Showing papers on "Protocol (object-oriented programming) published in 2018"

Untangling Blockchain: A Data Processing View of Blockchain Systems

Abstract: Blockchain technologies are gaining massive momentum in the last few years. Blockchains are distributed ledgers that enable parties who do not fully trust each other to maintain a set of global states. The parties agree on the existence, values, and histories of the states. As the technology landscape is expanding rapidly, it is both important and challenging to have a firm grasp of what the core technologies have to offer, especially with respect to their data processing capabilities. In this paper, we first survey the state of the art, focusing on private blockchains (in which parties are authenticated). We analyze both in-production and research systems in four dimensions: distributed ledger, cryptography, consensus protocol, and smart contract. We then present BLOCKBENCH, a benchmarking framework for understanding performance of private blockchains against data processing workloads. We conduct a comprehensive evaluation of three major blockchain systems based on BLOCKBENCH, namely Ethereum, Parity, and Hyperledger Fabric. The results demonstrate several trade-offs in the design space, as well as big performance gaps between blockchain and database systems. Drawing from design principles of database systems, we discuss several research directions for bringing blockchain performance closer to the realm of databases.

A Robust and Energy Efficient Authentication Protocol for Industrial Internet of Things

Abstract: The Internet of Things (IoT) is an emerging technology and expected to provide solutions for various industrial fields. As a basic technology of the IoT, wireless sensor networks (WSNs) can be used to collect the required environment parameters for specific applications. Due to the resource limitation of sensor node and the open nature of wireless channel, security has become an enormous challenge in WSN. Authentication as a basic security service can be used to guarantee the legality of data access in WSN. Recently, Chang and Le proposed two authentication protocols for WSN for different security requirements. However, their protocol cannot provide proper mutual authentication and has other security and functionality defects. We present a three-factor user authentication protocol for WSN to remove the weaknesses of previous protocols. The security of the proposed protocol is analyzed, and the security, functionality and performance of our protocol are compared with other related protocols. The comparison results and simulation results by NS-3 show that the proposed protocol is robust and energy efficient for IoT applications.

Zero-Shot Object Detection: Learning to Simultaneously Recognize and Localize Novel Concepts

Abstract: Current Zero-Shot Learning (ZSL) approaches are restricted to recognition of a single dominant unseen object category in a test image. We hypothesize that this setting is ill-suited for real-world applications where unseen objects appear only as a part of a complex scene, warranting both ‘recognition’ and ‘localization’ of an unseen category. To address this limitation, we introduce a new ‘Zero-Shot Detection’ (ZSD) problem setting, which aims at simultaneously recognizing and locating object instances belonging to novel categories without any training examples. We also propose a new experimental protocol for ZSD based on the highly challenging ILSVRC dataset, adhering to practical issues, e.g., the rarity of unseen objects. To the best of our knowledge, this is the first end-to-end deep network for ZSD that jointly models the interplay between visual and semantic domain information. To overcome the noise in the automatically derived semantic descriptions, we utilize the concept of meta-classes to design an original loss function that achieves synergy between max-margin class separation and semantic space clustering. Furthermore, we present a baseline approach extended from recognition to ZSD setting. Our extensive experiments show significant performance boost over the baseline on the imperative yet difficult ZSD problem.

On 5G Radio Access Network Slicing: Radio Interface Protocol Features and Configuration

Abstract: Network slicing is a fundamental capability for future Fifth Generation (5G) networks to facilitate the cost-effective deployment and operation of multiple logical networks over a common physical network infrastructure in a way that each logical network (i.e. network slice) can be customized and dimensioned to best serve the needs of specific applications (e.g. mobile broadband, smart city, connected car, public safety, fixed wireless access) and users (e.g. general public, enterprise customers, virtual operators, content providers). The practical realization of such capability still raises numerous technical challenges, both in the Core and RAN parts of the 5G system. Through a comprehensive analysis of the impact that the realization of RAN slicing has on the different layers of the radio interface protocol architecture, this article proposes a framework for the support and specification of RAN slices based on the definition of a set of configuration descriptors that characterize the features, policies and resources to be put in place across the radio protocol layers of a next-generation RAN node.

On the security of a new ultra-lightweight authentication protocol in IoT environment for RFID tags

Abstract: Recently, Tewari and Gupta proposed a ultra-lightweight mutual authentication protocol in IoT environments for RFID tags. Their protocol aims to provide secure communication with least cost in both storage and computation. Unfortunately, in this paper, we exploit the vulnerability of this protocol. In this attack, an attacker can obtain the key shared between a back-end database server and a tag. We also explore the possibility in patching the system with some modifications.

Privacy-Preserving and Lightweight Key Agreement Protocol for V2G in the Social Internet of Things

Abstract: The concept of the Social Internet of Things (SIoT) can be viewed as the integration of prevailing social networking and the Internet of Things, which is making inroads into the daily operation of many industries. Smart grids, which are cost-effective and environmentally friendly applications, are a promising field of the SIoT. However, security and privacy concerns are the dark aspects of smart grids. The goal of this paper is to address the security and privacy issues in the vehicle-to-grid (V2G) networks with the intention of promoting a more extensive deployment of V2G networks for smart grids. Driven by this motivation, in this paper, we propose a robust key agreement protocol that can achieve mutual authentication without exposing the real identities of users. Efficiency is also a major concern in resource-constrained environments. By leveraging only hash functions and bitwise exclusive-OR operations, the proposed protocol is highly efficient compared with pairing-based protocols. In addition, we define a formal security model for our privacy-preserving key agreement protocol for V2G networks. Using this model, a formal security analysis shows that the proposed protocol is secure. Moreover, an informal security analysis demonstrates that our protocol can withstand different types of attacks.

Decentralized Diagnosis by Petri Nets and Integer Linear Programming

Abstract: This paper proposes a novel decentralized on-line fault diagnosis approach based on the solution of some integer linear programming problems for discrete event systems in a Petri net framework. The decentralized architecture consists of a set of local sites communicating with a coordinator that decides whether the system behavior is normal or subject to some possible faults. To this aim, some results allow defining the rules applied by the coordinator and the local sites to provide the global diagnosis results. Moreover, two protocols for the detection and diagnosis of faults are proposed: they differ for the information exchanged between local sites and coordinator and the diagnostic capability. In addition, a sufficient and necessary condition under which the second presented protocol can successfully diagnose a fault in the decentralized architecture is proved. Finally, some examples are presented to show the efficiency of the proposed approach.

A Reliable Communication Framework and Its Use in Internet of Things (IoT)

Abstract: Peoples are naturally communicators but devices are not. In the Internet of Things (IoT) architecture, the smart devices (SDs), sensors, programs and association of smart objects are connected together to transfer information among them. The SD is designed as physical device linked with computing resources that are capable to connect and communicate with another SD through any medium and protocol. The communication among intelligent physical things is a challenging task to exchange information that guaranteed to reach to the destination completely in a real time with the same order as sending without corruption. The reliable communication between physical things can be built in the transmission control protocol (TCP) layers. In TCP layer, the reliable communication is required the error detection, correction and confirmation to exchange information among smart devices. In this paper, the author represents a framework to deal with reliability issues to enable the adoption of IoT devices. The results found the improvement in reliability.

Efficient Decentralized Deep Learning by Dynamic Model Averaging.

Abstract: We propose an efficient protocol for decentralized training of deep neural networks from distributed data sources. The proposed protocol allows to handle different phases of model training equally well and to quickly adapt to concept drifts. This leads to a reduction of communication by an order of magnitude compared to periodically communicating state-of-the-art approaches. Moreover, we derive a communication bound that scales well with the hardness of the serialized learning problem. The reduction in communication comes at almost no cost, as the predictive performance remains virtually unchanged. Indeed, the proposed protocol retains loss bounds of periodically averaging schemes. An extensive empirical evaluation validates major improvement of the trade-off between model performance and communication which could be beneficial for numerous decentralized learning applications, such as autonomous driving, or voice recognition and image classification on mobile phones.

A Survey on CAN Bus Protocol: Attacks, Challenges, and Potential Solutions

Abstract: The vehicles are equipped with electronic control units that control their functions. These units communicate with each other via in-vehicle communication protocols like CAN bus. Although CAN is the most common in-vehicle communication protocol, its lack of encryption and authentication can cause serious security shortcomings. In the literature, many attacks are reported related to CAN bus and the number increases with rising connectivity in the cars. In this paper, we present CAN protocol and analyze its security vulnerabilities. Then we survey the implemented attacks and proposed solutions in the literature.

A Detection and Mitigation Model for PTP Delay Attack in an IEC 61850 Substation

Abstract: Smart grid applications demand the availability of a reliable and accurate time signal. Measurements and events need to be correctly aligned to enable proper actions and decisions. Precision time protocol (PTP) is the favored protocol for time distribution across smart grid domains. The correct functionality of PTP is of paramount importance and its security is of high priority. To harden its security, detection, and prevention mechanisms against attacks targeting PTP are needed. In this paper, we propose detection and mitigation mechanisms against the known PTP delay attack. We apply model checking to quantify the effect of the delay attack. Moreover, the validity of the proposed mechanism is formally proven. The suggested approach is tested on a physical system. The collected results support the usefulness of the mechanism in detecting the delay attacks targeting PTP, and preserving the system functionality.

Private Machine Learning in TensorFlow using Secure Computation.

Abstract: We present a framework for experimenting with secure multi-party computation directly in TensorFlow. By doing so we benefit from several properties valuable to both researchers and practitioners, including tight integration with ordinary machine learning processes, existing optimizations for distributed computation in TensorFlow, high-level abstractions for expressing complex algorithms and protocols, and an expanded set of familiar tooling. We give an open source implementation of a state-of-the-art protocol and report on concrete benchmarks using typical models from private machine learning.

Mechanising blockchain consensus

Abstract: We present the first formalisation of a blockchain-based distributed consensus protocol with a proof of its consistency mechanised in an interactive proof assistant. Our development includes a reference mechanisation of the block forest data structure, necessary for implementing provably correct per-node protocol logic. We also define a model of a network, implementing the protocol in the form of a replicated state-transition system. The protocol's executions are modeled via a small-step operational semantics for asynchronous message passing, in which packages can be rearranged or duplicated. In this work, we focus on the notion of global system safety, proving a form of eventual consistency. To do so, we provide a library of theorems about a pure functional implementation of block forests, define an inductive system invariant, and show that, in a quiescent system state, it implies a global agreement on the state of per-node transaction ledgers. Our development is parametric with respect to implementations of several security primitives, such as hash-functions, a notion of a proof object, a Validator Acceptance Function, and a Fork Choice Rule. We precisely characterise the assumptions, made about these components for proving the global system consensus, and discuss their adequacy. All results described in this paper are formalised in Coq.

An Enhanced LoRaWAN Security Protocol for Privacy Preservation in IoT with a Case Study on a Smart Factory-Enabled Parking System.

Abstract: The Internet of Things (IoT) utilizes algorithms to facilitate intelligent applications across cities in the form of smart-urban projects. As the majority of devices in IoT are battery operated, their applications should be facilitated with a low-power communication setup. Such facility is possible through the Low-Power Wide-Area Network (LPWAN), but at a constrained bit rate. For long-range communication over LPWAN, several approaches and protocols are adopted. One such protocol is the Long-Range Wide Area Network (LoRaWAN), which is a media access layer protocol for long-range communication between the devices and the application servers via LPWAN gateways. However, LoRaWAN comes with fewer security features as a much-secured protocol consumes more battery because of the exorbitant computational overheads. The standard protocol fails to support end-to-end security and perfect forward secrecy while being vulnerable to the replay attack that makes LoRaWAN limited in supporting applications where security (especially end-to-end security) is important. Motivated by this, an enhanced LoRaWAN security protocol is proposed, which not only provides the basic functions of connectivity between the application server and the end device, but additionally averts these listed security issues. The proposed protocol is developed with two options, the Default Option (DO) and the Security-Enhanced Option (SEO). The protocol is validated through Burrows–Abadi–Needham (BAN) logic and the Automated Validation of Internet Security Protocols and Applications (AVISPA) tool. The proposed protocol is also analyzed for overheads through system-based and low-power device-based evaluations. Further, a case study on a smart factory-enabled parking system is considered for its practical application. The results, in terms of network latency with reliability fitting and signaling overheads, show paramount improvements and better performance for the proposed protocol compared with the two handshake options, Pre-Shared Key (PSK) and Elliptic Curve Cryptography (ECC), of Datagram Transport Layer Security (DTLS).

State of the art of network protocol reverse engineering tools

Abstract: Communication protocols enable structured information exchanges between different entities. A description, at different levels of detail, is necessary for many applications, such as interoperability or security audits. When such a description is not available, one can resort to protocol reverse engineering to infer the format of exchanged messages or a model of the protocol. During the past 12 years, several tools have been developed in order to automate, entirely or partially, the protocol inference process. Each of those tools has been developed with a specific application goal for the inferred model, leading to specific needs, and thus different strengths and limitations. After identifying key challenges, the paper presents a survey of protocol reverse engineering tools developed in the last decade. We consider tools focusing on the inference of the format of individual messages or of the grammar of sequences of messages. Finally, we propose a classification of these tools according to different criteria, that is aimed at providing relevant insights about the techniques used by each of these tools and comparatively to other tools, for the classification of messages, the inference of their format or of the grammar of the protocol. This classification also permits to identify technical areas that are not sufficiently explored so far and that require further development in the future.

The Horcrux Protocol: A Method for Decentralized Biometric-based Self-sovereign Identity

Abstract: Most user authentication methods and identity proving systems rely on a centralized database. Such information storage presents a single point of compromise from a security perspective. If this system is compromised it poses a direct threat to users digital identities. This paper proposes a decentralized authentication method, called the Horcrux1 protocol, in which there is no such single point of compromise. The protocol relies on decentralized identifiers (DIDs) under development by the W3C Verifiable Claims Community Group and the concept of selfsovereign identity. To accomplish this, we propose specification and implementation of a decentralized biometric credential storage option via blockchains using DIDs and DID documents within the IEEE 2410–2017 Biometric Open Protocol Standard (BOPS).1The term “horcrux” comes from the Harry Potter book series in which the antagonist (Lord Voldemort) places copies of his soul into physical objects. Each object is scattered and/or hidden to disparate places around the world. He cannot be killed until all horcruxes are found and destroyed.

A New Framework and Protocol for Future Networking Applications

Abstract: Future networking applications place demands on networking services that become increasingly difficult to address using existing internetworking technology. This paper presents a new framework and protocol that is designed to meet this challenge, BPP (Big Packet Protocol). BPP is intended as an enabler for a new generation of networking services that depend on the ability to provide precise service level guarantees while facilitating operations. In addition, BPP allows users to define and customize networking behavior from the network edge for their flows in isolation from other users and without needing to rely on lengthy vendor or network operator product cycles.

RICE: remote method invocation in ICN

Abstract: Information Centric Networking has been proposed as a new network layer for the Internet, capable of encompassing the full range of networking facilities provided by the current IP architecture. In addition to the obvious content-fetching use cases which have been the subject of a large body of work, ICN has also shown promise as a substrate to effectively support remote computation, both pure functional programming (as exemplified by Named Function Networking) and more general remote invocation models such as RPC and web transactions. Providing a unified remote computation capability in ICN presents some unique challenges, among which are timer management, client authorization, and binding to state held by servers, while maintaining the advantages of ICN protocol designs like CCN and NDN. In this paper we present a unified approach to remote function invocation in ICN that exploits the attractive ICN properties of name-based routing, receiver-driven flow and congestion control, flow balance, and object-oriented security while presenting a natural programming model to the application developer.

An Efficient Bit-Detecting Protocol for Continuous Tag Recognition in Mobile RFID Systems

Abstract: In a mobile RFID system, a large number of tags move in and out of the system continuously, so that the reader has very limited time to recognize all the tags. As a result, the effective and efficient identification of tags in mobile environments is a more challenging problem compared to conventional static RFID systems. In this paper, we propose an efficient bit-detecting (EBD) protocol to accelerate the reading process of large-scale mobile RFID systems. In these systems, some previously recognized tags, i.e., known tags, may stay in the reader's reading range for two consecutive reading cycles, and some unknown tags may newly participate in the current reading cycle. In the proposed EBD protocol, a new bit monitoring method is proposed to detect the presence of known tags using a small number of slots, and to retrieve their IDs from the back-end database. Next, an $M$ -ary bit-detecting tree recognition method is proposed to rapidly recognize unknown tags without generating any idle slots. This new protocol is shown to perform better than existing methods reported in the literature. Both theoretic and simulation results are present to demonstrate that the proposed protocol is superior to existing protocols in terms of lower time cost.

Streamingrec: a framework for benchmarking stream-based news recommenders

Abstract: News is one of the earliest application domains of recommender systems, and recommending items from a virtually endless stream of news is still a relevant problem today. News recommendation is different from other application domains in a variety of ways, e.g., because new items constantly become available for recommendation. To be effective, news recommenders therefore have to continuously consider the latest items in the incoming stream of news in their recommendation models. However, today's public software libraries for algorithm benchmarking mostly do not consider these particularities of the domain. As a result, authors often rely on proprietary protocols, which hampers the comparability of the obtained results. In this paper, we present StreamingRec as a framework for evaluating streaming-based news recommenders in a replicable way. The open-source framework implements a replay-based evaluation protocol that allows algorithms to update the underlying models in real-time when new events are recorded and new articles are available for recommendation. Furthermore, a variety of baseline algorithms for session-based recommendation are part of StreamingRec. For these, we also report a number of performance results for two datasets, which confirm the importance of immediate model updates.

Smart-Contract Based System Operations for Permissioned Blockchain

Abstract: Enterprises have paid attention to blockchain (BC), recently permissioned BC characterized with smart-contract, where busi-ness transactions among inter-authorized companies (forming consortium) can automatically be executed based on distributed consensus protocol over user-defined business logics pre-built with program codes. A single BC system will be built across mul-tiple management domains having different operational policies, e.g., datacenter of each organization; this will trigger a problem that its system operations (e.g., backup) will become time-consuming and costly due to the difficulty in unifying and/or adjusting operational policy, schedule, etc. Toward solving the problem, we propose an operations execution method for BC systems; a primary idea is to define operations as smart-contract so that unified and synchronized cross-organizational operations can be executed effectively by using BC-native features. We de-sign the proposed method as hybrid architecture including in-BC consensus establishment and out-BC event-based instruction execution, in order to be adaptable to the recent heterogeneous BC architecture. Performance evaluation using a prototype with Hyperledger Fabric v1.0 shows that the proposed method can start executing operations within 5 seconds. Furthermore, cost evaluation using model-based estimation shows that the total yearly cost of monthly operations on a 5-organizational BC sys-tem could be reduced by 61 percent compared to a conventional manual method.

Quantitative Analysis of Smart Contracts

Abstract: Smart contracts are computer programs that are executed by a network of mutually distrusting agents, without the need of an external trusted authority. Smart contracts handle and transfer assets of considerable value (in the form of crypto-currency like Bitcoin). Hence, it is crucial that their implementation is bug-free. We identify the utility (or expected payoff) of interacting with such smart contracts as the basic and canonical quantitative property for such contracts. We present a framework for such quantitative analysis of smart contracts. Such a formal framework poses new and novel research challenges in programming languages, as it requires modeling of game-theoretic aspects to analyze incentives for deviation from honest behavior and modeling utilities which are not specified as standard temporal properties such as safety and termination. While game-theoretic incentives have been analyzed in the security community, their analysis has been restricted to the very special case of stateless games. However, to analyze smart contracts, stateful analysis is required as it must account for the different program states of the protocol. Our main contributions are as follows: we present (i) a simplified programming language for smart contracts; (ii) an automatic translation of the programs to state-based games; (iii) an abstraction-refinement approach to solve such games; and (iv) experimental results on real-world-inspired smart contracts.

Dynamic Linked Data: A SPARQL Event Processing Architecture

Abstract: This paper presents a decentralized Web-based architecture designed to support the development of distributed, dynamic, context-aware and interoperable services and applications. The architecture enables the detection and notification of changes over the Web of Data by means of a content-based publish-subscribe mechanism where the W3C SPARQL 1.1 Update and Query languages are fully supported and used respectively by publishers and subscribers. The architecture is built on top of the W3C SPARQL 1.1 Protocol and introduces the SPARQL 1.1 Secure Event protocol and the SPARQL 1.1 Subscribe Language as a means for conveying and expressing subscription requests and notifications. The reference implementation of the architecture offers to developers a design pattern for a modular, scalable and effective application development.

A robust mutual authentication protocol for WSN with multiple base-stations

Abstract: Security and Privacy are very crucial for data communication in Wireless Sensor Networks (WSNs). In order to provide ample security, recently many user authentication and key agreement (UAKA) protocols with single base-station have been put forward for WSNs. The base-station experienced huge load for such type of protocol, and thus, the quality of the service is dramatically reduced with the increasing number of users. This problem can be eliminated if the load is distributed to multiple base-stations. However, multiple base-stations based UAKA (MBS-UAKA) protocol with for WSN has not yet been proposed. This paper focuses to design a robust and effective MBS-UAKA protocol for WSN, which makes the secure communication as well as authentication. We evaluated all the known security properties of our MBS-UAKA protocol through formal and informal security analysis. Besides, the BAN logic analysis ensures that our MBS-UAKA protocol satisfies the mutual authentication property. Our comparative analysis ensures better performance compared to existing research works.

GANFuzz: a GAN-based industrial network protocol fuzzing framework

Abstract: In this paper, we attempt to improve industrial safety from the perspective of communication security We leverage the protocol fuzzing technology to reveal errors and vulnerabilities inside implementations of industrial network protocols(INPs) Traditionally, to effectively conduct protocol fuzzing, the test data has to be generated under the guidance of protocol grammar, which is built either by interpreting the protocol specifications or reverse engineering from network traces In this study, we propose an automated test case generation method, in which the protocol grammar is learned by deep learning Generative adversarial network(GAN) is employed to train a generative model over real-world protocol messages to enable us to learn the protocol grammar Then we can use the trained generative model to produce fake but plausible messages, which are promising test cases Based on this approach, we present an automatical and intelligent fuzzing framework(GANFuzz) for testing implementations of INPs Compared to prior work, GANFuzz offers a new way for this problem Moreover, GANFuzz does not rely on protocol specification, so that it can be applied to both public and proprietary protocols, which outperforms many previous frameworks We use GANFuzz to test several simulators of the Modbus-TCP protocol and find some errors and vulnerabilities