In this paper a new security technique aiming to ensure safe and reliable communications between different nodes on an automotive Controller Area Network (CAN) is presented. The proposed method relies on a robust authentication code using Blake-3 as a hash algorithm within an adapted structure that includes a monitor node. A prototype is implemented and run effectively to perform hardware simulations of real case-based security problems of automotive embedded CAN systems. As a result, data transfer can take place on a newly enhanced CAN bus according to the standard protocol without being intercepted nor tampered with by unauthorized parties thereby highlighting the effectiveness of the proposed technique.

This paper deals with the phase-shift fault analysis of stream cipher Grain v1. We assume that the attacker is able to desynchronize the linear and nonlinear registers of the cipher during the keystream generation phase by either forcing one of the registers to clock one more time, while the other register is not clocked, or by preventing one of the registers from clocking, while the other register is clocked. Using this technique, we are able to obtain the full inner state of the cipher in reasonable time (under 12 hours on a single PC) by using 150 bits of unfaulted keystream, 600 bits of faulted keystreams and by correctly guessing 28 bits of the linear register.

Nowadays, alternative models of elliptic curves like Montgomery, Edwards, twisted Edwards, Hessian, twisted Hessian, Huff’s curves and many others are very popular and many people use them in cryptosystems which are based on elliptic curve cryptography. Most of these models allow to use fast and complete arithmetic which is especially convenient in fast implementations that are side-channel attacks resistant. Montgomery, Edwards and twisted Edwards curves have always order of group of rational points divisible by 4. Huff’s curves have always order of rational points divisible by 8. Moreover, sometimes to get fast and efficient implementations one can choose elliptic curve with even bigger cofactor, for example 16. Of course the bigger cofactor is, the smaller is the security of cryptosystem which uses such elliptic curve. In this article will be checked what influence on the security has form of cofactor of elliptic curve and will be showed that in some situations elliptic curves with cofactor divisible by 2m are vulnerable for combined small subgroups and side-channel attacks.

Federated Learning is an upcoming concept used widely in distributed machine learning. Federated learning (FL) allows a large number of users to learn a single machine learning model together while the training data is stored on individual user devices. Nonetheless, federated learning lessens threats to data privacy. Based on iterative model averaging, our study suggests a feasible technique for the federated learning of deep networks with improved security and privacy. We also undertake a thorough empirical evaluation while taking various FL frameworks and averaging algorithms into consideration. Secure Multi Party Computation, Secure Aggregation, and Differential Privacy are implemented to improve the security and privacy in a federated learning environment. In spite of advancements, concerns over privacy remain in FL, as the weights or parameters of a trained model may reveal private information about the data used for training. Our work demonstrates that FL can be prone to label-flipping attack and a novel method to prevent label-flipping attack has been proposed. We compare standard federated model aggregation and optimization methods, FedAvg and FedProx using benchmark data sets. Experiments are implemented in two different FL frameworks - Flower and PySyft and the results are analysed. Our experiments confirm that classification accuracy increases in FL framework over a centralized model and the model performance is better after adding all the security and privacy algorithms. Our work has proved that deep learning models perform well in FL and also is secure.

In this article we describe the SHA-3 algorithm and its internal permutation in which potential weaknesses are hidden. The hash algorithm can be used for different purposes, such aspseudo-random bit sequences generator, key wrapping or one pass authentication, especially in weak devices (WSN, IoT, etc.). Analysis of the function showed that successful preimage attacksare possible for low round hashes, protection from which only works with increasing the number of rounds inside the function.When the hash function is used for building lightweight applications, it is necessary to apply a small number of rounds,which requires additional security measures. This article proposes a variant improved hash function protecting against preimage attacks, which occur on SHA-3. We suggest using an additional external randomness sources obtained from a lightweight PRNG or from application of the source data permutation.

Defending against DoS (denial of service) attacks has become a great challenge, especially for institutions that provide access to their services in the public network. State-of-the-art identity concealing tools and vast number of computers connected to the network require ensuring appropriate means for entities at risk to enable defence from the particular type of threats. This article presents a concept of user authentication in IP communication. The concept consists in providing the receiver with the possibility to determine sender՚s identity at the Internet layer level. This provides both the capability of defence against DoS attacks and possibility of utilizing the presented model over existing Internet network, which is directly responsible for transmission. The authors hope that the concept is a significant step in the perception of public network data transmission.

This article describes security mechanisms used by 3rd-7th layers in OSI/ISO network model. Many of commonly used protocols by these layers were designed with assumption that there are nointruders. Such assumption was true many years ago. The network situation has been changed for last few years and we should realize that some properties of existing protocols may be abused. Moreover, we should exchange some of them or create new versions. There are some methods and guidelines concerning secure programming, but there is also lack of guidelines about creating secure protocols. Authors see the necessity of such guideline and this article is an attempt at analysing existing solutions and selecting some universal and important patterns.

This article is referenced to the thirtieth anniversary of the ICJ’s Nicaragua judgement on the merits of 1986. It acknowledges the significance of this much-debated judgement for the modern international law on the use of force (jus ad bellum). However the text focuses on one aspect of the judgment only, i.e. the definition of the notion of “armed attack” as the most grave form of the use of force. The impact of the judgement in this respect is critically analysed. It is argued that the introduction to the UN Charter text of undefined notions of the use of force, aggression, and armed attack may be labelled as the “original sin” of contemporary jus ad bellum, as it results in conceptual obscurity. It is also claimed that the ICJ reaffirmed this original sin in its Nicaragua judgment because it explicitly argued for the notion of “armed attack” as the most grave form of the use of armed force and, in consequence, distinguished it from the other, lesser forms of the use of force, while failing to introduce any sort of clarity in the conceptual ambiguity of jus ad bellum. The article also offers some remarks de lege ferenda and suggests abandoning the gravity criterion, which would require abandoning the well-established judicial and doctrinal interpretation approaches to jus ad bellum.

Encryption is one of the most effective methods of securing data confidentiality, whether stored on hard drives or transferred (e.g. by e-mail or phone call). In this paper a new state recovery attack with tabu search is introduced. Based on research and theoretical approximation it is shown that the internal state can be recovered after checking 252 internal states for RC4 and 2180 for VMPC.

The Kirchhoff-law-Johnson-noise (KLJN) scheme is a statistical/physical secure key exchange system based on the laws of classical statistical physics to provide unconditional security. We used the LTSPICE industrial cable and circuit simulator to emulate one of the major active (invasive) attacks, the current injection attack, against the ideal and a practical KLJN system, respectively. We show that two security enhancement techniques, namely, the instantaneous voltage/current comparison method, and a simple privacy amplification scheme, independently and effectively eliminate the information leak and successfully preserve the system’s unconditional security.

The paper presents numerical simulations related to the problem of how to obtain correct results in transonic wind tunnel during tests at high airfoil angles of attack. At this flow conditions, significant pressure losses appear in the test section, what leads to significant errors in measured data. Regarding the possible ways of tunnel reconstruction, we examined three different possibilities of changing the test section configurations: an increase of the test section height, displacement of the airfoil below the tunnel centreline and, finally, introduction of divergent test section walls. It was shown that neither the use of higher test section, nor the change of the airfoil location, gives any significant improvement in reference to the existing tunnel configuration. Only after divergent test section walls were introduced, the distributions of pressure coefficient became well consistent with their expected values.

This paper presents a numerical analysis on turbulent flow and forced-convection characteristics of rectangular solar air heater tube fitted with staggered, transverse, V-shape, modern obstacles on the heated walls. Air, whose Prandtl number is 0.71, is the working fluid used, and the Reynolds number considered equal to 6×103. The governing flow equations are solved using a finite volume approach and the semi-implicit pressure linked equation (SIMPLE) algorithm. With regard to the flow characteristics, the quadratic upstream interpolation for convective kinetics differencing scheme (QUICK) was applied, and a second-order upwind scheme (SOU) was used for the pressure terms. The dynamic thermo-energy behavior of the V-shaped baffles with various flow attack angles, i.e., 50°, 60°, 70°, and 80° are simulated, analyzed, and compared with those of the conventional flat rectangular baffles with attack value of 90°. In all situations, the thermal transfer rate was found to be much larger than unity; its maximum value was around 3.143 for the flow attack angle of 90° and y = H/2.

Software vulnerability life cycles illustrate changes in detection processes of software vulnerabilities during using computer systems. Unfortunately, the detection can be made by cyber-adversaries and a discovered software vulnerability may be consequently exploited for their own purpose. The vulnerability may be exploited by cyber-criminals at any time while it is not patched. Cyber-attacks on organizations by exploring vulnerabilities are usually conducted through the processes divided into many stages. These cyber-attack processes in literature are called cyber-attack live cycles or cyber kill chains. The both type of cycles have their research reflection in literature but so far, they have been separately considered and modeled. This work addresses this deficiency by proposing a Markov model which combine a cyber-attack life cycle with an idea of software vulnerability life cycles. For modeling is applied homogeneous continuous time Markov chain theory.

This study introduces a robust strategy for regulating output voltage in the presence of false data injection (FDI) attacks. Employing a hierarchical approach, we disentangle the distributed secondary control problem into two distinct facets: an observer-based resilient tracking control problem and a decentralized control problem tailored for real systems. Notably, our strategy eliminates the reliance on global information and effectively mitigates the impact of FDI attacks on directed communication networks. Ultimately, simulation results corroborate the efficacy of our approach, demonstrating successful voltage regulation within the system and proficient management of FDI attacks.

In a corrosive environment with coupled dry-wet-sulfate action, concrete structures are susceptible to erosion by sulfate ions, which seriously affects the safe operating life. To forecast the operational lifetime of concrete below the influence of the dry-wet cycle and sulfate erosion environment, four different admixtures of polypropylene fiber: 0, 0.6, 0.9, and 1.2 kg/m ³, were incorporated into concrete specimens, and indoor accelerated tests were designed to observe the macroscopic and microscopic deterioration law analysis of concrete specimens; using the precept of damage mechanics, the damage of concrete under solubility cycle was established. The damage evolution equation of concrete under freeze-thaw cycles was established and the operational life of concrete was predicted. The results showed that the overall mass loss rate of concrete specimens increased with the number of tests, and the relative energetic modulo decreased with the number of tests; the pore change pattern, microstructure, and internal material composition of specimens under different working conditions were obtained by using NMR scanning technique, SEM electron microscope scanning technique and XRD physical phase analysis technique. The damage evolution equation shows that adding a certain amount of polypropylene fiber to concrete can improve the working life of concrete under dry and wet connected sulfate assault.

Due to their potential to lower CO2 emissions linked with the cement and concrete industries, geopolymer binders are a desirable alternative for Portland cement binders. However, if they are to become a viable alternative to conventional Portland cement materials, their resilience in harsh conditions has to be further investigated. This paper presented mechanical and short-term durability properties of metakaolin based geopolymer concrete at sulphuric acid (H2SO4) solutions exposed with the concentrations of 2%, 3%, 4% and 5% for 14 days. (0%) or unexposed sample also prepared as referral and comparison. The geopolymer concretes were synthesized using an alkali activation of sodium hydroxide (NaOH) and sodium silicate (Na2SiO3). The main objective of the study was to examine the durability and deterioration mechanism parameters like different acid percentages, changes in weight, compressive strength, density and water absorption. Morphology analysis also performed in this study. The results indicated that metakaolin geopolymer experienced some strength deterioration with increasing sulphuric concentration solutions which are from 32.58 MPa, 20.67 MPa and 4.25 MPa at unexposed (0%), 2% and 5% sulphuric acid immersion respectively. Furthermore, change in weight or mass loss and water absorption after the chemical attack resulted directly proportional to sulphuric acid concentration due to increment of crack on the sample. Among that, the metakaolin geopolymer submerged in 2% acid gives the optimum results in terms of durability, mechanical and physical qualities.

This paper addresses the problem of designing secure control for networked multi-agent systems (MASs) under Denial-of-Service (DoS) attacks. We propose a constructive design method based on the interaction topology. The MAS with a non-attack communication topology, modeled by quasi-Abelian Cayley graphs subject to DoS attacks, can be represented as a switched system. Using switching theory, we provide easily applicable sufficient conditions for the networked MAS to remain asymptotically stable despite DoS attacks. Our results are applicable to both continuoustime and discrete-time systems, as well as to discrete-time systems with variable steps or systems that combine discrete and continuous times.

In light of contemporary circumstances, on the 30th anniversary of the Nicaragua judgment it is worth revisiting and considering again certain legal problems decided by – and raised by – the ICJ judgment. This article addresses the importance of the judgment in terms of international legal regulations on the use of force. First and foremost, the article examines the concept of armed attack based on the “gravity” criterion elaborated by the Court and the exercise of the right of self-defence. Moreover, the relationship between customary international law and treaty law, as well as forcible counter-measures and military actions against non-State actors are also discussed in the article. It is argued that the “gravity” criterion used by the ICJ seems controversial and, consequently, may limit the right of self-defence. On the other hand, however, the judgment established a strong barrier to the realization of individual political interests by militarily powerful States. This is the Nicaragua judgment’s long-lasting legacy. In this sense the judgment has stood the test of time.

Flow mechanism under roughened solar air heater is quite complex. This paper is an effort towards determining the governing equations for heat transfer and friction factor for inclined spherical balls roughened ducts. With the availability of these equations, it is easier to predict the thermal and thermohydraulic performance of such roughened solar air heaters. The governing equations are derived based on the experimental data generated under actual outdoor condition at the test rig designed and fabricated at the terrace of the Mechanical Engineering Department, the National Institute of Technology Jamshedpur in India, in terms of roughness and flow parameters. Maximum augmentation in Nusselt number and friction factor for varying relative roughness pitch, relative roughness height, spherical ball height to diameter ratio, and angle of attack was respectively found to be of the order of 2.1 to 3.54 times, 1.87 to 3.21 times, 2.89 to 3.27 times and 1.74 to 3.56 times for Nusselt number and 0.84 to 1.79 times, 1.46 to 1.91 times, 1.67 to 2.34 times and 1.21 to 2.67 times for friction factor in comparison to non-roughened duct. The optimum roughness parameters under present investigation have been found.

In Western music culture instruments have been developed according to unique instrument acoustical features based on types of excitation, resonance, and radiation. These include the woodwind, brass, bowed and plucked string, and percussion families of instruments. On the other hand, instrument performance depends on musical training, and music listening depends on perception of instrument output. Since musical signals are easier to understand in the frequency domain than the time domain, much effort has been made to perform spectral analysis and extract salient parameters, such as spectral centroids, in order to create simplified synthesis models for musical instrument sound synthesis. Moreover, perceptual tests have been made to determine the relative importance of various parameters, such as spectral centroid variation, spectral incoherence, and spectral irregularity. It turns out that the importance of particular parameters depends on both their strengths within musical sounds as well as the robustness of their effect on perception. Methods that the author and his colleagues have used to explore timbre perception are: 1) discrimination of parameter reduction or elimination; 2) dissimilarity judgments together with multidimensional scaling; 3) informal listening to sound morphing examples. This paper discusses ramifications of this work for sound synthesis and timbre transposition.