Visible to the public Biblio

Found 284 results

Filters: Keyword is Software  [Clear All Filters]
2020-07-30
Jiang, Tao, Hu, Shuijing.  2019.  Intellectual Property Protection for AI-Related Inventions in Japan. 2019 International Conference on Virtual Reality and Intelligent Systems (ICVRIS). :286—289.
To increase the possibility of patent entitled of artificial intelligence related inventions at the Japanese patent office, this paper analyzes the Japanese patent act and patent examination guidelines. The approach for assessing whether a computer related invention belongs to a eligible subject-matter includes two steps. The first step is whether a computer related invention meets the definition of an "invention" that is "creation of a technical idea utilizing the laws of nature" . The second step is whether a computer related invention meets "idea based on the standpoint of software" . From the perspective of patent analysis, Japan's artificial intelligence technology is leading the world, second only to the United States. In this field, the Japanese patent office is one of the most important intellectual property offices, and its legislation and practice of patent eligibility review for artificial intelligence related inventions have an important impact on the world.
2020-07-27
Xu, Shuiling, Ji, Xinsheng, Liu, Wenyan.  2019.  Enhancing the Reliability of NFV with Heterogeneous Backup. 2019 IEEE 3rd Information Technology, Networking, Electronic and Automation Control Conference (ITNEC). :923–927.
Virtual network function provides tenant with flexible and scalable end-to-end service chaining in the cloud computing and data center environments. However, comparing with traditional hardware network devices, the uncertainty caused by software and virtualization of Network Function Virtualization expands the attack surface, making the network node vulnerable to a certain types of attacks. The existing approaches for solving the problem of reliability are able to reduce the impact of failure of physical devices, but pay little attention to the attack scenario, which could be persistent and covert. In this paper, a heterogeneous backup strategy is brought up, enhancing the intrusion tolerance of NFV SFC by dynamically switching the VNF executor. The validity of the method is verified by simulation and game theory analysis.
2020-07-24
Luzhnov, Vasiliy S., Sokolov, Alexander N., Barinov, Andrey E..  2019.  Simulation of Protected Industrial Control Systems Based on Reference Security Model using Weighted Oriented Graphs. 2019 International Russian Automation Conference (RusAutoCon). :1—5.
With the increase in the number of cyber attacks on industrial control systems, especially in critical infrastructure facilities, the problem of comprehensive analysis of the security of such systems becomes urgent. This, in turn, requires the availability of fundamental mathematical, methodological and instrumental basis for modeling automated systems, modeling attacks on their information resources, which would allow realtime system protection analysis. The paper proposes a basis for simulating protected industrial control systems, based on the developed reference security model, and a model for attacks on information resources of automated systems. On the basis of these mathematical models, a complex model of a protected automated system was developed, which can be used to build protection systems for automated systems used in production.
2020-07-20
Lee, Seungkwang, Kim, Taesung, Kang, Yousung.  2018.  A Masked White-Box Cryptographic Implementation for Protecting Against Differential Computation Analysis. IEEE Transactions on Information Forensics and Security. 13:2602–2615.
Recently, gray-box attacks on white-box cryptographic implementations have succeeded. These attacks are more efficient than white-box attacks because they can be performed without detailed knowledge of the target implementation. The success of the gray-box attack is reportedly due to the unbalanced encodings used to generate the white-box lookup table. In this paper, we propose a method to protect the gray-box attack against white-box implementations. The basic idea is to apply the masking technique before encoding intermediate values during the white-box lookup table generation. Because we do not require any random source in runtime, it is possible to perform efficient encryption and decryption using our method. The security and performance analysis shows that the proposed method can be a reliable and efficient countermeasure.
Fowler, Daniel S., Bryans, Jeremy, Cheah, Madeline, Wooderson, Paul, Shaikh, Siraj A..  2019.  A Method for Constructing Automotive Cybersecurity Tests, a CAN Fuzz Testing Example. 2019 IEEE 19th International Conference on Software Quality, Reliability and Security Companion (QRS-C). :1–8.
There is a need for new tools and techniques to aid automotive engineers performing cybersecurity testing on connected car systems. This is in order to support the principle of secure-by-design. Our research has produced a method to construct useful automotive security tooling and tests. It has been used to implement Controller Area Network (CAN) fuzz testing (a dynamic security test) via a prototype CAN fuzzer. The black-box fuzz testing of a laboratory vehicle's display ECU demonstrates the value of a fuzzer in the automotive field, revealing bugs in the ECU software, and weaknesses in the vehicle's systems design.
2020-07-16
Ciupe, Aurelia, Mititica, Doru Florin, Meza, Serban, Orza, Bogdan.  2019.  Learning Agile with Intelligent Conversational Agents. 2019 IEEE Global Engineering Education Conference (EDUCON). :1100—1107.

Conversational agents assist traditional teaching-learning instruments in proposing new designs for knowledge creation and learning analysis, across organizational environments. Means of building common educative background in both industry and academic fields become of interest for ensuring educational effectiveness and consistency. Such a context requires transferable practices and becomes the basis for the Agile adoption into Higher Education, at both curriculum and operational levels. The current work proposes a model for delivering Agile Scrum training through an assistive web-based conversational service, where analytics are collected to provide an overview on learners' knowledge path. Besides its specific applicability into Software Engineering (SE) industry, the model is to assist the academic SE curriculum. A user-acceptance test has been carried out among 200 undergraduate students and patterns of interaction have been depicted for 2 conversational strategies.

Khatamifard, S. Karen, Wang, Longfei, Das, Amitabh, Kose, Selcuk, Karpuzcu, Ulya R..  2019.  POWERT Channels: A Novel Class of Covert CommunicationExploiting Power Management Vulnerabilities. 2019 IEEE International Symposium on High Performance Computer Architecture (HPCA). :291—303.

To be able to meet demanding application performance requirements within a tight power budget, runtime power management must track hardware activity at a very fine granularity in both space and time. This gives rise to sophisticated power management algorithms, which need the underlying system to be both highly observable (to be able to sense changes in instantaneous power demand timely) and controllable (to be able to react to changes in instantaneous power demand timely). The end goal is allocating the power budget, which itself represents a very critical shared resource, in a fair way among active tasks of execution. Fundamentally, if not carefully managed, any system-wide shared resource can give rise to covert communication. Power budget does not represent an exception, particularly as systems are becoming more and more observable and controllable. In this paper, we demonstrate how power management vulnerabilities can enable covert communication over a previously unexplored, novel class of covert channels which we will refer to as POWERT channels. We also provide a comprehensive characterization of the POWERT channel capacity under various sharing and activity scenarios. Our analysis based on experiments on representative commercial systems reveal a peak channel capacity of 121.6 bits per second (bps).

Ma, Siyou, Feng, Gao, Yan, Yunqiang.  2019.  Study on Hybrid Collaborative Simulation Testing Method Towards CPS. 2019 IEEE 19th International Conference on Software Quality, Reliability and Security Companion (QRS-C). :51—56.

CPS is generally complex to study, analyze, and design, as an important means to ensure the correctness of design and implementation of CPS system, simulation test is difficult to fully test, verify and evaluate the components or subsystems in the CPS system due to the inconsistent development progress of the com-ponents or subsystems in the CPS system. To address this prob-lem, we designed a hybrid P2P based collaborative simulation test framework composed of full physical nodes, hardware in the loop(HIL) nodes and full digital nodes to simulate the compo-nents or subsystems in the CPS system of different development progress, based on the framework, we then proposed collabora-tive simulation control strategy comprising sliding window based clock synchronization, dynamic adaptive time advancement and multi-priority task scheduling with preemptive time threshold. Experiments showed that the hybrid collaborative simulation testing method proposed in this paper can fully test CPS more effectively.

2020-07-06
Tripathi, Dipty, Maurya, Ashish Kumar, Chaturvedi, Amrita, Tripathi, Anil Kumar.  2019.  A Study of Security Modeling Techniques for Smart Systems. 2019 International Conference on Machine Learning, Big Data, Cloud and Parallel Computing (COMITCon). :87–92.
The term “smart” has been used in many ways for describing systems and infrastructure such as smart city, smart home, smart grid, smart meter, etc. These systems may lie in the domain of critical security systems where security can be estimated in terms of confidentiality, integrity and some cases may involve availability for protection against the theft or damage of system resources as well as disruption of the system services. Although, in spite of, being a hot topic to enhance the quality of life, there is no concrete definition of what smart system is and what should be the characteristics of it. Thus, there is a need to identify what these systems actually are and how they can be designed securely. This work firstly attempts to describe attributes related to the smartness to define smart systems. Furthermore, we propose a secure smart system development life cycle, where the security is weaved at all the development phase of smart systems according to principles, guidelines, attack patterns, risk, vulnerability, exploits, and defined rules. Finally, the comparative study is performed for evaluation of traditional security modeling techniques for early assessment of threats and risks in smart systems.
Frias, Alex Davila, Yodo, Nita, Yadav, Om Prakash.  2019.  Mixed-Degradation Profiles Assessment of Critical Components in Cyber-Physical Systems. 2019 Annual Reliability and Maintainability Symposium (RAMS). :1–6.
This paper presents a general model to assess the mixed-degradation profiles of critical components in a Cyber-Physical System (CPS) based on the reliability of its critical physical and software components. In the proposed assessment, the cyber aspect of a CPS was approached from a software reliability perspective. Although extensive research has been done on physical components degradation and software reliability separately, research for the combined physical-software systems is still scarce. The non-homogeneous Poisson Processes (NHPP) software reliability models are deemed to fit well with the real data and have descriptive and predictive abilities, which could make them appropriate to estimate software components reliability. To show the feasibility of the proposed approach, a case study for mixed-degradation profiles assessment is presented with n physical components and one major software component forming a critical subsystem in CPS. Two physical components were assumed to have different degradation paths with the dependency between them. Series and parallel structures were investigated for physical components. The software component failure data was taken from a wireless network switching center and fitted into a Weibull software reliability model. The case study results revealed that mix-degradation profiles of physical components, combined with software component profile, produced a different CPS reliability profile.
2020-07-03
León, Raquel, Domínguez, Adrián, Carballo, Pedro P., Núñez, Antonio.  2019.  Deep Packet Inspection Through Virtual Platforms using System-On-Chip FPGAs. 2019 XXXIV Conference on Design of Circuits and Integrated Systems (DCIS). :1—6.

Virtual platforms provide a full hardware/software platform to study device limitations in an early stages of the design flow and to develop software without requiring a physical implementation. This paper describes the development process of a virtual platform for Deep Packet Inspection (DPI) hardware accelerators by using Transaction Level Modeling (TLM). We propose two DPI architectures oriented to System-on-Chip FPGA. The first architecture, CPU-DMA based architecture, is a hybrid CPU/FPGA where the packets are filtered in the software domain. The second architecture, Hardware-IP based architecture, is mainly implemented in the hardware domain. We have created two virtual platforms and performed the simulation, the debugging and the analysis of the hardware/software features, in order to compare results for both architectures.

2020-06-29
Kaljic, Enio, Maric, Almir, Njemcevic, Pamela.  2019.  DoS attack mitigation in SDN networks using a deeply programmable packet-switching node based on a hybrid FPGA/CPU data plane architecture. 2019 XXVII International Conference on Information, Communication and Automation Technologies (ICAT). :1–6.
The application of the concept of software-defined networks (SDN) has, on the one hand, led to the simplification and reduction of switches price, and on the other hand, has created a significant number of problems related to the security of the SDN network. In several studies was noted that these problems are related to the lack of flexibility and programmability of the data plane, which is likely first to suffer potential denial-of-service (DoS) attacks. One possible way to overcome this problem is to increase the flexibility of the data plane by increasing the depth of programmability of the packet-switching nodes below the level of flow table management. Therefore, this paper investigates the opportunity of using the architecture of deeply programmable packet-switching nodes (DPPSN) in the implementation of a firewall. Then, an architectural model of the firewall based on a hybrid FPGA/CPU data plane architecture has been proposed and implemented. Realized firewall supports three models of DoS attacks mitigation: DoS traffic filtering on the output interface, DoS traffic filtering on the input interface, and DoS attack redirection to the honeypot. Experimental evaluation of the implemented firewall has shown that DoS traffic filtering at the input interface is the best strategy for DoS attack mitigation, which justified the application of the concept of deep network programmability.
2020-06-26
Puccetti, Armand.  2019.  The European H2020 project VESSEDIA (Verification Engineering of Safety and SEcurity critical Dynamic Industrial Applications). 2019 22nd Euromicro Conference on Digital System Design (DSD). :588—591.

This paper presents an overview of the H2020 project VESSEDIA [9] aimed at verifying the security and safety of modern connected systems also called IoT. The originality relies in using Formal Methods inherited from high-criticality applications domains to analyze the source code at different levels of intensity, to gather possible faults and weaknesses. The analysis methods are mostly exhaustive an guarantee that, after analysis, the source code of the application is error-free. This paper is structured as follows: after an introductory section 1 giving some factual data, section 2 presents the aims and the problems addressed; section 3 describes the project's use-cases and section 4 describes the proposed approach for solving these problems and the results achieved until now; finally, section 5 discusses some remaining future work.

Pandey, Jai Gopal, Mitharwal, Chhavi, Karmakar, Abhijit.  2019.  An RNS Implementation of the Elliptic Curve Cryptography for IoT Security. 2019 First IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications (TPS-ISA). :66—72.

Public key cryptography plays a vital role in many information and communication systems for secure data transaction, authentication, identification, digital signature, and key management purpose. Elliptic curve cryptography (ECC) is a widely used public key cryptographic algorithm. In this paper, we propose a hardware-software codesign implementation of the ECC cipher. The algorithm is modelled in C language. Compute-intensive components are identified for their efficient hardware implementations. In the implementation, residue number system (RNS) with projective coordinates are utilized for performing the required arithmetic operations. To manage the hardware-software codeign in an integrated fashion Xilinx platform studio tool and Virtex-5 xc5vfx70t device based platform is utilized. An application of the implementation is demonstrated for encryption of text and its respective decryption over prime fields. The design is useful for providing an adequate level of security for IoTs.

2020-06-22
Long, Yihong, Cheng, Minyang.  2019.  Secret Sharing Based SM2 Digital Signature Generation using Homomorphic Encryption. 2019 15th International Conference on Computational Intelligence and Security (CIS). :252–256.
SM2 is an elliptic curve public key cryptography algorithm released by the State Cryptography Administration of China. It includes digital signature, data encryption and key exchange schemes. To meet specific application requirements, such as to protect the user's private key in software only implementation, and to facilitate secure cloud cryptography computing, secret sharing based SM2 signature generation schemes have been proposed in the literature. In this paper a new such kind of scheme based upon additively homomorphic encryption is proposed. The proposed scheme overcomes the drawback that the existing schemes have and is more secure. It is useful in various application scenarios.
2020-06-15
ALshukri, Dawoud, R, Vidhya Lavanya, P, Sumesh E, Krishnan, Pooja.  2019.  Intelligent Border Security Intrusion Detection using IoT and Embedded systems. 2019 4th MEC International Conference on Big Data and Smart City (ICBDSC). :1–3.
Border areas are generally considered as places where great deal of violence, intrusion and cohesion between several parties happens. This often led to danger for the life of employees, soldiers and common man working or living in border areas. Further geographical conditions like mountains, snow, forest, deserts, harsh weather and water bodies often lead to difficult access and monitoring of border areas. Proposed system uses thermal imaging camera (FLIR) for detection of various objects and infiltrators. FLIR is assigned an IP address and connected through local network to the control center. Software code captures video and subsequently the intrusion detection. A motor controlled spotlight with infrared and laser gun is used to illuminate under various conditions at the site. System also integrates sound sensor to detect specific sounds and motion sensors to sense suspicious movements. Based on the decision, a buzzer and electric current through fence for further protection can be initiated. Sensors are be integrated through IoT for an efficient control of large border area and connectivity between sites.
2020-06-08
Hovhannes, H. Hakobyan, Arman, V. Vardumyan, Harutyun, T. Kostanyan.  2019.  Unit Regression Test Selection According To Different Hashing Algorithms. 2019 IEEE East-West Design Test Symposium (EWDTS). :1–4.
An approach for effective regression test selection is proposed, which minimizes the resource usage and amount of time required for complete testing of new features. Provided are the details of the analysis of hashing algorithms used during implementation in-depth review of the software, together with the results achieved during the testing process.
2020-06-04
Asiri, Somayah, Alzahrani, Ahmad A..  2019.  The Effectiveness of Mixed Reality Environment-Based Hand Gestures in Distributed Collaboration. 2019 2nd International Conference on Computer Applications Information Security (ICCAIS). :1—6.

Mixed reality (MR) technologies are widely used in distributed collaborative learning scenarios and have made learning and training more flexible and intuitive. However, there are many challenges in the use of MR due to the difficulty in creating a physical presence, particularly when a physical task is being performed collaboratively. We therefore developed a novel MR system to overcomes these limitations and enhance the distributed collaboration user experience. The primary objective of this paper is to explore the potential of a MR-based hand gestures system to enhance the conceptual architecture of MR in terms of both visualization and interaction in distributed collaboration. We propose a synchronous prototype named MRCollab as an immersive collaborative approach that allows two or more users to communicate with a peer based on the integration of several technologies such as video, audio, and hand gestures.

Briggs, Shannon, Perrone, Michael, Peveler, Matthew, Drozdal, Jaimie, Balagyozyan, Lilit, Su, Hui.  2019.  Multimodal, Multiuser Immersive Brainstorming and Scenario Planning for Intelligence Analysis. 2019 IEEE International Symposium on Technologies for Homeland Security (HST). :1—4.

This paper discusses two pieces of software designed for intelligence analysis, the brainstorming tool and the Scenario Planning Advisor. These tools were developed in the Cognitive Immersive Systems Lab (CISL) in conjunction with IBM. We discuss the immersive environment the tools are situated in, and the proposed benefit for intelligence analysis.

2020-05-22
Khadilkar, Kunal, Kulkarni, Siddhivinayak, Bone, Poojarani.  2018.  Plagiarism Detection Using Semantic Knowledge Graphs. 2018 Fourth International Conference on Computing Communication Control and Automation (ICCUBEA). :1—6.

Every day, huge amounts of unstructured text is getting generated. Most of this data is in the form of essays, research papers, patents, scholastic articles, book chapters etc. Many plagiarism softwares are being developed to be used in order to reduce the stealing and plagiarizing of Intellectual Property (IP). Current plagiarism softwares are mainly using string matching algorithms to detect copying of text from another source. The drawback of some of such plagiarism softwares is their inability to detect plagiarism when the structure of the sentence is changed. Replacement of keywords by their synonyms also fails to be detected by these softwares. This paper proposes a new method to detect such plagiarism using semantic knowledge graphs. The method uses Named Entity Recognition as well as semantic similarity between sentences to detect possible cases of plagiarism. The doubtful cases are visualized using semantic Knowledge Graphs for thorough analysis of authenticity. Rules for active and passive voice have also been considered in the proposed methodology.

Chen, Jing, Tong, Wencan, Li, Xiaojian, Jiang, Yiyi, Zhu, Liyu.  2019.  A Survey of Time-varying Structural Modeling to Accountable Cloud Services. 2019 IEEE International Conference on Computation, Communication and Engineering (ICCCE). :9—12.

Cloud service has the computing characteristics of self-organizing strain on demand, which is prone to failure or loss of responsibility in its extensive application. In the prediction or accountability of this, the modeling of cloud service structure becomes an insurmountable priority. This paper reviews the modeling of cloud service network architecture. It mainly includes: Firstly, the research status of cloud service structure modeling is analyzed and reviewed. Secondly, the classification of time-varying structure of cloud services and the classification of time-varying structure modeling methods are summarized as a whole. Thirdly, it points out the existing problems. Finally, for cloud service accountability, research approach of time-varying structure modeling is proposed.

2020-05-18
Sharma, Sarika, Kumar, Deepak.  2019.  Agile Release Planning Using Natural Language Processing Algorithm. 2019 Amity International Conference on Artificial Intelligence (AICAI). :934–938.
Once the requirement is gathered in agile, it is broken down into smaller pre-defined format called user stories. These user stories are then scoped in various sprint releases and delivered accordingly. Release planning in Agile becomes challenging when the number of user stories goes up in hundreds. In such scenarios it is very difficult to manually identify similar user stories and package them together into a release. Hence, this paper suggests application of natural language processing algorithms for identifying similar user stories and then scoping them into a release This paper takes the approach to build a word corpus for every project release identified in the project and then to convert the provided user stories into a vector of string using Java utility for calculating top 3 most occurring words from the given project corpus in a user story. Once all the user stories are represented as vector array then by using RV coefficient NLP algorithm the user stories are clustered into various releases of the software project. Using the proposed approach, the release planning for large and complex software engineering projects can be simplified resulting into efficient planning in less time. The automated commercial tools like JIRA and Rally can be enhanced to include suggested algorithms for managing release planning in Agile.
Kadebu, Prudence, Thada, Vikas, Chiurunge, Panashe.  2018.  Natural Language Processing and Deep Learning Towards Security Requirements Classification. 2018 3rd International Conference on Contemporary Computing and Informatics (IC3I). :135–140.
Security Requirements classification is an important area to the Software Engineering community in order to build software that is secure, robust and able to withstand attacks. This classification facilitates proper analysis of security requirements so that adequate security mechanisms are incorporated in the development process. Machine Learning techniques have been used in Security Requirements classification to aid in the process that lead to ensuring that correct security mechanisms are designed corresponding to the Security Requirements classifications made to eliminate the risk of security being incorporated in the late stages of development. However, these Machine Learning techniques have been found to have problems including, handcrafting of features, overfitting and failure to perform well with high dimensional data. In this paper we explore Natural Language Processing and Deep Learning to determine if this can be applied to Security Requirements classification.
2020-05-15
Khorsandroo, Sajad, Tosun, Ali Saman.  2018.  Time Inference Attacks on Software Defined Networks: Challenges and Countermeasures. 2018 IEEE 11th International Conference on Cloud Computing (CLOUD). :342—349.

Through time inference attacks, adversaries fingerprint SDN controllers, estimate switches flow-table size, and perform flow state reconnaissance. In fact, timing a SDN and analyzing its results can expose information which later empowers SDN resource-consumption or saturation attacks. In the real world, however, launching such attacks is not easy. This is due to some challenges attackers may encounter while attacking an actual SDN deployment. These challenges, which are not addressed adequately in the related literature, are investigated in this paper. Accordingly, practical solutions to mitigate such attacks are also proposed. Discussed challenges are clarified by means of conducting extensive experiments on an actual cloud data center testbed. Moreover, mitigation schemes have been implemented and examined in details. Experimental results show that proposed countermeasures effectively block time inference attacks.

Kelly, Jonathan, DeLaus, Michael, Hemberg, Erik, O’Reilly, Una-May.  2019.  Adversarially Adapting Deceptive Views and Reconnaissance Scans on a Software Defined Network. 2019 IFIP/IEEE Symposium on Integrated Network and Service Management (IM). :49—54.

To gain strategic insight into defending against the network reconnaissance stage of advanced persistent threats, we recreate the escalating competition between scans and deceptive views on a Software Defined Network (SDN). Our threat model presumes the defense is a deceptive network view unique for each node on the network. It can be configured in terms of the number of honeypots and subnets, as well as how real nodes are distributed across the subnets. It assumes attacks are NMAP ping scans that can be configured in terms of how many IP addresses are scanned and how they are visited. Higher performing defenses detect the scanner quicker while leaking as little information as possible while higher performing attacks are better at evading detection and discovering real nodes. By using Artificial Intelligence in the form of a competitive coevolutionary genetic algorithm, we can analyze the configurations of high performing static defenses and attacks versus their evolving adversary as well as the optimized configuration of the adversary itself. When attacks and defenses both evolve, we can observe that the extent of evolution influences the best configurations.