Visible to the public Biblio

Found 155 results

Filters: Keyword is Entropy  [Clear All Filters]
Zhu, Qianqian, Li, Yue, He, Hongchang, Huang, Gang.  2020.  Cross-term suppression of multi-component signals based on improved STFT-Wigner. 2020 International Wireless Communications and Mobile Computing (IWCMC). :1082–1086.
Cross-term interference exists in the WVD of multi-component signals in time-frequency analysis, and the STFT is limited by Heisenberg uncertainty criterion. For multicomponent signals under noisy background, this paper proposes an improved STFT-Wigner algorithm, which establishes a threshold based on the exponential multiplication result compared to the original algorithm, so as to weaken the cross term and reduce the impact of noise on the signal, and improve the time-frequency aggregation of the signal. Simulation results show that the improved algorithm has higher time-frequency aggregation than other methods. Similarly, for cross-term suppression, our method is superior to many other TF analysis methods in low signal-to-noise ratio (SNR) environment.
Ganguli, Subhankar, Thakur, Sanjeev.  2020.  Machine Learning Based Recommendation System. 2020 10th International Conference on Cloud Computing, Data Science Engineering (Confluence). :660–664.
Recommender system helps people in decision making by asking their preferences about various items and recommends other items that have not been rated yet and are similar to their taste. A traditional recommendation system aims at generating a set of recommendations based on inter-user similarity that will satisfy the target user. Positive preferences as well as negative preferences of the users are taken into account so as to find strongly related users. Weighted entropy is usedz as a similarity measure to determine the similar taste users. The target user is asked to fill in the ratings so as to identify the closely related users from the knowledge base and top N recommendations are produced accordingly. Results show a considerable amount of improvement in accuracy after using weighted entropy and opposite preferences as a similarity measure.
Dong, Xianzhe, He, Xinyi, Liang, Tianlin, Shi, Dai, Tao, Dan.  2020.  Entropy based Security Rating Evaluation Scheme for Pattern Lock. 2020 IEEE International Conference on Consumer Electronics - Taiwan (ICCE-Taiwan). :1–2.
To better protect users' privacy, various authentication mechanisms have been applied on smartphones. Android pattern lock has been widely used because it is easy to memorize, however, simple ones are more vulnerable to attack such as shoulder surfing attack. In this paper, we propose a security rating evaluation scheme based on pattern lock. In particular, an entropy function of a pattern lock can be calculated, which is decided by five kinds of attributes: size, length, angle, overlap and intersection for quantitative evaluation of pattern lock. And thus, the security rating thresholds will be determined by the distribution of entropy values. Finally, we design and develop an APP based on Android Studio, which is used to verify the effectiveness of our proposed security rating evaluation scheme.
Brzezinski Meyer, Maria Laura, Labit, Yann.  2020.  Combining Machine Learning and Behavior Analysis Techniques for Network Security. 2020 International Conference on Information Networking (ICOIN). :580–583.
Network traffic attacks are increasingly common and varied, this is a big problem especially when the target network is centralized. The creation of IDS (Intrusion Detection Systems) capable of detecting various types of attacks is necessary. Machine learning algorithms are widely used in the classification of data, bringing a good result in the area of computer networks. In addition, the analysis of entropy and distance between data sets are also very effective in detecting anomalies. However, each technique has its limitations, so this work aims to study their combination in order to improve their performance and create a new intrusion detection system capable of well detect some of the most common attacks. Reliability indices will be used as metrics to the combination decision and they will be updated in each new dataset according to the decision made earlier.
Ji, Zhigang, Brown, James, Zhang, Jianfu.  2020.  True Random Number Generator (TRNG) for Secure Communications in the Era of IoT. 2020 China Semiconductor Technology International Conference (CSTIC). :1—5.
True Random number Generator (TRNG) is critical for secure communications. In this work, we explain in details regarding our recent solution on TRNG using random telegraph noise (RTN) including the benefits and the disadvantages. Security check is performed using the NIST randomness tests for both the RTN-based TRNG and various conventional pseudo random umber generator. The newly-proposed design shows excellent randomness, power consumption, low design complexity, small area and high speed, making it a suitable candidate for future cryptographically secured applications within the internet of things.
Yang, Yang, Wang, Ruchuan.  2020.  LBS-based location privacy protection mechanism in augmented reality. 2020 International Conference on Internet of Things and Intelligent Applications (ITIA). :1—6.
With the development of augmented reality(AR) technology and location-based service (LBS) technology, combining AR with LBS will create a new way of life and socializing. In AR, users may consider the privacy and security of data. In LBS, the leakage of user location privacy is an important threat to LBS users. Therefore, it is very important for privacy management of positioning information and user location privacy to avoid loopholes and abuse. In this review, the concepts and principles of AR technology and LBS would be introduced. The existing privacy measurement and privacy protection framework would be analyzed and summarized. Also future research direction of location privacy protection would be discussed.
Antonio, Elbren, Fajardo, Arnel, Medina, Ruji.  2020.  Tracking Browser Fingerprint using Rule Based Algorithm. 2020 16th IEEE International Colloquium on Signal Processing Its Applications (CSPA). :225—229.

Browsers collects information for better user experience by allowing JavaScript's and other extensions. Advertiser and other trackers take advantage on this useful information to tracked users across the web from remote devices on the purpose of individual unique identifications the so-called browser fingerprinting. Our work explores the diversity and stability of browser fingerprint by modifying the rule-based algorithm. Browser fingerprint rely only from the gathered data through browser, it is hard to tell that this piece of information still the same when upgrades and or downgrades are happening to any browsers and software's without user consent, which is stability and diversity are the most important usage of generating browser fingerprint. We implemented device fingerprint to identify consenting visitors in our website and evaluate individual devices attributes by calculating entropy of each selected attributes. In this research, it is noted that we emphasize only on data collected through a web browser by employing twenty (20) attributes to identify promising high value information to track how device information evolve and consistent in a period of time, likewise, we manually selected device information for evaluation where we apply the modified rules. Finally, this research is conducted and focused on the devices having the closest configuration and device information to test how devices differ from each other after several days of using on the basis of individual user configurations, this will prove in our study that every device is unique.

Yu, Jia ao, Peng, Lei.  2020.  Black-box Attacks on DNN Classifier Based on Fuzzy Adversarial Examples. 2020 IEEE 5th International Conference on Signal and Image Processing (ICSIP). :965—969.
The security of deep learning becomes increasing important with the more and more related applications. The adversarial attack is the known method that makes the performance of deep learning network (DNN) decline rapidly. However, adversarial attack needs the gradient knowledge of the target networks to craft the specific adversarial examples, which is the white-box attack and hardly becomes true in reality. In this paper, we implement a black-box attack on DNN classifier via a functionally equivalent network without knowing the internal structure and parameters of the target networks. And we increase the entropy of the noise via deep convolution generative adversarial networks (DCGAN) to make it seems fuzzier, avoiding being probed and eliminated easily by adversarial training. Experiments show that this method can produce a large number of adversarial examples quickly in batch and the target network cannot improve its accuracy via adversarial training simply.
Zhang, Qiao-Jia, Ye, Qing, Yuan, Zhi-Min, Li, Liang.  2020.  Fast HEVC Selective Encryption Scheme Based on Improved CABAC Coding Algorithm. 2020 IEEE 6th International Conference on Computer and Communications (ICCC). :1022—1028.

Context-based adaptive binary arithmetic coding (CABAC) is the only entropy coding method in HEVC. According to statistics, CABAC encoders account for more than 25% of the high efficiency video coding (HEVC) coding time. Therefore, the improved CABAC algorithm can effectively improve the coding speed of HEVC. On this basis, a selective encryption scheme based on the improved CABAC algorithm is proposed. Firstly, the improved CABAC algorithm is used to optimize the regular mode encoding, and then the cryptographic algorithm is used to selectively encrypt the syntax elements in bypass mode encoding. The experimental results show that the encoding time is reduced by nearly 10% when there is great interference to the video information. The scheme is both safe and effective.

Zerrouki, F., Ouchani, S., Bouarfa, H..  2020.  Quantifying Security and Performance of Physical Unclonable Functions. 2020 7th International Conference on Internet of Things: Systems, Management and Security (IOTSMS). :1—4.

Physical Unclonable Function is an innovative hardware security primitives that exploit the physical characteristics of a physical object to generate a unique identifier, which play the role of the object's fingerprint. Silicon PUF, a popular type of PUFs, exploits the variation in the manufacturing process of integrated circuits (ICs). It needs an input called challenge to generate the response as an output. In addition, of classical attacks, PUFs are vulnerable to physical and modeling attacks. The performance of the PUFs is measured by several metrics like reliability, uniqueness and uniformity. So as an evidence, the main goal is to provide a complete tool that checks the strength and quantifies the performance of a given physical unconscionable function. This paper provides a tool and develops a set of metrics that can achieve safely the proposed goal.

Lyshevski, S. E., Aved, A., Morrone, P..  2020.  Information-Centric Cyberattack Analysis and Spatiotemporal Networks Applied to Cyber-Physical Systems. 2020 IEEE Microwave Theory and Techniques in Wireless Communications (MTTW). 1:172—177.

Cyber-physical systems (CPS) depend on cybersecurity to ensure functionality, data quality, cyberattack resilience, etc. There are known and unknown cyber threats and attacks that pose significant risks. Information assurance and information security are critical. Many systems are vulnerable to intelligence exploitation and cyberattacks. By investigating cybersecurity risks and formal representation of CPS using spatiotemporal dynamic graphs and networks, this paper investigates topics and solutions aimed to examine and empower: (1) Cybersecurity capabilities; (2) Information assurance and system vulnerabilities; (3) Detection of cyber threat and attacks; (4) Situational awareness; etc. We introduce statistically-characterized dynamic graphs, novel entropy-centric algorithms and calculi which promise to ensure near-real-time capabilities.

Venkitasubramaniam, P., Yao, J., Pradhan, P..  2015.  Information-Theoretic Security in Stochastic Control Systems. Proceedings of the IEEE. 103:1914–1931.
Infrastructural systems such as the electricity grid, healthcare, and transportation networks today rely increasingly on the joint functioning of networked information systems and physical components, in short, on cyber-physical architectures. Despite tremendous advances in cryptography, physical-layer security and authentication, information attacks, both passive such as eavesdropping, and active such as unauthorized data injection, continue to thwart the reliable functioning of networked systems. In systems with joint cyber-physical functionality, the ability of an adversary to monitor transmitted information or introduce false information can lead to sensitive user data being leaked or result in critical damages to the underlying physical system. This paper investigates two broad challenges in information security in cyber-physical systems (CPSs): preventing retrieval of internal physical system information through monitored external cyber flows, and limiting the modification of physical system functioning through compromised cyber flows. A rigorous analytical framework grounded on information-theoretic security is developed to study these challenges in a general stochastic control system abstraction-a theoretical building block for CPSs-with the objectives of quantifying the fundamental tradeoffs between information security and physical system performance, and through the process, designing provably secure controller policies. Recent results are presented that establish the theoretical basis for the framework, in addition to practical applications in timing analysis of anonymous systems, and demand response systems in a smart electricity grid.
Cao, Z., Deng, H., Lu, L., Duan, X..  2014.  An information-theoretic security metric for future wireless communication systems. 2014 XXXIth URSI General Assembly and Scientific Symposium (URSI GASS). :1–4.
Quantitative analysis of security properties in wireless communication systems is an important issue; it helps us get a comprehensive view of security and can be used to compare the security performance of different systems. This paper analyzes the security of future wireless communication system from an information-theoretic point of view and proposes an overall security metric. We demonstrate that the proposed metric is more reasonable than some existing metrics and it is highly sensitive to some basic parameters and helpful to do fine-grained tuning of security performance.
Liu, S., Hong, Y., Viterbo, E..  2014.  On measures of information theoretic security. 2014 IEEE Information Theory Workshop (ITW 2014). :309–310.
While information-theoretic security is stronger than computational security, it has long been considered impractical. In this work, we provide new insights into the design of practical information-theoretic cryptosystems. Firstly, from a theoretical point of view, we give a brief introduction into the existing information theoretic security criteria, such as the notions of Shannon's perfect/ideal secrecy in cryptography, and the concept of strong secrecy in coding theory. Secondly, from a practical point of view, we propose the concept of ideal secrecy outage and define a outage probability. Finally, we show how such probability can be made arbitrarily small in a practical cryptosystem.
Iwamoto, M., Ohta, K., Shikata, J..  2018.  Security Formalizations and Their Relationships for Encryption and Key Agreement in Information-Theoretic Cryptography. IEEE Transactions on Information Theory. 64:654–685.
This paper analyzes the formalizations of information-theoretic security for the fundamental primitives in cryptography: symmetric-key encryption and key agreement. Revisiting the previous results, we can formalize information-theoretic security using different methods, by extending Shannon's perfect secrecy, by information-theoretic analogues of indistinguishability and semantic security, and by the frameworks for composability of protocols. We show the relationships among the security formalizations and obtain the following results. First, in the case of encryption, there are significant gaps among the formalizations, and a certain type of relaxed perfect secrecy or a variant of information-theoretic indistinguishability is the strongest notion. Second, in the case of key agreement, there are significant gaps among the formalizations, and a certain type of relaxed perfect secrecy is the strongest notion. In particular, in both encryption and key agreement, the formalization of composable security is not stronger than any other formalizations. Furthermore, as an application of the relationships in encryption and key agreement, we simultaneously derive a family of lower bounds on the size of secret keys and security quantities required under the above formalizations, which also implies the importance and usefulness of the relationships.
Walia, K. S., Shenoy, S., Cheng, Y..  2020.  An Empirical Analysis on the Usability and Security of Passwords. 2020 IEEE 21st International Conference on Information Reuse and Integration for Data Science (IRI). :1–8.
Security and usability are two essential aspects of a system, but they usually move in opposite directions. Sometimes, to achieve security, usability has to be compromised, and vice versa. Password-based authentication systems require both security and usability. However, to increase password security, absurd rules are introduced, which often drive users to compromise the usability of their passwords. Users tend to forget complex passwords and use techniques such as writing them down, reusing them, and storing them in vulnerable ways. Enhancing the strength while maintaining the usability of a password has become one of the biggest challenges for users and security experts. In this paper, we define the pronounceability of a password as a means to measure how easy it is to memorize - an aspect we associate with usability. We examine a dataset of more than 7 million passwords to determine whether the usergenerated passwords are secure. Moreover, we convert the usergenerated passwords into phonemes and measure the pronounceability of the phoneme-based representations. We then establish a relationship between the two and suggest how password creation strategies can be adapted to better align with both security and usability.
Feng, X., Wang, D., Lin, Z., Kuang, X., Zhao, G..  2020.  Enhancing Randomization Entropy of x86-64 Code while Preserving Semantic Consistency. 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom). :1–12.

Code randomization is considered as the basis of mitigation against code reuse attacks, fundamentally supporting some recent proposals such as execute-only memory (XOM) that aims at dynamic return-oriented programming (ROP) attacks. However, existing code randomization methods are hard to achieve a good balance between high-randomization entropy and semantic consistency. In particular, they always ignore code semantic consistency, incurring performance loss and incompatibility with current security schemes, e.g., control flow integrity (CFI). In this paper, we present an enhanced code randomization method termed as HCRESC, which can improve the randomization entropy significantly, meanwhile ensure the semantic consistency between variants and the original code. HCRESC reschedules instructions within the range of functions rather than basic blocks, thus producing more variants of the original code and preserving the code's semantic. We implement HCRESC on Linux platform of x86-64 architecture and demonstrate that HCRESC can increase the randomization entropy of x86-64 code over than 120% compared with existing methods while ensuring control flow and size of the code unaltered.

Zhang, R., Cao, Z., Wu, K..  2020.  Tracing and detection of ICS Anomalies Based on Causality Mutations. 2020 IEEE 5th Information Technology and Mechatronics Engineering Conference (ITOEC). :511—517.

The algorithm of causal anomaly detection in industrial control physics is proposed to determine the normal cloud line of industrial control system so as to accurately detect the anomaly. In this paper, The causal modeling algorithm combining Maximum Information Coefficient and Transfer Entropy was used to construct the causal network among nodes in the system. Then, the abnormal nodes and the propagation path of the anomaly are deduced from the structural changes of the causal network before and after the attack. Finally, an anomaly detection algorithm based on hybrid differential cumulative is used to identify the specific anomaly data in the anomaly node. The stability of causality mining algorithm and the validity of locating causality anomalies are verified by using the data of classical chemical process. Experimental results show that the anomaly detection algorithm is better than the comparison algorithm in accuracy, false negative rate and recall rate, and the anomaly location strategy makes the anomaly source traceable.

Ateş, Ç, Özdel, S., Anarim, E..  2020.  DDoS Detection Algorithm Based on Fuzzy Logic. 2020 28th Signal Processing and Communications Applications Conference (SIU). :1—4.

While internet technologies are developing day by day, threats against them are increasing at the same speed. One of the most serious and common types of attacks is Distributed Denial of Service (DDoS) attacks. The DDoS intrusion detection approach proposed in this study is based on fuzzy logic and entropy. The network is modeled as a graph and graphics-based features are used to distinguish attack traffic from non-attack traffic. Fuzzy clustering is applied based on these properties to indicate the tendency of IP addresses or port numbers to be in the same cluster. Based on this uncertainty, attack and non-attack traffic were modeled. The detection stage uses the fuzzy relevance function. This algorithm was tested on real data collected from Boğaziçi University network.

Khan, A., Chefranov, A. G..  2020.  A Captcha-Based Graphical Password With Strong Password Space and Usability Study. 2020 International Conference on Electrical, Communication, and Computer Engineering (ICECCE). :1—6.

Security for authentication is required to give a superlative secure users' personal information. This paper presents a model of the Graphical password scheme under the impact of security and ease of use for user authentication. We integrate the concept of recognition with re-called and cued-recall based schemes to offer superior security compared to existing schemes. Click Symbols (CS) Alphabet combine into one entity: Alphanumeric (A) and Visual (V) symbols (CS-AV) is Captcha-based password scheme, we integrate it with recall-based n ×n grid points, where a user can draw the shape or pattern by the intersection of the grid points as a way to enter a graphical password. Next scheme, the combination of CS-AV with grid cells allows very large password space ( 2.4 ×104 bits of entropy) and provides reasonable usability results by determining an empirical study of memorable password space. Proposed schemes support most applicable platform for input devices and promising strong resistance to shoulder surfing attacks on a mobile device which can be occurred during unlocking (pattern) the smartphone.

Cui, L., Huang, D., Zheng, X..  2020.  Reliability Analysis of Concurrent Data based on Botnet Modeling. 2020 Fourth International Conference on Inventive Systems and Control (ICISC). :825—828.

Reliability analysis of concurrent data based on Botnet modeling is conducted in this paper. At present, the detection methods for botnets are mainly focused on two aspects. The first type requires the monitoring of high-privilege systems, which will bring certain security risks to the terminal. The second type is to identify botnets by identifying spam or spam, which is not targeted. By introducing multi-dimensional permutation entropy, the impact of permutation entropy on the permutation entropy is calculated based on the data communicated between zombies, describing the complexity of the network traffic time series, and the clustering variance method can effectively solve the difficulty of the detection. This paper is organized based on the data complex structure analysis. The experimental results show acceptable performance.

Ratti, R., Singh, S. R., Nandi, S..  2020.  Towards implementing fast and scalable Network Intrusion Detection System using Entropy based Discretization Technique. 2020 11th International Conference on Computing, Communication and Networking Technologies (ICCCNT). :1—7.

With the advent of networking technologies and increasing network attacks, Intrusion Detection systems are apparently needed to stop attacks and malicious activities. Various frameworks and techniques have been developed to solve the problem of intrusion detection, still there is need for new frameworks as per the challenging scenario of enormous scale in data size and nature of attacks. Current IDS systems pose challenges on the throughput to work with high speed networks. In this paper we address the issue of high computational overhead of anomaly based IDS and propose the solution using discretization as a data preprocessing step which can drastically reduce the computation overhead. We propose method to provide near real time detection of attacks using only basic flow level features that can easily be extracted from network packets.

Li, R., Wu, B..  2020.  Early detection of DDoS based on φ-entropy in SDN networks. 2020 IEEE 4th Information Technology, Networking, Electronic and Automation Control Conference (ITNEC). 1:731—735.
Software defined network (SDN) is an emerging network architecture. Its control logic and forwarding logic are separated. SDN has the characteristics of centralized management, which makes it easier for malicious attackers to use the security vulnerabilities of SDN networks to implement distributed denial Service (DDoS) attack. Information entropy is a kind of lightweight DDoS early detection method. This paper proposes a DDoS attack detection method in SDN networks based on φ-entropy. φ-entropy can adjust related parameters according to network conditions and enlarge feature differences between normal and abnormal traffic, which can make it easier to detect attacks in the early stages of DDoS traffic formation. Firstly, this article demonstrates the basic properties of φ-entropy, mathematically illustrates the feasibility of φ-entropy in DDoS detection, and then we use Mini-net to conduct simulation experiments to compare the detection effects of DDoS with Shannon entropy.
Lotfalizadeh, H., Kim, D. S..  2020.  Investigating Real-Time Entropy Features of DDoS Attack Based on Categorized Partial-Flows. 2020 14th International Conference on Ubiquitous Information Management and Communication (IMCOM). :1—6.
With the advent of IoT devices and exponential growth of nodes on the internet, computer networks are facing new challenges, with one of the more important ones being DDoS attacks. In this paper, new features to detect initiation and termination of DDoS attacks are investigated. The method to extract these features is devised with respect to some openflowbased switch capabilities. These features provide us with a higher resolution to view and process packet count entropies, thus improving DDoS attack detection capabilities. Although some of the technical assumptions are based on SDN technology and openflow protocol, the methodology can be applied in other networking paradigms as well.
Wang, L., Liu, Y..  2020.  A DDoS Attack Detection Method Based on Information Entropy and Deep Learning in SDN. 2020 IEEE 4th Information Technology, Networking, Electronic and Automation Control Conference (ITNEC). 1:1084—1088.
Software Defined Networking (SDN) decouples the control plane and the data plane and solves the difficulty of new services deployment. However, the threat of a single point of failure is also introduced at the same time. The attacker can launch DDoS attacks towards the controller through switches. In this paper, a DDoS attack detection method based on information entropy and deep learning is proposed. Firstly, suspicious traffic can be inspected through information entropy detection by the controller. Then, fine-grained packet-based detection is executed by the convolutional neural network (CNN) model to distinguish between normal traffic and attack traffic. Finally, the controller performs the defense strategy to intercept the attack. The experiments indicate that the accuracy of this method reaches 98.98%, which has the potential to detect DDoS attack traffic effectively in the SDN environment.