Biblio

In recent years, ICN (Information-Centric Networking) has been under the spotlight as a network that mainly focuses on transmitted and received data rather than on the hosts that transmit and receive data. Generally, the communication networks such as ICNs are required to be robust against network failures caused by attacks and disasters. One of the metrics for the robustness of conventional host-centric networks, e.g., TCP/IP network, is reachability between nodes in the network after network failures, whereas the key metric for the robustness of ICNs is content availability. In this paper, we focus on an arbitrary ICN network and derive the content availability for a given probability of node removal. Especially, we analytically obtain the average content availability over an entire network in the case where just a single path from a node to a repository, i.e., contents server, storing contents is available and where multiple paths to the repository are available, respectively. Furthermore, through several numerical evaluations, we investigate the effect of the structure of network topology as well as the pattern and scale of the network failures on the content availability in ICN. Our findings include that, regardless of patterns of network failures, the content availability is significantly improved by caching contents at routers and using multiple paths, and that the content availability is more degraded at cluster-based node removal compared with random node removal.

Since remote ages, queues and delays have been a rather exasperating reality of human daily life. Today, they pursue us everywhere: in technical, social, socio-technical, and even control systems, dramatically deteriorating their performance. In this variety, it is the computer systems that are sure to cause the growing anxiety in our digital era. Although for our everyday Internet surfing, experiencing long-lasting and annoying delays is an unpleasant but not dangerous situation, for industrial control systems, especially those dealing with critical infrastructures, such behavior is unacceptable. The article presents a deterministic approach to solving some digital control system problems associated with delays and backlogs. Being based on Network calculus, in contrast to statistical methods of Queuing theory, it provides worst-case results, which are eminently desirable for critical infrastructures. The article covers the basics of a theory of deterministic queuing systems Network calculus, its evolution regarding the relationship between backlog bound and delay, and a technique for handling empirical data. The problems being solved by the deterministic approach: standard calculation of network performance measures, estimation of database maximum updating time, and cybersecurity assessment including such issues as the CIA triad representation, operational technology influence, and availability understanding focusing on its correlation with a delay are thoroughly discussed as well.

Computer networks and surging advancements of innovative information technology construct a critical infrastructure for network transactions of business entities. Information exchange and data access though such infrastructure is scrutinized by adversaries for vulnerabilities that lead to cyber-attacks. This paper presents an agent-based system modelling to conceptualize and extract explicit and latent structure of the complex enterprise systems as well as human interactions within the system to determine common vulnerabilities of the entity. The model captures emergent behavior resulting from interactions of multiple network agents including the number of workstations, regular, administrator and third-party users, external and internal attacks, defense mechanisms for the network setting, and many other parameters. A risk-based approach to modelling cybersecurity of a business entity is utilized to derive the rate of attacks. A neural network model will generalize the type of attack based on network traffic features allowing dynamic state changes. Rules of engagement to generate self-organizing behavior will be leveraged to appoint a defense mechanism suitable for the attack-state of the model. The effectiveness of the model will be depicted by time-state chart that shows the number of affected assets for the different types of attacks triggered by the entity risk and the time it takes to revert into normal state. The model will also associate a relevant cost per incident occurrence that derives the need for enhancement of security solutions.

Privacy preservation is one of the greatest concerns when data is shared between different organizations. On the one hand, releasing data for research purposes is inevitable. On the other hand, sharing this data can jeopardize users' privacy. An effective solution, for the sharing organizations, is to use anonymization techniques to hide the users' sensitive information. One of the most popular anonymization techniques is k-Anonymization in which any data record is indistinguishable from at least k-1 other records. However, one of the fundamental challenges in choosing the value of k is the trade-off between achieving a higher privacy and the information loss associated with the anonymization. In this paper, the problem of choosing the optimal anonymization level for k-anonymization, under possible attacks, is studied when multiple organizations share their data to a common platform. In particular, two common types of attacks are considered that can target the k-anonymization technique. To this end, a novel game-theoretic framework is proposed to model the interactions between the sharing organizations and the attacker. The problem is formulated as a static game and its different Nash equilibria solutions are analytically derived. Simulation results show that the proposed framework can significantly improve the utility of the sharing organizations through optimizing the choice of k value.

The paper presents the concept of applying a game theory approach in infrastructure of wireless dynamic networks to counter computer attacks. The applying of this approach will allow to create mechanism for adaptive reconfiguration of network structure in the context of implementation various types of computer attacks and to provide continuous operation of network even in conditions of destructive information impacts.

The modular exponentiation is crucial to the RSA cryptographic protocol, and variants inspired by the Montgomery ladder have been studied to provide more secure algorithms. In this paper, we abstract away the iterative conditional branching used in the Montgomery ladder, and formalize systems of equations necessary to obtain what we call the semi-interleaved and fully-interleaved ladder properties. In particular, we design fault-injection attacks able to obtain bits of the secret against semi-interleaved ladders, including the Montgomery ladder, but not against fully-interleaved ladders that are more secure. We also apply these equations to extend the Montgomery ladder for both the semi- and fully-interleaved cases, thus proposing novel and more secure algorithms to compute the modular exponentiation.

Provable Data Possession (PDP) is one of the data security techniques to make sure that the data stored in the cloud storage exists. In PDP, the integrity of the data stored in the cloud storage is probabilistically verified by the user or a third-party auditor. In the conventional PDP, the user creates the metadata used for audition. From the viewpoint of user convenience, it is desirable to be able to audit without operations other than uploading. In other words, the challenge is to provide a transparent PDP that verifies the integrity of files according to the general cloud storage system model so as not to add operations to users. We propose a scheme in which the cloud generates the metadata used during verification, and the user only uploads files. It is shown that the proposed scheme is resistant to the forgery of cloud proof and the acquisition of data by a third-party auditor.

In this paper, an adaptive scan chain structure based plaintext analysis technique is proposed. The technology is implemented by three circuits, including adaptive scan chain circuit, plaintext analysis circuit and controller circuit. The plaintext is analyzed whether meet the characteristics of the differential cryptanalysis in the plaintext analysis module. The adaptive scan chain contains MUX, XOR and traditional scan chain, which is easy to implement. If the last bit of two plaintexts differs by one, the adaptive scan chain is controlled to input them into different scan chain. Compared with complicated scan chain, the structure of adaptive scan chain is variable and can mislead attackers who use differential cryptanalysis attack. Through experimental analysis, it is proved that the security of the adaptive scan chain structure is greatly improved.

The current trend of IoT user is toward the use of services and data externally due to voluminous processing, which demands resourceful machines. Instead of relying on the cloud of poor connectivity or a limited bandwidth, the IoT user prefers to use a cloudlet-based fog computing. However, the choice of cloudlet is solely dependent on its trust and reliability. In practice, even though a cloudlet possesses a required trusted platform module (TPM), we argue that the presence of a TPM is not enough to make the cloudlet trustworthy as the TPM supports only the primitive security of the bootstrap. Besides uncertainty in security, other uncertain conditions of the network (e.g. network bandwidth, latency and expectation time to complete a service request for cloud-based services) may also prevail for the cloudlets. Therefore, in order to evaluate the trust value of multiple cloudlets under uncertainty, this paper broadly proposes the empirical process for evaluation of trust. This will be followed by a measure of trust-based reputation of cloudlets through computational intelligence such as fuzzy logic and ant colony optimization (ACO). In the process, fuzzy logic-based inference and membership evaluation of trust are presented. In addition, ACO and its pheromone communication across different colonies are being modeled with multiple cloudlets. Finally, a measure of affinity or popular trust and reputation of the cloudlets is also proposed. Together with the context of application under multiple cloudlets, the computationally intelligent approaches have been investigated in terms of performance. Hence the contribution is subjected towards building a trusted cloudlet-based fog platform.

This paper proposes a deep learning-based white-hat worm launcher in Botnet Defense System (BDS). BDS uses white-hat botnets to defend an IoT system against malicious botnets. White-hat worm launcher literally launches white-hat worms to create white-hat botnets according to the strategy decided by BDS. The proposed launcher learns with deep learning where is the white-hat worms' right place to successfully drive out malicious botnets. Given a system situation invaded by malicious botnets, it predicts a worms' placement by the learning result and launches them. We confirmed the effect of the proposed launcher through simulating evaluation.

We consider different models of malicious multiple access channels, especially for binary adder channel and for A-channel, and show how they can be used for the reformulation of digital fingerprinting coding problems. In particular, we propose a new model of multimedia fingerprinting coding. In the new model, not only zeroes and plus/minus ones but arbitrary coefficients of linear combinations of noise-like signals for forming watermarks (digital fingerprints) can be used. This modification allows dramatically increase the possible number of users with the property that if t or less malicious users create a forge digital fingerprint then a dealer of the system can find all of them with zero-error probability. We show how arisen problems are related to the compressed sensing problem.

Improved safety, high mobility and environmental concerns in transportation systems across the world and the corresponding developments in information and communication technologies continue to drive attention towards Intelligent Transportation Systems (ITS). This is evident in advanced driver-assistance systems such as lane departure warning, adaptive cruise control and collision avoidance. However, in connected and autonomous vehicles, the efficient functionality of these applications depends largely on the ability of a vehicle to accurately predict it operating parameters such as location and speed. The ability to predict the immediate future/next location (or speed) of a vehicle or its ability to predict neighbors help in guaranteeing integrity, availability and accountability, thus boosting safety and resiliency of the Vehicular Network for Mobile Cyber Physical Systems (VCPS). In this paper, we proposed a secure movement-prediction for connected vehicles by using Kalman filter. Specifically, Kalman filter predicts the locations and speeds of individual vehicles with reference to already observed and known information such posted legal speed limit, geographic/road location, direction etc. The aim is to achieve resilience through the predicted and exchanged information between connected moving vehicles in an adaptive manner. By being able to predict their future locations, the following vehicle is able to adjust its position more accurately to avoid collision and to ensure optimal information exchange among vehicles.

Social engineering attacks are well known attacks in the cyberspace and relatively easy to try and implement because no technical knowledge is required. In various online environments such as business domains where customers talk through a chat service with employees or in social networks potential hackers can try to manipulate other people by employing social attacks against them to gain information that will benefit them in future attacks. Thus, we have used a number of natural language processing steps and a machine learning algorithm to identify potential attacks. The proposed method has been tested on a semi-synthetic dataset and it is shown to be both practical and effective.

Named Data Networking (NDN) uses the content name to enable content sharing in a network using Interest and Data messages. In essence, NDN supports communication through multiple interfaces, therefore, it is imperative to think of the interface that better meets the communication requirements of the application. The current interface ranking is based on single static metric such as minimum number of hops, maximum satisfaction rate, or minimum network delay. However, this ranking may adversely affect the network performance. To fill the gap, in this paper, we propose a new multi-metric robust interface ranking scheme that combines multiple metrics with different objective functions. Furthermore, we also introduce different forwarding modes to handle the forwarding decision according to the available ranked interfaces. Extensive simulation experiments demonstrate that the proposed scheme selects the best and suitable forwarding interface to deliver content.

Video steganography mainly deals with secret data transmission in a carrier video file without being visually noticeable by intruders. Video steganography is preferred over image steganography because a video carries more space in comparison to an image. The main concept of information hiding consists of a cover media, which is a greyscale or a color video, a secret data, which is an image or text, and a stego key. Here a secure video steganography method has been proposed which uses Curvelet Transform for secret data embedding, Elliptic Curve Cryptography for stego key encryption and a threshold algorithm for the determination of the amount of secret data to be encoded per frame. A video is a collection of various frames. The frames are selected randomly from the cover video and the frame number of the respective frames has been indexed in the stego key to find the secret data embedding location. Here, the selection of frames in a sequential manner has been avoided to improve security. For enhanced security, the stego key is also encrypted using Elliptic Curve Integrated Encryption Scheme (ECIES). Fast Discrete Curvelet Transform (FDCT) has been applied to the frames of the cover video and the curvelet coefficients have been modified to obscure the secret data to produce the stego video.

In the original algorithm for grey correlation analysis, the detected edge is comparatively rough and the thresholds need determining in advance. Thus, an adaptive edge detection method based on grey correlation analysis is proposed, in which the basic principle of the original algorithm for grey correlation analysis is used to get adaptively automatic threshold according to the mean value of the 3×3 area pixels around the detecting pixel and the property of people's vision. Because the false edge that the proposed algorithm detected is relatively large, the proposed algorithm is enhanced by dealing with the eight neighboring pixels around the edge pixel, which is merged to get the final edge map. The experimental results show that the algorithm can get more complete edge map with better continuity by comparing with the traditional edge detection algorithms.

This paper presents the proposed method of building a digital signature algorithm which is based on the difficulty of solving root problem and some expanded root problems on Zp. The expanded root problem is a new form of difficult problem without the solution, also originally proposed and applied to build digital signature algorithms. This proposed method enable to build a high-security digital signature platform for practical applications.

In this paper, a time-driven performance-aware mathematical model for trust in the robot is proposed for a Human-Robot Collaboration (HRC) framework. The proposed trust model is based on both the human operator and the robot performances. The human operator’s performance is modeled based on both the physical and cognitive performances, while the robot performance is modeled over its unpredictable, predictable, dependable, and faithful operation regions. The model is validated via different simulation scenarios. The simulation results show that the trust in the robot in the HRC framework is governed by robot performance and human operator’s performance and can be improved by enhancing the robot performance.

This study proposes a machine learning method based on stream homomorphic encryption computing for improving security and reducing computational time. A case study of mobile positioning based on k nearest neighbors ( kNN) is selected to evaluate the proposed method. The results showed the proposed method can save computational resources than others.

The article deals with the mathematical model for information security controls optimization and evaluation of the information security systems effectiveness. Distinctive features of APT attacks are given. The generalized efficiency criterion in which both the requirements of the return of security investment maximization and the return on attack minimization are simultaneously met. The generalized reduced gradient method for solving the optimization of the objective function based on formulated efficiency criterion is proposed.

The problems of synthesis of a digital data encryption system based on dynamic chaos in a research project carried out at the Department of Marine Electronics (SMTU) are considered. A description is made of the problems of generating a chaotic (random) signal in computer systems with calculations with finite accuracy.

Chaos-based encryption is one of the promising cryptography techniques that can be used. Although chaos-based encryption provides excellent security, the finite precision of number representation in computers affects decryption accuracy negatively. In this paper, a way to mitigate some problems regarding finite precision is analyzed. We show that the use of maps with small Lyapunov exponents can improve the performance of chaotic encryption scheme, making it suitable for image encryption.

Wireless Personal Area Network is widely used in day to day life. It might be a static or dynamic environment. As the density of the nodes increases it becomes difficult to handle the situation. The need of multiple sensor node technology in a desired environment without congestion is required. The use of autonomic network provides one such solution. The autonomicity combines the local automate and address agnostic features that controls the congestion resulting in improved throughput, fault tolerance and also with unicast and multicast packets delivery. The algorithm LA based ANA in a Bluetooth based dynamic environment provide 20% increase in throughput compared with LACAS based Wireless Sensor Network. The LA based ANA leads with 10% lesser fault tolerance levels and extended unicast and multi-cast packet delivery.

This paper proposes a mathematical model for assessing the trustworthiness of the system condition prognosis. The set of mutually exclusive events at the time of predictive checking are analyzed. Correct and incorrect decisions correspond to events such as true-positive, false-positive, true-negative, and false-negative. General expressions for computing the probabilities of possible decisions when predicting the system condition at discrete times are proposed. The paper introduces the effectiveness indicators of predictive maintenance in the form of average operating costs, total error probability, and a posteriori probability of failure-free operation in the upcoming interval. We illustrate the developed approach by calculating the probabilities of correct and incorrect decisions for a specific stochastic deterioration process.

The emergence of Cyber-Physical Systems (CPSs) is a potential paradigm shift for the usage of Information and Communication Technologies (ICT). From predominantly a facilitator of information and communication services, the role of ICT in the present age has expanded to the management of objects and resources in the physical world. Thus, it is imperative to devise mechanisms to ensure the trustworthiness of data to secure vulnerable devices against security threats. This work presents an analytical framework based on non-cooperative game theory to evaluate the trustworthiness of individual sensor nodes that constitute the CPS. The proposed game-theoretic model captures the factors impacting the trustworthiness of CPS sensor nodes. Further, the model is used to estimate the Nash equilibrium solution of the game, to derive a trust threshold criterion. The trust threshold represents the minimum trust score required to be maintained by individual sensor nodes during CPS operation. Sensor nodes with trust scores below the threshold are potentially malicious and may be removed or isolated to ensure the secure operation of CPS.