Visible to the public Biblio

Filters: Keyword is attacks  [Clear All Filters]
2021-09-30
Desnitsky, Vasily A., Kotenko, Igor V., Parashchuk, Igor B..  2020.  Neural Network Based Classification of Attacks on Wireless Sensor Networks. 2020 IEEE Conference of Russian Young Researchers in Electrical and Electronic Engineering (EIConRus). :284–287.
The paper proposes a method for solving problems of classifying multi-step attacks on wireless sensor networks in the conditions of uncertainty (incompleteness and inconsistency) of the observed signs of attacks. The method aims to eliminate the uncertainty of classification of attacks on networks of this class one the base of the use of neural network approaches to the processing of incomplete and contradictory knowledge on possible attack characteristics. It allows increasing objectivity (accuracy and reliability) of information security monitoring in modern software and hardware systems and Internet of Things networks that actively exploit advantages of wireless sensor networks.
2021-09-07
Jonker, Mattijs, Sperotto, Anna, Pras, Aiko.  2020.  DDoS Mitigation: A Measurement-Based Approach. NOMS 2020 - 2020 IEEE/IFIP Network Operations and Management Symposium. :1–6.
Society heavily relies upon the Internet for global communications. Simultaneously, Internet stability and reliability are continuously subject to deliberate threats. These threats include (Distributed) Denial-of-Service (DDoS) attacks, which can potentially be devastating. As a result of DDoS, businesses lose hundreds of millions of dollars annually. Moreover, when it comes to vital infrastructure, national safety and even lives could be at stake. Effective defenses are therefore an absolute necessity. Prospective users of readily available mitigation solutions find themselves having many shapes and sizes to choose from, the right fit of which may, however, not always be apparent. In addition, the deployment and operation of mitigation solutions may come with hidden hazards that need to be better understood. Policy makers and governments also find themselves facing questions concerning what needs to be done to promote cybersafety on a national level. Developing an optimal course of action to deal with DDoS, therefore, also brings about societal challenges. Even though the DDoS problem is by no means new, the scale of the problem is still unclear. We do not know exactly what it is we are defending against and getting a better understanding of attacks is essential to addressing the problem head-on. To advance situational awareness, many technical and societal challenges need still to be tackled. Given the central importance of better understanding the DDoS problem to improve overall Internet security, the thesis that we summarize in this paper has three main contributions. First, we rigorously characterize attacks and attacked targets at scale. Second, we advance knowledge about the Internet-wide adoption, deployment and operational use of various mitigation solutions. Finally, we investigate hidden hazards that can render mitigation solutions altogether ineffective.
2021-08-12
Abbas, Syed Ghazanfar, Husnain, Muhammad, Fayyaz, Ubaid Ullah, Shahzad, Farrukh, Shah, Ghalib A., Zafar, Kashif.  2020.  IoT-Sphere: A Framework to Secure IoT Devices from Becoming Attack Target and Attack Source. 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom). :1402—1409.
In this research we propose a framework that will strengthen the IoT devices security from dual perspectives; avoid devices to become attack target as well as a source of an attack. Unlike traditional devices, IoT devices are equipped with insufficient host-based defense system and a continuous internet connection. All time internet enabled devices with insufficient security allures the attackers to use such devices and carry out their attacks on rest of internet. When plethora of vulnerable devices become source of an attack, intensity of such attacks increases exponentially. Mirai was one of the first well-known attack that exploited large number of vulnerable IoT devices, that bring down a large part of Internet. To strengthen the IoT devices from dual security perspective, we propose a two step framework. Firstly, confine the communication boundary of IoT devices; IoT-Sphere. A sphere of IPs that are allowed to communicate with a device. Any communication that violates the sphere will be blocked at the gateway level. Secondly, only allowed communication will be evaluated for potential attacks and anomalies using advance detection engines. To show the effectiveness of our proposed framework, we perform couple of attacks on IoT devices; camera and google home and show the feasibility of IoT-Sphere.
2021-08-11
Saeed, Imtithal A., Selamat, Ali, Rohani, Mohd Foad, Krejcar, Ondrej, Chaudhry, Junaid Ahsenali.  2020.  A Systematic State-of-the-Art Analysis of Multi-Agent Intrusion Detection. IEEE Access. 8:180184–180209.
Multi-agent architectures have been successful in attaining considerable attention among computer security researchers. This is so, because of their demonstrated capabilities such as autonomy, embedded intelligence, learning and self-growing knowledge-base, high scalability, fault tolerance, and automatic parallelism. These characteristics have made this technology a de facto standard for developing ambient security systems to meet the open and dynamic nature of today's online communities. Although multi-agent architectures are increasingly studied in the area of computer security, there is still not enough empirical evidence on their performance in intrusions and attacks detection. The aim of this paper is to report the systematic literature review conducted in the context of specific research questions, to investigate multi-agent IDS architectures to highlight the issues that affect their performance in terms of detection accuracy and response time. We used pertinent keywords and terms to search and retrieve the most recent research studies, on multi-agent IDS architectures, from the major research databases and digital libraries such as SCOPUS, Springer, and IEEE Explore. The search processes resulted in a number of studies; among them, there were journal articles, book chapters, conference papers, dissertations, and theses. The obtained studies were assessed and filtered out, and finally, there were over 71 studies chosen to answer the research questions. The results of this study have shown that multi-agent architectures include several advantages that can help in the development of ambient IDS. However, it has been found that there are several issues in the current multi-agent IDS architectures that may degrade the accuracy and response time of intrusions and attacks detection. Based on our findings, the issues of multi-agent IDS architectures include limitations in the techniques, mechanisms, and schemes used for multi-agent IDS adaptation and learning, load balancing, scalability, fault-tolerance, and high communication overhead. It has also been found that new measurement metrics are required for evaluating multi-agent IDS architectures.
2021-08-02
Mustafa, Ahmed Shamil, Hamdi, Mustafa Maad, Mahdi, Hussain Falih, Abood, Mohammed Salah.  2020.  VANET: Towards Security Issues Review. 2020 IEEE 5th International Symposium on Telecommunication Technologies (ISTT). :151–156.
The Ad-hoc vehicle networks (VANETs) recently stressed communications and networking technologies. VANETs vary from MANETs in tasks, obstacles, system architecture and operation. Smart vehicles and RSUs communicate through unsafe wireless media. By nature, they are vulnerable to threats that can lead to life-threatening circumstances. Due to potentially bad impacts, security measures are needed to recognize these VANET assaults. In this review paper of VANET security, the new VANET approaches are summarized by addressing security complexities. Second, we're reviewing these possible threats and literature recognition mechanisms. Finally, the attacks and their effects are identified and clarified and the responses addressed together.
2021-05-25
Silitonga, Arthur, Becker, Juergen.  2020.  Security-driven Cross-Layer Model Description of a HW/SW Framework for AP MPSoC-based Computing Device. 2020 IEEE International Systems Conference (SysCon). :1—8.

Implementation of Internet-of-Things (IoT) can take place in many applications, for instance, automobiles, and industrial automation. We generally view the role of an Electronic Control Unit (ECU) or industrial network node that is occupied and interconnected in many different configurations in a vehicle or a factory. This condition may raise the occurrence of problems related to security issues, such as unauthorized access to data or components in ECUs or industrial network nodes. In this paper, we propose a hardware (HW)/software (SW) framework having integrated security extensions complemented with various security-related features that later can be implemented directly from the framework to All Programmable Multiprocessor System-on-Chip (AP MPSoC)-based ECUs. The framework is a software-defined one that can be configured or reconfigured in a higher level of abstraction language, including High-Level Synthesis (HLS), and the output of the framework is hardware configuration in multiprocessor or reconfigurable components in the FPGA. The system comprises high-level requirements, covert and side-channel estimation, cryptography, optimization, artificial intelligence, and partial reconfiguration. With this framework, we may reduce the design & development time, and provide significant flexibility to configure/reconfigure our framework and its target platform equipped with security extensions.

2021-03-09
Oosthoek, K., Doerr, C..  2020.  From Hodl to Heist: Analysis of Cyber Security Threats to Bitcoin Exchanges. 2020 IEEE International Conference on Blockchain and Cryptocurrency (ICBC). :1—9.

Bitcoin is gaining traction as an alternative store of value. Its market capitalization transcends all other cryptocurrencies in the market. But its high monetary value also makes it an attractive target to cyber criminal actors. Hacking campaigns usually target the weakest points in an ecosystem. In Bitcoin, these are currently the exchange platforms. As each exchange breach potentially decreases Bitcoin's market value by billions, it is a threat not only to direct victims, but to everyone owning Bitcoin. Based on an extensive analysis of 36 breaches of Bitcoin exchanges, we show the attack patterns used to exploit Bitcoin exchange platforms using an industry standard for reporting intelligence on cyber security breaches. Based on this we are able to provide an overview of the most common attack vectors, showing that all except three hacks were possible due to relatively lax security. We also show that while the security regimen of Bitcoin exchanges is not on par with other financial service providers, the use of stolen credentials, which does not require any hacking, is decreasing. We also show that the amount of BTC taken during a breach is decreasing, as well as the exchanges that terminate after being breached. With exchanges being targeted by nation-state hacking groups, security needs to be a first concern.

2021-02-08
Arunpandian, S., Dhenakaran, S. S..  2020.  DNA based Computing Encryption Scheme Blending Color and Gray Images. 2020 International Conference on Communication and Signal Processing (ICCSP). :0966–0970.

In this paper, a novel DNA based computing method is proposed for encryption of biometric color(face)and gray fingerprint images. In many applications of present scenario, gray and color images are exhibited major role for authenticating identity of an individual. The values of aforementioned images have considered as two separate matrices. The key generation process two level mathematical operations have applied on fingerprint image for generating encryption key. For enhancing security to biometric image, DNA computing has done on the above matrices generating DNA sequence. Further, DNA sequences have scrambled to add complexity to biometric image. Results of blending images, image of DNA computing has shown in experimental section. It is observed that the proposed substitution DNA computing algorithm has shown good resistant against statistical and differential attacks.

2021-02-03
Devi, B. T., Shitharth, S., Jabbar, M. A..  2020.  An Appraisal over Intrusion Detection Systems in Cloud Computing Security Attacks. 2020 2nd International Conference on Innovative Mechanisms for Industry Applications (ICIMIA). :722—727.

Cloud computing provides so many groundbreaking advantages over native computing servers like to improve capacity and decrease costs, but meanwhile, it carries many security issues also. In this paper, we find the feasible security attacks made about cloud computing, including Wrapping, Browser Malware-Injection and Flooding attacks, and also problems caused by accountability checking. We have also analyzed the honey pot attack and its procedural intrusion way into the system. This paper on overall deals with the most common security breaches in cloud computing and finally honey pot, in particular, to analyze its intrusion way. Our major scope is to do overall security, analyze in the cloud and then to take up with a particular attack to deal with granular level. Honey pot is the one such attack that is taken into account and its intrusion policies are analyzed. The specific honey pot algorithm is in the queue as the extension of this project in the future.

2021-02-01
Mangaokar, N., Pu, J., Bhattacharya, P., Reddy, C. K., Viswanath, B..  2020.  Jekyll: Attacking Medical Image Diagnostics using Deep Generative Models. 2020 IEEE European Symposium on Security and Privacy (EuroS P). :139–157.
Advances in deep neural networks (DNNs) have shown tremendous promise in the medical domain. However, the deep learning tools that are helping the domain, can also be used against it. Given the prevalence of fraud in the healthcare domain, it is important to consider the adversarial use of DNNs in manipulating sensitive data that is crucial to patient healthcare. In this work, we present the design and implementation of a DNN-based image translation attack on biomedical imagery. More specifically, we propose Jekyll, a neural style transfer framework that takes as input a biomedical image of a patient and translates it to a new image that indicates an attacker-chosen disease condition. The potential for fraudulent claims based on such generated `fake' medical images is significant, and we demonstrate successful attacks on both X-rays and retinal fundus image modalities. We show that these attacks manage to mislead both medical professionals and algorithmic detection schemes. Lastly, we also investigate defensive measures based on machine learning to detect images generated by Jekyll.
2020-12-28
Sonekar, S. V., Pal, M., Tote, M., Sawwashere, S., Zunke, S..  2020.  Computation Termination and Malicious Node Detection using Finite State Machine in Mobile Adhoc Networks. 2020 7th International Conference on Computing for Sustainable Global Development (INDIACom). :156—161.

The wireless technology has knocked the door of tremendous usage and popularity in the last few years along with a high growth rate for new applications in the networking domain. Mobile Ad hoc Networks (MANETs) is solitary most appealing, alluring and challenging field where in the participating nodes do not require any active, existing and centralized system or rigid infrastructure for execution purpose and thus nodes have the moving capability on arbitrary basis. Radio range nodes directly communicate with each other through the wireless links whereas outside range nodes uses relay principle for communication. Though it is a rigid infrastructure less environment and has high growth rate but security is a major concern and becomes vital part of providing hostile free environment for communication. The MANET imposes several prominent challenges such as limited energy reserve, resource constraints, highly dynamic topology, sharing of wireless medium, energy inefficiency, recharging of the batteries etc. These challenges bound to make MANET more susceptible, more close to attacks and weak unlike the wired line networks. Theresearch paperismainly focused on two aspects, one is computation termination of cluster head algorithm and another is use of finite state machine for attacks identification.

Kumar, R., Mishra, A. K., Singh, D. K..  2020.  Packet Loss Avoidance in Mobile Adhoc Network by using Trusted LDoS Techniques. 2nd International Conference on Data, Engineering and Applications (IDEA). :1—5.
Packet loss detection and prevention is full-size module of MANET protection systems. In trust based approach routing choices are managed with the aid of an unbiased have faith table. Traditional trust-based techniques unsuccessful to notice the essential underlying reasons of a malicious events. AODV is an approachable routing set of guidelines i.e.it finds a supply to an endpoint only on request. LDoS cyber-attacks ship assault statistics packets after period to time in a brief time period. The community multifractal ought to be episodic when LDoS cyber-attacks are hurled unpredictably. Real time programs in MANET necessitate certain QoS advantages, such as marginal end-to-end facts packet interval and unobjectionable records forfeiture. Identification of malevolent machine, information security and impenetrable direction advent in a cell system is a key tasks in any wi-fi network. However, gaining the trust of a node is very challenging, and by what capability it be able to get performed is quiet ambiguous. This paper propose a modern methodology to detect and stop the LDoS attack and preserve innocent from wicked nodes. In this paper an approach which will improve the safety in community by identifying the malicious nodes using improved quality grained packet evaluation method. The approach also multiplied the routing protection using proposed algorithm The structure also accomplish covered direction-finding to defend Adhoc community against malicious node. Experimentally conclusion factor out that device is fine fabulous for confident and more advantageous facts communication.
Antonioli, D., Tippenhauer, N. O., Rasmussen, K..  2020.  BIAS: Bluetooth Impersonation AttackS. 2020 IEEE Symposium on Security and Privacy (SP). :549—562.
Bluetooth (BR/EDR) is a pervasive technology for wireless communication used by billions of devices. The Bluetooth standard includes a legacy authentication procedure and a secure authentication procedure, allowing devices to authenticate to each other using a long term key. Those procedures are used during pairing and secure connection establishment to prevent impersonation attacks. In this paper, we show that the Bluetooth specification contains vulnerabilities enabling to perform impersonation attacks during secure connection establishment. Such vulnerabilities include the lack of mandatory mutual authentication, overly permissive role switching, and an authentication procedure downgrade. We describe each vulnerability in detail, and we exploit them to design, implement, and evaluate master and slave impersonation attacks on both the legacy authentication procedure and the secure authentication procedure. We refer to our attacks as Bluetooth Impersonation AttackS (BIAS).Our attacks are standard compliant, and are therefore effective against any standard compliant Bluetooth device regardless the Bluetooth version, the security mode (e.g., Secure Connections), the device manufacturer, and the implementation details. Our attacks are stealthy because the Bluetooth standard does not require to notify end users about the outcome of an authentication procedure, or the lack of mutual authentication. To confirm that the BIAS attacks are practical, we successfully conduct them against 31 Bluetooth devices (28 unique Bluetooth chips) from major hardware and software vendors, implementing all the major Bluetooth versions, including Apple, Qualcomm, Intel, Cypress, Broadcom, Samsung, and CSR.
2020-12-17
Basan, E., Gritsynin, A., Avdeenko, T..  2019.  Framework for Analyzing the Security of Robot Control Systems. 2019 International Conference on Information Systems and Computer Science (INCISCOS). :354—360.

The purpose of this work is to analyze the security model of a robotized system, to analyze the approaches to assessing the security of this system, and to develop our own framework. The solution to this problem involves the use of developed frameworks. The analysis will be conducted on a robotic system of robots. The prefix structures assume that the robotic system is divided into levels, and after that it is necessary to directly protect each level. Each level has its own characteristics and drawbacks that must be considered when developing a security system for a robotic system.

2020-12-11
Kousri, M. R., Deniau, V., Gransart, C., Villain, J..  2019.  Optimized Time-Frequency Processing Dedicated to the Detection of Jamming Attacks on Wi-Fi Communications. 2019 URSI Asia-Pacific Radio Science Conference (AP-RASC). :1—4.

Attacks by Jamming on wireless communication network can provoke Denial of Services. According to the communication system which is affected, the consequences can be more or less critical. In this paper, we propose to develop an algorithm which could be implemented at the reception stage of a communication terminal in order to detect the presence of jamming signals. The work is performed on Wi-Fi communication signals and demonstrates the necessity to have a specific signal processing at the reception stage to be able to detect the presence of jamming signals.

2020-12-01
SAADI, C., kandrouch, i, CHAOUI, H..  2019.  Proposed security by IDS-AM in Android system. 2019 5th International Conference on Optimization and Applications (ICOA). :1—7.

Mobile systems are always growing, automatically they need enough resources to secure them. Indeed, traditional techniques for protecting the mobile environment are no longer effective. We need to look for new mechanisms to protect the mobile environment from malicious behavior. In this paper, we examine one of the most popular systems, Android OS. Next, we will propose a distributed architecture based on IDS-AM to detect intrusions by mobile agents (IDS-AM).

2020-10-19
Indira, K, Ajitha, P, Reshma, V, Tamizhselvi, A.  2019.  An Efficient Secured Routing Protocol for Software Defined Internet of Vehicles. 2019 International Conference on Computational Intelligence in Data Science (ICCIDS). :1–4.
Vehicular ad hoc network is one of most recent research areas to deploy intelligent Transport System. Due to their highly dynamic topology, energy constrained and no central point coordination, routing with minimal delay, minimal energy and maximize throughput is a big challenge. Software Defined Networking (SDN) is new paradigm to improve overall network lifetime. It incorporates dynamic changes with minimal end-end delay, and enhances network intelligence. Along with this, intelligence secure routing is also a major constraint. This paper proposes a novel approach to Energy efficient secured routing protocol for Software Defined Internet of vehicles using Restricted Boltzmann Algorithm. This algorithm is to detect hostile routes with minimum delay, minimum energy and maximum throughput compared with traditional routing protocols.
2020-09-28
Chen, Yuqi, Poskitt, Christopher M., Sun, Jun.  2018.  Learning from Mutants: Using Code Mutation to Learn and Monitor Invariants of a Cyber-Physical System. 2018 IEEE Symposium on Security and Privacy (SP). :648–660.
Cyber-physical systems (CPS) consist of sensors, actuators, and controllers all communicating over a network; if any subset becomes compromised, an attacker could cause significant damage. With access to data logs and a model of the CPS, the physical effects of an attack could potentially be detected before any damage is done. Manually building a model that is accurate enough in practice, however, is extremely difficult. In this paper, we propose a novel approach for constructing models of CPS automatically, by applying supervised machine learning to data traces obtained after systematically seeding their software components with faults ("mutants"). We demonstrate the efficacy of this approach on the simulator of a real-world water purification plant, presenting a framework that automatically generates mutants, collects data traces, and learns an SVM-based model. Using cross-validation and statistical model checking, we show that the learnt model characterises an invariant physical property of the system. Furthermore, we demonstrate the usefulness of the invariant by subjecting the system to 55 network and code-modification attacks, and showing that it can detect 85% of them from the data logs generated at runtime.
2020-09-18
Ling, Mee Hong, Yau, Kok-Lim Alvin.  2019.  Can Reinforcement Learning Address Security Issues? an Investigation into a Clustering Scheme in Distributed Cognitive Radio Networks 2019 International Conference on Information Networking (ICOIN). :296—300.

This paper investigates the effectiveness of reinforcement learning (RL) model in clustering as an approach to achieve higher network scalability in distributed cognitive radio networks. Specifically, it analyzes the effects of RL parameters, namely the learning rate and discount factor in a volatile environment, which consists of member nodes (or secondary users) that launch attacks with various probabilities of attack. The clusterhead, which resides in an operating region (environment) that is characterized by the probability of attacks, countermeasures the malicious SUs by leveraging on a RL model. Simulation results have shown that in a volatile operating environment, the RL model with learning rate α= 1 provides the highest network scalability when the probability of attacks ranges between 0.3 and 0.7, while the discount factor γ does not play a significant role in learning in an operating environment that is volatile due to attacks.

2020-09-04
Khan, Samar, Khodke, Priti A., Bhagat, Amol P..  2018.  An Approach to Fault Tolerant Key Generation and Secure Spread Spectrum Communiction. 2018 International Conference on Research in Intelligent and Computing in Engineering (RICE). :1—6.
Wireless communications have encountered a considerable improvement and have integrated human life through various applications, mainly by the widespread of mobile ad hoc and sensor networks. A fundamental characteristic of wireless communications are in their broadcast nature, which allows accessibility of information without placing restrictions on a user's location. However, accessibility also makes wireless communications vulnerable to eavesdropping. To enhance the security of network communication, we propose a separate key generation server which is responsible for key generation using complex random algorithm. The key will remain in database in encrypted format. To prevent brute force attack, we propose various group key generation algorithms in which every group will have separate group key to verify group member's identity. The group key will be verified with the session information before decryption, so that our system will prevent attack if any attacker knows the group key. To increase the security of the system, we propose three level encryption securities: Client side encryption using AES, Server side encryption using AES, and Artificial noise generation and addition. By using this our system is free from brute force attack as we are using three level message security and complex Random key generation algorithms.
2020-07-06
Sheela, A., Revathi, S., Iqbal, Atif.  2019.  Cyber Risks Assessment For Intelligent And Non-Intelligent Attacks In Power System. 2019 2nd International Conference on Power and Embedded Drive Control (ICPEDC). :40–45.
Smart power grid is a perfect model of Cyber Physical System (CPS) which is an important component for a comfortable life. The major concern of the electrical network is safety and reliable operation. A cyber attacker in the operation of power system would create a major damage to the entire power system structure and affect the continuity of the power supply by adversely changing its parameters. A risk assessment method is presented for evaluating the cyber security assessment of power systems taking into consideration the need for protection systems. The paper considers the impact of bus and transmission line protection systems located in substations on the cyber physical performance of power systems. The proposed method is to simulate the response of power systems to sudden attacks on various power system preset value and parameters. This paper focuses on the cyber attacks which occur in a co-ordinated way so that many power system components will be in risk. The risk can be modelled as the combined probability of power system impact due to attacks and of successful interruption into the system. Stochastic Petri Nets is employed for assessing the risks. The effectiveness of the proposed cyber security risk assessment method is simulated for a IEEE39 bus system.
2020-06-01
Nandhini, P.S., Mehtre, B.M..  2019.  Intrusion Detection System Based RPL Attack Detection Techniques and Countermeasures in IoT: A Comparison. 2019 International Conference on Communication and Electronics Systems (ICCES). :666—672.

Routing Protocol for Low power and Lossy Network (RPL) is a light weight routing protocol designed for LLN (Low Power Lossy Networks). It is a source routing protocol. Due to constrained nature of resources in LLN, RPL is exposed to various attacks such as blackhole attack, wormhole attack, rank attack, version attack, etc. IDS (Intrusion Detection System) is one of the countermeasures for detection and prevention of attacks for RPL based loT. Traditional IDS techniques are not suitable for LLN due to certain characteristics like different protocol stack, standards and constrained resources. In this paper, we have presented various IDS research contribution for RPL based routing attacks. We have also classified the proposed IDS in the literature, according to the detection techniques. Therefore, this comparison will be an eye-opening stuff for future research in mitigating routing attacks for RPL based IoT.

Surnin, Oleg, Hussain, Fatima, Hussain, Rasheed, Ostrovskaya, Svetlana, Polovinkin, Andrey, Lee, JooYoung, Fernando, Xavier.  2019.  Probabilistic Estimation of Honeypot Detection in Internet of Things Environment. 2019 International Conference on Computing, Networking and Communications (ICNC). :191–196.
With the emergence of the Internet of Things (IoT) and the increasing number of resource-constrained interconnected smart devices, there is a noticeable increase in the number of cyber security crimes. In the face of the possible attacks on IoT networks such as network intrusion, denial of service, spoofing and so on, there is a need to develop efficient methods to locate vulnerabilities and mitigate attacks in IoT networks. Without loss of generality, we consider only intrusion-related threats to IoT. A honeypot is a system used to understand the potential dynamic threats and act as a proactive measure to detect any intrusion into the network. It is used as a trap for intruders to control unauthorized access to the network by analyzing malicious traffic. However, a sophisticated attacker can detect the presence of a honeypot and abort the intrusion mission. Therefore it is essential for honeypots to be undetectable. In this paper, we study and analyze possible techniques for SSH and telnet honeypot detection. Moreover, we propose a new methodology for probabilistic estimation of honeypot detection and an automated software implemented this methodology.
2020-04-17
Nair, Harsha, Sridaran, R..  2019.  An Innovative Model (HS) to Enhance the Security in Windows Operating System - A Case Study. 2019 6th International Conference on Computing for Sustainable Global Development (INDIACom). :1207—1211.

Confidentiality, authentication, privacy and integrity are the pillars of securing data. The most generic way of providing security is setting up passwords and usernames collectively known as login credentials. Operating systems use different techniques to ensure security of login credentials yet brute force attacks and dictionary attacks along with various other types which leads to success in passing or cracking passwords.The objective of proposed HS model is to enhance the protection of SAM file used by Windows Registry so that the system is preserved from intruders.

2020-04-06
Shen, Yuanqi, Li, You, Kong, Shuyu, Rezaei, Amin, Zhou, Hai.  2019.  SigAttack: New High-level SAT-based Attack on Logic Encryptions. 2019 Design, Automation Test in Europe Conference Exhibition (DATE). :940–943.
Logic encryption is a powerful hardware protection technique that uses extra key inputs to lock a circuit from piracy or unauthorized use. The recent discovery of the SAT-based attack with Distinguishing Input Pattern (DIP) generation has rendered all traditional logic encryptions vulnerable, and thus the creation of new encryption methods. However, a critical question for any new encryption method is whether security against the DIP-generation attack means security against all other attacks. In this paper, a new high-level SAT-based attack called SigAttack has been discovered and thoroughly investigated. It is based on extracting a key-revealing signature in the encryption. A majority of all known SAT-resilient encryptions are shown to be vulnerable to SigAttack. By formulating the condition under which SigAttack is effective, the paper also provides guidance for the future logic encryption design.