Biblio

Video Conferencing has emerged as a new paradigm of communication in the age of COVID-19 pandemic. This technology is allowing us to have real-time interaction during the social distancing era. Even before the current crisis, it was increasingly commonplace for organizations to adopt a video conferencing tool. As people adopt video conferencing tools and access data with potentially less secure equipment and connections, meetings are becoming a target to cyber attackers. Enforcing appropriate security and privacy settings prevents attackers from exploiting the system. To design the video conferencing system's security and privacy model, an exhaustive threat model must be adopted. Threat modeling is a process of optimizing security by identifying objectives, vulnerabilities, and defining the plan to mitigate or prevent potential threats to the system. In this paper, we use the widely accepted STRIDE threat modeling technique to identify all possible risks to video conferencing tools and suggest mitigation strategies for creating a safe and secure system.

The Internet of Things (IoT) provides significant benefits for industry due to connect the devices together through the internet. Attribute-Based Encryption (ABE) is a technique can enforce an access control over data to guarantee the data security. In this paper, we propose an ABE scheme for data in industrial IoT. The scheme achieves both security and high performance. When there is a shared subpolicy among the access policies of a sensor, the scheme optimizes the encryption of the messages. Through analysis and simulation, we show that our solution is security and efficient.

Transportation of people and goods is important and crucial in the context of smart cities. The trend in regard of people's mobility is moving from privately owned vehicles towards shared mobility. This trend is even stronger in urban areas, where space for parking is limited, and the mobility is supported by the public transport system, which lowers the need for private vehicles. Several challenges and barriers of currently available solutions retard a massive growth of this mobility option, such as the trust problem, data monopolism, or intermediary costs. Decentralizing mobility management is a promising approach to solve the current problems of the mobility market, allowing to move towards a more usable internet of mobility and smart transportation. Leveraging blockchain technology allows to cut intermediary costs, by utilizing smart contracts. Important in this ecosystem is the proof of identity of participants in the blockchain network. To proof the possession of the claimed identity, the private key corresponding to the wallet address is utilized, and therefore essential to protect. In this paper, a blockchain-based shared mobility platform is proposed and a proof-of-concept is shown. First, current problems and state-of-the-art systems are analyzed. Then, a decentralized concept is built based on ERC-721 tokens, implemented in a smart contract, and augmented with a Hardware Security Module (HSM) to protect the confidential key material. Finally, the system is evaluated and compared against state-of-the-art solutions.

Malware classification helps to understand its purpose and is also an important part of attack detection. And it is also an important part of discovering attacks. Due to continuous innovation and development of artificial intelligence, it is a trend to combine deep learning with malware classification. In this paper, we propose an improved malware image rescaling algorithm (IMIR) based on local mean algorithm. Its main goal of IMIR is to reduce the loss of information from samples during the process of converting binary files to image files. Therefore, we construct a neural network structure based on VGG model, which is suitable for image classification. In the real world, a mass of malware family labels are inaccurate or lacking. To deal with this situation, we propose a novel method to train the deep neural network by Semi-supervised Generative Adversarial Network (SGAN), which only needs a small amount of malware that have accurate labels about families. By integrating SGAN with weak coupling, we can retain the weak links of supervised part and unsupervised part of SGAN. It improves the accuracy of malware classification by making classifiers more independent of discriminators. The results of experimental demonstrate that our model achieves exhibiting favorable performance. The recalls of each family in our data set are all higher than 93.75%.

Distributed acoustic sensing (DAS) systems based on fiber brag grating (FBG) have been widely used for distributed temperature and strain sensing over the past years, and function well in perimeter security monitoring and structural health monitoring. However, with relevant algorithms functioning with low accuracy, the DAS system presently has trouble in signal recognition, which puts forward a higher requirement on a high-precision identification method. In this paper, we propose an improved recognition method based on relative fundamental signal processing methods and convolutional neural network (CNN) to construct a mathematical model of disturbance FBG signal recognition. Firstly, we apply short-time energy (STE) to extract original disturbance signals. Secondly, we adopt short-time Fourier transform (STFT) to divide a longer time signal into short segments. Finally, we employ a CNN model, which has already been trained to recognize disturbance signals. Experimental results conducted in the real environments show that our proposed algorithm can obtain accuracy over 96.5%.

With the rapid development of 5G, the Internet of Things (IoT) and edge computing technologies dramatically improve smart industries' efficiency, such as healthcare, smart agriculture, and smart city. IoT is a data-driven system in which many smart devices generate and collect a massive amount of user privacy data, which may be used to improve users' efficiency. However, these data tend to leak personal privacy when people send it to the Internet. Differential privacy (DP) provides a method for measuring privacy protection and a more flexible privacy protection algorithm. In this paper, we study an estimation problem and propose a new frequency estimation algorithm named MFEA that redesigns the publish process. The algorithm maps a finite data set to an integer range through a hash function, then initializes the data vector according to the mapped value and adds noise through the randomized response. The frequency of all interference data is estimated with maximum likelihood. Compared with the current traditional frequency estimation, our approach achieves better algorithm complexity and error control while satisfying differential privacy protection (LDP).

The construction of the power Internet of Things has led various terminals to access the corporate network on a large scale. The internal and external business interaction and data exchange are more extensive. The current security protection system is based on border isolation protection. This is difficult to meet the needs of the power Internet of Things connection and open shared services. This paper studies the application scheme of the ``zero trust'' typical business scenario of the power Internet of Things with ``Continuous Identity Authentication and Dynamic Access Control'' as the core, and designs the power internet security protection architecture based on zero trust.

This paper studies the differential privacy-preserving problem of discrete-time multi-agent systems (MASs) with antagonistic information, where the connected signed graph is structurally balanced. First, we introduce the bipartite consensus definitions in the sense of mean square and almost sure, respectively. Second, some criteria for mean square and almost sure bipartite consensus are derived, where the eventualy value is related to the gauge matrix and agents’ initial states. Third, we design the ε-differential privacy algorithm and characterize the tradeoff between differential privacy and system performance. Finally, simulations validate the effectiveness of the proposed algorithm.

The task of malware labeling on real datasets faces huge challenges—ever-changing datasets and lack of ground-truth labels—owing to the rapid growth of malware. Clustering malware on their respective families is a well known tool used for improving the efficiency of the malware labeling process. In this paper, we addressed the challenge of clustering email malware, and carried out a cluster analysis on a real dataset collected from email campaigns over a 13-month period. Our main original contribution is to analyze the usefulness of email’s header information for malware clustering (a novel approach proposed by Burton [1]), and compare it with features collected from the malware directly. We compare clustering based on email header’s information with traditional features extracted from varied resources provided by VirusTotal [2], including static and dynamic analysis. We show that email header information has an excellent performance.

The emerging vehicular edge computing (VEC) technology has the potential to bring revolutionary development to vehicular ad hoc network (VANET). However, the edge computing servers (ECSs) are subjected to a variety of security threats. One of the most dangerous types of security attacks is the Sybil attack, which can create fabricated virtual vehicles (called Sybil vehicles) to significantly overload ECSs' limited computation resources and thus disrupt legitimate vehicles' edge computing applications. In this paper, we present a novel Sybil attack detection system on ECSs that is based on the design of a credibility enhanced temporal graph convolutional network. Our approach can identify the malicious vehicles in a dynamic traffic environment while preserving the legitimate vehicles' privacy, particularly their local position information. We evaluate our proposed approach in the SUMO simulator. The results demonstrate that our proposed detection system can accurately identify most Sybil vehicles while maintaining a low error rate.

One of the many methods for identifying malware is to disassemble the malware files and obtain the opcodes from them. Since malware have predominantly been found to contain specific opcode sequences in them, the presence of the same sequences in any incoming file or network content can be taken up as a possible malware identification scheme. Malware detection systems help us to understand more about ways on how malware attack a system and how it can be prevented. The proposed method analyses malware executable files with the help of opcode information by converting the incoming executable files to assembly language thereby extracting opcode information (opcode count) from the same. The opcode count is then converted into opcode frequency which is stored in a CSV file format. The CSV file is passed to various machine learning algorithms like Decision Tree Classifier, Random Forest Classifier and Naive Bayes Classifier. Random Forest Classifier produced the highest accuracy and hence the same model was used to predict whether an incoming file contains a potential malware or not.

With the advancement of portable head-mounted displays, interest in educational application of immersive spherical video-based virtual reality (SVVR) has been emerging. However, it remains unclear regarding the effects of immersive SVVR on cognitive and affective outcomes. In this study, we retrieved 58 learning outcomes from 16 studies. A meta-analysis was performed using the random effects model to calculate the effect size. Several important moderators were also examined such as control group treatment, learning outcome type, interaction functionality, content instruction, learning domain, and learner's stage. The results show that immersive SVVR is more effective than other instructional conditions with a medium effect size. The key findings of the moderator analysis are that immersive SVVR has a greater impact on affective outcomes, as well as under the conditions that learning system provides interaction functionality or integrates with content instruction before virtual exploratory learning.

Stress-related disorders are increasing because of work load, forces in teamwork, surroundings pressures and health related conditions. Thus, to avoid people living under heavy stress and develop more severe stress-related disorders, different internet and applications of stress management interventions are offered. Mobile applications with self-assessed health, burnout-scores and well-being are commonly used as outcome measures. Few studies have used sickleave to compare effects of stress interventions. A new approach is to use nature and garden in a multimodal stress management context. This study aimed to explore the effects of immersive and non-immersive games application by using nature theme virtual stress therapy in reducing stress level. Two weeks’ of experiments had involved 18 participants. Nine (9) of them were invited to join the first experiment which focused on immersive virtual reality (VR) experience. Their Blood Volume Pulse with Heart Rate (BVP+HR) and Skin Conductance (SC) were recorded using BioGraph Infiniti Biofeedback System that comes with three (3) sensors attached to the fingers. The second experiment were joined by another nine (9) participants. This experiment was testing on non-immersive desktop control experience. The same protocol measurements were taken which are BVP+HR and SC. Participants were given the experience to feel and get carried into the virtual nature as a therapy so that they will reduce stress. The result of this study points to whether immersive or non-immersive VR display using nature theme virtual therapy would reduce individuals stress level. After conducted series of experiments, results showed that both immersive and non-immersive VR display reduced stress level. However, participants were satisfied of using the immersive version as it provided a 360 degree of viewing, immersed experiences and feeling engaged. Thus, this showed and proved that applications developed with nature theme affect successfully reduce stress level no matter it is put in immersive or non-immersive display.

As cyber threats continue to grow and expertise resources are limited, organisations need to find ways to evaluate their resilience efficiently and take proactive measures against an attack from a specific adversary before it occurs. Threat modelling is an excellent method of assessing the resilience of ICT systems, forming Attack (Defense) Graphs (ADGs) that illustrate an adversary’s attack vectors. Cyber Threat Intelligence (CTI) is information that helps understand the current cyber threats, but has little integration with ADGs. This paper contributes with an approach that resolves this problem by using CTI feeds of known threat actors to enrich ADGs under multiple reuse. This enables security analysts to take proactive measures and strengthen their ICT systems against current methods used by any threat actor that is believed to pose a threat to them.

Federated learning is a privacy-preserving learning system where participants locally update a shared model with their own training data. Despite the advantage that training data are not sent to a server, there is still a risk that a state-of-the-art model inversion attack, which may be conducted by the server, infers training data from the models updated by the participants, referred to as individual models. A solution to prevent such attacks is differential privacy, where each participant adds noise to the individual model before sending it to the server. Differential privacy, however, sacrifices the quality of the shared model in compensation for the fact that participants' training data are not leaked. This paper proposes a federated learning system that is resistant to model inversion attacks without sacrificing the quality of the shared model. The core idea is that each participant divides the individual model into model fragments, shuffles, and aggregates them to prevent adversaries from inferring training data. The other benefit of the proposed system is that the resulting shared model is identical to the shared model generated with the naive federated learning.

In this work, security analysis of a Smart Home System (SHS) is inspected. The paper focuses on describing common and likely cyber security threats against SHS. This includes both their influence on human privacy and safety. The SHS is properly presented and formed applying Architecture Analysis and Design Language (AADL), exhibiting the system layout, weaknesses, attack practices, besides their requirements and post settings. The obtained model is later inspected along with a security requirement with JKind model tester software for security endangerment. The overall attack graph causing system compromise is graphically given using Graphviz.

Random K-out graphs, denoted \$$\backslash$mathbbH(n;K)\$, are generated by each of the \$n\$ nodes drawing \$K\$ out-edges towards \$K\$ distinct nodes selected uniformly at random, and then ignoring the orientation of the arcs. Recently, random K-out graphs have been used in applications as diverse as random (pairwise) key predistribution in ad-hoc networks, anonymous message routing in crypto-currency networks, and differentially-private federated averaging. In many applications, connectivity of the random K-out graph when some of its nodes are dishonest, have failed, or have been captured is of practical interest. We provide a comprehensive set of results on the connectivity and giant component size of \$$\backslash$mathbbH(n;K\_n,$\backslash$gamma\_n)\$, i.e., random K-out graph when \textsubscriptn of its nodes, selected uniformly at random, are deleted. First, we derive conditions for \textsubscriptn and \$n\$ that ensure, with high probability (whp), the connectivity of the remaining graph when the number of deleted nodes is \$$\backslash$gamma\_n=Ømega(n)\$ and \$$\backslash$gamma\_n=o(n)\$, respectively. Next, we derive conditions for \$$\backslash$mathbbH(n;K\_n, $\backslash$gamma\_n)\$ to have a giant component, i.e., a connected subgraph with \$Ømega(n)\$ nodes, whp. This is also done for different scalings of \textsubscriptn and upper bounds are provided for the number of nodes outside the giant component. Simulation results are presented to validate the usefulness of the results in the finite node regime.

Smart meter devices enable a better understanding of the demand at the potential risk of private information leakage. One promising solution to mitigating such risk is to inject noises into the meter data to achieve a certain level of differential privacy. In this paper, we cast one-shot non-intrusive load monitoring (NILM) in the compressive sensing framework, and bridge the gap between theoretical accuracy of NILM inference and differential privacy's parameters. We then derive the valid theoretical bounds to offer insights on how the differential privacy parameters affect the NILM performance. Moreover, we generalize our conclusions by proposing the hierarchical framework to solve the multishot NILM problem. Numerical experiments verify our analytical results and offer better physical insights of differential privacy in various practical scenarios. This also demonstrates the significance of our work for the general privacy preserving mechanism design.

This paper proposes an anonymity based mechanism for providing privacy in IoT environment. Proposed scheme allows IoT entities to anonymously interacting and authenticating with each other, or even proving that they have trustworthy relationship without disclosing their identities. Authentication is based on an anonymous certificates mechanism where interacting IoT entities could unlinkably prove possession of a valid certificate without revealing any incorporated identity-related information, thereby preserving their privacy and thwarting tracking and profiling attacks. Through a security analysis, we demonstrate the reliability of our solution.

To reduce the risk of botnet malware, methods of detecting botnet malware using machine learning have received enormous attention in recent years. Most of the traditional methods are based on supervised learning that relies on static features with defined labels. However, recent studies show that supervised machine learning-based IoT malware botnet models are more vulnerable to intentional attacks, known as an adversarial attack. In this paper, we study the adversarial attack on PSI-graph based researches. To perform the efficient attack, we proposed a reinforcement learning based method with a trained target classifier to modify the structures of PSI-graphs. We show that PSI-graphs are vulnerable to such attack. We also discuss about defense method which uses adversarial training to train a defensive model. Experiment result achieves 94.1% accuracy on the adversarial dataset; thus, shows that our defensive model is much more robust than the previous target classifier.

With the rapid growth of the Internet of Things (IoT) applications in smart regions/cities, for example, smart healthcare, smart homes/offices, there is an increase in security threats and risks. The IoT devices solve real-world problems by providing real-time connections, data and information. Besides this, the attackers can tamper with sensors, add or remove them physically or remotely. In this study, we address the IoT security sensor tampering issue in an office environment. We collect data from real-life settings and apply machine learning to detect sensor tampering using two methods. First, a real-time view of the traffic patterns is considered to train our isolation forest-based unsupervised machine learning method for anomaly detection. Second, based on traffic patterns, labels are created, and the decision tree supervised method is used, within our novel Anomaly Detection using Machine Learning (AD-ML) system. The accuracy of the two proposed models is presented. We found 84% with silhouette metric accuracy of isolation forest. Moreover, the result based on 10 cross-validations for decision trees on the supervised machine learning model returned the highest classification accuracy of 91.62% with the lowest false positive rate.

Fog Computing was envisioned to solve problems like high latency, mobility, bandwidth, etc. that were introduced by Cloud Computing. Fog Computing has enabled remotely connected IoT devices and sensors to be managed efficiently. Nonetheless, the Fog-Cloud paradigm suffers from various security and privacy related problems. Blockchain ensures security in a trustless way and therefore its applications in various fields are increasing rapidly. In this work, we propose a Fog-Cloud architecture that enables Blockchain to ensure security, scalability, and privacy of remotely connected IoT devices. Furthermore, our proposed architecture also efficiently manages common problems like ever-increasing latency and energy consumption that comes with the integration of Blockchain in Fog-Cloud architecture.

In recent years, more and more medical institutions have been using electronic medical records (EMRs) to improve service efficiency and reduce storage cost. However, it is difficult for medical institutions with different management methods to share medical data. The medical data of patients is easy to be abused, and there are security risks of privacy data leakage. The above problems seriously impede the sharing of medical data. To solve these problems, we propose a blockchain-based medical data sharing scheme with attribute-based searchable encryption, named BMDS. In BMDS, encrypted EMRs are securely stored in the interplanetary file system (IPFS), while corresponding indexes and other information are stored in a medical consortium blockchain. The proposed BMDS has the features of tamper-proof, privacy preservation, verifiability and secure key management, and there is no single point of failure. The performance evaluation of computational overhead and security analysis show that the proposed BMDS has more comprehensive security features and practicability.

The performance prediction of user equipment (UE) metrics has many applications in the 5G era and beyond. For instance, throughput prediction can improve carrier selection, adaptive video streaming's quality of experience (QoE), and traffic latency. Many studies suggest distributed learning algorithms (e.g., federated learning (FL)) for this purpose. However, in a multi-tier design, features are measured in different tiers, e.g., UE tier, and gNodeB (gNB) tier. On one hand, neglecting the measurements in one tier results in inaccurate predictions. On the other hand, transmitting the data from one tier to another improves the prediction performance at the expense of increasing network overhead and privacy risks. In this paper, we propose cascaded FL to enhance UE throughput prediction with minimum network footprint and privacy ramifications (if any). The idea is to introduce feedback to conventional FL, in multi-tier architectures. Although we use cascaded FL for UE prediction tasks, the idea is rather general and can be used for many prediction problems in multi-tier architectures, such as cellular networks. We evaluate the performance of cascaded FL by detailed and 3GPP compliant simulations of London's city center. Our simulations show that the proposed cascaded FL can achieve up to 54% improvement over conventional FL in the normalized gain, at the cost of 1.8 MB (without quantization) and no cost with quantization.

Spatial crowdsourcing has stimulated various new applications such as taxi calling and food delivery. A key enabler for these spatial crowdsourcing based applications is to plan routes for crowd workers to execute tasks given diverse requirements of workers and the spatial crowdsourcing platform. Despite extensive studies on task planning in spatial crowdsourcing, few have accounted for the location privacy of tasks, which may be misused by an untrustworthy platform. In this paper, we explore efficient task planning for workers while protecting the locations of tasks. Specifically, we define the Privacy-Preserving Task Planning (PPTP) problem, which aims at both total revenue maximization of the platform and differential privacy of task locations. We first apply the Laplacian mechanism to protect location privacy, and analyze its impact on the total revenue. Then we propose an effective and efficient task planning algorithm for the PPTP problem. Extensive experiments on both synthetic and real datasets validate the advantages of our algorithm in terms of total revenue and time cost.