Visible to the public Biblio

Found 1544 results

Filters: First Letter Of Last Name is D  [Clear All Filters]
In Press
Ignacio X. Dominguez, Jayant Dhawan, Robert St. Amant, David L. Roberts.  In Press.  Exploring the Effects of Different Text Stimuli on Typing Behavior. International Conference on Cognitive Modeling.

In this work we explore how different cognitive processes af- fected typing patterns through a computer game we call The Typing Game. By manipulating the players’ familiarity with the words in our game through their similarity to dictionary words, and by allowing some players to replay rounds, we found that typing speed improves with familiarity with words, and also with practice, but that these are independent of the number of mistakes that are made when typing. We also found that users who had the opportunity to replay rounds exhibited different typing patterns even before replaying the rounds. 

2020
Gomathi, S., Parmar, Nilesh, Devi, Jyoti, Patel, Namrata.  2020.  Detecting Malware Attack on Cloud using Deep Learning Vector Quantization. 2020 12th International Conference on Computational Intelligence and Communication Networks (CICN). :356—361.

In recent times cloud services are used widely and due to which there are so many attacks on the cloud devices. One of the major attacks is DDos (distributed denial-of-service) -attack which mainly targeted the Memcached which is a caching system developed for speeding the websites and the networks through Memcached's database. The DDoS attack tries to destroy the database by creating a flood of internet traffic at the targeted server end. Attackers send the spoofing applications to the vulnerable UDP Memcached server which even manipulate the legitimate identity of the sender. In this work, we have proposed a vector quantization approach based on a supervised deep learning approach to detect the Memcached attack performed by the use of malicious firmware on different types of Cloud attached devices. This vector quantization approach detects the DDoas attack performed by malicious firmware on the different types of cloud devices and this also classifies the applications which are vulnerable to attack based on cloud-The Hackbeased services. The result computed during the testing shows the 98.2 % as legally positive and 0.034% as falsely negative.

Distler, V., Lallemand, C., Koenig, V..  2020.  Making Encryption Feel Secure: Investigating how Descriptions of Encryption Impact Perceived Security. 2020 IEEE European Symposium on Security and Privacy Workshops (EuroS PW). :220—229.

When communication about security to end users is ineffective, people frequently misinterpret the protection offered by a system. The discrepancy between the security users perceive a system to have and the actual system state can lead to potentially risky behaviors. It is thus crucial to understand how security perceptions are shaped by interface elements such as text-based descriptions of encryption. This article addresses the question of how encryption should be described to non-experts in a way that enhances perceived security. We tested the following within-subject variables in an online experiment (N=309): a) how to best word encryption, b) whether encryption should be described with a focus on the process or outcome, or both c) whether the objective of encryption should be mentioned d) when mentioning the objective of encryption, how to best describe it e) whether a hash should be displayed to the user. We also investigated the role of context (between subjects). The verbs "encrypt" and "secure" performed comparatively well at enhancing perceived security. Overall, participants stated that they felt more secure not knowing about the objective of encryption. When it is necessary to state the objective, positive wording of the objective of encryption worked best. We discuss implications and why using these results to design for perceived lack of security might be of interest as well. This leads us to discuss ethical concerns, and we give guidelines for the design of user interfaces where encryption should be communicated to end users.

Drašar, M., Moskal, S., Yang, S., Zat'ko, P..  2020.  Session-level Adversary Intent-Driven Cyberattack Simulator. 2020 IEEE/ACM 24th International Symposium on Distributed Simulation and Real Time Applications (DS-RT). :1—9.

Recognizing the need for proactive analysis of cyber adversary behavior, this paper presents a new event-driven simulation model and implementation to reveal the efforts needed by attackers who have various entry points into a network. Unlike previous models which focus on the impact of attackers' actions on the defender's infrastructure, this work focuses on the attackers' strategies and actions. By operating on a request-response session level, our model provides an abstraction of how the network infrastructure reacts to access credentials the adversary might have obtained through a variety of strategies. We present the current capabilities of the simulator by showing three variants of Bronze Butler APT on a network with different user access levels.

Hayes, J. Huffman, Payne, J., Essex, E., Cole, K., Alverson, J., Dekhtyar, A., Fang, D., Bernosky, G..  2020.  Towards Improved Network Security Requirements and Policy: Domain-Specific Completeness Analysis via Topic Modeling. 2020 IEEE Seventh International Workshop on Artificial Intelligence for Requirements Engineering (AIRE). :83—86.

Network security policies contain requirements - including system and software features as well as expected and desired actions of human actors. In this paper, we present a framework for evaluation of textual network security policies as requirements documents to identify areas for improvement. Specifically, our framework concentrates on completeness. We use topic modeling coupled with expert evaluation to learn the complete list of important topics that should be addressed in a network security policy. Using these topics as a checklist, we evaluate (students) a collection of network security policies for completeness, i.e., the level of presence of these topics in the text. We developed three methods for topic recognition to identify missing or poorly addressed topics. We examine network security policies and report the results of our analysis: preliminary success of our approach.

Camenisch, Jan, Drijvers, Manu, Lehmann, Anja, Neven, Gregory, Towa, Patrick.  2020.  Zone Encryption with Anonymous Authentication for V2V Communication. 2020 IEEE European Symposium on Security and Privacy (EuroS P). :405—424.

Vehicle-to-vehicle (V2V) communication systems are currently being prepared for real-world deployment, but they face strong opposition over privacy concerns. Position beacon messages are the main culprit, being broadcast in cleartext and pseudonymously signed up to 10 times per second. So far, no practical solutions have been proposed to encrypt or anonymously authenticate V2V messages. We propose two cryptographic innovations that enhance the privacy of V2V communication. As a core contribution, we introduce zone-encryption schemes, where vehicles generate and authentically distribute encryption keys associated to static geographic zones close to their location. Zone encryption provides security against eavesdropping, and, combined with a suitable anonymous authentication scheme, ensures that messages can only be sent by genuine vehicles, while adding only 224 Bytes of cryptographic overhead to each message. Our second contribution is an authentication mechanism fine-tuned to the needs of V2V which allows vehicles to authentically distribute keys, and is called dynamic group signatures with attributes. Our instantiation features unlimited locally generated pseudonyms, negligible credential download-and-storage costs, identity recovery by a trusted authority, and compact signatures of 216 Bytes at a 128-bit security level.

Kostromitin, K. I., Dokuchaev, B. N., Kozlov, D. A..  2020.  Analysis of the Most Common Software and Hardware Vulnerabilities in Microprocessor Systems. 2020 International Russian Automation Conference (RusAutoCon). :1031—1036.

The relevance of data protection is related to the intensive informatization of various aspects of society and the need to prevent unauthorized access to them. World spending on ensuring information security (IS) for the current state: expenses in the field of IS today amount to \$81.7 billion. Expenditure forecast by 2020: about \$105 billion [1]. Information protection of military facilities is the most critical in the public sector, in the non-state - financial organizations is one of the leaders in spending on information protection. An example of the importance of IS research is the Trojan encoder WannaCry, which infected hundreds of thousands of computers around the world, attacks are recorded in more than 116 countries. The attack of the encoder of WannaCry (Wana Decryptor) happens through a vulnerability in service Server Message Block (protocol of network access to file systems) of Windows OS. Then, a rootkit (a set of malware) was installed on the infected system, using which the attackers launched an encryption program. Then each vulnerable computer could become infected with another infected device within one local network. Due to these attacks, about \$70,000 was lost (according to data from 18.05.2017) [2]. It is assumed in the presented work, that the software level of information protection is fundamentally insufficient to ensure the stable functioning of critical objects. This is due to the possible hardware implementation of undocumented instructions, discussed later. The complexity of computing systems and the degree of integration of their components are constantly growing. Therefore, monitoring the operation of the computer hardware is necessary to achieve the maximum degree of protection, in particular, data processing methods.

Dodson, Michael, Beresford, Alastair R., Richardson, Alexander, Clarke, Jessica, Watson, Robert N. M..  2020.  CHERI Macaroons: Efficient, host-based access control for cyber-physical systems. 2020 IEEE European Symposium on Security and Privacy Workshops (EuroS PW). :688–693.
Cyber-Physical Systems (CPS) often rely on network boundary defence as a primary means of access control; therefore, the compromise of one device threatens the security of all devices within the boundary. Resource and real-time constraints, tight hardware/software coupling, and decades-long service lifetimes complicate efforts for more robust, host-based access control mechanisms. Distributed capability systems provide opportunities for restoring access control to resource-owning devices; however, such a protection model requires a capability-based architecture for CPS devices as well as task compartmentalisation to be effective.This paper demonstrates hardware enforcement of network bearer tokens using an efficient translation between CHERI (Capability Hardware Enhanced RISC Instructions) architectural capabilities and Macaroon network tokens. While this method appears to generalise to any network-based access control problem, we specifically consider CPS, as our method is well-suited for controlling resources in the physical domain. We demonstrate the method in a distributed robotics application and in a hierarchical industrial control application, and discuss our plans to evaluate and extend the method.
Himthani, P., Dubey, G. P., Sharma, B. M., Taneja, A..  2020.  Big Data Privacy and Challenges for Machine Learning. 2020 Fourth International Conference on I-SMAC (IoT in Social, Mobile, Analytics and Cloud) (I-SMAC). :707—713.

The field of Big Data is expanding at an alarming rate since its inception in 2012. The excessive use of Social Networking Sites, collection of Data from Sensors for analysis and prediction of future events, improvement in Customer Satisfaction on Online S hopping portals by monitoring their past behavior and providing them information, items and offers of their interest instantaneously, etc had led to this rise in the field of Big Data. This huge amount of data, if analyzed and processed properly, can lead to decisions and outcomes that would be of great values and benefits to organizations and individuals. Security of Data and Privacy of User is of keen interest and high importance for individuals, industry and academia. Everyone ensure that their Sensitive information must be kept away from unauthorized access and their assets must be kept safe from security breaches. Privacy and Security are also equally important for Big Data and here, it is typical and complex to ensure the Privacy and Security, as the amount of data is enormous. One possible option to effectively and efficiently handle, process and analyze the Big Data is to make use of Machine Learning techniques. Machine Learning techniques are straightforward; applying them on Big Data requires resolution of various issues and is a challenging task, as the size of Data is too big. This paper provides a brief introduction to Big Data, the importance of Security and Privacy in Big Data and the various challenges that are required to overcome for applying the Machine Learning techniques on Big Data.

Đuranec, A., Gruičić, S., Žagar, M..  2020.  Forensic analysis of Windows 10 Sandbox. 2020 43rd International Convention on Information, Communication and Electronic Technology (MIPRO). :1224—1229.

With each Windows operating system Microsoft introduces new features to its users. Newly added features present a challenge to digital forensics examiners as they are not analyzed or tested enough. One of the latest features, introduced in Windows 10 version 1909 is Windows Sandbox; a lightweight, temporary, environment for running untrusted applications. Because of the temporary nature of the Sandbox and insufficient documentation, digital forensic examiners are facing new challenges when examining this newly added feature which can be used to hide different illegal activities. Throughout this paper, the focus will be on analyzing different Windows artifacts and event logs, with various tools, left behind as a result of the user interaction with the Sandbox feature on a clear virtual environment. Additionally, the setup of testing environment will be explained, the results of testing and interpretation of the findings will be presented, as well as open-source tools used for the analysis.

Bulle, Bruno B., Santin, Altair O., Viegas, Eduardo K., dos Santos, Roger R..  2020.  A Host-based Intrusion Detection Model Based on OS Diversity for SCADA. IECON 2020 The 46th Annual Conference of the IEEE Industrial Electronics Society. :691—696.

Supervisory Control and Data Acquisition (SCADA) systems have been a frequent target of cyberattacks in Industrial Control Systems (ICS). As such systems are a frequent target of highly motivated attackers, researchers often resort to intrusion detection through machine learning techniques to detect new kinds of threats. However, current research initiatives, in general, pursue higher detection accuracies, neglecting the detection of new kind of threats and their proposal detection scope. This paper proposes a novel, reliable host-based intrusion detection for SCADA systems through the Operating System (OS) diversity. Our proposal evaluates, at the OS level, the SCADA communication over time and, opportunistically, detects, and chooses the most appropriate OS to be used in intrusion detection for reliability purposes. Experiments, performed through a variety of SCADA OSs front-end, shows that OS diversity provides higher intrusion detection scope, improving detection accuracy by up to 8 new attack categories. Besides, our proposal can opportunistically detect the most reliable OS that should be used for the current environment behavior, improving by up to 8%, on average, the system accuracy when compared to a single OS approach, in the best case.

Fei, Wanghao, Moses, Paul, Davis, Chad.  2020.  Identification of Smart Grid Attacks via State Vector Estimator and Support Vector Machine Methods. 2020 Intermountain Engineering, Technology and Computing (IETC). :1—6.

In recent times, an increasing amount of intelligent electronic devices (IEDs) are being deployed to make power systems more reliable and economical. While these technologies are necessary for realizing a cyber-physical infrastructure for future smart power grids, they also introduce new vulnerabilities in the grid to different cyber-attacks. Traditional methods such as state vector estimation (SVE) are not capable of identifying cyber-attacks while the geometric information is also injected as an attack vector. In this paper, a machine learning based smart grid attack identification method is proposed. The proposed method is carried out by first collecting smart grid power flow data for machine learning training purposes which is later used to classify the attacks. The performance of both the proposed SVM method and the traditional SVE method are validated on IEEE 14, 30, 39, 57 and 118 bus systems, and the performance regarding the scale of the power system is evaluated. The results show that the SVM-based method performs better than the SVE-based in attack identification over a much wider scale of power systems.

Chalkiadakis, Nikolaos, Deyannis, Dimitris, Karnikis, Dimitris, Vasiliadis, Giorgos, Ioannidis, Sotiris.  2020.  The Million Dollar Handshake: Secure and Attested Communications in the Cloud. 2020 IEEE 13th International Conference on Cloud Computing (CLOUD). :63—70.

The number of applications and services that are hosted on cloud platforms is constantly increasing. Nowadays, more and more applications are hosted as services on cloud platforms, co-existing with other services in a mutually untrusted environment. Facilities such as virtual machines, containers and encrypted communication channels aim to offer isolation between the various applications and protect sensitive user data. However, such techniques are not always able to provide a secure execution environment for sensitive applications nor they offer guarantees that data are not monitored by an honest but curious provider once they reach the cloud infrastructure. The recent advancements of trusted execution environments within commodity processors, such as Intel SGX, provide a secure reverse sandbox, where code and data are isolated even from the underlying operating system. Moreover, Intel SGX provides a remote attestation mechanism, allowing the communicating parties to verify their identity as well as prove that code is executed on hardware-assisted software enclaves. Many approaches try to ensure code and data integrity, as well as enforce channel encryption schemes such as TLS, however, these techniques are not enough to achieve complete isolation and secure communications without hardware assistance or are not efficient in terms of performance. In this work, we design and implement a practical attestation system that allows the service provider to offer a seamless attestation service between the hosted applications and the end clients. Furthermore, we implement a novel caching system that is capable to eliminate the latencies introduced by the remote attestation process. Our approach allows the parties to attest one another before each communication attempt, with improved performance when compared to a standard TLS handshake.

Wang, W., Zhang, X., Dong, L., Fan, Y., Diao, X., Xu, T..  2020.  Network Attack Detection based on Domain Attack Behavior Analysis. 2020 13th International Congress on Image and Signal Processing, BioMedical Engineering and Informatics (CISP-BMEI). :962—965.

Network security has become an important issue in our work and life. Hackers' attack mode has been upgraded from normal attack to APT( Advanced Persistent Threat, APT) attack. The key of APT attack chain is the penetration and intrusion of active directory, which can not be completely detected via the traditional IDS and antivirus software. Further more, lack of security protection of existing solutions for domain control aggravates this problem. Although researchers have proposed methods for domain attack detection, many of them have not yet been converted into effective market-oriented products. In this paper, we analyzes the common domain intrusion methods, various domain related attack behavior characteristics were extracted from ATT&CK matrix (Advanced tactics, techniques, and common knowledge) for analysis and simulation test. Based on analyzing the log file generated by the attack, the domain attack detection rules are established and input into the analysis engine. Finally, the available domain intrusion detection system is designed and implemented. Experimental results show that the network attack detection method based on the analysis of domain attack behavior can analyze the log file in real time and effectively detect the malicious intrusion behavior of hackers , which could facilitate managers find and eliminate network security threats immediately.

Maklachkova, V. V., Dokuchaev, V. A., Statev, V. Y..  2020.  Risks Identification in the Exploitation of a Geographically Distributed Cloud Infrastructure for Storing Personal Data. 2020 International Conference on Engineering Management of Communication and Technology (EMCTECH). :1—6.

Throughout the life cycle of any technical project, the enterprise needs to assess the risks associated with its development, commissioning, operation and decommissioning. This article defines the task of researching risks in relation to the operation of a data storage subsystem in the cloud infrastructure of a geographically distributed company and the tools that are required for this. Analysts point out that, compared to 2018, in 2019 there were 3.5 times more cases of confidential information leaks from storages on unprotected (freely accessible due to incorrect configuration) servers in cloud services. The total number of compromised personal data and payment information records increased 5.4 times compared to 2018 and amounted to more than 8.35 billion records. Moreover, the share of leaks of payment information has decreased, but the percentage of leaks of personal data has grown and accounts for almost 90% of all leaks from cloud storage. On average, each unsecured service identified resulted in 33.7 million personal data records being leaked. Leaks are mainly related to misconfiguration of services and stored resources, as well as human factors. These impacts can be minimized by improving the skills of cloud storage administrators and regularly auditing storage. Despite its seeming insecurity, the cloud is a reliable way of storing data. At the same time, leaks are still occurring. According to Kaspersky Lab, every tenth (11%) data leak from the cloud became possible due to the actions of the provider, while a third of all cyber incidents in the cloud (31% in Russia and 33% in the world) were due to gullibility company employees caught up in social engineering techniques. Minimizing the risks associated with the storage of personal data is one of the main tasks when operating a company's cloud infrastructure.

Feng, Liu, Jie, Yang, Deli, Kong, Jiayin, Qi.  2020.  A Secure Multi-party Computation Protocol Combines Pederson Commitment with Schnorr Signature for Blockchain. 2020 IEEE 20th International Conference on Communication Technology (ICCT). :57—63.

Blockchain is being pursued by a growing number of people with its characteristics of openness, transparency, and decentralization. At the same time, how to secure privacy protection in such an open and transparent ledger is an urgent issue to be solved for deep study. Therefore, this paper proposes a protocol based on Secure multi-party computation, which can merge and sign different transaction messages under the anonymous condition by using Pedersen commitment and Schnorr Signature. Through the rationality proof and security analysis, this paper demonstrates the private transaction is safe under the semi-honest model. And its computational cost is less than the equivalent multi-signature model. The research has made some innovative contributions to the privacy computing theory.

Doğu, S., Alidoustaghdam, H., Dilman, İ, Akıncı, M. N..  2020.  The Capability of Truncated Singular Value Decomposition Method for Through the Wall Microwave Imaging. 2020 IEEE Microwave Theory and Techniques in Wireless Communications (MTTW). 1:76–81.
In this study, a truncated singular value decomposition (TSVD) based computationally efficient through the wall imaging (TWI) is addressed. Mainly, two different scenarios with identical and non-identical multiple scatterers behind the wall have been considered. The scattered data are processed with special scheme in order to improve quality of the results and measurements are performed at four different frequencies. Next, effects of selecting truncation threshold in TSVD methods are analyzed and a detailed quantitative comparison is provided to demonstrate capabilities of these TSVD methods over selection of truncation threshold.
Danilova, A., Naiakshina, A., Smith, M..  2020.  One Size Does Not Fit All: A Grounded Theory and Online Survey Study of Developer Preferences for Security Warning Types. 2020 IEEE/ACM 42nd International Conference on Software Engineering (ICSE). :136–148.
A wide range of tools exist to assist developers in creating secure software. Many of these tools, such as static analysis engines or security checkers included in compilers, use warnings to communicate security issues to developers. The effectiveness of these tools relies on developers heeding these warnings, and there are many ways in which these warnings could be displayed. Johnson et al. [46] conducted qualitative research and found that warning presentation and integration are main issues. We built on Johnson et al.'s work and examined what developers want from security warnings, including what form they should take and how they should integrate into their workflow and work context. To this end, we conducted a Grounded Theory study with 14 professional software developers and 12 computer science students as well as a focus group with 7 academic researchers to gather qualitative insights. To back up the theory developed from the qualitative research, we ran a quantitative survey with 50 professional software developers. Our results show that there is significant heterogeneity amongst developers and that no one warning type is preferred over all others. The context in which the warnings are shown is also highly relevant, indicating that it is likely to be beneficial if IDEs and other development tools become more flexible in their warning interactions with developers. Based on our findings, we provide concrete recommendations for both future research as well as how IDEs and other security tools can improve their interaction with developers.
Chekashev, A., Demianiuk, V., Kogan, K..  2020.  Poster: Novel Opportunities in Design of Efficient Deep Packet Inspection Engines. 2020 IEEE 28th International Conference on Network Protocols (ICNP). :1–2.
Deep Packet Inspection (DPI) is an essential building block implementing various services on data plane [5]. Usually, DPI engines are centered around efficient implementation of regular expressions both from the required memory and lookup time perspectives. In this paper, we explore and generalize original approaches used for packet classifiers [7] to regular expressions. Our preliminary results establish a promising direction for the efficient implementation of DPI engines.
Drakopoulos, G., Giotopoulos, K., Giannoukou, I., Sioutas, S..  2020.  Unsupervised Discovery Of Semantically Aware Communities With Tensor Kruskal Decomposition: A Case Study In Twitter. 2020 15th International Workshop on Semantic and Social Media Adaptation and Personalization (SMA. :1–8.
Substantial empirical evidence, including the success of synthetic graph generation models as well as of analytical methodologies, suggests that large, real graphs have a recursive community structure. The latter results, in part at least, in other important properties of these graphs such as low diameter, high clustering coefficient values, heavy degree distribution tail, and clustered graph spectrum. Notice that this structure need not be official or moderated like Facebook groups, but it can also take an ad hoc and unofficial form depending on the functionality of the social network under study as for instance the follow relationship on Twitter or the connections between news aggregators on Reddit. Community discovery is paramount in numerous applications such as political campaigns, digital marketing, crowdfunding, and fact checking. Here a tensor representation for Twitter subgraphs is proposed which takes into consideration both the followfollower relationships but also the coherency in hashtags. Community structure discovery then reduces to the computation of Tucker tensor decomposition, a higher order counterpart of the well-known unsupervised learning method of singular value decomposition (SVD). Tucker decomposition clearly outperforms the SVD in terms of finding a more compact community size distribution in experiments done in Julia on a Twitter subgraph. This can be attributed to the facts that the proposed methodology combines both structural and functional Twitter elements and that hashtags carry an increased semantic weight in comparison to ordinary tweets.
Ashiku, L., Dagli, C..  2020.  Agent Based Cybersecurity Model for Business Entity Risk Assessment. 2020 IEEE International Symposium on Systems Engineering (ISSE). :1—6.

Computer networks and surging advancements of innovative information technology construct a critical infrastructure for network transactions of business entities. Information exchange and data access though such infrastructure is scrutinized by adversaries for vulnerabilities that lead to cyber-attacks. This paper presents an agent-based system modelling to conceptualize and extract explicit and latent structure of the complex enterprise systems as well as human interactions within the system to determine common vulnerabilities of the entity. The model captures emergent behavior resulting from interactions of multiple network agents including the number of workstations, regular, administrator and third-party users, external and internal attacks, defense mechanisms for the network setting, and many other parameters. A risk-based approach to modelling cybersecurity of a business entity is utilized to derive the rate of attacks. A neural network model will generalize the type of attack based on network traffic features allowing dynamic state changes. Rules of engagement to generate self-organizing behavior will be leveraged to appoint a defense mechanism suitable for the attack-state of the model. The effectiveness of the model will be depicted by time-state chart that shows the number of affected assets for the different types of attacks triggered by the entity risk and the time it takes to revert into normal state. The model will also associate a relevant cost per incident occurrence that derives the need for enhancement of security solutions.

Bhattacharya, A., Ramachandran, T., Banik, S., Dowling, C. P., Bopardikar, S. D..  2020.  Automated Adversary Emulation for Cyber-Physical Systems via Reinforcement Learning. 2020 IEEE International Conference on Intelligence and Security Informatics (ISI). :1—6.

Adversary emulation is an offensive exercise that provides a comprehensive assessment of a system’s resilience against cyber attacks. However, adversary emulation is typically a manual process, making it costly and hard to deploy in cyber-physical systems (CPS) with complex dynamics, vulnerabilities, and operational uncertainties. In this paper, we develop an automated, domain-aware approach to adversary emulation for CPS. We formulate a Markov Decision Process (MDP) model to determine an optimal attack sequence over a hybrid attack graph with cyber (discrete) and physical (continuous) components and related physical dynamics. We apply model-based and model-free reinforcement learning (RL) methods to solve the discrete-continuous MDP in a tractable fashion. As a baseline, we also develop a greedy attack algorithm and compare it with the RL procedures. We summarize our findings through a numerical study on sensor deception attacks in buildings to compare the performance and solution quality of the proposed algorithms.

Vishwakarma, L., Das, D..  2020.  BSS: Blockchain Enabled Security System for Internet of Things Applications. 2020 IEEE 19th International Symposium on Network Computing and Applications (NCA). :1—4.

In the Internet of Things (IoT), devices can interconnect and communicate autonomously, which requires devices to authenticate each other to exchange meaningful information. Otherwise, these things become vulnerable to various attacks. The conventional security protocols are not suitable for IoT applications due to the high computation and storage demand. Therefore, we proposed a blockchain-enabled secure storage and communication scheme for IoT applications, called BSS. The scheme ensures identification, authentication, and data integrity. Our scheme uses the security advantages of blockchain and helps to create safe zones (trust batch) where authenticated objects interconnect securely and do communication. A secure and robust trust mechanism is employed to build these batches, where each device has to authenticate itself before joining the trust batch. The obtained results satisfy the IoT security requirements with 60% reduced computation, storage and communication cost compared with state-of-the-art schemes. BSS also withstands various cyberattacks such as impersonation, message replay, man-in-the-middle, and botnet attacks.

Moslemi, Ramin, Davoodi, Mohammadreza, Velni, Javad Mohammadpour.  2020.  A Distributed Approach for Estimation of Information Matrix in Smart Grids and its Application for Anomaly Detection. 2020 IEEE International Conference on Communications, Control, and Computing Technologies for Smart Grids (SmartGridComm). :1—7.

Statistical structure learning (SSL)-based approaches have been employed in the recent years to detect different types of anomalies in a variety of cyber-physical systems (CPS). Although these approaches outperform conventional methods in the literature, their computational complexity, need for large number of measurements and centralized computations have limited their applicability to large-scale networks. In this work, we propose a distributed, multi-agent maximum likelihood (ML) approach to detect anomalies in smart grid applications aiming at reducing computational complexity, as well as preserving data privacy among different players in the network. The proposed multi-agent detector breaks the original ML problem into several local (smaller) ML optimization problems coupled by the alternating direction method of multipliers (ADMM). Then, these local ML problems are solved by their corresponding agents, eventually resulting in the construction of the global solution (network's information matrix). The numerical results obtained from two IEEE test (power transmission) systems confirm the accuracy and efficiency of the proposed approach for anomaly detection.

Damis, H. A., Shehada, D., Fachkha, C., Gawanmeh, A., Al-Karaki, J. N..  2020.  A Microservices Architecture for ADS-B Data Security Using Blockchain. 2020 3rd International Conference on Signal Processing and Information Security (ICSPIS). :1—4.

The use of Automatic Dependent Surveillance - Broadcast (ADS-B) for aircraft tracking and flight management operations is widely used today. However, ADS-B is prone to several cyber-security threats due to the lack of data authentication and encryption. Recently, Blockchain has emerged as new paradigm that can provide promising solutions in decentralized systems. Furthermore, software containers and Microservices facilitate the scaling of Blockchain implementations within cloud computing environment. When fused together, these technologies could help improve Air Traffic Control (ATC) processing of ADS-B data. In this paper, a Blockchain implementation within a Microservices framework for ADS-B data verification is proposed. The aim of this work is to enable data feeds coming from third-party receivers to be processed and correlated with that of the ATC ground station receivers. The proposed framework could mitigate ADS- B security issues of message spoofing and anomalous traffic data. and hence minimize the cost of ATC infrastructure by throughout third-party support.