Biblio

Currently as the widespread use of virtual monetary units (like Bitcoin, Ethereum, Ripple, Litecoin) has begun, people with bad intentions have been attracted to this area and have produced and marketed ransomware in order to obtain virtual currency easily. This ransomware infiltrates the victim's system with smartly-designed methods and encrypts the files found in the system. After the encryption process, the attacker leaves a message demanding a ransom in virtual currency to open access to the encrypted files and warns that otherwise the files will not be accessible. This type of ransomware is becoming more popular over time, so currently it is the largest information technology security threat. In the literature, there are many studies about detection and analysis of this cyber-bullying. In this study, we focused on crypto-ransomware and investigated a forensic analysis of a current attack example in detail. In this example, the attack method and behavior of the crypto-ransomware were analyzed and it was identified that information belonging to the attacker was accessible. With this dimension, we think our study will significantly contribute to the struggle against this threat.

Wireless sensors are often deployed in environments where it is difficult for them to discern friend from enemy. An example case is a military tactical scenario, where sensors are deployed to map the location of an item but where some of the nodes have been compromised or where there are other malicious nodes present. In this scenario, sharing data with other network nodes may present a critical security risk to the sensor nodes. Blockchain technology, with its ability to house a secure distributed ledger, offers a possible solution. However, blockchain applications for Wireless Sensor Networks suffer from poor latency in block propagation which in turn decreases throughput and network scalability. Several researchers have proposed solutions for improved network throughput. In this work, a comparison of these existing works is performed leading to a taxonomy of existing algorithms. Characteristics consistently found in algorithms reporting improved throughput are presented and, later, these characteristics are used in the development of a new algorithm for improving throughput. The proposed algorithm utilizes a proof-of- authority consensus algorithm with a node trust-based scheme. The proposed algorithm shows strong results over the base case algorithm and was evaluated with blockchain network simulations of up to 20000 nodes.

Fake source packet routing protocols can ensure Source Location Privacy (SLP) protection. However, the protocols have demonstrated some performance limitations including high energy consumption, low packet delivery ratio (PDR), and long end-to-end delay (EED). In this study, a 2-level phantom routing protocol is proposed to address some limitations of an existing fake source packet routing protocol. The proposed protocol supplants the fake source packets with a random second level phantom node to alleviate the limitations. Analysis results confirm that the proposed protocol is capable of achieving strong SLP protection with minimized communication overhead. By removing the fake packet traffic in the network, the protocol incurs minimized energy consumption, maximized PDR, and minimized EED.

The ever-growing security issues in various mobile applications and smart devices create an urgent demand for a reliable and convenient user verification method. Traditional verification methods request users to provide their secrets (e.g., entering passwords and collecting fingerprints). We envision that the essential trend of user verification is to free users from active participation in the verification process. Toward this end, we propose a continuous user verification system, which re-uses the widely deployed WiFi infrastructure to capture the unique physiological characteristics rooted in user's respiratory motions. Different from the existing continuous verification approaches, posing dependency on restricted scenarios/user behaviors (e.g., keystrokes and gaits), our system can be easily integrated into any WiFi infrastructure to provide non-intrusive continuous verification. Specifically, we extract the respiration-related signals from the channel state information (CSI) of WiFi. We then derive the user-specific respiratory features based on the waveform morphology analysis and fuzzy wavelet transformation of the respiration signals. Additionally, a deep learning based user verification scheme is developed to identify legitimate users accurately and detect the existence of spoofing attacks. Extensive experiments involving 20 participants demonstrate that the proposed system can robustly verify/identify users and detect spoofers under various types of attacks.

The Internet Transport Protocol (ITP) is introduced to support reliable end-to-end transport services in the IP Internet without the need for end-to-end connections, changes to the Internet routing infrastructure, or modifications to name-resolution services. Results from simulation experiments show that ITP outperforms the Transmission Control Protocol (TCP) and the Named Data Networking (NDN) architecture, which requires replacing the Internet Protocol (IP). In addition, ITP allows transparent content caching while enforcing privacy.

Directional Overcurrent Relays (DOCRs) play an essential role in the power system protection to guarantee the reliability, speed of relay operation and avoiding mal-trip in the primary and backup relays when unintentional fault conditions occur in the system. Moreover, the dual setting protection scheme is more efficient protection schemes for offering fast response protection and providing flexibility in the coordination of relay. In this paper, the Adaptive Modified Firefly Algorithm (AMFA) is used to determine the optimal coordination of dual setting DOCRs in the ring distribution system. The AMFA is completed by choosing the minimum value of pickup current (\textbackslashtextbackslashpmbI\textbackslashtextbackslashpmbP) and time dial setting (TDS). On the other hand, dual setting DOCRs protection scheme also proposed for operating in both forward and reverse directions that consisted of individual time current characteristics (TCC) curve for each direction. The previous method is applied to the ring distribution system network of PT. Pupuk Sriwidjaja by considering the fault on each bus. The result illustration that the AMFA within dual setting protection scheme is significantly reaching the optimized coordination and the relay coordination is certain for all simulation scenarios with the minimum operation. The AMFA has been successfully implemented in MATLAB software programming.

With the increasing application of Information and Communication Technologies (ICTs), cyberattacks have become more prevalent against Cyber-Physical Systems (CPSs) such as the modern power grids. Various methods have been proposed to model the cybersecurity threats, but so far limited studies have been focused on the defensive strategies subject to the limited security budget. In this paper, the power supply reliability is evaluated considering the strategic allocation of defense resources. Specifically, the optimal mixed strategies are formulated by the Stackelberg Security Game (SSG) to allocate the defense resources on multiple targets subject to cyberattacks. The cyberattacks against the intrusion-tolerant Supervisory Control and Data Acquisition (SCADA) system are mathematically modeled by Semi-Markov Process (SMP) kernel. The intrusion tolerance capability of the SCADA system provides buffered residence time before the substation failure to enhance the network robustness against cyberattacks. Case studies of the cyberattack scenarios are carried out to demonstrate the intrusion tolerance capability. Depending on the defense resource allocation scheme, the intrusion-tolerant SCADA system possesses varying degrees of self-healing capability to restore to the good state and prevent the substations from failure. If more defense resources are invested on the substations, the intrusion tolerant capability can be further enhanced for protecting the substations. Finally, the actuarial insurance principle is designed to estimate transmission companies' individual premiums considering correlated cybersecurity risks. The proposed insurance premium principle is designed to provide incentive for investments on enhancing the intrusion tolerance capability, which is verified by the results of case studies.

Classification of Misbehaving Nodes in wireless mobile adhoc networks (MANET) by applying machine learning techniques is an attempt to enhance security by detecting the presence of malicious nodes. MANETs are prone to many security vulnerabilities due to its significant features. The paper compares two machine learning techniques namely Support Vector Machine (SVM) and Back Propagation Neural Network (BPNN) and finds out the best technique to detect the misbehaving nodes. This paper is simulated with an on-demand routing protocol in NS2.35 and the results can be compared using parameters like packet Delivery Ratio (PDR), End-To-End delay, Average Throughput.

Lightweight virtualization represented by container technology provides a virtual environment for cloud services with more flexibility and efficiency due to the kernel-sharing property. However, the shared kernel also means that the system isolation mechanisms are incomplete. Attackers can scan the shared system configuration files to explore vulnerabilities for launching attacks. Previous works mainly eliminate the problem by fixing operating systems or using access control policies, but these methods require significant modifications and cannot meet the security needs of individual containers accurately. In this paper, we present ConfigRand, a moving target defense framework to prevent the information leakages due to the shared kernel in the container-based cloud. The ConfigRand deploys deceptive system configurations for each container, bounding the scan of attackers aimed at the shared kernel. In design of ConfigRand, we (1) propose a framework applying the moving target defense philosophy to periodically generate, distribute, and deploy the deceptive system configurations in the container-based cloud; (2) establish a model to formalize these configurations and quantify their heterogeneity; (3) present a configuration movement strategy to evaluate and optimize the variation of configurations. The results show that ConfigRand can effectively prevent the information leakages due to the shared kernel and apply to typical container applications with minimal system modification and performance degradation.

The growing size of modern datasets necessitates splitting a large scale computation into smaller computations and operate in a distributed manner for improving overall performance. However, adversarial servers in a distributed computing system deliberately send erroneous data in order to affect the computation for their benefit. Computing Boolean functions is the key component of many applications of interest, e.g., classification problem, verification functions in the blockchain and the design of cryptographic algorithm. In this paper, we consider the problem of computing a Boolean function in which the computation is carried out distributively across several workers with particular focus on security against Byzantine workers. We note that any Boolean function can be modeled as a multivariate polynomial which can have high degree in general. Hence, the recently proposed Lagrange Coded Computing (LCC) can be used to simultaneously provide resiliency, security, and privacy. However, the security threshold (i.e., the maximum number of adversarial workers that can be tolerated) provided by LCC can be extremely low if the degree of the polynomial is high. Our goal is to design an efficient coding scheme which achieves the optimal security threshold. We propose two novel schemes called coded Algebraic normal form (ANF) and coded Disjunctive normal form (DNF). Instead of modeling the Boolean function as a general polynomial, the key idea of the proposed schemes is to model it as the concatenation of some linear functions and threshold functions. The proposed coded ANF and coded DNF outperform LCC by providing the security threshold which is independent of the polynomial's degree.

Internet of things (IoT) and Fog computing applications deal with sensitive data and need security tools to be protected against attackers. CoAP (Constrained Application Protocol), combined with DTLS (Datagram Transport Layer Security), provides security to IoT/Fog applications. However, processing times need to be considered when using this combination due to IoT/Fog environment constraints. Our work presents a CoAP with DTLS application and analyzes the performance of Raspberry Pi 3 during DTLS handshakes, data encryption and data decryption with the most relevant cipher suites. The performance of confirmable and non-confirmable CoAP POST requests is also measured and discussed in our work. We discovered that cipher suites that use RSA as an authentication method on handshake are slightly faster than cipher suites that use ECDSA, while symmetric key encryption with AES256(128)GCM are 40% faster than AES256(128) default modes. Our study also suggests CoAP modifications to obtain higher efficiency, and it might help future IoT/Fog application developers to understand CoAP and DTLS union, providing an application example and performance metrics.

Spring security is tremendously popular among practitioners for its ease of use to secure enterprise applications. In this paper, we study the application framework misconfiguration vulnerabilities in the light of Spring security, which is relatively understudied in the existing literature. Towards that goal, we identify 6 types of security anti-patterns and 4 insecure vulnerable defaults by conducting a measurement-based approach on 28 Spring applications. Our analysis shows that security risks associated with the identified security anti-patterns and insecure defaults can leave the enterprise application vulnerable to a wide range of high-risk attacks. To prevent these high-risk attacks, we also provide recommendations for practitioners. Consequently, our study has contributed one update to the official Spring security documentation while other security issues identified in this study are being considered for future major releases by Spring security community.

Over the years, public health has faced a large number of challenges like COVID-19. Medical cloud computing is a promising method since it can make healthcare costs lower. The computation of health data is outsourced to the cloud server. If the encrypted medical data is not decrypted, it is difficult to search for those data. Many researchers have worked on searchable encryption schemes that allow executing searches on encrypted data. However, many existing works support single-keyword search. In this article, we propose a patient-centered fine-grained attribute-based encryption scheme with multi-keyword search (CP-ABEMKS) for medical cloud computing. First, we leverage the ciphertext-policy attribute-based technique to construct trapdoors. Then, we give a security analysis. Besides, we provide a performance evaluation, and the experiments demonstrate the efficiency and practicality of the proposed CP-ABEMKS.

RSA is a popular asymmetric key algorithm with two keys scheme, a public key for encryption and private key for decryption. RSA has weaknesses in encryption and decryption of data, including slow in the process of encryption and decryption because it uses a lot of number generation. The reason is RSA algorithm can work well and is resistant to attacks such as brute force and statistical attacks. in this paper, it aims to strengthen the scheme by combining RSA with the One Time Pad algorithm so that it will bring up a new design to be used to enhance security on two-factor authentication. Contribution in this paper is to find a new scheme algorithm for an enhanced scheme of RSA. One Time Pad and RSA can combine as well.

Nowadays, ubiquitous healthcare monitoring applications are becoming a necessity. In a pervasive smart healthcare system, the user's location information is always transmitted periodically to healthcare providers to increase the quality of the service provided to the user. However, revealing the user's location will affect the user's privacy. This paper presents a novel cloud-based secure location privacy-preserving mobile healthcare framework with decision-making capabilities. A user's vital signs are sensed possibly through a wearable healthcare device and transmitted to a cloud server for securely storing user's data, processing, and decision making. The proposed framework integrates a number of features such as machine learning (ML) for classifying a user's health state, and crowdsensing for collecting information about a person's privacy preferences for possible locations and applying such information to a user who did not set his privacy preferences. In addition to location privacy preservation methods (LPPM) such as obfuscation, perturbation and encryption to protect the location of the user and provide a secure monitoring framework. The proposed framework detects clear emergency cases and quickly decides about sending a help message to a healthcare provider before sending data to the cloud server. To validate the efficiency of the proposed framework, a prototype is developed and tested. The obtained results from the proposed prototype prove its feasibility and utility. Compared to the state of art, the proposed framework offers an adaptive context-based decision for location sharing privacy and controlling the trade-off between location privacy and service utility.

Cloud computing has made the life of individual users and work of business corporations so much easier by providing them data storage services at very low costs. Individual users can store and access their data through shared cloud storage service anywhere anytime. Similarly, business corporation consumers of cloud computing can store, manage, process and access their big data with quite an ease. However, the security and privacy of users' data remains vulnerable in cloud computing Availability, integrity and confidentiality are the three primary elements that users consider before signing up for cloud computing services. Many public and private cloud services have experienced security breaches and unauthorized access incidents. This paper suggests user end cryptography of data before uploading it to a cloud storage service platform like Google Drive, Microsoft, Amazon and CloudSim etc. The proposed cryptography algorithm is based on symmetric key cryptography model and has been implemented on Amazon S3 cloud space service.

Video sharing from closed-circuit television video recording or in social media interaction requires self-authentication for responsible and reliable data sharing. Similarly, surveillance video recording is a powerful method of deterring unlawful activities. A Solution-by-Design can be helpful in terms of making a captured video immutable, as such recordings cannot become a piece of evidence until proven to be unaltered. This paper presents a computationally inexpensive method of preserving a chain-of-evidence in surveillance videos using steganography and hashing. The method conforms to the data protection regulations which are increasingly adopted by governments, and is applicable to network edge storage. Security credentials are stored in a hardware wallet independently of the video capture device itself, while evidential information is stored within video frames themselves, independently of the content. The proposed method has turned out to not only preserve the integrity of the stored video data but also results in very limited degradation of the video data due to steganography. Despite the presence of steganographic information, video frames are still available for common image processing tasks such as tracking and classification.

In this digital era, technology is upgrading day by day and becoming more agile and intelligent. Smart devices and gadgets are now being used to find solutions to complex problems in various domains such as health care, industries, entertainment, education, etc. The Transport system, which is the biggest challenge for any governing authority of a state, is also not untouched with this development. There are numerous challenges and issues with the existing transport system, which can be addressed by developing intelligent and autonomous vehicles. The existing vehicles can be upgraded to use sensors and the latest communication techniques. The advancements in the Internet of Things (IoT) have the potential to completely transform the existing transport system to a more advanced and intelligent transport system that is the Internet of Vehicles (IoV). Due to the connectivity with the Internet, the Internet of Vehicles (IoV) is exposed to various security threats. Security is the primary issue, which requires to be addressed for success and adoption of the IoV. In this paper, the applicability of machine learning based solutions to address the security issue of IoV is analyzed. The performance of six machine-learning algorithms to detect Bot threats is validated by the k-fold cross-validation method in python.

Considering the problem of network security under the background of big data, the clustering analysis algorithms can be utilized to improve the correctness of network intrusion detection models for security management. As a kind of iterative clustering analysis algorithm, K-means algorithm is not only simple but also efficient, so it is widely used. However, the traditional K-means algorithm cannot well solve the network security problem when facing big data due to its high complexity and limited processing ability. In this case, this paper proposes to optimize the traditional K-means algorithm based on the Spark platform and deploy the optimized clustering analysis algorithm in the distributed architecture, so as to improve the efficiency of clustering algorithm for network intrusion detection in big data environment. The experimental result shows that, compared with the traditional K-means algorithm, the efficiency of the optimized K-means algorithm using a Spark-based method is significantly improved in the running time.

Budding technologies like IoT requires minimum latency for performing real-time applications. The IoT devices collect a huge amount of big data and stores in the cloud environment, because of its on-demand services and scalability. But processing the needed information of the IoT devices from the cloud computing environment is found to be time-sensitive one. To eradicate this issue fog computing environment was created which acts an intermediate between the IoT devices and cloud computing environment. The fog computing performs intermediate computation and storage which is needed by IoT devices and it eliminates the drawbacks of latency and bandwidth limitation faced by directly using cloud computing for storage and accessing. The fog computing even though more advantageous it is more exposed to security issues by its architecture. This paper concentrates more on the security issues met by fog computing and the present methods used by the researchers to secure fog with their pros and cons.

The ability to react to a malicious attack starts with high fidelity recognition, and with that, an agile response to the attack. The current Operational Technology (OT) systems for a critical infrastructure include an intrusion detection system (IDS), but the ability to adapt to an intrusion is a human initiated response. Orchestrators, which are coming of age in the financial sector and allow for levels of automated response, are not prevalent in the OT space. To evolve to such responses in the OT space, a tradeoff analysis is first needed. This tradeoff analysis should evaluate the mitigation benefits of responses versus the physical affects that result. Providing an informed and automated response decision. This paper presents a formulation of a novel tradeoff analysis and its use in advancing a cyber-physical architecture for automated responses (CyPhAAR).

In this paper, the Authors present MQTT (ISO/IEC 20922), coupled with Public-key Infrastructure (PKI) as being highly suited to the secure and timely delivery of the command and control messages required in a low-latency Automated Demand Response (ADR) system which makes use of domestic-level electrical loads connected to the Internet. Several use cases for ADR are introduced, and relevant security considerations are discussed; further emphasizing the suitability of the proposed infrastructure. The authors then describe their testbed platform for testing ADR functionality, and finally discuss the next steps towards getting these kinds of technologies to the next stage.

With the expansion of Internet of Things (IoT) that relies on heterogeneous, dynamic, and massively deployed devices, device management (DM) (i.e., remote administration such as firmware update, configuration, troubleshooting and tracking) is required for proper quality of service and user experience, deployment of new functions, bug corrections and security patches distribution. Existing industrial DM platforms and approaches do not suit IoT devices and are already showing their limits with a few static home devices (e.g., routers, TV Decoders). Indeed, undetected buggy firmware deployment and manual target device identification are common issues in existing systems. Besides, these platforms are manually operated by experts (e.g., system administrators) and require extensive knowledge and skills. Such approaches cannot be applied on massive and diverse devices forming the IoT. To tackle these issues, our work in an industrial research context proposes to apply autonomic computing to DM platforms operation and impact tracking. Specifically, our contribution relies on automated device targeting (i.e., aiming only suitable devices) and impact-aware DM (i.e., error and anomalies detection preceding patch generalization on all suitable devices of a given fleet). Our solution is composed of three coordinated autonomic loops and allows more accurate and faster irregularity diagnosis, vertical scaling along with simpler IoT DM platform administration. For experimental validation, we developed a prototype that demonstrates encouraging results compared to simulated legacy telecommunication operator approaches (namely Orange).

The goal of this project is to create a realistic VR experience of solitary confinement and study its impact on users. Although there have been active debates and studies on this subject, very few people have personal experience of solitary confinement. Our first aim is to create such an experience in VR to raise the awareness of solitary confinement. We also want to conduct user studies to compare the VR solitary confinement experience with other types of media experiences, such as films or personal narrations. Finally, we want to study people’s sense of time in such a VR environment.

The paper deals with the modelling and simulation of a Fast Discharge Unit (FDU) for quench protection of the Toroidal Field (TF) magnets of the Divertor Tokamak Test, an experimental facility under design and construction in Frascati (Italy). The FDU is a safety key component that protects the superconducting magnets when a quench is detected through the fast extraction of the energy stored in superconducting magnets by adding in the TF magnets a dump (or discharge) resistor. In the paper, two different configurations of dump resistors (fixed and variable respectively) have been analysed and discussed. As a first result, it is possible to underline that the configuration with variable dump resistor is more efficient than the one with a fixed dump resistor.