International Journal of Information Security
Volume:17 Issue: 1, Jan 2025

In smart grids, messages exchanged between service providers and smart meters should be authenticated and confidential to prevent threats due to their insecurity. Hence, it is imperative to design a secure authentication and key exchange scheme to create a session key for secure and authenticated transmission of messages. In this paper, we show that the mutual authentication and key establishment protocol presented by Sureshkumar et al. in 2020, which is based on elliptic curve cryptography (ECC), fails to satisfy forward secrecy, while they claimed that it provides perfect forward secrecy. In addition, it will be demonstrated that it is not secure against stolen database attacks of a service provider, which leads to the smart meter impersonation attack and session key exposure.Moreover, we prove that it fails to achieve security against known sessionspecific temporary information attacks. Next, an improved authenticated key establishment protocol to address these vulnerabilities has been proposed. Then, we analyze its security with informal and formal methods, such as BurrowAbadi-Needham (BAN) logic and ProVerif. Finally, with the comparison of security features and computation and communication overhead, we show that it outperforms baseline papers.

Protecting sensitive data is crucial in various fields, including Information Technologies, Network Security, and healthcare records. Implementing precise access policies for encrypted data is vital in large networks. Attribute-Based Encryption (ABE) emerges as a solution to this challenge, enabling encryption and access control simultaneously. With the increasing significance of quantum-safe measures due to advancements in quantum computing, there is a growing need for quantum-resistant access control mechanisms for encrypted data, as addressed by Lattice-Based Attribute-Based Encryption.However, some existing Lattice-Based ABE schemes lack robust support for fine-grained access policies. In this paper, we present an enhancement to a Key Policy Attribute-Based Encryption (ABE) scheme to not only accommodate threshold gates but also any boolean circuits. Our proposed scheme's security is grounded in the Learning with Errors (LWE) assumption within the selective security model under the Indistinguishable CPA game. Importantly, the scheme is well-suited for the Disjunctive Normal Form (DNF) representation of boolean functions, offering enhanced flexibility and security in access control mechanisms for encrypted data.

The highest level in Endsley's situation awareness model is called projection when the status of elements in the environment is shortly predicted. In cybersecurity situation awareness, the projection for an Advanced Persistent Threat (APT) requires to predict the next step of the APT.The threats are constantly changing and becoming more complex. As supervised and unsupervised learning methods require APT datasets for projecting the next step of APTs, they cannot identify unknown APT threats.In reinforcement learning methods, the agent interacts with the environment, which might project the next step of known and unknown APTs. So far, reinforcement learning has not been used to project the next step of APTs.In reinforcement learning, the agent uses the previous states and actions to approximate the best action of the current state. When the number of states and actions is abundant, the agent employs a neural network to approximate the best action of each state.This paper presents a deep reinforcement learning system to project the next step of APTs. As there exists some relation between attack steps, we employ the Long Short Term Memory method to approximate the best action of each state. In our proposed system, based on the current situation, we project the next steps of APT threats.We have evaluated our proposed system on the DAPT2020 dataset. Based on the evaluations performed on the mentioned dataset, six criteria F1, accuracy, precision, recall, loss, and average time were obtained, which are 0.9533, 0.9736, 0.9352, 0.97, 0.0143, and 0.05749(seconds), respectively.

In the realm of machine learning, Generative Adversarial Networks (GANs) have revolutionized the generation of synthetic data, closely mirroring the distribution of real datasets. This paper delves into the privacy concerns associated with GANs, particularly focusing on Membership Inference Attacks (MIAs), which aim to determine if a specific record was used in training a model. Such attacks pose significant privacy risks, especially when sensitive data is involved. To combat this, we propose a novel detector model designed to identify and thwart MIAs within GANs. Our model, which operates as an additional layer of protection for Machine Learning as a Service (MLaaS) providers, leverages outputs from both the discriminator and generator to ascertain the membership status of data samples. We introduce two variants of the detector model—supervised and unsupervised—based on the availability of information from the discriminator. The supervised detector employs labeled data for training, while the unsupervised detector uses anomaly detection techniques. Our experimental evaluation spans various GAN architectures and datasets, ensuring the robustness and generalizability of our approach. The paper also analyzes the impact of dataset size on the detector's effectiveness. By integrating our detector, MLaaS providers can enhance privacy safeguards, striking a balance between model utility and data protection.

As cyber threats grow increasingly sophisticated, the importance of security training as an effective means of prevention will become even more critical. Cyber Range (CR) is a platform for creating cyber training programs using virtualization and simulation technologies to create a realistic training environment. The main challenge for utilizing a CR is the specialized human resources required to design and maintain training sessions. To tackle this challenge, several high-level languages, known as Scenario Description Languages (SDLs), have been developed to enable the specification of training environments as models. These models can then be automatically transformed into deployment artifacts. Our studies showed that the existing SDLs could not address requirements when designing complex scenarios where multiple trainees should collaborate to reach a desired goal through various acceptable solutions. We present the Collaborative Security Training SDL (CST-SDL) for creating multi-trainee and multi-solution scenarios. CST-SDL uses an acyclic directional graph for specifying the scenario's solution routes and allows defining trainees with unique tasks, goals, and solution routes during the training session. To evaluate the CST-SDL's capabilities, we have implemented and integrated it into the KYPO cyber range.

The main role of BKZ simulations focuses on showing the behavior of BKZ algorithm for high block sizes, therefore current lattice security analysis (e.g., bit-security estimations and selection of efficient/secure parameter set for current LWE/NTRU-based schemes) needs to these simulations. This paper claims that current BKZ simulations are not necessarily accurate enough for exact lattice security analysis, so for first time, this study introduces two provable tools of “Emulation of updating GSO norms/coefficients” and “Emulation of LLL function” to be used in designing an accurate BKZ simulation. In fact, this paper proves that for a typical SVP solver “Z” (e.g., GNR-enumeration, Sieving, discrete pruning, etc.), if there is a simulation of “Z_emulate” which provably emulates the behaviour of practical running of “Z”, then Our BKZ Simulation by using “emulate_SVPSolver”=“Z_emulate” can provably emulates BKZ algorithm using SVP solver “Z”! Our BKZ Simulation solves different problems and weaknesses in former BKZ simulations. Our tests show that, altogether the shape of GSO norms ‖b_i^* ‖^2, root-Hermite factor of basis, estimated total cost and running time in “Experimental Running of Original BKZ algorithm” are more close to the corresponding test results in “Our BKZ Simulation”, than to the test results in “Chen-Nguyen’s BKZ-simulation”, “BKZ-Simulation by Shi Bai & et al” and some other BKZ models and approximations. Moreover, wrong strategy of updating GSO norms/coefficients in Chen-Nguyen’s BKZ-simulation leads to many GSO violation errors in lattice blocks, while our test results verify that whole these errors would be eliminated automatically in Our BKZ Simulation.