Fast Authentication and Progressive Authorization in Large-Scale IoT: How to Leverage AI for Security Enhancement
احراز هویت سریع و مجوز پیشرو در اینترنت اشیا با مقیاس بزرگ: نحوه استفاده از هوش مصنوعی برای تقویت امنیت-2020
Security provisioning has become the most important design consideration for large-scale Internet of Things (IoT) systems due to their critical roles in supporting diverse vertical applications by connecting heterogenous devices, machines, and industry processes. Conventional authentication and authorization schemes are insufficient to overcome the emerging IoT security challenges due to their reliance on both static digital mechanisms and computational complexity for improving security levels. Furthermore, the isolated security designs for different layers and link segments while ignoring the overall protection leads to cascaded security risks as well as growing communication latency and overhead. In this article, we envision new artificial intelligence (AI)-enabled security provisioning approaches to overcome these issues while achieving fast authentication and progressive authorization. To be more specific, a lightweight intelligent authentication approach is developed by exploring machine learning at the base station to identify the prearranged access time sequences or frequency bands or codes used in IoT devices. Then we propose a holistic authentication and authorization approach, where online machine learning and trust management are adopted for achieving adaptive access control. These new AI-enabled approaches establish the connections between transceivers quickly and enhance security progressively so that communication latency can be reduced and security risks are well controlled in large-scale IoT systems. Finally, we outline several areas for AI-enabled security provisioning for future research.
EyesGAN: Synthesize human face from human eyes
EyesGAN: صورت انسان را از چشم انسان سنتز کنید-2020
Face recognition recently has achieved remarkable success in many fields, especially in mobile payment, authentication, criminal investigation, and city management. However, face occlusion is still the key problem in person identification, such as in the field of anti-terrorism, criminal cases and public security. To solve this problem, an improved end-to-end deep generative adversarial network (named EyesGAN) has been proposed to synthesize human face from human eyes in this paper, which can be used as a potential scheme for masked face recognition. BicycleGAN is chosen as the baseline and effective improvements have been achieved. First, the self-attentional mechanism is introduced so that the improved model can more effectively learn about the internal mapping between human eyes and face. Second, the perceptual loss is applied to guide the model cyclic training and help with updating the network parameters so that the synthesized face can be of higher-similarity to the ground truth face. Third, EyesGAN has been designed by getting the utmost out of the performance of the perceptual loss and the self-attentional mechanism in GANs. A dataset of eyes-to-face synthesis has been reconstructed based on the public face datasets for training and testing. Finally, the faces synthesized by EyesGAN have been quantitatively and qualitatively compared with the results of existing methods. Extensive experiments demenstrate that our proposed method has performed better than the state-of-the-art methods in terms of Average Euclidean Distance, Average Cosine Similarity, Synthesis Accuracy Percentage, Fréchet Inception Distance, and Baidu face recognition rate (the accuracy achieved 96:1% on 615 test data of CelebA database). In this paper, the feasibility of synthesizing human face from human eyes has been explored, and the attention map shows that our network can predict other parts of the face from eyes.
Keywords: Eyes-to-face synthesis | Self-attention mechanism | Perceptual loss | Face occlusion recognition | Conditional generative adversarial networks
AI Powered THz VLSI Testing Technology
فناوری تست THz VLSI با قدرت هوش مصنوعی-2020
Abstract—Increasing complexity of digital and mixed-signal systems makes establishing the authenticity of a chip to be a challenging problem. We present a new terahertz testing technique for non-destructive identification of genuine integrated circuits, in package, in-situ and either with no or under bias, by measuring their response to scanning terahertz and sub-terahertz radiation at the circuit pins. This novel, patent pending non-invasive nondestructive technology when merged with Artificial Intelligence (AI) engine will evolve and self-improve with each test cycle. By establishing and AI processing of the THz scanning signatures of reliable devices and circuits and comparing this signatures with devices under test using AI, this technology could be also used for reliability and lifetime prediction.
Keywords: Terahertz | hardware cybersecurity | reliability | authentication | artificial intelligence
AI-Powered Blockchain : A Decentralized Secure Multiparty Computation Protocol for IoV
بلاکچین با هوش مصنوعی: یک پروتکل محاسباتی محرمانه چند جانبه امن برای IoV-2020
The rapid advancements in autonomous technologies have paved way for vehicular networks. In particular, Vehicular Ad-hoc Network (VANET) forms the basis of the future of Intelligent Transportation System (ITS). ITS represents the communication among vehicles by acquiring and sharing the data. Though congestion control is enhanced by Internet of Vehicles (IoV), there are various security criteria where entire communication can lead to many security and privacy challenges. A blockchain can be deployed to provide the IoV devices with the necessary authentication and security feature for the transfer of data. Blockchain based IoV mechanism eliminates the single source of failure and remains secure at base despite having strong security, the higher level layers and applications are susceptible to attacks. Artificial Intelligence (AI) has the potential to overcome several vulnerabilities of current blockchain technology. In this paper, we propose an AI-Powered Blockchain which provides auto coding feature for the smart contracts making it an intelligent contract. Moreover, it speeds up the transaction verification and optimises energy consumption. The results show that intelligent contracts provide higher security compared to smart contracts considering range of different scenarios.
Index Terms: Blockchain | Artificial Intelligence | Smart contract | Internet of Vehicles | Vehicular Network
Deep Learning based Attack for AI oriented Authentication Module
آموزش مبتنی بر یادگیری عمیق برای ماژول هویت گرای هوش مصنوعی-2020
Neural Network Physical Unclonable Function (NN-PUF) has been proposed for the secure implementation of Edge AI. This study evaluates the tamper resistance of NNPUF against machine learning attacks. The machine learning attack in this study learns CPRs using deep learning. As a result of the evaluation experiment, the machine learning attack predicted about 82% for CRPs. Therefore, this study revealed that NN-PUF is vulnerable to machine learning attacks.
Keywords: hardware security | physical unclonable function | machine learning attack | deep learning
Multi-layered intrusion detection and prevention in the SDN/NFV enabled cloud of 5G networks using AI-based defense mechanisms
شناسایی و جلوگیری از نفوذ چند لایه در SDN / NFV ابر شبکه های 5G را با استفاده از مکانیسم های دفاعی مبتنی بر هوش مصنوعی فعال می کند-2020
Software defined networking (SDN), network function virtualization (NFV), and cloud computing are receiving significant attention in 5G networks. However, this attention creates a new challenge for security provisioning in these integrated technologies. Research in the field of SDN, NFV, cloud computing, and 5G has recently focused on the intrusion detection and prevention system (IDPS). Existing IDPS solutions are inadequate, which could cause large resource wastage and several security threats. To alleviate security issues, timely detection of an attacker is important. Thus, in this paper, we propose a novel approach that is referred to as multilayered intrusion detection and prevention (ML-IDP) in an SDN/NFV-enabled cloud of 5G networks. The proposed approach defends against security attacks using artificial intelligence (AI). In this paper, we employed five layers: data acquisition layer, switches layer, domain controllers (DC) layer, smart controller (SC) layer, and virtualization layer (NFV infrastructure). User authentication is held in the first layer using the Four-Q-Curve algorithm. To address the flow table overloading attack in the switches layer, the game theory approach, which is executed in the IDP agent, is proposed. The involvement of the IDP agent is to completely avoid a flow table overloading attack by a deep reinforcement learning algorithm, and thus, it updates the current state of all switches. In the DC layer, packets are processed and classified into two classes (normal and suspicious) by a Shannon Entropy function. Normal packets are forwarded to the cloud via the SC. Suspicious packets are sent to the VNF using a growing multiple self-organization map (GM-SOM). The proposed ML-IDP system is evaluated using NS3.26 for different security attacks, including IP Spoofing, flow table overloading, DDoS, Control Plane Saturation, and host location hijacking. From the experiment results, we proved that the ML-IDP with AI-based defense mechanisms effectively detects and prevents attacks.
Keywords: SDN/NFV Cloud of 5G | Multilayered architecture | Intrusion detection and prevention | And artificial intelligence
A practical solution to clone problem in anonymous information system
یک راه حل عملی برای مسئله کلون در سیستم اطلاعات ناشناس-2020
Cloning user’s identity is always a thorny problem for an information system, especially for an anonymous system. With the development of big data applications, clone behav- iors sometimes even become attacks on these systems. But until now, there has been no very satisfactory anti-clone scheme in the anonymous system. After analyzing the prob- lems in existing anti-clone schemes, without any assumptions about physical security, we provide a practical solution to the clone problem in anonymous authentication system. In our scheme, the authentication is not only related to user’s private key, but also related to user’s current state, which is constantly updated by the system. Therefore, the authen- tication trajectories of user and clone will inevitably overlap, and it results in information leakage so as to indentify clone behaviors and revoke clone user’s credential. Meanwhile, we prove that honest users are truly anonymous and their login behaviors are unlinkable with complete security proofs. According to the analysis of the system function and the system efficiency, our scheme is much more efficient and has the best anti-clone proper- ties comparing with the existing schemes.
Keywords: Cloning identity | Anonymous system | Unlinkable login | Identification of clone behavior/user | Revocation of clone user’s credential | Denying clone user access
A semi-automated forensic investigation model for online social networks
یک مدل تحقیقات پزشکی قانونی نیمه خودکار برای شبکه های اجتماعی آنلاین-2020
Investigating the online social network profiles of victims, suspects, and witnesses are now part of al- most every legal investigation, either it involves a criminal offense, financial fraud, or domestic lawsuit. However, investigating online social networks (OSN) is a technically complicated process that becomes more challenging due to the legal issues of privacy and authentication. Completely manual investigative methods are not feasible for OSN investigations due to the immense size and heterogeneity of social net- works. However, the existing models for digital forensic investigation are not supporting automated or semi-automated forensic investigation processes. Furthermore, they are not addressing the fundamental differences and specific requirements of online social networks. The model presented in this work incor- porates the robust features of standard investigation models and proposes a digital forensic investigation process model that explicitly addresses the necessities of OSN investigations. This work is addressing the issues of automating the forensic collection and analysis processes, defining crime scene boundaries, and outlining reasonable iterative collection procedures in online social network forensic investigation. This work is evaluated using a case study and is compared with existing practices and standards.
Keywords: Forensic investigation model | Online social networks | Formal theory | Automated forensic processes | Forensic collection | Iterative process model
BAMHealthCloud: A biometric authentication and data management system for healthcare data in cloud
BAMHealthCloud: یک سیستم احراز هویت بیومتریک و سیستم مدیریت داده برای داده های مراقبت های بهداشتی در ابر-2020
Advancements in the healthcare industry have given rise to the security threat to the ever growing emedical data. The healthcare data management system records patient’s data in different formats such as text, numeric, pictures and videos leading to data which is big and unstructured. Also, hospitals may have several branches in different geographical locations. Sometimes, for research purposes, there is a need to integrate patients’ health data stored at different locations. In view of this, a cloud-based healthcare management system can be an effective solution for efficient health care data management. But the major concern of cloud-based healthcare system is the security aspect. It includes theft of identity, tax fraudulence, bank fraud, insurance frauds, medical frauds and defamation of high profile patients. Hence, a secure data access and retrieval is needed in order to provide security of critical medical records in healthcare management system. Biometric based authentication mechanism is suitable in this scenario since it overcomes the limitations of token theft and forgetting passwords in the conventional token idpassword mechanism used for providing security. It also has high accuracy rate for secure data access and retrieval. In the present paper, a cloud-based system for management of healthcare data BAMHealthCloud is proposed, which ensures the security of e-medical data access through a behavioral biometric signature-based authentication. Training of the signature samples for authentication purpose has been performed in parallel on Hadoop MapReduce framework using Resilient Backpropagation neural network. From rigorous experiments, it can be concluded that it achieves a speedup of 9 times, Equal error rate (EER) of 0.12, the sensitivity of 0.98 and specificity of 0.95. Performance comparison of the system with other state-of-art-algorithms shows that the proposed system preforms better than the existing systems in literature
Keywords: Biometric | Authentication | Healthcare | Cloud | Healthcare cloud | Hadoop
Authentication and integrity of smartphone videos through multimedia container structure analysis
احراز هویت و یکپارچگی فیلم های تلفن های هوشمند از طریق تجزیه و تحلیل ساختار چند رسانه ای-2020
Nowadays, mobile devices have become the natural substitute for the digital camera, as they capture everyday situations easily and quickly, encouraging users to express themselves through images and videos. These videos can be shared across different platforms exposing them to any kind of intentional manipulation by criminals who are aware of the weaknesses of forensic techniques to accuse an innocent person or exonerate a guilty person in a judicial process. Commonly, manufacturers do not comply 100% with the specifications of the standards for the creation of videos. Also, videos shared on social networks, and instant messaging applications go through filtering and compression processes to reduce their size, facilitate their transfer, and optimize storage on their platforms. The omission of specifications and results of transformations carried out by the platforms embed a features pattern in the multimedia container of the videos. These patterns make it possible to distinguish the brand of the device that generated the video, social network, and instant messaging application that was used for the transfer. Research in recent years has focused on the analysis of AVI containers and tiny video datasets. This work presents a novel technique to detect possible attacks against MP4, MOV, and 3GP format videos that affect their integrity and authenticity. The method is based on the analysis of the structure of video containers generated by mobile devices and their behavior when shared through social networks, instant messaging applications, or manipulated by editing programs. The objectives of the proposal are to verify the integrity of videos, identify the source of acquisition and distinguish between original and manipulated videos.
Keywords: Forensic analysis | Metadata | Mobile device camera | Multimedia container structure | Social network video analysis | Video analysis | Video authenticity | Video integrity