检索结果-内蒙古大学图书馆

Adaptive Emulation Framework for Multi-Architecture IoT Firmware Testing

computers, Materials & Continua 2023年第5期75卷 3291-3315页

作者： Jihyeon Yu Juhwan Kim Youngwoo Lee Fayozbek Rustamov Joobeom Yun Department of Computer and Information Security and Convergence Engineering for Intelligent DroneSejong UniversitySeoul05006Korea Department of Computer and Information Security Sejong UniversitySeoul05006Korea

Internet of things(IoT)devices are being increasingly used in numerous ***,the low priority on security and various IoT types have made these devices vulnerable to *** prevent this,recent studies have analyzed firmware in an emulation environment that does not require actual devices and is efficient for repeated ***,these studies focused only on major firmware architectures and rarely considered exotic *** addition,because of the diversity of firmware,the emulation success rate is not high in terms of large-scale *** this study,we propose the adaptive emulation framework for multi-architecture(AEMA).In the field of automated emulation frameworks for IoT firmware testing,AEMA considers the following issues:(1)limited compatibility for exotic firmware architectures,(2)emulation instability when configuring an automated environment,and(3)shallow testing range resulting from structured *** tackle these problems,AEMAcan emulate not onlymajor firmware architectures but also exotic firmware architectures not previously considered,such as Xtensa,ColdFire,and reduced instruction set computer(RISC)version five,by implementing a minority ***,we applied the emulation arbitration technique and input keyword extraction technique for emulation stability and efficient test case *** compared AEMA with other existing frameworks in terms of emulation success rates and fuzz *** a result,AEMA succeeded in emulating 864 out of 1,083 overall experimental firmware and detected vulnerabilities at least twice as fast as the experimental ***,AEMAfound a 0-day vulnerability in realworld IoT devices within 24 h.

关键词： Internet of things(IoT) emulation framework firmware fuzzing concolic execution vulnerability

来源：评论

学校读者我要写书评

暂无评论

IWTW:A Framework for IoWT Cyber Threat Analysis

引用

computer Modeling in engineering & Sciences 2024年第11期141卷 1575-1622页

作者： GyuHyun Jeon Hojun Jin Ju Hyeon Lee Seungho Jeon Jung Taek Seo Department of Information Security Gachon UniversitySeongnam13120Republic of Korea Department of Computer Engineering(Smart Security) Gachon UniversitySeongnam13120Republic of Korea

The Internet of Wearable Things(IoWT)or Wearable Internet of Things(WIoT)is a new paradigm that combines IoT and wearable *** in IoT technology have enabled the miniaturization of sensors embedded in wearable devices and the ability to communicate data and access real-time information over low-power mobile *** devices are highly interdependent with mobile ***,due to their limited processing power and bandwidth,IoWT devices are vulnerable to cyberattacks due to their low level of *** modeling and frameworks for analyzing cyber threats against existing IoT or low-power protocols have been actively *** threat analysis framework used in existing studies was limited to specific protocols and did not target IoWT *** addition,In the literature surveyed to date,no cyber threat analysis framework is targeting ***,the threat model presented in the existing research on cyber threat analysis and modeling for IoWT is specialized for specific *** addition,because it does not present standardized attack tactics and techniques,there is a limitation in that it is difficult to identify attacks *** this paper,we propose an Internet of Wearable Things threat analysis frameWork(IWTW)framework that can derive security threats through systematic analysis of IoWT attack cases and possible security threats and perform cyber threat analysis based on *** methodology for developing the IWTW framework consists of three steps:Analysis,Standardization,and *** attack cases and potential security threats are analyzed in the analysis *** the standardization stage,attack tactics and techniques derived from the analysis of attack cases and potential security threats are standardized,resulting in 3 attack categories,18 attack tactics,and 68 attack *** the compilation stage,standardized security threats are combined to develop the IWTW framework *** present four case st

关键词： Internet of wearable things wearable device threat framework security threat

来源：评论

学校读者我要写书评

暂无评论

Encrypted Cyberattack Detection System over Encrypted IoT Traffic Based onStatistical Intelligence

引用

computer Modeling in engineering & Sciences 2024年第11期141卷 1519-1549页

作者： Il Hwan Ji Ju Hyeon Lee Seungho Jeon Jung Taek Seo Department of Information Security Gachon UniversitySeongnam13120Republic of Korea Department of Computer Engineering(Smart Security) Gachon UniversitySeongnam13120Republic of Korea

In the early days of IoT’s introduction, it was challenging to introduce encryption communication due to the lackof performance of each component, such as computing resources like CPUs and batteries, to encrypt and decryptdata. Because IoT is applied and utilized in many important fields, a cyberattack on IoT can result in astronomicalfinancial and human casualties. For this reason, the application of encrypted communication to IoT has beenrequired, and the application of encrypted communication to IoT has become possible due to improvements inthe computing performance of IoT devices and the development of lightweight cryptography. The applicationof encrypted communication in IoT has made it possible to use encrypted communication channels to launchcyberattacks. The approach of extracting evidence of an attack based on the primary information of a networkpacket is no longer valid because critical information, such as the payload in a network packet, is encrypted byencrypted communication. For this reason, technology that can detect cyberattacks over encrypted network trafficoccurring in IoT environments is required. Therefore, this research proposes an encrypted cyberattack detectionsystem for the IoT (ECDS-IoT) that derives valid features for cyberattack detection from the cryptographic networktraffic generated in the IoT environment and performs cyberattack detection based on the derived features. ECDS-IoT identifies identifiable information from encrypted traffic collected in IoT environments and extracts statistics-based features through statistical analysis of identifiable information. ECDS-IoT understands information aboutnormal data by learning only statistical features extracted from normal data. ECDS-IoT detects cyberattacks basedonly on the normal data information it has trained. To evaluate the cyberattack detection performance of theproposed ECDS-IoT in this research, ECDS-IoT used CICIoT2023, a dataset containing encrypted traffic generatedby normal and

关键词： IoT cybersecurity IoT encrypted traffic IoT cyberattack detection

来源：评论

学校读者我要写书评

暂无评论

AI-Driven Prioritization and Filtering of Windows Artifacts for Enhanced Digital Forensics

引用

computers, Materials & Continua 2024年第11期81卷 3371-3393页

作者： Juhwan Kim Baehoon Son Jihyeon Yu Joobeom Yun Department of Computer and Information Security and Convergence Engineering for Intelligent DroneSejong UniversitySeoul05006Republic of Korea

Digital forensics aims to uncover evidence of cybercrimes within compromised *** cybercrimes are often perpetrated through the deployment of malware,which inevitably leaves discernible traces within the compromised *** analysts are tasked with extracting and subsequently analyzing data,termed as artifacts,from these systems to gather ***,forensic analysts must sift through extensive datasets to isolate pertinent ***,manually identifying suspicious traces among numerous artifacts is time-consuming and *** studies addressed such inefficiencies by integrating artificial intelligence(AI)technologies into digital *** the efforts in previous studies,artifacts were analyzed without considering the nature of the data within them and failed to prove their efficiency through specific *** this study,we propose a system to prioritize suspicious artifacts from compromised systems infected with malware to facilitate efficient digital *** system introduces a double-checking method that recognizes the nature of data within target artifacts and employs algorithms ideal for anomaly *** key ideas of this method are:(1)prioritize suspicious artifacts and filter remaining artifacts using autoencoder and(2)further prioritize suspicious artifacts and filter remaining artifacts using logarithmic *** evaluation demonstrates that our system can identify malicious artifacts with high accuracy and that its double-checking method is more efficient than alternative *** system can significantly reduce the time required for forensic analysis and serve as a reference for future studies.

关键词： Digital forensics autoencoder logarithmic entropy prioritization anomaly detection windows artifacts artificial intelligence

来源：评论

学校读者我要写书评

暂无评论

TRE-DSP: A traceable and revocable CP-ABE based data sharing scheme for IoV with partially hidden policy

引用

Digital Communications and Networks 2025年第2期11卷 455-464页

作者： Yousheng Zhou Rundong Peng Yuanni Liu Pandi Vijayakumar Brij Gupta College of Computer Science and Technology Chongqing University of Posts and Telecommunications College of Cyber Security and Information Law Chongqing University of Posts and Telecommunications Department of Computer Science and Engineering University College of Engineering Department of Computer Engineering National Institute of Technology Kurukshetra

With the popularity of the Internet of Vehicles(IoV), a large amount of data is being generated every day. How to securely share data between the IoV operator and various value-added service providers becomes one of the critical issues. Due to its flexible and efficient fine-grained access control feature, Ciphertext-Policy Attribute-Based Encryption(CP-ABE) is suitable for data sharing in IoV. However, there are many flaws in most existing CP-ABE schemes, such as attribute privacy leakage and key misuse. This paper proposes a Traceable and Revocable CP-ABE-based Data Sharing with Partially hidden policy for IoV(TRE-DSP). A partially hidden access structure is adopted to hide sensitive user attribute values, and attribute categories are sent along with the ciphertext to effectively avoid privacy exposure. In addition, key tracking and malicious user revocation are introduced with broadcast encryption to prevent key misuse. Since the main computation task is outsourced to the cloud, the burden of the user side is relatively low. Analysis of security and performance demonstrates that TRE-DSP is more secure and practical for data sharing in IoV.

关键词： Privacy-preserving Attribute-based encryption Partially hidden policy Traceability User revocation Internet of vehicles

来源：评论

学校读者我要写书评

暂无评论

Deep Learning Based Side-Channel Attack Detection for Mobile Devices security in 5G Networks

引用

清华大学学报自然科学版（英文版） 2025年第3期30卷 1012-1026页

作者： Amjed A.Ahmed Mohammad Kamrul Hasan Ali Alqahtani Shayla Islam Bishwajeet Pandey Leila Rzayeva Huda Saleh Abbas Azana Hafizah Mohd Aman Nayef Alqahtani Center for Cyber Security Faculty of Information Science and TechnologyUniversiti Kebangsaan MalaysiaBangi 43600Malaysia Imam Alkadhim University College Department of Computer Techniques EngineeringBaghdad 10066Iraq Center for Cyber Security Faculty of Information Science and TechnologyUniversiti Kebangsaan MalaysiaBangi 43600Malaysia Department of Networks and Communications Engineering College of Computer Science and Information SystemsNajran UniversityNajran 61441Saudi Arabia Institute of Computer Science and Digital Innovation UCSI UniversityKuala Lumpur 56000Malaysia Department of Intelligent Systems and Cyber Security Astana IT UniversityAstana 20000Kazakstan Department of Computer Science College of Computer Science and EngineeringTaibah UniversityMadinah 42353Saudi Arabia Department of Electrical Engineering College of EngineeringKing Faisal UniversityAl-Hofuf 31982Saudi Arabia

Mobile devices within Fifth Generation(5G)networks,typically equipped with Android systems,serve as a bridge to connect digital gadgets such as global positioning system,mobile devices,and wireless routers,which are vital in facilitating end-user communication ***,the security of Android systems has been challenged by the sensitive data involved,leading to vulnerabilities in mobile devices used in 5G *** vulnerabilities expose mobile devices to cyber-attacks,primarily resulting from security ***-permission apps in Android can exploit these channels to access sensitive information,including user identities,login credentials,and geolocation *** such attack leverages"zero-permission"sensors like accelerometers and gyroscopes,enabling attackers to gather information about the smartphone's *** underscores the importance of fortifying mobile devices against potential future *** research focuses on a new recurrent neural network prediction model,which has proved highly effective for detecting side-channel attacks in mobile devices in 5G *** conducted state-of-the-art comparative studies to validate our experimental *** results demonstrate that even a small amount of training data can accurately recognize 37.5％of previously unseen user-typed ***,our tap detection mechanism achieves a 92％accuracy rate,a crucial factor for text *** findings have significant practical implications,as they reinforce mobile device security in 5G networks,enhancing user privacy,and data protection.

关键词： Fifth Generation(5G)networks smartphone information leakage Side-Channel Attack(SCA) deep learning

来源：评论

学校读者我要写书评

暂无评论

Global Spatial-Temporal information Encoder-Decoder Based Action Segmentation in Untrimmed Video

引用

Tsinghua Science and Technology 2025年第1期30卷 290-302页

作者： Yichao Liu Yiyang Sun Zhide Chen Chen Feng Kexin Zhu Department of Computer and Cyberspace Security Fujian Normal UniversityFuzhou 350007China Department of Information Engineering Sun Yat-sen UniversityKaohsiung 80424China

Action segmentation has made significant progress,but segmenting and recognizing actions from untrimmed long videos remains a challenging *** state-of-the-art methods focus on designing models based on temporal ***,the limitations of modeling long-term temporal dependencies and the inflexibility of temporal convolutions restrict the potential of these *** address the issue of over-segmentation in existing action segmentation methods,which leads to classification errors and reduced segmentation quality,this paper proposes a global spatial-temporal information encoder-decoder based action segmentation *** method proposed in this paper uses the global temporal information captured by refinement layer to assist the Encoder-Decoder(ED)structure in judging the action segmentation point more accurately and,at the same time,suppress the excessive segmentation phenomenon caused by the ED *** method proposed in this paper achieves 93%frame accuracy on the constructed real Tai Chi action *** experimental results prove that this method can accurately and efficiently complete the long video action segmentation task.

关键词： Encoder-Decoder(ED) Bidirectional Long Short-Term Memory(BiLSTM) Tai Chi action segmentation untrimmed video

来源：评论

学校读者我要写书评

暂无评论

ARP Spoofing Mitigation for the E2 Interface in Open RAN: An xApp Approach 25th

ARP Spoofing Mitigation for the E2 Interface in Open RAN:...

引用

25th International Conference on information security Applications, WISA 2024

作者： Kim, Jihye Park, Jaehyoung Lee, Jong-Hyouk Department of Computer and Information Security Sejong University Seoul05006 Korea Republic of Department of Computer and Information Security and Convergence Engineering for Intelligent Drone Sejong University Seoul05006 Korea Republic of

ISBN: (纸本)9789819616237

In the 5G-Advanced and 6G era, the Open Radio Access Network (Open RAN) will support hardware and software interoperability between different vendors. The O-RAN Alliance, which leads the Open RAN initiative, has released standards addressing potential threats and mitigation requirements to the framework. While the standards specify Man-in-the-Middle (MitM) attacks on the E2 interface and recommend using IPsec, a Layer 3 security protocol, they do not cover defenses against Layer 2 attacks, such as Address Resolution Protocol (ARP) spoofing. This paper proposes an xApp with preventive and reactive mechanisms to protect the E2 interface from ARP spoofing in Open RAN. The xApp proactively prevents attacks through a static ARP table and continuously monitors the E2 interface to detect and react to the ARP spoofing, offering better network resilience than existing methods. © The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd. 2025.

关键词： Radio access networks

来源：评论

学校读者我要写书评

暂无评论

security Function for 5G-Advanced and 6G: Malicious UE Detection in Network Slicing 25th

Security Function for 5G-Advanced and 6G: Malicious UE Det...

引用

25th International Conference on information security Applications, WISA 2024

作者： Park, Jaehyoung Kim, Jihye Lee, Jong-Hyouk Department of Computer and Information Security and Convergence Engineering for Intelligent Drone Sejong University Seoul05006 Korea Republic of Department of Computer and Information Security Sejong University Seoul05006 Korea Republic of

ISBN: (纸本)9789819616237

Starting with Software Defined Networking (SDN) and Network Functions Virtualization (NFV) technologies, network slicing is emerging as a critical technology in 5G-Advanced and 6G mobile communications to allocate logical networks end-to-end, meeting diverse service requirements. However, the advent of network slicing introduces new security threats, including inter-slice security, intra-slice security, and lifecycle security of network slicing. While recent research has focused on security orchestration technologies using SDN/NFV for network slicing and AI-based attack detection, there remains a gap in research on security by design within the components of 3GPP 5G systems. Therefore, this paper investigates security by design in the 5G-Advanced and 6G architectures. To address these issues, we propose a malicious User Equipment (UE) detection function to identify attacks within the network-slicing environment. We illustrate the interaction between the detection function and other 3GPP 5G system components for network slicing security with its algorithm for detecting malicious UEs in network slices. © The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd. 2025.

关键词： Malicious UE Network Slicing security by Design

来源：评论

学校读者我要写书评

暂无评论

Enhancing Federated Feature Selection through Synthetic Data and Zero Trust Integration

引用

IEEE Journal on Selected Areas in Communications 2025年第6期43卷 2126-2140页

作者： Madathil, Nisha Thorakkattu Alrabaee, Saed Belkacem, Abdelkader Nasreddine United Arab Emirates University College of IT Department of Information Systems and Security United Arab Emirates United Arab Emirates University College of IT Information Systems and Security department United Arab Emirates UAE University Computer and Network Engineering Department Al Ain United Arab Emirates

Federated Learning (FL) allows healthcare organizations to train models using diverse datasets while maintaining patient confidentiality collaboratively. While promising, FL faces challenges in optimizing model accuracy and communication efficiency. To address these, we propose an algorithm that combines feature selection with synthetic data generation, specifically targeting medical datasets. Our method eliminates irrelevant local features, identifies globally relevant ones, and uses synthetic data to initialize model parameters, improving convergence. It also employs a zero-trust model, ensuring that data remain on local devices and only learned weights are shared with the central server, enhancing security. The algorithm improves accuracy and computational efficiency, achieving communication efficiency gains of 4 to 14 through backward elimination and threshold variation techniques. Tested on a federated diabetic dataset, the approach demonstrates significant improvements in the performance and trustworthiness of FL systems for medical applications. © 1983-2012 IEEE.

关键词： Federated learning

来源：评论

学校读者我要写书评

暂无评论

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

请选择保存的检索档案：

请选择收藏分类：

通借通还

建议与咨询 留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

请选择保存的检索档案： 新增检索档案 确定 取消

请选择收藏分类： 新增自定义分类 确定 取消

通借通还

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

请选择保存的检索档案：

请选择收藏分类：