Biblio

Found 216 results

Filters: Keyword is Analytical models  [Clear All Filters]
2021-04-08
Nakamura, R., Kamiyama, N..  2020.  Analysis of Content Availability at Network Failure in Information-Centric Networking. 2020 16th International Conference on Network and Service Management (CNSM). :1–7.
In recent years, ICN (Information-Centric Networking) has been under the spotlight as a network that mainly focuses on transmitted and received data rather than on the hosts that transmit and receive data. Generally, the communication networks such as ICNs are required to be robust against network failures caused by attacks and disasters. One of the metrics for the robustness of conventional host-centric networks, e.g., TCP/IP network, is reachability between nodes in the network after network failures, whereas the key metric for the robustness of ICNs is content availability. In this paper, we focus on an arbitrary ICN network and derive the content availability for a given probability of node removal. Especially, we analytically obtain the average content availability over an entire network in the case where just a single path from a node to a repository, i.e., contents server, storing contents is available and where multiple paths to the repository are available, respectively. Furthermore, through several numerical evaluations, we investigate the effect of the structure of network topology as well as the pattern and scale of the network failures on the content availability in ICN. Our findings include that, regardless of patterns of network failures, the content availability is significantly improved by caching contents at routers and using multiple paths, and that the content availability is more degraded at cluster-based node removal compared with random node removal.
2021-07-07
Fan, Xiaosong.  2020.  Analysis of the Design of Digital Video Security Monitoring System Based on Bee Population Optimization Algorithm. 2020 IEEE 3rd International Conference on Information Systems and Computer Aided Education (ICISCAE). :339–342.
With the concept of “wireless city”, 3G, WIFI and other wireless network coverages have become more extensive. Data transmission rate has achieved a qualitative leap, providing feasibility for the implementation of mobile video surveillance solutions. The mobile video monitoring system based on the bee population optimization algorithm proposed in this paper makes up for the defects of traditional network video surveillance, and according to the video surveillance system monitoring command, the optimal visual effect of the current state of the observed object can be rendered quickly and steadily through the optimization of the camera linkage model and simulation analysis.
2021-09-16
Almohri, Hussain M. J., Watson, Layne T., Evans, David.  2020.  An Attack-Resilient Architecture for the Internet of Things. IEEE Transactions on Information Forensics and Security. 15:3940–3954.
With current IoT architectures, once a single device in a network is compromised, it can be used to disrupt the behavior of other devices on the same network. Even though system administrators can secure critical devices in the network using best practices and state-of-the-art technology, a single vulnerable device can undermine the security of the entire network. The goal of this work is to limit the ability of an attacker to exploit a vulnerable device on an IoT network and fabricate deceitful messages to co-opt other devices. The approach is to limit attackers by using device proxies that are used to retransmit and control network communications. We present an architecture that prevents deceitful messages generated by compromised devices from affecting the rest of the network. The design assumes a centralized and trustworthy machine that can observe the behavior of all devices on the network. The central machine collects application layer data, as opposed to low-level network traffic, from each IoT device. The collected data is used to train models that capture the normal behavior of each individual IoT device. The normal behavioral data is then used to monitor the IoT devices and detect anomalous behavior. This paper reports on our experiments using both a binary classifier and a density-based clustering algorithm to model benign IoT device behavior with a realistic test-bed, designed to capture normal behavior in an IoT-monitored environment. Results from the IoT testbed show that both the classifier and the clustering algorithms are promising and encourage the use of application-level data for detecting compromised IoT devices.
Conference Name: IEEE Transactions on Information Forensics and Security
2021-09-07
Choi, Ho-Jin, Lee, Young-Jun.  2020.  Deep Learning Based Response Generation using Emotion Feature Extraction. 2020 IEEE International Conference on Big Data and Smart Computing (BigComp). :255–262.
Neural response generation is to generate human-like response given human utterance by using a deep learning. In the previous studies, expressing emotion in response generation improve user performance, user engagement, and user satisfaction. Also, the conversational agents can communicate with users at the human level. However, the previous emotional response generation model cannot understand the subtle part of emotions, because this model use the desired emotion of response as a token form. Moreover, this model is difficult to generate natural responses related to input utterance at the content level, since the information of input utterance can be biased to the emotion token. To overcome these limitations, we propose an emotional response generation model which generates emotional and natural responses by using the emotion feature extraction. Our model consists of two parts: Extraction part and Generation part. The extraction part is to extract the emotion of input utterance as a vector form by using the pre-trained LSTM based classification model. The generation part is to generate an emotional and natural response to the input utterance by reflecting the emotion vector from the extraction part and the thought vector from the encoder. We evaluate our model on the emotion-labeled dialogue dataset: DailyDialog. We evaluate our model on quantitative analysis and qualitative analysis: emotion classification; response generation modeling; comparative study. In general, experiments show that the proposed model can generate emotional and natural responses.
2021-08-11
Nan, Satyaki, Brahma, Swastik, Kamhoua, Charles A., Njilla, Laurent L..  2020.  On Development of a Game‐Theoretic Model for Deception‐Based Security. Modeling and Design of Secure Internet of Things. :123–140.
This chapter presents a game‐theoretic model to analyze attack–defense scenarios that use fake nodes (computing devices) for deception under consideration of the system deploying defense resources to protect individual nodes in a cost‐effective manner. The developed model has important applications in the Internet of Battlefield Things (IoBT). Our game‐theoretic model illustrates how the concept of the Nash equilibrium can be used by the defender to intelligently choose which nodes should be used for performing a computation task while deceiving the attacker into expending resources for attacking fake nodes. Our model considers the fact that defense resources may become compromised under an attack and suggests that the defender, in a probabilistic manner, may utilize unprotected nodes for performing a computation while the attacker is deceived into attacking a node with defense resources installed. The chapter also presents a deception‐based strategy to protect a target node that can be accessed via a tree network. Numerical results provide insights into the strategic deception techniques presented in this chapter.
2021-09-21
Petrenko, Sergei A., Petrenko, Alexey S., Makoveichuk, Krystina A., Olifirov, Alexander V..  2020.  "Digital Bombs" Neutralization Method. 2020 IEEE Conference of Russian Young Researchers in Electrical and Electronic Engineering (EIConRus). :446–451.
The article discusses new models and methods for timely identification and blocking of malicious code of critically important information infrastructure based on static and dynamic analysis of executable program codes. A two-stage method for detecting malicious code in the executable program codes (the so-called "digital bombs") is described. The first step of the method is to build the initial program model in the form of a control graph, the construction is carried out at the stage of static analysis of the program. The article discusses the purpose, features and construction criteria of an ordered control graph. The second step of the method is to embed control points in the program's executable code for organizing control of the possible behavior of the program using a specially designed recognition automaton - an automaton of dynamic control. Structural criteria for the completeness of the functional control of the subprogram are given. The practical implementation of the proposed models and methods was completed and presented in a special instrumental complex IRIDA.
2021-02-08
Moormann, L., Mortel-Fronczak, J. M. van de, Fokkink, W. J., Rooda, J. E..  2020.  Exploiting Symmetry in Dependency Graphs for Model Reduction in Supervisor Synthesis. 2020 IEEE 16th International Conference on Automation Science and Engineering (CASE). :659–666.
Supervisor synthesis enables the design of supervisory controllers for large cyber-physical systems, with high guarantees for functionality and safety. The complexity of the synthesis problem, however, increases exponentially with the number of system components in the cyber-physical system and the number of models of this system, often resulting in lengthy or even unsolvable synthesis procedures. In this paper, a new method is proposed for reducing the model of the system before synthesis to decrease the required computational time and effort. The method consists of three steps for model reduction, that are mainly based on symmetry in dependency graphs of the system. Dependency graphs visualize the components in the system and the relations between these components. The proposed method is applied in a case study on the design of a supervisory controller for a road tunnel. In this case study, the model reduction steps are described, and results are shown on the effectiveness of model reduction in terms of model size and synthesis time.
2021-06-01
Reijsbergen, Daniël, Anh Dinh, Tien Tuan.  2020.  On Exploiting Transaction Concurrency To Speed Up Blockchains. 2020 IEEE 40th International Conference on Distributed Computing Systems (ICDCS). :1044—1054.
Consensus protocols are currently the bottlenecks that prevent blockchain systems from scaling. However, we argue that transaction execution is also important to the performance and security of blockchains. In other words, there are ample opportunities to speed up and further secure blockchains by reducing the cost of transaction execution. Our goal is to understand how much we can speed up blockchains by exploiting transaction concurrency available in blockchain workloads. To this end, we first analyze historical data of seven major public blockchains, namely Bitcoin, Bitcoin Cash, Litecoin, Dogecoin, Ethereum, Ethereum Classic, and Zilliqa. We consider two metrics for concurrency, namely the single-transaction conflict rate per block, and the group conflict rate per block. We find that there is more concurrency in UTXO-based blockchains than in account-based ones, although the amount of concurrency in the former is lower than expected. Another interesting finding is that some blockchains with larger blocks have more concurrency than blockchains with smaller blocks. Next, we propose an analytical model for estimating the transaction execution speed-up given an amount of concurrency. Using results from our empirical analysis, the model estimates that 6× speed-ups in Ethereum can be achieved if all available concurrency is exploited.
2021-08-17
Chen, Congwei, Elsayed, Marwa A., Zulkernine, Mohammad.  2020.  HBD-Authority: Streaming Access Control Model for Hadoop. 2020 IEEE 6th International Conference on Dependability in Sensor, Cloud and Big Data Systems and Application (DependSys). :16–25.
Big data analytics, in essence, is becoming the revolution of business intelligence around the world. This momentum has given rise to the hype around analytic technologies, including Apache Hadoop. Hadoop was not originally developed with security in mind. Despite the evolving efforts to integrate security in Hadoop through developing new tools (e.g., Apache Sentry and Ranger) and employing traditional mechanisms (e.g., Kerberos and LDAP), they mainly focus on providing encryption and authentication features, albeit with limited authorization support. Existing solutions in the literature extended these evolving efforts. However, they suffer from limitations, hindering them from providing robust authorization that effectively meets the unique requirements of big data environments. Towards covering this gap, this paper proposes a hybrid authority (HBD-Authority) as a formal attribute-based access control model with context support. This model is established on a novel hybrid approach of authorization transparency that pertains to three fundamental properties of accuracy: correctness, security, and completeness. The model leverages streaming data analytics to foster distributed parallel processing capabilities that achieve multifold benefits: a) efficiently managing the security policies and promptly updating the privileges assigned to a high number of users interacting with the analytic services; b) swiftly deciding and enforcing authorization of requests over data characterized by the 5Vs; and c) providing dynamic protection for data which is frequently updated. The implementation details and experimental evaluation of the proposed model are presented, demonstrating its performance efficiency.
2021-02-08
Pelissero, N., Laso, P. M., Puentes, J..  2020.  Naval cyber-physical anomaly propagation analysis based on a quality assessed graph. 2020 International Conference on Cyber Situational Awareness, Data Analytics and Assessment (CyberSA). :1–8.
As any other infrastructure relying on cyber-physical systems (CPS), naval CPS are highly interconnected and collect considerable data streams, on which depend multiple command and navigation decisions. Being a data-driven decision system requiring optimized supervisory control on a permanent basis, it is critical to examine the CPS vulnerability to anomalies and their propagation. This paper presents an approach to detect CPS anomalies and estimate their propagation applying a quality assessed graph, which represents the CPS physical and digital subsystems, combined with system variables dependencies and a set of data and information quality measures vectors. Following the identification of variables dependencies and high-risk nodes in the CPS, data and information quality measures reveal how system variables are modified when an anomaly is detected, also indicating its propagation path. Taking as reference the normal state of a naval propulsion management system, four anomalies in the form of cyber-attacks - port scan, programmable logical controller stop, and man in the middle to change the motor speed and operation of a tank valve - were produced. Three anomalies were properly detected and their propagation path identified. These results suggest the feasibility of anomaly detection and estimation of propagation estimation in CPS, applying data and information quality analysis to a system graph.
2021-02-03
He, S., Lei, D., Shuang, W., Liu, C., Gu, Z..  2020.  Network Security Analysis of Industrial Control System Based on Attack-Defense Tree. 2020 IEEE International Conference on Artificial Intelligence and Information Systems (ICAIIS). :651—655.
In order to cope with the network attack of industrial control system, this paper proposes a quantifiable attack-defense tree model. In order to reduce the influence of subjective factors on weight calculation and the probability of attack events, the Fuzzy Analytic Hierarchy Process and the Attack-Defense Tree model are combined. First, the model provides a variety of security attributes for attack and defense leaf nodes. Secondly, combining the characteristics of leaf nodes, a fuzzy consistency matrix is constructed to calculate the security attribute weight of leaf nodes, and the probability of attack and defense leaf nodes. Then, the influence of defense node on attack behavior is analyzed. Finally, the network risk assessment of typical airport oil supply automatic control system has been undertaken as a case study using this attack-defense tree model. The result shows that this model can truly reflect the impact of defense measures on the attack behavior, and provide a reference for the network security scheme.
2021-01-22
Sahabandu, D., Allen, J., Moothedath, S., Bushnell, L., Lee, W., Poovendran, R..  2020.  Quickest Detection of Advanced Persistent Threats: A Semi-Markov Game Approach. 2020 ACM/IEEE 11th International Conference on Cyber-Physical Systems (ICCPS). :9—19.
Advanced Persistent Threats (APTs) are stealthy, sophisticated, long-term, multi-stage attacks that threaten the security of sensitive information. Dynamic Information Flow Tracking (DIFT) has been proposed as a promising mechanism to detect and prevent various cyber attacks in computer systems. DIFT tracks suspicious information flows in the system and generates security analysis when anomalous behavior is detected. The number of information flows in a system is typically large and the amount of resources (such as memory, processing power and storage) required for analyzing different flows at different system locations varies. Hence, efficient use of resources is essential to maintain an acceptable level of system performance when using DIFT. On the other hand, the quickest detection of APTs is crucial as APTs are persistent and the damage caused to the system is more when the attacker spends more time in the system. We address the problem of detecting APTs and model the trade-off between resource efficiency and quickest detection of APTs. We propose a game model that captures the interaction of APT and a DIFT-based defender as a two-player, multi-stage, zero-sum, Stackelberg semi-Markov game. Our game considers the performance parameters such as false-negatives generated by DIFT and the time required for executing various operations in the system. We propose a two-time scale Q-learning algorithm that converges to a Stackelberg equilibrium under infinite horizon, limiting average payoff criteria. We validate our model and algorithm on a real-word attack dataset obtained using Refinable Attack INvestigation (RAIN) framework.
2021-03-01
Taylor, E., Shekhar, S., Taylor, G. W..  2020.  Response Time Analysis for Explainability of Visual Processing in CNNs. 2020 IEEE/CVF Conference on Computer Vision and Pattern Recognition Workshops (CVPRW). :1555–1558.
Explainable artificial intelligence (XAI) methods rely on access to model architecture and parameters that is not always feasible for most users, practitioners, and regulators. Inspired by cognitive psychology, we present a case for response times (RTs) as a technique for XAI. RTs are observable without access to the model. Moreover, dynamic inference models performing conditional computation generate variable RTs for visual learning tasks depending on hierarchical representations. We show that MSDNet, a conditional computation model with early-exit architecture, exhibits slower RT for images with more complex features in the ObjectNet test set, as well as the human phenomenon of scene grammar, where object recognition depends on intrascene object-object relationships. These results cast light on MSDNet's feature space without opening the black box and illustrate the promise of RT methods for XAI.
2021-04-08
Al-Dhaqm, A., Razak, S. A., Ikuesan, R. A., Kebande, V. R., Siddique, K..  2020.  A Review of Mobile Forensic Investigation Process Models. IEEE Access. 8:173359—173375.
Mobile Forensics (MF) field uses prescribed scientific approaches with a focus on recovering Potential Digital Evidence (PDE) from mobile devices leveraging forensic techniques. Consequently, increased proliferation, mobile-based services, and the need for new requirements have led to the development of the MF field, which has in the recent past become an area of importance. In this article, the authors take a step to conduct a review on Mobile Forensics Investigation Process Models (MFIPMs) as a step towards uncovering the MF transitions as well as identifying open and future challenges. Based on the study conducted in this article, a review of the literature revealed that there are a few MFIPMs that are designed for solving certain mobile scenarios, with a variety of concepts, investigation processes, activities, and tasks. A total of 100 MFIPMs were reviewed, to present an inclusive and up-to-date background of MFIPMs. Also, this study proposes a Harmonized Mobile Forensic Investigation Process Model (HMFIPM) for the MF field to unify and structure whole redundant investigation processes of the MF field. The paper also goes the extra mile to discuss the state of the art of mobile forensic tools, open and future challenges from a generic standpoint. The results of this study find direct relevance to forensic practitioners and researchers who could leverage the comprehensiveness of the developed processes for investigation.
2021-01-11
Li, Y., Chang, T.-H., Chi, C.-Y..  2020.  Secure Federated Averaging Algorithm with Differential Privacy. 2020 IEEE 30th International Workshop on Machine Learning for Signal Processing (MLSP). :1–6.
Federated learning (FL), as a recent advance of distributed machine learning, is capable of learning a model over the network without directly accessing the client's raw data. Nevertheless, the clients' sensitive information can still be exposed to adversaries via differential attacks on messages exchanged between the parameter server and clients. In this paper, we consider the widely used federating averaging (FedAvg) algorithm and propose to enhance the data privacy by the differential privacy (DP) technique, which obfuscates the exchanged messages by properly adding Gaussian noise. We analytically show that the proposed secure FedAvg algorithm maintains an O(l/T) convergence rate, where T is the total number of stochastic gradient descent (SGD) updates for local model parameters. Moreover, we demonstrate how various algorithm parameters can impact on the algorithm communication efficiency. Experiment results are presented to justify the obtained analytical results on the performance of the proposed algorithm in terms of testing accuracy.
2021-08-31
Hu, Dongfang, Xu, Bin, Wang, Jun, Han, Linfeng, Liu, Jiayi.  2020.  A Shilling Attack Model Based on TextCNN. 2020 IEEE 3rd International Conference on Automation, Electronics and Electrical Engineering (AUTEEE). :282–289.
With the development of the Internet, the amount of information on the Internet is increasing rapidly, which makes it difficult for people to select the information they really want. A recommendation system is an effective way to solve this problem. Fake users can be injected by criminals to attack the recommendation system; therefore, accurate identification of fake users is a necessary feature of the recommendation system. Existing fake user detection algorithms focus on designing recognition methods for different types of attacks and have limited detection capabilities against unknown or hybrid attacks. The use of deep learning models can automate the extraction of false user scoring features, but neural network models are not applicable to discrete user scoring data. In this paper, random walking is used to rearrange the otherwise discrete user rating data into a rating feature matrix with spatial continuity. The rating data and the text data have some similarity in the distribution mode. By effective analogy, the TextCNN model originally used in NLP domain can be improved and applied to the classification task of rating feature matrix. Combining the ideas of random walking and word vector processing, this paper proposes a TextCNN detection model for user rating data. To verify the validity of the proposed model, the model is tested on MoiveLens dataset against 7 different attack detection algorithms, and exhibits better performance when compared with 4 attack detection algorithms. Especially for the Aop attack, the proposed model has nearly 100% detection performance with F1 - value as the evaluation index.
2021-07-02
Yao, Xiaoyong, Pei, Yuwen, Wu, Pingdong, Huang, Man-ling.  2020.  Study on Integrative Control between the Stereoscopic Image and the Tactile Feedback in Augmented Reality. 2020 IEEE 3rd International Conference on Electronics and Communication Engineering (ICECE). :177—180.
The precise integrative control between the stereoscopic image and the tactile feedback is very essential in augmented reality[1]-[4]. In order to study this question, this paper will introduce a stereoscopic-imaging and tactile integrative augmented-reality system, and a stereoscopic-imaging and tactile integrative algorithm. The system includes a stereoscopic-imaging part and a string-based tactile part. The integrative algorithm is used to precisely control the interaction between the two parts. The results for testing the system and the algorithm demonstrate the system to be perfect through 5 testers' operation and will be presented in the last part of the paper.
2021-01-20
Shi, F., Chen, Z., Cheng, X..  2020.  Behavior Modeling and Individual Recognition of Sonar Transmitter for Secure Communication in UASNs. IEEE Access. 8:2447—2454.

It is necessary to improve the safety of the underwater acoustic sensor networks (UASNs) since it is mostly used in the military industry. Specific emitter identification is the process of identifying different transmitters based on the radio frequency fingerprint extracted from the received signal. The sonar transmitter is a typical low-frequency radiation source and is an important part of the UASNs. Class D power amplifier, a typical nonlinear amplifier, is usually used in sonar transmitters. The inherent nonlinearity of power amplifiers provides fingerprint features that can be distinguished without transmitters for specific emitter recognition. First, the nonlinearity of the sonar transmitter is studied in-depth, and the nonlinearity of the power amplifier is modeled and its nonlinearity characteristics are analyzed. After obtaining the nonlinear model of an amplifier, a similar amplifier in practical application is obtained by changing its model parameters as the research object. The output signals are collected by giving the same input of different models, and, then, the output signals are extracted and classified. In this paper, the memory polynomial model is used to model the amplifier. The power spectrum features of the output signals are extracted as fingerprint features. Then, the dimensionality of the high-dimensional features is reduced. Finally, the classifier is used to recognize the amplifier. The experimental results show that the individual sonar transmitter can be well identified by using the nonlinear characteristics of the signal. By this way, this method can enhance the communication safety of the UASNs.

2021-03-01
Kuppa, A., Le-Khac, N.-A..  2020.  Black Box Attacks on Explainable Artificial Intelligence(XAI) methods in Cyber Security. 2020 International Joint Conference on Neural Networks (IJCNN). :1–8.

Cybersecurity community is slowly leveraging Machine Learning (ML) to combat ever evolving threats. One of the biggest drivers for successful adoption of these models is how well domain experts and users are able to understand and trust their functionality. As these black-box models are being employed to make important predictions, the demand for transparency and explainability is increasing from the stakeholders.Explanations supporting the output of ML models are crucial in cyber security, where experts require far more information from the model than a simple binary output for their analysis. Recent approaches in the literature have focused on three different areas: (a) creating and improving explainability methods which help users better understand the internal workings of ML models and their outputs; (b) attacks on interpreters in white box setting; (c) defining the exact properties and metrics of the explanations generated by models. However, they have not covered, the security properties and threat models relevant to cybersecurity domain, and attacks on explainable models in black box settings.In this paper, we bridge this gap by proposing a taxonomy for Explainable Artificial Intelligence (XAI) methods, covering various security properties and threat models relevant to cyber security domain. We design a novel black box attack for analyzing the consistency, correctness and confidence security properties of gradient based XAI methods. We validate our proposed system on 3 security-relevant data-sets and models, and demonstrate that the method achieves attacker's goal of misleading both the classifier and explanation report and, only explainability method without affecting the classifier output. Our evaluation of the proposed approach shows promising results and can help in designing secure and robust XAI methods.

2021-05-25
Zhu, Hong, Xia, Bing, Zhou, Dongxu, Zhang, Ming, Ma, Zhoujun.  2020.  Research on Integrated Model and Interactive Influence of Energy Internet Cyber Physical System. 2020 IEEE Sustainable Power and Energy Conference (iSPEC). :1667–1671.

Energy Internet is a typical cyber-physical system (CPS), in which the disturbance on cyber part may result in the operation risks on the physical part. In order to perform CPS assessment and research the interactive influence between cyber part and physical part, an integrated energy internet CPS model which adopts information flow matrix, energy control flow matrix and information energy hybrid flow matrix is proposed in this paper. The proposed model has a higher computational efficacy compared with simulation based approaches. Then, based on the proposed model, the influence of cyber disturbances such as data dislocation, data delay and data error on the physical part are studied. Finally, a 3 MW PET based energy internet CPS is built using PSCAD/EMTDC software. The simulation results prove the validity of the proposed model and the correctness of the interactive influence analysis.

2021-07-27
Ruiz-Martin, Cristina, Wainer, Gabriel, Lopez-Paredes, Adolfo.  2020.  Studying Communications Resiliency in Emergency Plans. 2020 Spring Simulation Conference (SpringSim). :1–12.
Recent disasters have shown that hazards can be unpredictable and can have catastrophic consequences. Emergency plans are key to dealing with these situations and communications play a key role in emergency management. In this paper, we provide a formalism to design resilient emergency plans in terms of communications. We exemplify how to use the formalism using a case study of a Nuclear Emergency Plan.
2021-06-01
Gu, Yanyang, Zhang, Ping, Chen, Zhifeng, Cao, Fei.  2020.  UEFI Trusted Computing Vulnerability Analysis Based on State Transition Graph. 2020 IEEE 6th International Conference on Computer and Communications (ICCC). :1043–1052.
In the face of increasingly serious firmware attacks, it is of great significance to analyze the vulnerability security of UEFI. This paper first introduces the commonly used trusted authentication mechanisms of UEFI. Then, aiming at the loopholes in the process of UEFI trust verification in the startup phase, combined with the state transition diagram, PageRank algorithm and Bayesian network theory, the analysis model of UEFI trust verification startup vulnerability is constructed. And according to the example to verify the analysis. Through the verification and analysis of the data obtained, the vulnerable attack paths and key vulnerable nodes are found. Finally, according to the analysis results, security enhancement measures for UEFI are proposed.
2021-05-20
Neema, Himanshu, Sztipanovits, Janos, Hess, David J., Lee, Dasom.  2020.  TE-SAT: Transactive Energy Simulation and Analysis Toolsuite. 2020 IEEE Workshop on Design Automation for CPS and IoT (DESTION). :19—20.

Transactive Energy (TE) is an emerging discipline that utilizes economic and control techniques for operating and managing the power grid effectively. Distributed Energy Resources (DERs) represent a fundamental shift away from traditionally centrally managed energy generation and storage to one that is rather distributed. However, integrating and managing DERs into the power grid is highly challenging owing to the TE implementation issues such as privacy, equity, efficiency, reliability, and security. The TE market structures allow utilities to transact (i.e., buy and sell) power services (production, distribution, and storage) from/to DER providers integrated as part of the grid. Flexible power pricing in TE enables power services transactions to dynamically adjust power generation and storage in a way that continuously balances power supply and demand as well as minimize cost of grid operations. Therefore, it has become important to analyze various market models utilized in different TE applications for their impact on above implementation issues.In this demo, we show-case the Transactive Energy Simulation and Analysis Toolsuite (TE-SAT) with its three publicly available design studios for experimenting with TE markets. All three design studios are built using metamodeling tool called the Web-based Graphical Modeling Environment (WebGME). Using a Git-like storage and tracking backend server, WebGME enables multi-user editing on models and experiments using simply a web-browser. This directly facilitates collaboration among different TE stakeholders for developing and analyzing grid operations and market models. Additionally, these design studios provide an integrated and scalable cloud backend for running corresponding simulation experiments.

2020-12-14
Zhou, J.-L., Wang, J.-S., Zhang, Y.-X., Guo, Q.-S., Li, H., Lu, Y.-X..  2020.  Particle Swarm Optimization Algorithm with Variety Inertia Weights to Solve Unequal Area Facility Layout Problem. 2020 Chinese Control And Decision Conference (CCDC). :4240–4245.
The unequal area facility layout problem (UA-FLP) is to place some objects in a specified space according to certain requirements, which is a NP-hard problem in mathematics because of the complexity of its solution, the combination explosion and the complexity of engineering system. Particle swarm optimization (PSO) algorithm is a kind of swarm intelligence algorithm by simulating the predatory behavior of birds. Aiming at the minimization of material handling cost and the maximization of workshop area utilization, the optimization mathematical model of UA-FLPP is established, and it is solved by the particle swarm optimization (PSO) algorithm which simulates the design of birds' predation behavior. The improved PSO algorithm is constructed by using nonlinear inertia weight, dynamic inertia weight and other methods to solve static unequal area facility layout problem. The effectiveness of the proposed method is verified by simulation experiments.
2021-04-08
Westland, T., Niu, N., Jha, R., Kapp, D., Kebede, T..  2020.  Relating the Empirical Foundations of Attack Generation and Vulnerability Discovery. 2020 IEEE 21st International Conference on Information Reuse and Integration for Data Science (IRI). :37–44.
Automatically generating exploits for attacks receives much attention in security testing and auditing. However, little is known about the continuous effect of automatic attack generation and detection. In this paper, we develop an analytic model to understand the cost-benefit tradeoffs in light of the process of vulnerability discovery. We develop a three-phased model, suggesting that the cumulative malware detection has a productive period before the rate of gain flattens. As the detection mechanisms co-evolve, the gain will likely increase. We evaluate our analytic model by using an anti-virus tool to detect the thousands of Trojans automatically created. The anti-virus scanning results over five months show the validity of the model and point out future research directions.