Exploring the efficient vulnerability scanning and detection technology of various tools is one fundamental aim of network security. This network security technique ameliorates the tremendous number of IoT security challenges and the threats they face daily. However, among various tools, Shodan Eye scanning technology has proven to be very helpful for network administrators and security personnel to scan, detect and analyze vulnerable ports and traffic in organizations' networks. This work presents a simulated network scanning activity and manual vulnerability analysis of an internet-connected industrial equipment of two chosen industrial networks (Industry A and B) by running Shodan on a virtually hosted (Oracle Virtual Box)-Linux-based operating system (Kali Linux). The result shows that the shodan eye is a a promising tool for network security and efficient vulnerability research.

Android controls the majority of the global OS market. Android Open Source Project (AOSP) is a very complex system with many layers including the apps, the Application Framework, the middle-ware, the customized Linux kernel, and the trusted components. Although security is implemented in every layer, the Application Framework forms an important of the attack surface due to managing the user interface and permissions. Android security has evolved over the years. The security flaws that have been found in the Application Framework led to a redesign of Android permissions. Part of this evolution includes fixes to the vulnerabilities that are publicly released in the monthly Android security bulletins. In this study, we analyze the CVEs listed in the Android security bulletin within the last 6 years. We focus on the Android application framework and investigate several research questions relating to 1) the security relevant components, 2) the type and amount of testing information for the security patches, and 3) the adequacy of the tests designed to test these patches. Our findings indicate that Android security testing practices can be further improved by designing security bulletin update specific tests, and by improving code coverage of patched files.

As information and communication technologies evolve every day, so does the use of technology in our daily lives. Along with our increasing dependence on digital information assets, security vulnerabilities are becoming more and more apparent. Passwords are a critical component of secure access to digital systems and applications. They not only prevent unauthorized access to these systems, but also distinguish the users of such systems. Research on password predictability often relies on surveys or leaked data. Therefore, there is a gap in the literature for studies that consider real data in this regard. This study investigates the password security awareness of 161 computer engineering students enrolled in a Linux-based undergraduate course at Ataturk University. The study is conducted in two phases, and in the first phase, 12 dictionaries containing also real student data are formed. In the second phase of the study, a dictionary-based brute-force attack is utilized by means of a serial and parallel version of a Bash script to crack the students’ passwords. In this respect, the /etc/shadow file of the Linux system is used as a basis to compare the hashed versions of the guessed passwords. As a result, the passwords of 23 students, accounting for 14% of the entire student group, were cracked. We believe that this is an unacceptably high prediction rate for such a group with high digital literacy. Therefore, due to this important finding of the study, we took immediate action and shared the results of the study with the instructor responsible for administering the information security course that is included in our curriculum and offered in one of the following semesters.

With the rapid development of information science and technology, the role of the Internet in daily life is becoming more and more important, but while bringing speed and convenience to the experience, network security issues are endless, and fighting cybercrime will be an eternal topic. In recent years, new types of cyberattacks have made defense and analysis difficult. For example, the memory of network attacks makes some key array evidence only temporarily exist in physical memory, which puts forward higher requirements for attack detection. The traditional memory forensic analysis method for persistent data is no longer suitable for a new type of network attack analysis. The continuous development of memory forensics gives people hope. This paper proposes a network attack detection model based on memory forensic analysis to detect whether the system is under attack. Through experimental analysis, this model can effectively detect network attacks with low overhead and easy deployment, providing a new idea for network attack detection.

The present industrial scenario requires frequent transfer of data between remote servers and on premise devices and hence the risk of attacks on these data cannot be overlooked. Such security risk is even aggravated in case of sensitive information being compromised due to inefficient security implementations. Various forms of security implementations are being discussed and experimented for the same. With the introduction of devices with better processing capabilities, Public Key Infrastructure is a very popular technique being widely implemented, wherein symmetric and asymmetric key based encryptions are used inorder to secure the data being transferred and it has proven to be an effective technique. The PKI however suffers certain drawbacks and it is evident from the attacks. A system specifically designed for scenarios such as a factory having a centralised device management system requiring multiple devices to communicate and upload data safely to server is being put forward in this paper.

In a traditional electronic records management system (ERMS), the legitimacy of the participants’ identities is verified by Certificate Authority (CA) certifications. The authentication process is complicated and takes up lots of memory. To overcome this problem, we construct a hierarchical electronic records management system by using a Hierarchical Identity-Based Cryptosystem (HIBC) to replace CA. However, there exist the threats of malicious behavior from a private key generator (PKG) or an entity in the upper layer because the private keys are generated by a PKG or upper entity in HIBC. Thus, we adopt distributed key generation protocols in HIBC to avoid the threats. Finally, we use blockchain technology in our system to achieve decentralized management.

With the development of society, people have higher and higher requirements for the quality of life, and the management of legal cases has become more and more important. In this case, the research on how to realize electronization and networking has become the inevitable demand of the current information age. Therefore, this paper designs and develops the legal case management information system based on J2EE. Firstly, this paper introduces the related technologies of J2EE, then expounds the importance of legal case management informatization, and designs the legal case management information system according to the technical framework of J2EE. Finally, the performance of the system is tested. The test results show that the load capacity of the system is strong, the response time is 2–4 seconds, the resource utilization is relatively low, and the number of concurrent users is maintained at about 150. These show that the performance of the system fully meets the needs of legal case information management.

This paper conducts the development of the key technologies of the legal case management information system considering QoS optimization. The designed system administrator can carry out that the all-round management of the system, including account management, database management, security setting management, core data entry management, and data statistics management. With this help, the QoS optimization model is then integrated to improve the systematic performance of the system as the key technology. Similar to the layering in the data source, the data set is composed of the fields of the data set, and contains the relevant information of the attribute fields of various entity element categories. Furthermore, the designed system is analyzed and implemented on the public data sets to show the results.

There is an increase in interest and necessity for an interoperable and efficient railway network across Europe, creating a key distribution problem between train and trackside entities’ key management centres (KMC). Train and trackside entities establish a secure session using symmetric keys (KMAC) loaded beforehand by their respective KMC using procedures that are not scalable and prone to operational mistakes. A single system would simplify the KMAC distribution between KMCs; nevertheless, it is difficult to place the responsibility for such a system for the whole European area within one central organization. A single system could also expose relationships between KMCs, revealing information, such as plans to use an alternative route or serve a new region, jeopardizing competitive advantage. This paper proposes a scalable and decentralised key management system that allows KMC to share cryptographic keys using transactions while keeping relationships anonymous. Using non-interactive proofs of knowledge and assigning each entity a private and public key, private key owners can issue valid transactions while all system actors can validate them. Our performance analysis shows that the proposed system is scalable when a proof of concept is implemented with settings close to the expected railway landscape in 2030.

With the ever-increasing use of large-scale IoT networks in different sectors of the industry, it has become critical to realise seamless and secure communication between devices in the network. Realising secure group communication in the IoT requires solving the problem of group-key establishment. In this work, we solve the problem by designing a new lattice-based Key Encapsulation Mechanism (KEM) for resource-constrained devices that enable the distribution of a symmetric key or any other data between all the devices in a given network. This is achieved by coupling multiple private keys to a unique public key. Moreover, we present a proof-of-concept implementation based on the GGH algorithm. The results show it is feasible to use lattice-based cryptography to allow for seamless and secure group communications within a decentralised IoT network. It has been bench-marked against other common post-quantum constructs and proven to be more practical with respect to memory consumption and security, although considerably slower due to lack of optimisation in the implementation.

Ant Colony Optimization is applied to design a suitable and shortest route between the starting node point and the end node point in the Wireless Sensor Network (WSN). In general ant colony algorithm plays a good role in path planning process that can also applied in improving the network security. Therefore to protect the network from the malicious nodes an ACO based Dynamic Key Management (ACO-DKM) scheme is proposed. The routes are diagnosed through ACO method also the actual coverage distance and pheromone updating strategy is updated simultaneously that prevents the node from continuous monitoring. Simulation analysis gives the efficiency of the proposed scheme.

In the process of compiling the power-cut window period of the power grid equipment maintenance plan, problems such as omission of constraints are prone to occur due to excessive reliance on manual experience. In response to these problems, this paper proposes a method for mining key features of the power-cut window based on grey relational analysis. Through mining and analysis of the historical operation data of the power grid, the operation data of new energy, and the historical power-cut information of equipment, the indicators that play a key role in the arrangement of the outage window period of the equipment maintenance plan are found. Then use the key indicator information to formulate the window period. By mining the relationship between power grid operation data and equipment power outages, this paper can give full play to the big data advantages of the power grid, improve the accuracy and efficiency of the power-cut window period.

Fruit-80, an ultra-lightweight stream cipher with 80-bit secret key, is oriented toward resource constrained devices in the Internet of Things. In this paper, we propose area and speed optimization architectures of Fruit-80 on FPGAs. The area optimization architecture reuses NFSR&LFSR feedback functions and achieves the most suitable ratio of look-up-tables and flip-flops. The speed optimization architecture adopts a hybrid approach for parallelization and reduces the latency of long data paths by pre-generating primary feedback and inserting flip-flops. In conclusion, the optimal throughput-to-area ratio of the speed optimization architecture is better than that of Grain v1. The area optimization architecture occupies only 35 slices on Xilinx Spartan-3 FPGA, smaller than that of Grain and other common stream ciphers. To the best of our knowledge, this result sets a new record of the minimum area in lightweight cipher implementations on FPGA.

In the context of the Internet of Things (IoT), lightweight block ciphers are of vital importance. Due to the nature of the devices involved, traditional security solutions can add overhead and perhaps inhibit the application's objective due to resource limits. Lightweight cryptography is a novel suite of ciphers that aims to provide hardware-constrained devices with a high level of security while maintaining a low physical cost and high performance. In this paper, we are going to evaluate the performance of some of the recently proposed lightweight block ciphers (GIFT-COFB, Romulus, and TinyJAMBU) on the Arduino Due. We analyze data on each algorithm's performance using four metrics: average encryption and decryption execution time; throughput; power consumption; and memory utilization. Among our chosen ciphers, we find that TinyJAMBU and GIFT-COFB are excellent choices for resource-constrained IoT devices.

The design of efficient and secure cryptographic algorithms is a fundamental problem of cryptography. Due to the tight cost and constrained resources devices such as Radio-Frequency IDentification (RFID), wireless sensors, smart cards, health-care devices, lightweight cryptography has received a great deal of attention. Recent research mainly focused on designing optimized cryptographic algorithms which trade offs between security performance, time consuming, energy consumption and cost. In this paper, we present two chaotic stream ciphers based on chaos and we report the results of a comparative performance evaluation study. Compared to other crypto-systems of the literature, we demonstrate that our designed stream ciphers are suitable for practical secure applications of the Internet of Things (IoT) in a constrained resource environment.

Lightweight cryptography is a novel diversion from conventional cryptography that targets internet-of-things (IoT) platform due to resource constraints. In comparison, it offers smaller cryptographic primitives such as shorter key sizes, block sizes and lesser energy drainage. The main focus can be seen in algorithm developments in this emerging subject. Thus, verification is carried out based upon theoretical (mathematical) proofs mostly. Among the few available side-channel analysis studies found in literature, the highest percentage is taken by power attacks. PRESENT is a promising lightweight block cipher to be included in IoT devices in the near future. Thus, the emphasis of this paper is on lightweight cryptology, and our investigation shows unavailability of a correlation electromagnetic analysis (CEMA) of it. Hence, in an effort to fill in this research gap, we opted to investigate the capabilities of CEMA against the PRESENT algorithm. This work aims to determine the probability of secret key leakage with a minimum number of electromagnetic (EM) waveforms possible. The process initially started from a simple EM analysis (SEMA) and gradually enhanced up to a CEMA. This paper presents our methodology in attack modelling, current results that indicate a probability of leaking seven bytes of the key and upcoming plans for optimisation. In addition, introductions to lightweight cryptanalysis and theories of EMA are also included.

In this paper, two lightweight cryptography methods were introduced and developed on hardware. The PRESENT lightweight block cipher, and the DM-PRESENT lightweight hash function were implemented on Intel FPGA. The PRESENT core with 64-bit block data and 80-bit data key consumes 2,945 logic element, 1,824 registers, and 273,408 memory bits. Meanwhile, the DM-PRESENT core with 64-bit input and 80-bit key consumes 2,336 logic element, 1,380 registers, and 273,408 memory bits. The PRESENT core with 128-bit key and DM-PRESENT based on this core were also implemented. These cores were simulated for functional verification and embedded in NIOS II for implementation possibility on hardware. They consumed less logic resources and power consumption compared with conventional cryptography methods.

This paper explores high throughput architectures for the substitution modules, which are an integral component of encryption algorithms. The security algorithms chosen belong to the category of lightweight crypto-primitives suitable for pervasive computing. The focus of this work is on the implementation of encryption algorithms on hardware platforms to improve speed and facilitate optimization in the area and power consumption of the design. In this work, the architecture for the encryption algorithms' substitution box (S-box) is modified using switching circuits (i.e., MUX-based) along with a logic generator and included in the overall cipher design. The modified architectures exhibit high throughput and consume less energy in comparison to the state-of-the-art designs. The percentage increase in throughput or maximum frequency differs according to the chosen algorithms discussed elaborately in this paper. The evaluation of various metrics specific to the design are executed at RFID-specific frequency so that they can be deployed in an IoT environment. The designs are mainly simulated and compared on Nexys4 DDR FPGA platform, along with a few other FPGAs, to meet similar design and implementation environments for a fair comparison. The application of the proposed S-box modification is explored for the healthcare scenario with promising results.

With the development of the Internet of Things (IoT), the demand for lightweight cipher came into being. At the same time, the security of lightweight cipher has attracted more and more attention. FESH algorithm is a lightweight cipher proposed in 2019. Relevant studies have proved that it has strong ability to resist differential attack and linear attack, but its research on resisting side-channel attack is still blank. In this paper, we first introduce a correlation power analysis for FESH algorithm and prove its effectiveness by experiments. Then we propose a mask scheme for FESH algorithm, and prove the security of the mask. According to the experimental results, protected FESH only costs 8.6%, 72.3%, 16.7% of extra time, code and RAM.

Recent years have witnessed impressive advances in technology which led to the rapid growth of the Internet of Things (IoT) and Wireless Sensor Networks (WSNs) using numerous low-powered devices with a huge number of actuators and sensors. These devices gather and exchange data over the internet and generate enormous amounts of data needed to be secured. Although traditional cryptography provides an efficient means of addressing device and communication confidentiality, integrity, and authenticity issues, it may not be appropriate for very resource-constrained systems, particularly for end-nodes such as a simply connected sensor. Thus, there is an ascent need to use lightweight cryptography (LWC) providing the needed level of security with less complexity, area and energy overhead. In this paper, four lightweight cryptographic algorithms called PRESENT, LED, Piccolo, and SPARX were implemented over a Contiki-based IoT operating system, dedicated for IoT platforms, and assessed regarding RAM and ROM usage, power and energy consumption, and CPU cycles number. The Cooja network simulator is used in this study to determine the best lightweight algorithms to use in IoT applications utilizing wireless sensor networks technology.

Scan-based test methodology is one of the most popular test techniques in VLSI circuits. This methodology increases the testability which in turn improves the fault coverage. For this purpose, the technique uses a chain of scan cells. This becomes a source of attack for an attacker who can observe / control the internal states and use the information for malicious purposes. Hence, security becomes the main concern in the Integrated Circuit (IC) domain since scan chains are the main reason for leakage of confidential information during testing phase. These leakages will help attackers in reverse engineering. Measures against such attacks have to be taken by encrypting the data which flows through the scan chains. Lightweight ciphers can be used for scan chain encryption. In this work, encryption of scan data is done for ISCAS-89 benchmarks and the performance and security properties are evaluated. Lightweight stream and block ciphers are used to perform scan encryption. A comparative analysis between the two techniques is performed in par with the functions related to design cost and security properties.

In recent years, the use of the Internet of Things (IoT) has increased rapidly in different areas. Due to many IoT applications, many limitations have emerged such as power consumption and limited resources. The security of connected devices is becoming more and more a primary need for the reliability of systems. Among other things, power consumption remains an essential constraint with a major impact on the quality of the encryption system. For these, several lightweight cryptography algorithms were proposed and developed. The PRESENT algorithm is one of the lightweight block cipher algorithms that has been proposed for a highly restrictive application. In this paper, we have proposed an efficient hardware serial architecture that uses 16 bits for data path encryption. It uses fewer FPGA resources and achieves higher throughput compared to other existing hardware applications.

We use mobile apps on a daily basis and there is an app for everything. We trust these applications with our most personal data. It is therefore important that these apps are as secure and well usable as possible. So far most studies on the maintenance and security of mobile applications have been done on Android applications. We do, however, not know how well these results translate to iOS.This research project aims to close this gap by analysing iOS applications with regards to maintainability and security. Regarding maintainability, we analyse code smells in iOS applications, the evolution of code smells in iOS applications and compare code smell distributions in iOS and Android applications. Regarding security, we analyse the evolution of the third-party library dependency network for the iOS ecosystem. Additionally, we analyse how publicly reported vulnerabilities spread in the library dependency network.Regarding maintainability, we found that the distributions of code smells in iOS and Android applications differ. Code smells in iOS applications tend to correspond to smaller classes, such as Lazy Class. Regarding security, we found that the library dependency network of the iOS ecosystem is not growing as fast as in some other ecosystems. There are less dependencies on average than for example in the npm ecosystem and, therefore, vulnerabilities do not spread as far.

Driven by the progress of data and compute-intensive methods in various scientific domains, there is an in-creasing demand from researchers working with highly sensitive data to have access to the necessary computational resources to be able to adapt those methods in their respective fields. To satisfy the computing needs of those researchers cost-effectively, it is an open quest to integrate reliable security measures on existing High Performance Computing (HPC) clusters. The fundamental problem with securely working with sensitive data is, that HPC systems are shared systems that are typically trimmed for the highest performance - not for high security. For instance, there are commonly no additional virtualization techniques employed, thus, users typically have access to the host operating system. Since new vulnerabilities are being continuously discovered, solely relying on the traditional Unix permissions is not secure enough. In this paper, we discuss a generic and secure workflow that can be implemented on typical HPC systems allowing users to transfer, store and analyze sensitive data. In our experiments, we see an advantage in the asynchronous execution of IO requests, while reaching 80 % of the ideal performance.

We have proposed a new Smart Meter Application (SMA) Framework. This application registers consumers at utility provider (Electricity), takes the meter reading for electricity and makes billing. The proposed application might offer higher level of flexibility and security, time saving and trustworthiness between consumers and authority offices. It’s expected that the application will be developed by Flutter to support Android and iOS Mobile Operating Systems.