Biblio

Named in-network computing is an emerging technology of Named Data Networking (NDN). Through deploying the named computing services/functions on NDN router, the router can utilize its free resources to provide nearby computation for users while relieving the pressure of cloud and network edge. Benefitted from the characteristic of named addressing, named computing services/functions can be easily discovered and migrated in the network. To implement named in-network computing, integrating the computing services as Virtual Machines (VMs) into the software router is a feasible way, but how to effectively deploy the service VMs to optimize the local processing capability is still a challenge. Focusing on this problem, we first give the design of NDN-enabled software router in this paper, then propose a service earning based named service deployment scheme (SE-NSD). For available service VMs, SE-NSD not only considers their popularities but further evaluates their service earnings (processed data amount per CPU cycle). Through modelling the deployment problem as the knapsack problem, SE-NSD determines the optimal service VMs deployment scheme. The simulation results show that, comparing with the popularity-based deployment scheme, SE-NSD can promote about 30% in-network computing capability while slightly reducing the service invoking RTT of user.

With the development of industrial informatization, information security in the power production industry is becoming more and more important. In the power production industry, as the critical information egress of the industrial control system, the information security of the Networked Control System is particularly important. This paper proposes a construction method for an information security platform of Networked Control System, which is used for research, testing and training of Networked Control System information security.

Information privacy and security has become a necessity in the rapid growth of computer technology. A new algorithm for image encryption is proposed in this paper; using hash functions, chaotic map and two levels of diffusion process. The initialization key for chaos map is generated with the help of two hash functions. The initial seed for these hash functions is the sum of rows, columns and pixels across the diagonal of the plain image. Firstly, the image is scrambled using quantization unit. In the first level of diffusion process, the pixel values of the scrambled image are XOR with the normalized chaotic map. Odd pixel value is XOR with an even bit of chaotic map and even pixel is XOR with an odd bit of chaotic map. To achieve strong encryption, the image undergoes a second level of diffusion process where it is XOR with the map a finite number of times. After every round, the pixel array is circular shifted three times to achieve a strong encrypted image. The experimental and comparative analysis done with state of the art techniques on the proposed image encryption algorithm shows that it is strong enough to resist statistical and differential attacks present in the communication channel.

With the rapid development of Ethernet, RS (544, 514) (KP4-forward error correction), which was widely used in high-speed Ethernet standards for its good performance-complexity trade-off, may not meet the demands of next-generation Ethernet for higher data transmission speed and better decoding performance. A concatenated code based on KP4-FEC has become a good solution because of its low complexity and excellent compatibility. For concatenated codes, aside from the selection of outer and inner codes, an efficient interleaving scheme is also very critical to deal with different channel conditions. Aiming at burst errors in wired communication, we propose a novel matrix interleaving scheme for concatenated codes which set the outer code as KP4-FEC and the inner code as Bose-Chaudhuri-Hocquenghem (BCH) code. In the proposed scheme, burst errors are evenly distributed to each BCH code as much as possible to improve their overall decoding efficiency. Meanwhile, the bit continuity in each symbol of the RS codeword is guaranteed during transmission, so the number of symbols affected by burst errors is minimized. Simulation results demonstrate that the proposed interleaving scheme can achieve a better decoding performance on burst-error channels than the original scheme. In some cases, the extra coding gain at the bit-error-rate (BER) of 1 × 10−15 can even reach 1 dB.

Without security, any network system loses its efficiency, reliability, and resilience. With the huge integration of the ICT capabilities, the Electric Vehicle (EV) as a transportation form in cities is becoming more and more affordable and able to reply to citizen and environmental expectations. However, the EV vulnerability to cyber-attacks is increasing which intensifies its negative impact on societies. This paper targets the cybersecurity issues for Connected Electric Vehicles (CEVs) in parking lots where a peer-to-peer(P2P) energy transaction system is launched. A False Data Injection Attack (FDIA) on the electricity price signal is considered and a Machine Learning/SVM classification protocol is used to detect and extract the right values. Simulation results are conducted to prove the effectiveness of this proposed model.

Securing optical edge devices across an optical network is a critical challenge for the technological capabilities of fog/cloud computing. Locating and blocking rogue devices from transmitting data frames in an optical network is a significant security problem due to their widespread distribution over the optical fog cloud. A malicious actor might simply compromise such a device and execute assaults that degrade the optical channel’s Quality. In this study, we advocate an innovative framework for the use of an optical network to facilitate cloud and fog computing in a safe environment. This framework is sustainable and able to detect hostile equipment in optical fog and cloud and redirect it to a honeypot, where the assault may be halted and analyzed. To do this, it employs a model based on a two-stage hidden Markov, a fog manager based on an intrusion detection system, and an optical virtual honeypot. An internal assault is mitigated by simulated testing of the suggested system. The findings validate the adaptable and affordable access for cloud computing and optical fog.

Nowadays, cloud computing has become one of the most important and easily available storage options. This paper represents providing a platform where the data redundancy and the data security is maintained. Materials and Methods: This study contains two groups, the elliptic curve cryptography is developed in group 1 with 480 samples and advanced encryption is developed in group 2 with 960 samples. The accuracy of each of the methods is compared for different sample sizes with G power value as 0.8. Result: Advanced elliptic curve cryptography algorithm provides 1.2 times better performance compared to conventional elliptic curve cryptography algorithm for various datasets. The results were obtained with a significance value of 0.447 (p\textgreater0.05). Conclusion: From the obtained results the advanced elliptic curve cryptography algorithm seems to be better than the conventional algorithm.

The safety of the power system is inherently vital, due to the high risk of the electronic power system. In the wave of digitization in recent years, many power systems have been digitized to a certain extent. Under this circumstance, network security is particularly important, in order to ensure the normal operation of the power system. However, with the development of the Internet, network security issues are becoming more and more serious. Among all kinds of network attacks, the Distributed Denial of Service (DDoS) is a major threat. Once, attackers used huge volumes of traffic in short time to bring down the victim server. Now some attackers just use low volumes of traffic but for a long time to create trouble for attack detection. There are many methods for DDoS detection, but no one can fully detect it because of the huge volumes of traffic. In order to better detect DDoS and make sure the safety of electronic power system, we propose a novel detection method based on neural network. The proposed model and its service are deployed to the edge cloud, which can improve the real-time performance for detection. The experiment results show that our model can detect attacks well and has good real-time performance.

Currently, research on 5G communication is focusing increasingly on communication techniques. The previous studies have primarily focused on the prevention of communications disruption. To date, there has not been sufficient research on network anomaly detection as a countermeasure against on security aspect. 5g network data will be more complex and dynamic, intelligent network anomaly detection is necessary solution for protecting the network infrastructure. However, since the AI-based network anomaly detection is dependent on data, it is difficult to collect the actual labeled data in the industrial field. Also, the performance degradation in the application process to real field may occur because of the domain shift. Therefore, in this paper, we research the intelligent network anomaly detection technique based on domain adaptation (DA) in 5G edge network in order to solve the problem caused by data-driven AI. It allows us to train the models in data-rich domains and apply detection techniques in insufficient amount of data. For Our method will contribute to AI-based network anomaly detection for improving the security for 5G edge network.

Frauds in supply chain finance not only result in substantial loss for financial institutions (e.g., banks, trust company, private funds), but also are detrimental to the reputation of the ecosystem. However, such frauds are hard to detect due to the complexity of the operating environment in supply chain finance such as involvement of multiple parties under different agreements. Traditional instruments of financial institutions are time-consuming yet insufficient in countering fraudulent supply chain financing. In this study, we propose a novel blockchain-driven framework for deterring fraud in supply chain finance. Specifically, we use inventory financing in jewelry supply chain as an illustrative scenario. The blockchain technology enables secure and trusted data sharing among multiple parties due to its characteristics of immutability and traceability. Consequently, information on manufacturing, brand license, and warehouse status are available to financial institutions in real time. Moreover, we develop a novel rule-based fraud check module to automatically detect suspicious fraud cases by auditing documents shared by multiple parties through a blockchain network. To validate the effectiveness of the proposed framework, we employ agent-based modeling and simulation. Experimental results show that our proposed framework can effectively deter fraudulent supply chain financing as well as improve operational efficiency.

Network attacks become more complicated with the improvement of technology. Traditional statistical methods may be insufficient in detecting constantly evolving network attack. For this reason, the usage of payload-based deep packet inspection methods is very significant in detecting attack flows before they damage the system. In the proposed method, features are extracted from the byte distributions in the payload and these features are provided to characterize the flows more deeply by using N-Gram analysis methods. The proposed procedure has been tested on IDS 2012 and 2017 datasets, which are widely used in the literature.

Information leaks are a top concern to industry and government leaders. The Internet of Things (IoT) is a rapidly growing technology capable of sensing real-world events. IoT devices lack a common security standard and typically use lightweight security solutions, exposing the sensitive real-world data they gather. Covert channels are a practical method of exfiltrating data from these devices.This research presents a novel IoT covert timing channel (CTC) that encodes data within preexisting network information, namely ports or addresses. This method eliminates the need for inter-packet delays (IPD) to encode data. Seven different encoding methods are implemented between two IoT protocols, TCP/IP and ZigBee. The TCP/IP covert channel is created by mimicking a Ring smart doorbell and implemented using Amazon Web Services (AWS) servers to generate traffic. The ZigBee channel is built by copying a Philips Hue lighting system and executed on an isolated local area network (LAN). Variants of the CTC focus either on Stealth or Bandwidth. Stealth methods mimic legitimate traffic captures to make them difficult to detect while the Bandwidth methods forgo this approach for maximum throughput. Detection results are presented using shape-based and regularity-based detection tests.The Stealth results have a throughput of 4.61 bits per second (bps) for TCP/IP and 3.90 bps for ZigBee. They also evade shape and regularity-based detection tests. The Bandwidth methods average 81.7 Kbps for TCP/IP and 9.76 bps for ZigBee but are evident in detection tests. The results show that CTC using address or port encoding can have superior throughput or detectability compared to IPD-based CTCs.

The computing of smart devices at the perception layer of the power Internet of Things is often insufficient, and complex computing can be outsourced to server resources such as the cloud computing, but the allocation process is not safe and controllable. Under special constraints of the power Internet of Things such as multi-users and heterogeneous terminals, we propose a CP-ABE-based non-interactive verifiable computation model of perceptual layer data. This model is based on CP-ABE, NPOT, FHE and other relevant safety and verifiable theories, and designs a new multi-user non-interactive secure verifiable computing scheme to ensure that only users with the decryption key can participate in the execution of NPOT Scheme. In terms of the calculation process design of the model, we gave a detailed description of the system model, security model, plan. Based on the definition given, the correctness and safety of the non-interactive safety verifiable model design in the power Internet of Things environment are proved, and the interaction cost of the model is analyzed. Finally, it proves that the CP-ABE-based non-interactive verifiable computation model for the perceptual layer proposed in this paper has greatly improved security, applicability, and verifiability, and is able to meet the security outsourcing of computing in the power Internet of Things environment.

A new pulse power system is being developed with the goal of generating up to 40T seed magnetic fields for increasing the fusion yield of indirect drive inertial confinement fusion (ICF) experiments on the National Ignition Facility. This pulser is located outside of the target chamber and delivers a current pulse to the target through a coaxial cable bundle and custom flex-circuit strip-lines integrated into a cryogenic target positioner. At the target, the current passes through a multi-turn solenoid wrapped around the outside of a hohlraum and is insulated with Kapton coating. A 11.33 uF capacitor, charged up to 40 kV and switched by spark-gap, drives up to 40 kA of current before the coil disassembles. A custom Python design optimization code was written to maximize peak magnetic field strength while balancing competing pulser, load and facility constraints. Additionally, using an institutional multi-physics code, ALE3D, simulations that include coil dynamics such as temperature dependent resistance, coil forces and motion, and magnetic diffusion were conducted for detailed analysis of target coils. First experiments are reported as well as comparisons with current modelling efforts.

We investigate the fuzzy adaptive compensation control problem for nonlinear cyber-physical system with false data injection attack over digital communication links. The fuzzy logic system is first introduced to approximate uncertain nonlinear functions. And the time-varying sliding mode surface is designed. Secondly, for the actual require-ment of data transmission, three uniform quantizers are designed to quantify system state and sliding mode surface and control input signal, respectively. Then, the adaptive fuzzy laws are designed, which can effectively compensate for FDI attack and the quantization errors. Furthermore, the system stability and the reachability of sliding surface are strictly guaranteed by using adaptive fuzzy laws. Finally, we use an example to verify the effectiveness of the method.

Most of the recent high-profile attacks targeting cyber-physical systems (CPS) started with lengthy reconnaissance periods that enabled attackers to gain in-depth understanding of the victim’s environment. To simulate these stealthy attacks, several covert channel tools have been published and proven effective in their ability to blend into existing CPS communication streams and have the capability for data exfiltration and command injection.In this paper, we report a novel machine learning feature engineering and data processing pipeline for the detection of covert channel attacks on CPS systems with real-time detection throughput. The system also operates at the network layer without requiring physical system domain-specific state modeling, such as voltage levels in a power generation system. We not only demonstrate the effectiveness of using TCP payload entropy as engineered features and the technique of grouping information into network flows, but also pitch the proposed detector against scenarios employing advanced evasion tactics, and still achieve above 99% detection performance.

This paper has a new network security evaluation method as an absorbing Markov chain-based assessment method. This method is different from other network security situation assessment methods based on graph theory. It effectively refinement issues such as poor objectivity of other methods, incomplete consideration of evaluation factors, and mismatching of evaluation results with the actual situation of the network. Firstly, this method collects the security elements in the network. Then, using graph theory combined with absorbing Markov chain, the threat values of vulnerable nodes are calculated and sorted. Finally, the maximum possible attack path is obtained by blending network asset information to determine the current network security status. The experimental results prove that the method fully considers the vulnerability and threat node ranking and the specific case of system network assets, which makes the evaluation result close to the actual network situation.

A power amplifier(PA) is inherently nonlinear device and is used in a communication system widely. Due to the nonlinearity of PA, the communication system is hard to work well. Digital predistortion (DPD) is the way to solve this problem. Using Volterra function to fit the PA is what most DPD solutions do. However, when it comes to wideband signal, there is a deduction on the performance of the Volterra function. In this paper, we replace the Volterra function with B-spline function which performs better on fitting PA at wideband signal. And the other benefit is that the orthogonality of coding matrix A could be improved, enhancing the stability of computation. Additionally, we use compressive sampling to reduce the complexity of the function model.

The exponential rise of online services has heightened awareness of safeguarding the various applications that cooperate with and provide Internet users. Users must present their credentials, such as user name and secret code, to the servers to be authorized. This sensitive data should be secured from being exploited due to numerous security breaches, resulting in criminal activity. It is vital to secure systems against numerous risks. This article offers a novel approach to protecting against brute force attacks. A solution is presented where the user obtains the keypad on each occurrence. Following the establishment of the keypad, the webserver produces an encrypted password for the user's Computer/device authentication. The encrypted password will be used for authentication; users must type the amended one-time password (OTP) every time they access the website. This research protects passwords using reformation-based encryption and decryption and optimal honey encryption (OH-E) and decryption.

A new framework is presented in this paper for proving coding theorems for linear codes, where the systematic bits and the corresponding parity-check bits play different roles. Precisely, the noisy systematic bits are used to limit the list size of typical codewords, while the noisy parity-check bits are used to select from the list the maximum likelihood codeword. This new framework for linear codes allows that the systematic bits and the parity-check bits are transmitted in different ways and over different channels. In particular, this new framework unifies the source coding theorems and the channel coding theorems. With this framework, we prove that the Bernoulli generator matrix codes (BGMCs) are capacity-achieving over binary-input output symmetric (BIOS) channels and also entropy-achieving for Bernoulli sources.

A long-standing open question in computational learning theory is to prove NP-hardness of learning efficient programs, the setting of which is in between proper learning and improper learning. Ko (COLT’90, SICOMP’91) explicitly raised this open question and demonstrated its difficulty by proving that there exists no relativizing proof of NP-hardness of learning programs. In this paper, we overcome Ko’s relativization barrier and prove NP-hardness of learning programs under randomized polynomial-time many-one reductions. Our result is provably non-relativizing, and comes somewhat close to the parameter range of improper learning: We observe that mildly improving our inapproximability factor is sufficient to exclude Heuristica, i.e., show the equivalence between average-case and worst-case complexities of N P. We also make progress on another long-standing open question of showing NP-hardness of the Minimum Circuit Size Problem (MCSP). We prove NP-hardness of the partial function variant of MCSP as well as other meta-computational problems, such as the problems MKTP* and MINKT* of computing the time-bounded Kolmogorov complexity of a given partial string, under randomized polynomial-time reductions. Our proofs are algorithmic information (a.k. a. Kolmogorov complexity) theoretic. We utilize black-box pseudorandom generator constructions, such as the Nisan-Wigderson generator, as a one-time encryption scheme secure against a program which “does not know” a random function. Our key technical contribution is to quantify the “knowledge” of a program by using conditional Kolmogorov complexity and show that no small program can know many random functions.

Most existing deep neural networks (DNNs) are inexplicable and fragile, which can be easily deceived by carefully designed adversarial example with tiny undetectable noise. This allows attackers to cause serious consequences in many DNN-assisted scenarios without human perception. In the field of speaker recognition, the attack for speaker recognition system has been relatively mature. Most works focus on white-box attacks that assume the information of the DNN is obtainable, and only a few works study gray-box attacks. In this paper, we study blackbox attacks on the speaker recognition system, which can be applied in the real world since we do not need to know the system information. By combining the idea of transferable attack and query attack, our proposed method NMI-FGSM-Tri can achieve the targeted goal by misleading the system to recognize any audio as a registered person. Specifically, our method combines the Nesterov accelerated gradient (NAG), the ensemble attack and the restart trigger to design an attack method that generates the adversarial audios with good performance to attack blackbox DNNs. The experimental results show that the effect of the proposed method is superior to the extant methods, and the attack success rate can reach as high as 94.8% even if only one query is allowed.

A novel secure physical layer key generation method for Connected and Autonomous Vehicles (CAVs) against an attacker is proposed under fading and Additive White Gaussian Noise (AWGN). In the proposed method, a random sequence key is added to the demodulated sequence to generate a unique pre-shared key (PSK) to enhance security. Extensive computer simulation results proved that an attacker cannot extract the same legitimate PSK generated by the received vehicle even if identical fading and AWGN parameters are used both for the legitimate vehicle and attacker.

Next Word Prediction involves guessing the next word which is most likely to come after the current word. The system suggests a few words. A user can choose a word according to their choice from a list of suggested word by system. It increases typing speed and reduces keystrokes of the user. It is also useful for disabled people to enter text slowly and for those who are not good with spellings. Previous studies focused on prediction of the next word in different languages. Some of them are Bangla, Assamese, Ukraine, Kurdish, English, and Hindi. According to Census 2011, 43.63% of the Indian population uses Hindi, the national language of India. In this work, deep learning techniques are proposed to predict the next word in Hindi language. The paper uses Long Short Term Memory and Bidirectional Long Short Term Memory as the base neural network architecture. The model proposed in this work outperformed the existing approaches and achieved the best accuracy among neural network based approaches on IITB English-Hindi parallel corpus.

With the rapid development of information science and technology, the role of the Internet in daily life is becoming more and more important, but while bringing speed and convenience to the experience, network security issues are endless, and fighting cybercrime will be an eternal topic. In recent years, new types of cyberattacks have made defense and analysis difficult. For example, the memory of network attacks makes some key array evidence only temporarily exist in physical memory, which puts forward higher requirements for attack detection. The traditional memory forensic analysis method for persistent data is no longer suitable for a new type of network attack analysis. The continuous development of memory forensics gives people hope. This paper proposes a network attack detection model based on memory forensic analysis to detect whether the system is under attack. Through experimental analysis, this model can effectively detect network attacks with low overhead and easy deployment, providing a new idea for network attack detection.