Andrea Visconti

Concave type-2 fuzzy sets: properties and operations

In this article, concave type-2 fuzzy sets are investigated. The calculation of union and intersection of concave type-2 fuzzy sets using the min t-norm and the max t-conorm are explored and it is proved that the set of concave type-2 fuzzy sets is closed under those operations. It is also shown that the set of LR-normal concave type-2 fuzzy sets forms a commutative semiring under join and meet.

On the calculation of extended max and min operations between convex fuzzy sets of the real line

In this paper we will identify the sets of so-called sub- and pseudo-highest intersection points of convex fuzzy sets of the real line and will explore their properties. Based on the properties of these sets, an algorithm for calculating extended max and min operations between two or more convex fuzzy sets of the real line with general membership functions, not necessarily continuous, is proposed.

Artificial immune system based on interval type-2 fuzzy set paradigm

Abstract: This paper discusses the design and engineering of a biologically-inspired intrusion detection system, based on interval type-2 fuzzy set paradigm, for protecting computer networks. To this end, we have proposed a performance-based Artificial Immune System (AIS) that mimics the workings of an adaptive immune system and consists of a number of running artificial white blood cells, which search, recognize, store and deny anomalous behaviors on individual hosts. The proposed AIS monitors the system through analyzing the set of parameters to provide general information on its state. For the analysis, we have suggested a dynamic technique based on interval type-2 fuzzy set paradigm that enable identifying the system status - i.e. Non-Attack, Suspicious-Non-Attack, Non-Decidable, Suspicious-Attack, Attack. In conclusion, for proving the effectiveness of the suggested model, an exhaustive testing is conducted and results are reported.

Operations on type-2 fuzzy sets based on the set of pseudo-highest intersection points of convex fuzzy sets

One of the main burdens of using general type-2 fuzzy sets relates to the cost of their basic operations. In this paper we will discuss how the set of pseudo highest intersection points of two convex fuzzy sets can be used to provide algorithms for performing union and intersection operations on convex type-2 fuzzy sets with min and product t-norm and max t-conorm.

What Users Should Know About Full Disk Encryption Based on LUKS

Mobile devices, laptops, and USB memory usually store large amounts of sensitive information frequently unprotected. Unauthorized access to or release of such information could reveal business secrets, users habits, non-public data or anything else. Full Disk Encryption (FDE) solutions might help users to protect sensitive data in the event that devices are lost or stolen. In this paper we focus on the security of Linux Unified Key Setup (LUKS) specifications, the most common FDE solution implemented in Linux based operating systems. In particular, we analyze the key management process used to compute and store the encryption key, and the solution adopted to mitigate the problem of brute force attacks based on weak user passwords. Our testing activities show that unwitting users can significantly reduce the security of a LUKS implementation by setting specific hash functions and aggressive power management options.

Secure electronic bills of lading: blind counts and digital signatures

Electronic documents used in the framework of the goods delivery industry—i.e. electronic bills of lading (e-BOLs)—are the enablers of any payment, and therefore exposed to frauds. As of today, e-BOLs are handled by special private companies, which provide paperless trading services through their trade chains. This paper contributes a zero-knowledge open solution to the problem of designing secure electronic bills of lading, in the framework of a shipper-carrier-buyer transmission model. The suggested solution is a cryptographic protocol based on digital signatures and blind merchandise counts—that is, counts that do not reveal any information about actually counted quantities. The model is designed to mitigate a number of security threats and assumes the existence of both a trusted third party and a bank in charge of payment procedures. The paper discusses the drawbacks of the existing proprietary solutions and shows how the suggested open protocol addresses them.

Detecting misbehaving nodes in MANET with an artificial immune system based on type-2 fuzzy sets

Last decade has witnessed an enormous growth in wireless networks that naturally has brought some new research challenges. Related studies conducted have covered several research areas like routing protocols, encrypted authentication protocols, misbehavior detection system and a number of innovative solutions, biologically-inspired and not, have been suggested to several open problems. In this position paper, we present a biologically-inspired type-2 fuzzy set recognition algorithm for detecting misbehaving nodes in an ad-hoc wireless network. This work investigates the possibility of detecting misbehaving nodes, learning bad behaviors, protecting the network from reinfection and mitigating the problem of routing misbehavior without human intervention, exploiting biological techniques evolved over millions of years. In order to protect the system of unwanted behaviors and take under control the number of false positive, our solution mimics the binding process between lymphocytes receptors of the immune cells and antigens.

On the Weaknesses of PBKDF2

Password-based key derivation functions are of particular interest in cryptography because they (a) input a password/passphrase (which usually is short and lacks enough entropy) and derive a cryptographic key; (b) slow down brute force and dictionary attacks as much as possible. In PKCS#5 [17], RSA Laboratories described a password based key derivation function called PBKDF2 that has been widely adopted in many security related applications [6, 7, 11]. In order to slow down brute force attacks, PBKDF2 introduce CPU-intensive operations based on an iterated pseudorandom function. Such a pseudorandom function is HMAC-SHA-1 by default. In this paper we show that, if HMAC-SHA-1 is computed in a standard mode without following the performance improvements described in the implementation note of RFC 2104 [13] and FIPS 198-1 [14], an attacker is able to avoid 50 % of PBKDF2’s CPU intensive operations, by replacing them with precomputed values. We note that a number of well-known and widely-used crypto libraries are subject to this vulnerability.In addition to such a vulnerability, we describe some other minor optimizations that an attacker can exploit to reduce even more the key derivation time.

Augmented Interval Type-2 Fuzzy Set Methodologies for Email Granulation

Email, as one the most popular Internet service is confronted with the plague of spam, which results in bandwidth, time and money waste. Moreover spam has evolved into a true security issue that enforces organizations to fight back in order to address security measures confidentiality, integrity and availability. To this end, we have proposed a dynamic model to classify incoming messages into five granules namely, spam, suspicious-spam, suspicious, suspicious-non-spam and non-spam, using interval type-2 fuzzy set methodologies augmented with the concept of general intervals. Despite the intrinsic complexities of higher order fuzzy sets, the error ratio of misclassification of the proposed method is noticeable. However it should be stressed that no single method can achieve one hundred percent precision, the proposed model should be used in conjunction with other complementing technologies.

Email Granulation Based On Augmented Interval Type-2 Fuzzy Set Methodologies

This paper proposes a dynamic model to classify incoming emails into five granules namely, spam, suspicious-spam, suspicious, suspicious-non-spam and non-spam, using distributed-interval type-2 fuzzy set methodologies. Toward this end we have used the concept of general intervals and applied the distributed intervals in interval type-2 fuzzy sets. The method confirmed that, the process of spam filtering is rather intellectual than statistical and moreover some different methods should be used complementarily to get to the higher precision. Keywords - spam, distributed- interval type-2 fuzzy set, general interval, centroid