Biblio

Recently, the rapid development of Internet of things (IoT) has resulted in the generation of a considerable amount of data, which should be stored. Therefore, it is necessary to develop methods that can easily capture, save, and modify these data. The data generated using IoT contain private information; therefore sufficient security features should be incorporated to ensure that potential attackers cannot access the data. Researchers from various fields are attempting to achieve data security. One of the major challenges is that IoT is a paradigm of how each device in the Internet infrastructure is interconnected to a globally dynamic network. When searching in dynamic cloud-stored data, sensitive data can be easily leaked. IoT data storage and retrieval from untrusted cloud servers should be secure. Searchable symmetric encryption (SSE) is a vital technology in the field of cloud storage. SSE allows users to use keywords to search for data in an untrusted cloud server but the keywords and the data content are concealed from the server. However, an SSE database is seldom used by cloud operators because the data stored on the cloud server is often modified. The server cannot update the data without decryption because the data are encrypted by the user. Therefore, dynamic SSE (DSSE) has been developed in recent years to support the aforementioned requirements. Instead of decrypting the data stored by customers, DSSE adds or deletes encrypted data on the server. A number of DSSE systems based on linked list structures or blind storage (a new primitive) have been proposed. From the perspective of functionality, extensibility, and efficiency, these DSSE systems each have their own advantages and drawbacks. The most crucial aspect of a system that is used in the cloud industry is the trade-off between performance and security. Therefore, we compared the efficiency and security of multiple DSSE systems and identified their shortcomings to develop an improved system.

With the development of modern High-Speed Railway (HSR) and mobile communication systems, network operators have a strong demand to provide high-quality on-board Internet services for HSR passengers. Multi-path TCP (MPTCP) provides a potential solution to aggregate available network bandwidth, greatly overcoming throughout degradation and severe jitter using single transmission path during the high-speed train moving. However, the choose of MPTCP algorithms, i.e., Coupled or Uncoupled, has a great impact on the performance. In this paper, we investigate this interesting issue in the practical datasets along multiple HSR lines. Particularly, we collect the first-hand network datasets and analyze the characteristics and category of traffic flows. Based on this statistics, we measure and analyze the transmission performance for both mice flows and elephant ones with different MPTCP congestion control algorithms in HSR scenarios. The simulation results show that, by comparing with the coupled MPTCP algorithms, i.e., Fully Coupled and LIA, the uncoupled EWTCP algorithm provides more stable throughput and balances congestion window distribution, more suitable for the HSR scenario for elephant flows. This work provides significant reference for the development of on-board devices in HSR network systems.

PRIME protocol is a narrowband power line communication protocol whose security is based on Advanced Encryption Standard. However, the key expansion process of AES algorithm is not unidirectional, and each round of keys are linearly related to each other, it is less difficult for eavesdroppers to crack AES encryption algorithm, leading to threats to the security of PRIME protocol. To solve this problem, this paper proposes an improvement of PRIME protocol based on chaotic cryptography. The core of this method is to use Chebyshev chaotic mapping and Logistic chaotic mapping to generate each round of key in the key expansion process of AES algorithm, In this way, the linear correlation between the key rounds can be reduced, making the key expansion process unidirectional, increasing the crack difficulty of AES encryption algorithm, and improving the security of PRIME protocol.

The Internet of things (IoT) is a distributed, networked system composed of many embedded sensor devices. Unfortunately, these devices are resource constrained and susceptible to malicious data-integrity attacks and failures, leading to unreliability and sometimes to major failure of parts of the entire system. Intrusion detection and failure handling are essential requirements for IoT security. Nevertheless, as far as we know, the area of data-integrity detection for IoT has yet to receive much attention. Most previous intrusion-detection methods proposed for IoT, particularly for wireless sensor networks (WSNs), focus only on specific types of network attacks. Moreover, these approaches usually rely on using precise values to specify abnormality thresholds. However, sensor readings are often imprecise and crisp threshold values are inappropriate. To guarantee a lightweight, dependable monitoring system, we propose a novel hierarchical framework for detecting abnormal nodes in WSNs. The proposed approach uses fuzzy logic in event-condition-action (ECA) rule-based WSNs to detect malicious nodes, while also considering failed nodes. The spatiotemporal semantics of heterogeneous sensor readings are considered in the decision process to distinguish malicious data from other anomalies. Following our experiments with the proposed framework, we stress the significance of considering the sensor correlations to achieve detection accuracy, which has been neglected in previous studies. Our experiments using real-world sensor data demonstrate that our approach can provide high detection accuracy with low false-alarm rates. We also show that our approach performs well when compared to two well-known classification algorithms.