Visible to the public Biblio

Found 1529 results

Filters: Keyword is security  [Clear All Filters]
2020-01-13
Frey, Michael, Gündoğan, Cenk, Kietzmann, Peter, Lenders, Martine, Petersen, Hauke, Schmidt, Thomas C., Juraschek, Felix, Wählisch, Matthias.  2019.  Security for the Industrial IoT: The Case for Information-Centric Networking. 2019 IEEE 5th World Forum on Internet of Things (WF-IoT). :424–429.
Industrial production plants traditionally include sensors for monitoring or documenting processes, and actuators for enabling corrective actions in cases of misconfigurations, failures, or dangerous events. With the advent of the IoT, embedded controllers link these `things' to local networks that often are of low power wireless kind, and are interconnected via gateways to some cloud from the global Internet. Inter-networked sensors and actuators in the industrial IoT form a critical subsystem while frequently operating under harsh conditions. It is currently under debate how to approach inter-networking of critical industrial components in a safe and secure manner.In this paper, we analyze the potentials of ICN for providing a secure and robust networking solution for constrained controllers in industrial safety systems. We showcase hazardous gas sensing in widespread industrial environments, such as refineries, and compare with IP-based approaches such as CoAP and MQTT. Our findings indicate that the content-centric security model, as well as enhanced DoS resistance are important arguments for deploying Information Centric Networking in a safety-critical industrial IoT. Evaluation of the crypto efforts on the RIOT operating system for content security reveal its feasibility for common deployment scenarios.
Mohamed, Nader, Al-Jaroodi, Jameela.  2019.  A Middleware Framework to Address Security Issues in Integrated Multisystem Applications. 2019 IEEE International Systems Conference (SysCon). :1–6.
Integrating multiple programmable components and subsystems developed by different manufacturers into a final system (a system of systems) can create some security concerns. While there are many efforts for developing interoperability approaches to enable smooth, reliable and safe integration among different types of components to build final systems for different applications, less attention is usually given for the security aspects of this integration. This may leave the final systems exposed and vulnerable to potential security attacks. The issues elevate further when such systems are also connected to other networks such as the Internet or systems like fog and cloud computing. This issue can be found in important industrial applications like smart medical, smart manufacturing and smart city systems. As a result, along with performance, safety and reliability; multisystem integration must also be highly secure. This paper discusses the security issues instigated by such integration. In addition, it proposes a middleware framework to address the security issues for integrated multisystem applications.
Potrino, Giuseppe, de Rango, Floriano, Santamaria, Amilcare Francesco.  2019.  Modeling and evaluation of a new IoT security system for mitigating DoS attacks to the MQTT broker. 2019 IEEE Wireless Communications and Networking Conference (WCNC). :1–6.
In recent years, technology use has assumed an important role in the support of human activities. Intellectual work has become the main preferred human activity, while structured activities are going to become ever more automatized for increasing their efficiency. For this reason, we assist to the diffusion of ever more innovative devices able to face new emergent problems. These devices can interact with the environment and each other autonomously, taking decisions even without human control. This is the Internet of Things (IoT) phenomenon, favored by low cost, high mobility, high interaction and low power devices. This spread of devices has become uncontrolled, but security in this context continues to increase slowly. The purpose of this work is to model and evaluate a new IoT security system. The context is based on a generic IoT system in the presence of lightweight actuator and sensor nodes exchanging messages through Message Queue Telemetry Transport (MQTT) protocol. This work aims to increase the security of this protocol at application level, particularly mitigating Denial of Service (DoS) attacks. The system is based on the use of a host Intrusion Detection System (IDS) which applies a threshold based packet discarding policy to the different topics defined through MQTT.
Ivkic, Igor, Mauthe, Andreas, Tauber, Markus.  2019.  Towards a Security Cost Model for Cyber-Physical Systems. 2019 16th IEEE Annual Consumer Communications Networking Conference (CCNC). :1–7.
In times of Industry 4.0 and cyber-physical systems (CPS) providing security is one of the biggest challenges. A cyber attack launched at a CPS poses a huge threat, since a security incident may affect both the cyber and the physical world. Since CPS are very flexible systems, which are capable of adapting to environmental changes, it is important to keep an overview of the resulting costs of providing security. However, research regarding CPS currently focuses more on engineering secure systems and does not satisfactorily provide approaches for evaluating the resulting costs. This paper presents an interaction-based model for evaluating security costs in a CPS. Furthermore, the paper demonstrates in a use case driven study, how this approach could be used to model the resulting costs for guaranteeing security.
Kabiri, Peyman, Chavoshi, Mahdieh.  2019.  Destructive Attacks Detection and Response System for Physical Devices in Cyber-Physical Systems. 2019 International Conference on Cyber Security and Protection of Digital Services (Cyber Security). :1–6.
Nowadays, physical health of equipment controlled by Cyber-Physical Systems (CPS) is a significant concern. This paper reports a work, in which, a hardware is placed between Programmable Logic Controller (PLC) and the actuator as a solution. The proposed hardware operates in two conditions, i.e. passive and active. Operation of the proposed solution is based on the repetitive operational profile of the actuators. The normal operational profile of the actuator is fed to the protective hardware and is considered as the normal operating condition. In the normal operating condition, the middleware operates in its passive mode and simply monitors electronic signals passing between PLC and Actuator. In case of any malicious operation, the proposed hardware operates in its active mode and both slowly stops the actuator and sends an alert to SCADA server initiating execution of the actuator's emergency profile. Thus, the proposed hardware gains control over the actuator and prevents any physical damage on the operating devices. Two sample experiments are reported in which, results of implementing the proposed solution are reported and assessed. Results show that once the PLC sends incorrect data to actuator, the proposed hardware detects it as an anomaly. Therefore, it does not allow the PLC to send incorrect and unauthorized data pattern to its actuator. Significance of the paper is in introducing a solution to prevent destruction of physical devices apart from source or purpose of the encountered anomaly and apart from CPS functionality or PLC model and operation.
Durgapu, Swetha, Kiran, L. Venkateshwara, Madhavi, Valli.  2019.  A Novel Approach on Mobile Devices Fast Authentication and Key Agreement. 2019 International Conference on Vision Towards Emerging Trends in Communication and Networking (ViTECoN). :1–4.
Mechanism to-Rube Goldberg invention accord is normal habituated to for apartment phones and Internet of Things. Agree and central knowledge are open to meet an unfailing turning between twosome gadgets. In ignoble fracas, factual methodologies many a time eon wait on a prefabricated solitarily pronunciation database and bear the ill effects of serene age rate. We verifiable GeneWave, a brusque gadget inspection and root assention convention for item cell phones. GeneWave mischievous accomplishes bidirectional ingenious inspection office on the physical reaction meantime between two gadgets. To evade the resolution of interim in compliance, we overshadow overseas time fragility on ware gadgets skim through steep flag location and excess time crossing out. At zigzag goal, we success out the elementary acoustic channel reaction for gadget verification. We combination an extraordinary coding pointing for virtual key assention while guaranteeing security. Consequently, two gadgets heart signal couple choice and safely concur on a symmetric key.
Yugha, R., Chithra, S..  2019.  Attribute Based Trust Evaluation for Secure RPL Protocol in IoT Environment. 2019 International Conference on Vision Towards Emerging Trends in Communication and Networking (ViTECoN). :1–7.
Internet of Things (IoT) is an advanced automation technology and analytics systems which connected physical objects that have access through the Internet and have their unique flexibility and an ability to be suitable for any environment. There are some critical applications like smart health care system, in which the data collection, sharing and routing through IoT has to be handled in sensitive way. The IPv6 Routing Protocol for LL(Low-power and Lossy) networks (RPL) is the routing protocols to ensure reliable data transfer in 6LOWPAN networks. However, RPL is vulnerable to number of security attacks which creates a major impact on energy consumption and memory requirements which is not suitable for energy constraint networks like IoT. This requires secured RPL protocol to be used for critical data transfer. This paper introduces a novel approach of combining a lightweight LBS (Location Based Service) authentication and Attribute Based Trust Evaluation (ABTE). The algorithm has been implemented for smart health care system and analyzed how its perform in the RPL protocol for IoT constrained environments.
Djama, Adel, Djamaa, Badis, Senouci, Mustapha Reda.  2019.  TCP/IP and ICN Networking Technologies for the Internet of Things: A Comparative Study. 2019 International Conference on Networking and Advanced Systems (ICNAS). :1–6.
Interconnecting resource-constrained devices in the Internet of Things (IoT) is generally achieved via IP-based technologies such as 6LoWPAN, which rely on the adaptation of the TCP/IP stack to fit IoT requirements. Very recent researches suggest that the Information-Centric Networking (ICN) paradigm, which switches the way to do networking, by fetching data by names regardless of their location, would provide native support for the functionalities required by IoT applications. Indeed, ICN intrinsic features, such as caching, naming, packet level security and stateful forwarding, favor it as a promising approach in the IoT. This paper gives a qualitative comparative study between the two communication paradigms (TCP/IP and ICN), and discusses their support for IoT environments, with a focus on the required key features such as mobility, scalability, and security.
van Kerkhoven, Jason, Charlebois, Nathaniel, Robertson, Alex, Gibson, Brydon, Ahmed, Arslan, Bouida, Zied, Ibnkahla, Mohamed.  2019.  IPv6-Based Smart Grid Communication over 6LoWPAN. 2019 IEEE Wireless Communications and Networking Conference (WCNC). :1–6.
Smart Grid is a major element of the Smart City concept that enables two-way communication of energy data between electric utilities and their consumers. These communication technologies are going through sharp modernization to meet future demand growth and to achieve reliability, security, and efficiency of the electric grid. In this paper, we implement an IPv6 based two-way communication system between the transformer agent (TA), installed at local electric transformer and various customer agents (CAs), connected to customer's smart meter. Various homes share their energy usage with the TA which in turn sends the utility's recommendations to the CAs. Raspberry Pi is used as hardware for all the CAs and the TA. We implement a self-healing mesh network between all nodes using OpenLab IEEE 802.15.4 chips and Routing Protocol for Low-Power and Lossy Networks (RPL), and the data is secured by RSA/AES keys. Several tests have been conducted in real environments, inside and outside of Carleton University, to test the performance of this communication network in various obstacle settings. In this paper, we highlight the details behind the implementation of this IPv6-based smart grid communication system, the related challenges, and the proposed solutions.
2020-01-07
Hammami, Hamza, Brahmi, Hanen, Ben Yahia, Sadok.  2018.  Secured Outsourcing towards a Cloud Computing Environment Based on DNA Cryptography. 2018 International Conference on Information Networking (ICOIN). :31-36.

Cloud computing denotes an IT infrastructure where data and software are stored and processed remotely in a data center of a cloud provider, which are accessible via an Internet service. This new paradigm is increasingly reaching the ears of companies and has revolutionized the marketplace of today owing to several factors, in particular its cost-effective architectures covering transmission, storage and intensive data computing. However, like any new technology, the cloud computing technology brings new problems of security, which represents the main restrain on turning to this paradigm. For this reason, users are reluctant to resort to the cloud because of security and protection of private data as well as lack of trust in cloud service providers. The work in this paper allows the readers to familiarize themselves with the field of security in the cloud computing paradigm while suggesting our contribution in this context. The security schema we propose allowing a distant user to ensure a completely secure migration of all their data anywhere in the cloud through DNA cryptography. Carried out experiments showed that our security solution outperforms its competitors in terms of integrity and confidentiality of data.

2020-01-02
\v Siser, Anton, Mari\v s, Ladislav, \v Rehák, David, Pellowski, Witalis.  2018.  The Use of Expert Judgement as the Method to Obtain Delay Time Values of Passive Barriers in the Context of the Physical Protection System. 2018 International Carnahan Conference on Security Technology (ICCST). :1–5.
Due to its costly and time-consuming nature and a wide range of passive barrier elements and tools for their breaching, testing the delay time of passive barriers is only possible as an experimental tool to verify expert judgements of said delay times. The article focuses on the possibility of creating and utilizing a new method of acquiring values of delay time for various passive barrier elements using expert judgements which could add to the creation of charts where interactions between the used elements of mechanical barriers and the potential tools for their bypassing would be assigned a temporal value. The article consists of basic description of methods of expert judgements previously applied for making prognoses of socio-economic development and in other societal areas, which are called soft system. In terms of the problem of delay time, this method needed to be modified in such a way that the prospective output would be expressible by a specific quantitative value. To achieve this goal, each stage of the expert judgements was adjusted to the use of suitable scientific methods to select appropriate experts and then to achieve and process the expert data. High emphasis was placed on evaluation of quality and reliability of the expert judgements, which takes into account the specifics of expert selection such as their low numbers, specialization and practical experience.
Alam, Md Jamshed, Kamrul, MD. Imtiaz, Zia Ur Rashid, S. M., Rashid, Syed Zahidur.  2018.  An Expert System Based on Belief Rule to Assess Bank Surveillance Security. 2018 International Conference on Innovations in Science, Engineering and Technology (ICISET). :451–454.
Surveillance is the monitoring of the behavior, activities or other changing information whereas security means the state of being protected from harmful activities. Nowadays proper surveillance security is considered as a challenging issue in the world and security has become a major concern from real life to virtual life. Tech-giants are implementing new solutions & techniques for better security assessment. This paper illustrates the design and implementation of a Belief Rule Based Expert System (BRBES) to overcome the uncertainty problems during bank security assessment. The proposed expert system has been developed based on generic Belief Rule Based (BRB) inference methodology using Evidential Reasoning algorithm (RIMER). Real-time security data has been taken from several banks of Bangladesh in conjunction with the expert's opinion to construct the knowledge base. This expert system provides more reliable and effective result under uncertainties which is better than any other traditional expert's prediction. Real life case studies were used for the validation of this system. Also, the outcome is compared with the real-life security system. Furthermore, the architectural design, implementation and utilization of an expert system to assess bank security under uncertainty are also discussed in this paper.
Shabanov, Boris, Sotnikov, Alexander, Palyukh, Boris, Vetrov, Alexander, Alexandrova, Darya.  2019.  Expert System for Managing Policy of Technological Security in Uncertainty Conditions: Architectural, Algorithmic, and Computing Aspects. 2019 IEEE Conference of Russian Young Researchers in Electrical and Electronic Engineering (EIConRus). :1716–1721.
The paper discusses the architectural, algorithmic and computing aspects of creating and operating a class of expert system for managing technological safety of an enterprise, in conditions of a large flow of diagnostic variables. The algorithm for finding a faulty technological chain uses expert information, formed as a set of evidence on the influence of diagnostic variables on the correctness of the technological process. Using the Dempster-Schafer trust function allows determining the overall probability measure on subsets of faulty process chains. To combine different evidence, the orthogonal sums of the base probabilities determined for each evidence are calculated. The procedure described above is converted into the rules of the knowledge base production. The description of the developed prototype of the expert system, its architecture, algorithmic and software is given. The functionality of the expert system and configuration tools for a specific type of production are under discussion.
Yu, Jianguo, Tian, Pei, Feng, Haonan, Xiao, Yan.  2018.  Research and Design of Subway BAS Intrusion Detection Expert System. 2018 IEEE 3rd Advanced Information Technology, Electronic and Automation Control Conference (IAEAC). :152–156.
The information security of urban rail transit system faces great challenges. As a subsystem of the subway, BAS is short for Building Automation System, which is used to monitor and manage subway equipment and environment, also facing the same problem. Based on the characteristics of BAS, this paper designed a targeted intrusion detection expert system. This paper focuses on the design of knowledge base and the inference engine of intrusion detection system based on expert system. This study laid the foundation for the research on information security of the entire rail transit system.
Talasila, Prasad, Kakrambe, Mihir, Rai, Anurag, Santy, Sebastin, Goveas, Neena, Deshpande, Bharat M..  2018.  BITS Darshini: A Modular, Concurrent Protocol Analyzer Workbench. Proceedings of the 19th International Conference on Distributed Computing and Networking. :54:1–54:10.
Network measurements are essential for troubleshooting and active management of networks. Protocol analysis of captured network packet traffic is an important passive network measurement technique used by researchers and network operations engineers. In this work, we present a measurement workbench tool named BITS Darshini (Darshini in short) to enable scientific network measurements. We have created Darshini as a modular, concurrent web application that stores experimental meta-data and allows users to specify protocol parse graphs. Darshini performs protocol analysis on a concurrent pipeline architecture, persists the analysis to a database and provides the analysis results via a REST API service. We formulate the problem of mapping protocol parse graph to a concurrent pipeline as a graph embedding problem. Our tool, Darshini, performs protocol analysis up to transport layer and is suitable for the study of small and medium-sized networks. Darshini enables secure collaboration and consultations with experts.
Jung, Byungho, Kim, Taeguen, Im, Eul Gyu.  2018.  Malware Classification Using Byte Sequence Information. Proceedings of the 2018 Conference on Research in Adaptive and Convergent Systems. :143–148.
The number of new malware and new malware variants have been increasing continuously. Security experts analyze malware to capture the malicious properties of malware and to generate signatures or detection rules, but the analysis overheads keep increasing with the increasing number of malware. To analyze a large amount of malware, various kinds of automatic analysis methods are in need. Recently, deep learning techniques such as convolutional neural network (CNN) and recurrent neural network (RNN) have been applied for malware classifications. The features used in the previous approches are mostly based on API (Application Programming Interface) information, and the API invocation information can be obtained through dynamic analysis. However, the invocation information may not reflect malicious behaviors of malware because malware developers use various analysis avoidance techniques. Therefore, deep learning-based malware analysis using other features still need to be developed to improve malware analysis performance. In this paper, we propose a malware classification method using the deep learning algorithm based on byte information. Our proposed method uses images generated from malware byte information that can reflect malware behavioral context, and the convolutional neural network-based sentence analysis is used to process the generated images. We performed several experiments to show the effecitveness of our proposed method, and the experimental results show that our method showed higher accuracy than the naive CNN model, and the detection accuracy was about 99%.
Aslan, Ça\u grı B., Sa\u glam, Rahime Belen, Li, Shujun.  2018.  Automatic Detection of Cyber Security Related Accounts on Online Social Networks: Twitter As an Example. Proceedings of the 9th International Conference on Social Media and Society. :236–240.
Recent studies have revealed that cyber criminals tend to exchange knowledge about cyber attacks in online social networks (OSNs). Cyber security experts are another set of information providers on OSNs who frequently share information about cyber security incidents and their personal opinions and analyses. Therefore, in order to improve our knowledge about evolving cyber attacks and the underlying human behavior for different purposes (e.g., crime investigation, understanding career development of cyber criminals and cyber security professionals, detection of impeding cyber attacks), it will be very useful to detect cyber security related accounts on OSNs automatically, and monitor their activities. This paper reports our preliminarywork on automatic detection of cyber security related accounts on OSNs using Twitter as an example. Three machine learning based classification algorithms were applied and compared: decision trees, random forests, and SVM (support vector machines). Experimental results showed that both decision trees and random forests had performed well with an overall accuracy over 95%, and when random forests were used with behavioral features the accuracy had reached as high as 97.877%.
Trotter, Ludwig, Prange, Sarah, Khamis, Mohamed, Davies, Nigel, Alt, Florian.  2018.  Design Considerations for Secure and Usable Authentication on Situated Displays. Proceedings of the 17th International Conference on Mobile and Ubiquitous Multimedia. :483–490.
Users often need to authenticate at situated displays in order to, for example, make purchases, access sensitive information, or confirm an identity. However, the exposure of interactions in public spaces introduces a large attack surface (e.g., observation, smudge or thermal attacks). A plethora of authentication models and input modalities that aim at disguising users' input has been presented in the past. However, a comprehensive analysis on the requirements for secure and usable authentication on public displays is still missing. This work presents 13 design considerations suitable to inform practitioners and researchers during the development process of authentication systems for situated displays in public spaces. It draws on a comprehensive analysis of prior literature and subsequent discussion with five experts in the fields of pervasive displays, human-computer-interaction and usable security.
Ur, Blase.  2018.  SIGCHI Outstanding Dissertation Award – Supporting Password Decisions with Data. Extended Abstracts of the 2018 CHI Conference on Human Factors in Computing Systems. :Award1:1–Award1:3.
Abstract Despite decades of research into developing abstract security advice and improving interfaces, users still struggle to make passwords. Users frequently create passwords that are predictable for attackers [1, 9] or make other decisions (e.g., reusing the same password across accounts) that harm their security [2, 8]. In this thesis,1 I use data-driven methods to better understand how users choose passwords and how attackers guess passwords. I then combine these insights into a better password-strength meter that provides real-time, data-driven feedback about the user's password. I first quantify the impact on password security and usability of showing users different password-strength meters that score passwords using basic heuristics. I find in a 2,931- participant online study that meters that score passwords stringently and present their strength estimates visually lead users to create stronger passwords without significantly impacting password memorability [6]. Second, to better understand how attackers guess passwords, I perform comprehensive experiments on password-cracking approaches. I find that simply running these approaches in their default configuration is insufficient, but considering multiple well-configured approaches in parallel can serve as a proxy for guessing by an expert in password forensics [9]. The third and fourth sections of this thesis delve further into how users choose passwords. Through a series of analyses, I pinpoint ways in which users structure semantically significant content in their passwords [7]. I also examine the relationship between users' perceptions of password security and passwords' actual security, finding that while users often correctly judge the security impact of individual password characteristics, wide variance in their understanding of attackers may lead users to judge predictable passwords as sufficiently strong [5]. Finally, I integrate these insights into an open-source2 password-strength meter that gives users data-driven feedback about their specific password. This meter uses neural networks [3] and numerous carefully combined heuristics to score passwords and generate data-driven text feedback about a given password. I evaluate this meter through a ten-participant laboratory study and 4,509-participant online study [4]. Under the more common password-composition policy we tested, we find that the data-driven meter with detailed feedback leads users to create more secure, and no less memorable, passwords than a meter with only a bar as a strength indicator. In sum, the objective of this thesis is to demonstrate how integrating data-driven insights about how users create and how attackers guess passwords into a tool that presents real-time feedback can help users make better passwords.
2019-12-30
Peldszus, Sven, Strüber, Daniel, Jürjens, Jan.  2018.  Model-Based Security Analysis of Feature-Oriented Software Product Lines. Proceedings of the 17th ACM SIGPLAN International Conference on Generative Programming: Concepts and Experiences. :93-106.
Today's software systems are too complex to ensure security after the fact – security has to be built into systems by design. To this end, model-based techniques such as UMLsec support the design-time specification and analysis of security requirements by providing custom model annotations and checks. Yet, a particularly challenging type of complexity arises from the variability of software product lines. Analyzing the security of all products separately is generally infeasible. In this work, we propose SecPL, a methodology for ensuring security in a software product line. SecPL allows developers to annotate the system design model with product-line variability and security requirements. To keep the exponentially large configuration space tractable during security checks, SecPL provides a family-based security analysis. In our experiments, this analysis outperforms the naive strategy of checking all products individually. Finally, we present the results of a user study that indicates the usability of our overall methodology.
Zhang, Zhenyong, Wu, Junfeng, Yau, David, Cheng, Peng, Chen, Jiming.  2018.  Secure Kalman Filter State Estimation by Partially Homomorphic Encryption. 2018 ACM/IEEE 9th International Conference on Cyber-Physical Systems (ICCPS). :345–346.
Recently, the security of state estimation has been attracting significant research attention due to the need for trustworthy situation awareness in emerging (e.g., industrial) cyber-physical systems. In this paper, we investigate secure estimation based on Kalman filtering (SEKF) using partially homomorphically encrypted data. The encryption will enhance the confidentiality not only of data transmitted in the communication network, but also key system information required by the estimator. We use a multiplicative homomorphic encryption scheme, but with a modified decryption algorithm. SEKF is able to conceal comprehensive information (i.e., system parameters, measurements, and state estimates) aggregated at the sink node of the estimator, while retaining the effectiveness of normal Kalman filtering. Therefore, even if an attacker has gained unauthorized access to the estimator and associated communication channels, he will not be able to obtain sufficient knowledge of the system state to guide the attack, e.g., ensure its stealthiness. We present an implementation structure of the SEKF to reduce the communication overhead compared with traditional secure multiparty computation (SMC) methods. Finally, we demonstrate the effectiveness of the SEKF on an IEEE 9-bus power system.
Loyka, Kyle, Zhou, He, Khatri, Sunil P..  2018.  A Homomorphic Encryption Scheme Based on Affine Transforms. Proceedings of the 2018 on Great Lakes Symposium on VLSI. :51–56.
As more businesses and consumers move their information storage to the cloud, the need to protect sensitive data is higher than ever. Using encryption, data access can be restricted to only authorized users. However, with standard encryption schemes, modifying an encrypted file in the cloud requires a complete file download, decryption, modification, and upload. This is cumbersome and time-consuming. Recently, the concept of homomorphic computing has been proposed as a solution to this problem. Using homomorphic computation, operations may be performed directly on encrypted files without decryption, hence avoiding exposure of any sensitive user information in the cloud. This also conserves bandwidth and reduces processing time. In this paper, we present a homomorphic computation scheme that utilizes the affine cipher applied to the ASCII representation of data. To the best of the authors» knowledge, this is the first use of affine ciphers in homomorphic computing. Our scheme supports both string operations (encrypted string search and concatenation), as well as arithmetic operations (encrypted integer addition and subtraction). A design goal of our proposed homomorphism is that string data and integer data are treated identically, in order to enhance security.
Chen, Jing, Du, Ruiying.  2009.  Fault Tolerance and Security in Forwarding Packets Using Game Theory. 2009 International Conference on Multimedia Information Networking and Security. 2:534–537.
In self-organized wireless network, such as ad hoc network, sensor network or mesh network, nodes are independent individuals which have different benefit; Therefore, selfish nodes refuse to forward packets for other nodes in order to save energy which causes the network fault. At the same time, some nodes may be malicious, whose aim is to damage the network. In this paper, we analyze the cooperation stimulation and security in self-organized wireless networks under a game theoretic framework. We first analyze a four node wireless network in which nodes share the channel by relaying for others during its idle periods in order to help the other nodes, each node has to use a part of its available channel capacity. And then, the fault tolerance and security problem is modeled as a non-cooperative game in which each player maximizes its own utility function. The goal of the game is to maximize the utility function in the giving condition in order to get better network efficiency. At last, for characterizing the efficiency of Nash equilibria, we analyze the so called price of anarchy, as the ratio between the objective function at the worst Nash equilibrium and the optimal objective function. Our results show that the players can get the biggest payoff if they obey cooperation strategy.
Tootaghaj, Diman Zad, Farhat, Farshid, Pakravan, Mohammad-Reza, Aref, Mohammad-Reza.  2011.  Game-theoretic approach to mitigate packet dropping in wireless Ad-hoc networks. 2011 IEEE Consumer Communications and Networking Conference (CCNC). :163–165.
Performance of routing is severely degraded when misbehaving nodes drop packets instead of properly forwarding them. In this paper, we propose a Game-Theoretic Adaptive Multipath Routing (GTAMR) protocol to detect and punish selfish or malicious nodes which try to drop information packets in routing phase and defend against collaborative attacks in which nodes try to disrupt communication or save their power. Our proposed algorithm outranks previous schemes because it is resilient against attacks in which more than one node coordinate their misbehavior and can be used in networks which wireless nodes use directional antennas. We then propose a game theoretic strategy, ERTFT, for nodes to promote cooperation. In comparison with other proposed TFT-like strategies, ours is resilient to systematic errors in detection of selfish nodes and does not lead to unending death spirals.
Kahvazadeh, Sarang, Masip-Bruin, Xavi, Díaz, Rodrigo, Marín-Tordera, Eva, Jurnet, Alejandro, Garcia, Jordi, Juan, Ana, Simó, Ester.  2019.  Balancing Security Guarantees vs QoS Provisioning in Combined Fog-to-Cloud Systems. 2019 10th IFIP International Conference on New Technologies, Mobility and Security (NTMS). :1–6.
Several efforts are currently active in dealing with scenarios combining fog, cloud computing, out of which a significant proportion is devoted to control, and manage the resulting scenario. Certainly, although many challenging aspects must be considered towards the design of an efficient management solution, it is with no doubt that whatever the solution is, the quality delivered to the users when executing services and the security guarantees provided to the users are two key aspects to be considered in the whole design. Unfortunately, both requirements are often non-convergent, thus making a solution suitably addressing both aspects is a challenging task. In this paper, we propose a decoupled transversal security strategy, referred to as DCF, as a novel architectural oriented policy handling the QoS-Security trade-off, particularly designed to be applied to combined fog-to-cloud systems, and specifically highlighting its impact on the delivered QoS.