Search results for: secure ADS-B

Authors: Jean-François Pouilly

Abstract:

This study addresses the growing complexity of embedded systems and the critical need for secure, reliable software. Traditional cybersecurity testing methods, often conducted late in the development cycle, struggle to keep pace. This talk explores how formal methods, integrated with advanced analysis tools, empower C/C++ developers to 1) Proactively address vulnerabilities and bugs, which includes formal methods and abstract interpretation techniques to identify potential weaknesses early in the development process, reducing the reliance on penetration and fuzz testing in later stages. 2) Streamline development by focusing on bugs that matter, with close to no false positives and catching flaws earlier, the need for rework and retesting is minimized, leading to faster development cycles, improved efficiency and cost savings. 3) Enhance software dependability which includes combining static analysis using abstract interpretation with full context sensitivity, with hardware memory awareness allows for a more comprehensive understanding of potential vulnerabilities, leading to more dependable and secure software. This approach aligns with industry best practices (ISO2626 or ISO 21434) and empowers C/C++ developers to deliver robust, secure embedded systems that meet the demands of today's and tomorrow's applications. We will illustrate this approach with the TrustInSoft analyzer to show how it accelerates verification for complex cases, reduces user fatigue, and improves developer efficiency, cost-effectiveness, and software cybersecurity. In summary, integrating formal methods and sound Analyzers enhances software reliability and cybersecurity, streamlining development in an increasingly complex environment.

Keywords: safety, cybersecurity, ISO26262, ISO24434, formal methods

Procedia PDF Downloads 19

Authors: Davi Marinho de Araujo Falcão, Ronaldo Moreira Salles, Paulo Henrique Maranhão

Abstract:

Disruption Tolerant Networks (DTN) are an evolution of Mobile Adhoc Networks (MANET) and work good in scenarioswhere nodes are sparsely distributed, with low density, intermittent connections and an end-to-end infrastructure is not possible to guarantee. Therefore, DTNs are recommended for high latency applications that can last from hours to days. The maritime scenario has mobility characteristics that contribute to a DTN network approach, but the concern with data security is also a relevant aspect in such scenarios. Continuing the previous work, which evaluated the performance of some DTN protocols (Epidemic, Spray and Wait, and Direct Delivery) in three warship scenarios and proposed the application of discriminant analysis, as a classification technique for secure connections, in the Epidemic protocol, thus, the current article proposes a new analysis of the directional discriminant function with opening angles smaller than 90 degrees, demonstrating that the increase in directivity influences the selection of a greater number of secure connections by the directional discriminant Epidemic protocol.

Keywords: DTN, discriminant function, epidemic protocol, security, tactical messages, warship scenario

Procedia PDF Downloads 191

Authors: Mohan Ramasundaram, Amutha Prabakar Muniyandi

Abstract:

Remote user authentication is one of the important tasks for any kind of remote server applications. Several remote authentication schemes are proposed by the researcher for Telecare Medicine Information System (TMIS). Most of the existing techniques have limitations, vulnerable to various kind attacks, lack of functionalities, information leakage, no perfect forward security and ineffectiveness. Authentication is a process of user verification mechanism for allows him to access the resources of a server. Nowadays, most of the remote authentication protocols are using two-factor authentications. We have made a survey of several remote authentication schemes using three factors and this survey shows that the most of the schemes are inefficient and subject to several attacks. We observed from the experimental evaluation; the proposed scheme is very secure against various known attacks that include replay attack, man-in-the-middle attack. Furthermore, the analysis based on the communication cost and computational cost estimation of the proposed scheme with related schemes shows that our proposed scheme is efficient.

Keywords: Telecare Medicine Information System, elliptic curve cryptography, three-factor, biometric, random oracle

Procedia PDF Downloads 219

Authors: D. López-Mancilla, J. M. Roblero-Villa

Abstract:

Since 1990, the research on chaotic dynamics has received considerable attention, particularly in light of potential applications of this phenomenon in secure communications. Data encryption using chaotic systems was reported in the 90's as a new approach for signal encoding that differs from the conventional methods that use numerical algorithms as the encryption key. The algorithms for image encryption have received a lot of attention because of the need to find security on image transmission in real time over the internet and wireless networks. Known algorithms for image encryption, like the standard of data encryption (DES), have the drawback of low level of efficiency when the image is large. The encrypting based on chaos proposes a new and efficient way to get a fast and highly secure image encryption. In this work, a user interface for image encryption and a novel and easiest way to encrypt images using chaos are presented. The main idea is to reshape any image into a n-dimensional vector and combine it with vector extracted from a chaotic system, in such a way that the vector image can be hidden within the chaotic vector. Once this is done, an array is formed with the original dimensions of the image and turns again. An analysis of the security of encryption from the images using statistical analysis is made and is used a stage of optimization for image encryption security and, at the same time, the image can be accurately recovered. The user interface uses the algorithms designed for the encryption of images, allowing you to read an image from the hard drive or another external device. The user interface, encrypt the image allowing three modes of encryption. These modes are given by three different chaotic systems that the user can choose. Once encrypted image, is possible to observe the safety analysis and save it on the hard disk. The main results of this study show that this simple method of encryption, using the optimization stage, allows an encryption security, competitive with complicated encryption methods used in other works. In addition, the user interface allows encrypting image with chaos, and to submit it through any public communication channel, including internet.

Keywords: image encryption, chaos, secure communications, user interface

Procedia PDF Downloads 489

Authors: Halima Adel Halim Shnishah, David Mulvaney

Abstract:

Applying traditional symmetric cryptography algorithms while computing encryption and decryption provides immunity to secret keys against different attacks. One of the popular techniques generating automated secret keys is evolutionary computing by using Eureqa API tool, which got attention in 2013. In this paper, we are generating automated secret keys for image encryption and decryption using Eureqa API (tool which is used in evolutionary computing technique). Eureqa API models pseudo-random input data obtained from a suitable source to generate secret keys. The validation of generated secret keys is investigated by performing various statistical tests (histogram, chi-square, correlation of two adjacent pixels, correlation between original and encrypted images, entropy and key sensitivity). Experimental results obtained from methods including histogram analysis, correlation coefficient, entropy and key sensitivity, show that the proposed image encryption algorithms are secure and reliable, with the potential to be adapted for secure image communication applications.

Keywords: image encryption algorithms, Eureqa, statistical measurements, automated key generation

Procedia PDF Downloads 482

Authors: Hongmei Chi

Abstract:

The Blockchain has become a necessity for many different societal industries and ordinary lives including cryptocurrency technology, supply chain, health care, public safety, education, etc. Therefore, training our future blockchain developers to know blockchain programming vulnerability and I.T. students' cyber security is in high demand. In this work, we propose a framework including learning modules and hands-on labs to guide future I.T. professionals towards developing secure blockchain programming habits and mitigating source code vulnerabilities at the early stages of the software development lifecycle following the concept of Secure Software Development Life Cycle (SSDLC). In this research, our goal is to make blockchain programmers and I.T. students aware of the vulnerabilities of blockchains. In summary, we develop a framework that will (1) improve students' skills and awareness of blockchain source code vulnerabilities, detection tools, and mitigation techniques (2) integrate concepts of blockchain vulnerabilities for IT students, (3) improve future IT workers’ ability to master the concepts of blockchain attacks.

Keywords: software vulnerability detection, hands-on lab, static analysis tools, vulnerabilities, blockchain, active learning

Procedia PDF Downloads 99

Authors: Jamel Miri, Bechir Nsiri, Ridha Bouallegue

Abstract:

Ultra WidBand-IR physical layer technology has seen a great development during the last decade which makes it a promising candidate for short range wireless communications, as they bring considerable benefits in terms of connectivity and mobility. However, like all wireless communication they suffer from vulnerabilities in terms of security because of the open nature of the radio channel. To face these attacks, distance bounding protocols are the most popular counter measures. In this paper, we presented a protocol based on distance bounding to thread the most popular attacks: Distance Fraud, Mafia Fraud and Terrorist fraud. In our work, we study the way to adapt the best secure distance bounding protocols to mapping code of ultra-wideband (TH-UWB) radios. Indeed, to ameliorate the performances of the protocol in terms of security communication in TH-UWB, we combine the modified protocol to ultra-wideband impulse radio technology (IR-UWB). The security and the different merits of the protocols are analyzed.

Keywords: distance bounding, mapping code ultrawideband, terrorist fraud, physical layer technology

Procedia PDF Downloads 299

Authors: Jonathan Heng, Yoong Cheah Huei

Abstract:

A strategic model that does not trigger any false alarms to detect anomalies in Secure Water Treatment (SWaT) test bed is presented. This model uses machine learning invariants formulated from streamlining the general form of Auto-Regressive models with eXogenous input. A creative generalized CUSUM algorithm to integrate the invariants and the detection strategy technique is successfully developed and tested in the SWaT Programmable Logic Controllers (PLCs). Three steps to fine-tune parameters, b and τ in the generalized algorithm are stated and an example used to demonstrate the tuning process is discussed. This approach can swiftly and effectively detect various scopes of cyber-attacks such as multiple points single stage and multiple points multiple stages in SWaT. This technique can be applied in water treatment plants and other cyber physical systems like power and gas plants too.

Keywords: machine learning invariants, generalized CUSUM algorithm with invariants and detection strategy, scope of cyber attacks, strategic model, tuning parameters

Procedia PDF Downloads 181

Authors: Daewook Kim, Gilwon Yoon

Abstract:

Intrabody communication (IBC) is a new way of transferring data using human body as a medium. Minute current can travel though human body without any harm. IBC can remove electrical wires for human area network. IBC can be also a secure communication network system unlike wireless networks which can be accessed by anyone with bad intentions. One of the IBC systems is based on frequency shift keying modulation where individual data are transmitted to the external devices for the purpose of secure access such as digital door lock. It was found that the quality of IBC data transmission was heavily dependent on ground configurations of electronic circuits. Reliable IBC transmissions were not possible when both of the transmitter and receiver used batteries as circuit power source. Transmission was reliable when power supplies were used as power source for both transmitting and receiving sites because the common ground was established through the grounds of instruments such as power supply and oscilloscope. This was due to transmission dipole size and the ground effects of floor and AC power line. If one site used battery as power source and the other site used the AC power as circuit power source, transmission was possible.

Keywords: frequency shift keying, ground, intrabody, communication, door lock

Procedia PDF Downloads 418

Authors: Jong-Won Lee

Abstract:

Since Cloud environment has appeared as the most powerful keyword in the computing industry, the growth in VDI (Virtual Desktop Infrastructure) became remarkable in domestic market. In recent years, with the trend that mobile devices such as smartphones and pads spread so rapidly, the strengths of VDI that allows people to access and perform business on the move along with companies' office needs expedite more rapid spread of VDI. However, although this enhanced accessibility and mobility can bring the enhanced productivity, it sometimes conflicts with the security, so there should be more detailed security solution, which is user authentication. In this paper, mobile OTP (One-Time Password) authentication method is proposed to secure mobile device portability through rapid and secure authentication using mobile devices such as mobile phones or pads, which does not require additional purchase or possession of OTP tokens of users. However, in order to use the service continuously and reliably in the cloud environment, both service provider and user have to prepare for security awareness and security threats, and continuously study the conflicting aspect between the improving user convenience and the security and supplement so that cloud service can provide opportunities to develop as a new growth industry in the future and create a new market in IT industry.

Keywords: cloud, OTP, mobility, security, authentication

Procedia PDF Downloads 349

Authors: Saeed M. Alshahrani

Abstract:

This research integrated blockchain technology to reform medical records management in healthcare informatics. It was aimed at resolving the limitations of centralized systems by establishing a secure, decentralized, and user-centric platform. The system was architected with a sophisticated three-tiered structure, integrating advanced cryptographic methodologies, consensus algorithms, and the Fast Healthcare Interoperability Resources (HL7 FHIR) standard to ensure data security, transaction validity, and semantic interoperability. The research has profound implications for healthcare delivery, patient care, legal compliance, operational efficiency, and academic advancements in blockchain technology and healthcare IT sectors. The methodology adapted in this research comprises of Preliminary Feasibility Study, Literature Review, Design and Development, Cryptographic Algorithm Integration, Modeling the data and testing the system. The research employed a permissioned blockchain with a Practical Byzantine Fault Tolerance (PBFT) consensus algorithm and Ethereum-based smart contracts. It integrated advanced cryptographic algorithms, role-based access control, multi-factor authentication, and RESTful APIs to ensure security, regulate access, authenticate user identities, and facilitate seamless data exchange between the blockchain and legacy healthcare systems. The research contributed to the development of a secure, interoperable, and decentralized system for managing medical records, addressing the limitations of the centralized systems that were in place. Future work will delve into optimizing the system further, exploring additional blockchain use cases in healthcare, and expanding the adoption of the system globally, contributing to the evolution of global healthcare practices and policies.

Keywords: healthcare informatics, blockchain, medical records management, decentralized architecture, data security, cryptographic algorithms

Procedia PDF Downloads 55

Authors: Simran Sharda

Abstract:

There is increasing evidence that leads psychologists today to believe that the attachment formed between a mother and child plays a much more profound role in later-life outcomes than previously expected. Particularly, the fact that a link may exist between maternal attachment and the development in addition to the severity of social anxiety in middle childhood seems to be gaining ground. This research will examine and address a myriad of major issues related to the impact of mother-child attachment: behaviors of children with different levels of secure attachment, various aspects of anxiety in relation to attachment security as well as other styles of mother-child attachments, especially avoidant attachment and over-attachment. This analysis serves to compile previous literature on the subject and touch light upon a logical extension of the research. Moreover, researchers have identified links between attachment and the externalization of problem behaviors: these behaviors may later manifest as social anxiety as well as increased severity and likelihood of PTSD diagnosis (an anxiety disorder). Furthermore, secure attachment has been linked to increased health benefits, cognitive skills, emotive socialization, and developmental psychopathology.

Keywords: child development, anxiety, cognition, developmental psychopathology, mother-child relationships, maternal, cognitive development

Procedia PDF Downloads 159

Authors: M. Moslehpour, S. Khorsandi

Abstract:

As transition to widespread use of IPv6 addresses has gained momentum, it has been shown to be vulnerable to certain security attacks such as those targeting Neighbor Discovery Protocol (NDP) which provides the address resolution functionality in IPv6. To protect this protocol, Secure Neighbor Discovery (SEND) is introduced. This protocol uses Cryptographically Generated Address (CGA) and asymmetric cryptography as a defense against threats on integrity and identity of NDP. Although SEND protects NDP against attacks, it is computationally intensive due to Hash2 condition in CGA. To improve the CGA computation speed, we parallelized CGA generation process and used the available resources in a trusted network. Furthermore, we focused on the influence of the existence of malicious nodes on the overall load of un-malicious ones in the network. According to the evaluation results, malicious nodes have adverse impacts on the average CGA generation time and on the average number of tries. We utilized a Trust Management that is capable of detecting and isolating the malicious node to remove possible incentives for malicious behavior. We have demonstrated the effectiveness of the Trust Management System in detecting the malicious nodes and hence improving the overall system performance.

Keywords: CGA, ICMPv6, IPv6, malicious node, modifier, NDP, overall load, SEND, trust management

Procedia PDF Downloads 184

Authors: Kavitha Thamadharan, Nurazean Maarop

Abstract:

The implementation of e-assessment as tool to support the process of teaching and learning in university has become a popular technological means in universities. E-Assessment provides many advantages to the users especially the flexibility in teaching and learning. The e-assessment system has the capability to improve its quality of delivering education. However, there still exists a drawback in terms of security which limits the user acceptance of the online learning system. Even though there are studies providing solutions for identified security threats in e-learning usage, there is no particular model which addresses the factors that influences the acceptance of e-assessment system by lecturers from security perspective. The aim of this study is to explore security aspects of e-assessment in regard to the acceptance of the technology. As a result a conceptual model of secure acceptance of e-assessment is proposed. Both human and security factors are considered in formulation of this conceptual model. In order to increase understanding of critical issues related to the subject of this study, interpretive approach involving convergent mixed method research method is proposed to be used to execute the research. This study will be useful in providing more insightful understanding regarding the factors that influence the user acceptance of e-assessment system from security perspective.

Keywords: secure technology acceptance, e-assessment security, e-assessment, education technology

Procedia PDF Downloads 459

Authors: Monirah Alkathiry, Hanan Aljarwan

Abstract:

Cloud computing is one of the most significant technologies that the world deals with, in different sectors with different purposes and capabilities. The cloud faces various challenges in securing data from unauthorized access or modification. Consequently, security risks and levels have greatly increased. Therefore, cloud service providers (CSPs) and users need secure mechanisms that ensure that data are kept secret and safe from any disclosures or exploits. For this reason, CSPs need a number of techniques and technologies to manage and secure access to the cloud services to achieve security goals, such as confidentiality, integrity, identity access management (IAM), etc. Therefore, this paper will review and explore various access controls implemented in a cloud environment that achieve different security purposes. The methodology followed in this survey was conducting an assessment, evaluation, and comparison between those access controls mechanisms and technologies based on different factors, such as the security goals it achieves, usability, and cost-effectiveness. This assessment resulted in the fact that the technology used in an access control affects the security goals it achieves as well as there is no one access control method that achieves all security goals. Consequently, such a comparison would help decision-makers to choose properly the access controls that meet their requirements.

Keywords: access controls, cloud computing, confidentiality, identity and access management

Procedia PDF Downloads 131

Authors: Bency Ann Massinello, Nancy Day, Janet Fellini

Abstract:

Background: The use of an appropriate mode of communication among the multidisciplinary care team members regarding coordination of care is an extremely complicated yet important patient safety initiative. Effective communication among the team members(nursing staff, medical staff, respiratory therapists, rehabilitation therapists, patient-family services team…) become essential to develop a culture of trust and collaboration to deliver the highest quality care to patients are their families. The inpatient post-acute pediatrics, where children and their caregivers come for continuity of care, is no exceptions to the increasing use of text messages as a means to communication among clinicians. One such platform is the Vocera Communications (Vocera Smart Mobile App called Vocera Edge) allows the teams to use the application and share sensitive patient information through an encrypted platform using IOS company provided shared and assigned mobile devices. Objective: This paper discusses the quality initiative of implementing the transition from Vocera Smartbage to Vocera Edge Mobile App, technology advantage, use case expansion, and lessons learned about a secure alternative modality that allows sending and receiving secure text messages in a pediatric post-acute setting using an IOS device. This implementation process included all direct care staff, ancillary teams, and administrative teams on the clinical units. Methods: Our institution launched this transition from voice prompted hands-free Vocera Smartbage to Vocera Edge mobile based app for secure care team texting using a big bang approach during the first PDSA cycle. The pre and post implementation data was gathered using a qualitative survey of about 500 multidisciplinary team members to determine the ease of use of the application and its efficiency in care coordination. The technology was further expanded in its use by implementing clinical alerts and alarms notification using middleware integration with patient monitoring (Masimo) and life safety (Nurse call) systems. Additional use of the smart mobile iPhone use include pushing out apps like Lexicomp and Up to Date to have it readily available for users for evident-based practice in medication and disease management. Results: Successful implementation of the communication system in a shared and assigned model with all of the multidisciplinary teams in our pediatric post-acute setting. In just a 3-monthperiod post implementation, we noticed a 14% increase from 7,993 messages in 6 days in December 2020 to 9,116messages in March 2021. This confirmed that all clinical and non-clinical teams were using this mode of communication for coordinating the care for their patients. System generated data analytics used in addition to the pre and post implementation staff survey for process evaluation. Conclusion: A secure texting option using a mobile device is a safe and efficient mode for care team communication and collaboration using technology in real time. This allows for the settings like post-acute pediatric care areas to be in line with the widespread use of mobile apps and technology in our mainstream healthcare.

Keywords: nursing informatics, mobile secure texting, multidisciplinary communication, pediatrics post acute care

Procedia PDF Downloads 196

Authors: Ashish Ashish

Abstract:

In the last few decades, the discrete chaos of difference equations has gained a massive attention of academicians and scholars due to its tremendous applications in each and every branch of science, such as cryptography, traffic control models, secure communications, weather forecasting, and engineering. In this article, a generalized logistic discrete map is established and discrete chaos is reported through period doubling bifurcation, period three orbit and Lyapunov exponent. It is interesting to see that the generalized logistic map exhibits superior chaos due to the presence of an extra degree of freedom of an ordered parameter. The period doubling bifurcation and Lyapunov exponent are demonstrated for some particular values of parameter and the discrete chaos is determined in the sense of Devaney's definition of chaos theoretically as well as numerically. Moreover, the study discusses an extended chaos based image encryption and decryption scheme in cryptography using this novel system. Surprisingly, a larger key space for coding and more sensitive dependence on initial conditions are examined for encryption and decryption of text messages, images and videos which secure the system strongly from external cyber attacks, coding attacks, statistic attacks and differential attacks.

Keywords: chaos, period-doubling, logistic map, Lyapunov exponent, image encryption

Procedia PDF Downloads 151

Authors: Michael Dole, Pierre Ninin, Denis Raffourt

Abstract:

Most of the CERN’s facilities hosting particle accelerators are large, underground and radioactive areas. All fire detection systems installed in such areas, shall be carefully studied to cope with the particularities of this stringent environment. The detection equipment usually chosen by CERN to secure these underground facilities are based on air sampling technology. The electronic equipment is located in non-radioactive areas whereas air sampling networks are deployed in radioactive areas where fire detection is required. The air sampling technology provides very good detection performances and prevent the "radiation-to-electronic" effects. In addition, it reduces the exposure to radiations of maintenance workers and is permanently available during accelerator operation. In order to protect the Super Proton Synchrotron and its 7 km tunnels, a specific long distance aspirating smoke detector has been developed to detect smoke at up to 700 meters between electronic equipment and the last air sampling hole. This paper describes the architecture, performances and return of experience of the long distance fire detection system developed and installed to secure the CERN Super Proton Synchrotron tunnels.

Keywords: air sampling, fire detection, long distance, radioactive areas

Procedia PDF Downloads 161

Authors: Amir Rashid

Abstract:

Cloud Computing frameworks empower organizations to cut expenses by outsourcing computation resources on-request. As of now, customers of Cloud service providers have no methods for confirming the privacy and ownership of their information and data. To address this issue we propose the platform of a trusted cloud computing program (TCCP). TCCP empowers Infrastructure as a Service (IaaS) suppliers, for example, Amazon EC2 to give a shout box execution condition that ensures secret execution of visitor virtual machines. Also, it permits clients to bear witness to the IaaS supplier and decide if the administration is secure before they dispatch their virtual machines. This paper proposes a Trusted Cloud Computing Platform (TCCP) for guaranteeing the privacy and trustworthiness of computed data that are outsourced to IaaS service providers. The TCCP gives the deliberation of a shut box execution condition for a client's VM, ensuring that no cloud supplier's authorized manager can examine or mess up with its data. Furthermore, before launching the VM, the TCCP permits a client to dependably and remotely acknowledge that the provider at backend is running a confided in TCCP. This capacity extends the verification of whole administration, and hence permits a client to confirm the data operation in secure mode.

Keywords: cloud security, IaaS, cloud data privacy and integrity, hybrid cloud

Procedia PDF Downloads 299

Authors: Naveed Ghani, Samreen Javed

Abstract:

In today’s heterogeneous network environment, there is a growing demand for distrust clients to jointly execute secure network to prevent from malicious attacks as the defining task of propagating malicious code is to locate new targets to attack. Residual risk is always there no matter what solutions are implemented or whet so ever security methodology or standards being adapted. Security is the first and crucial phase in the field of Computer Science. The main aim of the Computer Security is gathering of information with secure network. No one need wonder what all that malware is trying to do: It's trying to steal money through data theft, bank transfers, stolen passwords, or swiped identities. From there, with the help of our survey we learn about the importance of white listing, antimalware programs, security patches, log files, honey pots, and more used in banks for financial data protection but there’s also a need of implementing the IPV6 tunneling with Crypto data transformation according to the requirements of new technology to prevent the organization from new Malware attacks and crafting of its own messages and sending them to the target. In this paper the writer has given the idea of implementing IPV6 Tunneling Secessions on private data transmission from financial organizations whose secrecy needed to be safeguarded.

Keywords: network worms, malware infection propagating malicious code, virus, security, VPN

Procedia PDF Downloads 358

Authors: Chandan M. S., Darshan G. A., Vyshnavi, Abhishek T.

Abstract:

In the evolving world of technology and digital assets, non-fungible tokens (NFTs) have emerged as the latest advancement. These digital assets represent ownership of intangible items and hold significant value. Unlike cryptocurrencies, like Ethereum or Bitcoin, NFTs cannot be exchanged due to their nature. Each NFT has an indivisible value. NFTs not only pave the way for financial services but also open up fresh opportunities for creators, buyers and artists. To revolutionize financing in the DeFi space, this proposed approach utilizes NFTs generated from digital arts. By eliminating intermediaries, this innovative method ensures trust and security in transactions. The idea entails automating borrower-lender interactions through contracts while securely storing data using blockchain technology. Borrowers can obtain funding by leveraging assets such as estate, artwork and collectibles that are often illiquid. The key component of this system is contracts that independently execute lending agreements and collateral transfers within predefined parameters. By leveraging the Ethereum blockchain, this project aims to provide consumers with access to a platform offering a wide range of financial services. The demonstration illustrates how NFT lending and borrowing is managed through contracts, providing a secure and trustworthy transaction environment.

Keywords: blockchain, defi, NFT, ethereum, marketplace

Procedia PDF Downloads 53

Authors: Rizwan Rizwan

Abstract:

This paper provides an overview of Federated Learning (FL) and its application in enhancing data security, privacy, and efficiency. FL utilizes three distinct architectures to ensure privacy is never compromised. It involves training individual edge devices and aggregating their models on a server without sharing raw data. This approach not only provides secure models without data sharing but also offers a highly efficient privacy--preserving solution with improved security and data access. Also we discusses various frameworks used in FL and its integration with machine learning, deep learning, and data mining. In order to address the challenges of multi--party collaborative modeling scenarios, a brief review FL scheme combined with an adaptive gradient descent strategy and differential privacy mechanism. The adaptive learning rate algorithm adjusts the gradient descent process to avoid issues such as model overfitting and fluctuations, thereby enhancing modeling efficiency and performance in multi-party computation scenarios. Additionally, to cater to ultra-large-scale distributed secure computing, the research introduces a differential privacy mechanism that defends against various background knowledge attacks.

Keywords: federated learning, differential privacy, gradient descent strategy, convergence, stability, threats

Procedia PDF Downloads 30

Authors: Simon Bambey, Edward Lim, Kai Corley-Jory, Pooya Taheri

Abstract:

The main goal of this paper is to propose a simple and low-cost microcontroller-based laser communication link. To demonstrate that laser communication is a viable and efficient means for transmitting data, a transceiver capable of transfer rates of approximately 0.7 kB/s is prototyped. The hardware used for the transceiver consists of Commercial Off-The-Shelf (COTS) lasers, photodiodes, and the Arduino Mega 2560 which is an open-source and easy-to-use microcontroller-based platform intended for making interactive projects. A graphic user interface utilizing the Meteor framework is developed to facilitate the communication between the user and transceiver. The developed transceiver prototype is capable of receiving and transmitting data at significant ranges with no loss of information. Furthermore, stable and secure communication is achieved through several mechanisms developed to manage simultaneous sending and receiving, in addition to detecting physical interruptions during transmission. The design setup is scalable and with further development can be transformed into a fiber-optic transmission system. Due to its nature, laser communication is very secure and can provide a safe and private communication link. Overall, this paper demonstrates how laser communication can be an economical, durable, and effective means of information transfer.

Keywords: Arduino microcontrollers, laser applications, user interfaces, wireless communication

Procedia PDF Downloads 302

Authors: M. Moslehpour, S. Khorsandi

Abstract:

Due to shortage in IPv4 addresses, transition to IPv6 has gained significant momentum in recent years. Like Address Resolution Protocol (ARP) in IPv4, Neighbor Discovery Protocol (NDP) provides some functions like address resolution in IPv6. Besides functionality of NDP, it is vulnerable to some attacks. To mitigate these attacks, Internet Protocol Security (IPsec) was introduced, but it was not efficient due to its limitation. Therefore, SEND protocol is proposed to automatic protection of auto-configuration process. It is secure neighbor discovery and address resolution process. To defend against threats on NDP’s integrity and identity, Cryptographically Generated Address (CGA) and asymmetric cryptography are used by SEND. Besides advantages of SEND, its disadvantages like the computation process of CGA algorithm and sequentially of CGA generation algorithm are considerable. In this paper, we parallel this process between network resources in order to improve it. In addition, we compare the CGA generation time in self-computing and distributed-computing process. We focus on the impact of the malicious nodes on the CGA generation time in the network. According to the result, although malicious nodes participate in the generation process, CGA generation time is less than when it is computed in a one-way. By Trust Management System, detecting and insulating malicious nodes is easier.

Keywords: NDP, IPsec, SEND, CGA, modifier, malicious node, self-computing, distributed-computing

Procedia PDF Downloads 278

Authors: Hasna Elalaoui Elabdallaoui, Abdelaziz Elfazziki, Mohamed Sadgal

Abstract:

Outlines: The social economy is a moral approach to solidarity applied to the projects’ development. To reconcile economic activity and social equity, crowdfunding is as an alternative means of financing social projects. Several collaborative blockchain platforms exist. It eliminates the need for a central authority or an inconsiderate middleman. Also, the costs for a successful crowdfunding campaign are reduced, since there is no commission to be paid to the intermediary. It improves the transparency of record keeping and delegates authority to authorities who may be prone to corruption. Objectives: The objectives are: to define a software infrastructure for projects’ participatory financing within a social and solidarity economy, allowing transparent, secure, and fair management and to have a financial mechanism that improves financial inclusion. Methodology: The proposed methodology is: crowdfunding platforms literature review, financing mechanisms literature review, requirements analysis and project definition, a business plan, Platform development process and implementation technology, and testing an MVP. Contributions: The solution consists of proposing a new approach to crowdfunding based on Islamic financing, which is the principle of Mousharaka inspired by Islamic financing, which presents a financial innovation that integrates ethics and the social dimension into contemporary banking practices. Conclusion: Crowdfunding platforms need to secure projects and allow only quality projects but also offer a wide range of options to funders. Thus, a framework based on blockchain technology and Islamic financing is proposed to manage this arbitration between quality and quantity of options. The proposed financing system, "Musharaka", is a mode of financing that prohibits interests and uncertainties. The implementation is offered on the secure Ethereum platform as investors sign and initiate transactions for contributions using their digital signature wallet managed by a cryptography algorithm and smart contracts. Our proposal is illustrated by a crop irrigation project in the Marrakech region.

Keywords: social economy, Musharaka, blockchain, smart contract, crowdfunding

Procedia PDF Downloads 77

Authors: Behnam Zahednejad, Saeed Kosari

Abstract:

Widespread deployment of Internet of Things (IoT) has raised security and privacy issues in this environment. Designing a secure two-factor authentication scheme between the user and server is still a challenging task. In this paper, we focus on Cancelable Biometric (CB) as an authentication factor in IoT. We show that previous CB-based scheme fail to provide real two-factor security, Perfect Forward Secrecy (PFS) and suffer database attacks and traceability of the user. Then we propose our improved scheme based on CB and Physically Unclonable Functions (PUF), which can provide real two-factor security, PFS, user’s unlinkability, and resistance to database attack. In addition, Key Compromise Impersonation (KCI) resilience is achieved in our scheme. We also prove the security of our proposed scheme formally using both Real-Or-Random (RoR) model and the ProVerif analysis tool. For the usability of our scheme, we conducted a performance analysis and showed that our scheme has the least communication cost compared to the previous CB-based scheme. The computational cost of our scheme is also acceptable for the IoT environment.

Keywords: IoT, two-factor security, cancelable biometric, key compromise impersonation resilience, perfect forward secrecy, database attack, real-or-random model, ProVerif

Procedia PDF Downloads 102

Authors: Bhaumik Tyagi, Mandeep Kaur, Kanika Singla

Abstract:

The advancement of blockchain has facilitated scholars to remodel e-voting systems for future generations. Server-side attacks like SQL injection attacks and DOS attacks are the most common attacks nowadays, where malicious codes are injected into the system through user input fields by illicit users, which leads to data leakage in the worst scenarios. Besides, quantum attacks are also there which manipulate the transactional data. In order to deal with all the above-mentioned attacks, integration of blockchain, convolutional neural network (CNN), and Quantum Key Distribution is done in this very research. The utilization of blockchain technology in e-voting applications is not a novel concept. But privacy and security issues are still there in a public and private blockchains. To solve this, the use of a hybrid blockchain is done in this research. This research proposed cryptographic signatures and blockchain algorithms to validate the origin and integrity of the votes. The convolutional neural network (CNN), a normalized version of the multilayer perceptron, is also applied in the system to analyze visual descriptions upon registration in a direction to enhance the privacy of voters and the e-voting system. Quantum Key Distribution is being implemented in order to secure a blockchain-based e-voting system from quantum attacks using quantum algorithms. Implementation of e-voting blockchain D-app and providing a proposed solution for the privacy of voters in e-voting using Blockchain, CNN, and Quantum Key Distribution is done.

Keywords: hybrid blockchain, secure e-voting system, convolutional neural networks, quantum key distribution, one-time pad

Procedia PDF Downloads 94

Authors: Nahid Salarkia, Nasrin Omidvar, Erfan Ghassemi, Vahideh Arab-Salari, Tirang Reza Neyestani

Abstract:

Background: Household food insecurity has an adverse impact on the maternal mental health. This study was carried out to assess the relationship between household food insecurity, maternal depression and mother’s self-efficacy in Varamin, Iran, in 2014. Methods: In this cross-sectional study 423 mothers with children under 2 years old, with mean age 28.1±5.2 year; weight 66.3±13.4 kg; height 160.3± 5.7 cm and BMI 25.7±4.8 kg/m2 were selected by a multistage random sampling scheme. The instruments were: Beck Depression Inventory (BDI-III) and mother’s self-efficacy questionnaire. Data was analyzed using χ2 test, ANOVA and Pearson correlation. Results: Mildly, moderately and severely food insecure households were 39.5, 9.7 and 3.1%, respectively. Mild, moderate and sever depression was: 18.7, 13.9 and 5.7%. Mean score of depression in moderate and severe food insecure (8.6±5.3) was more than mild food insecure (4.8±4.7) and food secure (3.1±3.6) mothers. Frequency of very good, good and low mother’s self-efficacy were 62.8, 36.5, and 0.7%, respectively. Very good mother’s self-efficacy in food secure mothers (33.4%) was more than mild (25.4%) and moderate-sever food insecure groups (4%). There was a negative significant association between household food insecurity and mother’s self-efficacy (r= -0.297, p<0.01), and between mother’s depression and self-efficacy (r= -0.309, p=0.001). Conclusion: Empowerment of mothers with educational programs and social support can decrease mothers’ depression and increase self-efficacy that lead to improve maternal practices in food insecure households.

Keywords: Household food insecurity, Iran, mothers, physiological characteristics, self-efficacy

Procedia PDF Downloads 513

Authors: Rachna Jain, Sushila Madan, Bindu Garg

Abstract:

Cloud computing is the key powerhouse in numerous organizations due to shifting of their data to the cloud environment. In recent years it has been observed that cloud-based-services are being used on large scale for content storage, distribution and processing. Various issues have been observed in cloud computing environment that need to be addressed. Security and privacy are found topmost concern area. In this paper, a novel security model is proposed to secure data by utilizing CDN services like image to icon conversion. CDN Service is a content delivery service which converts an image to icon, word to pdf & Latex to pdf etc. Presented model is used to convert an image into icon by keeping image secret. Here security of image is imparted so that image should be encrypted and decrypted by data owners only. It is also discussed in the paper that how server performs multiplication and selection on encrypted data without decryption. The data can be image file, word file, audio or video file. Moreover, the proposed model is capable enough to multiply images, encrypt them and send to a server application for conversion. Eventually, the prime objective is to encrypt an image and convert the encrypted image to image Icon by utilizing homomorphic encryption.

Keywords: cloud computing, user data security, homomorphic encryption, image multiplication, CDN service

Procedia PDF Downloads 334

Authors: Hebberly Ahatlan

Abstract:

The process of digitizing energy systems involves transforming traditional energy infrastructure into interconnected, data-driven systems that enhance efficiency, sustainability, and responsiveness. As smart grids become increasingly integral to the efficient distribution and management of electricity from both fossil and renewable energy sources, the energy industry faces strategic challenges associated with digitalization and interoperability — particularly in the context of modern energy business models, such as virtual power plants (VPPs). The critical challenge in modern smart grids is to seamlessly integrate diverse technologies and systems, including virtualization, grid computing and service-oriented architecture (SOA), across the entire energy ecosystem. Achieving this requires addressing issues like semantic interoperability, IT/OT convergence, and digital asset scalability, all while ensuring security and risk management. This paper proposes a four-layer digitalization framework to tackle these challenges, encompassing persistent data protection, trusted key management, secure messaging, and authentication of IoT resources. Data assets generated through this framework enable AI systems to derive insights for improving smart grid operations, security, and revenue generation. Furthermore, this paper also proposes a Trusted Energy Interoperability Alliance as a universal guiding standard in the development of this digitalization framework to support more dynamic and interoperable energy markets.

Keywords: digitalization, IT/OT convergence, semantic interoperability, VPP, energy blockchain

Procedia PDF Downloads 183