Biblio

Found 4026 results

Filters: Keyword is composability  [Clear All Filters]
2020-03-30
2021-05-13
Wu, Xiaohe, Calderon, Juan, Obeng, Morrison.  2021.  Attribution Based Approach for Adversarial Example Generation. SoutheastCon 2021. :1–6.
Neural networks with deep architectures have been used to construct state-of-the-art classifiers that can match human level accuracy in areas such as image classification. However, many of these classifiers can be fooled by examples slightly modified from their original forms. In this work, we propose a novel approach for generating adversarial examples that makes use of only attribution information of the features and perturbs only features that are highly influential to the output of the classifier. We call this approach Attribution Based Adversarial Generation (ABAG). To demonstrate the effectiveness of this approach, three somewhat arbitrary algorithms are proposed and examined. In the first algorithm all non-zero attributions are utilized and associated features perturbed; in the second algorithm only the top-n most positive and top-n most negative attributions are used and corresponding features perturbed; and in the third algorithm the level of perturbation is increased in an iterative manner until an adversarial example is discovered. All of the three algorithms are implemented and experiments are performed on the well-known MNIST dataset. Experiment results show that adversarial examples can be generated very efficiently, and thus prove the validity and efficacy of ABAG - utilizing attributions for the generation of adversarial examples. Furthermore, as shown by examples, ABAG can be adapted to provides a systematic searching approach to generate adversarial examples by perturbing a minimum amount of features.
2021-06-24
Angermeir, Florian, Voggenreiter, Markus, Moyón, Fabiola, Mendez, Daniel.  2021.  Enterprise-Driven Open Source Software: A Case Study on Security Automation. 2021 IEEE/ACM 43rd International Conference on Software Engineering: Software Engineering in Practice (ICSE-SEIP). :278—287.
Agile and DevOps are widely adopted by the industry. Hence, integrating security activities with industrial practices, such as continuous integration (CI) pipelines, is necessary to detect security flaws and adhere to regulators’ demands early. In this paper, we analyze automated security activities in CI pipelines of enterprise-driven open source software (OSS). This shall allow us, in the long-run, to better understand the extent to which security activities are (or should be) part of automated pipelines. In particular, we mine publicly available OSS repositories and survey a sample of project maintainers to better understand the role that security activities and their related tools play in their CI pipelines. To increase transparency and allow other researchers to replicate our study (and to take different perspectives), we further disclose our research artefacts.Our results indicate that security activities in enterprise-driven OSS projects are scarce and protection coverage is rather low. Only 6.83% of the analyzed 8,243 projects apply security automation in their CI pipelines, even though maintainers consider security to be rather important. This alerts industry to keep the focus on vulnerabilities of 3rd Party software and it opens space for other improvements of practice which we outline in this manuscript.
Pashchenko, Ivan, Scandariato, Riccardo, Sabetta, Antonino, Massacci, Fabio.  2021.  Secure Software Development in the Era of Fluid Multi-party Open Software and Services. 2021 IEEE/ACM 43rd International Conference on Software Engineering: New Ideas and Emerging Results (ICSE-NIER). :91—95.
Pushed by market forces, software development has become fast-paced. As a consequence, modern development projects are assembled from 3rd-party components. Security & privacy assurance techniques once designed for large, controlled updates over months or years, must now cope with small, continuous changes taking place within a week, and happening in sub-components that are controlled by third-party developers one might not even know they existed. In this paper, we aim to provide an overview of the current software security approaches and evaluate their appropriateness in the face of the changed nature in software development. Software security assurance could benefit by switching from a process-based to an artefact-based approach. Further, security evaluation might need to be more incremental, automated and decentralized. We believe this can be achieved by supporting mechanisms for lightweight and scalable screenings that are applicable to the entire population of software components albeit there might be a price to pay.
2020-12-21
Yang, B., Liu, F., Yuan, L., Zhang, Y..  2020.  6LoWPAN Protocol Based Infrared Sensor Network Human Target Locating System. 2020 15th IEEE Conference on Industrial Electronics and Applications (ICIEA). :1773–1779.
This paper proposes an infrared sensor human target locating system for the Internet of Things. In this design, the wireless sensor network is designed and developed to detect human targets by using 6LoWPAN protocol and pyroelectric infrared (PIR) sensors. Based on the detection data acquired by multiple sensor nodes, K-means++ clustering algorithm combined with cost function is applied to complete human target location in a 10m×10m detection area. The experimental results indicate the human locating system works well and the user can view the location information on the terminal devices.
2021-01-25
Gracy, S., Milošević, J., Sandberg, H..  2020.  Actuator Security Index for Structured Systems. 2020 American Control Conference (ACC). :2993–2998.
Given a network with a set of vulnerable actuators (and sensors), the security index of an actuator equals the minimum number of sensors and actuators that needs to be compromised so as to conduct a perfectly undetectable attack using the said actuator. This paper deals with the problem of computing actuator security indices for discrete-time LTI network systems, using a structured systems framework. We show that the actuator security index is generic, that is for almost all realizations the actuator security index remains the same. We refer to such an index as generic security index (generic index) of an actuator. Given that the security index quantifies the vulnerability of a network, the generic index is quite valuable for large scale energy systems. Our second contribution is to provide graph-theoretic conditions for computing the generic index. The said conditions are in terms of existence of linkings on appropriately-defined directed (sub)graphs. Based on these conditions, we present an algorithm for computing the generic index.
Merouane, E. M., Escudero, C., Sicard, F., Zamai, E..  2020.  Aging Attacks against Electro-Mechanical Actuators from Control Signal Manipulation. 2020 IEEE International Conference on Industrial Technology (ICIT). :133–138.
The progress made in terms of controller technologies with the introduction of remotely-accessibility capacity in the digital controllers has opened the door to new cybersecurity threats on the Industrial Control Systems (ICSs). Among them, some aim at damaging the ICS's physical system. In this paper, a corrupted controller emitting a non-legitimate Pulse Width Modulation control signal to an Electro-Mechanical Actuator (EMA) is considered. The attacker's capabilities for accelerating the EMA's aging by inducing Partial Discharges (PDs) are investigated. A simplified model is considered for highlighting the influence of the carrier frequency of the control signal over the amplitude and the repetition of the PDs involved in the EMA's aging.
2020-12-14
Willcox, G., Rosenberg, L., Domnauer, C..  2020.  Analysis of Human Behaviors in Real-Time Swarms. 2020 10th Annual Computing and Communication Workshop and Conference (CCWC). :0104–0109.
Many species reach group decisions by deliberating in real-time systems. This natural process, known as Swarm Intelligence (SI), has been studied extensively in a range of social organisms, from schools of fish to swarms of bees. A new technique called Artificial Swarm Intelligence (ASI) has enabled networked human groups to reach decisions in systems modeled after natural swarms. The present research seeks to understand the behavioral dynamics of such “human swarms.” Data was collected from ten human groups, each having between 21 and 25 members. The groups were tasked with answering a set of 25 ordered ranking questions on a 1-5 scale, first independently by survey and then collaboratively as a real-time swarm. We found that groups reached significantly different answers, on average, by swarm versus survey ( p=0.02). Initially, the distribution of individual responses in each swarm was little different than the distribution of survey responses, but through the process of real-time deliberation, the swarm's average answer changed significantly ( ). We discuss possible interpretations of this dynamic behavior. Importantly, the we find that swarm's answer is not simply the arithmetic mean of initial individual “votes” ( ) as in a survey, suggesting a more complex mechanism is at play-one that relies on the time-varying behaviors of the participants in swarms. Finally, we publish a set of data that enables other researchers to analyze human behaviors in real-time swarms.
2021-04-09
Mishra, A., Yadav, P..  2020.  Anomaly-based IDS to Detect Attack Using Various Artificial Intelligence Machine Learning Algorithms: A Review. 2nd International Conference on Data, Engineering and Applications (IDEA). :1—7.
Cyber-attacks are becoming more complex & increasing tasks in accurate intrusion detection (ID). Failure to avoid intrusion can reduce the reliability of security services, for example, integrity, Privacy & availability of data. The rapid proliferation of computer networks (CNs) has reformed the perception of network security. Easily accessible circumstances affect computer networks from many threats by hackers. Threats to a network are many & hypothetically devastating. Researchers have recognized an Intrusion Detection System (IDS) up to identifying attacks into a wide variety of environments. Several approaches to intrusion detection, usually identified as Signature-based Intrusion Detection Systems (SIDS) & Anomaly-based Intrusion Detection Systems (AIDS), were proposed in the literature to address computer safety hazards. This survey paper grants a review of current IDS, complete analysis of prominent new works & generally utilized dataset to evaluation determinations. It also introduces avoidance techniques utilized by attackers to avoid detection. This paper delivers a description of AIDS for attack detection. IDS is an applied research area in artificial intelligence (AI) that uses multiple machine learning algorithms.
2020-12-14
Cai, L., Hou, Y., Zhao, Y., Wang, J..  2020.  Application research and improvement of particle swarm optimization algorithm. 2020 IEEE International Conference on Power, Intelligent Computing and Systems (ICPICS). :238–241.
Particle swarm optimization (PSO), as a kind of swarm intelligence algorithm, has the advantages of simple algorithm principle, less programmable parameters and easy programming. Many scholars have applied particle swarm optimization (PSO) to various fields through learning it, and successfully solved linear problems, nonlinear problems, multiobjective optimization and other problems. However, the algorithm also has obvious problems in solving problems, such as slow convergence speed, too early maturity, falling into local optimization in advance, etc., which makes the convergence speed slow, search the optimal value accuracy is not high, and the optimization effect is not ideal. Therefore, many scholars have improved the particle swarm optimization algorithm. Taking into account the improvement ideas proposed by scholars in the early stage and the shortcomings still existing in the improvement, this paper puts forward the idea of improving particle swarm optimization algorithm in the future.
2021-03-01
Tran, Q. T., Tran, D. D., Doan, D., Nguyen, M. S..  2020.  An Approach of BLE Mesh Network For Smart Home Application. 2020 International Conference on Advanced Computing and Applications (ACOMP). :170–174.
Internet of Things (IoT) now has extremely wide applications in many areas of life such as urban management, environmental management, smart shopping, and smart home. Because of the wide range of application fields, the IoT infrastructures are built differently. To make an IoT system indoor with high efficiency and more convenience, a case study for smart home security using Bluetooth Mesh approach is introduced. By using Bluetooth Mesh technology in home security, the user can open the door everywhere inside their house. The system work in a flexible way since it can extend the working range of network. In addition, the system can monitor the state of both the lock and any node in network by using a gateway to transfer data to cloud and enable a website-based interface.
2021-05-13
Feng, Xiaohua, Feng, Yunzhong, Dawam, Edward Swarlat.  2020.  Artificial Intelligence Cyber Security Strategy. 2020 IEEE Intl Conf on Dependable, Autonomic and Secure Computing, Intl Conf on Pervasive Intelligence and Computing, Intl Conf on Cloud and Big Data Computing, Intl Conf on Cyber Science and Technology Congress (DASC/PiCom/CBDCom/CyberSciTech). :328—333.
Nowadays, STEM (science, technology, engineering and mathematics) have never been treated so seriously before. Artificial Intelligence (AI) has played an important role currently in STEM. Under the 2020 COVID-19 pandemic crisis, coronavirus disease across over the world we are living in. Every government seek advices from scientist before making their strategic plan. Most of countries collect data from hospitals (and care home and so on in the society), carried out data analysis, using formula to make some AI models, to predict the potential development patterns, in order to make their government strategy. AI security become essential. If a security attack make the pattern wrong, the model is not a true prediction, that could result in thousands life loss. The potential consequence of this non-accurate forecast would be even worse. Therefore, take security into account during the forecast AI modelling, step-by-step data governance, will be significant. Cyber security should be applied during this kind of prediction process using AI deep learning technology and so on. Some in-depth discussion will follow.AI security impact is a principle concern in the world. It is also significant for both nature science and social science researchers to consider in the future. In particular, because many services are running on online devices, security defenses are essential. The results should have properly data governance with security. AI security strategy should be up to the top priority to influence governments and their citizens in the world. AI security will help governments' strategy makers to work reasonably balancing between technologies, socially and politics. In this paper, strategy related challenges of AI and Security will be discussed, along with suggestions AI cyber security and politics trade-off consideration from an initial planning stage to its near future further development.
2021-05-03
Xu, Shenglin, Xie, Peidai, Wang, Yongjun.  2020.  AT-ROP: Using static analysis and binary patch technology to defend against ROP attacks based on return instruction. 2020 International Symposium on Theoretical Aspects of Software Engineering (TASE). :209–216.
Return-Oriented Programming (ROP) is one of the most common techniques to exploit software vulnerabilities. Although many solutions to defend against ROP attacks have been proposed, they still have various drawbacks, such as requiring additional information (source code, debug symbols, etc.), increasing program running cost, and causing program instability. In this paper, we propose a method: using static analysis and binary patch technology to defend against ROP attacks based on return instruction. According to this method, we implemented the AT- ROP tool in a Linux 64-bit system environment. Compared to existing tools, it clears the parameter registers when the function returns. As a result, it makes the binary to defend against ROP attacks based on return instruction without having to obtain the source code of the binary. We use the binary challenges in the CTF competition and the binary programs commonly used in the Linux environment to experiment. It turns out that AT-ROP can make the binary program have the ability to defend against ROP attacks based on return instruction with a small increase in the size of the binary program and without affecting its normal execution.
2021-01-25
Feng, Y., Sun, G., Liu, Z., Wu, C., Zhu, X., Wang, Z., Wang, B..  2020.  Attack Graph Generation and Visualization for Industrial Control Network. 2020 39th Chinese Control Conference (CCC). :7655–7660.
Attack graph is an effective way to analyze the vulnerabilities for industrial control networks. We develop a vulnerability correlation method and a practical visualization technology for industrial control network. First of all, we give a complete attack graph analysis for industrial control network, which focuses on network model and vulnerability context. Particularly, a practical attack graph algorithm is proposed, including preparing environments and vulnerability classification and correlation. Finally, we implement a three-dimensional interactive attack graph visualization tool. The experimental results show validation and verification of the proposed method.
Yoon, S., Cho, J.-H., Kim, D. S., Moore, T. J., Free-Nelson, F., Lim, H..  2020.  Attack Graph-Based Moving Target Defense in Software-Defined Networks. IEEE Transactions on Network and Service Management. 17:1653–1668.
Moving target defense (MTD) has emerged as a proactive defense mechanism aiming to thwart a potential attacker. The key underlying idea of MTD is to increase uncertainty and confusion for attackers by changing the attack surface (i.e., system or network configurations) that can invalidate the intelligence collected by the attackers and interrupt attack execution; ultimately leading to attack failure. Recently, the significant advance of software-defined networking (SDN) technology has enabled several complex system operations to be highly flexible and robust; particularly in terms of programmability and controllability with the help of SDN controllers. Accordingly, many security operations have utilized this capability to be optimally deployed in a complex network using the SDN functionalities. In this paper, by leveraging the advanced SDN technology, we developed an attack graph-based MTD technique that shuffles a host's network configurations (e.g., MAC/IP/port addresses) based on its criticality, which is highly exploitable by attackers when the host is on the attack path(s). To this end, we developed a hierarchical attack graph model that provides a network's vulnerability and network topology, which can be utilized for the MTD shuffling decisions in selecting highly exploitable hosts in a given network, and determining the frequency of shuffling the hosts' network configurations. The MTD shuffling with a high priority on more exploitable, critical hosts contributes to providing adaptive, proactive, and affordable defense services aiming to minimize attack success probability with minimum MTD cost. We validated the out performance of the proposed MTD in attack success probability and MTD cost via both simulation and real SDN testbed experiments.
2021-02-16
Grashöfer, J., Titze, C., Hartenstein, H..  2020.  Attacks on Dynamic Protocol Detection of Open Source Network Security Monitoring Tools. 2020 IEEE Conference on Communications and Network Security (CNS). :1—9.
Protocol detection is the process of determining the application layer protocol in the context of network security monitoring, which requires a timely and precise decision to enable protocol-specific deep packet inspection. This task has proven to be complex, as isolated characteristics, like port numbers, are not sufficient to reliably determine the application layer protocol. In this paper, we analyze the Dynamic Protocol Detection mechanisms employed by popular and widespread open-source network monitoring tools. On the example of HTTP, we show that all analyzed detection mechanisms are vulnerable to evasion attacks. This poses a serious threat to real-world monitoring operations. We find that the underlying fundamental problem of protocol disambiguation is not adequately addressed in two of three monitoring systems that we analyzed. To enable adequate operational decisions, this paper highlights the inherent trade-offs within Dynamic Protocol Detection.
2021-04-27
Niu, S., Chen, L., Liu, W..  2020.  Attribute-Based Keyword Search Encryption Scheme with Verifiable Ciphertext via Blockchains. 2020 IEEE 9th Joint International Information Technology and Artificial Intelligence Conference (ITAIC). 9:849–853.
In order to realize the sharing of data by multiple users on the blockchain, this paper proposes an attribute-based searchable encryption with verifiable ciphertext scheme via blockchain. The scheme uses the public key algorithm to encrypt the keyword, the attribute-based encryption algorithm to encrypt the symmetric key, and the symmetric key to encrypt the file. The keyword index is stored on the blockchain, and the ciphertext of the symmetric key and file are stored on the cloud server. The scheme uses searchable encryption technology to achieve secure search on the blockchain, uses the immutability of the blockchain to ensure the security of the keyword ciphertext, uses verify algorithm guarantees the integrity of the data on the cloud. When the user's attributes need to be changed or the ciphertext access structure is changed, the scheme uses proxy re-encryption technology to implement the user's attribute revocation, and the authority center is responsible for the whole attribute revocation process. The security proof shows that the scheme can achieve ciphertext security, keyword security and anti-collusion. In addition, the numerical results show that the proposed scheme is effective.
2021-05-13
Xu, Shawn, Venugopalan, Subhashini, Sundararajan, Mukund.  2020.  Attribution in Scale and Space. 2020 IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR). :9677–9686.
We study the attribution problem for deep networks applied to perception tasks. For vision tasks, attribution techniques attribute the prediction of a network to the pixels of the input image. We propose a new technique called Blur Integrated Gradients (Blur IG). This technique has several advantages over other methods. First, it can tell at what scale a network recognizes an object. It produces scores in the scale/frequency dimension, that we find captures interesting phenomena. Second, it satisfies the scale-space axioms, which imply that it employs perturbations that are free of artifact. We therefore produce explanations that are cleaner and consistent with the operation of deep networks. Third, it eliminates the need for baseline parameter for Integrated Gradients for perception tasks. This is desirable because the choice of baseline has a significant effect on the explanations. We compare the proposed technique against previous techniques and demonstrate application on three tasks: ImageNet object recognition, Diabetic Retinopathy prediction, and AudioSet audio event identification. Code and examples are at https://github.com/PAIR-code/saliency.
2020-12-21
Cheng, Z., Chow, M.-Y..  2020.  An Augmented Bayesian Reputation Metric for Trustworthiness Evaluation in Consensus-based Distributed Microgrid Energy Management Systems with Energy Storage. 2020 2nd IEEE International Conference on Industrial Electronics for Sustainable Energy Systems (IESES). 1:215–220.
Consensus-based distributed microgrid energy management system is one of the most used distributed control strategies in the microgrid area. To improve its cybersecurity, the system needs to evaluate the trustworthiness of the participating agents in addition to the conventional cryptography efforts. This paper proposes a novel augmented reputation metric to evaluate the agents' trustworthiness in a distributed fashion. The proposed metric adopts a novel augmentation method to substantially improve the trust evaluation and attack detection performance under three typical difficult-to-detect attack patterns. The proposed metric is implemented and validated on a real-time HIL microgrid testbed.
2021-06-01
Chinchawade, Amit Jaykumar, Lamba, Onkar Singh.  2020.  Authentication Schemes and Security Issues in Internet Of Everything (IOE) Systems. 2020 12th International Conference on Computational Intelligence and Communication Networks (CICN). :342–345.
Nowadays, Internet Of Everything (IOE) has demanded for a wide range of applications areas. IOE is started to replaces an Internet Of things (IOT). IOE is a combination of massive number of computing elements and sensors, people, processes and data through the Internet infrastructure. Device to Device communication and interfacing of Wireless Sensor network with IOE can makes any system as a Smart System. With the increased the use of Internet and Internet connected devices has opportunities for hackers to launch attacks on unprecedented scale and impact. The IOE can serve the varied security in the various sectors like manufacturing, agriculture, smart grid, payments, IoT gateways, healthcare and industrial ecosystems. To secure connections among people, process, data, and things, is a major challenge in Internet of Everything.. This paper focuses on various security Issues and Authentication Schemes in the IOE systems.
2021-06-24
Dmitrievich, Asyaev Grigorii, Nikolaevich, Sokolov Aleksandr.  2020.  Automated Process Control Anomaly Detection Using Machine Learning Methods. 2020 Ural Symposium on Biomedical Engineering, Radioelectronics and Information Technology (USBEREIT). :0536–0538.
The paper discusses the features of the automated process control system, defines the algorithm for installing critical updates. The main problems in the administration of a critical system have been identified. The paper presents a model for recognizing anomalies in the network traffic of an industrial information system using machine learning methods. The article considers the network intrusion dataset (raw TCP / IP dump data was collected, where the network was subjected to multiple attacks). The main parameters that affect the recognition of abnormal behavior in the system are determined. The basic mathematical models of classification are analyzed, their basic parameters are reviewed and tuned. The mathematical model was trained on the considered (randomly mixed) sample using cross-validation and the response was predicted on the control (test) sample, where the model should determine the anomalous behavior of the system or normal as the output. The main criteria for choosing a mathematical model for the problem to be solved were the number of correctly recognized (accuracy) anomalies, precision and recall of the answers. Based on the study, the optimal algorithm for recognizing anomalies was selected, as well as signs by which this anomaly can be recognized.
2021-01-25
Malzahn, D., Birnbaum, Z., Wright-Hamor, C..  2020.  Automated Vulnerability Testing via Executable Attack Graphs. 2020 International Conference on Cyber Security and Protection of Digital Services (Cyber Security). :1–10.
Cyber risk assessments are an essential process for analyzing and prioritizing security issues. Unfortunately, many risk assessment methodologies are marred by human subjectivity, resulting in non-repeatable, inconsistent findings. The absence of repeatable and consistent results can lead to suboptimal decision making with respect to cyber risk reduction. There is a pressing need to reduce cyber risk assessment uncertainty by using tools that use well defined inputs, producing well defined results. This paper presents Automated Vulnerability and Risk Analysis (AVRA), an end-to-end process and tool for identifying and exploiting vulnerabilities, designed for use in cyber risk assessments. The approach presented is more comprehensive than traditional vulnerability scans due to its analysis of an entire network, integrating both host and network information. AVRA automatically generates a detailed model of the network and its individual components, which is used to create an attack graph. Then, AVRA follows individual attack paths, automatically launching exploits to reach a particular objective. AVRA was successfully tested within a virtual environment to demonstrate practicality and usability. The presented approach and resulting system enhances the cyber risk assessment process through rigor, repeatability, and objectivity.
2021-06-01
Zhang, Zichao, de Amorim, Arthur Azevedo, Jia, Limin, Pasareanu, Corina S..  2020.  Automating Compositional Analysis of Authentication Protocols. 2020 Formal Methods in Computer Aided Design (FMCAD). :113–118.
Modern verifiers for cryptographic protocols can analyze sophisticated designs automatically, but require the entire code of the protocol to operate. Compositional techniques, by contrast, allow us to verify each system component separately, against its own guarantees and assumptions about other components and the environment. Compositionality helps protocol design because it explains how the design can evolve and when it can run safely along other protocols and programs. For example, it might say that it is safe to add some functionality to a server without having to patch the client. Unfortunately, while compositional frameworks for protocol verification do exist, they require non-trivial human effort to identify specifications for the components of the system, thus hindering their adoption. To address these shortcomings, we investigate techniques for automated, compositional analysis of authentication protocols, using automata-learning techniques to synthesize assumptions for protocol components. We report preliminary results on the Needham-Schroeder-Lowe protocol, where our synthesized assumption was capable of lowering verification time while also allowing us to verify protocol variants compositionally.
2021-05-13
Hu, Xiaoyi, Wang, Ke.  2020.  Bank Financial Innovation and Computer Information Security Management Based on Artificial Intelligence. 2020 2nd International Conference on Machine Learning, Big Data and Business Intelligence (MLBDBI). :572—575.
In recent years, with the continuous development of various new Internet technologies, big data, cloud computing and other technologies have been widely used in work and life. The further improvement of data scale and computing capability has promoted the breakthrough development of artificial intelligence technology. The generalization and classification of financial science and technology not only have a certain impact on the traditional financial business, but also put forward higher requirements for commercial banks to operate financial science and technology business. Artificial intelligence brings fresh experience to financial services and is conducive to increasing customer stickiness. Artificial intelligence technology helps the standardization, modeling and intelligence of banking business, and helps credit decision-making, risk early warning and supervision. This paper first discusses the influence of artificial intelligence on financial innovation, and on this basis puts forward measures for the innovation and development of bank financial science and technology. Finally, it discusses the problem of computer information security management in bank financial innovation in the era of artificial intelligence.
2021-04-27
Ti, Y., Wu, C., Yu, C., Kuo, S..  2020.  Benchmarking Dynamic Searchable Symmetric Encryption Scheme for Cloud-Internet of Things Applications. IEEE Access. 8:1715–1732.
Recently, the rapid development of Internet of things (IoT) has resulted in the generation of a considerable amount of data, which should be stored. Therefore, it is necessary to develop methods that can easily capture, save, and modify these data. The data generated using IoT contain private information; therefore sufficient security features should be incorporated to ensure that potential attackers cannot access the data. Researchers from various fields are attempting to achieve data security. One of the major challenges is that IoT is a paradigm of how each device in the Internet infrastructure is interconnected to a globally dynamic network. When searching in dynamic cloud-stored data, sensitive data can be easily leaked. IoT data storage and retrieval from untrusted cloud servers should be secure. Searchable symmetric encryption (SSE) is a vital technology in the field of cloud storage. SSE allows users to use keywords to search for data in an untrusted cloud server but the keywords and the data content are concealed from the server. However, an SSE database is seldom used by cloud operators because the data stored on the cloud server is often modified. The server cannot update the data without decryption because the data are encrypted by the user. Therefore, dynamic SSE (DSSE) has been developed in recent years to support the aforementioned requirements. Instead of decrypting the data stored by customers, DSSE adds or deletes encrypted data on the server. A number of DSSE systems based on linked list structures or blind storage (a new primitive) have been proposed. From the perspective of functionality, extensibility, and efficiency, these DSSE systems each have their own advantages and drawbacks. The most crucial aspect of a system that is used in the cloud industry is the trade-off between performance and security. Therefore, we compared the efficiency and security of multiple DSSE systems and identified their shortcomings to develop an improved system.