Cyber-physical systems, in which ICT systems and field devices are interconnected and interlocked, have become widespread. More threats need to be taken into consideration when designing the security of cyber-physical systems. Attackers may cause damage to the physical world by attacks which exploit vulnerabilities of ICT systems, while other attackers may use the weaknesses of physical boundaries to exploit ICT systems. Therefore, it is necessary to assess such risks of attacks properly. A direct-access attack in the field of automobiles is the latter type of attacks where an attacker connects unauthorized equipment to an in-vehicle network directly and attempts unauthorized access. But it has been considered as less realistic and evaluated less risky than other threats via network entry points by conventional risk assessment methods. We focused on reassessing threats via direct access attacks in proposing effective security design procedures for cyber-physical systems based on a guideline for automobiles, JASO TP15002. In this paper, we focus on “fitting to a specific area or viewpoint” of such a cyber-physical system, and devise a new risk quantification method, RSS-CWSS_CPS based on CWSS, which is also a vulnerability evaluation standard for ICT systems. It can quantify the characteristics of the physical boundaries in cyber-physical systems.

We present a negative result of fuzzy extractors with computational security. Specifically, we show that, under a computational condition, a computational fuzzy extractor implies the existence of an information-theoretic fuzzy extractor with slightly weaker parameters. Our result implies that to circumvent the limitations of information-theoretic fuzzy extractors, we need to employ computational fuzzy extractors that are not invertible by non-lossy functions.

An authentication code (A-code) is a two-party message authentication code in the information-theoretic security setting. One of the variants of A-codes is a multi-receiver authentication code (MRA-code), where there are a single sender and multiple receivers and the sender can create a single authenticator so that all receivers accepts it unless it is maliciously modified. In this paper, we introduce a multi-designated receiver authentication code (MDRA-code) with information-theoretic security as an extension of MRA-codes. The purpose of MDRA-codes is to securely transmit a message via a broadcast channel from a single sender to an arbitrary subset of multiple receivers that have been designated by the sender, and only the receivers in the subset (i.e., not all receivers) should accept the message if an adversary is absent. This paper proposes a model and security formalization of MDRA-codes, and provides constructions of MDRA-codes.

We attempt to design and fabricate of a 4×4 Butler matrix for short-millimeter-wave frequencies by using the microfabrication process for a polytetrafluoroethylene (PTFE) substrate-integrated waveguide (SIW) by the synchrotron radiation (SR) direct etching of PTFE and the addition of a metal film by sputter deposition. First, the dimensions of the PTFE SIW using rectangular through-holes for G-band (140-220 GHz) operation are determined, and a cruciform 90 ° hybrid coupler and an intersection circuit are connected by the PTFE SIW to design the Butler matrix. Then, a trial fabrication is performed. Finally, the validity of the design result and the fabrication process is verified by measuring the radiation pattern.

Register automaton (RA) is an extension of finite automaton by adding registers storing data values. RA has good properties such as the decidability of the membership and emptiness problems. Linear temporal logic with the freeze quantifier (LTL↓) proposed by Demri and Lazić is a counterpart of RA. However, the expressive power of LTL↓ is too high to be applied to automatic verification. In this paper, we propose a subclass of modal µ-calculus with the freeze quantifier, which has the same expressive power as RA. Since a conjunction ψ1 ∧ ψ2 in a general LTL↓ formula cannot be simulated by RA, the proposed subclass prohibits at least one of ψ1 and ψ2 from containing the freeze quantifier or a temporal operator other than X (next). Since the obtained subclass of LTL↓ does not have the ability to represent a cycle in RA, we adopt µ-calculus over the subclass of LTL↓, which allows recursive definition of temporal formulas. We provide equivalent translations from the proposed subclass of µ-calculus to RA and vice versa and prove their correctness.

Calculation is a solitaire card game with a standard 52-card deck. Initially, cards A, 2, 3, and 4 of any suit are laid out as four foundations. The remaining 48 cards are piled up as the stock, and there are four empty tableau piles. The purpose of the game is to move all cards of the stock to foundations. The foundation starting with A is to be built up in sequence from an ace to a king. The other foundations are similarly built up, but by twos, threes, and fours from 2, 3, and 4 until a king is reached. Here, a card of rank i may be used as a card of rank i + 13j for j ∈ {0, 1, 2, 3}. During the game, the player moves (i) the top card of the stock either onto a foundation or to the top of a tableau pile, or (ii) the top card of a tableau pile onto a foundation. We prove that the generalized version of Calculation Solitaire is NP-complete.

One of the long-standing research problems on logic programming is to treat the cut predicate in a logical, high-level way. We argue that this problem can be solved by adopting linear logic and choice-disjunctive goal formulas of the form G0 ⊕ G1 where G0, G1 are goals. These goals have the following intended semantics: choose the true disjunct Gi and execute Gi where i (= 0 or 1), while discarding the unchosen disjunct. Note that only one goal can remain alive during execution. These goals thus allow us to specify mutually exclusive tasks in a high-level way. Note that there is another use of cut which is for breaking out of failure-driven loops and efficient heap management. Unfortunately, it is not possible to replace cut of this kind with use of choice-disjunctive goals.

Using third-party intellectual properties (3PIP) has been a norm in IC design development process to meet the time-to-market demand and at the same time minimizing the cost. But this flow introduces a threat, such as hardware trojan, which may compromise the security and trustworthiness of underlying hardware, like disclosing confidential information, impeding normal execution and even permanent damage to the system. In years, different detections methods are explored, from just identifying if the circuit is infected with hardware trojan using conventional methods to applying machine learning where it identifies which nets are most likely are hardware trojans. But the performance is not satisfactory in terms of maximizing the detection rate and minimizing the false positive rate. In this paper, a new hardware trojan detection approach is proposed where gate-level netlist is segmented into regions first before analyzing which nets might be hardware trojans. The segmentation process depends on the nets' connectivity, more specifically by looking on each fanout points. Then, further analysis takes place by means of computing the structural similarity of each segmented region and differentiate hardware trojan nets from normal nets. Experimental results show 100% detection of hardware trojan nets inserted on each benchmark circuits and an overall average of 1.38% of false positive rates which resulted to a higher accuracy with an average of 99.31%.

In order to solve the low-quality problems such as low brightness, poor contrast, noise interference and color imbalance in night images, a night image enhancement algorithm based on MDIFE-Net curve estimation is presented. This algorithm mainly consists of three parts: Firstly, we design an illumination estimation curve (IEC), which adjusts the pixel level of the low illumination image domain through a non-linear fitting function, maps to the enhanced image domain, and effectively eliminates the effect of illumination loss; Secondly, the DCE-Net is improved, replacing the original Relu activation function with a smoother Mish activation function, so that the parameters can be better updated; Finally, illumination estimation loss function, which combines image attributes with fidelity, is designed to drive the no-reference image enhancement, which preserves more image details while enhancing the night image. The experimental results show that our method can not only effectively improve the image contrast, but also make the details of the target more prominent, improve the visual quality of the image, and make the image achieve a better visual effect. Compared with four existing low illumination image enhancement algorithms, the NIQE and STD evaluation index values are better than other representative algorithms, verify the feasibility and validity of the algorithm, and verify the rationality and necessity of each component design through ablation experiments.

Quadrature voltage-controlled oscillators (VCOs) with current-weight-average and voltage-weight-average phase-adjusting architectures are studied. The phase adjusting equalizes the oscillation frequency to the LC-resonant frequency. The merits of the equalization are explained by using Leeson's phase noise equation and the impulse sensitivity function (ISF). Quadrature VCOs with the phase-adjusting architectures are fabricated using 180-nm TSMC CMOS and show low-phase-noise performances compared to a conventional differential VCO. The ISF analysis and small-signal analysis also show that the drawbacks of the current-weight-average phase-adjusting and voltage-weight-average phase-adjusting architectures are current-source noise effect and large additional capacitance, respectively. A voltage-average-adjusting circuit with a source follower at its input alleviates the capacitance increase.

Web application second-order vulnerabilities first inject malicious code into the persistent data stores of the web server and then execute it at later sensitive operations, causing severe impact. Nevertheless, the dynamic features, the complex data propagation, and the inter-state dependencies bring many challenges in discovering such vulnerabilities. To address these challenges, we propose DISOV, a web application property graph (WAPG) based method to discover second-order vulnerabilities. Specifically, DISOV first constructs WAPG to represent data propagation and inter-state dependencies of the web application, which can be further leveraged to find the potential second-order vulnerabilities paths. Then, it leverages fuzz testing to verify the potential vulnerabilities paths. To verify the effectiveness of DISOV, we tested it in 13 popular web applications in real-world and compared with Black Widow, the state-of-the-art web vulnerability scanner. DISOV discovered 43 second-order vulnerabilities, including 23 second-order XSS vulnerabilities, 3 second-order SQL injection vulnerabilities, and 17 second-order RCE vulnerabilities. While Black Widow only discovered 18 second-order XSS vulnerabilities, with none second-order SQL injection vulnerability and second-order RCE vulnerability. In addition, DISOV has found 12 0-day second-order vulnerabilities, demonstrating its effectiveness in practice.

Currently, NDN-based VANETs protocols have several problems with packet overhead of rebroadcasting, control packet, and the accuracy of next-hop selection due to the dynamic topology. To deal with these problems in this paper, we propose a robust and lightweight forwarding protocol in Vehicular ad-hoc Named Data Networking. The concept of our forwarding protocol is adopting a packet-free approach. A vehicle collects its neighbor's visual identification by a pair of cameras (front and rear) to assign a unique visual ID for each node. Based on these IDs, we construct a hop-by-hop FIB-based forwarding strategy effectively. Furthermore, the Face duplication [1] in the wireless environment causes an all-broadcast problem. We add the visual information to Face to distinguish the incoming and outgoing Face to prevent broadcast-storm and make FIB and PIT work more accurate and efficiently. The performance evaluation results focusing on the communication overhead show that our proposal has better results in overall network traffic costs and Interest satisfaction ratio than previous works.

Mixed-Polarity Multiple-Control Toffoli (MPMCT) gates are generally used to implement large control logic functions for quantum computation. A logic circuit consisting of MPMCT gates needs to be mapped to a quantum computing device that invariably has a physical limitation, which means we need to (1) decompose the MPMCT gates into one- or two-qubit gates, and then (2) insert SWAP gates so that all the gates can be performed on Nearest Neighbor Architectures (NNAs). Up to date, the above two processes have only been studied independently. In this work, we investigate that the total number of gates in a circuit can be decreased if the above two processes are considered simultaneously as a single step. We developed a method that inserts SWAP gates while decomposing MPMCT gates unlike most of the existing methods. Also, we consider the effect on the latter part of a circuit carefully by considering the qubit placement when decomposing an MPMCT gate. Experimental results demonstrate the effectiveness of our method.

Monocular depth estimation has improved drastically due to the development of deep neural networks (DNNs). However, recent studies have revealed that DNNs for monocular depth estimation contain vulnerabilities that can lead to misestimation when perturbations are added to input. This study investigates whether DNNs for monocular depth estimation is vulnerable to misestimation when patterned light is projected on an object using a video projector. To this end, this study proposes an evolutionary adversarial attack method with multi-fidelity evaluation scheme that allows creating adversarial examples under black-box condition while suppressing the computational cost. Experiments in both simulated and real scenes showed that the designed light pattern caused a DNN to misestimate objects as if they have moved to the back.

This paper considers tracking of a non-cooperative emitter based on a single sensor. To this end, the direct target motion analysis (DTMA) approach, where the target state is straightforwardly achieved from the received signal, is exploited. In order to achieve observability, the sensor has to perform a maneuver relative to the emitter. By suitably building an approximated likelihood function, the unscented Kalman filter (UKF), which is able to work under high nonlinearity of the measurement model, is adopted to recursively estimate the target state. Besides, the posterior Cramér-Rao bound (PCRB) of DTMA, which can be used as performance benchmark, is also achieved. The effectiveness of proposed method is verified via simulation experiments.

Searchable symmetric encryption (SSE) enables clients to search encrypted data. Curtmola et al. (ACM CCS 2006) formalized a model and security notions of SSE and proposed two concrete constructions called SSE-1 and SSE-2. After the seminal work by Curtmola et al., SSE becomes an active area of encrypted search. In this paper, we focus on two unnoticed problems in the seminal paper by Curtmola et al. First, we show that SSE-2 does not appropriately implement Curtmola et al.'s construction idea for dummy addition. We refine SSE-2's (and its variants') dummy-adding procedure to keep the number of dummies sufficiently many but as small as possible. We then show how to extend it to the dynamic setting while keeping the dummy-adding procedure work well and implement our scheme to show its practical efficiency. Second, we point out that the SSE-1 can cause a search error when a searched keyword is not contained in any document file stored at a server and show how to fix it.

Order-preserving encryption using the hypergeomatric probability distribution leaks about the half bits of a plaintext and the distance between two arbitrary plaintexts. To solve these problems, Popa et al. proposed a mutable order-preserving encoding. This is a keyless encoding scheme that adopts an order-preserving index locating the corresponding ciphertext via tree-based data structures. Unfortunately, it has the following shortcomings. First, the frequency of the ciphertexts reveals that of the plaintexts. Second, the indices are highly correlated to the corresponding plaintexts. For these reasons, statistical cryptanalysis may identify the encrypted fields using public information. To overcome these limitations, we propose a multi-tree approach to the mutable order-preserving encoding. The cost of interactions increases by the increased number of trees, but the proposed scheme mitigates the distribution leakage of plaintexts and also reduces the problematic correlation to plaintexts.

In [2], Choi et al. proposed an identity-based password-authenticated key exchange (iPAKE) protocol using the Boneh-Franklin IBE scheme, and its generic construction (UKAM-PiE) that was standardized in ISO/IEC 11770-4/AMD 1. In this paper, we show that the iPAKE and UKAM-PiE protocols are insecure against passive/active attacks by a malicious PKG (Private Key Generator) where the malicious PKG can find out all clients' passwords by just eavesdropping on the communications, and the PKG can share a session key with any client by impersonating the server. Then, we propose a strengthened PAKE (for short, SPAIBE) protocol with IBE, which prevents such a malicious PKG's passive/active attacks. Also, we formally prove the security of the SPAIBE protocol in the random oracle model and compare relevant PAKE protocols in terms of efficiency, number of passes, and security against a malicious PKG.

Towards realization of a noise-induced synchronization in a natural environment, an experimental study is carried out using the Van der Pol oscillator circuit. We focus on acoustic sounds as a potential source of noise that may exist in nature. To mimic such a natural environment, white noise sounds were generated from a loud speaker and recorded into microphone signals. These signals were then injected into the oscillator circuits. We show that the oscillator circuits spontaneously give rise to synchronized dynamics when the microphone signals are highly correlated with each other. As the correlation among the input microphone signals is decreased, the level of synchrony is lowered monotonously, implying that the input correlation is the key determinant for the noise-induced synchronization. Our study provides an experimental basis for synchronizing clocks in distributed sensor networks as well as other engineering devices in natural environment.

Modular multilevel converters (MMCs) are an emerging and promising option for medium voltage direct current (MVDC) of all- electric ships. In order to improve the stability of the MVDC transmission system for ships, this paper presents a new control inputs-based Lyapunov strategy based on feedback linearization. Firstly, a set of dynamics equations is proposed based on separating the dynamics of AC-part currents and MMCs circulating currents. The new control inputs can be obtained by the use of feedback linearization theory applied to the dynamic equations. To complete the dynamic parts of the new control inputs from the viewpoint of MVDC system stability, the Lyapunov theory is designed some compensators to demonstrate the effects of the new control inputs on the MMCs state variable errors and its dynamic. In addition, the carrier phase shifted modulation strategy is used because of applying the few number of converter modules to the MVDC system for ships. Moreover, relying on the proposed control strategy, a simulation model is built in MATLAB/SIMULINK software, where simulation results are utilized to verify the validity of proposed control strategy in the MMC-based MVDC system for ships.