Biblio

Digital image security is now a severe issue, especially when sending images to telecommunications networks. There are many ways where digital images can be encrypted and decrypted from secure communication. Digital images contain data that is important when captured or disseminated to preserve and preserve data. The technique of encryption is one way of providing data on digital images. A key cipher block chaining and Gingerbreadman Map are used in our search to encrypt images. This new system uses simplicity, high quality, enhanced by the vehicle's natural efficiency and the number of the chain. The proposed method is performed for experimental purposes and the experiments are performed in- depth, highly reliable analysis. The results confirm that by referring to several known attacks, the plan cannot be completed. Comparative studies with other algorithms show a slight rise in the security of passwords with the advantages of security of the chain. The results of this experiment are a comparison of button sensitivity and a comparison after encryption and decryption of the initial image using the amount of pixel change rate and unified average change intensity.

This paper presents the encryption of advanced pictures dependent on turmoil hypothesis. Two principal forms are incorporated into this method those are pixel rearranging and pixel substitution. Disorder hypothesis is a part of science concentrating on the conduct of dynamical frameworks that are profoundly touchy to beginning conditions. A little change influences the framework to carry on totally unique, little changes in the beginning position of a disorganized framework have a major effect inevitably. A key of 128-piece length is created utilizing mayhem hypothesis, and decoding should be possible by utilizing a similar key. The bit-XOR activity is executed between the unique picture and disorder succession x is known as pixel substitution. Pixel rearranging contains push savvy rearranging and section astute rearranging gives extra security to pictures. The proposed strategy for encryption gives greater security to pictures.

Automatic emotion recognition using computer vision is significant for many real-world applications like photojournalism, virtual reality, sign language recognition, and Human Robot Interaction (HRI) etc., Psychological research findings advocate that humans depend on the collective visual conduits of face and body to comprehend human emotional behaviour. Plethora of studies have been done to analyse human emotions using facial expressions, EEG signals and speech etc., Most of the work done was based on single modality. Our objective is to efficiently integrate emotions recognized from facial expressions and upper body pose of humans using images. Our work on bimodal emotion recognition provides the benefits of the accuracy of both the modalities.

The paper introduces a method of efficient partial firmware update with several advantages compared to common methods. The amount of data to transfer for an update is reduced, the energetic efficiency is increased and as the method is designed for over the air update, the radio spectrum occupancy is decreased. Herein described approach uses Lua scripting interface to introduce updatable fragments of invokable native code. This requires a dedicated memory layout, which is herein introduced. This method allows not only to distribute patches for deployed systems, but also on demand add-ons. At the end, the security aspects of proposed firmware update system is discussed and its limitations are presented.

The fifth generation of mobile technology (5G) is positioned to address the demands and business contexts of 2020 and beyond. Therefore, in 5G, there is a need to push the envelope of performance to provide, where needed, for example, much greater throughput, much lower latency, ultra-high reliability, much higher connectivity density, and higher mobility range. A crucial point in the effective provisioning of 5G Next Generation Mobile Networks (NGMN) lies in the efficient error control and in more details in the utilization of Forward Error Correction (FEC) codes on the application layer. FEC is a method for error control of data transmission adopted in several mobile multicast standards. FEC is a feedback free error recovery method where the sender introduces redundant data in advance with the source data enabling the recipient to recover from different arbitrary packet losses. Recently, the adoption of FEC error control method has been boosted by the introduction of powerful Application Layer FEC (AL-FEC) codes. Furthermore, several works have emerged aiming to address the efficient application of AL-FEC protection introducing deterministic or randomized online algorithms. In this work we propose a novel AL-FEC scheme based on online algorithms forced by the well stated AL-FEC policy online problem. We present an algorithm which exploits feedback capabilities of the mobile users regarding the outcome of a transmission, and adapts the introduced protection respectively. Moreover, we provide an extensive analysis of the proposed AL-FEC algorithm accompanied by a performance evaluation against common error protection schemes.

The paper considers, proposes and describes possibilities and ways for application, design and implementation of energy efficient microprocessor based embedded systems for LED lighting control in the traffic. Using LED lighting technology and appropriate designed embedded systems it is possible to implement very efficient and smart systems for very wide range of applications in the traffic. This type of systems can be widely used in many places in the traffic where there is needed quality lighting and low energy consumption. Application of such systems enables to increase energy consumption efficiency, quality of lighting and security of traffic and to decrease total costs for the lighting. Way of design and use of such digital embedded system to effectively increase functionality and efficiency of lighting in the traffic is proposed and described. It is also proposed and described one practically designed and implemented simple and universal embedded system for LED lighting control for many applications in the traffic.

This paper attempts to introduce the enhanced SHA-1 algorithm which features a simple quadratic function that will control the selection of primitive function and constant used per round of SHA-1. The message digest for this enhancement is designed for 512 hashed value that will answer the possible occurrence of hash collisions. Moreover, this features the architecture of 8 registers of A, B, C, D, E, F, G, and H which consists of 64 bits out of the total 512 bits. The testing of frequency for Q15 and Q0 will prove that the selection of primitive function and the constant used are not equally distributed. Implementation of extended bits for hash message will provide additional resources for dictionary attacks and the extension of its hash outputs will provide an extended time for providing a permutation of 512 hash bits.

Cloud computing can be described as a distributed design that is accessible to different forms of security intrusions. An encoding technique named homomorphic encoding is used for the encoding of entities which are utilized for the accession of data from cloud server. The main problems of homomorphic encoding scheme are key organization and key allocation. Because of these issues, effectiveness of homomorphic encryption approach decreases. The encoding procedure requires the generation of input, and for this, an approach named Particle swarm optimization is implemented in the presented research study. PSO algorithms are nature encouraged meta-heuristic algorithms. These algorithms are inhabitant reliant. In these algorithms, societal activities of birds and fishes are utilized as an encouragement for the development of a technical mechanism. Relying on the superiority of computations, the results are modified with the help of algorithms which are taken from arbitrarily allocated pattern of particles. With the movement of particles around the searching area, the spontaneity is performed by utilizing a pattern of arithmetical terminology. For the generation of permanent number key for encoding, optimized PSO approach is utilized. MATLAB program is used for the implementation of PSO relied homomorphic algorithm. The investigating outcomes depicts that this technique proves very beneficial on the requisites of resource exploitation and finishing time. PSO relied homomorphic algorithm is more applicable in terms of completion time and resource utilization in comparison with homomorphic algorithm.

Warnings happen a lot in real transmission networks. These warnings can affect people's lives. It is significant to analyze the alarm association rules in the network. Many algorithms can help solve this problem but not considering the actual physical significance. Therefore, in this study, we mine the association rules in warning weblogs based on a sequential mining algorithm (GSP) with topology structure. We define a topology constraint from network physical connection data. Under the topology constraint, network nodes have topology relation if they are directly connected or have a common adjacency node. In addition, due to the large amount of data, we implement the hash-tree search method to improve the mining efficiency. The theoretical solution is feasible and the simulation results verify our method. In simulation, the topology constraint improves the accuracy for 86%-96% and decreases the run time greatly at the same time. The hash-tree based mining results show that hash tree efficiency improvements are in 3-30% while the number of patterns remains unchanged. In conclusion, using our method can mine association rules efficiently and accurately in warning weblogs.

Resilience and security of infrastructures depend not only on their constituent systems but also on interdependencies among them. This paper studies how these interdependencies in infrastructures affect the defense effort needed to counter external attacks, by formulating a simultaneous game between a service provider (i.e., defender) and an attacker. Effects of interdependencies in three basic topological structures, namely, bus, star and ring, are considered and compared in terms of the game-theoretic defense strategy. Results show that in a star topology, the attacker's and defender's pure strategies at Nash Equilibrium (NE) are sensitive to interdependency levels whereas in a bus structure, the interdependencies show little impact on both defender's and attacker's pure strategies. The sensitivity estimates of defense and attack strategies at NE with respect to target valuation and unit cost are also presented. The results provide insights into infrastructure design and resource allocation for reinforcement of constituent systems.

Mixed reality (MR) technologies are widely used in distributed collaborative learning scenarios and have made learning and training more flexible and intuitive. However, there are many challenges in the use of MR due to the difficulty in creating a physical presence, particularly when a physical task is being performed collaboratively. We therefore developed a novel MR system to overcomes these limitations and enhance the distributed collaboration user experience. The primary objective of this paper is to explore the potential of a MR-based hand gestures system to enhance the conceptual architecture of MR in terms of both visualization and interaction in distributed collaboration. We propose a synchronous prototype named MRCollab as an immersive collaborative approach that allows two or more users to communicate with a peer based on the integration of several technologies such as video, audio, and hand gestures.

Voice-based input is usually used as the primary input method for augmented reality (AR) headsets due to immersive AR experience and good recognition performance. However, recent researches have shown that an attacker can inject inaudible voice commands to the devices that lack voice verification. Even if we secure voice input with voice verification techniques, an attacker can easily steal the victim's voice using low-cast handy recorders and replay it to voice-based applications. To defend against voice-spoofing attacks, AR headsets should be able to determine whether the voice is from the person who is using the AR headsets. Existing voice-spoofing defense systems are designed for smartphone platforms. Due to the special locations of microphones and loudspeakers on AR headsets, existing solutions are hard to be implemented on AR headsets. To address this challenge, in this paper, we propose a voice-spoofing defense system for AR headsets by leveraging both the internal body propagation and the air propagation of human voices. Experimental results show that our system can successfully accept normal users with average accuracy of 97% and defend against two types of attacks with average accuracy of at least 98%.

Given a code used to send a message to two receivers through a degraded discrete memoryless broadcast channel (DM-BC), the sender wishes to alter the codewords to achieve the following goals: (i) the original broadcast communication continues to take place, possibly at the expense of a tolerable increase of the decoding error probability; and (ii) an additional covert message can be transmitted to the stronger receiver such that the weaker receiver cannot detect the existence of this message. The main results are: (a) feasibility of covert communications is proven by using a random coding argument for general DM-BCs; and (b) necessary conditions for establishing covert communications are described and an impossibility (converse) result is presented for a particular class of DM-BCs. Together, these results characterize the asymptotic fundamental limits of covert communications for this particular class of DM-BCs within an arbitrarily small gap.

In recent years, Edge Computing (EC) has attracted increasing attention for its advantages in handling latencysensitive and compute-intensive applications. It is becoming a widespread solution to solve the last mile problem of cloud computing. However, in actual EC deployments, data confidentiality becomes an unignorable issue because edge devices may be untrusted. In this paper, a secure and efficient edge computing scheme based on linear coding is proposed. Generally, linear coding can be utilized to achieve data confidentiality by encoding random blocks with original data blocks before they are distributed to unreliable edge nodes. However, the addition of a large amount of irrelevant random blocks also brings great communication overhead and high decoding complexities. In this paper, we focus on the design of secure coded edge computing using orthogonal vector to protect the information theoretic security of the data matrix stored on edge nodes and the input matrix uploaded by the user device, while to further reduce the communication overhead and decoding complexities. In recent years, Edge Computing (EC) has attracted increasing attention for its advantages in handling latencysensitive and compute-intensive applications. It is becoming a widespread solution to solve the last mile problem of cloud computing. However, in actual EC deployments, data confidentiality becomes an unignorable issue because edge devices may be untrusted. In this paper, a secure and efficient edge computing scheme based on linear coding is proposed. Generally, linear coding can be utilized to achieve data confidentiality by encoding random blocks with original data blocks before they are distributed to unreliable edge nodes. However, the addition of a large amount of irrelevant random blocks also brings great communication overhead and high decoding complexities. In this paper, we focus on the design of secure coded edge computing using orthogonal vector to protect the information theoretic security of the data matrix stored on edge nodes and the input matrix uploaded by the user device, while to further reduce the communication overhead and decoding complexities.

Passwords are still the most widespread means for authenticating users, even though they have been shown to create huge security problems. This motivated the use of additional authentication mechanisms used in so-called multi-factor authentication protocols. In this paper we define a detailed threat model for this kind of protocols: while in classical protocol analysis attackers control the communication network, we take into account that many communications are performed over TLS channels, that computers may be infected by different kinds of malwares, that attackers could perform phishing, and that humans may omit some actions. We formalize this model in the applied pi calculus and perform an extensive analysis and comparison of several widely used protocols - variants of Google 2-step and FIDO's U2F. The analysis is completely automated, generating systematically all combinations of threat scenarios for each of the protocols and using the P ROVERIF tool for automated protocol analysis. Our analysis highlights weaknesses and strengths of the different protocols, and allows us to suggest several small modifications of the existing protocols which are easy to implement, yet improve their security in several threat scenarios.

Nowadays, some workplaces have adopted the policy of BYOD (bring your own device) that permits employees to bring personally owned devices, and to use those devices to access company information and applications. Especially, small devices like smartphones are widely used due to the greater mobility and connectivity. A majority of organizations provide the wireless local area network which is necessary for small devices and business data transmission. The resources access through Wi-Fi network of the organization needs intense restriction. WPA2 Enterprise with 802.1X standard is typically introduced to handle user authentication on the network using the EAP framework. However, credentials management for all users is a hassle for administrators. Strong authentication provides higher security whereas the difficulty of deployment is still open issues. This research proposes the utility of Near Field Communication to securely transmit certificate data that rely on the hybrid cryptosystem. The approach supports enterprise Wi-Fi hotspot authentication based on WPA2-802.1X model with the EAP-TLS method. It also applies multi-factor authentication for enhancing the security of networks and users. The security analysis and experiment on establishing connection time were conducted to evaluate the presented approach.

Mobile Ad hoc Network (MANET) routing is basic and route selection ought to be made faster before the node leaves the system. MANET routing Methods are intended to work in a friendly and satisfying condition which makes them helpless against different attacks. MANET is one of the most encouraging fields for innovative work of remote system. MANET has now turned out to be one of the most lively and dynamic field of communication among systems. A MANET is a self-sufficient gathering of mobile nodes that speak with one another over remote connections and coordinate in an appropriated way so as to give the fundamental system convenience without a fixed framework. MANET has transfer speed limitations yet it permits self-ruling communication of versatile clients over it. Because of regular node mobility, and along these lines change in route topology, the architecture of the system goes unpredicted after some time. In such a decentralized situation, secured route identification is a key task for communication among nodes. Trust calculation among nodes is done for involving trusted nodes in route discovery process. In this manuscript, a novel secure routing method is proposed which identifies route among trusted nodes and update the routing table info frequently because of dynamic topology of the network. The outcomes demonstrate that the proposed method takes better routing technique when compared with existing methods.

Low power and lossy network (LLN) comprising of constrained devices like sensors and RFIDs, is a major component in the Internet of Things (IoT) environment as these devices provide global connectivity to physical devices or “Things”. LLNs are tied to the Internet or any High Performance Computing environment via an adaptation layer called 6LoWPAN (IPv6 over Low power Personal Area Network). The routing protocol used by 6LoWPAN is RPL (IPv6 Routing Protocol over LLN). Like many other routing protocols, RPL is susceptible to blackhole attacks which cause topological isolation for a subset of nodes in the LLN. A malicious node instigating the blackhole attack drops received packets from nodes in its subtree which it is supposed to forward. Thus, the malicious node successfully isolates nodes in its subtree from the rest of the network. In this paper, we propose an algorithm based on the concept of exponential smoothing to detect the topological isolation of nodes due to blackhole attack. Exponential smoothing is a technique for smoothing time series data using the exponential window function and is used for short, medium and long term forecasting. In our proposed algorithm, exponential smoothing is used to estimate the next arrival time of packets at the sink node from every other node in the LLN. Using this estimation, the algorithm is designed to identify the malicious nodes instigating blackhole attack in real time.

Cloud computing has become an important and popular infrastructure for data storage and sharing. Typically, data owners outsource their massive data to a public cloud that will provide search services to authorized data users. With privacy concerns, the valuable outsourced data cannot be exposed directly, and should be encrypted before outsourcing to the public cloud. In this paper, we focus on k-Nearest Neighbor (k-NN) search over encrypted data. We propose efficient and secure k-NN search schemes based on matrix similarity to achieve efficient and secure query services in public cloud. In our basic scheme, we construct the traces of two diagonal multiplication matrices to denote the Euclidean distance of two data points, and perform secure k-NN search by comparing traces of corresponding similar matrices. In our enhanced scheme, we strengthen the security property by decomposing matrices based on our basic scheme. Security analysis shows that our schemes protect the data privacy and query privacy under attacking with different levels of background knowledge. Experimental evaluations show that both schemes are efficient in terms of computation complexity as well as computational cost.

Lack of effective accountability mechanisms brings a series of security problems for Internet today. In Next Generation Internet based on IPv6, the system of identity authentication and IP verification is the key to accounting ability. Source Address Validation Improvement (SAVI) can protect IP source addresses from being faked. But without identity authentication mechanism and certain relationship between IP and accountable identity, the accountability is still unreliable. To solve this problem, most research focus on embedding accountable identity into IP address which need either changing DHCP client or twice DHCP request process due to the separate process of user authentication and address assignment. Different from previous research, this paper first analyzes the problems and requirements of combining Web Portal or 802.1X, two main identity authentication mechanism (AAA), with the accountable address assignment in SAVI frame-work. Then a novel Cooperative mechanism for Accountable IP address assignment (CAIP) is proposed based on 802.1X and SAVI, which takes into account the validation of IP address, the authenticity and accountability of identity at the same time. Finally, we build up prototype system for both Fat AP and Thin AP wireless scenarios and simulate the performance of CAIP through large-scale campus networks' data logs. The experiment result shows that the IP addresses and identities in CAIP are protective and accountable. Compared with other previous research, CAIP is not only transparent to the terminals and networks, but also low impact on network equipment, which makes CAIP easy deployment with high compatibility and low cost.

Automatic extractive text summarization is the process of condensing textual information while preserving the important concepts. The proposed method after performing pre-processing on input Persian news articles generates a feature vector of salient sentences from a combination of statistical, semantic and heuristic methods and that are scored and concatenated accordingly. The scoring of the salient features is based on the article's title, proper nouns, pronouns, sentence length, keywords, topic words, sentence position, English words, and quotations. Experimental results on measurements including recall, F-measure, ROUGE-N are presented and compared to other Persian summarizers and shown to provide higher performance.

Thanks to the rapid increase in technology and electronic communications, e-mail has become a serious communication tool. In many applications such as business correspondence, reminders, academic notices, web page memberships, e-mail is used as primary way of communication. If we ignore spam e-mails, there remain hundreds of e-mails received every day. In order to determine the importance of received e-mails, the subject or content of each e-mail must be checked. In this study we proposed an unsupervised system to classify received e-mails. Received e-mails' coordinates are determined by a method of natural language processing called as Word2Vec algorithm. According to the similarities, processed data are grouped by k-means algorithm with an unsupervised training model. In this study, 10517 e-mails were used in training. The success of the system is tested on a test group of 200 e-mails. In the test phase M3 model (window size 3, min. Word frequency 10, Gram skip) consolidated the highest success (91%). Obtained results are evaluated in section VI.

Multi-Processor Systems-on-Chips (MPSoCs) are a platform for a wide variety of applications and use-cases. The high on-chip connectivity, the programming flexibility, and the reuse of IPs, however, also introduce security concerns. Problems arise when applications with different trust and protection levels share resources of the MPSoC, such as processing units, cache memories and the Network-on-Chip (NoC) communication structure. If a program gets compromised, an adversary can observe the use of these resources and infer (potentially secret) information from other applications. In this work, we explore the cache-based attack by Bogdanov et al., which infers the cache activity of a target program through timing measurements and exploits collisions that occur when the same cache location is accessed for different program inputs. We implement this differential cache-collision attack on the MPSoC Glass and introduce an optimized variant of it, the Earthquake Attack, which leverages the NoC-based communication to increase attack efficiency. Our results show that Earthquake performs well under different cache line and MPSoC configurations, illustrating that cache-collision attacks are considerable threats on MPSoCs.

Continuous development of Network-on-Chip (NoC) enables different types of applications to run efficiently in a Multiprocessor System-on-Chip (MP-SoC). Guaranteed service (GS) can be provided by circuit switching NoC and Best effort service (BES) can be provided by packet switching NoC. A hybrid NoC containing both packet and circuit switching, can provide both types of services to these different applications. But these different applications can be of different security levels and one application can interfere another application's timing characteristics during network transmission. Using this interference, a malicious application can extract secret information from higher security level flows (timing side channel) or two applications can communicate covertly violating the system's security policy (covert timing channel). We propose different mechanisms to protect hybrid routers from timing channel attacks. For design space exploration, we propose three timing channel secure hybrid routers viz. Separate Hybrid (SH), Combined with Separate interface Hybrid (CSH), and Combined Hybrid (CH) routers. Simulation results show that all three routers are secure from timing channel when compared to a conventional hybrid router. Synthesis results show that the area increments compared to a conventional hybrid router are only 7.63, 11.8, and 19.69 percent for SH, CSH, and CH routers respectively. Thus simulation and synthesis results prove the effectiveness of our proposed mechanisms with acceptable area overheads.

With wide application of networked control systems(N CSs), NCSs security have encountered severe challenges. In this paper, we propose a robust event-triggered controller design method under replay attacks, and the control signal on the plant is updated only when the event-triggering condition is satisfied. We develop a general random replay attack model rather than predetermined specific patterns for the occurrences of replay attacks, which allows to obtain random states to replay. We show that the proposed event-triggered control (ETC) scheme, if well designed, can tolerate some consecutive replay attacks, without affecting the corresponding closed-loop system stability and performance. A numerical examples is finally given to illustrate the effectiveness of our method.