Biblio

Found 6163 results

Filters: Keyword is Resiliency  [Clear All Filters]
2020-03-30
2019-01-16
Honggang, Zhao, Chen, Shi, Leyu, Zhai.  Submitted.  Design and Implementation of Lightweight 6LoWPAN Gateway Based on Contiki - IEEE Conference Publication.

6LoWPAN technology realizes the IPv6 packet transmission in the IEEE 802.15.4 based WSN. And 6LoWPAN is regarded as one of the ideal technologies to realize the interconnection between WSN and Internet, which is the key to build the IoT. Contiki is an open source and highly portable multitasking operating system, in which the 6LoWPAN has been implemented. In contiki, only several K Bytes of code and a few hundred bytes of memory are required to provide a multitasking environment and built-in TCP/IP support. This makes it especially suitable for memory constrained embedded platforms. In this paper, a lightweight 6LoWPAN gateway based on Contiki is designed and its designs of hardware and software are described. A complex experiment environment is presented, in which the gateway's capability of accessing the Internet is verified, and its performance about the average network delay and jitter are analyzed. The experimental results show that the gateway designed in this paper can not only realize the interconnection between 6LoWPAN networks and Internet, but also have good network adaptability and stability.

2017-03-20
Dormann, Will.  Submitted.  Google Authentication Risks on iOS. Proceedings of the 1st International Workshop on Mobile Development. :3–5.

The Google Identity Platform is a system that allows a user to sign in to applications and other services by using a Google account. Google Sign-In is one such method for providing one’s identity to the Google Identity Platform. Google Sign-In is available for Android applications and iOS applications, as well as for websites and other devices. Users of Google Sign-In find that it integrates well with the Android platform, but iOS users (iPhone, iPad, etc.) do not have the same experience. The user experience when logging in to a Google account on an iOS application can not only be more tedious than the Android experience, but it also conditions users to engage in behaviors that put the information in their Google accounts at risk.

2020-04-13
Khurana, Madhu, Malik, Priyanka, Puneet, Shweta.  2020.  Network Security Monitoring (NSM): Can it be Effective in a World with Encrypted Traffic? 2020 International Conference on Computation, Automation and Knowledge Management (ICCAKM). :140–144.
HTTPS is gaining widespread popularity for secure transactions. Most popular sites have made default choice as HTTPS. This development of encrypted traffic has brought in new challenges in the areas of network security monitoring and analysis. This paper makes a survey through various study done in the area on novel approaches for identification and investigating HTTPS traffic and its effect on network security monitoring. This work makes a complete analysis and evaluation of HTTPS protocol-is it ensuring security or are we entering in a vicious cycle of finding weaknesses and tryingto fill the gaps in Network security Monitoring. There are couple of vacuums that exist along with encrypted data, namely firewalls, IDS becoming blind to data being exchanged, enhancing vulnerabilities by making it tough to implement security policy and probability of malicious activities hidingin the ciphered traffic. Most of the current techniques namely DPI to port based to IP address to DNS to SNI filtering is prone to be ineffective in front of HTTPS traffic. The emphasis is upon the new ways to explore the expanding HTTPS volume with security breaches to cover new challenges related to Network Security Monitoring. Data collected from couple of up to date research and their conclusion hasbeen discussed to provide a brief overview so as to provide the reader with an in-depth understanding of the research progress in thisarea.
2020-04-06
Fouchal, Hacène, Ninet, Alain.  2020.  Partial Signature for Cooperative Intelligent Transport Systems. 2020 International Conference on Computing, Networking and Communications (ICNC). :586–590.
On C-ITS (Cooperative Intelligent Transport Systems) vehicles send and receive sensitive messages informing about events on roads (accidents, traffic jams, etc,..). The authentication of these messages is highly recommended in order to increase the users confidence about this system. This authentication ensures that only messages coming from trusted vehicles are accepted by receivers. An adapted PKI (Public Key Infrastructure) for C-ITS provides certificates for each vehicle. The certificate will be used to sign messages. This principle is used within deployed C-ITS solutions over the world. This solution is easy to implement but has one major flaw: each message needs to be sent with its signature and its certificate. The size of the message to send becomes high. In the meantime, for many C-ITS use cases, each message is sent many times for robustness reasons. The communication channel could be overloaded. In this paper, we propose to split the signature into some equal parts. When a message has to be sent, it will be sent with one of these parts. A receiver will save the received message with its actual part. For each reception, it will collect the remaining signature parts until all the signature parts are received. Our solution is implemented in a C-ITS architecture working through Bluetooth protocol using the advertising model. The solution is applicable for vehicle speeds reaching 130 km/h. We have proved, through a set of real experimentations, that our solution is possible.
2020-03-30
Thida, Aye, Shwe, Thanda.  2020.  Process Provenance-based Trust Management in Collaborative Fog Environment. 2020 IEEE Conference on Computer Applications(ICCA). :1–5.
With the increasing popularity and adoption of IoT technology, fog computing has been used as an advancement to cloud computing. Although trust management issues in cloud have been addressed, there are still very few studies in a fog area. Trust is needed for collaborating among fog nodes and trust can further improve the reliability by assisting in selecting the fog nodes to collaborate. To address this issue, we present a provenance based trust mechanism that traces the behavior of the process among fog nodes. Our approach adopts the completion rate and failure rate as the process provenance in trust scores of computing workload, especially obvious measures of trustworthiness. Simulation results demonstrate that the proposed system can effectively be used for collaboration in a fog environment.
2020-03-23
Choi, Jungyong, Shin, WoonSeob, Kim, Jonghyun, Kim, Ki-Hyung.  2020.  Random Seed Generation For IoT Key Generation and Key Management System Using Blockchain. 2020 International Conference on Information Networking (ICOIN). :663–665.
Recently, the Internet of Things (IoT) is growing rapidly. IoT sensors are attached to various devices, and information is detected, collected and utilized through various wired and wireless communication environments. As the IoT is used in various places, IoT devices face a variety of malicious attacks such as MITM and reverse engineering. To prevent these, encryption is required for device-to-device communication, and keys required for encryption must be properly managed. We propose a scheme to generate seed needed for key generation and a scheme to manage the public key using blockchain.
2020-04-06
Chu, YeonSung, Kim, Jae Min, Lee, YoonJick, Shim, SungHoon, Huh, Junho.  2020.  SS-DPKI: Self-Signed Certificate Based Decentralized Public Key Infrastructure for Secure Communication. 2020 IEEE International Conference on Consumer Electronics (ICCE). :1–6.
Currently, the most commonly used scheme for identity authentication on the Internet is based on asymmetric cryptography and the use of a centralized model. The centralized model needs a Certificate Authority (CA) as a trusted third party and a trust chain of CA. However, CA-based PKI is weak in the single point of failure and certificate transparency. Our system, called SS-DPKI, propose a public and decentralized PKI system model. We describe a detailed scheme as well as application to use decentralized PKI based secure communication. Our proposal prevents storage overhead on the data size of transactions and provide reasonable certificate verification time.
Alamleh, Hosam, AlQahtani, Ali Abdullah S..  2020.  Two Methods for Authentication Using Variable Transmission Power Patterns. 2020 10th Annual Computing and Communication Workshop and Conference (CCWC). :0355–0358.
In the last decade, the adoption of wireless systems has increased. These systems allow multiple devices to send data wirelessly using radio waves. Moreover, in some applications, authentication is done wirelessly by exchanging authentication data over the air as in wireless locks and keyless entry systems. On the other hand, most of the wireless devices today can control the radio frequency transmission power to optimize the system's performance and minimize interference. In this paper, we explore the possibility of modulating the radio frequency transmission power in wireless systems for authentication purposes and using it for source authentication. Furthermore, we propose two system models that perform authentication using variable power transmission patterns. Then, we discuss possible applications. Finally, we implement and test a prototype system using IEEE 802.11 (Wi-Fi) devices.
2020-04-24
Kim, Chang-Woo, Jang, Gang-Heyon, Shin, Kyung-Hun, Jeong, Sang-Sub, You, Dae-Joon, Choi, Jang-Young.  2020.  Electromagnetic Design and Dynamic Characteristics of Permanent Magnet Linear Oscillating Machines Considering Instantaneous Inductance According to Mover Position. IEEE Transactions on Applied Superconductivity. 30:1—5.

Interior permanent magnet (IPM)-type linear oscillating actuators (LOAs) have a higher output power density than typical LOAs. Their mover consists of a permanent magnet (PM) and an iron core, however, this configuration generates significant side forces. The device can malfunction due to eccentricity in the electromagnetic behavior. Thus, here an electromagnetic design was developed to minimize this side force. In addition, dynamic analysis was performed considering the mechanical systems of LOAs. To perform a more accurate analysis, instantaneous inductance was considered according to the mover's position.

2020-04-17
Gorbenko, Anatoliy, Romanovsky, Alexander, Tarasyuk, Olga, Biloborodov, Oleksandr.  2020.  From Analyzing Operating System Vulnerabilities to Designing Multiversion Intrusion-Tolerant Architectures. IEEE Transactions on Reliability. 69:22—39.

This paper analyzes security problems of modern computer systems caused by vulnerabilities in their operating systems (OSs). Our scrutiny of widely used enterprise OSs focuses on their vulnerabilities by examining the statistical data available on how vulnerabilities in these systems are disclosed and eliminated, and by assessing their criticality. This is done by using statistics from both the National Vulnerabilities Database and the Common Vulnerabilities and Exposures System. The specific technical areas the paper covers are the quantitative assessment of forever-day vulnerabilities, estimation of days-of-grey-risk, the analysis of the vulnerabilities severity and their distributions by attack vector and impact on security properties. In addition, the study aims to explore those vulnerabilities that have been found across a diverse range of OSs. This leads us to analyzing how different intrusion-tolerant architectures deploying the OS diversity impact availability, integrity, and confidentiality.

2020-08-03
Chowdhary, Ankur, Sengupta, Sailik, Alshamrani, Adel, Huang, Dijiang, Sabur, Abdulhakim.  2019.  Adaptive MTD Security using Markov Game Modeling. 2019 International Conference on Computing, Networking and Communications (ICNC). :577–581.
Large scale cloud networks consist of distributed networking and computing elements that process critical information and thus security is a key requirement for any environment. Unfortunately, assessing the security state of such networks is a challenging task and the tools used in the past by security experts such as packet filtering, firewall, Intrusion Detection Systems (IDS) etc., provide a reactive security mechanism. In this paper, we introduce a Moving Target Defense (MTD) based proactive security framework for monitoring attacks which lets us identify and reason about multi-stage attacks that target software vulnerabilities present in a cloud network. We formulate the multi-stage attack scenario as a two-player zero-sum Markov Game (between the attacker and the network administrator) on attack graphs. The rewards and transition probabilities are obtained by leveraging the expert knowledge present in the Common Vulnerability Scoring System (CVSS). Our framework identifies an attacker's optimal policy and places countermeasures to ensure that this attack policy is always detected, thus forcing the attacker to use a sub-optimal policy with higher cost.
2020-03-09
Perner, Cora, Kinkelin, Holger, Carle, Georg.  2019.  Adaptive Network Management for Safety-Critical Systems. 2019 IFIP/IEEE Symposium on Integrated Network and Service Management (IM). :25–30.
Present networks within safety-critical systems rely on complex and inflexible network configurations. New technologies such as software-defined networking are more dynamic and offer more flexibility, but due care needs to be exercised to ensure that safety and security are not compromised by incorrect configurations. To this end, this paper proposes the use of pre-generated and optimized configuration templates. These provide alternate routes for traffic considering availability, resilience and timing constraints where network components fail due to attacks or faults.To obtain these templates, two heuristics based on Dijkstra's algorithm and an optimization algorithm providing the maximum resilience were investigated. While the configurations obtained through optimization yield appropriate templates, the heuristics investigated are not suitable to obtain configuration templates, since they cannot fulfill all requirements.
2020-05-15
Fan, Renshi, Du, Gaoming, Xu, Pengfei, Li, Zhenmin, Song, Yukun, Zhang, Duoli.  2019.  An Adaptive Routing Scheme Based on Q-learning and Real-time Traffic Monitoring for Network-on-Chip. 2019 IEEE 13th International Conference on Anti-counterfeiting, Security, and Identification (ASID). :244—248.
In the Network on Chip (NoC), performance optimization has always been a research focus. Compared with the static routing scheme, dynamical routing schemes can better reduce the data of packet transmission latency under network congestion. In this paper, we propose a dynamical Q-learning routing approach with real-time monitoring of NoC. Firstly, we design a real-time monitoring scheme and the corresponding circuits to record the status of traffic congestion for NoC. Secondly, we propose a novel method of Q-learning. This method finds an optimal path based on the lowest traffic congestion. Finally, we dynamically redistribute network tasks to increase the packet transmission speed and balance the traffic load. Compared with the C-XY routing and DyXY routing, our method achieved improvement in terms of 25.6%-49.5% and 22.9%-43.8%.
2020-06-01
Laranjeiro, Nuno, Gomez, Camilo, Schiavone, Enrico, Montecchi, Leonardo, Carvalho, Manoel J. M., Lollini, Paolo, Micskei, Zoltán.  2019.  Addressing Verification and Validation Challenges in Future Cyber-Physical Systems. 2019 9th Latin-American Symposium on Dependable Computing (LADC). :1–2.
Cyber-physical systems are characterized by strong interactions between their physical and computation parts. The increasing complexity of such systems, now used in numerous application domains (e.g., aeronautics, healthcare), in conjunction with hard to predict surrounding environments or the use of non-traditional middleware and with the presence of non-deterministic or non-explainable software outputs, tend to make traditional Verification and Validation (V&V) techniques ineffective. This paper presents the H2020 ADVANCE project, which aims precisely at addressing the Verification and Validation challenges that the next-generation of cyber-physical systems bring, by exploring techniques, methods and tools for achieving the technical objective of improving the overall efficiency and effectiveness of the V&V process. From a strategic perspective, the goal of the project is to create an international network of expertise on the topic of V&V of cyber-physical systems.
2020-02-17
Chalise, Batu K..  2019.  ADMM-based Beamforming Optimization for Physical Layer Security in a Full-duplex Relay System. ICASSP 2019 - 2019 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP). :4734–4738.
Although beamforming optimization problems in full-duplex communication systems can be optimally solved with the semidefinite relaxation (SDR) approach, its computational complexity increases rapidly when the problem size increases. In order to circumvent this issue, in this paper, we propose an alternating direction of multiplier method (ADMM) which minimizes the augmented Lagrangian of the dual of the SDR and handles the inequality constraints with the use of slack variables. The proposed ADMM is then applied for optimizing the relay beamformer to maximize the secrecy rate. Simulation results show that the proposed ADMM performs as good as the SDR approach.
2020-07-03
Adari, Suman Kalyan, Garcia, Washington, Butler, Kevin.  2019.  Adversarial Video Captioning. 2019 49th Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshops (DSN-W). :24—27.
In recent years, developments in the field of computer vision have allowed deep learning-based techniques to surpass human-level performance. However, these advances have also culminated in the advent of adversarial machine learning techniques, capable of launching targeted image captioning attacks that easily fool deep learning models. Although attacks in the image domain are well studied, little work has been done in the video domain. In this paper, we show it is possible to extend prior attacks in the image domain to the video captioning task, without heavily affecting the video's playback quality. We demonstrate our attack against a state-of-the-art video captioning model, by extending a prior image captioning attack known as Show and Fool. To the best of our knowledge, this is the first successful method for targeted attacks against a video captioning model, which is able to inject 'subliminal' perturbations into the video stream, and force the model to output a chosen caption with up to 0.981 cosine similarity, achieving near-perfect similarity to chosen target captions.
2020-05-18
Sharma, Sarika, Kumar, Deepak.  2019.  Agile Release Planning Using Natural Language Processing Algorithm. 2019 Amity International Conference on Artificial Intelligence (AICAI). :934–938.
Once the requirement is gathered in agile, it is broken down into smaller pre-defined format called user stories. These user stories are then scoped in various sprint releases and delivered accordingly. Release planning in Agile becomes challenging when the number of user stories goes up in hundreds. In such scenarios it is very difficult to manually identify similar user stories and package them together into a release. Hence, this paper suggests application of natural language processing algorithms for identifying similar user stories and then scoping them into a release This paper takes the approach to build a word corpus for every project release identified in the project and then to convert the provided user stories into a vector of string using Java utility for calculating top 3 most occurring words from the given project corpus in a user story. Once all the user stories are represented as vector array then by using RV coefficient NLP algorithm the user stories are clustered into various releases of the software project. Using the proposed approach, the release planning for large and complex software engineering projects can be simplified resulting into efficient planning in less time. The automated commercial tools like JIRA and Rally can be enhanced to include suggested algorithms for managing release planning in Agile.
2020-08-07
Davenport, Amanda, Shetty, Sachin.  2019.  Air Gapped Wallet Schemes and Private Key Leakage in Permissioned Blockchain Platforms. 2019 IEEE International Conference on Blockchain (Blockchain). :541—545.
In this paper we consider the threat surface and security of air gapped wallet schemes for permissioned blockchains as preparation for a Markov based mathematical model, and quantify the risk associated with private key leakage. We identify existing threats to the wallet scheme and existing work done to both attack and secure the scheme. We provide an overview the proposed model and outline justification for our methods. We follow with next steps in our remaining work and the overarching goals and motivation for our methods.
2020-04-24
Tuttle, Michael, Wicker, Braden, Poshtan, Majid, Callenes, Joseph.  2019.  Algorithmic Approaches to Characterizing Power Flow Cyber-Attack Vulnerabilities. 2019 IEEE Power Energy Society Innovative Smart Grid Technologies Conference (ISGT). :1—5.
As power grid control systems become increasingly automated and distributed, security has become a significant design concern. Systems increasingly expose new avenues, at a variety of levels, for attackers to exploit and enable widespread disruptions and/or surveillance. Much prior work has explored the implications of attack models focused on false data injection at the front-end of the control system (i.e. during state estimation) [1]. Instead, in this paper we focus on characterizing the inherent cyber-attack vulnerabilities with power flow. Power flow (and power flow constraints) are at the core of many applications critical to operation of power grids (e.g. state estimation, economic dispatch, contingency analysis, etc.). We propose two algorithmic approaches for characterizing the vulnerability of buses within power grids to cyber-attacks. Specifically, we focus on measuring the instability of power flow to attacks which manifest as either voltage or power related errors. Our results show that attacks manifesting as voltage errors are an order of magnitude more likely to cause instability than attacks manifesting as power related errors (and 5x more likely for state estimation as compared to power flow).
2020-02-17
de Andrade Bragagnolle, Thiago, Pereira Nogueira, Marcelo, de Oliveira Santos, Melissa, do Prado, Afonso José, Ferreira, André Alves, de Mello Fagotto, Eric Alberto, Aldaya, Ivan, Abbade, Marcelo Luís Francisco.  2019.  All-Optical Spectral Shuffling of Signals Traveling through Different Optical Routes. 2019 21st International Conference on Transparent Optical Networks (ICTON). :1–4.
A recent proposed physical layer encryption technique uses an all-optical setup based on spatial light modulators to split two or more wavelength division multiplexed (WDM) signals in several spectral slices and to shuffle these slices. As a result, eavesdroppers aimed to recover information from a single target signal need to handle all the signals involved in the shuffling process. In this work, computer simulations are used to analyse the case where the shuffled signals propagate through different optical routes. From a security point of view, this is an interesting possibility because it obliges eavesdroppers to tap different optical fibres/ cables. On the other hand, each shuffled signal experiences different physical impairments and the deleterious consequences of these effects must be carefully investigated. Our results indicate that, in a metropolitan area network environment, penalties caused by attenuation and dispersion differences may be easily compensated with digital signal processing algorithms that are presently deployed.
2020-04-13
Cai, Yang, Wang, Yuewu, Lei, Lingguang, Zhou, Quan.  2019.  ALTEE: Constructing Trustworthy Execution Environment for Mobile App Dynamically. 2019 IEEE Symposium on Computers and Communications (ISCC). :1–7.
TEE(Trusted Execution Environment) has became one of the most popular security features for mobile platforms. Current TEE solutions usually implement secure functions in Trusted applications (TA) running over a trusted OS in the secure world. Host App may access these secure functions through the TEE driver. Unfortunately, such architecture is not very secure. A trusted OS has to be loaded in secure world to support TA running. Thus, the code size in secure world became large. As more and more TA is installed, the secure code size will be further larger and larger. Lots of real attack case have been reported [1]. In this paper, we present a novel TEE constructing method named ALTEE. Different from existing TEE solutions, ALTEE includes secure code in host app, and constructs a trustworthy execution environment for it dynamically whenever the code needs to be run.
2020-08-10
Mansour, Ahmad, Malik, Khalid M., Kaso, Niko.  2019.  AMOUN: Lightweight Scalable Multi-recipient Asymmetric Cryptographic Scheme. 2019 IEEE 9th Annual Computing and Communication Workshop and Conference (CCWC). :0838–0846.
Securing multi-party communication is very challenging particularly in dynamic networks. Existing multi-recipient cryptographic schemes pose variety of limitations. These include: requiring trust among all recipients to make an agreement, high computational cost for both encryption and decryption, and additional communication overhead when group membership changes. To overcome these limitations, this paper introduces a novel multi-recipient asymmetric cryptographic scheme, AMOUN. This scheme enables the sender to possibly send different messages in one ciphertext to multiple recipients to better utilize network resources, while ensuring that each recipient only retrieves its own designated message. Security analysis demonstrates that proposed scheme is secure against well-known attacks. Evaluation results demonstrate that lightweight AMOUN outperforms RSA and Multi-RSA in terms of computational cost for both encryption and decryption. For a given prime size, in case of encryption, AMOUN achieves 86% and 98% lower average computational cost than RSA and Multi-RSA, respectively; while for decryption, it shows performance improvement of 98% compared to RSA and Multi-RSA.
2020-07-06
Cerotti, D., Codetta-Raiteri, D., Egidi, L., Franceschinis, G., Portinale, L., Dondossola, G., Terruggia, R..  2019.  Analysis and Detection of Cyber Attack Processes targeting Smart Grids. 2019 IEEE PES Innovative Smart Grid Technologies Europe (ISGT-Europe). :1–5.
This paper proposes an approach based on Bayesian Networks to support cyber security analysts in improving the cyber-security posture of the smart grid. We build a system model that exploits real world context information from both Information and Operational Technology environments in the smart grid, and we use it to demonstrate sample predictive and diagnostic analyses. The innovative contribution of this work is in the methodology capability of capturing the many dependencies involved in the assessment of security threats, and of supporting the security analysts in planning defense and detection mechanisms for energy digital infrastructures.
2020-03-23
Hyunki-Kim, Jinhyeok-Oh, Changuk-Jang, Okyeon-Yi, Juhong-Han, Hansaem-Wi, Chanil-Park.  2019.  Analysis of the Noise Source Entropy Used in OpenSSL’s Random Number Generation Mechanism. 2019 International Conference on Information and Communication Technology Convergence (ICTC). :59–62.
OpenSSL is an open source library that implements the Secure Socket Layer (SSL), a security protocol used by the TCP/IP layer. All cryptographic systems require random number generation for many reasons, such as cryptographic key generation and protocol challenge/response, OpenSSL is also the same. OpenSSL can be run on a variety of operating systems. especially when generating random numbers on Unix-like operating systems, it can use /dev /(u)random [6], as a seed to add randomness. In this paper, we analyze the process provided by OpenSSL when random number generation is required. We also provide considerations for application developers and OpenSSL users to use /dev/urandom and real-time clock (nanoseconds of timespec structure) as a seed to generate cryptographic random numbers in the Unix family.