-
Review of Generative AI Methods in Cybersecurity
Authors:
Yagmur Yigit,
William J Buchanan,
Madjid G Tehrani,
Leandros Maglaras
Abstract:
Over the last decade, Artificial Intelligence (AI) has become increasingly popular, especially with the use of chatbots such as ChatGPT, Gemini, and DALL-E. With this rise, large language models (LLMs) and Generative AI (GenAI) have also become more prevalent in everyday use. These advancements strengthen cybersecurity's defensive posture and open up new attack avenues for adversaries as well. Thi…
▽ More
Over the last decade, Artificial Intelligence (AI) has become increasingly popular, especially with the use of chatbots such as ChatGPT, Gemini, and DALL-E. With this rise, large language models (LLMs) and Generative AI (GenAI) have also become more prevalent in everyday use. These advancements strengthen cybersecurity's defensive posture and open up new attack avenues for adversaries as well. This paper provides a comprehensive overview of the current state-of-the-art deployments of GenAI, covering assaults, jailbreaking, and applications of prompt injection and reverse psychology. This paper also provides the various applications of GenAI in cybercrimes, such as automated hacking, phishing emails, social engineering, reverse cryptography, creating attack payloads, and creating malware. GenAI can significantly improve the automation of defensive cyber security processes through strategies such as dataset construction, safe code development, threat intelligence, defensive measures, reporting, and cyberattack detection. In this study, we suggest that future research should focus on develo** robust ethical norms and innovative defense mechanisms to address the current issues that GenAI creates and to also further encourage an impartial approach to its future application in cybersecurity. Moreover, we underscore the importance of interdisciplinary approaches further to bridge the gap between scientific developments and ethical considerations.
△ Less
Submitted 19 March, 2024; v1 submitted 13 March, 2024;
originally announced March 2024.
-
vSPACE: Voting in a Scalable, Privacy-Aware and Confidential Election
Authors:
Se Elnour,
William J Buchanan,
Paul Keating,
Mwrwan Abubakar,
Sirag Elnour
Abstract:
The vSPACE experimental proof-of-concept (PoC) on the TrueElect[Anon][Creds] protocol presents a novel approach to secure, private, and scalable elections, extending the TrueElect and ElectAnon protocols with the integration of AnonCreds SSI (Self-Sovereign Identity). Such a protocol PoC is situated within a Zero-Trust Architecture (ZTA) and leverages confidential computing, continuous authenticat…
▽ More
The vSPACE experimental proof-of-concept (PoC) on the TrueElect[Anon][Creds] protocol presents a novel approach to secure, private, and scalable elections, extending the TrueElect and ElectAnon protocols with the integration of AnonCreds SSI (Self-Sovereign Identity). Such a protocol PoC is situated within a Zero-Trust Architecture (ZTA) and leverages confidential computing, continuous authentication, multi-party computation (MPC), and well-architected framework (WAF) principles to address the challenges of cybersecurity, privacy, and trust over IP (ToIP) protection. Employing a Kubernetes confidential cluster within an Enterprise-Scale Landing Zone (ESLZ), vSPACE integrates Distributed Ledger Technology (DLT) for immutable and certifiable audit trails. The Infrastructure as Code (IaC) model ensures rapid deployment, consistent management, and adherence to security standards, making vSPACE a future-proof solution for digital voting systems.
△ Less
Submitted 8 March, 2024;
originally announced March 2024.
-
DID:RING: Ring Signatures using Decentralised Identifiers For Privacy-Aware Identity
Authors:
Dimitrios Kasimatis,
Sam Grierson,
William J. Buchanan,
Chris Eckl,
Pavlos Papadopoulos,
Nikolaos Pitropakis,
Craig Thomson,
Baraq Ghaleb
Abstract:
Decentralised identifiers have become a standardised element of digital identity architecture, with supra-national organisations such as the European Union adopting them as a key component for a unified European digital identity ledger. This paper delves into enhancing security and privacy features within decentralised identifiers by integrating ring signatures as an alternative verification metho…
▽ More
Decentralised identifiers have become a standardised element of digital identity architecture, with supra-national organisations such as the European Union adopting them as a key component for a unified European digital identity ledger. This paper delves into enhancing security and privacy features within decentralised identifiers by integrating ring signatures as an alternative verification method. This allows users to identify themselves through digital signatures without revealing which public key they used. To this end, the study proposed a novel decentralised identity method showcased in a decentralised identifier-based architectural framework. Additionally, the investigation assesses the repercussions of employing this new method in the verification process, focusing specifically on privacy and security aspects. Although ring signatures are an established asset of cryptographic protocols, this paper seeks to leverage their capabilities in the evolving domain of digital identities.
△ Less
Submitted 11 March, 2024; v1 submitted 8 March, 2024;
originally announced March 2024.
-
TIPS: Threat Sharing Information Platform for Enhanced Security
Authors:
Lakshmi Rama Kiran Pasumarthy,
Hisham Ali,
William J Buchanan,
Jawad Ahmad,
Audun Josang,
Vasileios Mavroeidis,
Mouad Lemoudden
Abstract:
There is an increasing need to share threat information for the prevention of widespread cyber-attacks. While threat-related information sharing can be conducted through traditional information exchange methods, such as email communications etc., these methods are often weak in terms of their trustworthiness and privacy. Additionally, the absence of a trust infrastructure between different informa…
▽ More
There is an increasing need to share threat information for the prevention of widespread cyber-attacks. While threat-related information sharing can be conducted through traditional information exchange methods, such as email communications etc., these methods are often weak in terms of their trustworthiness and privacy. Additionally, the absence of a trust infrastructure between different information-sharing domains also poses significant challenges. These challenges include redactment of information, the Right-to-be-forgotten, and access control to the information-sharing elements. These access issues could be related to time bounds, the trusted deletion of data, and the location of accesses. This paper presents an abstraction of a trusted information-sharing process which integrates Attribute-Based Encryption (ABE), Homomorphic Encryption (HE) and Zero Knowledge Proof (ZKP) integrated into a permissioned ledger, specifically Hyperledger Fabric (HLF). It then provides a protocol exchange between two threat-sharing agents that share encrypted messages through a trusted channel. This trusted channel can only be accessed by those trusted in the sharing and could be enabled for each data-sharing element or set up for long-term sharing.
△ Less
Submitted 8 March, 2024;
originally announced March 2024.
-
Privacy-Aware Single-Nucleotide Polymorphisms (SNPs) using Bilinear Group Accumulators in Batch Mode
Authors:
William J Buchanan,
Sam Grierson,
Daniel Uribe
Abstract:
Biometric data is often highly sensitive, and a leak of this data can lead to serious privacy breaches. Some of the most sensitive of this type of data relates to the usage of DNA data on individuals. A leak of this type of data without consent could lead to privacy breaches of data protection laws. Along with this, there have been several recent data breaches related to the leak of DNA informatio…
▽ More
Biometric data is often highly sensitive, and a leak of this data can lead to serious privacy breaches. Some of the most sensitive of this type of data relates to the usage of DNA data on individuals. A leak of this type of data without consent could lead to privacy breaches of data protection laws. Along with this, there have been several recent data breaches related to the leak of DNA information, including from 23andMe and Ancestry. It is thus fundamental that a citizen should have the right to know if their DNA data is contained within a DNA database and ask for it to be removed if they are concerned about its usage. This paper outlines a method of hashing the core information contained within the data stores - known as Single-Nucleotide Polymorphisms (SNPs) - into a bilinear group accumulator in batch mode, which can then be searched by a trusted entity for matches. The time to create the witness proof and to verify were measured at 0.86 ms and 10.90 ms, respectively.
△ Less
Submitted 15 January, 2024;
originally announced January 2024.
-
Astrobiological Potential of Venus Atmosphere Chemical Anomalies and Other Unexplained Cloud Properties
Authors:
Janusz J. Petkowski,
Sara Seager,
David H. Grinspoon,
William Bains,
Sukrit Ranjan,
Paul B. Rimmer,
Weston P. Buchanan,
Rachana Agrawal,
Rakesh Mogul,
Christopher E. Carr
Abstract:
Long-standing unexplained Venus atmosphere observations and chemical anomalies point to unknown chemistry but also leave room for the possibility of life. The unexplained observations include several gases out of thermodynamic equilibrium (e.g. tens of ppm O2, the possible presence of PH3 and NH3, SO2 and H2O vertical abundance profiles), an unknown composition of large, lower cloud particles, and…
▽ More
Long-standing unexplained Venus atmosphere observations and chemical anomalies point to unknown chemistry but also leave room for the possibility of life. The unexplained observations include several gases out of thermodynamic equilibrium (e.g. tens of ppm O2, the possible presence of PH3 and NH3, SO2 and H2O vertical abundance profiles), an unknown composition of large, lower cloud particles, and the "unknown absorber(s)". Here we first review relevant properties of the Venus atmosphere and then describe the atmospheric chemical anomalies and how they motivate future astrobiology missions to Venus.
△ Less
Submitted 9 January, 2024;
originally announced January 2024.
-
RNA-TransCrypt: Image Encryption Using Chaotic RNA Encoding, Novel Transformative Substitution, and Tailored Cryptographic Operations
Authors:
Muhammad Shahbaz Khan,
Jawad Ahmad,
Ahmed Al-Dubai,
Baraq Ghaleb,
Nikolaos Pitropakis,
William J. Buchanan
Abstract:
Given the security concerns of Internet of Things (IoT) networks and limited computational resources of IoT devices, this paper presents RNA-TransCrypt, a novel image encryption scheme that is not only highly secure but also efficient and lightweight. RNA-TransCrypt integrates the biocryptographic properties of RNA encoding with the non-linearity and unpredictability of chaos theory. This scheme i…
▽ More
Given the security concerns of Internet of Things (IoT) networks and limited computational resources of IoT devices, this paper presents RNA-TransCrypt, a novel image encryption scheme that is not only highly secure but also efficient and lightweight. RNA-TransCrypt integrates the biocryptographic properties of RNA encoding with the non-linearity and unpredictability of chaos theory. This scheme introduces three novel contributions: 1) the two-base RNA encoding method, which transforms the image into RNA strands-like sequence, ensuring efficient scrambling; 2) the transformative substitution technique, which transforms the s-box values before replacing the pixel values, and is responsible for making the scheme lightweight; and 3) three mathematical cryptographic operations designed especially for image encryption that ensure the effective transformation of the s-box values, resulting in a new outcome even for the same input values. These modules are key-dependent, utilizing chaotic keys generated by the De Jong Fractal Map and the Van der Pol Oscillator. Extensive security analysis, including histogram analysis, correlation analysis, and the results of the statistical security parameters obtained from the Gray-Level Co-occurrence Matrix (GLCM) validate the efficacy of the proposed scheme in encrypting input images with close-to-ideal results of 7.997 entropy and 0.0006 correlation.
△ Less
Submitted 9 January, 2024;
originally announced January 2024.
-
On families of elliptic curves $E_{p,q}:y^2=x^3-pqx$ that intersect the same line $L_{a,b}:y=\frac{a}{b}x$ of rational slope
Authors:
Eldar Sultanow,
Malik Amir,
Anja Jeschke,
Amir Darwish Tfiha,
Madjid Tehrani,
William J Buchanan
Abstract:
Let $p$ and $q$ be two distinct odd primes, $p<q$ and $E_{p,q}:y^2=x^3-pqx$ be an elliptic curve. Fix a line $L_{a.b}:y=\frac{a}{b}x$ where $a\in \mathbb{Z},b\in \mathbb{N}$ and $(a,b)=1$. We study sufficient conditions that $p$ and $q$ must satisfy so that there are infinitely many elliptic curves $E_{p,q}$ that intersect $L_{a,b}$.
Let $p$ and $q$ be two distinct odd primes, $p<q$ and $E_{p,q}:y^2=x^3-pqx$ be an elliptic curve. Fix a line $L_{a.b}:y=\frac{a}{b}x$ where $a\in \mathbb{Z},b\in \mathbb{N}$ and $(a,b)=1$. We study sufficient conditions that $p$ and $q$ must satisfy so that there are infinitely many elliptic curves $E_{p,q}$ that intersect $L_{a,b}$.
△ Less
Submitted 8 June, 2024; v1 submitted 30 December, 2023;
originally announced January 2024.
-
PermutEx: Feature-Extraction-Based Permutation -- A New Diffusion Scheme for Image Encryption Algorithms
Authors:
Muhammad Shahbaz Khan,
Jawad Ahmad,
Ahmed Al-Dubai,
Zakwan Jaroucheh,
Nikolaos Pitropakis,
William J. Buchanan
Abstract:
Traditional permutation schemes mostly focus on random scrambling of pixels, often neglecting the intrinsic image information that could enhance diffusion in image encryption algorithms. This paper introduces PermutEx, a feature-extraction-based permutation method that utilizes inherent image features to scramble pixels effectively. Unlike random permutation schemes, PermutEx extracts the spatial…
▽ More
Traditional permutation schemes mostly focus on random scrambling of pixels, often neglecting the intrinsic image information that could enhance diffusion in image encryption algorithms. This paper introduces PermutEx, a feature-extraction-based permutation method that utilizes inherent image features to scramble pixels effectively. Unlike random permutation schemes, PermutEx extracts the spatial frequency and local contrast features of the image and ranks each pixel based on this information, identifying which pixels are more important or information-rich based on texture and edge information. In addition, a unique permutation key is generated using the Logistic-Sine Map based on chaotic behavior. The ranked pixels are permuted in conjunction with this unique key, effectively permuting the original image into a scrambled version. Experimental results indicate that the proposed method effectively disrupts the correlation in information-rich areas within the image resulting in a correlation value of 0.000062. The effective scrambling of pixels, resulting in nearly zero correlation, makes this method suitable to be used as diffusion in image encryption algorithms.
△ Less
Submitted 5 November, 2023;
originally announced November 2023.
-
PASSION: Permissioned Access Control for Segmented Devices and Identity for IoT Networks
Authors:
Hisham Ali,
Mwrwan Abubakar,
Jawad Ahmad,
William J. Buchanan,
Zakwan Jaroucheh
Abstract:
In recent years, there has been a significant proliferation of industrial Internet of Things (IoT) applications, with a wide variety of use cases being developed and put into operation. As the industrial IoT landscape expands, the establishment of secure and reliable infrastructure becomes crucial to instil trust among users and stakeholders, particularly in addressing fundamental concerns such as…
▽ More
In recent years, there has been a significant proliferation of industrial Internet of Things (IoT) applications, with a wide variety of use cases being developed and put into operation. As the industrial IoT landscape expands, the establishment of secure and reliable infrastructure becomes crucial to instil trust among users and stakeholders, particularly in addressing fundamental concerns such as traceability, integrity protection, and privacy that some industries still encounter today. This paper introduces a privacy-preserving method in the industry's IoT systems using blockchain-based data access control for remote industry safety monitoring and maintaining event information confidentiality, integrity and authenticity.
△ Less
Submitted 8 October, 2023;
originally announced October 2023.
-
Scalable Multi-domain Trust Infrastructures for Segmented Networks
Authors:
Sam Grierson,
William J Buchanan,
Craig Thomson,
Baraq Ghaleb,
Leandros Maglaras,
Chris Eckl
Abstract:
Within a trust infrastructure, a private key is often used to digitally sign a transaction, which can be verified with an associated public key. Using PKI (Public Key Infrastructure), a trusted entity can produce a digital signature, verifying the authenticity of the public key. However, what happens when external entities are not trusted to verify the public key or in cases where there is no Inte…
▽ More
Within a trust infrastructure, a private key is often used to digitally sign a transaction, which can be verified with an associated public key. Using PKI (Public Key Infrastructure), a trusted entity can produce a digital signature, verifying the authenticity of the public key. However, what happens when external entities are not trusted to verify the public key or in cases where there is no Internet connection within an isolated or autonomously acting collection of devices? For this, a trusted entity can be elected to generate a key pair and then split the private key amongst trusted devices. Each node can then sign part of the transaction using their split of the shared secret. The aggregated signature can then define agreement on a consensus within the infrastructure. Unfortunately, this process has two significant problems. The first is when no trusted node can act as a dealer of the shares. The second is the difficulty of scaling the digital signature scheme. This paper outlines a method of creating a leaderless approach to defining trust domains to overcome weaknesses in the scaling of the elliptic curve digital signature algorithm. Instead, it proposes the usage of the Edwards curve digital signature algorithm for the definition of multiple trust zones. The paper shows that the computational overhead of the distributed key generation phase increases with the number of nodes in the trust domain but that the distributed signing has a relatively constant computational overhead.
△ Less
Submitted 10 October, 2023; v1 submitted 7 October, 2023;
originally announced October 2023.
-
CellSecure: Securing Image Data in Industrial Internet-of-Things via Cellular Automata and Chaos-Based Encryption
Authors:
Hassan Ali,
Muhammad Shahbaz Khan,
Maha Driss,
Jawad Ahmad,
William J. Buchanan,
Nikolaos Pitropakis
Abstract:
In the era of Industrial IoT (IIoT) and Industry 4.0, ensuring secure data transmission has become a critical concern. Among other data types, images are widely transmitted and utilized across various IIoT applications, ranging from sensor-generated visual data and real-time remote monitoring to quality control in production lines. The encryption of these images is essential for maintaining operat…
▽ More
In the era of Industrial IoT (IIoT) and Industry 4.0, ensuring secure data transmission has become a critical concern. Among other data types, images are widely transmitted and utilized across various IIoT applications, ranging from sensor-generated visual data and real-time remote monitoring to quality control in production lines. The encryption of these images is essential for maintaining operational integrity, data confidentiality, and seamless integration with analytics platforms. This paper addresses these critical concerns by proposing a robust image encryption algorithm tailored for IIoT and Cyber-Physical Systems (CPS). The algorithm combines Rule-30 cellular automata with chaotic scrambling and substitution. The Rule 30 cellular automata serves as an efficient mechanism for generating pseudo-random sequences that enable fast encryption and decryption cycles suitable for real-time sensor data in industrial settings. Most importantly, it induces non-linearity in the encryption algorithm. Furthermore, to increase the chaotic range and keyspace of the algorithm, which is vital for security in distributed industrial networks, a hybrid chaotic map, i.e., logistic-sine map is utilized. Extensive security analysis has been carried out to validate the efficacy of the proposed algorithm. Results indicate that our algorithm achieves close-to-ideal values, with an entropy of 7.99 and a correlation of 0.002. This enhances the algorithm's resilience against potential cyber-attacks in the industrial domain.
△ Less
Submitted 20 September, 2023;
originally announced September 2023.
-
Double Public Key Signing Function Oracle Attack on EdDSA Software Implementations
Authors:
Sam Grierson,
Konstantinos Chalkias,
William J Buchanan,
Leandros Maglaras
Abstract:
EdDSA is a standardised elliptic curve digital signature scheme introduced to overcome some of the issues prevalent in the more established ECDSA standard. Due to the EdDSA standard specifying that the EdDSA signature be deterministic, if the signing function were to be used as a public key signing oracle for the attacker, the unforgeability notion of security of the scheme can be broken. This pap…
▽ More
EdDSA is a standardised elliptic curve digital signature scheme introduced to overcome some of the issues prevalent in the more established ECDSA standard. Due to the EdDSA standard specifying that the EdDSA signature be deterministic, if the signing function were to be used as a public key signing oracle for the attacker, the unforgeability notion of security of the scheme can be broken. This paper describes an attack against some of the most popular EdDSA implementations, which results in an adversary recovering the private key used during signing. With this recovered secret key, an adversary can sign arbitrary messages that would be seen as valid by the EdDSA verification function. A list of libraries with vulnerable APIs at the time of publication is provided. Furthermore, this paper provides two suggestions for securing EdDSA signing APIs against this vulnerability while it additionally discusses failed attempts to solve the issue.
△ Less
Submitted 10 October, 2023; v1 submitted 29 August, 2023;
originally announced August 2023.
-
SRSS: A New Chaos-Based Single-Round Single S-Box Image Encryption Scheme for Highly Auto-Correlated Data
Authors:
Muhammad Shahbaz Khan,
Jawad Ahmad,
Hisham Ali,
Nikolaos Pitropakis,
Ahmed Al-Dubai,
Baraq Ghaleb,
William J. Buchanan
Abstract:
With the advent of digital communication, securing digital images during transmission and storage has become a critical concern. The traditional s-box substitution methods often fail to effectively conceal the information within highly auto-correlated regions of an image. This paper addresses the security issues presented by three prevalent S-box substitution methods, i.e., single S-box, multiple…
▽ More
With the advent of digital communication, securing digital images during transmission and storage has become a critical concern. The traditional s-box substitution methods often fail to effectively conceal the information within highly auto-correlated regions of an image. This paper addresses the security issues presented by three prevalent S-box substitution methods, i.e., single S-box, multiple S-boxes, and multiple rounds with multiple S-boxes, especially when handling images with highly auto-correlated pixels. To resolve the addressed security issues, this paper proposes a new scheme SRSS-the Single Round Single S-Box encryption scheme. SRSS uses a single S-box for substitution in just one round to break the pixel correlations and encrypt the plaintext image effectively. Additionally, this paper introduces a new Chaos-based Random Operation Selection System-CROSS, which nullifies the requirement for multiple S-boxes, thus reducing the encryption scheme's complexity. By randomly selecting the operation to be performed on each pixel, driven by a chaotic sequence, the proposed scheme effectively scrambles even high auto-correlation areas. When compared to the substitution methods mentioned above, the proposed encryption scheme exhibited exceptionally well in just a single round with a single S-box. The close-to-ideal statistical security analysis results, i.e., an entropy of 7.89 and a correlation coefficient of 0.007, validate the effectiveness of the proposed scheme. This research offers an innovative path forward for securing images in applications requiring low computational complexity and fast encryption and decryption speeds.
△ Less
Submitted 21 August, 2023;
originally announced August 2023.
-
Enabling Quantum Cybersecurity Analytics in Botnet Detection: Stable Architecture and Speed-up through Tree Algorithms
Authors:
Madjid Tehrani,
Eldar Sultanow,
William J Buchanan,
Malik Amir,
Anja Jeschke,
Raymond Chow,
Mouad Lemoudden
Abstract:
For the first time, we enable the execution of hybrid machine learning methods on real quantum computers with 100 data samples and real-device-based simulations with 5,000 data samples, thereby outperforming the current state of research of Suryotrisongko and Musashi from 2022 who were dealing with 1,000 data samples and quantum simulators (pure software-based emulators) only. Additionally, we bea…
▽ More
For the first time, we enable the execution of hybrid machine learning methods on real quantum computers with 100 data samples and real-device-based simulations with 5,000 data samples, thereby outperforming the current state of research of Suryotrisongko and Musashi from 2022 who were dealing with 1,000 data samples and quantum simulators (pure software-based emulators) only. Additionally, we beat their reported accuracy of $76.8\%$ by an average accuracy of $91.2\%$, all within a total execution time of 1,687 seconds. We achieve this significant progress through two-step strategy: Firstly, we establish a stable quantum architecture that enables us to execute HQML algorithms on real quantum devices. Secondly, we introduce new hybrid quantum binary classification algorithms based on Hoeffding decision tree algorithms. These algorithms speed up the process via batch-wise execution, reducing the number of shots required on real quantum devices compared to conventional loop-based optimizers. Their incremental nature serves the purpose of online large-scale data streaming for DGA botnet detection, and allows us to apply hybrid quantum machine learning to the field of cybersecurity analytics. We conduct our experiments using the Qiskit library with the Aer quantum simulator, and on three different real quantum devices from Azure Quantum: IonQ, Rigetti, and Quantinuum. This is the first time these tools are combined in this manner.
△ Less
Submitted 31 July, 2023; v1 submitted 23 June, 2023;
originally announced June 2023.
-
Majority Voting Approach to Ransomware Detection
Authors:
Simon R Davies,
Richard Macfarlane,
William J Buchanan
Abstract:
Crypto-ransomware remains a significant threat to governments and companies alike, with high-profile cyber security incidents regularly making headlines. Many different detection systems have been proposed as solutions to the ever-changing dynamic landscape of ransomware detection. In the majority of cases, these described systems propose a method based on the result of a single test performed on…
▽ More
Crypto-ransomware remains a significant threat to governments and companies alike, with high-profile cyber security incidents regularly making headlines. Many different detection systems have been proposed as solutions to the ever-changing dynamic landscape of ransomware detection. In the majority of cases, these described systems propose a method based on the result of a single test performed on either the executable code, the process under investigation, its behaviour, or its output. In a small subset of ransomware detection systems, the concept of a scorecard is employed where multiple tests are performed on various aspects of a process under investigation and their results are then analysed using machine learning. The purpose of this paper is to propose a new majority voting approach to ransomware detection by develo** a method that uses a cumulative score derived from discrete tests based on calculations using algorithmic rather than heuristic techniques. The paper describes 23 candidate tests, as well as 9 Windows API tests which are validated to determine both their accuracy and viability for use within a ransomware detection system. Using a cumulative score calculation approach to ransomware detection has several benefits, such as the immunity to the occasional inaccuracy of individual tests when making its final classification. The system can also leverage multiple tests that can be both comprehensive and complimentary in an attempt to achieve a broader, deeper, and more robust analysis of the program under investigation. Additionally, the use of multiple collaborative tests also significantly hinders ransomware from masking or modifying its behaviour in an attempt to bypass detection.
△ Less
Submitted 30 May, 2023;
originally announced May 2023.
-
Review of the NIST Light-weight Cryptography Finalists
Authors:
William J Buchanan,
Leandros Maglaras
Abstract:
Since 2016, NIST has been assessing lightweight encryption methods, and, in 2022, NIST published the final 10: ASCON, Elephant, GIFT-COFB, Grain128-AEAD, ISAP, Photon-Beetle, Romulus, Sparkle, TinyJambu, and Xoodyak. At the time that the article was written, NISC announced ASCOn as the chosen method that will be published as NIST'S lightweight cryptography standard later in 2023. In this article,…
▽ More
Since 2016, NIST has been assessing lightweight encryption methods, and, in 2022, NIST published the final 10: ASCON, Elephant, GIFT-COFB, Grain128-AEAD, ISAP, Photon-Beetle, Romulus, Sparkle, TinyJambu, and Xoodyak. At the time that the article was written, NISC announced ASCOn as the chosen method that will be published as NIST'S lightweight cryptography standard later in 2023. In this article, we provide a comparison between these methods in terms of energy efficiency, time for encryption, and time for hashing.
△ Less
Submitted 28 March, 2023; v1 submitted 26 March, 2023;
originally announced March 2023.
-
An Omnidirectional Approach to Touch-based Continuous Authentication
Authors:
Peter Aaby,
Mario Valerio Giuffrida,
William J Buchanan,
Zhiyuan Tan
Abstract:
This paper focuses on how touch interactions on smartphones can provide a continuous user authentication service through behaviour captured by a touchscreen. While efforts are made to advance touch-based behavioural authentication, researchers often focus on gathering data, tuning classifiers, and enhancing performance by evaluating touch interactions in a sequence rather than independently. Howev…
▽ More
This paper focuses on how touch interactions on smartphones can provide a continuous user authentication service through behaviour captured by a touchscreen. While efforts are made to advance touch-based behavioural authentication, researchers often focus on gathering data, tuning classifiers, and enhancing performance by evaluating touch interactions in a sequence rather than independently. However, such systems only work by providing data representing distinct behavioural traits. The typical approach separates behaviour into touch directions and creates multiple user profiles. This work presents an omnidirectional approach which outperforms the traditional method independent of the touch direction - depending on optimal behavioural features and a balanced training set. Thus, we evaluate five behavioural feature sets using the conventional approach against our direction-agnostic method while testing several classifiers, including an Extra-Tree and Gradient Boosting Classifier, which is often overlooked. Results show that in comparison with the traditional, an Extra-Trees classifier and the proposed approach are superior when combining strokes. However, the performance depends on the applied feature set. We find that the TouchAlytics feature set outperforms others when using our approach when combining three or more strokes. Finally, we highlight the importance of reporting the mean area under the curve and equal error rate for single-stroke performance and varying the sequence of strokes separately.
△ Less
Submitted 13 January, 2023;
originally announced February 2023.
-
Towards The Creation Of The Future Fish Farm
Authors:
Pavlos Papadopoulos,
William J Buchanan,
Sarwar Sayeed,
Nikolaos Pitropakis
Abstract:
A fish farm is an area where fish raise and bred for food. Fish farm environments support the care and management of seafood within a controlled environment. Over the past few decades, there has been a remarkable increase in the calorie intake of protein attributed to seafood. Along with this, there are significant opportunities within the fish farming industry for economic development. Determinin…
▽ More
A fish farm is an area where fish raise and bred for food. Fish farm environments support the care and management of seafood within a controlled environment. Over the past few decades, there has been a remarkable increase in the calorie intake of protein attributed to seafood. Along with this, there are significant opportunities within the fish farming industry for economic development. Determining the fish diseases, monitoring the aquatic organisms, and examining the imbalance in the water element are some key factors that require precise observation to determine the accuracy of the acquired data. Similarly, due to the rapid expansion of aquaculture, new technologies are constantly being implemented in this sector to enhance efficiency. However, the existing approaches have often failed to provide an efficient method of farming fish. This work has kept aside the traditional approaches and opened up new dimensions to perform accurate analysis by adopting a distributed ledger technology. Our work analyses the current state-of-the-art of fish farming and proposes a fish farm ecosystem that relies on a private-by-design architecture based on the Hyperledger Fabric private-permissioned distributed ledger technology. The proposed method puts forward accurate and secure storage of the retrieved data from multiple sensors across the ecosystem so that the adhering entities can exercise their decision based on the acquired data. This study demonstrates a proof-of-concept to signify the efficiency and usability of the future fish farm.
△ Less
Submitted 2 January, 2023;
originally announced January 2023.
-
Hamming Distributions of Popular Perceptual Hashing Techniques
Authors:
Sean McKeown,
William J Buchanan
Abstract:
Content-based file matching has been widely deployed for decades, largely for the detection of sources of copyright infringement, extremist materials, and abusive sexual media. Perceptual hashes, such as Microsoft's PhotoDNA, are one automated mechanism for facilitating detection, allowing for machines to approximately match visual features of an image or video in a robust manner. However, there d…
▽ More
Content-based file matching has been widely deployed for decades, largely for the detection of sources of copyright infringement, extremist materials, and abusive sexual media. Perceptual hashes, such as Microsoft's PhotoDNA, are one automated mechanism for facilitating detection, allowing for machines to approximately match visual features of an image or video in a robust manner. However, there does not appear to be much public evaluation of such approaches, particularly when it comes to how effective they are against content-preserving modifications to media files. In this paper, we present a million-image scale evaluation of several perceptual hashing archetypes for popular algorithms (including Facebook's PDQ, Apple's Neuralhash, and the popular pHash library) against seven image variants. The focal point is the distribution of Hamming distance scores between both unrelated images and image variants to better understand the problems faced by each approach.
△ Less
Submitted 15 December, 2022;
originally announced December 2022.
-
Transforming EU Governance: The Digital Integration through EBSI and GLASS
Authors:
Dimitrios Kasimatis,
William J Buchanan,
Mwarwan Abubakar,
Owen Lo,
Christos Chrysoulas,
Nikolaos Pitropakis,
Pavlos Papadopoulos,
Sarwar Sayeed,
Marc Sel
Abstract:
Traditionally, government systems managed citizen identities through disconnected data systems, using simple identifiers and paper-based processes, limiting digital trust and requiring citizens to request identity verification documents. The digital era offers a shift towards unique digital identifiers for each citizen, enabling a 'citizen wallet' for easier access to personal documents like acade…
▽ More
Traditionally, government systems managed citizen identities through disconnected data systems, using simple identifiers and paper-based processes, limiting digital trust and requiring citizens to request identity verification documents. The digital era offers a shift towards unique digital identifiers for each citizen, enabling a 'citizen wallet' for easier access to personal documents like academic records and licences, with enhanced security through digital signatures. The European Commission's initiative for a digital wallet for every EU citizen aims to improve mobility and integration, leveraging the European Blockchain Services Infrastructure (EBSI) for harmonised citizen integration. This paper discusses how EBSI and the GLASS project can advance governance and streamline access to identity documents.
△ Less
Submitted 19 April, 2024; v1 submitted 6 December, 2022;
originally announced December 2022.
-
Venus Life Finder Habitability Mission: Motivation, Science Objectives, and Instrumentation
Authors:
Sara Seager,
Janusz J. Petkowski,
Christopher E. Carr,
Sarag J. Saikia,
Rachana Agrawal,
Weston P. Buchanan,
David H. Grinspoon,
Monika U. Weber,
Pete Klupar,
Simon P. Worden,
Iaroslav Iakubivskyi,
Mihkel Pajusalu,
Laila Kaasik
Abstract:
For over half a century, scientists have contemplated the potential existence of life within the clouds of Venus. Unknown chemistry leaves open the possibility that certain regions of the Venusian atmosphere are habitable. In situ atmospheric measurements with a suite of modern instruments can determine whether the cloud decks possess the characteristics needed to support life as we know it. The k…
▽ More
For over half a century, scientists have contemplated the potential existence of life within the clouds of Venus. Unknown chemistry leaves open the possibility that certain regions of the Venusian atmosphere are habitable. In situ atmospheric measurements with a suite of modern instruments can determine whether the cloud decks possess the characteristics needed to support life as we know it. The key habitability factors are cloud particle droplet acidity and cloud-layer water content. We envision an instrument suite to measure not only the acidity and water content of the droplets (and their variability) but additionally to confirm the presence of metals and other non-volatile elements required for life's metabolism, verify the existence of organic material, and search for biosignature gases as signs of life. We present an astrobiology-focused mission, science goals, and instruments that can be used on both a large atmospheric probe with a parachute lasting about one hour in the cloud layers (40 to 60 km) or a fixed-altitude balloon operating at about 52 km above the surface. The latter relies on four deployable mini probes to measure habitability conditions in the lower cloud region. The mission doubles as a preparation for sample return by determining whether a subset of cloud particles is non-liquid as well as characterizing the heterogeneity of the cloud particles, thereby informing sample collection and storage methods for a return journey to Earth.
△ Less
Submitted 21 November, 2022;
originally announced November 2022.
-
A DNA Based Colour Image Encryption Scheme Using A Convolutional Autoencoder
Authors:
Fawad Ahmed,
Muneeb Ur Rehman,
Jawad Ahmad,
Muhammad Shahbaz Khan,
Wadii Boulila,
Gautam Srivastava,
Jerry Chun-Wei Lin,
William J. Buchanan
Abstract:
With the advancement in technology, digital images can easily be transmitted and stored over the Internet. Encryption is used to avoid illegal interception of digital images. Encrypting large-sized colour images in their original dimension generally results in low encryption/decryption speed along with exerting a burden on the limited bandwidth of the transmission channel. To address the aforement…
▽ More
With the advancement in technology, digital images can easily be transmitted and stored over the Internet. Encryption is used to avoid illegal interception of digital images. Encrypting large-sized colour images in their original dimension generally results in low encryption/decryption speed along with exerting a burden on the limited bandwidth of the transmission channel. To address the aforementioned issues, a new encryption scheme for colour images employing convolutional autoencoder, DNA and chaos is presented in this paper. The proposed scheme has two main modules, the dimensionality conversion module using the proposed convolutional autoencoder, and the encryption/decryption module using DNA and chaos. The dimension of the input colour image is first reduced from N $\times$ M $\times$ 3 to P $\times$ Q gray-scale image using the encoder. Encryption and decryption are then performed in the reduced dimension space. The decrypted gray-scale image is upsampled to obtain the original colour image having dimension N $\times$ M $\times$ 3. The training and validation accuracy of the proposed autoencoder is 97% and 95%, respectively. Once the autoencoder is trained, it can be used to reduce and subsequently increase the dimension of any arbitrary input colour image. The efficacy of the designed autoencoder has been demonstrated by the successful reconstruction of the compressed image into the original colour image with negligible perceptual distortion. The second major contribution presented in this paper is an image encryption scheme using DNA along with multiple chaotic sequences and substitution boxes. The security of the proposed image encryption algorithm has been gauged using several evaluation parameters, such as histogram of the cipher image, entropy, NPCR, UACI, key sensitivity, contrast, etc. encryption.
△ Less
Submitted 7 November, 2022;
originally announced November 2022.
-
Comparison of Entropy Calculation Methods for Ransomware Encrypted File Identification
Authors:
Simon R Davies,
Richard Macfarlane,
William J. Buchanan
Abstract:
Ransomware is a malicious class of software that utilises encryption to implement an attack on system availability. The target's data remains encrypted and is held captive by the attacker until a ransom demand is met. A common approach used by many crypto-ransomware detection techniques is to monitor file system activity and attempt to identify encrypted files being written to disk, often using a…
▽ More
Ransomware is a malicious class of software that utilises encryption to implement an attack on system availability. The target's data remains encrypted and is held captive by the attacker until a ransom demand is met. A common approach used by many crypto-ransomware detection techniques is to monitor file system activity and attempt to identify encrypted files being written to disk, often using a file's entropy as an indicator of encryption. However, often in the description of these techniques, little or no discussion is made as to why a particular entropy calculation technique is selected or any justification given as to why one technique is selected over the alternatives. The Shannon method of entropy calculation is the most commonly-used technique when it comes to file encryption identification in crypto-ransomware detection techniques. Overall, correctly encrypted data should be indistinguishable from random data, so apart from the standard mathematical entropy calculations such as Chi-Square, Shannon Entropy and Serial Correlation, the test suites used to validate the output from pseudo-random number generators would also be suited to perform this analysis. he hypothesis being that there is a fundamental difference between different entropy methods and that the best methods may be used to better detect ransomware encrypted files. The paper compares the accuracy of 53 distinct tests in being able to differentiate between encrypted data and other file types. The testing is broken down into two phases, the first phase is used to identify potential candidate tests, and a second phase where these candidates are thoroughly evaluated. To ensure that the tests were sufficiently robust, the NapierOne dataset is used. This dataset contains thousands of examples of the most commonly used file types, as well as examples of files that have been encrypted by crypto-ransomware.
△ Less
Submitted 24 October, 2022;
originally announced October 2022.
-
Mission Architecture to Characterize Habitability of Venus Cloud Layers via an Aerial Platform
Authors:
Rachana Agrawal,
Weston P. Buchanan,
Archit Arora,
Athul P. Girija,
Maxim de Jong,
Sara Seager,
Janusz J. Petkowski,
Sarag J. Saikia,
Christopher E. Carr,
David H. Grinspoon,
James M. Longuski
Abstract:
Venus is known for its extreme surface temperature and its sulfuric acid clouds. But the cloud layers on Venus have similar temperature and pressure conditions to those on the surface of Earth and are conjectured to be a possible habitat for microscopic life forms. We propose a mission concept to explore the clouds of Venus for up to 30 days to evaluate habitability and search for signs of life. T…
▽ More
Venus is known for its extreme surface temperature and its sulfuric acid clouds. But the cloud layers on Venus have similar temperature and pressure conditions to those on the surface of Earth and are conjectured to be a possible habitat for microscopic life forms. We propose a mission concept to explore the clouds of Venus for up to 30 days to evaluate habitability and search for signs of life. The baseline mission targets a 2026 launch opportunity. A super-pressure variable float altitude balloon aerobot cycles between the altitudes of 48 and 60 km, i.e., primarily traversing the lower, middle, and part of the upper cloud layers. The instrument suite is carried by a gondola design derived from the Pioneer Venus Large Probe pressure vessel. The aerobot transmits data via an orbiter relay combined with a direct-to-Earth link. The orbiter is captured into a 6-h retrograde orbit with a low, roughly 170-degree, inclination. The total mass of the orbiter and entry probe is estimated to be 640 kg. An alternate concept for a constant float altitude balloon is also discussed as a lower complexity option compared to the variable float altitude version. The proposed mission would complement other planned missions and could help elucidate the limits of habitability and the role of unknown chemistry or possibly life itself in the Venus atmosphere.
△ Less
Submitted 10 August, 2022;
originally announced August 2022.
-
Aerial Platform Design Options for a Life-Finding Mission at Venus
Authors:
Weston P. Buchanan,
Maxim de Jong,
Rachana Agrawal,
Janusz J. Petkowski,
Archit Arora,
Sarag J. Saikia,
Sara Seager,
James M. Longuski
Abstract:
Mounting evidence of chemical disequilibria in the Venusian atmosphere has heightened interest in the search for life within the planet's cloud decks. Balloon systems are currently considered to be the superior class of aerial platform for extended atmospheric sampling within the clouds, providing the highest ratio of science return to risk. Balloon-based aerial platform designs depend heavily on…
▽ More
Mounting evidence of chemical disequilibria in the Venusian atmosphere has heightened interest in the search for life within the planet's cloud decks. Balloon systems are currently considered to be the superior class of aerial platform for extended atmospheric sampling within the clouds, providing the highest ratio of science return to risk. Balloon-based aerial platform designs depend heavily on payload mass and target altitudes. We present options for constant- and variable-altitude balloon systems designed to carry out science operations inside the Venusian cloud decks. The Venus Life Finder (VLF) mission study proposes a series of missions that require extended in situ analysis of Venus cloud material. We provide an overview of a representative mission architecture, as well as gondola designs to accommodate a VLF instrument suite. Current architecture asserts a launch date of 30 July 2026, which would place an orbiter and entry vehicle at Venus as early as November 29 of that same year.
△ Less
Submitted 10 August, 2022;
originally announced August 2022.
-
Venus Life Finder Missions Motivation and Summary
Authors:
Sara Seager,
Janusz J. Petkowski,
Christopher E. Carr,
David H. Grinspoon,
Bethany L. Ehlmann,
Sarag J. Saikia,
Rachana Agrawal,
Weston P. Buchanan,
Monika U. Weber,
Richard French,
Pete Klupar,
Simon P. Worden,
Darrel Baumgardner
Abstract:
Finding evidence of extraterrestrial life would be one of the most profound scientific discoveries ever made, advancing humanity into a new epoch of cosmic awareness. The Venus Life Finder (VLF) missions feature a series of three direct atmospheric probes designed to assess the habitability of the Venusian clouds and search for signs of life and life itself. The VLF missions are an astrobiology-fo…
▽ More
Finding evidence of extraterrestrial life would be one of the most profound scientific discoveries ever made, advancing humanity into a new epoch of cosmic awareness. The Venus Life Finder (VLF) missions feature a series of three direct atmospheric probes designed to assess the habitability of the Venusian clouds and search for signs of life and life itself. The VLF missions are an astrobiology-focused set of missions, and the first two out of three can be launched quickly and at a relatively low cost. The mission concepts come out of an 18-month study by an MIT-led worldwide consortium.
△ Less
Submitted 10 August, 2022;
originally announced August 2022.
-
Measuring the Carbon Intensity of AI in Cloud Instances
Authors:
Jesse Dodge,
Taylor Prewitt,
Remi Tachet Des Combes,
Erika Odmark,
Roy Schwartz,
Emma Strubell,
Alexandra Sasha Luccioni,
Noah A. Smith,
Nicole DeCario,
Will Buchanan
Abstract:
By providing unprecedented access to computational resources, cloud computing has enabled rapid growth in technologies such as machine learning, the computational demands of which incur a high energy cost and a commensurate carbon footprint. As a result, recent scholarship has called for better estimates of the greenhouse gas impact of AI: data scientists today do not have easy or reliable access…
▽ More
By providing unprecedented access to computational resources, cloud computing has enabled rapid growth in technologies such as machine learning, the computational demands of which incur a high energy cost and a commensurate carbon footprint. As a result, recent scholarship has called for better estimates of the greenhouse gas impact of AI: data scientists today do not have easy or reliable access to measurements of this information, precluding development of actionable tactics. Cloud providers presenting information about software carbon intensity to users is a fundamental step** stone towards minimizing emissions. In this paper, we provide a framework for measuring software carbon intensity, and propose to measure operational carbon emissions by using location-based and time-specific marginal emissions data per energy unit. We provide measurements of operational software carbon intensity for a set of modern models for natural language processing and computer vision, and a wide range of model sizes, including pretraining of a 6.1 billion parameter language model. We then evaluate a suite of approaches for reducing emissions on the Microsoft Azure cloud compute platform: using cloud instances in different geographic regions, using cloud instances at different times of day, and dynamically pausing cloud instances when the marginal carbon intensity is above a certain threshold. We confirm previous results that the geographic region of the data center plays a significant role in the carbon intensity for a given cloud instance, and find that choosing an appropriate region can have the largest operational emissions reduction impact. We also show that the time of day has notable impact on operational software carbon intensity. Finally, we conclude with recommendations for how machine learning practitioners can use software carbon intensity information to reduce environmental impact.
△ Less
Submitted 10 June, 2022;
originally announced June 2022.
-
GLASS: A Citizen-Centric Distributed Data-Sharing Model within an e-Governance Architecture
Authors:
Owen Lo,
William J. Buchanan,
Sarwar Sayeed,
Pavlos Papadopoulos,
Nikolaos Pitropakis,
Christos Chrysoulas
Abstract:
E-governance is a process that aims to enhance a government's ability to simplify all the processes that may involve government, citizens, businesses, and so on. The rapid evolution of digital technologies has often created the necessity for the establishment of an e-Governance model. There is often a need for an inclusive e-governance model with integrated multiactor governance services and where…
▽ More
E-governance is a process that aims to enhance a government's ability to simplify all the processes that may involve government, citizens, businesses, and so on. The rapid evolution of digital technologies has often created the necessity for the establishment of an e-Governance model. There is often a need for an inclusive e-governance model with integrated multiactor governance services and where a single market approach can be adopted. e-Governance often aims to minimise bureaucratic processes, while at the same time including a digital-by-default approach to public services. This aims at administrative efficiency and the reduction of bureaucratic processes. It can also improve government capabilities, and enhances trust and security, which brings confidence in governmental transactions. However, solid implementations of a distributed data sharing model within an e-governance architecture is far from a reality; hence, citizens of European countries often go through the tedious process of having their confidential information verified. This paper focuses on the sinGLe sign-on e-GovernAnce Paradigm based on a distributed file-exchange network for security, transparency, cost-effectiveness and trust (GLASS) model, which aims to ensure that a citizen can control their relationship with governmental agencies. The paper thus proposes an approach that integrates a permissioned blockchain with the InterPlanetary File System (IPFS). This method demonstrates how we may encrypt and store verifiable credentials of the GLASS ecosystem, such as academic awards, ID documents and so on, within IPFS in a secure manner and thus only allow trusted users to read a blockchain record, and obtain the encryption key. This allows for the decryption of a given verifiable credential that stored on IPFS. This paper outlines the creation of a demonstrator that proves the principles of the GLASS approach.
△ Less
Submitted 16 March, 2022;
originally announced March 2022.
-
Ransomware: Analysing the Impact on Windows Active Directory Domain Services
Authors:
Grant McDonald,
Pavlos Papadopoulos,
Nikolaos Pitropakis,
Jawad Ahmad,
William J. Buchanan
Abstract:
Ransomware has become an increasingly popular type of malware across the past decade and continues to rise in popularity due to its high profitability. Organisations and enterprises have become prime targets for ransomware as they are more likely to succumb to ransom demands as part of operating expenses to counter the cost incurred from downtime. Despite the prevalence of ransomware as a threat t…
▽ More
Ransomware has become an increasingly popular type of malware across the past decade and continues to rise in popularity due to its high profitability. Organisations and enterprises have become prime targets for ransomware as they are more likely to succumb to ransom demands as part of operating expenses to counter the cost incurred from downtime. Despite the prevalence of ransomware as a threat towards organisations, there is very little information outlining how ransomware affects Windows Server environments, and particularly its proprietary domain services such as Active Directory. Hence, we aim to increase the cyber situational awareness of organisations and corporations that utilise these environments. Dynamic analysis was performed using three ransomware variants to uncover how crypto-ransomware affects Windows Server-specific services and processes. Our work outlines the practical investigation undertaken as WannaCry, TeslaCrypt, and Jigsaw were acquired and tested against several domain services. The findings showed that none of the three variants stopped the processes and decidedly left all domain services untouched. However, although the services remained operational, they became uniquely dysfunctional as ransomware encrypted the files pertaining to those services
△ Less
Submitted 7 February, 2022;
originally announced February 2022.
-
NapierOne: A modern mixed file data set alternative to Govdocs1
Authors:
Simon R Davies,
Richard Macfarlane,
William J Buchanan
Abstract:
It was found when reviewing the ransomware detection research literature that almost no proposal provided enough detail on how the test data set was created, or sufficient description of its actual content, to allow it to be recreated by other researchers interested in reconstructing their environment and validating the research results. A modern cybersecurity mixed file data set called NapierOne…
▽ More
It was found when reviewing the ransomware detection research literature that almost no proposal provided enough detail on how the test data set was created, or sufficient description of its actual content, to allow it to be recreated by other researchers interested in reconstructing their environment and validating the research results. A modern cybersecurity mixed file data set called NapierOne is presented, primarily aimed at, but not limited to, ransomware detection and forensic analysis research. NapierOne was designed to address this deficiency in reproducibility and improve consistency by facilitating research replication and repeatability. The methodology used in the creation of this data set is also described in detail. The data set was inspired by the Govdocs1 data set and it is intended that NapierOne be used as a complement to this original data set.
An investigation was performed with the goal of determining the common files types currently in use. No specific research was found that explicitly provided this information, so an alternative consensus approach was employed. This involved combining the findings from multiple sources of file type usage into an overall ranked list. After which 5000 real-world example files were gathered, and a specific data subset created, for each of the common file types identified. In some circumstances, multiple data subsets were created for a specific file type, each subset representing a specific characteristic for that file type. For example, there are multiple data subsets for the ZIP file type with each subset containing examples of a specific compression method. Ransomware execution tends to produce files that have high entropy, so examples of file types that naturally have this attribute are also present.
△ Less
Submitted 20 January, 2022;
originally announced January 2022.
-
Electromagnetic Side-Channel Attack Resilience against PRESENT Lightweight Block Cipher
Authors:
Nilupulee A. Gunathilake,
Ahmed Al-Dubai,
William J. Buchanan,
Owen Lo
Abstract:
Lightweight cryptography is a novel diversion from conventional cryptography that targets internet-of-things (IoT) platform due to resource constraints. In comparison, it offers smaller cryptographic primitives such as shorter key sizes, block sizes and lesser energy drainage. The main focus can be seen in algorithm developments in this emerging subject. Thus, verification is carried out based upo…
▽ More
Lightweight cryptography is a novel diversion from conventional cryptography that targets internet-of-things (IoT) platform due to resource constraints. In comparison, it offers smaller cryptographic primitives such as shorter key sizes, block sizes and lesser energy drainage. The main focus can be seen in algorithm developments in this emerging subject. Thus, verification is carried out based upon theoretical (mathematical) proofs mostly. Among the few available side-channel analysis studies found in literature, the highest percentage is taken by power attacks. PRESENT is a promising lightweight block cipher to be included in IoT devices in the near future. Thus, the emphasis of this paper is on lightweight cryptology, and our investigation shows unavailability of a correlation electromagnetic analysis (CEMA) of it. Hence, in an effort to fill in this research gap, we opted to investigate the capabilities of CEMA against the PRESENT algorithm. This work aims to determine the probability of secret key leakage with a minimum number of electromagnetic (EM) waveforms possible. The process initially started from a simple EM analysis (SEMA) and gradually enhanced up to a CEMA. This paper presents our methodology in attack modelling, current results that indicate a probability of leaking seven bytes of the key and upcoming plans for optimisation. In addition, introductions to lightweight cryptanalysis and theories of EMA are also included.
△ Less
Submitted 22 December, 2021;
originally announced December 2021.
-
Blockchain-based Platform for Secure Sharing and Validation of Vaccination Certificates
Authors:
Mwrwan Abubakar,
Pádraig McCarron,
Zakwan Jaroucheh,
Ahmed Al-Dubai,
William J Buchanan
Abstract:
The COVID-19 pandemic has recently emerged as a worldwide health emergency that necessitates coordinated international measures. To contain the virus's spread, governments and health organisations raced to develop vaccines that would lower Covid-19 morbidity, relieve pressure on healthcare systems, and allow economies to open. As a way forward after the COVID-19 vaccination, the Vaccination certif…
▽ More
The COVID-19 pandemic has recently emerged as a worldwide health emergency that necessitates coordinated international measures. To contain the virus's spread, governments and health organisations raced to develop vaccines that would lower Covid-19 morbidity, relieve pressure on healthcare systems, and allow economies to open. As a way forward after the COVID-19 vaccination, the Vaccination certificate has been adopted to help the authorities formulate policies by controlling cross-border travelling. To resolve significant privacy concerns and remove the need for relying on third parties to maintain trust and control the user's data, in this paper, we leverage blockchain technologies in develo** a secure and verifiable vaccination certificate. Our approach has the advantage of utilising a hybrid architecture that implements different advanced technologies, such as smart contracts, interPlanetary File System (IPFS), and Self-sovereign Identity (SSI). We will rely on verifiable credentials paired with smart contracts to implement on-chain access control decisions and provide on-chain verification and validation of the user and issuer DIDs. The usability of this approach was further analysed, particularly concerning performance and security. Our analysis proved that our approach satisfies vaccination certificate security requirements.
△ Less
Submitted 21 December, 2021; v1 submitted 19 December, 2021;
originally announced December 2021.
-
Privacy-preserving and Trusted Threat Intelligence Sharing using Distributed Ledgers
Authors:
Hisham Ali,
Pavlos Papadopoulos,
Jawad Ahmad,
Nikolaos Pitropakis,
Zakwan Jaroucheh,
William J. Buchanan
Abstract:
Threat information sharing is considered as one of the proactive defensive approaches for enhancing the overall security of trusted partners. Trusted partner organizations can provide access to past and current cybersecurity threats for reducing the risk of a potential cyberattack - the requirements for threat information sharing range from simplistic sharing of documents to threat intelligence sh…
▽ More
Threat information sharing is considered as one of the proactive defensive approaches for enhancing the overall security of trusted partners. Trusted partner organizations can provide access to past and current cybersecurity threats for reducing the risk of a potential cyberattack - the requirements for threat information sharing range from simplistic sharing of documents to threat intelligence sharing. Therefore, the storage and sharing of highly sensitive threat information raises considerable concerns regarding constructing a secure, trusted threat information exchange infrastructure. Establishing a trusted ecosystem for threat sharing will promote the validity, security, anonymity, scalability, latency efficiency, and traceability of the stored information that protects it from unauthorized disclosure. This paper proposes a system that ensures the security principles mentioned above by utilizing a distributed ledger technology that provides secure decentralized operations through smart contracts and provides a privacy-preserving ecosystem for threat information storage and sharing regarding the MITRE ATT\&CK framework.
△ Less
Submitted 19 December, 2021;
originally announced December 2021.
-
Venus Life Finder Mission Study
Authors:
Sara Seager,
Janusz J. Petkowski,
Christopher E. Carr,
David Grinspoon,
Bethany Ehlmann,
Sarag J. Saikia,
Rachana Agrawal,
Weston Buchanan,
Monika U. Weber,
Richard French,
Pete Klupar,
Simon P. Worden
Abstract:
The Venus Life Finder Missions are a series of focused astrobiology mission concepts to search for habitability, signs of life, and life itself in the Venus atmosphere. While people have speculated on life in the Venus clouds for decades, we are now able to act with cost-effective and highly-focused missions. A major motivation are unexplained atmospheric chemical anomalies, including the "mysteri…
▽ More
The Venus Life Finder Missions are a series of focused astrobiology mission concepts to search for habitability, signs of life, and life itself in the Venus atmosphere. While people have speculated on life in the Venus clouds for decades, we are now able to act with cost-effective and highly-focused missions. A major motivation are unexplained atmospheric chemical anomalies, including the "mysterious UV-absorber", tens of ppm O$_2$, SO$_2$ and H$_2$O vertical abundance profiles, the possible presence of PH$_3$ and NH$_3$, and the unknown composition of Mode 3 cloud particles. These anomalies, which have lingered for decades, might be tied to habitability and life's activities or be indicative of unknown chemistry itself worth exploring. Our proposed series of VLF missions aim to study Venus' cloud particles and to continue where the pioneering in situ probe missions from nearly four decades ago left off. The world is poised on the brink of a revolution in space science. Our goal is not to supplant any other efforts but to take advantage of an opportunity for high-risk, high-reward science, which stands to possibly answer one of the greatest scientific mysteries of all, and in the process pioneer a new model of private/public partnership in space exploration.
△ Less
Submitted 9 December, 2021;
originally announced December 2021.
-
PAN-DOMAIN: Privacy-preserving Sharing and Auditing of Infection Identifier Matching
Authors:
William Abramson,
William J. Buchanan,
Sarwar Sayeed,
Nikolaos Pitropakis,
Owen Lo
Abstract:
The spread of COVID-19 has highlighted the need for a robust contact tracing infrastructure that enables infected individuals to have their contacts traced, and followed up with a test. The key entities involved within a contact tracing infrastructure may include the Citizen, a Testing Centre (TC), a Health Authority (HA), and a Government Authority (GA). Typically, these different domains need to…
▽ More
The spread of COVID-19 has highlighted the need for a robust contact tracing infrastructure that enables infected individuals to have their contacts traced, and followed up with a test. The key entities involved within a contact tracing infrastructure may include the Citizen, a Testing Centre (TC), a Health Authority (HA), and a Government Authority (GA). Typically, these different domains need to communicate with each other about an individual. A common approach is when a citizen discloses his personally identifiable information to both the HA a TC, if the test result comes positive, the information is used by the TC to alert the HA. Along with this, there can be other trusted entities that have other key elements of data related to the citizen. However, the existing approaches comprise severe flaws in terms of privacy and security. Additionally, the aforementioned approaches are not transparent and often being questioned for the efficacy of the implementations. In order to overcome the challenges, this paper outlines the PAN-DOMAIN infrastructure that allows for citizen identifiers to be matched amongst the TA, the HA and the GA. PAN-DOMAIN ensures that the citizen can keep control of the map** between the trusted entities using a trusted converter, and has access to an audit log.
△ Less
Submitted 6 December, 2021;
originally announced December 2021.
-
A Privacy-Preserving Platform for Recording COVID-19 Vaccine Passports
Authors:
Masoud Barati,
William J. Buchanan,
Owen Lo,
Omer Rana
Abstract:
Digital vaccine passports are one of the main solutions which would allow the restart of travel in a post COVID-19 world. Trust, scalability and security are all key challenges one must overcome in implementing a vaccine passport. Initial approaches attempt to solve this problem by using centralised systems with trusted authorities. However, sharing vaccine passport data between different organisa…
▽ More
Digital vaccine passports are one of the main solutions which would allow the restart of travel in a post COVID-19 world. Trust, scalability and security are all key challenges one must overcome in implementing a vaccine passport. Initial approaches attempt to solve this problem by using centralised systems with trusted authorities. However, sharing vaccine passport data between different organisations, regions and countries has become a major challenge. This paper designs a new platform architecture for creating, storing and verifying digital COVID-19 vaccine certifications. The platform makes use of the InterPlanetary File System (IPFS) to guarantee there is no single point of failure and allow data to be securely distributed globally. Blockchain and smart contracts are also integrated into the platform to define policies and log access rights to vaccine passport data while ensuring all actions are audited and verifiably immutable. Our proposed platform realises General Data Protection Regulation (GDPR) requirements in terms of user consent, data encryption, data erasure and accountability obligations. We assess the scalability and performance of the platform using IPFS and Blockchain test networks.
△ Less
Submitted 3 December, 2021;
originally announced December 2021.
-
Evaluating Tooling and Methodology when Analysing Bitcoin Mixing Services After Forensic Seizure
Authors:
Edward Henry Young,
Christos Chrysoulas,
Nikolaos Pitropakis,
Pavlos Papadopoulos,
William J Buchanan
Abstract:
Little or no research has been directed to analysis and researching forensic analysis of the Bitcoin mixing or 'tumbling' service themselves. This work is intended to examine effective tooling and methodology for recovering forensic artifacts from two privacy focused mixing services namely Obscuro which uses the secure enclave on intel chips to provide enhanced confidentiality and Wasabi wallet wh…
▽ More
Little or no research has been directed to analysis and researching forensic analysis of the Bitcoin mixing or 'tumbling' service themselves. This work is intended to examine effective tooling and methodology for recovering forensic artifacts from two privacy focused mixing services namely Obscuro which uses the secure enclave on intel chips to provide enhanced confidentiality and Wasabi wallet which uses CoinJoin to mix and obfuscate crypto currencies. These wallets were set up on VMs and then several forensic tools used to examine these VM images for relevant forensic artifacts. These forensic tools were able to recover a broad range of forensic artifacts and found both network forensics and logging files to be a useful source of artifacts to deanonymize these mixing services.
△ Less
Submitted 5 October, 2021;
originally announced October 2021.
-
GLASS: Towards Secure and Decentralized eGovernance Services using IPFS
Authors:
Christos Chrysoulas,
Amanda Thomson,
Nikolaos Pitropakis,
Pavlos Papadopoulos,
Owen Lo,
William J. Buchanan,
George Domalis,
Nikos Karacapilidis,
Dimitris Tsakalidis,
Dimitris Tsolis
Abstract:
The continuously advancing digitization has provided answers to the bureaucratic problems faced by eGovernance services. This innovation led them to an era of automation it has broadened the attack surface and made them a popular target for cyber attacks. eGovernance services utilize internet, which is currently a location addressed system where whoever controls the location controls not only the…
▽ More
The continuously advancing digitization has provided answers to the bureaucratic problems faced by eGovernance services. This innovation led them to an era of automation it has broadened the attack surface and made them a popular target for cyber attacks. eGovernance services utilize internet, which is currently a location addressed system where whoever controls the location controls not only the content itself, but the integrity of that content, and the access to that content. We propose GLASS, a decentralised solution which combines the InterPlanetary File System (IPFS) with Distributed Ledger technology and Smart Contracts to secure EGovernance services. We also create a testbed environment where we measure the IPFS performance.
△ Less
Submitted 17 September, 2021;
originally announced September 2021.
-
Electromagnetic Analysis of an Ultra-Lightweight Cipher: PRESENT
Authors:
Nilupulee A. Gunathilake,
Ahmed Al-Dubai,
William J. Buchanan,
Owen Lo
Abstract:
Side-channel attacks are an unpredictable risk factor in cryptography. Therefore, continuous observations of physical leakages are essential to minimise vulnerabilities associated with cryptographic functions. Lightweight cryptography is a novel approach in progress towards internet-of-things (IoT) security. Thus, it would provide sufficient data and privacy protection in such a constrained ecosys…
▽ More
Side-channel attacks are an unpredictable risk factor in cryptography. Therefore, continuous observations of physical leakages are essential to minimise vulnerabilities associated with cryptographic functions. Lightweight cryptography is a novel approach in progress towards internet-of-things (IoT) security. Thus, it would provide sufficient data and privacy protection in such a constrained ecosystem. IoT devices are resource-limited in terms of data rates (in kbps), power maintainability (battery) as well as hardware and software footprints (physical size, internal memory, RAM/ROM). Due to the difficulty in handling conventional cryptographic algorithms, lightweight ciphers consist of small key sizes, block sizes and few operational rounds. Unlike in the past, affordability to perform side-channel attacks using inexpensive electronic circuitries is becoming a reality. Hence, cryptanalysis of physical leakage in these emerging ciphers is crucial. Among existing studies, power analysis seems to have enough attention in research, whereas other aspects such as electromagnetic, timing, cache and optical attacks continue to be appropriately evaluated to play a role in forensic analysis.
As a result, we started analysing electromagnetic emission leakage of an ultra-lightweight block cipher, PRESENT. According to the literature, PRESENT promises to be adequate for IoT devices, and there still seems not to exist any work regarding correlation electromagnetic analysis (CEMA) of it. Firstly, we conducted simple electromagnetic analysis in both time and frequency domains and then proceeded towards CEMA attack modelling. This paper provides a summary of the related literature (IoT, lightweight cryptography, side-channel attacks and EMA), our methodology, current outcomes and future plans for the optimised results.
△ Less
Submitted 29 June, 2021;
originally announced June 2021.
-
Differential Area Analysis for Ransomware Attack Detection within Mixed File Datasets
Authors:
Simon R Davies,
Richard Macfarlane,
William J Buchanan
Abstract:
The threat from ransomware continues to grow both in the number of affected victims as well as the cost incurred by the people and organisations impacted in a successful attack. In the majority of cases, once a victim has been attacked there remain only two courses of action open to them; either pay the ransom or lose their data. One common behaviour shared between all crypto ransomware strains is…
▽ More
The threat from ransomware continues to grow both in the number of affected victims as well as the cost incurred by the people and organisations impacted in a successful attack. In the majority of cases, once a victim has been attacked there remain only two courses of action open to them; either pay the ransom or lose their data. One common behaviour shared between all crypto ransomware strains is that at some point during their execution they will attempt to encrypt the users' files. Previous research Penrose et al. (2013); Zhao et al. (2011) has highlighted the difficulty in differentiating between compressed and encrypted files using Shannon entropy as both file types exhibit similar values. One of the experiments described in this paper shows a unique characteristic for the Shannon entropy of encrypted file header fragments. This characteristic was used to differentiate between encrypted files and other high entropy files such as archives. This discovery was leveraged in the development of a file classification model that used the differential area between the entropy curve of a file under analysis and one generated from random data. When comparing the entropy plot values of a file under analysis against one generated by a file containing purely random numbers, the greater the correlation of the plots is, the higher the confidence that the file under analysis contains encrypted data.
△ Less
Submitted 28 June, 2021;
originally announced June 2021.
-
Launching Adversarial Attacks against Network Intrusion Detection Systems for IoT
Authors:
Pavlos Papadopoulos,
Oliver Thornewill von Essen,
Nikolaos Pitropakis,
Christos Chrysoulas,
Alexios Mylonas,
William J. Buchanan
Abstract:
As the internet continues to be populated with new devices and emerging technologies, the attack surface grows exponentially. Technology is shifting towards a profit-driven Internet of Things market where security is an afterthought. Traditional defending approaches are no longer sufficient to detect both known and unknown attacks to high accuracy. Machine learning intrusion detection systems have…
▽ More
As the internet continues to be populated with new devices and emerging technologies, the attack surface grows exponentially. Technology is shifting towards a profit-driven Internet of Things market where security is an afterthought. Traditional defending approaches are no longer sufficient to detect both known and unknown attacks to high accuracy. Machine learning intrusion detection systems have proven their success in identifying unknown attacks with high precision. Nevertheless, machine learning models are also vulnerable to attacks. Adversarial examples can be used to evaluate the robustness of a designed model before it is deployed. Further, using adversarial examples is critical to creating a robust model designed for an adversarial environment. Our work evaluates both traditional machine learning and deep learning models' robustness using the Bot-IoT dataset. Our methodology included two main approaches. First, label poisoning, used to cause incorrect classification by the model. Second, the fast gradient sign method, used to evade detection measures. The experiments demonstrated that an attacker could manipulate or circumvent detection with significant probability.
△ Less
Submitted 26 April, 2021;
originally announced April 2021.
-
Privacy and Trust Redefined in Federated Machine Learning
Authors:
Pavlos Papadopoulos,
Will Abramson,
Adam J. Hall,
Nikolaos Pitropakis,
William J. Buchanan
Abstract:
A common privacy issue in traditional machine learning is that data needs to be disclosed for the training procedures. In situations with highly sensitive data such as healthcare records, accessing this information is challenging and often prohibited. Luckily, privacy-preserving technologies have been developed to overcome this hurdle by distributing the computation of the training and ensuring th…
▽ More
A common privacy issue in traditional machine learning is that data needs to be disclosed for the training procedures. In situations with highly sensitive data such as healthcare records, accessing this information is challenging and often prohibited. Luckily, privacy-preserving technologies have been developed to overcome this hurdle by distributing the computation of the training and ensuring the data privacy to their owners. The distribution of the computation to multiple participating entities introduces new privacy complications and risks. In this paper, we present a privacy-preserving decentralised workflow that facilitates trusted federated learning among participants. Our proof-of-concept defines a trust framework instantiated using decentralised identity technologies being developed under Hyperledger projects Aries/Indy/Ursa. Only entities in possession of Verifiable Credentials issued from the appropriate authorities are able to establish secure, authenticated communication channels authorised to participate in a federated learning workflow related to mental health data.
△ Less
Submitted 30 March, 2021; v1 submitted 29 March, 2021;
originally announced March 2021.
-
An Experimental Analysis of Attack Classification Using Machine Learning in IoT Networks
Authors:
Andrew Churcher,
Rehmat Ullah,
Jawad Ahmad,
Sadaqat ur Rehman,
Fawad Masood,
Mandar Gogate,
Fehaid Alqahtani,
Boubakr Nour,
William J. Buchanan
Abstract:
In recent years, there has been a massive increase in the amount of Internet of Things (IoT) devices as well as the data generated by such devices. The participating devices in IoT networks can be problematic due to their resource-constrained nature, and integrating security on these devices is often overlooked. This has resulted in attackers having an increased incentive to target IoT devices. As…
▽ More
In recent years, there has been a massive increase in the amount of Internet of Things (IoT) devices as well as the data generated by such devices. The participating devices in IoT networks can be problematic due to their resource-constrained nature, and integrating security on these devices is often overlooked. This has resulted in attackers having an increased incentive to target IoT devices. As the number of attacks possible on a network increases, it becomes more difficult for traditional intrusion detection systems (IDS) to cope with these attacks efficiently. In this paper, we highlight several machine learning (ML) methods such as k-nearest neighbour (KNN), support vector machine (SVM), decision tree (DT), naive Bayes (NB), random forest (RF), artificial neural network (ANN), and logistic regression (LR) that can be used in IDS. In this work, ML algorithms are compared for both binary and multi-class classification on Bot-IoT dataset. Based on several parameters such as accuracy, precision, recall, F1 score, and log loss, we experimentally compared the aforementioned ML algorithms. In the case of HTTP distributed denial-of-service (DDoS) attack, the accuracy of RF is 99%. Furthermore, other simulation results-based precision, recall, F1 score, and log loss metric reveal that RF outperforms on all types of attacks in binary classification. However, in multi-class classification, KNN outperforms other ML algorithms with an accuracy of 99%, which is 4% higher than RF.
△ Less
Submitted 10 January, 2021;
originally announced January 2021.
-
Evaluation of Live Forensic Techniques in Ransomware Attack Mitigation
Authors:
Simon R. Davies,
Richard Macfarlane,
William J. Buchanan
Abstract:
Memory was captured from a system infected by ransomware and its contents was examined using live forensic tools, with the intent of identifying the symmetric encryption keys being used. NotPetya, Bad Rabbit and Phobos hybrid ransomware samples were tested during the investigation. If keys were discovered, the following two steps were also performed. Firstly, a timeline was manually created by com…
▽ More
Memory was captured from a system infected by ransomware and its contents was examined using live forensic tools, with the intent of identifying the symmetric encryption keys being used. NotPetya, Bad Rabbit and Phobos hybrid ransomware samples were tested during the investigation. If keys were discovered, the following two steps were also performed. Firstly, a timeline was manually created by combining data from multiple sources to illustrate the ransomware's behaviour as well as showing when the encryption keys were present in memory and how long they remained there. Secondly, an attempt was made to decrypt the files encrypted by the ransomware using the found keys. In all cases, the investigation was able to confirm that it was possible to identify the encryption keys used. A description of how these found keys were then used to successfully decrypt files that had been encrypted during the execution of the ransomware is also given. The resulting generated timelines provided a excellent way to visualise the behaviour of the ransomware and the encryption key management practices it employed, and from a forensic investigation and possible mitigation point of view, when the encryption keys are in memory.
△ Less
Submitted 19 December, 2020; v1 submitted 15 December, 2020;
originally announced December 2020.
-
A Privacy-Preserving Healthcare Framework Using Hyperledger Fabric
Authors:
Charalampos Stamatellis,
Pavlos Papadopoulos,
Nikolaos Pitropakis,
Sokratis Katsikas,
William J Buchanan
Abstract:
Electronic health record (EHR) management systems require the adoption of effective technologies when health information is being exchanged. Current management approaches often face risks that may expose medical record storage solutions to common security attack vectors. However, healthcare-oriented blockchain solutions can provide a decentralized, anonymous and secure EHR handling approach. This…
▽ More
Electronic health record (EHR) management systems require the adoption of effective technologies when health information is being exchanged. Current management approaches often face risks that may expose medical record storage solutions to common security attack vectors. However, healthcare-oriented blockchain solutions can provide a decentralized, anonymous and secure EHR handling approach. This paper presents PREHEALTH, a privacy-preserving EHR management solution that uses distributed ledger technology and an Identity Mixer (Idemix). The paper describes a proof-of-concept implementation that uses the Hyperledger Fabric's permissioned blockchain framework. The proposed solution is able to store patient records effectively whilst providing anonymity and unlinkability. Experimental performance evaluation results demonstrate the scheme's efficiency and feasibility for real-world scale deployment.
△ Less
Submitted 27 January, 2021; v1 submitted 18 November, 2020;
originally announced November 2020.
-
Review and Critical Analysis of Privacy-preserving Infection Tracking and Contact Tracing
Authors:
William J Buchanan,
Muhammad Ali Imran,
Masood Ur-Rehman,
Lei Zhang,
Qammer H. Abbasi,
Christos Chrysoulas,
David Haynes,
Nikolaos Pitropakis,
Pavlos Papadopoulos
Abstract:
The outbreak of viruses have necessitated contact tracing and infection tracking methods. Despite various efforts, there is currently no standard scheme for the tracing and tracking. Many nations of the world have therefore, developed their own ways where carriers of disease could be tracked and their contacts traced. These are generalized methods developed either in a distributed manner giving ci…
▽ More
The outbreak of viruses have necessitated contact tracing and infection tracking methods. Despite various efforts, there is currently no standard scheme for the tracing and tracking. Many nations of the world have therefore, developed their own ways where carriers of disease could be tracked and their contacts traced. These are generalized methods developed either in a distributed manner giving citizens control of their identity or in a centralised manner where a health authority gathers data on those who are carriers. This paper outlines some of the most significant approaches that have been established for contact tracing around the world. A comprehensive review on the key enabling methods used to realise the infrastructure around these infection tracking and contact tracing methods is also presented and recommendations are made for the most effective way to develop such a practice.
△ Less
Submitted 10 September, 2020;
originally announced September 2020.
-
TRUSTD: Combat Fake Content using Blockchain and Collective Signature Technologies
Authors:
Zakwan Jaroucheh,
Mohamad Alissa,
William J Buchanan
Abstract:
The growing trend of sharing news/contents, through social media platforms and the World Wide Web has been seen to impact our perception of the truth, altering our views about politics, economics, relationships, needs and wants. This is because of the growing spread of misinformation and disinformation intentionally or unintentionally by individuals and organizations. This trend has grave politica…
▽ More
The growing trend of sharing news/contents, through social media platforms and the World Wide Web has been seen to impact our perception of the truth, altering our views about politics, economics, relationships, needs and wants. This is because of the growing spread of misinformation and disinformation intentionally or unintentionally by individuals and organizations. This trend has grave political, social, ethical, and privacy implications for society due to 1) the rapid developments in the field of Machine Learning (ML) and Deep Learning (DL) algorithms in creating realistic-looking yet fake digital content (such as text, images, and videos), 2) the ability to customize the content feeds and to create a polarized so-called "filter-bubbles" leveraging the availability of the big-data. Therefore, there is an ethical need to combat the flow of fake content. This paper attempts to resolve some of the aspects of this combat by presenting a high-level overview of TRUSTD, a blockchain and collective signature-based ecosystem to help content creators in getting their content backed by the community, and to help users judge on the credibility and correctness of these contents.
△ Less
Submitted 28 August, 2020;
originally announced August 2020.
-
SklCoin: Toward a Scalable Proof-of-Stake and Collective Signature Based Consensus Protocol for Strong Consistency in Blockchain
Authors:
Zakwan Jaroucheh,
Baraq Ghaleb,
William J Buchanan
Abstract:
The proof-of-work consensus protocol suffers from two main limitations: waste of energy and offering only probabilistic guarantees about the status of the blockchain. This paper introduces SklCoin, a new Byzantine consensus protocol and its corresponding software architecture. This protocol leverages two ideas: 1) the proof-of-stake concept to dynamically form stake proportionate consensus groups…
▽ More
The proof-of-work consensus protocol suffers from two main limitations: waste of energy and offering only probabilistic guarantees about the status of the blockchain. This paper introduces SklCoin, a new Byzantine consensus protocol and its corresponding software architecture. This protocol leverages two ideas: 1) the proof-of-stake concept to dynamically form stake proportionate consensus groups that represent block miners (stakeholders), and 2) scalable collective signing to efficiently commit transactions irreversibly. SklCoin has immediate finality characteristic where all miners instantly agree on the validity of blocks. In addition, SklCoin supports high transaction rate because of its fast miner election mechanism
△ Less
Submitted 15 August, 2020;
originally announced August 2020.
-
Privacy Preserving Passive DNS
Authors:
Pavlos Papadopoulos,
Nikolaos Pitropakis,
William J. Buchanan,
Owen Lo,
Sokratis Katsikas
Abstract:
The Domain Name System (DNS) was created to resolve the IP addresses of the web servers to easily remembered names. When it was initially created, security was not a major concern; nowadays, this lack of inherent security and trust has exposed the global DNS infrastructure to malicious actors. The passive DNS data collection process creates a database containing various DNS data elements, some of…
▽ More
The Domain Name System (DNS) was created to resolve the IP addresses of the web servers to easily remembered names. When it was initially created, security was not a major concern; nowadays, this lack of inherent security and trust has exposed the global DNS infrastructure to malicious actors. The passive DNS data collection process creates a database containing various DNS data elements, some of which are personal and need to be protected to preserve the privacy of the end users. To this end, we propose the use of distributed ledger technology. We use Hyperledger Fabric to create a permissioned blockchain, which only authorized entities can access. The proposed solution supports queries for storing and retrieving data from the blockchain ledger, allowing the use of the passive DNS database for further analysis, e.g. for the identification of malicious domain names. Additionally, it effectively protects the DNS personal data from unauthorized entities, including the administrators that can act as potential malicious insiders, and allows only the data owners to perform queries over these data. We evaluated our proposed solution by creating a proof-of-concept experimental setup that passively collects DNS data from a network and then uses the distributed ledger technology to store the data in an immutable ledger, thus providing a full historical overview of all the records.
△ Less
Submitted 14 August, 2020;
originally announced August 2020.
