Visible to the public Biblio

Found 1024 results

Filters: First Letter Of Last Name is K  [Clear All Filters]
A B C D E F G H I J [K] L M N O P Q R S T U V W X Y Z   [Show ALL]
K M, Akshobhya.  2021.  Machine learning for anonymous traffic detection and classification. 2021 11th International Conference on Cloud Computing, Data Science Engineering (Confluence). :942—947.
Anonymity is one of the biggest concerns in web security and traffic management. Though web users are concerned about privacy and security various methods are being adopted in making the web more vulnerable. Browsing the web anonymously not only threatens the integrity but also questions the motive of such activity. It is important to classify the network traffic and prevent source and destination from hiding with each other unless it is for benign activity. The paper proposes various methods to classify the dark web at different levels or hierarchies. Various preprocessing techniques are proposed for feature selection and dimensionality reduction. Anon17 dataset is used for training and testing the model. Three levels of classification are proposed in the paper based on the network, traffic type, and application.
K, S., Devi, K. Suganya, Srinivasan, P., Dheepa, T., Arpita, B., singh, L. Dolendro.  2020.  Joint Correlated Compressive Sensing based on Predictive Data Recovery in WSNs. 2020 International Conference on Emerging Trends in Information Technology and Engineering (ic-ETITE). :1–5.
Data sampling is critical process for energy constrained Wireless Sensor Networks. In this article, we proposed a Predictive Data Recovery Compressive Sensing (PDR-CS) procedure for data sampling. PDR-CS samples data measurements from the monitoring field on the basis of spatial and temporal correlation and sparse measurements recovered at the Sink. Our proposed algorithm, PDR-CS extends the iterative re-weighted -ℓ1(IRW - ℓ1) minimization and regularization on the top of Spatio-temporal compressibility for enhancing accuracy of signal recovery and reducing the energy consumption. The simulation study shows that from the less number of samples are enough to recover the signal. And also compared with the other compressive sensing procedures, PDR-CS works with less time.
K, S. K., Sahoo, S., Mahapatra, A., Swain, A. K., Mahapatra, K. K..  2017.  Analysis of Side-Channel Attack AES Hardware Trojan Benchmarks against Countermeasures. 2017 IEEE Computer Society Annual Symposium on VLSI (ISVLSI). :574–579.

Hardware Trojan (HT) is one of the well known hardware security issue in research community in last one decade. HT research is mainly focused on HT detection, HT defense and designing novel HT's. HT's are inserted by an adversary for leaking secret data, denial of service attacks etc. Trojan benchmark circuits for processors, cryptography and communication protocols from Trust-hub are widely used in HT research. And power analysis based side channel attacks and designing countermeasures against side channel attacks is a well established research area. Trust-Hub provides a power based side-channel attack promoting Advanced Encryption Standard (AES) HT benchmarks for research. In this work, we analyze the strength of AES HT benchmarks in the presence well known side-channel attack countermeasures. Masking, Random delay insertion and tweaking the operating frequency of clock used in sensitive operations are applied on AES benchmarks. Simulation and power profiling studies confirm that side-channel promoting HT benchmarks are resilient against these selected countermeasures and even in the presence of these countermeasures; an adversary can get the sensitive data by triggering the HT.

K. Alnaami, G. Ayoade, A. Siddiqui, N. Ruozzi, L. Khan, B. Thuraisingham.  2015.  "P2V: Effective Website Fingerprinting Using Vector Space Representations". 2015 IEEE Symposium Series on Computational Intelligence. :59-66.

Language vector space models (VSMs) have recently proven to be effective across a variety of tasks. In VSMs, each word in a corpus is represented as a real-valued vector. These vectors can be used as features in many applications in machine learning and natural language processing. In this paper, we study the effect of vector space representations in cyber security. In particular, we consider a passive traffic analysis attack (Website Fingerprinting) that threatens users' navigation privacy on the web. By using anonymous communication, Internet users (such as online activists) may wish to hide the destination of web pages they access for different reasons such as avoiding tyrant governments. Traditional website fingerprinting studies collect packets from the users' network and extract features that are used by machine learning techniques to reveal the destination of certain web pages. In this work, we propose the packet to vector (P2V) approach where we model website fingerprinting attack using word vector representations. We show how the suggested model outperforms previous website fingerprinting works.

K. Cavalleri, B. Brinkman.  2015.  "Water treatment in context: resources and African religion". 2015 Systems and Information Engineering Design Symposium. :19-23.

Drinking water availability is a crucial problem that must be addressed in order to improve the quality of life of individuals living developing nations. Improving water supply availability is important for public health, as it is the third highest risk factor for poor health in developing nations with high mortality rates. This project researched drinking water filtration for areas of Sub-Saharan Africa near existing bodies of water, where the populations are completely reliant on collecting from surface water sources: the most contaminated water source type. Water filtration methods that can be completely created by the consumer would alleviate aid organization dependence in developing nations, put the consumers in control, and improve public health. Filtration processes pass water through a medium that will catch contaminants through physical entrapment or absorption and thus yield a cleaner effluent. When exploring different materials for filtration, removal of contaminants and hydraulic conductivity are the two most important components. Not only does the method have to treat the water, but also it has to do so in a timeframe that is quick enough to produce potable water at a rate that keeps up with everyday needs. Cement is easily accessible in Sub- Saharan regions. Most concrete mixtures are not meant to be pervious, as it is a construction material used for its compressive strength, however, reduced water content in a cement mixture gives it higher permeability. Several different concrete samples of varying thicknesses and water concentrations were created. Bacterial count tests were performed on both pre-filtered and filtered water samples. Concrete filtration does remove bacteria from drinking water, however, the method can still be improved upon.

K. F. Hong, C. C. Chen, Y. T. Chiu, K. S. Chou.  2015.  "Ctracer: Uncover C amp;amp;C in Advanced Persistent Threats Based on Scalable Framework for Enterprise Log Data". 2015 IEEE International Congress on Big Data. :551-558.

Advanced Persistent Threat (APT), unlike traditional hacking attempts, carries out specific attacks on a specific target to illegally collect information and data from it. These targeted attacks use special-crafted malware and infrequent activity to avoid detection, so that hackers can retain control over target systems unnoticed for long periods of time. In order to detect these stealthy activities, a large-volume of traffic data generated in a period of time has to be analyzed. We proposed a scalable solution, Ctracer to detect stealthy command and control channel in a large-volume of traffic data. APT uses multiple command and control (C&C) channel and change them frequently to avoid detection, but there are common signatures in those C&C sessions. By identifying common network signature, Ctracer is able to group the C&C sessions. Therefore, we can detect an APT and all the C&C session used in an APT attack. The Ctracer is evaluated in a large enterprise for four months, twenty C&C servers, three APT attacks are reported. After investigated by the enterprise's Security Operations Center (SOC), the forensic report shows that there is specific enterprise targeted APT cases and not ever discovered for over 120 days.

K. F. Hong, C. C. Chen, Y. T. Chiu, K. S. Chou.  2015.  "Scalable command and control detection in log data through UF-ICF analysis". 2015 International Carnahan Conference on Security Technology (ICCST). :293-298.

During an advanced persistent threat (APT), an attacker group usually establish more than one C&C server and these C&C servers will change their domain names and corresponding IP addresses over time to be unseen by anti-virus software or intrusion prevention systems. For this reason, discovering and catching C&C sites becomes a big challenge in information security. Based on our observations and deductions, a malware tends to contain a fixed user agent string, and the connection behaviors generated by a malware is different from that by a benign service or a normal user. This paper proposed a new method comprising filtering and clustering methods to detect C&C servers with a relatively higher coverage rate. The experiments revealed that the proposed method can successfully detect C&C Servers, and the can provide an important clue for detecting APT.

K. Liu, M. Li, X. Li.  2015.  "Hiding Media Data via Shaders: Enabling Private Sharing in the Clouds". 2015 IEEE 8th International Conference on Cloud Computing. :122-129.

In the era of Cloud and Social Networks, mobile devices exhibit much more powerful abilities for big media data storage and sharing. However, many users are still reluctant to share/store their data via clouds due to the potential leakage of confidential or private information. Although some cloud services provide storage encryption and access protection, privacy risks are still high since the protection is not always adequately conducted from end-to-end. Most customers are aware of the danger of letting data control out of their hands, e.g., Storing them to YouTube, Flickr, Facebook, Google+. Because of substantial practical and business needs, existing cloud services are restricted to the desired formats, e.g., Video and photo, without allowing arbitrary encrypted data. In this paper, we propose a format-compliant end-to-end privacy-preserving scheme for media sharing/storage issues with considerations for big data, clouds, and mobility. To realize efficient encryption for big media data, we jointly achieve format-compliant, compression-independent and correlation-preserving via multi-channel chained solutions under the guideline of Markov cipher. The encryption and decryption process is integrated into an image/video filter via GPU Shader for display-to-display full encryption. The proposed scheme makes big media data sharing/storage safer and easier in the clouds.

K. Mpalane, H. D. Tsague, N. Gasela, B. M. Esiefarienrhe.  2015.  "Bit-Level Differential Power Analysis Attack on Implementations of Advanced Encryption Standard Software Running Inside a PIC18F2420 Microcontroller". 2015 International Conference on Computational Science and Computational Intelligence (CSCI). :42-46.

Small embedded devices such as microcontrollers have been widely used for identification, authentication, securing and storing confidential information. In all these applications, the security and privacy of the microcontrollers are of crucial importance. To provide strong security to protect data, these devices depend on cryptographic algorithms to ensure confidentiality and integrity of data. Moreover, many algorithms have been proposed, with each one having its strength and weaknesses. This paper presents a Differential Power Analysis(DPA) attack on hardware implementations of Advanced Encryption Standard(AES) running inside a PIC18F2420 microcontroller.

K. Naruka, O. P. Sahu.  2015.  "An improved speech enhancement approach based on combination of compressed sensing and Kalman filter". 2015 IEEE International Conference on Computational Intelligence and Computing Research (ICCIC). :1-5.

This paper reviews some existing Speech Enhancement techniques and also proposes a new method for enhancing the speech by combining Compressed Sensing and Kalman filter approaches. This approach is based on reconstruction of noisy speech signal using Compressive Sampling Matching Pursuit (CoSaMP) algorithm and further enhanced by Kalman filter. The performance of the proposed method is evaluated and compared with that of the existing techniques in terms of intelligibility and quality measure parameters of speech. The proposed algorithm shows an improved performance compared to Spectral Subtraction, MMSE, Wiener filter, Signal Subspace, Kalman filter in terms of WSS, LLR, SegSNR, SNRloss, PESQ and overall quality.

K. P. B. Anushka, Chamantha, A. P. Karunaweera, P. R. Priyashantha, H. D. R. Wickramasinghe, W. A. V. M. G. Wijethunge.  2015.  "Case study on exploitation, detection and prevention of user account DoS through Advanced Persistent Threats". 2015 Fifteenth International Conference on Advances in ICT for Emerging Regions (ICTer). :190-194.

Security analysts implement various security mechanisms to protect systems from attackers. Even though these mechanisms try to secure systems, a talented attacker may use these same techniques to launch a sophisticated attack. This paper discuss about such an attack called as user account Denial of Service (DoS) where an attacker uses user account lockout features of the application to lockout all user accounts causing an enterprise wide DoS. The attack has being simulated usingastealthy attack mechanism called as Advanced Persistent Threats (APT) using a XMPP based botnet. Through the simulation, researchers discuss about the patterns associated with the attack which can be used to detect the attack in real time and how the attack can be prevented from the perspective of developers, system engineers and security analysts.

K. Pawar, M. Patil.  2015.  "Pattern classification under attack on spam filtering". 2015 IEEE International Conference on Research in Computational Intelligence and Communication Networks (ICRCICN). :197-201.

Spam Filtering is an adversary application in which data can be purposely employed by humans to attenuate their operation. Statistical spam filters are manifest to be vulnerable to adversarial attacks. To evaluate security issues related to spam filtering numerous machine learning systems are used. For adversary applications some Pattern classification systems are ordinarily used, since these systems are based on classical theory and design approaches do not take into account adversarial settings. Pattern classification system display vulnerabilities (i.e. a weakness that grants an attacker to reduce assurance on system's information) to several potential attacks, allowing adversaries to attenuate their effectiveness. In this paper, security evaluation of spam email using pattern classifier during an attack is addressed which degrade the performance of the system. Additionally a model of the adversary is used that allows defining spam attack scenario.

K. R. Kashwan, K. A. Dattathreya.  2015.  "Improved serial 2D-DWT processor for advanced encryption standard". 2015 IEEE International Conference on Computer Graphics, Vision and Information Security (CGVIS). :209-213.

This paper reports a research work on how to transmit a secured image data using Discrete Wavelet Transform (DWT) in combination of Advanced Encryption Standard (AES) with low power and high speed. This can have better quality secured image with reduced latency and improved throughput. A combined model of DWT and AES technique help in achieving higher compression ratio and simultaneously it provides high security while transmitting an image over the channels. The lifting scheme algorithm is realized using a single and serialized DT processor to compute up to 3-levels of decomposition for improving speed and security. An ASIC circuit is designed using RTL-GDSII to simulate proposed technique using 65 nm CMOS Technology. The ASIC circuit is implemented on an average area of about 0.76 mm2 and the power consumption is estimated in the range of 10.7-19.7 mW at a frequency of 333 MHz which is faster compared to other similar research work reported.

K. S. Vishvaksenan, K. Mithra.  2015.  "Performance of coded Joint transmit scheme aided MIMO-IDMA system for secured medical image transmission". 2015 International Conference on Communications and Signal Processing (ICCSP). :0799-0803.

In this paper, we investigate the performance of multiple-input multiple-output aided coded interleave division multiple access (IDMA) system for secured medical image transmission through wireless communication. We realize the MIMO profile using four transmit antennas at the base station and three receive antennas at the mobile station. We achieve bandwidth efficiency using discrete wavelet transform (DWT). Further we implement Arnold's Cat Map (ACM) encryption algorithm for secured medical transmission. We consider celulas as medical image which is used to differentiate between normal cell and carcinogenic cell. In order to accommodate more users' image, we consider IDMA as accessing scheme. At the mobile station (MS), we employ non-linear minimum mean square error (MMSE) detection algorithm to alleviate the effects of unwanted multiple users image information and multi-stream interference (MSI) in the context of downlink transmission. In particular, we investigate the effects of three types of delay-spread distributions pertaining to Stanford university interim (SUI) channel models for encrypted image transmission of MIMO-IDMA system. From our computer simulation, we reveal that DWT based coded MIMO- IDMA system with ACM provides superior picture quality in the context of DL communication while offering higher spectral efficiency and security.

K. Sakai, M. T. Sun, W. S. Ku, J. Wu, T. H. Lai.  2015.  "Multi-path Based Avoidance Routing in Wireless Networks". 2015 IEEE 35th International Conference on Distributed Computing Systems. :706-715.

The speedy advancement in computer hardware has caused data encryption to no longer be a 100% safe solution for secure communications. To battle with adversaries, a countermeasure is to avoid message routing through certain insecure areas, e.g., Malicious countries and nodes. To this end, avoidance routing has been proposed over the past few years. However, the existing avoidance protocols are single-path-based, which means that there must be a safe path such that no adversary is in the proximity of the whole path. This condition is difficult to satisfy. As a result, routing opportunities based on the existing avoidance schemes are limited. To tackle this issue, we propose an avoidance routing framework, namely Multi-Path Avoidance Routing (MPAR). In our approach, a source node first encodes a message into k different pieces, and each piece is sent via k different paths. The destination can assemble the original message easily, while an adversary cannot recover the original message unless she obtains all the pieces. We prove that the coding scheme achieves perfect secrecy against eavesdropping under the condition that an adversary has incomplete information regarding the message. The simulation results validate that the proposed MPAR protocol achieves its design goals.

K. Sathya, J. Premalatha, V. Rajasekar.  2015.  "Random number generation based on sensor with decimation method". 2015 IEEE Workshop on Computational Intelligence: Theories, Applications and Future Directions (WCI). :1-5.

Strength of security and privacy of any cryptographic mechanisms that use random numbers require that the random numbers generated have two important properties namely 1. Uniform distribution and 2. Independence. With the growth of Internet many devices are connected to Internet that host sensors. One idea proposed is to use sensor data as seed for Random Number Generator (RNG) since sensors measure the physical phenomena that exhibit randomness over time. The random numbers generated from sensor data can be used for cryptographic algorithms in Internet activities. These sensor data also pose weaknesses where sensors may be under adversarial control that may lead to generating expected random sequence which breaks the security and privacy. This paper proposes a wash-rinse-spin approach to process the raw sensor data that increases randomness in the seed value. The generated sequences from two sensors are combined by Decimation method to improve unpredictability. This makes the sensor data to be more secure in generating random numbers preventing attackers from knowing the random sequence through adversarial control.

K. Xiangying, C. Yanhui.  2015.  "Dynamic Remote Attestation Based on Concerns". 2015 8th International Symposium on Computational Intelligence and Design (ISCID). 1:76-80.

Based on the analysis relationships of challenger and attestation in remote attestation process, we propose a dynamic remote attestation model based on concerns. By combines the trusted root and application of dynamic credible monitoring module, Convert the Measurement for all load module of integrity measurement architecture into the Attestation of the basic computing environments, dynamic credible monitoring module, and request service software module. Discuss the rationality of the model. The model used Merkel hash tree to storage applications software integrity metrics, both to protect the privacy of the other party application software, and also improves the efficiency of remote attestation. Experimental prototype system shows that the model can verify the dynamic behavior of the software, to make up for the lack of static measure.

K.R., Raghunandan, Aithal, Ganesh, Shetty, Surendra.  2019.  Comparative Analysis of Encryption and Decryption Techniques Using Mersenne Prime Numbers and Phony Modulus to Avoid Factorization Attack of RSA. 2019 International Conference on Advanced Mechatronic Systems (ICAMechS). :152–157.
In this advanced era, it is important to keep up an abnormal state of security for online exchanges. Public Key cryptography assumes an indispensable job in the field of security. Rivest, Shamir and Adleman (RSA) algorithm is being utilized for quite a long time to give online security. RSA is considered as one of the famous Public Key cryptographic algorithm. Nevertheless, a few fruitful assaults are created to break this algorithm because of specific confinements accepted in its derivation. The algorithm's security is principally founded on the issue of factoring large number. If the process factorization is done then, at that point the entire algorithm can end up fragile. This paper presents a methodology which is more secure than RSA algorithm by doing some modifications in it. Public Key exponent n, which is termed as common modulus replaced by phony modulus to avoid the factorization attack and it is constructed by Mersenne prime numbers to provide more efficiency and security. Paper presents a comparative analysis of the proposed algorithm with the conventional RSA algorithm and Dual RSA.
Kaaniche, N., Laurent, M..  2017.  A blockchain-based data usage auditing architecture with enhanced privacy and availability. 2017 IEEE 16th International Symposium on Network Computing and Applications (NCA). :1–5.

Recent years have witnessed the trend of increasingly relying on distributed infrastructures. This increased the number of reported incidents of security breaches compromising users' privacy, where third parties massively collect, process and manage users' personal data. Towards these security and privacy challenges, we combine hierarchical identity based cryptographic mechanisms with emerging blockchain infrastructures and propose a blockchain-based data usage auditing architecture ensuring availability and accountability in a privacy-preserving fashion. Our approach relies on the use of auditable contracts deployed in blockchain infrastructures. Thus, it offers transparent and controlled data access, sharing and processing, so that unauthorized users or untrusted servers cannot process data without client's authorization. Moreover, based on cryptographic mechanisms, our solution preserves privacy of data owners and ensures secrecy for shared data with multiple service providers. It also provides auditing authorities with tamper-proof evidences for data usage compliance.

Kabatiansky, G., Egorova, E..  2020.  Adversarial multiple access channels and a new model of multimedia fingerprinting coding. 2020 IEEE Conference on Communications and Network Security (CNS). :1—5.

We consider different models of malicious multiple access channels, especially for binary adder channel and for A-channel, and show how they can be used for the reformulation of digital fingerprinting coding problems. In particular, we propose a new model of multimedia fingerprinting coding. In the new model, not only zeroes and plus/minus ones but arbitrary coefficients of linear combinations of noise-like signals for forming watermarks (digital fingerprints) can be used. This modification allows dramatically increase the possible number of users with the property that if t or less malicious users create a forge digital fingerprint then a dealer of the system can find all of them with zero-error probability. We show how arisen problems are related to the compressed sensing problem.

Kabi, B., Sahadevan, A. S., Pradhan, T..  2017.  An overflow free fixed-point eigenvalue decomposition algorithm: Case study of dimensionality reduction in hyperspectral images. 2017 Conference on Design and Architectures for Signal and Image Processing (DASIP). :1–9.

We consider the problem of enabling robust range estimation of eigenvalue decomposition (EVD) algorithm for a reliable fixed-point design. The simplicity of fixed-point circuitry has always been so tempting to implement EVD algorithms in fixed-point arithmetic. Working towards an effective fixed-point design, integer bit-width allocation is a significant step which has a crucial impact on accuracy and hardware efficiency. This paper investigates the shortcomings of the existing range estimation methods while deriving bounds for the variables of the EVD algorithm. In light of the circumstances, we introduce a range estimation approach based on vector and matrix norm properties together with a scaling procedure that maintains all the assets of an analytical method. The method could derive robust and tight bounds for the variables of EVD algorithm. The bounds derived using the proposed approach remain same for any input matrix and are also independent of the number of iterations or size of the problem. Some benchmark hyperspectral data sets have been used to evaluate the efficiency of the proposed technique. It was found that by the proposed range estimation approach, all the variables generated during the computation of Jacobi EVD is bounded within ±1.

Kabilan, K., Saketh, M., Nagarajan, K. K..  2017.  Implementation of SERPENT cryptographic algorithm for secured data transmission. 2017 International Conference on Innovations in Information, Embedded and Communication Systems (ICIIECS). :1–6.

In the field of communication, the need for cryptography is growing faster, so it is very difficult to achieve the objectives of cryptography such as confidentiality, data integrity, non-repudiation. To ensure data security, key scheduling and key management are the factors which the algorithm depends. In this paper, the enciphering and deciphering process of the SERPENT algorithm is done using the graphical programming tool. It is an algorithm which uses substitution permutation network procedure which contains round function including key scheduling, s-box and linear mixing stages. It is fast and easy to actualize and it requires little memory.

Kabin, I., Dyka, Z., Klann, D., Mentens, N., Batina, L., Langendoerfer, P..  2020.  Breaking a fully Balanced ASIC Coprocessor Implementing Complete Addition Formulas on Weierstrass Elliptic Curves. 2020 23rd Euromicro Conference on Digital System Design (DSD). :270–276.
In this paper we report on the results of selected horizontal SCA attacks against two open-source designs that implement hardware accelerators for elliptic curve cryptography. Both designs use the complete addition formula to make the point addition and point doubling operations indistinguishable. One of the designs uses in addition means to randomize the operation sequence as a countermeasure. We used the comparison to the mean and an automated SPA to attack both designs. Despite all these countermeasures, we were able to extract the keys processed with a correctness of 100%.
Kabir, Alamgir, Ahammed, Md. Tabil, Das, Chinmoy, Kaium, Mehedi Hasan, Zardar, Md. Abu, Prathibha, Soma.  2022.  Light Fidelity (Li-Fi) based Indoor Communication System. 2022 International Conference on Advances in Computing, Communication and Applied Informatics (ACCAI). :1–5.
Wireless-fidelity (Wi-Fi) and Bluetooth are examples of modern wireless communication technologies that employ radio waves as the primary channel for data transmission. but it ought to find alternatives over the limitation and interference in the radio frequency (RF) band. For viable alternatives, visible light communication (VLC) technology comes to play as Light Fidelity (Li-Fi) which uses visible light as a channel for delivering very high-speed communication in a Wi-Fi way. In terms of availability, bandwidth, security and efficiency, Li-Fi is superior than Wi-Fi. In this paper, we present a Li-Fi-based indoor communication system. prototype model has been proposed for single user scenario using visible light portion of electromagnetic spectrum. This system has been designed for audio data communication in between the users in transmitter and receiver sections. LED and photoresistor have been used as optical source and receiver respectively. The electro-acoustic transducer provides the required conversion of electrical-optical signal in both ways. This system might overcome problems like radio-frequency bandwidth scarcity However, its major problem is that it only works when it is pointed directly at the target.
Kabir, H., Mohsin, M. H. Bin, Kantola, R..  2020.  Implementing a Security Policy Management for 5G Customer Edge Nodes. NOMS 2020 - 2020 IEEE/IFIP Network Operations and Management Symposium. :1—8.
The upcoming 5th generation (5G) mobile networks need to support ultra-reliable communication for business and life-critical applications. To do that 5G must offer higher degree of reliability than the current Internet, where networks are often subjected to Internet attacks, such as denial of service (DoS) and unwanted traffic. Besides improving the mitigation of Internet attacks, we propose that ultra-reliable mobile networks should only carry the expected user traffic to achieve a predictable level of reliability under malicious activity. To accomplish this, we introduce device-oriented communication security policies. Mobile networks have classically introduced a policy architecture that includes Policy and Charging Control (PCC) functions in LTE. However, in state of the art, this policy architecture is limited to QoS policies for end devices only. In this paper, we present experimental implementation of a Security Policy Management (SPM) system that accounts communication security interests of end devices. The paper also briefly presents the overall security architecture, where the policies set for devices or services in a network slice providing ultra-reliability, are enforced by a network edge node (via SPM) to only admit the expected traffic, by default treating the rest as unwanted traffic.