Biblio

Cloud Computing (CC) has emerged as an on-demand accessible tool in different practical applications such as digital industry, academics, manufacturing, health sector and others. In this paper different security threats faced by CC are discussed with suitable examples. Moreover, an artificial intelligence based security enabled CC is also discussed based on suitable empirical data. It is found that an artificial neural network (ANN) is an effective system to detect the level of risk factors associated with CC along with mitigating those risk issues with appropriate algorithms. Hence, it provides a desired level of protection against cyber attacks, internal confidential threats and external threat of data theft from a cloud computing system. Levenberg–Marquardt (LMBP) algorithms are also found as a significant tool to estimate the level of security performance around a cloud computing system. ANN is used to improve the performance level of data security across a cloud computing network and make it security enabled to ensure a protected data transmission to clients associated with the system.

The widespread application of industrial Internet identifiers has increased the security risks of industrial Internet and identifier resolution system. In order to improve the security capabilities of identifier resolution system, this paper analyzes the security challenges faced by identifier resolution system at this stage, and in line with the concept of layered security defense in depth, divides the security domains of identifier resolution system and proposes a multi-level security strategy based on security domains by deploying appropriate protective measures in each security domain.

The importance of the security of industrial control network has become increasingly prominent. Aiming at the defects of main security protection system in the intelligent manufacturing industrial control network, we propose a security attack risk detection and defense, and emergency processing capability synchronization technology system suitable for the intelligent manufacturing industrial control system. Integrating system control and network security theories, a flexible and reconfigurable system-wide security architecture method is proposed. On the basis of considering the high availability and strong real-time of the system, our research centers on key technologies supporting system-wide security analysis, defense strategy deployment and synchronization, including weak supervision system reinforcement and pattern matching, etc.. Our research is helpful to solve the problem of industrial control network of “old but full of loopholes” caused by the long-term closed development of the production network of important parts, and alleviate the contradiction between the high availability of the production system and the relatively backward security defense measures.

With the development of openness, sharing and interconnection of computer network, the architecture of enterprise network becomes more and more complex, and various network security problems appear. Threat Intelligence(TI) Analysis and situation awareness(SA) are the prediction and analysis technology of enterprise security risk, while intrusion detection technology belongs to active defense technology. In order to ensure the safe operation of computer network system, we must establish a multi-level and comprehensive security system. This paper analyzes many security risks faced by enterprise computer network, and integrates threat intelligence analysis, security situation assessment, intrusion detection and other technologies to build a comprehensive enterprise security system to ensure the security of large enterprise network.

Over past years, the high demand to efficiently process deep learning (DL) models has driven the market of the chip design companies. However, the new Deep Chip architectures, a common term to refer to DL hardware accelerator, have slightly paid attention to the security requirements in quantized neural networks (QNNs), while the black/white -box adversarial attacks can jeopardize the integrity of the inference accelerator. Therefore in this paper, a comprehensive study of the resiliency of QNN topologies to black-box attacks is examined. Herein, different attack scenarios are performed on an FPGA-processor co-design, and the collected results are extensively analyzed to give an estimation of the impact’s degree of different types of attacks on the QNN topology. To be specific, we evaluated the sensitivity of the QNN accelerator to a range number of bit-flip attacks (BFAs) that might occur in the operational lifetime of the device. The BFAs are injected at uniformly distributed times either across the entire QNN or per individual layer during the image classification. The acquired results are utilized to build the entropy-based model that can be leveraged to construct resilient QNN architectures to bit-flip attacks.

To increase and maintain web application security, developers could use some different methods, one of them is static code analysis. This method could find security vulnerabilities inside a source code without the need of running the program. It could also be automated by using tools, which considered more efficient than manual reviews. One specific method which is commonly used in static code analysis is taint analysis. Taint analysis usually utilizes source code modeling to prepare the code for analysis process to detect any untrusted data flows into security sensitives computations. While this kind of analysis could be very helpful, static code analysis tool for Laravel-based web application is still quite rare, despite its popularity. Therefore, in this research, we want to know how static code (taint) analysis could be utilized to detect security vulnerabilities and how the projects (Laravel-based) should be modeled in order to facilitate this analysis. We then developed a static analysis tool, which models the application’s source code using AST and dictionary to be used as the base of the taint analysis. The tool first parsed the route file of Laravel project to get a list of controller files. Each file in that list would be parsed in order to build the source code representation, before actually being analyzed using taint analysis method. The experiments was done using this tool shows that the tools (with taint analysis) could detect 13 security vulnerabilities from 6 Laravel-based projects with one False Negative. An ineffective sanitizer was the suspected cause of this False Negative. This also shows that proposed modeling technique could be helpful in facilitating taint analysis in Laravel-based projects. For future development and studies, this tool should be tested with more Laravel and even other framework based web application with a wider range of security vulnerabilities.

This paper provides an overview of the security service controls that are applied in a big data processing (BDP) system to defend against cyber security attacks. We validate this approach by modeling attacks and effectiveness of security service controls in a sequence of states and transitions. This Finite State Machine (FSM) approach uses the probable effectiveness of security service controls, as defined in the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF). The attacks used in the model are defined in the ATT&CK™ framework. Five different BDP security architecture configurations are considered, spanning from a low-cost default BDP configuration to a more expensive, industry supported layered security architecture. The analysis demonstrates the importance of a multi-layer approach to implementing security in BDP systems. With increasing interest in using BDP systems to analyze sensitive data sets, it is important to understand and justify BDP security architecture configurations with their significant costs. The output of the model demonstrates that over the run time, larger investment in security service controls results in significantly more uptime. There is a significant increase in uptime with a linear increase in security service control investment. We believe that these results support our recommended BDP security architecture. That is, a layered architecture with security service controls integrated into the user interface, boundary, central management of security policies, and applications that incorporate privacy preserving programs. These results enable making BDP systems operational for sensitive data accessed in a multi-tenant environment.

Nowadays the use of Wi-Fi has been widely used in public places, such as in restaurants. The use of Wi-Fi in public places has a very large security vulnerability because it is used by a wide variety of visitors. Therefore, this study was conducted to evaluate the security of the WLAN network in restaurants. The methods used are Vulnerability Assessment and Penetration Testing. Penetration Testing is done by conducting several attack tests such as Deauthentication Attack, Evil Twin Attack with Captive Portal, Evil Twin Attack with Sniffing and SSL stripping, and Unauthorized Access.

Risk management is an essential part of software security. Assemblyline is a software security tool developed by the Canadian Centre for Cyber Security (CCCS) for malware detection and analysis. In this paper, we examined the performance of Assemblyline for assessing the risk of executable files. We developed and examined use-cases where Assemblyline is included as part of a security safety net assessing vulnerabilities that would lead to risk. Finally, we considered Assemblyline’s utility in a continuous integration / delivery context using our test results.

Conventional systems has to be updated as the technology advances at quick pace. A smart grid is a renovated and digitalized version of a standard electrical infrastructure that allows two-way communication between customers and the utility, which overcomes huge manual hustle. Advanced Metering Infrastructure plays a major role in a smart grid by automatically reporting the power consumption readings to the utility through communication networks. However, there is always a trade-off. Security of AMI communication is a major problem that must be constantly monitored if this technology is to be fully utilized. This paper mainly focuses on developing a virtual setup of fully functional smart meter and a web application for generating electricity bill which allows consumer to obtain demand response, where the data is managed at server side. It also focuses on analyzing the potential security concerns posed by MITM-Arp-spoofing attacks on AMI systems and session hijacking attacks on web interfaces. This work also focusses on mitigating the vulnerabilities of session hijacking on web interface by restricting the cookies so that the attacker is unable to acquire any confidential data.

Internet of Things (IoT), Cloud and Augmented Reality (AR) are the emerging and developing technologies and are at the horizon and hype of their life cycle. Lots of commercial applications based on IoT, cloud and AR provide unrestricted access to data. The real-time applications based on these technologies are at the cusp of their innovations. The most frequent security attacks for IoT, cloud and AR applications are DDoS attacks. In this paper a detailed account of various DDoS attacks that can be the hindrance of many important sensitive services and can degrade the overall performance of recent services which are purely based on network communications. The DDoS attacks should be dealt with carefully and a set of a new generations of algorithm need to be developed to mitigate the problems caused by non-repudiation kinds of attacks.

Software and firmware vulnerabilities pose security threats to photovoltaic (PV) systems. When patches are not available or cannot be timely applied to fix vulnerabilities, it is important to mitigate vulnerabilities such that they cannot be exploited by attackers or their impacts will be limited when exploited. However, the vulnerability mitigation problem for PV systems has received little attention. This paper analyzes known security vulnerabilities in PV systems, proposes a multi-level mitigation framework and various mitigation strategies including neural network-based attack detection inside inverters, and develops a prototype system as a proof-of-concept for building vulnerability mitigation into PV system design.

SELinux policies used in practice are generally large and complex. As a result, it is difficult for the policy writers to completely understand the policy and ensure that the policy meets the intended security goals. To remedy this, we have developed a tool called SEFlowViz that helps in visualizing the information flows of a policy and thereby helps in creating flow-secure policies. The tool uses the graph database Neo4j to visualize the policy. Along with visualization, the tool also supports extracting various information regarding the policy and its components through queries. Furthermore, the tool also supports the addition and deletion of rules which is useful in converting inconsistent policies into consistent policies.

With the spread of the Internet, various devices are now connected to it and the number of IoT devices is increasing. Data generated by IoT devices has traditionally been aggregated in the cloud and processed over time. However, there are two issues with using the cloud. The first is the response delay caused by the long distance between the IoT device and the cloud, and the second is the difficulty of implementing sufficient security measures on the IoT device side due to the limited resources of the IoT device at the end. To address these issues, fog computing, which is located in the middle between IoT devices and the cloud, has been attracting attention as a new network component. However, the risks associated with the introduction of fog computing have not yet been fully investigated. In this study, we conducted a risk assessment of fog computing, which is newly established to promote the use of IoT devices, and identified 24 risk factors. The main countermeasures include the gradual introduction of connected IoT connection protocols and security policy matching. We also demonstrated the effectiveness of the proposed risk measures by evaluating the risk values. The proposed risk countermeasures for fog computing should help us to utilize IoT devices in a safe and secure manner.

As permissioned blockchain becomes a common foundation of blockchain-based applications for current organizations, related stakeholders need a means to assess the security risks of the applications. Therefore, this study proposes a security risk management framework for permissioned blockchain applications. The framework divides itself into different implementation stacks and provides guidelines to control the security risks of permissioned blockchain applications. According to the best of our knowledge, this study is the first research that provides a means to evaluate the security risks of permissioned blockchain applications from a holistic point of view. If users can trust the applications that adopted this framework, this study can hopefully contribute to the adoption of permissioned blockchain technologies.

In recent years, a variety of information security incidents emerge in endlessly, with different types. Security vulnerability is an important factor leading to the security risk of information system, and is the most common and urgent security risk in information system. The research goal of this paper is to seamlessly integrate the security testing process and the integration process of software construction, deployment, operation and maintenance. Through the management platform, the security testing results are uniformly managed and displayed in reports, and the project management system is introduced to develop, regress and manage the closed-loop security vulnerabilities. Before the security vulnerabilities cause irreparable damage to the information system, the security vulnerabilities are found and analyzed Full vulnerability, the formation of security vulnerability solutions to minimize the threat of security vulnerabilities to the information system.

In recent years, new cyber attacks such as targeted attacks have caused extensive damage. With the continuing development of the IoT society, various devices are now connected to the network and are being used for various purposes. The Internet of Things has the potential to link cyber risks to actual property damage, as cyberspace risks are connected to physical space. With this increase in unknown cyber risks, the demand for cyber insurance is increasing. One of the most serious emerging risks is the silent cyber risk, and it is likely to increase in the future. However, at present, security measures against silent cyber risks are insufficient. In this study, we conducted a risk management of silent cyber risk for organizations with the objective of contributing to the development of risk management methods for new cyber risks that are expected to increase in the future. Specifically, we modeled silent cyber risk by focusing on state transitions to different risks. We newly defined two types of silent cyber risk, namely, Alteration risk and Combination risk, and conducted risk assessment. Our assessment identified 23 risk factors, and after analyzing them, we found that all of them were classified as Risk Transference. We clarified that the most effective risk countermeasure for Alteration risk was insurance and for Combination risk was measures to reduce the impact of the risk factors themselves. Our evaluation showed that the silent cyber risk could be reduced by about 50%, thus demonstrating the effectiveness of the proposed countermeasures.

This paper continues analysis of approaches of IT risk assessment and management in modern IT management frameworks. Building on systematicity principles and the review of concepts of risk and methods of risk analysis in the frameworks, we discuss applicability of the methods for business decision-making in the real world and propose ways to their improvement.

Currently, the increasing complexity of DDoS attacks makes it difficult for modern security systems to track them. Machine learning techniques are increasingly being used in such systems as they are well established. However, a new problem arose: the creation of informative datasets. Generative adversarial networks can help create large, high-quality datasets for machine learning training. The article discusses the issue of using generative adversarial networks to generate new patterns of network attacks for the purpose of their further use in training.

Text steganography aims to embed hidden messages in text information while the goal of text steganalysis is to identify the existence of hidden information or further uncover the embedded message from the text. Steganalysis has received significant attention recently for the security and privacy purpose. In this paper, we develop unsupervised learning approaches for text steganalysis. In particular, two detection models based on deep learning have been proposed to detect hidden information that may be embedded in text from a global and a local perspective. Extensive studies have been carried out on the Chinese poetry text steganography datasets. It is seen that the proposed models show strong empirical performance in steganographic text detection.

Digital signal processor (DSP) intellectual property (IP) cores are the underlying hardware responsible for high performance data intensive applications. However an unauthorized IP vendor may counterfeit the DSP IPs and infuse them into the design-chain. Thus fake IPs or integrated circuits (ICs) are unknowingly integrated into consumer electronics (CE) systems, leading to reliability and safety issues for users. The latent solution to this threat is hardware steganography wherein vendor's secret information is covertly inserted into the design to enable detection of counterfeiting. A key-regulated hash-modules chaining based IP steganography is presented in our paper to secure against counterfeiting threat. The proposed approach yielded a robust steganography achieving very high security with regard to stego-key length than previous approaches.

Steganography is the concept to conceal information and the data by embedding it as secret data into various digital medium in order to achieve higher security. To achieve this, many steganographic algorithms are already proposed. The ability of human eyes as well as invisibility remain the most important and prominent factor for the security and protection. The most commonly used security measure of data hiding within imagesYet it is ineffective against Steganalysis and lacks proper verifications. Thus the proposed system of Image Steganography using PVD (Pixel Value Differentiating) proves to be a better choice. It compresses and embeds data in images at the pixel value difference calculated between two consecutive pixels. To increase the security, another technique called Edge Detection is used along with PVD to embed data at the edges. Edge Detection techniques like Canny algorithm are used to find the edges in an image horizontally as well as vertically. The edge pixels in an image can be used to handle more bits of messages, because more pixel value shifts can be handled by the image edge area.

Data exfiltration is of increasing concern throughout the world. The number of incidents and capabilities of data exfiltration attacks are growing at an unprecedented rate. However, such attack vectors have not been deeply explored in the literature. This paper aims to address this gap by implementing a data exfiltration methodology, detailing some data exfiltration methods. Groups of exfiltration methods are incorporated into a program that can act as a testbed for owners of any network that stores sensitive data. The implemented methods are tested against the well-known network intrusion detection system Snort, where all of them have been successfully evaded detection by its community rule sets. Thus, in this paper, we have developed new countermeasures to prevent and detect data exfiltration attempts using these methods.

In this paper, we consider a sequential stochastic Stackelberg game with two players, a leader, and a follower. The follower observes the state of the system privately while the leader does not. Players play Stackelberg equilibrium where the follower plays best response to the leader's strategy. In such a scenario, the leader has the advantage of committing to a policy that maximizes its returns given the knowledge that the follower is going to play the best response to its policy. Such a pair of strategies of both the players is defined as Stackelberg equilibrium of the game. Recently, [1] provided a sequential decomposition algorithm to compute the Stackelberg equilibrium for such games which allow for the computation of Markovian equilibrium policies in linear time as opposed to double exponential, as before. In this paper, we extend that idea to the case when the state update dynamics are not known to the players, to propose an reinforcement learning (RL) algorithm based on Expected Sarsa that learns the Stackelberg equilibrium policy by simulating a model of the underlying Markov decision process (MDP). We use particle filters to estimate the belief update for a common agent that computes the optimal policy based on the information which is common to both the players. We present a security game example to illustrate the policy learned by our algorithm.

In this paper, we proposed a path planning algorithm based on Q-learning model to simulate an environment model, which is suitable for the complex environment. A virtual simulation platform has been built to complete the experiments. The experimental results show that the algorithm proposed in this paper can be effectively applied to the solution of vehicle routing problems in the complex environment.