Visible to the public Biblio

Found 396 results

Filters: Keyword is Tools  [Clear All Filters]
2021-09-16
Astakhova, Liudmila, Medvedev, Ivan.  2020.  The Software Application for Increasing the Awareness of Industrial Enterprise Workers on Information Security of Significant Objects of Critical Information Infrastructure. 2020 Global Smart Industry Conference (GloSIC). :121–126.
Digitalization of production and management as the imperatives of Industry 4.0 stipulated the requirements of state regulators for informing and training personnel of a significant object of critical information infrastructure. However, the attention of industrial enterprises to this problem is assessed as insufficient. This determines the relevance and purpose of this article - to develop a methodology and tool for raising the awareness of workers of an industrial enterprise about information security (IS) of significant objects of critical information infrastructure. The article reveals the features of training at industrial enterprises associated with a high level of development of safety and labor protection systems. Traditional and innovative methods and means of training personnel at the workplace within the framework of these systems and their opportunities for training in the field of information security are shown. The specificity of the content and forms of training employees on the security of critical information infrastructure has been substantiated. The scientific novelty of the study consists in the development of methods and software applications that can perform the functions of identifying personal qualities of employees; testing the input level of their knowledge in the field of IS; testing for knowledge of IS rules (by the example of a response to socio-engineering attacks); planning an individual thematic plan for employee training; automatic creation of a modular program and its content; automatic notification of the employee about the training schedule at the workplace; organization of training according to the schedule; control self-testing and testing the level of knowledge of the employee after training; organizing a survey to determine satisfaction with employee training. The practical significance of the work lies in the possibility of implementing the developed software application in industrial enterprises, which is confirmed by the successful results of its testing.
Singh, Vivek Kumar, Govindarasu, Manimaran.  2020.  A Novel Architecture for Attack-Resilient Wide-Area Protection and Control System in Smart Grid. 2020 Resilience Week (RWS). :41–47.
Wide-area protection and control (WAPAC) systems are widely applied in the energy management system (EMS) that rely on a wide-area communication network to maintain system stability, security, and reliability. As technology and grid infrastructure evolve to develop more advanced WAPAC applications, however, so do the attack surfaces in the grid infrastructure. This paper presents an attack-resilient system (ARS) for the WAPAC cybersecurity by seamlessly integrating the network intrusion detection system (NIDS) with intrusion mitigation and prevention system (IMPS). In particular, the proposed NIDS utilizes signature and behavior-based rules to detect attack reconnaissance, communication failure, and data integrity attacks. Further, the proposed IMPS applies state transition-based mitigation and prevention strategies to quickly restore the normal grid operation after cyberattacks. As a proof of concept, we validate the proposed generic architecture of ARS by performing experimental case study for wide-area protection scheme (WAPS), one of the critical WAPAC applications, and evaluate the proposed NIDS and IMPS components of ARS in a cyber-physical testbed environment. Our experimental results reveal a promising performance in detecting and mitigating different classes of cyberattacks while supporting an alert visualization dashboard to provide an accurate situational awareness in real-time.
Torkura, Kennedy A., Sukmana, Muhammad I. H., Cheng, Feng, Meinel, Christoph.  2020.  CloudStrike: Chaos Engineering for Security and Resiliency in Cloud Infrastructure. IEEE Access. 8:123044–123060.
Most cyber-attacks and data breaches in cloud infrastructure are due to human errors and misconfiguration vulnerabilities. Cloud customer-centric tools are imperative for mitigating these issues, however existing cloud security models are largely unable to tackle these security challenges. Therefore, novel security mechanisms are imperative, we propose Risk-driven Fault Injection (RDFI) techniques to address these challenges. RDFI applies the principles of chaos engineering to cloud security and leverages feedback loops to execute, monitor, analyze and plan security fault injection campaigns, based on a knowledge-base. The knowledge-base consists of fault models designed from secure baselines, cloud security best practices and observations derived during iterative fault injection campaigns. These observations are helpful for identifying vulnerabilities while verifying the correctness of security attributes (integrity, confidentiality and availability). Furthermore, RDFI proactively supports risk analysis and security hardening efforts by sharing security information with security mechanisms. We have designed and implemented the RDFI strategies including various chaos engineering algorithms as a software tool: CloudStrike. Several evaluations have been conducted with CloudStrike against infrastructure deployed on two major public cloud infrastructure: Amazon Web Services and Google Cloud Platform. The time performance linearly increases, proportional to increasing attack rates. Also, the analysis of vulnerabilities detected via security fault injection has been used to harden the security of cloud resources to demonstrate the effectiveness of the security information provided by CloudStrike. Therefore, we opine that our approaches are suitable for overcoming contemporary cloud security issues.
Conference Name: IEEE Access
Sarker, Partha S., Singh Saini, Amandeep, Sajan, K S, Srivastava, Anurag K..  2020.  CP-SAM: Cyber-Power Security Assessment and Resiliency Analysis Tool for Distribution System. 2020 Resilience Week (RWS). :188–193.
Cyber-power resiliency analysis of the distribution system is becoming critical with increase in adverse cyberevents. Distribution network operators need to assess and analyze the resiliency of the system utilizing the analytical tool with a carefully designed visualization and be driven by data and model-based analytics. This work introduces the Cyber-Physical Security Assessment Metric (CP-SAM) visualization tool to assist operators in ensuring the energy supply to critical loads during or after a cyber-attack. CP-SAM also provides decision support to operators utilizing measurement data and distribution power grid model and through well-designed visualization. The paper discusses the concepts of cyber-physical resiliency, software design considerations, open-source software components, and use cases for the tool to demonstrate the implementation and importance of the developed tool.
Shehada, Dina, Gawanmeh, Amjad, Fachkha, Claude, Damis, Haitham Abu.  2020.  Performance Evaluation of a Lightweight IoT Authentication Protocol. 2020 3rd International Conference on Signal Processing and Information Security (ICSPIS). :1–4.
Ensuring security to IoT devices is important in order to provide privacy and quality of services. Proposing a security solution is considered an important step towards achieving protection, however, proving the soundness of the solution is also crucial. In this paper, we propose a methodology for the performance evaluation of lightweight IoT-based authentication protocols based on execution time. Then, a formal verification test is conducted on a lightweight protocol proposed in the literature. The formal verification test conducted with Scyther tool proofs that the model provides mutual authentication, authorization, integrity, confidentiality, non-repudiation, and accountability. The protocol also was proven to provide protection from various attacks.
2021-09-08
Raghuprasad, Aswin, Padmanabhan, Suraj, Arjun Babu, M, Binu, P.K.  2020.  Security Analysis and Prevention of Attacks on IoT Devices. 2020 International Conference on Communication and Signal Processing (ICCSP). :0876–0880.
As the demand for smart devices in homes increases, more and more manufacturers have been launching these devices on a mass scale. But what they are missing out on is taking care of the security part of these IoT devices which results in a more vulnerable system. This paper presents an idea through a small-scale working model and the studies that made the same possible. IoT devices face numerous threats these days with the ease of access to powerful hacking tools such as aircrack-ng which provides services like monitoring, attacking and cracking Wifi networks. The essential thought of the proposed system is to give an idea of how some common attacks are carried out, how these attacks work and to device some form of prevention as an additional security layer for IoT devices in general. The system proposed here prevents most forms of attacks that target the victim IoT device using their MAC addresses. These include DoS and DDoS attacks, both of which are the main focus of this paper. This paper also points out some of the future research work that can be followed up.
2021-09-07
Huang, Weiqing, Peng, Xiao, Shi, Zhixin, Ma, Yuru.  2020.  Adversarial Attack against LSTM-Based DDoS Intrusion Detection System. 2020 IEEE 32nd International Conference on Tools with Artificial Intelligence (ICTAI). :686–693.
Nowadays, machine learning is a popular method for DDoS detection. However, machine learning algorithms are very vulnerable under the attacks of adversarial samples. Up to now, multiple methods of generating adversarial samples have been proposed. However, they cannot be applied to LSTM-based DDoS detection directly because of the discrete property and the utility requirement of its input samples. In this paper, we propose two methods to generate DDoS adversarial samples, named Genetic Attack (GA) and Probability Weighted Packet Saliency Attack (PWPSA) respectively. Both methods modify original input sample by inserting or replacing partial packets. In GA, we evolve a set of modified samples with genetic algorithm and find the evasive variant from it. In PWPSA, we modify original sample iteratively and use the position saliency as well as the packet score to determine insertion or replacement order at each step. Experimental results on CICIDS2017 dataset show that both methods can bypass DDoS detectors with high success rate.
Faqir, Nada, En-Nahnahi, Noureddine, Boumhidi, Jaouad.  2020.  Deep Q-learning Approach for Congestion Problem In Smart Cities. 2020 Fourth International Conference On Intelligent Computing in Data Sciences (ICDS). :1–6.
Traffic congestion is a critical problem in urban area. In this study, our objective is the control of traffic lights in an urban environment, in order to avoid traffic jams and optimize vehicle traffic; we aim to minimize the total waiting time. Our system is based on a new paradigm, which is deep reinforcement learning; it can automatically learn all the useful characteristics of traffic data and develop a strategy optimizing adaptive traffic light control. Our system is coupled to a microscopic simulator based on agents (Simulation of Urban MObility - SUMO) providing a synthetic but realistic environment in which the exploration of the results of potential regulatory actions can be carried out.
2021-08-31
Subairu, Sikiru, Alhassan, John, Abdulhamid, Shafii, Ojeniyi, Joseph.  2020.  A Review of Detection Methodologies for Quick Response code Phishing Attacks. 2020 2nd International Conference on Computer and Information Sciences (ICCIS). :1—5.
Recently, phishing attacks have taking a new dimension with the addition of quick response code to phishing attacks vectors. Quick response code phishing attack is when an attacker lures its victims to voluntarily divulge personal information such as password, personal identification number, username and other information such as online banking details through the use of quick response code. This attack is on the rise as more and more people have adopted mobile phone usage not just for communication only but to perform transaction seamlessly. The ease of creation and use of quick response code has made it easily acceptable to both provider of goods and services and consumers. This attack is semantic as it exploits human vulnerabilities; as users can hardly know what is hidden in the quick response code before usage. This study reviewed various methodologies that earlier researcher have used to detect this semantic-based attack of phishing. The strength of each methodology, its weakness and general research gaps identified.
Rathod, Pawan Manoj, Shende, RajKumar K..  2020.  Recommendation System using optimized Matrix Multiplication Algorithm. 2020 IEEE International Symposium on Sustainable Energy, Signal Processing and Cyber Security (iSSSC). :1–4.
Volume, Variety, Velocity, Veracity & Value of data has drawn the attention of many analysts in the last few years. Performance optimization and comparison are the main challenges we face when we talk about the humongous volume of data. Data Analysts use data for activities like forecasting or deep learning and to process these data various tools are available which helps to achieve this task with minimum efforts. Recommendation System plays a crucial role while running any business such as a shopping website or travel agency where the system recommends the user according to their search history, likes, comments, or their past order/booking details. Recommendation System works on various strategies such as Content Filtering, Collaborative Filtering, Neighborhood Methods, or Matrix Factorization methods. For achieving maximum efficiency and accuracy based on the data a specific strategy can be the best case or the worst case for that scenario. Matrix Factorization is the key point of interest in this work. Matrix Factorization strategy includes multiplication of user matrix and item matrix in-order to get a rating matrix that can be recommended to the users. Matrix Multiplication can be achieved by using various algorithms such as Naive Algorithm, Strassen Algorithm, Coppersmith - Winograd (CW) Algorithm. In this work, a new algorithm is proposed to achieve less amount of time and space complexity used in-order for performing matrix multiplication which helps to get the results much faster. By using the Matrix Factorization strategy with various Matrix Multiplication Algorithm we are going to perform a comparative analysis of the same to conclude the proposed algorithm is more efficient.
2021-08-17
Jaiswal, Ayshwarya, Dwivedi, Vijay Kumar, Yadav, Om Prakash.  2020.  Big Data and its Analyzing Tools : A Perspective. 2020 6th International Conference on Advanced Computing and Communication Systems (ICACCS). :560–565.
Data are generated and stored in databases at a very high speed and hence it need to be handled and analyzed properly. Nowadays industries are extensively using Hadoop and Spark to analyze the datasets. Both the frameworks are used for increasing processing speeds in computing huge complex datasets. Many researchers are comparing both of them. Now, the big questions arising are, Is Spark a substitute for Hadoop? Is hadoop going to be replaced by spark in mere future?. Spark is “built on top of” Hadoop and it extends the model to deploy more types of computations which incorporates Stream Processing and Interactive Queries. No doubt, Spark's execution speed is much faster than Hadoop, but talking in terms of fault tolerance, hadoop is slightly more fault tolerant than spark. In this article comparison of various bigdata analytics tools are done and Hadoop and Spark are discussed in detail. This article further gives an overview of bigdata, spark and hadoop issues. In this survey paper, the approaches to resolve the issues of spark and hadoop are discussed elaborately.
Zheng, Gang, Xu, Xinzhong, Wang, Chao.  2020.  An Effective Target Address Generation Method for IPv6 Address Scan. 2020 IEEE 6th International Conference on Computer and Communications (ICCC). :73–77.
In recent years, IPv6 and its application are more and more widely deployed. Most network devices support and open IPv6 protocol stack. The security of IPv6 network is also concerned. In the IPv6 network security technology, address scanning is a key and difficult point. This paper presents a TGAs-based IPv6 address scanning method. It takes the known alive IPv6 addresses as input, and then utilizes the information entropy and clustering technology to mine the distribution law of seed addresses. Then, the final optimized target address set can be obtained by expanding from the seed address set according to the distribution law. Experimental results show that it can effectively improve the efficiency of IPv6 address scanning.
2021-08-12
Johari, Rahul, Kaur, Ishveen, Tripathi, Reena, Gupta, Kanika.  2020.  Penetration Testing in IoT Network. 2020 5th International Conference on Computing, Communication and Security (ICCCS). :1—7.
Penetration testing, also known as Pen testing is usually performed by a testing professional in order to detect security threats involved in a system. Penetration testing can also be viewed as a fake cyber Security attack, done in order to see whether the system is secure and free of vulnerabilities. Penetration testing is widely used for testing both Network and Software, but somewhere it fails to make IoT more secure. In IoT the security risk is growing day-by-day, due to which the IoT networks need more penetration testers to test the security. In the proposed work an effort has been made to compile and aggregate the information regarding VAPT(Vulnerability Assessment and Penetrating Testing) in the area of IoT.
2021-08-11
Odero, Stephen, Dargahi, Tooska, Takruri, Haifa.  2020.  Privacy Enhanced Interface Identifiers in IPv6. 2020 12th International Symposium on Communication Systems, Networks and Digital Signal Processing (CSNDSP). :1—6.
The Internet Protocol Version 6 (IPV6) proposed to replace IPV4 to solve scalability challenges and improve quality of service and security. Current implementation of IPv6 uses static value that is determined from the Media Access Control (MAC) address as the Interface Identifier (IID). This results in a deterministic IID for each user that is the same regardless of any network changes. This provides an eavesdropper with the ability to easily track the physical location of the communicating nodes using simple tools, such as ping and traceroute. Moreover, this address generation method provides a means to correlate network traffic with a specific user which can be achieved by filtering the IID and traffic analysis. These serious privacy breaches need to be addressed before widespread deployment of IPv6. In this paper we propose a privacy-enhanced method for generating IID which combines different network parameters. The proposed method generates non-deterministic IIDs that is resistance against correlation attack. We validate our approach using Wireshark, ping and traceroute tools and show that our proposed approach achieves better privacy compared to the existing IID generation methods.
Ngow, Y T, Goh, S H, Leo, J, Low, H W, Kamoji, Rupa.  2020.  Automated nets extraction for digital logic physical failure analysis on IP-secure products. 2020 IEEE International Symposium on the Physical and Failure Analysis of Integrated Circuits (IPFA). :1—6.
GDSII layouts of IP-confidential products are heavily controlled and access is only granted to certain privileged personnel. Failure analysts are generally excluded. Without guidance from GDSII, failure analysis, specifically physical inspection based on fault isolation findings cannot proceed. To overcome this challenge, we develop an automated approach that enables image snapshots relevant to failure analysts to be furnished without compromising the confidentiality of the GDSII content in this paper. Modules built are executed to trace the suspected nets and extract them into multiple images of different pre-defined frame specifications to facilitate failure analysis.
Chang, Rong N., Bhaskaran, Kumar, Dey, Prasenjit, Hsu, Hsianghan, Takeda, Seiji, Hama, Toshiyuki.  2020.  Realizing A Composable Enterprise Microservices Fabric with AI-Accelerated Material Discovery API Services. 2020 IEEE 13th International Conference on Cloud Computing (CLOUD). :313–320.
The complexity of building, deploying, and managing cross-organizational enterprise computing services with self-service, security, and quality assurances has been increasing exponentially in the era of hybrid multiclouds. AI-accelerated material discovery capabilities, for example, are desirable for enterprise application users to consume through business API services with assurance of satisfactory nonfunctional properties, e.g., enterprise-compliant self-service management of sharable sensitive data and machine learning capabilities at Internet scale. This paper presents a composable microservices based approach to creating and continuously improving enterprise computing services. Moreover, it elaborates on several key architecture design decisions for Navarch, a composable enterprise microservices fabric that facilitates consuming, managing, and composing enterprise API services. Under service management model of individual administration, every Navarch microservice is a managed composable API service that can be provided by an internal organization, an enterprise partner, or a public service provider. This paper also illustrates a Navarch-enabled systematic and efficient approach to transforming an AI-accelerated material discovery tool into secure, scalable, and composable enterprise microservices. Performance of the microservices can be continuously improved by exploiting advanced heterogeneous microservice hosting infrastructures. Factual comparative performance analyses are provided before the paper concludes with future work.
2021-08-05
Ramasubramanian, Muthukumaran, Muhammad, Hassan, Gurung, Iksha, Maskey, Manil, Ramachandran, Rahul.  2020.  ES2Vec: Earth Science Metadata Keyword Assignment using Domain-Specific Word Embeddings. 2020 SoutheastCon. :1—6.
Earth science metadata keyword assignment is a challenging problem. Dataset curators select appropriate keywords from the Global Change Master Directory (GCMD) set of keywords. The keywords are integral part of search and discovery of these datasets. Hence, selection of keywords are crucial in increasing the discoverability of datasets. Utilizing machine learning techniques, we provide users with automated keyword suggestions as an improved approach to complement manual selection. We trained a machine learning model that leverages the semantic embedding ability of Word2Vec models to process abstracts and suggest relevant keywords. A user interface tool we built to assist data curators in assignment of such keywords is also described.
2021-08-02
Wagner, Torrey J., Ford, Thomas C..  2020.  Metrics to Meet Security amp; Privacy Requirements with Agile Software Development Methods in a Regulated Environment. 2020 International Conference on Computing, Networking and Communications (ICNC). :17—23.
This work examines metrics that can be used to measure the ability of agile software development methods to meet security and privacy requirements of communications applications. Many implementations of communication protocols, including those in vehicular networks, occur within regulated environments where agile development methods are traditionally discouraged. We propose a framework and metrics to measure adherence to security, quality and software effectiveness regulations if developers desire the cost and schedule benefits of agile methods. After providing an overview of specific challenges that a regulated environment imposes on communications software development, we proceed to examine the 12 agile principles and how they relate to a regulatory environment. From this review we identify two metrics to measure performance of three key regulatory attributes of software for communications applications, and then recommend an approach of either tools, agile methods or DevOps that is best positioned to satisfy its regulated environment attributes. By considering the recommendations in this paper, managers of software-dominant communications programs in a regulated environment can gain insight into leveraging the benefits of agile methods.
Pereira, José D’Abruzzo.  2020.  Techniques and Tools for Advanced Software Vulnerability Detection. 2020 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW). :123—126.
Software is frequently deployed with vulnerabilities that may allow hackers to gain access to the system or information, leading to money or reputation losses. Although there are many techniques to detect software vulnerabilities, their effectiveness is far from acceptable, especially in large software projects, as shown by several research works. This Ph.D. aims to study the combination of different techniques to improve the effectiveness of vulnerability detection (increasing the detection rate and decreasing the number of false-positives). Static Code Analysis (SCA) has a good detection rate and is the central technique of this work. However, as SCA reports many false-positives, we will study the combination of various SCA tools and the integration with other detection approaches (e.g., software metrics) to improve vulnerability detection capabilities. We will also study the use of such combination to prioritize the reported vulnerabilities and thus guide the development efforts and fixes in resource-constrained projects.
Fargo, Farah, Franza, Olivier, Tunc, Cihan, Hariri, Salim.  2020.  VM Introspection-based Allowlisting for IaaS. 2020 7th International Conference on Internet of Things: Systems, Management and Security (IOTSMS). :1—4.
Cloud computing has become the main backend of the IT infrastructure as it provides ubiquitous and on-demand computing to serve to a wide range of users including end-users and high-performance demanding agencies. The users can allocate and free resources allocated for their Virtual Machines (VMs) as needed. However, with the rapid growth of interest in cloud computing systems, several issues have arisen especially in the domain of cybersecurity. It is a known fact that not only the malicious users can freely allocate VMs, but also they can infect victims' VMs to run their own tools that include cryptocurrency mining, ransomware, or cyberattacks against others. Even though there exist intrusion detection systems (IDS), running an IDS on every VM can be a costly process and it would require fine configuration that only a small subset of the cloud users are knowledgeable about. Therefore, to overcome this challenge, in this paper we present a VM introspection based allowlisting method to be deployed and managed directly by the cloud providers to check if there are any malicious software running on the VMs with minimum user intervention. Our middleware monitors the processes and if it detects unknown events, it will notify the users and/or can take action as needed.
Abdul Basit Ur Rahim, Muhammad, Duan, Qi, Al-Shaer, Ehab.  2020.  A Formal Analysis of Moving Target Defense. 2020 IEEE 44th Annual Computers, Software, and Applications Conference (COMPSAC). :1802—1807.
Static system configuration provides a significant advantage for the adversaries to discover the assets and launch attacks. Configuration-based moving target defense (MTD) reverses the cyber warfare asymmetry by mutating certain configuration parameters to disrupt the attack planning or increase the attack cost significantly. In this research, we present a methodology for the formal verification of MTD techniques. We formally modeled MTD techniques and verified them against constraints. We use Random Host Mutation (RHM) as a case study for MTD formal verification. The RHM transparently mutates the IP addresses of end-hosts and turns into untraceable moving targets. We apply the formal methodology to verify the correctness, safety, mutation, mutation quality, and deadlock-freeness of RHM using the model checking tool. An adversary is also modeled to validate the effectiveness of the MTD technique. Our experimentation validates the scalability and feasibility of the formal verification methodology.
2021-07-27
Dinesh, S., Burow, N., Xu, D., Payer, M..  2020.  RetroWrite: Statically Instrumenting COTS Binaries for Fuzzing and Sanitization. 2020 IEEE Symposium on Security and Privacy (SP). :1497—1511.
Analyzing the security of closed source binaries is currently impractical for end-users, or even developers who rely on third-party libraries. Such analysis relies on automatic vulnerability discovery techniques, most notably fuzzing with sanitizers enabled. The current state of the art for applying fuzzing or sanitization to binaries is dynamic binary translation, which has prohibitive performance overhead. The alternate technique, static binary rewriting, cannot fully recover symbolization information and hence has difficulty modifying binaries to track code coverage for fuzzing or to add security checks for sanitizers.The ideal solution for binary security analysis would be a static rewriter that can intelligently add the required instrumentation as if it were inserted at compile time. Such instrumentation requires an analysis to statically disambiguate between references and scalars, a problem known to be undecidable in the general case. We show that recovering this information is possible in practice for the most common class of software and libraries: 64-bit, position independent code. Based on this observation, we develop RetroWrite, a binary-rewriting instrumentation to support American Fuzzy Lop (AFL) and Address Sanitizer (ASan), and show that it can achieve compiler-level performance while retaining precision. Binaries rewritten for coverage-guided fuzzing using RetroWrite are identical in performance to compiler-instrumented binaries and outperform the default QEMU-based instrumentation by 4.5x while triggering more bugs. Our implementation of binary-only Address Sanitizer is 3x faster than Valgrind's memcheck, the state-of-the-art binary-only memory checker, and detects 80% more bugs in our evaluation.
2021-07-08
Chaturvedi, Amit Kumar, Chahar, Meetendra Singh, Sharma, Kalpana.  2020.  Proposing Innovative Perturbation Algorithm for Securing Portable Data on Cloud Servers. 2020 9th International Conference System Modeling and Advancement in Research Trends (SMART). :360—364.
Cloud computing provides an open architecture and resource sharing computing platform with pay-per-use model. It is now a popular computing platform and most of the new internet based computing services are on this innovation supported environment. We consider it as innovation supported because developers are more focused here on the service design, rather on arranging the infrastructure, network, management of the resources, etc. These all things are available in cloud computing on hired basis. Now, a big question arises here is the security of data or privacy of data because the service provider is already using the infrastructure, network, storage, processors, and other more resources from the third party. So, the security or privacy of the portable user's data is the main motivation for writing this research paper. In this paper, we are proposing an innovative perturbation algorithm MAP() to secure the portable user's data on the cloud server.
Kunz, Immanuel, Schneider, Angelika, Banse, Christian.  2020.  Privacy Smells: Detecting Privacy Problems in Cloud Architectures. 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom). :1324—1331.
Many organizations are still reluctant to move sensitive data to the cloud. Moreover, data protection regulations have established considerable punishments for violations of privacy and security requirements. Privacy, however, is a concept that is difficult to measure and to demonstrate. While many privacy design strategies, tactics and patterns have been proposed for privacy-preserving system design, it is difficult to evaluate an existing system with regards to whether these strategies have or have not appropriately been implemented. In this paper we propose indicators for a system's non-compliance with privacy design strategies, called privacy smells. To that end we first identify concrete metrics that measure certain aspects of existing privacy design strategies. We then define smells based on these metrics and discuss their limitations and usefulness. We identify these indicators on two levels of a cloud system: the data flow level and the access control level. Using a cloud system built in Microsoft Azure we show how the metrics can be measured technically and discuss the differences to other cloud providers, namely Amazon Web Services and Google Cloud Platform. We argue that while it is difficult to evaluate the privacy-awareness in a cloud system overall, certain privacy aspects in cloud systems can be mapped to useful metrics that can indicate underlying privacy problems. With this approach we aim at enabling cloud users and auditors to detect deep-rooted privacy problems in cloud systems.
2021-06-30
Chen, Jichang, Lu, Zhixiang, Zhu, Xueping.  2020.  A Lightweight Dual Authentication Protocol for the Internet of Vehicles. 2020 IEEE 3rd International Conference on Information Systems and Computer Aided Education (ICISCAE). :17—22.
With the development of 5G communication technology, the status of the Internet of Vehicles in people's lives is greatly improved in the general trend of intelligent transportation. The combination of vehicles and Radio Frequency Identification (RFID) makes the application prospects of vehicle networking gradually expand. However, the wireless network of the Internet of Vehicles is open and mobile, so it can be easily stolen or tampered with by attackers. Moreover, it will cause serious traffic security problems and even threat people's lives. In this paper, we propose a lightweight authentication protocol for the Internet of Vehicles based on a mobile RFID system and give corresponding security requirements for modeling potential attacks. The protocol is based on the three-party mutual authentication, and uses bit-operated left-cycle shift operations and hetero-oriented operations to generate encrypted data. The simultaneous inclusion of triparty shared key information and random numbers makes the protocol resistant to counterfeit attacks, violent attacks, replay attacks and desynchronization attacks. Finally, a simulation analysis of the security protocol using the ProVerif tool shows that the protocol secures is not accessible to attackers during the data transfer, and achieve the three-party authentication between sensor nodes (SN), vehicle nodes (Veh) and backend servers.