Biblio

Recently, the frequent security incidents of the Internet of things make the wearable IOT health monitoring systems (WIHMS) face serious security threats. Aiming at the security requirements of WIHMS identity authentication, Q. Jiang proposed a lightweight device mutual identity authentication solution in 2019. The scheme has good security performance. However, we find that in Jiang’s scheme, in the authentication phase, the server CS needs at least 3 queries and 1 update of the database operation, which affects the overall performance of the system. For this reason, we propose a new device mutual authentication and key agreement protocol. In our protocol, the authentication server only needs to query the server database twice.

Threat Intelligence has been a key part of the success of Intrusion Detection, with several trusted sources leading to wide adoption and greater understanding of new and trending threats to computer networks. Identifying potential threats and live attacks on networks is only half the battle, knowing how to correctly respond to these threats and attacks requires in-depth and domain specific knowledge, which may be unique to subject experts and software vendors. Network Incident Responders and Intrusion Response Systems can benefit from a similar approach to Threat Intel, with a focus on potential Response actions. A qualitative comparison of current Threat Intel Sources and prominent Intrusion Response Systems is carried out to aid in the identification of key requirements to be met to enable the adoption of Response Intel. Building on these requirements, a template for Response Intel is proposed which incorporates standardised models developed by MITRE. Similarly, to facilitate the automated use of Response Intel, a structure for automated Response Actions is proposed.

Software defined networking (SDN) architecture frame- work eases the work of the network administrators by separating the data plane from the control plane. This provides a programmable interface for applications development related to security and management. The centralized logical controller provides more control over the total network, which has complete network visibility. These SDN advantages expose the network to vulnerabilities and the impact of the attacks is much severe when compared to traditional networks, where the network devices have protection from the attacks and limits the occurrence of attacks. In this paper, we proposed an entropy based algorithm in SDN to detect as well as stopping distributed denial of service (DDoS) attacks on the servers or clouds or hosts. Firstly, there explored various attacks that can be launched on SDN at different layers. Basically DDoS is one kind of denial of service attack in which an attacker uses multiple distributed sources for attacking a particular server. Every network in a system has an entropy and an increase in the randomness of probability causes entropy to decrease. In comparison with previous entropy based approaches this approach has higher performance in distinguishing legal and illegal traffics and blocking illegal traffic paths. Linux OS and Mininet Simulator along with POX controller are used to validate the proposed approach. By conducting pervasive simulation along with theoretical analysis this method can definitely detect and stop DDoS attacks automatically.

The traditional data storage method often adopts centralized architecture, which is prone to trust and security problems. This paper proposes a trusted data storage and access control scheme combining blockchain and attribute-based encryption, which allow cyber-physical system (CPS) nodes to realize the fine-grained access control strategy. At the same time, this paper combines the blockchain technology with distributed storage, and only store the access control policy and the data access address on the blockchain, which solves the storage bottleneck of blockchain system. Furthermore, this paper proposes a novel multi-authority attributed-based identification method, which realizes distributed attribute key generation and simplifies the pairwise authentication process of multi-authority. It can not only address the key escrow problem of one single authority, but also reduce the problem of high communication overhead and heavy burden of multi-authority. The analyzed results show that the proposed scheme has better comprehensive performance in trusted data storage and access control for power cyber-physical system.

Trust is of paramount concern for tenants to deploy their security-sensitive services in the cloud. The integrity of virtual machines (VMs) in which these services are deployed needs to be ensured even in the presence of powerful adversaries with administrative access to the cloud. Traditional approaches for solving this challenge leverage trusted computing techniques, e.g., vTPM, or hardware CPU extensions, e.g., AMD SEV. But, they are vulnerable to powerful adversaries, or they provide only load time (not runtime) integrity measurements of VMs. We propose TRIGLAV, a protocol allowing tenants to establish and maintain trust in VM runtime integrity of software and its configuration. TRIGLAV is transparent to the VM configuration and setup. It performs an implicit attestation of VMs during a secure login and binds the VM integrity state with the secure connection. Our prototype's evaluation shows that TRIGLAV is practical and incurs low performance overhead (\textbackslashtextless 6%).

The Transient Public Key Infrastructure or T-PKI is introduced in this paper that allows a transactional approach to attestation, where a Trusted Platform Module (TPM) can stay anonymous to a verifier. In cloud computing and IoT environments, attestation is a critical step in ensuring that the environment is untampered with. With attestation, the verifier would be able to ascertain information about the TPM (such as location, or other system information) that one may not want to disclose. The addition of the Direct Anonymous Attestation added to TPM 2.0 would potentially solve this problem, but it uses the traditional RSA or ECC based methods. In this paper, a Lattice-based approach is used that is both quantum safe, and not dependent on creating a new key pair in order to increase anonymity.

The design of tiny trust anchors attracted much attention over the past decade, to secure low-end MCU-s that cannot afford more expensive security mechanisms. In particular, hardware/software (hybrid) co-designs offer low hardware cost, while retaining similar security guarantees as (more expensive) hardware-based techniques. Hybrid trust anchors support security services (such as remote attestation, proofs of software update/erasure/reset, and proofs of remote software execution) in resource-constrained MCU-s, e.g., MSP430 and AVR AtMega32. Despite these advances, detection of control-flow attacks in low-end MCU-s remains a challenge, since hardware requirements for the cheapest mitigation techniques are often more expensive than the MCU-s themselves. In this work, we tackle this challenge by designing Tiny-CFA - a Control-Flow Attestation (CFA) technique with a single hardware requirement - the ability to generate proofs of remote software execution (PoX). In turn, PoX can be implemented very efficiently and securely in low-end MCU-s. Consequently, our design achieves the lowest hardware overhead of any CFA technique, while relying on a formally verified PoX as its sole hardware requirement. With respect to runtime overhead, Tiny-CFA also achieves better performance than prior CFA techniques based on code instrumentation. We implement and evaluate Tiny-CFA, analyze its security, and demonstrate its practicality using real-world publicly available applications.

The industrial revolution 4.0 has become a challenge for various sectors in mastering information technology, one of which is the arts and culture sector. Cultural arts that are quite widely spread and developed in Indonesia are traditional masks. Traditional masks are one of the oldest and most beautiful cultures in Indonesia. However, with the development of the era to the digital world in the era of the industrial revolution 4.0, this beloved culture is fading due to the entry of foreign cultures and technological developments. Many young people who succeed the nation do not understand this cultural art, namely traditional masks. So those cultural arts such as traditional masks can still keep up with the development of digital technology in industry 4.0, we conduct research to use technology to preserve this traditional mask culture. The research uses the ADDIE method starting with Analyze, Design, Develop, Implement, and Evaluate. We took some examples of traditional masks such as Malangan masks, Cirebon masks, and Panji masks from several regions in Indonesia. This research implements marker-based Augmented reality technology and makes a traditional mask book that can be a means of augmented reality.

There will be a fatal risk when the submitted file is stolen or altered by someone else during the file submission process. To maintain the security of sending files from sender to recipient, it is necessary to secure files. The science of maintaining the security of messages is called cryptography. The authors were interested in examining the Three Pass Protocol scheme in this study because it eliminated the necessity for sender and receiver to exchange keys during the operation of the Hill Cipher 3x3 algorithm. The Hill Cipher algorithm was chosen because the key has an inverse and matrix-shaped value. Then the key used must be checked whether it has a GCD (Greatest Common Divisor) grade 1 or not and will be shaped like matrix. System implementation using the Java programming language using Android Studio software. System testing is done by encrypting and decrypting files. System testing results illustrate that the process encryption and decryption by the sender is faster than the recipient, so the encryption and decryption time needed directly proportional; the larger the pixel size of the image on the image file used, the longer it takes.

As machine learning approaches are increasingly used to augment human decision-making, eXplainable Artificial Intelligence (XAI) research has explored methods for communicating system behavior to humans. However, these approaches often fail to account for the affective responses of humans as they interact with explanations. Facial affect analysis, which examines human facial expressions of emotions, is one promising lens for understanding how users engage with explanations. Therefore, in this work, we aim to (1) identify which facial affect features are pronounced when people interact with XAI interfaces, and (2) develop a multitask feature embedding for linking facial affect signals with participants' use of explanations. Our analyses and results show that the occurrence and values of facial AU1 and AU4, and Arousal are heightened when participants fail to use explanations effectively. This suggests that facial affect analysis should be incorporated into XAI to personalize explanations to individuals' interaction styles and to adapt explanations based on the difficulty of the task performed.

Digitalisation of domains such as medical and railway utilising cloud and networking technologies such as 5G and forthcoming 6G systems presents additional security challenges. The establishment of the identity, integrity and provenance of devices, services and other functional components removed a number of attack vectors and addresses a number of so called zero-trust security requirements. The addition of trusted hardware, such as TPM, and related remote attestation integrated with the networking and cloud infrastructure will be necessary requirement.

We study the problem of randomized Leader Election in synchronous distributed networks with indistinguishable nodes. We consider algorithms that work on networks of arbitrary topology in two settings, depending on whether the size of the network, i.e., the number of nodes \$n\$, is known or not. In the former setting, we present a new Leader Election protocol that improves over previous work by lowering message complexity and making it close to a lower bound by a factor in \$$\backslash$widetildeO($\backslash$sqrtt\_mix$\backslash$sqrt$\backslash$Phi)\$, where $\Phi$ is the conductance and \textsubscriptmix is the mixing time of the network graph. We then show that lacking the network size no Leader Election algorithm can guarantee that the election is final with constant probability, even with unbounded communication. Hence, we further classify the problem as Leader Election (the classic one, requiring knowledge of \$n\$ - as is our first protocol) or Revocable Leader Election, and present a new polynomial time and message complexity Revocable Leader Election algorithm in the setting without knowledge of network size. We analyze time and message complexity of our protocols in the CONGEST model of communication.

This paper presents a method optimizing the thrust force of a Micro Electro Mechanical System (MEMS) Permanent Magnet Linear Motor, based on harmonic current injection. Fourier decomposition is implemented to the air gap flux density of the motor to derive the fitting expression of the thrust force dependent to exciting current. Through analyzing the thrust force ripple of sinusoidal current excitement, the paper comes up with the strategy of harmonic current injection to eliminate the ripple component in the thrust force waveform. Mathematical demonstration is given that injecting harmonic current can totally eliminate the ripple caused by odd component of vertical air gap magnetic induction intensity. Simulation verification is implemented based on the 3rd and 7th harmonic injection control strategy, proving that the method is feasible for the thrust ripple is reduced to 4.3% of the value before optimazation. Experimental results lead to the consistent conclusion that the strategy shows good steady-state and dynamic performance.

Mitigation of dangers posed by authorized and trusted insiders to the organization is a challenging Cyber Security issue. Despite state-of-the-art cyber security practices, malicious insiders present serious threat for the enterprises due to their wider access to organizational resources (Physical, Cyber) and good knowledge of internal processes with potential vulnerabilities. The issue becomes particularly important for isolated (air-gapped) computer networks, normally used by security sensitive organizations such as government, research and development, critical infrastructure (e.g. power, nuclear), finance, and military. Such facilities are difficult to compromise from outside; however, are quite much prone to insider threats. Although many insider threat taxonomies exist for generic computer networks; yet, the existing taxonomies do not effectively address the issue of Insider Threat in isolated computer networks. Thereby, we have developed an insider threat taxonomy specific to isolated computer networks focusing on actions performed by the trusted individual(s), Our methodology is to identify limitations in existing taxonomies and map real world insider threat cases on proposed taxonomy. We argue that for successful attack in an isolated computer network, the attack must manifest in both Physical and Cyber world. The proposed taxonomy systematically classifies different aspects of the problem into separate dimensions and branches out these dimensions into further sub-categories without loss of general applicability. Our multi-dimensional hierarchical taxonomy provides comprehensive treatment of the insider threat problem in isolated computer networks; thus, improving situational awareness of the security analyst and helps in determining proper countermeasures against perceived threats. Although many insider threat taxonomies exist for generic computer networks; yet, the existing taxonomies do not effectively address the issue of Insider Threat in isolated computer networks. Thereby, we have developed an insider threat taxonomy specific to isolated computer networks focusing on actions performed by the trusted individual(s), Our methodology is to identify limitations in existing taxonomies and map real world insider threat cases on proposed taxonomy. We argue that for successful attack in an isolated computer network, the attack must manifest in both Physical and Cyber world. The proposed taxonomy systematically classifies different aspects of the problem into separate dimensions and branches out these dimensions into further sub-categories without loss of general applicability. Our multi-dimensional hierarchical taxonomy provides comprehensive treatment of the insider threat problem in isolated computer networks; thus, improving situational awareness of the security analyst and helps in determining proper countermeasures against perceived threats. The proposed taxonomy systematically classifies different aspects of the problem into separate dimensions and branches out these dimensions into further sub-categories without loss of general applicability. Our multi-dimensional hierarchical taxonomy provides comprehensive treatment of the insider threat problem in isolated computer networks; thus, improving situational awareness of the security analyst and helps in determining proper countermeasures against perceived threats.

Critical infrastructures have to withstand advanced and persistent threats, which can be addressed using Byzantine fault tolerant state-machine replication (BFT-SMR). In practice, unattended cyberdefense systems rely on threat level detectors that synchronously inform them of changing threat levels. However, to have a BFT-SMR protocol operate unattended, the state-of-the-art is still to configure them to withstand the highest possible number of faulty replicas \$f\$ they might encounter, which limits their performance, or to make the strong assumption that a trusted external reconfiguration service is available, which introduces a single point of failure. In this work, we present ThreatAdaptive the first BFT-SMR protocol that is automatically strengthened or optimized by its replicas in reaction to threat level changes. We first determine under which conditions replicas can safely reconfigure a BFT-SMR system, i.e., adapt the number of replicas \$n\$ and the fault threshold \$f\$ so as to outpace an adversary. Since replicas typically communicate with each other using an asynchronous network they cannot rely on consensus to decide how the system should be reconfigured. ThreatAdaptive avoids this pitfall by proactively preparing the reconfiguration that may be triggered by an increasing threat when it optimizes its performance. Our evaluation shows that ThreatAdaptive can meet the latency and throughput of BFT baselines configured statically for a particular level of threat, and adapt 30% faster than previous methods, which make stronger assumptions to provide safety.

Advanced Persistent Threats (APT) consist of most skillful hackers who employ sophisticated techniques to stealthily gain unauthorized access to private networks and exfiltrate sensitive data. When their existence is discovered, organizations - if they can sustain business continuity - mostly have to perform forensics activities to assess the damage of the attack and discover the extent of sensitive data leakage. In this paper, we construct a novel framework to pinpoint sensitive data that may have been leaked in such an attack. Our framework consists of creating baseline fingerprints for each workstation for setting normal activity, and we consider the change in the behavior of the network overall. We compare the accused fingerprint with sensitive database information by utilizing both Levenstein distance and TF-IDF/cosine similarity resulting in a similarity percentage. This allows us to pinpoint what part of data was exfiltrated by the perpetrators, where in the network the data originated, and if that data is sensitive to the private company's network. We then perform feasibility experiments to show that even these simple methods are feasible to run on a network representative of a mid-size business.

Cognitive Radio Networks (CRNs) promise efficient spectrum utilization by operating over the unused frequencies where Vehicular Ad-hoc Networks (VANETs) facilitate information exchanging among vehicles to avoid accidents, collisions, congestion, etc. Thus, CR enabled vehicular networks (CR-VANETs), a thriving area in wireless communication research, can be the enabler of Intelligent Transportation Systems (ITS) and autonomous driver-less vehicles. Similar to others, efficient and reliable communication in CR-VANETs is vital. Besides, security in such networks may exhibit unique characteristics for overall data transmission performance. For efficient and reliable communication, the proposed routing protocol considers the mobility patterns, spectrum availability, and trustworthiness to be the routing metrics. Hence, the protocol considers the vehicle's speed, mobility direction, inter-vehicles distance, and node's reliability to estimate the mobility patterns of a node. Besides, a trust-based reliability factor is also introduced to ensure secure communications by detecting malicious nodes or other external threats. Therefore, the proposed protocol detects malicious nodes by establishing trustworthiness among nodes and preserves security. Simulation is conducted for performance evaluation that shows the proposed routing selects the efficient routing path by discarding malicious nodes from the network and outperforms the existing routing protocols.

Cyber attacks are becoming increasingly frequent, sophisticated, and stealthy. This makes it harder for cyber defence teams to keep up, forcing them to automate their defence capabilities in order to improve their reactivity and efficiency. Therefore, we propose a fully automated cyber defence framework that no longer needs support from humans to detect and mitigate attacks within a complex infrastructure. We design our framework based on a real-world case - Locked Shields - the world's largest cyber defence exercise. In this exercise, teams have to defend their networked infrastructure against attacks, while maintaining operational services for their users. Our framework architecture connects various cyber sensors with network, device, application, and user actuators through an artificial intelligence (AI)-powered automated team in order to dynamically secure the cyber environment. To the best of our knowledge, our framework is the first attempt towards a fully automated cyber defence team that aims at protecting complex environments from sophisticated attacks.

By leveraging the advancements in Information and Communication Technologies (ICT), Smart Grid (SG) aims to modernize the traditional electric power grid towards efficient distribution and reliable management of energy in the electrical domain. The SG Advanced Metering Infrastructure (AMI) contains numerous smart meters, which are deployed throughout the distribution grid. However, these smart meters are susceptible to cyberthreats that aim to disrupt the normal operation of the SG. Cyberattacks can have various consequences in the smart grid, such as incorrect customer billing or equipment destruction. Therefore, these devices should operate on a trusted basis in order to ensure the availability, confidentiality, and integrity of the metering data. In this paper, we propose a Markov chain trust model that determines the Trust Value (TV) for each AMI device based on its behavior. Finally, numerical computations were carried out in order to investigate the reaction of the proposed model to the behavior changes of a device.

Surface acoustic wave devices based on LiNbO3/interlayer/substrate layered structure have attracted great attention due to the high electromechanical coupling coefficient (K2) of LiNbO3 and the energy confinement effect of the layered structure. In this study, 30° YX-LiNbO3 (LN)/SiO2/Si multilayered structure, which can excited shear-horizontal surface acoustic wave (SH-SAW) with high K2, was proposed. The optimized orientation of LiNbO3 was verified by the effective permittivity method based on the stiffness matrix. The phase velocity, K2 value, and temperature coefficient of frequency (TCF) of the SH-SAW were calculated as a function of the LiNbO3 thickness at different thicknesses of the SiO2 in 30° YX-LiNbO3/SiO2/Si multilayer structure by finite element method (FEM). The results show that the optimized LiNbO3 thickness is 0.1 and the optimized SiO2 thickness is 0.2λ. The optimized Al electrode thickness and metallization ratio are 0.07 and 0.4, respectively. The K2 of the SH-SAW is 29.89%, the corresponding phase velocity is 3624.00 m/s and TCF is about 10 ppm/°C with the optimized IDT/30° YX-LiNbO3/SiO2/Si layered structure.

The Internet of Things (IoT) is an evolving network of billions of interconnected physical objects, such as, numerous sensors, smartphones, wearables, and embedded devices. These physical objects, generally referred to as the smart objects, when deployed in real-world aggregates useful information from their surrounding environment. As-of-late, this notion of IoT has been extended to incorporate the social networking facets which have led to the promising paradigm of the `Social Internet of Things' (SIoT). In SIoT, the devices operate as an autonomous agent and provide an exchange of information and services discovery in an intelligent manner by establishing social relationships among them with respect to their owners. Trust plays an important role in establishing trustworthy relationships among the physical objects and reduces probable risks in the decision making process. In this paper, a trust computational model is proposed to extract individual trust features in a SIoT environment. Furthermore, a machine learning-based heuristic is used to aggregate all the trust features in order to ascertain an aggregate trust score. Simulation results illustrate that the proposed trust-based model isolates the trustworthy and untrustworthy nodes within the network in an efficient manner.

The exceptional attributes of impromptu network of being framework less, self-composed and unconstrained make the task more challenging to secure it. In mobile Ad-hoc network nodes reliant on one another for transmitting information, that make MANET helpless against different sorts of security attacks. These security attacks can be arranged as Passive and Active attacks. Wormhole is an Active attack and considered generally risky as it can make significant harm routing. Various secure routing mechanism has been created are based on cryptography mechanism, need pre-organized structure, centralized authority, or need external hardware, etc. These components are unreasonable due to restricted accessible assets in MANET. In this paper, we are proposing an effective trust-based mechanism based on the concept of Node to Node packet delay for the detection of the malevolent node of wormhole. The trust value of each node is calculated by observing the packet transaction among adjacent nodes and later this trust value is used for identification of malevolent node. Based on the trust values, further routing decisions and selecting a secured route can be perform.

RPL, the IPv6 Routing Protocol for low-power and lossy networks, was standardized by the Internet Engineering Task Force (IETF) in 2011. It is developed to connect resource constrained devices enabled by low-power and lossy networks (LLNs). RPL prominently becomes the routing protocol for IoT. However, the RPL protocol is facing many challenges such as trustworthiness among the nodes which need to be addressed and resolved to make the network secure and efficient. In this paper, a multicasting technique is developed that is based on trust mechanism to resolve this issue. This mechanism manages and protects the network from untrusted nodes which can hamper the security and result in delayed and distorted transmission of data. It allows any node to decide whether to trust other nodes or not during the construction of the topology. This is then proved efficient by comparing it with broadcasting nature of the transmission among the nodes in terms of energy, throughput, percentage of alive and dead nodes.

Opportunistic routing (OR) is gaining popularity in low-duty wireless sensor network (WSN), so the need for efficient and reliable data transmission is becoming more essential. Reliable transmission is only feasible if the routing protocols are secure and efficient. Due to high energy consumption, current cryptographic schemes for WSN are not suitable. Trust-based OR will ensure security and reliability with fewer resources and minimum energy consumption. OR selects the set of potential candidates for each sensor node using a prioritized metric by load balancing among the nodes. This paper introduces a trust-based load-balanced OR for duty-cycled wireless sensor networks. The candidates are prioritized on the basis of a trusted OR metric that is divided into two parts. First, the OR metric is based on the average of four probability distributions: the distance from node to sink distribution, the expected number of hops distribution, the node degree distribution, and the residual energy distribution. Second, the trust metric is based on the average of two probability distributions: the direct trust distribution and the recommended trust distribution. Finally, the trusted OR metric is calculated by multiplying the average of two metrics distributions in order to direct more traffic through the higher priority nodes. The simulation results show that our proposed protocol provides a significant improvement in the performance of the network compared to the benchmarks in terms of energy consumption, end to end delay, throughput, and packet delivery ratio.

Unauthorized access or intrusion is a massive threatening issue in the modern era. This study focuses on designing a model for an ideal intrusion detection system capable of defending a network by alerting the admins upon detecting any sorts of malicious activities. The study proposes a two layered anomaly-based detection model that uses filter co-relation method for dimensionality reduction along with Random forest and Support Vector Machine as its classifiers. It achieved a very good detection rate against all sorts of attacks including a low rate of false alarms as well. The contribution of this study is that it could be of a major help to the computer scientists designing good intrusion detection systems to keep an industry or organization safe from the cyber threats as it has achieved the desired qualities of a functional IDS model.