Biblio

This study offers an alternative to current implementations of key exchange by utilizing NFC technologies within android mobile devices. Supporting key exchange protocols along with cryptographic algorithms are offered, which meet current security standards whilst maintaining a short key length for optimal transfer between devices. Peer-to-peer and Host Card Emulation operational modes are observed to determine the best suited approach for key exchange. The proposed model offers end to end encryption between Client-Client as opposed to the usual Client-Server encryption offered by most Instant Messaging applications.

With the continuous development of edge computing, the application scope of mobile crowdsourcing (MCS) is constantly increasing. The distributed nature of edge computing can transmit data at the edge of processing to meet the needs of low latency. The trustworthiness of the third-party platform will affect the level of privacy protection, because managers of the platform may disclose the information of workers. Anonymous servers also belong to third-party platforms. For unreal third-party platforms, this paper recommends that workers first use the localized differential privacy mechanism to interfere with the real location information, and then upload it to an anonymous server to request services, called the localized differential anonymous privacy protection mechanism (LDNP). The two privacy protection mechanisms further enhance privacy protection, but exacerbate the loss of service quality. Therefore, this paper proposes to give corresponding compensation based on the authenticity of the location information uploaded by workers, so as to encourage more workers to upload real location information. Through comparative experiments on real data, the LDNP algorithm not only protects the location privacy of workers, but also maintains the availability of data. The simulation experiment verifies the effectiveness of the incentive mechanism.

The npm ecosystem has the largest number of third-party packages for making node.js-based web apps. Due to its free and open nature, it can raise diversity of security concerns. Adversaries can take advantage of existing software APIs included in node.js web apps for achieving their own malicious targets. More specifically, attackers may inject malicious data into its client requests and then submit them to a victim node.js server. It then may manipulate program states to reuse sensitive APIs as gadgets required in the node.js web app executed on the victim server. Once such sensitive APIs can be successfully accessed, it may indirectly raise security threats such as code injection attacks, software-layer DoS attacks, private data leaks, etc. For example, when the sensitive APIs are implemented as pattern matching operations and are called with hard-to-match input string submitted by clients, it may launch application-level DoS attacks.In this paper, we would like to introduce software reuse exploits through reusing packages available in node.js web apps for posing security threats to servers. In addition, we propose an approach based on data flow analysis to detect vulnerable npm packages that can be exposed to such exploits. To evaluate its effectiveness, we collected a dataset of 15,000 modules from the ecosystem to conduct the experiments. As a result, it discovered out 192 vulnerable packages. By manual analysis, we identified 156 true positives of 192 that can be exposed to code reuse exploits for remotely causing software-layer DoS attacks with 128 modules of 156, for code injection with 18 modules, and for private data leaks including 10 vulnerable ones.

With the world moving towards digitalization, more applications and servers are online hosted on the internet, more number of vulnerabilities came out which directly affects an individual and an organization financially and in terms of reputation too. Out of those many vulnerabilities such as Injection, Deserialization, Cross site scripting and more. Injection stand top as the most critical vulnerability found in the web application. Injection itself is a broad vulnerability as it further consists of SQL Injection, Command injection, LDAP Injection, No-SQL Injection etc. In this paper we have reviewed SQL Injection, different types of SQL injection attacks, their causes and remediation to comprehend this attack.

UPI (Unified Payments Interface) is a framework in India wherein customers can send payments to merchants from their smartphones. The framework consists of UPI servers that are connected to the banks at the sender and receiver ends. To send and receive payments, customers and merchants would have to first register themselves with UPI servers by executing a registration protocol using payment apps such as BHIM, PayTm, Google Pay, and PhonePe. Weaknesses were recently reported on these protocols that allow attackers to make money transfers on behalf of innocent customers and even empty their bank accounts. But the reported weaknesses were found after informal and manual analysis. However, as history has shown, formal analysis of cryptographic protocols often reveals flaws that could not be discovered with manual inspection. In this paper, we model UPI protocols in the pattern of traditional cryptographic protocols such that they can be rigorously studied and analyzed using formal methods. The modeling simplifies many of the complexities in the protocols, making it suitable to analyze and verify UPI protocols with popular analysis and verification tools such as the Constraint Solver, ProVerif and Tamarin. Our modeling could also be used as a general framework to analyze and verify many other financial payment protocols than just UPI protocols, giving it a broader applicability.

SUMMARY & CONCLUSIONSA Multi-access Edge Computing (MEC) micro data center (MEDC) consists of multiple MEC hosts close to endpoint devices. MEC service is delivered by instantiating a virtualization system (e.g., Virtual Machines or Containers) on a MEC host. MEDC faces more new security risks due to various device connections in an open environment. When more and more IoT/CPS systems are connected to MEDC, it is necessary for MEC service providers to quantitatively analyze any security loss and then make defense-related decision. This paper develops a CTMC model for quantitatively analyzing the security and dependability of a vulnerable MEDC system under lateral movement attacks, from the adversary’s initial successful access until the MEDC becomes resistant to the attack. The proposed model captures the behavior of the system in a scenario where (i) the rate of vulnerable MEC servers being infected increases with the increasing number of infected MEC servers, (ii) each infected MEC server can perform its compromising activity independently and randomly, and (iii) any infected MEC may fail and then cannot provide service. We also introduce the formulas for computing metrics. The proposed model and formula are verified to be approximately accurate by comparing numerical results and simulation results.

As a supplement to the cloud computing model, the edge computing model can use edge servers and edge devices to coordinate information processing on the edge of the network to help Internet of Thing (IoT) data storage, transmission, and computing tasks. In view of the complex and changeable situation of edge computing IoT scenarios, this paper proposes a multi-dimensional trust evaluation factor selection scheme. Improve the traditional trusted modeling method based on direct/indirect trust, introduce multi-dimensional trusted decision attributes and rely on the collaboration of edge servers and edge device nodes to infer and quantify the trusted relationship between nodes, and combine the information entropy theory to smoothly weight the calculation results of multi-dimensional decision attributes. Improving the current situation where the traditional trusted assessment scheme's dynamic adaptability to the environment and the lack of reliability of trusted assessment are relatively lacking. Simulation experiments show that the edge computing IoT multi-dimensional trust evaluation model proposed in this paper has better performance than the trusted model in related literature.

In many distributed learning setups such as federated learning, client nodes at the edge use individually collected data to compute the local gradients and send them to a central master server, and the master aggregates the received gradients and broadcasts the aggregation to all clients with which the clients can update the global model. As straggling communication links could severely affect the performance of distributed learning system, Prakash et al. proposed to utilize helper nodes and coding strategy to achieve resiliency against straggling client-to-helpers links. In this paper, we propose two coding schemes: repetition coding (RC) and MDS coding both of which enable the clients to update the global model in the presence of only helpers but without the master. Moreover, we characterize the uplink and downlink communication loads, and prove the tightness of uplink communication load. Theoretical tradeoff between uplink and downlink communication loads is established indicating that larger uplink communication load could reduce downlink communication load. Compared to Prakash's schemes which require a master to connect with helpers though noiseless links, our scheme can even reduce the communication load in the absence of master when the number of clients and helpers is relatively large compared to the number of straggling links.

Web caching is a strategy that can be used to speed up website access on the client-side. This strategy is implemented by storing as many popular web objects as possible on the cache server. All web objects stored on a cache server are called cached data. Requests for cached web data on the cache server are much faster than requests directly to the origin server. Not all web objects can fit on the cache server due to their limited capacity. Therefore, optimizing cached data in a web caching strategy will determine which web objects can enter the cache server to have maximum profit. This paper simulates a web caching strategy optimization with a knapsack problem approach using the Ant Colony optimization (ACO), Genetic Algorithm (GA), and a combination of the two. Knapsack profit is seen from the number of web objects that can be entered into the cache server but with the minimum objective function value. The simulation results show that the combination of ACO and GA is faster to produce an optimal solution and is not easily trapped by the local optimum.

The utilization of "cloud storage services (CSS)", empowering people to store their data in cloud and avoid from maintenance cost and local data storage. Various data integrity auditing (DIA) frameworks are carried out to ensure the quality of data stored in cloud. Mostly, if not all, of current plans, a client requires to utilize his private key (PK) to generate information authenticators for knowing the DIA. Subsequently, the client needs to have hardware token to store his PK and retain a secret phrase to actuate this PK. In this hardware token is misplaced or password is forgotten, the greater part of existing DIA plans would be not able to work. To overcome this challenge, this research work suggests another DIA without "private key storage (PKS)"plan. This research work utilizes biometric information as client's fuzzy private key (FPK) to evade utilizing hardware token. In the meantime, the plan might in any case viably complete the DIA. This research work uses a direct sketch with coding and mistake correction procedures to affirm client identity. Also, this research work plan another mark conspire that helps block less. Verifiability, yet in addition is viable with linear sketch Keywords– Data integrity auditing (DIA), Cloud Computing, Block less Verifiability, fuzzy biometric data, secure cloud storage (SCS), key exposure resilience (KER), Third Party Auditor (TPA), cloud audit server (CAS), cloud storage server (CSS), Provable Data Possession (PDP)

Recently, A. A. Khan et al proposed a lightweight authentication and key agreement framework for the next generation of smart grids. The framework uses third party authentication server and ECC algorithm, which has certain advantages in anonymity, secure communication and computational performance. However, this paper finds that this method cannot meet the requirements of semantic security through analysis. Therefore, we propose an improved scheme on this basis. And through the method of formal proof, we verify that the scheme can meet the requirement of semantic security and anonymity of smart grid.

The growing adoption of IoT devices is creating a huge positive impact on human life. However, it is also making the network more vulnerable to security threats. One of the major threats is malicious traffic injection attack, where the hacked IoT devices overwhelm the application servers causing large-scale service disruption. To address such attacks, we propose a Software Defined Networking based predictive alarm manager solution for malicious traffic detection and mitigation at the IoT Gateway. Our experimental results with the proposed solution confirms the detection of malicious flows with nearly 95% precision on average and at its best with around 99% precision.

In this research a secured framework is developed to support effective digital service delivery for government to stakeholders. It is developed to provide secured network to the remote area of Bangladesh. The proposed framework has been tested through the rough simulation of the network infrastructure. Each and every part of the digital service network has been analyzed in the basis of security purpose. Through the simulation the security issues are identified and proposed a security policy framework for effective service. Basing on the findings the issues are included and the framework has designed as the solution of security issues. A complete security policy framework has prepared on the basis of the network topology. As the output the stakeholders will get a better and effective data service. This model is better than the other expected network infrastructure. Till now in Bangladesh none of the network infrastructure are security policy based. This is needed to provide the secured network to remote area from government.

The availability of FPGAs in cloud data centers offers rapid, on-demand access to hardware compute resources that users can configure to their own needs. However, the low-level access to the hardware FPGA and associated resources such as PCIe, SSD, or DRAM also opens up threats of malicious attackers uploading designs that are able to infer information about other users or about the cloud infrastructure itself. In particular, this work presents a new, fast PCIe-contention-based channel that is able to transmit data between different FPGA-accelerated virtual machines with bandwidths reaching 2 kbps with 97% accuracy. This paper further demonstrates that the PCIe receiver circuits are able to not just receive covert transmissions, but can also perform fine-grained monitoring of the PCIe bus or detect different types of activities from other users' FPGA-accelerated virtual machines based on their PCIe traffic signatures. Beyond leaking information across different virtual machines, the ability to monitor the PCIe bandwidth over hours or days can be used to estimate the data center utilization and map the behavior of the other users. The paper also introduces further novel threats in FPGA-accelerated instances, including contention due to shared NVMe SSDs as well as thermal monitoring to identify FPGA co-location using the DRAM modules attached to the FPGA boards. This is the first work to demonstrate that it is possible to break the separation of privilege in FPGA-accelerated cloud environments, and highlights that defenses for public clouds using FPGAs need to consider PCIe, SSD, and DRAM resources as part of the attack surface that should be protected.

The widespread use of smartphones has made the gadget a prime source of evidence for crime investigators. The cloud-based applications on mobile devices store a rich set of evidence in the cloud servers. The physical acquisition of Android devices reveals only minimal data of cloud-based apps. However, the artifacts collected from mobile devices can be used for data acquisition from cloud servers. This paper focuses on the forensic acquisition and analysis of cloud data of Google apps on Android devices. The proposed methodology uses the tokens extracted from the Android devices to get authenticated to the Google server bypassing the two-factor authentication scheme and access the cloud data for further analysis. Based on the investigation, we have also developed a tool to acquire, preserve and analyze cloud data in a forensically sound manner.

Over the last few years, the world has been moving towards digital healthcare, where harnessing medical data distributed across multiple healthcare providers is essential to achieving personalized treatments. Though the efficiency and speed of the diagnosis process have increased due to the digitalization of healthcare data, it is at constant risk of cyberattacks. Medical images, in particular, seem to have become a regular victim of hackers, due to which there is a need to find a feasible solution for storing them securely. This work proposes a blockchain-based framework that leverages the InterPlanetary File system (IPFS) to provide decentralized storage for medical images. Our proposed blockchain storage model is implemented in the IPFS distributed file-sharing system, where each image is stored on IPFS, and its corresponding unique content-addressed hash is stored in the blockchain. The proposed model ensures the security of the medical images without any third-party dependency and eliminates the obstacles that arise due to centralized storage.

The growing complexity of server architectures, which incorporate several components with state, has necessitated rigorous assessment of the security risk both during design and operation. In this paper, we propose a novel technique to model the security risk of servers by mapping their architectures to graphs. This allows us to leverage tools from computational graph theory, which we combine with probability theory for deriving quantitative metrics for risk assessment. Probability of attack is derived for server components, with prior probabilities assigned based on knowledge of existing vulnerabilities and countermeasures. The resulting analysis is further used to compute measures of impact and exploitability of attack. The proposed methods are demonstrated on two open-source server designs with different architectures.

Domain Name System (DNS) is the Internet's system for converting alphabetic names into numeric IP addresses. It is one of the early and vulnerable network protocols, which has several security loopholes that have been exploited repeatedly over the years. The clustering task for the automatic recognition of these attacks uses machine learning approaches based on semi-supervised learning. A family of bio-inspired algorithms, well known as Swarm Intelligence (SI) methods, have recently emerged to meet the requirements for the clustering task and have been successfully applied to various real-world clustering problems. In this paper, Particle Swarm Optimization (PSO), Artificial Bee Colony (ABC), and Kmeans, which is one of the most popular cluster algorithms, have been applied. Furthermore, hybrid algorithms consisting of Kmeans and PSO, and Kmeans and ABC have been proposed for the clustering process. The Canadian Institute for Cybersecurity (CIC) data set has been used for this investigation. In addition, different measures of clustering performance have been used to compare the different algorithms.

Distributed denial of service attacks are still one of the greatest threats for computer systems and networks. We propose an intelligent moving target solution against DDOS flooding attacks. Our solution will use a fast-flux approach combined with moving target techniques to increase attack cost and complexity by bringing dynamics and randomization in network address space. It continually increases attack costs and makes it harder and almost infeasible for botnets to launch an attack. Along with performing selective proxy server replication and shuffling clients among this proxy, our solution can successfully separate and isolate attackers from benign clients and mitigate large-scale and complex flooding attacks. Our approach effectively stops both network and application-layer attacks at a minimum cost. However, while we try to make prevalent attack launches difficult and expensive for Bot Masters, this approach is good enough to combat zero-day attacks, too. Using DNS capabilities to change IP addresses frequently along with the proxy servers included in the proposed architecture, it is possible to hide the original server address from the attacker and invalidate the data attackers gathered during the reconnaissance phase of attack and make them repeat this step over and over. Our simulations demonstrate that we can mitigate large-scale attacks with minimum possible cost and overhead.

Distributed Denial of service attack(DDoS)is a network security attack and now the attackers intruded into almost every technology such as cloud computing, IoT, and edge computing to make themselves stronger. As per the behaviour of DDoS, all the available resources like memory, cpu or may be the entire network are consumed by the attacker in order to shutdown the victim`s machine or server. Though, the plenty of defensive mechanism are proposed, but they are not efficient as the attackers get themselves trained by the newly available automated attacking tools. Therefore, we proposed a classification based machine learning approach for detection of DDoS attack in cloud computing. With the help of three classification machine learning algorithms K Nearest Neighbor, Random Forest and Naive Bayes, the mechanism can detect a DDoS attack with the accuracy of 99.76%.

Today's global network is filled with attackers both live and automated seeking to identify and compromise vulnerable devices, with initial scanning and attack activity occurring within minutes or even seconds of being connected to the Internet. To better understand these events, honeypots can be deployed to monitor and log activity by simulating actual Internet facing services such as SSH, Telnet, HTTP, or FTP, and malicious activity can be logged as attempts are made to compromise them. In this study six multi-service honeypots are deployed in locations around the globe to collect and catalog traffic over a period of several months between March and December, 2020. Analysis is performed on various characteristics including source and destination IP addresses and port numbers, usernames and passwords utilized, commands executed, and types of files downloaded. In addition, Cowrie log data is restructured to observe individual attacker sessions, study command sequences, and monitor tunneling activity. This data is then correlated across honeypots to compare attack and traffic patterns with the goal of learning more about the tactics being employed. By gathering data gathered from geographically separate zones over a long period of time a greater understanding can be developed regarding attacker intent and methodology, can aid in the development of effective approaches to identifying malicious behavior and attack sources, and can serve as a cyber-threat intelligence feed.

The extensive utilization of network by smart devices, computers and servers makes it vulnerable to malicious activities where intruders and attackers tends to violate system security policies and authenticity to slither essential information. Honeypots are designed to create a virtual trap against hackers. The trap is to attract intruders and gather information about attackers and attack features. Honeypots mimics as a computer application, billing systems, webpages and client server-based applications to understand attackers behavior by gathering attack features and common foot prints used by hackers to forge information. In this papers, authors analyse amazon web services honeypot (AWSH) data to determine geo-spatial distribution of targeted attacks originated from different locations. The categorization of attacks is made on the basis of internet protocols and frequency of attack occurrences worldwide.

Cloud computing enables users and organizations to conveniently store and share data in large volumes and to enjoy on-demand services. Security and the protection of big data sharing from various attacks is the most challenging issue. Proxy re-encryption (PRE) is an effective method to improve the security of data sharing in the cloud environment. However, in PRE schemes, offloading big data for re-encryption will impose a heavy computational burden on the cloud proxy server, resulting in an increased computation delay and response time for the users. In this paper, we propose a novel parallel PRE workload distribution scheme to dynamically route the big data re-encryption process into the fog of the network. Moreover, this paper proposes a dynamic load balancing technique to avoid an excessive workload for the fog nodes. It also uses lightweight asymmetric cryptography to provide end-to-end security for the big data sharing between users. Within the proposed scheme, the offloading overhead on the centralized cloud server is effectively mitigated. Meanwhile, the processing delay incurred by the big data re-encryption process is efficiently improved.

Scalability is one of the effective features of the Software Defined Network (SDN) that allows several devices to communicate with each other. In SDN scalable networks, the number of hosts keeps increasing as per networks need. This increment makes network administrators take a straightforward action to ensure these hosts' authenticity in the network. To address this issue, we proposed a technique to authenticate SDN hosts before permitting them to establish communication with the SDN controller. In this technique, we used the Kerberos authentication protocol to ensure the authenticity of the hosts. Kerberos verifies the hosts' credentials using a centralized server contains all hosts IDs and passwords. This technique eases the secure communication between the hosts and controller and allows the hosts to safely get network rules and policies. The proposed technique ensures the immunity of the network against network attacks.

With the rapid development of 5G, the Internet of Things (IoT) and edge computing technologies dramatically improve smart industries' efficiency, such as healthcare, smart agriculture, and smart city. IoT is a data-driven system in which many smart devices generate and collect a massive amount of user privacy data, which may be used to improve users' efficiency. However, these data tend to leak personal privacy when people send it to the Internet. Differential privacy (DP) provides a method for measuring privacy protection and a more flexible privacy protection algorithm. In this paper, we study an estimation problem and propose a new frequency estimation algorithm named MFEA that redesigns the publish process. The algorithm maps a finite data set to an integer range through a hash function, then initializes the data vector according to the mapped value and adds noise through the randomized response. The frequency of all interference data is estimated with maximum likelihood. Compared with the current traditional frequency estimation, our approach achieves better algorithm complexity and error control while satisfying differential privacy protection (LDP).