Biblio

Recent technological advances in developing intelligent telecommunication networks, ultra-compact bendable wireless transceiver chips, adaptive wearable sensors and actuators, and secure computing infrastructures along with the progress made in psychology and neuroscience for understanding neu-rocognitive and computational principles of human behavior combined have paved the way for a new field of research: Tactile Internet with Human-in-the-Loop (TaHiL). This emerging field of transdisciplinary research aims to promote next generation digitalized human-machine interactions in perceived real time. To achieve this goal, mechanisms and principles of human goal-directed multisensory perception and action need to be integrated into technological designs for breakthrough innovations in mobile telecommunication, electronics and materials engineering, as well as computing. This overview highlights key challenges and the frontiers of research in the new field of TaHiL. Revolutionizing the current Internet as a digital infrastructure for sharing visual and auditory information globally, the TaHiL research will enable humans to share tactile and haptic information and thus veridically immerse themselves into virtual, remote, or inaccessible real environments to exchange skills and expertise with other humans or machines for applications in medicine, industry, and the Internet of Skills.

IoT honeypots that mimic the behavior of IoT devices for threat analysis are becoming increasingly important. Existing honeypot systems use devices with a specific version of firmware installed to monitor cyber attacks. However, honeypots frequently receive requests targeting devices and firmware that are different from themselves. When honeypots return an error response to such a request, the attack is terminated, and the monitoring fails.To solve this problem, we introduce FirmPot, a framework that automatically generates intelligent-interaction honeypots using firmware. This framework has a firmware emulator optimized for honeypot generation and learns the behavior of embedded applications by using machine learning. The generated honeypots continue to interact with attackers by a mechanism that returns the best from the emulated responses to the attack request instead of an error response.We experimented on embedded web applications of wireless routers based on the open-source OpenWrt. As a result, our framework generated honeypots that mimicked the embedded web applications of eight vendors and ten different CPU architectures. Furthermore, our approach to the interaction improved the session length with attackers compared to existing ones.

In this work, a new human-computer assistive technology gadget designed for people with impairments is evaluated. The developed human-in-the-loop interface device has an embedded assistance controller and can replace the traditional mouse, gamepad and keyboard, enabling human-computer hands-free full access. This work is concerned with the assistive device performance characterization aspects. Based on the experiments carried out, the human-computer performance improvement with the embedded controller is analysed in detail. Results show that adding the human-in-the-loop assistance controller improves human-computer hands-free skills, which is an innovative contribution for the replacement of computer interfaces that depend on the human hands.

With the rapid development of the wireless network and smart mobile equipment, many lawbreakers employ mobile devices to destroy and steal important information and property from other persons. In order to fighting the criminal act efficiently, the public security organ need to collect the evidences from the crime tools and submit to the court. In the meantime, with development of internal storage technology, the law enforcement officials collect lots of information from the smart mobile equipment, for the sake of handling the huge amounts of data, we propose a framework that combine distributed clustering methods to analyze data sets, this model will split massive data into smaller pieces and use clustering method to analyze each smaller one on disparate machines to solve the problem of large amount of data, thus forensics investigation work will be more effectively.

Discovering vulnerabilities is an information-intensive task that requires a developer to locate the defects in the code that have security implications. The task is difficult due to the growing code complexity and some developer's lack of security expertise. Although tools have been created to ease the difficulty, no single one is sufficient. In practice, developers often use a combination of tools to uncover vulnerabilities. Yet, the basis on which different tools are composed is under explored. In this paper, we examine the composition base by taking advantage of the tool design patterns informed by foraging theory. We follow a design science methodology and carry out a three-step empirical study: mapping 34 foraging-theoretic patterns in a specific vulnerability discovery tool, formulating hypotheses about the value and cost of foraging when considering two composition scenarios, and performing a human-subject study to test the hypotheses. Our work offers insights into guiding developers' tool usage in detecting software vulnerabilities.

Return address authentication mechanisms protect return addresses by calculating and checking their message authentication codes (MACs) at runtime. However, these works only provide empirical analysis on their security, and it is still unclear whether the attacker can bypass these defenses by launching reuse attacks.In this paper, we present a solution to quantitatively analysis the security of return address authentication mechanisms against reuse attacks. Our solution utilizes some libc functions that could leakage data from memory. First, we perform reaching definition analysis to identify the source of parameters of these functions. Then we infer how many MACs could be observed at runtime by modifying these parameters. Afterward, we select the gadgets that could be exploited by reusing these observed MACs. Finally, we stitch desired gadget to craft attacks. We evaluated our solution on 5 real-word applications and successfully crafted reuse attacks on 3 of them. We find that the larger an application is, the more libc functions and gadgets can be found and reused, and furthermore, the more likely the attack is successfully crafted.

Always-On Denial of Service (DoS) Trojans with power drain payload can be disastrous in systems where on-chip power resources are limited. These Trojans are designed so that they have no impact on system behavior and hence, harder to detect. A formal verification method is presented to detect sequential always-on DoS Trojans in pipelined circuits and pipelined microprocessors. Since the method is proof-based, it provides a 100% accurate classification of sequential Trojan components. Another benefit of the approach is that it does not require a reference model, which is one of the requirements of many Trojan detection techniques (often a bottleneck to practical application). The efficiency and scalability of the proposed method have been evaluated on 36 benchmark circuits. The most complex of these benchmarks has as many as 135,898 gates. Detection times are very efficient with a 100% rate of detection, i.e., all Trojan sequential elements were detected and all non-trojan sequential elements were classified as such.

Nowadays, video surveillance systems are part of our daily life, because of their role in ensuring the security of goods and people this generates a huge amount of video data. Thus, several research works based on the ontology paradigm have tried to develop an efficient system to index and search precisely a very large volume of videos. Due to their semantic expressiveness, ontologies are undoubtedly very much in demand in recent years in the field of video surveillance to overcome the problem of the semantic gap between the interpretation of the data extracted from the low level and the high-level semantics of the video. Despite its good expressiveness of semantics, a classical ontology may not be sufficient for good handling of uncertainty, which is however commonly present in the video surveillance domain, hence the need to consider a new ontological approach that will better represent uncertainty. Fuzzy logic is recognized as a powerful tool for dealing with vague, incomplete, imperfect, or uncertain data or information. In this work, we develop a new ontological approach based on fuzzy logic. All the relevant fuzzy concepts such as Video\_Objects, Video\_Events, Video\_Sequences, that could appear in a video surveillance domain are well represented with their fuzzy Ontology DataProperty and the fuzzy relations between them (Ontology ObjectProperty). To achieve this goal, the new fuzzy video surveillance ontology is implemented using the fuzzy ontology web language 2 (fuzzy owl2) which is an extension of the standard semantic web language, ontology web language 2 (owl2).

Vulnerability detection identifies defects in various commercial software. Because most vulnerability detection methods are based on the source code, they are not useful if the source code is unavailable. In this paper, we propose a binary vulnerability detection method and use our tool named BVD that extracts binary features with the help of an intermediate language and then detects the vulnerabilities using an embedding model. Sufficiently robust features allow the binaries compiled in cross-architecture to be compared. Consequently, a similarity evaluation provides more accurate results.

Vision systems, i.e., systems that enable the detection and tracking of objects in images, have gained substantial importance over the past decades. They are used in quality assurance applications, e.g., for finding surface defects in products during manufacturing, surveillance, but also automated driving, requiring reliable behavior. Interestingly, there is only little work on quality assurance and especially testing of vision systems in general. In this paper, we contribute to the area of testing vision software, and present a framework for the automated generation of tests for systems based on vision and image recognition with the focus on easy usage, uniform usability and expandability. The framework makes use of existing libraries for modifying the original images and to obtain similarities between the original and modified images. We show how such a framework can be used for testing a particular industrial application on identifying defects on riblet surfaces and present preliminary results from the image classification domain.

With increased awareness comes unprecedented expectations. We live in a digital, cloud era wherein the underlying information architectures are expected to be elastic, secure, resilient, and handle petabyte scaling. The expectation of epic proportions from the next generation of the data frameworks is to not only do all of the above but also build it on a foundation of trust and explainability across multi-organization business networks. From cloud providers to automobile industries or even vaccine manufacturers, components are often sourced by a complex, not full digitized thread of disjoint suppliers. Building Machine Learning and AI-based order fulfillment and predictive models, remediating issues, is a challenge for multi-organization supply chain automation. We posit that Federated Learning in conjunction with blockchain and smart contracts are technologies primed to tackle data privacy and centralization challenges. In this paper, motivated by challenges in the industry, we propose a decentralized distributed system in conjunction with a recommendation system model (Matrix Factorization) that is trained using Federated Learning on an Ethereum blockchain network. We leverage smart contracts that allow decentralized serverless aggregation to update local-ized items vectors. Furthermore, we utilize Homomorphic Encryption (HE) to allow sharing the encrypted gradients over the network while maintaining their privacy. Based on our results, we argue that training a model over a serverless Blockchain network using smart contracts will provide the same accuracy as in a centralized model while maintaining our serverless model privacy and reducing the overhead communication to a central server. Finally, we assert such a system that provides transparency, audit-ready and deep insights into supply chain operations for enterprise cloud customers resulting in cost savings and higher Quality of Service (QoS).

Image edge is considered to be the most important attribute to provide valuable image perception information. At present, video image data is developing towards high resolution and high frame number. The image data processing capacity is huge, so the processing speed is very strict to meet the real-time performance of image data transmission. In this context, we present a method to accelerate the real-time video image edge detection. FPGA is used as the development platform. The real-time edge detection algorithm of image data with 1280x720 resolution and 30 frame/s, combined with median filter, Sobel edge detection algorithm and corrosion expansion algorithm, makes the running time of image processing module shorter. The color image of the video image collected by camera is processed. The HDMI interface shows that the scheme has achieved ideal results in the FPGA hardware platform simulation model, greatly improves the efficiency of the algorithm, and provides a guarantee for the speed and stability of the real-time image processing system.

With the evolution of the communication technology, fast and efficient tools for secure exchanged data are highly required. Through this research work, we introduce a simplified and fast chaos-based scheme for multimedia data encryption and in particular for color image encryption application. The new algorithm is based on an extracted four-dimension (4-D) discrete time map. The proposed 4-D chaos system includes seven (07) nonlinear terms and four (04) controllers to generate a robust chaos that can satisfy the encryption requirements. The performance of this image encryption algorithm are analyzed with the help of four important factors which are key space, correlation, complexity and running time. Results of the security analysis compared to some of similar proposals, show that our encryption scheme is more effective in terms of key stream cipher space, correlation, complexity and running time.

Recently, federated learning (FL), as an advanced and practical solution, has been applied to deal with privacy-preserving issues in distributed multi-party federated modeling. However, most existing FL methods focus on the same privacy-preserving budget while ignoring various privacy requirements of participants. In this paper, we for the first time propose an algorithm (PLU-FedOA) to optimize the deep neural network of horizontal FL with personalized local differential privacy. For such considerations, we design two approaches: PLU, which allows clients to upload local updates under differential privacy-preserving of personally selected privacy level, and FedOA, which helps the server aggregates local parameters with optimized weight in mixed privacy-preserving scenarios. Moreover, we theoretically analyze the effect on privacy and optimization of our approaches. Finally, we verify PLU-FedOA on real-world datasets.

Federated learning (FL) allows to train a massive amount of data privately due to its decentralized structure. Stochastic gradient descent (SGD) is commonly used for FL due to its good empirical performance, but sensitive user information can still be inferred from weight updates shared during FL iterations. We consider Gaussian mechanisms to preserve local differential privacy (LDP) of user data in the FL model with SGD. The trade-offs between user privacy, global utility, and transmission rate are proved by defining appropriate metrics for FL with LDP. Compared to existing results, the query sensitivity used in LDP is defined as a variable, and a tighter privacy accounting method is applied. The proposed utility bound allows heterogeneous parameters over all users. Our bounds characterize how much utility decreases and transmission rate increases if a stronger privacy regime is targeted. Furthermore, given a target privacy level, our results guarantee a significantly larger utility and a smaller transmission rate as compared to existing privacy accounting methods.

With the rapid development of 5G, the Internet of Things (IoT) and edge computing technologies dramatically improve smart industries' efficiency, such as healthcare, smart agriculture, and smart city. IoT is a data-driven system in which many smart devices generate and collect a massive amount of user privacy data, which may be used to improve users' efficiency. However, these data tend to leak personal privacy when people send it to the Internet. Differential privacy (DP) provides a method for measuring privacy protection and a more flexible privacy protection algorithm. In this paper, we study an estimation problem and propose a new frequency estimation algorithm named MFEA that redesigns the publish process. The algorithm maps a finite data set to an integer range through a hash function, then initializes the data vector according to the mapped value and adds noise through the randomized response. The frequency of all interference data is estimated with maximum likelihood. Compared with the current traditional frequency estimation, our approach achieves better algorithm complexity and error control while satisfying differential privacy protection (LDP).

Information security has become a crucial issue not only from the technical standpoint, but also from the managerial standpoint. The necessity for organizations to understand and manage cyber risk has led to the rise of a plethora of risk assessment methods and tools. These approaches are often difficult to interpret and complex to manage for organizations. In this paper, we propose a simple and quantitative method for the estimation of the likelihood of occurrence of a cyber incident. Our approach uses a generalized logistic function and a cumulative geometric distribution to combine the maturity and the complexity of the technical infrastructure of an organization with its attractiveness towards cyber criminals.

One of the essential features of confidential computing is the ability to attest to an application remotely. Remote attestation ensures that the right code is running in the correct environment. We need to ensure that all components that an adversary might use to impact the integrity, confidentiality, and consistency of an application are attested. Which components need to be attested is defined with the help of a policy. Verification of the policy is performed with the help of an attestation engine. Since remote attestation bootstraps the trust in remote applications, any vulnerability in the attestation mechanism can therefore impact the security of an application. Moreover, mistakes in the attestation policy can result in data, code, and secrets being vulnerable. Our work focuses on 1) how we can verify the attestation mechanisms and 2) how to verify the policy to ensure that data, code, and secrets are always protected.

Intel has recently offered third-party attestation services, called Data Center Attestation Primitives (DCAP), for a data center to create its own attestation infrastructure. These services address the availability concerns and improve the performance as compared to the remote attestation based on Enhanced Privacy ID (EPID). Practical developments, such as Hyperledger Avalon, have already planned to support DCAP in their roadmap. However, the lack of formal proof for DCAP leads to security concerns. To fill this gap, we propose an automated, rigorous, and sound formal approach to specify and verify the remote at-testation based on Intel SGX DCAP under the assumption that there are no side-channel attacks and no vulnerabilities inside the enclave. In the proposed approach, the data center configuration and operational policies are specified to generate the symbolic model, and security goals are specified as security properties to produce verification results. The evaluation of non-Quoting Verification Enclave-based DCAP indicates that the confidentiality of secrets and integrity of data is preserved against a Dolev-Yao adversary in this technology. We also present a few of the many inconsistencies found in the existing literature on Intel SGX DCAP during formal specification.

The efficiency of secure deletion is highly dependent on the data layout of underlying storage devices. In particular, owing to the sequential-write constraint of the emerging Shingled Magnetic Recording (SMR) technology, an improper data layout could lead to serious write amplification and hinder the performance of secure deletion. The performance degradation of secure deletion on SMR drives is further aggravated with the need to securely erase the file system metadata of deleted files due to the small-size nature of file system metadata. Such an observation motivates us to propose a secure-deletion and SMR-aware space allocation (SSSA) strategy to facilitate the process of securely erasing both the deleted files and their metadata simultaneously. The proposed strategy is integrated within the widely-used extended file system 4 (ext4) and is evaluated through a series of experiments to demonstrate the effectiveness of the proposed strategy. The evaluation results show that the proposed strategy can reduce the secure deletion latency by 91.3% on average when compared with naive SMR-based ext4 file system.

The dark web searching mechanism is unlike surface web searching. On one popular dark web, Tor dark web, the search is often directed by directory like services such as Hidden Wiki. The numerous dark web data collection mechanisms are discussed and implemented via crawling. The dark web crawler assumes seed link, i.e. hidden service from where the crawling begins. One such popular Tor directory service is Hidden Wiki. Most of the hidden services listed on the Hidden Wiki 2020 page became unreachable with the recent upgrade in the Tor version. The Hidden Wiki 2021 page has a limited listing of services compared to the Hidden Wiki 2020 page. This motivated authors of the present work to establish the role of Hidden wiki service in dark web research and proposed the hypothesis that the dark web could be reached better through customized harvested links than Hidden Wiki-like service. The work collects unique hidden services/ onion links using the opensource crawler TorBot and runs similarity analysis on collected pages to map to corresponding categories.

Cyber-Physical systems (CPSs) are exposed to cyber- physical attacks, i.e., security breaches in cyberspace that adversely affect the physical processes of the systems.We define two probabilistic metrics to estimate the physical impact of attacks targeting cyber-physical systems formalised in terms of a probabilistic hybrid extension of Hennessy and Regan's Timed Process Language. Our impact metrics estimate the impact of cyber-physical attacks taking into account: (i) the severity of the inflicted damage in a given amount of time, and (ii) the probability that these attacks are actually accomplished, according to the dynamics of the system under attack. In doing so, we pay special attention to stealthy attacks, i. e., attacks that cannot be detected by intrusion detection systems. As further contribution, we show that, under precise conditions, our metrics allow us to estimate the impact of attacks targeting a complex CPS in a compositional way, i.e., in terms of the impact on its sub-systems.

The main objective of the proposed work is to build a reliable and secure architecture for cloud servers where users may safely store and transfer their data. This platform ensures secure communication between the client and the server during data transfer. Furthermore, it provides a safe method for sharing and transferring files from one person to another. As a result, for ensuring safe data on cloud servers, this research work presents a secure architecture combining three DNA cryptography, HMAC, and a third party Auditor. In order to provide security by utilizing various strategies, a number of traditional and novel cryptographic methods are investigated. In the first step, data will be encrypted with the help of DNA cryptography, where the encoded document will be stored in the cloud server. In next step, create a HMAC value of encrypted file, which was stored on cloud by using secret key and sends to TPA. In addition, Third Party Auditor is used for authenticate the purity of stored documents in cloud at the time of verification TPA also create HMAC value from Cloud stored data and verify it. DNA-based cryptographic technique, hash based message authentic code and third party auditor will provide more secured framework for data security and integrity in cloud server.

In contrast to traditional grids, smart grids can help utilities save energy, thereby reducing operating costs. In the smart grid, the quality of monitoring and control can be fully improved by combining computing and intelligent communication knowledge. However, this will expose the system to FDI attacks, and the system is vulnerable to intrusion. Therefore, it is very important to detect such erroneous data injection attacks and provide an algorithm to protect the system from such attacks. In this paper, a FDI detection method based on LSTM has been proposed, which is validated by the simulation on the ieee-14 bus platform.

Networked control design is essential to enable normal operation and further accomplish performance improvement of the cyber-physical systems. In this work, a resilient control scheme is presented for the networked nonlinear system under the denial-of-service (DoS) attack and the system uncertainty. Through synthesizing a self regulation system, this scheme is capable of releasing the prescribed performance when attack is active and recovering that in finite-time after the attack is slept. Meanwhile, the neural network is employed to approximate the system uncertainty. Particularly, the update law possesses the non-certainty-equivalent (NCE) structure, and then the impact of the DoS attack is totally isolated. Finally, the numerical simulation is presented to illustrate the effectiveness and benefits of the estimation scheme and the control design.