Biblio

Responding to network security incidents requires interference with ongoing attacks to restore the security of services running on production systems. This approach prevents damage, but drastically impedes the collection of threat intelligence and the analysis of vulnerabilities, exploits, and attack strategies. We propose the live confinement of suspicious microservices into a sandbox network that allows to monitor and analyze ongoing attacks under quarantine and that retains an image of the vulnerable and open production network. A successful sandboxing requires that it happens completely transparent to and cannot be detected by an attacker. Therefore, we introduce a novel metric to measure the Quality of Deception (QoD) and use it to evaluate three proposed network deception mechanisms. Our evaluation results indicate that in our evaluation scenario in best case, an optimal QoD is achieved. In worst case, only a small downtime of approx. 3s per microservice (MS) occurs and thus a momentary drop in QoD to 70.26% before it converges back to optimum as the quarantined services are restored.

The sheer size of IoT networks being deployed today presents an "attack surface" and poses significant security risks at a scale never before encountered. In other words, a single device/node in a network that becomes infected with malware has the potential to spread malware across the network, eventually ceasing the network functionality. Simply detecting and quarantining the malware in IoT networks does not guarantee to prevent malware propagation. On the other hand, use of traditional control theory for malware confinement is not effective, as most of the existing works do not consider real-time malware control strategies that can be implemented using uncertain infection information of the nodes in the network or have the containment problem decoupled from network performance. In this work, we propose a two-pronged approach, where a runtime malware detector (HaRM) that employs Hardware Performance Counter (HPC) values to detect the malware and benign applications is devised. This information is fed during runtime to a stochastic model predictive controller to confine the malware propagation without hampering the network performance. With the proposed solution, a runtime malware detection accuracy of 92.21% with a runtime of 10ns is achieved, which is an order of magnitude faster than existing malware detection solutions. Synthesizing this output with the model predictive containment strategy lead to achieving an average network throughput of nearly 200% of that of IoT networks without any embedded defense.

Cloud computing is not adequately secure due to the currently used traditional trust methods such as global trust model and local trust model. These are prone to security vulnerabilities. This paper introduces a trust model based on the fuzzy mathematics and gray relational theory. Fuzzy mathematics and gray relational analysis (Fuzzy-GRA) aims to improve the poor dynamic adaptability of cloud computing. Fuzzy-GRA platform is used to test and validate the behavior of the model. Furthermore, our proposed model is compared to other known models. Based on the experimental results, we prove that our model has the edge over other existing models.

This paper proposes a triple-layer, high capacity, message security scheme. The first two layers are of a cryptographic nature, whereas the third layer is of a steganographic nature. In the first layer, AES-128 encryption is performed on the secret message. In the second layer, a chaotic logistic map encryption is applied on the output of the first secure layer to increase the security of the scheme. In the third layer of security, a 2D image steganography technique is performed, where the least significant bit (LSB) -embedding is done according to a zigzag pattern in each of the three color planes of the cover image (i.e. RGB). The distinguishing feature of the proposed scheme is that the secret data is hidden in a zigzag manner that cannot be predicted by a third party. Moreover, our scheme achieves higher values of peak signal to noise ratio (PPSNR), mean square error (MSE), the structural similarity index metric (SSIM), normal cross correlation (NCC) and image fidelity (IF) compared to its counterparts form the literature. In addition, a histogram analysis as well as the high achieved capacity are magnificent indicators for a reliable and high capacity steganographic scheme.

This paper presents a framework for medium access control (MAC) and physical (PRY) cross-layer security design of wireless avionics intra-communications (WAICs). The paper explores the different options based on the latest results of MAC-PRY cross-layer design and the available standard technologies for WAICs. Particular emphasis is given to solutions based on multiple-input multiple-output (MIMO) systems and recent developments towards a wireless technology with ultra-low latency and high reliability in the context of 5G and machine-type traffic support. One major objective is to improve WAICs technology and thus match the real-time, reliability and safety critical performance of the internal aeronautics bus technologies (e.g., ARINC 664). The main identified vulnerabilities and potential solutions are explored, as well as their impact on system design complexity and feasibility for wireless networks on-board aircraft. The solutions are presented in the context of the European project SCOTT (secure connected trustable things) using the recently released reference architecture for trusted IoT systems. Other aspects of SCOTT such as trust, privacy, security classes, and safety are also discussed here for the aeronautics domain.

The burgeoning Internet of Things (IoT) has offered unprecedented opportunities for innovations and applications that are continuously changing our life. At the same time, the large amount of pervasive IoT applications have posed paramount threats to the user's security and privacy. While a lot of efforts have been dedicated to deal with such threats from the hardware, the software, and the applications, in this paper, we argue and envision that more effective and comprehensive protection for IoT systems can only be achieved via a cross-layer approach. As such, we present our initial design of XLF, a cross-layer framework towards this goal. XLF can secure the IoT systems not only from each individual layer of device, network, and service, but also through the information aggregation and correlation of different layers.

With the explosive data growth arise from internet of things, how to ensure information security is facing unprecedented challenges. In this paper, a joint PHY/MAC layer security scheme with artificial noise design in singular value decomposition (SVD) based multiple input multiple output hybrid automatic retransmission request (MIMO HARQ) system is proposed to resolve the problem of low data rates in existing cross-layer security design and further adapt to the high data rate requirement of 5G. First, the SVD was applied to simplify MIMO systems into several parallel sub-channels employing HARQ protocol. Then, different from traditional null space based artificial noise design, the artificial noise design, which is dependent on the characteristics of channel states and transmission rounds, is detailed presented. Finally, the analytical and simulation results proved that with the help of the proposed artificial noise, both the information security and data rate performance can be significantly improved compared with that in single input single output (SISO) system.

Internet is a common method of trading business today. The usage of cryptocurrencies has increased these days and it has become a trend to utilize them. Cryptocurrency exchange servicers provide different smartphone apps that unfortunately may become the target of malicious attacks. This paper focuses on how it achieves highest security and proposes the multiple layered security analyses method for cryptocurrency exchange servicers.

Hardware vulnerabilities are often due to design mistakes because the designer does not sufficiently consider potential security vulnerabilities at the design stage. As a result, various security solutions have been developed to protect ICs, among which the language-based hardware security verification serves as a promising solution. The verification process will be performed while compiling the HDL of the design. However, similar to other formal verification methods, the language-based approach also suffers from scalability issue. Furthermore, existing solutions either lead to hardware overhead or are not designed for vulnerable or malicious logic detection. To alleviate these challenges, we propose a new language based framework, QIF-Verilog, to evaluate the trustworthiness of a hardware system at register transfer level (RTL). This framework introduces a quantified information flow (QIF) model and extends Verilog type systems to provide more expressiveness in presenting security rules; QIF is capable of checking the security rules given by the hardware designer. Secrets are labeled by the new type and then parsed to data flow, to which a QIF model will be applied. To demonstrate our approach, we design a compiler for QIF-Verilog and perform vulnerability analysis on benchmarks from Trust-Hub and OpenCore. We show that Trojans or design faults that leak information from circuit outputs can be detected automatically, and that our method evaluates the security of the design correctly.

This paper investigates the effectiveness of reinforcement learning (RL) model in clustering as an approach to achieve higher network scalability in distributed cognitive radio networks. Specifically, it analyzes the effects of RL parameters, namely the learning rate and discount factor in a volatile environment, which consists of member nodes (or secondary users) that launch attacks with various probabilities of attack. The clusterhead, which resides in an operating region (environment) that is characterized by the probability of attacks, countermeasures the malicious SUs by leveraging on a RL model. Simulation results have shown that in a volatile operating environment, the RL model with learning rate α= 1 provides the highest network scalability when the probability of attacks ranges between 0.3 and 0.7, while the discount factor γ does not play a significant role in learning in an operating environment that is volatile due to attacks.

In this paper, secrecy outage probability (SOP) of cooperative communications in ESCRNs is numerically evaluated by the recommended precise closed-form formula which is corroborated by numerous computer simulations. Results expose that the relay's location, energy scavenging time, message recovering time, and power division for energy scavenging and message recovering dramatically impact the SOP of the cooperative communications in ESCRNs. Moreover, results infer that the SOP is constant either in energy scavenging non-cognitive networks (ES-nonCRNs) or in ESCRNs with infinite power transmitters.

In this paper, we propose an exact closed-form expression of secrecy outage probability (SOP) for underlay cognitive network with energy scavenging capable relay over Nakagami-m fading channels and under both (maximum transmit and interference) power constraints. Various results validated the proposed expression and shed insights into the security performance of this network in key specifications.

In this paper, the physical layer (PHY)security performance of a dual-hop cooperative relaying in a cognitive-radio system in the presence of an eavesdropper is investigated. The dual-hop transmission is composed of an asymmetric radio frequency (RF)link and a free space optical (FSO)link. In the considered system, an unlicensed secondary user (SU)uses the spectrum which is shared by a licensed primary user (PU)in a controlled manner to keep the interference at PU receiver, below a predefined value. Furthermore, among M available relays, one relay with the best end-to-end signal-to-noise-ratio (SNR)is selected for transmission. It is assumed that all of the RF links follow Rayleigh fading and all of the FSO links follow Gamma-Gamma distribution. Simulations results for some important security metrics, such as the average secrecy capacity (SC), and secrecy outage probability (SOP)are presented, where some practical issues of FSO links such as atmospheric turbulence, and pointing errors are taken into consideration.

Matrices as mathematical models have been used in each branch of scientific fields for hundred years. We propose a new type of matrices, called topological coding matrices (Topcode-matrices). Topcode-matrices show us the following advantages: Topcode-matrices can be saved in computer easily and run quickly in computation; since a Topcode-matrix corresponds two or more Topsnut-gpws, so Topcode-matrices can be used to encrypt networks such that the encrypted networks have higher security; Topcode-matrices can be investigated and applied by people worked in more domains; Topcode-matrices can help us to form new operations, new parameters and new topics of graph theory, such as vertex/edge splitting operations and connectivities of graphs. Several properties and applications on Topcode-matrices, and particular Topcode-matrices, as well as unknown problems are introduced.

The presented method of encoding and steganographic embedding of a series of bits for the hidden message was first developed by modifying the digital platform (bases) of the elements of the image container. Unlike other methods, steganographic coding and embedding is accomplished by changing the elements of the image fragment, followed by the formation of code structures for the established structure of the digital representation of the structural elements of the image media image. The method of estimating quantitative indicators of embedded critical data is presented. The number of bits of the container for the developed method of steganographic coding and embedding of critical information is estimated. The efficiency of the presented method is evaluated and the comparative analysis of the value of the embedded digital data in relation to the method of weight coefficients of the discrete cosine transformation matrix, as well as the comparative analysis of the developed method of steganographic coding, compared with the Koch and Zhao methods to determine the embedded data resistance against attacks of various types. It is determined that for different values of the quantization coefficient, the most critical are the built-in containers of critical information, which are built by changing the part of the digital video data platform depending on the size of the digital platform and the number of bits of the built-in container.

{1 We present a construction for exact-repair regenerating codes with an information-theoretic secrecy guarantee against an eavesdropper with access to the content of (up to) ℓ nodes. The proposed construction works for the entire range of per-node storage and repair bandwidth for any distributed storage system with parameters (n

In a linear code, a code symbol with (r, δ)-locality can be repaired by accessing at most r other code symbols in case of at most δ - 1 erasures. A q-ary (n, k, r, δ) locally repairable codes (LRC) in which every code symbol has (r, δ)-locality is said to be optimal if it achieves the Singleton-like bound derived by Prakash et al.. In this paper, we study the classification of optimal ternary (n, k, r, δ)-LRCs (δ \textbackslashtextgreater 2). Firstly, we propose an upper bound on the minimum distance of optimal q-ary LRCs in terms of the field size. Then, we completely determine all the 6 classes of possible parameters with which optimal ternary (n, k, r, δ)-LRCs exist. Moreover, explicit constructions of all these 6 classes of optimal ternary LRCs are proposed in the paper.

Wireless technology has seen a tremendous growth in the recent past. Orthogonal Frequency Division Multiplexing (OFDM) modulation scheme has been utilized in almost all the advanced wireless techniques because of the advantages it offers. Hence in this aspect, SystemVue based OFDM transceiver has been developed with AWGN as the channel noise. To mitigate the channel noise Convolutional code with Viterbi decoder has been depicted. Further to protect the information from the malicious users the data is scrambled with the aid of gold codes. The performance of the transceiver is analysed through various Bit Error Rate (BER) versus Signal to Noise Ratio (SNR) graphs.

With an increasing number of wireless devices, the risk of being eavesdropped increases as well. From information theory, it is well known that wiretap codes can asymptotically achieve vanishing decoding error probability at the legitimate receiver while also achieving vanishing leakage to eavesdroppers. However, under finite blocklength, there exists a tradeoff among different parameters of the transmission. In this work, we propose a flexible wiretap code design for Gaussian wiretap channels under finite blocklength by neural network autoencoders. We show that the proposed scheme has higher flexibility in terms of the error rate and leakage tradeoff, compared to the traditional codes.

In the deep learning tasks, we can design different network models to address different tasks (classification, detection, segmentation). But traditional deep learning networks simply increase the depth and breadth of the network. This leads to a higher complexity of the model. We propose Adaptively Weighted Channel Feature Network of Mixed Convolution Kernel(SKENet). SKENet extract features from different kernels, then mixed those features by elementwise, lastly do sigmoid operator on channel features to get adaptive weightings. We did a simple classification test on the CIFAR10 amd CIFAR100 dataset. The results show that SKENet can achieve a better result in a shorter time. After that, we did an object detection experiment on the VOC dataset. The experimental results show that SKENet is far ahead of the SKNet[20] in terms of speed and accuracy.

To solve the problems of weak linkage ability and low intellectualization of strategy allocation in existing network security devices, a new method of cognitive linkage of network security equipment is proposed by learning from human brain. Firstly, the basic connotation and cognitive cycle of cognitive linkage are expounded. Secondly, the main functions of cognitive linkage are clarified. Finally, the cognitive linkage system model is constructed, and the information process flow of cognitive linkage is described. Cognitive linkage of network security equipment provides a new way to effectively enhance the overall protection capability of network security equipment.

Biometrics manages the computerized acknowledgment of people dependent on natural and social attributes. The example acknowledgment framework perceives an individual by deciding the credibility of a particular conduct normal for person. The primary rule of biometric framework is recognizable proof and check. A biometric confirmation framework use fingerprints, face, hand geometry, iris, and voice, mark, and keystroke elements of a person to recognize an individual or to check a guaranteed character. Biometrics authentication is a form of identification and access control process which identify individuals in packs that are under reconnaissance. Biometric security system increase in the overall security and individuals no longer have to deal with lost ID Cards or forgotten passwords. It helps much organization to see everyone is at a certain time when something might have happened that needs reviewed. The current issues in biometric system with individuals and many organization facing are personal privacy, expensive, data's may be stolen.

IoT based technology are drastically accelerating the informationization development of the power grid system of China that consists of a huge number of power terminal devices interconnected by the network of electric power IoT. However, the networked power terminal equipment oriented cyberspace security has continually become a challenging problem as network attack is continually varying and evolving. In this paper, we concentrate on the security risk of power terminal equipment and their vulnerability based on ATP attack detection and defense. We first analyze the attack mechanism of APT security attack based on power terminal equipment. Based on the analysis of the security and attack of power IoT terminal device, an ontology-based knowledge representation method of power terminal device and its vulnerability is proposed.

The inforrmation age continues to transform the mechanics of integrating electric power devices and systems, from coordinated operations based purely on the physics of electric power engineering to an increasing blend of power with information and communication technology. Integrating electric system components is not just about attaching wires. It requires the connection of computer-based automation systems to associated sensing and communication equipment. The architectural impacts are significant. Well-considered and commonly held concepts, principles, and organizational structures continue to emerge to address the complexity of the integrated operational challenges that drive our society to expect more flexibility in configuring the electric power system, while simultaneously achieving greater efficiency, reliability, and resilience. Architectural concepts, such as modularity and composability, contribute to the creation of structures that enable the connection of power system equipment characterized by clearly defined interfaces consisting of physical and cyberlinks. The result of successful electric power system component connection is interoperation: the discipline that drives integration to be simple and reliable.

Anonymous Communication (AC) hides traffic patterns and protects message metadata from being leaked during message transmission. Many practical AC systems have been proposed aiming to reduce communication latency and support a large number of users. However, how to design AC systems which possess strong security property and at the same time achieve optimal performance (i.e., the lowest latency or highest horizontal scalability) has been a challenging problem. In this paper, we propose an ObliComm framework, which consists of six modular AC subroutines. We also present a strong security definition for AC, named oblivious communication, encompassing confidentiality, unobservability, and a new requirement sending-and-receiving operation hiding. The AC subroutines in ObliComm allow for modular construction of oblivious communication systems in different network topologies. All constructed systems satisfy oblivious communication definition and can be provably secure in the universal composability (UC) framework. Additionally, we model the relationship between the network topology and communication measurements by queuing theory, which enables the system's efficiency can be optimized and estimated by quantitative analysis and calculation. Through theoretical analyses and empirical experiments, we demonstrate the efficiency of our scheme and soundness of the queuing model.