Biblio

Although existing for decades, software tampering attack is still a main threat to systems, such as Android, and cyber physical systems. Many approaches have been proposed to thwart specific procedures of tampering, e.g., obfuscation and self-checksumming. However, none of them can achieve theoretically tamper-proof without the protection of hardware circuit. Rather than proposing new tricks against tampering attacks, we focus on impeding the replication of software tampering via program diversification, and thus pose a scalability barrier against the attacks. Our idea, namely N-version obfuscation (NVO), is to automatically generate and deliver same featured, but functionally nonequivalent software copies to different machines or users. In this paper, we investigate such an idea on Android platform. We carefully design a candidate NVO solution for networked apps, which leverages a Message Authentication Code (MAC) mechanism to generate the functionally nonequivalent diversities. Our evaluation result shows that the time required for breaking such a software system increases linearly with respect to the number of software versions. In this way, attackers would suffer great scalability issues, considering that an app can have millions of users. With minimal NVO costs, effective tamper-resistant security can therefore be established.

There is some uncertainty as to the applicability or accuracy of current theories for wave propagation in sediments. Numerical modelling of acoustic data has long been recognized to be a powerful method of understanding of complicated wave propagation and interaction. In this paper, we used the coupled two-dimensional PSM-BEM program to simulate the process of acoustic wave propagation in the seafloor with distributed multi-scale random media. The effects of fluid flow between the pores and the grains with multi-scale distribution were considered. The results show that the coupled PSM-BEM program can be directly applied to both high and low frequency seafloor acoustics. A given porous frame with the pore space saturated with fluid can greatly increase the magnitude of acoustic anisotropy. acoustic wave velocity dispersion and attenuation are significant over a frequency range which spans at least two orders of magnitude.

To promote InGaP solar cell efficiency toward the theoretical limit, one promising approach is to incorporate multiple quantum wells (MQWs) into the InGaP host and improve its open-circuit voltage by facilitating radiative carrier recombination owing to carrier confinement. In this research, we demonstrate numerically that a strain-balanced (SB) In1-xGaxP/In1-yGayP MQW enhances confined carrier density while degrades the effective carrier mobility. However, a smart design of the MQW structure is possible by considering quantitatively the trade-off between carrier confinement effect and carrier transport, and MQW can be advantageous over the InGaP bulk material for boosting photovoltaic efficiency.

The numerical analysis of transient quantum effects in heterostructure devices with conventional numerical methods tends to pose problems. To overcome these limitations, a novel numerical scheme for the transient non-equilibrium solution of the quantum Liouville equation utilizing a finite volume discretization technique is proposed. Additionally, the solution with regard to the stationary regime, which can serve as a reference solution, is inherently included within the discretization scheme for the transient regime. Resulting in a highly oscillating interference pattern of the statistical density matrix as well in the stationary as in the transient regime, the reflecting nature of the conventional boundary conditions can be an additional source of error. Avoiding these non-physical reflections, the concept of a complex absorbing potential used for the Schrödinger equation is utilized to redefine the drift operator in order to render open boundary conditions for quantum transport equations. Furthermore, the method allows the application of the commonly used concept of inflow boundary conditions.

In case of wildfire, particles generated in combustion are in complex law of motion under the influence of flame temperature, airflow and lots of electrons and ions. They would distort the space electric field, and lead to gap discharge. This paper develops a multi-physics coupling calculation model of fluid, temperature, electric field and particle movement by combining the rod-plate gap experiment that simulates the wildfire condition. It analyzes the motion state of ash particles in flames, studies the charged particles of different polarity separately, and explores the impact of particle properties on the electric field of gap space by combining the distribution of particles. Results have shown that there are differences in the motion state of charged particles of different polarity, and the electrode will absorb some particles with different charges, while charged particles with the same polarity as the electrode will move away from the electrode in random motion. Particles of different properties (particle size, relative dielectric constant) have different impacts on the electric field of gap space, but they all promote the discharge propagation.

Internet of Things(IoT) is an important part of the new generation of information technology and an important stage of development in the era of informatization. As a next generation network, Information Centric Network (ICN) has been introduced into the IoT, leading to the content independence of IC-IoT. To manage the changing network conditions and diagnose the cause of anomalies within it, network operators must obtain and analyze network status information from monitoring tools. However, traditional network supervision method will not be applicable to IC-IoT centered on content rather than IP. Moreover, the surge in information volume will also bring about insufficient information distribution, and the data location in the traditional management information base is fixed and cannot be added or deleted. To overcome these problems, we propose a name-based smart tracking system to store network state information in the IC-IoT. Firstly, we design a new structure of management information base that records various network state information and changes its naming format. Secondly, we use a tracking method to obtain the required network status information. When the manager issues a status request, each data block has a defined data tracking table to record past requests, the location of the status data required can be located according to it. Thirdly, we put forward an adaptive network data location replacement strategy based on the importance of stored data blocks, so that the information with higher importance will be closer to the management center for more efficient acquisition. Simulation results indicate the feasibility of the proposed scheme.

Internet of Things (IoT) development and the addition of billions of computationally limited devices prohibit the use of classical security measures such as Intrusion Detection Systems (IDS). In this paper, we study the influence of the implementation of different feed-forward type of Neural Networks (NNs) on the detection Rate of the Negative Selection Neural Network (NSNN) algorithm. Feed-forward and cascade forward NN structures with different number of neurons and different number of hidden layers are tested. For training and testing the NSNN algorithm the labeled KDD NSL dataset is applied. The detection rates provided by the algorithm with several NN structures to determine the optimal solution are calculated and compared. The results show how these different feed-forward based NN architectures impact the performance of the NSNN algorithm.

GENI (Global Environment for Network Innovations) is a National Science Foundation (NSF) funded program which provides a virtual laboratory for networking and distributed systems research and education. It is well suited for exploring networks at a scale, thereby promoting innovations in network science, security, services and applications. GENI allows researchers obtain compute resources from locations around the United States, connect compute resources using 100G Internet2 L2 service, install custom software or even custom operating systems on these compute resources, control how network switches in their experiment handle traffic flows, and run their own L3 and above protocols. GENI architecture incorporates cloud federation. With the federation, cloud resources can be federated and/or community of clouds can be formed. The heart of federation is user identity and an ability to “advertise” cloud resources into community including compute, storage, and networking. GENI administrators can carve out what resources are available to the community and hence a portion of GENI resources are reserved for internal consumption. GENI architecture also provides “stitching” of compute and storage resources researchers request. This provides L2 network domain over Internet2's 100G network. And researchers can run their Software Defined Networking (SDN) controllers on the provisioned L2 network domain for a complete control of networking traffic. This capability is useful for large science data transfer (bypassing security devices for high throughput). Renaissance Computing Institute (RENCI), a research institute in the state of North Carolina, has developed ORCA (Open Resource Control Architecture), a GENI control framework. ORCA is a distributed resource orchestration system to serve science experiments. ORCA provides compute resources as virtual machines and as well as baremetals. ORCA based GENI ra- k was designed to serve both High Throughput Computing (HTC) and High Performance Computing (HPC) type of computes. Although, GENI is primarily used in various universities and research entities today, GENI architecture can be leveraged in the commercial, aerospace and government settings. This paper will go over the architecture of GENI and discuss the GENI architecture for scientific computing experiments.

The promise of big data relies on the release and aggregation of data sets. When these data sets contain sensitive information about individuals, it has been scalable and convenient to protect the privacy of these individuals by de-identification. However, studies show that the combination of de-identified data sets with other data sets risks re-identification of some records. Some studies have shown how to measure this risk in specific contexts where certain types of public data sets (such as voter roles) are assumed to be available to attackers. To the extent that it can be accomplished, such analyses enable the threat of compromises to be balanced against the benefits of sharing data. For example, a study that might save lives by enabling medical research may be enabled in light of a sufficiently low probability of compromise from sharing de-identified data. In this paper, we introduce a general probabilistic re-identification framework that can be instantiated in specific contexts to estimate the probability of compromises based on explicit assumptions. We further propose a baseline of such assumptions that enable a first-cut estimate of risk for practical case studies. We refer to the framework with these assumptions as the Naive Re-identification Framework (NRF). As a case study, we show how we can apply NRF to analyze and quantify the risk of re-identification arising from releasing de-identified medical data in the context of publicly-available social media data. The results of this case study show that NRF can be used to obtain meaningful quantification of the re-identification risk, compare the risk of different social media, and assess risks of combinations of various demographic attributes and medical conditions that individuals may voluntarily disclose on social media.

We present nQUIC, a variant of QUIC-TLS that uses the Noise protocol framework for its key exchange and basis of its packet protector with no semantic transport changes. nQUIC is designed for deployment in systems and for applications that assert trust in raw public keys rather than PKI-based certificate chains. It uses a fixed key exchange algorithm, compromising agility for implementation and verification ease. nQUIC provides mandatory server and optional client authentication, resistance to Key Compromise Impersonation attacks, and forward and future secrecy of traffic key derivation, which makes it favorable to QUIC-TLS for long-lived QUIC connections in comparable applications. We developed two interoperable prototype implementations written in Go and Rust. Experimental results show that nQUIC finishes its handshake in a comparable amount of time as QUIC-TLS.

This paper discusses two issues with multi-channel multi-radio Wireless Mesh Networks (WMN): gateway placement and gateway selection. To address these issues, a method will be proposed that places gateways at strategic locations to avoid congestion and adaptively learns to select a more efficient gateway for each wireless router by using learning automata. This method, called the N-queen Inspired Gateway Placement and Learning Automata-based Selection (NQ-GPLS), considers multiple metrics such as loss ratio, throughput, load at the gateways and delay. Simulation results from NS-2 simulator demonstrate that NQ-GPLS can significantly improve the overall network performance compared to a standard WMN.

A long-standing open question in computational learning theory is to prove NP-hardness of learning efficient programs, the setting of which is in between proper learning and improper learning. Ko (COLT’90, SICOMP’91) explicitly raised this open question and demonstrated its difficulty by proving that there exists no relativizing proof of NP-hardness of learning programs. In this paper, we overcome Ko’s relativization barrier and prove NP-hardness of learning programs under randomized polynomial-time many-one reductions. Our result is provably non-relativizing, and comes somewhat close to the parameter range of improper learning: We observe that mildly improving our inapproximability factor is sufficient to exclude Heuristica, i.e., show the equivalence between average-case and worst-case complexities of N P. We also make progress on another long-standing open question of showing NP-hardness of the Minimum Circuit Size Problem (MCSP). We prove NP-hardness of the partial function variant of MCSP as well as other meta-computational problems, such as the problems MKTP* and MINKT* of computing the time-bounded Kolmogorov complexity of a given partial string, under randomized polynomial-time reductions. Our proofs are algorithmic information (a.k. a. Kolmogorov complexity) theoretic. We utilize black-box pseudorandom generator constructions, such as the Nisan-Wigderson generator, as a one-time encryption scheme secure against a program which “does not know” a random function. Our key technical contribution is to quantify the “knowledge” of a program by using conditional Kolmogorov complexity and show that no small program can know many random functions.

The vast majority of nowadays remote code execution attacks target virtual function tables (vtables). Attackers hijack vtable pointers to change the control flow of a vulnerable program to their will, resulting in full control over the underlying system. In this paper, we present NoVT, a compiler-based defense against vtable hijacking. Instead of protecting vtables for virtual dispatch, our solution replaces them with switch-case constructs that are inherently control-flow safe, thus preserving control flow integrity of C++ virtual dispatch. NoVT extends Clang to perform a class hierarchy analysis on C++ source code. Instead of a vtable, each class gets unique identifier numbers which are used to dispatch the correct method implementation. Thereby, NoVT inherently protects all usages of a vtable, not just virtual dispatch. We evaluate NoVT on common benchmark applications and real-world programs including Chromium. Despite its strong security guarantees, NoVT improves runtime performance of most programs (mean overhead −0.5%, −3.7% min, 2% max). In addition, protected binaries are slightly smaller than unprotected ones. NoVT works on different CPU architectures and protects complex C++ programs against strong attacks like COOP and ShrinkWrap.

This paper presents the results of a multifaceted study of the behavior of a novel hydrokinetic energy harvester that utilizes vertical oscillations. Unlike traditional rotating turbines used in hydrokinetic energy, this particular device utilizes the fluid structure interactions of vortex-induced-vibration and gallop. Due to the unique characteristics of this vertical motion, a thorough examination of the proposed system was conducted via a three-pronged approach of simulation, emulation, and field testing. Using a permanent magnet synchronous generator as the electrical power generation source, an electrical power conversion system was simulated, emulated, and tested to achieve appropriate power smoothing for use in microgrid systems present in many Alaskan rural locations.

Hardware Trojans have become in the last decade a major threat in the Integrated Circuit industry. Many techniques have been proposed in the literature aiming at detecting such malicious modifications in fabricated ICs. For the most critical circuits, prevention methods are also of interest. The goal of such methods is to prevent the insertion of a Hardware Trojan thanks to ad-hoc design rules. In this paper, we present a novel prevention technique based on approximation. An approximate logic circuit is a circuit that performs a possibly different but closely related logic function, so that it can be used for error detection or error masking where it overlaps with the original circuit. We will show how this technique can successfully detect the presence of Hardware Trojans, with a solution that has a smaller impact than triplication.

The majority of systems rely on user authentication on passwords, but passwords have so many weaknesses and widespread use that easily raise significant security concerns, regardless of their encrypted form. Users hold the same password for different accounts, administrators never check password files for flaws that might lead to a successful cracking, and the lack of a tight security policy regarding regular password replacement are a few problems that need to be addressed. The proposed research work aims at enhancing this security mechanism, prevent penetrations, password theft, and attempted break-ins towards securing computing systems. The selected solution approach is two-folded; it implements a two-factor authentication scheme to prevent unauthorized access, accompanied by Honeyword principles to detect corrupted or stolen tokens. Both can be integrated into any platform or web application with the use of QR codes and a mobile phone.

With the proliferation of false redundant information on various e-commerce platforms, ineffective recommendations and other untrustworthy behaviors have seriously hindered the healthy development of e-commerce platforms. Modern recommendation systems often use side information to alleviate these problems and also increase prediction accuracy. One such piece of side information, which has been widely investigated, is trust. However, it is difficult to obtain explicit trust relationship data, so researchers infer trust values from other methods, such as the user-to-item relationship. In this paper, addressing the problems, we proposed a novel trust-based recommender model called UITrust, which uses user-item relationship value to improve prediction accuracy. With the improvement the traditional similarity measures by employing the entropies of user and item history ratings to reflect the global rating behavior on both. We evaluate the proposed model using two real-world datasets. The proposed model performs significantly better than the baseline methods. Also, we can use the UITrust to alleviate the sparsity problem associated with correlation-based similarity. In addition to that, the proposed model has a better computational complexity for making predictions than the k-nearest neighbor (kNN) method.

The notion of trust is considered to be the cornerstone on patient-psychiatrist relationship. Thus, a trustfully background is fundamental requirement for provision of effective Ubiquitous Healthcare (UH) service. In this paper, the issue of Trust Evaluation of UH Providers when register UH environment is addressed. For that purpose a novel trust evaluation method is proposed, based on cloud theory, exploiting User Profile attributes. This theory mimics human thinking, regarding trust evaluation and captures fuzziness and randomness of this uncertain reasoning. Two case studies are investigated through simulation in MATLAB software, in order to verify the effectiveness of this novel method.

The transition effect ring oscillator (TERO) based true random number generator (TRNG) was proposed by Varchola and Drutarovsky in 2010. There were several stochastic models for this advanced TRNG based on ring oscillator. This paper proposed an improved TERO based TRNG and implements both on Altera Cyclone series FPGA platform and on a 0.13um CMOS ASIC process. FPGA experimental results show that this balanced TERO TRNG is in good performance as the experimental data results past the national institute of standards and technology (NIST) test in 1M bit/s. The TRNG is feasible for a security SoC.

Remote authentication via biometric features has received much attention recently, hence the security of biometric data is of great importance. Here a crypto-steganography method applied for the protection of biometric data is implemented. It include semantic segmentation, chaotic encryption, data hiding and fingerprint recognition to avoid the risk of spoofing attacks. Semantically segmented image of the person to be authenticated is used as the cover image and chaotic encrypted fingerprint image is used as secret image here. Chaotic encrypted fingerprint image is embedded into the cover image using Integer Wavelet Transform (IWT). Extracted fingerprint image is then compared with the fingerprints in database to authenticate the person. Qualified Significant Wavelet Trees (QSWT`s) of the cover image act as the target coefficients to insert the secret image. IWT provide both invisibility and resistance against the lossy transmissions. Experimental result shows that the semantic segmentation reduces the bandwidth efficiently. In addition, chaotic encryption and IWT based data hiding increases the security of the transmitted biometric data.

Middlebox is primarily used in Software-Defined Network (SDN) to enhance operational performance, policy compliance, and security operations. Therefore, security of the middlebox itself is essential because incorrect use of the middlebox can cause severe cybersecurity problems for SDN. Existing attacks against middleboxes in SDN (for instance, middleboxbypass attack) use methods such as cloned tags from the previous packets to justify that the middlebox has processed the injected packet. Flowcloak as the latest solution to defeat such an attack creates a defence using a tag by computing the hash of certain parts of the packet header. However, the security mechanisms proposed to mitigate these attacks are compromise-able since all parts of the packet header can be imitated, leaving the middleboxes insecure. To demonstrate our claim, we introduce a novel attack against SDN middleboxes by hijacking TCP/IP headers. The attack uses crafted TCP/IP headers to receive the tags and signatures and successfully bypasses the middleboxes.

SQL Injection and Cross-Site Scripting are the two most common attacks in database-based web applications. In this paper we propose a system to detect different types of SQL injection and XSS attacks associated with a web application, without the existence of any firewall, while significantly reducing the network overhead. We use properly modifications of the Nginx Reverse Proxy protocols and Suricata NIDS/ IPS rules. Pure work has been done from other researchers based on the capabilities of Nginx and Suricata and our approach with the experimental results provided in the paper demonstrate the efficiency of our system.

The importance of peer-to-peer (P2P) network overlays produced enormous interest in the research community due to their robustness, scalability, and increase of data availability. P2P networks are overlays of logically connected hosts and other nodes including servers. P2P networks allow users to share their files without the need for any centralized servers. Since P2P networks are largely constructed of end-hosts, they are susceptible to abuse and malicious activity, such as sybil attacks. Impostors perform sybil attacks by assigning nodes multiple addresses, as opposed to a single address, with the goal of degrading network quality. Sybil nodes will spread malicious data and provide bogus responses to requests. To prevent sybil attacks from occurring, a novel defense mechanism is proposed. In the proposed scheme, the DHT key-space is divided and treated in a similar manner to radio frequency allocation incensing. An overlay of trusted nodes is used to detect and handle sybil nodes with the aid of source-destination pairs reporting on each other. The simulation results show that the proposed scheme detects sybil nodes in large sized networks with thousands of interactions.

Cooperative Intelligent Transport Systems (C-ITS) are expected to play an important role in our lives. They will improve the traffic safety and bring about a revolution on the driving experience. However, these benefits are counterbalanced by possible attacks that threaten not only the vehicle's security, but also passengers' lives. One of the most common attacks is the Sybil attack, which is even more dangerous than others because it could be the starting point of many other attacks in C-ITS. This paper proposes a distributed approach allowing the detection of Sybil attacks by using the traffic flow theory. The key idea here is that each vehicle will monitor its neighbourhood in order to detect an eventual Sybil attack. This is achieved by a comparison between the real accurate speed of the vehicle and the one estimated using the V2V communications with vehicles in the vicinity. The estimated speed is derived by using the traffic flow fundamental diagram of the road's portion where the vehicles are moving. This detection algorithm is validated through some extensive simulations conducted using the well-known NS3 network simulator with SUMO traffic simulator.

Security is the main concern for wireless sensor nodes and exposed against malicious attacks. To secure the communication between sensor nodes several key managing arrangements are already implemented. The key managing method for any protected application must minimally deliver safety facilities such as truthfulness. Diffie–Hellman key exchange in the absence of authentication is exposed to MITM (man-in-the-middle) attacks due to which the attacker node can easily interrupt the communication, by appearing as a valid node in the network. In wireless sensor networks, single path routing is very common but it suffers with the two problems i:e link failure which results in data loss and if any node in single path is compromised, there is no alternative to send the data to the destination securely. To overcome this problem, multipath routing protocol is used which provides both availability and consistency of data. AOMDV (Ad-hoc On-demand Multipath Distance Vector Routing Protocol) is used in a proposed algorithm which provides alternative paths to reach the data packets to the destination. This paper presents an algorithm DH-SAM (Diffie-Hellman- Sybil Attack Mitigation) to spot and mitigate Sybil nodes and make the network trusted with the objective of solving the issue of MITM attack in the network. After node authentication, secure keys are established between two communicating nodes for data transmission using the Diffie-Hellman algorithm. Performance evaluation of DH-SAM is done by using different metrics such as detection rate, PDR, throughput, and average end to end (AE2E) delay.