Visible to the public Biblio

Found 174 results

Filters: Keyword is Semantics  [Clear All Filters]
2021-09-21
Yang, Ping, Shu, Hui, Kang, Fei, Bu, Wenjuan.  2020.  Automatically Generating Malware Summary Using Semantic Behavior Graphs (SBGs). 2020 Information Communication Technologies Conference (ICTC). :282–291.
In malware behavior analysis, there are limitations in the analysis method of control flow and data flow. Researchers analyzed data flow by dynamic taint analysis tools, however, it cost a lot. In this paper, we proposed a method of generating malware summary based on semantic behavior graphs (SBGs, Semantic Behavior Graphs) to address this issue. In this paper, we considered various situation where behaviors be capable of being associated, thus an algorithm of generating semantic behavior graphs was given firstly. Semantic behavior graphs are composed of behavior nodes and associated data edges. Then, we extracted behaviors and logical relationships between behaviors from semantic behavior graphs, and finally generated a summary of malware behaviors with true intension. Experimental results showed that our approach can effectively identify and describe malicious behaviors and generate accurate behavior summary.
Chai, Yuhan, Qiu, Jing, Su, Shen, Zhu, Chunsheng, Yin, Lihua, Tian, Zhihong.  2020.  LGMal: A Joint Framework Based on Local and Global Features for Malware Detection. 2020 International Wireless Communications and Mobile Computing (IWCMC). :463–468.
With the gradual advancement of smart city construction, various information systems have been widely used in smart cities. In order to obtain huge economic benefits, criminals frequently invade the information system, which leads to the increase of malware. Malware attacks not only seriously infringe on the legitimate rights and interests of users, but also cause huge economic losses. Signature-based malware detection algorithms can only detect known malware, and are susceptible to evasion techniques such as binary obfuscation. Behavior-based malware detection methods can solve this problem well. Although there are some malware behavior analysis works, they may ignore semantic information in the malware API call sequence. In this paper, we design a joint framework based on local and global features for malware detection to solve the problem of network security of smart cities, called LGMal, which combines the stacked convolutional neural network and graph convolutional networks. Specially, the stacked convolutional neural network is used to learn API call sequence information to capture local semantic features and the graph convolutional networks is used to learn API call semantic graph structure information to capture global semantic features. Experiments on Alibaba Cloud Security Malware Detection datasets show that the joint framework gets better results. The experimental results show that the precision is 87.76%, the recall is 88.08%, and the F1-measure is 87.79%. We hope this paper can provide a useful way for malware detection and protect the network security of smart city.
2021-08-31
Vonitsanos, Gerasimos, Dritsas, Elias, Kanavos, Andreas, Mylonas, Phivos, Sioutas, Spyros.  2020.  Security and Privacy Solutions associated with NoSQL Data Stores. 2020 15th International Workshop on Semantic and Social Media Adaptation and Personalization (SMA). :1—5.
Technologies such as cloud computing and big data management, have lately made significant progress creating an urgent need for specific databases that can safely store extensive data along with high availability. Specifically, a growing number of companies have adopted various types of non-relational databases, commonly referred to as NoSQL databases. These databases provide a robust mechanism for the storage and retrieval of large amounts of data without using a predefined schema. NoSQL platforms are superior to RDBMS, especially in cases when we are dealing with big data and parallel processing, and in particular, when there is no need to use relational modeling. Sensitive data is stored daily in NoSQL Databases, making the privacy problem more serious while raising essential security issues. In our paper, security and privacy issues when dealing with NoSQL databases are introduced and in following, security mechanisms and privacy solutions are thoroughly examined.
2021-08-05
Ren, Xiaoli, Li, Xiaoyong, Deng, Kefeng, Ren, Kaijun, Zhou, Aolong, Song, Junqiang.  2020.  Bringing Semantics to Support Ocean FAIR Data Services with Ontologies. 2020 IEEE International Conference on Services Computing (SCC). :30—37.
With the increasing attention to ocean and the development of data-intensive sciences, a large amount of ocean data has been acquired by various observing platforms and sensors, which poses new challenges to data management and utilization. Typically, nowadays we target to move ocean data management toward the FAIR principles of being findable, accessible, interoperable, and reusable. However, the data produced and managed by different organizations with wide diversity, various structures and increasing volume make it hard to be FAIR, and one of the most critical reason is the lack of unified data representation and publication methods. In this paper, we propose novel techniques to try to solve the problem by introducing semantics with ontologies. Specifically, we first propose a unified semantic model named OEDO to represent ocean data by defining the concepts of ocean observing field, specifying the relations between the concepts, and describing the properties with ocean metadata. Then, we further optimize the state-of-the-art quick service query list (QSQL) data structure, by extending the domain concepts with WordNet to improve data discovery. Moreover, based on the OEDO model and the optimized QSQL, we propose an ocean data service publishing method called DOLP to improve data discovery and data access. Finally, we conduct extensive experiments to demonstrate the effectiveness and efficiency of our proposals.
Ramasubramanian, Muthukumaran, Muhammad, Hassan, Gurung, Iksha, Maskey, Manil, Ramachandran, Rahul.  2020.  ES2Vec: Earth Science Metadata Keyword Assignment using Domain-Specific Word Embeddings. 2020 SoutheastCon. :1—6.
Earth science metadata keyword assignment is a challenging problem. Dataset curators select appropriate keywords from the Global Change Master Directory (GCMD) set of keywords. The keywords are integral part of search and discovery of these datasets. Hence, selection of keywords are crucial in increasing the discoverability of datasets. Utilizing machine learning techniques, we provide users with automated keyword suggestions as an improved approach to complement manual selection. We trained a machine learning model that leverages the semantic embedding ability of Word2Vec models to process abstracts and suggest relevant keywords. A user interface tool we built to assist data curators in assignment of such keywords is also described.
Alecakir, Huseyin, Kabukcu, Muhammet, Can, Burcu, Sen, Sevil.  2020.  Discovering Inconsistencies between Requested Permissions and Application Metadata by using Deep Learning. 2020 International Conference on Information Security and Cryptology (ISCTURKEY). :56—56.
Android gives us opportunity to extract meaningful information from metadata. From the security point of view, the missing important information in metadata of an application could be a sign of suspicious application, which could be directed for extensive analysis. Especially the usage of dangerous permissions is expected to be explained in app descriptions. The permission-to-description fidelity problem in the literature aims to discover such inconsistencies between the usage of permissions and descriptions. This study proposes a new method based on natural language processing and recurrent neural networks. The effect of user reviews on finding such inconsistencies is also investigated in addition to application descriptions. The experimental results show that high precision is obtained by the proposed solution, and the proposed method could be used for triage of Android applications.
Wang, Xiaowen, Huang, Yan.  2020.  Research on Semantic Based Metadata Method of SWIM Information Service. 2020 IEEE 2nd International Conference on Civil Aviation Safety and Information Technology (ICCASIT. :1121—1125.
Semantic metadata is an important means to promote the integration of information and services and improve the level of search and discovery automation. Aiming at the problems that machine is difficult to handle service metadata description and lack of information metadata description in current SWIM information services, this paper analyzes the methods of metadata sematic empowerment and mainstream semantic metadata standards related to air traffic control system, constructs the SWIM information, and service sematic metadata model based on semantic expansion. The method of semantic metadata model mapping is given from two aspects of service and data, which can be used to improve the level of information sharing and intelligent processing.
2021-07-28
Vinzamuri, Bhanukiran, Khabiri, Elham, Bhamidipaty, Anuradha, Mckim, Gregory, Gandhi, Biren.  2020.  An End-to-End Context Aware Anomaly Detection System. 2020 IEEE International Conference on Big Data (Big Data). :1689—1698.
Anomaly detection (AD) is very important across several real-world problems in the heavy industries and Internet-of-Things (IoT) domains. Traditional methods so far have categorized anomaly detection into (a) unsupervised, (b) semi-supervised and (c) supervised techniques. A relatively unexplored direction is the development of context aware anomaly detection systems which can build on top of any of these three techniques by using side information. Context can be captured from a different modality such as semantic graphs encoding grouping of sensors governed by the physics of the asset. Process flow diagrams of an operational plant depicting causal relationships between sensors can also provide useful context for ML algorithms. Capturing such semantics by itself can be pretty challenging, however, our paper mainly focuses on, (a) designing and implementing effective anomaly detection pipelines using sparse Gaussian Graphical Models with various statistical distance metrics, and (b) differentiating these pipelines by embedding contextual semantics inferred from graphs so as to obtain better KPIs in practice. The motivation for the latter of these two has been explained above, and the former in particular is well motivated by the relatively mediocre performance of highly parametric deep learning methods for small tabular datasets (compared to images) such as IoT sensor data. In contrast to such traditional automated deep learning (AutoAI) techniques, our anomaly detection system is based on developing semantics-driven industry specific ML pipelines which perform scalable computation evaluating several models to identify the best model. We benchmark our AD method against state-of-the-art AD techniques on publicly available UCI datasets. We also conduct a case study on IoT sensor and semantic data procured from a large thermal energy asset to evaluate the importance of semantics in enhancing our pipelines. In addition, we also provide explainable insights for our model which provide a complete perspective to a reliability engineer.
Aigner, Andreas, Khelil, Abdelmajid.  2020.  A Semantic Model-Based Security Engineering Framework for Cyber-Physical Systems. 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom). :1826—1833.
The coupling of safety-relevant embedded- and cyber-space components to build Cyber-Physical Systems (CPS) extends the functionality and quality in many business domains, while also creating new ones. Prime examples like Internet of Things and Industry 4.0 enable new technologies and extend the service capabilities of physical entities by building a universe of connected devices. In addition to higher complexity, the coupling of these heterogeneous systems results in many new challenges, which should be addressed by engineers and administrators. Here, security represents a major challenge, which may be well addressed in cyber-space engineering, but less in embedded system or CPS design. Although model-based engineering provides significant benefits for system architects, like reducing complexity and automated analysis, as well as being considered as standard methodology in embedded systems design, the aspect of security may not have had a major role in traditional engineering concepts. Especially the characteristics of CPS, as well as the coupling of safety-relevant (physical) components with high-scalable entities of the cyber-space domain have an enormous impact on the overall level of security, based on the introduced side effects and uncertainties. Therefore, we aim to define a model-based security-engineering framework, which is tailored to the needs of CPS engineers. Hereby, we focus on the actual modeling process, the evaluation of security, as well as quantitatively expressing security of a deployed CPS. Overall and in contrast to other approaches, we shift the engineering concepts on a semantic level, which allows to address the proposed challenges in CPS in the most efficient way.
2021-07-27
Lu, Tao, Xu, Hongyun, Tian, Kai, Tian, Cenxi, Jiang, Rui.  2020.  Semantic Location Privacy Protection Algorithm Based on Edge Cluster Graph. 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom). :1304–1309.
With the development of positioning technology and the popularity of mobile devices, location-based services have been widely deployed. To use the services, users must provide the server accurate location information, during which the attacker tends to infer sensitive information from intercepting queries. In this paper, we model the road network as an edge cluster graph with its location semantics considered. Then, we propose the Circle First Structure Optimization (CFSO) algorithm which generates an anonymous set by adding optimal adjacent locations. Furthermore, we introduce controllable randomness and propose the Attack-Resilient (AR) algorithm to enhance the anti-attack ability. Meanwhile, to reduce the system overhead, our algorithms build the anonymous set quickly and take the structure of the anonymous set into account. Finally, we conduct experiments on a real map and the results demonstrate a higher anonymity success rate and a stronger anti-attack capability with less system overhead.
Jiao, Rui, Zhang, Lan, Li, Anran.  2020.  IEye: Personalized Image Privacy Detection. 2020 6th International Conference on Big Data Computing and Communications (BIGCOM). :91–95.
Massive images are being shared via a variety of ways, such as social networking. The rich content of images raise a serious concern for privacy. A great number of efforts have been devoted to designing mechanisms for privacy protection based on the assumption that the privacy is well defined. However, in practice, given a collection of images it is usually nontrivial to decide which parts of images should be protected, since the sensitivity of objects is context-dependent and user-dependent. To meet personalized privacy requirements of different users, we propose a system IEye to automatically detect private parts of images based on both common knowledge and personal knowledge. Specifically, for each user's images, multi-layered semantic graphs are constructed as feature representations of his/her images and a rule set is learned from those graphs, which describes his/her personalized privacy. In addition, an optimization algorithm is proposed to protect the user's privacy as well as minimize the loss of utility. We conduct experiments on two datasets, the results verify the effectiveness of our design to detect and protect personalized image privacy.
Driss, Maha, Aljehani, Amani, Boulila, Wadii, Ghandorh, Hamza, Al-Sarem, Mohammed.  2020.  Servicing Your Requirements: An FCA and RCA-Driven Approach for Semantic Web Services Composition. IEEE Access. 8:59326—59339.
The evolution of Service-Oriented Computing (SOC) provides more efficient software development methods for building and engineering new value-added service-based applications. SOC is a computing paradigm that relies on Web services as fundamental elements. Research and technical advancements in Web services composition have been considered as an effective opportunity to develop new service-based applications satisfying complex requirements rapidly and efficiently. In this paper, we present a novel approach enhancing the composition of semantic Web services. The novelty of our approach, as compared to others reported in the literature, rests on: i) mapping user's/organization's requirements with Business Process Modeling Notation (BPMN) and semantic descriptions using ontologies, ii) considering functional requirements and also different types of non-functional requirements, such as quality of service (QoS), quality of experience (QoE), and quality of business (QoBiz), iii) using Formal Concept Analysis (FCA) technique to select the optimal set of Web services, iv) considering composability levels between sequential Web services using Relational Concept Analysis (RCA) technique to decrease the required adaptation efforts, and finally, v) validating the obtained service-based applications by performing an analytical technique, which is the monitoring. The approach experimented on an extended version of the OWLS-TC dataset, which includes more than 10830 Web services descriptions from various domains. The obtained results demonstrate that our approach allows to successfully and effectively compose Web services satisfying different types of user's functional and non-functional requirements.
2021-06-24
Wu, Chongke, Shao, Sicong, Tunc, Cihan, Hariri, Salim.  2020.  Video Anomaly Detection using Pre-Trained Deep Convolutional Neural Nets and Context Mining. 2020 IEEE/ACS 17th International Conference on Computer Systems and Applications (AICCSA). :1—8.
Anomaly detection is critically important for intelligent surveillance systems to detect in a timely manner any malicious activities. Many video anomaly detection approaches using deep learning methods focus on a single camera video stream with a fixed scenario. These deep learning methods use large-scale training data with large complexity. As a solution, in this paper, we show how to use pre-trained convolutional neural net models to perform feature extraction and context mining, and then use denoising autoencoder with relatively low model complexity to provide efficient and accurate surveillance anomaly detection, which can be useful for the resource-constrained devices such as edge devices of the Internet of Things (IoT). Our anomaly detection model makes decisions based on the high-level features derived from the selected embedded computer vision models such as object classification and object detection. Additionally, we derive contextual properties from the high-level features to further improve the performance of our video anomaly detection method. We use two UCSD datasets to demonstrate that our approach with relatively low model complexity can achieve comparable performance compared to the state-of-the-art approaches.
2021-06-01
Ming, Kun.  2020.  Chinese Coreference Resolution via Bidirectional LSTMs using Word and Token Level Representations. 2020 16th International Conference on Computational Intelligence and Security (CIS). :73–76.
Coreference resolution is an important task in the field of natural language processing. Most existing methods usually utilize word-level representations, ignoring massive information from the texts. To address this issue, we investigate how to improve Chinese coreference resolution by using span-level semantic representations. Specifically, we propose a model which acquires word and character representations through pre-trained Skip-Gram embeddings and pre-trained BERT, then explicitly leverages span-level information by performing bidirectional LSTMs among above representations. Experiments on CoNLL-2012 shared task have demonstrated that the proposed model achieves 62.95% F1-score, outperforming our baseline methods.
Ghosal, Sandip, Shyamasundar, R. K..  2020.  A Generalized Notion of Non-interference for Flow Security of Sequential and Concurrent Programs. 2020 27th Asia-Pacific Software Engineering Conference (APSEC). :51–60.
For the last two decades, a wide spectrum of interpretations of non-interference11The notion of non-interference discussed in this paper enforces flow security in a program and is different from the concept of non-interference used for establishing functional correctness of parallel programs [1] have been used in the security analysis of programs, starting with the notion proposed by Goguen & Meseguer along with arguments of its impact on security practice. While the majority of works deal with sequential programs, several researchers have extended the notion of non-interference to enforce information flow-security in non-deterministic and concurrent programs. Major efforts of generalizations are based on (i) considering input sequences as a basic unit for input/output with semantic interpretation on a two-point information flow lattice, or (ii) typing of expressions as values for reading and writing, or (iii) typing of expressions along with its limited effects. Such approaches have limited compositionality and, thus, pose issues while extending these notions for concurrent programs. Further, in a general multi-point lattice, the notion of a public observer (or attacker) is not unique as it depends on the level of the attacker and the one attacked. In this paper, we first propose a compositional variant of non-interference for sequential systems that follow a general information flow lattice and place it in the context of earlier definitions of non-interference. We show that such an extension leads to the capturing of violations of information flow security in a concrete setting of a sequential language. Finally, we generalize non-interference for concurrent programs and illustrate its use for security analysis, particularly in the cases where information is transmitted through shared variables.
Chen, Zhenfang, Wang, Peng, Ma, Lin, Wong, Kwan-Yee K., Wu, Qi.  2020.  Cops-Ref: A New Dataset and Task on Compositional Referring Expression Comprehension. 2020 IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR). :10083–10092.
Referring expression comprehension (REF) aims at identifying a particular object in a scene by a natural language expression. It requires joint reasoning over the textual and visual domains to solve the problem. Some popular referring expression datasets, however, fail to provide an ideal test bed for evaluating the reasoning ability of the models, mainly because 1) their expressions typically describe only some simple distinctive properties of the object and 2) their images contain limited distracting information. To bridge the gap, we propose a new dataset for visual reasoning in context of referring expression comprehension with two main features. First, we design a novel expression engine rendering various reasoning logics that can be flexibly combined with rich visual properties to generate expressions with varying compositionality. Second, to better exploit the full reasoning chain embodied in an expression, we propose a new test setting by adding additional distracting images containing objects sharing similar properties with the referent, thus minimising the success rate of reasoning-free cross-domain alignment. We evaluate several state-of-the-art REF models, but find none of them can achieve promising performance. A proposed modular hard mining strategy performs the best but still leaves substantial room for improvement.
Patnaikuni, Shrinivasan, Gengaje, Sachin.  2020.  Properness and Consistency of Syntactico-Semantic Reasoning using PCFG and MEBN. 2020 International Conference on Communication and Signal Processing (ICCSP). :0554–0557.
The paper proposes a formal approach for parsing grammatical derivations in the context of the principle of semantic compositionality by defining a mapping between Probabilistic Context Free Grammar (PCFG) and Multi Entity Bayesian Network (MEBN) theory, which is a first-order logic for modelling probabilistic knowledge bases. The principle of semantic compositionality states that meaning of compound expressions is dependent on meanings of constituent expressions forming the compound expression. Typical pattern analysis applications focus on syntactic patterns ignoring semantic patterns governing the domain in which pattern analysis is attempted. The paper introduces the concepts and terminologies of the mapping between PCFG and MEBN theory. Further the paper outlines a modified version of CYK parser algorithm for parsing PCFG derivations driven by MEBN. Using Kullback- Leibler divergence an outline for proving properness and consistency of the PCFG mapped with MEBN is discussed.
2021-05-20
Razaque, Abdul, Frej, Mohamed Ben Haj, Sabyrov, Dauren, Shaikhyn, Aidana, Amsaad, Fathi, Oun, Ahmed.  2020.  Detection of Phishing Websites using Machine Learning. 2020 IEEE Cloud Summit. :103—107.

Phishing sends malicious links or attachments through emails that can perform various functions, including capturing the victim's login credentials or account information. These emails harm the victims, cause money loss, and identity theft. In this paper, we contribute to solving the phishing problem by developing an extension for the Google Chrome web browser. In the development of this feature, we used JavaScript PL. To be able to identify and prevent the fishing attack, a combination of Blacklisting and semantic analysis methods was used. Furthermore, a database for phishing sites is generated, and the text, links, images, and other data on-site are analyzed for pattern recognition. Finally, our proposed solution was tested and compared to existing approaches. The results validate that our proposed method is capable of handling the phishing issue substantially.

2021-05-13
S, Naveen, Puzis, Rami, Angappan, Kumaresan.  2020.  Deep Learning for Threat Actor Attribution from Threat Reports. 2020 4th International Conference on Computer, Communication and Signal Processing (ICCCSP). :1–6.
Threat Actor Attribution is the task of identifying an attacker responsible for an attack. This often requires expert analysis and involves a lot of time. There had been attempts to detect a threat actor using machine learning techniques that use information obtained from the analysis of malware samples. These techniques will only be able to identify the attack, and it is trivial to guess the attacker because various attackers may adopt an attack method. A state-of-the-art method performs attribution of threat actors from text reports using Machine Learning and NLP techniques using Threat Intelligence reports. We use the same set of Threat Reports of Advanced Persistent Threats (APT). In this paper, we propose a Deep Learning architecture to attribute Threat actors based on threat reports obtained from various Threat Intelligence sources. Our work uses Neural Networks to perform the task of attribution and show that our method makes the attribution more accurate than other techniques and state-of-the-art methods.
2021-04-29
Hayes, J. Huffman, Payne, J., Essex, E., Cole, K., Alverson, J., Dekhtyar, A., Fang, D., Bernosky, G..  2020.  Towards Improved Network Security Requirements and Policy: Domain-Specific Completeness Analysis via Topic Modeling. 2020 IEEE Seventh International Workshop on Artificial Intelligence for Requirements Engineering (AIRE). :83—86.

Network security policies contain requirements - including system and software features as well as expected and desired actions of human actors. In this paper, we present a framework for evaluation of textual network security policies as requirements documents to identify areas for improvement. Specifically, our framework concentrates on completeness. We use topic modeling coupled with expert evaluation to learn the complete list of important topics that should be addressed in a network security policy. Using these topics as a checklist, we evaluate (students) a collection of network security policies for completeness, i.e., the level of presence of these topics in the text. We developed three methods for topic recognition to identify missing or poorly addressed topics. We examine network security policies and report the results of our analysis: preliminary success of our approach.

2021-04-27
Piplai, A., Ranade, P., Kotal, A., Mittal, S., Narayanan, S. N., Joshi, A..  2020.  Using Knowledge Graphs and Reinforcement Learning for Malware Analysis. 2020 IEEE International Conference on Big Data (Big Data). :2626—2633.

Machine learning algorithms used to detect attacks are limited by the fact that they cannot incorporate the back-ground knowledge that an analyst has. This limits their suitability in detecting new attacks. Reinforcement learning is different from traditional machine learning algorithms used in the cybersecurity domain. Compared to traditional ML algorithms, reinforcement learning does not need a mapping of the input-output space or a specific user-defined metric to compare data points. This is important for the cybersecurity domain, especially for malware detection and mitigation, as not all problems have a single, known, correct answer. Often, security researchers have to resort to guided trial and error to understand the presence of a malware and mitigate it.In this paper, we incorporate prior knowledge, represented as Cybersecurity Knowledge Graphs (CKGs), to guide the exploration of an RL algorithm to detect malware. CKGs capture semantic relationships between cyber-entities, including that mined from open source. Instead of trying out random guesses and observing the change in the environment, we aim to take the help of verified knowledge about cyber-attack to guide our reinforcement learning algorithm to effectively identify ways to detect the presence of malicious filenames so that they can be deleted to mitigate a cyber-attack. We show that such a guided system outperforms a base RL system in detecting malware.

2021-04-09
Noiprasong, P., Khurat, A..  2020.  An IDS Rule Redundancy Verification. 2020 17th International Joint Conference on Computer Science and Software Engineering (JCSSE). :110—115.
Intrusion Detection System (IDS) is a network security software and hardware widely used to detect anomaly network traffics by comparing the traffics against rules specified beforehand. Snort is one of the most famous open-source IDS system. To write a rule, Snort specifies structure and values in Snort manual. This specification is expressive enough to write in different way with the same meaning. If there are rule redundancy, it could distract performance. We, thus, propose a proof of semantical issues for Snort rule and found four pairs of Snort rule combinations that can cause redundancy. In addition, we create a tool to verify such redundancy between two rules on the public rulesets from Snort community and Emerging threat. As a result of our test, we found several redundancy issues in public rulesets if the user enables commented rules.
Mir, N., Khan, M. A. U..  2020.  Copyright Protection for Online Text Information : Using Watermarking and Cryptography. 2020 3rd International Conference on Computer Applications Information Security (ICCAIS). :1—4.
Information and security are interdependent elements. Information security has evolved to be a matter of global interest and to achieve this; it requires tools, policies and assurance of technologies against any relevant security risks. Internet influx while providing a flexible means of sharing the online information economically has rapidly attracted countless writers. Text being an important constituent of online information sharing, creates a huge demand of intellectual copyright protection of text and web itself. Various visible watermarking techniques have been studied for text documents but few for web-based text. In this paper, web page watermarking and cryptography for online content copyrights protection is proposed utilizing the semantic and syntactic rules using HTML (Hypertext Markup Language) and is tested for English and Arabic languages.
2021-04-08
Iwamoto, M., Ohta, K., Shikata, J..  2018.  Security Formalizations and Their Relationships for Encryption and Key Agreement in Information-Theoretic Cryptography. IEEE Transactions on Information Theory. 64:654–685.
This paper analyzes the formalizations of information-theoretic security for the fundamental primitives in cryptography: symmetric-key encryption and key agreement. Revisiting the previous results, we can formalize information-theoretic security using different methods, by extending Shannon's perfect secrecy, by information-theoretic analogues of indistinguishability and semantic security, and by the frameworks for composability of protocols. We show the relationships among the security formalizations and obtain the following results. First, in the case of encryption, there are significant gaps among the formalizations, and a certain type of relaxed perfect secrecy or a variant of information-theoretic indistinguishability is the strongest notion. Second, in the case of key agreement, there are significant gaps among the formalizations, and a certain type of relaxed perfect secrecy is the strongest notion. In particular, in both encryption and key agreement, the formalization of composable security is not stronger than any other formalizations. Furthermore, as an application of the relationships in encryption and key agreement, we simultaneously derive a family of lower bounds on the size of secret keys and security quantities required under the above formalizations, which also implies the importance and usefulness of the relationships.
Bouzar-Benlabiod, L., Rubin, S. H., Belaidi, K., Haddar, N. E..  2020.  RNN-VED for Reducing False Positive Alerts in Host-based Anomaly Detection Systems. 2020 IEEE 21st International Conference on Information Reuse and Integration for Data Science (IRI). :17–24.
Host-based Intrusion Detection Systems HIDS are often based on anomaly detection. Several studies deal with anomaly detection by analyzing the system-call traces and get good detection rates but also a high rate off alse positives. In this paper, we propose a new anomaly detection approach applied on the system-call traces. The normal behavior learning is done using a Sequence to sequence model based on a Variational Encoder-Decoder (VED) architecture that integrates Recurrent Neural Networks (RNN) cells. We exploit the semantics behind the invoking order of system-calls that are then seen as sentences. A preprocessing phase is added to structure and optimize the model input-data representation. After the learning step, a one-class classification is run to categorize the sequences as normal or abnormal. The architecture may be used for predicting abnormal behaviors. The tests are achieved on the ADFA-LD dataset.