Identification and resolution system of the industrial Internet is the“neural hub”of the industrial Internet for coordination.Catastrophic damage to the whole industrial Internet industry ecology may be caused if th...Identification and resolution system of the industrial Internet is the“neural hub”of the industrial Internet for coordination.Catastrophic damage to the whole industrial Internet industry ecology may be caused if the identification and resolution system is attacked.Moreover,it may become a threat to national security.Therefore,security plays an important role in identification and resolution system of the industrial Internet.In this paper,an innovative security risk analysis model is proposed for the first time,which can help control risks from the root at the initial stage of industrial Internet construction,provide guidance for related enterprises in the early design stage of identification and resolution system of the industrial Internet,and promote the healthy and sustainable development of the industrial identification and resolution system.展开更多
Nowadays,theuse of Avatars that are unique digital depictions has increased by users to access Metaverse—a virtual reality environment—through multiple devices and for various purposes.Therefore,the Avatar and Metav...Nowadays,theuse of Avatars that are unique digital depictions has increased by users to access Metaverse—a virtual reality environment—through multiple devices and for various purposes.Therefore,the Avatar and Metaverse are being developed with a new theory,application,and design,necessitating the association of more personal data and devices of targeted users every day.This Avatar and Metaverse technology explosion raises privacy and security concerns,leading to cyber attacks.MV-Honeypot,or Metaverse-Honeypot,as a commercial off-the-shelf solution that can counter these cyber attack-causing vulnerabilities,should be developed.To fill this gap,we study user’s engagements with Avatars in Metaverse,analyze possible security vulnerabilities,and create a model named Simplified Avatar Relationship Association with Non-linear Gradient(SARANG)that draws the full diagram of infrastructure components and data flow through accessing Metaverse in this paper.We also determine the most significant threat for each component’s cyberattacks that will affect user data and Avatars.As a result,the commercial off-the-shelf(COTS)of the MV-Honeypot must be established.展开更多
The risks of the current identity system represented by Domain Name System(DNS)and Object Identifier(OID)are studied.According to the characteristics of the industrial Internet Identity(Ⅲ)system,four open ecosystem p...The risks of the current identity system represented by Domain Name System(DNS)and Object Identifier(OID)are studied.According to the characteristics of the industrial Internet Identity(Ⅲ)system,four open ecosystem planes are divided,and a corresponding risk analysis view is established to analyze risks for various planes.This paper uses Isaiah Berlin’s definition of liberty to more generally express the concept of security as positive rights and negative rights.In the risk analysis view,the target system is modeled from four dimensions:stakeholders,framework,architecture,and capability delivery.At last,three defensive lines are proposed to establish the identity credit system.展开更多
Denial of Service Distributed Denial of Service (DOS) attack, especially (DDoS) attack, is one of the greatest threats to Internet. Much research has been done for it by now, however, it is always concentrated in ...Denial of Service Distributed Denial of Service (DOS) attack, especially (DDoS) attack, is one of the greatest threats to Internet. Much research has been done for it by now, however, it is always concentrated in the behaviors of the network and can not deal with the problem exactly. In this paper, we start from the security of the protocol, then we propose a novel theory for security protocol analysis of Denial of Service in order to deal with the DoS attack. We first introduce the conception of weighted graph to extend the strand space model, then we extend the penetrator model and define the goal of anti-DoS attack through the conception of the DoS-stop protocol, finally we propose two kinds of DoS test model and erect the novel formal theory for security protocol analysis of Denial of Service. Our new formal theory is applied in two example protocols. It is proved that the Internet key exchange (IKE) easily suffers from the DoS attacks, and the efficient DoS- resistant secure key exchange protocol (JFK) is resistant against DoS attack for the server, respectively.展开更多
This Epidemiology can be applied to cybersecurity as a novel approach for analysing and detecting cyber threats and their risks. It provides a systematic model for the analysis of likelihood, consequence, management, ...This Epidemiology can be applied to cybersecurity as a novel approach for analysing and detecting cyber threats and their risks. It provides a systematic model for the analysis of likelihood, consequence, management, and prevention measures to examine malicious behaviours like disease. There are a few research studies in discrete cybersecurity risk factors;however, there is a significant research gap on the analysis of collective cyber risk factors and measuring their cyber risk impacts. Effective cybersecurity risk management requires the identification and estimation of the probability of infection, based on a comprehensive range of historical and environmental factors, including human behaviour and technology characteristics. This paper explores how an epidemiological principle can be applied to identify cybersecurity risk factors. These risk factors comprise both human and machine behaviours profiled as risk factors. This paper conducts a preliminary analysis of the relationships between these risk factors utilising Domain Name System (DNS) data sources. The experimental results indicated that the epidemiological principle can effectively examine and estimate cyber risk factors. The proposed principle has a great potential in enhancing new machine learning-enabled intrusion detection solutions by utilising this principle as a risk assessment module of the solutions.展开更多
In order to solve the various privacy and security problems in RFID system, a new low-cost RFID mutual authentication protocol based on ID updating mechanics is proposed. In the proposed scheme, the backend server kee...In order to solve the various privacy and security problems in RFID system, a new low-cost RFID mutual authentication protocol based on ID updating mechanics is proposed. In the proposed scheme, the backend server keeps both the current ID and potential next ID for each tag, thus to solve the possible problem of de-synchronization attack in the most ID updating-based schemes. In the security analysis section, comparing several protocols in property required and attacker resistances, the comparison results show that the proposed protocol provides strong authentication and strong integrity of the transmissions and can withstand most the possible attacks that break the security of the previous schemes. In the performance evaluation section, the analysis results also indicate that, in terms of computational cost and storage requirement, the proposed scheme is safer, more efficient, more suitable for low-cost tag and more feasible in practice.展开更多
Internet of things (IoT) devices make up 30%of all network-connected endpoints,introducing vulnerabilities and novel attacks that make many companies as primary targets for cybercriminals.To address this increasing th...Internet of things (IoT) devices make up 30%of all network-connected endpoints,introducing vulnerabilities and novel attacks that make many companies as primary targets for cybercriminals.To address this increasing threat surface,every organization deploying IoT devices needs to consider security risks to ensure those devices are secure and trusted.Among all the solutions for security risks,firmware security analysis is essential to fix software bugs,patch vulnerabilities,or add new security features to protect users of those vulnerable devices.However,firmware security analysis has never been an easy job due to the diversity of the execution environment and the close source of firmware.These two distinct features complicate the operations to unpack firmware samples for detailed analysis.They also make it difficult to create visual environments to emulate the running of device firmware.Although researchers have developed many novel methods to overcome various challenges in the past decade,critical barriers impede firmware security analysis in practice.Therefore,this survey is motivated to systematically review and analyze the research challenges and their solutions,considering both breadth and depth.Specifically,based on the analysis perspectives,various methods that perform security analysis on IoT devices are introduced and classified into four categories.The challenges in each category are discussed in detail,and potential solutions are proposed subsequently.We then discuss the flaws of these solutions and provide future directions for this research field.This survey can be utilized by a broad range of readers,including software developers,cyber security researchers,and software security engineers,to better understand firmware security analysis.展开更多
Nowadays,Wireless Sensor Network(WSN)is a modern technology with a wide range of applications and greatly attractive benefits,for example,self-governing,low expenditure on execution and data communication,long-term fu...Nowadays,Wireless Sensor Network(WSN)is a modern technology with a wide range of applications and greatly attractive benefits,for example,self-governing,low expenditure on execution and data communication,long-term function,and unsupervised access to the network.The Internet of Things(IoT)is an attractive,exciting paradigm.By applying communication technologies in sensors and supervising features,WSNs have initiated communication between the IoT devices.Though IoT offers access to the highest amount of information collected through WSNs,it leads to privacy management problems.Hence,this paper provides a Logistic Regression machine learning with the Elliptical Curve Cryptography technique(LRECC)to establish a secure IoT structure for preventing,detecting,and mitigating threats.This approach uses the Elliptical Curve Cryptography(ECC)algorithm to generate and distribute security keys.ECC algorithm is a light weight key;thus,it minimizes the routing overhead.Furthermore,the Logistic Regression machine learning technique selects the transmitter based on intelligent results.The main application of this approach is smart cities.This approach provides continuing reliable routing paths with small overheads.In addition,route nodes cooperate with IoT,and it handles the resources proficiently and minimizes the 29.95%delay.展开更多
基金supported by the 2018 Industrial Internet Innovation and Development Project--Industrial Internet Identification Resolution System National Top-Level Node Construction Project (Phase Ⅰ)
文摘Identification and resolution system of the industrial Internet is the“neural hub”of the industrial Internet for coordination.Catastrophic damage to the whole industrial Internet industry ecology may be caused if the identification and resolution system is attacked.Moreover,it may become a threat to national security.Therefore,security plays an important role in identification and resolution system of the industrial Internet.In this paper,an innovative security risk analysis model is proposed for the first time,which can help control risks from the root at the initial stage of industrial Internet construction,provide guidance for related enterprises in the early design stage of identification and resolution system of the industrial Internet,and promote the healthy and sustainable development of the industrial identification and resolution system.
基金supported by the Institute of Information&Communications Technology Planning&Evaluation(IITP)(Project Nos.2022-0-00701,10%,RS-2023-00228996,10%,RS-2022-00165794,10%)the ICTR&DProgram of MSIT/IITP(ProjectNo.2021-0-01816,10%)a National Research Foundation of Korea(NRF)grant funded by the Korean Government(Project No.RS2023-00208460,60%).
文摘Nowadays,theuse of Avatars that are unique digital depictions has increased by users to access Metaverse—a virtual reality environment—through multiple devices and for various purposes.Therefore,the Avatar and Metaverse are being developed with a new theory,application,and design,necessitating the association of more personal data and devices of targeted users every day.This Avatar and Metaverse technology explosion raises privacy and security concerns,leading to cyber attacks.MV-Honeypot,or Metaverse-Honeypot,as a commercial off-the-shelf solution that can counter these cyber attack-causing vulnerabilities,should be developed.To fill this gap,we study user’s engagements with Avatars in Metaverse,analyze possible security vulnerabilities,and create a model named Simplified Avatar Relationship Association with Non-linear Gradient(SARANG)that draws the full diagram of infrastructure components and data flow through accessing Metaverse in this paper.We also determine the most significant threat for each component’s cyberattacks that will affect user data and Avatars.As a result,the commercial off-the-shelf(COTS)of the MV-Honeypot must be established.
文摘The risks of the current identity system represented by Domain Name System(DNS)and Object Identifier(OID)are studied.According to the characteristics of the industrial Internet Identity(Ⅲ)system,four open ecosystem planes are divided,and a corresponding risk analysis view is established to analyze risks for various planes.This paper uses Isaiah Berlin’s definition of liberty to more generally express the concept of security as positive rights and negative rights.In the risk analysis view,the target system is modeled from four dimensions:stakeholders,framework,architecture,and capability delivery.At last,three defensive lines are proposed to establish the identity credit system.
基金This work is supported by National Natural Science Foundation of China under contract 60902008.
文摘Denial of Service Distributed Denial of Service (DOS) attack, especially (DDoS) attack, is one of the greatest threats to Internet. Much research has been done for it by now, however, it is always concentrated in the behaviors of the network and can not deal with the problem exactly. In this paper, we start from the security of the protocol, then we propose a novel theory for security protocol analysis of Denial of Service in order to deal with the DoS attack. We first introduce the conception of weighted graph to extend the strand space model, then we extend the penetrator model and define the goal of anti-DoS attack through the conception of the DoS-stop protocol, finally we propose two kinds of DoS test model and erect the novel formal theory for security protocol analysis of Denial of Service. Our new formal theory is applied in two example protocols. It is proved that the Internet key exchange (IKE) easily suffers from the DoS attacks, and the efficient DoS- resistant secure key exchange protocol (JFK) is resistant against DoS attack for the server, respectively.
文摘This Epidemiology can be applied to cybersecurity as a novel approach for analysing and detecting cyber threats and their risks. It provides a systematic model for the analysis of likelihood, consequence, management, and prevention measures to examine malicious behaviours like disease. There are a few research studies in discrete cybersecurity risk factors;however, there is a significant research gap on the analysis of collective cyber risk factors and measuring their cyber risk impacts. Effective cybersecurity risk management requires the identification and estimation of the probability of infection, based on a comprehensive range of historical and environmental factors, including human behaviour and technology characteristics. This paper explores how an epidemiological principle can be applied to identify cybersecurity risk factors. These risk factors comprise both human and machine behaviours profiled as risk factors. This paper conducts a preliminary analysis of the relationships between these risk factors utilising Domain Name System (DNS) data sources. The experimental results indicated that the epidemiological principle can effectively examine and estimate cyber risk factors. The proposed principle has a great potential in enhancing new machine learning-enabled intrusion detection solutions by utilising this principle as a risk assessment module of the solutions.
基金supported by National Natural Science Foundation of China under Grant No. 61100205Foundation of China Information Technology Security Evaluation Center under Grant No. CNITSEC-KY-0910-019/5
文摘In order to solve the various privacy and security problems in RFID system, a new low-cost RFID mutual authentication protocol based on ID updating mechanics is proposed. In the proposed scheme, the backend server keeps both the current ID and potential next ID for each tag, thus to solve the possible problem of de-synchronization attack in the most ID updating-based schemes. In the security analysis section, comparing several protocols in property required and attacker resistances, the comparison results show that the proposed protocol provides strong authentication and strong integrity of the transmissions and can withstand most the possible attacks that break the security of the previous schemes. In the performance evaluation section, the analysis results also indicate that, in terms of computational cost and storage requirement, the proposed scheme is safer, more efficient, more suitable for low-cost tag and more feasible in practice.
文摘Internet of things (IoT) devices make up 30%of all network-connected endpoints,introducing vulnerabilities and novel attacks that make many companies as primary targets for cybercriminals.To address this increasing threat surface,every organization deploying IoT devices needs to consider security risks to ensure those devices are secure and trusted.Among all the solutions for security risks,firmware security analysis is essential to fix software bugs,patch vulnerabilities,or add new security features to protect users of those vulnerable devices.However,firmware security analysis has never been an easy job due to the diversity of the execution environment and the close source of firmware.These two distinct features complicate the operations to unpack firmware samples for detailed analysis.They also make it difficult to create visual environments to emulate the running of device firmware.Although researchers have developed many novel methods to overcome various challenges in the past decade,critical barriers impede firmware security analysis in practice.Therefore,this survey is motivated to systematically review and analyze the research challenges and their solutions,considering both breadth and depth.Specifically,based on the analysis perspectives,various methods that perform security analysis on IoT devices are introduced and classified into four categories.The challenges in each category are discussed in detail,and potential solutions are proposed subsequently.We then discuss the flaws of these solutions and provide future directions for this research field.This survey can be utilized by a broad range of readers,including software developers,cyber security researchers,and software security engineers,to better understand firmware security analysis.
文摘Nowadays,Wireless Sensor Network(WSN)is a modern technology with a wide range of applications and greatly attractive benefits,for example,self-governing,low expenditure on execution and data communication,long-term function,and unsupervised access to the network.The Internet of Things(IoT)is an attractive,exciting paradigm.By applying communication technologies in sensors and supervising features,WSNs have initiated communication between the IoT devices.Though IoT offers access to the highest amount of information collected through WSNs,it leads to privacy management problems.Hence,this paper provides a Logistic Regression machine learning with the Elliptical Curve Cryptography technique(LRECC)to establish a secure IoT structure for preventing,detecting,and mitigating threats.This approach uses the Elliptical Curve Cryptography(ECC)algorithm to generate and distribute security keys.ECC algorithm is a light weight key;thus,it minimizes the routing overhead.Furthermore,the Logistic Regression machine learning technique selects the transmitter based on intelligent results.The main application of this approach is smart cities.This approach provides continuing reliable routing paths with small overheads.In addition,route nodes cooperate with IoT,and it handles the resources proficiently and minimizes the 29.95%delay.
