Biblio

Topic modeling algorithms from the natural language processing (NLP) discipline have been used for various applications. For instance, topic modeling for the product recommendation systems in the e-commerce systems. In this paper, we briefly reviewed topic modeling applications and then described our proposed idea of utilizing topic modeling approaches for cyber threat intelligence (CTI) applications. We improved the previous work by implementing BERTopic and Top2Vec approaches, enabling users to select their preferred pre-trained text/sentence embedding model, and supporting various languages. We implemented our proposed idea as the new topic modeling module for the Open Web Application Security Project (OWASP) Maryam: Open-Source Intelligence (OSINT) framework. We also described our experiment results using a leaked hacker forum dataset (nulled.io) to attract more researchers and open-source communities to participate in the Maryam project of OWASP Foundation.

The camera constructed by a megahertz range intensity modulation active light source and a kilo-frame rate range fast camera based on compressive sensing (CS) technique for three-dimensional (3D) image acquisition was proposed in this research.

The long-living nature and byte-addressability of persistent memory (PM) amplifies the importance of strong memory protections. This paper develops temporal exposure reduction protection (TERP) as a framework for enforcing memory safety. Aiming to minimize the time when a PM region is accessible, TERP offers a complementary dimension of memory protection. The paper gives a formal definition of TERP, explores the semantics space of TERP constructs, and the relations with security and composability in both sequential and parallel executions. It proposes programming system and architecture solutions for the key challenges for the adoption of TERP, which draws on novel supports in both compilers and hardware to efficiently meet the exposure time target. Experiments validate the efficacy of the proposed support of TERP, in both efficiency and exposure time minimization.

We present a ternary source coding scheme in this paper, which is a special class of low density generator matrix (LDGM) codes. We prove that a ternary linear block LDGM code, whose generator matrix is randomly generated with each element independent and identically distributed, is universal for source coding in terms of the symbol-error rate (SER). To circumvent the high-complex maximum likelihood decoding, we introduce a special class of convolutional LDGM codes, called block Markov superposition transmission of repetition (BMST-R) codes, which are iteratively decodable by a sliding window algorithm. Then the presented BMST-R codes are applied to construct a tandem scheme for Gaussian source compression, where a dead-zone quantizer is introduced before the ternary source coding. The main advantages of this scheme are its universality and flexibility. The dead-zone quantizer can choose a proper quantization level according to the distortion requirement, while the LDGM codes can adapt the code rate to approach the entropy of the quantized sequence. Numerical results show that the proposed scheme performs well for ternary sources over a wide range of code rates and that the distortion introduced by quantization dominates provided that the code rate is slightly greater than the discrete entropy.

In this paper, physical-layer security (PLS) of an underlay cognitive radio network (CRN) operating over cascaded Rayleigh fading channels is examined. In this scenario, a secondary user (SU) transmitter communicates with a SU receiver through a cascaded Rayleigh fading channel while being exposed to eavesdroppers. By harvesting energy from the SU transmitter, a cooperating jammer attempts to ensure the privacy of the transmitted communications. That is, this harvested energy is utilized to generate and spread jamming signals to baffle the information interception at eavesdroppers. Additionally, two scenarios are examined depending on the manner in which eavesdroppers intercept messages; colluding and non-colluding eavesdroppers. These scenarios are compared to determine which poses the greatest risk to the network. Furthermore, the channel cascade effect on security is investigated. Distances between users and the density of non-colluding eavesdroppers are also investigated. Moreover, cooperative jamming-based energy harvesting effectiveness is demonstrated.

Cognitive Radio Network makes intelligent use of the spectrum resources. However, spectrum sensing is vulnerable to numerous harmful assaults. To lower the network's performance, hackers attempt to alter the sensed result. In the fusion centre, blockchain technology is used to make broad judgments on spectrum sensing in order to detect and thwart hostile activities. The sensed local results are hashed using the SHA 3 technique. This improves spectrum sensing precision and effectively thwarts harmful attacks. In comparison to other established techniques like equal gain combining, the simulation results demonstrate higher detection probability and sensing precision. Thus, employing Blockchain technology, cognitive radio network security can be significantly enhanced.

To keep up with the continuous modernization of web applications and to facilitate their development, a large number of new features are introduced to the web platform every year. Although new web features typically undergo a security review, issues affecting the privacy and security of users could still surface at a later stage, requiring the deprecation and removal of affected APIs. Furthermore, as the web evolves, so do the expectations in terms of security and privacy, and legacy features might need to be replaced with improved alternatives. Currently, this process of deprecating and removing features is an ad-hoc effort that is largely uncoordinated between the different browser vendors. This causes a discrepancy in terms of compatibility and could eventually lead to the deterrence of the removal of an API, prolonging potential security threats. In this paper we propose a progressive security mechanism that aims to facilitate and standardize the deprecation and removal of features that pose a risk to users’ security, and the introduction of features that aim to provide additional security guarantees.

We present a novel chaotic laser coding technology of alternate variable secret-key (AVSK) for optics secure communication using alternate variable orbits (AVOs) method. We define the principle of chaotic AVSK encoding and decoding, and introduce a chaotic AVSK communication platform and its coding scheme. And then the chaotic AVSK coding technology be successfully achieved in encrypted optics communications while the presented AVO function, as AVSK, is adjusting real-time chaotic phase space trajectory, where the AVO function and AVSK according to our needs can be immediately variable and adjustable. The coding system characterizes AVSK of emitters. And another combined AVSK coding be discussed. So the system's security enhances obviously because it increases greatly the difficulty for intruders to decipher the information from the carrier. AVSK scheme has certain reference value for the research of chaotic laser secure communication and laser network synchronization.

Cryptocurrencies like Bitcoin have become a popular weapon for illegal activities. They have the characteristics of decentralization and anonymity, which can effectively avoid the supervision of government departments. How to de-anonymize Bitcoin transactions is a crucial issue for regulatory and judicial investigation departments to supervise and combat crimes involving Bitcoin effectively. This paper aims to de-anonymize Bitcoin transactions and present a Bitcoin transaction traceability method based on Bitcoin network traffic analysis. According to the characteristics of the physical network that the Bitcoin network relies on, the Bitcoin network traffic is obtained at the physical convergence point of the local Bitcoin network. By analyzing the collected network traffic data, we realize the traceability of the input address of Bitcoin transactions and test the scheme in the distributed Bitcoin network environment. The experimental results show that this traceability mechanism is suitable for nodes connected to the Bitcoin network (except for VPN, Tor, etc.), and can obtain 47.5% recall rate and 70.4% precision rate, which are promising in practice.

Secured data transmission between one to many authorized users is achieved through Broadcast Encryption (BE). In BE, the source transmits encrypted data to multiple registered users who already have their decrypting keys. The Untrustworthy users, known as Traitors, can give out their secret keys to a hacker to form a pirate decoding system to decrypt the original message on the sly. The process of detecting the traitors is known as Traitor Tracing in cryptography. This paper presents a new Black Box Tracing method that is fully collusion resistant and it is designated as Traitor Tracing in Broadcast Encryption using Vector Keys (TTBE-VK). The proposed method uses integer vectors in the finite field Zp as encryption/decryption/tracing keys, reducing the computational cost compared to the existing methods.

Classic black-box adversarial attacks can take advantage of transferable adversarial examples generated by a similar substitute model to successfully fool the target model. However, these substitute models need to be trained by target models' training data, which is hard to acquire due to privacy or transmission reasons. Recognizing the limited availability of real data for adversarial queries, recent works proposed to train substitute models in a data-free black-box scenario. However, their generative adversarial networks (GANs) based framework suffers from the convergence failure and the model collapse, resulting in low efficiency. In this paper, by rethinking the collaborative relationship between the generator and the substitute model, we design a novel black-box attack framework. The proposed method can efficiently imitate the target model through a small number of queries and achieve high attack success rate. The comprehensive experiments over six datasets demonstrate the effectiveness of our method against the state-of-the-art attacks. Especially, we conduct both label-only and probability-only attacks on the Microsoft Azure online model, and achieve a 100% attack success rate with only 0.46% query budget of the SOTA method [49].

In this paper, a novel composite right/left-handed transmission line (CRLH TL) 3-unit cell is presented for finding excellent time-delay (TD) efficiency of Chipless RFID's True-Time-Delay Lines (TTDLs). RFID (Radio Frequency Identification) is a non-contact automatic identification technology that uses radio frequency (RF) signals to identify target items automatically and retrieve pertinent data without the need for human participation. However, as compared to barcodes, RFID tags are prohibitively expensive and complex to manufacture. Chipless RFID tags are RFID tags that do not contain silicon chips and are therefore less expensive and easier to manufacture. It combines radio broadcasting technology with radar technology. Radio broadcasting technology use radio waves to send and receive voice, pictures, numbers, and symbols, whereas radar technology employs the radio wave reflection theory. Chipless RFID lowers the cost of sensors such as gas, temperature, humidity, and pressure. In addition, Chipless RFID tags can be used as sensors which are also required for security purposes and future IoT applications.

In recent years, body-worn RFID and NFC (near field communication) devices have become one of the principal technologies concurring to the rise of healthcare internet of thing (H-IoT) systems. Similarly, points of care (PoCs) moved increasingly closer to patients to reduce the costs while supporting precision medicine and improving chronic illness management, thanks to timely and frequent feedback from the patients themselves. A typical PoC involves medical sensing devices capable of sampling human health, personal equipment with communications and computing capabilities (smartphone or tablet) and a secure software environment for data transmission to medical centers. Hybrid platforms simultaneously employing NFC and ultra-high frequency (UHF) RFID could be successfully developed for the first sensing layer. An application example of the proposed hybrid system for the monitoring of acute myocardial infarction (AMI) survivors details how the combined use of NFC and UHF-RFID in the same PoC can support the multifaceted need of AMI survivors while protecting the sensitive data on the patient’s health.

Recommenders are central in many applications today. The most effective recommendation schemes, such as those based on collaborative filtering (CF), exploit similarities between user profiles to make recommendations, but potentially expose private data. Federated learning and decentralized learning systems address this by letting the data stay on user's machines to preserve privacy: each user performs the training on local data and only the model parameters are shared. However, sharing the model parameters across the network may still yield privacy breaches. In this paper, we present Rex, the first enclave-based decentralized CF recommender. Rex exploits Trusted execution environments (TEE), such as Intel software guard extensions (SGX), that provide shielded environments within the processor to improve convergence while preserving privacy. Firstly, Rex enables raw data sharing, which ultimately speeds up convergence and reduces the network load. Secondly, Rex fully preserves privacy. We analyze the impact of raw data sharing in both deep neural network (DNN) and matrix factorization (MF) recommenders and showcase the benefits of trusted environments in a full-fledged implementation of Rex. Our experimental results demonstrate that through raw data sharing, Rex significantly decreases the training time by 18.3 x and the network load by 2 orders of magnitude over standard decentralized approaches that share only parameters, while fully protecting privacy by leveraging trustworthy hardware enclaves with very little overhead.

A recommender system is a filtering application based on personalized information from acquired big data to predict a user's preference. Traditional recommender systems primarily rely on keywords or scene patterns. Users' subjective emotion data are rarely utilized for preference prediction. Novel Brain Computer Interfaces hold incredible promise and potential for intelligent applications that rely on collected user data like a recommender system. This paper describes a deep learning method that uses Brain Computer Interfaces (BCI) based neural measures to predict a user's preference on short music videos. Our models are employed on both population-wide and individualized preference predictions. The recognition method is based on dynamic histogram measurement and deep neural network for distinctive feature extraction and improved classification. Our models achieve 97.21%, 94.72%, 94.86%, and 96.34% classification accuracy on two-class, three-class, four-class, and nine-class individualized predictions. The findings provide evidence that a personalized recommender system on an implicit BCI has the potential to succeed.

True Random Number Generator (TRNG) is an important hardware security primitive for system security. TRNGs are capable of providing random bits for initialization vectors in encryption engines, for padding and nonces in authentication protocols and for seeds to pseudo random number generators (PRNG). A TRNG needs to meet the same statistical quality standards as a physical unclonable function (PUF) with regard to randomness and uniqueness, and therefore one can envision a unified architecture for both functions. In this paper, we investigate a FPGA implementation of a TRNG using the Shift-register Reconvergent-Fanout (SiRF) PUF. The SiRF PUF measures path delays as a source of entropy within a engineered logic gate netlist. The delays are measured at high precision using a time-to-digital converter, and then processed into a random bitstring using a series of linear-time mathematical operations. The SiRF PUF algorithm that is used for key generation is reused for the TRNG, with simplifications that improve the bit generation rate of the algorithm. This enables the TRNG to leverage both fixed PUF-based entropy and random noise sources, and makes the TRNG resilient to temperature-voltage attacks. TRNG bitstrings generated from a programmable logic implementation of the SiRF PUF-TRNG on a set of FPGAs are evaluated using statistical testing tools.

An often overlooked but equally important aspect of unmanned aerial system (UAS) design is the security of their networking protocols and how they deal with cyberattacks. In this context, cyberattacks are malicious attempts to monitor or modify incoming and outgoing data from the system. These attacks could target anywhere in the system where a transfer of data occurs but are most common in the transfer of data between the control station and the UAS. A compromise in the networking system of a UAS could result in a variety of issues including increased network latency between the control station and the UAS, temporary loss of control over the UAS, or a complete loss of the UAS. A complete loss of the system could result in the UAS being disabled, crashing, or the attacker overtaking command and control of the platform, all of which would be done with little to no alert to the operator. Fortunately, the majority of higher-end, enterprise, and government UAS platforms are aware of these threats and take actions to mitigate them. However, as the consumer market continues to grow and prices continue to drop, network security may be overlooked or ignored in favor of producing the lowest cost product possible. Additionally, these commercial off-the-shelf UAS often use uniform, standardized frequency bands, autopilots, and security measures, meaning a cyberattack could be developed to affect a wide variety of models with minimal changes. This paper will focus on a low-cost educational-use UAS and test its resilience to a variety of cyberattack methods, including man-in-the-middle attacks, spoofing of data, and distributed denial-of-service attacks. Following this experiment will be a discussion of current cybersecurity practices for counteracting these attacks and how they can be applied onboard a UAS. Although in this case the cyberattacks were tested against a simpler platform, the methods discussed are applicable to any UAS platform attempting to defend against such cyberattack methods.

Amount and variety of training data drastically affect the performance of CNNs. Thus, annotation methods are becoming more and more critical to collect data efficiently. In this paper, we propose a simple yet efficient Interactive Self-Annotation framework to cut down both time and human labor cost for video object bounding box annotation. Our method is based on recurrent self-supervised learning and consists of two processes: automatic process and interactive process, where the automatic process aims to build a supported detector to speed up the interactive process. In the Automatic Recurrent Annotation, we let an off-the-shelf detector watch unlabeled videos repeatedly to reinforce itself automatically. At each iteration, we utilize the trained model from the previous iteration to generate better pseudo ground-truth bounding boxes than those at the previous iteration, recurrently improving self-supervised training the detector. In the Interactive Recurrent Annotation, we tackle the human-in-the-loop annotation scenario where the detector receives feedback from the human annotator. To this end, we propose a novel Hierarchical Correction module, where the annotated frame-distance binarizedly decreases at each time step, to utilize the strength of CNN for neighbor frames. Experimental results on various video datasets demonstrate the advantages of the proposed framework in generating high-quality annotations while reducing annotation time and human labor costs.

Trip planning, which targets at planning a trip consisting of several ordered Points of Interest (POIs) under user-provided constraints, has long been treated as an important application for location-based services. The goal of trip planning is to maximize the chance that the users will follow the planned trip while it is difficult to directly quantify and optimize the chance. Conventional methods either leverage statistical analysis to rank POIs to form a trip or generate trips following pre-defined objectives based on constraint programming to bypass such a problem. However, these methods may fail to reflect the complex latent patterns hidden in the human mobility data. On the other hand, though there are a few deep learning-based trip recommendation methods, these methods still cannot handle the time budget constraint so far. To this end, we propose a TIme-aware Neural Trip Planning (TINT) framework to tackle the above challenges. First of all, we devise a novel attention-based encoder-decoder trip generator that can learn the correlations among POIs and generate trips under given constraints. Then, we propose a specially-designed reinforcement learning (RL) paradigm to directly optimize the objective to obtain an optimal trip generator. For this purpose, we introduce a discriminator, which distinguishes the generated trips from real-life trips taken by users, to provide reward signals to optimize the generator. Subsequently, to ensure the feedback from the discriminator is always instructive, we integrate an adversarial learning strategy into the RL paradigm to update the trip generator and the discriminator alternately. Moreover, we devise a novel pre-training schema to speed up the convergence for an efficient training process. Extensive experiments on four real-world datasets validate the effectiveness and efficiency of our framework, which shows that TINT could remarkably outperform the state-of-the-art baselines within short response time.

We demonstrate an in-house built Endpoint Detection and Response (EDR) for linux systems using open-sourced tools like Osquery and Elastic. The advantage of building an in-house EDR tools against using commercial EDR tools provides both the knowledge and the technical capability to detect and investigate security incidents. We discuss the architecture of the tools and advantages it offers. Specifically, in our method all the endpoint logs are collected at a common server which we leverage to perform correlation between events happening on different endpoints and automatically detect threats like pivoting and lateral movements. We discuss various attacks that can be detected by our tool.

The Domain Name System (DNS) is critical to Internet communications. EDNS Client Subnet (ECS), a DNS extension, allows recursive resolvers to include client subnet information in DNS queries to improve CDN end-user mapping, extending the visibility of client information to a broader range. Major content delivery network (CDN) vendors, content providers (CP), and public DNS service providers (PDNS) are accelerating their IPv6 infrastructure development. With the increasing deployment of IPv6-enabled services and DNS being the most foundational system of the Internet, it becomes important to analyze the behavioral and privacy status of IPv6 resolvers. However, there is a lack of research on ECS for IPv6 DNS resolvers.In this paper, we study the ECS deployment and compliance status of IPv6 resolvers. Our measurement shows that 11.12% IPv6 open resolvers implement ECS. We discuss abnormal noncompliant scenarios that exist in both IPv6 and IPv4 that raise privacy and performance issues. Additionally, we measured if the sacrifice of clients’ privacy can enhance IPv6 CDN performance. We find that in some cases ECS helps end-user mapping but with an unnecessary privacy loss. And even worse, the exposure of client address information can sometimes backfire, which deserves attention from both Internet users and PDNSes.

This paper uses the test tool provided by the Internet Protocol Version 6 (IPv6) Forum to test the protocol conformance of IPv6 devices. The installation and testing process of IPv6 Ready Logo protocol conformance test suite developed by TAHI PROJECT team is described in detail. This section describes the test content and evaluation criteria of the suite, analyzes the problems encountered during the installation and use of the suite, describes the method of analyzing the test results of the suite, and describes the test content added to the latest version of the test suite. The test suite can realize automatic testing, the test cases accurately reflect the requirements of the IPv6 protocol specification, can be used to judge whether IPv6-based Internet of Things(IoT) devices meets the relevant protocol standards.

With the global transition to the IPv6 (Internet Protocol version 6), IP (Internet Protocol) validation efficiency and IPv6 support from the aspect of network programming are gaining more importance. As global computer networks grow in the era of IoT (Internet of Things), IP address validation is an inevitable process for assuring strong network privacy and security. The complexity of IP validation has been increased due to the rather drastic change in the memory architecture needed for storing IPv6 addresses. Low-level programming languages like C/C++ are a great choice for handling memory spaces and working with simple devices connected in an IoT (Internet of Things) network. This paper analyzes some user-defined and open-source implementations of IP validation codes in Boost. Asio and POCO C++ networking libraries, as well as the IP security support provided for general networking purposes and IoT. Considering a couple of sample codes, the paper gives a conclusion on whether these C++ implementations answer the needs for flexibility and security of the upcoming era of IPv6 addressed computers.

To train new staff to be efficient and ready for the tasks assigned is vital. They must be equipped with knowledge and skills so that they can carry out their responsibility to ensure smooth daily working activities. As transitioning to IPv6 has taken place for more than a decade, it is understood that having a dual-stack network is common in any organization or enterprise. However, many Internet users may not realize the importance of IPv6 security due to a lack of awareness and knowledge of cyber and computer security. Therefore, this paper presents an approach to educating people by introducing a security mechanisms model that can be applied in handling security challenges via network sandboxing by setting up an isolated dual stack network testbed using GNS3 to perform network security analysis. The finding shows that applying security mechanisms such as access control lists (ACLs) and host-based firewalls can help counter the attacks. This proves that knowledge and skills to handle dual-stack security are crucial. In future, more kinds of attacks should be tested and also more types of security mechanisms can be applied on a dual-stack network to provide more information and to provide network engineers insights on how they can benefit from network sandboxing to sharpen their knowledge and skills.

Focusing on human experience of vulnerability in everyday life interaction scenarios is still a novel approach. So far, only a proof-of-concept online study has been conducted, and to extend this work, we present a follow-up online study. We consider in more detail how human experience of vulnerability caused by a trust violation through a privacy breach affects trust ratings in an interaction scenario with the PEPPER robot assisting with clothes shopping. We report the results from 32 survey responses and 11 semi-structured interviews. Our findings reveal the existence of the privacy paradox also for studying trust in HRI, which is a common observation describing a discrepancy between the stated privacy concerns by people and their behavior to safeguard it. Moreover, we reflect that participants considered only the added value of utility and entertainment when deciding whether or not to interact with the robot again, but not the privacy breach. We conclude that people might tolerate an untrustworthy robot even when they are feeling vulnerable in the everyday life situation of clothes shopping.