Biblio

Intentional electromagnetic interference (IEMI) of information and communication devices is based on high-power electromagnetic environments far exceeding the device immunity to electromagnetic interference. IEMI dramatically alters the electromagnetic environment throughout the device by interfering with the electromagnetic waves inside the device and destroying low-tolerance integrated circuits (ICs) and other elements, thereby reducing the availability of the device. In contrast, in this study, by using a hardware Trojan (HT) that is quickly mountable by physically accessing the devices, to locally weaken the immunity of devices, and then irradiating electromagnetic waves of a specific frequency, only the attack targets are intentionally altered electromagnetically. Therefore, we propose a method that uses these electromagnetic changes to rewrite or generate data and commands handled within devices. Specifically, targeting serial communication systems used inside and outside the devices, the installation of an HT on the communication channel weakens local immunity. This shows that it is possible to generate an electrical signal representing arbitrary data on the communication channel by applying electromagnetic waves of sufficiently small output compared with the conventional IEMI and letting the IC process the data. In addition, we explore methods for countering such attacks.

Cognitive radio is a promising technology that intends on solving the spectrum scarcity problem by allocating free spectrum dynamically to the unlicensed Secondary Users (SUs) in order to establish coexistence between the licensed Primary User (PU) & SUs, without causing any interference to the incumbent transmission. Primary user emulation attack (PUEA) is one such major threat posed on spectrum sensing, which decreases the spectrum access probability. Detection and defense against PUEA is realized using Yardstick based Threshold Allocation technique (YTA), by assigning threshold level to the base station thereby efficiently enhancing the spectrum sensing ability in a dynamic CR network. The simulation is performed using NS2 and analysis by using X-graph. The results shows minimum interference to primary transmissions by letting SUs spontaneously predict the prospective spectrum availability and aiding in effective prevention of potential emulation attacks along with proficient improvement of throughput in a dynamic cognitive radio environment.

The number of phishing attacks has increased in Latin America, exceeding the operational skills of cybersecurity analysts. The cognitive security application proposes the use of bigdata, machine learning, and data analytics to improve response times in attack detection. This paper presents an investigation about the analysis of anomalous behavior related with phishing web attacks and how machine learning techniques can be an option to face the problem. This analysis is made with the use of an contaminated data sets, and python tools for developing machine learning for detect phishing attacks through of the analysis of URLs to determinate if are good or bad URLs in base of specific characteristics of the URLs, with the goal of provide realtime information for take proactive decisions that minimize the impact of an attack.

From the point of view of statistical signal processing, the dynamic range for one-bit quantisers with time-varying thresholds is studied. Maximum tolerable amplitudes, minimum detectable amplitudes and dynamic ranges of this one-bit sampling approach and uniform quantisers, such as N-bits analogue-to-digital converters (ADCs), are derived and simulated. The results reveal that like conventional ADCs, the dynamic ranges of one-bit sampling approach are linearly proportional to the Gaussian noise standard deviations, while one-bit sampling's dynamic ranges are lower than N-bits ADC under the same noise levels.

In this paper, a novel method for tomographic microwave imaging based on the Compressive Processing (CP) paradigm is proposed. The retrieval of the dielectric profiles of the scatterers is carried out by efficiently solving both the sampling and the sensing problems suitably formulated under the first order Born approximation. Selected numerical results are presented in order to show the improvements provided by the CP with respect to conventional compressive sensing (CSE) approaches.

Density information has been used as a property of sound to restore objects in a quantitative manner in ultrasound tomography based on backscatter theory. In the traditional method, the authors only study the distorted Born iterative method (DBIM) to create density images using Tikhonov regularization. The downside is that the image quality is still low, the resolution is low, the convergence rate is not high. In this paper, we study the DBIM method to create density images using compressive sampling technique. With compressive sampling technique, the probes will be randomly distributed on the measurement system (unlike the traditional method, the probes are evenly distributed on the measurement system). This approach uses the l1 regularization to restore images. The proposed method will give superior results in image recovery quality, spatial resolution. The limitation of this method is that the imaging time is longer than the one in the traditional method, but the less number of iterations is used in this method.

Botnets have been a major area of concern in the field of cybersecurity. There have been a lot of research works for detection of botnets. However, everyday cybercriminals are coming up with new ideas to counter the well-known detection methods. One such popular method is domain flux-based botnets in which a large number of domain names are produced using domain generation algorithm. In this paper, we have proposed a robust way of detecting DGA-based botnets using few novel features covering both syntactic and semantic viewpoints. We have used Area under ROC curve as our performance metric since it provides comprehensive information about the performance of binary classifiers at various thresholds. Results show that our approach performs significantly better than the baseline approach. Our proposed method can help in detecting established DGA bots (equipped with extensive features) as well as prospective advanced DGA bots imitating real-world domain names.

The threats posed by botnets in the cyber-space continues to grow each day and it has become very hard to detect or infiltrate bots given that the botnet developers each day keep changing the propagation and attack techniques. Currently, most of these attacks have been centered on stealing computing energy, theft of personal information and Distributed Denial of Service (DDoS attacks). In this paper, the authors propose a novel technique that uses the Non-Deterministic Polynomial-Time Hardness (NP-Hard Problem) based on the Traveling Salesperson Person (TSP) that depicts that a given bot, bj, is able to visit each host on a network environment, NE, and then it returns to the botmaster in form of instruction(command) through optimal minimization of the hosts that are or may be attacked. Given that bj represents a piece of malicious code and based on TSP-NP Hard Problem which forms part of combinatorial optimization, the authors present an effective approach for the detection of the botnet. It is worth noting that the concentration of this study is basically on the centralized botnet architecture. This holistic approach shows that botnet detection accuracy can be increased with a degree of certainty and potentially decrease the chances of false positives. Nevertheless, a discussion on the possible applicability and implementation has also been given in this paper.

Service Function Chaining (SFC) provides a special capability that defines an ordered list of network services as a virtual chain and makes a network more flexible and manageable. However, SFC is vulnerable to various attacks caused by compromised switches, especially the middlebox-bypass attack. In this paper, we propose a system that can detect not only middlebox-bypass attacks but also other incorrect forwarding actions by compromised switches. The existing solutions to protect SFC against compromised switches and middlebox-bypass attacks can only solve individual problems. The proposed system uses both probe-based and statistics-based methods to check the probe packets with random pre-assigned keys and collect statistics from middleboxes for detecting any abnormal actions in SFC. It is shown that the proposed system takes only 0.08 ms for the packet processing while it prevents SFC from the middlebox-bypass attacks and compromised switches, which is the negligible delay.

Near Field Communication (NFC) is a short- range wireless communication technology that supports several features, one of which is an electronic payment. NFC works at a limited distance to exchange information. In terms of security, NFC technology has a gap for attackers to carry out attacks by forwarding information illegally using the target NFC network. A relay attack that occurs due to the theft of some data by an attacker by utilizing close communication from NFC is one of them. Relay attacks can cause a lot of loss in terms of material sacrifice. It takes countermeasures to overcome the problem of electronic payments with NFC technology. Detection of anomalous data is one way that can be done. In an attack, several abnormalities can be detected which can be used to prevent an attack. Markov Chain is one method that can be used to detect relay attacks that occur in electronic payments using NFC. The result shows Markov chain can detect anomalies in relay attacks in the case of electronic payment.

In asymmetric group key agreement (ASGKA) protocols, a group of users establish a common encryption key which is publicly accessible and compute pairwise different decryption keys. It is left as an open problem to design an ASGKA protocol with traitor traceability in Eurocrypt 2009. A one-round dynamic authenticated ASGKA protocol with public traitor traceability is proposed in this study. It provides a black-box tracing algorithm. Ind-CPA security with key compromise impersonation resilience (KCIR) and forward secrecy of ASGKA protocols is formally defined. The proposed protocol is proved to be Ind-CPA secure with KCIR and forward secrecy under D k-HDHE assumption. It is also proved that the proposed protocol resists collusion attack. In Setup algorithm and Join algorithm, one communication round is required. In Leave algorithm, no message is required to be transmitted. The proposed protocol adopts O(log N)-way asymmetric multilinear map to make the size of public key and the size of ciphertext both achieve O(logN), where N is the number of potential group members. This is the first ASGKA protocol with public traitor traceability which is more efficient than trivial construction of ASGKA protocols.

Chaotic dynamics is widely used to design pseudo-random number generators and for other applications, such as secure communications and encryption. This paper aims to study the dynamics of the discrete-time chaotic maps in the digital (i.e., finite-precision) domain. Differing from the traditional approaches treating a digital chaotic map as a black box with different explanations according to the test results of the output, the dynamical properties of such chaotic maps are first explored with a fixed-point arithmetic, using the Logistic map and the Tent map as two representative examples, from a new perspective with the corresponding state-mapping networks (SMNs). In an SMN, every possible value in the digital domain is considered as a node and the mapping relationship between any pair of nodes is a directed edge. The scale-free properties of the Logistic map's SMN are proved. The analytic results are further extended to the scenario of floating-point arithmetic and for other chaotic maps. Understanding the network structure of a chaotic map's SMN in digital computers can facilitate counteracting the undesirable degeneration of chaotic dynamics in finite-precision domains, also helping to classify and improve the randomness of pseudo-random number sequences generated by iterating the chaotic maps.

We introduce a novel distributed derivative-free optimization framework that is resilient to stragglers. The proposed method employs coded search directions at which the objective function is evaluated, and a decoding step to find the next iterate. Our framework can be seen as an extension of evolution strategies and structured exploration methods where structured search directions were utilized. As an application, we consider black-box adversarial attacks on deep convolutional neural networks. Our numerical experiments demonstrate a significant improvement in the computation times.

Robust machine learning is currently one of the most prominent topics which could potentially help shaping a future of advanced AI platforms that not only perform well in average cases but also in worst cases or adverse situations. Despite the long-term vision, however, existing studies on black-box adversarial attacks are still restricted to very specific settings of threat models (e.g., single distortion metric and restrictive assumption on target model's feedback to queries) and/or suffer from prohibitively high query complexity. To push for further advances in this field, we introduce a general framework based on an operator splitting method, the alternating direction method of multipliers (ADMM) to devise efficient, robust black-box attacks that work with various distortion metrics and feedback settings without incurring high query complexity. Due to the black-box nature of the threat model, the proposed ADMM solution framework is integrated with zeroth-order (ZO) optimization and Bayesian optimization (BO), and thus is applicable to the gradient-free regime. This results in two new black-box adversarial attack generation methods, ZO-ADMM and BO-ADMM. Our empirical evaluations on image classification datasets show that our proposed approaches have much lower function query complexities compared to state-of-the-art attack methods, but achieve very competitive attack success rates.

Since Bitcoin, the first cryptocurrency that applied blockchain technology was developed by Satoshi Nakamoto, the cryptocurrency market has grown rapidly. Along with this growth, many vulnerabilities and attacks are threatening the Bitcoin ecosystem, which is not only at the bitcoin network-level but also at the service level that applied it, according to the survey. We intend to analyze and detect DDoS attacks on the premise that bitcoin's network-level data and service-level DDoS attacks with bitcoin are associated. We evaluate the results of the experiment according to the proposed metrics, resulting in an association between network-level data and service-level DDoS attacks of bitcoin. In conclusion, we suggest the possibility that the proposed method could be applied to other blockchain systems.

This paper explains how the commonly occurring DOS and Brute Force attacks on computer networks can be efficiently detected and network performance improved, which reduces costs and time. Therefore, network administrators attempt to instantly diagnose any network issues. The experimental work used the SNMP-MIB parameter datasets, which are collected via a specialised MIB dataset consisting of seven types of attack as noted in section three. To resolves such issues, this researched carried out several important contributions which are related to fault management concerns in computer network systems. A central task in the detection of the attacks relies on MIB feature behaviours using the suggested SFCM method. It was concluded that the DOS and Brute Force fault detection results for three different clustering methods demonstrated that the proposed SFCM detected every data point in the related group. Consequently, the FPC approached 1.0, its highest record, and an improved performance solution better than the EM methods and K-means are based on SNMP-MIB variables.

This study proposed a biometric-based digital signature scheme proposed for facial recognition. The scheme is designed and built to verify the person’s identity during a registration process and retrieve their public and private keys stored in the database. The RSA algorithm has been used as asymmetric encryption method to encrypt hashes generated for digital documents. It uses the hash function (SHA-256) to generate digital signatures. In this study, local binary patterns histograms (LBPH) were used for facial recognition. The facial recognition method was evaluated on ORL faces retrieved from the database of Cambridge University. From the analysis, the LBPH algorithm achieved 97.5% accuracy; the real-time testing was done on thirty subjects and it achieved 94% recognition accuracy. A crypto-tool software was used to perform the randomness test on the proposed RSA and SHA256.

Today, data is all around us, every device that has computation power is generating the data and we can assume that in today's world there is about 2 quintillion bytes of data is been generating every day. as data increase in the database of the world servers so as the risk of data leak where we are talking about unlimited confidential data that is available online but as humans are developing their data online so as its security, today we've got hundreds of way to secure out data but not all are very successful or compatible there the big question arises that how to secure our data to hide our all the confidential information online, in other words one's all life work can be found online which is on risk of leak. all that says is today we have cloud above all of our data centers that stores all the information so that one can access anything from anywhere. in this paper we are introducing a new multimodal biometric system that is possible for the future smartphones to be supported where one can upload, download or modify the files using cloud without worrying about the unauthorized access of any third person as this security authentication uses combination of multiple security system available today that are not easy to breach such as DNA encryption which mostly is based on AES cipher here in this paper there we have designed triple layer of security.

Identifying cyberattack vectors on cyber supply chains (CSC) in the event of cyberattacks are very important in mitigating cybercrimes effectively on Cyber Physical Systems CPS. However, in the cyber security domain, the invincibility nature of cybercrimes makes it difficult and challenging to predict the threat probability and impact of cyber attacks. Although cybercrime phenomenon, risks, and treats contain a lot of unpredictability's, uncertainties and fuzziness, cyberattack detection should be practical, methodical and reasonable to be implemented. We explore Bayesian Belief Networks (BBN) as knowledge representation in artificial intelligence to be able to be formally applied probabilistic inference in the cyber security domain. The aim of this paper is to use Bayesian Belief Networks to detect cyberattacks on CSC in the CPS domain. We model cyberattacks using DAG method to determine the attack propagation. Further, we use a smart grid case study to demonstrate the applicability of attack and the cascading effects. The results show that BBN could be adapted to determine uncertainties in the event of cyberattacks in the CSC domain.

In this paper we propose a responsive autonomic and data-driven adaptive virtual networking framework (RAvN) that integrates the adaptive reconfigurable features of a popular SDN platform called open networking operating system (ONOS), the network performance statistics provided by traffic monitoring tools such as T-shark or sflow-RT and analytics and decision making skills provided from new and current machine learning techniques to detect and mitigate anomalous behavior. For this paper we focus on the development of novel detection schemes using a developed Centroid-based clustering technique and the Intragroup variance of data features within network traffic (C. Intra), with a multivariate gaussian distribution model fitted to the constant changes in the IP addresses of the network to accurately assist in the detection of low rate and high rate denial of service (DoS) attacks. We briefly discuss our ideas on the development of the decision-making and execution component using the concept of generating adaptive policy updates (i.e. anomalous mitigation solutions) on-the-fly to the ONOS SDN controller for updating network configurations and flows. In addition we provide the analysis on anomaly detection schemes used for detecting low rate and high rate DoS attacks versus a commonly used unsupervised machine learning technique Kmeans. The proposed schemes outperformed Kmeans significantly. The multivariate clustering method and the intragroup variance recorded 80.54% and 96.13% accuracy respectively while Kmeans recorded 72.38% accuracy.

Decentralized attestation methods for blockchains are currently being discussed and standardized for use cases such as certification, identity and existence proofs. In a blockchain-based attestation, a claim made about the existence of information can be cryptographically verified publicly and transparently. In this paper we explore the attestation of models through globally unique identifiers as a first step towards decentralized applications based on models. As a proof-of-concept we describe a prototypical implementation of a software connector for the ADOxx metamodeling platform. The connector allows for (a.) the creation of claims bound to the identity of an Ethereum account and (b.) their verification on the blockchain by anyone at a later point in time. For evaluating the practical applicability, we demonstrate the application on the Ethereum network and measure and evaluate limiting factors related to transaction cost and confirmation times.

Emerging hardware architectures for Deep Neural Networks (DNNs) are being commercialized and considered as the hardware- level Intellectual Property (IP) of the device providers. However, these intelligent devices might be abused and such vulnerability has not been identified. The unregulated usage of intelligent platforms and the lack of hardware-bounded IP protection impair the commercial advantage of the device provider and prohibit reliable technology transfer. Our goal is to design a systematic methodology that provides hardware-level IP protection and usage control for DNN applications on various platforms. To address the IP concern, we present DeepAttest, the first on-device DNN attestation method that certifies the legitimacy of the DNN program mapped to the device. DeepAttest works by designing a device-specific fingerprint which is encoded in the weights of the DNN deployed on the target platform. The embedded fingerprint (FP) is later extracted with the support of the Trusted Execution Environment (TEE). The existence of the pre-defined FP is used as the attestation criterion to determine whether the queried DNN is authenticated. Our attestation framework ensures that only authorized DNN programs yield the matching FP and are allowed for inference on the target device. DeepAttest provisions the device provider with a practical solution to limit the application usage of her manufactured hardware and prevents unauthorized or tampered DNNs from execution. We take an Algorithm/Software/Hardware co-design approach to optimize DeepAttest's overhead in terms of latency and energy consumption. To facilitate the deployment, we provide a high-level API of DeepAttest that can be seamlessly integrated into existing deep learning frameworks and TEEs for hardware-level IP protection and usage control. Extensive experiments corroborate the fidelity, reliability, security, and efficiency of DeepAttest on various DNN benchmarks and TEE-supported platforms.

The use of the Internet of Things (IoT) devices has surged in recent years. However, due to the lack of substantial security, IoT devices are vulnerable to cyber-attacks like Denial-of-Service (DoS) attacks. Most of the current security solutions are either computationally expensive or unscalable as they require known attack signatures or full packet inspection. In this paper, we introduce a novel Graph-based Outlier Detection in Internet of Things (GODIT) approach that (i) represents smart home IoT traffic as a real-time graph stream, (ii) efficiently processes graph data, and (iii) detects DoS attack in real-time. The experimental results on real-world data collected from IoT-equipped smart home show that GODIT is more effective than the traditional machine learning approaches, and is able to outperform current graph-stream anomaly detection approaches.

Advanced Persistent Threat (APT) attack has the characteristics of complex attack means, long duration and great harmfulness. Based on the idea of dynamic deception, the paper proposed an APT defense system framework, and analyzed the deception defense process. The paper proposed a hybrid encryption communication mechanism based on socket, a dynamic IP address generation method based on SM4, a dynamic timing selection method based on Viterbi algorithm and a dynamic policy allocation mechanism based on DHCPv6. Tests show that the defense system can dynamically change and effectively defense APT attacks.

Generative Adversarial Networks (GANs) are one of the well-known models to generate synthetic data including images, especially for research communities that cannot use original sensitive datasets because they are not publicly accessible. One of the main challenges in this area is to preserve the privacy of individuals who participate in the training of the GAN models. To address this challenge, we introduce a Differentially Private Conditional GAN (DP-CGAN) training framework based on a new clipping and perturbation strategy, which improves the performance of the model while preserving privacy of the training dataset. DP-CGAN generates both synthetic data and corresponding labels and leverages the recently introduced Renyi differential privacy accountant to track the spent privacy budget. The experimental results show that DP-CGAN can generate visually and empirically promising results on the MNIST dataset with a single-digit epsilon parameter in differential privacy.