Security, Privacy, and Anonymity in Computation, Communication, and Storage

There are limited numbers of reliable hybrid cryptosystems that can be used to protect IoT smart devices, specifically in smart cities, smart hospitals, smart homes, and industrial fields. Therefore, much related work has to be performed. The aim is to study the trade-off between performance and security in these constrained environments and to achieve more secure hybrid cryptosystem with high demanded performance. Several types of recommended lightweight encryption algorithms will be investigated. These hybrid cryptosystems combine symmetric encryption algorithms such as TEA, XTEA, XXTEA, and asymmetric encryption algorithms such as RSA and ECC. They have the capability to protect IoT smart devices from internet attacks. They can efficiently achieve confidentiality, authenticity, integrity, and non-repudiation. Comparative analysis and evaluation are achieved; hence a robust hybrid cryptosystem was proposed. It uses chaotic theory to generate random keys. The analysis included the most important factors that have to be tackled in case of using lightweight ciphers to suit limited resources of IoT smart devices. Among these factors are security level, memory size, power consumption, encryption time, decryption time, and throughput. Results show that the proposed hybrid cryptosystem that combined ECC and XXTEA gives better security and higher performance than RSA and XXTEA with 40%.

The Internet of Things (IoT) defines a new era where ordinary physical objects are being transformed into smart connected devices. These advanced devices have the ability to sense, compute, and communicate with their surroundings via the Internet. This may result in severe network security breaches, as these devices in-crease the attack surface by exposing new vulnerabilities and infiltration points into restricted networks. One of the major challenges in such deployments is determining the security risks that IoT devices pose to the environment they operated in. This paper proposes an IoT device risk score model, denoted as the Weighted Risk Ranking (WRR) model. The proposed approach focuses on quantifying the static and dynamic properties of a device, in order to define a risk score. Our practical proof of concept demonstrates the use of the WRR scheme for several IoT devices in the context of an enterprise network, showing the feasibility of the suggested solution as a tool for device risk assessment in modern networks where IoT devices are widely deployed.

Just as the world of consumer devices was forever changed by the introduction of computer controlled solutions, the introduction of the engine control unit (ECU) gave rise to the automobile’s transformation from a transportation product to a technology platform. A modern car is capable of processing, analysing and transmitting data in ways that could not have been foreseen only a few years ago. These cars often incorporate telematics systems, which are used to provide navigation and internet connectivity over cellular networks, as well as data-recording devices for insurance and product development purposes. We examine the telematics system of a production vehicle, and aim to ascertain some of the associated privacy-related threats. We also consider how this analysis might underpin further research.

In the last decade, with the advent of Internet of Things (IoT) and Big Data phenomenons, data security and privacy have become very crucial issues. A significant portion of the problem is due to not utilizing appropriate security and privacy measures in data and computational infrastructures. Secure multiparty computation (secure MPC) is a cryptographic tool that can be used to deal with the mentioned problems. This computational approach has attracted increasing attention, and there has been significant amount of advancement in this domain. In this paper, we review the important theoretical bases and practical advancements of secure multiparty computation. In particular, we briefly review three common cryptographic primitives used in secure MPC and highlight the main arithmetic operations that are performed at the core of secure MPC protocols. We also highlight the strengths and weaknesses of different secure MPC approaches as well as the fundamental challenges in this domain. Moreover, we review and compare the state-of-the-art secure MPC tools that can be used for addressing security and privacy challenges in the IoT and big data analytics. Using secure MPC in the IoT and big data domains is a challenging task and requires significant expert knowledge. This technical review aims at instilling in the reader an enhanced understanding of different approaches in applying secure MPC techniques to the IoT and big data analytics.

We outline our computational framework for identity. We have a prototype web application, but this paper is a conceptual level. The interest is in identity as an equivalence relation and how information can be evidence for identity hypotheses. Our account is based on the situation theory of Barwise and Perry. We consider a (legal) identity case to be a constellation of situations, and we indicate how the structure of such a case facilitates discounting and combining evidence using Dempster-Shafer theory. Semantic Web resources are used to capture the structure of evidence as it relates to situations. We have developed OWL ontologies and use the concepts therein defined in RDF triple stores to capture case data. URIs (as used in the Semantic Web) are used for unambiguous references to individuals. We sketch a scenario that uses two biometric modalities in an uncontrolled environment and show how our framework applies. Recently, biometrics has gained the limelight as a means to identify individuals, but much else may be available for this task, including sensor data, witness reports, and data on file. To our knowledge, this is the only framework that in principle can accommodate any kind of evidence for identity. It is not an alternative to biometrics, but rather provides a way to incorporate biometrics into a larger context.

Biometrics is used to authenticate an individual based on physiological or behavioral traits. Mouse dynamics is an example of a behavioral biometric that can be used to perform continuous authentication as protection against security breaches. Recent research on mouse dynamics has shown promising results in identifying users; however, it has not yet reached an acceptable level of accuracy. In this paper, an empirical evaluation of different classification techniques is conducted on a mouse dynamics dataset, the Balabit Mouse Challenge dataset. User identification is carried out using three mouse actions: mouse move, point and click, and drag and drop. Verification and authentication methods are conducted using three machine-learning classifiers: the Decision Tree classifier, the K-Nearest Neighbors classifier, and the Random Forest classifier. The results show that the three classifiers can distinguish between a genuine user and an impostor with a relatively high degree of accuracy. In the verification mode, all the classifiers achieve a perfect accuracy of 100%. In authentication mode, all three classifiers achieved the highest accuracy (ACC) and Area Under Curve (AUC) from scenario B using the point and click action data: (Decision Tree - ACC: 87.6%, AUC: 90.3%), (K-Nearest Neighbors - ACC: 99.3%, AUC: 99.9%), and (Random Forest - ACC: 89.9%, AUC: 92.5%).

Biometric authentication is becoming more prevalent for secured authentication systems. However, the biometric systems can be deceived by the imposters in several ways. Among other imposter attacks, print attacks, mask-attacks, and replay-attacks fall under the presentation attack category. The biometric images, especially iris and face, are vulnerable to different presentation attacks. This research applies deep learning approaches to mitigate the presentation attacks in a biometric access control system. Our contribution in this paper is two-fold: first, we applied the wavelet transform to extract the features from the biometric images. Second, we modified the deep residual neural net and applied it on the spoof datasets in an attempt to detect the presentation attacks. This research applied deep learning technique on three biometric spoof datasets: ATVS, CASIA two class, and CASIA cropped image sets. The datasets used in this research contain images that are captured both in a controlled and uncontrolled environment along with different resolution and sizes. We obtained the best accuracy of 93% on the ATVS Iris dataset. For CASIA two class and CASIA cropped datasets, we achieved test accuracies of 91% and 82%, respectively.

Geo-distributed data processing is affected by many factors, some countries or regions prohibit the transmission of original user data abroad. Therefore, it is necessary to adopt a non-centralized processing method for these data, but at the same time, many problems will arise. Firstly, it is unavoidable to transfer job’s intermediate data across regions, which will result in data transmission cost. Secondly, the WAN bandwidth is often much smaller than the bandwidth within clusters, which makes it easier to become the bottleneck of geo-distributed job. In addition, because the idle computing resources in the cluster may change with time, it will also cause some difficulties in task scheduling. Therefore, this paper considers the problem of task scheduling for big data jobs on geo-distributed data, considering the budget constraints on intermediate data trans-regional transmission, and without moving the original data. we design a budget-constrained task scheduling strategy CETS. Through the experimental analysis of different scenarios, the effectiveness of the proposed algorithm strategy is verified.

Time-varying operational modal analysis (OMA) can identify the transient modal parameters for the linear time-varying (LTV) structures only from the time domain nonstationary vibration response signal measured by vibration response sensors. However, because large-scale sensors data poses significant problems for data processing and storage, methods with excessive computation time and memory requirements are unsuitable for online, real-time health monitoring and fault diagnosis. Recently, the emergence of sensor-cloud greatly improves the computing power and storage capacity of traditional wireless sensor networks by combining cloud computing. Therefore, sensor-cloud can be used to deal with data problems in OMA: the wireless sensor networks layer is used to collect data and the calculations are performed on the cloud computing platform. Furthermore, a limited memory eigenvector recursive principal component analysis (LMERPCA) based OMA method is designed to reduce the runtime and memory requirements and facilitate online process in conjunction with the cloud computing. This approach combines moving window technology and eigenvector recursive principal component analysis method and can identify the transient natural frequencies and modal shapes of slow LTV structures online and in real time. Finally, modal identification results from a cantilever beam with weakly damped and slowly time-varying density show that the LMERPCA-based OMA can identify the transient modal parameters online. Compared with limited memory principal component analysis (LMPCA)-based OMA, the LMERPCA-based approach has a faster runtime, lower memory space requirements, higher identification accuracy, and greater stability.

The absorption and scattering are the main problems affecting high-speed data transmission in underwater visible light communication system (UVLC). To address these problems, we propose the imaging multiple input multiple output (MIMO) system for the underwater communication in this paper. Furthermore, the proposed system uses imaging lens to separate the light signal resulting in that decreasing disturbance of the proposed system is better than that of non-imaging MIMO. In this paper, aiming at the problem of high bit error rate (BER) caused by channel correlation in underwater imaging optical MIMO communication system, a precoding algorithm based on received signal Euclidean distance of imaging multiple input multiple output-orthogonal frequency division multiplexing (MIMO-OFDM) is proposed. In order to maximize the minimum Euclidean distance of the received signal set, the precoding matrix is solved under the constraints of the non-negative optical signal and the total power. The system uses the precoding matrix to precode the signals and the receiver detects signals through the maximum likelihood algorithm with the channel matrix and the optimal precoding matrix. The simulation results show that the imaging MIMO system achieves 12 dB gain at the same bit error rate (BER) compared to non-imaging MIMO. Furthermore, the proposed algorithm based on received signal Euclidean distance achieves about 5 dB gain under the same channel compared to the SVD-based precoding algorithm in imaging MIMO system, it greatly improve the BER performance of the imaging optical MIMO-OFDM system in UVLC.

The scheme design of data collection for Underwater Acoustic Sensor Networks (UASNs) poses many challenges due to long propagation, high mobility, limited bandwidth, multi-path and Doppler Effect. In this paper, unlike the traditional underwater sensor network architecture (single sink or multi-sink), we proposed a novel underwater sensor cloud system based on fog computing in view of time-critical underwater applications. In such an architecture, fog nodes with great computation and storage capacity are responsible for computing, dimension reduction and redundant removal for data collected from physical sensor nodes, and then transfer the processed and compressed data to surface center sink node. After that, the center sink sends the received data from fog nodes to cloud computing center. In addition, in this paper we present distance difference and waiting area-based routing protocol, called DDWA. Finally, in comparison with RDBF, naive flooding and HH-VBF, we conduct extensive simulations using NS-3 simulator to verify the effectiveness and validity of the proposed data collection scheme in the context of the proposed architecture.

Fog computing is a conceptual extension of cloud computing. This paper firstly compares the differences and connections between cloud computing and fog computing. Subsequently, a comprehensive analysis of the top journals and conferences related to fog computing in the past five years and 876 articles on WoS search were conducted. Finally, based on the basic structure of fog calculation, the current research status and challenges are also provided.

Space-based Internet of Things (S-IoT) is an important way to realize the real interconnection of all things because of its global coverage, infrastructure independence and strong resistance to destruction. In the S-IoT, a large amount of sensory data needs to be transmitted through a space-based information network with severely limited resources, which poses a great challenge to data collection. Therefore, this paper proposes an approximate data collection algorithm for the S-IoT, namely the sampling-reconstruction (SR) algorithm. The SR algorithm only collects the sensory data of some nodes, and then reconstructs the unacquired sensory data by leveraging the spatio-temporal correlation between sensory data, thereby reducing the amount of data that needs to be transmitted. We evaluated the performance of SR algorithm using real weather data set. The experimental results show that the SR algorithm can effectively reduce the amount of data collected under the condition of satisfying required data collection accuracy.

With the development of the Internet of Things (IoT) and automobile industry in recent years, the Internet of Vehicle (IoV) has become a future direction of automobile development. Due to the large amount of vehicles, the opening of wireless media, the high-speed movement of vehicles and the impact of the environment, it is inevitable to produce abnormal data in IoVs including data tampering, loss, disorder and so on. However, there are few systematic research results for outlier detection of IoVs. The usability of the existing outlier detection schemes and their performances are not yet evaluated. To this issue, we select six applicable schemes and propose the outlier detection process for IoVs. Then we evaluate the comparison performances of the proposed schemes on real vehicle data collected by a Focus car.

The spatio-temporal big data of the power grid has experienced explosive growth, especially the development of various power sensors, smart devices, communication devices, and real-time processing hardware, which has led to unprecedented opportunities and challenges in this field. This paper firstly introduces Power Spatio-Temporal Big Data (PSTBD) technologies based on the characteristics of grid spatio-temporal big data, followed by a comprehensive survey of relevant articles analysis in this field. Then we compare the difference between traditional power grid and PSTBD platform, and focus on the key technologies of current PSTBD and corresponding typical applications. Finally, the development direction and challenges of PSTBD are given. Through data analysis and technical discussion, we provided technical supports and decision supports for relevant practitioners in PSTBD field.

Chest X-ray as a sensing mode is worthwhile to be paid attention in terms of its conversation and prevalence, and it as a typical multi-label problem where each example is represented by a single instance while associated with a set of labels simultaneously. Early researches on chest X-ray mainly using Convolutional Neural Network (CNN), although it has outperformance in experiment, diagnosis of chest x-ray as a typical high-risk problem, CNN lacks confidence evaluation its output to make a judgment. To solve this problem, we propose a new framework of Confidence Prediction-Multi-label Convolutional Neural Network (CP-MCNN) that plugs MCNN into Confidence Predictor. It can provide calibrated confidential evaluation for MCNN. On chestx-ray14 dataset, the experimental results show that CP-MCNN performs better than MCNN in terms of Sub-accuracy, Hamming-loss, Ranking-loss and Average Precision. Moreover, CP-MCNN can provide well-calibrated confidence prediction on chest X-ray sensor picture in order to enhance its reliability and interpretability.

It is becoming a trend that companies use smart retail stores to reduce the selling cost, by using the sensor technologies. Deep convolutional neural network models which are pre-rained for the Object detection task achieve state-of-the-art result in many benchmark. However, when applying these algorithms to the intelligent retail system to help automated checkout, we need to reduce the manual labelling cost of making retail data sets, and to achieve real-time demand while ensuring accuracy. In our paper, we propose a naive approach to get first portion of the bounding box annotations for a given custom image dataset in order to reduce manual cost. Experimental results show that our approach helps to label the first set of images in short time of period. Further, the custom module we designed helped to reduce the number of parameters by 41.77% for the YOLO model maintaining the original model’s accuracy (85.8 mAP).

In this study, we analyze and study the feature extraction method based on wavelet transform and Principal Component Analysis (PCA), and propose a method combining symlet 2 wavelet (sym2) and Support Vector Machine (SVM) for face recognition. Firstly, the sym2 is used to wavelet decomposition of the original image, and the decomposed low-frequency information is selected for image reconstruction. Then, the reconstructed data is multi-classified using support vector machine. Experiments were carried out using the internationally published ORL face recognition database, and compared with some classical methods used in ORL face recognition. The experimental results show that the recognition success rate increases with the increase in the training set. When 7 poses are selected for each face (A total of 280 photos are used as training sets) in the data set, the recognition success rate reaches 100%. Therefore, the method proposed in this paper is better than the previous method.

Trajectory reconstruction is one of the key technologies to achieve flight trajectory and ensure the safety of flight. Aircraft Communication Addressing and Reporting System (ACARS) is a digital data link system that transmits short messages by radio or satellite between aircraft and ground station. In this paper, an approach based on adaptive cubic spline interpolation is proposed for ACARS trajectory reconstruction. The ACARS data points of different flight phases are reconstructed, and the appropriate trajectory curve is obtained. This approach is verified in simulation platform by using true flight historical data. Experimental results show that this approach obtained better smoothness and lower error precision than that of traditional trajectory reconstruction algorithm, especially in take-off and landing phases. Improving the degree of cure smoothing and decreasing its error are helpful to the accurate trajectory and position of the flight, which provides a guarantee for the safe operation of the air traffic.

Internet of Things (IoT) is a promising networking paradigm that connects various kinds of sensors and exchanges data from smart devices. Since IoT always related to user’s daily life, the problems of security and privacy are of great importance. Presently, the attribute based encryption (ABE) is a popular solution to guarantee the fine-grained sharing of encrypted data in IoT. In this paper, an attribute based keyword search with lightweight decryption in multi-authority (ABKS-LD-MA) is proposed. Our system supports multi-keyword search in cloud by using searchable attribute based encryption. We also integrate the lightweight decryption to searchable ABE scheme that largely reduces the computing overhead for users. Furthermore, our ABKS-LD-MA scheme supports multi-authority scenario, which is more adaptive to the real IoT environment. The experiment analysis shows that our scheme has relatively lowered the communication cost on IoT devices.

Sensing network of the Internet of Things (IoT) has become the infrastructure for facilitating the monitoring of potential events, where the accuracy and energy-efficiency are essential factors to be considered when determining the boundary of continuous objects. This article proposes an energy-efficient boundary detection mechanism in IoT sensing network. Specifically, a sleeping mechanism is adopted to detect the relatively coarse boundary through applying the convex hull algorithm. Leveraging the analysis of the relation for corresponding boundary nodes, the area around a boundary node is categorized as three types of sub-areas with descending possibility of event occurrence. An optimized greedy algorithm is adopted to selectively activate certain numbers of 1-hop neighboring IoT nodes in respective sub-areas, to avoid the activation of all 1-hop neighboring nodes in a flooding manner. Consequently, the boundary is refined and optimized according to sensory data of these activated IoT nodes. Experimental results demonstrate that our method can achieve better detection accuracy, while reducing energy consumption to a large extent, compared to the state of arts.

Software products are tested using various techniques. These techniques are mostly based on technical and technological diligence and verification which are conducted by an experienced examiner and the absence of which may cause quality assurance issues. Such hindrances may be tackled by using software testing processes. Currently, two most important basic processes exist in software testing industry: manual and automated testing process. The manual process is not recommended when iterative tasks are performed. Additionally, automated testing has many advantages it is time and cost effective with lesser human interference. Selection of an appropriate testing tool is still in infancy way which may lead to problems with any software company. In this research, we propose a quality framework of selection of an appropriate self-driven software quality optimization tools for regression testing by focusing on quality of the final product.

College students are special because they relatively have tighter in economy but have greater consistency in leisure time. They prefer to go out together with schoolfellows due to higher trusts and closeness. Moreover, the electronic map is difficult to be updated. Campus-roads recently are updated rapidly. And many alleys in campuses are not shown in the electronic map. Therefore, we devise and implement a campus carpooling system based on GPS trajectories. It includes three parts. Firstly, the campus road network is extracted based on GPS trajectories. Next, the shortest sharing path in the campus is computed in terms of the campus road network. Then, passengers are matched automatically by the carpooling matching algorithm (CMA) in our system. Experiments show that our system is able to provide a safer and more comfortable carpooling experience for college students.

We and others have shown that machine learning can detect and mitigate web-based attacks and the propagation of malware. High performance machine learning frameworks exist for the major computer languages used to program both web servers and web pages. This paper examines the factors required to use the frameworks as an effective distributed deterrent.

Can computing environments deter system trespassers and increase intruders’ likelihood to cover their tracks during the progression of a system trespassing event? To generate sufficient empirical evidence to answer this question, we designed a series of randomized field trials using a large set of target computers built for the sole purpose of being infiltrated. We configured these computers to present varying levels of ambiguity regarding the presence of surveillance in the system, and investigated how this ambiguity influenced system trespassers’ likelihood to issue clean tracks commands. Findings indicate that the presence of unambiguous signs of surveillance increases the probability of clean tracks commands being entered on the system. Nevertheless, even when given clear signs of detection, we find that intruders are less likely to use clean tracks commands in the absence of subsequent presentations of sanction threats. These results indicate that the implementation of deterring policies and tools in cyber space could nudge system trespassers to exhibit more cautiousness during their engagement in system trespassing events. Our findings also emphasize the relevance of social-science models in guiding cyber security experts’ continuing efforts to predict and respond to system trespassers’ illegitimate online activities.