March 11 ~ 12, 2023, Virtual Conference
Gideon Samid, School of Engineering, Case Western Reserve University, Cleveland, OH
Cyberspace conversations are not private, even if encrypted. Communication patterns keep the conversing parties vulnerable. We present here tools, solutions, methods to address this vulnerabilty. They are based on equivocation. If a message is received by many recipients, it hides the identity of the intended one. If a protocol calls for decoy messages, then it protects the identity of the intended message. BitGrey is a protocol that creates a "grey hole" (of various shades) around the communicating community, so that very little information leaks out. In addition the BitLoop protocol constructs a fixed rate circulating bit flow, traversing through all members of a group. The looping bits appear random, and effectively hide the pattern, even the existence of communication within the group.
Pattern Hiding, Equivocation, decoy messages, winnowing.
Forrest McKee and David Noever, PeopleTec, 4901-D Corporate Drive, Huntsville, AL, USA, 35805
Question-and-answer Formats Provide a Novel Experimental Platform for Investigating Cybersecurity Questions. Unlike Previous Chatbots, the Latest Chatgpt Model From Openai Supports an Advanced Understanding of Complex Coding Questions. The Research Demonstrates Thirteen Coding Tasks That Generally Qualify as Stages in the Mitre Attack Framework, Ranging From Credential Access to Defense Evasion. With Varying Success, the Experimental Prompts Generate Examples of Keyloggers, Logic Bombs, Obfuscated Worms, and Payment-fulfilled Ransomware. The Empirical Results Illustrate Cases That Support the Broad Gain of Functionality, Including Self-replication and Self-modification, Evasion, and Strategic Understanding of Complex Cybersecurity Goals. One Surprising Feature of Chatgpt as a Language-only Model Centers on Its Ability to Spawn Coding Approaches That Yield Images That Obfuscate or Embed Executable Programming Steps or Links.
Transformers, Text Generation, Malware Generation, Generative Pre-trained Transformers, GPT .
Sajad Meisami1, Mohammad Beheshti-Atashgah2 and Mohammad Reza Aref2, 1Department of Computer Science, Illinois Institute of Technology, Chicago, USA, 2Department of Electrical Engineering, Sharif University of Technology, Tehran, Iran
With the advent of the Internet of Things (IoT), e-health has become one of the main topics of research. Due to the sensitivity of patient information, patient privacy seems challenging. Nowadays, patient data is usually stored in the cloud in healthcare programs, making it difficult for users to have enough control over their data. The recent increment in announced cases of security and surveillance breaches compromising patients' privacy call into question the conventional model, in which third-parties gather and control immense amounts of patients' Healthcare data. In this work, we try to resolve the issues mentioned above by using blockchain technology. We propose a blockchain-based protocol suitable for ehealth applications that does not require trust in a third party and provides an efficient privacypreserving access control mechanism. Transactions in our proposed system, unlike Bitcoin, are not entirely financial, and we do not use conventional methods for consensus operations in blockchain like Proof of Work (PoW). It is not suitable for IoT applications because IoT devices have resourcesconstraints. Usage of appropriate consensus method helps us to increase network security and efficiency, as well as reducing network cost, i.e., bandwidth and processor usage. Finally, we provide security and privacy analysis of our proposed protocol.
blockchain, healthcare, IoT, privacy, e-health, access control, Security.
Hasibul Alam and Emmett Tomai, Department of Computer Science, The University of Texas Rio Grande Valley, Texas, USA
The Internet of Things (IoT) application is visible in all aspects of humans’ day-to-day affairs. The demand for IoT is growing at an unprecedented rate, from wearable wristwatches to autopilot cars. The smart home has also seen significant advancements to improve the quality of lifestyle. However, the security and privacy of data and IoT devices have become primary concerns as data is shared among intelligent devices and over the internet in a smart home network. This article presents smart homes' most common security attacks and mitigation techniques.
Internet-of-Things, Smart Home Architecture, Security Attacks on Smart Homes, Application of Smart Homes
Shanqing Jiang1,2, 1School of Cyber Science and Engineering, Southeast University, Nanjing, China 2Institude of System Engineering AMS PLA, Beijing, China
In large-scale distributed Software Defined Networks (SDNs), a logically centralized network view is required in the physically distributed control plane to provide correct application decisions. Distributed SDN controllers communicate through east-west interfaces to achieve consistency of the global network view and coordination of control decisions. The consistency of the global network view requires synchronization of various network states in multiple controllers in SDN. Different network states differ in update rate, data size, application access method, etc. These factors affect the consensus protocol and synchronization strategy used for state synchronization. Therefore, we propose a consensus slicing mechanism that dynamically adjusts the synchronization strategy according to application requirements, minimizing consistency differences among controllers and reducing synchronization overhead. Then, we use a storage approach combining blockchain with distributed databases to store synchronized state information, improving the efficiency and anti-tamper ability of state information. Simulation experiments validate the effectiveness of the proposed approach.
Consensus slice, Blockchain, SDN controller, Distributed control plane, State synchronization