Visible to the public Biblio

Found 117 results

Filters: Keyword is Standards  [Clear All Filters]
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z   [Show ALL]
Ádám, Norbert, Madoš, Branislav, Baláž, Anton, Pavlik, Tomáš.  2017.  Artificial Neural Network Based IDS. 2017 IEEE 15th International Symposium on Applied Machine Intelligence and Informatics (SAMI). :000159–000164.

The Network Intrusion Detection Systems (NIDS) are either signature based or anomaly based. In this paper presented NIDS system belongs to anomaly based Neural Network Intrusion Detection System (NNIDS). The proposed NNIDS is able to successfully recognize learned malicious activities in a network environment. It was tested for the SYN flood attack, UDP flood attack, nMap scanning attack, and also for non-malicious communication.

Afanasev, M. Y., Krylova, A. A., Shorokhov, S. A., Fedosov, Y. V., Sidorenko, A. S..  2018.  A Design of Cyber-Physical Production System Prototype Based on an Ethereum Private Network. 2018 22nd Conference of Open Innovations Association (FRUCT). :3–11.
The concept of cyber-physical production systems is highly discussed amongst researchers and industry experts, however, the implementation options for these systems rely mainly on obsolete technologies. Despite the fact that the blockchain is most often associated with cryptocurrency, it is fundamentally wrong to deny the universality of this technology and the prospects for its application in other industries. For example, in the insurance sector or in a number of identity verification services. This article discusses the deployment of the CPPS backbone network based on the Ethereum private blockchain system. The structure of the network is described as well as its interaction with the help of smart contracts, based on the consumption of cryptocurrency for various operations.
Aksu, M. U., Dilek, M. H., Tatlı, E. İ, Bicakci, K., Dirik, H. İ, Demirezen, M. U., Aykır, T..  2017.  A Quantitative CVSS-Based Cyber Security Risk Assessment Methodology for IT Systems. 2017 International Carnahan Conference on Security Technology (ICCST). :1–8.

IT system risk assessments are indispensable due to increasing cyber threats within our ever-growing IT systems. Moreover, laws and regulations urge organizations to conduct risk assessments regularly. Even though there exist several risk management frameworks and methodologies, they are in general high level, not defining the risk metrics, risk metrics values and the detailed risk assessment formulas for different risk views. To address this need, we define a novel risk assessment methodology specific to IT systems. Our model is quantitative, both asset and vulnerability centric and defines low and high level risk metrics. High level risk metrics are defined in two general categories; base and attack graph-based. In our paper, we provide a detailed explanation of formulations in each category and make our implemented software publicly available for those who are interested in applying the proposed methodology to their IT systems.

Al-Salhi, Y. E. A., Lu, S..  2017.  New Steganography Scheme to Conceal a Large Amount of Secret Messages Using an Improved-AMBTC Algorithm Based on Hybrid Adaptive Neural Networks. 2017 Ieee 3rd International Conference on Big Data Security on Cloud (Bigdatasecurity), Ieee International Conference on High Performance and Smart Computing (Hpsc), and Ieee International Conference on Intelligent Data and Security (Ids). :112–121.

The term steganography was used to conceal thesecret message into other media file. In this paper, a novel imagesteganography is proposed, based on adaptive neural networkswith recycling the Improved Absolute Moment Block TruncationCoding algorithm, and by employing the enhanced five edgedetection operators with an optimal target of the ANNS. Wepropose a new scheme of an image concealing using hybridadaptive neural networks based on I-AMBTC method by thehelp of two approaches, the relevant edge detection operators andimage compression methods. Despite that, many processes in ourscheme are used, but still the quality of concealed image lookinggood according to the HVS and PVD systems. The final simulationresults are discussed and compared with another related researchworks related to the image steganography system.

Allawi, M. A. A., Hadi, A., Awajan, A..  2015.  MLDED: Multi-layer Data Exfiltration Detection System. 2015 Fourth International Conference on Cyber Security, Cyber Warfare, and Digital Forensic (CyberSec). :107–112.

Due to the growing advancement of crime ware services, the computer and network security becomes a crucial issue. Detecting sensitive data exfiltration is a principal component of each information protection strategy. In this research, a Multi-Level Data Exfiltration Detection (MLDED) system that can handle different types of insider data leakage threats with staircase difficulty levels and their implications for the organization environment has been proposed, implemented and tested. The proposed system detects exfiltration of data outside an organization information system, where the main goal is to use the detection results of a MLDED system for digital forensic purposes. MLDED system consists of three major levels Hashing, Keywords Extraction and Labeling. However, it is considered only for certain type of documents such as plain ASCII text and PDF files. In response to the challenging issue of identifying insider threats, a forensic readiness data exfiltration system is designed that is capable of detecting and identifying sensitive information leaks. The results show that the proposed system has an overall detection accuracy of 98.93%.

Arivazhagan, S., Jebarani, W. S. L., Kalyani, S. V., Abinaya, A. Deiva.  2017.  Mixed chaotic maps based encryption for high crypto secrecy. 2017 Fourth International Conference on Signal Processing, Communication and Networking (ICSCN). :1–6.

In recent years, the chaos based cryptographic algorithms have enabled some new and efficient ways to develop secure image encryption techniques. In this paper, we propose a new approach for image encryption based on chaotic maps in order to meet the requirements of secure image encryption. The chaos based image encryption technique uses simple chaotic maps which are very sensitive to original conditions. Using mixed chaotic maps which works based on simple substitution and transposition techniques to encrypt the original image yields better performance with less computation complexity which in turn gives high crypto-secrecy. The initial conditions for the chaotic maps are assigned and using that seed only the receiver can decrypt the message. The results of the experimental, statistical analysis and key sensitivity tests show that the proposed image encryption scheme provides an efficient and secure way for image encryption.

B. Boyadjis, C. Bergeron, S. Lecomte.  2015.  "Auto-synchronized selective encryption of video contents for an improved transmission robustness over error-prone channels". 2015 IEEE International Conference on Image Processing (ICIP). :2969-2973.

Selective encryption designates a technique that aims at scrambling a message content while preserving its syntax. Such an approach allows encryption to be transparent towards middle-box and/or end user devices, and to easily fit within existing pipelines. In this paper, we propose to apply this property to a real-time diffusion scenario - or broadcast - over a RTP session. The main challenge of such problematic is the preservation of the synchronization between encryption and decryption. Our solution is based on the Advanced Encryption Standard in counter mode which has been modified to fit our auto-synchronization requirement. Setting up the proposed synchronization scheme does not induce any latency, and requires no additional bandwidth in the RTP session (no additional information is sent). Moreover, its parallel structure allows to start decryption on any given frame of the video while leaving a lot of room for further optimization purposes.

Barrere, M., Steiner, R. V., Mohsen, R., Lupu, E. C..  2017.  Tracking the Bad Guys: An Efficient Forensic Methodology to Trace Multi-Step Attacks Using Core Attack Graphs. 2017 13th International Conference on Network and Service Management (CNSM). :1–7.

In this paper, we describe an efficient methodology to guide investigators during network forensic analysis. To this end, we introduce the concept of core attack graph, a compact representation of the main routes an attacker can take towards specific network targets. Such compactness allows forensic investigators to focus their efforts on critical nodes that are more likely to be part of attack paths, thus reducing the overall number of nodes (devices, network privileges) that need to be examined. Nevertheless, core graphs also allow investigators to hierarchically explore the graph in order to retrieve different levels of summarised information. We have evaluated our approach over different network topologies varying parameters such as network size, density, and forensic evaluation threshold. Our results demonstrate that we can achieve the same level of accuracy provided by standard logical attack graphs while significantly reducing the exploration rate of the network.

Besson, Frédéric, Dang, Alexandre, Jensen, Thomas.  2019.  Information-Flow Preservation in Compiler Optimisations. 2019 IEEE 32nd Computer Security Foundations Symposium (CSF). :230–23012.
Correct compilers perform program transformations preserving input/output behaviours of programs. Yet, correctness does not prevent program optimisations from introducing information-flow leaks that would make the target program more vulnerable to side-channel attacks than the source program. To tackle this problem, we propose a notion of Information-Flow Preserving (IFP) program transformation which ensures that a target program is no more vulnerable to passive side-channel attacks than a source program. To protect against a wide range of attacks, we model an attacker who is granted arbitrary memory accesses for a pre-defined set of observation points. We propose a compositional proof principle for proving that a transformation is IFP. Using this principle, we show how a translation validation technique can be used to automatically verify and even close information-flow leaks introduced by standard compiler passes such as dead-store elimination and register allocation. The technique has been experimentally validated on the CompCert C compiler.
Bi, Q., Huang, Y..  2018.  A Self-organized Shape Formation Method for Swarm Controlling. 2018 37th Chinese Control Conference (CCC). :7205–7209.
This paper presents a new approach for the shape formation based on the artificial method. It refers to the basic concept in the swarm intelligence: complex behaviors of the swarm can be formed with simple rules designed in the agents. In the framework, the distance image is used to generate not only an attraction field to keep all the agents in the given shape, but also repulsive force field among the agents to make them distribute uniformly. Compared to the traditional methods based on centralized control, the algorithm has properties of distributed and simple computation, convergence and robustness, which is very suitable for the swarm robots in the real world considering the limitation of communication, collision avoidance and calculation problems. We also show that some initial sensitive method can be improved in the similar way. The simulation results prove the proposed approach is suitable for convex. non-convex and line shapes.
Birnstill, P., Haas, C., Hassler, D., Beyerer, J..  2017.  Introducing Remote Attestation and Hardware-Based Cryptography to OPC UA. 2017 22nd IEEE International Conference on Emerging Technologies and Factory Automation (ETFA). :1–8.

In this paper we investigate whether and how hardware-based roots of trust, namely Trusted Platform Modules (TPMs) can improve the security of the communication protocol OPC UA (Open Platform Communications Unified Architecture) under reasonable assumptions, i.e. the Dolev-Yao attacker model. Our analysis shows that TPMs may serve for generating (RNG) and securely storing cryptographic keys, as cryptocoprocessors for weak systems, as well as for remote attestation. We propose to include these TPM functions into OPC UA via so-called ConformanceUnits, which can serve as building blocks of profiles that are used by clients and servers for negotiating the parameters of a session. Eventually, we present first results regarding the performance of a client-server communication including an additional OPC UA server providing remote attestation of other OPC UA servers.

Boyarinov, K., Hunter, A..  2017.  Security and trust for surveillance cameras. 2017 IEEE Conference on Communications and Network Security (CNS). :384–385.

We address security and trust in the context of a commercial IP camera. We take a hands-on approach, as we not only define abstract vulnerabilities, but we actually implement the attacks on a real camera. We then discuss the nature of the attacks and the root cause; we propose a formal model of trust that can be used to address the vulnerabilities by explicitly constraining compositionality for trust relationships.

Boykov, Y., Isack, H., Olsson, C., Ayed, I. B..  2015.  Volumetric Bias in Segmentation and Reconstruction: Secrets and Solutions. 2015 IEEE International Conference on Computer Vision (ICCV). :1769–1777.

Many standard optimization methods for segmentation and reconstruction compute ML model estimates for appearance or geometry of segments, e.g. Zhu-Yuille [23], Torr [20], Chan-Vese [6], GrabCut [18], Delong et al. [8]. We observe that the standard likelihood term in these formu-lations corresponds to a generalized probabilistic K-means energy. In learning it is well known that this energy has a strong bias to clusters of equal size [11], which we express as a penalty for KL divergence from a uniform distribution of cardinalities. However, this volumetric bias has been mostly ignored in computer vision. We demonstrate signif- icant artifacts in standard segmentation and reconstruction methods due to this bias. Moreover, we propose binary and multi-label optimization techniques that either (a) remove this bias or (b) replace it by a KL divergence term for any given target volume distribution. Our general ideas apply to continuous or discrete energy formulations in segmenta- tion, stereo, and other reconstruction problems.

Brodeur, S., Rouat, J..  2017.  Optimality of inference in hierarchical coding for distributed object-based representations. 2017 15th Canadian Workshop on Information Theory (CWIT). :1–5.

Hierarchical approaches for representation learning have the ability to encode relevant features at multiple scales or levels of abstraction. However, most hierarchical approaches exploit only the last level in the hierarchy, or provide a multiscale representation that holds a significant amount of redundancy. We argue that removing redundancy across the multiple levels of abstraction is important for an efficient representation of compositionality in object-based representations. With the perspective of feature learning as a data compression operation, we propose a new greedy inference algorithm for hierarchical sparse coding. Convolutional matching pursuit with a L0-norm constraint was used to encode the input signal into compact and non-redundant codes distributed across levels of the hierarchy. Simple and complex synthetic datasets of temporal signals were created to evaluate the encoding efficiency and compare with the theoretical lower bounds on the information rate for those signals. Empirical evidence have shown that the algorithm is able to infer near-optimal codes for simple signals. However, it failed for complex signals with strong overlapping between objects. We explain the inefficiency of convolutional matching pursuit that occurred in such case. This brings new insights about the NP-hard optimization problem related to using L0-norm constraint in inferring optimally compact and distributed object-based representations.

Brunner, M., Sillaber, C., Breu, R..  2017.  Towards Automation in Information Security Management Systems. 2017 IEEE International Conference on Software Quality, Reliability and Security (QRS). :160–167.

Establishing and operating an Information Security Management System (ISMS) to protect information values and information systems is in itself a challenge for larger enterprises and small and medium sized businesses alike. A high level of automation is required to reduce operational efforts to an acceptable level when implementing an ISMS. In this paper we present the ADAMANT framework to increase automation in information security management as a whole by establishing a continuous risk-driven and context-aware ISMS that not only automates security controls but considers all highly interconnected information security management tasks. We further illustrate how ADAMANT is suited to establish an ISO 27001 compliant ISMS for small and medium-sized enterprises and how not only the monitoring of security controls but a majority of ISMS related activities can be supported through automated process execution and workflow enactment.

Brunner, M., Huber, M., Sauerwein, C., Breu, R..  2017.  Towards an Integrated Model for Safety and Security Requirements of Cyber-Physical Systems. 2017 IEEE International Conference on Software Quality, Reliability and Security Companion (QRS-C). :334–340.

Increasing interest in cyber-physical systems with integrated computational and physical capabilities that can interact with humans can be identified in research and practice. Since these systems can be classified as safety- and security-critical systems the need for safety and security assurance and certification will grow. Moreover, these systems are typically characterized by fragmentation, interconnectedness, heterogeneity, short release cycles, cross organizational nature and high interference between safety and security requirements. These properties combined with the assurance of compliance to multiple standards, carrying out certification and re-certification, and the lack of an approach to model, document and integrate safety and security requirements represent a major challenge. In order to address this gap we developed a domain agnostic approach to model security and safety requirements in an integrated view to support certification processes during design and run-time phases of cyber-physical systems.

Buda, A., Främling, K., Borgman, J., Madhikermi, M., Mirzaeifar, S., Kubler, S..  2015.  Data supply chain in Industrial Internet. 2015 IEEE World Conference on Factory Communication Systems (WFCS). :1–7.

The Industrial Internet promises to radically change and improve many industry's daily business activities, from simple data collection and processing to context-driven, intelligent and pro-active support of workers' everyday tasks and life. The present paper first provides insight into a typical industrial internet application architecture, then it highlights one fundamental arising contradiction: “Who owns the data is often not capable of analyzing it”. This statement is explained by imaging a visionary data supply chain that would realize some of the Industrial Internet promises. To concretely implement such a system, recent standards published by The Open Group are presented, where we highlight the characteristics that make them suitable for Industrial Internet applications. Finally, we discuss comparable solutions and concludes with new business use cases.

Buranasaksee, U., Porkaew, K., Supasitthimethee, U..  2014.  AccAuth: Accounting system for OAuth protocol. Applications of Digital Information and Web Technologies (ICADIWT), 2014 Fifth International Conference on the. :8-13.

When a user accesses a resource, the accounting process at the server side does the job of keeping track of the resource usage so as to charge the user. In cloud computing, a user may use more than one service provider and need two independent service providers to work together. In this user-centric context, the user is the owner of the information and has the right to authorize to a third party application to access the protected resource on the user's behalf. Therefore, the user also needs to monitor the authorized resource usage he granted to third party applications. However, the existing accounting protocols were proposed to monitor the resource usage in terms of how the user uses the resource from the service provider. This paper proposed the user-centric accounting model called AccAuth which designs an accounting layer to an OAuth protocol. Then the prototype was implemented, and the proposed model was evaluated against the standard requirements. The result showed that AccAuth passed all the requirements.

Camenisch, J., Chen, L., Drijvers, M., Lehmann, A., Novick, D., Urian, R..  2017.  One TPM to Bind Them All: Fixing TPM 2.0 for Provably Secure Anonymous Attestation. 2017 IEEE Symposium on Security and Privacy (SP). :901–920.

The Trusted Platform Module (TPM) is an international standard for a security chip that can be used for the management of cryptographic keys and for remote attestation. The specification of the most recent TPM 2.0 interfaces for direct anonymous attestation unfortunately has a number of severe shortcomings. First of all, they do not allow for security proofs (indeed, the published proofs are incorrect). Second, they provide a Diffie-Hellman oracle w.r.t. the secret key of the TPM, weakening the security and preventing forward anonymity of attestations. Fixes to these problems have been proposed, but they create new issues: they enable a fraudulent TPM to encode information into an attestation signature, which could be used to break anonymity or to leak the secret key. Furthermore, all proposed ways to remove the Diffie-Hellman oracle either strongly limit the functionality of the TPM or would require significant changes to the TPM 2.0 interfaces. In this paper we provide a better specification of the TPM 2.0 interfaces that addresses these problems and requires only minimal changes to the current TPM 2.0 commands. We then show how to use the revised interfaces to build q-SDH-and LRSW-based anonymous attestation schemes, and prove their security. We finally discuss how to obtain other schemes addressing different use cases such as key-binding for U-Prove and e-cash.

Carlin, D., O'Kane, P., Sezer, S., Burgess, J..  2018.  Detecting Cryptomining Using Dynamic Analysis. 2018 16th Annual Conference on Privacy, Security and Trust (PST). :1–6.
With the rise in worth and popularity of cryptocurrencies, a new opportunity for criminal gain is being exploited and with little currently offered in the way of defence. The cost of mining (i.e., earning cryptocurrency through CPU-intensive calculations that underpin the blockchain technology) can be prohibitively expensive, with hardware costs and electrical overheads previously offering a loss compared to the cryptocurrency gained. Off-loading these costs along a distributed network of machines via malware offers an instantly profitable scenario, though standard Anti-virus (AV) products offer some defences against file-based threats. However, newer fileless malicious attacks, occurring through the browser on seemingly legitimate websites, can easily evade detection and surreptitiously engage the victim machine in computationally-expensive cryptomining (cryptojacking). With no current academic literature on the dynamic opcode analysis of cryptomining, to the best of our knowledge, we present the first such experimental study. Indeed, this is the first such work presenting opcode analysis on non-executable files. Our results show that browser-based cryptomining within our dataset can be detected by dynamic opcode analysis, with accuracies of up to 100%. Further to this, our model can distinguish between cryptomining sites, weaponized benign sites, de-weaponized cryptomining sites and real world benign sites. As it is process-based, our technique offers an opportunity to rapidly detect, prevent and mitigate such attacks, a novel contribution which should encourage further future work.
Carnevale, B., Baldanzi, L., Pilato, L., Fanucci, L..  2016.  A flexible system-on-a-chip implementation of the Advanced Encryption Standard. 2016 20th International Conference on System Theory, Control and Computing (ICSTCC). :156–161.
Systems-on-a-Chip are among the best-performing and complete solutions for complex electronic systems. This is also true in the field of network security, an application requiring high performance with low resource usage. This work presents an Advanced Encryption Standard implementation for Systems-on-a-Chip using as a reference the Cipher Block Chaining mode. In particular, a flexible interface based and the Advanced Peripheral Bus to integrate the encryption algorithm with any kind of processor is presented. The hardware-software approach of the architecture is also analyzed and described. The final system was integrated on a Xilinx Zynq 7000 to prototype and evaluate the idea. Results show that our solution demonstrates good performance and flexibility with low resource usage, occupying less than 2% of the Zynq 7000 with a throughput of 320 Mbps. The architecture is suitable when implementations of symmetric encryption algorithms for modern Systems-on-a-Chip are required.
Caso, J.S..  2014.  The rules of engagement for cyber-warfare and the Tallinn Manual: A case study. Cyber Technology in Automation, Control, and Intelligent Systems (CYBER), 2014 IEEE 4th Annual International Conference on. :252-257.

Documents such as the Geneva (1949) and Hague Conventions (1899 and 1907) that have clearly outlined the rules of engagement for warfare find themselves challenged by the presence of a new arena: cyber. Considering the potential nature of these offenses, operations taking place in the realm of cyber cannot simply be generalized as “cyber-warfare,” as they may also be acts of cyber-espionage, cyber-terrorism, cyber-sabaotge, etc. Cyber-attacks, such as those on Estonia in 2007, have begun to test the limits of NATO's Article 5 and the UN Charter's Article 2(4) against the use of force. What defines “force” as it relates to cyber, and what kind of response is merited in the case of uncertainty regarding attribution? In 2009, NATO's Cooperative Cyber Defence Centre of Excellence commissioned a group of experts to publish a study on the application of international law to cyber-warfare. This document, the Tallinn Manual, was published in 2013 as a non-binding exercise to stimulate discussion on the codification of international law on the subject. After analysis, this paper concludes that the Tallinn Manual classifies the 2010 Stuxnet attack on Iran's nuclear program as an illegal act of force. The purpose of this paper is the following: (1) to analyze the historical and technical background of cyber-warfare, (2) to evaluate the Tallinn Manual as it relates to the justification cyber-warfare, and (3) to examine the applicability of the Tallinn Manual in a case study of a historical example of a cyber-attacks.

Çeker, H., Upadhyaya, S..  2015.  Enhanced recognition of keystroke dynamics using Gaussian mixture models. MILCOM 2015 - 2015 IEEE Military Communications Conference. :1305–1310.

Keystroke dynamics is a form of behavioral biometrics that can be used for continuous authentication of computer users. Many classifiers have been proposed for the analysis of acquired user patterns and verification of users at computer terminals. The underlying machine learning methods that use Gaussian density estimator for outlier detection typically assume that the digraph patterns in keystroke data are generated from a single Gaussian distribution. In this paper, we relax this assumption by allowing digraphs to fit more than one distribution via the Gaussian Mixture Model (GMM). We have conducted an experiment with a public data set collected in a controlled environment. Out of 30 users with dynamic text, we obtain 0.08% Equal Error Rate (EER) with 2 components by using GMM, while pure Gaussian yields 1.3% EER for the same data set (an improvement of EER by 93.8%). Our results show that GMM can recognize keystroke dynamics more precisely and authenticate users with higher confidence level.

Chao, H., Ringlee, R. J..  2018.  Analytical Challenges in Reliability and Resiliency Modeling. 2018 IEEE International Conference on Probabilistic Methods Applied to Power Systems (PMAPS). :1–5.
A significant number of the generation, transmission and distribution facilities in the North America were designed and configured for serving electric loads and economic activities under certain reliability and resiliency requirements over 30 years ago. With the changing generation mix, the electric grid is tasked to deliver electricity made by fuel uncertain and energy limited resources. How adequate are the existing facilities to meet the industry expectations on reliability? What level of grid resiliency should be designed and built to sustain reliable electric services given the increasing exposure to frequent and lasting severe weather conditions? There is a need to review the modeling assumptions, operating and maintenance records before we can answer these questions.
Chen, R.L.-Y., Cohn, A., Neng Fan, Pinar, A..  2014.  Contingency-Risk Informed Power System Design. Power Systems, IEEE Transactions on. 29:2087-2096.

We consider the problem of designing (or augmenting) an electric power system at a minimum cost such that it satisfies the N-k-ε survivability criterion. This survivability criterion is a generalization of the well-known N-k criterion, and it requires that at least (1-εj) fraction of the steady-state demand be met after failures of j components, for j=0,1,...,k. The network design problem adds another level of complexity to the notoriously hard contingency analysis problem, since the contingency analysis is only one of the requirements for the design optimization problem. We present a mixed-integer programming formulation of this problem that takes into account both transmission and generation expansion. We propose an algorithm that can avoid combinatorial explosion in the number of contingencies, by seeking vulnerabilities in intermediary solutions and constraining the design space accordingly. Our approach is built on our ability to identify such system vulnerabilities quickly. Our empirical studies on modified instances of the IEEE 30-bus and IEEE 57-bus systems show the effectiveness of our methods. We were able to solve the transmission and generation expansion problems for k=4 in approximately 30 min, while other approaches failed to provide a solution at the end of 2 h.