Biblio

Roads are the backbone of our country, they play an important role for human progress. Roads seem to be dangerous and harmful for human beings on hills, near rivers, lakes and small ridges. It's possible with the help of IoT (Internet of things) to incorporate all the things made efficiently and effectively. IoT in combination with roads make daily life smart and excellent. This paper shows IoT technology will be the beginning of smart cities and it will reduce road accidents and collisions. If all vehicles are IoT based and connected with the internet, then an efficient method to guide, it performs urgent action, when less time is available. Internet and antenna technology in combination with IoT perform fully automation in our day-to-day life. It will provide excellent service as well as accuracy and precision.

The Industrial Internet expands the attack surface of industrial control systems(ICS), bringing cybersecurity threats to industrial controllers located in operation technology(OT) networks. Honeypot technology is an important means to detect network attacks. However, the existing honeypot system cannot simulate business logic and is difficult to resist highly concealed APT attacks. This paper proposes a high-simulation ICS security defense framework based on virtualization technology. The framework utilizes virtualization technology to build twins for protected control systems. The architecture can infer the execution results of control instructions in advance based on actual production data, so as to discover hidden attack behaviors in time. This paper designs and implements a prototype system and demonstrates the effectiveness and potential of this architecture for ICS security.

In recent years, technological advancements in the AI and VR fields have increasingly often been paired with considerations on ethics and safety aimed at mitigating unintentional design failures. However, cybersecurity-oriented AI and VR safety research has emphasized the need to additionally appraise instantiations of intentional malice exhibited by unethical actors at pre- and post-deployment stages. On top of that, in view of ongoing malicious deepfake developments that can represent a threat to the epistemic security of a society, security-aware AI and VR design strategies require an epistemically-sensitive stance. In this vein, this paper provides a theoretical basis for two novel AIVR safety research directions: 1) VR as immersive testbed for a VR-deepfake-aided epistemic security training and 2) AI as catalyst within a deepfake-aided so-called cyborgnetic creativity augmentation facilitating an epistemically-sensitive threat modelling. For illustration, we focus our use case on deepfake text – an underestimated deepfake modality. In the main, the two proposed transdisciplinary lines of research exemplify how AIVR safety to defend against unethical actors could naturally converge toward AIVR ethics whilst counteracting epistemic security threats.

We propose versatile hardware framework for ECC. The framework supports arithmetic operations over P-256, Ed25519 and Curve25519 curves, enabling easy implementation of various ECC algorithms. Framework finds its application area e.g. in FIDO2 attestation or in nowadays rapidly expanding field of hardware wallets. As the design is intended to be ASIC-ready, we designed it to be area efficient. Hardware units are reused for calculations in several finite fields, and some of them are superior to previously designed circuits in terms of time-area product. The framework implements several attack countermeasures. It enables implementation of certain countermeasures even in later stages of design. The design was validated on SoC FPGA.

Advanced video compression is required due to the rise of online video content. A strong compression method can help convey video data effectively over a constrained bandwidth. We observed how more internet usage for video conferences, online gaming, and education led to decreased video quality from Netflix, YouTube, and other streaming services in Europe and other regions, particularly during the COVID-19 epidemic. They are represented in standard video compression algorithms as a succession of reference frames after residual frames, and these approaches are limited in their application. Deep learning's introduction and current advancements have the potential to overcome such problems. This study provides a deep learning-based video compression model that meets or exceeds current H.264 standards.

The paper aims to discover vulnerabilities by application of supervisory control theory and to design a defensive supervisor against vulnerability attacks. Supervisory control restricts the system behavior to satisfy the control specifications. The existence condition of the supervisor, sometimes results in undesirable plant behavior, which can be regarded as a vulnerability of the control specifications. We aim to design a more robust supervisor against this vulnerability.

This paper proposes a vehicle violation determination system based on improved YOLOv5 algorithm, which performs vehicle violation determination on a single unit at a single intersection, and displays illegal photos and license plates of illegal vehicles on the webpage. Using the network structure of YOLOv5, modifying the vector output of the Head module, and modifying the rectangular frame detection of the target object to quadrilateral detection, the system can identify vehicles and lane lines with more flexibilities.

Vulnerability detection has always been an essential part of maintaining information security, and the existing work can significantly improve the performance of vulnerability detection. However, due to the differences in representation forms and deep learning models, various methods still have some limitations. In order to overcome this defect, We propose a vulnerability detection method VDBWGDL, based on weight graphs and deep learning. Firstly, it accurately locates vulnerability-sensitive keywords and generates variant codes that satisfy vulnerability trigger logic and programmer programming style through code variant methods. Then, the control flow graph is sliced for vulnerable code keywords and program critical statements. The code block is converted into a vector containing rich semantic information and input into the weight map through the deep learning model. According to specific rules, different weights are set for each node. Finally, the similarity is obtained through the similarity comparison algorithm, and the suspected vulnerability is output according to different thresholds. VDBWGDL improves the accuracy and F1 value by 3.98% and 4.85% compared with four state-of-the-art models. The experimental results prove the effectiveness of VDBWGDL.

Visual Question Answering or VQA is a technique used in diverse domains ranging from simple visual questions and answers on short videos to security. Here in this paper, we talk about the video captcha that will be deployed for user authentication. Randomly any short video of length 10 to 20 seconds will be displayed and automated questions and answers will be generated by the system using AI and ML. Automated Programs have maliciously affected gateways such as login, registering etc. Therefore, in today's environment it is necessary to deploy such security programs that can recognize the objects in a video and generate automated MCQs real time that can be of context like the object movements, color, background etc. The features in the video highlighted will be recorded for generating MCQs based on the short videos. These videos can be random in nature. They can be taken from any official websites or even from your own local computer with prior permission from the user. The format of the video must be kept as constant every time and must be cross checked before flashing it to the user. Once our system identifies the captcha and determines the authenticity of a user, the other website in which the user wants to login, can skip the step of captcha verification as it will be done by our system. A session will be maintained for the user, eliminating the hassle of authenticating themselves again and again for no reason. Once the video will be flashed for an IP address and if the answers marked by the user for the current video captcha are correct, we will add the information like the IP address, the video and the questions in our database to avoid repeating the same captcha for the same IP address. In this paper, we proposed the methodology of execution of the aforementioned and will discuss the benefits and limitations of video captcha along with the visual questions and answering.

Databases are at the heart of modern applications and any threats to them can seriously endanger the safety and functionality of applications relying on the services offered by a DBMS. It is therefore pertinent to identify key risks to the secure operation of a database system. This paper identifies the key risks, namely, SQL injection, weak audit trails, access management issues and issues with encryption. A malicious actor can get help from any of these issues. It can compromise integrity, availability and confidentiality of the data present in database systems. The paper also identifies various means and ways to defend against these issues and remedy them. This paper then proceeds to identify from the literature, the potential solutions to these ameliorate the threat from these vulnerabilities. It proposes the usage of encryption to protect the data from being breached and leveraging encrypted databases such as CryptoDB. Better access control norms are suggested to prevent unauthorized access, modification and deletion of the data. The paper also recommends ways to prevent SQL injection attacks through techniques such as prepared statements.

Human safety has always been the main priority when working near an industrial robot. With the rise of Human-Robot Collaborative environments, physical barriers to avoiding collisions have been disappearing, increasing the risk of accidents and the need for solutions that ensure a safe Human-Robot Collaboration. This paper proposes a safety system that implements Speed and Separation Monitoring (SSM) type of operation. For this, safety zones are defined in the robot's workspace following current standards for industrial collaborative robots. A deep learning-based computer vision system detects, tracks, and estimates the 3D position of operators close to the robot. The robot control system receives the operator's 3D position and generates 3D representations of them in a simulation environment. Depending on the zone where the closest operator was detected, the robot stops or changes its operating speed. Three different operation modes in which the human and robot interact are presented. Results show that the vision-based system can correctly detect and classify in which safety zone an operator is located and that the different proposed operation modes ensure that the robot's reaction and stop time are within the required time limits to guarantee safety.

Since deep learning (DL) can automatically learn features from source code, it has been widely used to detect source code vulnerability. To achieve scalable vulnerability scanning, some prior studies intend to process the source code directly by treating them as text. To achieve accurate vulnerability detection, other approaches consider distilling the program semantics into graph representations and using them to detect vulnerability. In practice, text-based techniques are scalable but not accurate due to the lack of program semantics. Graph-based methods are accurate but not scalable since graph analysis is typically time-consuming. In this paper, we aim to achieve both scalability and accuracy on scanning large-scale source code vulnerabilities. Inspired by existing DL-based image classification which has the ability to analyze millions of images accurately, we prefer to use these techniques to accomplish our purpose. Specifically, we propose a novel idea that can efficiently convert the source code of a function into an image while preserving the program details. We implement Vul-CNN and evaluate it on a dataset of 13,687 vulnerable functions and 26,970 non-vulnerable functions. Experimental results report that VulCNN can achieve better accuracy than eight state-of-the-art vul-nerability detectors (i.e., Checkmarx, FlawFinder, RATS, TokenCNN, VulDeePecker, SySeVR, VulDeeLocator, and Devign). As for scalability, VulCNN is about four times faster than VulDeePecker and SySeVR, about 15 times faster than VulDeeLocator, and about six times faster than Devign. Furthermore, we conduct a case study on more than 25 million lines of code and the result indicates that VulCNN can detect large-scale vulnerability. Through the scanning reports, we finally discover 73 vulnerabilities that are not reported in NVD.

Despite the fact that the power grid is typically regarded as a relatively stable system, outages and electricity shortages are common occurrences. Grid security is mainly dependent on accurate vulnerability assessment. The vulnerability can be assessed in terms of topology-based metrics and flow-based metrics. In this work, power flow analysis is used to calculate the metrics under single line contingency (N-1) conditions. The effect of load uncertainty on system vulnerability is checked. The IEEE 30 bus power network has been used for the case study. It has been found that the variation in load demand affects the system vulnerability.

In recent years, the blackout accident shows that the cause of power failure is not only in the power network, but also in the cyber network. Aiming at the problem of cyber network fault Cyber-physical power systems, combined with the structure and functional attributes of cyber network, the comprehensive criticality of information node is defined. By evaluating the vulnerability of ieee39 node system, it is found that the fault of high comprehensive criticality information node will cause greater load loss to the system. The simulation results show that the comprehensive criticality index can effectively identify the key nodes of the cyber network.

The complexity and scale of modern software programs often lead to overlooked programming errors and security vulnerabilities. Developers often rely on automatic tools, like static analysis tools, to look for bugs and vulnerabilities. Static analysis tools are widely used because they can understand nontrivial program behaviors, scale to millions of lines of code, and detect subtle bugs. However, they are known to generate an excess of false alarms which hinder their utilization as it is counterproductive for developers to go through a long list of reported issues, only to find a few true positives. One of the ways proposed to suppress false positives is to use machine learning to identify them. However, training machine learning models requires good quality labeled datasets. For this purpose, we developed D2A [3], a differential analysis based approach that uses the commit history of a code repository to create a labeled dataset of Infer [2] static analysis output.

The increasing demand for the interconnected IoT based smart grid is facing threats from cyber-attacks due to inherent vulnerability in the smart grid network. There is a pressing need to evaluate and model these vulnerabilities in the network to avoid cascading failures in power systems. In this paper, we propose and evaluate a vulnerability assessment framework based on attack probability for the protection and security of a smart grid. Several factors were taken into consideration such as the probability of attack, propagation of attack from a parent node to child nodes, effectiveness of basic metering system, Kalman estimation and Advanced Metering Infrastructure (AMI). The IEEE-300 bus smart grid was simulated using MATPOWER to study the effectiveness of the proposed framework by injecting false data injection attacks (FDIA); and studying their propagation. Our results show that the use of severity assessment standards such as Common Vulnerability Scoring System (CVSS), AMI measurements and Kalman estimates were very effective for evaluating the vulnerability assessment of smart grid in the presence of FDIA attack scenarios.

Smart grid (SG) is considered the next generation of the traditional power grid. It is mainly divided into three main infrastructures: power system, information and communication infrastructures. Cybersecurity is imperative for information infrastructure and the secure, reliable, and efficient operation of the smart grid. Cybersecurity or a lack of proper implementation thereof poses a considerable challenge to the deployment of SG. Therefore, in this paper, A comprehensive survey of cyber security is presented in the smart grid context. Cybersecurity-related information infrastructure is clarified. The impact of adopting cybersecurity on control and management systems has been discussed. Also, the paper highlights the cybersecurity issues and challenges associated with the control decisions in the smart grid.

Vendor cybersecurity risk assessment is of critical importance to smart city infrastructure and sustainability of the autonomous mobility ecosystem. Lack of engagement in cybersecurity policies and process implementation by the tier companies providing hardware or services to OEMs within this ecosystem poses a significant risk to not only the individual companies but to the ecosystem overall. The proposed quantitative method of estimating cybersecurity risk allows vendors to have visibility to the financial risk associated with potential threats and to consequently allocate adequate resources to cybersecurity. It facilitates faster implementation of defense measures and provides a useful tool in the vendor selection process. The paper focuses on cybersecurity risk assessment as a critical part of the overall company mission to create a sustainable structure for maintaining cybersecurity health. Compound cybersecurity risk and impact on company operations as outputs of this quantitative analysis present a unique opportunity to strategically plan and make informed decisions towards acquiring a reputable position in a sustainable ecosystem. This method provides attack trees and assigns a risk factor to each vendor thus offering a competitive advantage and an insight into the supply chain risk map. This is an innovative way to look at vendor cybersecurity posture. Through a selection of unique industry specific parameters and a modular approach, this risk assessment model can be employed as a tool to navigate the supply base and prevent significant financial cost. It generates synergies within the connected vehicle ecosystem leading to a safe and sustainable economy.

Over earlier years of huge technical developments, the need for a communication system has risen tremendously. Inrecent times, public realm interaction has been a popular area, hence the research group is emphasizing the necessity of quick and efficient broadband speeds, as well as upgraded security protocols. The main objective of this project work is to combine conventional Li-Fi and VLC techniques for video communication. VLC is helping to deliver fast data speeds, bandwidth efficiency, and a relatively secure channel of communication. Li-Fi is an inexpensive wireless communication (WC) system. Li-Fi can transmit information (text, audio, and video) to any electronic device via the LEDs that are positioned in the space to provide lighting. Li-Fi provides more advantages than Wi-Fi, such as security, high efficiency, speed, throughput, and low latency. The information can be transferred based on the flash property of the LED. Communication is accomplished by turning on and off LED lights at a faster pace than the human visual system can detect.

Machine learning (ML) has been applied in prognostics and health management (PHM) to monitor and predict the health of industrial machinery. The use of PHM in production systems creates a cyber-physical, omni-layer system. While ML offers statistical improvements over previous methods, and brings statistical models to bear on new systems and PHM tasks, it is susceptible to performance degradation when the behavior of the systems that ML is receiving its inputs from changes. Natural changes such as physical wear and engineered changes such as maintenance and rebuild procedures are catalysts for performance degradation, and are both inherent to production systems. Drawing from data on the impact of maintenance procedures on ML performance in hydraulic actuators, this paper presents a simulation study that investigates how long it takes for ML performance degradation to create a difference in the throughput of serial production system. In particular, this investigation considers the performance of an ML model learned on data collected before a rebuild procedure is conducted on a hydraulic actuator and an ML model transfer learned on data collected after the rebuild procedure. Transfer learning is able to mitigate performance degradation, but there is still a significant impact on throughput. The conclusion is drawn that ML faults can have drastic, non-linear effects on the throughput of production systems.

Nowadays the use of Wi-Fi has been widely used in public places, such as in restaurants. The use of Wi-Fi in public places has a very large security vulnerability because it is used by a wide variety of visitors. Therefore, this study was conducted to evaluate the security of the WLAN network in restaurants. The methods used are Vulnerability Assessment and Penetration Testing. Penetration Testing is done by conducting several attack tests such as Deauthentication Attack, Evil Twin Attack with Captive Portal, Evil Twin Attack with Sniffing and SSL stripping, and Unauthorized Access.

Recently, the threats of phishing attacks have in-creased. As a countermeasure against phishing attacks, phishing detection systems using deep learning techniques have been considered. However, deep learning techniques are vulnerable to adversarial examples (AEs) that intentionally cause misclassification. When AEs are applied to a deep-learning-based phishing detection system, they pose a significant security risk. Therefore, in this paper, we assess the vulnerability of a phishing detection system by inputting AEs generated based on a dataset that consists of phishing sites’ URLs. Moreover, we consider countermeasures against AEs and clarify whether these defense methods can prevent misclassification.

Training on cues to deception is one of the promising ways of addressing humans’ poor performance in deception detection. However, the effect of training may be subject to the context of deception and the design of training. This study aims to investigate the effect of verbal cue training on the performance of phishing email detection by comparing different designs of training and examining the effect of topic familiarity. Based on the results of a lab experiment, we not only confirm the effect of training but also provide suggestions on how to design training to better facilitate the detection of phishing emails. In addition, our results also discover the effect of topic familiarity on phishing detection. The findings of this study have significant implications for the mitigation and intervention of online deception.

The use of AlNiCo alloys as the low coercive force (LCF) magnet in Variable Flux Memory Machines has been largely discussed in the literature, but similar magnetic materials as FeCrCo are still little explored. This paper proposes the study of a standstill magnetization strategy of a Variable Flux Memory Machine composed by a FeCrCo-based cylindrical rotor. An inverter in DC/DC mode is proposed for injecting short-time currents along the magnetization axis aiming the regulation of the magnetization state of the FeCrCo. A methodology for validating results obtained is defined from the estimation of the remanence and the excitation field characterizing the behavior of the internal recoil lines of the magnet used in the rotor. A study of the armature reaction affecting the machine when q-axis currents supply the machine is proposed by simulation.

In a beyond-5G (B5G) scenario, we consider a virtual private mobile network (VPMN), i.e., a set of user equipments (UEs) directly communicating in a device-to-device (D2D) fashion, and connected to the cellular network by multiple gateways. The purpose of the VPMN is to hide the position of the VPMN UEs to the mobile network operator (MNO). We investigate the design and performance of packet routing inside the VPMN. First, we note that the routing that maximizes the rate between the VPMN and the cellular network leads to an unbalanced use of the gateways by each UE. In turn, this reveals information on the location of the VPMN UEs. Therefore, we derive a routing algorithm that maximizes the VPMN rate, while imposing for each UE the same data rate at each gateway, thus hiding the location of the UE. We compare the performance of the resulting solution, assessing the location privacy achieved by the VPMN, and considering both the case of single hop and multihop in the transmissions from the UEs to the gateways.