Visible to the public Biblio

Found 508 results

Filters: First Letter Of Last Name is P  [Clear All Filters]
A B C D E F G H I J K L M N O [P] Q R S T U V W X Y Z   [Show ALL]
Pyrgelis, Apostolos, De Cristofaro, Emiliano, Ross, Gordon J..  2016.  Privacy-friendly Mobility Analytics Using Aggregate Location Data. Proceedings of the 24th ACM SIGSPATIAL International Conference on Advances in Geographic Information Systems. :34:1–34:10.

Location data can be extremely useful to study commuting patterns and disruptions, as well as to predict real-time traffic volumes. At the same time, however, the fine-grained collection of user locations raises serious privacy concerns, as this can reveal sensitive information about the users, such as, life style, political and religious inclinations, or even identities. In this paper, we study the feasibility of crowd-sourced mobility analytics over aggregate location information: users periodically report their location, using a privacy-preserving aggregation protocol, so that the server can only recover aggregates - i.e., how many, but not which, users are in a region at a given time. We experiment with real-world mobility datasets obtained from the Transport For London authority and the San Francisco Cabs network, and present a novel methodology based on time series modeling that is geared to forecast traffic volumes in regions of interest and to detect mobility anomalies in them. In the presence of anomalies, we also make enhanced traffic volume predictions by feeding our model with additional information from correlated regions. Finally, we present and evaluate a mobile app prototype, called Mobility Data Donors (MDD), in terms of computation, communication, and energy overhead, demonstrating the real-world deployability of our techniques.

Pyatnisky, I. A., Sokolov, A. N..  2020.  Assessment of the Applicability of Autoencoders in the Problem of Detecting Anomalies in the Work of Industrial Control Systems.. 2020 Global Smart Industry Conference (GloSIC). :234—239.

Deep learning methods are increasingly becoming solutions to complex problems, including the search for anomalies. While fully-connected and convolutional neural networks have already found their application in classification problems, their applicability to the problem of detecting anomalies is limited. In this regard, it is proposed to use autoencoders, previously used only in problems of reducing the dimension and removing noise, as a method for detecting anomalies in the industrial control system. A new method based on autoencoders is proposed for detecting anomalies in the operation of industrial control systems (ICS). Several neural networks based on auto-encoders with different architectures were trained, and the effectiveness of each of them in the problem of detecting anomalies in the work of process control systems was evaluated. Auto-encoders can detect the most complex and non-linear dependencies in the data, and as a result, can show the best quality for detecting anomalies. In some cases, auto-encoders require fewer machine resources.

Putz, B., Pernul, G..  2020.  Detecting Blockchain Security Threats. 2020 IEEE International Conference on Blockchain (Blockchain). :313—320.
In many organizations, permissioned blockchain networks are currently transitioning from a proof-of-concept stage to production use. A crucial part of this transition is ensuring awareness of potential threats to network operations. Due to the plethora of software components involved in distributed ledgers, threats may be difficult or impossible to detect without a structured monitoring approach. To this end, we conduct a survey of attacks on permissioned blockchains and develop a set of threat indicators. To gather these indicators, a data processing pipeline is proposed to aggregate log information from relevant blockchain components, enriched with data from external sources. To evaluate the feasibility of monitoring current blockchain frameworks, we determine relevant data sources in Hyperledger Fabric. Our results show that the required data is mostly available, but also highlight significant improvement potential with regard to threat intelligence, chaincode scanners and built-in metrics.
Puttonen, J., Afolaranmi, S. O., Moctezuma, L. G., Lobov, A., Lastra, J. L. M..  2015.  Security in Cloud-Based Cyber-Physical Systems. 2015 10th International Conference on P2P, Parallel, Grid, Cloud and Internet Computing (3PGCIC). :671–676.

Cyber-physical systems combine data processing and physical interaction. Therefore, security in cyber-physical systems involves more than traditional information security. This paper surveys recent research on security in cloud-based cyber-physical systems. In addition, this paper especially analyzes the security issues in modern production devices and smart mobility services, which are examples of cyber-physical systems from different application domains.

Puttegowda, D., Padma, M. C..  2016.  Human Motion Detection and Recognising Their Actions from the Video Streams. Proceedings of the International Conference on Informatics and Analytics. :12:1–12:5.

In the field of image processing, it is more complex and challenging task to detect the Human motion in the video and recognize their actions from the video sequences. A novel approach is presented in this paper to detect the human motion and recognize their actions. By tracking the selected object over consecutive frames of a video or image sequences, the different Human actions are recognized. Initially, the background motion is subtracted from the input video stream and its binary images are constructed. Using spatiotemporal interest points, the object which needs to be monitored is selected by enclosing the required pixels within the bounding rectangle. The selected foreground pixels within the bounding rectangle are then tracked using edge tracking algorithm. The features are extracted and using these features human motion are detected. Finally, the different human actions are recognized using K-Nearest Neighbor classifier. The applications which uses this methodology where monitoring the human actions is required such as shop surveillance, city surveillance, airports surveillance and other important places where security is the prime factor. The results obtained are quite significant and are analyzed on the datasets like KTH and Weizmann dataset, which contains actions like bending, running, walking, skipping, and hand-waving.

Putro, Singgih Nugroho, Moses Setiadi, De Rosal Ignatius, Aini, Devita Nurul, Rachmawanto, Eko Hari, Sari, Christy Atika.  2019.  Improved CRT Image Steganography based on Edge Areas and Spread Embedding. 2019 Fourth International Conference on Informatics and Computing (ICIC). :1—6.

Chinese Remainder Theorem (CRT) is one of the spatial domain methods that is more implemented in the data hiding method watermarking. CRT is used to improve security and imperceptibility in the watermarking method. CRT is rarely studied in studies that discuss steganographic images. Steganography research focuses more on increasing imperceptibility, embedded payload, and message security, so methods like LSB are still popular to be developed to date. CRT and LSB have some similarities such as default payload capacity and both are methods in the spatial domain which can produce good imperceptibility quality of stego image. But CRT is very superior in terms of security, so CRT is also widely used in cryptographic algorithms. Some ways to increase imperceptibility in image steganography are edge detection and spread spectrum embedding. This research proposes a combination of edge detection techniques and spread-spectrum embedding based on the CRT method to produce imperceptibility and safe image steganography method. Based on the test results it is proven that the combination of the proposed methods can increase imperceptibility of CRT-based steganography based on SSIM metric.

Putra, M.S.A., Budiman, G., Novamizanti, L..  2014.  Implementation of steganography using LSB with encrypted and compressed text using TEA-LZW on Android. Computer, Control, Informatics and Its Applications (IC3INA), 2014 International Conference on. :93-98.

The development of data communications enabling the exchange of information via mobile devices more easily. Security in the exchange of information on mobile devices is very important. One of the weaknesses in steganography is the capacity of data that can be inserted. With compression, the size of the data will be reduced. In this paper, designed a system application on the Android platform with the implementation of LSB steganography and cryptography using TEA to the security of a text message. The size of this text message may be reduced by performing lossless compression technique using LZW method. The advantages of this method is can provide double security and more messages to be inserted, so it is expected be a good way to exchange information data. The system is able to perform the compression process with an average ratio of 67.42 %. Modified TEA algorithm resulting average value of avalanche effect 53.8%. Average result PSNR of stego image 70.44 dB. As well as average MOS values is 4.8.

Putra, Guntur Dharma, Sulistyo, Selo.  2017.  Trust Based Approach in Adjacent Vehicles to Mitigate Sybil Attacks in VANET. Proceedings of the 2017 International Conference on Software and E-Business. :117–122.

Vehicular Ad-Hoc Network (VANET) is a form of Peer-to-Peer (P2P) wireless communication between vehicles, which is characterized by the high mobility. In practice, VANET can be utilized to cater connections via multi-hop communication between vehicles to provide traffic information seamlessly, such as traffic jam and traffic accident, without the need of dedicated centralized infrastructure. Although dedicated infrastructures may also be involved in VANET, such as Road Side Units (RSUs), most of the time VANET relies solely on Vehicle-to-Vehicle (V2V) communication, which makes it vulnerable to several potential attacks in P2P based communication, as there are no trusted authorities that provide authentication and security. One of the potential threats is a Sybil attack, wherein an adversary uses a considerable number of forged identities to illegitimately infuse false or biased information which may mislead a system into making decisions benefiting the adversary. Avoiding Sybil attacks in VANET is a difficult problem, as there are typically no trusted authorities that provide cryptographic assurance of Sybil resilience. This paper presents a technique to detect and mitigate Sybil attacks, which requires no dedicated infrastructure, by utilizing just V2V communication. The proposed method work based on underlying assumption that says the mobility of vehicles in high vehicle density and the limited transmission power of the adversary creates unique groups of vehicle neighbors at a certain time point, which can be calculated in a statistical fashion providing a temporal and spatial analysis to verify real and impersonated vehicle identities. The proposed method also covers the mitigation procedures to create a trust model and announce neighboring vehicles regarding the detected tempered identities in a secure way utilizing Diffie-Hellman key distribution. This paper also presents discussions concerning the proposed approach with regard to benefits and drawbacks of sparse road condition and other potential threats.

Puteaux, Pauline, Puech, William.  2018.  Noisy Encrypted Image Correction based on Shannon Entropy Measurement in Pixel Blocks of Very Small Size. 2018 26th European Signal Processing Conference (EUSIPCO). :161–165.
Many techniques have been presented to protect image content confidentiality. The owner of an image encrypts it using a key and transmits the encrypted image across a network. If the recipient is authorized to access the original content of the image, he can reconstruct it losslessly. However, if during the transmission the encrypted image is noised, some parts of the image can not be deciphered. In order to localize and correct these errors, we propose an approach based on the local Shannon entropy measurement. We first analyze this measure as a function of the block-size. We provide then a full description of our blind error localization and removal process. Experimental results show that the proposed approach, based on local entropy, can be used in practice to correct noisy encrypted images, even with blocks of very small size.
Puteaux, Pauline, Puech, William.  2019.  Image Analysis and Processing in the Encrypted Domain. 2019 IEEE International Conference on Image Processing (ICIP). :3020–3022.

In this research project, we are interested by finding solutions to the problem of image analysis and processing in the encrypted domain. For security reasons, more and more digital data are transferred or stored in the encrypted domain. However, during the transmission or the archiving of encrypted images, it is often necessary to analyze or process them, without knowing the original content or the secret key used during the encryption phase. We propose to work on this problem, by associating theoretical aspects with numerous applications. Our main contributions concern: data hiding in encrypted images, correction of noisy encrypted images, recompression of crypto-compressed images and secret image sharing.

Puspitaningrum, Diyah, Fernando, Julio, Afriando, Edo, Utama, Ferzha Putra, Rahmadini, Rina, Pinata, Y..  2019.  Finding Local Experts for Dynamic Recommendations Using Lazy Random Walk. 2019 7th International Conference on Cyber and IT Service Management (CITSM). 7:1–6.
Statistics based privacy-aware recommender systems make suggestions more powerful by extracting knowledge from the log of social contacts interactions, but unfortunately, they are static - moreover, advice from local experts effective in finding specific business categories in a particular area. We propose a dynamic recommender algorithm based on a lazy random walk that recommends top-rank shopping places to potentially interested visitors. We consider local authority and topical authority. The algorithm tested on FourSquare shopping data sets of 5 cities in Indonesia with k-steps=5,7,9 (lazy) random walks and compared the results with other state-of-the-art ranking techniques. The results show that it can reach high score precisions (0.5, 0.37, and 0.26 respectively on p@1, p@3, and p@5 for k=5). The algorithm also shows scalability concerning execution time. The advantage of dynamicity is the database used to power the recommender system; no need to be very frequently updated to produce a good recommendation.
Purvine, Emilie, Johnson, John R., Lo, Chaomei.  2016.  A Graph-Based Impact Metric for Mitigating Lateral Movement Cyber Attacks. Proceedings of the 2016 ACM Workshop on Automated Decision Making for Active Cyber Defense. :45–52.

Most cyber network attacks begin with an adversary gaining a foothold within the network and proceed with lateral movement until a desired goal is achieved. The mechanism by which lateral movement occurs varies but the basic signature of hopping between hosts by exploiting vulnerabilities is the same. Because of the nature of the vulnerabilities typically exploited, lateral movement is very difficult to detect and defend against. In this paper we define a dynamic reachability graph model of the network to discover possible paths that an adversary could take using different vulnerabilities, and how those paths evolve over time. We use this reachability graph to develop dynamic machine-level and network-level impact scores. Lateral movement mitigation strategies which make use of our impact scores are also discussed, and we detail an example using a freely available data set.

Purohit, Suchit S., Bothale, Vinod M., Gandhi, Savita R..  2016.  Towards M-gov in Solid Waste Management Sector Using RFID, Integrated Technologies. Proceedings of the Second International Conference on Information and Communication Technology for Competitive Strategies. :61:1–61:4.

Due to explosive increase in teledensity, penetration of mobile networks in urban as well as rural areas, m-governance in India is growing from infancy to a more mature shape. Various steps are taken by Indian government for offering citizen services through mobile platform hence offering smooth transition from web based e-gov services to more pervasive mobile based services. Municipalities and Municipal corporations in India are already providing m-gov services like property and professional tax transaction, Birth and death registration, Marriage registration, due of taxes and charges etc. through SMS alerts or via call centers. To the best of our knowledge no municipality offers mobile based services in Solid Waste management sector. This paper proposes an m-gov service implemented as Android mobile application for SWM department, AMC, Ahmadabad. The application operates on real time data collected from a fully automated Solid waste Collection process integrated using RFID, GPS, GIS and GPRS proposed in the preceding work by the authors. The mobile application facilitates citizens to interactively view the status of the cleaning process of their area file complaints in the case of failure and also can follow up the status of their complaints which could be handled by SWM officials using the same application. This application also facilitates SWM officials to observe, analyze the real time status of the collection process and generated reports.

Purohit, S., Calyam, P., Wang, S., Yempalla, R., Varghese, J..  2020.  DefenseChain: Consortium Blockchain for Cyber Threat Intelligence Sharing and Defense. 2020 2nd Conference on Blockchain Research Applications for Innovative Networks and Services (BRAINS). :112—119.
Cloud-hosted applications are prone to targeted attacks such as DDoS, advanced persistent threats, cryptojacking which threaten service availability. Recently, methods for threat information sharing and defense require co-operation and trust between multiple domains/entities. There is a need for mechanisms that establish distributed trust to allow for such a collective defense. In this paper, we present a novel threat intelligence sharing and defense system, namely “DefenseChain”, to allow organizations to have incentive-based and trustworthy co-operation to mitigate the impact of cyber attacks. Our solution approach features a consortium Blockchain platform to obtain threat data and select suitable peers to help with attack detection and mitigation. We propose an economic model for creation and sustenance of the consortium with peers through a reputation estimation scheme that uses `Quality of Detection' and `Quality of Mitigation' metrics. Our evaluation experiments with DefenseChain implementation are performed on an Open Cloud testbed with Hyperledger Composer and in a simulation environment. Our results show that the DefenseChain system overall performs better than state-of-the-art decision making schemes in choosing the most appropriate detector and mitigator peers. In addition, we show that our DefenseChain achieves better performance trade-offs in terms of metrics such as detection time, mitigation time and attack reoccurence rate. Lastly, our validation results demonstrate that our DefenseChain can effectively identify rational/irrational service providers.
Purnomo, M. F. E., Kitagawa, A..  2017.  Developing basic configuration of triangle array antenna for circularly polarized-Synthetic Aperture Radar sensor application. 2017 International Conference on Radar, Antenna, Microwave, Electronics, and Telecommunications (ICRAMET). :112–117.

The development of radar technology, Synthetic Aperture Radar (SAR) and Unmanned Aerial Vehicle (UAV) requires the communication facilities and infrastructures that have variety of platforms and high quality of image. In this paper, we obtain the basic configuration of triangle array antenna using corporate feeding-line for Circularly Polarized- Synthetic Aperture Radar (CP-SAR) sensor embedded on small UAV or drone airspace with compact, small, and simple configuration. The Method of Moments (MoM) is chosen in the numerical analysis for fast calculation of the unknown current on the patch antenna. The developing of triangle array antenna is consist of four patches of simple equilateral triangle patch with adding truncated corner of each patch and resonant frequency at f = 1.25 GHz. Proximity couple, perturbation segment, single feeding method are applied to generate the circular polarization wave from radiating patch. The corporate feeding-line design is implemented by combining some T-junctions to distribute the current from input port to radiating patch and to reach 2×2 patches. The performance results of this antenna, especially for gain and axial ratio (Ar) at the resonant frequency are 11.02 dBic and 2.47 dB, respectively. Furthermore, the two-beams appeared at boresight in elevation plane have similar values each other i.e. for average beamwidth of 10 dBic-gain and the 3 dB-Ar are about 20° and 70°, respectively.

Puri, Gurjeet Singh, Gupta, Himanshu.  2016.  ID Based Encryption in Modern Cryptography. Proceedings of the Second International Conference on Information and Communication Technology for Competitive Strategies. :15:1–15:5.

Now a days, ATM is used for money transaction for the convenience of the user by providing round the clock 24*7 services in financial transaction. Bank provides the Debit or Credit card to its user along with particular PIN number (which is only known by the Bank and User). Sometimes, user's card may be stolen by someone and this person can access all confidential information as Credit card number, Card holder name, Expiry date and CVV number through which he/she can complete fake transaction. In this paper, we introduced the biometric encryption of "EYE RETINA" to enhance the security over the wireless and unreliable network as internet. In this method user can authorizeasthird person his/her behalf to make the transaction using Debit or Credit card. In proposed method, third person can also perform financial transaction by providing his/her eye retina for the authorization & identification purpose.

Pura, M.L., Buchs, D..  2014.  A self-organized key management scheme for ad hoc networks based on identity-based cryptography. Communications (COMM), 2014 10th International Conference on. :1-4.

Ad hoc networks represent a very modern technology for providing communication between devices without the need of any prior infrastructure set up, and thus in an “on the spot” manner. But there is a catch: so far there isn't any security scheme that would suit the ad hoc properties of this type of networks and that would also accomplish the needed security objectives. The most promising proposals are the self-organized schemes. This paper presents a work in progress aiming at developing a new self-organized key management scheme that uses identity based cryptography for making impossible some of the attacks that can be performed over the schemes proposed so far, while preserving their advantages. The paper starts with a survey of the most important self-organized key management schemes and a short analysis of the advantages and disadvantages they have. Then, it presents our new scheme, and by using informal analysis, it presents the advantages it has over the other proposals.

Pura, M.L., Buchs, D..  2014.  A self-organized key management scheme for ad hoc networks based on identity-based cryptography. Communications (COMM), 2014 10th International Conference on. :1-4.

Ad hoc networks represent a very modern technology for providing communication between devices without the need of any prior infrastructure set up, and thus in an “on the spot” manner. But there is a catch: so far there isn't any security scheme that would suit the ad hoc properties of this type of networks and that would also accomplish the needed security objectives. The most promising proposals are the self-organized schemes. This paper presents a work in progress aiming at developing a new self-organized key management scheme that uses identity based cryptography for making impossible some of the attacks that can be performed over the schemes proposed so far, while preserving their advantages. The paper starts with a survey of the most important self-organized key management schemes and a short analysis of the advantages and disadvantages they have. Then, it presents our new scheme, and by using informal analysis, it presents the advantages it has over the other proposals.

Pupo, Angel Luis Scull, Nicolay, Jens, Boix, Elisa Gonzalez.  2018.  GUARDIA: Specification and Enforcement of Javascript Security Policies Without VM Modifications. Proceedings of the 15th International Conference on Managed Languages & Runtimes. :17:1–17:15.
The complex architecture of browser technologies and dynamic characteristics of JavaScript make it difficult to ensure security in client-side web applications. Browser-level security policies alone are not sufficient because it is difficult to apply them correctly and they can be bypassed. As a result, they need to be completed by application-level security policies. In this paper, we survey existing solutions for specifying and enforcing application-level security policies for client-side web applications, and distill a number of desirable features. Based on these features we developed Guardia, a framework for declaratively specifying and dynamically enforcing application-level security policies for JavaScript web applications without requiring VM modifications. We describe Guardia enforcement mechanism by means of JavaScript reflection with respect to three important security properties (transparency, tamper-proofness, and completeness). We also use Guardia to specify and deploy 12 access control policies discussed in related work in three experimental applications that are representative of real-world applications. Our experiments indicate that Guardia is correct, transparent, and tamper-proof, while only incurring a reasonable runtime overhead.
Pundir, N., Hazari, N. A., Amsaad, F., Niamat, M..  2017.  A Novel Hybrid Delay Based Physical Unclonable Function Immune to Machine Learning Attacks. 2017 IEEE National Aerospace and Electronics Conference (NAECON). :84–87.

In this paper, machine learning attacks are performed on a novel hybrid delay based Arbiter Ring Oscillator PUF (AROPUF). The AROPUF exhibits improved results when compared to traditional Arbiter Physical Unclonable Function (APUF). The challenge-response pairs (CRPs) from both PUFs are fed to the multilayered perceptron model (MLP) with one hidden layer. The results show that the CRPs generated from the proposed AROPUF has more training and prediction errors when compared to the APUF, thus making it more difficult for the adversary to predict the CRPs.

Pulvari, Charles F..  1953.  The Snapping Dipoles of Ferroelectrics As a Memory Element for Digital Computers. Proceedings of the February 4-6, 1953, Western Computer Conference. :140–159.

A brief review is given of the memory properties of non-linear ferroelectric materials in terms of the direction of polarization. A sensitive pulse method has been developed for obtaining static remanent polarization data of ferroelectric materials. This method has been applied to study the effect of pulse duration and amplitude and decay of polarization on ferroelectric ceramic materials with fairly high crystalline orientation. These studies indicate that ferroelectric memory devices can be operated in the megacycle ranges. Attempts have been made to develop electrostatically induced memory devices using ferroelectric substances as a medium for storing information. As an illustration, a ferroelectric memory using a new type of switching matrix is presented having a selection ratio 50 or more.

Pulungan, Farid Fajriana, Sudiharto, Dodi Wisaksono, Brotoharsono, Tri.  2018.  Easy Secure Login Implementation Using Pattern Locking and Environmental Context Recognition. 2018 International Conference on Applied Engineering (ICAE). :1-6.

Smartphone has become the tool which is used daily in modern human life. Some activities in human life, according to the usage of the smartphone can be related to the information which has a high privilege and needs a privacy. It causes the owners of the smartphone needs a system which can protect their privacy. Unfortunately, the secure the system, the unease of the usage. Hence, the system which has an invulnerable environment but also gives the ease of use is very needful. The aspect which is related to the ease of use is an authentication mechanism. Sometimes, this aspect correspondence to the effectiveness and the efficiency. This study is going to analyze the application related to this aspect which is a lock screen application. This lock screen application uses the context data based on the environment condition around the user. The context data used are GPS location and Mac Address of Wi-Fi. The system is going to detect the context and is going to determine if the smartphone needs to run the authentication mechanism or to bypass it based on the analysis of the context data. Hopefully, the smartphone application which is developed still can provide mobility and usability features, and also can protect the user privacy even though it is located in the environment which its context data is unknown.

Pulparambil, S., Baghdadi, Y., Al-Hamdani, A., Al-Badawi, M..  2018.  Service Design Metrics to Predict IT-Based Drivers of Service Oriented Architecture Adoption. 2018 9th International Conference on Computing, Communication and Networking Technologies (ICCCNT). :1–7.

The key factors for deploying successful services is centered on the service design practices adopted by an enterprise. The design level information should be validated and measures are required to quantify the structural attributes. The metrics at this stage will support an early discovery of design flaws and help designers to predict the capabilities of service oriented architecture (SOA) adoption. In this work, we take a deeper look at how we can forecast the key SOA capabilities infrastructure efficiency and service reuse from the service designs modeled by SOA modeling language. The proposed approach defines metrics based on the structural and domain level similarity of service operations. The proposed metrics are analytically validated with respect to software engineering metrics properties. Moreover, a tool has been developed to automate the proposed approach and the results indicate that the metrics predict the SOA capabilities at the service design stage. This work can be further extended to predict the business based capabilities of SOA adoption such as flexibility and agility.

Pukkawanna, S., Hazeyama, H., Kadobayashi, Y., Yamaguchi, S..  2014.  Investigating the utility of S-transform for detecting Denial-of-Service and probe attacks. Information Networking (ICOIN), 2014 International Conference on. :282-287.

Denial-of-Service (DoS) and probe attacks are growing more modern and sophisticated in order to evade detection by Intrusion Detection Systems (IDSs) and to increase the potent threat to the availability of network services. Detecting these attacks is quite tough for network operators using misuse-based IDSs because they need to see through attackers and upgrade their IDSs by adding new accurate attack signatures. In this paper, we proposed a novel signal and image processing-based method for detecting network probe and DoS attacks in which prior knowledge of attacks is not required. The method uses a time-frequency representation technique called S-transform, which is an extension of Wavelet Transform, to reveal abnormal frequency components caused by attacks in a traffic signal (e.g., a time-series of the number of packets). Firstly, S-Transform converts the traffic signal to a two-dimensional image which describes time-frequency behavior of the traffic signal. The frequencies that behave abnormally are discovered as abnormal regions in the image. Secondly, Otsu's method is used to detect the abnormal regions and identify time that attacks occur. We evaluated the effectiveness of the proposed method with several network probe and DoS attacks such as port scans, packet flooding attacks, and a low-intensity DoS attack. The results clearly indicated that the method is effective for detecting the probe and DoS attack streams which were generated to real-world Internet.

Puesche, A., Bothe, D., Niemeyer, M., Sachweh, S., Pohlmann, N., Kunold, I..  2018.  Concept of Smart Building Cyber-physical Systems Including Tamper Resistant Endpoints. 2018 International IEEE Conference and Workshop in Óbuda on Electrical and Power Engineering (CANDO-EPE). :000127–000132.

Cyber-physical systems (CPS) and their Internet of Things (IoT) components are repeatedly subject to various attacks targeting weaknesses in their firmware. For that reason emerges an imminent demand for secure update mechanisms that not only include specific systems but cover all parts of the critical infrastructure. In this paper we introduce a theoretical concept for a secure CPS device update and verification mechanism and provide information on handling hardware-based security incorporating trusted platform modules (TPM) on those CPS devices. We will describe secure communication channels by state of the art technology and also integrity measurement mechanisms to ensure the system is in a known state. In addition, a multi-level fail-over concept is presented, ensuring continuous patching to minimize the necessity of restarting those systems.