Multiple Fault Diagnosis - Multiple fault diagnosis is a challenging problem, especially for complex high-risk systems such as nuclear power plants. Multilevel Flow Models (MFM) is a powerful tool for identifying functional failures of complex process systems composing of mass, energy and information flows. The method of fault diagnosis based on MFM is generally based on the assumption that only a single fault occurs, and based on this, the Depth First Search (DFS) is adopted to identify the abnormal functions at the lower level of an MFM. This paper presents a method based on Multilevel Flow Models (MFM) for diagnosing multiple functionally related and coupled faults. An MFM model is firstly transformed into a reasoning Causal Dependency Graph (CDG) model according to a group of alarm events. The CDG model is further decoupled to generate causal trees by a DFS algorithm, each of which represents an overall explanation of a cause of alarm events. The paper presents a comparative analysis of cases. It proves that the method proposed in the paper can give more comprehensive diagnostic results than the existing method.
Authored by Gengwu Wu, Jipu Wang, Haixia Gu, Gaojun Liu, Jixue Li, Hongyun Xie, Ming Yang
Multiple Fault Diagnosis - In this article, fault detection (FD) method for multiple device open-circuit faults (OCFs) in modified neutral-point- clamped (NPC) inverters has been introduced using Average Current Park Vector (ACPV) algorithm. The proposed FD design circuit is loadindependent and requires only the converter 3- phase output current. The validity of the results has been demonstrated for OCF diagnostics using a 3-level inverter with one faulty switch. This article examines ACPV techniques for diagnosing multiple fault switches on the single-phase leg of 3-step NPC inverter. This article discusses fault tolerance for a single battery or inverter switch during a standard, active level 3 NPC inverter with connected neutral points. The primary goal here is to detect and locate open circuits in inverter switches. As a result, simulations and experiments are used to investigate and validate a FD algorithm based on a current estimator and two fault localization algorithms based on online adaptation of the space vector modulation (S VM) and the pulse pattern injection principle. This technique was efficiently investigated and provides three-stage modified NPC signature table that accounts for all possible instances of fault. The Matlab / S imulink software is used to validate the introduced signature table for the convergence of permanent magnet motors.
Authored by P Selvakumar, G Muthukumaran
Research on Fault Diagnosis Technology of UAV Flight Control System Based on Hybrid Diagnosis Engine
Multiple Fault Diagnosis - In order to solve the problem of real-time fault diagnosis of UAV flight control system, a fault diagnosis method based on hybrid diagnosis engine is proposed. Aiming at the multiple fault modes and cross-linking relationships of each node in the flight control system, the system reference model is established by qualitative and quantitative methods, and then a corresponding domain model is established according to the flight control system of a specific model. Finally, the fault diagnosis reasoning engine based on the model and the hybrid diagnosis engine realizes the diagnosis of the current fault of the system. The results show that this method can determine the time and location of the fault in real time and accurately, which provides an effective guarantee for improving the efficiency of UAV fault diagnosis and improving the flight safety of UAV.
Authored by Mingjie Chen, Jin Yan, Tieying Li, Chengzhi Chi
Multiple Fault Diagnosis - Bearings are key transmission parts that are extensively used in rolling mechanical and equipment. Bearing failures can affect the regular running of machines, in serious cases, can cause enormous losses in economy and personnel casualties. Therefore, it is important to implement the research of diagnosing bearing faults. In this paper, a bearing faults diagnosis method was developed based on multiple image inputs and deep convolutional neural network. Firstly, the 1Dvibration signal is transformed into three different types of two-dimensional images: time-frequency image, vibration grayscale image and symmetry dot pattern image, respectively. Enter them into multiple DCNNs separately. Finally, Finally, the nonlinear features of multiple DCNN outputs are fused and classified to achieve bearing fault diagnostics. The experimental results indicate that the diagnosis accuracy of this proposed method is 98.8\%, it can extract the fault features of vibration samples well, and it is an effective bearing fault diagnosis methodology.
Authored by Wei Cui, Guoying Meng, Tingxi Gou, Xingwei Wan
Multiple Fault Diagnosis - Diagnosis of faults in logic circuit is essential to improve the yield of semiconductor circuit production. However, accurate diagnosis of adjacent multiple faults is difficult. In this paper, an idea for diagnosis of logic circuit faults using deep learning is proposed. In the proposed diagnosis idea, two adjacent faults can be accurately diagnosed using three deep learning modules. Once the modules are trained with data processed from fault simulation, the number of faults and the location of the faults are predicted by the modules from test responses of logic circuit. Experimental results of the proposed fault diagnosis idea show more than 96.4\% diagnostic accuracy.
Authored by Tae Kim, Hyeonchan Lim, Minho Cheong, Hyojoon Yun, Sungho Kang
Moving Target Defense - Synthetic aperture radar (SAR) is an effective remote sensor for target detection and recognition. Deep learning has a great potential for implementing automatic target recognition based on SAR images. In general, Sufficient labeled data are required to train a deep neural network to avoid overfitting. However, the availability of measured SAR images is usually limited due to high cost and security in practice. In this paper, we will investigate the relationship between the recognition performance and training dataset size. The experiments are performed on three classifiers using MSTAR (Moving and Stationary Target Acquisition and Recognition) dataset. The results show us the minimum size of the training set for a particular classification accuracy.
Authored by Weidong Kuang, Wenjie Dong, Liang Dong
Moving Target Defense - As cyberattacks continuously threaten conventional defense techniques, Moving Target Defense (MTD) has emerged as a promising countermeasure to defend a system against them by dynamically changing attack surfaces of the system. MTD provides the system a state-of-art security mechanism that increases the attack cost or complexity of the system aiming for reducing vulnerabilities exposed to potential attackers. However, the notion of the proactive and dynamic systems adopting MTD services causes a substantial trade-off between system performance and security effectiveness, compared to conventional defense strategies. The MTD tactics accordingly result in performance degradation (e.g., interruptions of service availability) as one of the drawbacks caused by continuous mutations of the system configuration. Therefore, it is crucial to validate not only the security benefits against system threats but also quality-of-service (QoS) for clients when an MTDenabled system proactively continues to mutate attack surfaces. This paper contributes to (i) developing new security metrics; (ii) measuring both the performance degradation and security effectiveness against potential real attacks (i.e., scanning, HTTP flood, dictionary, and SQL injection attack); and (iii) comparing the proposed job management strategies (i.e., drop and switchover) from a performance and security perspective in a physical SDN testbed.
Authored by Minjune Kim, Jin-Hee Cho, Hyuk Lim, Terrence Moore, Frederica Nelson, Dan Kim
Moving Target Defense - Low (low altitude), slow (slow maneuvering) and small (small size)" targets such as drones pose a serious threat to airport flight safety and urban security, and there is an urgent need for effective detection. These targets have weak echoes and inconspicuous features, covered by strong clutter. Conventional radar data update rates are low with limited integration pulses, making detection extremely difficult. In this paper, the digital ubiquitous radar is used for long-time observation in order to improve the detection performance, and the high-order motion characteristics of low-altitude drone target are analyzed. The long-time integration method is proposed via Keystone transform (KT) and the enhanced fractional Fourier transform (EFRFT) to compensate the range and Doppler migrations simultaneously. Both simulation and real experiment using Lband digital ubiquitous radar are carried out to verify the performance of the proposed method. It is shown that the integration ability is better and the peak spectrum are more obvious compared with the traditional FFT-based moving target detection (MTD) and popular FRFT method.
Authored by Ziwen He, Xiaolong Chen, Hai Zhang, Lin Zhang, Caisheng Zhang
Moving Target Defense - False Data Injection Attack(FDIA) is a typical network attack, which can bypass the Bad Data Detection(BDD) and affect State Estimation(SE), the estimation results is vital for power system, thus posing a great threat to the security of power system. In this paper, a new defense scheme is proposed, which is based on flexible switching of spare lines. By switching on the spare lines of some working transmission lines flexibly, the transmission line parameters in the power system topology can be changed, so as to reduce the possibility of FDIA. The impact of switching spare lines on power system operation and FDIA by ergodic method is analyzed. An optimization algorithm is designed to find the least system generator cost for power grid operator and the least attack space for attackers, this algorithm is tested in the IEEE 5-bus system and IEEE 30-bus system, and the results show that the scheme has a good performance in resisting FDIA.
Authored by Quanpeng He, Qi Wang, Zhong Wu
Moving Target Defense - In the modern era, much of worldwide critical operations from a variety of different sectors are managed by industrial control systems (ICS). A typical ICS includes an extensive range of computerized devices, control systems, and networking appliances used to manage efficiently an industrial process across large geographical areas. ICS underpin sensitive and critical national infrastructures such as water treatment and energy production and transportation. The consequences of a successful attack against them can lead to shutting the infrastructure down which has major impacts such as production stoppages or safety implications for people, the environment, and assets. At the same time, running a process while the infrastructure is under attack or compromised also has safety implications, potentially catastrophic. This work-in-progress focuses on an adaptive approach, able to alter the defensive posture while providing assurances about operational capacity (or downgrading it) and safety. Our approach involves transforming policies from simply a means to enforce security requirements defined a priori, to adaptive objects that are capable to evolve in response to unfolding attacks. We use a case study of reconnaissance attacks and moving target defense as a means to realize such adaptive security policies.
Authored by Emmanouil Samanis, Joseph Gardiner, Awais Rashid
Moving Target Defense - In recent years, many companies and organizations have introduced internal networks. While such internal networks propose availability and convenience, there have been many cases in which malicious outsiders have intruded on these local networks, and leaked customer information through cyber attacks. In addition, there have recently been reports of a type of attack called ”Advanced Persistent Threats (APT)”. Unlike conventional cyber attacks, these attacks target specific objectives. And they use sophisticated techniques to penetrate the target’s system. Once malware successes to intrude into the system, malware does not immediately attack the target but hides for a long time to investigate the system and gather information. Moving Target Defense, MTD is a technology that dynamically changes the configurations of systems targeted by cyber attacks. In this study, we implemented a model using a proxy-based network-level MTD to detect and quarantine malware in internal networks. And we can confirm that the proposed method is effective in the detection and quarantine of malware.
Authored by Kouki Inoue, Hiroshi Koide
Moving Target Defense - The use of traditional defense mechanisms or intrusion detection systems presents a disadvantage for defenders against attackers since these mechanisms are essentially reactive. Moving target defense (MTD) has emerged as a proactive defense mechanism to reduce this disadvantage by randomly and continuously changing the attack surface of a system to confuse attackers. Although significant progress has been made recently in analyzing the security effectiveness of MTD mechanisms, critical gaps still exist, especially in maximizing security levels and estimating network reconfiguration speed for given attack power. In this paper, we propose a set of Petri Net models and use them to perform a comprehensive evaluation regarding key security metrics of Software-Defined Network (SDNs) based systems adopting a time-based MTD mechanism. We evaluate two use-case scenarios considering two different types of attacks to demonstrate the feasibility and applicability of our models. Our analyses showed that a time-based MTD mechanism could reduce the attackers’ speed by at least 78\% compared to a system without MTD. Also, in the best-case scenario, it can reduce the attack success probability by about ten times.
Authored by Julio Mendonca, Minjune Kim, Rafal Graczyk, Marcus Völp, Dan Kim
Moving Target Defense - Moving target detection algorithm plays a vital role in computer vision research. Moving object detection mainly processes video images to identify moving objects differently from the background. Moving target detection algorithm has an excellent application role, such as: used for security and forbidden area security. This paper presents an effective method for detecting moving targets. The authors combine the corner detection method with LK optical flow method. Afterimage preprocessing, image corner detection, finally, we use LK optical flow method to detect the movement of the moving object, and we can judge the movement direction of the moving object only by two frames of pictures. This method can judge the direction of moving objects only by two pictures frames and has an excellent performance in speed detection. In particular, in detecting small moving targets, the results of this method are noticeable.
Authored by Yunfei Dong
Multifactor Authentication - Internet connected Children s toys are a type of IoT devices that the security community should pay particular attention. A cyber-predator may interact with or gather confidential data about children without being physically present if IoT toys are hacked. Authentication to verify user identity is essential for all internetconnected applications, where relying on single authentication is not considered safe, especially in children s applications. Children often use easy-to-guess passwords in smart applications associated with the Internet of Things (IoT) for children s toys. In this paper, we propose to activate multi-factor authentication on the IoTs for children s toys connected to the internet using companion applications. When changing the user s behaviour (by IP address, GPS, OS version, and browser), the child s identity must be verified by two-factor authentication to prevent unauthorized access to preserve the child s safety and privacy. This paper introduces multi-authentication mechanisms: a password and another authentication type, either mobile phone SMS, security token, digital certificate, or biometric authentication.
Authored by Manal Alanazi, Majed Aborokbah
Multifactor Authentication - The article describes the development and integrated implementation of software modules of photo and video identification system, the system of user voice recognition by 12 parameters, neural network weights, Euclidean distance comparison of real numbers of arrays. The user s biometric data is encrypted and stored in the target folder. Based on the generated data set was developed and proposed a method for synthesizing the parameters of the mathematical model of convolutional neural network represented in the form of an array of real numbers, which are unique identifiers of the user of a personal computer. The training of the training model of multifactor authentication is implemented using categorical cross-entropy. The training sample is generated by adding distorted images by changing the receptive fields of the convolutional neural network. The authors have studied and applied features of simulation modeling of user authorization systems. The main goal of the study is to provide the necessary level of security of user accounts of personal devices. The task of this study is the software implementation of the synthesis of the mathematical model and the training neural network, necessary to provide the maximum level of protection of the user operating system of the device. The result of the research is the developed mathematical model of the software complex of multifactor authentication using biometric technologies, available for users of personal computers and automated workplaces of enterprises.
Authored by Albina Ismagilova, Nikita Lushnikov
Multifactor Authentication - Cyber-physical Systems can be defined as a complex networked control system, which normally develop by combining several physical components with the cyber space. Cyber Physical System are already a part of our daily life. As its already being a part of everyone life, CPS also have great potential security threats and can be vulnerable to various cyber-attacks without showing any sign directly to component failure. To protect user security and privacy is a fundamental concern of any kind of system; either it’s a simple web application or supplicated professional system. Digital Multifactor authentication is one of the best ways to make secure authentication. It covers many different areas of a Cyberconnected world, including online payments, communications, access right management, etc. Most of the time, Multifactor authentication is little complex as it requires extra step from users. This paper will discuss the evolution from single authentication to Multi-Factor Authentication (MFA) starting from Single-Factor Authentication (SFA) and through Two-Factor Authentication (2FA). This paper seeks to analyze and evaluate the most prominent authentication techniques based on accuracy, cost, and feasibility of implementation. We also suggest several authentication schemes which incorporate with Multifactor authentication for CPS.
Authored by Mangal Sain, Oloviddin Normurodov, Chen Hong, Kueh Hui
Multifactor Authentication - Authentication is one of the primary problems with system security. The key component of the access control process to prevent unauthorised users from accessing data and resources is authentication, which may be described as the act of verifying a user s identity. The validity of the user cannot be guaranteed by a static technique of authentication. This led to the development of more cutting-edge authentication techniques. To increase the system s security, two factor authentication was initially deployed, followed by multi factor authentication. Later, adaptive authentication was added and it also had some problems. When authenticating a user in this study, an unique collection of user features was taken into account. A performance optimization technique was included since this research takes many user factors into account, and it improved performance by 25\%.
Authored by Shaik Akram, S.K. Joshi, Rajesh Deorari
Multifactor Authentication - Authentication is a mandatory factor in network security since decades. Conventional authentication schemes failed to improve system’s security, performance and scalability thus, two-factor, three factor and multifactor authentication schemes are developed. As technology grows, from single server authentication to multiserver authentication schemes and protocols are emerged. Single to multifactor authentication can be used as per the aspect and field of study. Different aspects may use different cryptographic schemes, key agreement to improve security, performance and scalability.
Authored by Parvathy Pg, Dhanya K
Multifactor Authentication - Cloud computing is a breakthrough advancement that provides ubiquitous services over the internet in an easy way to distribute information offering various advantages to both society and individuals. Recently, cloud technology has eased everyone’s life more favorable. However, privacy-preservation is an important issue to be tackled effectively in cloud environment while retrieving data services. Numerous techniques have been developed so far to verify user identity by exploiting authentication factor, whereas such techniques are inefficient and they are easily susceptible to unknown users and attacks. In order to address such problems, a multifactor authentication scheme is proposed using Hashing, Chebyshev polynomial, Key and OneTime Token (HCK-OTT) based multifactor authentication scheme for privacy-preserved data security in cloud. The entities involved in this proposed approach for effective authentication are user, cloud server, and data owner. The model is developed by considering various functionalities, such as encryption, Elliptic Curve Cryptography (ECC), XOR, and hashing function. The proposed HCK-OTT-based multifactor authentication scheme has achieved a minimum value of 22.654s for computational time, 70.5MB for memory usage, and 21.543s for communication cost with 64 bit key length.
Authored by Abhishek Joshi, Shaik Akram
Multifactor Authentication - Dhillon and Kalra proposed a multi-factor user authentication scheme for IoT. The authors claim their scheme to have practical utility for the IoT environment. However, we find that their scheme has numerous flaws such as insider attack and inefficient authentication. An adversary can work as a middle-man between the sensor node and the user, and the user can set-up a session key with the sensor node. Besides, the scheme does not establish the mutual authentication between every pair of entities. Thus, the scheme is inconvenient for practical use. We conclude this article by providing some suggestions for the improvement of the analysed scheme to remove the weaknesses identified in it.
Authored by Pooja Tyagi, Saru Kumari
Multifactor Authentication - With the growth of the number in smart devices based on IoT, keeping a secure data processing among them has become even more significant in cloud computing. However, a high security is needed to protect the huge amount of data privacy. In this regard, many authentication approaches are presented in IoT-Cloud-based Architecture. However, computation, latency, and security strength are major issues to provide authentication for users. We propose the Multifactor Scalable Lightweight Cryptography for IoTCloud to enhance security to protect the user or organization s information. The non-sensitive and sensitive data are generated from IoT devices and stored in our proposed hybrid public and private cloud after the encryptions. Hence, encryptions for public cloud and private cloud data are done by Digital Signature Algorithm and Policy based Attribute encryption algorithm with Moth fly optimization. This optimization is chosen as the key parameter efficiently. The three multifactors are then used to perform the three levels of authentication by Trust based Authentication Scheme. Following this, the proposed multifactor authentication is simulated and compared with existing approaches to analyze the performance in terms of computational and execution time and security strength. As a result, the proposed method is shown 97\% of security strength and minimum computation and execution time than other conventional approaches.
Authored by Geo E, S Sheeja
Multifactor Authentication - Internet of Things (IoT) has become an information bridge between societies. Wireless sensor networks (WSNs) are one of the emergent technologies that work as the main force in IoT. Applications based on WSN include environment monitoring, smart healthcare, user legitimacy authentication, and data security. Recently, many multifactor user authentication schemes for WSNs have been proposed using smart cards, passwords, as well as biometric features. Unfortunately, these schemes are shown to be susceptible towards several attacks and these includes password guessing attack, impersonation attack, and Man-in-the-middle (MITM) attack due to non-uniform security evaluation criteria. In this paper, we propose a lightweight multifactor authentication scheme using only hash function of the timestamp (TS) and One Time Password (OTP). Furthermore, public key and private key is incorporated to secure the communication channel. The security analysis shows that the proposed scheme satisfies all the security requirement and insusceptible towards some wellknown attack (password guessing attack, impersonation attack and MITM).
Authored by Izzatul Sarbini, Adnan Khan, Nurul Mohamad, Norfadzlan Yusup
Multifactor Authentication - Today, with the rapid development of the information society and the increasingly complex computer network environment, multi-factor authentication, as one of the security protection technologies, plays an important role in both IT science and business. How to safely complete multi-factor authentication without affecting user experience has attracted extensive attention from researchers in the field of business security protection and network security. The purpose of this paper is to apply multi-factor authentication technology to enterprise security protection systems, develop and design a security protection technology based on multi-factor authentication dynamic authorization, and provide enterprises with unified identity management and authority management methods. The cornerstone of trust and security to ensure uninterrupted and stable operation of users. The original master key k is subjected to secondary multi-factor processing, which enhances the user s authentication ability and effectively avoids the risk of easy password theft and disguised identity. In order to meet the given VoIP security requirements, a SIP multi-factor authentication protocol is proposed for the VoIP environment by using the multi-factor authentication technology to solve the security problem. The performance test results show that due to the influence of data encryption and decryption, the response time of the encrypted database is 100s longer than that of the unencrypted one, but the growth rate is 10\% smaller than that of the unencrypted one. Therefore, the performance of this scheme is better when the amount of data is larger.
Authored by Yue Guo, Yuan Liang, Yan Zhuang, Rongtao Liao, Liang Dong, Fen Liu, Jie Xu, Xian Luo, Xiang Li, Wangsong Ke, Guoru Deng
Multicore Computing Security - Flush-based cache attacks like Flush+Reload and Flush+Flush are highly precise and effective. Most of the flushbased attacks provide high accuracy in controlled and isolated environments where attacker and victim share OS pages. However, we observe that these attacks are prone to low accuracy on a noisy multi-core system with co-running applications. Two root causes for the varying accuracy of flush-based attacks are: (i) the dynamic nature of core frequencies that fluctuate depending on the system load, and (ii) the relative placement of victim and attacker threads in the processor, like same or different physical cores. These dynamic factors critically affect the execution latency of key instructions like clflush and mov, rendering the pre-attack calibration step ineffective.
Authored by Anish Saxena, Biswabandan Panda
Multicore Computing Security - Dynamic Voltage and Frequency Scaling (DVFS) is a widely deployed low-power technology in modern systems. In this paper, we discover a vulnerability in the implementation of the DVFS technology that allows us to measure the processor’s frequency in the userspace. By exploiting this vulnerability, we successfully implement a covert channel on the commercial Intel platform and demonstrate that the covert channel can reach a throughput of 28.41bps with an error rate of 0.53\%. This work indicates that the processor’s hardware information that is unintentionally leaked to the userspace by the privileged kernel modules may cause security risks.
Authored by Pengfei Qiu, Dongsheng Wang, Yongqiang Lyu, Gang Qu