Biblio

With the advent of the 5G era, high-speed and secure network access services have become a common pursuit. The QUIC (Quick UDP Internet Connection) protocol proposed by Google has been studied by many scholars due to its high speed, robustness, and low latency. However, the research on the security of the QUIC protocol by domestic and foreign scholars is insufficient. Therefore, based on the self-similarity of QUIC network traffic, combined with traffic characteristics and signal processing methods, a QUIC-based network traffic anomaly detection model is proposed in this paper. The model decomposes and reconstructs the collected QUIC network traffic data through the Empirical Mode Decomposition (EMD) method. In order to judge the occurrence of abnormality, this paper also intercepts overlapping traffic segments through sliding windows to calculate Hurst parameters and analyzes the obtained parameters to check abnormal traffic. The simulation results show that in the network environment based on the QUIC protocol, the Hurst parameter after being attacked fluctuates violently and exceeds the normal range. It also shows that the anomaly detection of QUIC network traffic can use the EMD method.

Modern day cyber-infrastructures are critically dependent on each other to provide essential services. Current frameworks typically focus on the risk analysis of an isolated infrastructure. Evaluation of potential disruptions taking the heterogeneous cyber-infrastructures is vital to note the cascading disruption vectors and determine the appropriate interventions to limit the damaging impact. This paper presents a cyber-security risk assessment framework for the interconnected cyber-infrastructures. Our methodology is designed to be comprehensive in terms of accommodating accidental incidents and malicious cyber threats. Technically, we model the functional dependencies between the different architectures using reliability block diagrams (RBDs). RBDs are convenient, yet powerful graphical diagrams, which succinctly describe the functional dependence between the system components. The analysis begins by selecting a service from the many services that are outputted by the synchronized operation of the architectures whose disruption is deemed critical. For this service, we design an attack fault tree (AFT). AFT is a recent graphical formalism that combines the two popular formalisms of attack trees and fault trees. We quantify the attack-fault tree and compute the risk metrics - the probability of a disruption and the damaging impact. For this purpose, we utilize the open source ADTool. We show the efficacy of our framework with an example outage incident.

Actuator malfunctions may have disastrous con-sequences for systems not designed to mitigate them. We focus on the loss of control authority over actuators, where some actuators are uncontrolled but remain fully capable. To counter-act the undesirable outputs of these malfunctioning actuators, we use real-time measurements and redundant actuators. In this setting, a system that can still reach its target is deemed resilient. To quantify the resilience of a system, we compare the shortest time for the undamaged system to reach the target with the worst-case shortest time for the malfunctioning system to reach the same target, i.e., when the malfunction makes that time the longest. Contrary to prior work on driftless linear systems, the absence of analytical expression for time-optimal controls of general linear systems prevents an exact calculation of quantitative resilience. Instead, relying on Lyapunov theory we derive analytical bounds on the nominal and malfunctioning reach times in order to bound quantitative resilience. We illustrate our work on a temperature control system.

Due to the migration megatrend, efficient and effective second-language acquisition is vital. One proposed solution involves AI-enabled conversational agents for person-centered interactive language practice. We present results from ongoing action research targeting quality assurance of proprietary generative dialog models trained for virtual job interviews. The action team elicited a set of 38 requirements for which we designed corresponding automated test cases for 15 of particular interest to the evolving solution. Our results show that six of the test case designs can detect meaningful differences between candidate models. While quality assurance of natural language processing applications is complex, we provide initial steps toward an automated framework for machine learning model selection in the context of an evolving conversational agent. Future work will focus on model selection in an MLOps setting.

The heterogeneity of network traffic features brings quantitative calculation problems to the matching between network data. In order to solve the above fuzzy matching problem between the heterogeneous network feature data, a quantitative matching method for network traffic features is proposed in this paper. By constructing the numerical expression method of network traffic features, the numerical expression of key features of network data is realized. By constructing the suitable section calculation methods for the similarity of different network traffic features, the personalized quantitative matching for heterogeneous network data features is realized according to the actual meaning of different features. By defining the weight of network traffic features, the quantitative importance value of different features is realized. The weighted sum mathematical method is used to accurately calculate the overall similarity value between network data. The effectiveness of the proposed method through experiments is verified. The experimental results show that the proposed matching method can be used to calculate the similarity value between network data, and the quantitative calculation purpose of network traffic feature matching with heterogeneous features is realized.

Considered sensitive information by the ISO/IEC 24745, biometric data should be stored and used in a protected way. If not, privacy and security of end-users can be compromised. Also, the advent of quantum computers demands quantum-resistant solutions. This work proposes the use of Kyber and Saber public key encryption (PKE) algorithms together with homomorphic encryption (HE) in a face recognition system. Kyber and Saber, both based on lattice cryptography, were two finalists of the third round of NIST post-quantum cryptography standardization process. After the third round was completed, Kyber was selected as the PKE algorithm to be standardized. Experimental results show that recognition performance of the non-protected face recognition system is preserved with the protection, achieving smaller sizes of protected templates and keys, and shorter execution times than other HE schemes reported in literature that employ lattices. The parameter sets considered achieve security levels of 128, 192 and 256 bits.

Adversarial attacks have recently been proposed to scrutinize the security of deep neural networks. Most blackbox adversarial attacks, which have partial access to the target through queries, are target-specific; e.g., they require a well-trained surrogate that accurately mimics a given target. In contrast, target-agnostic black-box attacks are developed to attack any target; e.g., they learn a generalized surrogate that can adapt to any target via fine-tuning on samples queried from the target. Despite their success, current state-of-the-art target-agnostic attacks require tremendous fine-tuning steps and consequently an immense number of queries to the target to generate successful attacks. The high query complexity of these attacks makes them easily detectable and thus defendable. We propose a novel query-efficient target-agnostic attack that trains a generalized surrogate network to output the adversarial directions iv.r.t. the inputs and equip it with an effective fine-tuning strategy that only fine-tunes the surrogate when it fails to provide useful directions to generate the attacks. Particularly, we show that to effectively adapt to any target and generate successful attacks, it is sufficient to fine-tune the surrogate with informative samples that help the surrogate get out of the failure mode with additional information on the target’s local behavior. Extensive experiments on CIFAR10 and CIFAR-100 datasets demonstrate that the proposed target-agnostic approach can generate highly successful attacks for any target network with very few fine-tuning steps and thus significantly smaller number of queries (reduced by several order of magnitudes) compared to the state-of-the-art baselines.

We use mobile apps on a daily basis and there is an app for everything. We trust these applications with our most personal data. It is therefore important that these apps are as secure and well usable as possible. So far most studies on the maintenance and security of mobile applications have been done on Android applications. We do, however, not know how well these results translate to iOS.This research project aims to close this gap by analysing iOS applications with regards to maintainability and security. Regarding maintainability, we analyse code smells in iOS applications, the evolution of code smells in iOS applications and compare code smell distributions in iOS and Android applications. Regarding security, we analyse the evolution of the third-party library dependency network for the iOS ecosystem. Additionally, we analyse how publicly reported vulnerabilities spread in the library dependency network.Regarding maintainability, we found that the distributions of code smells in iOS and Android applications differ. Code smells in iOS applications tend to correspond to smaller classes, such as Lazy Class. Regarding security, we found that the library dependency network of the iOS ecosystem is not growing as fast as in some other ecosystems. There are less dependencies on average than for example in the npm ecosystem and, therefore, vulnerabilities do not spread as far.

SCADA systems are one of the critical infrastructures and face many security threats. Attackers can control SCADA systems through network attacks, destroying the normal operation of the power system. It is important to conduct a risk assessment of security threats on SCADA systems. However, existing models for risk assessment using attack trees mainly focus on describing possible intrusions rather than the interaction between threats and defenses. In this paper, we comprehensively consider intrusion likelihood and defense capability and propose a quantitative risk assessment model of security threats based on attack countermeasure tree (ACT). Each leaf node in ACT contains two attributes: exploitable vulnerabilities and defense countermeasures. An attack scenario can be constructed by means of traversing the leaf nodes. We set up six indicators to evaluate the impact of security threats in attack scenarios according to NISTIR 7628 standard. Experimental results show the attack probability of security threats and high-risk attack scenarios in SCADA systems. We can improve defense countermeasures to protect against security threats corresponding to high-risk scenarios. In addition, the model can continually update risk assessments based on the implementation of the system’s defensive countermeasures.

Control room video surveillance is an important source of information for ensuring public safety. To facilitate the process, a Decision-Support System (DSS) designed for the security task force is vital and necessary to take decisions rapidly using a sea of information. In case of mission critical operation, Situational Awareness (SA) which consists of knowing what is going on around you at any given time plays a crucial role across a variety of industries and should be placed at the center of our DSS. In our approach, SA system will take advantage of the human factor thanks to the reinforcement signal whereas previous work on this field focus on improving knowledge level of DSS at first and then, uses the human factor only for decision-making. In this paper, we propose a situational awareness-centric decision-support system framework for mission-critical operations driven by Quality of Experience (QoE). Our idea is inspired by the reinforcement learning feedback process which updates the environment understanding of our DSS. The feedback is injected by a QoE built on user perception. Our approach will allow our DSS to evolve according to the context with an up-to-date SA.

Trojan attacks threaten deep neural networks (DNNs) by poisoning them to behave normally on most samples, yet to produce manipulated results for inputs attached with a particular trigger. Several works attempt to detect whether a given DNN has been injected with a specific trigger during the training. In a parallel line of research, the lottery ticket hypothesis reveals the existence of sparse sub-networks which are capable of reaching competitive performance as the dense network after independent training. Connecting these two dots, we investigate the problem of Trojan DNN detection from the brand new lens of sparsity, even when no clean training data is available. Our crucial observation is that the Trojan features are significantly more stable to network pruning than benign features. Leveraging that, we propose a novel Trojan network detection regime: first locating a “winning Trojan lottery ticket” which preserves nearly full Trojan information yet only chance-level performance on clean inputs; then recovering the trigger embedded in this already isolated sub-network. Extensive experiments on various datasets, i.e., CIFAR-10, CIFAR-100, and ImageNet, with different network architectures, i.e., VGG-16, ResNet-18, ResNet-20s, and DenseNet-100 demonstrate the effectiveness of our proposal. Codes are available at https://github.com/VITA-Group/Backdoor-LTH.

Quantized deep neural networks (QDNNs) are necessary for low-power, high throughput, and embedded applications. Previous studies mostly focused on developing optimization methods for the quantization of given models. However, quantization sensitivity depends on the model architecture. Also, the characteristics of weight and activation quantization are quite different. This study proposes a holistic approach for the optimization of QDNNs, which contains QDNN training methods as well as quantization-friendly architecture design. Synthesized data is used to visualize the effects of weight and activation quantization. The results indicate that deeper models are more prone to activation quantization, while wider models improve the resiliency to both weight and activation quantization.

Smart phones and mobile apps have become an essential part of our daily lives. It is necessary to ensure the quality of these apps. Two important aspects of code quality are maintainability and security. The goals of my PhD project are (1) to study code smells, security issues and their evolution in iOS apps and frameworks, (2) to enhance training and teaching using visualisation support, and (3) to support developers in automatically detecting dependencies to vulnerable library elements in their apps. For each of the three tools, dedicated tool support will be provided, i.e., GraphifyEvolution, VisualiseEvolution, and DependencyEvolution respectively. The tool GraphifyEvolution exists and has been applied to analyse code smells in iOS apps written in Swift. The tool has a modular architecture and can be extended to add support for additional languages and external analysis tools. In the remaining two years of my PhD studies, I will complete the other two tools and apply them in case studies with developers in industry as well as in university teaching.

SDN marks a paradigm shift towards an externalized and logically centralized controller, unlike the legacy networks where control and data planes are tightly coupled. The controller has a comprehensive view of the network, offering flexibility to enforce new traffic engineering policies and easing automation. In SDN, a high performance controller is required for efficient traffic management. In this paper, we conduct a performance evaluation of two distributed SDN controllers, namely ONOS and OpenDayLight. Specifically, we use the Mininet emulation environment to emulate different topologies and the D-ITG traffic generator to evaluate aforementioned controllers based on metrics such as delay, jitter and packet loss. The experimental results show that ONOS provides a significantly higher latency, jitter and low packet loss than OpenDayLight in all topologies. We attribute the poor performance of OpenDayLight to its excessive CPU utilization and propose the use of Hyper-threading to improve its performance. This work provides practitioners in the telecoms industry with guidelines towards making informed controller selection decisions

A Quick Response (QR) Code is a type of barcode that can be read by the digital devices and which stores the information in a square-shaped. The QR Code readers can extract data from the patterns which are presented in the QR Code matrix. A QR Code can be acting as an attack vector that can harm indirectly. In such case a QR Code can carry malicious or phishing URLs and redirect users to a site which is well conceived by the attacker and pretends to be an authorized one. Once the QR Code is decoded the commands are triggered and executed, causing damage to information, operating system and other possible sequence the attacker expects to gain. In this paper, a new model for QR Code authentication and phishing detection has been presented. The proposed model will be able to detect the phishing and malicious URLs in the process of the QR Code validation as well as to prevent the user from validating it. The development of this application will help to prevent users from being tricked by the harmful QR Codes.

A threat of eavesdropping display screen image of information device is caused by unintended EM leakage emanation. QR bar-code is capable of error correction, and its information is possibly read from a damaged screen image from EM leakage. A new design of QR bar-code proposed in this paper uses selected colors in consideration of correlation between the EM wave leakage and display color. Proposed design of QR bar-code keeps error correction of displayed image, and makes it difficult to read information on the eavesdropped image.

Distribution of keys in classical cryptography is one of the most significant affairs to deal with. The computational hardness is the fundamental basis of the security of these keys. However, in the era of quantum computing, quantum computers can break down these keys with their substantially more computation capability than normal computers. For instance, a quantum computer can easily break down RSA or ECC in polynomial time. In order to make the keys quantum resistant, Quantum Key Distribution (QKD) is developed to enforce security of the classical cryptographic keys from the attack of quantum computers. By using quantum mechanics, QKD can reinforce the durability of the keys of classical cryptography, which were practically unbreakable during the pre-quantum era. Thus, an extensive study is required to understand the importance of QKD to make the classical cryptographic key distributions secure against both classical and quantum computers. Therefore, in this paper, we discuss trends and limitations of key management protocols in classical cryptography, and demonstrates a relative study of different QKD protocols. In addition, we highlight the security implementation aspects of QKD, which lead to the solution of threats occurring in a quantum computing scenario, such that the cryptographic keys can be quantum resistant.

Quantum computing is poised to be the innovation driver of the next decade. Its information processing capabilities will radically accelerate drug discovery, improve online security, or even boost artificial intelligence [1]. Building a quantum computer promises to have a major positive impact in society, however building the hardware that will enable that paradigm change its one of the greatest technological challenges for humanity.

At present, in the face of the huge and complex data in cloud computing, the parallel computing ability of quantum computing is particularly important. Quantum principal component analysis algorithm is used as a method of quantum state tomography. We perform feature extraction on the eigenvalue matrix of the density matrix after feature decomposition to achieve dimensionality reduction, proposed quantum principal component extraction algorithm (QPCE). Compared with the classic algorithm, this algorithm achieves an exponential speedup under certain conditions. The specific realization of the quantum circuit is given. And considering the limited computing power of the client, we propose a quantum homomorphic ciphertext dimension reduction scheme (QHEDR), the client can encrypt the quantum data and upload it to the cloud for computing. And through the quantum homomorphic encryption scheme to ensure security. After the calculation is completed, the client updates the key locally and decrypts the ciphertext result. We have implemented a quantum ciphertext dimensionality reduction scheme implemented in the quantum cloud, which does not require interaction and ensures safety. In addition, we have carried out experimental verification on the QPCE algorithm on IBM's real computing platform. Experimental results show that the algorithm can perform ciphertext dimension reduction safely and effectively.

This paper considers a multivariate quickest detection problem with false data injection (FDI) attacks in internet of things (IoT) systems. We derive a sequential generalized likelihood ratio test (GLRT) for zero-mean Gaussian FDI attacks. Exploiting the fact that covariance matrices are positive, we propose strategies to detect positive semi-definite matrix additions rather than arbitrary changes in the covariance matrix. The distribution of the GLRT is only known asymptotically whereas quickest detectors deal with short sequences, thereby leading to loss of performance. Therefore, we use a finite-sample correction to reduce the false alarm rate. Further, we provide a numerical approach to estimate the threshold sequences, which are analytically intractable to compute. We also compare the average detection delay of the proposed detector for constant and varying threshold sequences. Simulations showed that the proposed detector outperforms the standard sequential GLRT detector.

Quantum entanglement gives rise to a range of non-classical effects, which are extensively exploited in quantum computing and quantum communication. Therefore, detection and quantification of entanglement as well as preparation of highly entangled quantum states remain the fundamental objectives in these fields. Much attention has been devoted to the studies of graph states, which play a role of a central resource in quantum error correction, quantum cryptography and practical quantum metrology in the presence of noise.We examine multi-qubit graph states generated by the action of controlled phase shift operators on a separable quantum state of a system, in which all the qubits are in arbitrary identical states. Analytical expression is obtained for the geometric measure of entanglement of a qubit with other qubits in graph states represented by arbitrary graphs. We conclude that this quantity depends on the degree of the vertex corresponding to the qubit, the absolute values of the parameter of the phase shift gate and the parameter of the initial state the gate is acting on. Moreover, the geometric measure of entanglement of certain types of graph states is quantified on the IBM’s quantum computer ibmq\_athens based on the measurements of the mean spin. Namely, we consider states associated with the native connectivity of ibmq\_athens, the claw and the complete graphs. Appropriate protocols are proposed to prepare these states on the quantum computer. The results of quantum computations verify our theoretical findings [1].

Radio is the most important part of any wireless network. Radio Access Network (RAN) has been virtualized and disaggregated into different functions whose location is best defined by the requirements and economics of the use case. This Virtualized RAN (vRAN) architecture separates network functions from the underlying hardware and so 5G can leverage virtualization of the RAN to implement these functions. The easy expandability and manageability of the vRAN support the expansion of the network capacity and deployment of new features and algorithms for streamlining resource usage. In this paper, we try to address the problem of scheduling 5G vRAN with mid-haul network capacity constraints as a combinatorial optimization problem. We transformed it to a Quadratic Unconstrained Binary Optimization (QUBO) problem by using a newly proposed quantum-based algorithm and compared our implementation with existing classical algorithms. This work has demonstrated the advantage of quantum computers in solving a particular optimization problem in the Telecommunication domain and paves the way for solving critical real-world problems using quantum computers faster and better.

In quantum cryptography research area, quantum digital signature is an important research field. To provide a better privacy for users in constructing quantum digital signature, the stronger anonymity of quantum digital signatures is required. Quantum ring signature scheme focuses on anonymity in certain scenarios. Using quantum ring signature scheme, the quantum message signer hides his identity into a group. At the same time, there is no need for any centralized organization when the user uses the quantum ring signature scheme. The group used to hide the signer identity can be immediately selected by the signer himself, and no collaboration between users.Since the quantum finite automaton signature scheme is very efficient quantum digital signature scheme, based on it, we propose a new quantum ring signature scheme. We also showed that the new scheme we proposed is of feasibility, correctness, anonymity, and unforgeability. And furthermore, the new scheme can be implemented only by logical operations, so it is easy to implement.

With the emergence of quantum computers, traditional digital signature schemes based on problems such as large integer solutions and discrete logarithms will no longer be secure, and it is urgent to find effective digital signature schemes that can resist quantum attacks. Lattice cryptography has the advantages of computational simplicity and high security. In this paper, we propose an identity-based digital signature scheme based on the rejection sampling algorithm. Unlike most schemes that use a common Gaussian distribution, this paper uses a bimodal Gaussian distribution, which improves efficiency. The identity-based signature scheme is more convenient for practical application than the traditional certificate-based signature scheme.

Increasing incidents of cyber attacks and evolution of quantum computing poses challenges to secure existing information and communication technologies infrastructure. In recent years, quantum key distribution (QKD) is being extensively researched, and is widely accepted as a promising technology to realize secure networks. Optical fiber networks carry a huge amount of information, and are widely deployed around the world in the backbone terrestrial, submarine, metro, and access networks. Thus, instead of using separate dark fibers for quantum communication, integration of QKD with the existing classical optical networks has been proposed as a cost-efficient solution, however, this integration introduces new research challenges. In this paper, we do a comprehensive survey of the state-of-the-art QKD secured optical networks, which is going to shape communication networks in the coming decades. We elucidate the methods and protocols used in QKD secured optical networks, and describe the process of key establishment. Various methods proposed in the literature to address the networking challenges in QKD secured optical networks, specifically, routing, wavelength and time-slot allocation (RWTA), resiliency, trusted repeater node (TRN) placement, QKD for multicast service, and quantum key recycling are described and compared in detail. This survey begins with the introduction to QKD and its advantages over conventional encryption methods. Thereafter, an overview of QKD is given including quantum bits, basic QKD system, QKD schemes and protocol families along with the detailed description of QKD process based on the Bennett and Brassard-84 (BB84) protocol as it is the most widely used QKD protocol in the literature. QKD system are also prone to some specific types of attacks, hence, we describe the types of quantum hacking attacks on the QKD system along with the methods used to prevent them. Subsequently, the process of point-to-point mechanism of QKD over an optical fiber link is described in detail using the BB84 protocol. Different architectures of QKD secured optical networks are described next. Finally, major findings from this comprehensive survey are summarized with highlighting open issues and challenges in QKD secured optical networks.