Biblio

Software and firmware vulnerabilities pose security threats to photovoltaic (PV) systems. When patches are not available or cannot be timely applied to fix vulnerabilities, it is important to mitigate vulnerabilities such that they cannot be exploited by attackers or their impacts will be limited when exploited. However, the vulnerability mitigation problem for PV systems has received little attention. This paper analyzes known security vulnerabilities in PV systems, proposes a multi-level mitigation framework and various mitigation strategies including neural network-based attack detection inside inverters, and develops a prototype system as a proof-of-concept for building vulnerability mitigation into PV system design.

Internet of Things (IoT) is a sophisticated concept of the traditional internet. In IoT, all things in our lives can be connected with the internet or with each other to exchange data and perform specific functions through the network. However, combining several devices-especially by unskilled users-may pose a number of security risks. In addition, some commonly used communication protocols in the IoT area are not secure. Security, on the other hand, increases overhead by definition, resulting in performance degradation. The Message Queuing Telemetry Transport (MQTT) protocol is a lightweight protocol and can be considered as one of the most popular IoT protocols, it is a publish/subscribe messaging transport protocol that uses a client-server architecture. MQTT is built to run over TCP protocol, thus it does not provide any level of security by default. Therefore, Transport Layer Security (TLS) can be used to ensure the security of the MQTT protocol. This paper analyzed the impact on the performance and security of the MQTT protocol in two cases. The first case, when using TLS protocol to support the security of the MQTT protocol. The second case, using the traditional MQTT without providing any level of security for the exchanged data. The results indicated that there is a tradeoff between the performance and the security when using MQTT protocol with and without the presence of TLS protocol.

SELinux policies used in practice are generally large and complex. As a result, it is difficult for the policy writers to completely understand the policy and ensure that the policy meets the intended security goals. To remedy this, we have developed a tool called SEFlowViz that helps in visualizing the information flows of a policy and thereby helps in creating flow-secure policies. The tool uses the graph database Neo4j to visualize the policy. Along with visualization, the tool also supports extracting various information regarding the policy and its components through queries. Furthermore, the tool also supports the addition and deletion of rules which is useful in converting inconsistent policies into consistent policies.

As permissioned blockchain becomes a common foundation of blockchain-based applications for current organizations, related stakeholders need a means to assess the security risks of the applications. Therefore, this study proposes a security risk management framework for permissioned blockchain applications. The framework divides itself into different implementation stacks and provides guidelines to control the security risks of permissioned blockchain applications. According to the best of our knowledge, this study is the first research that provides a means to evaluate the security risks of permissioned blockchain applications from a holistic point of view. If users can trust the applications that adopted this framework, this study can hopefully contribute to the adoption of permissioned blockchain technologies.

In order to improve the concealment of image steganography, a new method is proposed. The algorithm firstly adopted GM (1, 1) model to detect texture and edge points of carrier image, then embedded secret information in them. GM (1, 1) model of optimized parameters can make full use of pixels information. These pixels are the nearest to the detected point, so it improves the detection accuracy. The method is a kind of steganography based on human visual system. By testing the stegano images with different embedding capacities, the result indicates concealment and image quality of the proposed algorithm are better than BPCS (Bit-plane Complexity Segmentation) and PVD (Pixel-value Differencing), which are also based on visual characteristics.

Digital signal processor (DSP) intellectual property (IP) cores are the underlying hardware responsible for high performance data intensive applications. However an unauthorized IP vendor may counterfeit the DSP IPs and infuse them into the design-chain. Thus fake IPs or integrated circuits (ICs) are unknowingly integrated into consumer electronics (CE) systems, leading to reliability and safety issues for users. The latent solution to this threat is hardware steganography wherein vendor's secret information is covertly inserted into the design to enable detection of counterfeiting. A key-regulated hash-modules chaining based IP steganography is presented in our paper to secure against counterfeiting threat. The proposed approach yielded a robust steganography achieving very high security with regard to stego-key length than previous approaches.

Many portable imaging devices use the operation of "trunc" (rounding towards zero) instead of rounding as the final quantizer for computing DCT coefficients during JPEG compression. We show that this has rather profound consequences for steganography and its detection. In particular, side-informed steganography needs to be redesigned due to the different nature of the rounding error. The steganographic algorithm J-UNIWARD becomes vulnerable to steganalysis with the JPEG rich model and needs to be adjusted for this source. Steganalysis detectors need to be retrained since a steganalyst unaware of the existence of the trunc quantizer will experience 100% false alarm.

This paper proposes 2 multiple layer message security schemes. Information security is carried out through the implementation of cryptography, steganography and image processing techniques. In both schemes, the sensitive data is first encrypted by employing a chaotic function. In the first proposed scheme, LSB steganography is then applied to 2D slices of a 3D image. In the second proposed scheme, a corner detection filter is first applied to the 2D slices of a 3D image, then LSB embedding is carried out in those corner-detected pixels. The number of neighboring pixels used for corner detection is varied and its effect is noted. Performance of the proposed schemes is numerically evaluated using a number of metrics, including the mean squared error (MSE), the peak signal to noise ratio (PSNR), the structure similarity index measure (SSIM), the normalized cross-correlation (NCC), the image fidelity (IF), as well as the image difference (ID). The proposed schemes exhibit superior payload capacity and security in comparison to their counterparts from the literature.

Moving Target Defense (MTD) is a defensive mechanism based on dynamic system reconfiguration to prevent or thwart cyberattacks. In the last years, considerable progress has been made regarding MTD approaches for virtualized environments, and Virtual Machine (VM) migration is the core of most of these approaches. However, VM migration produces system downtime, meaning that each MTD reconfiguration affects system availability. Therefore, a method for a combined evaluation of availability and security is of utmost importance for VM migration-based MTD design. In this paper, we propose a Stochastic Reward Net (SRN) for the probability of attack success and availability evaluation of an MTD based on VM migration scheduling. We study the MTD system under different conditions regarding 1) VM migration scheduling, 2) VM migration failure probability, and 3) attack success rate. Our results highlight the tradeoff between availability and security when applying MTD based on VM migration. The approach and results may provide inputs for designing and evaluating MTD policies based on VM migration.

Mobile Edge Computing may become a prevalent platform to support applications where mobile devices have limited compute, storage, energy and/or data privacy concerns. In this paper, we study the efficient provisioning and management of compute resources in the Edge-to-Cloud continuum for different types of real-time applications with timeliness requirements depending on application-level update rates and communication/compute delays. We begin by introducing a highly stylized network model allowing us to study the salient features of this problem including its sensitivity to compute vs. communication costs, application requirements, and traffic load variability. We then propose an online decentralized service placement algorithm, based on estimating network delays and adapting application update rates, which achieves high service availability. Our results exhibit how placement can be optimized and how a load-balancing strategy can achieve near-optimal service availability in large networks.

Kernel embeddings of distributions have recently gained significant attention in the machine learning community as a data-driven technique for representing probability distributions. Broadly, these techniques enable efficient computation of expectations by representing integral operators as elements in a reproducing kernel Hilbert space. We apply these techniques to the area of stochastic optimal control theory and present a method to compute approximately optimal policies for stochastic systems with arbitrary disturbances. Our approach reduces the optimization problem to a linear program, which can easily be solved via the Lagrangian dual, without resorting to gradient-based optimization algorithms. We focus on discrete- time dynamic programming, and demonstrate our proposed approach on a linear regulation problem, and on a nonlinear target tracking problem. This approach is broadly applicable to a wide variety of optimal control problems, and provides a means of working with stochastic systems in a data-driven setting.

Cyber Physical Systems (CPS) are widely deployed and employed in many recent real applications such as automobiles with sensing technology for crashes to protect passengers, automated homes with various smart appliances and control units, and medical instruments with sensing capability of glucose levels in blood to keep track of normal body function. In spite of their significance, CPS infrastructures are vulnerable to cyberattacks due to the limitations in the computing, processing, memory, power, and transmission capabilities for their endpoint/edge appliances. In this paper, we consider a short systematic investigation for the models and techniques of cyberattacks and threats rate against Cyber Physical Systems with multiple subsystems and redundant elements such as, network of computing devices or storage modules. The cyberattacks are assumed to be externally launched against the Cyber Physical System during a prescribed operational time unit following stochastic distribution models such as Poisson probability distribution, negative-binomial probability distribution and other that have been extensively employed in the literature and proved their efficiency in modeling system attacks and threats.

As malware detection algorithms and methods become more sophisticated, malware authors adopt equally sophisticated evasion mechanisms to defeat them. Anecdotal evidence claims Living-Off-The-Land (LotL) techniques are one of the major evasion techniques used in many malware attacks. These techniques leverage binaries already present in the system to conduct malicious actions. We present the first large-scale systematic investigation of the use of these techniques by malware on Windows systems.In this paper, we analyse how common the use of these native system binaries is across several malware datasets, containing a total of 31,805,549 samples. We identify an average 9.41% prevalence. Our results show that the use of LotL techniques is prolific, particularly in Advanced Persistent Threat (APT) malware samples where the prevalence is 26.26%, over twice that of commodity malware.To illustrate the evasive potential of LotL techniques, we test the usage of LotL techniques against several fully patched Windows systems in a local sandboxed environment and show that there is a generalised detection gap in 10 of the most popular anti-virus products.

Software quality evolution and predictive models to support decisions about resource distribution in software quality assurance tasks are an important part of software engineering research. Recently, a fine-grained just-in-time defect prediction approach was proposed which has the ability to find bug-inducing files within changes instead of only complete changes. In this work, we utilize this approach and improve it in multiple places: data collection, labeling and features. We include manually validated issue types, an improved SZZ algorithm which discards comments, whitespaces and refactorings. Additionally, we include static source code metrics as well as static analysis warnings and warning density derived metrics as features. To assess whether we can save cost we incorporate a specialized defect prediction cost model. To evaluate our proposed improvements of the fine-grained just-in-time defect prediction approach we conduct a case study that encompasses 38 Java projects, 492,241 file changes in 73,598 commits and spans 15 years. We find that static source code metrics and static analysis warnings are correlated with bugs and that they can improve the quality and cost saving potential of just-in-time defect prediction models.

As the latest evolving architecture of space networks, Internet of Satellites (IoSat) is regarded as a promising paradigm in the future beyond 5G and 6G wireless systems. However, due to the extremely large number of satellites and open links, it is challenging to ensure communication security in IoSat, especially for wiretap resisting. To the best of our knowledge, it is an entirely new problem to study the security issue in IoSat, since existing works concerning physical layer security (PLS) in satellite networks mainly focused on the space-to-terrestrial links. It is also noted that, we are the first to investigate PLS problem in IoSat. In light of this, we present in this paper an analytical model of PLS in IoSat where a terrestrial transmitter delivers its information to multi-satellite in the presence of eavesdroppers. By adopting the key parameters such as satellites' deployment density, minimum elevation angle, and orbit height, two major secrecy metric including average secrecy capacity and probability are derived and analyzed. As demonstrated by extensive numerical results, the presented theoretical framework can be utilized to efficiently evaluate the secrecy performance of IoSat, and guide the design and optimization for communication security in such systems.

A secure-enhanced scheme based on deoxyribonucleic acid (DNA) encoding encryption and probabilistic shaping (PS) is proposed. Experimental results verify the superiority of our proposed scheme in the achievement of security and power gain. © 2020 The Author(s).

In this paper, a novel strategy of relay selection and cooperative jammer beamforming is proposed. The proposed scheme selects one node from the intermediate nodes as relay and the rest nodes as friendly jammers. The relay operates in amplify-and-forward (AF) strategy. Jammer weights are derived to null the jamming signals at the destination and relay node and maximize the jamming signal at the eavesdropper. Furthermore, a closed-form optimal solution of power allocation between the selected relay and cooperative jammers is derived. Numerical simulation results show that the proposed scheme can outperform the conventional schemes at the same power consumption.

Spear phishing emails target to specific individual or organization, they are more elaborated, targeted, and harmful than phishing emails. The attackers usually harvest information about the recipient in any available ways, then create a carefully camouflaged email and lure the recipient to perform dangerous actions. In this paper we present a new effective approach to detect spear phishing emails based on machine learning. Firstly we extracted 21 Stylometric features from email, 3 forwarding features from Email Forwarding Relationship Graph Database(EFRGD), and 3 reputation features from two third-party threat intelligence platforms, Virus Total(VT) and Phish Tank(PT). Then we made an improvement on Synthetic Minority Oversampling Technique(SMOTE) algorithm named KM-SMOTE to reduce the impact of unbalanced data. Finally we applied 4 machine learning algorithms to distinguish spear phishing emails from non-spear phishing emails. Our dataset consists of 417 spear phishing emails and 13916 non-spear phishing emails. We were able to achieve a maximum recall of 95.56%, precision of 98.85% and 97.16% of F1-score with the help of forwarding features, reputation features and KM-SMOTE algorithm.

With the high development of Internet technology and the global impacts of Covid-19, a trend of multiple growth is being shown in the business of cross-border e-commerce. The issue of intellectual property rights becomes more obvious in this new mode of trade than in others. China's "14th Five-Year Plan" marked the beginning to implement the strategy of the intellectual property rights for a powerful country. Through the law-and-economics analysis, this paper analyzes the research reports of China's Intellectual Property Court and American Chamber of Commerce, and finds it essential for the cross-border e-commerce to attach great importance to the risk control and protection of property rights. After the analysis and research, on the possible risk of intellectual property rights faced by cross-border e-commerce, it is proposed that enterprises must not only pay attention to but also actively identify and conduct risk warning of the legal risks of their own intellectual property rights as well as the causes of them, so as to put forward corresponding risk control measures and construct prevention and protection mechanisms.

Embedded systems in physically insecure environments are subject to additional security risk via capture by an adversary. A captured microchip device can be reverse engineered to recover internal buffer data that would otherwise be inaccessible through standard IO mechanisms. We consider an adversary who has sufficient ability to gain all internal bits and logic from a device at the time of capture as an unsolved threat. In this paper we present a novel sensing architecture that enhances embedded system security by randomly encoding sensed values. We randomly encode data at the time of sensing to minimize the amount of plaintext data present on a device in buffer memory. We encode using techniques that are unintelligible to an adversary even with full internal bit knowledge. The encoding is decipherable by a trusted home server, and we have provided an architecture to perform this decoding. Our experimental results show the proposed architecture meets timing requirements needed to perform communications with a satellite utilizing short-burst data, such as in remote sensing telemetry and tracking applications.

Recently, information leakage accidents have been continuously occurring due to cyberattacks, and internal information leakage has also been occurring additionally. In this situation, many hacking accidents and DDoS attacks related to IoT are reported, and cyber threat detection field is expanding. Therefore, in this study, the trend related to the commercialization and generalization of IoT technology and the degree of standardization of IoT have been analyzed. Based on the reality of IoT analyzed through this process, research and analysis on what points are required in IoT security control was conducted, and then IoT security control strategy was presented. In this strategy, the IoT environment was divided into IoT device, IoT network/communication, and IoT service/platform in line with the basic strategic framework of 'Pre-response-accident response-post-response', and the strategic direction of security control was established suitable for each of them.

In the security platform of Internet of Things (IoT), a licensed Low Power Wide Area Network (LPWAN) technology, named Narrowband Internet of Things (NB-IoT) is playing a vital role in transferring the information between objects. This technology is preferable for applications having a low data rate. As the number of subscribers increases, attack possibilities raise simultaneously. So securing the transmission between the objects becomes a big task. Bandwidth spoofing is one of the most sensitive attack that can be performed on the communication channel that lies between the access point and user equipment. This research proposal objective is to secure the system from the attack based on Unmanned Aerial vehicles (UAVs) enabled Small Cell Access (SCA) device which acts as an intruder between the user and valid SCA and investigating the scenario when any intruder device comes within the communication range of the NB-IoT enabled device. Here, this article also proposed a mathematical solution for the proposed scenario.

Internet of Things (IoT) is defined as the connection between places and physical objects (i.e., things) over the internet/network via smart computing devices. IoT is a rapidly emerging paradigm that now encompasses almost every aspect of our modern life. As such, it is crucial to ensure IoT devices follow strict security requirements. At the same time, the prevalence of IoT devices offers developers a chance to design and develop Machine Learning (ML)-based intelligent software systems using their IoT devices. However, given the diversity of IoT devices, IoT developers may find it challenging to introduce appropriate security and ML techniques into their devices. Traditionally, we learn about the IoT ecosystem/problems by conducting surveys of IoT developers/practitioners. Another way to learn is by analyzing IoT developer discussions in popular online developer forums like Stack Overflow (SO). However, we are aware of no such studies that focused on IoT developers’ security and ML-related discussions in SO. This paper offers the results of preliminary study of IoT developer discussions in SO. First, we collect around 53K IoT posts (questions + accepted answers) from SO. Second, we tokenize each post into sentences. Third, we automatically identify sentences containing security and ML-related discussions. We find around 12% of sentences contain security discussions, while around 0.12% sentences contain ML-related discussions. There is no overlap between security and ML-related discussions, i.e., IoT developers discussing security requirements did not discuss ML requirements and vice versa. We find that IoT developers discussing security issues frequently inquired about how the shared data can be stored, shared, and transferred securely across IoT devices and users. We also find that IoT developers are interested to adopt deep neural network-based ML models into their IoT devices, but they find it challenging to accommodate those into their resource-constrained IoT devices. Our findings offer implications for IoT vendors and researchers to develop and design novel techniques for improved security and ML adoption into IoT devices.

The blockchain technology evolution in recent times has a hopefulness regarding the impression of self-sovereign identity that has a significant effect on the method of interacting with each other with security over the network. The existing system is not complete and procedural. There arises a different idea of self-sovereign identity methodology. To develop to the possibility, it is necessary to guarantee a better understanding in a proper way. This paper has an in-depth analysis of the attributes of the self-sovereign identity and it affects over the laws of identity that are being explored. The Identity management system(IMS) with no centralized authority is proposed in maintaining the secrecy of records, where as traditional systems are replaced by blockchains and identities are generated cryptographically. This study enables sharing of user data on permissioned blockchain which uses identity-based encryption to maintain access control and data security.

Digital identity is the key to the evolving digital society and economy. Since the inception of digital identity, numerous Identity Management (IDM) systems have been developed to manage digital identity depending on the requirements of the individual and that of organisations. This evolution of IDM systems has provided an incremental process leading to the granting of control of identity ownership and personal data to its user, thus producing an IDM which is more user-centric with enhanced security and privacy. A recently promising IDM known as Self-Sovereign Identity (SSI) has the potential to provide this sovereignty to the identity owner. The Sovrin Network is an emerging SSI service utility enabling self-sovereign identity for all, therefore, its assessment has to be carefully considered with reference to its architecture, working, functionality, strengths and limitations. This paper presents an analysis of the Sovrin Network based on aforementioned features. Firstly, it presents the architecture and components of the Sovrin Network. Secondly, it illustrates the working of the Sovrin Network and performs a detailed analysis of its various functionalities and metrics. Finally, based on the detailed analysis, it presents the strengths and limitations of the Sovrin Network.