G edge computing and provides an end-to-end secured communication from IoT device to doctor's office. A prototype built with two-layer encrypted communication has been lab tested with promising results. This analysis will help future security implementation for eHealth in 5G and beyond networks.

Nowadays, lives are very much easier with the help of IoT. Due to lack of protection and a greater number of connections, the management of IoT becomes more difficult To manage the network flow, a Software Defined Networking (SDN) has been introduced. The SDN has a great capability in automatic and dynamic distribution. For harmful attacks on the controller a centralized SDN architecture unlocks the scope. Therefore, to reduce these attacks in real-time, a securing SDN enabled IoT scenario infrastructure of Fog networks is preferred. The virtual switches have network enforcement authorized decisions and these are executed through the SDN network. Apart from this, SDN switches are generally powerful machines and simultaneously these are used as fog nodes. Therefore, SDN looks like a good selection for Fog networks of IoT. Moreover, dynamically distributing the necessary crypto keys are allowed by the centralized and software channel protection management solution, in order to establish the Datagram Transport Layer Security (DTIS) tunnels between the IoT devices, when demanded by the cyber security framework. Through the extensive deployment of this combination, the usage of CPU is observed to be 30% between devices and the latencies are in milliseconds range, and thus it presents the system feasibility with less delay. Therefore, by comparing with the traditional SDN, it is observed that the energy consumption is reduced by more than 90%.

Sample-then-lock construction is a reusable fuzzy extractor for low-entropy sources. When applied on iris recognition scenarios, many subsets of an iris-code are used to lock the cryptographic key. The security of this construction relies on the entropy of subsets of iris codes. Simhadri et al. reported a security level of 32 bits on iris sources. In this paper, we propose two kinds of attacks to crack existing sample-then-lock schemes. Exploiting the low-entropy subsets, our attacks can break the locked key and the enrollment iris-code respectively in less than 220 brute force attempts. To protect from these proposed attacks, we design an improved sample-then-lock scheme. More precisely, our scheme employs stability and discriminability to select high-entropy subsets to lock the genuine secret, and conceals genuine locker by a large amount of chaff lockers. Our experiment verifies that existing schemes are vulnerable to the proposed attacks with a security level of less than 20 bits, while our scheme can resist these attacks with a security level of more than 100 bits when number of genuine subsets is 106.

In the present innovation, for the trading of information, the internet is the most well-known and significant medium. With the progression of the web and data innovation, computerized media has become perhaps the most famous and notable data transfer tools. This advanced information incorporates text, pictures, sound, video etc moved over the public organization. The majority of these advanced media appear as pictures and are a significant part in different applications, for example, chat, talk, news, website, web-based business, email, and digital books. The content is still facing various challenges in which including the issues of protection of copyright, modification, authentication. Cryptography, steganography, embedding techniques is widely used to secure the digital data. In this present the hybrid model of LSB steganography and Advanced Encryption Standard (AES) cryptography techniques to enhanced the security of the digital image and text that is undeniably challenging to break by the unapproved person. The security level of the secret information is estimated in the term of MSE and PSNR for better hiding required the low MSE and high PSNR values.

Data or information are being transferred at an enormous pace and hence protecting and securing this transmission of data are very important and have been very challenging. Cryptography and Steganography are the most broadly used techniques for safeguarding data by encryption of data and hiding the existence of data. A multi-layered secure transmission can be achieved by combining Cryptography with Steganography and by adding message authentication ensuring the confidentiality of the message. Different approach towards Steganography implementation is proposed using rotations and flips to prevent detection of encoded messages. Compression of multimedia files is set up for increasing the speed of encoding and consuming less storage space. The HMAC (Hash-based Authentication Code) algorithm is chosen for message authentication and integrity. The performance of the proposed Steganography methods is concluded using Histogram comparative analysis. Simulations have been performed to back the reliability of the proposed method.

Security and Controls with Data privacy in Internet of Things (IoT) devices is not only a present and future technology that is projected to connect a multitude of devices, but it is also a critical survival factor for IoT to thrive. As the quantity of communications increases, massive amounts of data are expected to be generated, posing a threat to both physical device and data security. In the Internet of Things architecture, small and low-powered devices are widespread. Due to their complexity, traditional encryption methods and algorithms are computationally expensive, requiring numerous rounds to encrypt and decode, squandering the limited energy available on devices. A simpler cryptographic method, on the other hand, may compromise the intended confidentiality and integrity. This study examines two lightweight encryption algorithms for Android devices: AES and RSA. On the other hand, the traditional AES approach generates preset encryption keys that the sender and receiver share. As a result, the key may be obtained quickly. In this paper, we present an improved AES approach for generating dynamic keys.

With the rapid development of the Internet of Things and the exploration of its application scenarios, embedded devices are deployed in various environments to collect information and data. In such environments, the security of embedded devices cannot be guaranteed and are vulnerable to various attacks, even device capture attacks. When embedded devices are attacked, the attacker can obtain the information transmitted by the channel during the encryption process and the internal operation of the encryption. In this paper, we analyze various existing white-box schemes and show whether they are suitable for application in IoT. We propose an application of WBEAs for distributed devices in IoT scenarios and conduct experiments on several devices in IoT scenarios.

Visible light communication (VLC) is a short-range wireless optical communication that can transmit data by switching lighting elements at high speeds in indoor areas. In common areas, VLC can provide data security at every layer of communication by using physical layer security (PLS) techniques as well as existing cryptography-based techniques. In the literature, PLS techniques have generally been studied for monochrome VLC systems, and multicolor VLC studies are quite limited. In this study, to the best of authors’ knowledge, null steering (NS) and artificial noise (AN), which are widely used PLS methods, have been applied to multi-colored LED-based VLC systems for the first time in the literature and the achievable secrecy rate has been calculated.