Visible to the public Biblio

Found 587 results

Filters: Keyword is cyber physical systems  [Clear All Filters]
2022-10-20
Al-Haija, Qasem Abu.  2021.  On the Security of Cyber-Physical Systems Against Stochastic Cyber-Attacks Models. 2021 IEEE International IOT, Electronics and Mechatronics Conference (IEMTRONICS). :1—6.
Cyber Physical Systems (CPS) are widely deployed and employed in many recent real applications such as automobiles with sensing technology for crashes to protect passengers, automated homes with various smart appliances and control units, and medical instruments with sensing capability of glucose levels in blood to keep track of normal body function. In spite of their significance, CPS infrastructures are vulnerable to cyberattacks due to the limitations in the computing, processing, memory, power, and transmission capabilities for their endpoint/edge appliances. In this paper, we consider a short systematic investigation for the models and techniques of cyberattacks and threats rate against Cyber Physical Systems with multiple subsystems and redundant elements such as, network of computing devices or storage modules. The cyberattacks are assumed to be externally launched against the Cyber Physical System during a prescribed operational time unit following stochastic distribution models such as Poisson probability distribution, negative-binomial probability distribution and other that have been extensively employed in the literature and proved their efficiency in modeling system attacks and threats.
2022-07-14
Ahmad, Syed Farhan, Ferjani, Mohamed Yassine, Kasliwal, Keshav.  2021.  Enhancing Security in the Industrial IoT Sector using Quantum Computing. 2021 28th IEEE International Conference on Electronics, Circuits, and Systems (ICECS). :1—5.
The development of edge computing and machine learning technologies have led to the growth of Industrial IoT systems. Autonomous decision making and smart manufacturing are flourishing in the current age of Industry 4.0. By providing more compute power to edge devices and connecting them to the internet, the so-called Cyber Physical Systems are prone to security threats like never before. Security in the current industry is based on cryptographic techniques that use pseudorandom number keys. Keys generated by a pseudo-random number generator pose a security threat as they can be predicted by a malicious third party. In this work, we propose a secure Industrial IoT Architecture that makes use of true random numbers generated by a quantum random number generator (QRNG). CITRIOT's FireConnect IoT node is used to show the proof of concept in a quantum-safe network where the random keys are generated by a cloud based quantum device. We provide an implementation of QRNG on both real quantum computer and quantum simulator. Then, we compare the results with pseudorandom numbers generated by a classical computer.
2022-07-12
Khanzadi, Pouria, Kordnoori, Shirin, Vasigh, Zahra, Mostafaei, Hamidreza, Akhtarkavan, Ehsan.  2021.  A Cyber Physical System based Stochastic Process Language With NuSMV Model Checker. 2021 International Conference on Intelligent Technology, System and Service for Internet of Everything (ITSS-IoE). :1—8.
Nowadays, cyber physical systems are playing an important role in human life in which they provide features that make interactions between human and machine easier. To design and analysis such systems, the main problem is their complexity. In this paper, we propose a description language for cyber physical systems based on stochastic processes. The proposed language is called SPDL (Stochastic Description Process Language). For designing SPDL, two main parts are considered for Cyber Physical Systems (CSP): embedded systems and physical environment. Then these parts are defined as stochastic processes and CPS is defined as a tuple. Syntax and semantics of SPDL are stated based on the proposed definition. Also, the semantics are defined as by set theory. For implementation of SPDL, dependencies between words of a requirements are extracted as a tree data structure. Based on the dependencies, SPDL is used for describing the CPS. Also, a lexical analyzer and a parser based on a defined BNF grammar for SPDL is designed and implemented. Finally, SPDL of CPS is transformed to NuSMV which is a symbolic model checker. The Experimental results show that SPDL is capable of describing cyber physical systems by natural language.
2022-06-09
Wang, Jun, Wang, Wen, Wu, Dan, Lei, Ting, Liu, DunNan, Li, PeiJun, Su, Shu.  2021.  Research on Business Model of Internet of Vehicles Platform Based on Token Economy. 2021 2nd International Conference on Big Data Economy and Information Management (BDEIM). :120–124.
With the increasing number of electric vehicles, the scale of the market also increases. In the past, the electric vehicle market had problems such as opaque information, numerous levels and data leakage, which were criticized for the impact of the overall development and policies of the electric vehicle industry. In view of the problems existing in the transparency and security of big data management transactions of the Internet of vehicles, this paper combs the commercial operation framework of the Internet of Vehicles Platform, analyses the feasibility and necessity of establishing the token system of the Internet of Vehicles Platform, and constructs the token economic system architecture of the Internet of Vehicles Platform and its development path.
Sabir, Zakaria, Amine, Aouatif.  2021.  Connected Vehicles using NDN: Security Concerns and Remaining Challenges. 2021 7th International Conference on Optimization and Applications (ICOA). :1–6.
Vehicular networks have been considered as a hopeful technology to enhance road safety, which is a crossing area of Internet of Things (IoT) and Intelligent Transportation Systems (ITS). Current Internet architecture using the TCP/IP model and based on host-to-host is limited when it comes to vehicular communications which are characterized by high speed and dynamic topology. Thus, using Named Data Networking (NDN) in connected vehicles may tackle the issues faced with the TCP/IP model. In this paper, we investigate the security concerns of applying NDN in vehicular environments and discuss the remaining challenges in order to guide researchers in this field to choose their future research direction.
Jawad, Sidra, Munsif, Hadeera, Azam, Arsal, Ilahi, Arham Hasib, Zafar, Saima.  2021.  Internet of Things-based Vehicle Tracking and Monitoring System. 2021 15th International Conference on Open Source Systems and Technologies (ICOSST). :1–5.
Vehicles play an integral part in the life of a human being by facilitating in everyday tasks. The major concern that arises with this fact is that the rate of vehicle thefts have increased exponentially and retrieving them becomes almost impossible as the responsible party completely alters the stolen vehicles, leaving them untraceable. Ultimately, tracking and monitoring of vehicles using on-vehicle sensors is a promising and an efficient solution. The Internet of Things (IoT) is expected to play a vital role in revolutionizing the Security and Safety industry through a system of sensor networks by periodically sending the data from the sensors to the cloud for storage, from where it can be accessed to view or take any necessary actions (if required). The main contributions of this paper are the implementation and results of the prototype of a vehicle tracking and monitoring system. The system comprises of an Arduino UNO board connected to the Global Positioning System (GPS) module, Neo-6M, which senses the exact location of the vehicle in the form of latitude and longitude, and the ESP8266 Wi-Fi module, which sends the data to the Application Programming Interface (API) Cloud service, ThingSpeak, for storage and analyzing. An Android based mobile application is developed that utilizes the stored data from the Cloud and presents the user with the findings. Results show that the prototype is not only simple and cost effective, but also efficient and can be readily used by everyone from all walks of life to protect their vehicles.
Philipsen, Simon Grønfeldt, Andersen, Birger, Singh, Bhupjit.  2021.  Threats and Attacks to Modern Vehicles. 2021 IEEE International Conference on Internet of Things and Intelligence Systems (IoTaIS). :22–27.
As modern vehicles are complex IoT devices with intelligence capable to connect to an external infrastructure and use Vehicle-to-Everything (V2X) communication, there is a need to secure the communication to avoid being a target for cyber-attacks. Also, the organs of the car (sensors, communication, and control) each could have a vulnerability, that leads to accidents or potential deaths. Manufactures of cars have a huge responsibility to secure the safety of their costumers and should not skip the important security research, instead making sure to implement important security measures, which makes your car less likely to be attacked. This paper covers the relevant attacks and threats to modern vehicles and presents a security analysis with potential countermeasures. We discuss the future of modern and autonomous vehicles and conclude that more countermeasures must be taken to create a future and safe concept.
Qiu, Bin, Chen, Ke, He, Kexun, Fang, Xiyu.  2021.  Research on vehicle network intrusion detection technology based on dynamic data set. 2021 IEEE 3rd International Conference on Frontiers Technology of Information and Computer (ICFTIC). :386–390.
A new round of scientific and technological revolution and industrial reform promote the intelligent development of automobile and promote the deep integration of automobile with Internet, big data, communication and other industries. At the same time, it also brings network and data security problems to automobile, which is very easy to cause national security and social security risks. Intelligent vehicle Ethernet intrusion detection can effectively alleviate the security risk of vehicle network, but the complex attack means and vehicle compatibility have not been effectively solved. This research takes the vehicle Ethernet as the research object, constructs the machine learning samples for neural network, applies the self coding network technology combined with the original characteristics to the network intrusion detection algorithm, and studies a self-learning vehicle Ethernet intrusion detection algorithm. Through the application and test of vehicle terminal, the algorithm generated in this study can be used for vehicle terminal with Ethernet communication function, and can effectively resist 34 kinds of network attacks in four categories. This method effectively improves the network security defense capability of vehicle Ethernet, provides technical support for the network security of intelligent vehicles, and can be widely used in mass-produced intelligent vehicles with Ethernet.
Aman, Muhammad Naveed, Sikdar, Biplab.  2021.  AI Based Algorithm-Hardware Separation for IoV Security. 2021 IEEE Globecom Workshops (GC Wkshps). :1–6.
The Internet of vehicles is emerging as an exciting application to improve safety and providing better services in the form of active road signs, pay-as-you-go insurance, electronic toll, and fleet management. Internet connected vehicles are exposed to new attack vectors in the form of cyber threats and with the increasing trend of cyber attacks, the success of autonomous vehicles depends on their security. Existing techniques for IoV security are based on the un-realistic assumption that all the vehicles are equipped with the same hardware (at least in terms of computational capabilities). However, the hardware platforms used by various vehicle manufacturers are highly heterogeneous. Therefore, a security protocol designed for IoVs should be able to detect the computational capabilities of the underlying platform and adjust the security primitives accordingly. To solve this issue, this paper presents a technique for algorithm-hardware separation for IoV security. The proposed technique uses an iterative routine and the corresponding execution time to detect the computational capabilities of a hardware platform using an artificial intelligence based inference engine. The results on three different commonly used micro-controllers show that the proposed technique can effectively detect the type of hardware platform with up to 100% accuracy.
Lin, Hua Yi, Hsieh, Meng-Yen, Li, Kuan-Ching.  2021.  A Multi-level Security Key Management Protocol Based on Dynamic M-tree Structures for Internet of Vehicles. 2021 International Symposium on Performance Evaluation of Computer and Telecommunication Systems (SPECTS). :1–5.
With the gradually popular high-speed wireless networks and 5G environments, the quality and reliability of network services will be suited for mobile vehicles. In addition to communicating information between vehicles, they can also communicate information with surrounding roadside equipment, pedestrians or traffic signs, and thus improve the road safety of passers-by.Recently, various countries have continuously invested in research on autonomous driving and unmanned vehicles. The open communication environment of the Internet of Vehicles in 5G will expose all personal information in the field of wireless networks. This research is based on the consideration of information security and personal data protection. We will focus on how to protect the real-time transmission of information between mobile vehicles to prevent from imbedding or altering important transmission information by unauthorized vehicles, drivers or passers-by participating in communications. Moreover, this research proposes a multi-level security key management agreement based on a dynamic M-tree structure for Internet of Vehicles to achieve flexible and scalable key management on large-scale Internet of Vehicles.
Xu, Qichao, Zhao, Lifeng, Su, Zhou.  2021.  UAV-assisted Abnormal Vehicle Behavior Detection in Internet of Vehicles. 2021 40th Chinese Control Conference (CCC). :7500–7505.
With advantages of low cost, high mobility, and flexible deployment, unmanned aerial vehicle (UAVs) are employed to efficiently detect abnormal vehicle behaviors (AVBs) in the internet of vehicles (IoVs). However, due to limited resources including battery, computing, and communication, UAVs are selfish to work cooperatively. To solve the above problem, in this paper, a game theoretical UAV incentive scheme in IoVs is proposed. Specifically, the abnormal behavior model is first constructed, where three model categories are defined: velocity abnormality, distance abnormality, and overtaking abnormality. Then, the barging pricing framework is designed to model the interactions between UAVs and IoVs, where the transaction prices are determined with the abnormal behavior category detected by UAVs. At last, simulations are conducted to verify the feasibility and effectiveness of our proposed scheme.
Claude, Tuyisenge Jean, Viviane, Ishimwe, Paul, Iradukunda Jean, Didacienne, Mukanyiligira.  2021.  Development of Security Starting System for Vehicles Based on IoT. 2021 International Conference on Information Technology (ICIT). :505–510.
The transportation system is becoming tremendously important in today's human activities and the number of urban vehicles grows rapidly. The vehicle theft also has become a shared concern for all vehicle owners. However, the present anti-theft system which maybe high reliable, lack of proper mechanism for preventing theft before it happens. This work proposes the internet of things based smart vehicle security staring system; efficient security provided to the vehicle owners relies on securing car ignition system by using a developed android application running on smart phone connected to the designed system installed in vehicle. With this system it is non- viable to access the vehicle's functional system in case the ignition key has been stolen or lost. It gives the drivers the ability to stay connected with their vehicle. Whenever the ignition key is stolen or lost, it is impossible to start the vehicle as the ignition system is still locked on the vehicle start and only the authorized person will be able to start the vehicle at convenient time with the combination of ignition key and smart phone application. This study proposes to design the system that uses node MCU, Bluetooth low energy (BLE), transistors, power relays and android smartphone in system testing. In addition, it is cost effective and once installed in the vehicle there is no more cost of maintenance.
2022-05-12
Ma, Lele.  2021.  One Layer for All: Efficient System Security Monitoring for Edge Servers. 2021 IEEE International Performance, Computing, and Communications Conference (IPCCC). :1–8.
Edge computing promises higher bandwidth and lower latency to end-users. However, edge servers usually have limited computing resources and are geographically distributed over the edge. This imposes new challenges for efficient system monitoring and control of edge servers.In this paper, we propose EdgeVMI, a framework to monitor and control services running on edge servers with lightweight virtual machine introspection(VMI). The key of our technique is to run the monitor in a lightweight virtual machine which can leverage hardware events for monitoring memory read and writes. In addition, the small binary size and memory footprints of the monitor could reduce the start/stop time of service, the runtime overhead, as well as the deployment efforts.Inspired by unikernels, we build our monitor with only the necessary system modules, libraries, and functionalities of a specific monitor task. To reduce the security risk of the monitoring behavior, we separate the monitor into two isolated modules: one acts as a sensor to collect security information and another acts as an actuator to conduct control commands. Our evaluation shows the effectiveness and the efficiency of the monitoring system, with an average performance overhead of 2.7%.
Aribisala, Adedayo, Khan, Mohammad S., Husari, Ghaith.  2021.  MACHINE LEARNING ALGORITHMS AND THEIR APPLICATIONS IN CLASSIFYING CYBER-ATTACKS ON A SMART GRID NETWORK. 2021 IEEE 12th Annual Information Technology, Electronics and Mobile Communication Conference (IEMCON). :0063–0069.
Smart grid architecture and Software-defined Networking (SDN) have evolved into a centrally controlled infrastructure that captures and extracts data in real-time through sensors, smart-meters, and virtual machines. These advances pose a risk and increase the vulnerabilities of these infrastructures to sophisticated cyberattacks like distributed denial of service (DDoS), false data injection attack (FDIA), and Data replay. Integrating machine learning with a network intrusion detection system (NIDS) can improve the system's accuracy and precision when detecting suspicious signatures and network anomalies. Analyzing data in real-time using trained and tested hyperparameters on a network traffic dataset applies to most network infrastructures. The NSL-KDD dataset implemented holds various classes, attack types, protocol suites like TCP, HTTP, and POP, which are critical to packet transmission on a smart grid network. In this paper, we leveraged existing machine learning (ML) algorithms, Support vector machine (SVM), K-nearest neighbor (KNN), Random Forest (RF), Naïve Bayes (NB), and Bagging; to perform a detailed performance comparison of selected classifiers. We propose a multi-level hybrid model of SVM integrated with RF for improved accuracy and precision during network filtering. The hybrid model SVM-RF returned an average accuracy of 94% in 10-fold cross-validation and 92.75%in an 80-20% split during class classification.
Morbitzer, Mathias, Proskurin, Sergej, Radev, Martin, Dorfhuber, Marko, Salas, Erick Quintanar.  2021.  SEVerity: Code Injection Attacks against Encrypted Virtual Machines. 2021 IEEE Security and Privacy Workshops (SPW). :444–455.

Modern enterprises increasingly take advantage of cloud infrastructures. Yet, outsourcing code and data into the cloud requires enterprises to trust cloud providers not to meddle with their data. To reduce the level of trust towards cloud providers, AMD has introduced Secure Encrypted Virtualization (SEV). By encrypting Virtual Machines (VMs), SEV aims to ensure data confidentiality, despite a compromised or curious Hypervisor. The SEV Encrypted State (SEV-ES) extension additionally protects the VM’s register state from unauthorized access. Yet, both extensions do not provide integrity of the VM’s memory, which has already been abused to leak the protected data or to alter the VM’s control-flow. In this paper, we introduce the SEVerity attack; a missing puzzle piece in the series of attacks against the AMD SEV family. Specifically, we abuse the system’s lack of memory integrity protection to inject and execute arbitrary code within SEV-ES-protected VMs. Contrary to previous code execution attacks against the AMD SEV family, SEVerity neither relies on a specific CPU version nor on any code gadgets inside the VM. Instead, SEVerity abuses the fact that SEV-ES prohibits direct memory access into the encrypted memory. Specifically, SEVerity injects arbitrary code into the encrypted VM through I/O channels and uses the Hypervisor to locate and trigger the execution of the encrypted payload. This allows us to sidestep the protection mechanisms of SEV-ES. Overall, our results demonstrate a success rate of 100% and hence highlight that memory integrity protection is an obligation when encrypting VMs. Consequently, our work presents the final stroke in a series of attacks against AMD SEV and SEV-ES and renders the present implementation as incapable of protecting against a curious, vulnerable, or malicious Hypervisor.

Li, Shih-Wei, Li, Xupeng, Gu, Ronghui, Nieh, Jason, Zhuang Hui, John.  2021.  A Secure and Formally Verified Linux KVM Hypervisor. 2021 IEEE Symposium on Security and Privacy (SP). :1782–1799.

Commodity hypervisors are widely deployed to support virtual machines (VMs) on multiprocessor hardware. Their growing complexity poses a security risk. To enable formal verification over such a large codebase, we introduce microverification, a new approach that decomposes a commodity hypervisor into a small core and a set of untrusted services so that we can prove security properties of the entire hypervisor by verifying the core alone. To verify the multiprocessor hypervisor core, we introduce security-preserving layers to modularize the proof without hiding information leakage so we can prove each layer of the implementation refines its specification, and the top layer specification is refined by all layers of the core implementation. To verify commodity hypervisor features that require dynamically changing information flow, we introduce data oracles to mask intentional information flow. We can then prove noninterference at the top layer specification and guarantee the resulting security properties hold for the entire hypervisor implementation. Using microverification, we retrofitted the Linux KVM hypervisor with only modest modifications to its codebase. Using Coq, we proved that the hypervisor protects the confidentiality and integrity of VM data, while retaining KVM’s functionality and performance. Our work is the first machine-checked security proof for a commodity multiprocessor hypervisor.

Şengül, Özkan, Özkılıçaslan, Hasan, Arda, Emrecan, Yavanoğlu, Uraz, Dogru, Ibrahim Alper, Selçuk, Ali Aydın.  2021.  Implementing a Method for Docker Image Security. 2021 International Conference on Information Security and Cryptology (ISCTURKEY). :34–39.
Containers that can be easily created, transported and scaled with the use of container-based virtualization technologies work better than classical virtualization technologies and provide efficient resource usage. The Docker platform is one of the most widely used solutions among container-based virtualization technologies. The OS-level virtualization of the Docker platform and the container’s use of the host operating system kernel may cause security problems. In this study, a method including static and dynamic analysis has been proposed to ensure Docker image and container security. In the static analysis phase of the method, the packages of the images are scanned for vulnerabilities and malware. In the dynamic analysis phase, Docker containers are run for a certain period of time, after the open port scanning, network traffic is analyzed with the Snort3. Seven Docker images are analyzed and the results are shared.
Li, Fulin, Ji, Huifang, Zhou, Hongwei, Zhang, Chang.  2021.  A Dynamic and Secure Migration Method of Cryptographic Service Virtual Machine for Cloud Environment. 2021 7th International Conference on Computer and Communications (ICCC). :583–588.
In order to improve the continuity of cryptographic services and ensure the quality of services in the cloud environment, a dynamic migration framework of cryptographic service virtual machines based on the network shared storage system is proposed. Based on the study of the security threats in the migration process, a dynamic migration attack model is established, and the security requirement of dynamic migration is analyzed. It designs and implements the dynamic security migration management software, which includes a dynamic migration security enhancement module based on the Libvirt API, role-based access control policy, and transmission channel protection module. A cryptographic service virtual machine migration environment is built, and the designed management software and security mechanism are verified and tested. The experimental results show that the method proposed in the paper can effectively improve the security of cryptographic service virtual machine migration.
Aldawood, Mansour, Jhumka, Arshad.  2021.  Secure Allocation for Graph-Based Virtual Machines in Cloud Environments. 2021 18th International Conference on Privacy, Security and Trust (PST). :1–7.

Cloud computing systems (CCSs) enable the sharing of physical computing resources through virtualisation, where a group of virtual machines (VMs) can share the same physical resources of a given machine. However, this sharing can lead to a so-called side-channel attack (SCA), widely recognised as a potential threat to CCSs. Specifically, malicious VMs can capture information from (target) VMs, i.e., those with sensitive information, by merely co-located with them on the same physical machine. As such, a VM allocation algorithm needs to be cognizant of this issue and attempts to allocate the malicious and target VMs onto different machines, i.e., the allocation algorithm needs to be security-aware. This paper investigates the allocation patterns of VM allocation algorithms that are more likely to lead to a secure allocation. A driving objective is to reduce the number of VM migrations during allocation. We also propose a graph-based secure VMs allocation algorithm (GbSRS) to minimise SCA threats. Our results show that algorithms following a stacking-based behaviour are more likely to produce secure VMs allocation than those following spreading or random behaviours.

Rokade, Monika D., Sharma, Yogesh Kumar.  2021.  MLIDS: A Machine Learning Approach for Intrusion Detection for Real Time Network Dataset. 2021 International Conference on Emerging Smart Computing and Informatics (ESCI). :533–536.
Computer network and virtual machine security is very essential in today's era. Various architectures have been proposed for network security or prevent malicious access of internal or external users. Various existing systems have already developed to detect malicious activity on victim machines; sometimes any external user creates some malicious behavior and gets unauthorized access of victim machines to such a behavior system considered as malicious activities or Intruder. Numerous machine learning and soft computing techniques design to detect the activities in real-time network log audit data. KKDDCUP99 and NLSKDD most utilized data set to detect the Intruder on benchmark data set. In this paper, we proposed the identification of intruders using machine learning algorithms. Two different techniques have been proposed like a signature with detection and anomaly-based detection. In the experimental analysis, demonstrates SVM, Naïve Bayes and ANN algorithm with various data sets and demonstrate system performance on the real-time network environment.
Ntambu, Peter, Adeshina, Steve A.  2021.  Machine Learning-Based Anomalies Detection in Cloud Virtual Machine Resource Usage. 2021 1st International Conference on Multidisciplinary Engineering and Applied Science (ICMEAS). :1–6.
Cloud computing is one of the greatest innovations and emerging technologies of the century. It incorporates networks, databases, operating systems, and virtualization technologies thereby bringing the security challenges associated with these technologies. Security Measures such as two-factor authentication, intrusion detection systems, and data backup are already in place to handle most of the security threats and vulnerabilities associated with these technologies but there are still other threats that may not be easily detected. Such a threat is a malicious user gaining access to the Virtual Machines (VMs) of other genuine users and using the Virtual Machine resources for their benefits without the knowledge of the user or the cloud service provider. This research proposes a model for proactive monitoring and detection of anomalies in VM resource usage. The proposed model can detect and pinpoint the time such anomaly occurred. Isolation Forest and One-Class Support Vector Machine (OCSVM) machine learning algorithms were used to train and test the model on sampled virtual machine workload trace using a combination of VM resource metrics together. OCSVM recorded an average F1-score of 0.97 and 0.89 for hourly and daily time series respectively while Isolation Forest has an average of 0.93 and 0.80 for hourly and daily time series. This result shows that both algorithms work for the model however OCSVM had a higher classification success rate than Isolation Forest.
Marian, Constantin Viorel.  2021.  DNS Records Secure Provisioning Mechanism for Virtual Machines automatic management in high density data centers. 2021 IEEE International Black Sea Conference on Communications and Networking (BlackSeaCom). :1–5.

Nowadays is becoming trivial to have multiple virtual machines working in parallel on hardware platforms with high processing power. This appropriate cost effective approach can be found at Internet Service Providers, in cloud service providers’ environments, in research and development lab testing environment (for example Universities’ student’s lab), in virtual application for security evaluation and in many other places. In the aforementioned cases, it is often necessary to start and/or stop virtual machines on the fly. In cloud service providers all the creation / tear down actions are triggered by a customer request and cannot be postponed or delayed for later evaluation. When a new virtual machine is created, it is imperative to assign unique IP addresses to all network interfaces and also domain name system DNS records that contain text based data, IP addresses, etc. Even worse, if a virtual machine has to be stopped or torn down, the critical network resources such as IP addresses and DNS records have to be carefully controlled in order to avoid IP addresses conflicts and name resolution problems between an old virtual machine and a newly created virtual machine. This paper proposes a provisioning mechanism to avoid both DNS records and IP addresses conflicts due to human misconfiguration, problems that can cause networking operation service disruptions.

2022-05-05
Zhang, Qiao-Jia, Ye, Qing, Li, Liang, Liu, Si-jie, Chen, Kai-qiang.  2021.  An efficient selective encryption scheme for HEVC based on hyperchaotic Lorenz system. 2021 IEEE 5th Advanced Information Technology, Electronic and Automation Control Conference (IAEAC). 5:683—690.
With the wide application of video information, the protection of video information from illegal access has been widely investigated recently. An efficient selective encryption scheme for high efficiency video coding (HEVC) based on hyperchaotic Lorenz system is proposed. Firstly, the hyperchaotic Lorenz system is discretized and the generated chaotic state values are converted into chaotic pseudorandom sequences for encryption. The important syntax elements in HEVC are then selectively encrypted with the generated stream cipher. The experimental results show that the encrypted video is highly disturbed and the video information cannot be recognized. Through the analysis of objective index results, it is shown that the scheme is both efficient and security.
Raheja, Nisha, Manocha, Amit Kumar.  2021.  An Efficient Encryption-Authentication Scheme for Electrocardiogram Data using the 3DES and Water Cycle Optimization Algorithm. 2021 6th International Conference on Signal Processing, Computing and Control (ISPCC). :10—14.

To share the recorded ECG data with the cardiologist in Golden Hours in an efficient and secured manner via tele-cardiology may save the lives of the population residing in rural areas of a country. This paper proposes an encryption-authentication scheme for secure the ECG data. The main contribution of this work is to generate a one-time padding key and deploying an encryption algorithm in authentication mode to achieve encryption and authentication. This is achieved by a water cycle optimization algorithm that generates a completely random one-time padding key and Triple Data Encryption Standard (3DES) algorithm for encrypting the ECG data. To validate the accuracy of the proposed encryption authentication scheme, experimental results were performed on standard ECG data and various performance parameters were calculated for it. The results show that the proposed algorithm improves security and passes the statistical key generation test.

Reyad, Omar, Mansour, Hanaa M., Heshmat, Mohamed, Zanaty, Elnomery A..  2021.  Key-Based Enhancement of Data Encryption Standard For Text Security. 2021 National Computing Colleges Conference (NCCC). :1—6.
Securing various data types such as text, image, and video is needed in real-time communications. The transmission of data over an insecure channel is a permanent challenge, especially in mass Internet applications. Preserving confidentiality and integrity of data toward malicious attacks, accidental devastation, change during transfer, or while in storage must be improved. Data Encryption Standard (DES) is considered as a symmetric-key algorithm that is most widely used for various security purposes. In this work, a Key-based Enhancement of the DES (KE-DES) technique for securing text is proposed. The KEDES is implemented by the application of two steps: the first is merging the Odd/Even bit transformation of every key bit in the DES algorithm. The second step is replacing the right-side expansion of the original DES by using Key-Distribution (K-D) function. The K-D allocation consists of 8-bits from Permutation Choice-1 (PC-1) key outcome. The next 32-bits outcomes from the right-side of data, there is also 8-bits outcome from Permutation Choice-2 (PC-2) in each round. The key and data created randomly, in this case, provide adequate security and the KEDES model is considered more efficient for text encryption.