The outages and power shortages are common occurrences in today's world and they have a significant economic impact. These failures can be minimized by making the power grid topologically robust. Therefore, the vulnerability assessment in power systems has become a major concern. This paper considers both pure and extended topological method to analyse the vulnerability of the power system to single line failures. The lines are ranked based on four spectral graph metrics: spectral radius, algebraic connectivity, natural connectivity, and effective graph resistance. A correlation is established between all the four metrics. The impact of load uncertainty on the component ranking has been investigated. The vulnerability assessment has been done on IEEE 9-bus system. It is observed that load variation has minor impact on the ranking.

Software vulnerabilities threaten the security of computer system, and recently more and more loopholes have been discovered and disclosed. For the detected vulnerabilities, the relevant personnel will analyze the vulnerability characteristics, and combine the vulnerability scoring system to determine their severity level, so as to determine which vulnerabilities need to be dealt with first. In recent years, some characteristic description-based methods have been used to predict the severity level of vulnerability. However, the traditional text processing methods only grasp the superficial meaning of the text and ignore the important contextual information in the text. Therefore, this paper proposes an innovative method, called BERT-CNN, which combines the specific task layer of Bert with CNN to capture important contextual information in the text. First, we use Bert to process the vulnerability description and other information, including Access Gained, Attack Origin and Authentication Required, to generate the feature vectors. Then these feature vectors of vulnerabilities and their severity levels are input into a CNN network, and the parameters of the CNN are gotten. Next, the fine-tuned Bert and the trained CNN are used to predict the severity level of a vulnerability. The results show that our method outperforms the state-of-the-art method with 91.31% on F1-score.

SQL Injection has been around as a harmful and prolific threat on web applications for more than 20 years, yet it still poses a huge threat to the World Wide Web. Rapidly evolving web technology has not eradicated this threat; In 2017 51 % of web application attacks are SQL injection attacks. Most conventional practices to prevent SQL injection attacks revolves around secure web and database programming and administration techniques. Despite developer ignorance, a large number of online applications remain susceptible to SQL injection attacks. There is a need for a more effective method to detect and prevent SQL Injection attacks. In this research, we offer a unique machine learning-based strategy for identifying potential SQL injection attack (SQL injection attack) threats. Application of the proposed method in a Security Information and Event Management(SIEM) system will be discussed. SIEM can aggregate and normalize event information from multiple sources, and detect malicious events from analysis of these information. The result of this work shows that a machine learning based SQL injection attack detector which uses SIEM approach possess high accuracy in detecting malicious SQL queries.

Cyberattacks are one of the most pressing issues of our time. The impact of cyberthreats can damage various sectors such as business, health care, and governments, so one of the best solutions to deal with these cyberattacks and reduce cybersecurity threats is using Deep Learning. In this paper, we have created an in-depth study model to detect SQL Injection Attacks and Cross-Site Script attacks. We focused on XSS on the Stored-XSS attack type because SQL and Stored-XSS have similar site management methods. The advantage of combining deep learning with cybersecurity in our system is to detect and prevent short-term attacks without human interaction, so our system can reduce and prevent web attacks. This post-training model achieved a more accurate result more than 99% after maintaining the learning level, and 99% of our test data is determined by this model if this input is normal or dangerous.

Due to the simplicity of implementation and high threat level, SQL injection attacks are one of the oldest, most prevalent, and most destructive types of security attacks on Web-based information systems. With the continuous development and maturity of artificial intelligence technology, it has been a general trend to use AI technology to detect SQL injection. The selection of the sample set is the deciding factor of whether AI algorithms can achieve good results, but dataset with tagged specific category labels are difficult to obtain. This paper focuses on data augmentation to learn similar feature representations from the original data to improve the accuracy of classification models. In this paper, deep convolutional generative adversarial networks combined with genetic algorithms are applied to the field of Web vulnerability attacks, aiming to solve the problem of insufficient number of SQL injection samples. This method is also expected to be applied to sample generation for other types of vulnerability attacks.

Injection attack is one of the best 10 security dangers declared by OWASP. SQL infusion is one of the main types of attack. In light of their assorted and quick nature, SQL injection can detrimentally affect the line, prompting broken and public data on the site. Therefore, this article presents a profound woodland-based technique for recognizing complex SQL attacks. Research shows that the methodology we use resolves the issue of expanding and debasing the first condition of the woodland. We are currently presenting the AdaBoost profound timberland-based calculation, which utilizes a blunder level to refresh the heaviness of everything in the classification. At the end of the day, various loads are given during the studio as per the effect of the outcomes on various things. Our model can change the size of the tree quickly and take care of numerous issues to stay away from issues. The aftereffects of the review show that the proposed technique performs better compared to the old machine preparing strategy and progressed preparing technique.

Security is undoubtedly the most serious problem for Web applications, and SQL injection (SQLi) attacks are one of the most damaging. The detection of SQL blind injection vulnerability is very important, but unfortunately, it is not fast enough. This is because time-based SQL blind injection lacks web page feedback, so the delay function can only be set artificially to judge whether the injection is successful by observing the response time of the page. However, brute force cracking and binary search methods used in injection require more web requests, resulting in a long time to obtain database information in SQL blind injection. In this paper, a gated recurrent neural network-based SQL blind injection technology is proposed to generate the predictive characters in SQL blind injection. By using the neural language model based on deep learning and character sequence prediction, the method proposed in this paper can learn the regularity of common database information, so that it can predict the next possible character according to the currently obtained database information, and sort it according to probability. In this paper, the training model is evaluated, and experiments are carried out on the shooting range to compare the method used in this paper with sqlmap (the most advanced sqli test automation tool at present). The experimental results show that the method used in this paper is more effective and significant than sqlmap in time-based SQL blind injection. It can obtain the database information of the target site through fewer requests, and run faster.

The increasing use of Information Technology applications in the distributed environment is increasing security exploits. Information about vulnerabilities is also available on the open web in an unstructured format that developers can take advantage of to fix vulnerabilities in their IT applications. SQL injection (SQLi) attacks are frequently launched with the objective of exfiltration of data typically through targeting the back-end server organisations to compromise their customer databases. There have been a number of high profile attacks against large enterprises in recent years. With the ever-increasing growth of online trading, it is possible to see how SQLi attacks can continue to be one of the leading routes for cyber-attacks in the future, as indicated by findings reported in OWASP. Various machine learning and deep learning algorithms have been applied to detect and prevent these attacks. However, such preventive attempts have not limited the incidence of cyber-attacks and the resulting compromised database as reported by (CVE) repository. In this paper, the potential of using data mining approaches is pursued in order to enhance the efficacy of SQL injection safeguarding measures by reducing the false-positive rates in SQLi detection. The proposed approach uses CountVectorizer to extract features and then apply various supervised machine-learning models to automate the classification of SQLi. The model that returns the highest accuracy has been chosen among available models. Also a new model has been created PALOSDM (Performance analysis and Iterative optimisation of the SQLI Detection Model) for reducing false-positive rate and false-negative rate. The detection rate accuracy has also been improved significantly from a baseline of 94% up to 99%.

For a long time, SQL injection has been considered one of the most serious security threats. NoSQL databases are becoming increasingly popular as big data and cloud computing technologies progress. NoSQL injection attacks are designed to take advantage of applications that employ NoSQL databases. NoSQL injections can be particularly harmful because they allow unrestricted code execution. In this paper we use supervised learning and natural language processing to construct a model to detect NoSQL injections. Our model is designed to work with MongoDB, CouchDB, CassandraDB, and Couchbase queries. Our model has achieved an F1 score of 0.95 as established by 10-fold cross validation.

To restrict unauthorized access to the data of the website. Most of the web-based systems nowadays require users to verify themselves before accessing the website is authentic information. In terms of security, it is very important to take different security measures for the protection of the authentic data of the website. However, most of the authentication systems which are used on the web today have several security flaws. This document is based on the security of the previous schemes. Compared to the previous approaches, this “spoofed proof stateless session model” method offers superior security assurance in a scenario in which an attacker has unauthorized access to the data of the website. The various protocol models are being developed and implemented on the web to analyze the performance. The aim was to secure the authentic database backups of the website and prevent them from SQL injection attacks by using the read-only properties for the database. This limits potential harm and provides users with reasonable security safeguards when an attacker has an unauthorized read-only access to the website's authentic database. This scheme provides robustness to the disclosure of authentic databases. Proven experimental results show the overheads due to the modified authentication method and the insecure model.

The advancements in technology can be seen in recent years, and people have been adopting the emerging technologies. Though people rely upon these advancements, many loopholes can be seen if you take a particular field, and attackers are thirsty to steal personal data. There has been an increasing number of cyber threats and breaches happening worldwide, primarily for fun or for ransoms. Web servers and sites of the users are being compromised, and they are unaware of the vulnerabilities. Vulnerabilities include OWASP's top vulnerabilities like SQL injection, Cross-site scripting, and so on. To overcome the vulnerabilities and protect the site from getting down, the proposed work includes the implementation of a Web Application Firewall focused on the Application layer of the OSI Model; the product protects the target web applications from the Common OWASP security vulnerabilities. The Application starts analyzing the incoming and outgoing requests generated from the traffic through the pre-built Application Programming Interface. It compares the request and parameter with the algorithm, which has a set of pre-built regex patterns. The outcome of the product is to detect and reject general OWASP security vulnerabilities, helping to secure the user's business and prevent unauthorized access to sensitive data, respectively.

The Activity and Event Network (AEN) graph is a new framework that allows modeling and detecting intrusions by capturing ongoing security-relevant activity and events occurring at a given organization using a large time-varying graph model. The graph is generated by processing various network security logs, such as network packets, system logs, and intrusion detection alerts. In this paper, we show how known attack methods can be captured generically using attack fingerprints based on the AEN graph. The fingerprints are constructed by identifying attack idiosyncrasies under the form of subgraphs that represent indicators of compromise (IOes), and then encoded using Property Graph Query Language (PGQL) queries. Among the many attack types, three main categories are implemented as a proof of concept in this paper: scanning, denial of service (DoS), and authentication breaches; each category contains its common variations. The experimental evaluation of the fingerprints was carried using a combination of intrusion detection datasets and yielded very encouraging results.

Ethical bias in machine learning models has become a matter of concern in the software engineering community. Most of the prior software engineering works concentrated on finding ethical bias in models rather than fixing it. After finding bias, the next step is mitigation. Prior researchers mainly tried to use supervised approaches to achieve fairness. However, in the real world, getting data with trustworthy ground truth is challenging and also ground truth can contain human bias. Semi-supervised learning is a technique where, incrementally, labeled data is used to generate pseudo-labels for the rest of data (and then all that data is used for model training). In this work, we apply four popular semi-supervised techniques as pseudo-labelers to create fair classification models. Our framework, Fair-SSL, takes a very small amount (10%) of labeled data as input and generates pseudo-labels for the unlabeled data. We then synthetically generate new data points to balance the training data based on class and protected attribute as proposed by Chakraborty et al. in FSE 2021. Finally, classification model is trained on the balanced pseudo-labeled data and validated on test data. After experimenting on ten datasets and three learners, we find that Fair-SSL achieves similar performance as three state-of-the-art bias mitigation algorithms. That said, the clear advantage of Fair-SSL is that it requires only 10% of the labeled training data. To the best of our knowledge, this is the first SE work where semi-supervised techniques are used to fight against ethical bias in SE ML models. To facilitate open science and replication, all our source code and datasets are publicly available at https://github.com/joymallyac/FairSSL. CCS CONCEPTS • Software and its engineering → Software creation and management; • Computing methodologies → Machine learning. ACM Reference Format: Joymallya Chakraborty, Suvodeep Majumder, and Huy Tu. 2022. Fair-SSL: Building fair ML Software with less data. In International Workshop on Equitable Data and Technology (FairWare ‘22), May 9, 2022, Pittsburgh, PA, USA. ACM, New York, NY, USA, 8 pages. https://doi.org/10.1145/3524491.3527305

Security in the communication systems rely mainly on a trusted Public Key Infrastructure (PKI) and Certificate Authorities (CAs). Besides the lack of automation, the complexity and the cost of assigning a signed certificate to a device, several allegations against CAs have been discovered, which has created trust issues in adopting this standard model for secure systems. The automation of the servers certificate assignment was achieved by the Automated Certificate Management Environment (ACME) method, but without confirming the trust of assigned certificate. This paper presents a complete tested and implemented solution to solve the trust of the Certificates provided to the servers by using the blockchain platform for certificate validation. The Blockchain network provides an immutable data store, holding the public keys of all domain names, while resolving the trust concerns by applying an automated Blockchain-based Domain Control Validation (B-DCV) for the server and client server verification. The evaluation was performed on the Ethereum Rinkeby testnet adopting the Proof of Authority (PoA) consensus algorithm which is an improved version of Proof of Stake (Po \$S\$) applied on Ethereum 2.0 providing superior performance compared to Ethereum 1.0.

The globalization of the integrated circuit (IC) manufacturing industry has lured the adversary to come up with numerous malicious activities in the IC supply chain. Logic locking has risen to prominence as a proactive defense strategy against such threats. CAS-Lock (proposed in CHES'20), is an advanced logic locking technique that harnesses the concept of single-point function in providing SAT-attack resiliency. It is claimed to be powerful and efficient enough in mitigating existing state-of-the-art attacks against logic locking techniques. Despite the security robustness of CAS-Lock as claimed by the authors, we expose a serious vulnerability and by exploiting the same we devise a novel attack algorithm against CAS-Lock. The proposed attack can not only reveal the correct key but also the exact AND/OR structure of the implemented CAS-Lock design along with all the key gates utilized in both the blocks of CAS-Lock. It simply relies on the externally observable Distinguishing Input Patterns (DIPs) pertaining to a carefully chosen key simulation of the locked design without the requirement of structural analysis of any kind of the locked netlist. Our attack is successful against various AND/OR cascaded-chain configurations of CAS-Lock and reports 100% success rate in recovering the correct key. It has an attack complexity of \$\textbackslashmathcalO(m)\$, where \$m\$ denotes the number of DIPs obtained for an incorrect key simulation.

Sample-then-lock construction is a reusable fuzzy extractor for low-entropy sources. When applied on iris recognition scenarios, many subsets of an iris-code are used to lock the cryptographic key. The security of this construction relies on the entropy of subsets of iris codes. Simhadri et al. reported a security level of 32 bits on iris sources. In this paper, we propose two kinds of attacks to crack existing sample-then-lock schemes. Exploiting the low-entropy subsets, our attacks can break the locked key and the enrollment iris-code respectively in less than 220 brute force attempts. To protect from these proposed attacks, we design an improved sample-then-lock scheme. More precisely, our scheme employs stability and discriminability to select high-entropy subsets to lock the genuine secret, and conceals genuine locker by a large amount of chaff lockers. Our experiment verifies that existing schemes are vulnerable to the proposed attacks with a security level of less than 20 bits, while our scheme can resist these attacks with a security level of more than 100 bits when number of genuine subsets is 106.

The rapid complexity growth of electronic systems nowadays increases their vulnerability to hacking, such as fault injection, including insertion of glitches into the system clock to corrupt internal state through timing errors. As a countermeasure, a frequency locked loop (FLL) based clock glitch detector is proposed in this paper. Regulated from an external supply voltage, this FLL locks at 16-36X of the system clock, creating four phases to measure the system clock by oversampling at 64-144X. The samples are then used to sense the frequency and close the frequency locked loop, as well as to detect glitches through pattern matching. Implemented in a 5nm FINFET process, it can detect the glitches or pulse width variations down to 3.125% of the input 40MHz clock cycle with the supply varying from 0.5 to 1.0V.

Lock design is an important mechanism for scheduling management and security protection in operating systems. However, there is no effective way to identify the differences and connections among lock models, and users need to spend considerable time to understand different lock architectures. In this paper, we propose a classification scheme that abstracts lock design into three types of models: basic spinlock, semaphore amount extension, lock chain structure, and verify the effectiveness of these three types of lock models in the context of current mainstream applications. We also investigate the specific details of applying this classification method, which can be used as a reference for developers to design lock models, thus shorten the software development cycle.

The burglary of a safe in the city of Jombang, East Java, lost valuables belonging to the Cemerlang Multipurpose Trading Cooperative. Therefore, a security system tool was created in the safe that serves as a place to store valuables and important assets. Change the security system using the security system with a private unique method with modulo arithmetic pattern. The security system of the safe is designed in layers which are attached with the RFID tag by registering and then verifying it on the card. Entering the password on the card cannot be read or is not performed, then the system will refuse to open it. arduino mega type 256 components, RFID tag is attached to the RFID reader, only one validated passive tag can open access to the security system, namely number B9 20 E3 0F. Meanwhile, of the ten passwords entered, only three match the modulo arithmetic format and can open the security system, namely password numbers 22540, 51324 and 91032. The circuit system on the transistor in the solenoid driver circuit works after the safety system opens. The servo motor can rotate according to the input of the open 900 servo angle rotation program.

Network Intrusion Detection Systems (IDSs) have been used to increase the level of network security for many years. The main purpose of such systems is to detect and block malicious activity in the network traffic. Researchers have been improving the performance of IDS technology for decades by applying various machine-learning techniques. From the perspective of academia, obtaining a quality dataset (i.e. a sufficient amount of captured network packets that contain both malicious and normal traffic) to support machine learning approaches has always been a challenge. There are many datasets publicly available for research purposes, including NSL-KDD, KDDCUP 99, CICIDS 2017 and UNSWNB15. However, these datasets are becoming obsolete over time and may no longer be adequate or valid to model and validate IDSs against state-of-the-art attack techniques. As attack techniques are continuously evolving, datasets used to develop and test IDSs also need to be kept up to date. Proven performance of an IDS tested on old attack patterns does not necessarily mean it will perform well against new patterns. Moreover, existing datasets may lack certain data fields or attributes necessary to analyse some of the new attack techniques. In this paper, we argue that academia needs up-to-date high-quality datasets. We compare publicly available datasets and suggest a way to provide up-to-date high-quality datasets for researchers and the security industry. The proposed solution is to utilize the network traffic captured from the Locked Shields exercise, one of the world’s largest live-fire international cyber defence exercises held annually by the NATO CCDCOE. During this three-day exercise, red team members consisting of dozens of white hackers selected by the governments of over 20 participating countries attempt to infiltrate the networks of over 20 blue teams, who are tasked to defend a fictional country called Berylia. After the exercise, network packets captured from each blue team’s network are handed over to each team. However, the countries are not willing to disclose the packet capture (PCAP) files to the public since these files contain specific information that could reveal how a particular nation might react to certain types of cyberattacks. To overcome this problem, we propose to create a dedicated virtual team, capture all the traffic from this team’s network, and disclose it to the public so that academia can use it for unclassified research and studies. In this way, the organizers of Locked Shields can effectively contribute to the advancement of future artificial intelligence (AI) enabled security solutions by providing annual datasets of up-to-date attack patterns.

We propose TaintLock, a lightweight dynamic scan data authentication and encryption scheme that performs per-pattern authentication and encryption using taint and signature bits embedded within the test pattern. To prevent IP theft, we pair TaintLock with truly random logic locking (TRLL) to ensure resilience against both Oracle-guided and Oracle-free attacks, including scan deobfuscation attacks. TaintLock uses a substitution-permutation (SP) network to cryptographically authenticate each test pattern using embedded taint and signature bits. It further uses cryptographically generated keys to encrypt scan data for unauthenticated users dynamically. We show that it offers a low overhead, non-intrusive secure scan solution without impacting test coverage or test time while preventing IP theft.

Security is a key concern across the world, and it has been a common thread for all critical sectors. Nowadays, it may be stated that security is a backbone that is absolutely necessary for personal safety. The most important requirements of security systems for individuals are protection against theft and trespassing. CCTV cameras are often employed for security purposes. The biggest disadvantage of CCTV cameras is their high cost and the need for a trustworthy individual to monitor them. As a result, a solution that is both easy and cost-effective, as well as secure has been devised. The smart door lock is built on Raspberry Pi technology, and it works by capturing a picture through the Pi Camera module, detecting a visitor's face, and then allowing them to enter. Local binary pattern approach is used for Face recognition. Remote picture viewing, notification, on mobile device are all possible with an IOT based application. The proposed system may be installed at front doors, lockers, offices, and other locations where security is required. The proposed system has an accuracy of 89%, with an average processing time is 20 seconds for the overall process.

With the advent of technology and owing to mankind’s reliance on technology, it is of utmost importance to safeguard people’s data and their identity. Biometrics have for long played an important role in providing that layer of security ranging from small scale uses such as house locks to enterprises using them for confidentiality purposes. In this paper we will provide an insight into behavioral biometrics that rely on identifying and measuring human characteristics or behavior. We review different types of behavioral parameters such as keystroke dynamics, gait, footstep pressure signals and more.

Energy trading in small groups or microgrids is interesting to study. The energy market may overgrow in the future, so accessing the energy market by small prosumers may not be difficult anymore. This paper has modeled a decentralized P2P energy trading and exchange system in a microgrid group. The Islanded microgrid system is simulated to create a small energy producer and consumer trading situation. The simulation results show the increasing energy transactions and profit when including V2G as an energy storage device. In addition, blockchain is used for system security because a peer-to-peer marketplace has no intermediary control.

Financial technology (Fintech) is an amalgamation of financial management using a technology system. Fintech has become a public concern because this service provides many service features to make it easier from the financial side, such as being used in cooperative financial institutions, banking and insurance. This paper will analyze the opportunities and challenges of Fintech sharia in Indonesia. By exploring the existing literature, this article will try to answer that question. This research is carried out using a literature review approach and comparative qualitative method which will determined the results of the SWOT analysis of sharia financial technology in indonesia. It is needed to mitigate risk of funding in a peer to peer method in overcoming the security of funds and data from investors, firstly companies can perform transparency on the clarity of investor funds. This is done as one of the facilities provided to investors in the Fintech application. In the future, it is hoped that in facing competition, sharia-based fintech companies must be able to provide targeted services through the socialization of sharia fintech to the public, both online and offline. Investors are expected to be more careful before investing in choosing Fintech Peer to Peer (P2P) Lending services by checking the list of Fintech lending and lending companies registered and found by the Financial Services Authority (OJK).