Biblio

Internet of Things (IoT) revolutionizes cutting-edge technologies by enabling smart sensing, and actuation of the physical world. IoT enables cooperation between numerous heterogeneous smart devices to exchange and aggregate data from the surrounding environment through the internet. Recently, the range of IoT technology could be utilized in the real world by the rapid spread of sensor devices. These capabilities open the door for vital challenges. Security is the major challenge that faces the IoT networks. Traditional solutions cannot tackle smart and powerful attackers. Moving Target Defense (MTD) deploys mechanisms and strategies that increase attackers' uncertainty and frustrate their attempt to eavesdrop the target to be protected. In addition, Steganography is the practice of concealing a message within another message. For security proposes, Steganography is used to hide significant data within any transmitted messages, such as images, videos, and text files. This paper presents Stegano-MTD framework that enables combination between MTD mechanisms with steganography. This combination offers a lightweight solution that can be implemented on the IoT network. Stegano-MTD slices the message into small labeled chunks and sends them randomly through the network's nodes. Steganography is used for hide the key file that used to reconstruct the original data. Simulation results show the effectiveness of the presented solution.

The widespread utilization of smart grids is due to their flexibility to support the two-way flow of electricity and data. The critical nature of smart grids evokes traditional network attacks. Due to the advantages of blockchains in terms of ensuring trustworthiness and security, a significant body of literature has been recently developed to secure smart grid operations. We categorize the blockchain applications in smart grid into three categories: energy trading, infrastructure management, and smart-grid operations management. This paper provides an extensive survey of these works and the different ways to utilize blockchains in smart grid in general. We propose an abstract system to overcome a critical cyberattack; namely, the fake data injection, as previous works did not consider such an attack.

The critical nature of smart grids (SGs) attracts various network attacks and malicious manipulations. Existent SG solutions are less capable of ensuring secure and trustworthy operation. This is due to the large-scale nature of SGs and reliance on network protocols for trust management. A particular example of such severe attacks is the false data injection (FDI). FDI refers to a network attack, where meters' measurements are manipulated before being reported in such a way that the energy system takes flawed decisions. In this paper, we exploit the secure nature of blockchains to construct a data management framework based on public blockchain. Our framework enables trustworthy data storage, verification, and exchange between SG components and decision-makers. Our proposed system enables miners to invest their computational power to verify blockchain transactions in a fully distributed manner. The mining logic employs machine learning (ML) techniques to identify the locations of compromised meters in the network, which are responsible for generating FDI attacks. In return, miners receive virtual credit, which may be used to pay their electric bills. Our design circumvents single points of failure and intentional FDI attempts. Our numerical results compare the accuracy of three different ML-based mining logic techniques in two scenarios: focused and distributed FDI attacks for different attack levels. Finally, we proposed a majority-decision mining technique for the practical case of an unknown FDI attack level.

Cloud federation is the evolution of modern cloud computing. It provides better resource-sharing, perfect resource-utilization, and load-balancing. However, the heterogeneity of security policies and configurations between cloud service providers makes it hard for users to totally trust them. Further, the severe impact of modern cloud attacks such as cross-side channels on federated environments is a major roadblock against such evolution. Securing users' capsules (Virtual Machines and containers) against cross-side channel attacks is considered as a big challenge to cloud service providers. Moving-target Defense (MtD) by live capsule migration was introduced as an effective mechanism to overcome such challenge. However, researchers noted that even with MtD, migrated capsules can still be tracked via routing information. In this paper, we propose a novel Blockchain-based routing mechanism to enable trace-resistant Moving-target Defence (BMtD) to enable anonymous live cross-cloud migrations of running capsules in federated cloud environments. Exploiting the Vulnerable, Exposed, Attacked, Recovered (VEAR) model, simulation results demonstrated the effectiveness of BMtD in minimizing viral attack dispersion.

The extensive increase in the number of IoT devices and the massive data generated and sent to the cloud hinder the cloud abilities to handle it. Further, some IoT devices are latency-sensitive. Such sensitivity makes it harder for far clouds to handle the IoT needs in a timely manner. A new technology named "Fog computing" has emerged as a solution to such problems. Fog computing relies on close by computational devices to handle the conventional cloud load. However, Fog computing introduced additional problems related to the trustworthiness and safety of such devices. Unfortunately, the suggested architectures did not consider such problem. In this paper we present a novel self-configuring fog architecture to support IoT networks with security and trust in mind. We realize the concept of Moving-target defense by mobilizing the applications inside the fog using live migrations. Performance evaluations using a benchmark for mobilized applications showed that the added overhead of live migrations is very small making it deployable in real scenarios. Finally, we presented a mathematical model to estimate the survival probabilities of both static and mobile applications within the fog. Moreover, this work can be extended to other systems such as mobile ad-hoc networks (MANETS) or in vehicular cloud computing (VCC).