Visible to the public Biblio

Filters: Keyword is information technology  [Clear All Filters]
2022-08-04
Eckel, Michael, Kuzhiyelil, Don, Krauß, Christoph, Zhdanova, Maria, Katzenbeisser, Stefan, Cosic, Jasmin, Drodt, Matthias, Pitrolle, Jean-Jacques.  2021.  Implementing a Security Architecture for Safety-Critical Railway Infrastructure. 2021 International Symposium on Secure and Private Execution Environment Design (SEED). :215—226.
The digitalization of safety-critical railroad infrastructure enables new types of attacks. This increases the need to integrate Information Technology (IT) security measures into railroad systems. For that purpose, we rely on a security architecture for a railway object controller which controls field elements that we developed in previous work. Our architecture enables the integration of security mechanisms into a safety-certified railway system. In this paper, we demonstrate the practical feasibility of our architecture by using a Trusted Platform Module (TPM) 2.0 and a Multiple Independent Levels of Safety and Security (MILS) Separation Kernel (SK) for our implementation. Our evaluation includes a test bed and shows how certification and homologation can be achieved.
2022-07-29
Badran, Sultan, Arman, Nabil, Farajallah, Mousa.  2021.  An Efficient Approach for Secure Data Outsourcing using Hybrid Data Partitioning. 2021 International Conference on Information Technology (ICIT). :418—423.
This paper presents an implementation of a novel approach, utilizing hybrid data partitioning, to secure sensitive data and improve query performance. In this novel approach, vertical and horizontal data partitioning are combined together in an approach that called hybrid partitioning and the new approach is implemented using Microsoft SQL server to generate divided/partitioned relations. A group of proposed rules is applied to the query request process using query binning (QB) and Metadata of partitioning. The proposed approach is validated using experiments involving a collection of data evaluated by outcomes of advanced stored procedures. The suggested approach results are satisfactory in achieving the properties of defining the data security: non-linkability and indistinguishability. The results of the proposed approach were satisfactory. The proposed novel approach outperforms a well-known approach called PANDA.
Kientega, Raoul, Sidibé, Moustapha Hadji, Traore, Tiemogo.  2021.  Toward an Enhanced Tool for Internet Exchange Point Detection. 2021 3rd International Multidisciplinary Information Technology and Engineering Conference (IMITEC). :1–3.
Internet Exchange Points (IXPs) are critical components of the Internet infrastructure that affect its performance, evolution, security and economy. In this work, we introduce a technique to improve the well-known TraIXroute tool with its ability to identify IXPs. TraIXroute is a tool written in python3. It always encounters problems during its installation by network administrators and researchers. This problem remains unchanged in the field of internet ixp measurement tools. Our paper aims to make a critical analysis of TraIXroute tool which has some malfunctions. Furthermore, our main objective is to implement an improved tool for detecting ixps on the traceroute path with ipv4 and ipv6. The tool will have options for Geolocation of ixps as well as ASs. Our tool is written in C\# (C sharp) and python which are object oriented programming languages.
2022-07-12
Pelissero, Nicolas, Laso, Pedro Merino, Jacq, Olivier, Puentes, John.  2021.  Towards modeling of naval systems interdependencies for cybersecurity. OCEANS 2021: San Diego – Porto. :1—7.
To ensure a ship’s fully operational status in a wide spectrum of missions, as passenger transportation, international trade, and military activities, numerous interdependent systems are essential. Despite the potential critical consequences of misunderstanding or ignoring those interdependencies, there are very few documented approaches to enable their identification, representation, analysis, and use. From the cybersecurity point of view, if an anomaly occurs on one of the interdependent systems, it could eventually impact the whole ship, jeopardizing its mission success. This paper presents a proposal to identify the main dependencies of layers within and between generic ship’s functional blocks. An analysis of one of these layers, the platform systems, is developed to examine a naval cyber-physical system (CPS), the water management for passenger use, and its associated dependencies, from an intrinsic perspective. This analysis generates a three layers graph, on which dependencies are represented as oriented edges. Each abstraction level of the graph represents the physical, digital, and system variables of the examined CPS. The obtained result confirms the interest of graphs for dependencies representation and analysis. It is an operational depiction of the different systems interdependencies, on which can rely a cybersecurity evaluation, like anomaly detection and propagation assessment.
2022-06-13
Wang, Fengling, Wang, Han, Xue, Liang.  2021.  Research on Data Security in Big Data Cloud Computing Environment. 2021 IEEE 5th Advanced Information Technology, Electronic and Automation Control Conference (IAEAC). 5:1446–1450.
In the big data cloud computing environment, data security issues have become a focus of attention. This paper delivers an overview of conceptions, characteristics and advanced technologies for big data cloud computing. Security issues of data quality and privacy control are elaborated pertaining to data access, data isolation, data integrity, data destruction, data transmission and data sharing. Eventually, a virtualization architecture and related strategies are proposed to against threats and enhance the data security in big data cloud environment.
2022-06-09
AlMedires, Motaz, AlMaiah, Mohammed.  2021.  Cybersecurity in Industrial Control System (ICS). 2021 International Conference on Information Technology (ICIT). :640–647.
The paper gives an overview of the ICS security and focuses on Control Systems. Use of internet had security challenges which led to the development of ICS which is designed to be dependable and safe. PCS, DCS and SCADA all are subsets of ICS. The paper gives a description of the developments in the ICS security and covers the most interesting work done by researchers. The paper also provides research information about the parameters on which a remotely executed cyber-attack depends.
2022-06-06
Rasmi Al-Mousa, Mohammad.  2021.  Generic Proactive IoT Cybercrime Evidence Analysis Model for Digital Forensics. 2021 International Conference on Information Technology (ICIT). :654–659.
With the widespread adoption of Internet of Things (IoT) applications around the world, security related problems become a challenge since the number of cybercrimes that must be identified and investigated increased dramatically. The volume of data generated and handled is immense due to the increased number of IoT applications around the world. As a result, when a cybercrime happens, the volume of digital data needs to be dealt with is massive. Consequently, more effort and time are needed to handle the security issues. As a result, in digital forensics, the analysis phase is an important and challenging phase. This paper proposes a generic proactive model for the cybercrime analysis process in the Internet of Things. The model is focused on the classification of evidences in advance based on its significance and relation to past crimes, as well as the severity of the evidence in terms of the probability occurrence of a cybercrime. This model is supposed to save time and effort during the automated forensic investigation process.
2022-05-24
Qin, Yishuai, Xiao, Bing, Li, Yaodong, Yu, Jintao.  2021.  Structure adjustment of early warning information system based on timeliness. 2021 IEEE 5th Advanced Information Technology, Electronic and Automation Control Conference (IAEAC). 5:2742–2747.
Aimed at the high requirement of timeliness in the process of information assurance, this paper describes the average time delay of information transmission in the system, and designs a timeliness index that can quantitatively describe the ability of early warning information assurance. In response to the problem that system capability cannot meet operational requirements due to enemy attacks, this paper analyzes the structure of the early warning information system, Early warning information complex network model is established, based on the timeliness index, a genetic algorithm based on simulated annealing with special chromosome coding is proposed.the algorithm is used to adjust the network model structure, the ability of early warning information assurance has been improved. Finally, the simulation results show the effectiveness of the proposed method.
2022-05-05
Zhang, Qiao-Jia, Ye, Qing, Li, Liang, Liu, Si-jie, Chen, Kai-qiang.  2021.  An efficient selective encryption scheme for HEVC based on hyperchaotic Lorenz system. 2021 IEEE 5th Advanced Information Technology, Electronic and Automation Control Conference (IAEAC). 5:683—690.
With the wide application of video information, the protection of video information from illegal access has been widely investigated recently. An efficient selective encryption scheme for high efficiency video coding (HEVC) based on hyperchaotic Lorenz system is proposed. Firstly, the hyperchaotic Lorenz system is discretized and the generated chaotic state values are converted into chaotic pseudorandom sequences for encryption. The important syntax elements in HEVC are then selectively encrypted with the generated stream cipher. The experimental results show that the encrypted video is highly disturbed and the video information cannot be recognized. Through the analysis of objective index results, it is shown that the scheme is both efficient and security.
2022-04-26
Al–Sewadi, Hamza A.A., Al-Shnawa, Ruqa A., Rifaat, Mohammed M..  2021.  Signature Verification Time Reduction for GOST Digital Signature Algorithm. 2021 International Conference on Communication Information Technology (ICICT). :279–283.

Although many digital signature algorithms are available nowadays, the speed of signing and/or verifying a digital signature is crucial for different applications. Some algorithms are fast for signing but slow for verification, but others are the inverse. Research efforts for an algorithm being fast in both signing and verification is essential. The traditional GOST algorithm has the shortest signing time but longest verification time compared with other DSA algorithms. Hence an improvement in its signature verification time is sought in this work. A modified GOST digital signature algorithm variant is developed improve the signature verification speed by reducing the computation complexity as well as benefiting from its efficient signing speed. The obtained signature verification execution speed for this variant was 1.5 time faster than that for the original algorithm. Obviously, all parameters' values used, such as public and private key, random numbers, etc. for both signing and verification processes were the same. Hence, this algorithm variant will prove suitable for applications that require short time for both, signing and verification processes. Keywords— Discrete Algorithms, Authentication, Digital Signature Algorithms DSA, GOST, Data Integrity

AlQahtani, Ali Abdullah S., Alamleh, Hosam, El-Awadi, Zakaria.  2021.  Secure Digital Signature Validated by Ambient User amp;\#x2019;s Wi-Fi-enabled devices. 2021 IEEE 5th International Conference on Information Technology, Information Systems and Electrical Engineering (ICITISEE). :159–162.

In cyberspace, a digital signature is a mathematical technique that plays a significant role, especially in validating the authenticity of digital messages, emails, or documents. Furthermore, the digital signature mechanism allows the recipient to trust the authenticity of the received message that is coming from the said sender and that the message was not altered in transit. Moreover, a digital signature provides a solution to the problems of tampering and impersonation in digital communications. In a real-life example, it is equivalent to a handwritten signature or stamp seal, but it offers more security. This paper proposes a scheme to enable users to digitally sign their communications by validating their identity through users’ mobile devices. This is done by utilizing the user’s ambient Wi-Fi-enabled devices. Moreover, the proposed scheme depends on something that a user possesses (i.e., Wi-Fi-enabled devices), and something that is in the user’s environment (i.e., ambient Wi-Fi access points) where the validation process is implemented, in a way that requires no effort from users and removes the "weak link" from the validation process. The proposed scheme was experimentally examined.

2022-04-18
Shammari, Ayla Al, Maiti, Richard Rabin, Hammer, Bennet.  2021.  Organizational Security Policy and Management during Covid-19. SoutheastCon 2021. :1–4.
Protection of an organization's assets and information technology infrastructure is always crucial to any business. Securing and protecting businesses from cybersecurity threats became very challenging during the Covid-19 Pandemic. Organizations suddenly shifted towards remote work to maintain continuity and protecting against new cyber threats became a big concern for most business owners. This research looks into the following areas (i) outlining the shift from In-person to online work risks (ii) determine the cyber-attack type based on the list of 10 most prominent cybersecurity threats during the Covid-19 Pandemic (iii) and design a security policy to securing business continuity.
2022-02-10
Masood, Raziqa, Pandey, Nitin, Rana, Q. P..  2020.  DHT-PDP: A Distributed Hash Table based Provable Data Possession Mechanism in Cloud Storage. 2020 8th International Conference on Reliability, Infocom Technologies and Optimization (Trends and Future Directions) (ICRITO). :275–279.
The popularity of cloud storage among data users is due to easy maintenance, and no initial infrastructure setup cost as compared to local storage. However, although the data users outsource their data to cloud storage (a third party) still, they concern about their physical data. To check whether the data stored in the cloud storage has been modified or not, public auditing of the data is required before its utilization. To audit over vast outsourced data, the availability of the auditor is an essential requirement as nowadays, data owners are using mobile devices. But unfortunately, a single auditor leads to a single point of failure and inefficient to preserve the security and correctness of outsourced data. So, we introduce a distributed public auditing scheme which is based on peer-to-peer (P2P) architecture. In this work, the auditors are organized using a distributed hash table (DHT) mechanism and audit the outsourced data with the help of a published hashed key of the data. The computation and communication overhead of our proposed scheme is compared with the existing schemes, and it found to be an effective solution for public auditing on outsourced data with no single point of failure.
2022-02-07
Nurwarsito, Heru, Iskandar, Chairul.  2021.  Detection Jellyfish Attacks Against Dymo Routing Protocol on Manet Using Delay Per-Hop Indicator (Delphi) Method. 2021 3rd East Indonesia Conference on Computer and Information Technology (EIConCIT). :385–390.
Mobile Ad Hoc Network (MANET) is one of the types of Ad-hoc Network which is comprised of wireless in a network. The main problem in this research is the vulnerability of the protocol routing Dymo against jellyfish attack, so it needs detection from a jellyfish attack. This research implements the DELPHI method to detect jellyfish attacks on a DYMO protocol which has better performance because the Delay Per-Hop Indicator (DELPHI) gathers the amount of hop and information delay from the disjoint path and calculates the delays per-hop as an indicator of a jellyfish attack. The evaluation results indicate an increase in the end-to-end delay average, start from 112.59s in 10 nodes increased to 143.732s in 30 nodes but reduced to 84,2142s in 50 nodes. But when the DYMO routing did not experience any jellyfish attacks both the delivery ratio and throughput are decreased. The delivery ratio, where decreased from 10.09% to 8.19% in 10 nodes, decreased from 20.35% to 16.85%, and decreased from 93.5644% to 82.825% in 50 nodes. As for the throughput, for 10 nodes decreased from 76.7677kbps to 68.689kbps, for 30 nodes decreased from 100kbps to 83.5821kbps and for 50 nodes decreased from 18.94kbps to 15.94kbps.
Zang, Shiping, Zhao, Dongyan, Hu, Yi, Hu, Xiaobo, Gao, Ying, Du, Pengcheng, Cheng, Song.  2021.  A High Speed SM3 Algorithm Implementation for Security Chip. 2021 IEEE 5th Advanced Information Technology, Electronic and Automation Control Conference (IAEAC). 5:915–919.
High throughput of crypto circuit is critical for many high performance security applications. The proposed SM3 circuit design breaks the inherent limitation of the conventional algorithm flow by removing the "blocking point" on the critical path, and reorganizes the algebraic structure by adding four parallel compensation operations. In addition, the round expansion architecture, CSA (Carry Save Adder) and pre-calculation are also used in this design. Due to the optimization at both the algorithm level and the circuit level, the synthesized circuit of this design can reach maximum 415MHz operating clock frequency and 6.4Gbps throughput with SMIC 40nm high performance technology. Compared with the conventional implementation method, the throughput performance of the proposed SM3 circuit increases by 97.5% and the chip area of SM3 algorithm area is only increased by 16.2%.
2022-02-04
Al-Turkistani, Hilalah F., Aldobaian, Samar, Latif, Rabia.  2021.  Enterprise Architecture Frameworks Assessment: Capabilities, Cyber Security and Resiliency Review. 2021 1st International Conference on Artificial Intelligence and Data Analytics (CAIDA). :79–84.
Recent technological advancement demands organizations to have measures in place to manage their Information Technology (IT) systems. Enterprise Architecture Frameworks (EAF) offer companies an efficient technique to manage their IT systems aligning their business requirements with effective solutions. As a result, experts have developed multiple EAF's such as TOGAF, Zachman, MoDAF, DoDAF, SABSA to help organizations to achieve their objectives by reducing the costs and complexity. These frameworks however, concentrate mostly on business needs lacking holistic enterprise-wide security practices, which may cause enterprises to be exposed for significant security risks resulting financial loss. This study focuses on evaluating business capabilities in TOGAF, NIST, COBIT, MoDAF, DoDAF, SABSA, and Zachman, and identify essential security requirements in TOGAF, SABSA and COBIT19 frameworks by comparing their resiliency processes, which helps organization to easily select applicable framework. The study shows that; besides business requirements, EAF need to include precise cybersecurity guidelines aligning EA business strategies. Enterprises now need to focus more on building resilient approach, which is beyond of protection, detection and prevention. Now enterprises should be ready to withstand against the cyber-attacks applying relevant cyber resiliency approach improving the way of dealing with impacts of cybersecurity risks.
Chand, Ravinesh, Valluri, Maheswara Rao, Khan, MGM.  2021.  Digital Signature Scheme over Lattices. 2021 25th International Conference on Circuits, Systems, Communications and Computers (CSCC). :71–78.
With the rapid advancements in information technology, data security has become an indispensable component. Cryptography performs a significant role in establishing information security. Computational problems have been utilized extensively by cryptographers to construct digital signature schemes. Digital signature schemes offer security services such as confidentiality, authenticity, integrity, and non-repudiation of a message. This paper proposes a modification of the Dilithium signature scheme that is secure against unforgeability attack based on the hardness of lattice problems such as Learning With Errors and Short Integer Solution over lattices. Using the rejection sampling technique, data is sampled from a uniform distribution to generate keys that are expanded into a matrix. The keys are hashed and signed by the sender to generate a message, which is then accepted by the receiver upon verification. Finally, the security analysis for the proposed signature scheme is provided with a strong emphasis on the security of the secret key. We prove that the attacker cannot forge a signature on a message, and recommended parameters are proposed.
Xu, Wei, Liang, Hao, Ge, Yunhan.  2021.  Research on Data Security Protection System Based on SM Algorithm. 2021 International Conference on Information Science, Parallel and Distributed Systems (ISPDS). :79–82.
As the rapid development of information technology and networks, there have been several new challenges to data security. For security needs in the process of data transmission and storage, the data security protection mechanism based on SM algorithm is studied. In addition, data cryptographic security protection system model composed of cryptographic infrastructure, cryptographic service nodes and cryptographic modules is proposed. As the core of the mechanism, SM algorithm not only brings about efficient data encryption and decryption, but ensures the security, integrity and non-repudiation of data transmission and storage. Secure and controllable key management is implemented by this model, which provides easy-to-expandable cryptographic services, and brings efficient cryptographic capabilities applicable for multiple scenarios.
2022-01-31
Al-Qtiemat, Eman, Jafar, Iyad.  2021.  Intelligent Cache Replacement Algorithm for Web Proxy Caching based on Multi-level K-means Clustering. 2021 IEEE Jordan International Joint Conference on Electrical Engineering and Information Technology (JEEIT). :278—282.
Proxy web caching is usually employed to maximize the efficiency and utilization of the network and the origin servers while reducing the request latency. However, and due to the limited cache size, some replacement policy has to be enforced in order to decide on the object(s) to be evicted from the cache once it is full. This paper introduces the use of the K-mean clustering to categorize the objects in the cache into groups of different priorities. This categorization is then used for replacement purposes such that the object(s) of lowest priority are chosen for eviction. The proposed improved the hit rate and the byte hit rate of the cache when compared to conventional and intelligent web proxy caching algorithms.
2022-01-25
Boris, Ryabko, Nadezhda, Savina.  2021.  Development of an information-theoretical method of attribution of literary texts. 2021 XVII International Symposium "Problems of Redundancy in Information and Control Systems" (REDUNDANCY). :70–73.
We propose an information-theoretical method of attribution of literary texts, developed within the framework of information theory and mathematical statistics. Using the proposed method, the following two problems of disputed authorship in Russian and Soviet literature were investigated: i) the problem of false attribution of some novels to Nekrasov and ii) the problem of dubious attribution of two novels to Bulgakov. The research has shown the high efficiency of the data-compression method for attribution of literary texts.
Santoso, Dylan Juliano, Angga, William Silvano, Silvano, Frederick, Anjaya, Hanzel Edgar Samudera, Maulana, Fairuz Iqbal, Ramadhani, Mirza.  2021.  Traditional Mask Augmented Reality Application. 2021 International Conference on Information Management and Technology (ICIMTech). 1:595—598.
The industrial revolution 4.0 has become a challenge for various sectors in mastering information technology, one of which is the arts and culture sector. Cultural arts that are quite widely spread and developed in Indonesia are traditional masks. Traditional masks are one of the oldest and most beautiful cultures in Indonesia. However, with the development of the era to the digital world in the era of the industrial revolution 4.0, this beloved culture is fading due to the entry of foreign cultures and technological developments. Many young people who succeed the nation do not understand this cultural art, namely traditional masks. So those cultural arts such as traditional masks can still keep up with the development of digital technology in industry 4.0, we conduct research to use technology to preserve this traditional mask culture. The research uses the ADDIE method starting with Analyze, Design, Develop, Implement, and Evaluate. We took some examples of traditional masks such as Malangan masks, Cirebon masks, and Panji masks from several regions in Indonesia. This research implements marker-based Augmented reality technology and makes a traditional mask book that can be a means of augmented reality.
2022-01-10
Babrekar, Devika, Patel, Darsh, Patkar, Sachin, Lobo, Vivian Brian.  2021.  Blockchain-based Digital Locker using BigchainDB and InterPlanetary File System. 2021 6th International Conference on Communication and Electronics Systems (ICCES). :950–956.
Our identity as a human being is determined by the documents, not by appearance or physicality. The most important thing to prove the identity of humans is to show a government-issued document. Generally, from birth to death humans are recognized by documents because they are born with a birth certificate and they die with a death certificate. The main problem with these documents is that, they can be falsified or manipulated by others. Moreover in this digital era, they are stored in a centralized manner, which is prone to a cyber threat. This study aims to develop a blockchain environment to create, verify, and securely share documents in a decentralized manner. With the help of bigchainDB, interplanetary file system (IPFS), and asymmetric encryption, this research work will prototype the proposed solution called blockchain-based digital locker, which is similar to the DigiLocker released by the Department of Electronics and Information Technology (DeitY), Govt. of India. BigchainDB will help in treating each document as an asset by making it immutable with the help of IPFS and asymmetric encryption, where documents can not only be shared but also verified.
2021-12-20
Yang, SU.  2021.  An Approach on Attack Path Prediction Modeling Based on Game Theory. 2021 IEEE 5th Advanced Information Technology, Electronic and Automation Control Conference (IAEAC). 5:2604–2608.
Considering the lack of theoretical analysis for distributed network under APT (advanced persistent threat) attacks, a game model was proposed to solve the problem based on APT attack path. Firstly, this paper analyzed the attack paths of attackers and proposed the defensive framework of network security by analyzing the characteristics of the APT attack and the distributed network structure. Secondly, OAPG(an attack path prediction model oriented to APT) was established from the value both the attacker and the defender based on game theory, besides, this paper calculated the game equilibrium and generated the maximum revenue path of the attacker, and then put forward the best defensive strategy for defender. Finally, this paper validated the model by an instance of APT attack, the calculated results showed that the model can analyze the attacker and defender from the attack path, and can provide a reasonable defense scheme for organizations that use distributed networks.
Petrenkov, Denis, Agafonov, Anton.  2021.  Anomaly Detection in Vehicle Platoon with Third-Order Consensus Control. 2021 Ural Symposium on Biomedical Engineering, Radioelectronics and Information Technology (USBEREIT). :0463–0466.
The development of autonomous connected vehicles, in particular, moving as a platoon formation, has received great attention in recent years. The autonomous movement allows to increase the efficiency of the transportation infrastructure usage, reduce the fuel consumption, improve road safety, decrease traffic congestion, and others. To maintain an optimal spacing policy in a platoon formation, it is necessary to exchange information between vehicles. The Vehicular ad hoc Network (VANET) is the key component to establish wireless vehicle-to-vehicle communications. However, vehicular communications can be affected by different security threats. In this paper, we consider the third-order consensus approach as a control strategy for the vehicle platoon. We investigate several types of malicious attacks (spoofing, message falsification) and propose an anomaly detection algorithm that allows us to detect the malicious vehicle and enhance the security of the vehicle platoon. The experimental study of the proposed approach is conducted using Plexe, a vehicular network simulator that permits the realistic simulation of platooning systems.
2021-10-12
Sharma, Rohit, Pawar, Siddhesh, Gurav, Siddhita, Bhavathankar, Prasenjit.  2020.  A Unique Approach towards Image Publication and Provenance using Blockchain. 2020 Third International Conference on Smart Systems and Inventive Technology (ICSSIT). :311–314.
The recent spurt of incidents related to copyrights and security breaches has led to the monetary loss of several digital content creators and publishers. These incidents conclude that the existing system lacks the ability to uphold the integrity of their published content. Moreover, some of the digital content owners rely on third parties, results in lack of ability to provide provenance of digital media. The question that needs to be addressed today is whether modern technologies can be leveraged to suppress such incidents and regain the confidence of creators and the audience. Fortunately, this paper presents a unique framework that empowers digital content creators to have complete control over the place of its origin, accessibility and impose restrictions on unauthorized alteration of their content. This framework harnesses the power of the Ethereum platform, a part of Blockchain technology, and uses S mart Contracts as a key component empowering the creators with enhanced control of their content and the corresponding audience.