Visible to the public Biblio

Found 919 results

Filters: First Letter Of Last Name is A  [Clear All Filters]
[A] B C D E F G H I J K L M N O P Q R S T U V W X Y Z   [Show ALL]
A
Azzedin, F., Suwad, H., Alyafeai, Z..  2017.  Countermeasureing Zero Day Attacks: Asset-Based Approach. 2017 International Conference on High Performance Computing Simulation (HPCS). :854–857.

There is no doubt that security issues are on the rise and defense mechanisms are becoming one of the leading subjects for academic and industry experts. In this paper, we focus on the security domain and envision a new way of looking at the security life cycle. We utilize our vision to propose an asset-based approach to countermeasure zero day attacks. To evaluate our proposal, we built a prototype. The initial results are promising and indicate that our prototype will achieve its goal of detecting zero-day attacks.

Azzaz, M. S., Tanougast, C., Maali, A., Benssalah, M..  2018.  Hardware Implementation of Multi-Scroll Chaos Based Architecture for Securing Biometric Templates. 2018 International Conference on Smart Communications in Network Technologies (SaCoNeT). :227-231.

In spite of numerous advantages of biometrics-based personal authentication systems over traditional security systems based on token or knowledge, they are vulnerable to attacks that can decrease their security considerably. In this paper, we propose a new hardware solution to protect biometric templates such as fingerprint. The proposed scheme is based on chaotic N × N grid multi-scroll system and it is implemented on Xilinx FPGA. The hardware implementation is achieved by applying numerical solution methods in our study, we use EM (Euler Method). Simulation and experimental results show that the proposed scheme allows a low cost image encryption for embedded systems while still providing a good trade-off between performance and hardware resources. Indeed, security analysis performed to the our scheme, is strong against known different attacks, such as: brute force, statistical, differential, and entropy. Therefore, the proposed chaos-based multiscroll encryption algorithm is suitable for use in securing embedded biometric systems.

Azriel, Leonid, Ginosar, Ran, Gueron, Shay, Mendelson, Avi.  2016.  Using Scan Side Channel for Detecting IP Theft. Proceedings of the Hardware and Architectural Support for Security and Privacy 2016. :1:1–1:8.

We present a process for detection of IP theft in VLSI devices that exploits the internal test scan chains. The IP owner learns implementation details in the suspect device to find evidence of the theft, while the top level function is public. The scan chains supply direct access to the internal registers in the device, thus making it possible to learn the logic functions of the internal combinational logic chunks. Our work introduces an innovative way of applying Boolean function analysis techniques for learning digital circuits with the goal of IP theft detection. By using Boolean function learning methods, the learner creates a partial dependency graph of the internal flip-flops. The graph is further partitioned using the SNN graph clustering method, and individual blocks of combinational logic are isolated. These blocks can be matched with known building blocks that compose the original function. This enables reconstruction of the function implementation to the level of pipeline structure. The IP owner can compare the resulting structure with his own implementation to confirm or refute that an IP violation has occurred. We demonstrate the power of the presented approach with a test case of an open source Bitcoin SHA-256 accelerator, containing more than 80,000 registers. With the presented method we discover the microarchitecture of the module, locate all the main components of the SHA-256 algorithm, and learn the module's flow control.

Azmoodeh, A., Dehghantanha, A., Choo, K. R..  2018.  Robust Malware Detection for Internet Of (Battlefield) Things Devices Using Deep Eigenspace Learning. IEEE Transactions on Sustainable Computing. :1–1.

Internet of Things (IoT) in military setting generally consists of a diverse range of Internet-connected devices and nodes (e.g. medical devices to wearable combat uniforms), which are a valuable target for cyber criminals, particularly state-sponsored or nation state actors. A common attack vector is the use of malware. In this paper, we present a deep learning based method to detect Internet Of Battlefield Things (IoBT) malware via the device's Operational Code (OpCode) sequence. We transmute OpCodes into a vector space and apply a deep Eigenspace learning approach to classify malicious and bening application. We also demonstrate the robustness of our proposed approach in malware detection and its sustainability against junk code insertion attacks. Lastly, we make available our malware sample on Github, which hopefully will benefit future research efforts (e.g. for evaluation of proposed malware detection approaches).

Aziz, Nooralhuda waheed, Alsaad, Saad Najim, Hmood, Haider kadhum.  2019.  Implementation of Lightweight Stream Cipher in AODV Routing Protocol for MANET. 2019 First International Conference of Computer and Applied Sciences (CAS). :210—215.

The growing use of MANETs and its vulnerability to attacks due to its fundamental characteristics make secure routing one of the most considerable challenges. In this paper, a new security scheme for mobile ad hoc networks (MANETs) is presented. The proposed scheme used Trivium lightweight stream cipher algorithm in combination with HMAC to secure the routing control packets. This paper compares the performance of the AODV after implementing the security scheme in terms of throughput, delay sum (end-to-end), jitter sum (end-to-end) and packet loss ratio. The proposed scheme shows better performance than original AODV under blackhole attack.

Azimi, Mahdi, Sami, Ashkan, Khalili, Abdullah.  2014.  A Security Test-Bed for Industrial Control Systems. Proceedings of the 1st International Workshop on Modern Software Engineering Methods for Industrial Automation. :26–31.

Industrial Control Systems (ICS) such as Supervisory Control And Data Acquisition (SCADA), Distributed Control Systems (DCS) and Distributed Automation Systems (DAS) control and monitor critical infrastructures. In recent years, proliferation of cyber-attacks to ICS revealed that a large number of security vulnerabilities exist in such systems. Excessive security solutions are proposed to remove the vulnerabilities and improve the security of ICS. However, to the best of our knowledge, none of them presented or developed a security test-bed which is vital to evaluate the security of ICS tools and products. In this paper, a test-bed is proposed for evaluating the security of industrial applications by providing different metrics for static testing, dynamic testing and network testing in industrial settings. Using these metrics and results of the three tests, industrial applications can be compared with each other from security point of view. Experimental results on several real world applications indicate that proposed test-bed can be successfully employed to evaluate and compare the security level of industrial applications.

Azhari, Budi, Yazid, Edwar, Devi, Merry Indahsari.  2020.  Dynamic Inductance Simulation of a Linear Permanent Magnet Generator Under Different Magnet Configurations. 2020 International Conference on Sustainable Energy Engineering and Application (ICSEEA). :1–8.
Recently, some innovations have been applied to the linear permanent magnet generator (LPMG). They are including the introduction of high-remanence rare-earth magnets and the use of different magnet configurations. However, these actions also affect the flow and distribution of the magnetic flux. Under the load condition, the load current will also generate reverse flux. The flux resultant then affects the coil parameters; the significant one is the coil inductance. Since it is influential to the output voltage and output power profiles, the impact study of the permanent magnet settings under load condition is essential. Hence this paper presents the inductance profile study of the LMPG with different magnet configurations. After presenting the initial designs, several magnet settings including the material and configuration were varied. Finite element magnetic simulation and analytical calculations were then performed to obtain the inductance profile of the LPMG. The results show that the inductance value varies with change in load current and magnet position. The different magnet materials (SmCo 30 and N35) do not significantly affect the inductance. Meanwhile, different magnet configuration (radial, axial, halbach) results in different inductance trends.
Azhagumurgan, R., Sivaraman, K., Ramachandran, S. S., Yuvaraj, R., Veeraraghavan, A. K..  2018.  Design and Development of Acoustic Power Transfer Using Infrasonic Sound. 2018 International Conference on Power, Energy, Control and Transmission Systems (ICPECTS). :43–46.
Wireless transmission of power has been in research for over a century. Our project aims at transmitting electric power over a distance of room. Various methods using microwaves, lasers, inductive coupling, capacitive coupling and acoustic medium have been used. In our project, we are majorly focusing on acoustic method of transferring power. Previous attempts of transferring power using acoustic methods have employed the usage of ultrasonic sound. In our project, we are using infrasonic sound as a medium to transfer electrical power. For this purpose, we are using suitable transducers and converters to transmit electric power from the 220V AC power supply to a load over a considerable distance. This technology can be used to wirelessly charge various devices more effectively.
Azfar, A., Choo, K.-K.R., Lin Liu.  2014.  A Study of Ten Popular Android Mobile VoIP Applications: Are the Communications Encrypted? System Sciences (HICSS), 2014 47th Hawaii International Conference on. :4858-4867.

Mobile Voice over Internet Protocol (mVoIP) applications have gained increasing popularity in the last few years, with millions of users communicating using such applications (e.g. Skype). Similar to other forms of Internet and telecommunications, mVoIP communications are vulnerable to both lawful and unauthorized interceptions. Encryption is a common way of ensuring the privacy of mVoIP users. To the best of our knowledge, there has been no academic study to determine whether mVoIP applications provide encrypted communications. In this paper, we examine Skype and nine other popular mVoIP applications for Android mobile devices, and analyze the intercepted communications to determine whether the captured voice and text communications are encrypted (or not). The results indicate that most of the applications encrypt text communications. However, voice communications may not be encrypted in six of the ten applications examined.

Azevedo, Ernani, Machado, Marcos, Melo, Rodrigo, Aschoff, Rafael, Sadok, Djamel, Carmo, Ubiratan do.  2016.  Adopting Security Routines in Legacy Organizations. Proceedings of the 2016 Workshop on Fostering Latin-American Research in Data Communication Networks. :55–57.

Security is a well-known critical issue and exploitation of vulnerabilities is increasing in number, sophistication and damage. Furthermore, legacy systems tend to offer difficulty when upgrades are needed, specially when security recommendations are proposed. This paper presents a strategy for legacy systems based on three disciplines which guide the adoption of secure routines while avoid production drop. We present a prototype framework and discuss its success in providing security to the network of a power plant.

Azarderakhsh, Reza, Jao, David, Kalach, Kassem, Koziel, Brian, Leonardi, Christopher.  2016.  Key Compression for Isogeny-Based Cryptosystems. Proceedings of the 3rd ACM International Workshop on ASIA Public-Key Cryptography. :1–10.

We present a method for key compression in quantumresistant isogeny-based cryptosystems, which allows a reduction in and transmission costs of per-party public information by a factor of two, with no e ect on security. We achieve this reduction by associating a canonical choice of elliptic curve to each j-invariant, and representing elements on the curve as linear combinations with respect to a canonical choice of basis. This method of compressing public information can be applied to numerous isogeny-based protocols, such as key exchange, zero-knowledge identi cation, and public-key encryption. We performed personal computer and ARM implementations of the key exchange with compression and decompression in C and provided timing results, showing the computational cost of key compression and decompression at various security levels. Our results show that isogeny-based cryptosystems achieve by far the smallest possible key sizes among all existing families of post-quantum cryptosystems at practical security levels; e.g. 3073-bit public keys at the quantum 128-bit security level, comparable to (non-quantum) RSA key sizes.

Azarderakhsh, Reza, Karabina, Koray.  2016.  Efficient Algorithms and Architectures for Double Point Multiplication on Elliptic Curves. Proceedings of the Third Workshop on Cryptography and Security in Computing Systems. :25–30.

Efficient implementation of double point multiplication is crucial for elliptic curve cryptographic systems. We propose efficient algorithms and architectures for the computation of double point multiplication on binary elliptic curves and provide a comparative analysis of their performance for 112-bit security level. To the best of our knowledge, this is the first work in the literature which considers the design and implementation of simultaneous computation of double point multiplication. We first provide algorithmics for the three main double point multiplication methods. Then, we perform data-flow analysis and propose hardware architectures for the presented algorithms. Finally, we implement the proposed state-of-the-art architectures on FPGA platform for the comparison purposes and report the area and timing results. Our results indicate that differential addition chain based algorithms are better suited to compute double point multiplication over binary elliptic curves for high performance applications.

Azaman, M. A. bin, Nguyen, N. P., Ha, D. B., Truong, T. V..  2017.  Secrecy outage probability of full-duplex networks with cognitive radio environment and partial relay selection. 2017 International Conference on Recent Advances in Signal Processing, Telecommunications Computing (SigTelCom). :119–123.

This paper investigates the secrecy performance of full-duplex relay mode in underlay cognitive radio networks using decode-and-forward relay selection. The analytical results prove that full-duplex mode can guarantee security under critical conditions such as the bad residual self-interference and the presence of hi-tech eavesdropper. The secrecy outage probability is derived based on the statistical characteristics of channels in this considered system. The system is examined under five circumferences: 1) Different values of primary network's desired outage probability; 2) Different values of primary transmitter's transmit power; 3) Applying of multiple relays selection; 4) Systems undergo path-loss during the transmission process; 5) Systems undergo self-interference in relays. Simulation results are presented to verify the analysis.

Azakami, Tomoka, Shibata, Chihiro, Uda, Ryuya, Kinoshita, Toshiyuki.  2019.  Creation of Adversarial Examples with Keeping High Visual Performance. 2019 IEEE 2nd International Conference on Information and Computer Technologies (ICICT). :52—56.
The accuracy of the image classification by the convolutional neural network is exceeding the ability of human being and contributes to various fields. However, the improvement of the image recognition technology gives a great blow to security system with an image such as CAPTCHA. In particular, since the character string CAPTCHA has already added distortion and noise in order not to be read by the computer, it becomes a problem that the human readability is lowered. Adversarial examples is a technique to produce an image letting an image classification by the machine learning be wrong intentionally. The best feature of this technique is that when human beings compare the original image with the adversarial examples, they cannot understand the difference on appearance. However, Adversarial examples that is created with conventional FGSM cannot completely misclassify strong nonlinear networks like CNN. Osadchy et al. have researched to apply this adversarial examples to CAPTCHA and attempted to let CNN misclassify them. However, they could not let CNN misclassify character images. In this research, we propose a method to apply FGSM to the character string CAPTCHAs and to let CNN misclassified them.
Azakami, T., Shibata, C., Uda, R..  2017.  Challenge to Impede Deep Learning against CAPTCHA with Ergonomic Design. 2017 IEEE 41st Annual Computer Software and Applications Conference (COMPSAC). 1:637–642.

Once we had tried to propose an unbreakable CAPTCHA and we reached a result that limitation of time is effect to prevent computers from recognizing characters accurately while computers can finally recognize all text-based CAPTCHA in unlimited time. One of the existing usual ways to prevent computers from recognizing characters is distortion, and adding noise is also effective for the prevention. However, these kinds of prevention also make recognition of characters by human beings difficult. As a solution of the problems, an effective text-based CAPTCHA algorithm with amodal completion was proposed by our team. Our CAPTCHA causes computers a large amount of calculation costs while amodal completion helps human beings to recognize characters momentarily. Our CAPTCHA has evolved with aftereffects and combinations of complementary colors. We evaluated our CAPTCHA with deep learning which is attracting the most attention since deep learning is faster and more accurate than existing methods for recognition with computers. In this paper, we add jagged lines to edges of characters since edges are one of the most important parts for recognition in deep learning. In this paper, we also evaluate that how much the jagged lines decrease recognition of human beings and how much they prevent computers from the recognition. We confirm the effects of our method to deep learning.

Azaiez, Meriem, Chainbi, Walid.  2016.  A Multi-agent System Architecture for Self-Healing Cloud Infrastructure. Proceedings of the International Conference on Internet of Things and Cloud Computing. :7:1–7:6.

The popularity of Cloud computing has considerably increased during the last years. The increase of Cloud users and their interactions with the Cloud infrastructure raise the risk of resources faults. Such a problem can lead to a bad reputation of the Cloud environment which slows down the evolution of this technology. To address this issue, the dynamic and the complex architecture of the Cloud should be taken into account. Indeed, this architecture requires that resources protection and healing must be transparent and without external intervention. Unlike previous work, we suggest integrating the fundamental aspects of autonomic computing in the Cloud to deal with the self-healing of Cloud resources. Starting from the high degree of match between autonomic computing systems and multiagent systems, we propose to take advantage from the autonomous behaviour of agent technology to create an intelligent Cloud that supports autonomic aspects. Our proposed solution is a multi-agent system which interacts with the Cloud infrastructure to analyze the resources state and execute Checkpoint/Replication strategy or migration technique to solve the problem of failed resources.

Azahari, A. M., Ahmad, A., Rahayu, S. B., Halip, M. H. Mohamed.  2020.  CheckMyCode: Assignment Submission System with Cloud-Based Java Compiler. 2020 8th International Conference on Information Technology and Multimedia (ICIMU). :343–347.
Learning programming language of Java is a basic part of the Computer Science and Engineering curriculum. Specific Java compiler is a requirement for writing and convert the writing code to executable format. However, some local installed Java compiler is suffering from compatibility, portability and storage space issues. These issues sometimes affect student-learning interest and slow down the learning process. This paper is directed toward the solution for such problems, which offers a new programming assignment submission system with cloud-based Java compiler and is known as CheckMyCode. Leveraging cloud-computing technology in terms of its availability, prevalence and affordability, CheckMyCode implements Java cloud-based programming compiler as a part of the assignment management system. CheckMyCode system is a cloud-based system that allows both main users, which are a lecturer and student to access the system via a browser on PC or smart devices. Modules of submission assignment system with cloud compiler allow lecturer and student to manage Java programming task in one platform. A framework, system module, main user and feature of CheckMyCode are presented. Also, taking into account are the future study/direction and new enhancement of CheckMyCode.
Azad, Muhammad Ajmal, Bag, Samiran.  2017.  Decentralized Privacy-aware Collaborative Filtering of Smart Spammers in a Telecommunication Network. Proceedings of the Symposium on Applied Computing. :1711–1717.

Smart spammers and telemarketers circumvent the standalone spam detection systems by making low rate spam-ming activity to a large number of recipients distributed across many telecommunication operators. The collaboration among multiple telecommunication operators (OPs) will allow operators to get rid of unwanted callers at the early stage of their spamming activity. The challenge in the design of collaborative spam detection system is that OPs are not willing to share certain information about behaviour of their users/customers because of privacy concerns. Ideally, operators agree to share certain aggregated statistical information if collaboration process ensures complete privacy protection of users and their network data. To address this challenge and convince OPs for the collaboration, this paper proposes a decentralized reputation aggregation protocol that enables OPs to take part in a collaboration process without use of a trusted third party centralized system and without developing a predefined trust relationship with other OPs. To this extent, the collaboration among operators is achieved through the exchange of cryptographic reputation scores among OPs thus fully protects relationship network and reputation scores of users even in the presence of colluders. We evaluate the performance of proposed protocol over the simulated data consisting of five collaborators. Experimental results revealed that proposed approach outperforms standalone systems in terms of true positive rate and false positive rate.

Azab, M..  2014.  Multidimensional Diversity Employment for Software Behavior Encryption. New Technologies, Mobility and Security (NTMS), 2014 6th International Conference on. :1-5.

Modern cyber systems and their integration with the infrastructure has a clear effect on the productivity and quality of life immensely. Their involvement in our daily life elevate the need for means to insure their resilience against attacks and failure. One major threat is the software monoculture. Latest research work demonstrated the danger of software monoculture and presented diversity to reduce the attack surface. In this paper, we propose ChameleonSoft, a multidimensional software diversity employment to, in effect, induce spatiotemporal software behavior encryption and a moving target defense. ChameleonSoft introduces a loosely coupled, online programmable software-execution foundation separating logic, state and physical resources. The elastic construction of the foundation enabled ChameleonSoft to define running software as a set of behaviorally-mutated functionally-equivalent code variants. ChameleonSoft intelligently Shuffle, at runtime, these variants while changing their physical location inducing untraceable confusion and diffusion enough to encrypt the execution behavior of the running software. ChameleonSoft is also equipped with an autonomic failure recovery mechanism for enhanced resilience. In order to test the applicability of the proposed approach, we present a prototype of the ChameleonSoft Behavior Encryption (CBE) and recovery mechanisms. Further, using analysis and simulation, we study the performance and security aspects of the proposed system. This study aims to assess the provisioned level of security by measuring the avalanche effect percentage and the induced confusion and diffusion levels to evaluate the strength of the CBE mechanism. Further, we compute the computational cost of security provisioning and enhancing system resilience.

Azab, M..  2014.  Multidimensional Diversity Employment for Software Behavior Encryption. New Technologies, Mobility and Security (NTMS), 2014 6th International Conference on. :1-5.

Modern cyber systems and their integration with the infrastructure has a clear effect on the productivity and quality of life immensely. Their involvement in our daily life elevate the need for means to insure their resilience against attacks and failure. One major threat is the software monoculture. Latest research work demonstrated the danger of software monoculture and presented diversity to reduce the attack surface. In this paper, we propose ChameleonSoft, a multidimensional software diversity employment to, in effect, induce spatiotemporal software behavior encryption and a moving target defense. ChameleonSoft introduces a loosely coupled, online programmable software-execution foundation separating logic, state and physical resources. The elastic construction of the foundation enabled ChameleonSoft to define running software as a set of behaviorally-mutated functionally-equivalent code variants. ChameleonSoft intelligently Shuffle, at runtime, these variants while changing their physical location inducing untraceable confusion and diffusion enough to encrypt the execution behavior of the running software. ChameleonSoft is also equipped with an autonomic failure recovery mechanism for enhanced resilience. In order to test the applicability of the proposed approach, we present a prototype of the ChameleonSoft Behavior Encryption (CBE) and recovery mechanisms. Further, using analysis and simulation, we study the performance and security aspects of the proposed system. This study aims to assess the provisioned level of security by measuring the avalanche effect percentage and the induced confusion and diffusion levels to evaluate the strength of the CBE mechanism. Further, we compute the computational cost of security provisioning and enhancing system resilience.

Azab, M., Fortes, J. A. B..  2017.  Towards Proactive SDN-Controller Attack and Failure Resilience. 2017 International Conference on Computing, Networking and Communications (ICNC). :442–448.

SDN networks rely mainly on a set of software defined modules, running on generic hardware platforms, and managed by a central SDN controller. The tight coupling and lack of isolation between the controller and the underlying host limit the controller resilience against host-based attacks and failures. That controller is a single point of failure and a target for attackers. ``Linux-containers'' is a successful thin virtualization technique that enables encapsulated, host-isolated execution-environments for running applications. In this paper we present PAFR, a controller sandboxing mechanism based on Linux-containers. PAFR enables controller/host isolation, plug-and-play operation, failure-and-attack-resilient execution, and fast recovery. PAFR employs and manages live remote checkpointing and migration between different hosts to evade failures and attacks. Experiments and simulations show that the frequent employment of PAFR's live-migration minimizes the chance of successful attack/failure with limited to no impact on network performance.

Ayub, Md. Ahsan, Smith, Steven, Siraj, Ambareen.  2019.  A Protocol Independent Approach in Network Covert Channel Detection. 2019 IEEE International Conference on Computational Science and Engineering (CSE) and IEEE International Conference on Embedded and Ubiquitous Computing (EUC). :165—170.

Network covert channels are used in various cyberattacks, including disclosure of sensitive information and enabling stealth tunnels for botnet commands. With time and technology, covert channels are becoming more prevalent, complex, and difficult to detect. The current methods for detection are protocol and pattern specific. This requires the investment of significant time and resources into application of various techniques to catch the different types of covert channels. This paper reviews several patterns of network storage covert channels, describes generation of network traffic dataset with covert channels, and proposes a generic, protocol-independent approach for the detection of network storage covert channels using a supervised machine learning technique. The implementation of the proposed generic detection model can lead to a reduction of necessary techniques to prevent covert channel communication in network traffic. The datasets we have generated for experimentation represent storage covert channels in the IP, TCP, and DNS protocols and are available upon request for future research in this area.

Ayub, M. A., Continella, A., Siraj, A..  2020.  An I/O Request Packet (IRP) Driven Effective Ransomware Detection Scheme using Artificial Neural Network. 2020 IEEE 21st International Conference on Information Reuse and Integration for Data Science (IRI). :319–324.
In recent times, there has been a global surge of ransomware attacks targeted at industries of various types and sizes from retail to critical infrastructure. Ransomware researchers are constantly coming across new kinds of ransomware samples every day and discovering novel ransomware families out in the wild. To mitigate this ever-growing menace, academia and industry-based security researchers have been utilizing unique ways to defend against this type of cyber-attacks. I/O Request Packet (IRP), a low-level file system I/O log, is a newly found research paradigm for defense against ransomware that is being explored frequently. As such in this study, to learn granular level, actionable insights of ransomware behavior, we analyze the IRP logs of 272 ransomware samples belonging to 18 different ransomware families captured during individual execution. We further our analysis by building an effective Artificial Neural Network (ANN) structure for successful ransomware detection by learning the underlying patterns of the IRP logs. We evaluate the ANN model with three different experimental settings to prove the effectiveness of our approach. The model demonstrates outstanding performance in terms of accuracy, precision score, recall score, and F1 score, i.e., in the range of 99.7%±0.2%.
Ayoub, Ahmed A., Aagaard, Mark D..  2020.  Application-Specific Instruction Set Architecture for an Ultralight Hardware Security Module. 2020 IEEE International Symposium on Hardware Oriented Security and Trust (HOST). :69–79.
Due to the rapid growth of using Internet of Things (IoT) devices in the daily life, the need to achieve an acceptable level of security and privacy according to the real security risks for these devices is rising. Security risks may include privacy threats like gaining sensitive information from a device, and authentication problems from counterfeit or cloned devices. It becomes more challenging to add strong security features to extremely constrained devices compared to battery operated devices that have more computational and storage capabilities. We propose a novel application specific instruction-set architecture that allows flexibility on many design levels and achieves the required security level for the Electronic Product Code (EPC) passive Radio Frequency Identification (RFID) tag device. Our solution moves a major design effort from hardware to software, which largely reduces the final unit cost. The proposed architecture can be implemented with 4,662 gate equivalent units (GEs) for 65 nm CMOS technology excluding the memory and the cryptographic units. The synthesis results fulfill the requirements of extremely constrained devices and allow the inclusion of cryptographic units into the datapath of the proposed application-specific instruction set processor (ASIP).
Ayotte, Blaine, Banavar, Mahesh K., Hou, Daqing, Schuckers, Stephanie.  2019.  Fast and Accurate Continuous User Authentication by Fusion of Instance-Based, Free-Text Keystroke Dynamics. 2019 International Conference of the Biometrics Special Interest Group (BIOSIG). :1–6.

Keystroke dynamics study the way in which users input text via their keyboards, which is unique to each individual, and can form a component of a behavioral biometric system to improve existing account security. Keystroke dynamics systems on free-text data use n-graphs that measure the timing between consecutive keystrokes to distinguish between users. Many algorithms require 500, 1,000, or more keystrokes to achieve EERs of below 10%. In this paper, we propose an instance-based graph comparison algorithm to reduce the number of keystrokes required to authenticate users. Commonly used features such as monographs and digraphs are investigated. Feature importance is determined and used to construct a fused classifier. Detection error tradeoff (DET) curves are produced with different numbers of keystrokes. The fused classifier outperforms the state-of-the-art with EERs of 7.9%, 5.7%, 3.4%, and 2.7% for test samples of 50, 100, 200, and 500 keystrokes.