In order to visually present all kinds of hardware Trojan horse detection methods and their relationship, a method is proposed to construct the knowledge graph of hardware Trojan horse detection technology. Firstly, the security-related knowledge of hardware Trojan horse is analyzed, then the entity recognition and relationship extraction are carried out by using BiLSTM-CRF model, and the construction of knowledge graph is completed. Finally, the knowledge is stored and displayed visually by using graph database neo4j. The combination of knowledge graph and hardware Trojan security field can summarize the existing detection technologies, provide a basis for the analysis of hardware Trojans, vigorously promote the energy Internet security construction, and steadily enhance the energy Internet active defense capability.
Authored by Shengguo Ma, Yujia Liu, Yannian Wu, Shaobo Zhang, Yiying Zhang, Delong Wang
Outsourcing Integrated Circuits(ICs) pave the way for including malicious circuits commonly known as Hardware Trojans. Trojans can be divided into functional and parametric Trojans. Trojans of the first kind are made by adding or removing gates to or from the golden reference design. Trojans of the following type, the golden circuit is modified by decreasing connecting wire’s thickness, exposing the chip to radiation, etc. Hardware Trojan detection schemes can be broadly classified into dynamic and static detection schemes depending on whether or not the input stimulus is applied. The proposed method aims to detect functional Trojans using the static detection method. The work proposes a generic, scalable Trojan detection method. The defender does not have the luxury of knowing the type of Trojan the circuit is infected with, making it difficult for accurate detection. In addition, the proposed method does not require propagating the Trojan effect on the output, magnifying the Trojan effect, or any other voting or additional algorithms to accurately detect the Trojan as in previous literature. The proposed method analyses synthesis reports for Trojan detection. Game theory, in addition, aids the defender in optimal decisionmaking. The proposed method has been evaluated on ISCAS’85 and ISCAS’89 circuits. The proffered method detects various types of Trojans of varying complexities in less time and with 100\% accuracy.
Authored by Vaishnavi Sankar, Nirmala M, Jayakumar. M
With the development of streaming media, soft real-time system in today’s life could participate in the use of more extensive areas. The use frequency was also increasing. Consequently, modern processors were equipped with software control mechanisms such as DVFS (Dynamic Voltage Frequency Scaling) to allow operating systems to meet required performance while reducing power consumption. Therefore, we propose a task scheduling algorithm combined DVFS technology and time deterministic cyclic scheduling to achieve energy saving effect. First, the algorithm needed to minimize the preemption between tasks to reduce latency, so we created a buffer to save periodic tasks to avoid preemption. Second, to reduce the computational cost of the scheduling scheme, a scheduling template were designed to perform tasks. In this paper, the scheduling of periodic tasks, task scheduling would be designed when the task scheduling template would be fixed length. Besides, this algorithm supported that task could adopt appropriate voltage and frequency through DVFS technology in idle time under the condition of satisfying task dependence. Experimental analysis showed that the proposed algorithm could effectively reduce the system energy consumption while ensuring the completion of the task.
Authored by Xun Liu
Message-locked Encryption (MLE) is the most common approach used in encrypted deduplication systems. However, the systems based on MLE are vulnerable to frequency analysis attacks, because MLE encrypts the identical plaintexts into the identical ciphertexts, which is deterministic. The state-of-theart defense scheme, which named TED, lacks key verification and uses a single key server to record frequency information. Once the key server is compromised, TED will be vulnerable to brute-force attacks. In addition, TED’s key generation algorithm needs to be designed more exquisitely to strengthen protection, and its security indicator is not comprehensive. We propose SDAF, which supports key verification and enhanced protection against frequency analysis attacks. Based on chameleon hash, SDAF realizes key verification to prevent malicious key servers from generating fake encryption keys. In order to disturb the frequency information, SDAF introduces reservoir sample to generate uniformly distributed encryption keys, and uses multiple key servers, which interact with each other via multi-party PSI and rotate spontaneously to avoid the single point of failure. Moreover, a new indicator Kurtosis is pointed out to evaluate the security against frequency analysis attacks. We implement the prototypes of SDAF. The experiments of the real-world data sets show that, compared with the existing schemes, SDAF can better resist frequency analysis attacks with lower time overheads.
Authored by Hang Chen, Guanxiong Ha, Yuchen Chen, Haoyu Ma, Chunfu Jia
Frequency hopping (FH) technology is one of the most effective technologies in the field of radio countermeasures, meanwhile, the recognition of FH signal has become a research hotspot. FH signal is a typical non-stationary signal whose frequency varies nonlinearly with time and the time-frequency analysis technique provides a very effective method for processing this kind of signal. With the renaissance of deep learning, methods based on time-frequency analysis and deep learning are widely studied. Although these methods have achieved good results, the recognition accuracy still needs to be improved. Through the observation of the datasets, we found that there are still difficult samples that are difficult to identify. Through further analysis, we propose a horizontal spatial attention (HSA) block, which can generate spatial weight vector according to the signal distribution, and then readjust the feature map. The HSA block is a plug-and-play module that can be integrated into common convolutional neural network (CNN) to further improve their performance and these networks with HSA block are collectively called HANets. The HSA block also has the advantages of high recognition accuracy (especially under low SNRs), easy to implant, and almost no influence on the number of parameters. We verified our method on two datasets and a series of comparative experiments show that the proposed method achieves good results on FH datasets.
Authored by Pengcheng Liu, Zhen Han, Zhixin Shi, Meimei Li, Meichen Liu
Inertia plays a key role in power system resistance to active power disturbance. Under the background of large-scale renewable energy participating in power systems, the problem of weak inertia support brings challenges to power system security and stability operation. Based on the analysis of system equivalent inertia time constant, the inertia time constant of renewable energy access to the system in different scenarios are solved in this paper. According to the effects of inertia time constant change on the dynamic characteristics of system frequency, the assessment indexes of equivalent inertia time constant and the rate of change of frequency (RoCoF) is proposed. Then the inertia of high proportional renewable energy system and frequency stability is evaluated, combined with the assessment index of frequency deviation. Finally, the maximum renewable energy penetration of the system is analyzed with the proposed indexes. IEEE 30-bus system is used to verify the effectiveness of the proposed method by analyzing the RoCoF and equivalent inertia time constant assessment indexes.
Authored by Dongxue Zhao, Lu Yin, Zhongliang Xin, Wei Bao
Round-trip transmission scheme is one of key scheme for the high-precise fiber time synchronization system. Here an asymmetric channel attack against practical roundtrip time synchronization system is proposed and experimentally demonstrated. Using the achieved asymmetric channel attack module, the accuracy of the time synchronization system can be reduced from 90 ps to 538 ps as designed. It shows that channel symmetry assumption in practical applications could be broken by such attack method, and this attack could not be found without single-way-delay monitoring.
Authored by Zihao Liu, Yiming Bian, Yichen Zhang, Bingjie Xu, Yang Li, Song Yu
Mechanical vibration signals of GIS equipment are important information to reflect the operating status of equipment, but the vibration excitation of existing research is mostly based on a single power frequency current, and the detection effect has certain limitations. Therefore, in order to explore the influence of current frequency on GIS mechanical vibration characteristics, this paper carried out research on GIS mechanical vibration characteristics under variable frequency current excitation. Firstly, the mechanical vibration simulation platform of 110 kV GIS equipment under variable frequency current excitation was built in the laboratory. Then, the vibration signals generated by the equipment shell under normal operation state were collected based on the mechanical vibration detection system. Finally, the evolution laws of time domain and frequency domain vibration spectra of GIS equipment under different current frequencies and loads were studied. The results show that the overall time domain waveforms are smooth and the main vibration frequencies are twice the frequencies of excitation currents. Under the condition of the variable frequency current excitation with the same amplitude, the amplitudes of time domain and frequency domain vibration spectra of vibration signals are the largest when the GIS equipment is excited by 1200 A current at 40 Hz and 2400 A current at 80 Hz. Under the condition of the variable amplitude currents excitation with the same frequency, the amplitudes of vibration signals are positively correlated with the amplitudes of currents, and the distributions of frequency spectra are highly concentrated.
Authored by Xu Li, Jian Hao, Qingsong Liu, Ruilei Gong, Xiping Jiang, Yilin Ding
Large-scale renewable energy participates in the power grid through power electronic equipment, which cannot provide stable and effective inertia support for the power system. Based on the rate of change of frequency at the time of disturbance and the virtual inertia control of the energy storage system, the supporting effect of the energy storage on the inertia of a high-proportional renewable energy system is analyzed in this paper. Then an energy storage capacity configuration calculation method is proposed considering the equivalent inertia time constant and virtual inertia control parameters. Next, the quantitative analysis index is proposed based on the supporting effect of inertia, which provides analysis methods for renewable energy participating in the power grid and energy storage capacity configuration. Finally, the IEEE 30-bus system is used to analyze system frequency response characteristics under different energy storage capacity configuration scenarios. The effectiveness of the proposed method is verified.
Authored by Gaocai Yang, Ruiqi Zhang, Yuzheng Xie, Xiaofan Su, Shiyao Jiang
The paper presents the stages of constructing a highly informative digital image of the time-frequency representation of information signals of cyber-physical systems. Signal visualization includes the stage of displaying the signal on the frequency-time plane, the stage of two-dimensional digital filtering and the stage of extracting highly informative components of the signal image. The use of two-dimensional digital filtering allows you to select the most informative component of the image of a complex analyzed information signal. The obtained digital image of the signal of the cyber-physical system is a highly informative initial information for solving a wide range of different problems of information security systems in cyberphysical systems with the subsequent use of machine learning technologies.
Authored by Andrey Ragozin, Anastasiya Pletenkova
This paper studies a power conversion system supplying a High-Speed Permanent Magnet Motor (HSPMM). In opposite of classical approach, this study observes a dynamic trajectory modelling an electric drive chain with a constant acceleration of the machine to its nominal speed. This global approach allows to observe different phenomena at the same time (resonance, subharmonic, and harmonic distortion - THD) specific to the trajectory. The method reconciles electrical phenomena with a powerful mechanism of analysis from the Short-Time Fourier Transform (STFT) and the visual representation of the frequency spectrum (spectrogram tool). The Predictive Time-Frequency analysis applied on Electric Drive Systems (PreTiFEDS) offers a powerful tool for engineers and electric conversion system architects when designing the drive system chain.
Authored by Andre De Andrade, Lakdar Sadi-Haddad, Ramdane Lateb, Joaquim Da Silva
The benefits of applying and integrating robotics and automation machinery in production plans are being followed by the peak of cybersecurity issues associated with them. This study presents the threat model for a production plant integrated with different components such as PLCs, machine tools, sensors, actuators, and robots. Attending to the heterogeneity of components, protocols, and devices, this paper tries to represent the possible threats that would be affecting the factory and proposes a set of changes and mitigations that would increase their cybersecurity and resilience.
Authored by Francisco Lera, Miguel Santamarta, Gonzalo Costales, Unay Ayucar, Endika Gil-Uriarte, Alfonso Glera, Victor Mayoral-Vilches
Threat modeling and security assessment rely on public information on products, vulnerabilities and weaknesses. So far, databases in these categories have rarely been analyzed in combination. Yet, doing so could help predict unreported vulnerabilities and identify common threat patterns. In this paper, we propose a methodology for producing and optimizing a knowledge graph that aggregates knowledge from common threat databases (CPE, CVE, and CWE). We apply the threat knowledge graph to predict associations between threat databases, specifically between products and vulnerabilities. We evaluate the prediction performance based on historical data, using precision, recall, and F1-score metrics. We demonstrate the ability of the threat knowledge graph to uncover many associations that are currently unknown but will be revealed in the future.
Authored by Zhenpeng Shi, Nikolay Matyunin, Kalman Graffi, David Starobinski
Threat hunting has become very popular due to the present dynamic cyber security environment. As there remains increase in attacks’ landscape, the traditional way of monitoring threats is not scalable anymore. Consequently, threat hunting modeling technique is implemented as an emergent activity using machine learning (ML) paradigms. ML predictive analytics was carried out on OSTO-CID dataset using four algorithms to develop the model. Cross validation ratio of 80:20 was used to train and test the model. Decision tree classifier (DTC) gives the best metrics results among the four ML algorithms with 99.30\% accuracy. Therefore, DTC can be used for developing threat hunting model to mitigate cyber-attacks using data mining approach.
Authored by Akinsola T., Olajubu A., Aderounmu A.
Aiming at the problem of threat assessment of air and space target, a new algorithm for target threat assessment and ranking in intelligent aided decision system is proposed. The algorithm uses the radar characteristics of the targets, such as velocity, acceleration, altitude, heading and electronic interference, as target threat assessment features. Then the Analytic Hierarchy Process (AHP) method of multi-attribute decision is used to fuse information, and the judgment matrix of attribute importance is constructed by fuzzy dynamic interval method, which effectively solves the problem of attribute weight changing with time. Finally, the threat degree is determined by sorting the fusion results. The simulation results show that the algorithm is effective.
Authored by Xia Wu, Jianying Li, Min Shi
An Intrusion detection system (IDS) plays a role in network intrusion detection through network data analysis, and high detection accuracy, precision, and recall are required to detect intrusions. Also, various techniques such as expert systems, data mining, and state transition analysis are used for network data analysis. The paper compares the detection effects of the two IDS methods using data mining. The first technique is a support vector machine (SVM), a machine learning algorithm; the second is a deep neural network (DNN), one of the artificial neural network models. The accuracy, precision, and recall were calculated and compared using NSL-KDD training and validation data, which is widely used in intrusion detection to compare the detection effects of the two techniques. DNN shows slightly higher accuracy than the SVM model. The risk of recognizing an actual intrusion as normal data is much greater than the risk of considering normal data as an intrusion, so DNN proves to be much more effective in intrusion detection than SVM.
Authored by N Patel, B Mehtre, Rajeev Wankar
This study aimed to recognize threats by recognizing the assailant pose, victim pose, and the threat object used by the assailant in one frame in a threat emergency situation using a 2D camera and by applying YOLOv5s algorithm. The system s ability to correctly identify threats depends heavily on the training and labeling in YOLOv5s. Thus, the bounding boxes were carefully assigned, and the labels were arranged properly. Through the application of YOLOv5s algorithm, supervised learning was implemented. Recognized threats were identified by recognizing the three variables including, victim pose, assailant pose, and threat object in one frame. The YOLOv5s were able to localize the pose and object and avoid misclassification by setting the appropriate Intersection over Union (IoU) and confidence threshold. Using a truth table, YOLOv5s was able to identify threats by removing possibilities that were not even threats. As for the result, the system was able to recognize each of the assailant poses, victim poses, and threat objects in one frame. Thus, the system was able to obtain an overall reliability of 98.125\%.
Authored by Shaina Languido, Erika Entredicho, Kimbierly Borromeo, Ma. Manaois, Karl Villanueva, Engr. Tolentino
Topic modeling algorithms from the natural language processing (NLP) discipline have been used for various applications. For instance, topic modeling for the product recommendation systems in the e-commerce systems. In this paper, we briefly reviewed topic modeling applications and then described our proposed idea of utilizing topic modeling approaches for cyber threat intelligence (CTI) applications. We improved the previous work by implementing BERTopic and Top2Vec approaches, enabling users to select their preferred pretrained text/sentence embedding model, and supporting various languages. We implemented our proposed idea as the new topic modeling module for the Open Web Application Security Project (OWASP) Maryam: Open-Source Intelligence (OSINT) framework. We also described our experiment results using a leaked hacker forum dataset ( to attract more researchers and open-source communities to participate in the Maryam project of OWASP Foundation.
Authored by Hatma Suryotrisongko, Hari Ginardi, Henning Ciptaningtyas, Saeed Dehqan, Yasuo Musashi
Cyber Threat Intelligence has been demonstrated to be an effective element of defensive security and cyber protection with examples dating back to the founding of the Financial Sector Information Sharing and Analysis Center (FS ISAC) in 1998. Automated methods are needed today in order to stay current with the magnitude of attacks across the globe. Threat information must be actionable, current and credibly validated if they are to be ingested into computer operated defense systems. False positives degrade the value of the system. This paper outlines some of the progress made in applying artificial intelligence techniques as well as the challenges associated with utilizing machine learning to refine the flow of threat intelligence. A variety of methods have been developed to create learning models that can be integrated with firewalls, rules and heuristics. In addition more work is needed to effectively support the limited number of expert human hours available to evaluate the prioritized threat landscape flagged as malicious in a (Security Operations Center) SOC environment.
Authored by Jon Haass
In order to solve the problem of intelligent multi-target threat assessment in Information land battlefield, The SVM nonlinear classification can be effectively solved through the high-dimensional mapping of complex features. The land battlefield target threat assessment index system is selected, the sample data is standardized and standardized, and the target threat assessment SVM classifier is designed, Four commonly kernel functions and penalty coefficients are applied to estimate the threat of targets in land battlefield. The example shows that this method has high classification accuracy and suitable for dealing with complex and changeable battlefield threat data, and has high practical value. The correctness of the conclusion is validated by Python.
Authored by Huan Zhang, Zunpei Wei
To improve the judging and decision-making ability on air target threats in air defense operations, an air target threat assessment method is proposed based on Relevance Vector Machine (RVM) and Artificial Bee Colony (ABC) algorithm. From the reality of air defense operations, the air target threat index system is firstly constructed according to mathematical statistical analysis, and then ABC algorithm is used to optimize the parameters involved in the multi-kernel RVM to establish an air target threat assessment model. Simulation analysis shows that, the proposed method is a high-precision air target threat assessment method, and it is better than RVM method with single Gauss kernel or single Sigmoid kernel in all accuracy indices, thus confirming its effectiveness and feasibility.
Authored by Hanwen Zhang, Xusheng Gan, Nan Wu, Pingni Liu, Zongchen Li
Due to the rise of severe and acute infections called Coronavirus 19, contact tracing has become a critical subject in medical science. A system for automatically detecting diseases aids medical professionals in disease diagnosis to lessen the death rate of patients. To automatically diagnose COVID-19 from contact tracing, this research seeks to offer a deep learning technique based on integrating a Bayesian Network and K-anonymity. In this system, data classification is done using the Bayesian Network Model. For privacy concerns, the K-anonymity algorithm is utilized to prevent malicious users from accessing patients personal information. The dataset for this system consisted of 114 patients. The researchers proposed methods such as the Kanonymity model to remove personal information. The age group and occupations were replaced with more extensive categories such as age range and numbers of employed and unemployed. Further, the accuracy score for the Bayesian Network with kanonymity is 97.058\%, which is an exceptional accuracy score. On the other hand, the Bayesian Network without k-anonymity has an accuracy score of 97.1429\%. These two have a minimal percent difference, indicating that they are both excellent and accurate models. The system produced the desired results on the currently available dataset. The researchers can experiment with other approaches to address the problem statements in the future by utilizing other algorithms besides the Bayesian one, observing how they perform on the dataset, and testing the algorithm with undersampled data to evaluate how it performs. In addition, researchers should also gather more information from various sources to improve the sample size distribution and make the model sufficiently fair to generate accurate predictions.
Authored by Jhanna Chupungco, Eva Depalog, Jeziel Ramos, Joel De Goma
Data anonymization is one of the most important directions in privacy-preserving. However, research shows that simple anonymization of data does not protect privacy. To solve this problem, we present a novel and effective algorithm named tree-based K-degree anonymity (TKDA). We devise a new anonymity sequence generation method to reduce the information loss for social graphs. Then, the dynamic anonymization process is implemented by a depth-first search (DFS) traversal algorithm. Finally, the graph modification algorithm based on the anonymous sequence can keep the original graph structure stable. Average Path Length (APL), Average Clustering Coefficient (ACC), and Transitivity (T) are employed to evaluate the method. Experimental results on several datasets show that TKDA is closer to the values of the original graphs on the correlated three experimental metrics, which indicates that TKDA portrays the real data in more detail and improves the utility of the released data.
Authored by Nan Xiang, Xuebin Ma
The Internet as a whole is a large network of interconnected computer networks and their supporting infrastructure which is divided into 3 parts. The web is a list of websites that can be accessed using search engines like Google, Firefox, and others, this is called as Surface Web. The Internet’s layers stretch well beyond the surface material that many people can quickly reach in their everyday searches. The Deep Web material, which cannot be indexed by regular search engines like Google, is a subset of the internet. The Dark Web, which extends to the deepest reaches of the Deep Web, contains data that has been purposefully hidden. Tor may be used to access the dark web. Tor employs a network of volunteer devices to route users web traffic via a succession of other users computers, making it impossible to track it back to the source. We will analyze and include results about the Dark Web’s presence in various spheres of society in this paper. Further we take dive into about the Tor metrics how the relay list is revised after users are determined based on client requests for directories (using TOR metrics). Other way we can estimate the number of users in anonymous networks. This analysis discusses the purposes for which it is frequently used, with a focus on cybercrime, as well as how law enforcement plays the adversary position. The analysis discusses these secret Dark Web markets, what services they provide, and the events that take place there such as cybercrime, illegal money transfers, sensitive communication etc. Before knowing anything about Dark Web, how a rookie can make mistake of letting any threat or malware into his system. This problem can be tackled by knowing whether to use Windows, or any other OS, or any other service like VPN to enter Dark world. The paper also goes into the agenda of how much of illegal community is involved from India in these markets and what impact does COVID-19 had on Dark Web markets. Our analysis is carried out by searching scholarly journal databases for current literature. By acting as a reference guide and presenting a research agenda, it contributes to the field of the dark web in an efficient way. This paper is totally built for study purposes and precautionary measures for accessing Dark Web.
Authored by Hardik Gulati, Aman Saxena, Neerav Pawar, Poonam Tanwar, Shweta Sharma
E-voting plays a vital role in guaranteeing and promoting social fairness and democracy. However, traditional e-voting schemes rely on a centralized organization, leading to a crisis of trust in the vote-counting results. In response to this problem, researchers have introduced blockchain to realize decentralized e-voting, but the adoption of blockchain also brings new issues in terms of flexibility, anonymity, and usability. To this end, in this paper, we propose WeVoting, which provides weightbased flexibility with solid anonymity and enhances usability by designing a voter-independent on-chain counting mechanism. Specifically, we use distributed ElGamal homomorphic encryption and zero-knowledge proof to achieve voting anonymity with weight. Besides, WeVoting develops a counter-based counting mechanism to enhance usability compared with those self-tallying schemes. By critically designing an honesty-and-activity-based incentive algorithm, WeVoting can guarantee a correct counting result even in the presence of malicious counters. Our security and performance analyses elaborate that WeVoting achieves high anonymity in weighed voting under the premise of meeting the basic security requirements of e-voting. And meanwhile, its counting mechanism is sufficient for practical demands with reasonable overheads.
Authored by Zikai Wang, Xinyi Luo, Meiqi Li, Wentuo Sun, Kaiping Xue