Biblio

The widespread adoption of DEP has made most modern attacks follow the same general steps: Attackers try to construct code-reuse attacks by using vulnerable indirect branch instructions in shared objects after successful exploits on memory vulnerabilities. In response to code-reuse attacks, researchers have proposed a large number of defenses. However, most of them require access to source code and/or specific hardware features. These limitations hinder the deployment of these defenses much.In this paper, we propose an address-based code-reuse attack mitigation for shared objects at the binary-level. We emphasize that the execution of indirect branch instruction must follow several principles we propose. More specifically, we first reconstruct function boundaries at the program’s dynamic-linking stage by combining shared object’s dynamic symbols with binary-level instruction analysis. We then leverage static instrumentation to hook vulnerable indirect branch instructions to a novel target address computation and validation routine. At runtime, AddrArmor will protect against code-reuse attacks based on the computed target address.Our experimental results show that AddrArmor provides a strong line of defense against code reuse attacks, and has an acceptable performance overhead of about 6.74% on average using SPEC CPU 2006.

Information-Centric Networking (ICN) is among the promising architecture that can drive the need and versatility towards the future generation (xG) needs. In the future, support for network communication relies on the area of telemedicine, autonomous vehicles, and disaster recovery. In the disaster recovery case, there is a high possibility where the communication path is severed. Multicast communication and DTN-friendly route algorithm are becoming suitable options to send a packet message to get a faster response and to see any of the nodes available for service, this approach could give burden to the core network. Also, during disaster cases, many people would like to communicate, receive help, and find family members. Flooding the already disturbed/severed network will further reduce communication performance efficiency even further. Thus, this study takes into consideration prioritization factors to allow networks to process and delivering priority content. For this purpose, the proposed technique introduces the Routable Prefix Identifier (RP-ID) that takes into account the prioritization factor to enable optimization in Delay Tolerant ICN communication.

Online news articles are an important source of information for decisions makers to understand the causal relation of events that happened. However, understanding the causality of an event or between events by traditional machine learning-based techniques from natural language text is a challenging task due to the complexity of the language to be comprehended by the machines. In this study, the Knowledge-oriented convolutional neural network (K-CNN) technique is used to extract the causal relation from online news articles related to the South China Sea (SCS) dispute. The proposed K-CNN model contains a Knowledge-oriented channel that can capture the causal phrases of causal relationships. A Data-oriented channel that captures the position information was added to the K-CNN model in this phase. The online news articles were collected from the national news agency and then the sentences which contain relation such as causal, message-topic, and product-producer were extracted. Then, the extracted sentences were annotated and converted into lower form and base form followed by transformed into the vector by looking up the word embedding table. A word filter that contains causal keywords was generated and a K-CNN model was developed, trained, and tested using the collected data. Finally, different architectures of the K-CNN model were compared to find out the most suitable architecture for this study. From the study, it was found out that the most suitable architecture was the K-CNN model with a Knowledge-oriented channel and a Data-oriented channel with average pooling. This shows that the linguistic clues and the position features can improve the performance in extracting the causal relation from the SCS online news articles. Keywords-component; Convolutional Neural Network, Causal Relation Extraction, South China Sea.

Security and privacy threat modeling is commonly applied to systematically identify and address design-level security and privacy concerns in the early stages of architecture and design. Identifying and resolving these threats should remain a continuous concern during the development lifecycle. Especially with contemporary agile development practices, a single-shot upfront analysis becomes quickly outdated. Despite it being explicitly recommended by experts, existing threat modeling approaches focus largely on early development phases and provide limited support during later implementation phases.In this paper, we present an integrated threat analysis toolchain to support automated, continuous threat elicitation, assessment, and mitigation as part of a continuous integration pipeline in the GitLab DevOps platform. This type of automation allows for continuous attention to security and privacy threats during development at the level of individual commits, supports monitoring and managing the progress in addressing security and privacy threats over time, and enables more advanced and fine-grained analyses such as assessing the impact of proposed changes in different code branches or merge/pull requests by analyzing the changes to the threat model.

Sentiment analytics is the process of applying natural language processing and methods for text-based information to define and extract subjective knowledge of the text. Natural language processing and text classifications can deal with limited corpus data and more attention has been gained by semantic texts and word embedding methods. Deep learning is a powerful method that learns different layers of representations or qualities of information and produces state-of-the-art prediction results. In different applications of sentiment analytics, deep learning methods are used at the sentence, document, and aspect levels. This review paper is based on the main difficulties in the sentiment assessment stage that significantly affect sentiment score, pooling, and polarity detection. The most popular deep learning methods are a Convolution Neural Network and Recurrent Neural Network. Finally, a comparative study is made with a vast literature survey using deep learning models.

Twitter text analysis is quite useful in analysing emotions, sentiments and feedbacks of consumers on products and services. This helps the service providers and the manufacturers to improve their products and services, address serious issues before they lead to a crisis and improve business acumen. Twitter texts also form a data source for various research studies. They are used in topic analysis, sentiment analysis, content analysis and thematic analysis. In this paper, we present a pipeline for searching, analysing and visualizing the text analytics features of twitter texts using web APIs. It allows to build a simple yet powerful twitter text analytics tool for researchers and other interested users.

The use of video surveillance (VS) has grown significantly using the internet as a platform. Thus security issues on such videos must be addressed. Video frames can have multiple objects and various features over video length. Moving object detection (MOD) and real-time tracking requires security strategies designed to protect videos. This paper is proposed to design an asymmetric encryption method (RSA). The paper has contributed in two stages. In the first phase the fast video segmentation method based on a global variable threshold is designed to facilitate MOD. Later in second pass the RSA-based encryption is used to maintain the efficiency of the object detection. The secure key generation method is demonstrated. The performances of two global thresholds are demonstrated and compared under the encrypted video data. It is found that that method is very effective in finding objects under the context of video surveillance in real time.

in this paper, we describe a method for detecting abnormal pedestrians or cars by expressing the behavioral characteristics of pedestrians on a global surveillance map in a video security system using CCTV and patrol robots. This method converts a large amount of video surveillance data into a compressed map shape format to efficiently transmit and process data. By using deep learning auto-encoder and CNN algorithm, pedestrians belonging to the abnormal category can be detected in two steps. In the case of the first-stage abnormal candidate extraction, the normal detection rate was 87.7%, the abnormal detection rate was 88.3%, and in the second stage abnormal candidate filtering, the normal detection rate was 99.8% and the abnormal detection rate was 96.5%.

Intrusion detection systems installed on the information security devices that control the internal and external perimeter of the demilitarized zones are not able to detect the vulnerability of ZeroLogon after the successful penetration of the intruder into the zone. Component solution for ZeroLogon control is offered. The paper presents the research results of the capabilities for built-in Active Directory audit mechanisms and open source intrusion detection/prevention systems, which allow identification of the critical vulnerability CVE-2020-1472. These features can be used to improve the quality of cyber-physical systems management, to perform audits, as well as to check corporate domains for ZeroLogon vulnerabilities.

Edge computing supports the deployment of ubiquitous, smart services by providing computing and storage closer to terminal devices. However, ensuring the full security and privacy of computations performed at the edge is challenging due to resource limitation. This paper responds to this challenge and proposes an adaptive approach to defense randomization among the edge data centers via a stochastic game, whose solution corresponds to the optimal security deployment at the network's edge. Moreover, security risk is evaluated subjectively based on Prospect Theory to reflect realistic scenarios where the attacker and the edge system do not similarly perceive the status of the infrastructure. The results show that a non-deterministic defense policy yields better security compared to a static defense strategy.

Accidents in Nuclear Power Plants (NPPs) can occur for a variety of causes. However, among these, the scale of accidents due to human error can be greater than expected. Accordingly, researches are being actively conducted using artificial intelligence to reduce human error. Most of the research shows high performance based on the numerical data on NPPs, but the expandability of researches using only numerical data is limited. Therefore, in this study, abnormal diagnosis was performed using artificial intelligence based on image data. The methods applied to abnormal diagnosis are the deep neural network, convolution neural network, and convolution recurrent neural network. Consequently, in nuclear power plants, it is expected that the application of more methodologies can be expanded not only in numerical data but also in image-based data.

Aiming at the cyber security problem of the advanced metering infrastructure(AMI), an anomaly detection method based on edge computing framework for the AMI is proposed. Due to the characteristics of the edge node of data concentrator, the data concentrator has the capability of computing a large amount of data. In this paper, distributing the intrusion detection model on the edge node data concentrator of the AMI instead of the metering center, meanwhile, two-way communication of distributed local model parameters replaces a large amount of data transmission. The proposed method avoids the risk of privacy leakage during the communication of data in AMI, and it greatly reduces communication delay and computational time. In this paper, KDDCUP99 datasets is used to verify the effectiveness of the method. The results show that compared with Deep Convolutional Neural Network (DCNN), the detection accuracy of the proposed method reach 99.05%, and false detection rate only gets 0.74%, and the results indicts the proposed method ensures a high detection performance with less communication rounds, it also reduces computational consumption.

Digital watermarking is the multimedia leading security protection as it permanently escorts the digital content. Image copyright protection is becoming more anxious as the new 5G technology emerged. Protecting images with a robust scheme without distorting them is the main trade-off in digital watermarking. In this paper, a watermarking scheme based on discrete cosine transform (DCT) and singular value decomposition (SVD) using canny edge detector technique is proposed. A binary encrypted watermark is reshaped into a vector and inserted into the edge detected vector from the diagonal matrix of the SVD of DCT DC and low-frequency coefficients. Watermark insertion is performed by using an edge-tracing mechanism. The scheme is evaluated using the Peak Signal to Noise Ratio (PSNR) and Normalized Correlation (NC). Attained results are competitive when compared to present works in the field. Results show that the PSNR values vary from 51 dB to 55 dB.

Elliptic curve is a major area of research due to its application in elliptic curve cryptography. Due to their small key sizes, they offer the twofold advantage of reduced storage and transmission requirements. This also results in faster execution times. The authors propose an architecture to automatically generate test cases, for verification of elliptic curve operational circuits, based on user-defined prime field and the parameters used in the circuit to be tested. The ECC test case generations are based on the Galois field arithmetic operations which were the subject of previous work by the authors. One of the strengths of elliptic curve mathematics is its simplicity, which involves just three points (P, Q, and R), which pass through a line on the curve. The test cases generate points for a user-defined prime field which sequentially selects the input vector points (P and/or Q), to calculate the resultant output vector (R) easily. The testbench proposed here targets field programmable gate array (FPGAs) platforms and experimental results for ECC test case generation on different prime fields are presented, while ModelSim is used to validate the correctness of the ECC operations.

The advantage of elliptic curve (EC) cryptographic systems is that they provide equivalent security even with small key lengths. However, the development of modern computing technologies leads to an increase in the length of keys. In this case, it is recommended to use a secret parameter to ensure sufficient access without increasing the key length. To achieve this result, the initiation of an additional secret parameter R into the EC equation is used to develop an EC-based key distribution algorithm. The article describes the algebraic structure of an elliptic curve with a secret parameter.

The design of attacks for cyber physical systems is critical to assess CPS resilience at design time and run-time, and to generate rich datasets from testbeds for research. Attacks against cyber physical systems distinguish themselves from IT attacks in that the main objective is to harm the physical system. Therefore, both cyber and physical system knowledge are needed to design such attacks. The current practice to generate attacks either focuses on the cyber part of the system using IT cyber security existing body of knowledge, or uses heuristics to inject attacks that could potentially harm the physical process. In this paper, we present a systematic approach to automatically generate integrity attacks from the CPS safety and control specifications, without knowledge of the physical system or its dynamics. The generated attacks violate the system operational and safety requirements, hence present a genuine test for system resilience. We present an algorithm to automate the malware payload development. Several examples are given throughout the paper to illustrate the proposed approach.

Asymmetric warfare and anti-terrorist war have become a new style of military struggle in the new century, which will inevitably have an important impact on the military economy of various countries and catalyze the innovation climax of military logistics theory and practice. The war in the information age is the confrontation between systems, and “comprehensive integration” is not only the idea of information war ability construction, but also the idea of deterrence ability construction in the information age. Looking at the local wars under the conditions of modern informationization, it is not difficult to see that the status and role of light weapons and equipment have not decreased, on the contrary, higher demands have been put forward for their combat performance. From a forward-looking perspective, based on our army's preparation and logistics support for future asymmetric operations and anti-terrorist military struggle, this strategic issue is discussed in depth.

Recent advances in video manipulation techniques have made the generation of fake videos more accessible than ever before. Manipulated videos can fuel disinformation and reduce trust in media. Therefore detection of fake videos has garnered immense interest in academia and industry. Recently developed Deepfake detection methods rely on Deep Neural Networks (DNNs) to distinguish AI-generated fake videos from real videos. In this work, we demonstrate that it is possible to bypass such detectors by adversarially modifying fake videos synthesized using existing Deepfake generation methods. We further demonstrate that our adversarial perturbations are robust to image and video compression codecs, making them a real-world threat. We present pipelines in both white-box and black-box attack scenarios that can fool DNN based Deepfake detectors into classifying fake videos as real.

The goal of this study is to find whether exposure to Deepfake videos makes people better at detecting Deepfake videos and whether it is a better strategy against fighting Deepfake. For this study a group of people from Bangladesh has volunteered. This group were exposed to a number of Deepfake videos and asked subsequent questions to verify improvement on their level of awareness and detection in context of Deepfake videos. This study has been performed in two phases, where second phase was performed to validate any generalization. The fake videos are tailored for the specific audience and where suited, are created from scratch. Finally, the results are analyzed, and the study’s goals are inferred from the obtained data.

Due to immense need for implementing security measures and control ongoing activities, intelligent video analytics is regarded as one of the outstanding and challenging research domains in Computer Vision. Assigning video operator to manually monitor the surveillance videos 24×7 to identify occurrence of interesting and anomalous events like robberies, wrong U-turns, violence, accidents is cumbersome and error- prone. Therefore, to address the issue of continuously monitoring surveillance videos and detect the anomalies from them, a deep learning approach based on pipelined sequence of convolutional autoencoder and sequence to sequence long short-term memory autoencoder has been proposed. Specifically, unsupervised learning approach encompassing one-class classification paradigm has been proposed for detection of anomalies in videos. The effectiveness of the propped model is demonstrated on benchmarked anomaly detection dataset and significant results in terms of equal error rate, area under curve and time required for detection have been achieved.

Everyday millions of people use Internet for various purposes including information access, communication, business, education, entertainment and more. As a result, huge amount of information is exchanged between billions of connected devices. This information can be encapsulated in different types of data packets. This information is also referred to as network traffic. The traffic analysis is a challenging task when the traffic is encrypted and the contents are not readable. So complex algorithms required to deduce the information and form patterns for traffic analysis. Many of currently available techniques rely on application specific attribute analysis, deep packet inspection (DPI) or content-based analysis that become ineffective on encrypted traffic. The article will focused on analysis techniques for encrypted traffic that are adaptive to address the evolving nature and increasing volume of network traffic. The proposed solution solution is less dependent on application and protocol specific parameters so that it can adapt to new types of applications and protocols. Our results shows that processing required for traffic analysis need to be in acceptable limits to ensure applicability in real-time applications without compromising performance.

Traffic classification is fundamental to network operators to manage the network better. L7 classification and Deep Packet Inspection (DPI) using regular expressions are vital components to provide application-aware traffic classification. Nevertheless, there are open challenges yet, such as programmability and performance combined with security. In this paper, we introduce eBPFlow, a fast application layer packet classifier in hardware. eBPFlow allows packet classification with DPI on packet headers and payloads in runtime. It enables programming of regular expressions (RegEx) and security protocols using eBPF (extended Berkeley Packet Filter). We built eBPFlow on NetFPGA SUME 40 Gbps and created several application classifiers. The tests were performed in a physical testbed. Our results show that eBPFlow supports packet classification on the application layer with line rate. It only consumes 22 W.

This paper designs a data anomaly detection method for power grid data centers. The method uses cloud computing architecture to realize the storage and calculation of large amounts of data from power grid data centers. After that, the STL decomposition method is used to decompose the grid data, and then the decomposed residual data is used for anomaly analysis to complete the detection of abnormal data in the grid data. Finally, the feasibility of the method is verified through experiments.

Radio frequency (RF) signal classification has significantly been used for detecting and identifying the features of unknown unmanned aerial vehicles (UAVs). This paper proposes a method using empirical mode decomposition (EMD) and ensemble empirical mode decomposition (EEMD) on extracting the communication channel characteristics of intruding UAVs. The decomposed intrinsic mode functions (IMFs) except noise components are selected for RF signal pattern recognition based on machine learning (ML). The classification results show that the denoising effects introduced by EMD and EEMD could both fit in improving the detection accuracy with different features of RF communication channel, especially on identifying time-varying RF signal sources.

Unit Commitment (UC) problem is one of the most fundamental constrained optimization problems in the planning and operation of electric power systems and electricity markets. Solving a large-scale UC problem requires a lot of computational effort which can be improved using data driven approaches. In practice, a UC problem is solved multiple times a day with only minor changes in the input data. Hence, this aspect can be exploited by using the historical data to solve the problem. In this paper, an Artificial Intelligence (AI) based approach is proposed to solve a Security Constrained UC problem. The proposed algorithm was tested through simulations on a 4-bus power system and satisfactory results were obtained. The results were compared with those obtained using IBM CPLEX MIQP solver.