Visible to the public Biblio

Found 191 results

Filters: Keyword is Industries  [Clear All Filters]
2023-09-20
Dhalaria, Meghna, Gandotra, Ekta.  2022.  Android Malware Risk Evaluation Using Fuzzy Logic. 2022 Seventh International Conference on Parallel, Distributed and Grid Computing (PDGC). :341—345.
The static and dynamic malware analysis are used by industrialists and academics to understand malware capabilities and threat level. The antimalware industries calculate malware threat levels using different techniques which involve human involvement and a large number of resources and analysts. As malware complexity, velocity and volume increase, it becomes impossible to allocate so many resources. Due to this reason, it is projected that the number of malware apps will continue to rise, and that more devices will be targeted in order to commit various sorts of cybercrime. It is therefore necessary to develop techniques that can calculate the damage or threat posed by malware automatically as soon as it is identified. In this way, early warnings about zero-day (unknown) malware can assist in allocating resources for carrying out a close analysis of it as soon as it is identified. In this paper, a fuzzy modelling approach is described for calculating the potential risk of malicious programs through static malware analysis.
2023-08-25
Chen, Qingqing, Zhou, Mi, Cai, Ziwen, Su, Sheng.  2022.  Compliance Checking Based Detection of Insider Threat in Industrial Control System of Power Utilities. 2022 7th Asia Conference on Power and Electrical Engineering (ACPEE). :1142—1147.
Compare to outside threats, insider threats that originate within targeted systems are more destructive and invisible. More importantly, it is more difficult to detect and mitigate these insider threats, which poses significant cyber security challenges to an industry control system (ICS) tightly coupled with today’s information technology infrastructure. Currently, power utilities rely mainly on the authentication mechanism to prevent insider threats. If an internal intruder breaks the protection barrier, it is hard to identify and intervene in time to prevent harmful damage. Based on the existing in-depth security defense system, this paper proposes an insider threat protection scheme for ICSs of power utilities. This protection scheme can conduct compliance check by taking advantage of the characteristics of its business process compliance and the nesting of upstream and downstream business processes. Taking the Advanced Metering Infrastructures (AMIs) in power utilities as an example, the potential insider threats of violation and misoperation under the current management mechanism are identified after the analysis of remote charge control operation. According to the business process, a scheme of compliance check for remote charge control command is presented. Finally, the analysis results of a specific example demonstrate that the proposed scheme can effectively prevent the consumers’ power outage due to insider threats.
Wu, Bo, Chen, Lei, Zong, Qi.  2022.  Research on New Power System Network Security Guarantee System. 2022 International Conference on Informatics, Networking and Computing (ICINC). :91–94.
Based on the characteristics of the new power system with many points, wide range and unattended, this paper studies the specific Cyberspace security risks faced by the disease control side, the station side and the site side, and proposes a new power system Cyberspace security assurance system of “integration of collection, network, side, end, industry and people”. The site side security access measures, the site side civil air defense technology integration measures, the whole business endogenous security mechanism, the whole domain communication security mechanism, the integrated monitoring and early warning and emergency response mechanism are specifically adopted to form a comprehensive integrated security mechanism for the new power system, form a sustainable protection model, effectively improve the security capability, while taking into account the cost and operational complexity of specific implementation links, Provide comprehensive guarantee capability for the safe operation of the new power system.
2023-08-24
Zhang, Deng, Zhao, Jiang, Ding, Dingding, Gao, Hanjun.  2022.  Networked Control System Information Security Platform. 2022 IEEE Asia-Pacific Conference on Image Processing, Electronics and Computers (IPEC). :738–742.
With the development of industrial informatization, information security in the power production industry is becoming more and more important. In the power production industry, as the critical information egress of the industrial control system, the information security of the Networked Control System is particularly important. This paper proposes a construction method for an information security platform of Networked Control System, which is used for research, testing and training of Networked Control System information security.
2023-08-17
Hariharasudan, V, Quraishi, Suhail Javed.  2022.  A Review on Blockchain Based Identity Management System. 2022 3rd International Conference on Intelligent Engineering and Management (ICIEM). :735—740.
The expansion of the internet has resulted in huge growth in every industry. It does, however, have a substantial impact on the downsides. Because of the internet's rapid growth, personally identifiable information (PII) should be kept secure in the coming years. Obtaining someone's personal information is rather simple nowadays. There are some established methods for keeping our personal information private. Further, it is essential because we must provide our identity cards to someone for every verification step. In this paper, we will look at some of the attempted methods for protecting our identities. We will highlight the research gaps and potential future enhancements in the research for more enhanced security based on our literature review.
Saragih, Taruly Karlina, Tanuwijaya, Eric, Wang, Gunawan.  2022.  The Use of Blockchain for Digital Identity Management in Healthcare. 2022 10th International Conference on Cyber and IT Service Management (CITSM). :1—6.
Digitalization has occurred in almost all industries, one of them is health industry. Patients” medical records are now easier to be accessed and managed as all related data are stored in data storages or repositories. However, this system is still under development as number of patients still increasing. Lack of standardization might lead to patients losing their right to control their own data. Therefore, implementing private blockchain system with Self-Sovereign Identity (SSI) concept for identity management in health industry is a viable notion. With SSI, the patients will be benefited from having control over their own medical records and stored with higher security protocol. While healthcare providers will benefit in Know You Customer (KYC) process, if they handle new patients, who move from other healthcare providers. It will eliminate and shorten the process of updating patients' medical records from previous healthcare providers. Therefore, we suggest several flows in implementing blockchain for digital identity in healthcare industry to help overcome lack of patient's data control and KYC in current system. Nevertheless, implementing blockchain on health industry requires full attention from surrounding system and stakeholders to be realized.
2023-08-11
Skanda, C., Srivatsa, B., Premananda, B.S..  2022.  Secure Hashing using BCrypt for Cryptographic Applications. 2022 IEEE North Karnataka Subsection Flagship International Conference (NKCon). :1—5.
Impactful data breaches that exposed the online accounts and financial information of billions of individuals have increased recently because of the digitization of numerous industries. As a result, the need for comprehensive cybersecurity measures has risen, particularly with regard to the safekeeping of user passwords. Strong password storage security ensures that even if an attacker has access to compromised data, they are unable to utilize the passwords in attack vectors like credential-stuffing assaults. Additionally, it will reduce the risk of threats like fraudulent account charges or account takeovers for users. This study compares the performance of several hashing algorithms, including Bcrypt, SHA-256 and MD5 and how bcrypt algorithm outperforms the other algorithms. Reversal of each of the results will be attempted using Rainbow Tables for better understanding of hash reversals and the comparisons are tabulated. The paper provides a detail implementation of bcrypt algorithm and sheds light on the methodology of BCRYPT hashing algorithm results in robust password security. While SHA-256 hashing algorithms are, easily susceptible to simple attacks such as brute force as it a fast algorithm and making bcrypt more favorable.
2023-07-21
Xin, Wu, Shen, Qingni, Feng, Ke, Xia, Yutang, Wu, Zhonghai, Lin, Zhenghao.  2022.  Personalized User Profiles-based Insider Threat Detection for Distributed File System. 2022 IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom). :1441—1446.
In recent years, data security incidents caused by insider threats in distributed file systems have attracted the attention of academia and industry. The most common way to detect insider threats is based on user profiles. Through analysis, we realize that based on existing user profiles are not efficient enough, and there are many false positives when a stable user profile has not yet been formed. In this work, we propose personalized user profiles and design an insider threat detection framework, which can intelligently detect insider threats for securing distributed file systems in real-time. To generate personalized user profiles, we come up with a time window-based clustering algorithm and a weighted kernel density estimation algorithm. Compared with non-personalized user profiles, both the Recall and Precision of insider threat detection based on personalized user profiles have been improved, resulting in their harmonic mean F1 increased to 96.52%. Meanwhile, to reduce the false positives of insider threat detection, we put forward operation recommendations based on user similarity to predict new operations that users will produce in the future, which can reduce the false positive rate (FPR). The FPR is reduced to 1.54% and the false positive identification rate (FPIR) is as high as 92.62%. Furthermore, to mitigate the risks caused by inaccurate authorization for users, we present user tags based on operation content and permission. The experimental results show that our proposed framework can detect insider threats more effectively and precisely, with lower FPR and high FPIR.
Elmoghrapi, Asma N., Bleblo, Ahmed, Younis, Younis A..  2022.  Fog Computing or Cloud Computing: a Study. 2022 International Conference on Engineering & MIS (ICEMIS). :1—6.
Cloud computing is a new term that refers to the service provisioned over the Internet. It is considered one of the foremost prevailing standards within the Data Innovation (IT) industry these days. It offers capable handling and capacity assets as on-demand administrations at diminished fetched, and progressed productivity. It empowers sharing computing physical assets among cloud computing tents and offers on-demand scaling with taken toll effectiveness. Moreover, cloud computing plays an important role in data centers because they house virtually limitless computational and storage capacities that businesses and end-users can access and use via the Internet. In the context of cloud computing, fog computing refers to bringing services to the network’s edge. Fog computing gives cloud-like usefulness, such as information capacity space, systems, and compute handling control, yet with a more noteworthy scope and nearness since fog nodes are found close to d-user edge gadgets, leveraging assets and diminishing inactivity. The concepts of cloud computing and fog computing will be explored in this paper, and their features will be contrasted to determine the differences between them. Over 25 factors have been used to compare them.
2023-07-18
Kuang, Randy, Perepechaenko, Maria.  2022.  Digital Signature Performance of a New Quantum Safe Multivariate Polynomial Public Key Algorithm. 2022 7th International Conference on Computer and Communication Systems (ICCCS). :419—424.
We discuss the performance of a new quantumsafe multivariate digital signature scheme proposed recently, called the Multivariate Polynomial Public Key Digital Signature (MPPK DS) scheme. Leveraging MPPK KEM or key exchange mechanism, the MPPK DS scheme is established using modular exponentiation with a randomly chosen secret base from a prime field. The security of the MPPK DS algorithm largely benefits from a generalized safe prime associated with the said field and the Euler totient function. We can achieve NIST security levels I, III, and V over a 64-bit prime field, with relatively small public key sizes of 128 bytes, 192 bytes, and 256 bytes for security levels I, III, and V, respectively. The signature sizes are 80 bytes for level I, 120 bytes for level III, and 160 bytes for level V. The MPPK DS scheme offers probabilistic procedures for signing and verification. That is, for each given signing message, a signer can randomly pick a base integer to be used for modular exponentiation with a private key, and a verifier can verify the signature with the digital message, based on the verification relationship, using any randomly selected noise variables. The verification process can be repeated as many times as the verifier wishes for different noise values, however, for a true honest signature, the verification will always pass. This probabilistic feature largely restricts an adversary to perform spoofing attacks. In this paper, we conduct some performance analyses by implementing MPPK DS in Java. We compare its performance with benchmark performances of NIST PQC Round 3 finalists: Rainbow, Dilithium, and Falcon. Overall, the MPPK DS scheme demonstrates equivalent or better performance, and much smaller public key, as well as signature sizes, compared to the three NIST PQC Round 3 finalists.
2023-07-13
Eisele, Max.  2022.  Debugger-driven Embedded Fuzzing. 2022 IEEE Conference on Software Testing, Verification and Validation (ICST). :483–485.
Embedded Systems - the hidden computers in our lives - are deployed in the billionths and are already in the focus of attackers. They pose security risks when not tested and maintained thoroughly. In recent years, fuzzing has become a promising technique for automated security testing of programs, which can generate tons of test inputs for a program. Fuzzing is hardly applied to embedded systems, because of their high diversity and closed character. During my research I want tackle that gap in fuzzing embedded systems - short: “Embedded Fuzzing”. My goal is to obtain insights of the embedded system during execution, by using common debugging interfaces and hardware breakpoints to enable guided fuzzing in a generic and widely applicable way. Debugging interfaces and hardware breakpoints are available for most common microcontrollers, generating a potential industry impact. Preliminary results show that the approach covers basic blocks faster than blackbox fuzzing. Additionally, it is source code agnostic and leaves the embedded firmware unaltered.
ISSN: 2159-4848
2023-07-10
Dong, Yeting, Wang, Zhiwen, Guo, Wuyuan.  2022.  Overview of edge detection algorithms based on mathematical morphology. 2022 IEEE 6th Advanced Information Technology, Electronic and Automation Control Conference (IAEAC ). :1321—1326.
Edge detection is the key and difficult point of machine vision and image processing technology. The traditional edge detection algorithm is sensitive to noise and it is difficult to accurately extract the edge of the image, so the effect of image processing is not ideal. To solve this problem, people in the industry use the structural element features of morphological edge detection operator to extract the edge features of the image by carefully designing and combining the structural elements of different sizes and directions, so as to effectively ensure the integrity of edge information in all directions and eliminate large noise at the same time. This paper first introduces the traditional edge detection algorithms, then summarizes the edge detection algorithms based on mathematical morphology in recent years, finds that the selection of multi-scale and multi-directional structural elements is an important research direction, and finally discusses the development trend of mathematical morphology edge detection technology.
2023-06-30
Ma, Xuebin, Yang, Ren, Zheng, Maobo.  2022.  RDP-WGAN: Image Data Privacy Protection Based on Rényi Differential Privacy. 2022 18th International Conference on Mobility, Sensing and Networking (MSN). :320–324.
In recent years, artificial intelligence technology based on image data has been widely used in various industries. Rational analysis and mining of image data can not only promote the development of the technology field but also become a new engine to drive economic development. However, the privacy leakage problem has become more and more serious. To solve the privacy leakage problem of image data, this paper proposes the RDP-WGAN privacy protection framework, which deploys the Rényi differential privacy (RDP) protection techniques in the training process of generative adversarial networks to obtain a generative model with differential privacy. This generative model is used to generate an unlimited number of synthetic datasets to complete various data analysis tasks instead of sensitive datasets. Experimental results demonstrate that the RDP-WGAN privacy protection framework provides privacy protection for sensitive image datasets while ensuring the usefulness of the synthetic datasets.
Shejy, Geocey, Chavan, Pallavi.  2022.  Sensitivity Support in Data Privacy Algorithms. 2022 2nd Asian Conference on Innovation in Technology (ASIANCON). :1–4.
Personal data privacy is a great concern by governments across the world as citizens generate huge amount of data continuously and industries using this for betterment of user centric services. There must be a reasonable balance between data privacy and utility of data. Differential privacy is a promise by data collector to the customer’s personal privacy. Centralised Differential Privacy (CDP) is performing output perturbation of user’s data by applying required privacy budget. This promises the inclusion or exclusion of individual’s data in data set not going to create significant change for a statistical query output and it offers -Differential privacy guarantee. CDP is holding a strong belief on trusted data collector and applying global sensitivity of the data. Local Differential Privacy (LDP) helps user to locally perturb his data and there by guaranteeing privacy even with untrusted data collector. Many differential privacy algorithms handles parameters like privacy budget, sensitivity and data utility in different ways and mostly trying to keep trade-off between privacy and utility of data. This paper evaluates differential privacy algorithms in regard to the privacy support it offers according to the sensitivity of the data. Generalized application of privacy budget is found ineffective in comparison to the sensitivity based usage of privacy budget.
2023-06-29
Matheven, Anand, Kumar, Burra Venkata Durga.  2022.  Fake News Detection Using Deep Learning and Natural Language Processing. 2022 9th International Conference on Soft Computing & Machine Intelligence (ISCMI). :11–14.

The rise of social media has brought the rise of fake news and this fake news comes with negative consequences. With fake news being such a huge issue, efforts should be made to identify any forms of fake news however it is not so simple. Manually identifying fake news can be extremely subjective as determining the accuracy of the information in a story is complex and difficult to perform, even for experts. On the other hand, an automated solution would require a good understanding of NLP which is also complex and may have difficulties producing an accurate output. Therefore, the main problem focused on this project is the viability of developing a system that can effectively and accurately detect and identify fake news. Finding a solution would be a significant benefit to the media industry, particularly the social media industry as this is where a large proportion of fake news is published and spread. In order to find a solution to this problem, this project proposed the development of a fake news identification system using deep learning and natural language processing. The system was developed using a Word2vec model combined with a Long Short-Term Memory model in order to showcase the compatibility of the two models in a whole system. This system was trained and tested using two different dataset collections that each consisted of one real news dataset and one fake news dataset. Furthermore, three independent variables were chosen which were the number of training cycles, data diversity and vector size to analyze the relationship between these variables and the accuracy levels of the system. It was found that these three variables did have a significant effect on the accuracy of the system. From this, the system was then trained and tested with the optimal variables and was able to achieve the minimum expected accuracy level of 90%. The achieving of this accuracy levels confirms the compatibility of the LSTM and Word2vec model and their capability to be synergized into a single system that is able to identify fake news with a high level of accuracy.

ISSN: 2640-0146

2023-06-23
Deri, Luca, Cardigliano, Alfredo.  2022.  Using CyberScore for Network Traffic Monitoring. 2022 IEEE International Conference on Cyber Security and Resilience (CSR). :56–61.
The growing number of cybersecurity incidents and the always increasing complexity of cybersecurity attacks is forcing the industry and the research community to develop robust and effective methods to detect and respond to network attacks. Many tools are either built upon a large number of rules and signatures which only large third-party vendors can afford to create and maintain, or are based on complex artificial intelligence engines which, in most cases, still require personalization and fine-tuning using costly service contracts offered by the vendors.This paper introduces an open-source network traffic monitoring system based on the concept of cyberscore, a numerical value that represents how a network activity is considered relevant for spotting cybersecurity-related events. We describe how this technique has been applied in real-life networks and present the result of this evaluation.
2023-06-22
Ashodia, Namita, Makadiya, Kishan.  2022.  Detection and Mitigation of DDoS attack in Software Defined Networking: A Survey. 2022 International Conference on Sustainable Computing and Data Communication Systems (ICSCDS). :1175–1180.

Software Defined Networking (SDN) is an emerging technology, which provides the flexibility in communicating among network. Software Defined Network features separation of the data forwarding plane from the control plane which includes controller, resulting centralized network. Due to centralized control, the network becomes more dynamic, and resources are managed efficiently and cost-effectively. Network Virtualization is transformation of network from hardware-based to software-based. Network Function Virtualization will permit implementation, adaptable provisioning, and even management of functions virtually. The use of virtualization of SDN networks permits network to strengthen the features of SDN and virtualization of NFV and has for that reason has attracted notable research awareness over the last few years. SDN platform introduces network security challenges. The network becomes vulnerable when a large number of requests is encapsulated inside packet\_in messages and passed to controller from switch for instruction, if it is not recognized by existing flow entry rules. which will limit the resources and become a bottleneck for the entire network leading to DDoS attack. It is necessary to have quick provisional methods to prevent the switches from breaking down. To resolve this problem, the researcher develops a mechanism that detects and mitigates flood attacks. This paper provides a comprehensive survey which includes research relating frameworks which are utilized for detecting attack and later mitigation of flood DDoS attack in Software Defined Network (SDN) with the help of NFV.

2023-06-09
Devliyal, Swati, Sharma, Sachin, Goyal, Himanshu Rai.  2022.  Cyber Physical System Architectures for Pharmaceutical Care Services: Challenges and Future Trends. 2022 IEEE International Conference on Current Development in Engineering and Technology (CCET). :1—6.
The healthcare industry is confronted with a slew of significant challenges, including stringent regulations, privacy concerns, and rapidly rising costs. Many leaders and healthcare professionals are looking to new technology and informatics to expand more intelligent forms of healthcare delivery. Numerous technologies have advanced during the last few decades. Over the past few decades, pharmacy has changed and grown, concentrating less on drugs and more on patients. Pharmaceutical services improve healthcare's affordability and security. The primary invention was a cyber-infrastructure made up of smart gadgets that are connected to and communicate with one another. These cyber infrastructures have a number of problems, including privacy, trust, and security. These gadgets create cyber-physical systems for pharmaceutical care services in p-health. In the present period, cyber-physical systems for pharmaceutical care services are dealing with a variety of important concerns and demanding conditions, i.e., problems and obstacles that need be overcome to create a trustworthy and effective medical system. This essay offers a thorough examination of CPS's architectural difficulties and emerging tendencies.
2023-05-19
Wejin, John S., Badejo, Joke A., Jonathan, Oluranti, Dahunsi, Folasade.  2022.  A Brief Survey on the Experimental Application of MPQUIC Protocol in Data Communication. 2022 5th Information Technology for Education and Development (ITED). :1—8.
Since its inception, the Internet has experienced tremendous speed and functionality improvements. Among these developments are innovative approaches such as the design and deployment of Internet Protocol version six (IPv6) and the continuous modification of TCP. New transport protocols like Stream Communication Transport Protocol (SCTP) and Multipath TCP (MPTCP), which can use multiple data paths, have been developed to overcome the IP-coupled challenge in TCP. However, given the difficulties of packet modifiers over the Internet that prevent the deployment of newly proposed protocols, e.g., SCTP, a UDP innovative approach with QUIC (Quick UDP Internet Connection) has been put forward as an alternative. QUIC reduces the connection establishment complexity in TCP and its variants, high security, stream multiplexing, and pluggable congestion control. Motivated by the gains and acceptability of MPTCP, Multipath QUIC has been developed to enable multipath transmission in QUIC. While several researchers have reviewed the progress of improvement and application of MPTCP, the review on MPQUIC improvement is limited. To breach the gap, this paper provides a brief survey on the practical application and progress of MPQUIC in data communication. We first review the fundamentals of multipath transport protocols. We then provide details on the design of QUIC and MPQUIC. Based on the articles reviewed, we looked at the various applications of MPQUIC, identifying the application domain, tools used, and evaluation parameters. Finally, we highlighted the open research issues and directions for further investigations.
Wang, Qing, Zhang, Lizhe, Lu, Xin, Wang, Kenian.  2022.  A Multi-authority CP-ABE Scheme based on Cloud-Chain Fusion for SWIM. 2022 IEEE Intl Conf on Parallel & Distributed Processing with Applications, Big Data & Cloud Computing, Sustainable Computing & Communications, Social Computing & Networking (ISPA/BDCloud/SocialCom/SustainCom). :213—219.
SWIM (System Wide Information Management) has become the development direction of A TM (Air Traffic Management) system by providing interoperable services to promote the exchange and sharing of data among various stakeholders. The premise of data sharing is security, and the access control has become the key guarantee for the secure sharing and exchange. The CP-ABE scheme (Ciphertext Policy Attribute-Based Encryption) can realize one-to-many access control, which is suitable for the characteristics of SWIM environment. However, the combination of the existing CP-ABE access control and SWIM has following constraints. 1. The traditional single authority CP-ABE scheme requires unconditional trust in the authority center. Once the authority center is corrupted, the excessive authority of the center may lead to the complete destruction of system security. So, SWIM with a large user group and data volume requires multiple authorities CP-ABE when performing access control. 2. There is no unified management of users' data access records. Lack of supervision on user behavior make it impossible to effectively deter malicious users. 3. There are a certain proportion of lightweight data users in SWIM, such as aircraft, users with handheld devices, etc. And their computing capacity becomes the bottleneck of data sharing. Aiming at these issues above, this paper based on cloud-chain fusion basically proposes a multi-authority CP-ABE scheme, called the MOV ATM scheme, which has three advantages. 1. Based on a multi-cloud and multi-authority CP-ABE, this solution conforms to the distributed nature of SWIM; 2. This scheme provides outsourced computing and verification functions for lightweight users; 3. Based on blockchain technology, a blockchain that is maintained by all stakeholders of SWIM is designed. It takes user's access records as transactions to ensure that access records are well documented and cannot be tampered with. Compared with other schemes, this scheme adds the functions of multi-authority, outsourcing, verifiability and auditability, but do not increase the decryption cost of users.
2023-04-28
Kudrjavets, Gunnar, Kumar, Aditya, Nagappan, Nachiappan, Rastogi, Ayushi.  2022.  The Unexplored Terrain of Compiler Warnings. 2022 IEEE/ACM 44th International Conference on Software Engineering: Software Engineering in Practice (ICSE-SEIP). :283–284.
The authors' industry experiences suggest that compiler warnings, a lightweight version of program analysis, are valuable early bug detection tools. Significant costs are associated with patches and security bulletins for issues that could have been avoided if compiler warnings were addressed. Yet, the industry's attitude towards compiler warnings is mixed. Practices range from silencing all compiler warnings to having a zero-tolerance policy as to any warnings. Current published data indicates that addressing compiler warnings early is beneficial. However, support for this value theory stems from grey literature or is anecdotal. Additional focused research is needed to truly assess the cost-benefit of addressing warnings.
2023-04-14
AlFaw, Aysha, Elmedany, Wael, Sharif, Mhd Saeed.  2022.  Blockchain Vulnerabilities and Recent Security Challenges: A Review Paper. 2022 International Conference on Data Analytics for Business and Industry (ICDABI). :780–786.
Blockchain is a relatively new technology, a distributed database used for sharing between nodes of computer networks. A blockchain stores all information in automated digital format as a database. Blockchain innovation ensures the accuracy and security of the data record and generates trust without the need for a trusted third party. The objectives of this paper are to determine the security risk of the blockchain systems, analyze the vulnerabilities exploited on the blockchain, and identify recent security challenges that the blockchain faces. This review paper presents some of the previous studies of the security threats that blockchain faces and reviews the security enhancement solutions for blockchain vulnerabilities. There are some studies on blockchain security issues, but there is no systematic examination of the problem, despite the blockchain system’s security threats. An observational research methodology was used in this research. Through this methodology, many research related to blockchain threats and vulnerabilities obtained. The outcomes of this research are to Identify the most important security threats faced by the blockchain and consideration of security recently vulnerabilities. Processes and methods for dealing with security concerns are examined. Intelligent corporate security academic challenges and limitations are covered throughout this review. The goal of this review is to serve as a platform as well as a reference point for future work on blockchain-based security.
Yuvaraj, D., Anitha, M, Singh, Brijesh, Karyemsetty, Nagarjuna, Krishnamoorthy, R., Arun, S..  2022.  Systematic Review of Security Authentication based on Block Chain. 2022 3rd International Conference on Smart Electronics and Communication (ICOSEC). :768–771.
One of the fifth generation’s most promising solutions for addressing the network system capacity issue is the ultra-dense network. However, a new problem arises because the user equipment secure access is made up of access points that are independent, transitory, and dynamic. The APs are independent and equal in this. It is possible to think of it as a decentralized access network. The access point’s coverage is less than the standard base stations. The user equipment will interface with access points more frequently as it moves, which is a problem. The current 4G Authentication and Key Agreement method, however, is unable to meet this need for quick and frequent authentication. This study means to research how blockchain innovation is being utilized in production network the executives, as well as its forthcoming purposes and arising patterns. To more readily comprehend the direction of important exploration and illuminate the benefits, issues, and difficulties in the blockchain-production network worldview, a writing overview and a logical evaluation of the current examination on blockchain-based supply chains were finished. Multifaceted verification strategies have as of late been utilized as possible guards against blockchain attacks. To further develop execution, scatter administration, and mechanize processes, inventory network tasks might be upset utilizing blockchain innovation
2023-03-31
Vikram, Aditya, Kumar, Sumit, Mohana.  2022.  Blockchain Technology and its Impact on Future of Internet of Things (IoT) and Cyber Security. 2022 6th International Conference on Electronics, Communication and Aerospace Technology. :444–447.
Due to Bitcoin's innovative block structure, it is both immutable and decentralized, making it a valuable tool or instrument for changing current financial systems. However, the appealing features of Bitcoin have also drawn the attention of cybercriminals. The Bitcoin scripting system allows users to include up to 80 bytes of arbitrary data in Bitcoin transactions, making it possible to store illegal information in the blockchain. This makes Bitcoin a powerful tool for obfuscating information and using it as the command-and-control infrastructure for blockchain-based botnets. On the other hand, Blockchain offers an intriguing solution for IoT security. Blockchain provides strong protection against data tampering, locks Internet of Things devices, and enables the shutdown of compromised devices within an IoT network. Thus, blockchain could be used both to attack and defend IoT networks and communications.
Fidalgo, Pedro, Lopes, Rui J., Faloutsos, Christos.  2022.  Star-Bridge: a topological multidimensional subgraph analysis to detect fraudulent nodes and rings in telecom networks. 2022 IEEE International Conference on Big Data (Big Data). :2239–2242.
Fraud mechanisms have evolved from isolated actions performed by single individuals to complex criminal networks. This paper aims to contribute to the identification of potentially relevant nodes in fraud networks. Whilst traditional methods for fraud detection rely on identifying abnormal patterns, this paper proposes STARBRIDGE: a new linear and scalable, ranked out, parameter free method to identify fraudulent nodes and rings based on Bridging, Influence and Control metrics. This is applied to the telecommunications domain where fraudulent nodes form a star-bridge-star pattern. Over 75% of nodes involved in fraud denote control, bridging centrality and doubled the influence scores, when compared to non-fraudulent nodes in the same role, stars and bridges being chief positions.