Applying a Dependency Mechanism for Voting Protocol Models Using Event-B

International audienceThe design of e-voting systems requires the use of techniques which guarantee that the resulting system is safe, secure and preserves privacy. We develop Event-B models of a voting system, by applying a decomposition pattern and a technique of contextualisation, using a dependency mechanism. Through refinement, we take into account the precise regulation and structure of a specific voting process, and reason formally about the system’s resistence to common attacks and threats

Security in Wireless Sensor Networks: Issues and Challenges

Wireless Sensor Network (WSN) is an emerging technology that shows great promise for various futuristic applications both for mass public and military. The sensing technology combined with processing power and wireless communication makes it lucrative for being exploited in abundance in future. The inclusion of wireless communication technology also incurs various types of security threats. The intent of this paper is to investigate the security related issues and challenges in wireless sensor networks. We identify the security threats, review proposed security mechanisms for wireless sensor networks. We also discuss the holistic view of security for ensuring layered and robust security in wireless sensor networks.Comment: 6 page

Cyber Security and Critical Infrastructures 2nd Volume

The second volume of the book contains the manuscripts that were accepted for publication in the MDPI Special Topic "Cyber Security and Critical Infrastructure" after a rigorous peer-review process. Authors from academia, government and industry contributed their innovative solutions, consistent with the interdisciplinary nature of cybersecurity. The book contains 16 articles, including an editorial that explains the current challenges, innovative solutions and real-world experiences that include critical infrastructure and 15 original papers that present state-of-the-art innovative solutions to attacks on critical systems

Security and efficiency of collateral in decentralized finance

Decentralized Finance (DeFi) promises to be a new contender for a radically new financial system. Its foundations are censorship-resistant, non-custodial, and transparent financial protocols. Securing these protocols is achieved by combining cryptographic primitives with economic incentives instead of relying on trusted intermediaries. In DeFi, financial collateral is the central incentive measure providing repercussions against "misbehaving” agents. However, requiring collateral introduces security and efficiency concerns. (i) Securing DeFi protocols using price-volatile and complex assets requires careful risk management. (ii) Efficiency of capital is diminished since locking assets is an opportunity cost and restricts access to DeFi to agents with sufficient funds. We tackle these issues by developing new protocols to optimize collateral requirements in existing DeFi protocols safely. Our contributions are threefold. First, we provide a risk-based classification of collateral applied in DeFi protocols. Specifically, the classification serves as the starting point to develop a model capturing the security property of financial collateral with unique risks in DeFi. Second, we present two protocols that can be integrated into existing DeFi protocols. Promise transforms suitable DeFi protocols into a subscription mechanism lowering the initial capital locking requirements thus tackling the capital efficiency of collateral. Balance is a protocol to reduce collateral in DeFi protocols safely. Balance is similar to a credit scoring system where “well-behaving” agents enjoy a lowered collateral. As such, Balance can be used both to tailor security of protocols by required per-agent collateral requirements instead of per-protocol requirements and, at the same time, increase capital efficiency of collateral. We demonstrate the practical applicability of Promise and Balance by decreasing collateral in the XCLAIM cross-chain communication protocol by up to 10% under conservative assumptions. Third, we discuss the practical security of financial collateral. We outline new types of attacks on DeFi protocols secured by collateral through trustless coordination of rational agents and so-called flash loans with the example of the popular Maker protocol. We conclude by noting the perils of constructing collateralized DeFi protocols and outlining strands of future work to increase their security and efficiency.Open Acces

Overview of Polkadot and its Design Considerations

In this paper we describe the design components of the heterogenous multi-chain protocol Polkadot and explain how these components help Polkadot address some of the existing shortcomings of blockchain technologies. At present, a vast number of blockchain projects have been introduced and employed with various features that are not necessarily designed to work with each other. This makes it difficult for users to utilise a large number of applications on different blockchain projects. Moreover, with the increase in number of projects the security that each one is providing individually becomes weaker. Polkadot aims to provide a scalable and interoperable framework for multiple chains with pooled security that is achieved by the collection of components described in this paper

AI Solutions for MDS: Artificial Intelligence Techniques for Misuse Detection and Localisation in Telecommunication Environments

This report considers the application of Articial Intelligence (AI) techniques to the problem of misuse detection and misuse localisation within telecommunications environments. A broad survey of techniques is provided, that covers inter alia rule based systems, model-based systems, case based reasoning, pattern matching, clustering and feature extraction, articial neural networks, genetic algorithms, arti cial immune systems, agent based systems, data mining and a variety of hybrid approaches. The report then considers the central issue of event correlation, that is at the heart of many misuse detection and localisation systems. The notion of being able to infer misuse by the correlation of individual temporally distributed events within a multiple data stream environment is explored, and a range of techniques, covering model based approaches, `programmed' AI and machine learning paradigms. It is found that, in general, correlation is best achieved via rule based approaches, but that these suffer from a number of drawbacks, such as the difculty of developing and maintaining an appropriate knowledge base, and the lack of ability to generalise from known misuses to new unseen misuses. Two distinct approaches are evident. One attempts to encode knowledge of known misuses, typically within rules, and use this to screen events. This approach cannot generally detect misuses for which it has not been programmed, i.e. it is prone to issuing false negatives. The other attempts to `learn' the features of event patterns that constitute normal behaviour, and, by observing patterns that do not match expected behaviour, detect when a misuse has occurred. This approach is prone to issuing false positives, i.e. inferring misuse from innocent patterns of behaviour that the system was not trained to recognise. Contemporary approaches are seen to favour hybridisation, often combining detection or localisation mechanisms for both abnormal and normal behaviour, the former to capture known cases of misuse, the latter to capture unknown cases. In some systems, these mechanisms even work together to update each other to increase detection rates and lower false positive rates. It is concluded that hybridisation offers the most promising future direction, but that a rule or state based component is likely to remain, being the most natural approach to the correlation of complex events. The challenge, then, is to mitigate the weaknesses of canonical programmed systems such that learning, generalisation and adaptation are more readily facilitated