Visible to the public Biblio

Found 419 results

Filters: First Letter Of Last Name is T  [Clear All Filters]
A B C D E F G H I J K L M N O P Q R S [T] U V W X Y Z   [Show ALL]
T
T, Baby H., R, Sujatha B..  2016.  Chaos based Combined Multiple Recursive KEY Generator for Crypto-Systems. 2016 2nd International Conference on Applied and Theoretical Computing and Communication Technology (iCATccT). :411–415.

With the ever increasing growth of internet usage, ensuring high security for information has gained great importance, due to the several threats in the communication channels. Hence there is continuous research towards finding a suitable approach to ensure high security for the information. In recent decades, cryptography is being used extensively for providing security on the Internet although primarily used in the military and diplomatic communities. One such approach is the application of Chaos theory in cryptosystems. In this work, we have proposed the usage of combined multiple recursive generator (CMRG) for KEY generation based on a chaotic function to generate different multiple keys. It is seen that negligible difference in parameters of chaotic function generates completely different keys as well as cipher text. The main motive for developing the chaos based cryptosystem is to attain encryption that provides high security at comparatively higher speed but with lower complexity and cost over the conventional encryption algorithms.

T. Long, G. Yao.  2015.  "Verification for Security-Relevant Properties and Hyperproperties". 2015 IEEE 12th Intl Conf on Ubiquitous Intelligence and Computing and 2015 IEEE 12th Intl Conf on Autonomic and Trusted Computing and 2015 IEEE 15th Intl Conf on Scalable Computing and Communications and Its Associated Workshops (UIC-ATC-ScalCom). :490-497.

Privacy analysis is essential in the society. Data privacy preservation for access control, guaranteed service in wireless sensor networks are important parts. In programs' verification, we not only consider about these kinds of safety and liveness properties but some security policies like noninterference, and observational determinism which have been proposed as hyper properties. Fairness is widely applied in verification for concurrent systems, wireless sensor networks and embedded systems. This paper studies verification and analysis for proving security-relevant properties and hyper properties by proposing deductive proof rules under fairness requirements (constraints).

T. S. Chaware, B. K. Mishra.  2015.  "Secure communication using TPC and chaotic encryption". 2015 International Conference on Information Processing (ICIP). :615-620.

Compression, encryption, encoding and modulation at the transmitter side and reverse process at the receiver side are the major processes in any wireless communication system. All these steps were carried out separately before. But, in 1978 R. J. McEliece had proposed the concept of combining security and channel encoding techniques together. Many schemes are proposed by different researchers for this combine approach. Sharing the information securely, but at the same time maintaining acceptable bit error rate in such combine system is difficult. In this paper, a new technique for robust and secure wireless transmission of image combining Turbo Product Code (TPC) with chaotic encryption is proposed. Logistic map is used for chaotic encryption and TPC for channel encoding. Simulation results for this combined system are analyzed and it shows that TPC and chaotic combination gives secure transmission with acceptable data rate.

Ta-Yuan Liu, Mukherjee, P., Ulukus, S., Shih-Chun Lin, Hong, Y.-W.P..  2014.  Secure DoF of MIMO Rayleigh block fading wiretap channels with No CSI anywhere. Communications (ICC), 2014 IEEE International Conference on. :1959-1964.

We consider the block Rayleigh fading multiple-input multiple-output (MIMO) wiretap channel with no prior channel state information (CSI) available at any of the terminals. The channel gains remain constant in a coherence time of T symbols, and then change to another independent realization. The transmitter, the legitimate receiver and the eavesdropper have nt, nr and ne antennas, respectively. We determine the exact secure degrees of freedom (s.d.o.f.) of this system when T ≥ 2 min(nt, nr). We show that, in this case, the s.d.o.f. is exactly (min(nt, nr) - ne)+(T - min(nt, nr))/T. The first term can be interpreted as the eavesdropper with ne antennas taking away ne antennas from both the transmitter and the legitimate receiver. The second term can be interpreted as a fraction of s.d.o.f. being lost due to the lack of CSI at the legitimate receiver. In particular, the fraction loss, min(nt, nr)/T, can be interpreted as the fraction of channel uses dedicated to training the legitimate receiver for it to learn its own CSI. We prove that this s.d.o.f. can be achieved by employing a constant norm channel input, which can be viewed as a generalization of discrete signalling to multiple dimensions.

Ta, H. Q., Kim, S. W..  2019.  Covert Communication Under Channel Uncertainty and Noise Uncertainty. ICC 2019 - 2019 IEEE International Conference on Communications (ICC). :1-6.

Covert or low probability of detection communication is crucial to protect user privacy and provide a strong security. We analyze the joint impact of imperfect knowledge of the channel gain (channel uncertainty) and noise power (noise uncertainty) on the average probability of detection error at the eavesdropper and the covert throughput in Rayleigh fading channel. We characterize the covert throughput gain provided by the channel uncertainty as well as the covert throughput loss caused by the channel fading as a function of the noise uncertainty. Our result shows that the channel fading is essential to hiding the signal transmission, particularly when the noise uncertainty is below a threshold and/or the receive SNR is above a threshold. The impact of the channel uncertainty on the average probability of detection error and covert throughput is more significant when the noise uncertainty is larger.

Tabakhpour, Adel, Abdelaziz, Morad M. A..  2019.  Neural Network Model for False Data Detection in Power System State Estimation. 2019 IEEE Canadian Conference of Electrical and Computer Engineering (CCECE). :1-5.

False data injection is an on-going concern facing power system state estimation. In this work, a neural network is trained to detect the existence of false data in measurements. The proposed approach can make use of historical data, if available, by using them in the training sets of the proposed neural network model. However, the inputs of perceptron model in this work are the residual elements from the state estimation, which are highly correlated. Therefore, their dimension could be reduced by preserving the most informative features from the inputs. To this end, principal component analysis is used (i.e., a data preprocessing technique). This technique is especially efficient for highly correlated data sets, which is the case in power system measurements. The results of different perceptron models that are proposed for detection, are compared to a simple perceptron that produces identical result to the outlier detection scheme. For generating the training sets, state estimation was run for different false data on different measurements in 13-bus IEEE test system, and the residuals are saved as inputs of training sets. The testing results of the trained network show its good performance in detection of false data in measurements.

Tabassum, Anika, Nady, Anannya Islam, Rezwanul Huq, Mohammad.  2019.  Mathematical Formulation and Implementation of Query Inversion Techniques in RDBMS for Tracking Data Provenance. 2019 7th International Conference on Information and Communication Technology (ICoICT). :1–6.
Nowadays the massive amount of data is produced from different sources and lots of applications are processing these data to discover insights. Sometimes we may get unexpected results from these applications and it is not feasible to trace back to the data origin manually to find the source of errors. To avoid this problem, data must be accompanied by the context of how they are processed and analyzed. Especially, data-intensive applications like e-Science always require transparency and therefore, we need to understand how data has been processed and transformed. In this paper, we propose mathematical formulation and implementation of query inversion techniques to trace the provenance of data in a relational database management system (RDBMS). We build mathematical formulations of inverse queries for most of the relational algebra operations and show the formula for join operations in this paper. We, then, implement these formulas of inversion techniques and the experiment shows that our proposed inverse queries can successfully trace back to original data i.e. finding data provenance.
Tabiban, Azadeh, Majumdar, Suryadipta, Wang, Lingyu, Debbabi, Mourad.  2018.  PERMON: An OpenStack Middleware for Runtime Security Policy Enforcement in Clouds. 2018 IEEE Conference on Communications and Network Security (CNS). :1–7.

To ensure the accountability of a cloud environment, security policies may be provided as a set of properties to be enforced by cloud providers. However, due to the sheer size of clouds, it can be challenging to provide timely responses to all the requests coming from cloud users at runtime. In this paper, we design and implement a middleware, PERMON, as a pluggable interface to OpenStack for intercepting and verifying the legitimacy of user requests at runtime, while leveraging our previous work on proactive security verification to improve the efficiency. We describe detailed implementation of the middleware and demonstrate its usefulness through a use case.

Tabiban, Azadeh, Jarraya, Yosr, Zhang, Mengyuan, Pourzandi, Makan, Wang, Lingyu, Debbabi, Mourad.  2020.  Catching Falling Dominoes: Cloud Management-Level Provenance Analysis with Application to OpenStack. 2020 IEEE Conference on Communications and Network Security (CNS). :1—9.

The dynamicity and complexity of clouds highlight the importance of automated root cause analysis solutions for explaining what might have caused a security incident. Most existing works focus on either locating malfunctioning clouds components, e.g., switches, or tracing changes at lower abstraction levels, e.g., system calls. On the other hand, a management-level solution can provide a big picture about the root cause in a more scalable manner. In this paper, we propose DOMINOCATCHER, a novel provenance-based solution for explaining the root cause of security incidents in terms of management operations in clouds. Specifically, we first define our provenance model to capture the interdependencies between cloud management operations, virtual resources and inputs. Based on this model, we design a framework to intercept cloud management operations and to extract and prune provenance metadata. We implement DOMINOCATCHER on OpenStack platform as an attached middleware and validate its effectiveness using security incidents based on real-world attacks. We also evaluate the performance through experiments on our testbed, and the results demonstrate that DOMINOCATCHER incurs insignificant overhead and is scalable for clouds.

Tacliad, Francisco, Nguyen, Thuy D., Gondree, Mark.  2017.  DoS Exploitation of Allen-Bradley's Legacy Protocol Through Fuzz Testing. Proceedings of the 3rd Annual Industrial Control System Security Workshop. :24–31.
EtherNet/IP is a TCP/IP-based industrial protocol commonly used in industrial control systems (ICS). TCP/IP connectivity to the outside world has enabled ICS operators to implement more agile practices, but it also has exposed these cyber-physical systems to cyber attacks. Using a custom Scapy-based fuzzer to test for implementation flaws in the EtherNet/IP software of commercial programmable logic controllers (PLC), we uncover a previously unreported denial-of-service (DoS) vulnerability in the Ethernet/IP implementation of the Rockwell Automation/Allen-Bradley MicroLogix 1100 PLC that, if exploited, can cause the PLC to fault. ICS-CERT recently announces this vulnerability in the security advisory ICSA-17-138-03. This paper describes this vulnerability, the development of an EtherNet/IP fuzzer, and an approach to remotely monitor for faults generated when fuzzing.
Taggu, A., Mungoli, A., Taggu, A..  2018.  ReverseRoute: An Application-Layer Scheme for Detecting Blackholes in MANET Using Mobile Agents. 2018 3rd Technology Innovation Management and Engineering Science International Conference (TIMES-iCON). :1–4.

Mobile Ad-Hoc Networks (MANETs) are prone to many security attacks. One such attack is the blackhole attack. This work proposes a simple and effective application layer based intrusion detection scheme in a MANET to detect blackholes. The proposed algorithm utilizes mobile agents (MA) and wtracert (modified version of Traceroute for MANET) to detect multiple black holes in a DSR protocol based MANET. Use of MAs ensure that no modifications need to be carried out in the underlying routing algorithms or other lower layers. Simulation results show successful detection of single and multiple blackhole nodes, using the proposed detection mechanism, across varying mobility speeds of the nodes.

Taggu, Amar, Marchang, Ningrinla.  2019.  Random-Byzantine Attack Mitigation in Cognitive Radio Networks using a Multi-Hidden Markov Model System. 2019 International Conference on Electrical and Computing Technologies and Applications (ICECTA). :1—5.
Cognitive Radio Networks (CRN) are opportunistic networks which aim to harness the white space in the television frequency spectrum, on a need-to-need basis, without interfering the incumbent, called the Primary User (PU). Cognitive radios (CR) that sense the spectrum periodically for sensing the PU activity, are called Secondary Users (SU). CRNs are susceptible to two major attacks, Byzantine attacks and Primary User Emulation Attack (PUEA). Both the attacks are capable of rendering a CRN useless, by either interfering with the PU itself or capturing the entire channel for themselves. Byzantine attacks detection and mitigation is an important security issue in CRN. Hence, the current work proposes using a multi-Hidden Markov Model system with an aim to detect different types of random-Byzantine attacks. Simulation results show good detection rate across all the attacks.
Tagliaferri, M., Aldini, A..  2018.  A Trust Logic for Pre-Trust Computations. 2018 21st International Conference on Information Fusion (FUSION). :2006–2012.
Computational trust is the digital counterpart of the human notion of trust as applied in social systems. Its main purpose is to improve the reliability of interactions in online communities and of knowledge transfer in information management systems. Trust models are formal frameworks in which the notion of computational trust is described rigorously and where its dynamics are explained precisely. In this paper we will consider and extend a computational trust model, i.e., JØsang's Subjective Logic: we will show how this model is well-suited to describe the dynamics of computational trust, but lacks effective tools to compute initial trust values to feed in the model. To overcome some of the issues with subjective logic, we will introduce a logical language which can be employed to describe and reason about trust. The core ideas behind the logical language will turn out to be useful in computing initial trust values to feed into subjective logic. The aim of the paper is, therefore, that of providing an improvement on subjective logic.
Taha, Bilal, Hatzinakos, Dimitrios.  2019.  Emotion Recognition from 2D Facial Expressions. 2019 IEEE Canadian Conference of Electrical and Computer Engineering (CCECE). :1–4.
This work proposes an approach to find and learn informative representations from 2 dimensional gray-level images for facial expression recognition application. The learned features are obtained from a designed convolutional neural network (CNN). The developed CNN enables us to learn features from the images in a highly efficient manner by cascading different layers together. The developed model is computationally efficient since it does not consist of a huge number of layers and at the same time it takes into consideration the overfitting problem. The outcomes from the developed CNN are compared to handcrafted features that span texture and shape features. The experiments conducted on the Bosphours database show that the developed CNN model outperforms the handcrafted features when coupled with a Support Vector Machines (SVM) classifier.
Taha, Mohammad Bany, Chowdhury, Rasel.  2020.  GALB: Load Balancing Algorithm for CP-ABE Encryption Tasks in E-Health Environment. 2020 Fifth International Conference on Research in Computational Intelligence and Communication Networks (ICRCICN). :165–170.
Security of personal data in the e-healthcare has always been challenging issue. The embedded and wearable devices used to collect these personal and critical data of the patients and users are sensitive in nature. Attribute-Based Encryption is believed to provide access control along with data security for distributed data among multiple parties. These resources limited devices do have the capabilities to secure the data while sending to the cloud but instead it increases the overhead and latency of running the encryption algorithm. On the top of if confidentiality is required, which will add more latency. In order to reduce latency and overhead, we propose a new load balancing algorithm that will distribute the data to nearby devices with available resources to encrypt the data and send it to the cloud. In this article, we are proposing a load balancing algorithm for E-Health system called (GALB). Our algorithm is based on Genetic Algorithm (GA). Our algorithm (GALB) distribute the tasks that received to the main gateway between the devices on E-health environment. The distribution strategy is based on the available resources in the devices, the distance between the gateway and the those devices, and the complexity of the task (size) and CP-ABE encryption policy length. In order to evaluate our algorithm performance, we compare the near optimal solution proposed by GALB with the optimal solution proposed by LP.
Tahat, Amer, Joshi, Sarang, Goswami, Pronnoy, Ravindran, Binoy.  2019.  Scalable Translation Validation of Unverified Legacy OS Code. 2019 Formal Methods in Computer Aided Design (FMCAD). :1–9.

Formally verifying functional and security properties of a large-scale production operating system is highly desirable. However, it is challenging as such OSes are often written in multiple source languages that have no formal semantics - a prerequisite for formal reasoning. To avoid expensive formalization of the semantics of multiple high-level source languages, we present a lightweight and rigorous verification toolchain that verifies OS code at the binary level, targeting ARM machines. To reason about ARM instructions, we first translate the ARM Specification Language that describes the semantics of the ARMv8 ISA into the PVS7 theorem prover and verify the translation. We leverage the radare2 reverse engineering tool to decode ARM binaries into PVS7 and verify the translation. Our translation verification methodology is a lightweight formal validation technique that generates large-scale instruction emulation test lemmas whose proof obligations are automatically discharged. To demonstrate our verification methodology, we apply the technique on two OSes: Google's Zircon and a subset of Linux. We extract a set of 370 functions from these OSes, translate them into PVS7, and verify the correctness of the translation by automatically discharging hundreds of thousands of proof obligations and tests. This took 27.5 person-months to develop.

Taher, Bahaa Hussein, Wei, Lu Hong, Yassin, Ali A..  2018.  Flexible and Efficient Authentication of IoT Cloud Scheme Using Crypto Hash Function. Proceedings of the 2018 2Nd International Conference on Computer Science and Artificial Intelligence. :487–494.
The Internet of Things and cloud computing (IoT Cloud) have a wide resonance in the Internet and modern communication technology, which allows laptops, phones, sensors, embedded devices, and other things to connect and exchange information via the Internet. Therefore, IoT Cloud offers several facilities, such as resources, storage, sharing, exchange, and communication. However, IoT Cloud suffers from security problems, which are a vital issue in the information technology world. All embedded devices in IoT Cloud need to be supported by strong authentication and preservation of privacy data during information exchange via the IoT Cloud environment. Malicious attacks (such as replay, man-in-the-middle [MITM], and impersonation attacks) play the negative role of obtaining important information of devices. In this study, we propose a good scheme that overcomes the mentioned issues by resisting well-known attacks, such as MITM, insider, offline password guessing, dictionary, replay, and eavesdropping. Our work achieves device anonymity, forward secrecy, confidentiality, and mutual authentication. Security and performance analyses show that our proposed scheme is more efficient, flexible, and secure with respect to several known attacks compared with related schemes.
Taher, Kazi Abu, Nahar, Tahmin, Hossain, Syed Akhter.  2019.  Enhanced Cryptocurrency Security by Time-Based Token Multi-Factor Authentication Algorithm. 2019 International Conference on Robotics,Electrical and Signal Processing Techniques (ICREST). :308–312.
A noble multi-factor authentication (MFA) algorithm is developed for the security enhancement of the Cryptocurrency (CR). The main goal of MFA is to set up extra layer of safeguard while seeking access to a targets such as physical location, computing device, network or database. MFA security scheme requires more than one method for the validation from commutative family of credentials to verify the user for a transaction. MFA can reduce the risk of using single level password authentication by introducing additional factors of authentication. MFA can prevent hackers from gaining access to a particular account even if the password is compromised. The superfluous layer of security introduced by MFA offers additional security to a user. MFA is implemented by using time-based onetime password (TOTP) technique. For logging to any entity with MFA enabled, the user first needs username and password, as a second factor, the user then needs the MFA token to virtually generate a TOTP. It is found that MFA can provide a better means of secured transaction of CR.
Taher, Kazi Abu, Mohammed Yasin Jisan, Billal, Rahman, Md. Mahbubur.  2019.  Network Intrusion Detection using Supervised Machine Learning Technique with Feature Selection. 2019 International Conference on Robotics,Electrical and Signal Processing Techniques (ICREST). :643–646.
A novel supervised machine learning system is developed to classify network traffic whether it is malicious or benign. To find the best model considering detection success rate, combination of supervised learning algorithm and feature selection method have been used. Through this study, it is found that Artificial Neural Network (ANN) based machine learning with wrapper feature selection outperform support vector machine (SVM) technique while classifying network traffic. To evaluate the performance, NSL-KDD dataset is used to classify network traffic using SVM and ANN supervised machine learning techniques. Comparative study shows that the proposed model is efficient than other existing models with respect to intrusion detection success rate.
Taherkordi, Amir, Herrmann, Peter.  2018.  Pervasive Smart Contracts for Blockchains in IoT Systems. Proceedings of the 2018 International Conference on Blockchain Technology and Application. :6–11.

Thanks to its decentralized structure and immutability, blockchain technology has the potential to address relevant security and privacy challenges in the Internet of Things (IoT). In particular, by hosting and executing smart contracts, blockchain allows secure, flexible, and traceable message communication between IoT devices. The unique characteristics of IoT systems, such as heterogeneity and pervasiveness, however, pose challenges in designing smart contracts for such systems. In this paper, we study these challenges and propose a design approach for smart contracts used in IoT systems. The main goal of our design model is to enhance the development of IoT smart contracts based on the inherent pervasive attributes of IoT systems. In particular, the design model allows the smart contracts to encapsulate functionalities such as contractlevel communication between IoT devices, access to data-sources within contracts, and interoperability of heterogeneous IoT smart contracts. The essence of our approach is structuring the design of IoT smart contracts as self-contained software services, inspired by the microservice architecture model. The flexibility, scalability and modularity of this model make it an efficient approach for developing pervasive IoT smart contracts.

Tahir, Faiza, Nasir, Samra, Khalid, Zainab.  2019.  Privacy-Preserving Authentication Protocol based on Hybrid Cryptography for VANETs. 2019 International Conference on Applied and Engineering Mathematics (ICAEM). :80–85.
The key concerns in VANET communication are the security and privacy of the vehicles involved, but at the same time an efficient way to provide non-repudiation in the ad-hoc network is an important requirement. Most schemes proposed are using public key infrastructure (PKI) or symmetric key encryption to achieve security in VANET; both individually lack in serving the required purpose of providing privacy preservation of the involved On-Board Units (OBUs) (while still being able to offer non-repudiation) and amount to very sizeable overheads in computation. This paper proposes a privacy-preserving authentication protocol that employs hybrid cryptography, using the best features of PKI and symmetric cryptography to form a protocol that is scalable, efficient and offers services of integrity, non-repudiation, conditional privacy, and unlinkability; while still keeping the computational overhead at a reasonable level. The performance and security analysis of this scheme is provided to support the propositions.
Tahir, Muhammad Usman, Rehman, Rana Asif.  2018.  CUIF: Control of Useless Interests Flooding in Vehicular Named Data Networks. 2018 International Conference on Frontiers of Information Technology (FIT). :303–308.
Now-a-days vehicular information network technology is receiving a lot of attention due to its practical as well as safety related applications. By using this technology, participating vehicles can communicate among themselves on the road in order to obtain any interested data or emergency information. In Vehicular Ad-Hoc Network (VANET), due to the fast speed of the vehicles, the traditional host centric approach (i.e. TCP/IP) fails to provide efficient and robust communication between large number of vehicles. Therefore, Named Data Network (NDN) newly proposed Internet architecture is applied in VANET, named as VNDN. In which, the vehicles can communicate with the help of content name rather than vehicle address. In this paper, we explored the concepts and identify the main packet forwarding issues in VNDN. Furthermore, we proposed a protocol, named Control of Useless Interests Flooding (CUIF) in Vehicular Named Data Network. In which, it provides the best and efficient communication environment to users while driving on the highway. CUIF scheme reduces the Interest forwarding storm over the network and control the flooding of useless packets against the direction of a Producer vehicle. Our simulation results show that CUIF scheme decreases the number of outgoing Interest packets as well as data download time in the network.
Tahir, Rashid, Durrani, Sultan, Ahmed, Faizan, Saeed, Hammas, Zaffar, Fareed, Ilyas, Saqib.  2019.  The Browsers Strike Back: Countering Cryptojacking and Parasitic Miners on the Web. IEEE INFOCOM 2019 - IEEE Conference on Computer Communications. :703—711.

With the recent boom in the cryptocurrency market, hackers have been on the lookout to find novel ways of commandeering users' machine for covert and stealthy mining operations. In an attempt to expose such under-the-hood practices, this paper explores the issue of browser cryptojacking, whereby miners are secretly deployed inside browser code without the knowledge of the user. To this end, we analyze the top 50k websites from Alexa and find a noticeable percentage of sites that are indulging in this exploitative exercise often using heavily obfuscated code. Furthermore, mining prevention plug-ins, such as NoMiner, fail to flag such cleverly concealed instances. Hence, we propose a machine learning solution based on hardware-assisted profiling of browser code in real-time. A fine-grained micro-architectural footprint allows us to classify mining applications with \textbackslashtextgreater99% accuracy and even flags them if the mining code has been heavily obfuscated or encrypted. We build our own browser extension and show that it outperforms other plug-ins. The proposed design has negligible overhead on the user's machine and works for all standard off-the-shelf CPUs.

Tahsini, A., Dunstatter, N., Guirguis, M., Ahmed, C. M..  2020.  DeepBLOC: A Framework for Securing CPS through Deep Reinforcement Learning on Stochastic Games. 2020 IEEE Conference on Communications and Network Security (CNS). :1–9.

One important aspect in protecting Cyber Physical System (CPS) is ensuring that the proper control and measurement signals are propagated within the control loop. The CPS research community has been developing a large set of check blocks that can be integrated within the control loop to check signals against various types of attacks (e.g., false data injection attacks). Unfortunately, it is not possible to integrate all these “checks” within the control loop as the overhead introduced when checking signals may violate the delay constraints of the control loop. Moreover, these blocks do not completely operate in isolation of each other as dependencies exist among them in terms of their effectiveness against detecting a subset of attacks. Thus, it becomes a challenging and complex problem to assign the proper checks, especially with the presence of a rational adversary who can observe the check blocks assigned and optimizes her own attack strategies accordingly. This paper tackles the inherent state-action space explosion that arises in securing CPS through developing DeepBLOC (DB)-a framework in which Deep Reinforcement Learning algorithms are utilized to provide optimal/sub-optimal assignments of check blocks to signals. The framework models stochastic games between the adversary and the CPS defender and derives mixed strategies for assigning check blocks to ensure the integrity of the propagated signals while abiding to the real-time constraints dictated by the control loop. Through extensive simulation experiments and a real implementation on a water purification system, we show that DB achieves assignment strategies that outperform other strategies and heuristics.

Tai, J., Alsmadi, I., Zhang, Y., Qiao, F..  2020.  Machine Learning Methods for Anomaly Detection in Industrial Control Systems. 2020 IEEE International Conference on Big Data (Big Data). :2333—2339.

This paper examines multiple machine learning models to find the model that best indicates anomalous activity in an industrial control system that is under a software-based attack. The researched machine learning models are Random Forest, Gradient Boosting Machine, Artificial Neural Network, and Recurrent Neural Network classifiers built-in Python and tested against the HIL-based Augmented ICS dataset. Although the results showed that Random Forest, Gradient Boosting Machine, Artificial Neural Network, and Long Short-Term Memory classification models have great potential for anomaly detection in industrial control systems, we found that Random Forest with tuned hyperparameters slightly outperformed the other models.