With the increasing emphasis on personal information protection,encryption through security protocols has emerged as a critical requirement in data transmission and reception processes.Nevertheless,IoT ecosystems comp...With the increasing emphasis on personal information protection,encryption through security protocols has emerged as a critical requirement in data transmission and reception processes.Nevertheless,IoT ecosystems comprise heterogeneous networks where outdated systems coexist with the latest devices,spanning a range of devices from non-encrypted ones to fully encrypted ones.Given the limited visibility into payloads in this context,this study investigates AI-based attack detection methods that leverage encrypted traffic metadata,eliminating the need for decryption and minimizing system performance degradation—especially in light of these heterogeneous devices.Using the UNSW-NB15 and CICIoT-2023 dataset,encrypted and unencrypted traffic were categorized according to security protocol,and AI-based intrusion detection experiments were conducted for each traffic type based on metadata.To mitigate the problem of class imbalance,eight different data sampling techniques were applied.The effectiveness of these sampling techniques was then comparatively analyzed using two ensemble models and three Deep Learning(DL)models from various perspectives.The experimental results confirmed that metadata-based attack detection is feasible using only encrypted traffic.In the UNSW-NB15 dataset,the f1-score of encrypted traffic was approximately 0.98,which is 4.3%higher than that of unencrypted traffic(approximately 0.94).In addition,analysis of the encrypted traffic in the CICIoT-2023 dataset using the same method showed a significantly lower f1-score of roughly 0.43,indicating that the quality of the dataset and the preprocessing approach have a substantial impact on detection performance.Furthermore,when data sampling techniques were applied to encrypted traffic,the recall in the UNSWNB15(Encrypted)dataset improved by up to 23.0%,and in the CICIoT-2023(Encrypted)dataset by 20.26%,showing a similar level of improvement.Notably,in CICIoT-2023,f1-score and Receiver Operation Characteristic-Area Under the Curve(ROC-AUC)increased by 59.0%and 55.94%,respectively.These results suggest that data sampling can have a positive effect even in encrypted environments.However,the extent of the improvement may vary depending on data quality,model architecture,and sampling strategy.展开更多
The widespread and growing interest in the Internet of Things(IoT)may be attributed to its usefulness in many different fields.Physical settings are probed for data,which is then transferred via linked networks.There ...The widespread and growing interest in the Internet of Things(IoT)may be attributed to its usefulness in many different fields.Physical settings are probed for data,which is then transferred via linked networks.There are several hurdles to overcome when putting IoT into practice,from managing server infrastructure to coordinating the use of tiny sensors.When it comes to deploying IoT,everyone agrees that security is the biggest issue.This is due to the fact that a large number of IoT devices exist in the physicalworld and thatmany of themhave constrained resources such as electricity,memory,processing power,and square footage.This research intends to analyse resource-constrained IoT devices,including RFID tags,sensors,and smart cards,and the issues involved with protecting them in such restricted circumstances.Using lightweight cryptography,the information sent between these gadgets may be secured.In order to provide a holistic picture,this research evaluates and contrasts well-known algorithms based on their implementation cost,hardware/software efficiency,and attack resistance features.We also emphasised how essential lightweight encryption is for striking a good cost-to-performance-to-security ratio.展开更多
To reconstruct vehicle accidents,data from the time of the incident—such as pre-collision speed and collision point—is essential.This data is collected and generated through various sensors installed in the vehicle....To reconstruct vehicle accidents,data from the time of the incident—such as pre-collision speed and collision point—is essential.This data is collected and generated through various sensors installed in the vehicle.However,it may contain sensitive information about the vehicle owner.Consequently,vehicle owners tend to be reluctant to provide their vehicle data due to concerns about personal information exposure.Therefore,extensive research has been conducted on secure vehicle data trading models.Existing models primarily utilize centralized approaches,leading to issues such as single points of failure,data leakage,and manipulation.To address these problems,this paper proposes ORTHRUS,a blockchain-based vehicle data trading marketplace that ensures transparency,traceability,and decentralization.The proposed model accommodates two categories of output data:the original data and the computed result from the function.Additionally,in the proposed model,data owners retain control over their data,enabling them to directly choose which types of data to provide.By employing Multi-party computation(MPC)technique,MOZAIK architecture,and the random leader selection technique,the proposed scheme,ORTHRUS,guarantees the input privacy and resistance to pre-collusion attacks.Furthermore,the proposed model promotes fairness by identifying dishonest behavior among participants by enforcing penalties and rewards through the implementation of smart contracts.展开更多
Electric Vehicle Charging Systems(EVCS)are increasingly vulnerable to cybersecurity threats as they integrate deeply into smart grids and Internet ofThings(IoT)environments,raising significant security challenges.Most...Electric Vehicle Charging Systems(EVCS)are increasingly vulnerable to cybersecurity threats as they integrate deeply into smart grids and Internet ofThings(IoT)environments,raising significant security challenges.Most existing research primarily emphasizes network-level anomaly detection,leaving critical vulnerabilities at the host level underexplored.This study introduces a novel forensic analysis framework leveraging host-level data,including system logs,kernel events,and Hardware Performance Counters(HPC),to detect and analyze sophisticated cyberattacks such as cryptojacking,Denial-of-Service(DoS),and reconnaissance activities targeting EVCS.Using comprehensive forensic analysis and machine learning models,the proposed framework significantly outperforms existing methods,achieving an accuracy of 98.81%.The findings offer insights into distinct behavioral signatures associated with specific cyber threats,enabling improved cybersecurity strategies and actionable recommendations for robust EVCS infrastructure protection.展开更多
Information content security is a branch of cyberspace security. How to effectively manage and use Weibo comment information has become a research focus in the field of information content security. Three main tasks i...Information content security is a branch of cyberspace security. How to effectively manage and use Weibo comment information has become a research focus in the field of information content security. Three main tasks involved are emotion sentence identification and classification,emotion tendency classification,and emotion expression extraction. Combining with the latent Dirichlet allocation(LDA) model,a Gibbs sampling implementation for inference of our algorithm is presented,and can be used to categorize emotion tendency automatically with the computer. In accordance with the lower ratio of recall for emotion expression extraction in Weibo,use dependency parsing,divided into two categories with subject and object,summarized six kinds of dependency models from evaluating objects and emotion words,and proposed that a merge algorithm for evaluating objects can be accurately evaluated by participating in a public bakeoff and in the shared tasks among the best methods in the sub-task of emotion expression extraction,indicating the value of our method as not only innovative but practical.展开更多
This paper proposes a method for detecting a helmet for thesafety of workers from risk factors and a mask worn indoors and verifying aworker’s identity while wearing a helmet and mask for security. The proposedmethod...This paper proposes a method for detecting a helmet for thesafety of workers from risk factors and a mask worn indoors and verifying aworker’s identity while wearing a helmet and mask for security. The proposedmethod consists of a part for detecting the worker’s helmet and mask and apart for verifying the worker’s identity. An algorithm for helmet and maskdetection is generated by transfer learning of Yolov5’s s-model and m-model.Both models are trained by changing the learning rate, batch size, and epoch.The model with the best performance is selected as the model for detectingmasks and helmets. At a learning rate of 0.001, a batch size of 32, and anepoch of 200, the s-model showed the best performance with a mAP of0.954, and this was selected as an optimal model. The worker’s identificationalgorithm consists of a facial feature extraction part and a classifier partfor the worker’s identification. The algorithm for facial feature extraction isgenerated by transfer learning of Facenet, and SVMis used as the classifier foridentification. The proposed method makes trained models using two datasets,a masked face dataset with only a masked face, and a mixed face datasetwith both a masked face and an unmasked face. And the model with the bestperformance among the trained models was selected as the optimal model foridentification when using a mask. As a result of the experiment, the model bytransfer learning of Facenet and SVM using a mixed face dataset showed thebest performance. When the optimal model was tested with a mixed dataset,it showed an accuracy of 95.4%. Also, the proposed model was evaluated asdata from 500 images of taking 10 people with a mobile phone. The resultsshowed that the helmet and mask were detected well and identification wasalso good.展开更多
Similarity measure design for discrete data group was proposed. Similarity measure design for continuous membership function was also carried out. Proposed similarity measures were designed based on fuzzy number and d...Similarity measure design for discrete data group was proposed. Similarity measure design for continuous membership function was also carried out. Proposed similarity measures were designed based on fuzzy number and distance measure, and were proved. To calculate the degree of similarity of discrete data, relative degree between data and total distribution was obtained. Discrete data similarity measure was completed with combination of mentioned relative degrees. Power interconnected system with multi characteristics was considered to apply discrete similarity measure. Naturally, similarity measure was extended to multi-dimensional similarity measure case, and applied to bus clustering problem.展开更多
The distributed denial of service (DDoS) attack is one of the dangers in intrusion modes. It's difficult to defense and can cause serious damage to the system. Based on a careful study of the attack principles and...The distributed denial of service (DDoS) attack is one of the dangers in intrusion modes. It's difficult to defense and can cause serious damage to the system. Based on a careful study of the attack principles and characteristics, an object-oriented formalized description is presented, which contains a three-level framework and offers full specifications of all kinds of DDoS modes and their features and the relations between one another. Its greatest merit lies in that it contributes to analyzing, checking and judging DDoS. Now this formalized description has been used in a special IDS and it works very effectively.(展开更多
With the rapid development of Internet technology,the type of information in the Internet is extremely complex,and a large number of riot contents containing bloody,violent and riotous components have appeared.These c...With the rapid development of Internet technology,the type of information in the Internet is extremely complex,and a large number of riot contents containing bloody,violent and riotous components have appeared.These contents pose a great threat to the network ecology and national security.As a result,the importance of monitoring riotous Internet activity cannot be overstated.Convolutional Neural Network(CNN-based)target detection algorithm has great potential in identifying rioters,so this paper focused on the use of improved backbone and optimization function of You Only Look Once v5(YOLOv5),and further optimization of hyperparameters using genetic algorithm to achieve fine-grained recognition of riot image content.First,the fine-grained features of riot-related images were identified,and then the dataset was constructed by manual annotation.Second,the training and testing work was carried out on the constructed dedicated dataset by supervised deep learning training.The research results have shown that the improved YOLOv5 network significantly improved the fine-grained feature extraction capability of riot-related images compared with the original YOLOv5 network structure,and the mean average precision(mAP)value was improved to 0.6128.Thus,it provided strong support for combating riot-related organizations and maintaining the online ecological environment.展开更多
The paper review the public-key cryptosystems based on the error correcting codes such as Goppa code, BCH code, RS code, rank distance code, algebraic geometric code as well as LDPC code, and made the comparative anal...The paper review the public-key cryptosystems based on the error correcting codes such as Goppa code, BCH code, RS code, rank distance code, algebraic geometric code as well as LDPC code, and made the comparative analyses of the merits and drawbacks of them. The cryptosystem based on Goppa code has high security, but can be achieved poor. The cryptosystems based on other error correcting codes have higher performance than Goppa code. But there are still some disadvantages to solve. At last, the paper produce an assumption of the Niederreiter cascade combination cryptosystem based on double public-keys under complex circumstances, which has higher performance and security than the traditional cryptosystems.展开更多
Nowadays,theuse of Avatars that are unique digital depictions has increased by users to access Metaverse—a virtual reality environment—through multiple devices and for various purposes.Therefore,the Avatar and Metav...Nowadays,theuse of Avatars that are unique digital depictions has increased by users to access Metaverse—a virtual reality environment—through multiple devices and for various purposes.Therefore,the Avatar and Metaverse are being developed with a new theory,application,and design,necessitating the association of more personal data and devices of targeted users every day.This Avatar and Metaverse technology explosion raises privacy and security concerns,leading to cyber attacks.MV-Honeypot,or Metaverse-Honeypot,as a commercial off-the-shelf solution that can counter these cyber attack-causing vulnerabilities,should be developed.To fill this gap,we study user’s engagements with Avatars in Metaverse,analyze possible security vulnerabilities,and create a model named Simplified Avatar Relationship Association with Non-linear Gradient(SARANG)that draws the full diagram of infrastructure components and data flow through accessing Metaverse in this paper.We also determine the most significant threat for each component’s cyberattacks that will affect user data and Avatars.As a result,the commercial off-the-shelf(COTS)of the MV-Honeypot must be established.展开更多
As energy-related problems continue to emerge,the need for stable energy supplies and issues regarding both environmental and safety require urgent consideration.Renewable energy is becoming increasingly important,wit...As energy-related problems continue to emerge,the need for stable energy supplies and issues regarding both environmental and safety require urgent consideration.Renewable energy is becoming increasingly important,with solar power accounting for the most significant proportion of renewables.As the scale and importance of solar energy have increased,cyber threats against solar power plants have also increased.So,we need an anomaly detection system that effectively detects cyber threats to solar power plants.However,as mentioned earlier,the existing solar power plant anomaly detection system monitors only operating information such as power generation,making it difficult to detect cyberattacks.To address this issue,in this paper,we propose a network packet-based anomaly detection system for the Programmable Logic Controller(PLC)of the inverter,an essential system of photovoltaic plants,to detect cyber threats.Cyberattacks and vulnerabilities in solar power plants were analyzed to identify cyber threats in solar power plants.The analysis shows that Denial of Service(DoS)and Manin-the-Middle(MitM)attacks are primarily carried out on inverters,aiming to disrupt solar plant operations.To develop an anomaly detection system,we performed preprocessing,such as correlation analysis and normalization for PLC network packets data and trained various machine learning-based classification models on such data.The Random Forest model showed the best performance with an accuracy of 97.36%.The proposed system can detect anomalies based on network packets,identify potential cyber threats that cannot be identified by the anomaly detection system currently in use in solar power plants,and enhance the security of solar plants.展开更多
Varieties of trusted computing products usually follow the mechanism of liner-style chain of trust according to the specifications of TCG.The distinct advantage is that the compatibility with the existing computing pl...Varieties of trusted computing products usually follow the mechanism of liner-style chain of trust according to the specifications of TCG.The distinct advantage is that the compatibility with the existing computing platform is preferable,while the shortcomings are obvious simultaneously.A new star-style trust model with the ability of data recovery is proposed in this paper.The model can enhance the hardware-based root of trust in platform measurement,reduce the loss of trust during transfer process,extend the border of trust flexibly,and have the ability of data backup and recovery.The security and reliability of system is much more improved.It is proved that the star-style trust model is much better than the liner-style trust model in trust transfer and boundary extending etc.using formal methods in this paper.We illuminate the design and implementation of a kind of trusted PDA acting on star-style trust model.展开更多
The damage caused by malicious software is increasing owing to the COVID-19 pandemic,such as ransomware attacks on information technology and operational technology systems based on corporate networks and social infra...The damage caused by malicious software is increasing owing to the COVID-19 pandemic,such as ransomware attacks on information technology and operational technology systems based on corporate networks and social infrastructures and spear-phishing attacks on business or research institutes.Recently,several studies have been conducted to prevent further phishing emails in the workplace because malware attacks employ emails as the primary means of penetration.However,according to the latest research,there appears to be a limitation in blocking email spoofing through advanced blocking systems such as spam email filtering solutions and advanced persistent threat systems.Therefore,experts believe that it is more critical to restore services immediately through resilience than the advanced prevention program in the event of damage caused by malicious software.In accordance with this trend,we conducted a survey among 100 employees engaging in information security regarding the effective factors for countering malware attacks through email.Furthermore,we confirmed that resilience,backup,and restoration were effective factors in responding to phishing emails.In contrast,practical exercise and attack visualization were recognized as having little effect on malware attacks.In conclusion,our study reminds business and supervisory institutions to carefully examine their regular voluntary exercises or mandatory training programs and assists private corporations and public institutions to establish counter-strategies for dealing with malware attacks.展开更多
Industrial Control System(ICS),which is based on Industrial IoT(IIoT),has an intelligent mobile environment that supports various mobility,but there is a limit to relying only on the physical security of the ICS envir...Industrial Control System(ICS),which is based on Industrial IoT(IIoT),has an intelligent mobile environment that supports various mobility,but there is a limit to relying only on the physical security of the ICS environment.Due to various threat factors that can disrupt the workflow of the IIoT,machine learning-based anomaly detection technologies are being presented;it is also essential to study for increasing detection performance to minimize model errors for promoting stable ICS operation.In this paper,we established the requirements for improving the anomaly detection performance in the IIoT-based ICS environment by analyzing the related cases.After that,we presented an improving method of the performance of a machine learning model specialized for IIoT-based ICS,which increases the detection rate by applying correlation coefficients and clustering;it provides a mechanism to predict thresholds on a per-sequence.Likewise,we adopted the HAI dataset environment that actively reflected the characteristics of IIoT-based ICS and demonstrated that performance could be improved through comparative experiments with the traditional method and our proposed method.The presented method can further improve the performance of commonly applied error-based detection techniques and includes a primary method that can be enhanced over existing detection techniques by analyzing correlation coefficients between features to consider feedback between ICS components.Those can contribute to improving the performance of several detection models applied in ICS and other areas.展开更多
This paper observes approaches to algebraic analysis of GOST 28147-89 encryption algorithm (also known as simply GOST), which is the basis of most secure information systems in Russia. The general idea of algebraic an...This paper observes approaches to algebraic analysis of GOST 28147-89 encryption algorithm (also known as simply GOST), which is the basis of most secure information systems in Russia. The general idea of algebraic analysis is based on the representation of initial encryption algorithm as a system of multivariate quadratic equations, which define relations between a secret key and a cipher text. Extended linearization method is evaluated as a method for solving the nonlinear sys- tem of equations.展开更多
Network operators are attempting many innovations and changes in 5G using self-organizing networks(SON).The SON operates on the measurement reports(MR),which are obtained from user equipment(UE)and secured against mal...Network operators are attempting many innovations and changes in 5G using self-organizing networks(SON).The SON operates on the measurement reports(MR),which are obtained from user equipment(UE)and secured against malware and userspace programs.However,the synchronization signal block that the UE relies on to measure the wireless environment configured by a base station is not authenticated.As a result,the UE will likely gauge the wrong wireless environment configured by a false base station(FBS)and transmit the corresponding MR to the serving base station,which poisons the data used for 5G SONs.Therefore,the serving base stations must verify the authenticity of the MR.The 3GPP has advocated numerous solutions for this issue,including the use of public key certificates,identity-based keys,and group keys.Although the solution leveraging group keys have better efficiency and practicality than the other two,they are vulnerable to security threats caused by key leaks via insiders or malicious UE.In this paper,we analyze these security issues and propose an improved group key protocol that uses a new network function,called a broadcast message authentication network function(BMANF),which validates broadcasted messages on behalf of the UE.The protocol operates in two phases:initial and verification.During the initial phase,the 5G core network distributes a shared secret key to the BMANF and UE,allowing the latter to request an authentication ticket from the former.During the verification phase,the UE requests the BMANF to validate the broadcasted messages received from base stations using the ticket and its corresponding shared key.For evaluation,we formally verified the proposed protocol,which was then compared with alternative methods in terms of computing cost.As a result,the proposed protocol fulfills the security requirements and shows a lower overhead than the alternatives.展开更多
This article is dedicated to the analysis list of a set of rules to traffic filtering, which is a multi-dimensional structure, where each dimension is a set of networking field or the field of action, measuring the co...This article is dedicated to the analysis list of a set of rules to traffic filtering, which is a multi-dimensional structure, where each dimension is a set of networking field or the field of action, measuring the cost of the rules to traffic filtering on computer networks, allowing to determine the difference between definition of the rules and the control of the packet fields. Furthermore, the article was considered a hierarchical model to optimize traffic filtering, which reduces the overhead traffic filtering rules and provides the semantic integrity of the original set of rules to traffic filtering. The hierarchical structure of the design and optimization of traffic filtering was researched. And also was developed the hierarchical approach to optimize traffic filtering for reducing set of rules traffic filtering. Analyzed the algorithm optimal solutions and algorithm of random search filters that, allowing you to find the shortest way to a set of rules to traffic filtering. Moreover, in this article was presented the effectiveness evaluation of the process accelerating traffic filtering proposed by HAOTF.展开更多
The smart city comprises various infrastructures,including health-care,transportation,manufacturing,and energy.A smart city’s Internet of Things(IoT)environment constitutes a massive IoT environment encom-passing num...The smart city comprises various infrastructures,including health-care,transportation,manufacturing,and energy.A smart city’s Internet of Things(IoT)environment constitutes a massive IoT environment encom-passing numerous devices.As many devices are installed,managing security for the entire IoT device ecosystem becomes challenging,and attack vectors accessible to attackers increase.However,these devices often have low power and specifications,lacking the same security features as general Information Technology(IT)systems,making them susceptible to cyberattacks.This vulnerability is particularly concerning in smart cities,where IoT devices are connected to essential support systems such as healthcare and transportation.Disruptions can lead to significant human and property damage.One rep-resentative attack that exploits IoT device vulnerabilities is the Distributed Denial of Service(DDoS)attack by forming an IoT botnet.In a smart city environment,the formation of IoT botnets can lead to extensive denial-of-service attacks,compromising the availability of services rendered by the city.Moreover,the same IoT devices are typically employed across various infrastructures within a smart city,making them potentially vulnerable to similar attacks.This paper addresses this problem by designing a defense process to effectively respond to IoT botnet attacks in smart city environ-ments.The proposed defense process leverages the defense techniques of the MITRE D3FEND framework to mitigate the propagation of IoT botnets and support rapid and integrated decision-making by security personnel,enabling an immediate response.展开更多
Smart farming has become a strategic approach of sustainable agriculture management and monitoring with the infrastructure to exploit modern technologies,including big data,the cloud,and the Internet of Things(IoT).Ma...Smart farming has become a strategic approach of sustainable agriculture management and monitoring with the infrastructure to exploit modern technologies,including big data,the cloud,and the Internet of Things(IoT).Many researchers try to integrate IoT-based smart farming on cloud platforms effectively.They define various frameworks on smart farming and monitoring system and still lacks to define effective data management schemes.Since IoT-cloud systems involve massive structured and unstructured data,data optimization comes into the picture.Hence,this research designs an Information-Centric IoT-based Smart Farming with Dynamic Data Optimization(ICISF-DDO),which enhances the performance of the smart farming infrastructure with minimal energy consumption and improved lifetime.Here,a conceptual framework of the proposed scheme and statistical design model has beenwell defined.The information storage and management with DDO has been expanded individually to show the effective use of membership parameters in data optimization.The simulation outcomes state that the proposed ICISF-DDO can surpass existing smart farming systems with a data optimization ratio of 97.71%,reliability ratio of 98.63%,a coverage ratio of 99.67%,least sensor error rate of 8.96%,and efficient energy consumption ratio of 4.84%.展开更多
基金supported by the Institute of Information&Communications Technology Planning&Evaluation(IITP)grant funded by the Korea government(MSIT)(No.RS-2023-00235509Development of security monitoring technology based network behavior against encrypted cyber threats in ICT convergence environment).
文摘With the increasing emphasis on personal information protection,encryption through security protocols has emerged as a critical requirement in data transmission and reception processes.Nevertheless,IoT ecosystems comprise heterogeneous networks where outdated systems coexist with the latest devices,spanning a range of devices from non-encrypted ones to fully encrypted ones.Given the limited visibility into payloads in this context,this study investigates AI-based attack detection methods that leverage encrypted traffic metadata,eliminating the need for decryption and minimizing system performance degradation—especially in light of these heterogeneous devices.Using the UNSW-NB15 and CICIoT-2023 dataset,encrypted and unencrypted traffic were categorized according to security protocol,and AI-based intrusion detection experiments were conducted for each traffic type based on metadata.To mitigate the problem of class imbalance,eight different data sampling techniques were applied.The effectiveness of these sampling techniques was then comparatively analyzed using two ensemble models and three Deep Learning(DL)models from various perspectives.The experimental results confirmed that metadata-based attack detection is feasible using only encrypted traffic.In the UNSW-NB15 dataset,the f1-score of encrypted traffic was approximately 0.98,which is 4.3%higher than that of unencrypted traffic(approximately 0.94).In addition,analysis of the encrypted traffic in the CICIoT-2023 dataset using the same method showed a significantly lower f1-score of roughly 0.43,indicating that the quality of the dataset and the preprocessing approach have a substantial impact on detection performance.Furthermore,when data sampling techniques were applied to encrypted traffic,the recall in the UNSWNB15(Encrypted)dataset improved by up to 23.0%,and in the CICIoT-2023(Encrypted)dataset by 20.26%,showing a similar level of improvement.Notably,in CICIoT-2023,f1-score and Receiver Operation Characteristic-Area Under the Curve(ROC-AUC)increased by 59.0%and 55.94%,respectively.These results suggest that data sampling can have a positive effect even in encrypted environments.However,the extent of the improvement may vary depending on data quality,model architecture,and sampling strategy.
基金supported by project TRANSACT funded under H2020-EU.2.1.1.-INDUSTRIAL LEADERSHIP-Leadership in Enabling and Industrial Technologies-Information and Communication Technologies(Grant Agreement ID:101007260).
文摘The widespread and growing interest in the Internet of Things(IoT)may be attributed to its usefulness in many different fields.Physical settings are probed for data,which is then transferred via linked networks.There are several hurdles to overcome when putting IoT into practice,from managing server infrastructure to coordinating the use of tiny sensors.When it comes to deploying IoT,everyone agrees that security is the biggest issue.This is due to the fact that a large number of IoT devices exist in the physicalworld and thatmany of themhave constrained resources such as electricity,memory,processing power,and square footage.This research intends to analyse resource-constrained IoT devices,including RFID tags,sensors,and smart cards,and the issues involved with protecting them in such restricted circumstances.Using lightweight cryptography,the information sent between these gadgets may be secured.In order to provide a holistic picture,this research evaluates and contrasts well-known algorithms based on their implementation cost,hardware/software efficiency,and attack resistance features.We also emphasised how essential lightweight encryption is for striking a good cost-to-performance-to-security ratio.
基金supported by the IITP(Institute of Information&communications Technology Planning&Evaluation)-ITRC(Information Technology Research Center)grant funded by the Korea government(Ministry of Science and ICT)(IITP-2025-RS-2020-II201797)was supported as a‘Technology Commercialization Collaboration Platform Construction’project of the INNOPOLIS FOUNDATION(Project Number:1711202494).
文摘To reconstruct vehicle accidents,data from the time of the incident—such as pre-collision speed and collision point—is essential.This data is collected and generated through various sensors installed in the vehicle.However,it may contain sensitive information about the vehicle owner.Consequently,vehicle owners tend to be reluctant to provide their vehicle data due to concerns about personal information exposure.Therefore,extensive research has been conducted on secure vehicle data trading models.Existing models primarily utilize centralized approaches,leading to issues such as single points of failure,data leakage,and manipulation.To address these problems,this paper proposes ORTHRUS,a blockchain-based vehicle data trading marketplace that ensures transparency,traceability,and decentralization.The proposed model accommodates two categories of output data:the original data and the computed result from the function.Additionally,in the proposed model,data owners retain control over their data,enabling them to directly choose which types of data to provide.By employing Multi-party computation(MPC)technique,MOZAIK architecture,and the random leader selection technique,the proposed scheme,ORTHRUS,guarantees the input privacy and resistance to pre-collusion attacks.Furthermore,the proposed model promotes fairness by identifying dishonest behavior among participants by enforcing penalties and rewards through the implementation of smart contracts.
文摘Electric Vehicle Charging Systems(EVCS)are increasingly vulnerable to cybersecurity threats as they integrate deeply into smart grids and Internet ofThings(IoT)environments,raising significant security challenges.Most existing research primarily emphasizes network-level anomaly detection,leaving critical vulnerabilities at the host level underexplored.This study introduces a novel forensic analysis framework leveraging host-level data,including system logs,kernel events,and Hardware Performance Counters(HPC),to detect and analyze sophisticated cyberattacks such as cryptojacking,Denial-of-Service(DoS),and reconnaissance activities targeting EVCS.Using comprehensive forensic analysis and machine learning models,the proposed framework significantly outperforms existing methods,achieving an accuracy of 98.81%.The findings offer insights into distinct behavioral signatures associated with specific cyber threats,enabling improved cybersecurity strategies and actionable recommendations for robust EVCS infrastructure protection.
基金supported by National Key Basic Research Program of China (No.2014CB340600)partially supported by National Natural Science Foundation of China (Grant Nos.61332019,61672531)partially supported by National Social Science Foundation of China (Grant No.14GJ003-152)
文摘Information content security is a branch of cyberspace security. How to effectively manage and use Weibo comment information has become a research focus in the field of information content security. Three main tasks involved are emotion sentence identification and classification,emotion tendency classification,and emotion expression extraction. Combining with the latent Dirichlet allocation(LDA) model,a Gibbs sampling implementation for inference of our algorithm is presented,and can be used to categorize emotion tendency automatically with the computer. In accordance with the lower ratio of recall for emotion expression extraction in Weibo,use dependency parsing,divided into two categories with subject and object,summarized six kinds of dependency models from evaluating objects and emotion words,and proposed that a merge algorithm for evaluating objects can be accurately evaluated by participating in a public bakeoff and in the shared tasks among the best methods in the sub-task of emotion expression extraction,indicating the value of our method as not only innovative but practical.
基金supported by a grant (20015427)of Regional Customized Disaster-Safety R&D Programfunded by Ministry of Interior and Safety (MOIS,Korea)was supported by Basic Science Research Program through the National Research Foundation of Korea (NRF)funded by the Ministry of Education (No.2022R1A6A1A03052954).
文摘This paper proposes a method for detecting a helmet for thesafety of workers from risk factors and a mask worn indoors and verifying aworker’s identity while wearing a helmet and mask for security. The proposedmethod consists of a part for detecting the worker’s helmet and mask and apart for verifying the worker’s identity. An algorithm for helmet and maskdetection is generated by transfer learning of Yolov5’s s-model and m-model.Both models are trained by changing the learning rate, batch size, and epoch.The model with the best performance is selected as the model for detectingmasks and helmets. At a learning rate of 0.001, a batch size of 32, and anepoch of 200, the s-model showed the best performance with a mAP of0.954, and this was selected as an optimal model. The worker’s identificationalgorithm consists of a facial feature extraction part and a classifier partfor the worker’s identification. The algorithm for facial feature extraction isgenerated by transfer learning of Facenet, and SVMis used as the classifier foridentification. The proposed method makes trained models using two datasets,a masked face dataset with only a masked face, and a mixed face datasetwith both a masked face and an unmasked face. And the model with the bestperformance among the trained models was selected as the optimal model foridentification when using a mask. As a result of the experiment, the model bytransfer learning of Facenet and SVM using a mixed face dataset showed thebest performance. When the optimal model was tested with a mixed dataset,it showed an accuracy of 95.4%. Also, the proposed model was evaluated asdata from 500 images of taking 10 people with a mobile phone. The resultsshowed that the helmet and mask were detected well and identification wasalso good.
基金Project(2010-0020163) supported by Key Research Institute Program through the National Research Foundation of Korea (NRF) funded by the Ministry of Education, Science and Technology, Korea
文摘Similarity measure design for discrete data group was proposed. Similarity measure design for continuous membership function was also carried out. Proposed similarity measures were designed based on fuzzy number and distance measure, and were proved. To calculate the degree of similarity of discrete data, relative degree between data and total distribution was obtained. Discrete data similarity measure was completed with combination of mentioned relative degrees. Power interconnected system with multi characteristics was considered to apply discrete similarity measure. Naturally, similarity measure was extended to multi-dimensional similarity measure case, and applied to bus clustering problem.
文摘The distributed denial of service (DDoS) attack is one of the dangers in intrusion modes. It's difficult to defense and can cause serious damage to the system. Based on a careful study of the attack principles and characteristics, an object-oriented formalized description is presented, which contains a three-level framework and offers full specifications of all kinds of DDoS modes and their features and the relations between one another. Its greatest merit lies in that it contributes to analyzing, checking and judging DDoS. Now this formalized description has been used in a special IDS and it works very effectively.(
基金This work was supported by Fundamental Research Funds for the Central Universities,People’s Public Security University of China(2021JKF215)Key Projects of the Technology Research Program of the Ministry of Public Security(2021JSZ09)the Fund for the training of top innovative talents to support master’s degree program,People’s Public Security University of china(2021yjsky018).
文摘With the rapid development of Internet technology,the type of information in the Internet is extremely complex,and a large number of riot contents containing bloody,violent and riotous components have appeared.These contents pose a great threat to the network ecology and national security.As a result,the importance of monitoring riotous Internet activity cannot be overstated.Convolutional Neural Network(CNN-based)target detection algorithm has great potential in identifying rioters,so this paper focused on the use of improved backbone and optimization function of You Only Look Once v5(YOLOv5),and further optimization of hyperparameters using genetic algorithm to achieve fine-grained recognition of riot image content.First,the fine-grained features of riot-related images were identified,and then the dataset was constructed by manual annotation.Second,the training and testing work was carried out on the constructed dedicated dataset by supervised deep learning training.The research results have shown that the improved YOLOv5 network significantly improved the fine-grained feature extraction capability of riot-related images compared with the original YOLOv5 network structure,and the mean average precision(mAP)value was improved to 0.6128.Thus,it provided strong support for combating riot-related organizations and maintaining the online ecological environment.
基金Supported by the Postgraduate Project of Military Science of PLA(2013JY431)55th Batch of China Postdoctoral Second-Class on Fund Projects(2014M552656)
文摘The paper review the public-key cryptosystems based on the error correcting codes such as Goppa code, BCH code, RS code, rank distance code, algebraic geometric code as well as LDPC code, and made the comparative analyses of the merits and drawbacks of them. The cryptosystem based on Goppa code has high security, but can be achieved poor. The cryptosystems based on other error correcting codes have higher performance than Goppa code. But there are still some disadvantages to solve. At last, the paper produce an assumption of the Niederreiter cascade combination cryptosystem based on double public-keys under complex circumstances, which has higher performance and security than the traditional cryptosystems.
基金supported by the Institute of Information&Communications Technology Planning&Evaluation(IITP)(Project Nos.2022-0-00701,10%,RS-2023-00228996,10%,RS-2022-00165794,10%)the ICTR&DProgram of MSIT/IITP(ProjectNo.2021-0-01816,10%)a National Research Foundation of Korea(NRF)grant funded by the Korean Government(Project No.RS2023-00208460,60%).
文摘Nowadays,theuse of Avatars that are unique digital depictions has increased by users to access Metaverse—a virtual reality environment—through multiple devices and for various purposes.Therefore,the Avatar and Metaverse are being developed with a new theory,application,and design,necessitating the association of more personal data and devices of targeted users every day.This Avatar and Metaverse technology explosion raises privacy and security concerns,leading to cyber attacks.MV-Honeypot,or Metaverse-Honeypot,as a commercial off-the-shelf solution that can counter these cyber attack-causing vulnerabilities,should be developed.To fill this gap,we study user’s engagements with Avatars in Metaverse,analyze possible security vulnerabilities,and create a model named Simplified Avatar Relationship Association with Non-linear Gradient(SARANG)that draws the full diagram of infrastructure components and data flow through accessing Metaverse in this paper.We also determine the most significant threat for each component’s cyberattacks that will affect user data and Avatars.As a result,the commercial off-the-shelf(COTS)of the MV-Honeypot must be established.
基金supported by the Korea Institute of Energy Technology Evaluation and Planning(KETEP)grant funded by the Korea government(MOTIE)(20224B10100140,50%)the Nuclear Safety Research Program through the Korea Foundation of Nuclear Safety(KoFONS)using the financial resource granted by the Nuclear Safety and Security Commission(NSSC)of the Republic of Korea(No.2106058,40%)the Gachon University Research Fund of 2023(GCU-202110280001,10%)。
文摘As energy-related problems continue to emerge,the need for stable energy supplies and issues regarding both environmental and safety require urgent consideration.Renewable energy is becoming increasingly important,with solar power accounting for the most significant proportion of renewables.As the scale and importance of solar energy have increased,cyber threats against solar power plants have also increased.So,we need an anomaly detection system that effectively detects cyber threats to solar power plants.However,as mentioned earlier,the existing solar power plant anomaly detection system monitors only operating information such as power generation,making it difficult to detect cyberattacks.To address this issue,in this paper,we propose a network packet-based anomaly detection system for the Programmable Logic Controller(PLC)of the inverter,an essential system of photovoltaic plants,to detect cyber threats.Cyberattacks and vulnerabilities in solar power plants were analyzed to identify cyber threats in solar power plants.The analysis shows that Denial of Service(DoS)and Manin-the-Middle(MitM)attacks are primarily carried out on inverters,aiming to disrupt solar plant operations.To develop an anomaly detection system,we performed preprocessing,such as correlation analysis and normalization for PLC network packets data and trained various machine learning-based classification models on such data.The Random Forest model showed the best performance with an accuracy of 97.36%.The proposed system can detect anomalies based on network packets,identify potential cyber threats that cannot be identified by the anomaly detection system currently in use in solar power plants,and enhance the security of solar plants.
基金Supported by the National Natural Science Foundation of China(61303024)the Natural Science Foundation of Hubei Province(2013CFB441)+1 种基金the Foundation of Science and Technology on Information Assurance Laboratory(KJ-13-106)the Natural Science Foundation of Jiangsu Province(BK20130372)
文摘Varieties of trusted computing products usually follow the mechanism of liner-style chain of trust according to the specifications of TCG.The distinct advantage is that the compatibility with the existing computing platform is preferable,while the shortcomings are obvious simultaneously.A new star-style trust model with the ability of data recovery is proposed in this paper.The model can enhance the hardware-based root of trust in platform measurement,reduce the loss of trust during transfer process,extend the border of trust flexibly,and have the ability of data backup and recovery.The security and reliability of system is much more improved.It is proved that the star-style trust model is much better than the liner-style trust model in trust transfer and boundary extending etc.using formal methods in this paper.We illuminate the design and implementation of a kind of trusted PDA acting on star-style trust model.
基金This study was supported by a grant from the Korean Health Technology RD Project,Ministry of Health and Welfare,Republic of Korea(HI19C0866).
文摘The damage caused by malicious software is increasing owing to the COVID-19 pandemic,such as ransomware attacks on information technology and operational technology systems based on corporate networks and social infrastructures and spear-phishing attacks on business or research institutes.Recently,several studies have been conducted to prevent further phishing emails in the workplace because malware attacks employ emails as the primary means of penetration.However,according to the latest research,there appears to be a limitation in blocking email spoofing through advanced blocking systems such as spam email filtering solutions and advanced persistent threat systems.Therefore,experts believe that it is more critical to restore services immediately through resilience than the advanced prevention program in the event of damage caused by malicious software.In accordance with this trend,we conducted a survey among 100 employees engaging in information security regarding the effective factors for countering malware attacks through email.Furthermore,we confirmed that resilience,backup,and restoration were effective factors in responding to phishing emails.In contrast,practical exercise and attack visualization were recognized as having little effect on malware attacks.In conclusion,our study reminds business and supervisory institutions to carefully examine their regular voluntary exercises or mandatory training programs and assists private corporations and public institutions to establish counter-strategies for dealing with malware attacks.
基金This work was supported by the National Research Foundation of Korea(NRF)grant funded by the Korea government(MSIT)(No.NRF-2020R1A2C1012187,50%)the Nuclear Safety Research Program through the Korea Foundation of Nuclear Safety(KoFONS)using the financial resource granted by the Nuclear Safety and Security Commission(NSSC)of the Republic of Korea(No.2101058,25%)+1 种基金the Institute of Information&communications Technology Planning&Evaluation(IITP)grant funded by the Korea government(MSIT)(No.2021-0-00493)5G Massive Next Generation Cyber Attack Deception Technology Development,25%).
文摘Industrial Control System(ICS),which is based on Industrial IoT(IIoT),has an intelligent mobile environment that supports various mobility,but there is a limit to relying only on the physical security of the ICS environment.Due to various threat factors that can disrupt the workflow of the IIoT,machine learning-based anomaly detection technologies are being presented;it is also essential to study for increasing detection performance to minimize model errors for promoting stable ICS operation.In this paper,we established the requirements for improving the anomaly detection performance in the IIoT-based ICS environment by analyzing the related cases.After that,we presented an improving method of the performance of a machine learning model specialized for IIoT-based ICS,which increases the detection rate by applying correlation coefficients and clustering;it provides a mechanism to predict thresholds on a per-sequence.Likewise,we adopted the HAI dataset environment that actively reflected the characteristics of IIoT-based ICS and demonstrated that performance could be improved through comparative experiments with the traditional method and our proposed method.The presented method can further improve the performance of commonly applied error-based detection techniques and includes a primary method that can be enhanced over existing detection techniques by analyzing correlation coefficients between features to consider feedback between ICS components.Those can contribute to improving the performance of several detection models applied in ICS and other areas.
文摘This paper observes approaches to algebraic analysis of GOST 28147-89 encryption algorithm (also known as simply GOST), which is the basis of most secure information systems in Russia. The general idea of algebraic analysis is based on the representation of initial encryption algorithm as a system of multivariate quadratic equations, which define relations between a secret key and a cipher text. Extended linearization method is evaluated as a method for solving the nonlinear sys- tem of equations.
基金This work was supported by Institute of Information&communications Technology Planning&Evaluation(IITP)grant funded by the Korea government(MSIT)(No.2020-0-00952,Development of 5G Edge Security Technology for Ensuring 5G+Service Stability and Availability,100%)。
文摘Network operators are attempting many innovations and changes in 5G using self-organizing networks(SON).The SON operates on the measurement reports(MR),which are obtained from user equipment(UE)and secured against malware and userspace programs.However,the synchronization signal block that the UE relies on to measure the wireless environment configured by a base station is not authenticated.As a result,the UE will likely gauge the wrong wireless environment configured by a false base station(FBS)and transmit the corresponding MR to the serving base station,which poisons the data used for 5G SONs.Therefore,the serving base stations must verify the authenticity of the MR.The 3GPP has advocated numerous solutions for this issue,including the use of public key certificates,identity-based keys,and group keys.Although the solution leveraging group keys have better efficiency and practicality than the other two,they are vulnerable to security threats caused by key leaks via insiders or malicious UE.In this paper,we analyze these security issues and propose an improved group key protocol that uses a new network function,called a broadcast message authentication network function(BMANF),which validates broadcasted messages on behalf of the UE.The protocol operates in two phases:initial and verification.During the initial phase,the 5G core network distributes a shared secret key to the BMANF and UE,allowing the latter to request an authentication ticket from the former.During the verification phase,the UE requests the BMANF to validate the broadcasted messages received from base stations using the ticket and its corresponding shared key.For evaluation,we formally verified the proposed protocol,which was then compared with alternative methods in terms of computing cost.As a result,the proposed protocol fulfills the security requirements and shows a lower overhead than the alternatives.
文摘This article is dedicated to the analysis list of a set of rules to traffic filtering, which is a multi-dimensional structure, where each dimension is a set of networking field or the field of action, measuring the cost of the rules to traffic filtering on computer networks, allowing to determine the difference between definition of the rules and the control of the packet fields. Furthermore, the article was considered a hierarchical model to optimize traffic filtering, which reduces the overhead traffic filtering rules and provides the semantic integrity of the original set of rules to traffic filtering. The hierarchical structure of the design and optimization of traffic filtering was researched. And also was developed the hierarchical approach to optimize traffic filtering for reducing set of rules traffic filtering. Analyzed the algorithm optimal solutions and algorithm of random search filters that, allowing you to find the shortest way to a set of rules to traffic filtering. Moreover, in this article was presented the effectiveness evaluation of the process accelerating traffic filtering proposed by HAOTF.
基金supported by Institute of Information&Communications Technology Planning&Evaluation(IITP)grant funded by the Korea government(MSIT)(No.2021-0-00493,5G Massive Next Generation Cyber Attack Deception Technology Development,60%)supported by Institute of Information&Communications Technology Planning&Evaluation(IITP)grant funded by the Korea government(MSIT)(No.2021-0-01806,Development of Security by Design and Security Management Technology in Smart Factory,30%)this work was supported by the Gachon University Research Fund of 2023(GCU-202106330001%,10%).
文摘The smart city comprises various infrastructures,including health-care,transportation,manufacturing,and energy.A smart city’s Internet of Things(IoT)environment constitutes a massive IoT environment encom-passing numerous devices.As many devices are installed,managing security for the entire IoT device ecosystem becomes challenging,and attack vectors accessible to attackers increase.However,these devices often have low power and specifications,lacking the same security features as general Information Technology(IT)systems,making them susceptible to cyberattacks.This vulnerability is particularly concerning in smart cities,where IoT devices are connected to essential support systems such as healthcare and transportation.Disruptions can lead to significant human and property damage.One rep-resentative attack that exploits IoT device vulnerabilities is the Distributed Denial of Service(DDoS)attack by forming an IoT botnet.In a smart city environment,the formation of IoT botnets can lead to extensive denial-of-service attacks,compromising the availability of services rendered by the city.Moreover,the same IoT devices are typically employed across various infrastructures within a smart city,making them potentially vulnerable to similar attacks.This paper addresses this problem by designing a defense process to effectively respond to IoT botnet attacks in smart city environ-ments.The proposed defense process leverages the defense techniques of the MITRE D3FEND framework to mitigate the propagation of IoT botnets and support rapid and integrated decision-making by security personnel,enabling an immediate response.
文摘Smart farming has become a strategic approach of sustainable agriculture management and monitoring with the infrastructure to exploit modern technologies,including big data,the cloud,and the Internet of Things(IoT).Many researchers try to integrate IoT-based smart farming on cloud platforms effectively.They define various frameworks on smart farming and monitoring system and still lacks to define effective data management schemes.Since IoT-cloud systems involve massive structured and unstructured data,data optimization comes into the picture.Hence,this research designs an Information-Centric IoT-based Smart Farming with Dynamic Data Optimization(ICISF-DDO),which enhances the performance of the smart farming infrastructure with minimal energy consumption and improved lifetime.Here,a conceptual framework of the proposed scheme and statistical design model has beenwell defined.The information storage and management with DDO has been expanded individually to show the effective use of membership parameters in data optimization.The simulation outcomes state that the proposed ICISF-DDO can surpass existing smart farming systems with a data optimization ratio of 97.71%,reliability ratio of 98.63%,a coverage ratio of 99.67%,least sensor error rate of 8.96%,and efficient energy consumption ratio of 4.84%.
