Biblio

There are two paradigms in language processing, as characterised by symbolic compositional and statistical distributional modelling, which may be regarded as based upon the principles of compositionality (or symbolic recursion) and of contextuality (or the distributional hypothesis), respectively. Starting with philosophy of language as in Frege and Wittgenstein, we elucidate the nature of language and language processing from interdisciplinary perspectives across different fields of science. At the same time, we shed new light on conceptual issues in language processing on the basis of recent advances in Transformer-based models such as BERT and GPT-3. We link linguistic cognition with mathematical cognition through these discussions, explicating symbol grounding/emergence problems shared by both of them. We also discuss whether animal cognition can develop recursive compositional information processing.

The vulnerability assessment of the cyber-physical power system based on complex network theory is applied in this paper. The influence of the power system statistics upon the system vulnerability is studied based on complex network theory. The electrical betweenness is defined to suitably describe the power system characteristics. The real power systems are utilized as examples to analyze the distribution of the degree and betweenness of the power system as a complex network. The topology model of the cyber-physical power system is formed, and the static analysis is implemented to the study of the cyber-physical power system structural vulnerability. The IEEE 300 bus test system is selected to verify the model.

Quantum computing is poised to be the innovation driver of the next decade. Its information processing capabilities will radically accelerate drug discovery, improve online security, or even boost artificial intelligence [1]. Building a quantum computer promises to have a major positive impact in society, however building the hardware that will enable that paradigm change its one of the greatest technological challenges for humanity.

Botnets are used by hackers to conduct cyber attacks and pose a huge threat to Internet users. The key of botnets is the command and control (C&C) channels. Security researchers can keep track of a botnet by capturing and analyzing the communication traffic between C&C servers and bots. Hence, the botmaster is constantly seeking more covert C&C channels to stealthily control the botnet. This paper designs a new botnet dubbed mp-botnet wherein bots communicate with each other based on the Stratum mining pool protocol. The mp-botnet botnet completes information transmission according to the communication method of the Stratum protocol. The communication traffic in the botnet is disguised as the traffic between the mining pool and the miners in a Bitcoin network, thereby achieving better stealthiness and flexibility.

Cloud computing is one of the greatest and authoritative paradigms in computing as it provides access and use of various third-party services at a lower cost. However, there exist various security challenges facing cloud computing especially in the aspect of data privacy and this is more critical when dealing with sensitive personal or organization's data. Cloud service providers encrypt data during transfer from the local hard drive to the cloud server and at the server-side, the only problem is that the encryption key is stored by the service provider meaning they can decrypt your data. This paper discusses how cloud security can be enhanced by using client-side data encryption (pre-internet encryption), this will allow the clients to encrypt data before uploading to the cloud and store the key themselves. This means that data will be rendered to the cloud in an unreadable and secure format that cannot be accessed by unauthorized persons.

Aimming at the severe security threat faced by information transmission in wireless communication, the artificial interference in physical layer security technology was considered, and the influence of artificial interference signal style on system information transmission security was analyzed by simulation, which provided technical accumulation for the design of wireless security transmission system based on artificial interference.

In recent years, neural style transfer have shown impressive results in deep learning. In particular, for text style transfer, recent researches have successfully completed the transition from the text font domain to the text style domain. However, for text style transfer, multiple style transfer often requires learning many models, and generating multiple styles images of texts in a single model remains an unsolved problem. In this paper, we propose a multiple style transformation network for text style transfer, which can generate multiple styles of text images in a single model and control the style of texts in a simple way. The main idea is to add conditions to the transfer network so that all the styles can be trained effectively in the network, and to control the generation of each text style through the conditions. We also optimize the network so that the conditional information can be transmitted effectively in the network. The advantage of the proposed network is that multiple styles of text can be generated with only one model and that it is possible to control the generation of text styles. We have tested the proposed network on a large number of texts, and have demonstrated that it works well when generating multiple styles of text at the same time.

Signcryption is a sophisticated cryptographic tool that combines the benefits of digital signature and data encryption in a single step, resulting in reduced computation and storage cost. However, the existing signcryption techniques do not account for a scenario in which a company must escrow an employee's private encryption key so that the corporation does not lose the capacity to decrypt a ciphertext when the employee or user is no longer available. To circumvent the issue of non-repudiation, the private signing key does not need to be escrowed. As a result, this paper presents an implicit certificate-based signcryption technique with private encryption key escrow, which can assist an organization in preventing the loss of private encryption. A certificate, or more broadly, a digital signature, protects users' public encryption and signature keys from man-in-the-middle attacks under our proposed approach.

The development of technologies makes it possible to increase the power of information processing systems, but the modernization of processors brings not only an increase in performance but also an increase in the number of errors and vulnerabilities that can allow an attacker to attack the system and gain access to confidential information. White-Box cryptography allows (due to its structure) not only monitoring possible changes but also protects the processed data even with full access of the attacker to the environment. Elliptic Curve Cryptography (ECC) due to its properties, is becoming stronger and stronger in our lives, as it allows you to get strong encryption at a lower cost of processing your own algorithm. This allows you to reduce the load on the system and increase its performance.

In the current scenario, various forms of information are spread everywhere, especially through the Internet. A lot of valuable information is contained in the dissemination, so security issues have always attracted attention. With the emergence of cryptographic algorithms, information security has been further improved. Generally, cryptography encryption is divided into symmetric encryption and asymmetric encryption. Although symmetric encryption has a very fast computation speed and is beneficial to encrypt a large amount of data, the security is not as high as asymmetric encryption. The same pair of keys used in symmetric algorithms leads to security threats. Thus, if the key can be protected, the security could be improved. Using an asymmetric algorithm to protect the key and encrypting the message with a symmetric algorithm would be a good choice. This paper will review security issues in the information transmission and the method of hybrid encryption algorithms that will be widely used in the future. Also, the various characteristics of algorithms in different systems and some typical cases of hybrid encryption will be reviewed and analyzed to showcase the reinforcement by combining algorithms. Hybrid encryption algorithms will improve the security of the transmission without causing more other problems. Additionally, the way how the encryption algorithms combine to strength the security will be discussed with the aid of an example.

With the widespread application of distributed information processing, information processing security issues have become one of the important research topics; CAPTCHA technology is often used as the first security barrier for distributed information processing and it prevents the client malicious programs to attack the server. The experiment proves that the existing “request / response” mode of CAPTCHA has great security risks. “The text-based CAPTCHA solution without network flow consumption” proposed in this paper avoids the “request / response” mode and the verification logic of the text-based CAPTCHA is migrated to the client in this solution, which fundamentally cuts off the client's attack facing to the server during the verification of the CAPTCHA and it is a high-security text-based CAPTCHA solution without network flow consumption.

Traditional web security assessments are evaluated using a single data source, and the results of the calculations from different data sources are different. Based on multi-source data, this paper uses Analytic Hierarchy Process to construct an evaluation model, calculates the weight of each level of indicators in the web security evaluation model, analyzes and processes the data, calculates the host security threat assessment values at various levels, and visualizes the evaluation results through ECharts+WebGL technology.

Recent advances in machine learning enable wider applications of prediction models in cyber-physical systems. Smart grids are increasingly using distributed sensor settings for distributed sensor fusion and information processing. Load forecasting systems use these sensors to predict future loads to incorporate into dynamic pricing of power and grid maintenance. However, these inference predictors are highly complex and thus vulnerable to adversarial attacks. Moreover, the adversarial attacks are synthetic norm-bounded modifications to a limited number of sensors that can greatly affect the accuracy of the overall predictor. It can be much cheaper and effective to incorporate elements of security and resilience at the earliest stages of design. In this paper, we demonstrate how to analyze the security and resilience of learning-based prediction models in power distribution networks by utilizing a domain-specific deep-learning and testing framework. This framework is developed using DeepForge and enables rapid design and analysis of attack scenarios against distributed smart meters in a power distribution network. It runs the attack simulations in the cloud backend. In addition to the predictor model, we have integrated an anomaly detector to detect adversarial attacks targeting the predictor. We formulate the stealthy adversarial attacks as an optimization problem to maximize prediction loss while minimizing the required perturbations. Under the worst-case setting, where the attacker has full knowledge of both the predictor and the detector, an iterative attack method has been developed to solve for the adversarial perturbation. We demonstrate the framework capabilities using a GridLAB-D based power distribution network model and show how stealthy adversarial attacks can affect smart grid prediction systems even with a partial control of network.

In this paper, we propose an exact closed-form expression of secrecy outage probability (SOP) for underlay cognitive network with energy scavenging capable relay over Nakagami-m fading channels and under both (maximum transmit and interference) power constraints. Various results validated the proposed expression and shed insights into the security performance of this network in key specifications.

Advanced Persistent Threat (APT) having focused target along with advanced and persistent attacking skills under great concealment is a new trend followed for cyber-attacks. Threat intelligence helps in detecting and preventing APT by collecting a host of data and analyzing malicious behavior through efficient data sharing and guaranteeing the safety and quality of information exchange. For better protection, controlled access to intelligence information and a grading standard to revise the criteria in diagnosis for a security breach is needed. This paper analyses a threat intelligence sharing community model and proposes an improvement to increase the efficiency of sharing by rethinking the size and composition of a sharing community. Based on various external environment variables, it filters the low-quality shared intelligence by grading the trust level of a community member and the quality of a piece of intelligence. We hope that this research can fill in some security gaps to help organizations make a better decision in handling the ever-increasing and continually changing cyber-attacks.

Embedding costs used in content-adaptive image steganographic schemes can be defined in a heuristic way or with a statistical model. Inspired by previous steganographic methods, i.e., MG (multivariate Gaussian model) and MiPOD (minimizing the power of optimal detector), we propose a model-driven scheme in this paper. Firstly, we model image residuals obtained by high-pass filtering with quantized multivariate Gaussian distribution. Then, we derive the approximated Fisher Information (FI). We show that FI is related to both Gaussian variance and filter coefficients. Lastly, by selecting the maximum FI value derived with various filters as the final FI, we obtain embedding costs. Experimental results show that the proposed scheme is comparable to existing steganographic methods in resisting steganalysis equipped with rich models and selection-channel-aware rich models. It is also computational efficient when compared to MiPOD, which is the state-of-the-art model-driven method.

With the development of scientific information technology, the emergence of the Internet of Things (IOT) promoted the information industry once again to a new stage of economic and technological development. From the perspective of confidentiality, integrity, and availability of information security, this paper analyzed the current state of the IOT and the security threats, and then researched the security primary technologies of the IOT security architecture. IOT security architecture established the foundation for a reliable information security system for the IOT.

The paper presents a conceptual framework for security embedded task offloading requirements for IoT-Fog based future communication networks. The focus of the paper is to enumerate the need of embedded security requirements in this IoT-Fog paradigm including the middleware technologies in the overall architecture. Task offloading plays a significant role in the load balancing, energy and data management, security, reducing information processing and propagation latencies. The motivation behind introducing the embedded security is to meet the challenges of future smart networks including two main reasons namely; to improve the data protection and to minimize the internet disturbance and intrusiveness. We further discuss the middleware technologies such as cloudlets, mobile edge computing, micro datacenters, self-healing infrastructures and delay tolerant networks for security provision, optimized energy consumption and to reduce the latency. The paper introduces concepts of system virtualization and parallelism in IoT-Fog based systems and highlight the security features of the system. Some research opportunities and challenges are discussed to improve secure offloading from IoT into fog.

The area of military operations is presently a peculiar, heterogenic environment providing the decision-makers with varied data and information on the potential or the real enemy. However the vast number and diversity of the available information does not facilitate the decision process. The achievement of information advantage in line with the rule: the first to notice, the first to understand and the first to act depends among other things on the proper information processing. In the theory of Electronic Warfare, the processing of information about the electronic objects of the enemy emitting electromagnetic energy is realized by Signals Intelligence. The fastest processing of information in the information system of Signals Intelligence is presently provided by cybernetic environment. The construction of an information processing system in the cybernetic environment of Signals Intelligence is thus a very complex task. The article presents theoretical basis of information processing in cybernetic environment of Signals Intelligence based on research carried out by the authors. The article can be described as the added value since it presents and clarifies a complex concept of cybernetic environment of Signal Intelligence. Moreover, it provides a new definition of information process as a system of operations on intelligence information and data. It also presents the stages of information process as well as the structure of information processing process. In the further part it shows the factors and elements of the cybernetic environment of Signals Intelligence isolated in the process of research. The document provides a perspective for the processing of information in the cybernetic environment of Signals Intelligence, it fills the gap in research on information processing in the cybernetic environment of Signals Intelligence as well as assures strong theoretical basis and provides an incentive for further research on the information processing in the cybernetic environment of Signals Intelligence.

Objective: To evaluate the effectiveness of domain highlighting in helping users identify whether webpages are legitimate or spurious.

Background: As a component of the URL, a domain name can be overlooked. Consequently, browsers highlight the domain name to help users identify which website they are visiting. Nevertheless, few studies have assessed the effectiveness of domain highlighting, and the only formal study confounded highlighting with instructions to look at the address bar. 

Method: Two phishing detection experiments were conducted. Experiment 1 was run online: Participants judged the legitimacy of webpages in two phases. In phase one, participants were to judge the legitimacy based on any information on the webpage, whereas phase two they were to focus on the address bar. Whether the domain was highlighted was also varied.  Experiment 2 was conducted similarly but with participants in a laboratory setting, which allowed tracking of fixations.

Results: Participants differentiated the legitimate and fraudulent webpages better than chance. There was some benefit of attending to the address bar, but domain highlighting did not provide effective protection against phishing attacks. Analysis of eye-gaze fixation measures was in agreement with the task performance, but heat-map results revealed that participants’ visual attention was attracted by the domain highlighting.

Conclusion: Failure to detect many fraudulent webpages even when the domain was highlighted implies that users lacked knowledge of webpage security cues or how to use those cues.

Application: Potential applications include development of phishing-prevention training incorporating domain highlighting with other methods to help users identify phishing webpages. 

To evaluate the effectiveness of domain highlighting in helping users identify whether Web pages are legitimate or spurious. As a component of the URL, a domain name can be overlooked. Consequently, browsers highlight the domain name to help users identify which Web site they are visiting. Nevertheless, few studies have assessed the effectiveness of domain highlighting, and the only formal study confounded highlighting with instructions to look at the address bar. We conducted two phishing detection experiments. Experiment 1 was run online: Participants judged the legitimacy of Web pages in two phases. In Phase 1, participants were to judge the legitimacy based on any information on the Web page, whereas in Phase 2, they were to focus on the address bar. Whether the domain was highlighted was also varied. Experiment 2 was conducted similarly but with participants in a laboratory setting, which allowed tracking of fixations. Participants differentiated the legitimate and fraudulent Web pages better than chance. There was some benefit of attending to the address bar, but domain highlighting did not provide effective protection against phishing attacks. Analysis of eye-gaze fixation measures was in agreement with the task performance, but heat-map results revealed that participants’ visual attention was attracted by the highlighted domains. Failure to detect many fraudulent Web pages even when the domain was highlighted implies that users lacked knowledge of Web page security cues or how to use those cues. Potential applications include development of phishing prevention training incorporating domain highlighting with other methods to help users identify phishing Web pages.

Security of a computer system has been traditionally related to the security of the software or the information being processed. The underlying hardware used for information processing has been considered trusted. The emergence of hardware Trojan attacks violates this root of trust. These attacks, in the form of malicious modifications of electronic hardware at different stages of its life cycle, pose major security concerns in the electronics industry. An adversary can mount such an attack with an objective to cause operational failure or to leak secret information from inside a chip-e.g., the key in a cryptographic chip, during field operation. Global economic trend that encourages increased reliance on untrusted entities in the hardware design and fabrication process is rapidly enhancing the vulnerability to such attacks. In this paper, we analyze the threat of hardware Trojan attacks; present attack models, types, and scenarios; discuss different forms of protection approaches, both proactive and reactive; and describe emerging attack modes, defenses, and future research pathways.