Biblio

Scam websites or illegitimate internet portals are widely used to mislead users into fraud or malicious attacks, which may involve compromise of vital information. Scammers misuse the secrecy and anonymity of the internet of facade their true identity and purposes behind numerous disguises. These can include false security alerts, information betrayal, and other misleading presentations to give the impression of legality and lawfulness. The proposed research is a web-based application - Scam Website Analyser- which enables checking whether a website is a scammed one.. The main aim of the research is to improve security and prevent scams of public websites. It ensures maintaining the details of scam websites in a database and also requests the websites of other databases using external APIs. The basic idea behind the research is the concept of user -orienteers where the user is able to get information about scam websites and prevent themselves from using those sites in future.

With tons of efforts spent on its mitigation, Cross-site scripting (XSS) remains one of the most prevalent security threats on the internet. Decades of exploitation and remediation demonstrated that code inspection and testing alone does not eliminate XSS vulnerabilities in complex web applications with a high degree of confidence. This paper introduces Google's secure-by-design engineering paradigm that effectively prevents DOM-based XSS vulnerabilities in large-scale web development. Our approach, named API hardening, enforces a series of company-wide secure coding practices. We provide a set of secure APIs to replace native DOM APIs that are prone to XSS vulnerabilities. Through a combination of type contracts and appropriate validation and escaping, the secure APIs ensure that applications based thereon are free of XSS vulnerabilities. We deploy a simple yet capable compile-time checker to guarantee that developers exclusively use our hardened APIs to interact with the DOM. We make various of efforts to scale this approach to tens of thousands of engineers without significant productivity impact. By offering rigorous tooling and consultant support, we help developers adopt the secure coding practices as seamlessly as possible. We present empirical results showing how API hardening has helped reduce the occurrences of XSS vulnerabilities in Google's enormous code base over the course of two-year deployment.

Smart meters (SMs) can pose privacy threats for consumers, an issue that has received significant attention in recent years. This paper studies the impact of Side Information (SI) on the performance of possible attacks to real-time privacy-preserving algorithms for SMs. In particular, we consider a deep adversarial learning framework, in which the desired releaser, which is a Recurrent Neural Network (RNN), is trained by fighting against an adversary network until convergence. To define the objective for training, two different approaches are considered: the Causal Adversarial Learning (CAL) and the Directed Information (DI)-based learning. The main difference between these approaches relies on how the privacy term is measured during the training process. The releaser in the CAL method, disposing of supervision from the actual values of the private variables and feedback from the adversary performance, tries to minimize the adversary log-likelihood. On the other hand, the releaser in the DI approach completely relies on the feedback received from the adversary and is optimized to maximize its uncertainty. The performance of these two algorithms is evaluated empirically using real-world SMs data, considering an attacker with access to SI (e.g., the day of the week) that tries to infer the occupancy status from the released SMs data. The results show that, although they perform similarly when the attacker does not exploit the SI, in general, the CAL method is less sensitive to the inclusion of SI. However, in both cases, privacy levels are significantly affected, particularly when multiple sources of SI are included.

Researchers have demonstrated the effectiveness of self-explanations (SE) as an instructional practice and study strategy. However, there is a lack of work studying the characteristics of SE responses prompted by collaborative activities. In this paper, we use writing analytics to investigate differences between SE text responses resulting from individual versus collaborative learning activities. A Coh-Metrix analysis suggests that students in the collaborative SE activity demonstrated a higher level of comprehension. Future research should explore how writing analytics can be incorporated into CSCL systems to support student performance of SE activities.

Data tracing is an important topic in the era of digital economy when data are considered as one of the core factors in economic activities. However, the current data traceability systems often fail to obtain public trust due to their centralization and opaqueness. Blockchain possesses natural technical features such as data tampering resistance, anonymity, encryption security, etc., and shows great potential of improving the data tracing credibility. In this paper, we propose a blockchain-PROV-based multi-center data provenance solution in where the PROV model standardizes the data record storage and provenance on the blockchain automatically and intelligently. The solution improves the transparency and credibility of the provenance data, such as to help the efficient control and open sharing of data assets.

This paper presents an approach for the identification of vulnerable IoT applications using deep learning algorithms. The approach focuses on a category of vulnerabilities that leads to sensitive information leakage which can be identified using taint flow analysis. First, we analyze the source code of IoT apps in order to recover tokens along their frequencies and tainted flows. Second, we develop, Token2Vec, which transforms the source code tokens into vectors. We have also developed Flow2Vec, which transforms the identified tainted flows into vectors. Third, we use the recovered vectors to train a deep learning algorithm to build a model for the identification of tainted apps. We have evaluated the approach on two datasets and the experiments show that the proposed approach of combining tainted flows features with the base benchmark that uses token frequencies only, has improved the accuracy of the prediction models from 77.78% to 92.59% for Corpus1 and 61.11% to 87.03% for Corpus2.

This paper shows the benefits of synchrophasor technology for islanding detection and resynchronization in the control room at Empresa de Transmisión Eléctrica Dominicana (ETED) in the Dominican Republic. EPG's Real Time Dynamics Monitoring System (RTDMS®) deployed at ETED was tested during operator training with the event data after an islanding event occurred on October 26, 2019, which caused the ETED System to split into two islands. RTDMS's islanding detection algorithm quickly detected and identified the event. The islanding situation was not clear for operators during the time of the event with the use of traditional SCADA tools. The use of synchophasor technology also provides valuable information for a quick and safe resynchronization. By monitoring the system frequency in each island and voltage angle differences between islands, operators can know the exact time of circuit breaker closure for a successful resynchronization. Synchrophasors allow the resynchronization in a relatively short time, avoiding the risk of additional load loss, generator outages or even a wider system blackout.

With the rapid development of networks, cyberspace security is facing increasingly severe challenges. Traditional alert aggregation process and alert correlation analysis process are susceptible to a large amount of redundancy and false alerts. To tackle the challenge, this paper proposes a network security situational awareness model KG-NSSA (Knowledge-Graph-based NSSA) based on knowledge graphs. This model provides an asset-based network security knowledge graph construction scheme. Based on the network security knowledge graph, a solution is provided for the classic problem in the field of network security situational awareness - network attack scenario discovery. The asset-based network security knowledge graph combines the asset information of the monitored network and fully considers the monitoring of network traffic. The attack scenario discovery according to the KG-NSSA model is to complete attack discovery and attack association through attribute graph mining and similarity calculation, which can effectively reflect specific network attack behaviors and mining attack scenarios. The effectiveness of the proposed method is verified on the MIT DARPA2000 data set. Our work provides a new approach for network security situational awareness.

In recent years, we have faced a series of online threats. The continuous malicious attacks on the network have directly caused a huge threat to the user's spirit and property. In order to deal with the complex security situation in today's network environment, an intelligent network situational awareness model based on deep neural networks is proposed. Use the nonlinear characteristics of the deep neural network to solve the nonlinear fitting problem, establish a network security situation assessment system, take the situation indicators output by the situation assessment system as a guide, and collect on the main data features according to the characteristics of the network attack method, the main data features are collected and the data is preprocessed. This model designs and trains a 4-layer neural network model, and then use the trained deep neural network model to understand and analyze the network situation data, so as to build the network situation perception model based on deep neural network. The deep neural network situational awareness model designed in this paper is used as a network situational awareness simulation attack prediction experiment. At the same time, it is compared with the perception model using gray theory and Support Vector Machine(SVM). The experiments show that this model can make perception according to the changes of state characteristics of network situation data, establish understanding through learning, and finally achieve accurate prediction of network attacks. Through comparison experiments, datatypized neural network deep neural network situation perception model is proved to be effective, accurate and superior.

With the proliferation of Mobile Internet, handheld devices are facing continuous threats from apps that contain malicious intents. These malicious apps, or malware, have the capability of dynamically changing their intended code as they spread. Moreover, the diversity and volume of their variants severely undermine the effectiveness of traditional defenses, which typically use signature-based techniques, and make them unable to detect the previously unknown malware. However, the variants of malware families share typical behavioral patterns reflecting their origin and purpose. The behavioral patterns, obtained either statically or dynamically, can be exploited to detect and classify unknown malware into their known families using machine learning techniques. In this paper, we propose a new approach for detecting and analyzing a malware. Mainly focused on android apps, our approach adopts the two following steps: (1) performs a transformation of an APK file into a lightweight RGB image using a predefined dictionary and intelligent mapping, and (2) trains a convolutional neural network on the obtained images for the purpose of signature detection and malware family classification. The results obtained using the Androzoo dataset show that our system classifies both legacy and new malware apps with high accuracy, low false-negative rate (FNR), and low false-positive rate (FPR).

Domain Generation Algorithms (DGAs) are used by adversaries to establish Command and Control (C&C) server communications during cyber attacks. Blacklists of known/identified C&C domains are used as one of the defense mechanisms. However, static blacklists generated by signature-based approaches can neither keep up nor detect never-seen-before malicious domain names. To address this weakness, we applied a DGA-based malicious domain classifier using the Long Short-Term Memory (LSTM) method with a novel feature engineering technique. Our model's performance shows a greater accuracy compared to a previously reported model. Additionally, we propose a new adversarial machine learning-based method to generate never-before-seen malware-related domain families. We augment the training dataset with new samples to make the training of the models more effective in detecting never-before-seen malicious domain names. To protect blacklists of malicious domain names against adversarial access and modifications, we devise secure data containers to store and transfer blacklists.

Routing protocol for low power and lossy networks (RPL) is a fundamental routing protocol of 6LoWPAN, a centre correspondence standard for the Internet of Things. RPL outplay other wireless sensor and ad hoc routing protocols in the aspect of service (QoS), device management, and energy-saving performance. The Rank definition in RPL addresses several issues, such as path optimization, loop avoidance, and power overhead management. RPL rank and version number attacks are two types of the most common forms of RPL attacks, may have crucial ramification for RPL networks. The research directed upon these attacks includes considerable vulnerabilities and efficiency issues. The rank attack on sensor networks is perhaps the utmost common, posing a challenge to network connectivity by falling data or disrupting routing routes. This work presents a rank attack detection system focusing on RPL. Considering many of such issues a method has been proposed using spatial correlation function (SCF) and Dijkstra's algorithm considering parameters like energy and throughput.

Most organizations use web applications for sharing resources and communication via the internet and information security is one of the biggest concerns in most organizations. Web applications are becoming vulnerable to threats and malicious attacks every day, which lead to violation of confidentiality, integrity, and availability of information assets.We have proposed and implemented a new automated tool for the identification and mitigation of Cross-Site Request Forgery (CSRF) vulnerability. A secret token pattern based has been used in the automated tool, which applies effective security mechanism on PHP based web applications, without damaging the content and its functionalities, where the authenticated users can perform web activities securely.

As Internet of Things (IoT) devices are increasingly used in industry and become further integrated into our daily lives the security of such devices is of paramount concern. Ensuring that the large amount of information that these devices collect is protected and only accessible to authenticated users is a critical requirement of the industry. One potentially inexpensive way to improve device security utilises a Physically Unclonable Function (PUF) to generate a unique random response per device. This random response can be generated in such a way that it can be regenerated reliably and repeatably allowing the response to be considered a signature for each device. This signature could then be used for authentication or key generation purposes, improving trust in IoT devices. The advantage of a PUF based system is that the response does not need to be stored in nonvolatile memory as it is regenerated on demand, hardening the system against physical attacks. With SoC FPGAs being inexpensive and widely available there is potential for their use in both industrial and consumer applications as an additional layer of hardware security. In this paper we investigate and implement a Trusted Execution Environment (TEE) based around a PUF solely implemented in the FPGA fabric on a Xilinx Zynq-7000 SoC FPGA. The PUF response is used to seed a generic entropy maximisation function or Pseudorandom Number Generator (PRNG) with a system controller capable of encrypting data to be useful only to the device. This system interacts with a software platform running in the ARM TrustZone on the ARM Cortex core in the SoC, which handles requests between user programs and the FPGA. The proposed PUF-based security module can generate unique random keys able to pass all NIST tests and protects against physical attacks on buses and nonvolatile memories. These improvements are achieved at a cost of fewer than half the resources on the Zynq-7000 SoC FPGA.

Trusted Platform Modules (TPMs) are specialized chips that store RSA keys specific to the host system for hardware authentication. The RSA keys refer to an encryption technology developed by RSA Data Security. The RSA algorithm accounts for the fact that there is no efficient way to factor extremely large numbers. Each TPM chip contains an RSA Key pair known as the Endorsement Key that cannot be accessed by software. The TPM contains an additional key, called the Attestation Identity Key that protects the device itself against unauthorized firmware and software modification by implementing hash functions on critical sections of the software and firmware before execution. As a result, the TPM can be used as a chip for handling encryption for a larger system to offer an additional layer of security. Furthermore, the TPM can also be used for managing encryption keys, as a Storage Root Key is created when a user or administrator takes ownership of the system. However, merging the TPM into a system does come with additional costs along with potential benefits. This paper focuses on integrating a TPM into a system implemented on an ARM processor that engages with power electronics, and then presents the security benefits associated with a TPM.

Process variation is the critical issue in hardware Trojan detection. In the state-of-art works, ring oscillators are employed to address this problem. But ring oscillators are very sensitive to IR-drop effect, which exists ICs. In this paper, based on circuit theory, a IR-drop calibration method is proposed. The nominal power supply voltage and the others power supply voltage with a very small difference of the nominal power supply voltage are applied to the test chip. It is assumed that they have the same IR-drop $Δ$V. Combined with these measured data, the value of Vth + $Δ$V, can be obtained by mathematic analysis. The typical Vth from circuit simulation is used to compute $Δ$V. We studied the proposed method in a tested chip.

Verifiability is one of the parameters in e-voting that can increase confidence in voting technology with several parties ensuring that voters do not change their votes. Voting has become an important part of the democratization system, both to make choices regarding policies, to elect representatives to sit in the representative assembly, and to elect leaders. the more voters and the wider the distribution, the more complex the social life, and the need to manage the voting process efficiently and determine the results more quickly, electronic-based voting (e-Voting) is becoming a more promising option. The level of confidence in voting depends on the capabilities of the system. E-voting must have parameters that can be used as guidelines, which include the following: Accuracy, Invulnerability, Privacy and Verifiability. The implementation of the simple verifiability metric to measure the degree of verifiability in the e-voting protocol, the researchers can calculate the degree of verifiability in the e-voting protocol and the researchers have been able to assess the proposed e-voting protocol with the standard of the best degree of verifiability is 1, where the value of 1 is is absolutely verified protocol.

In a Smart City, new technologies such as big data analytics, data fusion and artificial intelligence will increase awareness by measuring many phenomena and storing a huge amount of data. 5G will allow communication of these data among different infrastructures instantaneously. In a Smart City, security aspects are going to be a major concern. Some drawbacks, such as vulnerabilities of a highly integrated system and information overload, must be considered. To overcome these downsides, an innovative predictive model for Smart City security risk assessment has been developed. Risk metrics and indicators are defined by considering data coming from a wide range of sensors. An innovative ``what if'' algorithm is introduced to identify critical infrastructures functional relationship. Therefore, it is possible to evaluate the effects of an incident that involves one infrastructure over the others.

Recently literature indicates that stack based three-dimensional (3D) integration techniques may bring in new security vulnerabilities, such as new attack surfaces for hardware Trojan (HT) insertion. Compared to its two-dimensional counterpart (2DHTs), a 3D hardware Trojan (3DHT) could be stealthily distributed in multiple tiers in a single 3D chip. Although the comprehensive models for 3DHTs are available in recent work, there still lacks 3DHT detection and mitigation methods, especially run-time countermeasures against 3DHTs. This work proposes to leverage the 3D communication infrastructure, 3D network-on-chips (NoCs), to tackle the cross-tier hardware Trojans in stacked multi-tier chips. An invariance checking method is further proposed to detect the Trojans that induce malicious NoC packets or facilitate information leak. The proposed method is successfully deployed in NoC routers and achieves a Trojan detection rate of over 94%. The synthesis result of a hardened router at a 45nm technology node shows that the proposed invariance checking only increases the area by 6.49% and consumes 3.76% more dynamic power than an existing 3D router. The NoC protected with the proposed method is applied to the image authentication in a 3D system. The case study indicates that the proposed security measure reduces the correlation coefficient by up to 31% over the baseline.

Internet of Things (IoT) combines the internet and physical objects to transfer information among the objects. In the emerging IoT networks, providing security is the major issue. IoT device is exposed to various security issues due to its low computational efficiency. In recent years, the Intrusion Detection System valuable tool deployed to secure the information in the network. This article exposes the Intrusion Detection System (IDS) based on deep learning and machine learning to overcome the security attacks in IoT networks. Long Short-Term Memory (LSTM) and K-Nearest Neighbor (KNN) are used in the attack detection model and performances of those algorithms are compared with each other based on detection time, kappa statistic, geometric mean, and sensitivity. The effectiveness of the developed IDS is evaluated by using Bot-IoT datasets.

In the current generation, road accidents and security problems increase dramatically worldwide in our day to day life. In order to overcome this, Vehicular Ad-hoc Network (VANETs) is considered as a key element of future Intelligent Transportation Systems (ITS). With the advancement in vehicular communications, the attacks have also increased, and such architecture is still exposed to many weaknesses which led to numerous security threats that must be addressed before VANET technology is practically and safely adopted. Distributed Denial of Service (DDoS) attack, replay attacks and Sybil attacks are the significant security threats that affect the communication and privacy in VANET. An algorithm to detect and prevent various kinds of security attacks in VANET communication has been designed and proposed in this work. An analysis has also been done by applying four protocols on an existing scenario of real traffic simulator using OpenStreetMap and the best suitable protocol has been selected for further application. The evaluation has been done using SUMO, NS3 and Java simulation environment. Simulation results and extensive performance analysis shows that our proposed Algorithm performs well in detecting and preventing the attacks in VANET communication.

The Security is a vital aspect of cloud service as it comprises of data that belong to multiple users. Cloud service providers are responsible for maintaining data integrity, confidentiality and availability. They must ensure that their infrastructure and data are protected from intruders. In this research work Intrusion Detection System is designed to detect malicious server by using Cuckoo Search (CS) along with Artificial Intelligence. CS is used for feature optimization with the help of fitness function, the server's nature is categorized into two types: normal and attackers. On the basis of extracted features, ANN classify the attackers which affect the networks in cloud environment. The main aim is to distinguish attacker servers that are affected by DoS/DDoS, Black and Gray hole attacks from the genuine servers. Thus, instead of passing data to attacker server, the server passes the data to the genuine servers and hence, the system is protected. To validate the performance of the system, QoS parameters such as PDR (Packet delivery rate), energy consumption rate and total delay before and after prevention algorithm are measured. When compared with existing work, the PDR and the delay have been enhanced by 3.0 %and 21.5 %.

Parallel with the developing world, transportation technologies have started to expand and change significantly year by year. This change brings with it some inevitable problems. Increasing human population and growing transportation-needs result many accidents in urban and rural areas, and this recursively results extra traffic problems and fuel consumption. It is obvious that the issues brought by this spiral loop needed to be solved with the use of some new technological achievements. In this context, self-driving cars or automated vehicles concepts are seen as a good solution. However, this also brings some additional problems with it. Currently many cars are provided with some digital security systems, which are examined in two phases, internal and external. These systems are constructed in the car by using some type of embedded system (such as the Controller Area Network (CAN)) which are needed to be protected form outsider cyberattacks. These attack can be detected by several ways such as rule based system, anomaly based systems, list based systems, etc. The current literature showed that researchers focused on the use of some artificial intelligence techniques for the detection of this type of attack. In this study, an intrusion detection system based on machine learning is proposed for the CAN security, which is the in-vehicle communication structure. As a result of the study, it has been observed that the decision tree-based ensemble learning models results the best performance in the tested models. Additionally, all models have a very good accuracy levels.

Quantum computing is an emerging field that depends upon the basic properties of quantum physics and principles of classical systems. This leads a way to develop systems to solve complex problems that a classical system cannot do. In this article, we present simple methods to implement logic circuits using quantum gates. Logic gates and circuits are defined with quantum gates using Qiskit in Python. Later, they are verified with quantum circuits created by using IBM Quantum. Moreover, we propose a way of instantiating the basic logic circuits to design high-end logic expressions. As per our knowledge, the proposed simple approach may be helpful to solve the complex logical problems in near future.

Lightweight cryptography concept has been a very hot topic for the last few years and considered as a new domain of encryption suitable for big data networks, small devices, phones, cards and embedded systems. These systems require low latency security and low power consuming [1]. An improved lightweight encryption algorithm ILEA is proposed in this paper. ILEA is based on PRINCE lightweight algorithm as his main core with two defacing balanced mixing layers added. ILEA presented in two programming languages: PYTHON, C++ with a comparative study with original PRINCE results and some of another lightweight algorithms.