Journal of Computing and Security
Volume:8 Issue: 1, Winter and Spring 2021

Elliptic curve cryptography (ECC) is one of the most popular public key systems in recent years due to its both high security and low resource consumption. Thus, ECC is more appropriate for Internet applications of Things, which are mainly involved with limited resources. However, non-invasive side channel attacks (SCAs) are considered as a major threat to ECC systems. In this paper, we design a processor for the ECC in the binary field, resistant to differential power attacks (DPA). The main operations in this architecture are randomized Montgomery multiplication and division units, which make it impossible to create DPAs by involving a random number in the calculation process. The goal is to accelerate the operation by opening the loops in the Montgomery randomized multiplication/division units, and accordingly, bit-parallel design instead of bit serial design. The results show that, despite the complexity of the logic in the two/three-bit processing versions, the speed is significantly improved by accepting a slight increasing in the area resource. Further, our design is flexible where in the top-level module, depending on the area-speed trade-off, a variety of multiplier and divisor units can be selected. The FPGA evaluations show that in terms of Time×Slice metric, the 2-bit divider/3-bit multiplier version of our architecture leads to 40% improvement over the best previous work. Further, by duplicating the divider and multiplier modules along the bit-parallel architecture this gain can reach to 50%. In terms of operation speed, our design versions are faster than previous work by a factor of 1.87 and 3.29. Furthermore, ASIC evaluations in term of Time×Area metric, indicate that deploying 2-bit multiplier leads to 19% gain relative to previous well-known work. Moreover, duplication of modules along with bit-paralleling amplifies the overall gain up to 36%.

Cross-Site Request Forgery (CSRF) is an attack in which an infected website causes a victim's browser to perform an unwanted operation on a trusted website. The main solution to tackle this attack is to use random tokens in requests, sent by the browser. Since such tokens cannot be guessed or rebuilt by the attacker, he is not able to forge the requests. The tokens can be specific to a request, a page, or a session. Existing methods for detecting CSRF vulnerabilities mainly rely on simulating an attack by manipulating a request, submitting it to the server, and analysis of the response to the forged request. This kind of test must be repeated for each request in a web application to identify whether the application is vulnerable. Moreover, it may lead to undesired changes to the application database by submitting fake requests.   This paper presents a method to passively detect CSRF-resistant requests by analyzing the traffic to the target website. To this end, we formulate a set of rules to analyze the possible existence of anti-CSRF tokens. Traffic analysis based on the proposed rules outputs resistant requests due to the use of random tokens. Consequently, the requests without such tokens are deduced to be potentially vulnerable. The proposed method is implemented and evaluated by the traffic extracted from several websites. The results confirm that the method can effectively detect anti-CSRF tokens in requests and the more complete the website traffic, the more accurate the results.

By the rapid progress of deep learning and its use in a variety of applications, however, deep networks have shown that they are vulnerable to adversarial examples. Recently developed researches show that using self-supervised learning (SSL) in various ways results in increasing network robustness. This paper examines the effect of a particular type of Contrastive SelfSupervised learning (CSSL) called Momentum Contrast (MoCo) on increasing network robustness to adversarial examples. For this purpose, MoCo is employed as a pre-text task and a deep network is pre-trained for this task. Then fine-tuning will cause to increase the robustness of the network against adversarial attacks examples. A new attack method is introduced based on MoCo and one of the Projected Gradient Descent (PGD) or Fast Gradient Sign (FGSM) methods that do not require any labeled data. Using this corrupted data and adversarial training method, a deep network is pre-trained and the representation provided by it is used to fine-tune downstream tasks that results in increasing network robustness. For an instance, the setup including Resnet50 structure, PGD attack, and MoCo-v1 shows 2.79%, 2%, and 1.35% of improvements comparing to the Jigsaw, Rotation, Selfie, respectively. More details of experiments and the improvements raised by MoCo are given in the results part and show the superiority of MoCo based models on CIFAR-10 and CIFAR-10-C datasets. Also, the obtained results for validating the robustness of proposed models against various noises with different corruption strengths, confirm the resistance of the proposed methods.

Prediction of the peptide-binding site of proteins is a significant and essential task in different processes such as understanding biological processes, protein functional analysis, comparison of functional sites, comprehension of the transactions mechanism, drug design, cellular signaling, and cancer treatment. Predictive analysis of the protein-peptide binding site is one of the most challenging bioinformatics issues. Experimental methods are time-consuming, costly, and laborious. Therefore, we propose a machine learning-based method for predicting protein-peptide binding sites by utilizing enhanced features vector obtained from three-dimensional protein structure and one-dimensional sequence string data. To this end, the genetic programming technique is applied to the obtained basic features extract a more discriminative feature vector. Then support vector machine is employed to determine the binding residue of each amino acid. Finally, the binding sites are predicted using the structure clustering algorithm on the obtained binding residues. The proposed method was evaluated on the Bio Lip dataset. The prediction rate of 92.76% and 93.09% were achieved when 10-fold cross-validation and independent test set respectively used. The acquired results were compared to the performance of other state-of-the-art methods. The proposed method achieves robust and consistent performance using sequence-based and structure-based features for both 10-fold cross-validation and independent tests.