Biblio

The modernization of legacy power grids relies on the prevalence of information technology (IT). While the benefits are multi-fold and include increased reliability, more accurate monitoring, etc., the reliance on IT increases the attack surface of power grids by making them vulnerable to cyber-attacks. One of the modernization paths is the emergence of multi-terminal dc systems that offer numerous advantages over traditional ac systems. Therefore, cyber-security issues surrounding dc networks need to be investigated. Contributing to this effort, a class of false data injection attacks, called load redistribution (LR) attacks, that targets dc grids is proposed. These attacks aim to compromise the system load data and lead the system operator to dispatch incorrect power flow commands that lead to adverse consequences. Although similar attacks have been recently studied for ac systems, their feasibility in the converter-based dc grids has yet to be demonstrated. Such an attack assessment is necessary because the dc grids have a much smaller control timescale and are more dependent on IT than their traditional ac counterparts. Hence, this work formulates and evaluates dc grid LR attacks by incorporating voltage-sourced converter (VSC) control strategies that appropriately delineate dc system operations. The proposed attack strategy is solved with Gurobi, and the results show that both control and system conditions can affect the success of an LR attack.

Cloud security has become a serious challenge due to increasing number of attacks day-by-day. Intrusion Detection System (IDS) requires an efficient security model for improving security in the cloud. This paper proposes a game theory based model, named as Game Theory Cloud Security Deep Neural Network (GT-CSDNN) for security in cloud. The proposed model works with the Deep Neural Network (DNN) for classification of attack and normal data. The performance of the proposed model is evaluated with CICIDS-2018 dataset. The dataset is normalized and optimal points about normal and attack data are evaluated based on the Improved Whale Algorithm (IWA). The simulation results show that the proposed model exhibits improved performance as compared with existing techniques in terms of accuracy, precision, F-score, area under the curve, False Positive Rate (FPR) and detection rate.

Binary analysis is pervasively utilized to assess software security and test vulnerabilities without accessing source codes. The analysis validity is heavily influenced by the inferring ability of information related to the code compilation. Among the compilation information, compiler type and optimization level, as the key factors determining how binaries look like, are still difficult to be inferred efficiently with existing tools. In this paper, we conduct a thorough empirical study on the binary's appearance under various compilation settings and propose a lightweight binary analysis tool based on the simplest machine learning method, called DIComP to infer the compiler and optimization level via most relevant features according to the observation. Our comprehensive evaluations demonstrate that DIComP can fully recognize the compiler provenance, and it is effective in inferring the optimization levels with up to 90% accuracy. Also, it is efficient to infer thousands of binaries at a millisecond level with our lightweight machine learning model (1MB).

Fruit-80, an ultra-lightweight stream cipher with 80-bit secret key, is oriented toward resource constrained devices in the Internet of Things. In this paper, we propose area and speed optimization architectures of Fruit-80 on FPGAs. The area optimization architecture reuses NFSR&LFSR feedback functions and achieves the most suitable ratio of look-up-tables and flip-flops. The speed optimization architecture adopts a hybrid approach for parallelization and reduces the latency of long data paths by pre-generating primary feedback and inserting flip-flops. In conclusion, the optimal throughput-to-area ratio of the speed optimization architecture is better than that of Grain v1. The area optimization architecture occupies only 35 slices on Xilinx Spartan-3 FPGA, smaller than that of Grain and other common stream ciphers. To the best of our knowledge, this result sets a new record of the minimum area in lightweight cipher implementations on FPGA.

With the ever-increasing use of large-scale IoT networks in different sectors of the industry, it has become critical to realise seamless and secure communication between devices in the network. Realising secure group communication in the IoT requires solving the problem of group-key establishment. In this work, we solve the problem by designing a new lattice-based Key Encapsulation Mechanism (KEM) for resource-constrained devices that enable the distribution of a symmetric key or any other data between all the devices in a given network. This is achieved by coupling multiple private keys to a unique public key. Moreover, we present a proof-of-concept implementation based on the GGH algorithm. The results show it is feasible to use lattice-based cryptography to allow for seamless and secure group communications within a decentralised IoT network. It has been bench-marked against other common post-quantum constructs and proven to be more practical with respect to memory consumption and security, although considerably slower due to lack of optimisation in the implementation.

For the smart campus of Guangdong Ocean University, we analyze the current situation of the university's network construction, as well as the problems in infrastructure, equipment, operation management, and network security. We focus on the construction objectives and design scheme of the smart campus, including the design of network structure and basic network services. The followings are considered in this study: optimization of network structure simplification, business integration, multi-operator access environment, operation and maintenance guarantee system, organic integration of production, and teaching and research after network leveling transformation.

State of the art Artificial Intelligence Assurance (AIA) methods validate AI systems based on predefined goals and standards, are applied within a given domain, and are designed for a specific AI algorithm. Existing works do not provide information on assuring subjective AI goals such as fairness and trustworthiness. Other assurance goals are frequently required in an intelligent deployment, including explainability, safety, and security. Accordingly, issues such as value loading, generalization, context, and scalability arise; however, achieving multiple assurance goals without major trade-offs is generally deemed an unattainable task. In this manuscript, we present two AIA pipelines that are model-agnostic, independent of the domain (such as: healthcare, energy, banking), and provide scores for AIA goals including explainability, safety, and security. The two pipelines: Adversarial Logging Scoring Pipeline (ALSP) and Requirements Feedback Scoring Pipeline (RFSP) are scalable and tested with multiple use cases, such as a water distribution network and a telecommunications network, to illustrate their benefits. ALSP optimizes models using a game theory approach and it also logs and scores the actions of an AI model to detect adversarial inputs, and assures the datasets used for training. RFSP identifies the best hyper-parameters using a Bayesian approach and provides assurance scores for subjective goals such as ethical AI using user inputs and statistical assurance measures. Each pipeline has three algorithms that enforce the final assurance scores and other outcomes. Unlike ALSP (which is a parallel process), RFSP is user-driven and its actions are sequential. Data are collected for experimentation; the results of both pipelines are presented and contrasted.

Robustness verification of neural networks (NNs) is a challenging and significant problem, which draws great attention in recent years. Existing researches have shown that bound propagation is a scalable and effective method for robustness verification, and it can be implemented on GPUs and TPUs to get parallelized. However, the bound propagation methods naturally produce weak bound due to linear relaxations on the neurons, which may cause failure in verification. Although tightening techniques for simple ReLU networks have been explored, they are not applicable for NNs with general activation functions such as Sigmoid and Tanh. Improving robustness verification on these NNs is still challenging. In this paper, we propose a Branch-and-Bound (BaB) style method to address this problem. The proposed BaB procedure improves the weak bound by splitting the input domain of neurons into sub-domains and solving the corresponding sub-problems. We propose a generic heuristic function to determine the priority of neuron splitting by scoring the relaxation and impact of neurons. Moreover, we combine bound optimization with the BaB procedure to improve the weak bound. Experimental results demonstrate that the proposed method gains up to 35% improvement compared to the state-of-art CROWN method on Sigmoid and Tanh networks.

Worldwide, societies are rapidly becoming more connected, owing primarily to the growing number of intelligent things and smart applications (e.g, smart automobiles, smart wearable devices, etc.) These have occurred in tandem with the Internet Of Things, a new method of connecting the physical and virtual worlds. It is a new promising paradigm whereby every ‘thing’ can connect to anything via the Internet. However, with IoT systems being deployed even on large-scale, security concerns arise amongst other challenges. Hence the need to allocate appropriate protection of resources. The realization of secure IoT systems could only be accomplished with a comprehensive understanding of the particular needs of a specific system. How-ever, this paradigm lacks a proper and exhaustive classification of security requirements. This paper presents an approach towards understanding and classifying the security requirements of IoT devices. This effort is expected to play a role in designing cost-efficient and purposefully secured future IoT systems. During the coming up with and the classification of the requirements, We present a variety of set-ups and define possible attacks and threats within the scope of IoT. Considering the nature of IoT and security weaknesses as manifestations of unrealized security requirements, We put together possible attacks and threats in categories, assessed the existent IoT security requirements as seen in literature, added more in accordance with the applied domain of the IoT and then classified the security requirements. An IoT system can be secure, scalable, and flexible by following the proposed security requirement classification.

This article describes an analysis of the key technologies currently applied to improve the quality, efficiency, safety and sustainability of Smart Grid systems and identifies the tools to optimize them and possible gaps in this area, considering the different energy sources, distributed generation, microgrids and energy consumption and production capacity. The research was conducted with a qualitative methodological approach, where the literature review was carried out with studies published from 2019 to 2022, in five (5) databases following the selection of studies recommended by the PRISMA guide. Of the five hundred and four (504) publications identified, ten (10) studies provided insight into the technological trends that are impacting this scenario, namely: Internet of Things, Big Data, Edge Computing, Artificial Intelligence and Blockchain. It is concluded that to obtain the best performance within Smart Grids, it is necessary to have the maximum synergy between these technologies, since this union will enable the application of advanced smart digital technology solutions to energy generation and distribution operations, thus allowing to conquer a new level of optimization.

Effective information security risk management is essential for survival of any business that is dependent on IT. In this paper we present an efficient and effective solution to find best parameters for managing cyber risks using artificial intelligence. Genetic algorithm is use as it can provide our required optimization and intelligence. Results show that GA is professional in finding the best parameters and minimizing the risk.

In this paper, we design a new framework that can utilize the current global optimization heuristics for solving the straight-line program (SLP) problem. We combine Paar1, Paar2, BP (Boyar-Peralta), BFI, RNBP (Random-Boyar Peralta), A1, A2, XZLBZ, and LWFWSW (backward search) state-of-the-art heuristics by taking the XOR (exclusive OR) count metrics into consideration. Thus, by using the proposed framework, optimal circuit implementations of a given diffusion (or linear) layer can be found with fewer XOR gate counts.

Existing defense strategies against adversarial attacks (AAs) on AI/ML are primarily focused on examining the input data streams using a wide variety of filtering techniques. For instance, input filters are used to remove noisy, misleading, and out-of-class inputs along with a variety of attacks on learning systems. However, a single filter may not be able to detect all types of AAs. To address this issue, in the current work, we propose a robust, transferable, distribution-independent, and cross-domain supported framework for selecting Adaptive Filter Ensembles (AFEs) to minimize the impact of data poisoning on learning systems. The optimal filter ensembles are determined through a Multi-Objective Bi-Level Programming Problem (MOBLPP) that provides a subset of diverse filter sequences, each exhibiting fair detection accuracy. The proposed framework of AFE is trained to model the pristine data distribution to identify the corrupted inputs and converges to the optimal AFE without vanishing gradients and mode collapses irrespective of input data distributions. We presented preliminary experiments to show the proposed defense outperforms the existing defenses in terms of robustness and accuracy.

This paper proposes a novel approach for privacy preserving face recognition aimed to formally define a trade-off optimization criterion between data privacy and algorithm accuracy. In our methodology, real world face images are anonymized with Gaussian blurring for privacy preservation. The anonymized images are processed for face detection, face alignment, face representation, and face verification. The proposed methodology has been validated with a set of experiments on a well known dataset and three face recognition classifiers. The results demonstrate the effectiveness of our approach to correctly verify face images with different levels of privacy and results accuracy, and to maximize privacy with the least negative impact on face detection and face verification accuracy.

Classification problems have been part of numerous real-life applications in fields of security, medicine, agriculture, and more. Due to the wide range of applications, there is a constant need for more accurate and efficient methods. Besides more efficient and better classification algorithms, the optimal feature set is a significant factor for better classification accuracy. In general, more features can better describe instances, but besides showing differences between instances of different classes, it can also capture many similarities that lead to wrong classification. Determining the optimal feature set can be considered a hard optimization problem for which different metaheuristics, like swarm intelligence algorithms can be used. In this paper, we propose an adaptation of hybridized swarm intelligence (SI) algorithm for feature selection problem. To test the quality of the proposed method, classification was done by k-means algorithm and it was tested on 17 benchmark datasets from the UCI repository. The results are compared to similar approaches from the literature where SI algorithms were used for feature selection, which proves the quality of the proposed hybridized SI method. The proposed method achieved better classification accuracy for 16 datasets. Higher classification accuracy was achieved while simultaneously reducing the number of used features.

Security attacks on sensor data can deceive a control system and force the physical plant to reach an unwanted and potentially dangerous state. Therefore, attack detection mechanisms are employed in cyber-physical control systems to detect ongoing attacks, the most prominent one being a threshold-based anomaly detection method called CUSUM. Literature defines the maximum impact of stealth attacks as the maximum deviation in the plant’s state that an undetectable attack can introduce, and formulates it as an optimization problem. This paper proposes an optimization-based attack with different saturation models, and it investigates how the attack duration significantly affects the impact of the attack on the state of the plant. We show that more dangerous attacks can be discovered when allowing saturation of the control system actuators. The proposed approach is compared with the geometric attack, showing how longer attack durations can lead to a greater impact of the attack while keeping the attack stealthy.

We present a scalable optimization algorithm and its parallel implementation for two-stage stochastic programming problems of large-scale, particularly the security constrained optimal power flow models routinely used in electrical power grid operations. Such problems can be prohibitively expensive to solve on industrial scale with the traditional methods or in serial. The algorithm decomposes the problem into first-stage and second-stage optimization subproblems which are then scheduled asynchronously for efficient evaluation in parallel. Asynchronous evaluations are crucial in achieving good balancing and parallel efficiency because the second-stage optimization subproblems have highly varying execution times. The algorithm employs simple local second-order approximations of the second-stage optimal value functions together with exact first- and second-order derivatives for the first-stage subproblems to accelerate convergence. To reduce the number of the evaluations of computationally expensive second-stage subproblems required by line search, we devised a flexible mechanism for controlling the step size that can be tuned to improve performance for individual class of problems. The algorithm is implemented in C++ using MPI non-blocking calls to overlap computations with communication and boost parallel efficiency. Numerical experiments of the algorithm are conducted on Summit and Lassen supercomputers at Oak Ridge and Lawrence Livermore National Laboratories and scaling results show good parallel efficiency.

This work introduces methods that unlock a series of applications for decision trees and neural networks in power system optimization. Capturing constraints that were impossible to capture before in a scalable way, we use decision trees (or neural networks) to extract an accurate representation of the non-convex feasible region which is characterized by both algebraic and differential equations. Applying an exact transformation, we convert the information encoded in the decision trees and the neural networks to linear decision rules that we incorporate as conditional constraints in an optimization problem (MILP or MISOCP). Our approach introduces a framework to unify security considerations with electricity market operations, capturing not only steady-state but also dynamic stability constraints in power system optimization, and has the potential to eliminate redispatching costs, leading to savings of millions of euros per year.

Incast traffic is a many-to-one communication pattern used in many applications, including distributed storage, web-search with partition/aggregation design pattern, and MapReduce, commonly in data centers. It is generally composed of short-lived flows that may be queued behind large flows' packets in congested switches where performance degradation is observed. Smart buffering at the switch level is sensed to mitigate this issue by automatically and dynamically adapting to traffic conditions changes in the highly dynamic data center environment. But for this dynamic and smart buffer management to become effectively beneficial for all the traffic, and especially for incast the most critical one, incast performance models that provide insights on how various factors affect it are needed. The literature lacks these types of models. The existing ones are analytical models, which are either tightly coupled with a particular protocol version or specific to certain empirical data. Motivated by this observation, we propose a machine-learning-based incast performance inference. With this prediction capability, smart buffering scheme or other QoS optimization algorithms could anticipate and efficiently optimize system parameters adjustment to achieve optimal performance. Since applying machine learning to networks managed in a distributed fashion is hard, the prediction mechanism will be deployed on an SDN control plane. We could then take advantage of SDN's centralized global view, its telemetry capabilities, and its management flexibility.

Software developers make mistakes that can lead to failures of a software product. One approach to detect defects is static analysis: examine code without execution. Currently, various source code static analysis tools are widely used to detect defects. However, source code analysis is not enough. The reason for this is the use of third-party binary libraries, the unprovability of the correctness of all compiler optimizations. This paper introduces BinSide : binary static analysis framework for defects detection. It does interprocedural, context-sensitive and flow-sensitive analysis. The framework uses platform independent intermediate representation and provide opportunity to analyze various architectures binaries. The framework includes value analysis, reaching definition, taint analysis, freed memory analysis, constant folding, and constant propagation engines. It provides API (application programming interface) and can be used to develop new analyzers. Additionally, we used the API to develop checkers for classic buffer overflow, format string, command injection, double free and use after free defects detection.

Matching indirect function callees and callers using function signatures recovered from binary executables (number of arguments and argument types) has been proposed to construct a more fine-grained control-flow graph (CFG) to help control-flow integrity (CFI) enforcement. However, various compiler optimizations may violate calling conventions and result in unmatched function signatures. In this paper, we present eight scenarios in which compiler optimizations impact function signature recovery, and report experimental results with 1,344 real-world applications of various optimization levels. Most interestingly, our experiments show that compiler optimizations have both positive and negative impacts on function signature recovery, e.g., its elimination of redundant instructions at callers makes counting of the number of arguments more accurate, while it hurts argument type matching as the compiler chooses the most efficient (but potentially different) types at callees and callers. To better deal with these compiler optimizations, we propose a set of improved policies and report our more accurate CFG models constructed from the 1,344 applications. We additionally compare our results recovered from binary executables with those extracted from program source and reveal scenarios where compiler optimization makes the task of accurate function signature recovery undecidable.

In the Swarm Intelligence domain, the firefly algorithm(s) is the most significant algorithm applied in most all optimization areas. FA and variants are easily understood and implemented. FA is capable of solving different domain problems. For solving diverse range of engineering problems requires modified FA or Hybrid FA algorithms, but it is possible additional scope of improvement. In recent times swarm intelligence based intelligent optimization algorithms have been used for Research purposes. FA is one of most important intelligence Swarm algorithm that can be applied for the problems of Global optimization. FA algorithm is capable of achieving best results for complicated issues. In this research study we have discussed and different characteristics of FA and presented brief Review of FA. Along with other metahauristic algorithm we have discussed FA algorithm’s different variant like multi objective, and hybrid. The applications of firefly algorithm are bestowed. The aim of the paper is to give future direction for research in FA.

Pooling together samples and testing the resulting mixture is gaining considerable interest as a potential method to markedly increase the rate of testing for SARS-CoV-2, given the resource limited conditions. Such pooling can also be employed for carrying out large scale diagnostic testing of other infectious diseases, especially when the available resources are limited. Therefore, it has become important to design a user-friendly tool to assist clinicians and policy makers, to determine optimal testing pool and sub-pool sizes for their specific scenarios. We have developed such a tool; the calculator web application is available at https://riteshsingh.github.io/poolsize/. The algorithms employed are described and analyzed in this paper, and their application to other scientific fields is also discussed. We find that pooling always reduces the expected number of tests in all the conditions, at the cost of test sensitivity. The No sub-pooling optimal pool size calculator will be the most widely applicable one, because limitations of sample quantity will restrict sub-pooling in most conditions.

The IFDS algorithm can be memory-intensive, requiring a memory budget of more than 100 GB of RAM for some applications. The large memory requirements significantly restrict the deployment of IFDS-based tools in practise. To improve this, we propose a disk-assisted solution that drastically reduces the memory requirements of traditional IFDS solvers. Our solution saves memory by 1) recomputing instead of memorizing intermediate analysis data, and 2) swapping in-memory data to disk when memory usages reach a threshold. We implement sophisticated scheduling schemes to swap data between memory and disks efficiently. We have developed a new taint analysis tool, DiskDroid, based on our disk-assisted IFDS solver. Compared to FlowDroid, a state-of-the-art IFDS-based taint analysis tool, for a set of 19 apps which take from 10 to 128 GB of RAM by FlowDroid, DiskDroid can analyze them with less than 10GB of RAM at a slight performance improvement of 8.6%. In addition, for 21 apps requiring more than 128GB of RAM by FlowDroid, DiskDroid can analyze each app in 3 hours, under the same memory budget of 10GB. This makes the tool deployable to normal desktop environments. We make the tool publicly available at https://github.com/HaofLi/DiskDroid.

With the wide application of video information, the protection of video information from illegal access has been widely investigated recently. An efficient selective encryption scheme for high efficiency video coding (HEVC) based on hyperchaotic Lorenz system is proposed. Firstly, the hyperchaotic Lorenz system is discretized and the generated chaotic state values are converted into chaotic pseudorandom sequences for encryption. The important syntax elements in HEVC are then selectively encrypted with the generated stream cipher. The experimental results show that the encrypted video is highly disturbed and the video information cannot be recognized. Through the analysis of objective index results, it is shown that the scheme is both efficient and security.