Biblio

With the rise of the so-called Adversarial Attacks, there is an increased concern on model security. In this paper we present two different contributions: novel measures of robustness (based on adversarial attacks) and a novel adversarial attack. The key idea behind these metrics is to obtain a measure that could compare different architectures, with independence of how the input is preprocessed (robustness against different input sizes and value ranges). To do so, a novel adversarial attack is presented, performing a delayed elastic-net adversarial attack (constraints are only used whenever a successful adversarial attack is obtained). Experimental results show that our approach obtains state-of-the-art adversarial samples, in terms of minimal perturbation distance. Finally, a benchmark of ImageNet pretrained models is used to conduct experiments aiming to shed some light about which model should be selected whenever security is a role factor.

Cyber-attacks detection in modern power systems is undoubtedly indispensable to enhance their resilience and guarantee the continuous production of electricity. As the number of attacks is very small compared to normal events, and attacks are unpredictable, it is not obvious to build a model for attacks. Here, only anomaly-free measurements are utilized to build a reference model for intrusion detection. Specifically, this study presents an unsupervised intrusion detection approach using the k-nearest neighbor algorithm and exponential smoothing monitoring scheme for uncovering attacks in modern power systems. Essentially, the k-nearest neighbor algorithm is implemented to compute the deviation between actual measurements and the faultless (training) data. Then, the exponential smoothing method is used to set up a detection decision-based kNN metric for anomaly detection. The proposed procedure has been tested to detect cyber-attacks in a two-line three-bus power transmission system. The proposed approach has been shown good detection performance.

Over the years, operating systems (OSs) have grown significantly in complexity and size providing attackers with more avenues to compromise their security. By eliminating the OS, it becomes possible to develop general-purpose non-embedded applications that are free of typical OS-related vulnerabilities. Such applications are simpler and smaller in size, making it easier secure the application code. Bare machine computing (BMC) applications run on ordinary desktops and laptops without the support of any operating system or centralized kernel. Many BMC applications have been developed previously for single-core systems. We show how to build BMC applications for multicore systems by presenting the design and implementation of a novel UDP-based bare machine prototype Web server for a multicore architecture. We also include preliminary experimental results from running the server on the Internet. This work provides a foundation for building secure computer applications that run on multicore systems without the need for intermediary software.

The popularity of cloud storage among data users is due to easy maintenance, and no initial infrastructure setup cost as compared to local storage. However, although the data users outsource their data to cloud storage (a third party) still, they concern about their physical data. To check whether the data stored in the cloud storage has been modified or not, public auditing of the data is required before its utilization. To audit over vast outsourced data, the availability of the auditor is an essential requirement as nowadays, data owners are using mobile devices. But unfortunately, a single auditor leads to a single point of failure and inefficient to preserve the security and correctness of outsourced data. So, we introduce a distributed public auditing scheme which is based on peer-to-peer (P2P) architecture. In this work, the auditors are organized using a distributed hash table (DHT) mechanism and audit the outsourced data with the help of a published hashed key of the data. The computation and communication overhead of our proposed scheme is compared with the existing schemes, and it found to be an effective solution for public auditing on outsourced data with no single point of failure.

This paper is devoted to the choice and justification of a joint-level controller for a joint with intrinsic elasticity. Such joints show a number of advantages in terms of shock robustness, interaction safety, energy efficiency and so on. On the other hand, the addition of elastic element, i.e. a torsion spring, leads to oscillating behaviour. Thus, more elaborate controller structure is required. Active damping injection approach is chosen in this article to improve the joint performance and achieve smooth motion. A method to select controller gains is suggested as well which allows step-wise customization, by which either the settling time can be minimized or the motion can be made fully smooth. Finally, the controller performance is verified in simulation.

An interesting idea of integrated non-Foster self-oscillating radiating system has been introduced recently. The device consists of two identical antennas, a negative impedance converter (NIC) and a tuning circuit. Admittance of one of the antennas is negatively converted via NIC, and cancelled by the positive admittance of the second identical antenna. With the change of frequency, admittances of both antennas change in the exactly same manner. It makes a self-oscillating and perfectly matched pair of antennas, regardless of the operating frequency. The adjustment of the frequency of a self-oscillating signal is achieved by the additional tunable resonant circuit. This paper analyses dynamics of oscillations of such self-oscillating radiating system and compares it with a classical negative resistance oscillator. Moreover, a simple numerical tool for prediction of the frequency and amplitude of oscillations is proposed.

In machine learning Trojan attacks, an adversary trains a corrupted model that obtains good performance on normal data but behaves maliciously on data samples with certain trigger patterns. Several approaches have been proposed to detect such attacks, but they make undesirable assumptions about the attack strategies or require direct access to the trained models, which restricts their utility in practice.This paper addresses these challenges by introducing a Meta Neural Trojan Detection (MNTD) pipeline that does not make assumptions on the attack strategies and only needs black-box access to models. The strategy is to train a meta-classifier that predicts whether a given target model is Trojaned. To train the meta-model without knowledge of the attack strategy, we introduce a technique called jumbo learning that samples a set of Trojaned models following a general distribution. We then dynamically optimize a query set together with the meta-classifier to distinguish between Trojaned and benign models.We evaluate MNTD with experiments on vision, speech, tabular data and natural language text datasets, and against different Trojan attacks such as data poisoning attack, model manipulation attack, and latent attack. We show that MNTD achieves 97% detection AUC score and significantly outperforms existing detection approaches. In addition, MNTD generalizes well and achieves high detection performance against unforeseen attacks. We also propose a robust MNTD pipeline which achieves around 90% detection AUC even when the attacker aims to evade the detection with full knowledge of the system.

Due to respectively limited training data, different entities addressing the same vision task based on certain sensitive images may not train a robust deep network. This paper introduces a new vision task where various entities share task-specific image data to enlarge each other's training data volume without visually disclosing sensitive contents (e.g. illegal images). Then, we present a new structure-based training regime to enable different entities learn task-specific and reconstruction-proof image representations for image data sharing. Specifically, each entity learns a private Deep Poisoning Module (DPM) and insert it to a pre-trained deep network, which is designed to perform the specific vision task. The DPM deliberately poisons convolutional image features to prevent image reconstructions, while ensuring that the altered image data is functionally equivalent to the non-poisoned data for the specific vision task. Given this equivalence, the poisoned features shared from one entity could be used by another entity for further model refinement. Experimental results on image classification prove the efficacy of the proposed method.

Mobile Ad Hoc Network (MANET) is one of the types of Ad-hoc Network which is comprised of wireless in a network. The main problem in this research is the vulnerability of the protocol routing Dymo against jellyfish attack, so it needs detection from a jellyfish attack. This research implements the DELPHI method to detect jellyfish attacks on a DYMO protocol which has better performance because the Delay Per-Hop Indicator (DELPHI) gathers the amount of hop and information delay from the disjoint path and calculates the delays per-hop as an indicator of a jellyfish attack. The evaluation results indicate an increase in the end-to-end delay average, start from 112.59s in 10 nodes increased to 143.732s in 30 nodes but reduced to 84,2142s in 50 nodes. But when the DYMO routing did not experience any jellyfish attacks both the delivery ratio and throughput are decreased. The delivery ratio, where decreased from 10.09% to 8.19% in 10 nodes, decreased from 20.35% to 16.85%, and decreased from 93.5644% to 82.825% in 50 nodes. As for the throughput, for 10 nodes decreased from 76.7677kbps to 68.689kbps, for 30 nodes decreased from 100kbps to 83.5821kbps and for 50 nodes decreased from 18.94kbps to 15.94kbps.

One of the most dynamic network is the Mobile Adhoc (MANET) network. It is a list of numerous mobile nodes. Dynamic topology and lack of centralization are the basic characteristics of MANET. MANETs are prone to many attacks due to these characteristics. One of the attacks carried out on the network layer is the blackhole attack. In a black-hole attack, by sending false routing information, malicious nodes interrupt data transmission. There are two kinds of attacks involving a black-hole, single and co-operative. There is one malicious node in a single black-hole attack that can act as the node with the highest sequence number. The node source would follow the direction of the malicious node by taking the right direction. There is more than one malicious node in the collaborative black-hole attack. One node receives a packet and sends it to another malicious node in this attack. It is very difficult to detect and avoid black-hole attacks. Many researchers have invented black-hole attack detection and prevention systems. In this paper, We find a problem in the existing solution, in which validity bit is used. This paper also provides a comparative study of many scholars. The source node is used to detect and prevent black hole attacks by using a binary partition clustering based algorithm. We compared the performance of the proposed solution with existing solution and shown that our solution outperforms the existing one.

Nowadays most of our data is stored on an electronic device. The risk of that device getting infected by Viruses, Malware, Worms, Trojan, Ransomware, or any unwanted invader has increased a lot these days. This is mainly because of easy access to the internet. Viruses and malware have evolved over time so identification of these files has become difficult. Not only by viruses and malware your device can be attacked by a click on forged URLs. Our proposed solution for this problem uses machine learning techniques and signature matching techniques. The main aim of our solution is to identify the malicious programs/URLs and act upon them. The core idea in identifying the malware is selecting the key features from the Portable Executable file headers using these features we trained a random forest model. This RF model will be used for scanning a file and determining if that file is malicious or not. For identification of the virus, we are using the signature matching technique which is used to match the MD5 hash of the file with the virus signature database containing the MD5 hash of the identified viruses and their families. To distinguish between benign and illegitimate URLs there is a logistic regression model used. The regression model uses a tokenizer for feature extraction from the URL that is to be classified. The tokenizer separates all the domains, sub-domains and separates the URLs on every `/'. Then a TfidfVectorizer (Term Frequency - Inverse Document Frequency) is used to convert the text into a weighted value. These values are used to predict if the URL is safe to visit or not. On the integration of all three modules, the final application will provide full system protection against malicious software.

One of the many methods for identifying malware is to disassemble the malware files and obtain the opcodes from them. Since malware have predominantly been found to contain specific opcode sequences in them, the presence of the same sequences in any incoming file or network content can be taken up as a possible malware identification scheme. Malware detection systems help us to understand more about ways on how malware attack a system and how it can be prevented. The proposed method analyses malware executable files with the help of opcode information by converting the incoming executable files to assembly language thereby extracting opcode information (opcode count) from the same. The opcode count is then converted into opcode frequency which is stored in a CSV file format. The CSV file is passed to various machine learning algorithms like Decision Tree Classifier, Random Forest Classifier and Naive Bayes Classifier. Random Forest Classifier produced the highest accuracy and hence the same model was used to predict whether an incoming file contains a potential malware or not.

This paper describes a design of IoT enabled real-time bus tracking system. In this work a bus tracking mobile phone app is developed, using that people can exactly locate the bus status and time to bus arrival at bus-stop. This work uses high-frequency RFID tags at buses and RFID receivers at busstops and with NodeMCU real-time RIFD tagging (bus running) information is collected and uploaded on the cloud. Users can access the bus running and status from the cloud on the mobile app in real-time.

Radio Frequency Identification (RFID) technology has attracted much attention due to its variety of applications, e.g., inventory control and object tracking. Tag identification protocols are essential in such applications. However, in such protocols, significant time and power are consumed on inevitable simultaneous tag replies (collisions) because tags can't sense the media to organize their replies to the reader. In this paper, novel reader-tag interaction method is proposed in which low-complexity Digital Baseband Modulation Termination (DBMT) circuit is added to RFID tags to enhance collision resolution efficiency in conjunction with Streamlined Collision Resolution (SCR) scheme. The reader, in the proposed SCR, cuts off or reduces the power of its continuous wave signal for specific periods if corrupted data is detected. On the other hand, DBMT circuit at the tag measures the time of the reader signal cutoff, which in turn, allows the tag to interpret different cutoff periods into commands. SCR scheme is applied to ALOHA- and Tree-based protocols with varying numbers of tags to evaluate the performance under low and high collision probabilities. SCR provides a significant enhancement to both types of protocols with robust synchronization within collision slots. This novel reader-tag interaction method provides a new venue for revisiting tag identification and counting protocols.

The work shows the RFID cards as e-document rather than a paper passport with embedded chip as the e-passport. This type of Technological advancement creates benefits like the information can be stored electronically. The aim behind this is to reduce or stop the uses of illegal document. This will assure the security and prevent illegal entry in particular country by fake documents it will also maintain the privacy of the owner. Here, this research work has proposed an e-file verification device by means of RFID. Henceforth, this research work attempts to develop a new generation for file verification by decreasing the human effort. The most important idea of this examine is to make it feasible to get admission to the info of proprietor of the file the usage of RFID generation. For this the man or woman is issued RFID card. This card incorporates circuit which is used to store procedure information via way of modulating and demodulating the radio frequency sign transmitted. Therefore, the facts saved in this card are referred to the file element of the man or woman. With the help of the hardware of the proposed research work RFID Based E-Document verification provides a tag to the holder which produces waves of electromagnetic signal and then access the data. The purpose is to make the verification of document easy, secured and with less human intervention. In the proposed work, the comparative analysis is done using RFID technology in which 100 documents are verified in 500 seconds as compared to manual work done in 3000 seconds proves the system to be 6 times more efficient as compared to conventional method.

With the rapid advancements in information technology, data security has become an indispensable component. Cryptography performs a significant role in establishing information security. Computational problems have been utilized extensively by cryptographers to construct digital signature schemes. Digital signature schemes offer security services such as confidentiality, authenticity, integrity, and non-repudiation of a message. This paper proposes a modification of the Dilithium signature scheme that is secure against unforgeability attack based on the hardness of lattice problems such as Learning With Errors and Short Integer Solution over lattices. Using the rejection sampling technique, data is sampled from a uniform distribution to generate keys that are expanded into a matrix. The keys are hashed and signed by the sender to generate a message, which is then accepted by the receiver upon verification. Finally, the security analysis for the proposed signature scheme is provided with a strong emphasis on the security of the secret key. We prove that the attacker cannot forge a signature on a message, and recommended parameters are proposed.

Trust is vital to promoting human and robot collaboration, but like human teammates, robots make mistakes that undermine trust. As a result, a human’s perception of his or her robot teammate’s trustworthiness can dramatically decrease [1], [2], [3], [4]. Trustworthiness consists of three distinct dimensions: ability (i.e. competency), benevolence (i.e. concern for the trustor) and integrity (i.e. honesty) [5], [6]. Taken together, decreases in trustworthiness decreases trust in the robot [7]. To address this, we conducted a 2 (high vs. low anthropomorphism) x 4 (trust repair strategies) between-subjects experiment. Preliminary results of the first 164 participants (between 19 and 24 per cell) highlight which repair strategies are effective relative to ability, integrity and benevolence and the robot’s anthropomorphism. Overall, this paper contributes to the HRI trust repair literature.

In recent years we can observe that digital forensics is being applied to a variety of domains as nearly any data can become valuable forensic evidence. The sheer scope of web-based investigations provides a vast amount of information. Due to a rapid increase in the number of cybercrimes the importance of application-specific forensics is greater than ever. Criminals use the application not only to communicate but also to facilitate crimes. It came to our attention that the gaming chat application Discord is one of them. Discord allows its users to send text messages as well as exchange image, video, and audio files. While Discord's community is not as large as that of the most popular messaging apps the stable growth of its userbase and recent incidents indicate that it is used by criminals. This paper presents our research into the digital forensic analysis of Discord client-side artefacts and presents experimental development of a tool for extraction, analysis, and presentation of the data from Discord application. The work then proposes a solution in form of a tool, `DiscFor', that can retrieve information from the application's local files and cache storage.

To provide web browsing and video streaming services with desirable quality, cache servers have been widely used to deliver digital data to users from locations close to users. For example, in the MEC (mobile edge computing), cache memories are provided at base stations of 5G cellular networks to reduce the traffic load in the backhaul networks. Cache servers are also connected to many edge routers in the CDN (content delivery network), and they are provided at routers in the ICN (information-centric networking). However, the cache pollution attack (CPA) which degrades the cache hit ratio by intentionally sending many requests to non-popular contents will be a serious threat in the cache networks. Quickly detecting the CPA hosts and protecting the cache servers is important to effectively utilize the cache resources. Therefore, in this paper, we propose a method of accurately detecting the CPA hosts using a limited amount of memory resources. The proposed method is based on a Bloom filter using the combination of identifiers of host and content as keys. We also propose to use two Bloom filters in parallel to continuously detect CPA hosts. Through numerical evaluations, we show that the proposed method suppresses the degradation of the cache hit ratio caused by the CPA while avoiding the false identification of legitimate hosts.

End users consider the data available through web as unmodified. Even when the web is secured by HTTPS, the data can be tampered in numerous tactical ways reducing trust on the integrity of data at the clients' end. One of the ways in which the web pages can be modified is via client side browser extensions. The extensions can transparently modify the web pages at client's end and can include new data to the web pages with minimal permissions. Clever modifications can be addition of a fake news or a fake advertisement or a link to a phishing website. We have identified through experimentation that such attacks are possible and have potential for serious damages. To prevent and detect such modifications we present a novel domain expressiveness based approach that uses DNS (Domain Name System) TXT records to express the Hash of important web pages that gets verified by the browsers to detect/thwart any modifications to the contents that are launched via client side malicious browser extensions or via cross site scripting. Initial experimentation suggest that the technique has potential to be used and deployed.

We analyze partner health apps compatible with the Fitbit fitness tracker, and record what third parties they are talking to. We focus on the ten partner Android applications that have more than 50,000 downloads and are fitness-related. Our results show that most of the them contact “unexpected” third parties. Such third parties include social networks; analytics and advertisement services; weather APIs. We also investigate what information is shared by the partner apps with these unexpected entities. Our findings suggest that in many cases personal information of users might be shared, including the phone model; location and SIM carrier; email and connection history.

Recent years have seen an increase in medical big data, which can be attributed to a paradigm shift experienced in medical data sharing induced by the growth of medical technology and the Internet of Things. The evidence of this potential has been proved during the recent covid-19 pandemic, which was characterised by the use of medical wearable devices to help with the medical data exchange between the healthcare providers and patients in a bid to contain the pandemic. However, the use of these technologies has also raised questions and concerns about security and privacy risks. To assist in resolving this issue, this paper proposes a blockchain-based access control framework for managing access to users’ medical data. This is facilitated by using a smart contract on the blockchain, which allows for delegated access control and secure user authentication. This solution leverages blockchain technology’s inherent autonomy and immutability to solve the existing access control challenges. We have presented the solution in the form of a medical wearable sensor prototype and a mobile app that uses the Ethereum blockchain in a real data sharing control scenario. Based on the empirical results, the proposed solution has proven effective. It has the potential to facilitate reliable data exchange while also protecting sensitive health information against potential threats. When subjected to security analysis and evaluation, the system exhibits performance improvements in data privacy levels, high security and lightweight access control design compared to the current centralised access control models.

As data being produced by IoT applications continues to explode, there is a growing need to bring computing power closer to the source of the data to meet the response-time, power dissipation and cost goals of performance-critical applications in various domains like Industrial Internet of Things (IIoT), Automated Driving, Medical Imaging or Surveillance among others. This paper proposes a data collection and utilization framework that allows runtime platform and application data to be sent to an edge and cloud system via data collection agents running close to the platform. Agents are connected to a cloud system able to train AI models to improve overall energy efficiency of an AI application executed on a edge platform. In the implementation part we show the benefits of FPGA-based platform for the task of object detection. Furthermore we show that it is feasible to collect relevant data from an FPGA platform, transmit the data to a cloud system for processing and receiving feedback actions to execute an edge AI application energy efficiently. As future work we foresee the possibility to train, deploy and continuously improve a base model able to efficiently adapt the execution of edge applications.

The digitalization process did not circumvent either railway domain. With new technology and new functionality, such as digital interlocking system, automated train operation, object recognition, GPS positioning, traditional railway domain got a vulnerability that can be exploited. Another issue is usage of CotS (Commercial-of-the-Shelf) hardware and software and openness of traditionally closed system. Most of published similar paper are focused on cyber security and security & safety model for securing of assessment in this kind of domain, but this paper will deal with this upcoming railway technology and digital investigation process in such kind of environment. Digital investigation process will be presented, but not only in ICS and SCADA system, but also in specific, railway environment. Framework for investigation process and for maintaining chain of custody in railway domain will be proposed.

The envisioned massive deployment of network slices in 5G and beyond mobile systems makes the shift towards zero-touch, scalable and secure slice lifecycle management a necessity. This is to harvest the benefits of network slicing in enabling profitable services. These benefits will not be attained without ensuring a high level security of the created network slices and the underlying infrastructure, above all in a zero-touch automated fashion. In this vein, this paper presents the architecture of an innovative network slicing security orchestration framework, being developed within the EU H2020 MonB5G project. The framework leverages the potential of Security as a Service (SECaaS) and Artificial Intelligence (AI) to foster fully-distributed, autonomic and fine-grained management of network slicing security from the node level to the end-to-end and inter-slice levels.