Biblio

Given the central importance of designing secure protocols, providing solid mathematical foundations and computer-assisted methods to attest for their correctness is becoming crucial. Here, we elaborate on the formal approach introduced by Bana and Comon in [10], [11], which was originally designed to analyze protocols for a fixed number of sessions, and lacks support for proof mechanization.In this paper, we present a framework and an interactive prover allowing to mechanize proofs of security protocols for an arbitrary number of sessions in the computational model. More specifically, we develop a meta-logic as well as a proof system for deriving security properties. Proofs in our system only deal with high-level, symbolic representations of protocol executions, similar to proofs in the symbolic model, but providing security guarantees at the computational level. We have implemented our approach within a new interactive prover, the Squirrel prover, taking as input protocols specified in the applied pi-calculus, and we have performed a number of case studies covering a variety of primitives (hashes, encryption, signatures, Diffie-Hellman exponentiation) and security properties (authentication, strong secrecy, unlinkability).

Intel SGX provides a new method to protect software privacy data, but it faces the security risk of side channel attack. In our opinion, SGX side channel attack depend on the implicit mapping between control flow and data flow to infer privacy data indirectly with control flow. For this reason, we propose code reuse to construct dynamic control flow software. In this method, by loading a large number of related gadgets in advance, the software reset the software control data according to the original software semantics at runtime, so that the software control flow can change dynamically heavily. Based on code reuse, we make the software control flow change dynamically, and the mapping between control flow and data flow more complex and difficult to determine, which can increase the difficulty of SGX side channel attack.

Semantic data has semantic information about the relationship between information and resources of data collected in a smart city so that all different domains and data can be organically connected. Various services using semantic data such as public data integration of smart cities, semantic search, and linked open data are emerging, and services that open and freely use semantic data are also increasing. By using semantic data, it is possible to create a variety of services regardless of platform and resource characteristics. However, despite the many advantages of semantic data, it is not easy to use because it requires a high understanding of semantics such as SPARQL. Therefore, in this paper, we propose a semantic framework for users of semantic data so that new services can be created without a high understanding of semantics. The semantics framework includes a template-based annotator that supports automatically generating semantic data based on user input and a semantic REST API that allows you to utilize semantic data without understanding SPAROL.

Weakly supervised segmentation methods using bounding box annotations focus on obtaining a pixel-level mask from each box containing an object. Existing methods typically depend on a class-agnostic mask generator, which operates on the low-level information intrinsic to an image. In this work, we utilize higher-level information from the behavior of a trained object detector, by seeking the smallest areas of the image from which the object detector produces almost the same result as it does from the whole image. These areas constitute a bounding-box attribution map (BBAM), which identifies the target object in its bounding box and thus serves as pseudo ground-truth for weakly supervised semantic and instance segmentation. This approach significantly outperforms recent comparable techniques on both the PASCAL VOC and MS COCO benchmarks in weakly supervised semantic and instance segmentation. In addition, we provide a detailed analysis of our method, offering deeper insight into the behavior of the BBAM.

Mathematical model of web server protection is being proposed based on filtering HTTP (Hypertext Transfer Protocol) packets that do not match the semantic parameters of the request standards of this protocol. The model is defined as a graph, and the relationship between the parameters - the sets of vulnerabilities of the corporate network, the methods of attacks and their consequences-is described by the Cartesian product, which provides the correct interpretation of a corporate network cyber attack. To represent the individual stages of simulated attacks, it is possible to separate graph models in order to model more complex attacks based on the existing simplest ones. The unity of the model proposed representation of cyber attack in three variants is shown, namely: graphic, text and formula.

Semantic image annotation is a field of paramount importance in which deep learning excels. However, some application domains, like security or medicine, may need an explanation of this annotation. Explainable Artificial Intelligence is an answer to this need. In this work, an explanation is a sentence in natural language that is dedicated to human users to provide them clues about the process that leads to the decision: the labels assignment to image parts. We focus on semantic image annotation with fuzzy logic that has proven to be a useful framework that captures both image segmentation imprecision and the vagueness of human spatial knowledge and vocabulary. In this paper, we present an algorithm for textual explanation generation of the semantic annotation of image regions.

Perimeter models, which provide access control for protecting resources on networks, make authorization decisions using the source network of access requests as one of critical factors. However, such models are problematic because once a network is intruded, the attacker gains access to all of its resources. To overcome the above problem, a Zero Trust Network (ZTN) is proposed as a new security model in which access control is performed by authenticating users who request access and then authorizing such requests using various information about users and devices called contexts. To correctly make authorization decisions, this model must take a large amount of various contexts into account. However, in some cases, an access control mechanism cannot collect enough context to make decisions, e.g., when an organization that enforces access control joins the identity federation and uses systems operated by other organizations. This is because the contexts collected using the systems are stored in individual systems and no federation exists for sharing contexts. In this study, we propose the concept of a Zero Trust Federation (ZTF), which applies the concept of ZTN under the identity federation, and a method for sharing context among systems of organizations. Since context is sensitive to user privacy, we also propose a mechanism for sharing contexts under user control. We also verify context sharing by implementing a ZTF prototype.

Adversarial machine learning calculations handle adversarial instance age, producing bogus data information with the ability to fool any machine learning model. As the word implies, “foe” refers to a rival, whereas “rival” refers to a foe. In order to strengthen the machine learning models, this section discusses about the weakness of machine learning models and how effectively the misinterpretation occurs during the learning cycle. As definite as it is, existing methods such as creating adversarial models and devising powerful ML computations, frequently ignore semantics and the general skeleton including ML section. This research work develops an adversarial learning calculation by considering the coordinated portrayal by considering all the characteristics and Convolutional Neural Networks (CNN) explicitly. Figuring will most likely express minimal adjustments via data transport represented over positive and negative class markings, as well as a specific subsequent data flow misclassified by CNN. The final results recommend a certain game theory and formative figuring, which obtain incredible favored ensuring about significant learning models against the execution of shortcomings, which are reproduced as attack circumstances against various adversaries.

Dynamic Information Flow Tracking (DIFT), also called Dynamic Taint Analysis (DTA), is a technique for tracking the information as it flows through a program's execution. Specifically, some inputs or data get tainted and then these taint marks (tags) propagate usually at the instruction-level. While DIFT has been a fundamental concept in computer and network security for the past decade, it still faces open challenges that impede its widespread application in practice; one of them being the indirect flow propagation dilemma: should the tags involved in an indirect flow, e.g., in a control or address dependency, be propagated? Propagating all these tags, as is done for direct flows, leads to overtainting (all taintable objects become tainted), while not propagating them leads to undertainting (information flow becomes incomplete). In this paper, we analytically model that decisioning problem for indirect flows, by considering various tradeoffs including undertainting versus overtainting, importance of heterogeneous code semantics and context. Towards tackling this problem, we design MITOS, a distributed-optimization algorithm, that: decides about the propagation of indirect flows by properly weighting all these tradeoffs, is of low-complexity, is scalable, is able to flexibly adapt to different application scenarios and security needs of large distributed systems. Additionally, MITOS is applicable to most DIFT systems that consider an arbitrary number of tag types, and introduces the key properties of fairness and tag-balancing to the DIFT field. To demonstrate MITOS's applicability in practice, we implement and evaluate MITOS on top of an open-source DIFT, and we shed light on the open problem. We also perform a case-study scenario with a real in-memory only attack and show that MITOS improves simultaneously (i) system's spatiotemporal overhead (up to 40%), and (ii) system's fingerprint on suspected bytes (up to 167%) compared to traditional DIFT, even though these metrics usually conflict.

The ability to specify various policies with different overriding criteria allows for complex sets of sharing policies. This is particularly useful in situations in which data privacy depends on various properties of the data, and complex policies are needed to express the conditions under which data is protected. However, if overriding policy decisions constrain the affected data, decisions from overridden policies should not be suppressed completely, because they can still apply to subsets of the affected data. This article describes how a privacy policy framework can be extended with a mechanism to partially override decisions based on specified constraints. Our solution automatically generates complementary sets of decisions for both the overridden and the complementary, non-overridden subsets of the data, and thus, provides a means to specify a complex policies tailored to specific properties of the protected data.

Security is one of the most important problems in the engineering of online service-oriented systems. The current best practice in security design is a pattern-oriented approach. A large number of security design patterns have been identified, categorised and documented in the literature. The design of a security solution for a system starts with identification of security requirements and selection of appropriate security design patterns; these are then composed together. It is crucial to verify that the composition of security design patterns is valid in the sense that it preserves the features, semantics and soundness of the patterns and correct in the sense that the security requirements are met by the design. This paper proposes a methodology that employs the algebraic specification language SOFIA to specify security design patterns and their compositions. The specifications are then translated into the Alloy formalism and their validity and correctness are verified using the Alloy model checker. A tool that translates SOFIA into Alloy is presented. A case study with the method and the tool is also reported.

Fault attacks consist in changing the program behavior by injecting faults at run-time, either at hardware or at software level. Their goal is to change the correct progress of the algorithm and hence, either to allow gaining some privilege access or to allow retrieving some secret information based on an analysis of the deviation of the corrupted behavior with respect to the original one. Countermeasures have been proposed to protect embedded systems by adding spatial, temporal or information redundancy at hardware or software level. First we define Countermeasures Check Point (CCP) and CCPs-based countermeasures as an important subclass of countermeasures. Then we propose a methodology to generate an optimal protection scheme for CCPs-based countermeasure. Finally we evaluate our work on a benchmark of code examples with respect to several Control Flow Integrity (CFI) oriented existing protection schemes.

Authenticate on the system using only the authentication method based on username and password is not enough to ensure an acceptable level of information security for a critical system. It has been used in a multi factor authentication to increase the information security during the authentication process. However factors like what you have cause an inconvenience to the users, because the users during the authentication process always will need to have a device in their possession that complements the authentication process. By the other side of the biometric factor might change during the time, it needs an auxiliary device that will increase the costs and it also might be dependent from environmental conditions to work appropriately. To avoid some problems that exist in multi factor authentication, this work purposes authentication through semantic representation in OWL (web Ontology Language) tuples of recognized concepts in images as a form to increase the security in the authentication process. A proof of the concept was modeled and implemented, it has a demonstration that the robustness of this authentication system depends on the complexity of relationship in the semantic base (ontology) and in the simplicity of the relationship identified in the images.

In malware behavior analysis, there are limitations in the analysis method of control flow and data flow. Researchers analyzed data flow by dynamic taint analysis tools, however, it cost a lot. In this paper, we proposed a method of generating malware summary based on semantic behavior graphs (SBGs, Semantic Behavior Graphs) to address this issue. In this paper, we considered various situation where behaviors be capable of being associated, thus an algorithm of generating semantic behavior graphs was given firstly. Semantic behavior graphs are composed of behavior nodes and associated data edges. Then, we extracted behaviors and logical relationships between behaviors from semantic behavior graphs, and finally generated a summary of malware behaviors with true intension. Experimental results showed that our approach can effectively identify and describe malicious behaviors and generate accurate behavior summary.

With the gradual advancement of smart city construction, various information systems have been widely used in smart cities. In order to obtain huge economic benefits, criminals frequently invade the information system, which leads to the increase of malware. Malware attacks not only seriously infringe on the legitimate rights and interests of users, but also cause huge economic losses. Signature-based malware detection algorithms can only detect known malware, and are susceptible to evasion techniques such as binary obfuscation. Behavior-based malware detection methods can solve this problem well. Although there are some malware behavior analysis works, they may ignore semantic information in the malware API call sequence. In this paper, we design a joint framework based on local and global features for malware detection to solve the problem of network security of smart cities, called LGMal, which combines the stacked convolutional neural network and graph convolutional networks. Specially, the stacked convolutional neural network is used to learn API call sequence information to capture local semantic features and the graph convolutional networks is used to learn API call semantic graph structure information to capture global semantic features. Experiments on Alibaba Cloud Security Malware Detection datasets show that the joint framework gets better results. The experimental results show that the precision is 87.76%, the recall is 88.08%, and the F1-measure is 87.79%. We hope this paper can provide a useful way for malware detection and protect the network security of smart city.

Technologies such as cloud computing and big data management, have lately made significant progress creating an urgent need for specific databases that can safely store extensive data along with high availability. Specifically, a growing number of companies have adopted various types of non-relational databases, commonly referred to as NoSQL databases. These databases provide a robust mechanism for the storage and retrieval of large amounts of data without using a predefined schema. NoSQL platforms are superior to RDBMS, especially in cases when we are dealing with big data and parallel processing, and in particular, when there is no need to use relational modeling. Sensitive data is stored daily in NoSQL Databases, making the privacy problem more serious while raising essential security issues. In our paper, security and privacy issues when dealing with NoSQL databases are introduced and in following, security mechanisms and privacy solutions are thoroughly examined.

With the increasing attention to ocean and the development of data-intensive sciences, a large amount of ocean data has been acquired by various observing platforms and sensors, which poses new challenges to data management and utilization. Typically, nowadays we target to move ocean data management toward the FAIR principles of being findable, accessible, interoperable, and reusable. However, the data produced and managed by different organizations with wide diversity, various structures and increasing volume make it hard to be FAIR, and one of the most critical reason is the lack of unified data representation and publication methods. In this paper, we propose novel techniques to try to solve the problem by introducing semantics with ontologies. Specifically, we first propose a unified semantic model named OEDO to represent ocean data by defining the concepts of ocean observing field, specifying the relations between the concepts, and describing the properties with ocean metadata. Then, we further optimize the state-of-the-art quick service query list (QSQL) data structure, by extending the domain concepts with WordNet to improve data discovery. Moreover, based on the OEDO model and the optimized QSQL, we propose an ocean data service publishing method called DOLP to improve data discovery and data access. Finally, we conduct extensive experiments to demonstrate the effectiveness and efficiency of our proposals.

Earth science metadata keyword assignment is a challenging problem. Dataset curators select appropriate keywords from the Global Change Master Directory (GCMD) set of keywords. The keywords are integral part of search and discovery of these datasets. Hence, selection of keywords are crucial in increasing the discoverability of datasets. Utilizing machine learning techniques, we provide users with automated keyword suggestions as an improved approach to complement manual selection. We trained a machine learning model that leverages the semantic embedding ability of Word2Vec models to process abstracts and suggest relevant keywords. A user interface tool we built to assist data curators in assignment of such keywords is also described.

Android gives us opportunity to extract meaningful information from metadata. From the security point of view, the missing important information in metadata of an application could be a sign of suspicious application, which could be directed for extensive analysis. Especially the usage of dangerous permissions is expected to be explained in app descriptions. The permission-to-description fidelity problem in the literature aims to discover such inconsistencies between the usage of permissions and descriptions. This study proposes a new method based on natural language processing and recurrent neural networks. The effect of user reviews on finding such inconsistencies is also investigated in addition to application descriptions. The experimental results show that high precision is obtained by the proposed solution, and the proposed method could be used for triage of Android applications.

Semantic metadata is an important means to promote the integration of information and services and improve the level of search and discovery automation. Aiming at the problems that machine is difficult to handle service metadata description and lack of information metadata description in current SWIM information services, this paper analyzes the methods of metadata sematic empowerment and mainstream semantic metadata standards related to air traffic control system, constructs the SWIM information, and service sematic metadata model based on semantic expansion. The method of semantic metadata model mapping is given from two aspects of service and data, which can be used to improve the level of information sharing and intelligent processing.

Anomaly detection (AD) is very important across several real-world problems in the heavy industries and Internet-of-Things (IoT) domains. Traditional methods so far have categorized anomaly detection into (a) unsupervised, (b) semi-supervised and (c) supervised techniques. A relatively unexplored direction is the development of context aware anomaly detection systems which can build on top of any of these three techniques by using side information. Context can be captured from a different modality such as semantic graphs encoding grouping of sensors governed by the physics of the asset. Process flow diagrams of an operational plant depicting causal relationships between sensors can also provide useful context for ML algorithms. Capturing such semantics by itself can be pretty challenging, however, our paper mainly focuses on, (a) designing and implementing effective anomaly detection pipelines using sparse Gaussian Graphical Models with various statistical distance metrics, and (b) differentiating these pipelines by embedding contextual semantics inferred from graphs so as to obtain better KPIs in practice. The motivation for the latter of these two has been explained above, and the former in particular is well motivated by the relatively mediocre performance of highly parametric deep learning methods for small tabular datasets (compared to images) such as IoT sensor data. In contrast to such traditional automated deep learning (AutoAI) techniques, our anomaly detection system is based on developing semantics-driven industry specific ML pipelines which perform scalable computation evaluating several models to identify the best model. We benchmark our AD method against state-of-the-art AD techniques on publicly available UCI datasets. We also conduct a case study on IoT sensor and semantic data procured from a large thermal energy asset to evaluate the importance of semantics in enhancing our pipelines. In addition, we also provide explainable insights for our model which provide a complete perspective to a reliability engineer.

The coupling of safety-relevant embedded- and cyber-space components to build Cyber-Physical Systems (CPS) extends the functionality and quality in many business domains, while also creating new ones. Prime examples like Internet of Things and Industry 4.0 enable new technologies and extend the service capabilities of physical entities by building a universe of connected devices. In addition to higher complexity, the coupling of these heterogeneous systems results in many new challenges, which should be addressed by engineers and administrators. Here, security represents a major challenge, which may be well addressed in cyber-space engineering, but less in embedded system or CPS design. Although model-based engineering provides significant benefits for system architects, like reducing complexity and automated analysis, as well as being considered as standard methodology in embedded systems design, the aspect of security may not have had a major role in traditional engineering concepts. Especially the characteristics of CPS, as well as the coupling of safety-relevant (physical) components with high-scalable entities of the cyber-space domain have an enormous impact on the overall level of security, based on the introduced side effects and uncertainties. Therefore, we aim to define a model-based security-engineering framework, which is tailored to the needs of CPS engineers. Hereby, we focus on the actual modeling process, the evaluation of security, as well as quantitatively expressing security of a deployed CPS. Overall and in contrast to other approaches, we shift the engineering concepts on a semantic level, which allows to address the proposed challenges in CPS in the most efficient way.

With the development of positioning technology and the popularity of mobile devices, location-based services have been widely deployed. To use the services, users must provide the server accurate location information, during which the attacker tends to infer sensitive information from intercepting queries. In this paper, we model the road network as an edge cluster graph with its location semantics considered. Then, we propose the Circle First Structure Optimization (CFSO) algorithm which generates an anonymous set by adding optimal adjacent locations. Furthermore, we introduce controllable randomness and propose the Attack-Resilient (AR) algorithm to enhance the anti-attack ability. Meanwhile, to reduce the system overhead, our algorithms build the anonymous set quickly and take the structure of the anonymous set into account. Finally, we conduct experiments on a real map and the results demonstrate a higher anonymity success rate and a stronger anti-attack capability with less system overhead.

Massive images are being shared via a variety of ways, such as social networking. The rich content of images raise a serious concern for privacy. A great number of efforts have been devoted to designing mechanisms for privacy protection based on the assumption that the privacy is well defined. However, in practice, given a collection of images it is usually nontrivial to decide which parts of images should be protected, since the sensitivity of objects is context-dependent and user-dependent. To meet personalized privacy requirements of different users, we propose a system IEye to automatically detect private parts of images based on both common knowledge and personal knowledge. Specifically, for each user's images, multi-layered semantic graphs are constructed as feature representations of his/her images and a rule set is learned from those graphs, which describes his/her personalized privacy. In addition, an optimization algorithm is proposed to protect the user's privacy as well as minimize the loss of utility. We conduct experiments on two datasets, the results verify the effectiveness of our design to detect and protect personalized image privacy.

The evolution of Service-Oriented Computing (SOC) provides more efficient software development methods for building and engineering new value-added service-based applications. SOC is a computing paradigm that relies on Web services as fundamental elements. Research and technical advancements in Web services composition have been considered as an effective opportunity to develop new service-based applications satisfying complex requirements rapidly and efficiently. In this paper, we present a novel approach enhancing the composition of semantic Web services. The novelty of our approach, as compared to others reported in the literature, rests on: i) mapping user's/organization's requirements with Business Process Modeling Notation (BPMN) and semantic descriptions using ontologies, ii) considering functional requirements and also different types of non-functional requirements, such as quality of service (QoS), quality of experience (QoE), and quality of business (QoBiz), iii) using Formal Concept Analysis (FCA) technique to select the optimal set of Web services, iv) considering composability levels between sequential Web services using Relational Concept Analysis (RCA) technique to decrease the required adaptation efforts, and finally, v) validating the obtained service-based applications by performing an analytical technique, which is the monitoring. The approach experimented on an extended version of the OWLS-TC dataset, which includes more than 10830 Web services descriptions from various domains. The obtained results demonstrate that our approach allows to successfully and effectively compose Web services satisfying different types of user's functional and non-functional requirements.