Biblio

In this paper, an improved cooperative jamming (CJ) strategy is developed for physical layer (PHY) security in a multi-hop wireless communication system which employs beamforming in the last hop. Users are assigned to independent groups based on the merger-and-split rule in a coalition game. The secrecy capacity for a valid coalition is a non-convex optimization problem which cannot easily be solved. Therefore, restrictions are added to transform this into a convex problem, and this is solved to obtain a suboptimal closed-form solution for the secrecy capacity. Simulation results are presented which show that the proposed strategy outperforms other methods such as non-cooperation, relay cooperation, and previous CJ approaches in terms of the secrecy capacity. Further, it is shown that the proposed multi-hop solution is suitable for long distance communication systems.

This paper describes and verifies a method of implementing bit error rate (BER) calculation for FPGA-based physical layer security techniques for Software Defined Radio (SDR). Specifically, we describe an independent source signal processing architecture for an efficient calculation of BER for wireless communication modules across the transmitter and receiver nodes. The source components at the transmitter and the receiver both generate identical random bits independently from each other, allowing for the received data to be compared to the original bit stream to calculate BER completely on hardware. The described method is implemented on a Xilinx Virtex-6 ML605 FPGA and reduces processing time by more than four orders of magnitude less than hardware simulation techniques in regression testing and validation over billions of bits, shortening design turn around times and accelerating Physical layer based security development for wireless communication research. The described independent source approach utilizes a minimal amount of board resources, allowing it to be integrated seamlessly into SDR hardware designs. Experimental validation of the independent source based BER calculation is performed for an Orthogonal Frequency Division Multiplexing signal, and a comparison between different stages of hardware design for the execution time required for BER testing of a large number of bits is provided.

Honeynet is deployed to trap attackers and learn their behavior patterns and motivations. Conventional honeynet is implemented by dedicated hardware and software. It suffers from inflexibility, high CAPEX and OPEX. There have been several virtualized honeynet architectures to solve those problems. But they lack a standard operating environment and common architecture for dynamic scheduling and adaptive resource allocation. Software Defined Security (SDS) framework has a centralized control mechanism and intelligent decision making ability for different security functions. In this paper, we present a new intelligent honeynet architecture based on SDS framework. It implements security functions over Network Function Virtualization Infrastructure (NFVI). Under uniform and intelligent control, security functional modules can be dynamically deployed and collaborated to complete different tasks. It migrates resources according to the workloads of each honeypot and power off unused modules. Simulation results show that intelligent honeynet has a better performance in conserving resources and reducing energy consumption. The new architecture can fit the needs of future honeynet development and deployment.

This paper discusses possible approaches to address the loss of user privacy when browsing the web and being tracked by websites which compute a browser fingerprint identifying the user computer. The key problem is that the current fingerprinting countermeasures are insufficient to prevent fingerprinting tracking and also frequently produce side-effects on the web browser. The advantages and disadvantages of possible countermeasures are discussed in the context of improving resistance against browser fingerprinting. Finally, using a new browser extension is proposed as the best way to inhibit fingerprinting as it could probably inhibit some of the fingerprinting techniques used and also diminish the side-effects on the user browser experience, compared with existing techniques.

This article presents introduction to HTTP Security Headers - new security topic in communication over Internet. It is emphasized that HTTPS protocol and SSL/TLS certificates alone do not offer sufficient level of security for communication among people and devices. In the world of web applications and Internet of Things (IoT), it is vital to bring communication security at higher level, what could be realised via few simple steps. HTTP Response Headers used for different purposes in the past are now the effective way how to propagate security policies from servers to clients (from web servers to web browsers). First improvement is enforcing HTTPS protocol for communication everywhere it is possible and promote this protocol as first and only option for secure connection over the Internet. It is emphasized that HTTP protocol for communication is not suitable anymore.

New generations of industrial control systems offer higher performance, they are distributed, and it is very likely that they are internet connected in one way or another. These trends raise new challenges in the contexts of reliability and security. We propose a novel approach that tackles the complexity of industrial control systems at design time and run time. At design time our target is to ease the configuration and verification of controller configurations through model-driven engineering techniques together with the contract-based design paradigm. At run time the information from design time is reused in order to support a modular and distributed self-adaptive software system that aims to increase reliability and security. The industrial setting of the presented approach are control devices for hydropower plant units.

A problem in managing the ever growing computer networks nowadays is the analysis of events detected by intrusion detection systems and the classification whether an event was correctly detected or not. When a false positive is detected by the user, changes to the configuration must be made and evaluated before they can be adopted to productive use. This paper describes an approach for a visual analysis framework that integrates the monitoring and analysis of events and the resulting changes on the configuration of detection systems after finding false alarms, together with a preliminary simulation and evaluation of the changes.

Internet of things (IOT) is a kind of advanced information technology which has drawn societies' attention. Sensors and stimulators are usually recognized as smart devices of our environment. Simultaneously IOT security brings up new issues. Internet connection and possibility of interaction with smart devices cause those devices to involve more in human life. Therefore, safety is a fundamental requirement in designing IOT. IOT has three remarkable features: overall perception, reliable transmission and intelligent processing. Because of IOT span, security of conveying data is an essential factor for system security. Hybrid encryption technique is a new model that can be used in IOT. This type of encryption generates strong security and low computation. In this paper, we have proposed a hybrid encryption algorithm which has been conducted in order to reduce safety risks and enhancing encryption's speed and less computational complexity. The purpose of this hybrid algorithm is information integrity, confidentiality, non-repudiation in data exchange for IOT. Eventually suggested encryption algorithm has been simulated by MATLAB software and its speed and safety efficiency were evaluated in comparison with conventional encryption algorithm.

The Sensor Web is evolving into a complex information space, where large volumes of sensor observation data are often consumed by complex applications. Provenance has become an important issue in the Sensor Web, since it allows applications to answer “what”, “when”, “where”, “who”, “why”, and “how” queries related to observations and consumption processes, which helps determine the usability and reliability of data products. This paper investigates characteristics and requirements of provenance in the Sensor Web and proposes an interoperable approach to building a provenance model for the Sensor Web. Our provenance model extends the W3C PROV Data Model with Sensor Web domain vocabularies. It is developed using Semantic Web technologies and thus allows provenance information of sensor observations to be exposed in the Web of Data using the Linked Data approach. A use case illustrates the applicability of the approach.

Internet of things (IoT) is internetworking of various physical devices to provide a range of services and applications. IoT is a rapidly growing field, on an account of this; the security measurements for IoT should be at first concern. In the modern day world, the most emerging cyber-attack threat for IoT is ransomware attack. Ransomware is a kind of malware with the aim of rendering a victim's computer unusable or inaccessible, and then asking the user to pay a ransom to revert the destruction. In this paper we are evaluating ransomware attacks statistics for the past 2 years and the present year to estimate growth rate of the most emerging ransomware families from the last 3 years to evaluate most threatening ransomware attacks for IoT. Growth rate results shows that the number of attacks for Cryptowall and locky ransomware are notably increasing therefore, these ransomware families are potential threat to IoT. Moreover, we present a Cryptowall ransomware attack detection model based on the communication and behavioral study of Cryptowall for IoT environment. The proposed model observes incoming TCP/IP traffic through web proxy server then extracts TCP/IP header and uses command and control (C&C) server black listing to detect ransomware attacks.

This publication presents some techniques for insider threats and cryptographic protocols in secure processes. Those processes are dedicated to the information management of strategic data splitting. Strategic data splitting is dedicated to enterprise management processes as well as methods of securely storing and managing this type of data. Because usually strategic data are not enough secure and resistant for unauthorized leakage, we propose a new protocol that allows to protect data in different management structures. The presented data splitting techniques will concern cryptographic information splitting algorithms, as well as data sharing algorithms making use of cognitive data analysis techniques. The insider threats techniques will concern data reconstruction methods and cognitive data analysis techniques. Systems for the semantic analysis and secure information management will be used to conceal strategic information about the condition of the enterprise. Using the new approach, which is based on cognitive systems allow to guarantee the secure features and make the management processes more efficient.

While most organizations continue to invest in traditional network defences, a formidable security challenge has been brewing within their own boundaries. Malicious insiders with privileged access in the guise of a trusted source have carried out many attacks causing far reaching damage to financial stability, national security and brand reputation for both public and private sector organizations. Growing exposure and impact of the whistleblower community and concerns about job security with changing organizational dynamics has further aggravated this situation. The unpredictability of malicious attackers, as well as the complexity of malicious actions, necessitates the careful analysis of network, system and user parameters correlated with insider threat problem. Thus it creates a high dimensional, heterogeneous data analysis problem in isolating suspicious users. This research work proposes an insider threat detection framework, which utilizes the attributed graph clustering techniques and outlier ranking mechanism for enterprise users. Empirical results also confirm the effectiveness of the method by achieving the best area under curve value of 0.7648 for the receiver operating characteristic curve.

Insider threat is a significant security risk for information system, and detection of insider threat is a major concern for information system organizers. Recently existing work mainly focused on the single pattern analysis of user single-domain behavior, which were not suitable for user behavior pattern analysis in multi-domain scenarios. However, the fusion of multi-domain irrelevant features may hide the existence of anomalies. Previous feature learning methods have relatively a large proportion of information loss in feature extraction. Therefore, this paper proposes a hybrid model based on the deep belief network (DBN) to detect insider threat. First, an unsupervised DBN is used to extract hidden features from the multi-domain feature extracted by the audit logs. Secondly, a One-Class SVM (OCSVM) is trained from the features learned by the DBN. The experimental results on the CERT dataset demonstrate that the DBN can be used to identify the insider threat events and it provides a new idea to feature processing for the insider threat detection.

The representation of structural data is important to capture the pattern between features. Interrelations between variables provide information beyond the standard variables. In this study, we show how ontology information may be used in a recommender systems to increase the efficiency of predictions. We propose two alternative similarity measures that incorporates the structural data representation. Experiments show that our ontology-based approach delivers improved classification accuracy when the dimension increases.

Inclusion dependencies form one of the most fundamental classes of integrity constraints. Their importance in classical data management is reinforced by modern applications such as data profiling, data cleaning, entity resolution and schema matching. Their discovery in an unknown dataset is at the core of any data analysis effort. Therefore, several research approaches have focused on their efficient discovery in a given, static dataset. However, none of these approaches are appropriate for applications on dynamic datasets, such as transactional datasets, scientific applications, and social network. In these cases, discovery techniques should be able to efficiently update the inclusion dependencies after an update in the dataset, without reprocessing the entire dataset. We present the first approach for incrementally updating the unary inclusion dependencies. In particular, our approach is based on the concept of attribute clustering from which the unary inclusion dependencies are efficiently derivable. We incrementally update the clusters after each update of the dataset. Updating the clusters does not need to access the dataset because of special data structures designed to efficiently support the updating process. We perform an exhaustive analysis of our approach by applying it to large datasets with several hundred attributes and more than 116,200,000 million tuples. The results show that the incremental discovery significantly reduces the runtime needed by the static discovery. This reduction in the runtime is up to 99.9996 % for both the insert and the delete.

We present work undertaken at our institutional repository to enhance metadata and re-organize digital objects according to new information architecture, in an effort to minimize administrative object management and processing, and improve object discovery and use. This work was partly motivated by the launch of a new discovery platform at our institution, which aggregates metadata and full text from our four open access repositories into a cohesive, consistent, and enhanced searching and browsing experience. The platform provides digital object identifier (DOI) assignment, metadata access via various formats, and an open metadata and full text application program interface (API) for researchers, amongst other features. Functionality of these platform features relies heavily on accurate object representation and metadata. This work facilitates and improves the discovery and engagement of the diverse digital objects available from our institution, so they can be used and analyzed in new, flexible, and innovative ways by a myriad of communities and disciplines.

All over the world, objects are increasingly connected in networks such as the Industrial Internet of Things. Interconnections, intercommunications and interactions are driving the development of an entirely new whole in the form of the Industrial Internet of Things. Communication and interaction are the norm both for separate components, such as cyber-physical systems, and for the functioning of the system as a whole. This new whole can be likened to a natural ecosystem where the process of homeostasis ensures the stability and security of the whole. Components of such an industrial ecosystem, or even an industrial ecosystem as a whole, are increasingly targeted by cyber attacks. Such attacks not only threaten the functioning of one or multiple components, they also constitute a threat to the functioning of the new whole. General systems theory can offer a scientific framework for the development of measures to improve the security and stability of both separate components and the new whole.

{This paper describes application of permanent magnet on permanent magnet generator (PMG) for renewable energy power plants. Permanent magnet used are bonded hybrid magnet that was a mixture of barium ferrite magnetic powders 50 wt % and NdFeB magnetic powders 50 wt % with 15 wt % of adhesive polymer as a binder. Preparation of bonded hybrid magnets by hot press method at a pressure of 2 tons and temperature of 200°C for 15 minutes. The magnetic properties obtained were remanence induction (Br) =1.54 kG, coercivity (Hc) = 1.290 kOe, product energy maximum (BHmax) = 0.28 MGOe, surface remanence induction (Br) = 1200 gauss

As the Smart Grid becomes highly interconnected, the power protection, control, and monitoring functions of the grid are increasingly relying on the communications infrastructure, which has seen rapid growth. At the same time concerns regarding cyber threats have attracted significant attention towards the security of power systems. A properly designed security attack against the power grid can cause catastrophic damages to equipment and create large scale power outages. The smart grid consists of critical IEDs, which are considered high priority targets for malicious security attacks. For this reason it is very important to design the IEDs from the beginning with cyber security in mind, starting with the selection of hardware and operating systems, so that all facets of security are addressed and the product is robust and can stand attacks. Fact is that the subject of cyber security is vast and it covers many aspects. This paper focuses mainly on one of these aspects, namely the aspect of IED firmware system testing from the security point of view. The paper discusses practical aspects of IED security testing, and introduces the reader to types of vulnerability exploitations on the IED communication stack and SCADA applications, practical aspects of security testing, the importance of early vulnerability detection and ways in which the security testing helps towards regulatory standards compliance, such as NERC-CIP. Finally, based on the results from the simulated attacks, the paper discusses the importance of good security practices in design and coding, so that the potential to introduce vulnerabilities is kept to a minimum. Designing with security in mind also includes good security practices, both in design and coding, and adequate policies for the software development process. Critical software development milestones must be established, such as design and test documentation review, code review, unit, integration and system testing.

The Software Assurance Metrics and Tool Evaluation (SAMATE) project at the National Institute of Standards and Technology (NIST) has created the Software Assurance Reference Dataset (SARD) to provide researchers and software security assurance tool developers with a set of known security flaws. As part of an empirical evaluation of a runtime monitoring framework, two test suites were executed and monitored, revealing deficiencies which led to a collaboration with the NIST SAMATE team to provide replacements. Test Suites 45 and 46 are analyzed, discussed, and updated to improve accuracy, consistency, preciseness, and automation. Empirical results show metrics such as recall, precision, and F-Measure are all impacted by invalid base assumptions regarding the test suites.

This paper proposes a method of distinguishing stock market states, classifying them based on price variations of securities, and using an evolutionary algorithm for improving the quality of classification. The data represents buy/sell order queues obtained from rebuild order book, given as price-volume pairs. In order to put more emphasis on certain features before the classifier is used, we use a weighting scheme, further optimized by an evolutionary algorithm.

The image contains a lot of visual as well as hidden information. Both, information must be secured at the time of transmission. With this motivation, a scheme is proposed based on encryption in tetrolet domain. For encryption, an iterative based Arnold transform is used in proposed methodology. The images are highly textured, which contains the authenticity of the image. For that, decryption process is performed in this way so that maximum, the edges and textures should be recovered, effectively. The suggested method has been tested on standard images and results obtained after applying suggested method are significant. A comparison is also performed with some standard existing methods to measure the effectiveness of the suggested method.

The Internet of Things (IoT) presents itself as a promising set of key technologies to provide advanced smart applications. IoT has become a major trend lately and smart solutions can be found in a large variety of products. Since it provides a flexible and easy way to gather data from huge numbers of devices and exploit them ot provide new applications, it has become a central research area lately. However, due to the fact that IoT aims to interconnect millions of constrained devices that are monitoring the everyday life of people, acting upon physical objects around them, the security and privacy challenges are huge. Nevertheless, only lately the research focus has been on security and privacy solutions. Many solutions and IoT frameworks have only a minimum set of security, which is a basic access control. The EU FP7 project RERUM has a main focus on designing an IoT architecture based on the concepts of Security and Privacy by design. A central part of RERUM is the implementation of a middleware layer that provides extra functionalities for improved security and privacy. This work, presents the main elements of the RERUM middleware, which is based on the widely accepted OpenIoT middleware.

When created, the Java platform was among the first runtimes designed with security in mind. Yet, numerous Java versions were shown to contain far-reaching vulnerabilities, permitting denial-of-service attacks or even worse allowing intruders to bypass the runtime's sandbox mechanisms, opening the host system up to many kinds of further attacks. This paper presents a systematic in-depth study of 87 publicly available Java exploits found in the wild. By collecting, minimizing and categorizing those exploits, we identify their commonalities and root causes, with the goal of determining the weak spots in the Java security architecture and possible countermeasures. Our findings reveal that the exploits heavily rely on a set of nine weaknesses, including unauthorized use of restricted classes and confused deputies in combination with caller-sensitive methods. We further show that all attack vectors implemented by the exploits belong to one of three categories: single-step attacks, restricted-class attacks, and information hiding attacks. The analysis allows us to propose ideas for improving the security architecture to spawn further research in this area.

This paper contributes a systematic research approach as well as findings of an empirical study conducted to investigate the effect of virtual agents on task performance and player experience in digital games. As virtual agents are supposed to evoke social effects similar to real humans under certain conditions, the basic social phenomenon social facilitation is examined in a testbed game that was specifically developed to enable systematical variation of single impact factors of social facilitation. Independent variables were the presence of a virtual agent (present vs. not present) and the output device (ordinary monitor vs. head-mounted display). Results indicate social inhibition effects, but only for players using a head-mounted display. Additional potential impact factors and future research directions are discussed.