Biblio

In this research work, we attempted to predict the creditworthiness of smartphone users in Indonesia during the COVID-19 pandemic using machine learning. Principal Component Analysis (PCA) and Kmeans algorithms are used for the prediction of creditworthiness with the used a dataset of 1050 respondents consisting of twelve questions to smartphone users in Indonesia during the COVID-19 pandemic. The four different classification algorithms (Logistic Regression, Support Vector Machine, Decision Tree, and Naive Bayes) were tested to classify the creditworthiness of smartphone users in Indonesia. The tests carried out included testing for accuracy, precision, recall, F1-score, and Area Under Curve Receiver Operating Characteristics (AUCROC) assesment. Logistic Regression algorithm shows the perfect performances whereas Naïve Bayes (NB) shows the least. The results of this research also provide new knowledge about the influential and non-influential variables based on the twelve questions conducted to the respondents of smartphone users in Indonesia during the COVID-19 pandemic.

This document addresses the issue of the actual security level of PDF documents. Two types of detection approaches are utilized to detect dangerous elements within malware: static analysis and dynamic analysis. Analyzing malware binaries to identify dangerous strings, as well as reverse-engineering is included in static analysis for t1he malware to disassemble it. On the other hand, dynamic analysis monitors malware activities by running them in a safe environment, such as a virtual machine. Each method has its own set of strengths and weaknesses, and it is usually best to employ both methods while analyzing malware. Malware detection could be simplified without sacrificing accuracy by reducing the number of malicious traits. This may allow the researcher to devote more time to analysis. Our worry is that there is no obvious need to identify malware with numerous functionalities when it isn't necessary. We will solve this problem by developing a system that will identify if the given file is infected with malware or not.

Most IoT malware is variants generated by editing and reusing parts of the functions based on publicly available source codes. In our previous study, we proposed a method to estimate the functions of a specimen using the Function Call Sequence Graph (FCSG), which is a directed graph of execution sequence of function calls. In the FCSG-based method, the subgraph corresponding to a malware functionality is manually created and called a signature-FSCG. The specimens with the signature-FSCG are expected to have the corresponding functionality. However, this method cannot detect the specimens with a slightly different subgraph from the signature-FSCG. This paper found that these specimens were supposed to have the same functionality for a signature-FSCG. These specimens need more flexible signature matching, and we propose a graph embedding technique to realize it.

Cloud computing forms the backbone of the era of automation and the Internet of Things (IoT). It offers computing and storage-based services on consumption-based pricing. Large-scale datacenters are used to provide these service and consumes enormous electricity. Datacenters contribute a large portion of the carbon footprint in the environment. Through virtual machine (VM) consolidation, datacenter energy consumption can be reduced via efficient resource management. VM selection policy is used to choose the VM that needs migration. In this research, we have proposed PbV mSp: A priority-based VM selection policy for VM consolidation. The PbV mSp is implemented in cloudsim and evaluated compared with well-known VM selection policies like gpa, gpammt, mimt, mums, and mxu. The results show that the proposed PbV mSp selection policy has outperformed the exisitng policies in terms of energy consumption and other metrics.

The analysis shows how important Power Network Measuring and Characterization (PSMC) is to the plan. Networks planning and oversight for the transmission of electrical energy is becoming increasingly frequent. In reaction to the current contest of assimilating trying to cut charging in the crate, estimation, information sharing, but rather govern into PSMC reasonable quantities, Electrical Transmit Monitoring and Management provides a thorough outline of founding principles together with smart sensors for domestic spying, security precautions, and control of developed broadening power systems.Electricity supply control must depend increasingly heavily on telecommunications infrastructure to manage and run their processes because of the fluctuation in transmission and distribution of electricity. A wider attack surface will also be available to threat hackers as a result of the more communications. Large-scale blackout have occurred in the past as a consequence of cyberattacks on electrical networks. In order to pinpoint the key issues influencing power grid computer networks, we looked at the network infrastructure supporting electricity grids in this research.

With the advent of information and communication technology, the digital space is becoming a playing ground for criminal activities. Criminals typically prefer darkness or a hidden place to perform their illegal activities in a real-world while sometimes covering their face to avoid being exposed and getting caught. The same applies in a digital world where criminals prefer features which provide anonymity or hidden features to perform illegal activities. It is from this spirit the Darkweb is attracting all kinds of criminal activities conducted over the Internet such as selling drugs, illegal weapons, child pornography, assassination for hire, hackers for hire, and selling of malicious exploits, to mention a few. Although the anonymity offered by Darkweb can be exploited as a tool to arrest criminals involved in cybercrime, an in-depth research is needed to advance criminal investigation on Darkweb. Analysis of illegal activities conducted in Darkweb is in its infancy and faces several challenges like lack of standard operating procedures. This study proposes progressive standard operating procedures (SOPs) for Darkweb forensics investigation. We provide the four stages of SOP for Darkweb investigation. The proposed SOP consists of the following stages; identification and profiling, discovery, acquisition and preservation, and the last stage is analysis and reporting. In each stage, we consider the objectives, tools and expected results of that particular stage. Careful consideration of this SOP revealed promising results in the Darkweb investigation.

The NIST standardization process for post-quantum cryptography has been drawing the attention of researchers to the submitted candidates. One direction of research consists in implementing those candidates on embedded systems and that exposes them to physical attacks in return. The Classic McEliece cryptosystem, which is among the four finalists of round 3 in the Key Encapsulation Mechanism category, builds its security on the hardness of the syndrome decoding problem, which is a classic hard problem in code-based cryptography. This cryptosystem was recently targeted by a laser fault injection attack leading to message recovery. Regrettably, the attack setting is very restrictive and it does not tolerate any error in the faulty syndrome. Moreover, it depends on the very strong attacker model of laser fault injection, and does not apply to optimised implementations of the algorithm that make optimal usage of the machine words capacity. In this article, we propose a to change the angle and perform a message-recovery attack that relies on side-channel information only. We improve on the previously published work in several key aspects. First, we show that side-channel information, obtained with power consumption analysis, is sufficient to obtain an integer syndrome, as required by the attack framework. This is done by leveraging classic machine learning techniques that recover the Hamming weight information very accurately. Second, we put forward a computationally-efficient method, based on a simple dot product and information-set decoding algorithms, to recover the message from the, possibly inaccurate, recovered integer syndrome. Finally, we present a masking countermeasure against the proposed attack.

We demonstrated hardware emulations to evaluate the error-correction performance for a FEC scheme with multilevel coding. It has enabled the measurement of BER to reach the order of 10−14 for the decoded signal.

In recent years, data security incidents caused by insider threats in distributed file systems have attracted the attention of academia and industry. The most common way to detect insider threats is based on user profiles. Through analysis, we realize that based on existing user profiles are not efficient enough, and there are many false positives when a stable user profile has not yet been formed. In this work, we propose personalized user profiles and design an insider threat detection framework, which can intelligently detect insider threats for securing distributed file systems in real-time. To generate personalized user profiles, we come up with a time window-based clustering algorithm and a weighted kernel density estimation algorithm. Compared with non-personalized user profiles, both the Recall and Precision of insider threat detection based on personalized user profiles have been improved, resulting in their harmonic mean F1 increased to 96.52%. Meanwhile, to reduce the false positives of insider threat detection, we put forward operation recommendations based on user similarity to predict new operations that users will produce in the future, which can reduce the false positive rate (FPR). The FPR is reduced to 1.54% and the false positive identification rate (FPIR) is as high as 92.62%. Furthermore, to mitigate the risks caused by inaccurate authorization for users, we present user tags based on operation content and permission. The experimental results show that our proposed framework can detect insider threats more effectively and precisely, with lower FPR and high FPIR.

New malware increasingly adopts novel fileless techniques to evade detection from antivirus programs. Process injection is one of the most popular fileless attack techniques. This technique makes malware more stealthy by writing malicious code into memory space and reusing the name and port of the host process. It is difficult for traditional security software to detect and intercept process injections due to the stealthiness of its behavior. We propose a novel framework called ProcGuard for detecting process injection behaviors. This framework collects sensitive function call information of typical process injection. Then we perform a fine-grained analysis of process injection behavior based on the function call chain characteristics of the program, and we also use the improved RCNN network to enhance API analysis on the tampered memory segments. We combine API analysis with deep learning to determine whether a process injection attack has been executed. We collect a large number of malicious samples with process injection behavior and construct a dataset for evaluating the effectiveness of ProcGuard. The experimental results demonstrate that it achieves an accuracy of 81.58% with a lower false-positive rate compared to other systems. In addition, we also evaluate the detection time and runtime performance loss metrics of ProcGuard, both of which are improved compared to previous detection tools.

This article proposes a method for determining the intruder type in the systems of physical protection of objects. An intruder trying to enter the territory, buildings or premises of the facility has to overcome typical engineering reinforcement elements of building structures. Elements of building structures are equipped with addressable alarm sensors. The intruder type is proposed to be determined according to its equipment by comparing the time of actually overcoming the building structure elements with the expert estimates. The time to overcome the elements of building structures is estimated by the time between successive responses of the security alarm address sensors. The intruder's awareness of the protection object is proposed to be assessed by tracking the route of its movement on the object using address sensors. Determining the intruder type according to the data of the security alarm systems can be used for the in-process tactics control of the security group actions.

Developers of mobile applications rely on the trust of their customers. On the one hand the requirement exists to create feature-rich and secure apps, which adhere to privacy standards to not deliberately disclose user information. On the other hand the development process must be streamlined to reduce costs. Here third-party libraries come into play. Inclusion of many, possibly nested libraries pose security risks, app-creators are often not aware of. This paper presents a way to combine free open-source tools to support developers in checking their application that it does not induce security issues by using third-party libraries. The tools FlowDroid, Frida, and mitm-proxy are used in combination in a simple and viable way to perform checks to identify privacy leaks of third-party apps. Our proposed setup and configuration empowers average app developers to preserve user privacy without being dedicated security experts and without expensive external advice.

The use of image data in multimedia communication based applications like military applications and medical images security applications are increasing every day and the secrecy of the image data is extremely important for such applications. A number of methods and techniques for securely transmitting images are proposed in the literature based on image encryption and steganography approaches. A novel mechanism for transmitting color images securely is proposed in this paper mainly based on public key cryptography mechanism also by combining the advantage of simplicity of symmetric schemes. The technique combines the strengths of Elliptic Curve Cryptography and the classical symmetric cryptographic mechanism called Hill Cipher encryption method. The technique also includes the concept of Magic Square for jumbling the pixels yielding maximum diffusion in the image pixels. In the performance evaluation, the proposed method proved that the new system works pretty well. The method is proved to be effective in maintaining the confidentiality of the image in transit and also for resisting security attacks.

New advancements in cloud computing technology enable the usage of cloud platforms for business purposes rapidly increasing every day. Data accumulation related to business transactions, Communications, business model architecture and much other information are stored in the cloud platform and access Dubai the business Associates commonly. Considering the security point of view data stored in the cloud need to be highly secured and accessed through authentication. The proposed system is focused on evaluating a cloud integrity auditing model in which the security and privacy preserving system is being audited, privacy is decided using a machine learning algorithm. The proposed model is developed using a hybrid CatBoost algorithm (HCBA) in which the input data is stored into the cloud platform using Bring your own encryption Key (BYOEK). The security of BYOEK model is evaluated and validated with respect to the given test model in terms of Execution time comparison Vs. Data transactions.

Power system security assessment is a major issue among the fundamental functions needed for the proper power systems operation. In order to perform the security evaluation, the contingency analysis is a key component. However, the dynamic evolution of power systems during the past decades led to the necessity of novel techniques to facilitate this task. In this paper, power systems security is defined based on the N-l contingency analysis. An artificial neural network approach is proposed to ensure the fast evaluation of power systems security. In this regard, the IEEE 14 bus transmission system is used to verify the performance of the proposed model, the results showing high efficiency subject to multiple evaluation metrics.

With the variety of cloud services, the cloud service provider delivers the machine learning service, which is used in many applications, including risk assessment, product recommen-dation, and image recognition. The cloud service provider initiates a protocol for the classification service to enable the data owners to request an evaluation of their data. The owners may not entirely rely on the cloud environment as the third parties manage it. However, protecting data privacy while sharing it is a significant challenge. A novel privacy-preserving model is proposed, which is based on differential privacy and machine learning approaches. The proposed model allows the various data owners for storage, sharing, and utilization in the cloud environment. The experiments are conducted on Blood transfusion service center, Phoneme, and Wilt datasets to lay down the proposed model's efficiency in accuracy, precision, recall, and Fl-score terms. The results exhibit that the proposed model specifies high accuracy, precision, recall, and Fl-score up to 97.72%, 98.04%, 97.72%, and 98.80%, respectively.

NATO strategy and policy has increasingly focused on incorporating cyber operations to support deterrence, warfighting, and intelligence objectives. However, offensive cyber operations in particular have presented a delicate challenge for the alliance. As cyber threats to NATO members continue to grow, the alliance has begun to address how it could incorporate offensive cyber operations into its strategy and policy. However, there are significant hurdles to meaningful cooperation on offensive cyber operations, in contrast with the high levels of integration in other operational domains. Moreover, there is a critical gap in existing conceptualizations of the role of offensive cyber operations in NATO policy. Specifically, NATO cyber policy has focused on cyber operations in a warfighting context at the expense of considering cyber operations below the level of conflict. In this article, we explore the potential role for offensive cyber operations not only in wartime but also below the threshold of armed conflict. In doing so, we systematically explore a number of challenges at the political/strategic as well as the operational/tactical levels and provide policy recommendations for next steps for the alliance.

The Manufacturer Usage Description (MUD) standard aims to reduce the attack surface for IoT devices by locking down their behavior to a formally-specified set of network flows (access control entries). Formal network behaviors can also be systematically and rigorously verified in any operating environment. Enforcing MUD flows and monitoring their activity in real-time can be relatively effective in securing IoT devices; however, its scope is limited to endpoints (domain names and IP addresses) and transport-layer protocols and services. Therefore, misconfigured or compromised IoTs may conform to their MUD-specified behavior but exchange unintended (or even malicious) contents across those flows. This paper develops PicP-MUD with the aim to profile the information content of packet payloads (whether unencrypted, encoded, or encrypted) in each MUD flow of an IoT device. That way, certain tasks like cyber-risk analysis, change detection, or selective deep packet inspection can be performed in a more systematic manner. Our contributions are twofold: (1) We analyze over 123K network flows of 6 transparent (e.g., HTTP), 11 encrypted (e.g., TLS), and 7 encoded (e.g., RTP) protocols, collected in our lab and obtained from public datasets, to identify 17 statistical features of their application payload, helping us distinguish different content types; and (2) We develop and evaluate PicP-MUD using a machine learning model, and show how we achieve an average accuracy of 99% in predicting the content type of a flow.

In this paper, we quantify elements representing video features and we propose the bitrate prediction of compressed encoding video using deep learning. Particularly, to overcome disadvantage that we cannot predict bitrate of compression video by using Constant Rate Factor (CRF), we use deep learning. We can find element of video feature with relationship of bitrate when we compress the video, and we can confirm its possibility to find relationship through various deep learning techniques.

Real-time data transmissions from a vehicle enhance road safety and traffic efficiency by aggregating data in a central server for data analytics. When drivers share their instantaneous vehicular information for a service provider to perform a legitimate task, a curious service provider may also infer private information it has not been authorized for. In this paper, we propose a privacy preservation framework based on the Hilbert Schmidt Independence Criterion (HSIC) to sanitize driving data to protect the vehicle’s trajectory from adversarial inference while ensuring the data is still useful for driver behavior detection. We develop a deep learning model to learn the HSIC sanitizer and demonstrate through two datasets that our approach achieves better utility-privacy trade-offs when compared to three other benchmarks.

Computer and Vehicular networks, both are prone to multiple information security breaches because of many reasons like lack of standard protocols for secure communication and authentication. Distributed Denial of Service (DDoS) is a threat that disrupts the communication in networks. Detection and prevention of DDoS attacks with accuracy is a necessity to make networks safe.In this paper, we have experimented two machine learning-based techniques one each for attack detection and attack prevention. These detection & prevention techniques are implemented in different environments including vehicular network environments and computer network environments. Three different datasets connected to heterogeneous environments are adopted for experimentation. The first dataset is the NSL-KDD dataset based on the traffic of the computer network. The second dataset is based on a simulation-based vehicular environment, and the third CIC-DDoS 2019 dataset is a computer network-based dataset. These datasets contain different number of attributes and instances of network traffic. For the purpose of attack detection AdaBoostM1 classification algorithm is used in WEKA and for attack prevention Logit Model is used in STATA. Results show that an accuracy of more than 99.9% is obtained from the simulation-based vehicular dataset. This is the highest accuracy rate among the three datasets and it is obtained within a very short period of time i.e., 0.5 seconds. In the same way, we use a Logit regression-based model to classify packets. This model shows an accuracy of 100%.

Inertial Confinement Fusion(ICF) uses the inertia of the substance itself to confine the nest-temperature thermonuclear fuel plasma to achieve thermonuclear fusion and obtain fusion energy. In the design of the local-volume ignition target capsule, the ignition zone and the main combustion zone are separated by heavy medium. The ignition zone is located in the center of the system (the part of the fusion combustion). The mass is small and can be compressed to high density and the overall temperature is raised to the ignition state (local-volume ignition). The temperature increase and density increase of the local volume ignition are relatively decoupled in time. The multi-step enhanced shock wave heats the fuel temperature drop, after which the collision effect accelerates the metal shell layer by layer, and uses the inertia of high-Z metal shell with a larger residual mass to achieve effective compression of the fuel areal after the driving source ends for a long time. Local volume ignition has the advantages of no need to reshape the radiation driving pulse, resistance to the influence of hot electrons, less demanding compression symmetry, and large combustion gain.

The MagNIF team at LLNL is developing a pulsed power platform to enable magnetized inertial confinement fusion and high energy density experiments at the National Ignition Facility. A pulsed solenoidal driver capable of premagnetizing fusion fuel to 40T is predicted to increase performance of indirect drive implosions. We have written a specialized Python code suite to support the delivery of a practical design optimized for target magnetization and risk mitigation. The code simulates pulsed power in parameterized system designs and converges to high-performance candidates compliant with evolving engineering constraints, such as scale, mass, diagnostic access, mechanical displacement, thermal energy deposition, facility standards, and component-specific failure modes. The physics resolution and associated computational costs of our code are intermediate between those of 0D circuit codes and 3D magnetohydrodynamic codes, to be predictive and support fast, parallel simulations in parameter space. Development of a reduced-order, physics-based target model is driven by high-resolution simulations in ALE3D (an institutional multiphysics code) and multi-diagnostic data from a commissioned pulser platform. Results indicate system performance is sensitive to transient target response, which should include magnetohydrodynamic expansion, resistive heating, nonlinear magnetic diffusion, and phase change. Design optimization results for a conceptual NIF platform are reported.

Cloud computing solutions enable Cyber-Physical Systems (CPSs) to utilize significant computational resources and implement sophisticated control algorithms even if limited computation capabilities are locally available for these systems. However, such a control architecture suffers from an important concern related to the privacy of sensor measurements and the computed control inputs within the cloud. This paper proposes a solution that allows implementing a set-theoretic model predictive controller on the cloud while preserving this privacy. This is achieved by exploiting the offline computations of the robust one-step controllable sets used by the controller and two affine transformations of the sensor measurements and control optimization problem. It is shown that the transformed and original control problems are equivalent (i.e., the optimal control input can be recovered from the transformed one) and that privacy is preserved if the control algorithm is executed on the cloud. Moreover, we show how the actuator can take advantage of the set-theoretic nature of the controller to verify, through simple set-membership tests, if the control input received from the cloud is admissible. The correctness of the proposed solution is verified by means of a simulation experiment involving a dual-tank water system.

We study how information flows through a multi-robot network in order to better understand how to provide resilience to malicious information. While the notion of global resilience is well studied, one way existing methods provide global resilience is by bringing robots closer together to improve the connectivity of the network. However, large changes in network structure can impede the team from performing other functions such as coverage, where the robots need to spread apart. Our goal is to mitigate the trade-off between resilience and network structure preservation by applying resilience locally in areas of the network where it is needed most. We introduce a metric, Influence, to identify vulnerable regions in the network requiring resilience. We design a control law targeting local resilience to the vulnerable areas by improving the connectivity of robots within these areas so that each robot has at least 2F+1 vertex-disjoint communication paths between itself and the high influence robot in the vulnerable area. We demonstrate the performance of our local resilience controller in simulation and in hardware by applying it to a coverage problem and comparing our results with an existing global resilience strategy. For the specific hardware experiments, we show that our control provides local resilience to vulnerable areas in the network while only requiring 9.90% and 15.14% deviations from the desired team formation compared to the global strategy.