Biblio

Knowledge Tracing (KT) is a task that aims to assess students' mastery level of knowledge and predict their performance over questions, which has attracted widespread attention over the years. Recently, an increasing number of researches have applied deep learning techniques to knowledge tracing and have made a huge success over traditional Bayesian Knowledge Tracing methods. Most existing deep learning-based methods utilized either Recurrent Neural Networks (RNNs) or Convolutional Neural Networks (CNNs). However, it is worth noticing that these two sorts of models are complementary in modeling abilities. Thus, in this paper, we propose a novel knowledge tracing model by taking advantage of both two models via combining them into a single integrated model, named Convolutional Recurrent Knowledge Tracing (CRKT). Extensive experiments show that our model outperforms the state-of-the-art models in multiple KT datasets.

Low accuracy and slow speed of predictions for cyber security situational awareness. This paper proposes a network security situational awareness model based on accelerated accurate k-means radial basis function (RBF) neural network, the model uses the ball k-means clustering algorithm to cluster the input samples, to get the nodes of the hidden layer of the RBF neural network, speeding up the selection of the initial center point of the RBF neural network, and optimize the parameters of the RBF neural network structure. Finally, use the training data set to train the neural network, using the test data set to test the accuracy of this neural network structure, the results show that this method has a greater improvement in training speed and accuracy than other neural networks.

In this era of rapid network development, Internet of Things (IoT) security considerations receive a lot of attention from both the research and commercial sectors. With limited computation resource, unfriendly interface, and poor software implementation, legacy IoT devices are vulnerable to many infamous mal ware attacks. Moreover, the heterogeneity of IoT platforms and the diversity of IoT malware make the detection and classification of IoT malware even more challenging. In this paper, we propose to use printable strings as an easy-to-get but effective cross-platform feature to identify IoT malware on different IoT platforms. The discriminating capability of these strings are verified using a set of machine learning algorithms on malware family classification across different platforms. The proposed scheme shows a 99% accuracy on a large scale IoT malware dataset consisted of 120K executable fils in executable and linkable format when the training and test are done on the same platform. Meanwhile, it also achieves a 96% accuracy when training is carried out on a few popular IoT platforms but test is done on different platforms. Efficient malware prevention and mitigation solutions can be enabled based on the proposed method to prevent and mitigate IoT malware damages across different platforms.

Malware classification remains at the forefront of ongoing research as the prevalence of metamorphic malware introduces new challenges to anti-virus vendors and firms alike. One approach to malware classification is Static Analysis - a form of analysis which does not require malware to be executed before classification can be performed. For this reason, a lightweight classifier based on the features of a malware binary is preferred, with relatively low computational overhead. In this work a modified convolutional neural network (CNN) architecture was deployed which integrated a complexity-based evaluation based on box-counting. This was implemented by setting up max-pooling layers in parallel, and then extracting the fractal dimension using a polyscalar relationship based on the resolution of the measurement scale and the number of elements of a malware image covered in the measurement under consideration. To test the robustness and efficacy of our approach we trained and tested on over 9300 malware binaries from 25 unique malware families. This work was compared to other award-winning image recognition models, and results showed categorical accuracy in excess of 96.54%.

Empirical analysis of source code of Android Fluoride Bluetooth stack demonstrates a novel approach of classification of source code and rating for vulnerability. A workflow that combines deep learning and combinatorial techniques with a straightforward random forest regression is presented. Two kinds of embedding are used: code2vec and LSTM, resulting in a distance matrix that is interpreted as a (combinatorial) graph whose vertices represent code components, functions and methods. Cluster Editing is then applied to partition the vertex set of the graph into subsets representing nearly complete subgraphs. Finally, the vectors representing the components are used as features to model the components for vulnerability risk.

VANET plays a vital role to optimize the journey between source and destination in the growth of smart cities worldwide. The crucial information shared between vehicles is concerned primarily with safety. VANET is a MANET sub-class network that provides a free movement and communication between the RSU and vehicles. The self organized with high mobility in VANET makes any vehicle can transmit malicious messages to some other vehicle in the network. In the defense horizon of VANETs this is a matter of concern. It is the duty of RSU to ensure the safe transmission of sensitive information across the Network to each node. For this, network access exists as the key safety prerequisite, and several risks or attacks can be experienced. The VANETs is vulnerable to a range of security attacks including masquerading, selfish node attack, Sybil attack etc. One of the main threats to network access is this Denial of Service attack. The most important research in the literature on the prevention of Denial of Service Attack in VANETs was explored in this paper. The limitations of each reviewed paper are also presented and Game theory based security model is defined in this paper.

Network traffic attacks are increasingly common and varied, this is a big problem especially when the target network is centralized. The creation of IDS (Intrusion Detection Systems) capable of detecting various types of attacks is necessary. Machine learning algorithms are widely used in the classification of data, bringing a good result in the area of computer networks. In addition, the analysis of entropy and distance between data sets are also very effective in detecting anomalies. However, each technique has its limitations, so this work aims to study their combination in order to improve their performance and create a new intrusion detection system capable of well detect some of the most common attacks. Reliability indices will be used as metrics to the combination decision and they will be updated in each new dataset according to the decision made earlier.

Strong physical unclonable function (PUF) is a promising lightweight hardware security primitive for device authentication. However, it is vulnerable to machine learning attacks. This paper demonstrates that even a recently proposed dual-mode PUF is still can be broken. In order to improve the security, this paper proposes a highly flexible machine learning resistant configurable tristate (CT) PUF which utilizes the response generated in the working state of Arbiter PUF to XOR the challenge input and response output of other two working states (ring oscillator (RO) PUF and bitable ring (BR) PUF). The proposed CT PUF is implemented on Xilinx Artix-7 FPGAs and the experiment results show that the modeling accuracy of logistic regression and artificial neural network is reduced to the mid-50%.

Cloud computing, a multipurpose and high-performance internet-based computing, can model and transform a large range of application requirements into a set of workflow tasks. It allows users to represent their computational needs conveniently for data retrieval, reformatting, and analysis. However, workflow applications are big data applications and often take long hours to finish executing due to their nature and data size. In this paper, we study the cost optimised scheduling algorithms in cloud and proposed a novel task splitting algorithm named Cost optimised Heuristic Algorithm (COHA) for the cloud scheduler to optimise the execution cost. In this algorithm, the large tasks are split into sub-tasks to reduce their execution time. The design purpose is to enable all tasks to adequately meet their deadlines. We have carefully tested the performance of the COHA with a list of workflow inputs. The simulation results have convincingly demonstrated that COHA can effectively perform VM allocation and deployment, and well handle randomly arrived tasks. It can efficiently reduce execution costs while also allowing all tasks to properly finish before their deadlines. Overall, the improvements in our algorithm have remarkably reduced the execution cost by 32.5% for Sipht, 3.9% for Montage, and 1.2% for CyberShake workflows when compared to the state of art work.

IoT devices are open to traditional control flow integrity (CFI) attacks resulting from buffer overflow and return-oriented programming like techniques. They often have limited computational capacity ruling out many of the traditional heavy-duty software countermeasures. In this work, we deploy hardware/software solutions to detect CFI attacks. Some of the medium capability IoT devices, for example based on Raspberry Pi, contain ARM Cortex A-53 (Pi 3) or Cortex A-73 (Pi 4) processors. These processors include hardware counters to count microarchitecture level events affecting performance. Lighter weight IoT devices, say based on ARM Cortex M4 or M7, include DWT (Debug, Watch & Trace) module. When control flow anomalies caused by attacks such as buffer overflow or return oriented programming (ROP) occur, they leave a microarchitectural footprint. Hardware counters reflect such footprints to flag control flow anomalies. This paper is geared towards buffer overflow and ROP control flow anomaly detection in embedded programs. The targeted program entities are main event loops and task/event handlers. The proposed anomaly detection mechanism is evaluated on ArduPilot [1] - a popular autopilot software on a Raspberry Pi 3 with PMU and DWT. A self-navigation program is evaluated on an iCreate Roomba platform with an ARM Cortex M4 processor with DWT only. We are able to achieve 97-99%+ accuracy with 1-10 micro-second time overhead per control flow anomaly check.

The following topics are dealt with: security of data; distributed power generation; power engineering computing; power grids; power system security; computer network security; voltage control; risk management; power system measurement; critical infrastructures.

As organizations increasingly view information as one of their most valuable assets, which supports the creation and distribution of their products and services, information security will be an integral part of the design and operation of organizational business processes. Yet, risks associated with cyber-attacks are on the rise. Organizations that are subjected to attacks can suffer significant reputational damage as well as loss of information and knowledge. As a consequence, effective leadership is cited as a critical factor for ensuring corporate level attention for information security. However, there is a lack of empirical understanding as to the roles strategic leaders play in shaping and supporting the cyber-security strategy. This article seeks to address this gap in the literature by focusing on how senior leaders support the cyber-security strategy. The authors conducted a series of exploratory interviews with leaders in the positions of Chief Information Officer, Chief Security Information Officer, and Chief Technology Officer. The findings revealed that leaders are engaged in both transitional, where the focus is on improving governance and integration and transformational support, which involves fostering a new cultural mindset for cyber-resiliency and the development of an ecosystem approach to security thinking.

A joint INCOSE/NDIA project is exploring the intersection between systems security engineering and product line engineering teams to develop cyber secure and resilient approaches for feature-based variation management. The project team is investigating existing approaches and developing new approaches to implement systems security in product line design, apply patterns for product line architectures that address systems security, and define variation management approaches for secure and resilient product line products and shared assets.

Most cyber-attacks and data breaches in cloud infrastructure are due to human errors and misconfiguration vulnerabilities. Cloud customer-centric tools are imperative for mitigating these issues, however existing cloud security models are largely unable to tackle these security challenges. Therefore, novel security mechanisms are imperative, we propose Risk-driven Fault Injection (RDFI) techniques to address these challenges. RDFI applies the principles of chaos engineering to cloud security and leverages feedback loops to execute, monitor, analyze and plan security fault injection campaigns, based on a knowledge-base. The knowledge-base consists of fault models designed from secure baselines, cloud security best practices and observations derived during iterative fault injection campaigns. These observations are helpful for identifying vulnerabilities while verifying the correctness of security attributes (integrity, confidentiality and availability). Furthermore, RDFI proactively supports risk analysis and security hardening efforts by sharing security information with security mechanisms. We have designed and implemented the RDFI strategies including various chaos engineering algorithms as a software tool: CloudStrike. Several evaluations have been conducted with CloudStrike against infrastructure deployed on two major public cloud infrastructure: Amazon Web Services and Google Cloud Platform. The time performance linearly increases, proportional to increasing attack rates. Also, the analysis of vulnerabilities detected via security fault injection has been used to harden the security of cloud resources to demonstrate the effectiveness of the security information provided by CloudStrike. Therefore, we opine that our approaches are suitable for overcoming contemporary cloud security issues.

Cyber-power resiliency analysis of the distribution system is becoming critical with increase in adverse cyberevents. Distribution network operators need to assess and analyze the resiliency of the system utilizing the analytical tool with a carefully designed visualization and be driven by data and model-based analytics. This work introduces the Cyber-Physical Security Assessment Metric (CP-SAM) visualization tool to assist operators in ensuring the energy supply to critical loads during or after a cyber-attack. CP-SAM also provides decision support to operators utilizing measurement data and distribution power grid model and through well-designed visualization. The paper discusses the concepts of cyber-physical resiliency, software design considerations, open-source software components, and use cases for the tool to demonstrate the implementation and importance of the developed tool.

Trustworthy and secure operation of the cyber-power system calls for resilience against malicious and accidental failures. The objective of a resilient system is to withstand and recover operation of the system to supply critical loads despite multiple contingencies in the system. To take timely actions, we need to continuously measure the cyberphysical security of the system. We propose a cyber-physical security assessment metric (CP-SAM) based on quantitative factors affecting resiliency and utilizing concepts from graph theoretic analysis, probabilistic model of availability, attack graph metrics, and vulnerabilities across different layers of the microgrid system. These factors are integrated into a single metric using a multi-criteria decision making (MCDM) technique, Choquet Integral to compute CP-SAM. The developed metric will be valuable for i) monitoring the microgrid resiliency considering a holistic cyber-physical model; and ii) enable better decision-making to select best possible mitigation strategies towards resilient microgrid system. Developed CP-SAM can be extended for active distribution system and has been validated in a real-world power-grid test-bed to monitor the microgrid resiliency.

Over the last couple of decades, mobile ad-hoc networks (MANETs) have been at the forefront of research, yet still are afflicted by high network fragmentation, due to their continuous node mobility and geographical dispersion. To address these concerns, a new paradigm was proposed, Information-Centric Networks (ICN), whose focus is the delivery of Content based on names. This article aims to use ICN concepts towards the delivery of both urgent and non-urgent information in urban mobile environments. In order to do so, a context-based forwarding strategy was proposed, with a very clear goal: to take advantage of both packet Names and Data, and node's neighborhood analysis in order to successfully deliver content into the network in the shortest period of time, and without worsening network congestion. The design, implementation and validation of the proposed strategy was performed using the ndnSIM platform along with real mobility traces from communication infrastructure of the Porto city. The results show that the proposed context-based forwarding strategy presents a clear improvement regarding the Data resolution, while maintaining network overhead at a constant.

The progressive expansion of renewable energies, especially wind power plants being promoted in Germany as part of the energy transition, places new demands on the transmission grid. As an alternative to grid expansion, sector coupling of the gas and electricity sector through Power-to-Gas (PtG) technology is seen as a great opportunity to make the energy transmission more flexible and reliable in the future as well as make use of already existing gas infrastructure. In this paper, PtG plants are dimensioned and placed in a model of the German transmission grid. Time series based load flow calculations are performed allowing conclusions about the line loading for the exemplary year 2016.

A conversational agent (chatbot) is computer software capable of communicating with humans using natural language processing. The crucial part of building any chatbot is the development of conversation. Despite many developments in Natural Language Processing (NLP) and Artificial Intelligence (AI), creating a good chatbot model remains a significant challenge in this field even today. A conversational bot can be used for countless errands. In general, they need to understand the user's intent and deliver appropriate replies. This is a software program of a conversational interface that allows a user to converse in the same manner one would address a human. Hence, these are used in almost every customer communication platform, like social networks. At present, there are two basic models used in developing a chatbot. Generative based models and Retrieval based models. The recent advancements in deep learning and artificial intelligence, such as the end-to-end trainable neural networks have rapidly replaced earlier methods based on hand-written instructions and patterns or statistical methods. This paper proposes a new method of creating a chatbot using a deep neural learning method. In this method, a neural network with multiple layers is built to learn and process the data.

Since 2018, Thai People Map and Analytics Platform (TPMAP) has been developed with the aims of supporting government officials and policy makers with integrated household and community data to analyze strategic plans, implement policies and decisions to alleviate poverty. However, to acquire complex information from the platform, non-technical users with no database background have to ask a programmer or a data scientist to query data for them. Such a process is time-consuming and might result in inaccurate information retrieved due to miscommunication between non-technical and technical users. In this paper, we have developed a Thai conversational agent on top of TPMAP to support self-service data analytics on complex queries. Users can simply use natural language to fetch information from our chatbot and the query results are presented to users in easy-to-use formats such as statistics and charts. The proposed conversational agent retrieves and transforms natural language queries into query representations with relevant entities, query intentions, and output formats of the query. We employ Rasa, an open-source conversational AI engine, for agent development. The results show that our system yields Fl-score of 0.9747 for intent classification and 0.7163 for entity extraction. The obtained intents and entities are then used for query target information from a graph database. Finally, our system achieves end-to-end performance with accuracies ranging from 57.5%-80.0%, depending on query message complexity. The generated answers are then returned to users through a messaging channel.

Integrated with various electronic control units (ECUs), vehicles are becoming more intelligent with the assistance of essential connections. However, the interaction with the outside world raises great concerns on cyber-attacks. As a main standard for in-vehicle network, Controller Area Network (CAN) does not have any built-in security mechanisms to guarantee a secure communication. This increases risks of denial of service, remote control attacks by an attacker, posing serious threats to underlying vehicles, property and human lives. As a result, it is urgent to develop an effective in-vehicle network intrusion detection system (IDS) for better security. In this paper, we propose a Feature-based Sliding Window (FSW) to extract the feature of CAN Data Field and CAN IDs. Then we construct a convolutional encoder network (CEN) to detect network intrusion of CAN networks. The proposed FSW-CEN method is evaluated on real-world datasets. The experimental results show that compared to traditional data processing methods and convolutional neural networks, our method is able to detect attacks with a higher accuracy in terms of detection accuracy and false negative rate.

We propose to implement multipartite quantum communication network (QCN) by employing the cluster- state-based concept. The proposed QCN can be used to: (i) perform distributed quantum computing, (ii) teleport quantum states between any two nodes in QCN, and (iii) enable next generation of cyber security systems.

VSS (Verifiable Secret Sharing) protocols are used in a number of block-chain systems, such as Dfinity and Ouroboros to generate unpredicted random number flow, they can be used to determine the proposer list and the voting powers of the voters at each height. To prevent random numbers from being predicted and attackers from corrupting a sufficient number of participants to violate the underlying trust assumptions, updatable VSS protocol in distributed protocols is important. The updatable VSS universal setup is also a hot topic in zkSNARKS protocols such as Sonic [19]. The way that we make it updatable is to execute the share exchange process repeatedly on chain, this process is challenging to be implemented in asynchronous network model, because it involves the wrong shares and the complaints, it requires the participant has the same view towards the qualified key generators, we take this process on chain and rely on BFT consensus mechanism to solve this. The group secret is thus updatable on chain. This is an enhancement to Dfinity. Therefore, even if all the coefficients of the random polynomials of epoch n are leaked, the attacker can use them only in epoch n+2. And the threshold group members of the DKG protocol can be updated along with the updates of the staked accounts and nodes.

Modern relays often have algorithms that enhance the security of elements that are otherwise susceptible to current transformer (CT) saturation. In this paper, we consider some of the similarities and differences between IEEE and IEC guidance on CT selection. We use CT models verified using high-current tests on a physical CT. Then using these models, we determine CT sizing guidelines and relay settings for a generator and transformer differential relay. Application guidance for generator black start is provided. Considerations such as remanence are discussed.

Recent advances in information filtering have resulted in effective recommender systems that are able to provide online personalized recommendations to millions of users from all over the world. However, most of these systems ignore the explanation purpose while producing recommendations with high-quality results. Moreover, the classification of reviews given to users as explanations is not fully exploited in previous studies. In this paper, we develop a convolutional neural network-based reviews classification method for explainable recommendation systems. The convolutional neural network is used to extract the reviews features for predicting whether the reviews provided as explanations are positive or negative. Based on such additional information, users can understand not only why certain items are recommended for them but also get support to know the nature of such explanations. We conduct experiments on a dataset from Amazon. The experimental results show that our method outperforms state-of-the-art methods.