Biblio

Machine learning is a major area in artificial intelligence, which enables computer to learn itself explicitly without programming. As machine learning is widely used in making decision automatically, attackers have strong intention to manipulate the prediction generated my machine learning model. In this paper we study about the different types of attacks and its countermeasures on machine learning model. By research we found that there are many security threats in various algorithms such as K-nearest-neighbors (KNN) classifier, random forest, AdaBoost, support vector machine (SVM), decision tree, we revisit existing security threads and check what are the possible countermeasures during the training and prediction phase of machine learning model. In machine learning model there are 2 types of attacks that is causative attack which occurs during the training phase and exploratory attack which occurs during the prediction phase, we will also discuss about the countermeasures on machine learning model, the countermeasures are data sanitization, algorithm robustness enhancement, and privacy preserving techniques.

A prioritized cyber defense remediation plan is critical for effective risk management in cyber-physical systems (CPS). The increased integration of Information Technology (IT)/Operational Technology (OT) in CPS has to lead to the need to identify the critical assets which, when affected, will impact resilience and safety. In this work, we propose a methodology for prioritized cyber risk remediation plan that balances operational resilience and economic loss (safety impacts) in CPS. We present a platform for modeling and analysis of the effect of cyber threats and random system faults on the safety of CPS that could lead to catastrophic damages. We propose to develop a data-driven attack graph and fault graph-based model to characterize the exploitability and impact of threats in CPS. We develop an operational impact assessment to quantify the damages. Finally, we propose the development of a strategic response decision capability that proposes optimal mitigation actions and policies that balances the trade-off between operational resilience (Tactical Risk) and Strategic Risk.

The term “smart” has been used in many ways for describing systems and infrastructure such as smart city, smart home, smart grid, smart meter, etc. These systems may lie in the domain of critical security systems where security can be estimated in terms of confidentiality, integrity and some cases may involve availability for protection against the theft or damage of system resources as well as disruption of the system services. Although, in spite of, being a hot topic to enhance the quality of life, there is no concrete definition of what smart system is and what should be the characteristics of it. Thus, there is a need to identify what these systems actually are and how they can be designed securely. This work firstly attempts to describe attributes related to the smartness to define smart systems. Furthermore, we propose a secure smart system development life cycle, where the security is weaved at all the development phase of smart systems according to principles, guidelines, attack patterns, risk, vulnerability, exploits, and defined rules. Finally, the comparative study is performed for evaluation of traditional security modeling techniques for early assessment of threats and risks in smart systems.

Critical infrastructures of all countries unites common cyberspace. In this space, there are many threats that can disrupt the security of critical infrastructure in one country, but also cause damage in other countries. This is a reality that makes it necessary to agree on intergovernmental national views on the composition of critical infrastructures, an assessment of their security and protection. The article presents an overview of views on critical infrastructures of the United States, the European Union, the United Kingdom, and the Russian Federation, the purpose of which is to develop common positions.

IoT-based services are widely increasing due to their advantages such as economy, automation, and comfort. Smart cities are among major applications of IoT-based systems. However, security and privacy threats are vital issues challenging the utilization of such services. Connectivity nature, variety of data technology, and volume of data maintained through these systems make their security analysis a difficult process. Threat modeling is one the best practices for security analysis, especially for complex systems. This paper proposes a threat extraction method for IoT-based systems. We elaborate on a smart city scenario with three services including lighting, car parking, and waste management. Investigating on these services, firstly, we identify thirty-two distinct threat types. Secondly, we distinguish threat root causes by associating a threat to constituent parts of the IoT-based system. In this way, threat instances can be extracted using the proposed derivation rules. Finally, we evaluate our method on a smart car parking scenario as well as on an E-Health system and identify more than 50 threat instances in each cases to show that the method can be easily generalized for other IoT-based systems whose constituent parts are known.

A term systems of systems (SoS) refers to a setup in which a number of independent systems collaborate to create a value that each of them is unable to achieve independently. Complexity of a SoS structure is higher compared to its constitute systems that brings challenges in analyzing its critical properties such as security. An SoS can be seen as a set of connected systems or services that needs to be adequately protected. Communication between such systems or services can be considered as a service itself, and it is the paramount for establishment of a SoS as it enables connections, dependencies, and a cooperation. Given that reliable and predictable communication contributes directly to a correct functioning of an SoS, communication as a service is one of the main assets to consider. Protecting it from malicious adversaries should be one of the highest priorities within SoS design and operation. This study aims to investigate the attack propagation problem in terms of service-guarantees through the decomposition into sub-services enriched with preconditions and postconditions at the service levels. Such analysis is required as a prerequisite for an efficient SoS risk assessment at the design stage of the SoS development life cycle to protect it from possibly high impact attacks capable of affecting safety of systems and humans using the system.

Deep learning is the segment of artificial intelligence which is involved with imitating the learning approach that human beings utilize to get some different types of knowledge. Analyzing videos, a part of deep learning is one of the most basic problems of computer vision and multi-media content analysis for at least 20 years. The job is very challenging as the video contains a lot of information with large differences and difficulties. Human supervision is still required in all surveillance systems. New advancement in computer vision which are observed as an important trend in video surveillance leads to dramatic efficiency gains. We propose a CCTV based theft detection along with tracking of thieves. We use image processing to detect theft and motion of thieves in CCTV footage, without the use of sensors. This system concentrates on object detection. The security personnel can be notified about the suspicious individual committing burglary using Real-time analysis of the movement of any human from CCTV footage and thus gives a chance to avert the same.

A DDoS attack is a spiteful attempt to disrupt legitimate traffic to a server by overwhelming the target with a flood of requests from geographically dispersed systems. Today attackers prefer DDoS attack methods to disrupt target services as they generate GBs to TBs of random data to flood the target. In existing mitigation strategies, because of lack of resources and not having the flexibility to cope with attacks by themselves, they are not considered to be that effective. So effective DDoS mitigation techniques can be provided using emerging technologies such as blockchain and SDN(Software-Defined Networking). We propose an architecture where a smart contract is deployed in a private blockchain, which facilitates a collaborative DDoS mitigation architecture across multiple network domains. Blockchain application is used as an additional security service. With Blockchain, shared protection is enabled among all hosts. With help of smart contracts, rules are distributed among all hosts. In addition, SDN can effectively enable services and security policies dynamically. This mechanism provides ASes(Autonomous Systems) the possibility to deploy their own DPS(DDoS Prevention Service) and there is no need to transfer control of the network to the third party. This paper focuses on the challenges of protecting a hybridized enterprise from the ravages of rapidly evolving Distributed Denial of Service(DDoS) attack.

Large-scale blackouts that have occurred in the past few decades have necessitated the need to do extensive research in the field of grid security assessment. With the aid of synchrophasor technology, which uses phasor measurement unit (PMU) data, dynamic security assessment (DSA) can be performed online. However, existing applications of DSA are challenged by variability in system conditions and unaccounted for measurement errors. To overcome these challenges, this research develops a DSA scheme to provide security prediction in real-time for load profiles of different seasons in presence of realistic errors in the PMU measurements. The major contributions of this paper are: (1) develop a DSA scheme based on PMU data, (2) consider seasonal load profiles, (3) account for varying penetrations of renewable generation, and (4) compare the accuracy of different machine learning (ML) algorithms for DSA with and without erroneous measurements. The performance of this approach is tested on the IEEE-118 bus system. Comparative analysis of the accuracies of the ML algorithms under different operating scenarios highlights the importance of considering realistic errors and variability in system conditions while creating a DSA scheme.

In this paper, we design a model for resource allocation in IoT system considering the cyber security, to achieve optimal resource allocation when defend the attack and threat. The resource allocation problem is constructed as a dynamic game, where the threat level is the state and the defend cost is the objective function. Open loop solution and feedback solutions are both given to the defender as the optimal control variables under different solutions situations. The optimal allocated resource and the optimal threat level for the defender is simulated through the numerical simulations.

It is important to provide strong security for IoT devices with limited security related resources. We introduce a new dynamic security agent management framework, which dynamically chooses the best security agent to support security functions depending on the applications' security requirements of IoT devices in the system. This framework is designed to overcome the challenges including high computation costs, multiple security protocol compatibility, and efficient energy management in IoT system.

This paper presents an overview of the H2020 project VESSEDIA [9] aimed at verifying the security and safety of modern connected systems also called IoT. The originality relies in using Formal Methods inherited from high-criticality applications domains to analyze the source code at different levels of intensity, to gather possible faults and weaknesses. The analysis methods are mostly exhaustive an guarantee that, after analysis, the source code of the application is error-free. This paper is structured as follows: after an introductory section 1 giving some factual data, section 2 presents the aims and the problems addressed; section 3 describes the project's use-cases and section 4 describes the proposed approach for solving these problems and the results achieved until now; finally, section 5 discusses some remaining future work.

Data security is the main challenge in Internet of Things (IoT) applications. Security strength and the immunity to security attacks depend mainly on the available power budget. The power-security level trade-off is the main challenge for low power IoT applications, especially, energy limited IoT applications. In this paper, multiple encryption modes that provide different power consumption and security level values are hardware implemented. In other words, some modes provide high security levels at the expense of high power consumption and other modes provide low power consumption with low security level. Dynamic Partial Reconfiguration (DPR) is utilized to adaptively configure the hardware security module based on the available power budget. For example, for a given power constraint, the DPR controller configures the security module with the security mode that meets the available power constraint. ZC702 evaluation board is utilized to implement the proposed encryption modes using DPR. A Lightweight Authenticated Cipher (ACORN) is the most suitable encryption mode for low power IoT applications as it consumes the minimum power and area among the selected candidates at the expense of low throughput. The whole DPR system is tested with a maximum dynamic power dissipation of 10.08 mW. The suggested DPR system saves about 59.9% of the utilized LUTs compared to the individual implementation of the selected encryption modes.

This paper presents a methodology for utilizing Phasor Measurement units (PMUs) for procuring real time synchronized measurements for assessing the security of the power system dynamically. The concept of wide-area dynamic security assessment considers transient instability in the proposed methodology. Intelligent framework based approach for online dynamic security assessment has been suggested wherein the database consisting of critical features associated with the system is generated for a wide range of contingencies, which is utilized to build the data mining model. This data mining model along with the synchronized phasor measurements is expected to assist the system operator in assessing the security of the system pertaining to a particular contingency, thereby also creating possibility of incorporating control and preventive measures in order to avoid any unforeseen instability in the system. The proposed technique has been implemented on IEEE 39 bus system for accurately indicating the security of the system and is found to be quite robust in the case of noise in the measurement data obtained from the PMUs.

Chinese Remainder Theorem (CRT) is one of the spatial domain methods that is more implemented in the data hiding method watermarking. CRT is used to improve security and imperceptibility in the watermarking method. CRT is rarely studied in studies that discuss steganographic images. Steganography research focuses more on increasing imperceptibility, embedded payload, and message security, so methods like LSB are still popular to be developed to date. CRT and LSB have some similarities such as default payload capacity and both are methods in the spatial domain which can produce good imperceptibility quality of stego image. But CRT is very superior in terms of security, so CRT is also widely used in cryptographic algorithms. Some ways to increase imperceptibility in image steganography are edge detection and spread spectrum embedding. This research proposes a combination of edge detection techniques and spread-spectrum embedding based on the CRT method to produce imperceptibility and safe image steganography method. Based on the test results it is proven that the combination of the proposed methods can increase imperceptibility of CRT-based steganography based on SSIM metric.

The progressed computational abilities of numerous asset compelled gadgets mobile phones have empowered different research zones including picture recovery from enormous information stores for various IoT applications. The real difficulties for picture recovery utilizing cell phones in an IoT situation are the computational intricacy and capacity. To manage enormous information in IoT condition for picture recovery a light-weighted profound learning base framework for vitality obliged gadgets. The framework initially recognizes and crop face areas from a picture utilizing Viola-Jones calculation with extra face classifier to take out the identification issue. Besides, the utilizes convolutional framework layers of a financially savvy pre-prepared CNN demonstrate with characterized highlights to speak to faces. Next, highlights of the huge information vault are listed to accomplish a quicker coordinating procedure for constant recovery. At long last, Euclidean separation is utilized to discover comparability among question and archive pictures. For exploratory assessment, we made a nearby facial pictures dataset it including equally single and gathering face pictures. In the dataset can be utilized by different specialists as a scale for examination with other ongoing facial picture recovery frameworks. The trial results demonstrate that our planned framework beats other cutting edge highlight extraction strategies as far as proficiency and recovery for IoT-helped vitality obliged stages.

We consider the problem of attack detection for IoT networks based only on passively collected network parameters. For the first time in the literature, we develop a blind attack detection method based on data conformity evaluation. Network parameters collected passively, are converted to their conformity values through iterative projections on refined L1-norm tensor subspaces. We demonstrate our algorithmic development in a case study for a simulated star topology network. Type of attack, affected devices, as well as, attack time frame can be easily identified.

Anomaly detection generally involves the extraction of features from entities' or users' properties, and the design of anomaly detection models using machine learning or deep learning algorithms. However, only considering entities' property information could lead to high false positives. We posit the importance of also considering connections or relationships between entities in the detecting of anomalous behaviors and associated threat groups. Therefore, in this paper, we design a GCN (graph convolutional networks) based anomaly detection model to detect anomalous behaviors of users and malicious threat groups. The GCN model could characterize entities' properties and structural information between them into graphs. This allows the GCN based anomaly detection model to detect both anomalous behaviors of individuals and associated anomalous groups. We then evaluate the proposed model using a real-world insider threat data set. The results show that the proposed model outperforms several state-of-art baseline methods (i.e., random forest, logistic regression, SVM, and CNN). Moreover, the proposed model can also be applied to other anomaly detection applications.

The amount of connected devices in the industrial environment is growing continuously, due to the ongoing demands of new features like predictive maintenance. New business models require more data, collected by IIoT edge node sensors based on inexpensive and low performance Microcontroller Units (MCUs). A negative side effect of this rise of interconnections is the increased attack surface, enabled by a larger network with more network services. Attaching badly documented and cheap devices to industrial networks often without permission of the administrator even further increases the security risk. A decent method to monitor the network and detect “unwanted” devices is network scanning. Typically, this scanning procedure is executed by a computer or server in each sub-network. In this paper, we introduce network scanning and mapping as a building block to scan directly from the Industrial Internet of Things (IIoT) edge node devices. This module scans the network in a pseudo-random periodic manner to discover devices and detect changes in the network structure. Furthermore, we validate our approach in an industrial testbed to show the feasibility of this approach.

With the rapid development of the Internet, preserving the security of confidential data has become a challenging issue. An effective method to this end is to apply steganography techniques. In this paper, we propose an efficient steganography algorithm which applies edge detection and MPC algorithm for data concealment in digital images. The proposed edge detection scheme partitions the given image, namely cover image, into blocks. Next, it identifies the edge blocks based on the variance of their corner pixels. Embedding the confidential data in sharp edges causes less distortion in comparison to the smooth areas. To diminish the imposed distortion by data embedding in edge blocks, we employ LSB and MPC algorithms. In the proposed scheme, the blocks are split into some groups firstly. Next, a full tree is constructed per group using the LSBs of its pixels. This tree is converted into another full tree in some rounds. The resultant tree is used to modify the considered LSBs. After the accomplishment of the data embedding process, the final image, which is called stego image, is derived. According to the experimental results, the proposed algorithm improves PSNR with at least 5.4 compared to the previous schemes.

In the current society, people pay more and more attention to identity security, especially in the case of some highly confidential or personal privacy, one-to-one identification is particularly important. The iris recognition just has the characteristics of high efficiency, not easy to be counterfeited, etc., which has been promoted as an identity technology. This paper has carried out research on daugman algorithm and iris edge detection.

In last few years, Proxy Re-Encryption has been used for forwarding the encrypted message to the user, these users are the one who has not been a part of encryption. In the past several scheme were developed in order to provide the efficient and secure proxy re-encryption. However, these methodology mainly focused on features like maximum key privacy, minimal trust proxy and others. In such cases the efficiency and security was mainly ignored. Hence, in order to provide the efficient and secure proxy re-encryption, we proposed an algorithm named as MLBC (Modified Lattice Based Cryptography) is proposed. Our method is based on the PKE (Public Key Encryption) and it provides more efficiency when compared to the other cryptography technique. Later in order to evaluate the algorithm simulation is done based on several parameter such as encryption time, proxy key generation time, Re-encryption time and Total computation time. Later, it is compared with the existing algorithm and the plotted graph clearly shows that our algorithm outperforms the existing algorithm.

In recent years, image steganography is being considered as one of the methods to secure the confidentiality of sensitive and private data sent over networks. Conventional image steganography techniques use cover images to hide secret messages. These techniques are susceptible to steganalysis algorithms based on anomaly detection. This paper proposes a new approach to image steganography without using cover images. In addition, it utilizes Deoxyribonucleic Acid (DNA) sequences. DNA sequences are used to generate key and stego-image. Experimental results show that the use of DNA sequences in this technique offer very low cracking probability and the coverless approach contributes to its high embedding capacity.

Named Data Networking (NDN) is a new network architecture that has been projected as the future of internet architecture. Unlike the traditional internet approach which currently relies on client-server communication models to communicate each other, NDN relies on data as an entity. Hence the users only need the content and applications based on data naming, as there is no IP addresses needed. NDN is different than TCP/IP technology as NDN signs the data with Digital Signature to secure each data authenticity. Regarding huge number of uses on IP-based network, and the minimum number of NDN-based network implementation, the NDN-IP gateway are needed to map and forward the data from IP-based network to NDN-based network, and vice versa. These gateways are called Custom-Router Gateway in this study. The Custom-Router Gateway requires a new mechanism in conducting Digital Signature so that authenticity the data can be verified when it passes through the NDN-IP Custom-Router Gateway. This study propose a method to process the Digital Signature for the packet flows from IP-based network through NDN-based network. Future studies are needed to determine the impact of Digital Signature processing on the performance in forwarding the data from IP-based to NDN-based network and vice versa.

In recent times, online services are playing a crucial role in our day-to-day life applications. Inspite of their advantage, it also have certain security challenges in the communication network. Security aspects consists of authentication of users, confidentiality of data/information as well as integrity of data. In order to achieve all these parameters, the sensitive information must be digitally signed by the original sender and later verified by the intended recipient. Therefore, research on digital signatures should be further developed to improve the data security and authenticity of the transferred data. In this paper, a secured digital signature algorithm is designed. The design of secure digital signature uses the concept of hybridization of secure hash code, DNA encryption/decryption technique and elgamal encryption/decryption techniques. The use of SHA algorithm generates a secure hash code and hybridization of encryption algorithm reduces the computational complexity and this research method is then compared with existing PlayGamal algorithm with respect to encryption/decryption time complexity.