Visible to the public Biblio

Found 2000 results

Filters: First Letter Of Last Name is A  [Clear All Filters]
[A] B C D E F G H I J K L M N O P Q R S T U V W X Y Z   [Show ALL]
U
Adams, M., Bhargava, V. K..  2017.  Using friendly jamming to improve route security and quality in ad hoc networks. 2017 IEEE 30th Canadian Conference on Electrical and Computer Engineering (CCECE). :1–6.

Friendly jamming is a physical layer security technique that utilizes extra available nodes to jam any eavesdroppers. This paper considers the use of additional available nodes as friendly jammers in order to improve the security performance of a route through a wireless area network. One of the unresolved technical challenges is the combining of security metrics with typical service quality metrics. In this context, this paper considers the problem of routing through a D2D network while jointly minimizing the secrecy outage probability (SOP) and connection outage probability (COP), using friendly jamming to improve the SOP of each link. The jamming powers are determined to place nulls at friendly receivers while maximizing the power to eavesdroppers. Then the route metrics are derived, and the problem is framed as a convex optimization problem. We also consider that not all network users equally value SOP and COP, and so introduce an auxiliary variable to tune the optimization between the two metrics.

Husari, G., Niu, X., Chu, B., Al-Shaer, E..  2018.  Using Entropy and Mutual Information to Extract Threat Actions from Cyber Threat Intelligence. 2018 IEEE International Conference on Intelligence and Security Informatics (ISI). :1–6.
With the rapid growth of the cyber attacks, cyber threat intelligence (CTI) sharing becomes essential for providing advance threat notice and enabling timely response to cyber attacks. Our goal in this paper is to develop an approach to extract low-level cyber threat actions from publicly available CTI sources in an automated manner to enable timely defense decision making. Specifically, we innovatively and successfully used the metrics of entropy and mutual information from Information Theory to analyze the text in the cybersecurity domain. Combined with some basic NLP techniques, our framework, called ActionMiner has achieved higher precision and recall than the state-of-the-art Stanford typed dependency parser, which usually works well in general English but not cybersecurity texts.
Al-Emadi, S., Al-Mohannadi, A., Al-Senaid, F..  2020.  Using Deep Learning Techniques for Network Intrusion Detection. 2020 IEEE International Conference on Informatics, IoT, and Enabling Technologies (ICIoT). :171—176.
In recent years, there has been a significant increase in network intrusion attacks which raises a great concern from the privacy and security aspects. Due to the advancement of the technology, cyber-security attacks are becoming very complex such that the current detection systems are not sufficient enough to address this issue. Therefore, an implementation of an intelligent and effective network intrusion detection system would be crucial to solve this problem. In this paper, we use deep learning techniques, namely, Convolutional Neural Networks (CNN) and Recurrent Neural Networks (RNN) to design an intelligent detection system which is able to detect different network intrusions. Additionally, we evaluate the performance of the proposed solution using different evaluation matrices and we present a comparison between the results of our proposed solution to find the best model for the network intrusion detection system.
Smith, A. M., Mayo, J. R., Kammler, V., Armstrong, R. C., Vorobeychik, Y..  2017.  Using computational game theory to guide verification and security in hardware designs. 2017 IEEE International Symposium on Hardware Oriented Security and Trust (HOST). :110–115.

Verifying that hardware design implementations adhere to specifications is a time intensive and sometimes intractable problem due to the massive size of the system's state space. Formal methods techniques can be used to prove certain tractable specification properties; however, they are expensive, and often require subject matter experts to develop and solve. Nonetheless, hardware verification is a critical process to ensure security and safety properties are met, and encapsulates problems associated with trust and reliability. For complex designs where coverage of the entire state space is unattainable, prioritizing regions most vulnerable to security or reliability threats would allow efficient allocation of valuable verification resources. Stackelberg security games model interactions between a defender, whose goal is to assign resources to protect a set of targets, and an attacker, who aims to inflict maximum damage on the targets after first observing the defender's strategy. In equilibrium, the defender has an optimal security deployment strategy, given the attacker's best response. We apply this Stackelberg security framework to synthesized hardware implementations using the design's network structure and logic to inform defender valuations and verification costs. The defender's strategy in equilibrium is thus interpreted as a prioritization of the allocation of verification resources in the presence of an adversary. We demonstrate this technique on several open-source synthesized hardware designs.

Ayoob, Mustafa, Adi, Wael, Prevelakis, Vassilis.  2017.  Using Ciphers for Failure-Recovery in ITS Systems. Proceedings of the 12th International Conference on Availability, Reliability and Security. :98:1–98:7.
Combining Error-Correction Coding ECC and cryptography was proposed in the recent decade making use of bit-quality parameters to improve the error correction capability. Most of such techniques combine authentication crypto-functions jointly with ECC codes to improve system reliability, while fewer proposals involve ciphering functions with ECC to improve reliability. In this work, we propose practical and pragmatic low-cost approaches for making use of existing ciphering functions for reliability improvement. The presented techniques show that ciphering functions (as deterministic, non-linear bijective functions) can serve to achieve error correction enhancement and hence allow error recovery and scalable security trade-offs with or without additional ECC components. We demonstrate two best-effort error-correcting strategies. It is further shown, that the targeted reliability improvement is scalable to attain practical usability. The first proposed technique is pure-cipher-based error correction procedure deploying hard decision, best-effort operations to improve the system-survivability without changing system configuration. The second strategy is making use of ECC in combination with the ciphering function to enhance system-survivability. The correction procedures are based on simple experimental search-and-modify the corrupted ciphertext until predefined criteria become valid. This procedure may, however, turn out to become equivalent to a successful integrity/authenticity attack that may reduce the system security level, however in a scalable and predictable non-significant fashion.
Avellaneda, Florent, Alikacem, El-Hackemi, Jaafar, Femi.  2019.  Using Attack Pattern for Cyber Attack Attribution. 2019 International Conference on Cybersecurity (ICoCSec). :1—6.

A cyber attack is a malicious and deliberate attempt by an individual or organization to breach the integrity, confidentiality, and/or availability of data or services of an information system of another individual or organization. Being able to attribute a cyber attack is a crucial question for security but this question is also known to be a difficult problem. The main reason why there is currently no solution that automatically identifies the initiator of an attack is that attackers usually use proxies, i.e. an intermediate node that relays a host over the network. In this paper, we propose to formalize the problem of identifying the initiator of a cyber attack. We show that if the attack scenario used by the attacker is known, then we are able to resolve the cyber attribution problem. Indeed, we propose a model to formalize these attack scenarios, that we call attack patterns, and give an efficient algorithm to search for attack pattern on a communication history. Finally, we experimentally show the relevance of our approach.

Ben-Yaakov, Y., Meyer, J., Wang, X., An, B..  2020.  User detection of threats with different security measures. 2020 IEEE International Conference on Human-Machine Systems (ICHMS). :1—6.

Cyber attacks and the associated costs made cybersecurity a vital part of any system. User behavior and decisions are still a major part in the coping with these risks. We developed a model of optimal investment and human decisions with security measures, given that the effectiveness of each measure depends partly on the performance of the others. In an online experiment, participants classified events as malicious or non-malicious, based on the value of an observed variable. Prior to making the decisions, they had invested in three security measures - a firewall, an IDS or insurance. In three experimental conditions, maximal investment in only one of the measures was optimal, while in a fourth condition, participants should not have invested in any of the measures. A previous paper presents the analysis of the investment decisions. This paper reports users' classifications of events when interacting with these systems. The use of security mechanisms helped participants gain higher scores. Participants benefited in particular from purchasing IDS and/or Cyber Insurance. Participants also showed higher sensitivity and compliance with the alerting system when they could benefit from investing in the IDS. Participants, however, did not adjust their behavior optimally to the security settings they had chosen. The results demonstrate the complex nature of risk-related behaviors and the need to consider human abilities and biases when designing cyber security systems.

Alruwaythi, M., Kambampaty, K., Nygard, K..  2018.  User Behavior Trust Modeling in Cloud Security. 2018 International Conference on Computational Science and Computational Intelligence (CSCI). :1336–1339.
Evaluating user behavior in cloud computing infrastructure is important for both Cloud Users and Cloud Service Providers. The service providers must ensure the safety of users who access the cloud. User behavior can be modeled and employed to help assess trust and play a role in ensuring authenticity and safety of the user. In this paper, we propose a User Behavior Trust Model based on Fuzzy Logic (UBTMFL). In this model, we develop user history patterns and compare them current user behavior. The outcome of the comparison is sent to a trust computation center to calculate a user trust value. This model considers three types of trust: direct, history and comprehensive. Simulation results are included.
Ahmad, Kashif, Conci, Nicola, Boato, Giulia, De Natale, Francesco G. B..  2016.  USED: A Large-scale Social Event Detection Dataset. Proceedings of the 7th International Conference on Multimedia Systems. :50:1–50:6.

Event discovery from single pictures is a challenging problem that has raised significant interest in the last decade. During this time, a number of interesting solutions have been proposed to tackle event discovery in still images. However, a large scale benchmarking image dataset for the evaluation and comparison of event discovery algorithms from single images is still lagging behind. To this aim, in this paper we provide a large-scale properly annotated and balanced dataset of 490,000 images, covering every aspect of 14 different types of social events, selected among the most shared ones in the social network. Such a large scale collection of event-related images is intended to become a powerful support tool for the research community in multimedia analysis by providing a common benchmark for training, testing, validation and comparison of existing and novel algorithms. In this paper, we provide a detailed description of how the dataset is collected, organized and how it can be beneficial for the researchers in the multimedia analysis domain. Moreover, a deep learning based approach is introduced into event discovery from single images as one of the possible applications of this dataset with a belief that deep learning can prove to be a breakthrough also in this research area. By providing this dataset, we hope to gather research community in the multimedia and signal processing domains to advance this application.

Aiping Xiong, Robert W. Proctor, Ninghui Li, Weining Yang.  2016.  Use of Warnings for Instructing Users How to Detect Phishing Webpages. 46th Annual Meeting of the Society for Computers in Psychology.

The ineffectiveness of phishing warnings has been attributed to users' poor comprehension of the warning. However, the effectiveness of a phishing warning is typically evaluated at the time when users interact with a suspected phishing webpage, which we call the effect with phishing warning. Nevertheless, users' improved phishing detection when the warning is absent—or the effect of the warning—is the ultimate goal to prevent users from falling for phishing scams. We conducted an online study to evaluate the effect with and of several phishing warning variations, varying the point at which the warning was presented and whether procedural knowledge instruction was included in the warning interface. The current Chrome phishing warning was also included as a control. 360 Amazon Mechanical-Turk workers made submission; 500¬ word maximum for symposia) decisions about 10 login webpages (8 authentic, 2 fraudulent) with the aid of warning (first phase). After a short distracting task, the workers made the same decisions about 10 different login webpages (8 authentic, 2 fraudulent) without warning. In phase one, the compliance rates with two proposed warning interfaces (98% and 94%) were similar to those of the Chrome warning (98%), regardless of when the warning was presented. In phase two (without warning), performance was better for the condition in which warning with procedural knowledge instruction was presented before the phishing webpage in phase one, suggesting a better of effect than for the other conditions. With the procedural knowledge of how to determine a webpage’s legitimacy, users identified phishing webpages more accurately even without the warning being presented.

Aiping Xiong, Robert W. Proctor, Ninghui Li, Weining Yang.  2016.  Use of Warnings for Instructing Users How to Detect Phishing Webpages. 46th Annual Meeting of the Society for Computers in Psychology.

The ineffectiveness of phishing warnings has been attributed to users' poor comprehension of the warning. However, the effectiveness of a phishing warning is typically evaluated at the time when users interact with a suspected phishing webpage, which we call the effect with phishing warning. Nevertheless, users' improved phishing detection when the warning is absent—or the effect of the warning—is the ultimate goal to prevent users from falling for phishing scams. We conducted an online study to evaluate the effect with and of several phishing warning variations, varying the point at which the warning was presented and whether procedural knowledge instruction was included in the warning interface. The current Chrome phishing warning was also included as a control. 360 Amazon Mechanical-Turk workers made submission; 500¬ word maximum for symposia) decisions about 10 login webpages (8 authentic, 2 fraudulent) with the aid of warning (first phase). After a short distracting task, the workers made the same decisions about 10 different login webpages (8 authentic, 2 fraudulent) without warning. In phase one, the compliance rates with two proposed warning interfaces (98% and 94%) were similar to those of the Chrome warning (98%), regardless of when the warning was presented. In phase two (without warning), performance was better for the condition in which warning with procedural knowledge instruction was presented before the phishing webpage in phase one, suggesting a better of effect than for the other conditions. With the procedural knowledge of how to determine a webpage’s legitimacy, users identified phishing webpages more accurately even without the warning being presented.

Weining Yang, Aiping Xiong, Jing Chen, Robert W. Proctor, Ninghui Li.  2017.  Use of Phishing Training to Improve Security Warning Compliance: Evidence from a Field Experiment.

The current approach to protect users from phishing attacks is to display a warning when the webpage is considered suspicious. We hypothesize that users are capable of making correct informed decisions when the warning also conveys the reasons why it is displayed. We chose to use traffic rankings of domains, which can be easily described to users, as a warning trigger and evaluated the effect of the phishing warning message and phishing training. The evaluation was conducted in a field experiment. We found that knowledge gained from the training enhances the effectiveness of phishing warnings, as the number of participants being phished was reduced. However, the knowledge by itself was not sufficient to provide phishing protection. We suggest that integrating training in the warning interface, involving traffic ranking in phishing detection, and explaining why warnings are generated will improve current phishing defense.

Hajdu, Gergo, Minoso, Yaclaudes, Lopez, Rafael, Acosta, Miguel, Elleithy, Abdelrahman.  2019.  Use of Artificial Neural Networks to Identify Fake Profiles. 2019 IEEE Long Island Systems, Applications and Technology Conference (LISAT). :1–4.
In this paper, we use machine learning, namely an artificial neural network to determine what are the chances that Facebook friend request is authentic or not. We also outline the classes and libraries involved. Furthermore, we discuss the sigmoid function and how the weights are determined and used. Finally, we consider the parameters of the social network page which are utmost important in the provided solution.
Arzhakov, A. V..  2018.  Usage of game theory in the internet wide scan. 2018 IEEE Conference of Russian Young Researchers in Electrical and Electronic Engineering (EIConRus). :5–8.

This article examines Usage of Game Theory in The Internet Wide Scan. There is compiled model of “Network Scanning” game. There is described process of players interaction in the coalition antagonistic and network games. The concept of target system's cost is suggested. Moreover, there is suggested its application in network scanning, particularly, when detecting honeypot/honeynet systems.

Agirre, I., Onaindia, P., Poggi, T., Yarza, I., Cazorla, F. J., Kosmidis, L., Grüttner, K., Abuteir, M., Loewe, J., Orbegozo, J. M. et al..  2020.  UP2DATE: Safe and secure over-the-air software updates on high-performance mixed-criticality systems. 2020 23rd Euromicro Conference on Digital System Design (DSD). :344–351.
Following the same trend of consumer electronics, safety-critical industries are starting to adopt Over-The-Air Software Updates (OTASU) on their embedded systems. The motivation behind this trend is twofold. On the one hand, OTASU offer several benefits to the product makers and users by improving or adding new functionality and services to the product without a complete redesign. On the other hand, the increasing connectivity trend makes OTASU a crucial cyber-security demand to download latest security patches. However, the application of OTASU in the safety-critical domain is not free of challenges, specially when considering the dramatic increase of software complexity and the resulting high computing performance demands. This is the mission of UP2DATE, a recently launched project funded within the European H2020 programme focused on new software update architectures for heterogeneous high-performance mixed-criticality systems. This paper gives an overview of UP2DATE and its foundations, which seeks to improve existing OTASU solutions by considering safety, security and availability from the ground up in an architecture that builds around composability and modularity.
Atul Bohara, University of Illinois at Urbana-Champaign, Mohammad A. Noureddine, University of Illinois at Urbana-Champaign, Ahmed Fawaz, University of Illinois at Urbana-Champaign, William Sanders, University of Illinois at Urbana-Champaign.  2017.  An Unsupervised Multi-Detector Approach for Identifying Malicious Lateral Movement. IEEE 36th Symposium on Reliable Distributed Systems (SRDS).

Abstract—Lateral movement-based attacks are increasingly leading to compromises in large private and government networks, often resulting in information exfiltration or service disruption. Such attacks are often slow and stealthy and usually evade existing security products. To enable effective detection of such attacks, we present a new approach based on graph-based modeling of the security state of the target system and correlation of diverse indicators of anomalous host behavior. We believe that irrespective of the specific attack vectors used, attackers typically establish a command and control channel to operate, and move in the target system to escalate their privileges and reach sensitive areas. Accordingly, we identify important features of command and control and lateral movement activities and extract them from internal and external communication traffic. Driven by the analysis of the features, we propose the use of multiple anomaly detection techniques to identify compromised hosts. These methods include Principal Component Analysis, k-means clustering, and Median Absolute Deviation-based utlier detection. We evaluate the accuracy of identifying compromised hosts by using injected attack traffic in a real enterprise network dataset, for various attack communication models. Our results show that the proposed approach can detect infected hosts with high accuracy and a low false positive rate.

Marques, J., Andrade, J., Falcao, G..  2017.  Unreliable memory operation on a convolutional neural network processor. 2017 IEEE International Workshop on Signal Processing Systems (SiPS). :1–6.

The evolution of convolutional neural networks (CNNs) into more complex forms of organization, with additional layers, larger convolutions and increasing connections, established the state-of-the-art in terms of accuracy errors for detection and classification challenges in images. Moreover, as they evolved to a point where Gigabytes of memory are required for their operation, we have reached a stage where it becomes fundamental to understand how their inference capabilities can be impaired if data elements somehow become corrupted in memory. This paper introduces fault-injection in these systems by simulating failing bit-cells in hardware memories brought on by relaxing the 100% reliable operation assumption. We analyze the behavior of these networks calculating inference under severe fault-injection rates and apply fault mitigation strategies to improve on the CNNs resilience. For the MNIST dataset, we show that 8x less memory is required for the feature maps memory space, and that in sub-100% reliable operation, fault-injection rates up to 10-1 (with most significant bit protection) can withstand only a 1% error probability degradation. Furthermore, considering the offload of the feature maps memory to an embedded dynamic RAM (eDRAM) system, using technology nodes from 65 down to 28 nm, up to 73 80% improved power efficiency can be obtained.

Arrieta, Miguel, Esnaola, Iñaki, Effros, Michelle.  2019.  Universal Privacy Guarantees for Smart Meters. 2019 IEEE International Symposium on Information Theory (ISIT). :2154–2158.
Smart meters enable improvements in electricity distribution system efficiency at some cost in customer privacy. Users with home batteries can mitigate this privacy loss by applying charging policies that mask their underlying energy use. A battery charging policy is proposed and shown to provide universal privacy guarantees subject to a constraint on energy cost. The guarantee bounds our strategy's maximal information leakage from the user to the utility provider under general stochastic models of user energy consumption. The policy construction adapts coding strategies for non-probabilistic permuting channels to this privacy problem.
Hovhannes, H. Hakobyan, Arman, V. Vardumyan, Harutyun, T. Kostanyan.  2019.  Unit Regression Test Selection According To Different Hashing Algorithms. 2019 IEEE East-West Design Test Symposium (EWDTS). :1–4.
An approach for effective regression test selection is proposed, which minimizes the resource usage and amount of time required for complete testing of new features. Provided are the details of the analysis of hashing algorithms used during implementation in-depth review of the software, together with the results achieved during the testing process.
Ahmed, Farooq, Li, Xudong, Niu, Yukun, Zhang, Chi, Wei, Lingbo, Gu, Chengjie.  2020.  UniRoam: An Anonymous and Accountable Authentication Scheme for Cross-Domain Access. 2020 International Conference on Networking and Network Applications (NaNA). :198—205.
In recent years, cross-domain roaming through Wi-Fi is ubiquitous, and the number of roaming users has increased dramatically. It is essential to authenticate users belonging to different institutes to ensure network privacy and security. Existing systems, such as eduroam, have centralized and hierarchical structure on indorse accounts that create privacy and security issues. We have proposed UniRoam, a blockchain-based cross-domain authentication scheme that provides accountability and anonymity without any trusted authority. Unlike traditional centralized approaches, UniRoam provides access authentication for its servers and users to provide anonymity and accountability without any privacy leakage issues efficiently. By using the sovrin identifier as an anonymous identity, we integrate our system with Hyperledger and Intel SGX to authenticate users that preserves both anonymity and trust when the user connects to the network. Therefore, UniRoam is highly “faulted-tolerant” to deal with different attacks and provides an effective solution that can be deployed easily in different environments.
Šišejković, Dominik, Leupers, Rainer, Ascheid, Gerd, Metzner, Simon.  2018.  A Unifying Logic Encryption Security Metric. Proceedings of the 18th International Conference on Embedded Computer Systems: Architectures, Modeling, and Simulation. :179–186.
The globalization of the IC supply chain has brought forth the era of fabless companies. Due to security issues during design and fabrication processes, various security concerns have risen, ranging from IP piracy and reverse engineering to hardware Trojans. Logic encryption has emerged as a mitigation against these threats. However, no generic metrics for quantifying the security of logic encryption algorithms has been reported so far, making it impossible to formally compare different approaches. In this paper, we propose a unifying metric, capturing the key security aspects of logic encryption algorithms. The metric is evaluated on state-of-the-art algorithms and benchmarks.
Babaie, T., Chawla, S., Ardon, S., Yue Yu.  2014.  A unified approach to network anomaly detection. Big Data (Big Data), 2014 IEEE International Conference on. :650-655.

This paper presents a unified approach for the detection of network anomalies. Current state of the art methods are often able to detect one class of anomalies at the cost of others. Our approach is based on using a Linear Dynamical System (LDS) to model network traffic. An LDS is equivalent to Hidden Markov Model (HMM) for continuous-valued data and can be computed using incremental methods to manage high-throughput (volume) and velocity that characterizes Big Data. Detailed experiments on synthetic and real network traces shows a significant improvement in detection capability over competing approaches. In the process we also address the issue of robustness of network anomaly detection systems in a principled fashion.
 

Zahilah, R., Tahir, F., Zainal, A., Abdullah, A. H., Ismail, A. S..  2017.  Unified Approach for Operating System Comparisons with Windows OS Case Study. 2017 IEEE Conference on Application, Information and Network Security (AINS). :91–96.

The advancement in technology has changed how people work and what software and hardware people use. From conventional personal computer to GPU, hardware technology and capability have dramatically improved so does the operating systems that come along. Unfortunately, current industry practice to compare OS is performed with single perspective. It is either benchmark the hardware level performance or performs penetration testing to check the security features of an OS. This rigid method of benchmarking does not really reflect the true performance of an OS as the performance analysis is not comprehensive and conclusive. To illustrate this deficiency, the study performed hardware level and operational level benchmarking on Windows XP, Windows 7 and Windows 8 and the results indicate that there are instances where Windows XP excels over its newer counterparts. Overall, the research shows Windows 8 is a superior OS in comparison to its predecessors running on the same hardware. Furthermore, the findings also show that the automated benchmarking tools are proved less efficient benchmark systems that run on Windows XP and older OS as they do not support DirectX 11 and other advanced features that the hardware supports. There lies the need to have a unified benchmarking approach to compare other aspects of OS such as user oriented tasks and security parameters to provide a complete comparison. Therefore, this paper is proposing a unified approach for Operating System (OS) comparisons with the help of a Windows OS case study. This unified approach includes comparison of OS from three aspects which are; hardware level, operational level performance and security tests.

Shehzad, Muhammad Karam, Ahmed, Abbirah.  2016.  Unified Analysis of Semi-Blind Spectrum Sensing Techniques Under Low-SNR for CRNWs. Proceedings of the 8th International Conference on Signal Processing Systems. :208–211.

Spectrum sensing (signal detection) under low signal to noise ratio is a fundamental problem in cognitive radio networks. In this paper, we have analyzed maximum eigenvalue detection (MED) and energy detection (ED) techniques known as semi-blind spectrum sensing techniques. Simulations are performed by using independent and identically distributed (iid) signals to verify the results. Maximum eigenvalue detection algorithm exploits correlation in received signal samples and hence, performs same as energy detection algorithm under high signal to noise ratio. Energy detection performs well under low signal to noise ratio for iid signals and its performance reaches maximum eigenvalue detection under high signal to noise ratio. Both algorithms don't need any prior knowledge of primary user signal for detection and hence can be used in various applications.

Anyfantis, D. I., Sarigiannidou, E., Rapenne, L., Stamatelatos, A., Ntemogiannis, D., Kapaklis, V., Poulopoulos, P..  2019.  Unexpected Development of Perpendicular Magnetic Anisotropy in Ni/NiO Multilayers After Mild Thermal Annealing. IEEE Magnetics Letters. 10:1–5.
We report on the significant enhancement of perpendicular magnetic anisotropy of Ni/NiO multilayers after mild annealing up to 90 min at 250 °C. Transmission electron microscopy shows that after annealing, a partial crystallization of the initially amorphous NiO layers occurs. This turns out to be the source of the anisotropy enhancement. Magnetic measurements reveal that even multilayers with Ni layers as thick as 7 nm, which in the as-deposited state showed inplane anisotropy with square hysteresis loops, show reduced in-plane remanence after thermal treatment. Hysteresis loops recorded with the field in the normal-to-film-plane direction provide evidence for perpendicular magnetic anisotropy with up and down magnetic domains at remanence. A plot of effective uniaxial magnetic anisotropy constant times individual Ni layer thickness as a function of individual Ni layer thickness shows a large change in the slope of the data attributed to a drastic change of volume anisotropy. Surface anisotropy showed a small decrease because of some layer roughening introduced by annealing.