Automatic underground space security monitoring based on BIM
نظارت بر امنیت خودکار فضای زیرزمینی بر اساس BIM-2020
Traditional underground space safety monitoring is ineffective as data continuity is weak, systematic and random errors are prominent, data quantification is difficult, data stability is scarce (especially in bad weather), and it is difficult to guarantee human safety. In this study, BIM technology and multi-data wireless sensor network transmission protocol, cloud computing platform are introduced into engineering monitoring, real-time online monitoring equipment, cloud computing platform and other hardware and software are developed, and corresponding online monitoring system for structural safety is developed to realize online monitoring and early diagnosis of underground space safety. First, the shape of the underground space, the surrounding environment, and various monitoring points are modeled using BIM. Then, the monitoring data collected from sensors at the engineering site are transmitted to the cloud via wireless transmission. Data information management is then realized via cloud computing, and an actual state-change trend and security assessment is provided. Finally, 4D technology (i.e., 3D model + time axis) that leverages a deformation chromatographic nephogram is used to facilitate managers to view deformation and safety of their underground spaces. To overcome past shortcomings, this system supports the management of basic engineering project data and storage of historical data. Furthermore, the system continuously reflects the fine response of each monitoring item under various working conditions all day, which has significant theoretical value and application.
Keywords: BIM technology | Deformation monitoring | Automation information | Management model
Fast Authentication and Progressive Authorization in Large-Scale IoT: How to Leverage AI for Security Enhancement
احراز هویت سریع و مجوز پیشرو در اینترنت اشیا با مقیاس بزرگ: نحوه استفاده از هوش مصنوعی برای تقویت امنیت-2020
Security provisioning has become the most important design consideration for large-scale Internet of Things (IoT) systems due to their critical roles in supporting diverse vertical applications by connecting heterogenous devices, machines, and industry processes. Conventional authentication and authorization schemes are insufficient to overcome the emerging IoT security challenges due to their reliance on both static digital mechanisms and computational complexity for improving security levels. Furthermore, the isolated security designs for different layers and link segments while ignoring the overall protection leads to cascaded security risks as well as growing communication latency and overhead. In this article, we envision new artificial intelligence (AI)-enabled security provisioning approaches to overcome these issues while achieving fast authentication and progressive authorization. To be more specific, a lightweight intelligent authentication approach is developed by exploring machine learning at the base station to identify the prearranged access time sequences or frequency bands or codes used in IoT devices. Then we propose a holistic authentication and authorization approach, where online machine learning and trust management are adopted for achieving adaptive access control. These new AI-enabled approaches establish the connections between transceivers quickly and enhance security progressively so that communication latency can be reduced and security risks are well controlled in large-scale IoT systems. Finally, we outline several areas for AI-enabled security provisioning for future research.
Toward Integrated Virtual Emotion System with AI Applicability for Secure CPS-Enabled Smart Cities: AI-Based Research Challenges and Security Issues
به سمت سیستم احساس مجازی مجتمع با قابلیت هوش مصنوعی برای شهرهای هوشمند دارای CPS امن: چالش های تحقیقاتی مبتنی بر هوش مصنوعی و مسائل امنیتی-2020
Cyber-physical systems (CPS) basically pursue a new form of integrated interaction with humans through computation and physical capabilities covering complex, intelligent, autonomous systems. Also, artificial intelligence (AI) is considered as a promising technology that will be applicable to numerous combined next generation applications including CPS, security, and communication in smart cities. However, cyber security based on AI technologies is still in its infancy and, in particular, the differential challenges or issues should be addressed for various AI-enabled applications and systems. In this article, we introduce a new integrated virtual emotion system with AI applicability, called as I-VEmoSYS, toward secure CPS-enabled smart cities. The integrated virtual emotion system covers several subsystems such as virtual emotion barrier, virtual emotion map, and virtual emotion block. We describe their system settings, concepts, components, and operations, and also deal with AI applicability to those subsystems. Furthermore, we discuss future challenges and security issues that must be met to achieve secure advanced smart cities using the AI-enabled virtual emotion system.
Development of an AI-based System for Automatic Detection and Recognition of Weapons in Surveillance Videos
توسعه یک سیستم مبتنی بر هوش مصنوعی برای تشخیص و شناسایی خودکار سلاح در نظارت تصویری -2020
Security cameras and video surveillance systems have become important infrastructures for ensuring safety and security of the general public. However, the detection of high-risk situations through these systems are still performed manually in many cities. The lack of manpower in the security sector and limited performance of human may result in undetected dangers or delay in detecting threats, posing risks for the public. In response, various parties have developed real-time and automated solutions for identifying risks based on surveillance videos. The aim of this work is to develop a low-cost, efficient, and artificial intelligence-based solution for the real-time detection and recognition of weapons in surveillance videos under different scenarios. The system was developed based on Tensorflow and preliminarily tested with a 294-second video which showed 7 weapons within 5 categories, including handgun, shotgun, automatic rifle, sniper rifle, and submachine gun. At the intersection over union (IoU) value of 0.50 and 0.75, the system achieved a precision of 0.8524 and 0.7006, respectively.
Keywords : surveillance video | security camera | artificial intelligence | weapon detection | TensorFlow | Single Shot MultiBox Detector
A semantic-based methodology for digital forensics analysis
یک روش مبتنی بر معنایی برای تجزیه و تحلیل پزشکی قانونی دیجیتال-2020
Nowadays, more than ever, digital forensics activities are involved in any criminal, civil or military investigation and represent a fundamental tool to support cyber-security. Investigators use a variety of techniques and proprietary software forensics applications to examine the copy of digital devices, searching hidden, deleted, encrypted, or damaged files or folders. Any evidence found is carefully analysed and documented in a ‘‘finding report’’ in preparation for legal proceedings that involve discovery, depositions, or actual litigation. The aim is to discover and analyse patterns of fraudulent activities. In this work, a new methodology is proposed to support investigators during the analysis process, correlating evidence found through different forensics tools. The methodology was implemented through a system able to add semantic assertion to data generated by forensics tools during extraction processes. These assertions enable more effective access to relevant information and enhanced retrieval and reasoning capabilities.
Keywords: Digital forensics | Text analysis | Log analysis | Correlation | Cybersecurity
نسبت جنبه های فنی به روانشناختی در مفاهیم آموزش امنیت اطلاعات تخصصی
سال انتشار: 2020 - تعداد صفحات فایل pdf انگلیسی: 6 - تعداد صفحات فایل doc فارسی: 14
نیاز به ایجاد تغییر در ساختار مهارتهای مورد نیاز برای متخصص امنیت اطلاعات (IS) توجیه پذیر است. در اینجا، ویژگیهای خاص مربوط به وضعیت فعلی فعالیتهای داخلی و مسائل کلاهبرداری داخلی، مشخصات اصلی توسعه سیستم های نگهداری فنی IS شامل آنالیز رفتار کاربر ، و مفهوم سیستم عامل در تنظیم امنیت ، اتوماسیون و پاسخ مورد بحث قرار می گیرد. همچنین اهمیت نقش انسان در حصول اطمینان از IS نشان داده خواهد شد. برخی رویکرد ها به منظور ارزیابی الگوهای رفتاری برای اطمینان از IS شرح داده شد. در این مقاله به آنالیز تجارب در زمینه تشکل در بین دانشجویان MEPhI ، تحصیل در رشته IS ، مهارت پیش بینی رفتار سایر افراد بر اساس داده های به دست آمده با استفاده از ماژول برنامه "سیستم آزمایش روانشناسی حرفه ای" در چارچوب آزمایشگاه تخصصی پرداخته شد.
واژه های کلیدی: آموزش امنیت اطلاعات | تحلیل رفتار | جنبه های روانشناختی امنیت | ارزیابی الگوهای رفتاری | مهارت های شناسایی کارمند داخلی
|مقاله ترجمه شده|
Internet of Things: Evolution and technologies from a security perspective
اینترنت اشیاء: تکامل و فناوری ها از دیدگاه امنیتی-2020
In recent years, IoT has developed into many areas of life including smart homes, smart cities, agriculture, offices, and workplaces. Everyday physical items such as lights, locks and industrial machineries can now be part of the IoT ecosystem. IoT has redefined the management of critical and non-critical systems with the aim of making our lives more safe, efficient and comfortable. As a result, IoT technology is having a huge positive impact on our lives. However, in addition to these positives, IoT systems have also attracted negative attention from malicious users who aim to infiltrate weaknesses within IoT systems for their own gain, referred to as cyber security attacks. By creating an introduction to IoT, this paper seeks to highlight IoT cyber security vulnerabilities and mitigation techniques to the reader. The paper is suitable for developers, practitioners, and academics, particularly from fields such as computer networking, information or communication technology or electronics. The paper begins by introducing IoT as the culmination of two hundred years of evolution within communication technologies. Around 2014, IoT reached consumers, early products were mostly small closed IoT networks, followed by large networks such as smart cities, and continuing to evolve into Next Generation Internet; internet systems which incorporate human values. Following this evolutionary introduction, IoT architectures are compared and some of the technologies that are part of each architectural layer are introduced. Security threats within each architectural layer and some mitigation strategies are discussed, finally, the paper concludes with some future developments.
Keywords: IoT | Internet of Things | Security | Cyber security | Secure by Design | Next Generation Internet | Smart city | Sustainable city | Energy reduction | Building Energy Management Systems
Hacking the AI - the Next Generation of Hijacked Systems
هک کردن هوش مصنوعی - نسل بعدی سیستم های ربوده شده-2020
Within the next decade, the need for automation, intelligent data handling and pre-processing is expected to increase in order to cope with the vast amount of information generated by a heavily connected and digitalised world. Over the past decades, modern computer networks, infrastructures and digital devices have grown in both complexity and interconnectivity. Cyber security personnel protecting these assets have been confronted with increasing attack surfaces and advancing attack patterns. In order to manage this, cyber defence methods began to rely on automation and (artificial) intelligence supporting the work of humans. However, machine learning (ML) and artificial intelligence (AI) supported methods have not only been integrated in network monitoring and endpoint security products but are almost omnipresent in any application involving constant monitoring, complex or large volumes of data. Intelligent IDS, automated cyber defence, network monitoring and surveillance as well as secure software development and orchestration are all examples of assets that are reliant on ML and automation. These applications are of considerable interest to malicious actors due to their importance to society. Furthermore, ML and AI methods are also used in audio-visual systems utilised by digital assistants, autonomous vehicles, face-recognition applications and many others. Successful attack vectors targeting the AI of audio-visual systems have already been reported. These attacks range from requiring little technical knowledge to complex attacks hijacking the underlying AI. With the increasing dependence of society on ML and AI, we must prepare for the next generation of cyber attacks being directed against these areas. Attacking a system through its learning and automation methods allows attackers to severely damage the system, while at the same time allowing them to operate covertly. The combination of being inherently hidden through the manipulation made, its devastating impact and the wide unawareness of AI and ML vulnerabilities make attack vectors against AI and ML highly favourable for malicious operators. Furthermore, AI systems tend to be difficult to analyse post-incident as well as to monitor during operations. Discriminating a compromised from an uncompromised AI in real-time is still considered difficult. In this paper, we report on the state of the art of attack patterns directed against AI and ML methods. We derive and discuss the attack surface of prominent learning mechanisms utilised in AI systems. We conclude with an analysis of the implications of AI and ML attacks for the next decade of cyber conflicts as well as mitigations strategies and their limitations.
Keywords: AI hijacking | artificial intelligence | machine learning | cyber attack | cyber security
امضای کوانتومی مبتنی بر هویت بر پایه حالات بل
سال انتشار: 2020 - تعداد صفحات فایل pdf انگلیسی: 8 - تعداد صفحات فایل doc فارسی: 17
براساس حالت های بل، یک طرح امضای کوانتومی مبتنی بر هویت پیشنهاد شده است. در طرح ما، کلید مخصوص امضا کننده توسط یک شخص ثالث قابل اعتماد به نام تولید کننده کلید خصوصی (PKG) تولید میشود، در حالی که کلید عمومی امضا کننده هویت او (مرد)/او (زن) (مانند نام او یا آدرس ایمیل) است. پیغامی که باید امضا شود به ترتیب کد حالت های بل کدگذاری (رمزنگاری) میشود. برای ایجاد امضای کوانتومی، امضا کننده توالی حالت بل را با کلید خصوصی او (مرد)/او (زن) امضا میکند. امضای کوانتومی را می توان توسط هر کسی با هویت امضا کننده تایید کرد. طرح امضای کوانتومی ما از مزایای طرح امضای کلاسیک مبتنی بر هویت برخوردار است. نیازی به استفاده از حافظه کوانتومی بلند مدت ندارد. از سوی دیگر، در طرح ما، در طول مرحله تایید امضا، بازبینی کننده نیازی به انجام هیچ آزمون مبادله ی کوانتومی ندارد. در طرح ما، تولید کننده کلید خصوصی یا PKG میتواند سبب از دست دادن امضای کوانتومی شود که در بسیاری از طرحهای امضا کوانتومی قابلاجرا نیست. طرح ما همچنین دارای ویژگیهای امنیتی غیرانکار و غیر قابل جعل و غیره است. امضای ما مطمئنتر، کارآمد و عملی تر از طرح های مشابه دیگر است.
کلمات کلیدی: امضای کوانتومی | امضای مبتنی بر هویت | حالت بل | آزمون کوانتومی مبادله ای
|مقاله ترجمه شده|
Towards Security and Privacy for Edge AI in IoT/IoE based Digital Marketing Environments
به سمت امنیت و حفظ حریم خصوصی برای هوش مصنوعی لبه در محیط های بازاریابی دیجیتال مبتنی بر IoT / IoE-2020
Abstract—Edge Artificial Intelligence (Edge AI) is a crucial aspect of the current and futuristic digital marketing Internet of Things (IoT) / Internet of Everything (IoE) environment. Consumers often provide data to marketers which is used to enhance services and provide a personalized customer experience (CX). However, use, storage and processing of data has been a key concern. Edge computing can enhance security and privacy which has been said to raise the current state of the art in these areas. For example, when certain processing of data can be done local to where requested, security and privacy can be enhanced. However, Edge AI in such an environment can be prone to its own security and privacy considerations, especially in the digital marketing context where personal data is involved. An ongoing challenge is maintaining security in such context and meeting various legal privacy requirements as they themselves continue to evolve, and many of which are not entirely clear from the technical perspective. This paper navigates some key security and privacy issues for Edge AI in IoT/IoE digital marketing environments along with some possible mitigations.
Keywords: edge security | edge privacy | edge AI | edge intelligence | artificial intelligence | AI | machine learning | ML | IoT | IoE | edge | cybersecurity | legal | law | digital marketing | smart | GDPR | CCPA | security | privacy