Visible to the public Biblio

Found 893 results

Filters: Keyword is Collaboration  [Clear All Filters]
2021-10-12
Dawit, Nahom Aron, Mathew, Sujith Samuel, Hayawi, Kadhim.  2020.  Suitability of Blockchain for Collaborative Intrusion Detection Systems. 2020 12th Annual Undergraduate Research Conference on Applied Computing (URC). :1–6.
Cyber-security is indispensable as malicious incidents are ubiquitous on the Internet. Intrusion Detection Systems have an important role in detecting and thwarting cyber-attacks. However, it is more effective in a centralized system but not in peer-to-peer networks which makes it subject to central point failure, especially in collaborated intrusion detection systems. The novel blockchain technology assures a fully distributed security system through its powerful features of transparency, immutability, decentralization, and provenance. Therefore, in this paper, we investigate and demonstrate several methods of collaborative intrusion detection with blockchain to analyze the suitability and security of blockchain for collaborative intrusion detection systems. We also studied the difference between the existing means of the integration of intrusion detection systems with blockchain and categorized the major vulnerabilities of blockchain with their potential losses and current enhancements for mitigation.
2021-09-17
Cheng, Xiuzhen, Chellappan, Sriram, Cheng, Wei, Sahin, Gokhan.  2020.  Guest Editorial Introduction to the Special Section on Network Science for High-Confidence Cyber-Physical Systems. IEEE Transactions on Network Science and Engineering. 7:764–765.
The papers in this special section focus on network science for high confidence cyber-physical systems (CPS) Here CPS refers to the engineered systems that can seamlessly integrate the physical world with the cyber world via advanced computation and communication capabilities. To enable high-confidence CPS for achieving better benefits as well as supporting emerging applications, network science-based theories and methodologies are needed to cope with the ever-growing complexity of smart CPS, to predict the system behaviors, and to model the deep inter-dependencies among CPS and the natural world. The major objective of this special section is to exploit various network science techniques such as modeling, analysis, mining, visualization, and optimization to advance the science of supporting high-confidence CPS for greater assurances of security, safety, scalability, efficiency, and reliability. These papers bring a timely and important research topic. The challenges and opportunities of applying network science approaches to high-confidence CPS are profound and far-reaching.
Conference Name: IEEE Transactions on Network Science and Engineering
Christie V, Samuel H., Smirnova, Daria, Chopra, Amit K., Singh, Munindar P..  2020.  Protocols Over Things: A Decentralized Programming Model for the Internet of Things. 53:60–68.
Current programming models for developing Internet of Things (IoT) applications are logically centralized and ill-suited for most IoT applications. We contribute Protocols over Things, a decentralized programming model that represents an IoT application via a protocol between the parties involved and provides improved performance over network-level delivery guarantees.
2021-09-07
Bülbül, Nuref\c san Sertba\c s, Fischer, Mathias.  2020.  SDN/NFV-Based DDoS Mitigation via Pushback. ICC 2020 - 2020 IEEE International Conference on Communications (ICC). :1–6.
Distributed Denial of Service (DDoS) attacks aim at bringing down or decreasing the availability of services for their legitimate users, by exhausting network or server resources. It is difficult to differentiate attack traffic from legitimate traffic as the attack can come from distributed nodes that additionally might spoof their IP addresses. Traditional DoS mitigation solutions fail to defend all kinds of DoS attacks and huge DoS attacks might exceed the processing capacity of routers and firewalls easily. The advent of Software-defined Networking (SDN) and Network Function Virtualization (NFV) has brought a new perspective for network defense. Key features of such technologies like global network view and flexibly positionable security functionality can be used for mitigating DDoS attacks. In this paper, we propose a collaborative DDoS attack mitigation scheme that uses SDN and NFV. We adopt a machine learning algorithm from related work to derive accurate patterns describing DDoS attacks. Our experimental results indicate that our framework is able to differentiate attack and legitimate traffic with high accuracy and in near-realtime. Furthermore, the derived patterns can be used to create OpenFlow (OF) or Firewall rules that can be pushed back into the direction of the attack origin for more efficient and distributed filtering.
2021-08-31
Hu, Hongsheng, Dobbie, Gillian, Salcic, Zoran, Liu, Meng, Zhang, Jianbing, Zhang, Xuyun.  2020.  A Locality Sensitive Hashing Based Approach for Federated Recommender System. 2020 20th IEEE/ACM International Symposium on Cluster, Cloud and Internet Computing (CCGRID). :836–842.
The recommender system is an important application in big data analytics because accurate recommendation items or high-valued suggestions can bring high profit to both commercial companies and customers. To make precise recommendations, a recommender system often needs large and fine-grained data for training. In the current big data era, data often exist in the form of isolated islands, and it is difficult to integrate the data scattered due to privacy security concerns. Moreover, privacy laws and regulations make it harder to share data. Therefore, designing a privacy-preserving recommender system is of paramount importance. Existing privacy-preserving recommender system models mainly adapt cryptography approaches to achieve privacy preservation. However, cryptography approaches have heavy overhead when performing encryption and decryption operations and they lack a good level of flexibility. In this paper, we propose a Locality Sensitive Hashing (LSH) based approach for federated recommender system. Our proposed efficient and scalable federated recommender system can make full use of multiple source data from different data owners while guaranteeing preservation of privacy of contributing parties. Extensive experiments on real-world benchmark datasets show that our approach can achieve both high time efficiency and accuracy under small privacy budgets.
2021-08-11
Odero, Stephen, Dargahi, Tooska, Takruri, Haifa.  2020.  Privacy Enhanced Interface Identifiers in IPv6. 2020 12th International Symposium on Communication Systems, Networks and Digital Signal Processing (CSNDSP). :1—6.
The Internet Protocol Version 6 (IPV6) proposed to replace IPV4 to solve scalability challenges and improve quality of service and security. Current implementation of IPv6 uses static value that is determined from the Media Access Control (MAC) address as the Interface Identifier (IID). This results in a deterministic IID for each user that is the same regardless of any network changes. This provides an eavesdropper with the ability to easily track the physical location of the communicating nodes using simple tools, such as ping and traceroute. Moreover, this address generation method provides a means to correlate network traffic with a specific user which can be achieved by filtering the IID and traffic analysis. These serious privacy breaches need to be addressed before widespread deployment of IPv6. In this paper we propose a privacy-enhanced method for generating IID which combines different network parameters. The proposed method generates non-deterministic IIDs that is resistance against correlation attack. We validate our approach using Wireshark, ping and traceroute tools and show that our proposed approach achieves better privacy compared to the existing IID generation methods.
Abdalla, Peshraw Ahmed, Varol, Cihan.  2020.  Testing IoT Security: The Case Study of an IP Camera. 2020 8th International Symposium on Digital Forensics and Security (ISDFS). :1—5.
While the Internet of Things (IoT) applications and devices expanded rapidly, security and privacy of the IoT devices emerged as a major problem. Current studies reveal that there are significant weaknesses detected in several types of IoT devices moreover in several situations there are no security mechanisms to protect these devices. The IoT devices' users utilize the internet for the purpose of control and connect their machines. IoT application utilization has risen exponentially over time and our sensitive data is captured by IoT devices continuously, unknowingly or knowingly. The motivation behind this paper was the vulnerabilities that exist at the IP cameras. In this study, we undertake a more extensive investigation of IP cameras' vulnerabilities and demonstrate their effect on users' security and privacy through the use of the Kali Linux penetration testing platform and its tools. For this purpose, the paper performs a hands-on test on an IP camera with the name (“Intelligent Onvif YY HD”) to analyzes the security elements of this device. The results of this paper show that IP cameras have several security lacks and weaknesses which these flaws have multiple security impacts on users.
Meskanen, Tommi, Niemi, Valtteri, Kuusijäarvi, Jarkko.  2020.  Privacy-Preserving Peer Discovery for Group Management in p2p Networks. 2020 27th Conference of Open Innovations Association (FRUCT). :150—156.
The necessity for peer-to-peer (p2p) communications is obvious; current centralized solutions are capturing and storing too much information from the individual people communicating with each other. Privacy concerns with a centralized solution in possession of all the users data are a difficult matter. HELIOS platform introduces a new social-media platform that is not in control of any central operator, but brings the power of possession of the data back to the users. It does not have centralized servers that store and handle receiving/sending of the messages. Instead, it relies on the current open-source solutions available in the p2p communities to propagate the messages to the wanted recipients of the data and/or messages. The p2p communications also introduce new problems in terms of privacy and tracking of the user, as the nodes part of a p2p network can see what data the other nodes provide and ask for. How the sharing of data in a p2p network can be achieved securely, taking into account the user's privacy is a question that has not been fully answered so far. We do not claim we answer this question fully in this paper either, but we propose a set of protocols to help answer one specific problem. Especially, this paper proposes how to privately share data (end-point address or other) of the user between other users, provided that they have previously connected with each other securely, either offline or online.
Indra Basuki, Akbari, Rosiyadi, Didi, Setiawan, Iwan.  2020.  Preserving Network Privacy on Fine-grain Path-tracking Using P4-based SDN. 2020 International Conference on Radar, Antenna, Microwave, Electronics, and Telecommunications (ICRAMET). :129—134.
Path-tracking is essential to provide complete information regarding network breach incidents. It records the direction of the attack and its source of origin thus giving the network manager proper information for the next responses. Nevertheless, the existing path-tracking implementations expose the network topology and routing configurations. In this paper, we propose a privacy-aware path-tracking which mystifies network configurations using in-packet bloom filter. We apply our method by using P4 switch to supports a fine-grain (per-packet) path-tracking with dynamic adaptability via in-switch bloom filter computation. We use a hybrid scheme which consists of a destination-based logging and a path finger print-based marking to minimize the redundant path inferring caused by the bloom filter's false positive. For evaluation, we emulate the network using Mininet and BMv2 software switch. We deploy a source routing mechanism to run the evaluations using a limited testbed machine implementing Rocketfuel topology. By using the hybrid marking and logging technique, we can reduce the redundant path to zero percent, ensuring no-collision in the path-inferring. Based on the experiments, it has a lower space efficiency (56 bit) compared with the bloom filter-only solution (128 bit). Our proposed method guarantees that the recorded path remains secret unless the secret keys of every switch are known.
Garcia-Luna-Aceves, J.J., Ali Albalawi, Abdulazaz.  2020.  Connection-Free Reliable and Efficient Transport Services in the IP Internet. 2020 16th International Conference on Network and Service Management (CNSM). :1—7.
The Internet Transport Protocol (ITP) is introduced to support reliable end-to-end transport services in the IP Internet without the need for end-to-end connections, changes to the Internet routing infrastructure, or modifications to name-resolution services. Results from simulation experiments show that ITP outperforms the Transmission Control Protocol (TCP) and the Named Data Networking (NDN) architecture, which requires replacing the Internet Protocol (IP). In addition, ITP allows transparent content caching while enforcing privacy.
Huang, Cheng-Wei, Wu, Tien-Yi, Tai, Yuan, Shao, Ching-Hsuan, Chen, Lo-An, Tsai, Meng-Hsun.  2020.  Machine learning-based IP Camera identification system. 2020 International Computer Symposium (ICS). :426—430.
With the development of technology, application of the Internet in daily life is increasing, making our connection with the Internet closer. However, with the improvement of convenience, information security has become more and more important. How to ensure information security in a convenient living environment is a question worth discussing. For instance, the widespread deployment of IP-cameras has made great progress in terms of convenience. On the contrary, it increases the risk of privacy exposure. Poorly designed surveillance devices may be implanted with suspicious software, which might be a thorny issue to human life. To effectively identify vulnerable devices, we design an SDN-based identification system that uses machine learning technology to identify brands and probable model types by identifying packet features. The identifying results make it possible for further vulnerability analysis.
Xue, Mingfu, Wu, Zhiyu, He, Can, Wang, Jian, Liu, Weiqiang.  2020.  Active DNN IP Protection: A Novel User Fingerprint Management and DNN Authorization Control Technique. 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom). :975—982.
The training process of deep learning model is costly. As such, deep learning model can be treated as an intellectual property (IP) of the model creator. However, a pirate can illegally copy, redistribute or abuse the model without permission. In recent years, a few Deep Neural Networks (DNN) IP protection works have been proposed. However, most of existing works passively verify the copyright of the model after the piracy occurs, and lack of user identity management, thus cannot provide commercial copyright management functions. In this paper, a novel user fingerprint management and DNN authorization control technique based on backdoor is proposed to provide active DNN IP protection. The proposed method can not only verify the ownership of the model, but can also authenticate and manage the user's unique identity, so as to provide a commercially applicable DNN IP management mechanism. Experimental results on CIFAR-10, CIFAR-100 and Fashion-MNIST datasets show that the proposed method can achieve high detection rate for user authentication (up to 100% in the three datasets). Illegal users with forged fingerprints cannot pass authentication as the detection rates are all 0 % in the three datasets. Model owner can verify his ownership since he can trigger the backdoor with a high confidence. In addition, the accuracy drops are only 0.52%, 1.61 % and -0.65% on CIFAR-10, CIFAR-100 and Fashion-MNIST, respectively, which indicate that the proposed method will not affect the performance of the DNN models. The proposed method is also robust to model fine-tuning and pruning attacks. The detection rates for owner verification on CIFAR-10, CIFAR-100 and Fashion-MNIST are all 100% after model pruning attack, and are 90 %, 83 % and 93 % respectively after model fine-tuning attack, on the premise that the attacker wants to preserve the accuracy of the model.
Pan, Xiaoqin, Tang, Shaofei, Zhu, Zuqing.  2020.  Privacy-Preserving Multilayer In-Band Network Telemetry and Data Analytics. 2020 IEEE/CIC International Conference on Communications in China (ICCC). :142—147.
As a new paradigm for the monitoring and troubleshooting of backbone networks, the multilayer in-band network telemetry (ML-INT) with deep learning (DL) based data analytics (DA) has recently been proven to be effective on realtime visualization and fine-grained monitoring. However, the existing studies on ML-INT&DA systems have overlooked the privacy and security issues, i.e., a malicious party can apply tapping in the data reporting channels between the data and control planes to illegally obtain plaintext ML-INT data in them. In this paper, we discuss a privacy-preserving DL-based ML-INT&DA system for realizing AI-assisted network automation in backbone networks in the form of IP-over-Optical. We first show a lightweight encryption scheme based on integer vector homomorphic encryption (IVHE), which is used to encrypt plaintext ML-INT data. Then, we architect a DL model for anomaly detection, which can directly analyze the ciphertext ML-INT data. Finally, we present the implementation and experimental demonstrations of the proposed system. The privacy-preserving DL-based ML-INT&DA system is realized in a real IP over elastic optical network (IP-over-EON) testbed, and the experimental results verify the feasibility and effectiveness of our proposal.
Brooks, Richard, Wang, Kuang-Ching, Oakley, Jon, Tusing, Nathan.  2020.  Global Internet Traffic Routing and Privacy. 2020 International Scientific and Technical Conference Modern Computer Network Technologies (MoNeTeC). :1—7.
Current Internet Protocol routing provides minimal privacy, which enables multiple exploits. The main issue is that the source and destination addresses of all packets appear in plain text. This enables numerous attacks, including surveillance, man-in-the-middle (MITM), and denial of service (DoS). The talk explains how these attacks work in the current network. Endpoints often believe that use of Network Address Translation (NAT), and Dynamic Host Configuration Protocol (DHCP) can minimize the loss of privacy.We will explain how the regularity of human behavior can be used to overcome these countermeasures. Once packets leave the local autonomous system (AS), they are routed through the network by the Border Gateway Protocol (BGP). The talk will discuss the unreliability of BGP and current attacks on the routing protocol. This will include an introduction to BGP injects and the PEERING testbed for BGP experimentation. One experiment we have performed uses statistical methods (CUSUM and F-test) to detect BGP injection events. We describe work we performed that applies BGP injects to Internet Protocol (IP) address randomization to replace fixed IP addresses in headers with randomized addresses. We explain the similarities and differences of this approach with virtual private networks (VPNs). Analysis of this work shows that BGP reliance on autonomous system (AS) numbers removes privacy from the concept, even though it would disable the current generation of MITM and DoS attacks. We end by presenting a compromise approach that creates software-defined data exchanges (SDX), which mix traffic randomization with VPN concepts. We contrast this approach with the Tor overlay network and provide some performance data.
Li, Yuekang, Chen, Hongxu, Zhang, Cen, Xiong, Siyang, Liu, Chaoyi, Wang, Yi.  2020.  Ori: A Greybox Fuzzer for SOME/IP Protocols in Automotive Ethernet. 2020 27th Asia-Pacific Software Engineering Conference (APSEC). :495—499.
With the emergence of smart automotive devices, the data communication between these devices gains increasing importance. SOME/IP is a light-weight protocol to facilitate inter- process/device communication, which supports both procedural calls and event notifications. Because of its simplicity and capability, SOME/IP is getting adopted by more and more automotive devices. Subsequently, the security of SOME/IP applications becomes crucial. However, previous security testing techniques cannot fit the scenario of vulnerability detection SOME/IP applications due to miscellaneous challenges such as the difficulty of server-side testing programs in parallel, etc. By addressing these challenges, we propose Ori - a greybox fuzzer for SOME/IP applications, which features two key innovations: the attach fuzzing mode and structural mutation. The attach fuzzing mode enables Ori to test server programs efficiently, and the structural mutation allows Ori to generate valid SOME/IP packets to reach deep paths of the target program effectively. Our evaluation shows that Ori can detect vulnerabilities in SOME/IP applications effectively and efficiently.
Li, Shanghao, He, Shan, Li, Lin, Guo, Donghui.  2020.  IP Trading System with Blockchain on Web-EDA. 2020 IEEE 14th International Conference on Anti-counterfeiting, Security, and Identification (ASID). :164—168.
As the scale of integrated circuits continues to expand, electronic design automation (EDA) and intellectual property (IP) reuse play an increasingly important role in the integrated circuit design process. Although many Web-EDA platforms have begun to provide online EDA software to reduce the threshold for the use of EDA tools, IP protection on the Web- EDA platform is an issue. This article uses blockchain technology to design an IP trading system for the Web-EDA platform to achieve mutual trust and transactions between IP owners and users. The structure of the IP trading system is described in detail, and a blockchain wallet for the Web-EDA platform is developed.
Potluri, Seetal, Aysu, Aydin, Kumar, Akash.  2020.  SeqL: Secure Scan-Locking for IP Protection. 2020 21st International Symposium on Quality Electronic Design (ISQED). :7—13.
Existing logic-locking attacks are known to successfully decrypt functionally correct key of a locked combinational circuit. It is possible to extend these attacks to real-world Silicon-based Intellectual Properties (IPs, which are sequential circuits) through scan-chains by selectively initializing the combinational logic and analyzing the responses. In this paper, we propose SeqL, which achieves functional isolation and locks selective flip-flop functional-input/scan-output pairs, thus rendering the decrypted key functionally incorrect. We conduct a formal study of the scan-locking problem and demonstrate automating our proposed defense on any given IP. We show that SeqL hides functionally correct keys from the attacker, thereby increasing the likelihood of the decrypted key being functionally incorrect. When tested on pipelined combinational benchmarks (ISCAS, MCNC), sequential benchmarks (ITC) and a fully-fledged RISC-V CPU, SeqL gave 100% resilience to a broad range of state-of-the-art attacks including SAT [1], Double-DIP [2], HackTest [3], SMT [4], FALL [5], Shift-and-Leak [6] and Multi-cycle attacks [7].
Karmakar, Rajit, Chattopadhyay, Santanu.  2020.  Hardware IP Protection Using Logic Encryption and Watermarking. 2020 IEEE International Test Conference (ITC). :1—10.
Logic encryption is a popular Design-for-Security(DfS) solution that offers protection against the potential adversaries in the third-party fab labs and end-users. However, over the years, logic encryption has been a target of several attacks, especially Boolean satisfiability attacks. This paper exploits SAT attack's inability of deobfuscating sequential circuits as a defense against it. We propose several strategies capable of preventing the SAT attack by obfuscating the scan-based Design-for-Testability (DfT) infrastructure. Unlike the existing SAT-resilient schemes, the proposed techniques do not suffer from poor output corruption for wrong keys. This paper also offers various probable solutions for inserting the key-gates into the circuit that ensures protection against numerous other attacks, which exploit weak key-gate locations. Along with several gate-level obfuscation strategies, this paper also presents a Cellular Automata (CA) guided FSM obfuscation strategy to offer protection at a higher abstraction level, that is, RTL-level. For all the proposed schemes, rigorous security analysis against various attacks evaluates their strengths and limitations. Testability analysis also ensures that none of the proposed techniques hamper the basic testing properties of the ICs. We also present a CA-based FSM watermarking strategy that helps to detect potential theft of the designer's IP by any adversary.
Fung, Carol, Pillai, Yadunandan.  2020.  A Privacy-Aware Collaborative DDoS Defence Network. NOMS 2020 - 2020 IEEE/IFIP Network Operations and Management Symposium. :1—5.
Distributed denial of service (DDoS) attacks can bring tremendous damage to online services and ISPs. Existing adopted mitigation methods either require the victim to have a sufficient number of resources for traffic filtering or to pay a third party cloud service to filter the traffic. In our previous work we proposed CoFence, a collaborative network that allows member domains to help each other in terms of DDoS traffic handling. In that network, victim servers facing a DDoS attack can redirect excessive connection requests to other helping servers in different domains for filtering. Only filtered traffic will continue to interact with the victim server. However, sending traffic to third party servers brings up the issue of privacy: specifically leaked client source IP addresses. In this work we propose a privacy protection mechanism for defense so that the helping servers will not be able to see the IP address of the client traffic while it has minimum impact to the data filtering function. We implemented the design through a test bed to demonstrated the feasibility of the proposed design.
Ngow, Y T, Goh, S H, Leo, J, Low, H W, Kamoji, Rupa.  2020.  Automated nets extraction for digital logic physical failure analysis on IP-secure products. 2020 IEEE International Symposium on the Physical and Failure Analysis of Integrated Circuits (IPFA). :1—6.
GDSII layouts of IP-confidential products are heavily controlled and access is only granted to certain privileged personnel. Failure analysts are generally excluded. Without guidance from GDSII, failure analysis, specifically physical inspection based on fault isolation findings cannot proceed. To overcome this challenge, we develop an automated approach that enables image snapshots relevant to failure analysts to be furnished without compromising the confidentiality of the GDSII content in this paper. Modules built are executed to trace the suspected nets and extract them into multiple images of different pre-defined frame specifications to facilitate failure analysis.
Liu, Chong, Luo, Xiangyang, Yuan, Fuxiang, Liu, Fenlin.  2020.  RNBG: A Ranking Nodes Based IP Geolocation Method. IEEE INFOCOM 2020 - IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS). :80—84.
IP geolocation technology is widely adopted in network security, privacy protection, online advertising, etc. However, existing IP geolocation methods are vulnerable to delay inflation, which reduces their reliability and applicability, especially in weakly connected networks. To solve this problem, a ranking nodes based IP geolocation method (RNBG) is proposed. RNBG leverages the scale-free nature of complex networks to find a few important and stable nodes in networks. And then these nodes are used in the geolocation of IPs in different regions. Experimental results in China and the US show that RNBG can achieve high accuracy even in weakly connected network. Compared with typical methods, the geolocation accuracy is increased by 2.60%-14.27%, up to 97.55%.
Chheng, Kimhok, Priyadi, Ardyono, Pujiantara, Margo, Mahindara, Vincentius Raki.  2020.  The Coordination of Dual Setting DOCR for Ring System Using Adaptive Modified Firefly Algorithm. 2020 International Seminar on Intelligent Technology and Its Applications (ISITIA). :44—50.
Directional Overcurrent Relays (DOCRs) play an essential role in the power system protection to guarantee the reliability, speed of relay operation and avoiding mal-trip in the primary and backup relays when unintentional fault conditions occur in the system. Moreover, the dual setting protection scheme is more efficient protection schemes for offering fast response protection and providing flexibility in the coordination of relay. In this paper, the Adaptive Modified Firefly Algorithm (AMFA) is used to determine the optimal coordination of dual setting DOCRs in the ring distribution system. The AMFA is completed by choosing the minimum value of pickup current (\textbackslashtextbackslashpmbI\textbackslashtextbackslashpmbP) and time dial setting (TDS). On the other hand, dual setting DOCRs protection scheme also proposed for operating in both forward and reverse directions that consisted of individual time current characteristics (TCC) curve for each direction. The previous method is applied to the ring distribution system network of PT. Pupuk Sriwidjaja by considering the fault on each bus. The result illustration that the AMFA within dual setting protection scheme is significantly reaching the optimized coordination and the relay coordination is certain for all simulation scenarios with the minimum operation. The AMFA has been successfully implemented in MATLAB software programming.
Njova, Dion, Ogudo, Kingsley, Umenne, Patrice.  2020.  Packet Analysis of DNP3 protocol over TCP/IP at an Electrical Substation Grid modelled in OPNET. 2020 IEEE PES/IAS PowerAfrica. :1—5.
In this paper Intelligent Electronic Devices (IED) that use ethernet for communicating with substation devices on the grid where modelled in OPNET. There is a need to test the communication protocol performance over the network. A model for the substation communication network was implemented in OPNET. This was done for ESKOM, which is the electrical power generation and distribution authority in South Africa. The substation communication model consists of 10 ethernet nodes which simulate protection Intelligent Electronic Devices (IEDs), 13 ethernet switches, a server which simulates the substation Remote Terminal Unit (RTU) and the DNP3 Protocol over TCP/IP simulated on the model. DNP3 is a protocol that can be used in a power utility computer network to provide communication service for the grid components. It was selected as the communication protocol because it is widely used in the energy sector in South Africa. The network load and packet delay parameters were sampled when 10%, 50%, 90% and 100% of devices are online. Analysis of the results showed that with an increase in number of nodes there was an increase in packet delay as well as the network load. The load on the network should be taken into consideration when designing a substation communication network that requires a quick response such as a smart gird.
Chen, Siyuan, Jung, Jinwook, Song, Peilin, Chakrabarty, Krishnendu, Nam, Gi-Joon.  2020.  BISTLock: Efficient IP Piracy Protection using BIST. 2020 IEEE International Test Conference (ITC). :1—5.
The globalization of IC manufacturing has increased the likelihood for IP providers to suffer financial and reputational loss from IP piracy. Logic locking prevents IP piracy by corrupting the functionality of an IP unless a correct secret key is inserted. However, existing logic-locking techniques can impose significant area overhead and performance impact (delay and power) on designs. In this work, we propose BISTLock, a logic-locking technique that utilizes built-in self-test (BIST) to isolate functional inputs when the circuit is locked. We also propose a set of security metrics and use the proposed metrics to quantify BISTLock's security strength for an open-source AES core. Our experimental results demonstrate that BISTLock is easy to implement and introduces an average of 0.74% area and no power or delay overhead across the set of benchmarks used for evaluation.
He, Guorong, Dong, Chen, Liu, Yulin, Fan, Xinwen.  2020.  IPlock: An Effective Hybrid Encryption for Neuromorphic Systems IP Core Protection. 2020 IEEE 4th Information Technology, Networking, Electronic and Automation Control Conference (ITNEC). 1:612—616.
Recent advances in resistive synaptic devices have enabled the emergence of brain-inspired smart chips. These chips can execute complex cognitive tasks in digital signal processing precisely and efficiently using an efficient neuromorphic system. The neuromorphic synapses used in such chips, however, are different from the traditional integrated circuit architectures, thereby weakening their resistance to malicious transformation and intellectual property (IP) counterfeiting. Accordingly, in this paper, we propose an effective hybrid encryption methodology for IP core protection in neuromorphic computing systems, in-corporating elliptic curve cryptography and SM4 simultaneously. Experimental results confirm that the proposed method can implement real-time encryption of any number of crossbar arrays in neuromorphic systems accurately, while reducing the time overhead by 14.40%-26.08%.