As an economic and technical point of view, operation of without operator or unmanned substations is of interest to power industry managers, so it is an opportunity to investigate cyber security carefully at this time. In this article, while studying the importance of SCADA (Supervisory Control and Data Acquisition) centers cyber security, the cyber security requirements of two types of DCS (Distribution Control System) and traditional substations and the communication of these types of substations and the corresponding SCADA center were examined. In this article, based on the documents and standards of industrial cyber security and power industry, the security requirements of substations and their communications with the relevant centers were extracted, and these requirements were prioritized based on knowledge of the industry and the importance of existing departments and processes. In addition, due to the non-implementation of security requirements in high power substations, it was emphasized to pay attention to the cyber security considerations of this area, such as preparing security risk management documents, paying attention to personnel training and receiving security approvals.

Hardware Trojan is a hardware security threat that attempts to insert in the circuit and modifies the hardware stealthy. Trojan detection and design-for-trust are the main defensive strategies against hardware Trojan. The target of Trojan detection is to verify hardware Trojan and in design-for-security, the security techniques are presented for facilitating detection or preventing hardware Trojan insertion. In this work, we introduce a capacitor-based timing hardware Trojan (THT) model and then discuss how to analyze the vulnerability of gate-level circuits against such THT model. For THT that violates timing constraints in the circuit, the susceptible nets are recognized. Susceptible nets to THT are vulnerable nets in path-delay analysis and logic testing detection approaches and they are not detectable easily. The experimental results show that the number of vulnerable nets to the capacitor-based THT model is small enough so that a design-for-trust approach can be proposed.

The conventional electricity infrastructure relies on the usage of fossil fuels, which harms the environment greatly. A smart grid is an infrastructure that enables the integration of renewable resources with the distribution system, as well as the potential of establishing a two-way flow of energy and data between network management and subscribers in order to optimize energy use. However, this data flow may be misused by attackers to disrupt security and causes power network imbalances.Therefore, it is necessary to exploit different security protocols to exchange data in this platform. One of these security protocols is the authenticated key agreement protocol, which allows the parties to authenticate each other and share a key to encrypt data. Recently Zhang et al. proposed a lightweight key authentication protocol based on hash functions. In this paper, we examine their protocol and show that vulnerable to denial of service (DOS) attack and also is not optimized to implement on smart grid. Then we present a lightweight and secure authentication protocol based on hash functions.

The use of lightweight and light weight block ciphers in the Internet of Things is inevitable. Recently, Midori64 has received a lot of attention among other lightweight ciphers due to its very low power consumption. Midori64 security has been threatened by various attacks, including side channel attacks. One of the types of side channel attacks is correlation power analysis, in which an attacker can discover the encryption key by using the power leak of the cryptographic chip while the algorithm is running, data being processed and operations being executed. Masking against power analysis attacks is known as one of the most effective methods of cryptographic algorithms. The purpose of the mask is to disrupt the relationship between power consumption and ongoing operations. In this paper, an implemented version of the Midori64 code on an Atmega32 AVR micro-controller is attacked by correlation power analysis, and an encryption key with 300 blocks of plain text is discovered. After masking the Midori64 with the Boolean masking method, the attack was performed again, and the experimental results showed that the Boolean masking method could prevent key discovery.

The development and use of electronic health records (EHR) have had remarkable impacts on human life, such as improvements in the quality of medical care, better research results, and enhancements in treatment methods. Despite these improvements, availability, security and privacy concerns have remained to be very important in this field. In this article, we propose a decentralized and distributed system for electronic health records management with the help of the blockchain technology and its potential benefits. In this system, patient information is stored in the cloud. Also, the real owner of the electronic records is the patient, and with the help of smart contracts and encryption, he/she controls how to access his/her health information. In the proposed solution, the problem of sharing and storing the patients’ keys has been solved with the help of smart contracts. In addition, we proposed solutions to special cases which are raised by transferring the control of the records to the patients such as permissions for underage patients, in emergency situations, and after the death of the patient. Comparison of the related works shows that the proposed system has solved the problems of competing systems while maintaining a high level of privacy.

Detection of browser attacks is considered a serious challenge in today’s web applications. Man in the Browser (MitB) attack is an important type of these attacks that can lead to changes in web page contents, interference in network traffic, session hijacking, and user information theft by using Trojans. In this paper, an efficient tool for real-time detection of MitB attacks through dynamic analysis of web pages based on the description of attack patterns is presented. The advantage of the proposed tool is that it is not limited to identifying one or more specific attacks and the identification method code is not embedded in the tool, but the patterns of different attacks are specified separately. In order to evaluate the presented tool, two vulnerable web services provided by OWASP, which have a wide range of known vulnerabilities, were used along with the BeEF penetration test framework, and a set of MitB attacks were practically implemented and evaluated by the tool. The same tests were performed using three other similar tools and compared with the developed tool. In addition to the superiority of the presented tool in terms of the independence of attack descriptions from the tool itself, the results show that the accuracy and readability of its diagnosis are better than similar tools.

Elliptic curve cryptography (ECC) provides the same security with shorter key lengths in comparison with other asymmetric cryptography algorithms. One of the safest curves recently considered is the Edwards25519, which is standardized by NIST. The most expensive operation in the ECC is point multiplication, which uses field multiplication many times. In this paper, a high-speed field multiplication for Edwards25519 is proposed. The improvements are mostly the result of the development of a novel semi-systolic field multiplier which employs four steps of Karatsuba-Ofman multiplication with fewer additions/subtractions in comparison with the original ones. The proposed multiplier has four register layers in its architecture. Then, this architecture, while taking advantage of the systolic architecture (a low CPD), has a low latency. In comparison with the best previous work, the proposed field multiplication has a 28% improvement in speed. Moreover, the point multiplication which exploits the proposed field multiplication has a 50% improvement in time in comparison with the best previous work.

Today, establishing a reliable communication path between devices in low power and lossy networks (LLNs) has become a big challenge. Routing protocol for low power and lossy networks (RPL) is used as a standard routing protocol in LLN networks. The RPL protocol, located at the network layer, uses the objective function to select the optimal path. Due to the fact that various attacks may be created in the routing process, hence the need to pay attention to reliable and trusted routing has become one of the most important and up-to-date research issues. For this reason, in this research, a reliable routing method based on RPL for the Internet of Things is presented. The advantages of the proposed method compared to other methods are that, on the one hand, the rate of lost packets has decreased, and on the other hand, the stability of a node is higher in relation to rank changes. Finally, Cooja simulator has been used to evaluate the proposed method.

Fog is a cloud that closes to the ground. The components of fog and cloud complement each other. These components provide mutually beneficial interdependent services for communication, processing, control, and storage across the network. Attacking the fog nodes are as important as attacking the cloud. Since the fog node has more limited resources, it is more targeted by intruders. In addition, fog nodes are more attractive to attackers because they have less computing power and are located closer to the attacker than the cloud. But the key point is that access to limited resources makes it easier to save the fog node because the fog does not have the complexities of the cloud, and it is easy to run an intrusion detection system on it. In this article, focusing on the resource limitation in the fog node, we will invent a method to save the fog node. In the proposed method, the support vector machines (SVMs) technique is used. Among the advantages of using the support vector machine, we can mention not being trapped in local optima, solving the over fitting problem, and ease of working with high-dimensional data. Based on the research, support vector machine is the most widely used machine learning method for Internet of Things security articles in the literature. In this article, in order to conduct tests, according to published global statistics, the most important category of web attacks, i.e. SQL injection attacks, is considered. The average detection accuracy is obtained and the results of the evaluations indicate the acceptable efficiency of the proposed method.

Providing security in the electricity industry, as one of the vital infrastructures of the country, is one of the essential operations that must be taken in order to improve the security of the country. Resistant security strategies need to be regularly implemented as a dynamic process to improve security, and security evaluation is one of the most important steps in this process. Methodology in the field of evaluation in both technical and managerial dimensions is discussed in the laboratory. There are various standards in the field of general ICT technical-security evaluation. The most important are ISO/IEC 15408, ISO/IEC 27001 and NIST SP 800-53. In the present paper, these standards are first examined. Then, the standards and reports in the industrial field have been reviewed and compared, and finally, based on the results and special considerations of information and communication technology equipment in the electricity industry, the appropriate methodology has been presented.

With the development of new information and communication technologies such as developments related to Internet of Things applications, the importance of information and maintaining its security is more and more considered. Key agreement and authentication protocols play an important role in ensuring information security. One of the important components used in many applications of the Internet of Things is wireless sensor networks, whose security is ensured by using appropriate protocols of these networks. In 2020, Sikarwar and Das presented a key agreement protocol with authentication for wireless sensor networks and claimed that this protocol is secure against well-known attacks such as feedback attacks, password discovery, and man-in-the-middle attacks. In this paper, it is shown that the Sikarvar and DOS protocol is not secure and an attacker can easily obtain this key. In addition, it is shown that the protocol cannot be secure against password discovery and spoofing attacks.

Quantum dialogue is a type of quantum communication in which users can simultaneously send messages to each other. The earliest instances of quantum dialogue protocols faced security problems such as information leakage and were vulnerable to intercept and resend attacks. Therefore, several protocols have been presented that try to solve these defects. Despite these improvements, the quantum dialogue still faces some challenges. Currently, the limited number of participants and the impossibility of expanding users during the conversation are among the most important challenges of this kind of protocol. In this research, we have designed a multi-user quantum dialogue protocol that solves the mentioned challenges. The proposed protocol is a generalized type of quantum dialogue in which users can communicate simultaneously. The number of participating users is not limited and can be changed dynamically (i.e. without the need to restart the protocol). It means that, during the execution of the protocol, a user can leave the conversation, or a new user can join it. Communication between users is established through a central semi-trusted server. The investigations show that the proposed protocol does not have information leakage. In other words, no unauthorized entity (not even the intermediate server) can access the raw data exchanged between users.

Under the coverage of legitimate commerce, criminals money-launder their illicit incomes through the payment gateways provided by Payment Service Providers (PSP). In order to do money-laundering forensics in transactions of PSP companies, a new method was proposed by Hojati et al which is done through detecting deviations from class behavior based on peer group analysis (PGA) method. Our experiments showed that using the proposed method for money laundering detection leads to a false positive rate of about 13%. In this paper, we improved the proposed method and reduced the false positive rate to less than 1%. To achieve this, we analyzed the amount of financial transactions of sellers along with the number of visitors to their websites in PGA. Based on the number of visitors, we estimated the volume of transactions for each seller. If the volume of sales was much higher than expected, we considered it abnormal. We achieved a higher detection accuracy by using a restricted Boltzmann machine to separate out-of-class transactions. We also reduced rate of false negative alarms by the help of CBR method. Our proposed system detects money laundering online using a four-week sliding window. The experimental results confirmed the detection accuracy of 99% for our proposed system.

The proposed method for implementing cryptographic traffic detector systems and evasive tools in this article is a method based on deep learning, which due to the importance of optimal and automatic extraction of features from the input data set, an automatic encoder network has been used in the feature extraction phase. Then, the output of the middle hidden layer of this network is applied to a deep convolutional neural network. Deep convolutional neural networks can play an effective role in improving the performance of the system by taking into account the spatial connections between features. Finally, the output of deep convolutional neural network is also applied to two fully connected layers in order to perform the classification process. So that the number of neurons in the second fully connected layer will be equal to the expected number of layers of the system. In the first part of this article, the specifications of the proposed systems for the implementation of cryptographic traffic detectors and evasion tools will be mentioned in terms of operational architecture and features. Then, the characteristics of the networks used in the implementation of the system, and the method of their integration to form the final identifier system are briefly stated. After that, the training stage of the system and its implementation method will be introduced and at the end, how to adjust the parameters of the model and the mechanisms used to improve the overall performance of the system and the results of its performance evaluation will be presented.

In medical fields, a wearable body area sensors network is a network of sensors placed inside human bodies or on their skin. These multi-functional sensors provide all patients and medical personnel with optimized and comfortable services. The patient’s physiological information transferred in this network is very sensitive and confidential; Therefore, transmitting through an insecure channel requires high anonymity, un-traceability, and privacy-preserving of personal data. Furthermore, the wearable body area network is a small part of the Internet of Things (IoT) community, and as the devices are resource-constraint, lightweight protocols are needed to guarantee the information’s authenticity, confidentiality, and integrity. Hence, a large number of schemes were proposed by different researchers to improve the reliability of the protocols. Recently Ankur Gupta and his colleagues proposed a lightweight mutual authentication and key agreement protocol and proved its security against well-known attacks. In this paper, we will demonstrate that their proposed protocol is vulnerable to the sensor node impersonation attack and does not provide the necessary security for communicating data; Then, we will offer a new solution to overcome this problem.