Article
Computer Science, Information Systems
Fadi Farha, Huansheng Ning, Shunkun Yang, Jiabo Xu, Weishan Zhang, Kim-Kwang Raymond Choo
Summary: ZigBee is a communication protocol used in IoT applications, but its security is compromised in typical low-cost and low-power deployment scenarios. This paper presents a timestamp-based scheme to mitigate replay attacks, which is power-efficient and applicable to different ZigBee topologies and end devices.
IEEE TRANSACTIONS ON MOBILE COMPUTING
(2022)
Article
Engineering, Electrical & Electronic
Shantanu Chakrabarty, Biplab Sikdar
Summary: The paper discusses the application of phase shifters in power grids and the vulnerability of the control system to cyber attacks. It proposes an algorithm to detect these attacks, which is validated on the IEEE 118-bus system.
IEEE TRANSACTIONS ON POWER SYSTEMS
(2021)
Article
Computer Science, Cybernetics
Bin Wang, Xiaohan Yuan, Li Duan, Hongliang Ma, Chunhua Su, Wei Wang
Summary: In this work, a deep-learning-based attack detection system called DeFiScanner is proposed to characterize and detect DeFi attacks that exploit logic vulnerabilities. The system includes a global model, a local model, and a fusion model to effectively detect and classify the attacks. Experimental results demonstrate the effectiveness of DeFiScanner with high true positive rate and area under the receiver operating characteristic curve.
IEEE TRANSACTIONS ON COMPUTATIONAL SOCIAL SYSTEMS
(2022)
Article
Computer Science, Information Systems
Hossein Pirayesh, Huacheng Zeng
Summary: This article surveys existing jamming attacks and anti-jamming strategies in various wireless networks, aiming to provide a comprehensive understanding of the current landscape and stimulate further research efforts to secure wireless networks against jamming attacks.
IEEE COMMUNICATIONS SURVEYS AND TUTORIALS
(2022)
Article
Computer Science, Artificial Intelligence
Lili Zhang, Yongming Li
Summary: In this article, the problem of resilient distributed optimal coordination for uncertain nonlinear multiagent systems is considered. A new two-layer integrated design protocol with a fuzzy-approximation-based adaptive dynamics compensation mechanism is designed to avoid the difficulty of evaluating the quality of decision variable or computing its high-order derivatives in a distributed way. By locally estimating the optimal solution and designing adaptive feedback gain, the fuzzy adaptive mechanism achieves the mutual compensation of cyber dynamics and physical dynamics, and all agents achieve optimal consensus regardless of FDI attacks and nonlinear uncertainties.
IEEE TRANSACTIONS ON FUZZY SYSTEMS
(2023)
Article
Computer Science, Hardware & Architecture
Sai Vineel Reddy Chittamuru, Ishan G. Thakkar, Sudeep Pasricha, Sairam Sri Vatsavai, Varun Bhat
Summary: This article introduces a framework that utilizes process variation-based authentication signatures and architecture-level enhancements to protect against data-snooping hardware Trojans in PNoCs. Evaluation results indicate that this framework can improve hardware security with minimal overheads.
IEEE TRANSACTIONS ON COMPUTER-AIDED DESIGN OF INTEGRATED CIRCUITS AND SYSTEMS
(2021)
Article
Geochemistry & Geophysics
Savvas Karatsiolis, Chirag Padubidri, Andreas Kamilaris
Summary: This paper proposes a novel strategy for enabling a super-resolution reconstruction (SRR) model to output realistic remote sensing images by considering pixel-level information inferred from the normalized digital surface model (nDSM) of the image. Experimental results on two remotely sensed datasets demonstrate that the proposed model outperforms traditional SRR models in terms of performance without introducing artifacts.
IEEE TRANSACTIONS ON GEOSCIENCE AND REMOTE SENSING
(2022)
Article
Computer Science, Artificial Intelligence
Sara Kaviani, Samaneh Shamshiri, Insoo Sohn
Summary: The paper proposes a method called LPSF to improve the network's robustness against backdoor attacks by eliminating potential threatening links between neurons and strengthening necessary connections. The method is evaluated on different datasets and achieves good results.
EXPERT SYSTEMS WITH APPLICATIONS
(2023)
Article
Computer Science, Theory & Methods
Prasanna Ravi, Shivam Bhasin, Sujoy Sinha Roy, Anupam Chattopadhyay
Summary: This work proposes generic and practical side-channel attacks for message recovery in post-quantum lattice-based public key encryption and key encapsulation mechanisms. The attacks exploit the inherent ciphertext malleability properties of LWE/LWR-based schemes and can be adapted to different implementation variants and side-channel countermeasures.
IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY
(2022)
Review
Computer Science, Theory & Methods
Hussain Ahmad, Isuru Dharmadasa, Faheem Ullah, Muhammad Ali Babar
Summary: C3I systems are increasingly used for achieving information superiority and greater situational awareness in critical civil and military domains. However, there is a lack of comprehensive review on the security of C3I systems, despite the catastrophic consequences of cyber-attacks. In this article, we have gathered, analyzed, and synthesized the body of knowledge on the security of C3I systems, and provided a taxonomy for vulnerabilities, attack vectors, and countermeasures.
ACM COMPUTING SURVEYS
(2023)
Article
Computer Science, Information Systems
Ishan Karunanayake, Nadeem Ahmed, Robert Malaney, Rafiqul Islam, Sanjay K. Jha
Summary: Anonymity networks like Tor are increasingly popular for protecting online privacy, but they are also being misused for illegal activities. Various attacks are developed to de-anonymize Tor users and hidden services, prompting the need for improved security measures.
IEEE COMMUNICATIONS SURVEYS AND TUTORIALS
(2021)
Article
Computer Science, Information Systems
Qian Chen, Paul Romanowich, Jorge Castillo, Krishna Chandra Roy, Gustavo Chavez, Shouhuai Xu
Summary: The article introduces a new approach for detecting vehicle cyber attacks, by utilizing human, physical, and driving behaviors to create a novel framework. Experimental results demonstrate that the framework is effective in detecting and preventing deadly crashes caused by vehicle cyber attacks.
IEEE INTERNET OF THINGS JOURNAL
(2021)
Article
Computer Science, Information Systems
Enrique Alvarez, Rafael Alvarez, Miguel Cazorla
Summary: This paper investigates the issue of transferability in adversarial attacks, finding that current models are vulnerable and this can lead to security issues. Experimental results demonstrate the susceptibility of all networks to transferability attacks.
Article
Chemistry, Analytical
Giorgio Olivas Martinez, Valeria Orso, Alice Bettelli, Luciano Gamberini
Summary: Physical inactivity is a major problem for public health, especially in Western countries. Mobile applications promoting physical activity appear to be a promising solution, but high dropout rates and limited ecological validity in user testing pose challenges. In this study, a custom mobile app with different patterns of gamification elements was developed as a self-managed experimental platform. A remote field study showed the feasibility of using the app as an experimental platform and revealed that a richer combination of gamified elements was effective in increasing retention rates.
Article
Computer Science, Hardware & Architecture
Yujie Cui, Hongwei Cui, Xu Cheng
Summary: This paper presents in detail how replacement latency differences can be used to construct timing-based channels to leak information. Experimental results show that WB channel can transmit information covertly with high bandwidth and has strong anti-interference ability. Moreover, the effectiveness of the WB channels against certain attacks is discussed, and a side-channel attack against a real-world security-sensitive application is demonstrated.
IEEE TRANSACTIONS ON COMPUTERS
(2023)
Article
Multidisciplinary Sciences
Alessandra Marrella, Arianna Fedi, Gabriele Varani, Ivan Vaccari, Marco Fato, Giuseppe Firpo, Patrizia Guida, Nicola Aceto, Silvia Scaglione
Summary: This study developed a new multichannel microfluidic device to simulate different blood flow shear stresses and analyze their correlation with CTC cluster behavior. The results demonstrated that higher values of WSS decrease the viability of single CTCs and lead to the disaggregation of CTC clusters.
Article
Chemistry, Analytical
Ivan Vaccari, Vanessa Orani, Alessia Paglialonga, Enrico Cambiaso, Maurizio Mongelli
Summary: The application of machine learning and artificial intelligence in the medical field is expanding, with a focus on remote monitoring and data augmentation for accurate algorithms. By using generative adversarial networks (GANs) to create synthetic datasets, and validating them through machine learning approaches, the accuracy of the synthetic data can be demonstrated.
Article
Chemistry, Analytical
Syed Ghazanfar Abbas, Ivan Vaccari, Faisal Hussain, Shahzaib Zahid, Ubaid Ullah Fayyaz, Ghalib A. Shah, Taimur Bakhshi, Enrico Cambiaso
Summary: The Internet of Things (IoT) allows objects to connect to the Internet for meaningful purposes, but also faces increasing security threats, particularly phishing attacks targeting IoT devices. This paper proposes a threat modelling approach to identify and mitigate cyber-threats that may cause phishing attacks, focusing on smart autonomous vehicular systems and smart homes as significant IoT use cases. The proposed approach aims to support IoT researchers, engineers, and policymakers in securing IoT devices and systems during the early design stages for secure deployment in critical infrastructures.
Article
Chemistry, Analytical
Muhammad Husnain, Khizar Hayat, Enrico Cambiaso, Ubaid U. Fayyaz, Maurizio Mongelli, Habiba Akram, Syed Ghazanfar Abbas, Ghalib A. Shah
Summary: In this paper, a MQTT parsing engine is designed and developed to serve as an initial layer in network-based IDS for extensive checking of IoT protocol vulnerabilities and improper usage. By rigorously validating packet fields, the proposed solution effectively detects and prevents the exploitation of vulnerabilities on IoT protocols.
Article
Computer Science, Artificial Intelligence
Sara Narteni, Vanessa Orani, Ivan Vaccari, Enrico Cambiaso, Maurizio Mongelli
Summary: Nowadays, artificial intelligence is rapidly developing in many fields, leading to the emergence of reliable AI that ensures the safety of autonomous decisions. Sensitivity analysis of explainable AI models can help design safety regions in the feature space with statistical zero error.
IEEE INTELLIGENT SYSTEMS
(2022)
Proceedings Paper
Computer Science, Information Systems
Ivan Vaccari, Alberto Carlevaro, Sara Narteni, Enrico Cambiaso, Maurizio Mongelli
Summary: Adversarial machine learning manipulates datasets to deceive machine learning algorithm decisions. In this study, a new approach based on eXplainable and Reliable AI is proposed to detect adversarial attacks. Experimental results demonstrate that canonical algorithms may struggle to identify attacks, while the proposed approach is capable of accurately identifying different adversarial settings.
IEEE INFOCOM 2022 - IEEE CONFERENCE ON COMPUTER COMMUNICATIONS WORKSHOPS (INFOCOM WKSHPS)
(2022)
Article
Computer Science, Software Engineering
Enrico Cambiaso, Maurizio Aiello
Summary: In this paper, the authors discuss the impact of legitimate data dumping activities, specifically scraping/storing data shown on browsers, in the web security field. They propose Cookidump as a tool to evaluate the dumping of all available recipes on the Cookidoo (c) website portal. Although the focus is on recipe dumping, the authors also discuss the potential impact of such activities for other web applications hosting sensitive information.
Article
Computer Science, Information Systems
Ivan Vaccari, Alberto Carlevaro, Sara Narteni, Enrico Cambiaso, Maurizio Mongelli
Summary: This article discusses the wide adoption of machine learning algorithms and the concept of adversarial machine learning attacks. The research proposes new approaches to detect and mitigate these attacks and compares their performance to traditional algorithms.
Article
Computer Science, Information Systems
Sara Narteni, Vanessa Orani, Enrico Cambiaso, Matteo Rucco, Maurizio Mongelli
Summary: In this study, the use of eXplainable AI (XAI) in detecting physical fatigue during manual material handling task simulation is explored. Global rule-based XAI models (LLM and DT) are compared to black-box models (NN, SVM, XGBoost) in terms of performance, and global models are also compared to local ones (LIME over XGBoost). Surprisingly, both global and local approaches yield similar conclusions in terms of feature importance.
Proceedings Paper
Computer Science, Information Systems
Umberto Morelli, Ivan Vaccari, Silvio Ranise, Enrico Cambiaso
Summary: The Internet of Things is a widely adopted and pervasive technology that is also vulnerable to attacks due to the volume of shared data and the availability of insecure products. This paper investigates two denial of service attacks targeting MQTT message queues, demonstrating their effectiveness and proposing mitigations in open-source MQTT implementations. The research results are integrated into the MQTTSA tool to improve security awareness in MQTT-based deployments.
ARES 2021: 16TH INTERNATIONAL CONFERENCE ON AVAILABILITY, RELIABILITY AND SECURITY
(2021)
Proceedings Paper
Computer Science, Artificial Intelligence
Sara Narteni, Melissa Ferretti, Vanessa Orani, Ivan Vaccari, Enrico Cambiaso, Maurizio Mongelli
Summary: This study proposes a solution based on eXplainable AI models to define safety regions in the feature space, aiming to reduce false negatives. The results show that the effectiveness of the algorithms strongly depends on the level of noise in the dataset.
MACHINE LEARNING AND KNOWLEDGE EXTRACTION (CD-MAKE 2021)
(2021)
Article
Computer Science, Information Systems
Ivan Vaccari, Sara Narteni, Maurizio Aiello, Maurizio Mongelli, Enrico Cambiaso
Summary: The Internet of Things is a widely adopted technology that is also highly relevant in cybersecurity due to the volume and sensitivity of data shared and the availability of affordable but insecure products. This paper proposes a novel cyber threat using the MQTT protocol for tunneling attacks in IoT networks, which could be used by malicious users to steal sensitive information. Experimental results show that using MQTT for tunneling purposes is effective, especially for payloads up to 3000 bytes. Additionally, the study presents a machine learning-based approach to detect the proposed MQTT tunneling attack, with some algorithms achieving over 95% accuracy in identifying the attack.