Visible to the public Biblio

Found 2146 results

Filters: Keyword is composability  [Clear All Filters]
2019-07-01
Akhtar, T., Gupta, B. B., Yamaguchi, S..  2018.  Malware propagation effects on SCADA system and smart power grid. 2018 IEEE International Conference on Consumer Electronics (ICCE). :1–6.

Critical infrastructures have suffered from different kind of cyber attacks over the years. Many of these attacks are performed using malwares by exploiting the vulnerabilities of these resources. Smart power grid is one of the major victim which suffered from these attacks and its SCADA system are frequently targeted. In this paper we describe our proposed framework to analyze smart power grid, while its SCADA system is under attack by malware. Malware propagation and its effects on SCADA system is the focal point of our analysis. OMNeT++ simulator and openDSS is used for developing and analyzing the simulated smart power grid environment.

Urias, V. E., Stout, M. S. William, Leeuwen, B. V..  2018.  On the Feasibility of Generating Deception Environments for Industrial Control Systems. 2018 IEEE International Symposium on Technologies for Homeland Security (HST). :1–6.

The cyber threat landscape is a constantly morphing surface; the need for cyber defenders to develop and create proactive threat intelligence is on the rise, especially on critical infrastructure environments. It is commonly voiced that Supervisory Control and Data Acquisition (SCADA) systems and Industrial Control Systems (ICS) are vulnerable to the same classes of threats as other networked computer systems. However, cyber defense in operational ICS is difficult, often introducing unacceptable risks of disruption to critical physical processes. This is exacerbated by the notion that hardware used in ICS is often expensive, making full-scale mock-up systems for testing and/or cyber defense impractical. New paradigms in cyber security have focused heavily on using deception to not only protect assets, but also gather insight into adversary motives and tools. Much of the work that we see in today's literature is focused on creating deception environments for traditional IT enterprise networks; however, leveraging our prior work in the domain, we explore the opportunities, challenges and feasibility of doing deception in ICS networks.

Perez, R. Lopez, Adamsky, F., Soua, R., Engel, T..  2018.  Machine Learning for Reliable Network Attack Detection in SCADA Systems. 2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/ 12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE). :633–638.

Critical Infrastructures (CIs) use Supervisory Control And Data Acquisition (SCADA) systems for remote control and monitoring. Sophisticated security measures are needed to address malicious intrusions, which are steadily increasing in number and variety due to the massive spread of connectivity and standardisation of open SCADA protocols. Traditional Intrusion Detection Systems (IDSs) cannot detect attacks that are not already present in their databases. Therefore, in this paper, we assess Machine Learning (ML) for intrusion detection in SCADA systems using a real data set collected from a gas pipeline system and provided by the Mississippi State University (MSU). The contribution of this paper is two-fold: 1) The evaluation of four techniques for missing data estimation and two techniques for data normalization, 2) The performances of Support Vector Machine (SVM), and Random Forest (RF) are assessed in terms of accuracy, precision, recall and F1score for intrusion detection. Two cases are differentiated: binary and categorical classifications. Our experiments reveal that RF detect intrusions effectively, with an F1score of respectively \textbackslashtextgreater 99%.

Zabetian-Hosseini, A., Mehrizi-Sani, A., Liu, C..  2018.  Cyberattack to Cyber-Physical Model of Wind Farm SCADA. IECON 2018 - 44th Annual Conference of the IEEE Industrial Electronics Society. :4929–4934.

In recent years, there has been a significant increase in wind power penetration into the power system. As a result, the behavior of the power system has become more dependent on wind power behavior. Supervisory control and data acquisition (SCADA) systems responsible for monitoring and controlling wind farms often have vulnerabilities that make them susceptible to cyberattacks. These vulnerabilities allow attackers to exploit and intrude in the wind farm SCADA system. In this paper, a cyber-physical system (CPS) model for the information and communication technology (ICT) model of the wind farm SCADA system integrated with SCADA of the power system is proposed. Cybersecurity of this wind farm SCADA system is discussed. Proposed cyberattack scenarios on the system are modeled and the impact of these cyberattacks on the behavior of the power systems on the IEEE 9-bus modified system is investigated. Finally, an anomaly attack detection algorithm is proposed to stop the attack of tripping of all wind farms. Case studies validate the performance of the proposed CPS model of the test system and the attack detection algorithm.

Kolosok, I., Korkina, E., Mahnitko, A., Gavrilovs, A..  2018.  Supporting Cyber-Physical Security of Electric Power System by the State Estimation Technique. 2018 IEEE 59th International Scientific Conference on Power and Electrical Engineering of Riga Technical University (RTUCON). :1–6.

Security is one of the most important properties of electric power system (EPS). We consider the state estimation (SE) tool as a barrier to the corruption of data on current operating conditions of the EPS. An algorithm for a two-level SE on the basis of SCADA and WAMS measurements is effective in terms of detection of malicious attacks on energy system. The article suggests a methodology to identify cyberattacks on SCADA and WAMS.

Kumar, S., Gaur, N., Kumar, A..  2018.  Developing a Secure Cyber Ecosystem for SCADA Architecture. 2018 Second International Conference on Computing Methodologies and Communication (ICCMC). :559–562.

Advent of Cyber has converted the entire World into a Global village. But, due to vurneabilites in SCADA architecture [1] national assests are more prone to cyber attacks.. Cyber invasions have a catastrophic effect in the minds of the civilian population, in terms of states security system. A robust cyber security is need of the hour to protect the critical information infastructrue & critical infrastructure of a country. Here, in this paper we scrutinize cyber terrorism, vurneabilites in SCADA network systems [1], [2] and concept of cyber resilience to combat cyber attacks.

Senthivel, Saranyan, Dhungana, Shrey, Yoo, Hyunguk, Ahmed, Irfan, Roussev, Vassil.  2018.  Denial of Engineering Operations Attacks in Industrial Control Systems. Proceedings of the Eighth ACM Conference on Data and Application Security and Privacy. :319–329.
We present a new type of attack termed denial of engineering operations in which an attacker can interfere with the normal cycle of an engineering operation leading to a loss of situational awareness. Specifically, the attacker can deceive the engineering software during attempts to retrieve the ladder logic program from a programmable logic controller (PLC) by manipulating the ladder logic on the PLC, such that the software is unable to process it while the PLC continues to execute it successfully. This attack vector can provide sufficient cover for the attacker»s actual scenario to play out while the owner tries to understand the problem and reestablish positive operational control. To enable the forensic analysis and, eventually, eliminate the threat, we have developed the first decompiler for ladder logic programs. Ladder logic is a graphical programming language for PLCs that control physical processes such as power grid, pipelines, and chemical plants; PLCs are a common target of malicious modifications leading to the compromise of the control behavior (and potentially serious consequences). Our decompiler, Laddis, transforms a low-level representation to its corresponding high-level original representation comprising of graphical symbols and connections. The evaluation of the accuracy of the decompiler on the program of varying complexity demonstrates perfect reconstruction of the original program. We present three new attack scenarios on PLC-deployed ladder logic and demonstrate the effectiveness of the decompiler on these scenarios.
de Lima, Davi Ferreira, Bezerra, José Roberto, de Macedo Costa da Silva, Jorge Fredericson.  2018.  Privacy and Integrity Protection of Data in SCADA Systems. Proceedings of the 10th Latin America Networking Conference. :110–114.
The critical infrastructure of a country, due to its relevance and complexity, demands systems to facilitate the user interaction to correctly deal and share the information related to the monitored processes. The systems currently applied to monitor such infrastructures are based on SCADA architecture. The advent of the Internet jointly to the needs of fast information exchange at any place in order to support accurate decision-making processes, demands increasing interconnection among SCADA and management systems. However, such interconnection may expose sensitive data manipulated by such systems to hackers which may cause massive damages, financial loses, threats to human lives among others. Therefore, unprotected data may expose the systems to cyber-criminals by affecting any of the cyber-security principles, Confidentiality, Integrity, and Authenticity. This article presents four study cases using Wireshark to analyze a popular SCADA software to check user authentication process. The result of this research was the reading in plain text of the user authentication data used to access the control and monitoring system. As an immediate and minimal solution, this work presents low cost, easy setup and open source solutions are proposed using VPN and protocol obfuscator to improve security applying cryptography and hide the data passing through Virtual Private Network.
Almehmadi, Abdulaziz.  2018.  SCADA Networks Anomaly-based Intrusion Detection System. Proceedings of the 11th International Conference on Security of Information and Networks. :18:1–18:4.
Intentional attacks1 that cause country wide blackouts, gas and water systems malfunction are actions that can be carried out by a nation to impact on another nation in a mean of war. Supervisory control and data acquisition (SCADA) networks that allow for communication for the utilities companies were designed with no security in mind causing the systems that a nation relies on to fall vulnerable to exploitation. Since SCADA networks are static in nature with pre-defined signatures of network traffic, we propose to design an anomaly-based intrusion detection system to detect abnormality in SCADA network traffic and protocols. We gather normal SCADA network traffic via tapping on the network for 30 days and then attack the network using Denial of Service (DoS) attack, message spoofing attack and man-in-the middle attack. We then train a classifier with two classes, normal and abnormal and report the classifier accuracy in detecting abnormal SCADA network traffic.
Ammar, Zakariya, AlSharif, Ahmad.  2018.  Deployment of IoT-based Honeynet Model. Proceedings of the 6th International Conference on Information Technology: IoT and Smart City. :134–139.
This paper deals with the developing model of a honeynet that depends on the Internet of things (IoT). Due to significant of industrial services, such model helps enhancement of information security detection in industrial domain, the model is designed to detect adversaries whom attempt to attack industrial control systems (ICS) and supervisory control and data acquisition (SCADA) systems. The model consists of hardware and software aspects, designed to focus on ICS services that managed remotely via SCADA systems. In order to prove the work of the model, a few of security tools are used such as Shodan, Nmap and others. These tools have been applied locally inside LAN and globally via internet to get proving results. Ultimately, results contain a list of protocols and ports that represent industry control services. To clarify outputs, it contains tcp/udp ports 623, 102, 1025 and 161 which represent respectively IPMI, S7comm, KAMSTRAP and SNMP services.
2019-06-17
Van Rompay, Cédric, Molva, Refik, Önen, Melek.  2018.  Secure and Scalable Multi-User Searchable Encryption. Proceedings of the 6th International Workshop on Security in Cloud Computing. :15–25.
By allowing a large number of users to behave as readers or writers, Multi-User Searchable Encryption (MUSE) raises new security and performance challenges beyond the typical requirements of Symmetric Searchable Encryption (SSE). In this paper we identify two core mandatory requirements of MUSE protocols being privacy in face of users colluding with the CSP and low complexity for the users, pointing that no existing MUSE protocol satisfies these two requirements at the same time. We then come up with the first MUSE protocol that satisfies both of them. The design of the protocol also includes new constructions for a secure variant of Bloom Filters (BFs) and multi-query Oblivious Transfer (OT).
Yang, Lishan, Cherkasova, Ludmila, Badgujar, Rajeev, Blancaflor, Jack, Konde, Rahul, Mills, Jason, Smirni, Evgenia.  2018.  Evaluating Scalability and Performance of a Security Management Solution in Large Virtualized Environments. Proceedings of the 2018 ACM/SPEC International Conference on Performance Engineering. :168–175.
Virtualized infrastructure is a key capability of modern enterprise data centers and cloud computing, enabling a more agile and dynamic IT infrastructure with fast IT provisioning, simplified, automated management, and flexible resource allocation to handle a broad set of workloads. However, at the same time, virtualization introduces new challenges, since securing virtual servers is more difficult than physical machines. HyTrust Inc. has developed an innovative security solution, called HyTrust Cloud Control (HTCC), to mitigate risks associated with virtualization and cloud technologies. HTCC is a virtual appliance deployed as a transparent proxy in front of a VMware-based virtualized environment. Since HTCC serves as a gateway to a customer virtualized environment, it is important to carefully assess its performance and scalability as well as provide its accurate resource sizing. In this work, we introduce a novel approach for accomplishing this goal. First, we describe a special framework, based on a nested virtualization technique, which enables the creation and deployment of a large scale virtualized environment (with 30,000 VMs) using a limited number of physical servers (4 servers in our experiments). Second, we introduce a design and implementation of a novel, extensible benchmark, called HT-vmbench, that allows to mimic the session-based activities of different system administrators and users in virtualized environments. The benchmark is implemented using VMware Web Service SDK. By executing HT-vmbench in the emulated large-scale virtualized environments, we can support an efficient performance assessment of management and security solutions (such as HTCC), their overhead, and provide capacity planning rules and resource sizing recommendations.
Gu, R., Zhang, X., Yu, L., Zhang, J..  2018.  Enhancing Security and Scalability in Software Defined LTE Core Networks. 2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/ 12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE). :837–842.

The rapid development of mobile networks has revolutionized the way of accessing the Internet. The exponential growth of mobile subscribers, devices and various applications frequently brings about excessive traffic in mobile networks. The demand for higher data rates, lower latency and seamless handover further drive the demand for the improved mobile network design. However, traditional methods can no longer offer cost-efficient solutions for better user quality of experience with fast time-to-market. Recent work adopts SDN in LTE core networks to meet the requirement. In these software defined LTE core networks, scalability and security become important design issues that must be considered seriously. In this paper, we propose a scalable channel security scheme for the software defined LTE core network. It applies the VxLAN for scalable tunnel establishment and MACsec for security enhancement. According to our evaluation, the proposed scheme not only enhances the security of the channel communication between different network components, but also improves the flexibility and scalability of the core network with little performance penalty. Moreover, it can also shed light on the design of the next generation cellular network.

Shif, L., Wang, F., Lung, C..  2018.  Improvement of security and scalability for IoT network using SD-VPN. NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium. :1–5.

The growing interest in the smart device/home/city has resulted in increasing popularity of Internet of Things (IoT) deployment. However, due to the open and heterogeneous nature of IoT networks, there are various challenges to deploy an IoT network, among which security and scalability are the top two to be addressed. To improve the security and scalability for IoT networks, we propose a Software-Defined Virtual Private Network (SD-VPN) solution, in which each IoT application is allocated with its own overlay VPN. The VPN tunnels used in this paper are VxLAN based tunnels and we propose to use the SDN controller to push the flow table of each VPN to the related OpenvSwitch via the OpenFlow protocol. The SD-VPN solution can improve the security of an IoT network by separating the VPN traffic and utilizing service chaining. Meanwhile, it also improves the scalability by its overlay VPN nature and the VxLAN technology.

Blanc, Gregory, Kheir, Nizar, Ayed, Dhouha, Lefebvre, Vincent, de Oca, Edgardo Montes, Bisson, Pascal.  2018.  Towards a 5G Security Architecture: Articulating Software-Defined Security and Security As a Service. Proceedings of the 13th International Conference on Availability, Reliability and Security. :47:1–47:8.

5G is envisioned as a transformation of the communications architecture towards multi-tenant, scalable and flexible infrastructure, which heavily relies on virtualised network functions and programmable networks. In particular, orchestration will advance one step further in blending both compute and data resources, usually dedicated to virtualisation technologies, and network resources into so-called slices. Although 5G security is being developed in current working groups, slice security is seldom addressed. In this work, we propose to integrate security in the slice life cycle, impacting its management and orchestration that relies on the virtualization/softwarisation infrastructure. The proposed security architecture connects the demands specified by the tenants through as-a-service mechanisms with built-in security functions relying on the ability to combine enforcement and monitoring functions within the software-defined network infrastructure. The architecture exhibits desirable properties such as isolating slices down to the hardware resources or monitoring service-level performance.

Noroozi, Hamid, Khodaei, Mohammad, Papadimitratos, Panos.  2018.  VPKIaaS: A Highly-Available and Dynamically-Scalable Vehicular Public-Key Infrastructure. Proceedings of the 11th ACM Conference on Security & Privacy in Wireless and Mobile Networks. :302–304.
The central building block of secure and privacy-preserving Vehicular Communication (VC) systems is a Vehicular Public-Key Infrastructure (VPKI), which provides vehicles with multiple anonymized credentials, termed pseudonyms. These pseudonyms are used to ensure message authenticity and integrity while preserving vehicle (and thus passenger) privacy. In the light of emerging large-scale multi-domain VC environments, the efficiency of the VPKI and, more broadly, its scalability are paramount. In this extended abstract, we leverage the state-of-the-art VPKI system and enhance its functionality towards a highly-available and dynamically-scalable design; this ensures that the system remains operational in the presence of benign failures or any resource depletion attack, and that it dynamically scales out, or possibly scales in, according to the requests' arrival rate. Our full-blown implementation on the Google Cloud Platform shows that deploying a VPKI for a large-scale scenario can be cost-effective, while efficiently issuing pseudonyms for the requesters.
Cao, Gang, Chen, Chen, Jiang, Min.  2018.  A Scalable and Flexible Multi-User Semi-Quantum Secret Sharing. Proceedings of the 2Nd International Conference on Telecommunications and Communication Engineering. :28–32.

In this letter, we proposed a novel scheme for the realization of scalable and flexible semi-quantum secret sharing between a boss and multiple dynamic agent groups. In our scheme, the boss Alice can not only distribute her secret messages to multiple users, but also can dynamically adjust the number of users and user groups based on the actual situation. Furthermore, security analysis demonstrates that our protocol is secure against both external attack and participant attack. Compared with previous schemes, our protocol is more flexible and practical. In addition, since our protocol involving only single qubit measurement that greatly weakens the hardware requirements of each user.

Rouhani, Bita Darvish, Riazi, M. Sadegh, Koushanfar, Farinaz.  2018.  Deepsecure: Scalable Provably-secure Deep Learning. Proceedings of the 55th Annual Design Automation Conference. :2:1–2:6.
This paper presents DeepSecure, the an scalable and provably secure Deep Learning (DL) framework that is built upon automated design, efficient logic synthesis, and optimization methodologies. DeepSecure targets scenarios in which neither of the involved parties including the cloud servers that hold the DL model parameters or the delegating clients who own the data is willing to reveal their information. Our framework is the first to empower accurate and scalable DL analysis of data generated by distributed clients without sacrificing the security to maintain efficiency. The secure DL computation in DeepSecure is performed using Yao's Garbled Circuit (GC) protocol. We devise GC-optimized realization of various components used in DL. Our optimized implementation achieves up to 58-fold higher throughput per sample compared with the best prior solution. In addition to the optimized GC realization, we introduce a set of novel low-overhead pre-processing techniques which further reduce the GC overall runtime in the context of DL. Our extensive evaluations demonstrate up to two orders-of-magnitude additional runtime improvement achieved as a result of our pre-processing methodology.
Kuhnle, Alan, Crawford, Victoria G., Thai, My T..  2018.  Network Resilience and the Length-Bounded Multicut Problem: Reaching the Dynamic Billion-Scale with Guarantees. Abstracts of the 2018 ACM International Conference on Measurement and Modeling of Computer Systems. :81–83.

Motivated by networked systems in which the functionality of the network depends on vertices in the network being within a bounded distance T of each other, we study the length-bounded multicut problem: given a set of pairs, find a minimum-size set of edges whose removal ensures the distance between each pair exceeds T . We introduce the first algorithms for this problem capable of scaling to massive networks with billions of edges and nodes: three highly scalable algorithms with worst-case performance ratios. Furthermore, one of our algorithms is fully dynamic, capable of updating its solution upon incremental vertex / edge additions or removals from the network while maintaining its performance ratio. Finally, we show that unless NP ⊆ BPP, there is no polynomial-time, approximation algorithm with performance ratio better than Omega (T), which matches the ratio of our dynamic algorithm up to a constant factor.

Sasan, Avesta, Zu, Qi, Wamg, Yanzhi, Seo, Jae-sun, Mohsenin, Tinoosh.  2018.  Low Power and Trusted Machine Learning. Proceedings of the 2018 on Great Lakes Symposium on VLSI. :515–515.

In this special discussion session on machine learning, the panel members discuss various issues related to building secure and low power neuromorphic systems. The security of neuromorphic systems may be discussed in term of the reliability of the model, trust in the model, and security of the underlying hardware. The low power aspect of neuromorphic computing systems may be discussed in terms of adaptation of new devices and technologies, the adaptation of new computational models, development of heterogeneous computing frameworks, or dedicated engines for processing neuromorphic models. This session may include discussion on the design space of such supporting hardware, exploring tradeoffs between power/energy, security, scalability, hardware area, performance, and accuracy.

2019-06-10
Nathezhtha, T., Yaidehi, V..  2018.  Cloud Insider Attack Detection Using Machine Learning. 2018 International Conference on Recent Trends in Advance Computing (ICRTAC). :60-65.

Security has always been a major issue in cloud. Data sources are the most valuable and vulnerable information which is aimed by attackers to steal. If data is lost, then the privacy and security of every cloud user are compromised. Even though a cloud network is secured externally, the threat of an internal attacker exists. Internal attackers compromise a vulnerable user node and get access to a system. They are connected to the cloud network internally and launch attacks pretending to be trusted users. Machine learning approaches are widely used for cloud security issues. The existing machine learning based security approaches classify a node as a misbehaving node based on short-term behavioral data. These systems do not differentiate whether a misbehaving node is a malicious node or a broken node. To address this problem, this paper proposes an Improvised Long Short-Term Memory (ILSTM) model which learns the behavior of a user and automatically trains itself and stores the behavioral data. The model can easily classify the user behavior as normal or abnormal. The proposed ILSTM not only identifies an anomaly node but also finds whether a misbehaving node is a broken node or a new user node or a compromised node using the calculated trust factor. The proposed model not only detects the attack accurately but also reduces the false alarm in the cloud network.

Sokolov, A. N., Pyatnitsky, I. A., Alabugin, S. K..  2018.  Research of Classical Machine Learning Methods and Deep Learning Models Effectiveness in Detecting Anomalies of Industrial Control System. 2018 Global Smart Industry Conference (GloSIC). :1-6.

Modern industrial control systems (ICS) act as victims of cyber attacks more often in last years. These attacks are hard to detect and their consequences can be catastrophic. Cyber attacks can cause anomalies in the work of the ICS and its technological equipment. The presence of mutual interference and noises in this equipment significantly complicates anomaly detection. Moreover, the traditional means of protection, which used in corporate solutions, require updating with each change in the structure of the industrial process. An approach based on the machine learning for anomaly detection was used to overcome these problems. It complements traditional methods and allows one to detect signal correlations and use them for anomaly detection. Additional Tennessee Eastman Process Simulation Data for Anomaly Detection Evaluation dataset was analyzed as example of industrial process. In the course of the research, correlations between the signals of the sensors were detected and preliminary data processing was carried out. Algorithms from the most common techniques of machine learning (decision trees, linear algorithms, support vector machines) and deep learning models (neural networks) were investigated for industrial process anomaly detection task. It's shown that linear algorithms are least demanding on computational resources, but they don't achieve an acceptable result and allow a significant number of errors. Decision tree-based algorithms provided an acceptable accuracy, but the amount of RAM, required for their operations, relates polynomially with the training sample volume. The deep neural networks provided the greatest accuracy, but they require considerable computing power for internal calculations.

Farooq, H. M., Otaibi, N. M..  2018.  Optimal Machine Learning Algorithms for Cyber Threat Detection. 2018 UKSim-AMSS 20th International Conference on Computer Modelling and Simulation (UKSim). :32-37.

With the exponential hike in cyber threats, organizations are now striving for better data mining techniques in order to analyze security logs received from their IT infrastructures to ensure effective and automated cyber threat detection. Machine Learning (ML) based analytics for security machine data is the next emerging trend in cyber security, aimed at mining security data to uncover advanced targeted cyber threats actors and minimizing the operational overheads of maintaining static correlation rules. However, selection of optimal machine learning algorithm for security log analytics still remains an impeding factor against the success of data science in cyber security due to the risk of large number of false-positive detections, especially in the case of large-scale or global Security Operations Center (SOC) environments. This fact brings a dire need for an efficient machine learning based cyber threat detection model, capable of minimizing the false detection rates. In this paper, we are proposing optimal machine learning algorithms with their implementation framework based on analytical and empirical evaluations of gathered results, while using various prediction, classification and forecasting algorithms.

Eziama, E., Jaimes, L. M. S., James, A., Nwizege, K. S., Balador, A., Tepe, K..  2018.  Machine Learning-Based Recommendation Trust Model for Machine-to-Machine Communication. 2018 IEEE International Symposium on Signal Processing and Information Technology (ISSPIT). :1-6.

The Machine Type Communication Devices (MTCDs) are usually based on Internet Protocol (IP), which can cause billions of connected objects to be part of the Internet. The enormous amount of data coming from these devices are quite heterogeneous in nature, which can lead to security issues, such as injection attacks, ballot stuffing, and bad mouthing. Consequently, this work considers machine learning trust evaluation as an effective and accurate option for solving the issues associate with security threats. In this paper, a comparative analysis is carried out with five different machine learning approaches: Naive Bayes (NB), Decision Tree (DT), Linear and Radial Support Vector Machine (SVM), KNearest Neighbor (KNN), and Random Forest (RF). As a critical element of the research, the recommendations consider different Machine-to-Machine (M2M) communication nodes with regard to their ability to identify malicious and honest information. To validate the performances of these models, two trust computation measures were used: Receiver Operating Characteristics (ROCs), Precision and Recall. The malicious data was formulated in Matlab. A scenario was created where 50% of the information were modified to be malicious. The malicious nodes were varied in the ranges of 10%, 20%, 30%, 40%, and the results were carefully analyzed.

Su, H., Zwolinski, M., Halak, B..  2018.  A Machine Learning Attacks Resistant Two Stage Physical Unclonable Functions Design. 2018 IEEE 3rd International Verification and Security Workshop (IVSW). :52-55.

Physical Unclonable Functions (PUFs) have been designed for many security applications such as identification, authentication of devices and key generation, especially for lightweight electronics. Traditional approaches to enhancing security, such as hash functions, may be expensive and resource dependent. However, modelling attacks using machine learning (ML) show the vulnerability of most PUFs. In this paper, a combination of a 32-bit current mirror and 16-bit arbiter PUFs in 65nm CMOS technology is proposed to improve resilience against modelling attacks. Both PUFs are vulnerable to machine learning attacks and we reduce the output prediction rate from 99.2% and 98.8% individually, to 60%.