检索结果-内蒙古大学图书馆

A survey on security and privacy issues of bitcoin

学校读者我要写书评

暂无评论

arXiv 2017年

作者： Conti, Mauro Kumar E, Sandeep Lal, Chhagan Ruj, Sushmita Department of Mathematics University of Padua Padua Italy Department of Telecommunication Engineering Ramaiah Institute of Technology Bengaluru India Cryptology and Security Research Unit Computer and Communication Sciences Division Indian Statistical Institute India

Bitcoin is a popular cryptocurrency that records all transactions in a distributed append-only public ledger called blockchain. The security of Bitcoin heavily relies on the incentivecompatible proof-of-work (PoW) based distributed consensus protocol, which is run by network nodes called miners. In exchange for the incentive, the miners are expected to honestly maintain the blockchain. Since its launch in 2009, Bitcoin economy has grown at an enormous rate, and it is now worth about 170 billions of dollars. This exponential growth in the market value of Bitcoin motivates adversaries to exploit weaknesses for profit, and researchers to discover new vulnerabilities in the system, propose countermeasures, and predict upcoming trends. In this paper, we present a systematic survey that covers the security and privacy aspects of Bitcoin. We start by presenting an overview of the Bitcoin protocol and its major components along with their functionality and interactions within the system. We review the existing vulnerabilities in Bitcoin and its underlying major technologies such as blockchain and PoW based consensus protocol. These vulnerabilities lead to the execution of various security threats to the normal functionality of Bitcoin. We then discuss the feasibility and robustness of the state-of-theart security solutions. Additionally, we present current privacy and anonymity considerations in Bitcoin and discuss the privacyrelated threats to Bitcoin users along with the analysis of the existing privacy-preserving solutions. Finally, we summarize the critical open challenges and suggest directions for future research towards provisioning stringent security and privacy techniques for Bitcoin. Copyright © 2017, The Authors. All rights reserved.

关键词： Bitcoin

Inertial proximal alternating linearized minimization (iPALM) for nonconvex and nonsmooth problems

学校读者我要写书评

暂无评论

arXiv 2017年

作者： Pock, Thomas Sabach, Shoham Institute of Computer Graphics and Vision Graz University of Technology Graz8010 Austria Digital Safety and Security Department Ait Austrian Institute of Technology GmbH Vienna1220 Austria Department of Industrial Engineering and Management Technion-Israel Institute of Technology Haifa3200003 Israel

In this paper we study nonconvex and nonsmooth optimization problems with semi-algebraic data, where the variables vector is split into several blocks of variables. The problem consists of one smooth function of the entire variables vector and the sum of nonsmooth functions for each block separately. We analyze an inertial version of the Proximal Alternating Linearized Minimization (PALM) algorithm and prove its global convergence to a critical point of the objective function at hand. We illustrate our theoretical findings by presenting numerical experiments on blind image deconvolution, on sparse non-negative matrix factorization and on dictionary learning, which demonstrate the viability and effectiveness of the proposed method. Copyright © 2017, The Authors. All rights reserved.

关键词： Linearization

A framework for counterfeit smart grid device detection

学校读者我要写书评

暂无评论

A framework for counterfeit smart grid device detection

2016 IEEE Conference on Communications and Network security, CNS 2016

作者： Babun, Leonardo Aksu, Hidayet Selcuk Uluagac, A. Cyber-Physical Systems Security Lab Department of Electrical and Computer Engineering Florida International University 10555 West Flagler St. MiamiFL33174 United States

ISBN: (纸本)9781509030651

The core vision of the smart grid concept is the realization of reliable two-way communications between smart devices (e.g., IEDs, PLCs, PMUs). The benefits of the smart grid also come with tremendous security risks and new challenges in protecting the smart grid systems from cyber threats. Particularly, the use of untrusted counterfeit smart grid devices represents a real problem. Consequences of propagating false or malicious data, as well as stealing valuable user or smart grid state information from counterfeit devices are costly. Hence, early detection of counterfeit devices is critical for protecting smart grid's components and users. To address these concerns, in this poster, we introduce our initial design of a configurable framework that utilize system call tracing, library interposition, and statistical techniques for monitoring and detection of counterfeit smart grid devices. In our framework, we consider realistic counterfeit device scenarios with different smart grid devices and adversarial settings. Our initial results on a realistic testbed utilizing actual smart-grid GOOSE messages with IEC-61850 communication protocol are very promising. Our framework is showing excellent rates on detection of smart grid counterfeit devices from impostors. © 2016 IEEE.

关键词： cybersecurity

Formalising openCypher graph queries in relational algebra

学校读者我要写书评

暂无评论

arXiv 2017年

作者： Marton, József Szárnyas, Gábor Varró, Dániel Budapest University of Technology and Economics Database Laboratory Budapest University of Technology and Economics Fault Tolerant Systems Research Group MTA-BME Lendület Research Group on Cyber-Physical Systems McGill University Department of Electrical and Computer Engineering

Graph database systems are increasingly adapted for storing and processing heterogeneous network-like datasets. However, due to the novelty of such systems, no standard data model or query language has yet emerged. Consequently, migrating datasets or applications even between related technologies often requires a large amount of manual work or ad-hoc solutions, thus subjecting the users to the possibility of vendor lock-in. To avoid this threat, vendors are working on supporting existing standard languages (e.g. SQL) or standardising languages. In this paper, we present a formal specifcation for openCypher, a highlevel declarative graph query language with an ongoing standardisation efort. We introduce relational graph algebra, which extends relational operators by adapting graph-specifc operators and defne a mapping from core openCypher constructs to this algebra. We propose an algorithm that allows systematic compilation of openCypher queries. Copyright © 2017, The Authors. All rights reserved.

关键词： Algebra

A novel vulnerability analysis approach to generate fuzzing test case in industrial control systems

学校读者我要写书评

暂无评论

A novel vulnerability analysis approach to generate fuzzing ...

2016 IEEE Information technology,Networking,Electronic and Automation Control Conference(ITNEC 2016)

作者： SungJin Kim WooYeon Jo Taeshik Shon Department of Computer Engineering Ajou University Department of Cyber Security Ajou University

ISBN: (纸本)9781467391955

A smart grid is nationwide industrial control system that combine IT and traditional electric system. The main hindrance to smart grid is security. To solve this problem we propose a novel approach for vulnerability analysis of smart grid protocols using fuzzing test. The fuzzing test is widely used for vulnerability analysis, however, these studies do not consider the cross-protocol test and are not suitable to smart grid network. Therefore, we propose a novel test case generation method for fuzzing test. Before creating test cases, we classify the protocol fields into three categories by its characteristics. Based on the classification, we can easily create test case based on the categories without considering each fields. So, it helps to generate cross-field and cross-layer test case. To verify our approach, we examine the common used protocol library using the test case generated by proposed method and successfully find unknown abnormality.

关键词： fuzzing test vulnerability analysis industrial control system security smart grid security

Design and implementation of mobile app and web-based software for management and monitoring of bicycle routes 13

学校读者我要写书评

暂无评论

Design and implementation of mobile app and web-based softwa...

13th European, Mediterranean and Middle Eastern Conference on Information Systems, EMCIS 2016

作者： Khodambashi, Soudabeh Sanders, Richard Liodden Gulla, Jon Atle Abrahamsson, Pekka Department of Computer and Information Science Norwegian University of Sceicne and Technology Trondheim Norway Department of Software Engineering Safety and Security Sintef Trondheim Norway

ISBN: (纸本)9789606897092

Currently there are only limited data available on the habits and behaviour of pedestrians and cyclists towards private motor vehicles and public transport. The only data on cyclists' behaviour originates from sparsely distributed counting points throughout Trondheim city in Norway. Current counting devices are few, unreliable and expensive to manufacture. An application that tracks cyclists, enables them to report on road-related issues, and uploads these data to a road administration database could provide a basis for road infrastructure planning. In this paper we present two software applications which address such needs in Norway. The first is an Android application for cyclists which tracks their location and allows them to report road faults when they are travelling. The second was designed for web browsers and provides an interface which city planners can use to analyse data. These data include route and road faults and visualisations of most and least popular lane, in addition to the possibility of adding surveys to specific areas of the city to mobile app users. Use of these applications could be used to plan improvements to bike paths in areas suffering cycle congestion, as well as providing information about issues with existing road infrastructure, and information relevant to future investment in bike lanes infrastructure. © Proceedings of the 13th European, Mediterranean and Middle Eastern Conference on Information Systems, EMCIS 2016. All rights reserved.

关键词： Investments

Combinatorial algorithms for control of biological regulatory networks

学校读者我要写书评

暂无评论

arXiv 2017年

作者： Clark, Andrew Lee, Phillip Alomair, Basel Bushnell, Linda Poovendran, Radha Department of Electrical and Computer Engineering Worcester Polytechnic Institute WorcesterMA01609 United States Network Security Lab Department of Electrical Engineering University of Washington SeattleMA98195 United States National Center for Cybersecurity Technology King Abdulaziz City for Science and Technology Riyadh Saudi Arabia

Biological processes, including cell differentiation, organism development, and disease progression, can be interpreted as attractors (fixed points or limit cycles) of an underlying networked dynamical system. In this paper, we study the problem of computing a minimum-size subset of control nodes that can be used to steer a given biological network towards a desired attractor, when the networked system has Boolean dynamics. We first prove that this problem cannot be approximated to any nontrivial factor unless P=NP. We then formulate a sufficient condition and prove that the sufficient condition is equivalent to a target set selection problem, which can be solved using integer linear programming. Furthermore, we show that structural properties of biological networks can be exploited to reduce the computational complexity. We prove that when the network nodes have threshold dynamics and certain topological structures, such as block cactus topology and hierarchical organization, the input selection problem can be solved or approximated in polynomial time. For networks with nested canalyzing dynamics, we propose polynomial-time algorithms that are within a polylogarithmic bound of the global optimum. We validate our approach through numerical study on real-world gene regulatory networks. Copyright © 2017, The Authors. All rights reserved.

关键词： Dynamical systems

SMoNt: An ontology for crime solving through social media

学校读者我要写书评

暂无评论

International Journal of Metadata, Semantics and Ontologies 2017年第2-3期12卷 71-81页

作者： Kalemi, Edlira Yildirim-Yayilgan, Sule Domnori, Elton Elezaj, Ogerta Process and Information Systems Engineering Research Centre University of Surrey Guildford SurreyGU2 7XH United Kingdom Department of Information Security and Communication Technology Norwegian University of Science and Technology Gjøvik2815 Norway Department of Computer Engineering Epoka University Tirana1039 Albania Department of Mathematics Statistics and Applied Informatics University of Tirana Tirana1000 Albania

There are numerous social networks such as Facebook, LinkedIn, Google Plus and Twitter whose data sources are becoming larger every day holding an abundance of valuable information. Among these data, digital crime evidence can be collected from online social networks (OSNs) for crime detection and further analysis. This paper describes the SMONT ontology which has been developed to give support to the process of crime investigation and prevention. The SMONT ontology covers specific data about the crime, digital evidence obtained from OSNs, information archived from police entities, and also details related to people or events which may bring the authorities closer to crime case solving. It is possible to benefit from the ontology in different ways like: intelligence gathering;reasoning over the data;smarter searches and comparisons;open data publication purposes;and for the overall management of the crime solving and prevention process. Copyright © 2017 Inderscience Enterprises Ltd.

关键词： Ontology

Credit card fraud detection through parenclitic network analysis

学校读者我要写书评

暂无评论

arXiv 2017年

作者： Zanin, Massimiliano Romance, Miguel Moral, Santiago Criado, Regino Department of Computer Science Faculty of Science and Technology Universidade Nova de Lisboa Lisboa Portugal Department of Applied Mathematics Universidad Rey Juan Carlos Mostoles Madrid28933 Spain Center for Biomedical Technology Universidad Politecnica de Madrid Pozuelo de Alarcon Madrid28223 Spain Cyber Security and Digital Trust BBVA Group Madrid28050 Spain

The detection of frauds in credit card transactions is a major topic in financial research, of profound economic implications. While this has hitherto been tackled through data analysis techniques, the resemblances between this and other problems, like the design of recommendation systems and of diagnostic/prognostic medical tools, suggest that a complex network approach may yield important benefits. In this contribution we present a first hybrid data mining/complex network classification algorithm, able to detect illegal instances in a real card transaction data set. It is based on a recently proposed network reconstruction algorithm that allows creating representations of the deviation of one instance from a reference group. We show how the inclusion of features extracted from the network data representation improves the score obtained by a standard, neural network-based classification algorithm;and additionally how this combined approach can outperform a commercial fraud detection system in specific operation niches. Beyond these specific results, this contribution represents a new example on how complex networks and data mining can be integrated as complementary tools, with the former providing a view to data beyond the capabilities of the latter. Copyright © 2017, The Authors. All rights reserved.

关键词： Complex networks