Abstracts - Semantic Scholar · D. Poulakis A New Lattice Attack on DSA Schemes 13 ... Multivariate Birkhoff Interpolation 55 ... A. S. Andreatos and C. K. Volos Secure Text Encryption

Abstracts

Editor: Nicholas J. Daras

2nd International Conference on

Cryptography, Network Security

and Applications in the Armed Forces

Hellenic Military Academy

April 2, 2014

2 Hellenic Military Academy

Hellenic Military Academy 3

Contents

Invited Speaker 7

R. Rolland Randomness in Cryptography 9

Code Systems and Cryptanalysis 11

D. Poulakis A New Lattice Attack on DSA Schemes 13

T. Mourouzis, N. Courtois and

N. Komninos

Advanced Truncated Differential

Cryptanalysis of GOST Block Cipher

17

P. Angelidakis and C. Pappa The Viterbi Decoding Algorithm in

Convolutional Codes & its Applications in

Wireless Systems of the Armed Forces

22

T. Mourouzis, N. Komninos,

N. Courtois and M. Christofi

Towards a Combined Rotational-Differential

Cryptanalytic Framework

26

Random Number Generators and

Quantum Cryptography

31

A.N. Veneti, G.C. Meletiou and

M.N. Vrahatis

Fractal Dimension as an Assessment Metric

for Pseudorandom Number Generators 33

G. Marinakis Design and Evaluation of Random Number

Generators

35

E. S. Athanasiadou, V. F. Dionysatos,

P. N. Koumantos and P. K. Pavlakos

Existence and Uniqueness of Quantum

Stochastic Flows

36

D. P. Kalogeras Quantum Encryption – Critical Approach and

Implementation

37

Cryptology: Methods and Applications 39

A.Kontogeorgis Elliptic Curves. Construction using Complex

Multiplication.

41

T. G. Kostis Defence against Stealth Aircraft Using

Cognitive Radar Strategies

42

S. D. Hasapis and D. Panagopoulos A Survey of Group-Based Cryptography 44

A. V. Doumas How Many Trials Does It Take To Collect all

Different Types of a Population with

Probability ?

45


Cryptosystems and Computations 47

E. Konstantinou and A.Kontogeorgis Selecting Class Polynomials for the

Generation of Elliptic Curves

49

G. C. Meletiou, D.S. Triantafyllou and

M. N. Vrahatis

Orbit Computations and Matrix Factorization in Finite Fields

50

N. Kolokotronis and K. Limniotis On the Computation of Best Second-Order Approximations of Boolean Functions

52

V. Markoutis, G.C. Meletiou and M.N. Vrahatis

Hierarchical Secret Sharing through Multivariate Birkhoff Interpolation

55

Network Security 57

K. Demertzis and L. Iliadis A Hybrid Artificial Intelligence System for Cyber

Security

59

V.Vlachos, Ch. Bountolos and

A. Papanikolaou

Taxonomy of Cyber-Warfare Operations 63

N. J. Daras Security and Formation of Network-Centric

Operations

67

I. Triantafyllou and M. Koutras Run and Scan Statistics Models and their

Applications in Transposition Systems and

Networks

69

Cyber Warfare 71

S. Papageorgiou Protecting our Cyber Domain from Cyber Attacks 73

P. Mavropoulos Risk Assessment Methodologies for Cyber Attacks

against Critical Infrastructures: The Maritime

Sub-Sector

76

I. Makripoulias, A.Papathanasiou,

A. Papanikolaou and V. Vlachos

Cyber Warfare and Incident Response 79

N. Papadakis Hacking and Securing Java Web Applications 83


Information Security 85

S. Kollias, A. Papanikolaou and

V.Vlachos

Large-Scale Early Warning System 87

G. Karapilafis Implementation of Artificial Intelligence in

INFOSEC Tasks and Applications

91

K. Lousios The Concept, Utility-Criticality and Necessity of

Infosec in the Armed Forces

92

D. P. Kalogeras Critical Approaching and Implementing some

Direct Sequence Spread Spectrum (DS/SS)

93

Communications Security 95

N. Ouzounoglou Optical Methods in Cryptography and

Cryptanalysis

97

C. Litsas, A. Pagourtzis,

G. Panagiotakos and D. Sakavalas

On the Resilience and Uniqueness of CPA for

Secure Broadcast

98

D. P. Iracleous, N. Doukas and

K. Bourro

Analysis and Measurements of DNS Amplification

Attacks

102

C. Tselikis, A. Poulakidas,

C. Vangelatos and A. Aggelis

A Performance Engineering Study for Delay

Tolerant Networks

104

Cryptosystems and Chaos Theory 105

C. K. Volos, I. M. Kyprianidis,

I. Stouboulos and Viet-Thanh Pham

Image Encryption Scheme Based on Non-

autonomous Chaotic Systems

107

A. S. Andreatos and C. K. Volos Secure Text Encryption Based on Hardware

Chaotic Noise Generator

109

A. S. Andreatos and A. P. Leros Audio Steganography Telecom System

Based on Hénon Chaotic Map

111

Biometrics and Cryptography 115

D. I. Antonoglou, G. I. Antonoglou,

K. Minasidis and A. I. Golfos

Biometric Science and Applications 117

D. P. Kalogeras RNA/DNA Encryption Method- Another

Encryption Algorithm (YEAY)

120

K. Havenetidis, G.P. Paradisis,

I.S. Karanasiou and G.J. Tsekouras

An Investigation of an Artificial Neural

Network for Personal Identification using

Kinematic Parameters from Specific Body

Parts

121



Invited Speaker



Randomness in Cryptography

Robert Rolland

eRICS and IML, Université d’Aix-Marseille,

Institut de Mathématiques de Marseille, case 907,

F13288 Marseille cedex 9, France

Ε-mail: [email protected]

Abstract Randomness is among the main tools in cryptography. Many cryptographic

primitives or protocols include a random part. It is the case for stream ciphers,

construction of keys, key exchange in the Ephemeral Unified Model, construction of an

initial value, etc.

Usually, it is simulated by a pseudo-random generator or occasionally for a small

number of isolated values by a built in physical generator. For a very long sequence as

in the case of a stream cipher, we refer to the European Project eSTREAM:

http://www.ecrypt.eu.org/stream/

In the first part, the talk presents a practical study of the concept of randomness in

cryptography. This includes a practical way to construct a seed and a pseudo-random

generator for medium size data in a Linux environment.

The second part is theoretical. In this part we precisely define the notion of

pseudorandom generator. Then we define the notion of distinguisher and the notion of

prediction. Yao’s theorem ([5]) gives an equivalence between the indistinguishability of

a pseudo-random generator and the unpredictability of the next bit from an asymptotic

point of view. In this talk we present modified versions of Yao’s theorem (see [1]) which

can be of interest for the study of practical cryptographic primitives. In particular we

consider non-asymptotic versions. We study the case of one pseudo-random generator,

then the case of a family of pseudo-random generators with the same fixed length and

finally we consider the asymptotic case. We compute in each case the cost of the

reduction (in the sense of complexity theory) between the two algorithms.

Some books on pseudo-random generators as well as probabilistic algorithms and

proofs are given in the following bibliography.

mailto:[email protected]

http://www.ecrypt.eu.org/stream/


References

[1] Stéphane Ballet and Robert Rolland: A note on a Yao’s theorem about pseudo-

random generators, Cryptography and Communications, 3 (4) (2011), pp. 189-206.

[2] Pierre Barthélemy, Robert Rolland, and Pascal Véron: Cryptographie : principes et

mises en œuvre, 2e édition Lavoisier, 2012.

[3] Oded Goldreich: Modern Cryptography, Probabilistic Proofs and Pseudo-

randomness. Number 17 in Algorithms and Combinatorics, Springer, 1999.

[4] Michael Luby: Pseudorandomness and Cryptographic Applications. Princeton

University Press, 1996.

[5] Andrew C. Yao: Theory and Applications of Trapdoor Functions, in Proceedings of

the 23rd IEEE Symposium on Foundations of Computer Science, pages 80–91, IEEE

Computer Society, 1982.


Code Systems and

Cryptanalysis



A New Lattice Attack on DSA Schemes

Dimitrios Poulakis

Department of Mathematics, Aristotle University of Thessaloniki

Thessaloniki, GR- 54124, Greece

Ε-mail: [email protected]

Abstract In 1991, the U.S. government's National Institute of Standards and

Technology (NIST) proposed the Digital Signature Algorithm (DSA) [13, 11, 9].

It is an efficient variant of the ElGamal digital signature scheme [4] intended for

applications which require data integrity assurance and data authentication. In 1998, an

elliptic curve analogue called Elliptic Curve Digital Signature Algorithm (ECDSA) was

proposed and standardized [6, 8, 9].

First, we shall recall the descriptions of DSA and ECDSA. For DSA, the signer chooses a

prime of size between and bits with increments of , is a prime of size

with and is a generator of the unique order subgroup of . In 2013,

specifies the sizes of and , respectively, in , ,

and . Further, he chooses and computes

. The public key of the signer is and his private key . He also

chooses a publicly known hash function mapping messages to . To sign

a message , he chooses a random number which is the ephemeral

key, computes and . The signature of

is the pair . The veri_cation of the signature is performed by checking

.

The ECDSA uses an elliptic curve over and a point with order a prime

of size around bits. The signer selects and computes . Its

public key is and his private key . To sign a message having hash value

, he selects a random number which is the

ephemeral key and computes (where and are regarded as integer

between and ). Next, he computes and .

The signature of m is the pair . For the veri_cation of the signature one computes



, and . He accepts the

signature if and only if .

The only known way to forge signature is to recover either the secret key a, or the

ephemeral key (in this case is very easy to compute ). Thus, the parameters of the

two systems were chosen in such a way that the computation of discrete logarithms is

computationally infeasible.

The use of lattices and the so-called LLL reduction method [10] is a well established

tool for attacking a variety of cryptosystems. Attacks to DSA and to ECDSA using

lattice reduction techniques are given in [1], [7], [14], [15], [2], [16], [5] and [3]. A

common feature of these attacks is that take advantage of the form of equality

.

In this talk, we propose a new lattice attack based on the above equality and the

following theorem:

Theorem 1 Let and be positive integers with and integers , …,

. Set ( ). Then the system of congruences

( )

has at most one solution with

.

The time complexity of computation of is .

The proof of this theorem relies on the algorithm of Micciancio and P. Voulgaris [12]

which solves the Closest Vector Problem.

Let be an integer . Suppose that we have signed messages

( ) and theirs signatures , respectively, with DSA (resp. ECDSA). Then

there are g such that

(resp. and )

and

.


Setting

and

,

we obtain

( ).

Put

Let be the set of maps . Using Theorem 1 we give an algorithm

which computes a provided that

where . Its running time is . Furthermore, we give a variant of

our algorithm which computes under analoguous assumptions. Eliminating a

from the above congruences we give another

variant of our algorithm which computes an ephemeral key , under some

assumpions, and hence .

References

[1] M. Bellare, S. Goldwasser and Micciancio: “Pseudo-random" number generation

within cryptographic algorithms: the DSS case, In Proc. of Crypto '97, LNCS 1294.

IACR, Palo Alto, CA. Springer-Verlag, Berlin 1997.

[2] I. F. Blake and T. Garefalakis: On the security of the digital signature algorithm, Des.

Codes Cryptogr., 26, no. 1-3 (2002), pp. 87-96.

[3] K. Draziotis and D. Poulakis: Lattice attacks on DSA schemes based on Lagrange's

algorithm, in 5th international Conference on Algebraic Informatics, CAI 2013.

Berlin: Springer. LNCS 8080,pp. 119-131 (2013).

[4] T. ElGamal: A public key cryptosystem and a signature scheme based on discrete

logarithm, IEEE Transactions on Information Theory, 31 (1985), 469-472.

[5] J.-L. Faugère, C. Goyet, and G. Renault: Attacking (EC)DSA Given Only an Implicit

Hint, Selected Area of Cryptography, LNCS 7707, pp. 252-274, Springer-Verlag,

Berlin - Heidelberg 2013.


[6] D. Johnson, A. J. Menezes and S. A. Vastone: The elliptic curve digital signature

algorithm (ECDSA), Intern. J. of Information Security, 1 (2001) 36-63.

[7] N. A. Howgrave-Graham and N. P. Smart: Lattice Attacks on Digital Signature

Schemes, Des. Codes Cryptogr. 23 (2001) 283-290.

[8] N. Koblitz, A. J. Menezes and S. A. Vastone: The state of elliptic curve cryptography,

Des. Codes Cryptogr. 19 (2000), 173-193.

[9] N. Koblitz and A. J. Menezes: A survey of Public-Key Cryptosystems, SIAM REVIEW,

46 (4) (2004), 599-634.

[10] A. K. Lenstra, H. W. Lenstra Jr., and L. Lovász: Factoring polynomials with

rational coefficients, Math. Ann., 261 (1982), 513-534.

[11] A. J. Menezes, P. C. van Oorschot and S. A. Vanstone: Handbook of Applied

Cryptography, CRC Press, Boca Raton, Florida, 1997.

[12] D. Micciancio and P. Voulgaris: A deterministic single exponential time algorithm for

most lattice problems based on Voronoi cell computations, in Proc. of STOC, ACM,

(2010) pages 351-358.

[13] National Institute of Standards and Technology (NIST): FIPS Publication 186:

Digital Signature Standard, May 1994.

[14] P. Nguyen and I. E. Shparlinski: The Insecurity of the Digital Signature Algorithm

with Partially Known Nonces, J. Cryptology, 15 (2002), 151-176.

[15] P. Nguyen and I. E. Shparlinski: The Insecurity of the Elliptic Curve Digital Signature

Algorithm with Partially Known Nonces, Des. Codes Cryptogr. 30 (2003), 201-217.

[16] D. Poulakis: Some Lattice Attacks on DSA and ECDSA, Applicable Algebra in

Engineering, Communication and Computing, 22 (2011), 347-358.


Advanced Truncated Differential Cryptanalysis of GOST

Block Cipher

Theodosis Mourouzis 1, Nicolas Courtois 2 and Nikos Komninos 3

1Department of CS, University College London, WC1E 6BT E-mail: [email protected]


3Department of CS, City University London, EC1V 0HB E-mail: [email protected]

Abstract Differential Cryptanalysis (DC) is one of the oldest and most powerful

techniques in the area of symmetric cryptanalysis. It is a chosen plaintext attack and its

discovery was attributed to Eli Biham and Adi Shamir in the later 1980’s since they were

the first to publish a differential attack against the FEAL block cipher and then a

similar attack against DES [5, 6]. However, according to a member of the original IBM

DES team, Don Coppersmith, this technique was already known to IBM as early as

1974, and defending against DC had beem a design goal [4]. In addition, some other

sources state that NSA was aware also of this technique and it was decided that since it

should be kept secret.

In DC, the main task is to study how the differences propagate inside the cipher and

discover some interesting propagations which occur with sufficiently good probability

and can be used to distinguish a given number of rounds of the cipher from a random

permutation. These differences expose the non-uniform distribution of some output

differences given one or several input differences.

The method of DC was studied by many cryptographers and many enhancements have

been proposed, which make this technique even more powerful. The most important

one is by Knudsen who proposed advanced forms of DC based on truncated

differentials [7, 8]. A truncated differential is a collection of (non-zero) differences

instead of a single difference [7, 8]. Thus, the problem of studying single differences is

transformed to the problem of studying the propagation of sets of differences.

However, the space now becomes exponentially large and thus the study is infeasible in

practise, unless some shortcuts are found based on the very specific structure of the

given encryption algorithm. Importantly, many block ciphers which were supposed to

be secure against naive DC, they were broken faster than brute-force based on

truncated differential techniques. It is not easy to claim that a cipher is secure against

this technique, since exhausting all possible combinations of sets of differences is





infeasible and so far there was no theory which provides a measure of security against

truncated DC. We plan to provide such a theory in our future studies.

In this paper, we study the security of GOST block cipher and its variants with respect

to advanced forms of DC and especially using the notion of truncated differentials. Seki

and Kaneko in 2011 have applied this notion to break around 13 rounds of GOST but no

extension to an attack against the full cipher was feasible under their constructions [12].

GOST is a military-grade cipher which was designed by the former Soviet Union. It is

the official encryption standard of the Russian federation given the number 28147-89

by the Government Committee for Standards of the USSR and it is used by large banks

and implemented in many standard cryptography libraries such as, OpenSSL, Crypto++

and RSA security products. It is a 256-bit symmetric-key block cipher that operates on

64-bit blocks [1]. It follows the Feistel Network design paradigm for block ciphers and

has a very simple round function consisting of XORs, substitutions (S-boxes), rotations

and modular additions which applied for 32 rounds.

Except of its military-grade 256-bit key and in theory it could be secure for 200 years,

GOST has also an amazingly low hardware implementation. GOST requires

approximately one fourth of the size of the circuit needed for AES-128 and DES. Thus, it

seems to be a plausible alternative for AES-256 and 3-DES [2].

With respect to its security analysis, according to the Russian standard, GOST is safe to

be used for encrypting secret and classified information and does not limit the security

level. More precisely, at the beginning of the standard it states that “GOST satisfies all

cryptographic requirements and does not limit the grade of security information to be

protected”.

In addition, according to Bruce Schneier [3], GOST is probably stronger than DES with

respect to DC. Except of Schneier, many other prominent cryptographers and ISO

cryptography experts have studied GOST and all seemed to agree that it could be or

should be secure, since no better way to break it except brute force was known.

Gabidulin et al, were the first who conducted a basic assessment of the security of

GOST against linear and differential cryptanalysis [18]. As they have very naively

claimed, 7 rounds are sufficient for a 128-bit level security against DC and that even if

the S-boxes are replaced by the Identity map it is still secure at this level [18].

Until 2010, all researchers in the cryptographic community claimed that “despite

considerable cryptanalytic efforts spent in the past 200 years, GOST is still not broken”.

Since GOST seems to offer a perfect balance between security and efficient

implementation, when GOST was submitted to ISO 18033-3. By the same year of

submission, many attacks against the full block cipher were discovered and presented

in several conferences; reflection attacks, attacks based on double reflections, related-

key attacks and advanced differential attacks [13, 14, 15, 16]. In 2011, we have discovered

and published some interesting and very strong truncated differential properties of


GOST and some other of its variants by introducing a refinement of Knudsen’s

approach which partitions the classical truncated differentials into disjoint sub-sets. In

particular Courtois and Mourouzis have introduced the notion of general open sets

which are sets constructed based on the connections between the S-boxes from round

to round and are of partitioning type [9]. Then, using a black-box evolutionary

algorithm [10, 17], they discovered interesting 8-round propagations, which can be

combined effectively and produce distinguishers for 20 rounds of GOST. The notion of

general open sets shows that good truncated differential properties can be found for all

variants of GOST and that they mainly depend on the connections between S-boxes

from round to round and not on their values.

In particular, Courtois and Mourouzis presented very strong statistical 20 round

distinguisher for three different variants of GOST [9]; TestParamSet,

CryptoProParamSet and ISO 18033-3. All these sets are of major importance since they

are implemented in many standards and used by many organizations. The first one

appears as the default set of S-boxes used in all available implementations. The second

one is used in the hash function implementation and by many large bank

organizations, while the last one is the one which is believed to be the strongest and

was suggested in the ISO standardization process to become a global industrial

standard. Extending a statistical distinguisher to an attack against the full block cipher

is a non-trivial task and involves a series of optimization and combinatorial sub-tasks

to be considered and solved. In fact, it is never guaranteed that it will succeed. Courtois

extended a 20 round distinguisher to a full attack against the GOST cipher which uses

the set of S-boxes TestParamSet of time complexity approximately 2179 GOST

encryptions, memory complexity of about 264 and using the full code-book [16]. In

order to achieve the extension, he exploited the self-similarity of the cipher due to the

very weak schedule and the poor diffusion for a limited number of rounds, up to 8

rounds.

In this paper, we use the ideas presented by Courtois and Mourouzis to study the

security of two variants of GOST, which are considered as the simpler and most secure

variants [9]; the one with the S-boxes replaced by the Identity Map and the ISO version

which is assumed to be the strongest one. The advanced differential attacks we present

are of the form of Depth-First Key search, which uses a 20 round distinguisher in the

middle (or equivalently 26-round distinguisher for the simpler version of GOST with

Identity Map) [11]. The main idea is that we consider a partition of the 32 rounds by

placing in the middle the constructed distinguisher. Then, based on the weak diffusion

we can extend these very strong statistical distinguishers to efficiently good filters for

some external rounds. Then, by guessing some key bits for external rounds and

determining some plaintext and ciphertext pairs of specified input-output differences

we can extend the construction to an attack against the full block cipher. Thus, the

technique we apply is a generic cryptanalytic framework of First-Search key search type


which involves several optimization tasks obtained from the specific structure of the

given encryption algorithm.

The results we obtain are remarkable and they reflect how powerful the differential

attacks are, if appropriate ad-hoc heuristics are found and several non-trivial

optimization tasks are considered and solved based on the structure of the very specific

encryption algorithm we study. Using the entire codebook, we present an attack of

time complexity approximately 2160 GOST encryptions against the full 32 rounds of the

simplest GOST variant and an attack of time complexity approximately 2244:4 GOST

encryptions against the full 32 rounds of the GOST submitted to ISO [11]. Even more

importantly, the attacks we present are always subject to improvements if better

solutions are found to the underlying optimization steps we consider. These attacks

can be seen as new parametric form of advanced differential attacks, where several

optimization and combinatorial sub-tasks are considered.

References

[1] Aleksandr Malchik: An English translation of GOST Standard by Aleksandr Malchik

with an English Preface co-written with Whitfield Diffie , 1994.

[2] Axel Poschmann, San Ling and Huaxiong Wang, 256 Bit Standardized Crypto for 650

GE GOST Revisited , In CHES 2010, LNCS 6225, pp. 219-233, 2010.

[3] Bruce Schneier, Applied Cryptography, Second Edition ,John Wiley and Sons, 1996.

[4] Don Coppersmith, The Data Encryption Standard (DES) and its strength against

attacks, IBM Journal of Research and Development 38 (3): 243.

doi:10.1147/rd.383.0243, 1994.

[5] Eli Biham and Adi Shamir, Differential Cryptanalysis of the Data Encryption

Standard, Springer-Verlag, ISBN: 0-387-97930-1, 3-540-97930-1, 1993.

[6] Eli Biham and Adi Shamir, Differential cryptanalysis of the full 16-round DES, In

Advances in Cryptology, CRYPTO 92, E. F. Brickel, Ed.,vol. 740 of Lecture Notes in

Computer Science, pp. 487 496, 1992.

[7] Lars Knudsen, Truncated and higher order differentials, In Fast Software Encryption,

pp.196-211, Springer Berlin Heidelberg, 2011.

[8] Lars Knudsen and Matthew Robshaw, The Block Cipher Companion , Springer Berlin

Heidelberg, 1995.

[9] Nicolas T. Courtois and Theodosis Mourouzis, Enhanced Truncated Differential

Cryptanalysis of GOST, In SECRYPT, 2013.

[10] Nicolas T. Courtois and Theodosis Mourouzis, Propagation of Truncated

Differentials in GOST, In SECURWARE, 2013.

[11] Theodosis Mourouzis, Optimizations in Algebraic and Differential Cryptanalysis ,

PhD Thesis, University College London , 2014.

[12] Haruki Seki and Toshinobu Kaneko, Differential cryptanalysis of reduced rounds of

GOST, In Selected Areas in Cryptography, pp. 315-323, Springer Berlin Heidelberg,

2001.


[13] Takanori Isobe, A single-key attack on the full GOST block cipher, In Fast Software

Encryption, pp. 290-305, Springer Berlin Heidelberg, 2011.

[14] Nicolas T. Courtois, Security Evaluation of GOST 28147-89 In View Of

International Standardisation, IACR Cryptology ePrint Archive, 2011.

[15] Nicolas T. Courtois, Algebraic Complexity Reduction and Cryptanalysis of GOST,

IACR Cryptology ePrint Archive, 2011.

[16] Nicolas T. Courtois, An Improved differential attack on full GOST, IACR

Cryptology ePrint Archive , 2012.

[17] Nicolas T. Courtois, Theodosis Mourouzis, Michal Misztal, Jean-Jacques Quisquater

and Guangyan Song, Can GOST Be Made Secure Against Differential Cryptanalysis?,

In Cryptologia Journal, 2013.

[18] Vitaly Shorin, Vadim Jelezniakov and Ernst Gabidulin, Linear and differential

cryptanalysis of Russian GOST, Electronic Notes in Discrete Mathematics 6, pp. 538-

547 , 2001.


The Viterbi Decoding Algorithm in Convolutional Codes &

its Applications in Wireless Systems of the Armed Forces

Panagiotis Angelidakis 1 and Christina Pappa 2

21 Bas. Kwnstantiou Street, Maroussi, GR-15122, Greece

E-mails: [email protected] 1, [email protected] 2

Abstract Convolutional codes were first introduced by Elias in 1955 as alternative to

Block codes. En continuity, Wozencraft proposed sequential decoding scheme for

convolutional codes. In 1963, Massey proposed a new method called threshold decoding.

In 1967, Viterbi proposed as an efficient solution the Maximum-Likelihood decoding

scheme that was relatively easy to implement for codes with small memory orders. This

scheme is called Viterbi decoding. Finally, in 1972, Forney was first who came to

conclusion that the Viterbi algorithm could be used to produce the maximum

likelihood estimate of the transmitted sequence over a bandlimited channel with

intersymbol interference – ISI.

So, the objective of our presentation is to present a practical and comprehensible

methodological approach of maximum-likelihood decoding into convolutional codes

that are characterized by a trellis diagram. Maximum-Likelihood decoding is related

with the finding of the shortest path through the trellis code. This algorithm gives the

decoding for convolutional codes following the ’’hard decision’’. For ’’soft decision’’

decoding, we follow a similar process where Hamming distance is replaced by

Euclidean distance.

We present a certain example of the method steps that we follow for the Viterbi

decoding. Let assume the convolutional code

.

Here n express the number of the outputs of the coder and also, the number of the

adders ( math calculations with XOR logic gates), k express the number of the

inputs of the coder. express the length of information sequence. Finally is the

number of the stages of the coder.

1st Step: According to the code parameters , , , we construct the

encoder of this code which is shown in Figure 1.




Figure 1: The coder of the convolutional code .

2nd Step: Observing the encoder of Figure 1, we can draw the equivalent state diagram.

Figure 2: State diagram.

3rd Step: With the aid of the state diagram, we construct the trellis diagram (Figure 3),

searching for the optimal Viterbi path. The resultant code word is exported from this

optimal path of the trellis diagram.

Figure 3: Trellis diagram & the finding of the optimal Viterbi path.

As it is shown in Figure 3, we can extract the information sequence finding the shortest

path. This corrected output sequence is in opposition

with the received word (i.e., the valid code word v and

the received word , differ in two bits). So, the Viterbi algorithm find and correct these

two corrupted bits.

Additionally, the performance of convolutional codes according to the Viterbi

algorithm decoding depends on the length of information sequence. We present the


results of simulations for convolutional codes with rates and respectively, with

good distance properties.

Information’s length Generator sequence (octal)

3 5 7 5

4 15 17 6

5 23 35 7

6 53 75 8

7 133 171 10

8 247 371 10

9 561 753 12

10 1167 1545 12

11 2335 3661 14

12 4335 5723 15

13 10533 17661 16

14 21675 27123 16

Table 1: Codes of maximum free distance (with code rate )

Information’s length Generator sequence (octal)

3 5 7 7 8

4 13 15 17 10

5 25 33 37 12

6 47 53 75 13

7 133 145 175 15

8 225 331 367 16

9 557 663 711 18

10 1117 1365 1633 20

11 2353 2671 3175 22

12 4767 5723 6265 24

13 10533 10675 17661 24

14 21645 35661 37133 26

Table 2: Codes of maximum free distance (with code rate )

Viterbi algorithm can be applied to GSM (Global System for Mobile Communications)

and CDMA (Code Division Multiple Access) systems and also to 802.11 wireless LANS.

All these systems are widely used in Armed Forces.

GSM and CDMA are two competing technologies in cellular systems. The basic

difference between these two technologies is how they turn voice data into radio waves

and how the carrier connects to the phone. Other differences include the coverage

area, the data transfer speeds, the capacity of the network and the hardware. Even so,

both technologies can be used in 3G phones. However, 3G-GSM speeds can be faster

than 3G-CDMA speeds.


Also, The CDMA technology is a good choice for ad hoc networks deployments in army

communications, due to its resistance to jamming and interference. On the other hand,

the performance of an ad hoc CDMA network is limited by strong restrictions.

The communication infrastructure of 802.11 WLANs is characterized by dynamic

changing topology. They do have the ability to provide services and accept services

from other systems. They also provide survivability and QOS (quality of service). On

the other hand, from military point of view, the 802.11 WLANs have several drawbacks,

which are relevant to data security and coverage area.

Finally, the Viterbi algorithm is mainly applied in codes with small information

sequence of length L. For bigger lengths L, we propose other algorithms that face the

weaknesses of the Viterbi decoding.

Acknowledgments

We kindly thank our professor Mr. Konstantinos Karoumpalos, for his helpful

comments and suggestions.

Bibliography

[1] A.J. Viterbi: Error Bounds for Convolutional codes and an asymptotically optimum

decoding algorithm, IEEE Trans. Inf. Theory, IT-13 (1967), pp. 260-269.

[2] G.D. Forney, Jr.: The Viterbi algorithm, Proc. IEEE, 61(1973), pp. 268-278.

[3] G.D. Forney, Jr.: Convolutional codes II: maximum likelihood decoding, Inf. Control,

25(1974), pp. 222-266.

[4] G.D. Forney, Jr.: Maximum likelihood sequence estimation of digital sequences in the

presence of intersymbol interference, IEEE Trans. Inf. Theory, IT-18(1972), 363-378.

[5] J.K. Omura: On the Viterbi Algorithm, IEEE Trans. Inf. Theory, IT-15(1973), pp.177-

179.

[6] John, G. Proakis & Masoud, Salehi: Communication System Engineering, Upper

Saddle River New Jersey, 2001, Prentice- Hall.

[7] K. J. Larsen: Short Convolutional Codes with Maximum Free Distance for Rates 1/2,

1/3 and 1/4, IEEE Trans. Inf. Theory, IT-19(1973), pp.371-372.

[8] Κ. Sam Shanmugam: Digital and Analog Communication Systems, Kansas, 1979,

John Wiley & Sons.

[9] Shu, Lin & Daniel J. Costello, Jr.: Error Control Coding Fundamentals and

Applications, New Jersey, 1983, Prentice- Hall.

[10] Military Communications Conference (MILCOM) 2005, IEEE , 17-20 Oct. 2005,

1059 - 1063 Vol. 2.


Towards a Combined Rotational-Differential Cryptanalytic Framework

Theodosis Mourouzis 1, Nicolas Courtois 2, Nikos Komninos 3 and Michalis Christofi 4



3Department of CS, City University London, EC1V 0HB E-mail: [email protected]

4Department of CS, King’s College, WC2R 2LS E-mail: [email protected]

Abstract Cryptanalysis is the science of studying given encryption algorithms or any

other cryptographic related mechanism in order to identify potential flaws or

vulnerabilities either in the implementation and the environment or in the

mathematics that underline the mathematical algorithms used. Such flaws can be used

in order to dispute the level of security that the mechanism is claimed to offer and it is

very important if we always enhance existing techniques.

One of the most important and powerful techniques in the area of symmetric

cryptanalysis is the technique of Differential Cryptanalysis (DC). DC can be applied

primarily to block ciphers but also to some extend to stream ciphers and cryptographic

hash functions. Its discovery was attributed to Eli Biham and Adi Shamir in the late

1980s [2, 3], but according to Don Coppersmith this technique was already known to

IBM and NSA as early as 1974 [1]. However, they decided to keep confidential the

description of such powerful attack since it would be possibly able of breaking many

block ciphers or other cryptography standards used in many applications.

The main task in DC is to study the propagation of certain input differences through

different number of rounds and identify some input-output pairs of differences which

propagate with comparatively good probability, compared to what expected in the case

of a random permutation. This non-random behavior of the cipher for reduced number

of rounds can sometimes be extended to a key recovery attack. Several enhancements

were proposed to naive DC such as boomerang attack, impossible differentials and

more importantly truncated differentials as proposed by Knudsen [6, 7]. In truncated

differentials, an attacker studies the propagation of sets of differences instead of single

differences. The problem in attacks involving truncated differentials is the study of the

exponentially large space of differentials. Some adhoc heuristics of the cipher can be

used to speed up the process. For example, Courtois and Mourouzis have suggested






such heuristics in case of GOST block cipher which can be used in order to construct

reduced round distinguishers for up to 20 rounds [8, 9]. In addition, a framework for

extending a distinguisher to a possibly efficiently good key recovery attack is described

in details in [10].

In addition to DC, we have plenty of other cryptanalytic techniques such as Linear

Cryptanalysis [4, 5], Algebraic Attacks [11] and more recently Rotational Cryptanalysis

by Khovratovich [13]. In linear cryptanalysis, the attacker constructs linear equations

involving plaintext, ciphertext and key bits for a certain number of rounds which can

be used to extend to an attack against the full cipher. In algebraic attacks, an attacker

tries to encode algebraically all cipher’s operations and then using limited data such as

known plaintext-ciphertext pairs tries to solve the underlying system of equations and

derive some key bits. After deriving the algebraic encoding of the given cryptographic

primitive, then ready open-source software can be used to derive the key in an

automated way such as SAT solver. In the other framework, that of rotational

cryptanalysis, the attacker observes the propagation of pairs of inputs or intermediate

states, which have some rotational symmetry towards different number of rounds.

What we end up is a distinguisher in the related-key setting, since here the assumption

of stochastic equivalence is not guaranteed as in case of DC. Such attacks are applicable

to the ARX ciphers which are ciphers widely used in lightweight cryptography since

they have very cheap implementation cost and they involve only three operations;

modular additions, rotations and XOR gates [13].

All these attacks have been studied for many years and many advancements have been

made. Many cryptographers combined such techniques in a cryptanalytic framework

for constructing more efficient techniques. For example, we have algebraic-linear

attacks, where linear equations hold with sufficiently high probability and added to the

algebraic description of the cipher, increasing in this way the probability of being able

to solve the underlying system. Albrecht in his PhD thesis suggested a cryptanalytic

framework of combining algebraic attacks with differential attacks [12] and recently

Mourouzis in his PhD thesis suggested an enhancements of algebraic attacks using

truncated differentials [10].

In this report, we suggest a new cryptanalytic framework of constructing distinguishers

which can be eventually extended to full attacks in the related-key scenario. We name

this new paradigm as ”Relational Cryptanalysis”. The main idea is to exhibit the non-

randomness of a given encryption algorithm by observing the propagation of specific

sets of plaintexts of the form such that these pairs satisfy some rotational and

differential properties of the form

and ,

for some rotational symmetry and fixed set of differences . Except of rotational

and differential properties, we can add any other relation which seems to hold for a


reduced number of rounds of the cryptographic primitive we study. Intuitively, we

expect that by adding more relations we increase the observed probability of the

propagation and this result to stronger statistical distinguishers.

The main idea behind our statistical distinguishers is to define two sets of relations

and ,

for some relations and and some integers , and then count the number of

expected plaintext pairs

which are related by relations from the set and lead to ciphertext pairs

which are related by relations from set after some rounds . For example, one

relation may denote a specific difference or a set of differences as in truncated

differentials, or a rotational symmetry of the pair of plaintexts by a fixed number of

shifts or any other relation we can find based on the structure of the encryption

algorithm.

We count this number by simulations over random plaintexts and keys and by

repeating this procedure and considering the average number of these pairs we expect

that these events are described by some Gaussian distribution with the mean and

standard deviation computed after running many simulations until the limit of the

probability is obtained. This is essentially a simple application of the Central Limit

Theorem. Thus, it is a non-trivial optimization steps to find the best possible input-

output relations which result in comparatively good probabilities of the propagation we

study. For each encryption standard we need to derive some ad-hoc heuristics derived

from the specific structure in order to have a speed-up in this procedure.

We formalize this new framework inspired from the work of Courtois and Mourouzis

for constructing statistical distinguishers based on truncated differentials for GOST

block cipher and some of its variants [8, 9]. As a proof of concept, we apply this

combined framework using simple toy example ciphers and show that this

combination leads to stronger statistical distinguishers. In addition, we discuss how

this technique can be used in cryptanalysis of hash functions since the attack has full

control over the key and thus working in a related-key scenario makes more sense.

References

[1] Don Coppersmith: The Data Encryption Standard (DES) and its strength against

attacks, IBM Journal of Research and Development 38 (3) (1994) pp. 243.

doi:10.1147/rd.383.0243..

[2] Eli Biham and Adi Shamir: Differential Cryptanalysis of the Data Encryption

Standard, Springer-Verlag, 1993. ISBN: 0-387-97930-1, 3-540-97930-1.


[3] Eli Biham and Adi Shamir: Differential cryptanalysis of the full 16-round DES, In

Advances in Cryptology, CRYPTO 92, E. F. Brickel, Ed., vol. 740 of Lecture Notes in

Computer Science, pp. 487 496, 1992.

[4] Mitsuru Matsui: The first experimental cryptanalysis of the data encryption

standard, Advances in Cryptology, CRYPTO, 1994.

[5] Mitsuru Matsui: Linear cryptanalysis method for DES cipher, Advances in

Cryptology, EURO-CRYPT, 1993.

[6] Lars Knudsen: Truncated and higher order differentials, In “Fast Software

Encryption”, pp.196-211, Springer Berlin Heidelberg, 2011.

[7] Lars Knudsen and Matthew Robshaw: The Block Cipher Companion, Springer Berlin

Heidelberg, 1995.

[8] Nicolas T. Courtois and Theodosis Mourouzis: Enhanced Truncated Differential

Cryptanalysis of GOST, In SECRYPT, 2013.

[9] Nicolas T. Courtois and Theodosis Mourouzis: Propagation of Truncated

Differentials in GOST, In SECURWARE, 2013.

[10] Theodosis Mourouzis: Optimizations in Algebraic and Differential Cryptanalysis,

PhD Thesis, University College London , 2014.

[11] Gregory Bard: Algorithms for solving linear and polynomial systems of equations over

finite fields to cryptanalysis, PhD Thesis, 2007.

[12] Martin R. Albrecht: Algorithmic Algebraic Techniques and their Application to Block

Cipher Cryptanalysis, PhD Thesis Dissertation, Royal Holloway, University of

London, 2010.

[13] Dmitry Khovratovich and Ivica Nikolic: Rotational Cryptanalysis of ARX, University

of Luxembourg, 2010.



Random Number Generators

and Quantum Cryptoraphy



Fractal Dimension as an Assessment Metric for

Pseudorandom Number Generators

A.N. Veneti1, G.C. Meletiou2 and M.N. Vrahatis3

1 Computational Intelligence Laboratory, Department of Mathematics, University of

Patras, GR-26110 Patras, Greece

and

Department of Mathematics, University of Patras, GR-26110 Patras, Greece

E-mail: [email protected]

2 A.T.E.I. of Epirus, P.O. 110, GR-47100 Arta, Greece, and

University of Patras Artificial Intelligence Research Center, University of Patras,

GR-26110 Patras, Greece


3 Computational Intelligence Laboratory, Department of Mathematics, University of Patras, GR-26110 Patras, Greece

and

Department of Mathematics, University of Patras, GR-26110 Patras, Greece


Abstract Scientific experimental results are highly dependent on the "quality" and

quantity of random numbers used for these experiments. Especially in areas such as

stochastic modeling and simulation, deterministic random number generators, known

as pseudorandom number generators are preferred because of reproducibility of the

results and their portability.

Trying to identify pseudorandom number generators which appear to be

random, we examine the suitability of Fractal Dimension measurement for assessing

Pseudorandom Number Generators. The established techniques that are used to

evaluate a generator are focused on statistical features that are designed to detect

correlations into generated random number sequences. On the other hand, Fractal

Dimension is a metric that can express the randomness of the results of a

pseudorandom number generator as it "quantifies" the distribution of pseudorandom

numbers in Euclidean space.

We attempt to evaluate some Pseudorandom Number Generators, like classical

Knuth generator, Blum-Blum-Scoob generator, the generator based on RSA

cryptosystem and the generator based on the discrete logarithm problem. The

computational experiments presented in our work attempt to assess the performance

and the sensitivity of the examined generators.

[email protected]




References

[1] Pierre L’ Ecuyer: Random number generation, Springer Berlin Heidelberg, 2012.

[2] I. Vattulainen et al.: A comparative study of some pseudorandom number

generators, Computer Physics Communications 86(3) (1995), pp.209-226.

[3] A. J. Menezes, P. C. Van Oorschot and S. A. Vanstone: Handbook of applied

cryptography, CRC press, 2010.

[4] Park, Stephen K., and Keith W. Miller: Random number generators: good ones are

hard to find, Communications of the ACM 31(10) (1988) pp.1192-1201.

[5] C. Casimir: Not Knowing Your Random Number Generator Could Be Costly: Random

Generators-Why Are They Important,

http://www.sml.ee.upatras.gr/uploadedfiles/07-rng0-

!!!!!random_number_generators.pdf

[6] P. Savicky and M. Robnik-Šikonja: Learning random numbers: A Matlab anomaly,

Applied Artificial Intelligence 22(3) (2008) pp. 254-265.

[7] C. Sevcik: A procedure to estimate the fractal dimension of waveforms, arXiv

preprint arXiv: 1003.5266 (2010)

[8] P. D. Alevizos and M.N. Vrahatis: Optimal Dynamic Box-Counting Algorithm,

International Journal of Bifurcation and Chaos 20(12) (2010) pp. 4067-4077

http://www.sml.ee.upatras.gr/uploadedfiles/07-rng0-!!!!!random_number_generators.pdf

http://www.sml.ee.upatras.gr/uploadedfiles/07-rng0-!!!!!random_number_generators.pdf


Design and Evaluation of Random Number Generators

George Marinakis

National Intelligence Service

4, Panagioti Kanellopoulou Str.

GR-101 77, Athens, Greece


Abstract In a cryptographic system the most secret component is the key. Therefore,

an essential attention is needed when the keys are produced, loaded, renovated and

distributed (key management). Cryptographic keys are generated using various types of

random number generators (RNGs). If these RNGs are not secure, they will constitute

the weakest point of the cryptosystem, which might be susceptible to various attacks.

In this study we examine the basic components and the security weaknesses of

deterministic and non-deterministic RNGs and we propose procedures and measures

for their secure design and evaluation.



Existence and Uniqueness of Quantum Stochastic Flows

Evagelia S. Athanasiadou 1, Vasileios F. Dionysatos 2,

Panagiotis N. Koumantos 3 and Panagiotis K. Pavlakos 4

1,2,4 Department of Mathematics, University of Athens, Panepistimiopolis GR-15784 Athens, Greece

4 Department of Physics, University of Athens, Panepistimiopolis GR-15784 Athens, Greece

E-mails: [email protected] 1, [email protected] 2, [email protected] 3, [email protected] 4

Abstract In this work we develop quantum stochastic solution flows of stochastic

(diffusion) differential equations of the form

on a suitable Von Neumann ( , Clifford) algebra of operators with a finite regular

trace. By

it is denoted a linear operator such that (the Hamiltonian operator) is the

infinitesimal generator of an analytic semigroup and is a given quantum stochastic

process taking values in an ordered Banach space of operators (possibly unbounded

operators) on .

The algebra is acting on the Fock space generated by a Hilbert space with

conjugation , in a Quantum Mechanical or Quantum Field System, including

interactions involving quantized Bose-Einstein and Fermion fields (specifically spin

Dirac particles) with an external field via a cutoff Yukawa-type interaction.






Quantum Encryption – Critical Approach and Implementation

Dionysios P. Kalogeras, Hellenic Army.

(Phd (cand) in Telecommunications, MSc In Networking and Data

Communications, Dipl in Radioelectrology, BSc in Physics

Kanigos st 14 Pireas, GR-18534, Greece


Keywords: quantum encryption, quantum secure communication

Abstract It is widely known that security in data communication is a major concern

nowadays. Among the encryption technologies that are available at present, shared key

is the most reliable which depends on secure key generation and distribution.

Quantum encryption algorithms and methods are one od the most discussed

theoretically methods.

A quantum key distribution protocol based on quantum encryption used the Einstein-

Podolsky-Rosen pairs act as the quantum key to encode and decode the classical

cryptography key is discussed. Two schemes are proposed for multiparty quantum

remote secret conference in which each legitimate conferee can read out securely the

secret message announced by another one, but a vicious eavesdropper can get nothing

about it.

The open source matlab Qlib tool is used to simulate the successful transfer of random

qubit to output and which governs perfect communication between Alice and Bob.




Cryptology:

Methods and Applications



Elliptic Curves. Construction using Complex Multiplication

Aristeidis Kontogeorgis 2

Department of Mathematics, National and Kapodistrian University of Athens, GR-157 84 Panepisimioupolis, Athens, Greece


Abstract This presentation aims at giving a short introduction to the theory of Elliptic

curves over a given field, their invariants and their construction so that the talk

“Selecting Class Polynomials for the Generation of Elliptic Curves” of Prof.

Konstantinou will be comprehensible by the audience of the conference.

In particular the interplay between elliptic curves over the complex numbers and finite

fields will be explained. We will finally arrive at the method of complex multiplication,

which is considered to be one of the most efficient methods in construction elliptic

curves over finite fields with given number of points.



Defence against Stealth Aircraft using Cognitive Radar Strategies

Theodoros G. Kostis

Department of Mathematics and Engineering Sciences,

Hellenic Military Academy,

Vari, GR-16673, Greece

and

Hellenic Quality Assurance & Accreditation Agency for Higher Education, Athens, Greece


Keywords Cognitive Radar, Stealth Aircraft, Monostastic AESA/PESA

Abstract Cognitive radar is a promising tool for providing enhanced information about

a target. Analytically the enhancement from ordinary radar systems is the improved

knowledge about a target that is acquired by employing artificial intelligence methods

before declaring detection to the human operator. This is especially useful when the

target is stealth by design and tries to hide as much data about its presence as possible.

Currently detection decision is based on algorithms that declare detection if a certain

amount of energy from a point is above an adjustable threshold from noise

(Continuous False Alarm Rate - CFAR). The detection is enhanced by utilizing many

passes from the same point before the detection declaration (alert-confirm) or

directing portion of the radar energy to tracking and portion to surveillance (trackwhile

scan). With this technology no adaptive real-time changes in waveform according to

the environment or target conditions are made. In contrast cognitive radar theory

involves storing this radar data and creating a feedback loop in order to adjust the next

radar waveform transmission by utilising the memory of the radarreceiver.

The radar detection problem with a stealth aircraft is that the frontal area of the

platform is treated to have as low as a radar cross section as possible.

We propose a possible algorithm that might provide a satisfactory amount of cognition

especially for stealth air targets by using a monostatic radar that is situated in front of

the oncoming aerial target. In other words we would like the radar to be able to be



more firm about a decision of whether a stealth aerial target is present that would not

have been detected with a conventional radar.

The radar sensor is an active or passive electronically scanned array (AESA or PESA)

antenna. This type of antenna has many elements that provide the functions of the

radar cube, which are beamforming, Doppler processing, synthetic aperture radar

(SAR/ISAR), pulse compression and space-time adaptive processing (STAP).

The proposed cognitive radar methodology introduces an expert system that will

choose to group element outputs according to the radar cube representation. For

example the proposed cognition radar system would learn how to automatically steer

the beamforming function in order to better support the magnifying glass effect of

STAP about an area of interest.

Analytically the methodology involves two parallel steps. The first looks for compatible

spectral varieties in an area with all radar cube formations. This is done by examining

the mutual information of successive passes. Heavy dependence means that the

detected energy has a similar profile, thus it is coming from a non random event like

noise and it has high probability of being an aircraft. Then the prevalent energy

contents are declared as detections. In parallel an eigenfunction analysis is performed

on these detections in order to verify that the detections form a logical track from an

aerial target. Should this be so the cognitive radar alerts about the presence of the faint

stealth target.

Therefore the novelty suggested in this paper is the enhancement of the detection of a

stealthy target by using only one radar looking at the frontal area of the aircraft. The

cost is the utilisation of an expert system and high computer processing power.

In conclusion, the artificial intelligent system that supports the expert system of the

cognitive radar tries to optimally entangle all radar cube functions in order to make a

educated decision of which is the best radar mode for a particular surveillance sector.


A survey of group-based cryptography

Sotirios D. Hasapis 1 and Demetrius Panagopoulos 2

1 19, S. Davaki Str., Keratsini GR-18757, Greece


2 3, Pelopa Str., Gerakas GR-15344, Greece


Abstract The article is a short exposition of group-based cryptography. After a short

introduction, the exposition begins with several public key cryptosystems that are

based on group theory.

Next, group-based secret sharing protocols are presented. The relation between group

theory and hash functions and group theory and random generators is studied in the

following two sections.

The article concludes with a few remarks on some recent developments on group

theoretic analogs of classical combinatorial optimization problems.




How many trials does it take to collect all different types of

a population with probability ?

Aristides V. Doumas

(joint work with) Vassiis G. Papanicolaou

Department of Mathematics, National Technical University of Athens

Zografou Campus, GR-157 80 Athens, Greece


Keywords Coupon collector's problem(CCP), higher asymptotics, limit distributions.

Abstract Consider a population whose members are of different types (e.g.colors).

For we denote by the probability that a member of the population is of

type , where

and .

The members of the population are sampled independently with replacement and their

types are recorded. The so-called “coupon collector problem" (CCP) deals with

questions arising in the above procedure. Some key quantities are the moments of the

number TN of trials it takes until all types are detected (at least once).

The coupon collector problem (in its simplest form) had appeared in W. Feller's

classical work (An Introduction to Probability Theory and Its Applications, Vol. I & II,

1966) and has attracted the attention of various researchers since it has found many

applications in several areas of science (computer science, search algorithms,

mathematical programming, cryptography, optimization, learning processes,

engineering, ecology, as well as linguistics.

We discuss briefly the case of equal probabilities namely,

.

Motivated by a well known limiting result of P. Erdös and A. Rényi a few examples are

also presented.

For the general case of unequal probabilities, let



be a sequence of strictly positive numbers. Then, for each integer , one can create

a probability measure

on the set of types by taking

where

.

A key feature, is that the sequence which produces the 's can be of two (mutually

exclusive) kinds. We develop techniques of computing the asymptotics of the first and

second moment of the number of coupons that a collector has to buy in order to

find all existing different coupons as . In particular, we cover some important

families of distributions (e.g. linear and Zipf). From these asymptotics we obtain the

leading behavior of the variance

of .

Then, we combine our results with the general limit theorems of . Neal in order to

derive the limit distribution of (appropriately normalized), which, for a large class of

probabilities, it turns out to be the standard Gumbel distribution. We also give various

illustrative examples.


Cryptosystems and

Computations



Selecting Class Polynomials for the Generation of Elliptic

Curves

Elisavet Konstantinou1 and Aristeidis Kontogeorgis 2

1Department of Information and Communication Systems Engineering University of the Aegean, GR-83200, Karlovassi, Samos, Greece


2Department of Mathematics, National and Kapodistrian University of Athens, GR-157 84 Panepisimioupolis, Athens, Greece


Abstract Complex Multiplication (CM) method is a frequently used method for the

generation of ordinary elliptic curves (ECs) in prime fields Fp. This method eventually

entails the use of the roots (modulo the prime number p) of a certain class of

polynomials, called Hilbert polynomials that are characterized by high computational

requirements. However, there are several polynomials, called class polynomials, which

can also be used for the construction of elliptic curves instead of their much more

computationally demanding Hilbert counterparts. The latter do not directly construct

the desired EC, but they can be used to generate the EC provided that one can

transform their roots to the roots of their corresponding (generated by the same

discriminant - ) Hilbert polynomials. Hence, a natural question that arises is which

class field polynomial to use.

In this work, we will present in a unifying manner all possible class field polynomials

that can be used in the CM method and we will provide a theoretical asymptotic bound

for the bit precision requirements of all polynomials. Based on extensive experimental

assessments, we will give a hierarchy of the polynomials regarding their actual

precision requirements and compare these requirements with their theoretical

estimates. Among all known class polynomials, we will show that Weber polynomials

constructed with discriminants - have the smallest height and require the

least precision for their construction. Surprisingly, we will see that this fact does not

necessarily lead to the most efficient computations, since the congruences of

the discriminants affect the degrees of the polynomials.




Orbit Computations and Matrix Factorization

in Finite Fields

Gerasimos C. Meletiou1, Demetrius S. Triantafyllou2 and Michael N. Vrahatis3

1 A.T.E.I. of Epirus, P.O.110, GR-47100 Arta, Greece,

and

University of Patras Artificial Intelligence Research Center, University of

Patras,GR-26110 Patras, Greece


2 Department of Mathematics and Engineering Sciences,

Hellenic Military Academy,



3Computational Intelligence Laboratory, Department of Mathematics, University of

Patras, GR-26110 Patras, Greece,


Abstract The Discrete Logarithm function and the Diffie-Hellman mapping are

revisited. We use Vandermonde matrices for their representation. Both of the above

mentioned cryptographic functions admit expression as a product of matrices.

First we consider orbits of repeated applications of the cryptographic

transformations. The length of the orbit is related to the robustness of the

cryptosystem. We determine it either by computational experiments or with

theoretical tools. We investigate the behavior of powers of matrices constructed from

the generators a of multiplicative groups for several primes in . We study the

convergence of the powers of these matrices to the identity matrix in respect of the

generator a, the prime numbers p and the elements of the main diagonal of the

matrices. Several examples and graphs are given concluding to useful remarks.

Finally, matrix factorization approach (LU factorization) is used. Obtaining

lower bounds of the length of the orbits is one of our goals. Facing the computational

equivalence of the Discrete Logarithm problem and the Diffie-Hellman problem is

another goal.

References





[1] W. Diffie and M. Hellman: New directions in cryptography, IEEE Trans. Inf. Th.,

22(6) (1976), pp. 644–654.

[2] L. Glebsky and I. Shparlinski: Short Cycles in Repeated Exponentiation Modulo a

Prime, Des. Cod. Crypt., 56(1) (2009), pp. 35–42.

[3] B.N. Datta: Numerical Linear Algebra and Applications, Second Edition,

SIAM, United States of America, 2010.

[4] G.H. and Van Loan, C.F.: Matrix Computations, Third Edition, The John Hopkins University Press, Baltimore, London, 1989.

[5] G. Meletiou and G. Mullen: A note on Discrete Logarithms in finite fields, A.A.E.C.C. 3 (1992), pp. 75–79.

[6] G. C Meletiou, E.C. Laskari, D.K. Tasoulis and M.N. Vrahatis: Matrix

representations of Cryptographic Functions, Journal of Applied Mathematics and

Bioinformatics, 3(1) (2013), pp, 205-213.

[7] G. Meletiou and A. Winterhof: Interpolation of the Double Discrete Logarithm,

LNCS, 5130(2008), pp. 1–10.

[8] D. Triantafyllou, Numerical Linear Algebra methods in Data Encoding and

Decoding, Journal of Applied Mathematics & Bioinformatics, 3(1) (2013), pp. 193-

203.

[9] A. Winterhof: A note on the interpolation of the Diffie-Hellman mapping, Bull.

Austral. Math. Soc., 64(3) (2001), pp. 475–477.


On the Computation of Best Second-Order Approximations of Boolean Functions

Nicholas Kolokotronis 1 and Konstantinos Limniotis 2,3

1Department of Computer Science and Technology, University of Peloponnese, End of Karaiskaki Street, 22100 Tripolis, Greece


2Hellenic Data Protection Authority, Kifissia 1-3, 11523, Athens, Greece E-mail: [email protected]

3Dept. of Informatics and Telecommuncations, National and Kapodistrian University of Athens, 15784, Athens, Greece


Abstract Boolean functions have a prominent role in cryptography. Their most

important applications are in the analysis and design of building blocks used in

symmetric cryptosystems, namely s-boxes in block ciphers and filter/combining

functions in stream ciphers. A fundamental property that a Boolean function is

required to have is high non-linearity; it determines the degree to which any

linear/affine function approximates , which in turn exhibits whether any linear

cryptanalytic attacks could be prevented. Nonlinearity has been extensively studied in

the literature, although there are still many open problems, such as computing the

maximum possible nonlinearity that any function with odd number of variables may

achieve ([1]).

More recently, the nonlinearity of order , which extends the classical notion of

nonlinearity, has gained much attention, owing to the fact that more sophisticated

cryptanalytic techniques have been introduced, such as low order approximation

attacks, which can threaten the security of cryptosystems that are resistant against

linear cryptanalytic techniques. More precisely, even if a Boolean function may be not

well approximated by any function of degree , it can not be considered as secure if it is

close to a function of low degree (where is the notable case).

Not much is known about the structure of functions with maximum –order

nonlinearity, as these values are unknown in general. Even the second–order

nonlinearity is unknown for all Boolean functions, with the exception of a small





number of variables, or some special cases ([4]). Moreover, proving bounds on the

–order nonlinearity is also a hard task, even for . Many results in this area are

stated in terms of other cryptographic properties, e.g. the lower bounds in [2, 11]; other

lower (resp. upper) bounds can be found in [4, 5, 7]–[6, 10, 12]–[14] (resp. [3, 5]). Finally,

computing the –order nonlinearity of a given Boolean function, as well as its best

–order approximations, is known to be a difficult task even for small values of .

In this paper, the problem of computing best 2-nd order approximations of Boolean

functions is studied. We shall first provide an overview of recent results in the area,

emphasizing on known classes of functions whose best 2-nd order approximations can

be efficiently computed due to their special properties - that is the separability ([9]). In

this context, best 2-nd order approximations of known cryptographic functions, lying

in the above classes, will be presented. Moreover, such classes of functions will be

studied from a different point of view, via departing from their algebraic normal form,

which is the basic presentation to reveal the separability property, and focusing on

their Fourier spectra, with the aim to further generalize the currently known results.

References

[1] C. Carlet: Boolean functions for cryptography and error correcting codes, chapter in

“Boolean Methods and Models”, E.Y. Crama and P. Hammer (eds.) Cambridge

University Press, 2006.

[2] C. Carlet: On the higher order nonlinearities of algebraic immune functions, in C.

Dwork (ed.) “Crypto 2006”, LNCS 4117 (2006), pp. 584–601, Springer, Heidelberg.

[3] C. Carlet and S. Mesnager: Improving the upper bounds on the covering radii of

binary Reed-Muller codes, IEEE Trans. Inform. Theory, 53(2007), pp. 162–173.

[4] C. Carlet: Recursive lower bounds on the nonlinearity profile of Boolean functions and

their applications, IEEE Trans. Inform. Theory, 54 (2008), pp. 1262–1272.

[5] G. Cohen and S. Litsyn: On the covering radius of Reed-Muller codes, Discrete Math.,

106107 (1992), pp. 147-155.

[6] T. Iwata and K. Kurosawa: Probabilistic higher order differential attack and higher

order bent functions, in K.Y. Lam, E. Okamoto, and C. Xing (eds.) “Asiacrypt 1999”,

LNCS 1716(1999), pp. 62–74, Springer, Heidelberg..


[7] S. Gangopadhyay, S. Sarkar and R. Telang: On the lower bounds of the second order

nonlinearity of some Boolean functions, Inform. Sci., vol. 180, no. 2, pp. 266–273,

2010.

[8] M. Garg and S. Gangopadhyay: Good second-order nonlinearity of a bent function via

Niho power function, IACR Cryptology ePrint Archive, report 171, 2011. [available at:

http://eprint.iacr.org/2011/171.pdf ].

[9] N. Kolokotronis, K. Limniotis and N. Kalouptsidis: Best affine and quadratic

approximations of particular classes of boolean functions, IEEE Trans. Inform.

Theory, 55 (11) (2009), pp. 5211–5222.

[10] X. Li, Y. Hu and J. Gao: The lower bounds on the second order nonlinearity of

cubic Boolean functions, IACR Cryptology ePrint Archive, report 009, 2010.

[available at: http://eprint.iacr.org/2010/009.pdf ]

[11] S. Mesnager: Improving the lower bound on the higher order nonlinearity of Boolean

functions with prescribed algebraic immunity, IEEE Trans. Inform. Theory, 54

(2008), pp. 3656–3662.

[12] D. Singh: Second order nonlinearities of some classes of cubic Boolean functions

based on secondary constructions, Int. J. Comput. Sci. Inform. Technol., 2 (2) (2011),

pp. 786–791.

[13] G. Sun and C. Wu: The lower bounds on the second order nonlinearity of three classes

of Boolean functions with high nonlinearity, Inform. Sci., 179 (3) (2009), pp. 267–278.

[14] G. Sun and C. Wu: The lower bound on the second–order nonlinearity of a class of

Boolean functions with high nonlinearity, Appl. Algebra Engrg. Comm. Comput.

(AAECC), 22(2011), pp. 37–45.

http://eprint.iacr.org/2011/171.pdf

http://eprint.iacr.org/2010/009.pdf


Hierarchical Secret Sharing through Multivariate Birkhoff Interpolation

Vassileios Markoutis1, Gerasimos C. Meletiou2 and Michael N. Vrahatis3

1Department of Mathematics, University of Patras, GR-26110 Patras, Greece,


2A.T.E.I. of Epirus, P.O.110, GR-47100 Arta, Greece,

and

University of Patras Artificial Intelligence Research Center, University of

Patras,GR-26110 Patras, Greece


3Computational Intelligence Laboratory, Department of Mathematics, University of

Patras, GR-26110 Patras, Greece,


Abstract The Shamir's well-known threshold secret sharing scheme ([1], [2]) is been

generalized by Tassa ([3], [4]). The set of participants is divided into levels and a hierarchical

structure is introduced. In this paper Lagrangian interpolation is replaced by Birkhoff

interpolation (a generalization of Lagrange and Hermite) and this is the novelty of the scheme.

In this presentation, we introduce Birkhoff interpolation over multivariate polynomials.

Again the set of participants is divided into levels. However the hierarchical relation between

levels is a kind of partial order.

References

[1] A. Shamir: How to share a secret, Communications of the ACM 22 (1979), pp. 612–613.

[2] G. J. Simmons: How to (really) share a secret, Advances in Cryptology – CRYPTO 88,

LNCS 403 (1990) pp. 390–448.

[3] Tassa Tamir: Hierarchical Threshold Secret Sharing, J. Cryptology 20(2007), pp. 237–264.

[4] Tassa Tamir and Dyn Nira: Multipartite Secret Sharing by Bivariate Interpolation, J.

Cryptology 22(2009), pp. 227–258.






Network Security



A Hybrid Artificial Intelligence System for Cyber Security

Konstantinos Demertzis (2Lt)1 and Lazaros Iliadis2

1, 2 Democritus University of Thrace,

Department of Forestry & Management of the Environment & Natural Resources

193 Pandazidou st., GR-68200 N Orestiada, Greece

E-mails: [email protected] and [email protected] 2

Keywords: Security, Network Intrusion and Anomalies, Machine Learning, Evolving

Spiking Neural Networks, Multi Layer Neural Networks

Abstract The evolution of network services is closely connected with the

understanding and modeling of their corresponding traffic. The obtained conclusions

are related to a wide range of applications, like the design of the transfer lines’ capacity,

the scalar taxing of customers, the security violations and the spotting of errors and

anomalies. Intrusion detection systems (IDS) monitor and analyze the events in traffic,

in order to locate indications for potential intrusion and integrity violation attacks,

resulting in the violation of trust and availability of information resources. They act in a

complimentary mode with the existing security infrastructure, aiming in the early

warning of the administrator, offering him details that will let him reach proper

decisions and correction actions.

This paper presents the proposal of an online network-based IDS which uses minimum

computational power to analyze only the basic characteristics of network flow, in order

to spot the existence and the type of a potential anomaly in a network. It is a Hybrid

Machine Learning-based Anomaly Detection System, which employs classification

performed by Evolving Spiking Neural Networks (eSNN), in order to properly label a

potential anomaly (PAN) in the net. On the other hand it uses a Multi Layer Feed

Forward (MLFF) ANN in order to classify the exact type of the intrusion.

1. The propose Intrusion Detection System

There are three approaches for designing and building IDS [1]. The Statistical, the

Knowledge based and the Machine Learning one which is in the main core of this

research effort.

1.1. Knowledge-based Anomaly Detection

The Knowledge Based Intrusion Detection systems (KBIDES) classify the data vectors

based on a carefully designed Rule Set or they use models obtained from past

experience in a heuristic mode.




1.2. Machine Learning-based Anomaly Detection

The Machine Learning Anomaly Detection (MLAD) approach automates the analysis of

the data vectors, and they result in the implementation of systems that have the

capacity to improve their performance as times passes.

1.2.1. The Hybrid Evolving Spiking Anomaly Detection Model

The Hybrid Evolving Spiking Anomaly Detection Model (HESADM) that has been

developed and discussed herein is based in the “Thrope” neural model which intensifies

the importance of the spikes taking place in an earlier moment, whereas the neural

plasticity is used to monitor the learning algorithm by using one-pass learning [2] [3].

The classification process, converts the data vectors in a sequence of spikes (analogues

of biological signals) by using an encoding scheme called Rank Order Population

Encoding (ROPE)[4]. The topology of the e-SNN is strictly the one of a feed forward

ANN, whereas the weights’ updates are done in the synapses of the neurons in the

Input Hidden and Output layers. Figure 1 is a graphical display of the ROPE approach.

Figure 1. The ROPE approach

The e-SNN method was used to identify the anomalies and Intrusions whereas a Multi

Layer Feed Forward (MLFF) ANN was used to classify their types.

2. The Data Set used

The KDDCup 1999 Data [5] set was used to test our approach. This data set was created

in the LincolnLab of MIT and it is the most popular free data set used in evaluation of

IDS. It contains recordings of the total network flow of a local network which was

installed in the Lincoln Labs and it simulates the military network of the USA air force.

The method of events’ analysis includes a connection between a source IP address and


a destination IP, during which a sequence of TCP packages is exchanged, by using a

specific protocol and a strictly defined operation time.

The KDDCup 1999 Data includes 41 characteristics which are organized in the

following 4 basic categories: Content Features, Traffic Features, Time-based Traffic

Features, Host-based Traffic Features. Also the attack are divided in four categories,

namely: Denial of Service (DoS), Remote to Local (r2l), User to Root (u2r), Probe.

3. Results

The following table 1 shows the successful classification performance of the e-SNN

towards the detection of the intrusions and Anomalies.

Table 1: Results of the (e-SNN) Intrusion Detection approach

Normal Full.data

k-Fold No. of evolved neurons

Elapsed time Classification

Accuracy Class 0 Class1

k-1 662 neurons 164 neurons 1002.99 sec 100.0%










average normal Full.data 10-Fold Classification

Accuracy 99,76%

A MLFF ANN was developed with 41 input neurons, corresponding to the 41 input

parameters of the KDDdataset, 33 neurons in the Hidden Layer and 5 in the output one

corresponding to the following output parameters: DoS, r2l, u2r, Probe, normal. The

performance of the classification shown in the following confusion matrices is very

high and it supports the validity of out model.


Figure 2. The confusion Matrix with the performance of the intrusion type

classification.

References

[1] P. Garcıa-Teodoro, J. Dıaz-Verdejo, G. Macia-Fernandez, E. Vazquez: Anomaly-

based network intrusion detection: Techniques, systems and challenges, Elsevier

computers & security 28(2009), pp. 18–28.

[2] Nikola Kasabov: “Evolving Connectionist Systems: The Knowledge Engineering

Approach”, Springer-Verlag New York, 2006, Inc., NJ, USA.

[3] Simei Gomes Wysoski, Lubica Benuskova, and Nikola K. Kasabov: Adaptive learning

procedure for a network of spiking neurons and visual pattern recognition. In

“Advanced Concepts for Intelligent Vision Systems”, pages 1133–1142, Berlin /

Heidelberg, Springer, 2006.

[4] Simon J. Thorpe and Jacques Gautrais: Rank order coding. In “CNS ’97: Proceedings

of the 6th annual conference on Computational neuroscience: trends in research”,

pages 113–118, New York, NY, USA, Plenum Press, 1998.

[5] [5] Salvatore J. Stolfo, Wei Fan, Wenke Lee, Andreas Prodromidis, and Philip K.

Chan: “Cost-based Modeling and Evaluation for Data Mining with Application to

Fraud and Intrusion Detection: Results from the JAM Project”, DARPA Information

Survivability Conference and Exposition, 2000, DISCEX '00.


Taxonomy of Cyber-Warfare Operations

Vasileios Vlachos 1, Charalabos Bountolos2 and Alexandros Papanikolaou 3

1, 2, 3 Department of Computer Science and Engineering, Technological Educational Institute of Thessaly, GR-411 10, Larissa, Greece

E-mails: [email protected], [email protected], [email protected]

Abstract The latest leaks of the ex-NSA employee Edward Snowden, as well as former

research based on open source intelligence feeds confirm that an alarming number of

stealth cyber-espionage operations were taken place over the last years in worldwide

scale. The scope of this paper is to taxonomies the most important ones as well as the

key players, agencies, stakeholders or groups in the cyberspace that conduct these or

similar operations. More importantly, this work surveys the landscape in Greece and

discusses the responsibilities and roles of the Greek agencies that are responsible for

the protection of the Greek cyberspace and the critical infrastructure of Greece. This

paper is organized as follows: In Section 2, we survey the most dangerous activities

from the most powerful and well-equipped states regarding their capabilities to execute

covert cyber-warfare and cyber-espionage. Section 3 presents our methodology

regarding the acquisition of the data and information discussed in this paper and

Section 4 emphasizes on the alarming results of this research regarding the awareness

of the Greek state to encounter similar threats.

1. Related Work

Most of the related work is based on Open Source Intelligence (OSINT) feeds. The

methodology is well known and has been carried out from various researchers. The

scope of these was mostly targeted to identify attacks against the US military and

industrial complex during 2001 to 2010. The origins of these threats according to this

research can be traced to China. Another significant piece of information, which was

acquired again by utilizing Open Source Intelligence, identifies the coordination of

cyber criminals and a particular former superpower during the conflicts in Estonia

(2007) and Georgia (2008). In cases of activism the perpetrators revealed themselves

their exact methodology as well as the illegally acquired data in order to gain more

publicity so as to pass their political views to a broader audience. Finally, an important

part of the recent evidence regarding US cyber operation has been revealed from

whistleblowers and leakers as was the case with the former NSA operative Edward

Snowden.

2. Taxonomy

Table 1 summarizes most of the latest findings during the last years. Our taxonomy

includes the following data in order to provide a more accurate overview of the goals





and motives as well the means and the techniques of most actors that are actively

involved in cyber operations. The first column identifies the origin of cyber-attacks.

Since most countries will not publicly admit that perform any kind of cyber espionage

of cyber offensive operations, one might dispute these findings. On the other hand, in

most cases there are strong indications both technical (IP addresses, messages revealed

in particular part of malware that has been utilized) or political (admission of state

officials, transcripts, leaked documents, political motives) that are hard to disregard.

The second column is the victim of an attack. In most cases the target of similar

operations are known and is difficult to cast doubts on this. Nevertheless, for various

reasons, the victims sometimes choose not to confirm that they have been the subjects

of attacks, but sufficient evidence reveals supports that they were indeed suffered from

similar covert cyber activities. The third column refers to the operations code names as

they were identified from the scientific and research community. Usually the first

researchers that were able to detect specific operations had the privilege to name them

accordingly. Another way to call these operations was the original code names from

various leaked documents. Finally, in some cases some cryptic messages in various

attacks (e.g. Gauss, Duqu) were sufficient to identify the whole cyber campaign. The

fourth column lists the tools (e.g. SQL injections) and the techniques (e.g. spear

phishing) that have been used to exploit the victim’s information systems in order for

the attackers to gain access in to them. The fifth column discusses the specific group or

agency that conducted the operation. Sometimes it is a state agency with a certain

degree of accuracy due to leaked or obtained evidence. In other cases it is an

approximation based on the techniques, tools, methodologies and other findings.

Despite the fact that most cyber-criminal groups or patriot hackers operate under the

auspices of a specific state, they tend to use the same attack vectors that utilise in their

daily activities and can therefore easily be identified. Finally, the sixth column

summarises some other items of particular interest on the specific attacks.

Table 1: Summary of transnational cyber-warfare incidents

Source country Target Operation codename

Techniques and tools

used

Confessed responsibility for the attack

Νotes

USA Iran Olympic Games. Probably the most significant covert manipulation of the electromagnetic

STUXNET malware

NSA – ANT Group

Cyber attacks on Iran’s nuclear facilities at Natanz. It is one of the first known uses of offensive cyber weapons. Stuxnet


spectrum since World War II, when cryptanalysts broke the Enigma cipher that allowed access to Nazi codes.

damaged hundreds of centrifuges at the Natanz nuclear plant. Internet-connected nuclear centrifuge that runs Siemens Simatic WinCC SCADA systems software, working in conjunction with 33 or more frequency converter drives.

USA and Canada Canada Passengers Tracking Operation is the trial run of “game-changing”.

Spying agencies tracking your location by capturing the MAC addresses of your devices.

NSA and CSEC Mandated to collect foreign signals intelligence to protect Canada and Canadians. CSEC is legally authorised to collect and analyse metadata. Slurped information from the free Internet hotspots to track anyone who passed through the airport terminal.

Russia and/or China

Western Europe, N. America, Tibetan activists, energy companies in Asia, military organisations, embassies, aerospace, trade and commerce.

Red October or Rocra, Advanced Cyber Espionage Campaign

Spear phishing emails, Chinese-made malware, Java exploit to infect machines.

Steal Diplomatic and Government information, scientific research, record keystrokes and webcam images, scan for open ports, grab and upload interesting files from PCs, servers and mobile devices.

China Oil and gas companies

Night Dragon Attacks

SQL injection attacks to compromise perimeter security, social engineering, phishing attacks.

Steal confidential and proprietary information, including project-financing details, relating to a number of oil and gas field projects.

China Google, companies from a wide range of businesses including the Internet, finance, technology, media and chemical sectors.

Aurora Trojan horse, phishing scams, malware

PLA Unit 61398 – “Comment Crew”.

Theft of intellectual property from Google, dozens of Gmail accounts belonging to human rights activists had been compromised and accessed by unauthorised parties.

China 14 different countries across N. America, Europe, India and E. Asia. Governments and corporations.

Shady Rat Spear phishing, remote administration tools (RATs), zero-day attacks.

The governments of the US, Canada and S. Korea, as well as the UN, the International Olympic Committee and 12 US defence contractors. Loss of intellectual property and secrets. Long-term

This taxonomy is a summary of the most important cyber offensive operations of the last decade. The actual number of cyber security is constantly increasing and therefore is extremely difficult to be summarised and discussed. On the other, hand not all of


them have the same impact on their targets, nor they use equally advanced techniques. The modus operandi of each actor is quite different and will be discussed in more detail in the next session. This taxonomy lists cyber-attacks that either deployed highly advanced techniques or had significant implications for their victims. In the first category fit the operations conducted by state security agencies that put to use highly advanced technologies and techniques just like zero-day exploits or the interception of the transcontinental communication cables. The other category involves low-tech attacks based on crowd sourcing, activism and political motivation. Tools like the LOIC Low Orbit Ion Cannon of the activist group Anonymous was extremely simplistic leaving the attackers complete exposed to the authorities as it did not changed or hide the source IP address, but due the overwhelming number of volunteers that participated managed to create significant damage. Finally, another group of attacks is in the middle of the spectrum. Cyber criminals and patriotic hackers operate with sophisticated malware that is jointly developed by various members and it is difficult to detect. In both cases these groups cooperate with states to perform cyber-warfare operations as they can provide possible deniability to their employers.

3. Discussion and Concluding Remarks

The outcome of this taxonomy aims to identify the current trends and threats in

modern cyber warfare operations. The findings that were present emphasize the

diversity of techniques, tools and methodologies which are applied in the cyberspace

from the different actors. The use highly sophisticated technological means as the

interception of communication cables or the trojanisation of hardware equipment as

well as the political pressure to obtain data from data and service providers (Microsoft,

Google, Facebook, Yahoo) are in the reach of powerful states and require significant

persuasive means to remain undetected. On the other hand advanced persistent threats

(APT) have now become more affordable to cyber criminals and small countries which

can either build them or acquire them as part of FaaS (Fraud as a Service) model which

is prevalent in various underground scenes and hacking forums. In addition to that

even the most simplistic techniques can be proven useful for the orchestration of

effective Distributed Denial of Service Attacks (DDoS). The table above summarizes

most of these latest developments in cyber warfare tactics. Due to the available space

limitations it is not possible to analyze them in more detail, but the current landscape

depicts the different strategic approaches of the state actors either through direct

attacks operated through security services or indirect with questionable proxy entities.

The involvement of security agencies that function secretly without providing the

necessary evidence to the government and the juridical system or the collaboration

with cyber criminals or patriot hackers increase the possibility of the escalation of

serious cyber conflicts with unpredictable consequences.


Security and Formation of Network-Centric Operations

Nicholas J. Daras

Department of Mathematics and Engineering Sciences, Hellenic Military Academy,


E-mails: [email protected] , [email protected]

Keywords: Network centric operations, multi-layer graph model, vertex pursuit game,

network centric warfare strategic formation, network centric operations – graphs,

operational utility function.

Abstract This paper explores various concepts related to the Network Centric Warfare

framework and investigates security and formation aspects of network centric

operations. It is divided into 5 sections.

The first section deals with definitions and background information of key terms such

as Cyber Warfare, Information Warfare, C4ISR, and Network Centric. Special emphasis

is given to Network Centric Operations (NCO) Conceptual Framework.

The second section briefly reports and analyzes the three main thematic NCO-pillars:

Net Centric Theoretical Foundations / Mathematical Modeling, Net Centric

Technologies and Related Issues and Operational Experiences.

Next, in the third section we apply graph theory concepts to NCO. To do so, we

consider Wong-Jiru’s multi-layer graph model of NCO and we describe interlayer

relationships. Our analysis proceeds with definitions and implications of several NCO-

layered metrics (: out-degree, in-degree, density, reachability, point connectivity,

distance, number of geodesics, maximum flow, network centrality, Freeman degree

centrality, betweenness centrality, closeness centrality, edge betweenness, flow

betweenness). The section ends with the mention of key advantages of the multi-layer

NCO model.

The fourth section investigates the security problem of network centric operations by

applying methods of vertex pursuit games. Specifically, we suppose an intruder (or

attacker) has invaded into the complex process of a Network Centric Operation with

the intention to destroy or cause sabotage at the vertices of one or more of its five

layers (:Processes, People, Applications, Systems, Physical Network). The intruder

could represent virus or hacker, or other malicious agents intent on avoiding capture. A

set of searchers are attempting to capture the intruders. Although placing a searcher on

each vertex of a layer guarantees the capture of the intruders, we discuss and

investigate the more interesting (and more difficult) problem to find the minimum

number of searchers required capturing the intruders. A motivation for minimizing the

number of searchers comes from the fact that fewer searchers require fewer resources.




Network Centric Operations that require a smaller number of searchers may be viewed

as more secure than those where many searchers are needed.

Finally, in section 5 we take up with the problem of network centric warfare strategic

formation. After introducing distance-based operational utility functions, we keep to

the study of two layer distance-based operational utilities and of best response NCO-

graphs. Then, we consider pairwise operational stability in the network centric

operations and we conclude with a study of the network centric operations formation

with arbitrary operational utility functions.

References

[1] D. S. Alberts, J. J. Garstka and F. P. Stein: Network Centric Warfare: Developing and

Leveraging Information Superiority, 2nd Edition (Revised). Washington, DC: CCRP

Publication Series, 2002.

[2] B. Alspach: Sweeping and searching in graphs: a brief survey, Matematiche 59 (2006),

pp. 5-37.

[3] A. Bonato: A Course on the Web Graph, American Mathematical Society Graduate Studies Series in Mathematics, Providence, Rhode Island, 2008.

[4] F.R.K. Chung, L. Lu, Complex graphs and networks, American Mathematical

Society, U.S.A., 2004. [5] J. Gao, S. V. Buldyrev, S. Havlin, and H. E. Stanley: Robustness of a network formed

by n interdependent networks with a one-to-one correspondence of dependent nodes, Phys. Rev. E, 85 (2012), p. 066134.

[6] A. Grover: Cyber War’s Final Frontier: Network Centric Warfare Framework,

http://www.itffroc.org/articles/ag_cyberwar.pdf

[7] M. Kurant and P. Thiran: Layered Complex Networks, Physical Review Letters, PRL 96 (2006) pp., 138701.

[8] Network Centric Operations Conceptual Framework. Version 1.0

http://www.dtic.mil/dtic/tr/fulltext/u2/a457620.pdf

[9] S. Neufeld, R. Nowakowski: A game of cops and robbers played on products of

graphs, Discrete Math. 186 (1998), pp. 253-268.

[10] E. M. Shahrivar and S. Sundaram: Strategic Multi-Layer Network Formation, 52nd IEEE Conference on Decision and Control, December 10-13, 2013. Florence, Italy, pp. 582-587.

[11] A. Wong-Jiru, Major, USAF: Graph Theoretical Analysis of Network Centric

Operations Using Multi-Layer Models, Thesis, Air Force Institute of Technology,

Department of the Air Force, Air University, Wright-Patterson Air Force Base, Ohio,

September 2006.

http://www.itffroc.org/articles/ag_cyberwar.pdf

http://www.dtic.mil/dtic/tr/fulltext/u2/a457620.pdf


Run and Scan Statistics Models and their Applications in

Transposition Systems and Networks

Ioannis Triantafyllou 1 and Markos Koutras 2 1

Department of Statistics and Insurance Science, University of Piraeus,

80 Karaoli and Dimitriou Str., 18534 Piraeus, Greece


Keywords: Almost Perfect Run, Scan statistic, Consecutive type systems, reliability

function, system's lifetime, transposition systems, network security

Abstract In this paper we present several results related to the family of consecutive-

type systems. A linear (circular) consecutive k−out−of−n: F system consists of n

components which are linearly (circularly) arranged and the system fails if and only if

at least k consecutive components fail; for a review see [4], [5] and the monograph [8].

The probability model associated with this system is closely related to the distribution

of runs of fixed size in a sequence of binary trials. The most popular applications of

these systems pertain to telecommunication and pipeline network modeling as well as

integrated circuits design.

A natural and intuitively appealing generalization of the runs principle arises if

instead of looking at fixed-length strings of successes, we allow the appearance of a

small number of failures. Therefore, the focus is on clusters of consecutive trials which

contain large proportion of successes. Such a formation is traditionally called “scan” or

alternatively, if a high concentration of successes within it is attained, almost perfect

(success) run (see [2] and [6]). The scan statistic has been used in the related literature

to produce reliability structures with more flexible operation principle, as compared to

the consecutive k−out−of−n: F system, as well as for studying Shewhart control charts

with sensitizing runs rules (see [8], [7] and the recent publications by Balakrishnan,

Koutras and Bersimis ([1]) and Bersimis, Koutras and Papadopoulos ([3])).

In this work we present several results for the family of consecutive type structures i.e.

systems whose operation mode is associated with the appearance of runs or almost

perfect runs (scans) of working components. We indicate how these results can be

exploited for the study of the string matching problem, namely the problem of finding

an exact pattern in a string or finding similar patterns in two strings (also known as

approximate string matching). Finally, we focus on specific applications in the field of

1

1 Work supported by the Aristeia II action under the operational programme “Education and

Lifelong Learning”.




transposition systems and networks which are of major importance in military

activities.

References

[1] N. Balakrishnan, M. V. Koutras and S. Bersimis: Run and Frequency Quota Rules in

Process Monitoring and Acceptance Sampling, Journal of Quality Technology, 41

(2009), pp. 66-81.

[2] N. Balakrishnan and M. V. Koutras: Runs and Scans with Applications, John Wiley &

Sons, N. Y., 2002.

[3] S. Bersimis, M. V. Koutras and G. K. Papadopoulos: Waiting time for an almost

perfect run and applications in statistical process control, Methodology and

Computing in Applied Probability, 16(2014), pp. 207-222.

[4] M. T. Chao, J. C. Fu and M. V. Koutras: Survey of the reliability studies of

consecutive-k-out-of-n:F and related systems, IEEE Transactions on Reliability,

44(1995), pp. 120-127.

[5] S. Eryilmaz: Review of recent advances in reliability of consecutive-k-out-of-n: F and

related systems, Proceedings of the Institution of Mechanical Engineering-Part O-

Journal of Risk and Reliability, 224, (2010), pp. 225237.

[6] J. Glaz, J. Naus and S. Wallenstein: Scan Statistics, in Springer Series in Statistics,

Springer, Berlin Heidelberg New York, 2001.

[7] M. V. Koutras, S. Bersimis, and P. E. Maravelakis: Statistical Process Control using

Shewhart Control Charts with Supplementary Runs Rules, Methodology and

Computing in Applied Probability, 9 (2007), pp. 207-224.

[8] W. Kuo and M. J. Zuo: Optimal Reliability Modeling: Principles and Applications,

John Wiley & Sons, N.J., 2003.

http://apps.isiknowledge.com/full_record.do?product=WOS&search_mode=GeneralSearch&qid=2&SID=X2daDFkHeO5oD2g8GD9&page=1&doc=3

http://apps.isiknowledge.com/full_record.do?product=WOS&search_mode=GeneralSearch&qid=2&SID=X2daDFkHeO5oD2g8GD9&page=1&doc=3


CyberWarfare



Protecting our Cyber Domain from Cyber Attacks

Spyridon Papageorgiou, Cdr (HN)

MSc, GCIH, GPEN, GWAPT, GREM, OSCE, GCFA

Director, Hellenic National Defence General Staff

Cyber Defense Directorate, Greece


Abstract The rapid development of Information and Communication Technologies

(ICTs) over the last decades has contributed a lot to the advancement of humanity. The

access of new technologies in every aspect of human life has been extended to such a

degree that, major public sector industries, such as National Security, Education,

Government, Health, Public Safety, as well as sectors such as Nutrition, Energy,

Economics and Transportation & Communication, are closely related to the new ICTs.

Thus, information and communication systems and technologies are currently playing

an important role in ensuring a State’s proper functioning and the well-being of its

citizens, and cyberspace, the common ground of all these, acts as the connecting link

between them.

Cyber space with its openness, interconnection and dependency, confronts great

vulnerability. The increasing number of cyber attack incidents reported on a regular

basis has transformed ‘Cyberspace’ into a battlefield, bringing to light ‘Cyber warfare’ as

the ‘fifth dimension of war’. Attacks from cyber space pose a direct threat to our safety

and the proper functioning of our state. Cyber attacks have a profound negative impact

on our daily lives. Worldwide cyber attacks are an important threat to national

security, alongside international terrorism.

Safety and security in cyber space have become top priorities worldwide.

Nowadays, it is a fact that every nation, every organization, everyone is relying more

and more on CIS technology and everything that interacts with it. This fact makes

Cyber-security an indispensable part of daily activities in every level: personal,

organizational, national and international. Cyber-security, as the European

Commission states in its most recent Communication on EU’s Cyber-security Strategy,

‘... commonly refers to the safeguards and actions that can be used to protect the cyber

domain, both in the civilian and military fields, from those threats that are associated

with or that may harm its interdependent networks and information infrastructure’.

Those threats, commonly referred to as cyber-attacks include actions ‘... taken to

undermine the functions of a computer network for a political or national security

purpose’.

So the term cyber-security refers to technologies and processes designed to

protect national infrastructures in cyber space, the exchange of data in cyber space and,




above all, the people using cyber space from unauthorized access, vulnerabilities and

attacks delivered via the Internet by cyber criminals. Cyber – security preserves the

availability and integrity of the networks and infrastructure and the confidentiality of

the information contained therein.

Every nation has the responsibility to protect its Internet infrastructure from

cyber attacks. Citizens must feel confident that their data will be transmitted and

received fast and reliably way. The free access to liable and fully operating Internet, the

protection of personal data and privacy as well as the integrity and availability of

interconnected networks are the basis for national prosperity and security. We have to

understand that, "cyber-security and cyber defense is everyone's responsibility".

Probably the most typical problem arising with respect to cyber attacks and to the

way they are developed, is the inability to positively identify the key actor of the attacks,

resulting thus in major difficulties to handle the issue of ‘attribution’. To put it

differently, we can never be absolutely certain who is behind a cyber attack. This is due

to the fact that it is very difficult to decode and identify the location of the system that

originated the attack (it is a very time consuming process). Furthermore, the cost to the

attacker is much smaller than the respective one to the victim, since the victim of the

attack has to spend a lot of money in order to detect the origin of the attack and the

identity of the perpetrator. Inevitably, the question posed by everyone is the following

‘’who are the attackers?’’ Non-state actors (e.g. criminals, black hat hackers, organized

crime, hacktivists or terrorists) as well as state actors (e.g. secret services and the

military) may misuse cyber space for their own purposes. The threats in cyber space are

practically infinite. It is, therefore, top priority of Greece to help make cyber space

sufficiently safe and secure at personal, organizational, national and international level.

For a national cyber security regime, we must follow this general approach. We

have to work in parallel, in a top down and bottom up approach. Working in parallel,

will allow us to gain time and achieve our goals in less time. In our top down approach

the aim is to move from strategy (strategic level) down to implementation (tactical

level). In our bottom up approach we will move from the tactical level to the strategic

level. So, we have to work in parallel writing the institutional documents and

implementing all the corresponding cyber security infrastructures in order to achieve

cyber security. We must realize that the threat to our national security from cyber

attacks is real and growing. Cyber Threat is real, is growing and is evolving every day.

Working on the strategic level, the first thing to do is to write down all the

related institutional documents. Writing a national cyber security strategy should be

our top priority. Within the cyber security strategy, we have to ensure the overall

coordination of all relevant public and private stakeholders both at the political-

strategic level and the operational level. We have to establish a Cyber Security National


Authority responsible for coordinating all relevant stakeholders at a political-strategic

level.

At operational level we have to take advantage of existing operational structures.

Operational structures can be the CERTs (Military, National, Academic, private) and

the Internet service Providers (ISPs). All the operational stakeholders must be

coordinated from the Cyber Security National Authority giving roles and

responsibilities in our existing cyber security structures. Both public and private sectors

can develop a common understanding of their perspective roles and responsibilities

related to cyber security. It will be necessary to lay down, in detail, responsibilities,

powers and spheres of action of all stakeholders, their role in the event of crisis, their

role in the event of a cyber attack in our critical infrastructures, as well as their

interaction with the Cyber Security National Authority and among them. We must be

specific on how they will interact on a day to day basis.

The aim of the government is to define the role, responsibilities and power of

state and non-state actors in cyber space and to create adequate framework conditions

for cooperation among all players. One of the most important aspects of a cyber

security strategy is the development of trust among national stakeholders. A minimum

of cyber security standard must be achieved in order to meet the needs and

expectations of all stakeholders.

Further action will include the preparation of a Cyber Security Communication

Strategy and the improvement of the resilience of critical infrastructures. Additionally,

we must promote national cyber security awareness. In order to ensure a high level of

cyber security, technical expertise based on state-of-the-art research and development

is required. Cyber security issues must be effectively addressed. International

cooperation is a key factor for an effective Cyber Defence Strategy. An action plan with

a specific timeline must be followed to implement all decisions taken at a strategic

level.

As a conclusion, a common approach can increase the long-term security,

stability and resilience of a State’s critical information and communication

infrastructures.


Risk Assessment Methodologies

for Cyber Attacks against Critical Infrastructures:

The Maritime Sub-Sector

Panos Mavropoulos, LtGen (ret)

Agiou Nectariou 30, 14122 Neo Iraklio


Abstract Cyber threats, within or through cyber space, are growing in recent years

both in severity and in covering all aspects of human activity. National and

supranational authorities assumed the responsibility to work for the protection of the

most important and sensitive infrastructures which for this very reason are called

critical. For a critical infrastructure protection program though, a risk assessment

component is indispensable ([1]). There is clearly a problem of risk assessment

methodology in extremely complex system-of-systems, as is the case of the maritime

sub-sector of the transport critical infrastructure sector.

The scope of this work is to review existing risk assessment methodologies and to

check their applicability vis-à-vis very complex systems (system-of-systems); an effort

will be made to develop a risk assessment approach suitable for the maritime sector.

This work will be based on the previous similar work by Giannopoulos et al ([2]), with

particular focus on the maritime sub-sector.

1. Methodology

The prerequisite of a sound critical infrastructure protection program is a reliable, well

thought and carefully crafted risk assessment. Risks, threats and vulnerabilities for

critical infrastructure sectors should be first identified and then analyzed. Risk

assessment, and Operator Security Plans, is already compulsory for maritime ports and

port facilities under existing European legislation ([3]).

There are a significant number of risk assessment methodologies for the critical

infrastructure. In general, the usual approach to risk assessment is rather common and

linear. All those methodologies comprise the same series of stages, namely the

determination and taxonomy of threats, the determination of vulnerability of the

systems under analysis and the evaluation of the possible impact on the systems. This

is a well-known and established approach for evaluating risks and forms the backbone

of almost all existing risk assessment methodologies ([3]).

According to Giannopoulos and others the risk assessment methodology is based on

three criteria, namely the scope of the methodology, the audience to which it is

addressed (policy makers, decision makers, research institutes) and their domain of

applicability (asset level, infrastructure/system level, system of systems level) ([2]). The



domain of applicability defines to a large extent the target group of the methodology.

For example, a risk assessment methodology applicable to systems at national or even

supranational level is mostly addressed to policy makers and relevant authorities and

less to operators or to asset managers at local level. Considering the maritime subsector

as a system of systems, the target audience of its risk assessment is rather policy makers

and relevant authorities than operators.

The interdependencies, inherent in systems-of-systems, make the work of analysis even

more difficult. According Rinaldi and others’ work there are four types of

interdependencies to be taken into account in the case of critical infrastructure, namely

the physical, the cyberspace, the geographical and the logical ([5]). This makes the risk

analysis particularly difficult, especially in the case of the maritime sector, which

presents an outstanding complexity.

The interdependencies amongst the critical infrastructures, considered in the maritime

sub-sector of the transportation sector can be categorized in three levels or categories.

Internal or sub-sectoral interdependencies amongst the maritime subsystems (ships,

ports, maritime, insurance or freight lease companies, etc), first level external or

sectoral interdependencies amongst the subsectors of the transportation sector of

critical infrastructures (air, rail, road transportation, etc), and second level external or

intra-sectoral interdependencies amongst the sectors of critical infrastructures (health,

economy, energy, satellite navigation and transport, etc).

The domain of applicability of a risk assessment methodology may be the most

important feature. The risk assessment methodologies for critical infrastructure

protection can be divided into two major categories, namely the sectoral approach,

where each sector is treated separately with its own risk methodologies and risk

ranking; and the systems approach, where critical infrastructures are treated as an

interconnected network ([3]).

The existing methodologies in general were developed as sectoral and were later

extended to be applied to more complex systems at system level, with all the

limitations of such an approach. A top-down approach would be more suitable for

complex system-of-systems and will be attempted here.

2. Applications

The maritime system, as an integral system, is an important element of the

transportation sector, which is considered as one of the most important national and

even supranational critical infrastructures. The maritime system itself consists of a

variety of diverse subsystems (navigation, ships, ports, port facilities, shipping,

insurance and freight companies, etc) all of which should work smoothly. As a major

part of transportation critical infrastructure sector, the maritime system drew the

attention of decision makers for its protection. Its complexity makes the


corresponding risk assessment a real challenge; the existing methodologies seem

inadequate to cope with the complexity of the system.

The European Network and Security Agency (ENISA) published the first European

Union report ever on cyber security challenges in the Maritime Sector. The report,

amongst others, highlights the particularities of the maritime sector vis-à-vis cyber

security ([4]).

Maritime cyber security awareness is currently low, to non-existent, at the level of

Member States, shipping companies, port authorities, national cyber security

offices, etc.

Due to the high ICT complexity, it is major challenge to ensure adequate maritime

cyber security.

Current maritime regulations and policies consider only physical aspects of

security and safety.

3. Prospected outcomes

The development of an ad hoc risk assessment methodology is by far a very ambitious

scope to be tackled in the context of a, limited space, research paper. Instead, the

prospect is to be able to develop criteria for the evaluation of existing risk assessment

methodologies vis-à-vis the particular characteristics of the maritime sector.

References

[1] Council Directive 2008/114/EC: On the identification and designation of European

critical infrastructures and the assessment of the need to improve their protection.

Official Journal of the European Union, 2008.

[2] European Commission, Joint Research Center: Risk Assessment Methodologies for

Critical Infrastructure Protection. Part I: A state of the art, by Giannopoulos, G,

Fillipini, R and Schimmer, M. Luxembourg, 2012.

[3] European Commission, SWD (2012) 190 final: On the review of the European

program for critical infrastructure protection (EPCIP). Brussels, 2012.

[4] European Network and Information Agency. Analysis of Cyber Security Aspects in

the Maritime Sector. Heraklion, 2011.

[5] S.M. Rinaldi, J. P. Peerenboom and T. K. Kelly: Identifying, Understanding and

Analyzing Critical Infrastructure Interdependencies. IEEE Control Systems

Magazine, December 2001, pp. 11-25.

http://www.enisa.europa.eu/activities/Resilience-and-CIIP/critical-infrastructure-and-services/dependencies-of-maritime-transport-to-icts/cyber-security-aspects-in-the-maritime-sector-1

http://www.enisa.europa.eu/activities/Resilience-and-CIIP/critical-infrastructure-and-services/dependencies-of-maritime-transport-to-icts/cyber-security-aspects-in-the-maritime-sector-1


Cyber Warfare and Incident Response

Ioannis Makripoulias 1, Anastasios Papathanasiou2,

Alexandros Papanikolaou3, Vasileios Vlachos4

1,2Cyber Crime Prosecution Subdivision, Financial Police and Cyber Crime Unit,

Hellenic Police

E-mails: [email protected] 1 , [email protected] 2

3,4Department of Computer Science and Engineering, Technological Educational

Institute of Thessaly, Greece


Keywords: critical infrastructure, cyberspace, cyber-attack, cyber-security

Abstract Nowadays, in the so-called “Information Age”, the battlefield is not

necessarily some part of land, sea or air. Cyberspace is the current place for

confrontation among countries and for performing their military operations in a

manner similar to those on land, sea, air and space [1]. Similarly to a “traditional” war

where among each party’s interests is to locate and bomb the enemy’s strategic targets,

in the case of cyber-warfare the enemy’s critical infrastructures are usually among the

primary targets.

The term critical infrastructures covers all these infrastructures that are necessary for a

country’s normal operation. Critical infrastructures include water supply, power supply,

transport, telecommunications, power production, public health, government

mechanism, raw materials production, security (police, fire service, army, etc.) and

finance (banks, stock market, etc.). A formal definition of critical infrastructures has

been formed by both the EU [2] and the USA [3]. It is quite a worrying fact that critical

infrastructures constitute a much weaker target than military ones, since the analysis of

their information systems and the discovery of vulnerabilities are significantly easier

tasks, due to the existence of open-source intelligence (OSINT). The importance of

protecting critical infrastructures effectively emerges from the fact that the President of

the USA recently issued the Executive Order 13636 on improving critical infrastructure

cyber-security [4]. Moreover, NIST recently published a technical report [5] containing

a framework for improving cyber-security on critical infrastructures, applicable to any

organisation, regardless of size and cyber-security risk. In this report, multiple

approaches to cyber-security are presented, as well as the latest related standards,

guidelines and practices.

The sources of the attacks against critical infrastructures vary according to the motives

of the attackers, such as private interests (e.g. industrial espionage), organised crime,

terrorist organisations, state entities (e.g. acts of war) or even personal satisfaction






(e.g. hackers). A cyber-attack against critical infrastructures aims at intercepting

data/communications, downgrading the quality of offered services (or even totally

interrupting them), or even destroying the infrastructure itself.

In Greece, there are several entities, either directly or indirectly responsible for matters

of cyber-defence and cyber-security, as well as for the protection of critical

infrastructures, such as state authorities, services, state mechanisms and independent

authorities. The most important of them that are directly related to critical

infrastructures and national security are: the Hellenic National Defence General Staff

(HNDGS), the Cyber-Defence Division of the HNDGS, the National Intelligence

Service, which is an Information Security Authority (Law 3649/2008) and the Hellenic

Police through its Division of Crisis Management (Hellenic Police Headquarters) and

its Cybercrime Prosecution Subdivision (P.D. 9/2011).

In this work we present how the competent security authorities deal with incidents of

cyber-crime and cyber-attacks.

1. Methodology for Handling Cyber-attacks

As soon as a cyber-attack against critical infrastructures is detected, the competent

immediate response authorities attempt to confront these attacks by following specific

procedures which are presented in the sub-sections below.

1.1 Identification of the Attack

In order to confront a cyber-attack, an accurate identification of the attack must

initially take place, aiming to determine its targets and the nature of the threat (data

interception, infrastructure destruction attempt, service downgrade, etc.).

1.2 Securing Data and Infrastructures

A critical step in confronting a cyber-attack is to secure the critical data and

infrastructures immediately. There are two main cases:

The attack is in progress: In this case, effort is made to secure any critical data

and infrastructures, without interrupting the attack before the necessary

information regarding the nature of the attack has been gathered.

The attack has been completed: In this case, effort is made in order to prevent

the same attack from reoccurring in the near future.

1.3 Collection of Evidence and Exhibits

Once the systems that were the target of the attack have been identified, it is

determined whether they have to be taken to specialised laboratories or be examined

on site. During this process, it is absolutely imperative to carefully follow all necessary

procedures, in order to ensure the integrity of the collected exhibits and data, as it

happens in every cyber-crime incident (compute hash values of the collected data, safe

transportation and storage of the physical media, etc.).


1.4 Acquiring a System Image

Every exhibit that has been collected gets imaged, namely an identical copy of its

storage media (including RAM memory) is made. Any analysis will be performed on the

acquired images, thus preserving the integrity of both the system and the data.

1.5 Data Analysis

The following types of analysis may be performed on each affected system, depending

on the particular characteristics of each case:

Computer analysis: Involves analysing the system’s software, stored data, log files,

RAM contents at that time and any storage media that are attached to the system.

The aim is to reveal the means that were used for the attack (e.g. some specially-

crafted malware), the attack source (through log files examination) and the exact

objective of the attack (unauthorised data access or modification).

Network analysis: During this process all networked devices that may be keeping

log files, such as routers and firewalls are analysed. Protocols are analysed in all

layers, in an attempt to identify the source of the attack and the means through

which the attack was conducted.

Malware analysis: Most cyber-attacks include at some point the use of malicious

software. Therefore, the malware has to be captured and have its malicious code

analysed, in order to unveil its precise operation. Out of this evidence, the exact

target of the attack may be identified, as well as its origin.

Mobile analysis: If, at any instance throughout the attack, cellular network

communication took place, then the analysis of the devices that were used is

required, as well as any useful information from the cellular network.

1.6 Results Extraction and Revision of Configuration

Once the results of the analysis have been extracted, they are reviewed and the systems

are patched or reconfigured, so as to eliminate the identified vulnerabilities. A re-

evaluation of the security measures follows, in order to determine the new level of the

security measures.

1.7 Data Collection from the Source and Counter-Attack Actions

Under certain circumstances, a counter-attack may also be justified. Nevertheless, for a

counter-attack to be launched, certain preconditions must be satisfied and the relevant

authorisations from the competent security agencies and military services must have

been given. Indicative examples of such actions are listed below, in increasing order of

offensiveness:

Gain access to the source and collect additional data: This is further divided into

two cases, depending on the nature of the attack and the physical location of the

source:


o Application for supplying the required data via a trans-national

agreement.

o Attempt to break into the source and acquire the needed data.

Denial of Service (DoS) attack against the source: A denial of service attack is

launched against the source, aiming at inhibiting or even disrupting the attack,

given that the latter is still in progress.

Destruction of the source: In the case that this is feasible and the required

preconditions are satisfied (act of war), it is possible to attempt gaining access to

the source and destroying it, or even attack against other war targets.

Deception: Using this approach, should the attack be aiming at gaining

unauthorised access to data and while the attack is still in progress, the attacker

is supplied with false data. In this way, any unlawfully acquired data by the

attacker is rendered useless, since it is impossible to distinguish the false from

the real data.

References

[1] W. Gragido and J. Pirc: “Cybercrime and Espionage: An Analysis of Subversive

Multi-Vector Threats”, Syngress, 2011.

[2] “Council Directive 2008/114/EC of 8 December 2008 on the identification and

designation of European critical infrastructures and the assessment of the need to

improve their protection”, http://eur-

lex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:L:2008:345:0075:0082:EN:PDF

[3] “Uniting and strengthening America by providing appropriate tools required to

intercept and obstruct terrorism (USA Patriot Act) act of 2001”, Public Law 107–56,

Oct. 26, 2001.

[4] “Improving Critical Infrastructure Cybersecurity”, Executive Order 13636, Feb. 12,

2013.

[5] “Framework for Improving Critical Infrastructure Cybersecurity”, Technical Report,

National Institute of Standards and Technology (NIST), Feb. 12, 2014. Version 1.0.

http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:L:2008:345:0075:0082:EN:PDF

http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:L:2008:345:0075:0082:EN:PDF


Hacking and Securing Java Web Applications

Nikolaos Papadakis

Department of Mathematics and Engineering Sciences, Hellenic Military Academy,



Abstract The 95% of web applications have vulnerabilities including: cross-site

scripting, SQL injection, parameter tampering, cookie poisoning, database server, web

server, buffer overflow, etc.

In this presentation the most important and frequent mistakes from a Java programmer

stand point are presented aiming at showing how to build Java web applications

secured from the most common security hacks.

The OWASP Top 10 list of vulnerabilities is also presented. The Open Web Application

Security Project (OWASP) is an open-source web application security project. The

OWASP community includes corporations, educational organizations, and individuals

from around the world.

Each vulnerability category, according to the OWASP Top 10 list, is examined and

relative corrections are provided by presenting simple and easy to understand

examples.




Information Security



Large-Scale Early Warning System

Spyridon Kollias 1, Alexandros Papanikolaou 2 and Vasileios Vlachos 3

1Department of Computer Science, University of Piraeus, Karaoli & Dimitriou Str. 80, GR- 185 34, Piraeus, Greece


2Department of Computer Science and Engineering, Technological Educational Institute of Thessaly, GR-411 10, Larissa, Greece


3Department of Computer Science and Engineering, Technological Educational Institute of Thessaly, GR-411 10, Larissa, Greece


Abstract Contemporary hostile activities against IT systems demonstrate that existing

security applications are not capable of repelling all threats efficiently. In particular

latest empirical data and theoretical studies demand for a diversified system, which will

enhance the security in a different level of abstraction. We present a Large-Scale Early

Warning System named PROTOS (PROactive Threat Observatory System).

4. Aims

PROTOS is a large-scale early warning and protection system against previously

unknown malware threats. The system aims to provide timely and accurate

information on malicious software epidemics and Distributed Denial of Service (DDoS)

Attacks against its members. Moreover, the PROTOS system is designed to provide

basic protection to the PROTOS clients by automatically hardening of the operation

system when virulent computer worms propagate uncontrollable. The automatic

configuration of the security level of the operating system, the security software and

other custom applications intend to delay the propagation of malicious worms until

software patches and security signatures are available to PROTOS users. Therefore, the

PROTOS system is an appropriate protective mechanism against unknown distributed

threats in the form of computer viruses, worms or other malicious applications that

targeted (DDoS) or untargeted (malware epidemics).

5. Methodology

The operation of this system is based on the basic principles of epidemiology and

public health. The established best practices suggest that during a flu epidemic the

susceptible population should take some protective measures until a vaccine is

available. These safety-related restrictions focus on the avoidance of crowded places

and the strict enforcement of hygiene rules. The PROTOS system is a metaphor of this





approach to the Internet ecosystem. A number of distributed sensors gather

information about the malicious activity as is perceived by each PROTOS sensor. The

rate of change of the recorded security incidents is transmitted regularly every minute

to the PROTOS server. The latter aggregates the data from all the sensors and applies

some basic epidemiological metrics to identify whether a worm epidemic is on the rise

threatening all the system or a specific member of the PROMIS Group is under a DDoS

attack. The typical operation of a PROTOS sensor is as follows: It checks the firewall

log file every 30 seconds and calculates the number of the intercepted attacks in the

form of dropped/denied packets and establishes the local malicious activity, as well as

the epidemic rate according to Σφάλμα! Το αρχείο προέλευσης της αναφοράς δεν βρέθηκε.

and Σφάλμα! Το αρχείο προέλευσης της αναφοράς δεν βρέθηκε.. In these equations, is the

ordinal number of a fixed time interval, is the client identifier, is the number of

security incidents received by node in the time interval . The “time-window” used in

a number of time intervals is .

Equation 1: The rate of the intercepted malicious activity.

Equation2: The epidemic rate.

Thereafter, the PROTOS sensor transmits this information to the PROTOS server,

which computes the global malicious activity, based on Σφάλμα! Το αρχείο προέλευσης της

αναφοράς δεν βρέθηκε..

Equation 2: The global malicious activity.

If the global malicious activity exceeds a predefined upper threshold the PROTOS

Server instructs the PROTOS Sensors to increase their security level by applying a set of

predefined countermeasures. Similarly if the global malicious activity is under the

lower threshold, the PROTOS Sensors are returned to their normal operation based on

the scenarios below:

If , then increase the security policy by disabling non-essential

services, for example HTML preview in mail clients or by increasing the web


browser’s security settings, where is the predefined threshold to increase

the security settings of PROTOS.

If , then decrease the security policy by reactivating the

abovementioned services, where is the predefined threshold to decrease the

security settings of PROTOS.

If , do nothing.

6. Applications

PROTOS will be deployed on all computers of the Greek National School Network.

Also, several instances can be deployed in large scale private intranets to protect the

users from any inside threat without disseminate any information to the public. One

such example is shown in Σφάλμα! Το αρχείο προέλευσης της αναφοράς δεν βρέθηκε.. A

specialized central server of PROTOS will aggregate the information from the different

instances which want to participate to the PROTOS intelligence in order to propose the

current level of threat with better accuracy.

7. Results

PROTOS is expected to have a significant number of sensors in the early stage of its

lifecycle. Hence from the very beginning, PROTOS data can be used by administrators,

as well as by individuals in conjunction with other security mechanisms to protect their

systems. Furthermore, the heterogeneous environment that the PROTOS system

operates in, provides a more holistic approach of computer security in a specific time

domain. PROTOS consists of different subsystems, the most important of which is the

PROTOS sensor, which is responsible for collecting intelligence from individual

computers’ default security mechanisms and applications, regardless of their role in the

network. The more the sensors, the better the estimation of the current computer

security level will be. In addition, the collected local malicious activity has to undergo

some additional processing, in order to enable the estimation of the system’s security

level. The PROTOS server performs come extra processing on all the information that

has been sent to it and an aggregate result shows whether there is a significant change

in the rates of global security level, in real time. As soon as an increase or a decrease in

the malicious activity is detected, the warning system can notify the users or

administrators accordingly. PROTOS is counting over 150 distinct sensors in beta

version and visualizes the extracted information, so as to provide the user with an

initial view of the wider picture. The PROTOS sensors are be able to change the

security level, should an increase of malicious activity is detected, until it falls back to

the normal level. Future work demands to implement forecasting methods, in order to

foresee any imminent threats, nevertheless such methods are debatable and require a

lot of study.


Figure 1: PROTOS live plot.

References

[6] S. Staniford, V. Paxson and N. Weaver: How to 0wn the Internet in Your Spare Time, in the 11th USENIX Security Symposium, pp. 149-167, 2002.

[7] N. Weaver, V. Paxson and S. Staniford: A Worst-Case Worm, in Third Annual Workshop on Economics and Information Security (WEIS04), 2004.

[8] S. Staniford, D. Moore, V. Paxson and N. Weaver: The top speed of flash worms, in ACM workshop on Rapid malcode (WORM ’04), pp. 33-42, ACM Press, 2004.

[9] S. Staniford: Containment of Scanning Worms in Enterprise Networks, Journal of Computer Security, 2004.

[10] Taxonomy of Computer Worms, First Workshop on Rapid Malcode (WORM), 2003.


Implementation of Artificial Intelligence in INFOSEC Tasks

and Applications

Lieutenant Karapilafis Georgios

Garivaldi 26, Thessaloniki, GR-54642, Greece


Abstract Today, Information and System Security is one of the most challenging areas

of research and development in modern communication. More than ever, information

has immeasurable value. In data communication systems, data security is of prime

concern. Similar brain performance of Artificial Neural Networks, their adaptive

learning and performance of real time operations could give a significantly high

potential of developing a wide range of even better Information and System security

applications, including cryptographic methods, biometrics, Intrusion Detection

Systems, anti-phishing methods etc. Merging Artificial Neural Network and INFOSEC

related tasks could give a great potential on security concerns.

This paper discusses the implementation of Artificial Intelligence in INFOSEC

applications and the new perspective this could give.



The Concept, Utility-Criticality and Necessity of INFOSEC in

the Armed Forces

Major Konstantinos Lousios

Infosec officer/HNDGS

MSc Informatics – Msc Information Systems

5, Kleomahous Str., Chalkida 34100, Greece


Abstract The aim of this paper is to present the concept of InfoSec (Information

Security) as it is known internationally, analyzing critical aspects, based on both

theoretical knowledge of computer science, and practice - daily use and application of

including this term.

The presentation of the risks they face today all kinds of computers, networks and

information systems and the measures to be taken by users, network administrators

and security officers both in the environment of everyday life and the free market, and

in limited context of the Armed Forces, outlines its usefulness and how critical is the

InfoSec, for the operation and security of many applications with impact on a larger

scale in homeland security and national defense.

From the above, it is a logical consequence the need for better knowledge, wider

application and continuous monitoring of developments in the field of knowledge

InfoSec.

The systematic and integrated way of applying methods of protecting computers and

networks, through standardized procedures, describing its effectiveness and gives a

practical implementation of security conditions.



Critical Approaching and Implementing some Direct

Sequence Spread Spectrum (DS/SS)






Keywords: frequency hoping, direct sequence, jammers

Abstract Spread spectrum techniques were originated in answer to the needs of

military communications. They are based on signaling schemes, which greatly expand

the transmitted spectrum relative to the data rate. Spread spectrum communication

systems have many applications, including interference rejection, multiple accessing,

multi- path suppression, low probability of intercept transmission, and accurate

ranging. Of all the potential applications, the ability of a spread spectrum system to

withstand interference, both intentional and unintentional, is probably its greatest

asset.

This paper discuses the DS/SS techniques as also presents some simulating results

using Matlab.




Communications Security



Optical Methods in Cryptography and Cryptanalysis

Nikolaos Ouzounoglou

School of Electrical and Computer Engineering,

National Technical University of Athens, 15780 Athens, Greece,


Abstract Optical methods can be utilized in two different principles in Cryptography and

Cryptanalysis in practice:

(a) Utilize optical circuits as counterparts of electronic circuits to increase the

information processing speeds compared to traditional electronic digital circuits and

also make parallel implementation more efficient and easy.

(b) Utilize quantum properties of light waves and develop quantum properties to

develop cryptography and cryptanalysis optical circuits.

The difference between the two approaches relies on the fact that in the former case optical

waves are used as classical electromagnetic waves while in the latter case quantum

electrodynamics principles are utilized.

Comparison of the two approaches leads to conclusion related to practical use of the two

approaches and their limitation in terms of presently available technologies.



On the Resilience and Uniqueness of CPA for Secure

Broadcast

Chris Litsas 1, Aris Pagourtzis 2, Giorgos Panagiotakos 3 and Dimitris Sakavalas 4

School of Electrical and Computer Engineering,

National Technical University of Athens, 15780 Athens, Greece,

E-mail: [email protected] 1, [email protected] 2,

[email protected] 3, [email protected] 4

Abstract A fundamental problem in distributed networks is Secure Broadcast, in which

the goal is to distribute a message correctly despite the presence of Byzantine faults.

That is, an adversary may control several nodes and be able to make them deviate from

the protocol arbitrarily by blocking, rerouting, or even altering a message that they

should normally relay intact to specific nodes. In general, agreement problems have

been primarily studied under the threshold adversary model, where a fixed upper

bound t is set for the number of corrupted players and broadcast can be achieved if and

only if t<n=3, where n is the total number of players. The Broadcast problem has been

extensively studied in complete networks under the threshold adversary model mainly

in the period from 1982, when it was introduced by Lamport, Shostak and Pease ([8]),

to 1998, when Garay and Moses ([4]) presented the first fully polynomial Broadcast

protocol optimal in resilience and round complexity.

The case of a threshold adversary in incomplete networks has been studied to a much

lesser extent ([1-3, 7]), mostly through protocols for Secure Message Transmission

which, combined with a Broadcast protocol for complete networks, yield Broadcast

protocols for incomplete networks. Naturally, connectivity constraints are required to

hold in addition to the bound. Namely, at most corruptions can be

tolerated, where is network connectivity, and this bound is tight ([1]).

In the case of an honest dealer, particularly useful in wireless networks, the

impossibility threshold of does not hold; for example, in complete networks the

problem becomes trivial. However, in incomplete networks the situation is different. A

small number of traitors (corrupted players) may manage to block the entire protocol if

they control a critical part of the network, e.g. if they form a separator of the graph. It

therefore makes sense to define criteria depending on the structure on the graph

(graph parameters), in order to bound the number or restrict the distribution of

traitors that can be tolerated.

An approach in this direction is to consider topological restrictions on the adversary's

corruption capacity. The importance of local restrictions comes, among others, from

the fact that they may be used to derive local criteria which the players can employ in






order to achieve Broadcast in ad hoc networks. Such an example is the locally

bounded adversary model, introduced in [6], in which at most corruptions are

allowed in the neighborhood of every node.

1. Related Work

Koo ([6]) proposed a simple, yet powerful protocol for the locally bounded model,

the Certified Propagation Algorithm (CPA), and applied it to networks of specific

topology. In 2005 Pelc and Peleg considered the locally bounded model in generic

graphs and provided upper and lower bounds on the number of corrupted players

that can be locally tolerated in order to achieve Broadcast in terms of an appropriate

graph parameters ([9]). They left the deduction of tighter bounds as an open problem.

To this end, Ichimura and Shigeno proposed an efficiently computable graph

parameter which implies a tighter, but not exact, characterization of the class of graphs

on which CPA achieves Broadcast ([5]). It has remained open since 2005 to derive a

tight parameter revealing the exact number of traitors that can be locally tolerated by

CPA in a graph G with dealer . Here we provide a necessary and sufficient condition

in terms of a new graph parameter as explained below. Our approach allows to provide

an affirmative answer to the open problem of CPA Uniqueness ([9]).

2. Our results

In this paper we study the behavior of CPA in generic (incomplete) networks, with an

honest dealer. As we will see, this case essentially captures the difficulty of the general

problem, where even the dealer may be corrupted. Our first contribution is the exact

determination of the maximum number of corrupted players that can be

locally tolerated by CPA, for any graph and dealer . We do this by developing three

graph parameters:

is determined via an appropriate level-ordering of the nodes of the

graph. We show that is a sufficient condition for CPA to be t-

locally resilient and that ) is a necessary condition, implying that

. We prove that our parameter coincides

with the parameter of [5]. We further propose an efficient algorithm for

computing which is faster than the algorithm for computing

proposed in [5]. Note that this immediately gives an asymptotic 2-

approximation for ; we provide an example that shows that the ratio of this

algorithm is tight.

, depending also on a value , is a parameter that immediately reveals

whether CPA is locally resilient for graph and dealer D, by simply checking

whether . Therefore, via this parameter, we provide a

necessary and sufficient condition for CPA to be locally resilient. Such a

condition was not known until very recently, when a necessary and sufficient

condition was independently given in [10]. However, the way in which the


condition of [10] is defined implies a super exponential time algorithm to check

it (actually no algorithm is given in [10]). On the other hand, we will see that

even a naïve algorithm to compute would need single exponential

time.

, gives the maximum number of

corrupted players that CPA can tolerate in every node's neighborhood, hence

exactly determining .

In addition, using the parameter we prove that CPA is unique among the

locally safe ad hoc broadcast algorithms. That is, if a t-locally safe ad hoc broadcast

algorithm is resilient for a graph with dealer , then CPA is also resilient for ,

. Thus we provide and affirmative answer to the open problem of CPA Uniqueness

posed in [9].

Since the existence of a t-locally resilient Broadcast algorithm in a graph with dealer

obviously depends on the topology of , for a given local number of corruptions we

may define and compare the classes of graphs (with a designated dealer-node)

determined by the properties and topological conditions that have appeared in the

literature so far, including the ones defined in our work. An overview of the

corresponding classes and their relation is depicted in Figure 1.

Fig. 1. Overview of conditions related to the existence of t-locally resilient algorithms.

Parameters and are defined in [9] and is from [5].

Continuous lines show strict inclusions.

3. Applications

As distributed computing becomes more popular and widely used in contemporary

networking, the need for strong theoretical support for reliable communication

between parts of the network increases. In certain applications fault-tolerance and


security become a crucial issue. For example, for a distributed system that handles the

communication of an army in a battlefield faulty transmissions and malicious

interference have to be eliminated. Moreover, numerous mission-critical applications

which are typically performed in a distributed environment, such as flight control

systems and control systems in nuclear power plants, require the existence of systems

which can cope with failures of some devices. The importance of the the problem

studied in this work lies in the fact that Broadcast is a basic communication primitive

which can be used to compose more complex procedures that require communication

in an unreliable distributed environment.


Analysis and Measurements of DNS Amplification Attacks

Dimitrius P. Iracleous 1, Nicolas Doukas 2 and K. Bourro 3

1 Department of Mathematics and Engineering Sciences, Hellenic Military Academy,


and

University of Herthfordshire


2 Department of Mathematics and Engineering Sciences, Hellenic Military Academy,



3University of Herthfordshire

Abstract A DoS attack is a malicious attempt by a single person or a group of people to

cause the victim, site, or node to deny service to its customers. Distributed denial of

service attack (DDoS attack) is an extended form this attack (DoS) and can be

implemented in many ways. A popular form of DDoS takes advantage of Domain Name

Server (DNS) to amplify an attack and can be initialized by one or multiple computers

to a specific target.

The main mechanism used is simple and it consists of a DNS query of a type called

'ANY' by sending a DNS name lookup request to an open DNS server with the source

address spoofed to be the target’s address.

Should this query be sent to an authoritative or non-authoritative DNS server, this

returns all known information about a DNS zone in a single. As anyone can see the size

of the response is much larger than the request. In order to deal with it and to be able

to increase to a huge amount of traffic attackers can benefit botnets for creating a large

number of spoofed DNS queries or even a mis-configured Domain Name System (DNS)

server which could be exploited to participate in a distributed denial of service (DDoS)

attack. Therefore, a lot of malicious hosts coordinate to flood the victim from multiple

points.

A strong example of a DDOS -not a DNS amplification attack- is the one that

happened last September (year 2013) to a web site that wants to remain anonymous but

happens to be protected by cloud security vendor Incapsula who managed to cope with

the attack.

It was a massive nine-hour barrage attack that leveled an unrelenting 100 Gigabits

of traffic at its peak, where leveraged raw bandwidth was under the control of the

attacker and was not a DNS reflection or amplification attack. The most outstanding




thing about this attack is that it did not use any amplification, which means that they

had 100 Gigabits of available bandwidth on their own and that type of bandwidth is not

cheap or readily available. In addition now with an amplification attack and to be

certain the CloudFlare (300 Gbps data traffic) we can see though these two types of

attacks exploits to become very noticeable lack of proper configuration and

customization from DNS Servers (DNS Open Recursor problem- ANY) in substance

amplification may approved stronger attacks because their target is not only one server

or one web-site and its network traffic but the network traffic in internet as well.

In this work a theoretical analysis of the problem is given, as well as the basic

mitigation approaches. Also two real servers are attacked and the results are measured

and evaluated. The results will be provided to an Intrusion Detection System (IDS) to

properly detect similar malicious activities

References

[1] T. Deshpande, P. Katsaros, S. Basagiannis & S.A. Smolka: Formal analysis of the DNS

bandwidth amplification attack and its countermeasures using probabilistic model

checking, in High-Assurance Systems Engineering (HASE), 2011 IEEE 13th

International Symposium, November 2011, pp. 360-367.

[2] G. Kambourakis, T. Moschos, D. Geneiatakis & S. Gritzalis: Detecting DNS

amplification attacks, in Critical Information Infrastructures Security, 2008, pp. 185-

196). Springer Berlin Heidelberg.

[3] F. Guo, J. Chen, & T.C. Chiueh: Spoof detection for preventing dos attacks against

dns servers, in Distributed Computing Systems, ICDCS 2006, 26th IEEE

International Conference, 2006, pp. 37-37.

[4] C. Sun, B. Liu, & L. Shi: Efficient and low-cost hardware defense against DNS

amplification attacks, in Global Telecommunications Conference, November 2008,

IEEE GLOBECOM 2008, pp. 1-5.

[5] G. Kambourakis, T. Moschos, D. Geneiatakis & S. Gritzalis: A fair solution to DNS

amplification attacks, in Digital Forensics and Incident Analysis, August 2007,

WDFIA 2007, Second International Workshop, pp. 38-47.

[6] G. Zhang, S. Ehlert, T. Magedanz, & D. Sisalem: Denial of service attack and

prevention on SIP VoIP infrastructures using DNS flooding, in Proceedings of the 1st

international conference on Principles, systems and applications of IP

telecommunications, July 2007, pp. 57-66. ACM.


A Performance Engineering Study for Delay Tolerant

Networks

Christos Tselikis1, Athanasios Poulakidas2,

Charalampos Vangelatos3 and Aggelis Aggelis4

Hellenic Aerospace Industry S.A., Athens Head Office

Athens Tower, 2-4 Mesogion Ave., GR-115 27, Greece

E-mails: [email protected] 1, [email protected] 2,

[email protected] 3,

[email protected] 4

Abstract This work overviews the usage of Delay Tolerant Networks (DTN) in military

scenarios where disrupted communications (due to long distances, movement, harsh

terrain or weather conditions) become prevalent. The DTN architecture (RFC 4838)

and the Bundle Protocol standard (RFC 5050) provide the specifications for DTN

implementations which can be suitably customized to overcome those hard conditions

and assist to establish and sustain end-to-end tactical communications. We focus on

three possible scenarios, namely a) bridging of mobile troops with DTN-aware UAV, b)

surveillance with DTN-aware UAV using direct communication between a Base Station

and the UAV and c) bridging of tactical data networks using DTN over satellite links.

For those scenarios we are particularly interested in developing high-performance,

DTN-enabled Linux-based router/gateway devices with embedded security capabilities.

We analyze the factors that can affect the DTN performance. In this respect, in

laboratory conditions we conduct performance measurements using different DTN

configurations of the DTNRG’s DTN2 Reference Implementation. The experimental

results are interpreted in order to optimize our developments in software and

hardware.






Cryptosystems and Chaos

Theory



Image Encryption Scheme Based on Non-autonomous

Chaotic Systems

Christos K. Volos1, Ioannis M. Kyprianidis2

Ioannis Stouboulos3 and Viet-Thanh Pham4

1 Department of Mathematics and Engineering Sciences, Hellenic Military Academy



2,3Physics Department, Aristotle University of Thessaloniki

Thessaloniki, GR-54124, Greece

E-mail: [email protected] 2, [email protected] 3

4School of Electronics and Telecommunications, Hanoi University of Technology

01 Dai Co Viet, Hanoi, Vietnam


Abstract In recent years, confidentiality of information, and especially in military

operations, is an essential feature since the communications over open networks occur

more and more frequently. Also, digital image information has become very important

because of the vitality and visualization. So, reliable, fast and secure communication

systems must be implemented to transmit images or photographs in many

applications, such as photographs from military satellites, drawings of military

establishment, fingerprint images of authentication systems etc.

As it is known, digital images have some very characteristic features such as, bulk

data capacity, strong correlation among adjacent pixels, redundancy of data, being less

sensitive compared to the text data and existence of patterns and backgrounds.

Therefore, because of these features, traditional ciphers like AES, DES, IDEA and RSA,

are not suitable for real time image encryption as these ciphers require a large

computational time and high computing power. Nowadays, there are two major

approaches that are used to protect digital images from attackers. The first one is the

information hiding, such as digital watermarking of an image [1], while the second one

is the encryption, which includes conventional encryption techniques and others such

as chaotic encryption [2-3].

Furthermore, in the last decades, nonlinear systems and especially chaotic systems

have aroused tremendous interest because of their applications in several disciplines

including meteorology, physics, engineering, economics, biology, and philosophy [4].

Chaos theory studies the behavior of dynamical systems that are highly sensitive on

initial conditions, an effect which is popularly referred to as the “Butterfly Effect”. This

means, that small differences in initial conditions (such as those due to rounding errors

in numerical computation) yield widely diverging outcomes for such dynamical





systems, rendering long-term prediction impossible in general. This happens even

though these systems are deterministic, meaning that their future behavior is fully

determined by their initial conditions, with no random elements involved. In other

words, the deterministic nature of these systems does not make them predictable.

Nowadays it is known, that cryptography and chaos have a structural relationship

due to their many similar properties [5]. As a result of this close relationship several

chaotic cryptosystems have been presented. One of the most interesting way through

which chaotic cryptosystems can be realized is via the implementation of Chaotic

Random Bit Generator (CRBG). Until now, the great majority of such generators are

based on autonomous nonlinear dynamical systems, in order to use the independence

of these systems to external sources. However, in the present work a novel CRBG,

which is based on a non-autonomous dynamical system, is examined. For ridding from

the system the influence of the external source and increasing the security of the

proposed generator, the Poincaré section for sampling the signal has been used.

So, the first step to design the proposed image encryption scheme, is to choose one

of the most well-known non-autonomous chaotic systems, the Duffing – van der Pol,

which is used in the CRBG. The produced bitstream is a result of the X-OR function in

the outputs of two threshold circuits that use two same variables (x) by the two Duffing

– van der Pol’s Poincaré maps. Next, this bit sequence is subjected to the de-skewing

technique to extract unbiased bits with no correlation and so to increase their

complexity, as it is confirmed by the statistical test suite, FIPS-140-2.

The values of the system’s parameters and initial conditions are the keys of the

proposed cryptographic scheme. The produced bits sequence is used to encrypt and

decrypt digital images. Statistical analysis by using histogram analysis, correlation of

two adjacent pixels, differential analysis and information entropy, confirmed the

robustness of the encryption process against various known statistical attacks.

References

[1] M. M. Yeung and S. Pankanti: Verification cryptosystems: issues and challenges, Journal of Electronic Imaging, 9(2000), pp. 468-476.

[2] L. Zhang, X. Liao and X. Wang: An image encryption approach based on chaotic maps, Chaos, Solitons & Fractals, 24(2005), pp.759-765.

[3] Ch. K. Volos, I. M. Kyprianidis and I. N. Stouboulos: Image encryption process based on chaotic synchronization phenomena, Signal Processing, 93(2013), 1328-1340.

[4] C. Grebogi and J. Yorke: The impact of chaos on science and society, United Nations University Press, 1997.

[5] G. Alvarez and S. Li: Some basic cryptographic requirements for chaos based cryptosystems, International Journal of Bifurcation and Chaos, 16(2006), pp.2129-2151.


Secure Text Encryption Based on

Hardware Chaotic Noise Generator

Antonios S. Andreatos1 and Christos K. Volos2

1Division of Computer Engineering and Information Science

Hellenic Air Force Academy, Dekeleia Air Force Base

Dekeleia, Attica, TGA-1010, Greece


2Department of Mathematics and Engineering Sciences,

Hellenic Military Academy



Abstract In the last decades, the success of many military operations critically depends

on our ability to create confidential channels of communication. In more detail, at

military operations, generals require command and control systems to relay orders

down to the chain of command without the fear of enemy interception. So, in these

operations secrecy is essential for success. This secrecy is achieved with the use of

cryptography.

Especially, the textual information security can be satisfied with the direct

application of many well-established encryption schemes, such as Data Encryption

Scheme (DES), International Data Encryption Algorithm (IDEA) and Advanced

Encryption Scheme (AES) [1]. However, this field is constantly evolving, as a great

number of research groups’ work in this field in order to achieve encryption systems

with improved characteristics regarding their safety.

In addition, nonlinear systems and especially systems, which show chaotic behavior

have attracted the interest of the research community, due to the great number of

applications in various scientific fields, such as social sciences, ecology, electronic

circuits, lasers, chemical reactions, fluid dynamics, mechanical systems etc [2, 3].

Chaotic systems revealed that despite of the knowledge of their evolution rules and

initial conditions, their future seemed to be arbitrary and unpredictable.

Furthermore, due to the aforementioned characteristic, an interesting relationship

between chaos theory and cryptography has been developed in the last two decades.

This occurs because many properties of chaotic systems such as: sensitivity on initial

conditions or system’s parameters, ergodicity, deterministic dynamics and structural

complexity can be considered analogous to the diffusion with small change in plaintext

or secret key, confusion, deterministic pseudo-randomness and algorithmic complexity

properties of traditional cryptosystems [4]. As a result of this close relationship, several

chaos-based cryptosystems, which play important role especially in military operations



because of the significant strategic advantage that these systems provide, have been put

forward since 1990.

Also, in the last decade, the security of many cryptographic systems is more and

more based on random number generators. These generators, that produce random

sequences of numbers, can be classified into three major types: True Random Number

Generators (TRNGs), Pseudo-Random Number Generators (PRNGs) and Hybrid

Random Number Generators (HRNGs) [5], depending on the source of randomness.

So, this work is devoted to a novel Chaotic Random Number Generator (CRNG)

based on two chaotic systems (Chua [5] and Suykens [6]) belonging to the well-known

double-scroll family. The values of the systems’ parameters and initial conditions are

the keys of the proposed cryptographic scheme. The produced “random” numbers

sequences are used to encrypt and decrypt texts, which is a very useful application,

especially in the case of military operations, as it was mentioned.

The proposed cryptosystem is realized by the Arduino, an open-source physical

computing platform based on a simple microcontroller board. The generated by the

proposed CRNG number sequences are subjected to statistical tests of randomness to

detect the specific characteristics expected of random number sequences. Finally, the

advantages of the specific technique and some thoughts for future work will be

discussed.

References

[1] J. Katz and Y. Lindell: Introduction to Modern Cryptography: Principles and Protocols, CRC Press, 2008.

[2] L. D. Kiel and E. W. Elliott: Chaos Theory in the Social Sciences: Foundations and Applications, Michigan University Press, 1997.

[3] S. Banerjee: Applications of Chaos and Nonlinear Dynamics in Engineering – Vol. 1, Springer, 2011.

[4] G. Alvarez and S. Li: Some basic cryptographic requirements for chaos based cryptosystems, Int. J. Bifurcat. Chaos, 16(2006), pp. 2129-2151.

[5] T. Shu: Uniform Random Numbers: Theory and Practice, Kluwer Academic Publishers, 1995.

[5] L. O. Chua: Chua’s circuit 10 year later, Int. J. Bifurcat. Chaos, 22(1994), pp. 279-305.

[6] J. A. K. Suykens and J. Vanderwalle: Genaration of n-Double Scrolls (n = 1, 2, 3, 4,…), IEEE Trans. Circuits Syst. I, 40(11) (1993), 861-867.


Audio Steganography Telecom System Based on Hénon

Chaotic Map

Antonios S. Andreatos 1 and Apostolos P. Leros 1,2

1 Div. of Computer Engineering & Information Science

Hellenic Air Force Academy, Dekeleia Air Force Base

Dekeleia, Attica, TGA-1010, Greece


2 Department of Automation, School of Technological Applications

Technological Educational Institute of Sterea Hellas,

GR-34400 Psachna, Evia, Greece


Keywords: Stegosystem, Steganography, cryptography, cover audio signal, Hénon

map, chaotic map, Random Number Generator, simulation, Matlab.

Abstract This paper presents an audio steganography telecom system based on

Hénon's chaotic map. Cryptography and steganography techniques are employed.

Initially the plain text is encrypted using a symmetric cryptographic function based on

Henon's map, to produce the ciphertext; next, the ciphertext is randomly distributed

(hidden) in a cover audio signal, in a stochastic mode. A pseudo-random number

generator has been employed to achieve this feature. The resulting stego sound is

transmitted over the (insecure) channel.

At the receiver the ciphertext is firstly retrieved from the incoming stego signal; then,

the same Hénon map system is used to produce an identical chaotic signal, which is

subtracted from the ciphertext in order to produce the initial plain text (Figure 1).

Simulation results from Matlab will be presented (Figure 2). The whole system presents

interesting security features. The Hénon map is produced by the solution of two

coupled first-order differential equations:

Using the proposed system we can encrypt clear text messages (in ASCII). The

following example presents the encryption of a paragraph from Pericles' Funeral

Oration as recorded by Thucydides (II, 41):

Cleartext:

Rather, the admiration of the present and succeeding ages will be ours, since we have

not left our power without witness, but have shown it by mighty proofs; and far from

needing a Homer for our panegyrist, or other of his craft whose verses might charm for





the moment only for the impression which they gave to melt at the touch of fact, we

have forced every sea and land to be the highway of our daring, and everywhere,

whether for evil or for good, have left imperishable monuments behind us.

Ciphertext:

Pcsejf2"yjb&Ydrkrauhmq!rf

xl^#pwg{jpn!eka#qwîdh]lsc#emev#•gok#_d#lxtm,#thide"ye#j`xi!jlt#ofes(kwn"svzfv

#}eufpsx"zarldyv,#^wt hbrd#ybtsu#gz#cv(ggîrw!nympdr;#iqb#cbo&punr#pmbgjqh

^#Egohp#fr| nnt lesciwsjpv%#np#vqjht'ck!mcp#gv`bp#tiowj!somsgv

pnccq"fkgwr!dpr#sjh%pnpfns"jno•%dps"yhg#iivhjqxktl#upsda!the}#]_{b#wl#rkpx#]

x#|jb#qrzel"np#l`cw'$yj#n`•e#eopgc^$ezZuq sf`%ajb i`ke#|u

_d"rha(fmgpq^x#jb"o}u h[rlkl3&eo[#ariuxvlgp`-

#•ejqihw!eoo#cygm#lu#òs#arme."g_yh"qdbv#hkkgyhpha]oj$nluogkmut!cafgol!{o0

Figure 1 presents a simplified block diagram of the proposed crypto-stego-system.

Fig. 1 – Simplified block diagram of the proposed Stegosystem (draft)

Figure 2 presents an audio stego signal containing the above ciphertext.


Fig. 2 – Stego signal

transmitted over the

insecure

channel

The

system

works

with

both

mono and stereo audio signals. In case of stereo audio signals, the ciphertext is

randomly spread in both channels with equal probability.

References

[1] M. A. Hénon: A Two-dimensional Mapping with a Strange Attractor, Commun.

Mathematical Physics 50 (1976), pp. 69-77.

[2] Chen Ching-Kun, Lin Chun-Liang and Chiu Yen-Ming: Data Encryption Using ECG

Signals with Chaotic Hénon Map, International Conference on Information Science

and Applications (ICISA), 21-23 April 2010.

[3] Hassan Al-Shameri Wadia Faid: Dynamical Properties of the Hénon Mapping, Int.

Journal of Math. Analysis, 49 (6) (2012), pp. 2419 - 2430.

[4] A.S. Andreatos and A. P. Leros: A StegoSystem with advanced security features –

Simulated in Matlab, in Proc. of PCI 2012, 16th Panhellenic Conference on

Informatics. October 5- 7, 2012, University of Piraeus, Greece.

[5] T. Morkel, J.H.P. Eloff and M.S. Olivier: An overview of Image Steganography, in

Proc. Fifth Annual Information Security South Africa Conference (ISSA2005),

Sandton, South Africa, June/July 2005.

[6] Dr E. Walia and P. Jain: An analysis of LSB & DCT based Steganography, Global

Journal of Computer Science and Technology, 10 (1) (2010), pp. 4-8.



Biometrics and Cryptography



Biometric Science and Applications

Dimitrios I. Antonoglou 1, Georgios I. Antonoglou 2,

Konstantinos Minasidis 3 and Alexandros I. Golfos 4

11 M.B.A., M.Sc., B.Sc. Health economist, Police Officer

Police Directorate of Thessaloniki

Cash Management Department

Nikomideias 17 - A. Ilioupoli

Thessaloniki, PC 56431


2 MD, MSc Health Administration, Police Officer

Security Police Subdirectorate of Southeast Attica

Nikomideias 17 - A. Ilioupoli

Thessaloniki, PC 56431


3 MSc, BSc Economist

Second Lieutenant of Economics

Central Fund Army of Chania

Camp " Stefanaki " - Vlites

Chania , PC 73,200


4 MSc, BSc Economist

Second Lieutenant of Economics

Central Fund Army of Chania

Camp " Stefanaki " - Vlites

Chania , PC 73,200


Abstract Security is one of the most important factors to ensure an entity, public or

private. The most common protection schemes are based on the use of codes and smart

cards. However, these traditional patterns are characterized by a weakness that make

them vulnerable and that’s why biometric technology is the most effective modern

solution.

The term biometric refers to the automated recognition of a person based on

physiological characteristics or behavior. A biometric system is essentially a pattern

recognition system, which verifies the identity by determining the authenticity of a

particular biological feature. This is an emerging authentication method, which in

recent years seems to be gaining ground over traditional methods that use passwords

or PINs, for two main reasons. The first is that the person does not need to bring with






him a document or remember passwords. The second is a dramatically enhanced

security, due to the use of unique, human characteristics for recognition. It is no

coincidence therefore that the biometric technology is evolving rapidly and today finds

application in many diverse environments.

Biometrics is an advanced method for identifying a person's identity based on some

physical characteristics that are unique to each person, such as fingerprint, palm , iris

of the eye , etc. This method is utilized already in official documents of state services,

such as passports. Those subject to the control of physical characteristics, in order to

prove their identity, should do an action, for example touch their finger to a fingerprint

"reader" or look at an iris recognition device , which ensures to a large extent of their

identification. But this also creates certain psychological "nuisance". For the same

reason the biometric method that seems to be gaining ground and penetrates in many

applications is the face recognition. A combination of systems, based primarily in

cameras and computer programs, may proceed to identify an individual without having

to take some action. These systems scan through a camera the facial geometry that

consists of a number of parameters such as distance between the eyes , the size of the

mouth , face shape and many others. These elements combined together can create a

model, which is unique for each person. The method of recognizing the person may be

considered a more functional and user-friendly, but a much more complex and

technologically difficult, because analyzing a combination of characteristics of man.

Today, however, "smart" programs that analyze images of the face from the cameras

that can extract reliable conclusions to identify an individual are developed. Facial

recognition can be used in many applications, primary in controlling physical access to

different places, where only those people that are authorized can enter. Also , it is very

likely that in the future face recognition systems will be developed for security reasons,

which will control who is licensed or not to operate a computer or even who will be

able to drive a car or not . Meanwhile, face recognition with modern technological

methods can be exploited by security services to search suspects in public places, for

example in airports.

The purpose of this presentation is to introduce the reader to the concept of

biometrics, by identifying its strengths and weaknesses. This is achieved by recording

the workings of biometric systems, referring to the prevailing biometric technologies of

the market and the general area, investigating the various biometric applications,

recording the concerns about privacy issues, and finally covering safety issues

associated with the use of biometric technology.

Initially, there is a distinction of biometric systems in certification systems and

recognition systems, as well as in physical systems and logical access, and the

differences between them are developed. After this familiarization of the reader with

the purposes and methods of biometric, all the known biometric technologies are

developed, that exploit features of the physiology of the individual. Specifically, the


scanning of finger, face, iris, hand, retinal, as well as the scanning AFIS, is examined in

separate sections. The issues that concern us are the components, how they work, the

dominant technologies, the applications, and the advantages and disadvantages of each

technology.

Depending on the role of the individual, applications are distinguished in civil,

administrative staff applications and commercial applications or customer applications.

Based on this classification, we move further and develop the main biometric

applications, the forensic identification, recognition society, surveillance, access to

computers and networks, physical access, electronic trade and commerce at the point

of sale. For each one of these applications typical uses, the technologies, vertical

markets, new trends, cost of development, and implementation issues are considered.

Finally, the Service of Greek Police, Division of Forensic Laboratories is presented,

which is dedicated to biometric methods in the area of security and in particular the

object, the powers, composition and working methods and methodology.

Throughout the spectrum of this paper, it is demonstrated that the biometric solution

is applied in many cases, and that it moves into the realm of scientific experiment.

Indeed, biometric security today solves problems, protects personal information, and is

a source of revenue for many companies. The challenge of course is to be able to be

spreaded more extensively and to conquer the market, maintaining the same level of

reliability and responsibility. Afterwards, all the conditions that must be met for the

dissemination and establishment are developed.


RNA/DNA Encryption Method- Another Encryption Algorithm (YEAY)






Keywords: DNA encryption, encryption algorithm

Abstract The DNA cryptography is a new and very promising direction in

cryptography research. DNA can be used in cryptography for storing and transmitting

the information, as well as for computation. Although in its primitive stage, DNA

cryptography is shown to be very effective. Currently, several DNA computing

algorithms are proposed for quite some cryptography, cryptanalysis and steganography

problems, and they are very powerful in these areas. However, the use of the DNA as a

means of cryptography has high tech lab requirements and computational limitations,

as well as the labor intensive extrapolation means so far. These make the efficient use

of DNA cryptography difficult in the security world now. Therefore, more theoretical

analysis should be performed before its real applications.

The fundamental idea behind this encryption method is the exploitation of DNA

cryptographic strength and easy application. In this project, real DNA is used to

perform the cryptography process; The theoretical analysis and experiments show this

method to be efficient in computation, storage and transmission; and it is very

powerful against certain attacks. Thus, this method can be of many uses in

cryptography, such as an enhancement insecurity and speed to the other cryptography

methods. There are also extensions and variations to this method, which have

enhanced security, effectiveness and applicability.

A Matlab program is used on order to decide for the algorithm strength and web

services are proposed for application into this method.



An Investigation of an Artificial Neural Network Method for

Personal Identification using Kinematic Parameters from

Specific Body Parts

Konstantinos Havenetidis 1, George P. Paradisis 2 ,

Irene S. Karanasiou 3, and George J. Tsekouras 3

1 Department of Physical and Cultural Education, Hellenic Military Academy,



2 Department of Physical Education and Sports Science, National and Kapodistrian

University of Athens, 141 Ethnikis Antistasis Str.,

Dafni, GR- 172 37, Greece


3Department of Mathematics & Engineering Sciences, Hellenic Army Academy,



4Electric Circuits Laboratory, Electrical Engineering and Computer Engineering

Department, Hellenic Naval Academy, Terma Hatzikiriakou, Hatzikiriakio, Piraeus,

GR-18539, Greece


Keywords: Artificial neural network, body motion, kinematic parameters, person

identification

Abstract A preliminary study [1] indicated that body motion analysis can be used as an

artificial neural network method for personal identification. However, lack of

additional data and statistical power prevented results’ generalization. AIM: The

present study investigated the use of additional kinematic data via a body motion

analysis system in order to accurately identify individuals throughout specific periods

of time.

1. Methodology

Sixteen males participated in a series of running trials interspersed with an eight-week

training period. Body motion analysis comprised data from video recordings during

running. After video analysis, various kinematic parameters related to motion of

specific body parts (trunk, hip, knee, calf) were compared in order to measure body

motion analysis’ recognition efficiency. These kinematic parameters were used as







inputs for a classical artificial neural network (ANN), in order to recognize each

individual, whilst, the output represented the identity of the individual. The ANN’s is

optimized regarding the values of crucial parameters such as the number of neurons,

the time parameter and the initial value of the learning rate, etc. using the evaluation

set. Three identification indices were selected. The general identification index (Ig)

which expressed the % of the correct positive and correct negative identifications to the

total population. The false negative index (If-neg) which expressed the % of the

incorrect identifications of a non-authentic individual and the false positive index (If-

pos) which expressed the % of the incorrect identifications of an authentic individual.

2. Results

The statistics showed that even with the use of 15 additional kinematic parameters the

efficiency of the identification process was not improved. On the contrary, the present

average percentages of the Ig, If-neg and If-pos were lower compared to those obtained

in previous experiments (92.4% vs 98%, 73.3% vs 12.8% and 2.9% vs 1.1% respectively).

Further analysis showed that separately some kinematic parameters provided either

higher If-neg or If-pos values whilst others presented low values in both identification

indices.

3. Conclusions

It seems that the need for satisfying the biometric criterion of social acceptability have

led the investigators to use parameters derived from specific body parts which

diminished the video analysis efficiency and consequently person identification ability

of body motion analysis. Further studies should examine the combination of

distinguishable body motion parameters alongside with other forms of biometric

characteristics.

References

[1] K. Havenetidis, G.P. Paradisis, I.S. Karanasiou and G.J. Tsekouras: The use of body motion as a tool for personal identification, Journal of Computation & Modelling, 4(1) (2014), pp. 311-326.

Documents

Abstracts - Semantic Scholar · D. Poulakis A New Lattice Attack on DSA Schemes 13 ... Multivariate Birkhoff Interpolation 55 ... A. S. Andreatos and C. K. Volos Secure Text Encryption