Biblio

The panic among medical control, information, and device administrators is due to surmounting number of high-profile attacks on healthcare facilities. This hostile situation is going to lead the health informatics industry to cloud-hoarding of medical data, control flows, and site governance. While different healthcare enterprises opt for cloud-based solutions, it is a matter of time when fog computing environment are formed. Because of major gaps in reported techniques for fog security administration for health data i.e. absence of an overarching certification authority (CA), the security provisioning is one of the the issue that we address in this paper. We propose a security provisioning model (AZSPM) for medical devices in fog environments. We propose that the AZSPM can be build by using atomic security components that are dynamically composed. The verification of authenticity of the atomic components, for trust sake, is performed by calculating the processor clock cycles from service execution at the resident hardware platform. This verification is performed in the fully sand boxed environment. The results of the execution cycles are matched with the service specifications from the manufacturer before forwarding the mobile services to the healthcare cloud-lets. The proposed model is completely novel in the fog computing environments. We aim at building the prototype based on this model in a healthcare information system environment.

Based on constructive type theory, we study two idealized imperative languages GC and IC and verify the correctness of a compiler from GC to IC. GC is a guarded command language with underspecified execution order defined with an axiomatic semantics. IC is a deterministic low-level language with linear sequential composition and lexically scoped gotos defined with a small-step semantics. We characterize IC with an axiomatic semantics and prove that the compiler from GC to IC preserves specifications. The axiomatic semantics we consider model total correctness and map programs to continuous predicate transformers. We define the axiomatic semantics of GC and IC with elementary inductive predicates and show that the predicate transformer described by a program can be obtained compositionally by recursion on the syntax of the program using a fixed point operator for loops and continuations. We also show that two IC programs are contextually equivalent if and only if their predicate transformers are equivalent.

Realizing flow security in a concurrent environment is extremely challenging, primarily due to non-deterministic nature of execution. The difficulty is further exacerbated from a security angle if sequential threads disclose control locations through publicly observable statements like print, sleep, delay, etc. Such observations lead to internal and external timing attacks. Inspired by previous works that use classical Hoare style proof systems for establishing correctness of distributed (real-time) programs, in this paper, we describe a method for finding information leaks in concurrent programs through the introduction of leaky assertions at observable program points. Specifying leaky assertions akin to classic assertions, we demonstrate how information leaks can be detected in a concurrent context. To our knowledge, this is the first such work that enables integration of different notions of non-interference used in functional and security context. While the approach is sound and relatively complete in the classic sense, it enables the use of algorithmic techniques that enable programmers to come up with leaky assertions that enable checking for information leaks in sensitive applications.

With the increasing number of catastrophic weather events and resulting disruption in the energy supply to essential loads, the distribution grid operators’ focus has shifted from reliability to resiliency against high impact, low-frequency events. Given the enhanced automation to enable the smarter grid, there are several assets/resources at the disposal of electric utilities to enhances resiliency. However, with a lack of comprehensive resilience tools for informed operational decisions and planning, utilities face a challenge in investing and prioritizing operational control actions for resiliency. The distribution system resilience is also highly dependent on system attributes, including network, control, generating resources, location of loads and resources, as well as the progression of an extreme event. In this work, we present a novel multi-stage resilience measure called the Anticipate-Withstand-Recover (AWR) metrics. The AWR metrics are based on integrating relevant ‘system characteristics based factors’, before, during, and after the extreme event. The developed methodology utilizes a pragmatic and flexible approach by adopting concepts from the national emergency preparedness paradigm, proactive and reactive controls of grid assets, graph theory with system and component constraints, and multi-criteria decision-making process. The proposed metrics are applied to provide decision support for a) the operational resilience and b) planning investments, and validated for a real system in Alaska during the entirety of the event progression.

The goal of this study is to find whether exposure to Deepfake videos makes people better at detecting Deepfake videos and whether it is a better strategy against fighting Deepfake. For this study a group of people from Bangladesh has volunteered. This group were exposed to a number of Deepfake videos and asked subsequent questions to verify improvement on their level of awareness and detection in context of Deepfake videos. This study has been performed in two phases, where second phase was performed to validate any generalization. The fake videos are tailored for the specific audience and where suited, are created from scratch. Finally, the results are analyzed, and the study’s goals are inferred from the obtained data.

The paper describes modification of the ATA (Attack Tree Analysis) technique for assessment of instrumentation and control systems (ICS) dependability (reliability, availability and cyber security) called AvTA (Availability Tree Analysis). The techniques FMEA, FMECA and IMECA applied to carry out preliminary semi-formal and criticality oriented analysis before AvTA based assessment are described. AvTA models combine reliability and cyber security subtrees considering probabilities of ICS recovery in case of hardware (physical) and software (design) failures and attacks on components casing failures. Successful recovery events (SREs) avoid corresponding failures in tree using OR gates if probabilities of SRE for assumed time are more than required. Case for dependability AvTA based assessment (model, availability function and technology of decision-making for choice of component and system parameters) for smart building ICS (Building Automation Systems, BAS) is discussed.

Intel SGX is the latest processor architecture promising secure code execution despite large, complex and hence potentially vulnerable legacy operating systems (OSs). However, two recent works identified vulnerabilities that allow an untrusted management OS to extract secret information from Intel SGX's enclaves, and to violate their integrity by exploiting concurrency bugs. In this work, we re-investigate delayed preemption (DP) in the context of Intel SGX. DP is a mechanism originally proposed for L4-family microkernels as disable-interrupt replacement. Recapitulating earlier results on language-based information-flow security, we illustrate the construction of leakage-free code for enclaves. However, as long as adversaries have fine-grained control over preemption timing, these solutions are impractical from a performance/complexity perspective. To overcome this, we resort to delayed preemption, and sketch a software implementation for hypervisors providing enclaves as well as a hardware extension for systems like SGX. Finally, we illustrate how static analyses for SGX may be extended to check confidentiality of preemption-delaying programs.

Recently, methods are studied to overcome various problems for Named Data Networking(NDN). Among them, a new method which can overcome content storm problem is required to reduce network congestion and deliver content packet to consumer reliably. According to the various studies, the content storm problems could be overcame by scoped interest flooding. However, because these methods do not considers not only network congestion ratio but also the number another different paths, the correspond content packets could be transmitted unnecessary and network congestion could be worse. Therefore, in this paper, we propose a new content forwarding method for NDN to overcome the content storm problem. In the proposed method, if the network is locally congested and another paths are generated, an intermediate node could postpone or withdraw the content packet transmission to reduce congestion.

Controller Area Network is the prominent communication protocol in automotive systems. Its salient features of arbitration, message filtering, error detection, data consistency and fault confinement provide robust and reliable architecture. Despite of this, it lacks security features and is vulnerable to many attacks. One of the common attacks over the CAN communication is the replay attack. It can happen even after the implementation of encryption or authentication. This paper proposes a methodology of supressing the replay attacks by implementing authenticated encryption embedded with timestamp and pre-shared initialisation vector as a primary key. The major advantage of this system is its flexibility and configurability nature where in each layer can be chosen with the help of cryptographic algorithms to up to the entire size of the keys.

A finite state machine (FSM) is responsible for controlling the overall functionality of most digital systems and, therefore, the security of the whole system can be compromised if there are vulnerabilities in the FSM. These vulnerabilities can be created by improper designs or by the synthesis tool which introduces additional don't-care states and transitions during the optimization and synthesis process. An attacker can utilize these vulnerabilities to perform fault injection attacks or insert malicious hardware modifications (Trojan) to gain unauthorized access to some specific states. To our knowledge, no systematic approaches have been proposed to analyze these vulnerabilities in FSM. In this paper, we develop a framework named Analyzing Vulnerabilities in FSM (AVFSM) which extracts the state transition graph (including the don't-care states and transitions) from a gate-level netlist using a novel Automatic Test Pattern Generation (ATPG) based approach and quantifies the vulnerabilities of the design to fault injection and hardware Trojan insertion. We demonstrate the applicability of the AVFSM framework by analyzing the vulnerabilities in the FSM of AES and RSA encryption module. We also propose a low-cost mitigation technique to make FSM more secure against these attacks.

Fix pattern-based patch generation is a promising direction in Automated Program Repair (APR). Notably, it has been demonstrated to produce more acceptable and correct patches than the patches obtained with mutation operators through genetic programming. The performance of pattern-based APR systems, however, depends on the fix ingredients mined from fix changes in development histories. Unfortunately, collecting a reliable set of bug fixes in repositories can be challenging. In this paper, we propose to investigate the possibility in an APR scenario of leveraging code changes that address violations by static bug detection tools. To that end, we build the AVATAR APR system, which exploits fix patterns of static analysis violations as ingredients for patch generation. Evaluated on the Defects4J benchmark, we show that, assuming a perfect localization of faults, AVATAR can generate correct patches to fix 34/39 bugs. We further find that AVATAR yields performance metrics that are comparable to that of the closely-related approaches in the literature. While AVATAR outperforms many of the state-of-the-art pattern-based APR systems, it is mostly complementary to current approaches. Overall, our study highlights the relevance of static bug finding tools as indirect contributors of fix ingredients for addressing code defects identified with functional test cases.

We present AVAMAT: AntiVirus and Malware Analysis Tool - a tool for analysing the malware detection capabilities of AntiVirus (AV) products running on different operating system (OS) platforms. Even though similar tools are available, such as VirusTotal and MetaDefender, they have several limitations, which motivated the creation of our own tool. With AVAMAT we are able to analyse not only whether an AV detects a malware, but also at what stage of inspection does it detect it and on what OS. AVAMAT enables experimental campaigns to answer various research questions, ranging from the detection capabilities of AVs on OSs, to optimal ways in which AVs could be combined to improve malware detection capabilities.

The resilient output feedback control of linear networked control (NCS) system with uncertain dynamics in the presence of Gaussian noise is presented under the denial of service (DoS) attacks on communication networks. The DoS attacks on the sensor-to-controller (S-C) and controller- to-actuator (C-A) networks induce random packet losses. The NCS is viewed as a jump linear system, where the linear NCS matrices are a function of induced losses that are considered unknown. A set of novel correlation detectors is introduced to detect packet drops in the network channels using the property of Gaussian noise. By using an augmented system representation, the output feedback Q-learning based control scheme is designed for the jump linear NCS with uncertain dynamics to cope with the changing values of the mean packet losses. Simulation results are included to support the theoretical claims.

This article discusses existing approaches to building regional scale networks. Authors offer a mathematical model of network growth process, on the basis of which simulation is performed. The availability characteristic is used as criterion for measuring optimality. This report describes the mechanism for measuring network availability and contains propositions to make changes to the procedure for designing of regional networks, which can improve its qualitative characteristics. The efficiency of changes is confirmed by simulation.

It is expected that clean-slate network designs will be implemented for wide-area network applications. Multi-tenancy in OpenFlow networks is an effective method to supporting a clean-slate network design, because the cost-effectiveness is improved by the sharing of substrate networks. To guarantee the programmability of OpenFlow for tenants, a complete flow space (i.e., header values of the data packets) virtualization is necessary. Wide-area substrate networks typically have multiple administrators. We therefore need to implement a flow space virtualization over multiple administration networks. In existing techniques, a third party is solely responsible for managing the mapping of header values for flow space virtualization for substrate network administrators and tenants, despite the severity of a third party failure. In this paper, we propose an AutoVFlow mechanism that allows flow space virtualization in a wide-area networks without the need for a third party. Substrate network administrators implement a flow space virtualization autonomously. They are responsible for virtualizing a flow space involving switches in their own substrate networks. Using a prototype of AutoVFlow, we measured the virtualization overhead, the results of which show a negligible amount of overhead.
 

In this study, we aim to find a method to autotag sentences specific to a domain. Our training data comprises short conversational sentences extracted from chat conversations between company's customer representatives and web site visitors. We manually tagged approximately 14 thousand visitor inputs into ten basic categories, which will later be used in a transformer-based language model with attention mechanisms for the ultimate goal of developing a chatbot application that can produce meaningful dialogue.We considered three different stateof- the-art models and reported their auto-tagging capabilities. We achieved the best performance with the bidirectional encoder representation from transformers (BERT) model. Implementation of the models used in these experiments can be cloned from our GitHub repository and tested for similar auto-tagging problems without much effort.

Selective encryption designates a technique that aims at scrambling a message content while preserving its syntax. Such an approach allows encryption to be transparent towards middle-box and/or end user devices, and to easily fit within existing pipelines. In this paper, we propose to apply this property to a real-time diffusion scenario - or broadcast - over a RTP session. The main challenge of such problematic is the preservation of the synchronization between encryption and decryption. Our solution is based on the Advanced Encryption Standard in counter mode which has been modified to fit our auto-synchronization requirement. Setting up the proposed synchronization scheme does not induce any latency, and requires no additional bandwidth in the RTP session (no additional information is sent). Moreover, its parallel structure allows to start decryption on any given frame of the video while leaving a lot of room for further optimization purposes.

Legacy programs are normally monolithic (that is, all code runs in a single process and is not partitioned), and a bug in a program may result in the entire program being vulnerable and therefore untrusted. Program partitioning can be used to separate a program into multiple partitions, so as to isolate sensitive data or privileged operations. Manual program partitioning requires programmers to rewrite the entire source code, which is cumbersome, error-prone, and not generic. Automatic program partitioning tools can separate programs according to the dependency graph constructed based on data or programs. However, programmers still need to manually implement remote service interfaces for inter-partition communication. Therefore, in this paper, we propose AutoSlicer, whose purpose is to partition a program more automatically, so that the programmer is only required to annotate sensitive data. AutoSlicer constructs accurate data dependency graphs (DDGs) by enabling execution flow graphs, and the DDG-based partitioning algorithm can compute partition information based on sensitive annotations. In addition, the code refactoring toolchain can automatically transform the source code into sensitive and insensitive partitions that can be deployed on the remote procedure call framework. The experimental evaluation shows that AutoSlicer can effectively improve the accuracy (13%-27%) of program partitioning by enabling EFG, and separate real-world programs with a relatively smaller performance overhead (0.26%-9.42%).

Forming a secure autonomous vehicle group is extremely challenging since we have to consider threats and vulnerability of autonomous vehicles. Existing studies focus on communications among risk-free autonomous vehicles, which lack metrics to measure passenger security and cargo values. This work proposes a novel autonomous vehicle group formation method. We introduce risk assessment scoring to assess passenger security and cargo values, and propose an autonomous vehicle group formation method based on it. Our vehicle group is composed of a master node, and a number of core and border ones. Finally, the extensive simulation results show that our method is better than a Connectivity Prediction-based Dynamic Clustering model and a Low-InDependently clustering architecture in terms of node survival time, average change count of master nodes, and average risk assessment scoring.

For the Internet of Things (IoT), for safety in automotive, or for data protection, to be legally compliant requires testing the impact of any actions before allowing them to occur. However, system boundaries change at runtime. When adding a new, previously unknown device to an IoT orchestra, or when an autonomous car meets another, or with truck platooning, the original base system expands and needs being tested before it can do decisions with the potential of affecting harm to humans. This paper explains the theory and outlines the implementation approach a framework for autonomous real-time testing of a software-based system while in operation, with an example from IoT.

The advent and widespread adoption of wearable cameras and autonomous robots raises important issues related to privacy. The mobile cameras on these systems record and may re-transmit enormous amounts of video data that can then be used to identify, track, and characterize the behavior of the general populous. This paper presents a preliminary computational architecture designed to preserve specific types of privacy over a video stream by identifying categories of individuals, places, and things that require higher than normal privacy protection. This paper describes the architecture as a whole as well as preliminary results testing aspects of the system. Our intention is to implement and test the system on ground robots and small UAVs and demonstrate that the system can provide selective low-level masking or deletion of data requiring higher privacy protection.

The main technology of traditional information security is firewall, intrusion detection and anti-virus software, which is used in the first anti-outer defence, the first anti-service terminal defence terminal passive defence ideas, the complexity and complexity of these security technologies not only increase the complexity of the autonomous system, reduce the efficiency of the system, but also cannot solve the security problem of the information system, and cannot satisfy the security demand of the information system. After a significant stretch of innovative work, individuals utilize the secret word innovation, network security innovation, set forward the idea “confided in figuring” in view of the equipment security module support, Trusted processing from changing the customary protection thoughts, center around the safety efforts taken from the terminal to forestall framework assaults, from the foundation of the stage, the acknowledgment of the security of data frameworks. Believed figuring is chiefly worried about the security of the framework terminal, utilizing a progression of safety efforts to ensure the protection of clients to work on the security of independent frameworks. Its principle plan thought is implanted in a typical machine to oppose altering the equipment gadget - confided in stage module as the base of the trust, the utilization of equipment and programming innovation to join the trust of the base of trust through the trust bind level to the entire independent framework, joined with the security of information stockpiling insurance, client validation and stage respectability of the three significant safety efforts guarantee that the terminal framework security and unwavering quality, to guarantee that the terminal framework is consistently in a condition of conduct anticipated.

Cyber attacks, (e.g., DDoS), on computers connected to the Internet occur everyday. A DDoS attack in 2016 that used “Mirai botnet” generated over 600 Gbit/s traffic, which was twice as that of last year. In view of this situation, we can no longer adequately protect our computers using current end-point security solutions and must therefore introduce a new method of protection that uses distributed nodes, e.g., routers. We propose an Autonomous and Distributed Internet Security (AIS) infrastructure that provides two key functions: first, filtering source address spoofing packets (proactive filter), and second, filtering malicious packets that are observed at the end point (reactive filter) at the closest malicious packets origins. We also propose three types of Multi-Layer Binding Routers (MLBRs) to realize these functions. We implemented the MLBRs and constructed experimental systems to simulate DDoS attacks. Results showed that all malicious packets could be filtered by using the AIS infrastructure.

The ability to obtain reliable, long-term visual data in marine habitats has the potential to transform biological surveys of marine species. However, the underwater environment poses several challenges to visual monitoring: turbidity and light attenuation impede the range of optical sensors, biofouling clouds lenses and underwater housings, and marine species typically range over a large area, far outside of the range of a single camera sensor. Due to these factors, a continuously-recording or time-lapse visual sensor will not be gathering useful data the majority of the time, wasting battery life and filling limited onboard storage with useless images. These limitations make visual monitoring difficult in marine environments, but visual data is invaluable to biologists studying the behaviors and interactions of a species. This paper describes an acoustic-based, autonomous triggering approach to counter the current limitations of underwater visual sensing, and motivates the need for a distributed sensor network for underwater visual monitoring.

There is a long-standing need for improved cybersecurity through automation of attack signature detection, classification, and response. In this paper, we present experimental test bed results from an implementation of autonomic control plane feedback based on the Observe, Orient, Decide, Act (OODA) framework. This test bed modeled the building blocks for a proposed zero trust cloud data center network. We present test results of trials in which identity management with automated threat response and packet-based authentication were combined with dynamic management of eight distinct network trust levels. The log parsing and orchestration software we created work alongside open source log management tools to coordinate and integrate threat response from firewalls, authentication gateways, and other network devices. Threat response times are measured and shown to be a significant improvement over conventional methods.