Biblio

Securing optical edge devices across an optical network is a critical challenge for the technological capabilities of fog/cloud computing. Locating and blocking rogue devices from transmitting data frames in an optical network is a significant security problem due to their widespread distribution over the optical fog cloud. A malicious actor might simply compromise such a device and execute assaults that degrade the optical channel’s Quality. In this study, we advocate an innovative framework for the use of an optical network to facilitate cloud and fog computing in a safe environment. This framework is sustainable and able to detect hostile equipment in optical fog and cloud and redirect it to a honeypot, where the assault may be halted and analyzed. To do this, it employs a model based on a two-stage hidden Markov, a fog manager based on an intrusion detection system, and an optical virtual honeypot. An internal assault is mitigated by simulated testing of the suggested system. The findings validate the adaptable and affordable access for cloud computing and optical fog.

Cloud computing is a new term that refers to the service provisioned over the Internet. It is considered one of the foremost prevailing standards within the Data Innovation (IT) industry these days. It offers capable handling and capacity assets as on-demand administrations at diminished fetched, and progressed productivity. It empowers sharing computing physical assets among cloud computing tents and offers on-demand scaling with taken toll effectiveness. Moreover, cloud computing plays an important role in data centers because they house virtually limitless computational and storage capacities that businesses and end-users can access and use via the Internet. In the context of cloud computing, fog computing refers to bringing services to the network’s edge. Fog computing gives cloud-like usefulness, such as information capacity space, systems, and compute handling control, yet with a more noteworthy scope and nearness since fog nodes are found close to d-user edge gadgets, leveraging assets and diminishing inactivity. The concepts of cloud computing and fog computing will be explored in this paper, and their features will be contrasted to determine the differences between them. Over 25 factors have been used to compare them.

Fog computing is defined as a decentralized infrastructure that locations storage and processing aspects at the side of the cloud, the place records sources such as software customers and sensors exist. The Fog Computing is the time period coined via Cisco that refers to extending cloud computing to an area of the enterprise’s network. Thus, it is additionally recognized as Edge Computing or Fogging. It allows the operation of computing, storage, and networking offerings between give up units and computing facts centers. Fog computing is defined as a decentralized infrastructure that locations storage and processing aspects at the side of the cloud, the place records sources such as software customers and sensors exist. The fog computing Intelligence as Artificial Intelligence (AI) is furnished by way of Fog Nodes in cooperation with Clouds. In Fog Nodes several sorts of AI studying can be realized - such as e.g., Machine Learning (ML), Deep Learning (DL). Thanks to the Genius of Fog Nodes, for example, we communicate of Intelligent IoT.

Thousands of crowded events take place every year. Often, management does not properly implement and manage privacy and security of data of the participants and personnel of the events. Crowds are also prone to significant security issues and become vulnerable to terrorist attacks. The aim of this paper is to propose a privacy and security framework for large, crowded events like the Hajj, Kumbh, Arba'een, and many sporting events and musical concerts. The proposed framework uses the latest technologies including Internet of Things, and Fog computing, especially in the Location based Services environments. The proposed framework can also be adapted for many other scenarios and situations.

The Internet of Things (IoT) technology has revolutionized the world where anything is smartly connected and is accessible. The IoT makes use of cloud computing for processing and storing huge amounts of data. In some way, the concept of fog computing has emerged between cloud and IoT devices to address the issue of latency. When a fog node exchanges data for completing a particular task, there are many security and privacy risks. For example, offloading data to a rogue fog node might result in an illegal gathering or modification of users' private data. In this paper, we rely on trust to detect and detach bad fog nodes. We use a Mamdani fuzzy method and we consider a hospital scenario with many fog servers. The aim is to identify the malicious fog node. Metrics such as latency and distance are used in evaluating the trustworthiness of each fog server. The main contribution of this study is identifying how fuzzy logic configuration could alter the trust value of fog nodes. The experimental results show that our method detects the bad fog device and establishes its trustworthiness in the given scenario.

Geospatial fog computing system offers various benefits as a platform for geospatial computing services closer to the end users, including very low latency, good mobility, precise position awareness, and widespread distribution. In recent years, it has grown quickly. Fog nodes' security is susceptible to a number of assaults, including denial of service and resource abuse, because to their widespread distribution, complex network environments, and restricted resource availability. This paper proposes a Quantum Key Distribution (QKD)-based geospatial quantum fog computing environment that offers a symmetric secret key negotiation protocol that can preserve information-theoretic security. In QKD, after being negotiated between any two fog nodes, the secret keys can be given to several users in various locations to maintain forward secrecy and long-term protection. The new geospatial quantum fog computing environment proposed in this work is able to successfully withstand a variety of fog computing assaults and enhances information security.

Anomaly detection has been considered under several extents of prior knowledge. Unsupervised methods do not require any labelled data, whereas semi-supervised methods leverage some known anomalies. Inspired by mixture-of-experts models and the analysis of the hidden activations of neural networks, we introduce a novel data-driven anomaly detection method called ARGUE. Our method is not only applicable to unsupervised and semi-supervised environments, but also profits from prior knowledge of self-supervised settings. We designed ARGUE as a combination of dedicated expert networks, which specialise on parts of the input data. For its final decision, ARGUE fuses the distributed knowledge across the expert systems using a gated mixture-of-experts architecture. Our evaluation motivates that prior knowledge about the normal data distribution may be as valuable as known anomalies.

The current study aims to discern the impact of expert systems and neural network on the Jordanian commercial banks. In achieving the objective, the study employed descriptive analytical approach and the population consisted of the 13 Jordanian commercial banks listed at Amman Stock Exchange-ASE. The primary data were obtained by using a questionnaire with 188 samples distributed to a group of accountants, internal auditors, and programmers, who constitute the study sample. The results unveiled that there is an impact of the application of expert systems and neural networks on the relevance of financial information in Jordanian commercial banks. It also revealed that there is a high level of relevance of financial information in Jordanian commercial banks. Accordingly, the study recommended the need for banks to keep pace with the progress and development taking place in connection to the process and environment of expertise systems by providing modern and developed devices to run various programs and expert systems. It also recommended that, Jordanian commercial banks need to rely more on advanced systems to operate neural network technology more efficiently.

Research on intelligent accounting system based on intelligent financial data sheet analysis system considering complex data mining is conducted in the paper. The expert audit system extracts business records from the business database according to the specified audit conditions, and the program automatically calculates the total amount of the amount data items, and then compares it with the standard or normal business, reflecting the necessary information such as differences and also possible audit trails. In order to find intrusion behaviors and traces, data collection is carried out from multiple points in the network system. The collection content includes system logs, network data packets, important files, and the status and the behavior of the user activities. Furthermore, complex data mining model is combined for the systematic analysis on the system performance. The simulation on the collected data is provided to the validate the performance.

The paper considers the important problem of information protection in complex energy systems. The expert assessment of information protection in complex energy systems method has been developed. Based on the conducted research and data processing, a method of forming the analytical basis for decision-making aimed at ensuring the competitiveness of complex information protection systems has been developed.

This article proposes a method for determining the intruder type in the systems of physical protection of objects. An intruder trying to enter the territory, buildings or premises of the facility has to overcome typical engineering reinforcement elements of building structures. Elements of building structures are equipped with addressable alarm sensors. The intruder type is proposed to be determined according to its equipment by comparing the time of actually overcoming the building structure elements with the expert estimates. The time to overcome the elements of building structures is estimated by the time between successive responses of the security alarm address sensors. The intruder's awareness of the protection object is proposed to be assessed by tracking the route of its movement on the object using address sensors. Determining the intruder type according to the data of the security alarm systems can be used for the in-process tactics control of the security group actions.

In Production System Engineering (PSE), domain experts aim at effectively and efficiently analyzing and mitigating information security risks to product and process qualities for manufacturing. However, traditional security standards do not connect security analysis to the value stream of the production system nor to production quality requirements. This paper aims at facilitating security analysis for production quality already in the design phase of PSE. In this paper, we (i) identify the connection between security and production quality, and (ii) introduce the Production Security Network (PSN) to efficiently derive reusable security requirements and design patterns for PSE. We evaluate the PSN with threat scenarios in a feasibility study. The study results indicate that the PSN satisfies the requirements for systematic security analysis. The design patterns provide a good foundation for improving the communication of domain experts by connecting security and quality concerns.

In the information era, knowledge is becoming increasingly significant for all industries, especially criminal investigation that deeply relies on intelligence and strategies. Therefore, there is an urgent need for effective management and utilization of criminal investigation knowledge. As an important branch of knowledge engineering, the expert system can simulate the thinking pattern of an expert, proposing strategies and solutions based on the knowledge stored in the knowledge base. A crucial step in building the expert system is to construct the knowledge base, which determines the function and capability of the expert system. This paper establishes a practical knowledge base for criminal investigation, combining the technologies of cloud computing with traditional method of manual entry to acquire and process knowledge. The knowledge base covers data information and expert knowledge with detailed classification of rules and cases, providing answers through comparison and reasoning. The knowledge becomes more accurate and reliable after repeated inspection and verification by human experts.

The smooth operation of metering equipment is inseparable from the monitoring and analysis of equipment alarm events by automated metering systems. With the generation of big data in power metering and the increasing demand for information security of metering systems in the power industry, how to use big data and protect data security at the same time has become a hot research field. In this paper, we propose a hybrid expert model based on federated learning to deal with the problem of alarm information analysis and identification. The hybrid expert system can divide the metering warning problem into multiple sub-problems for processing, which greatly improves the recognition and prediction accuracy. The experimental results show that our model has high accuracy in judging and identifying equipment faults.

While the existence of many security elements in software can be measured (e.g., vulnerabilities, security controls, or privacy controls), it is challenging to measure their relative security impact. In the physical world we can often measure the impact of individual elements to a system. However, in cyber security we often lack ground truth (i.e., the ability to directly measure significance). In this work we propose to solve this by leveraging human expert opinion to provide ground truth. Experts are iteratively asked to compare pairs of security elements to determine their relative significance. On the back end our knowledge encoding tool performs a form of binary insertion sort on a set of security elements using each expert as an oracle for the element comparisons. The tool not only sorts the elements (note that equality may be permitted), but it also records the strength or degree of each relationship. The output is a directed acyclic ‘constraint’ graph that provides a total ordering among the sets of equivalent elements. Multiple constraint graphs are then unified together to form a single graph that is used to generate a scoring or prioritization system.For our empirical study, we apply this domain-agnostic measurement approach to generate scoring/prioritization systems in the areas of vulnerability scoring, privacy control prioritization, and cyber security control evaluation.

Data Protection and Consenting Communication Mechanisms (DPCCMs) enable users to express their privacy decisions and manage their online consent. Thus, they can become a crucial means of protecting individuals' online privacy and agency, thereby replacing the current problematic practices such as “consent dialogues”. Based on an in-depth analysis of different DPCCMs, we propose an interdisciplinary set of factors that can be used for a comparison of such mechanisms. Moreover, we use the results from a qualitative expert study to identify some of the main multidisciplinary challenges that DPCCMs should address to become widely adopted data privacy mechanisms. We leverage both the factors and the challenges to compare two current open specifications, i.e. the Advanced Data Protection Control (ADPC) and the Global Privacy Control (GPC), and discuss future work.

Cloud computing is becoming a demanding technology due to its flexibility, sensibility and remote accessibility. Apart from these applications of cloud computing, privacy and security are two terms that pose a circumstantial discussion. Various authors have argued on this topic that cloud computing is more secure than other data sharing and storing methods. The conventional data storing system is a computer system or smartphone storage. The argument debate also states that cloud computing is vulnerable to enormous types of attacks which make it a more concerning technology. This current study has also tried to draw the circumstantial and controversial debate on the security and privacy system of cloud computing. Primary research has been conducted with 65 cloud computing experts to understand whether a cloud computing security technique is highly secure or not. An online survey has been conducted with them where they provided their opinions based on the security and privacy system of cloud computing. Findings showed that no particular technology is available which can provide maximum security. Although the respondents agreed that blockchain is a more secure cloud computing technology; however, the blockchain also has certain threats which need to be addressed. The study has found essential encryption systems that can be integrated to strengthen security; however, continuous improvement is required.

Data privacy is a key concern for smart contracts handling sensitive data. The existing work zkay addresses this concern by allowing developers without cryptographic expertise to enforce data privacy. However, while zkay avoids fundamental limitations of other private smart contract systems, it cannot express key applications that involve operations on foreign data.We present ZeeStar, a language and compiler allowing non-experts to instantiate private smart contracts and supporting operations on foreign data. The ZeeStar language allows developers to ergonomically specify privacy constraints using zkay’s privacy annotations. The ZeeStar compiler then provably realizes these constraints by combining non-interactive zero-knowledge proofs and additively homomorphic encryption.We implemented ZeeStar for the public blockchain Ethereum. We demonstrated its expressiveness by encoding 12 example contracts, including oblivious transfer and a private payment system like Zether. ZeeStar is practical: it prepares transactions for our contracts in at most 54.7s, at an average cost of 339k gas.

Artificial intelligence (AI) has been successfully employed in industries for decades, beginning with the invention of expert systems in the 1960s and continuing through the present ubiquity of deep learning. Data-driven AI solutions have grown increasingly common as a means of supporting ever-more complicated industrial processes owing to the accessibility of affordable computer and storage infrastructure. Despite recent optimism, implementing AI to smart industrial applications still offers major difficulties. The present paper gives an executive summary of AI methodologies with an emphasis on deep learning before detailing unresolved issues in AI safety, data privacy, and data quality — all of which are necessary for completely automated commercial AI systems.

With the advent of ease of access to the internet and an increase in digital literacy among citizens, digitization of the banking sector has throttled. Countries are now aiming for a cashless society. The introduction of a Unified Payment Interface (UPI) by the National Payments Corporation of India (NPCI) in April 2016 is a game-changer for cashless models. UPI payment model is currently considered the world’s most advanced payment system, and we see many countries adopting this cashless payment mode. With the increase in its popularity, there arises the increased need to strengthen the security posture of the payment solution. In this work, we explore the privacy challenges in the existing data flow of UPI models and propose approaches to preserve the privacy of customers using the Unified Payments Interface.

With the ubiquitous advancement in smart medical devices and systems, the potential of Remote Patient Monitoring (RPM) network is evolving in modern healthcare systems. The medical professionals (doctors, nurses, or medical experts) can access vitals and sensitive physiological information about the patients and provide proper treatment to improve the quality of life through the RPM network. However, the wireless nature of communication in the RPM network makes it challenging to design an efficient mechanism for secure communication. Many authentication schemes have been proposed in recent years to ensure the security of the RPM network. Pseudonym, digital signature, and Authenticated Key Exchange (AKE) protocols are used for the Internet of Medical Things (IoMT) to develop secure authorization and privacy-preserving communication. However, traditional authentication protocols face overhead challenges due to maintaining a large set of key-pairs or pseudonyms results on the hospital cloud server. In this research work, we identify this research gap and propose a novel secure and efficient privacy-preserving authentication scheme using cuckoo filters for the RPM network. The use of cuckoo filters in our proposed scheme provides an efficient way for mutual anonymous authentication and a secret shared key establishment process between medical professionals and patients. Moreover, we identify the misbehaving sensor nodes using a correlation-based anomaly detection model to establish secure communication. The security analysis and formal security validation using SPAN and AVISPA tools show the robustness of our proposed scheme against message modification attacks, replay attacks, and man-in-the-middle attacks.

Software vulnerabilities are closely monitored by the security community to timely address the security and privacy issues in software systems. Before a vulnerability is published by vulnerability management systems, it needs to be characterized to highlight its unique attributes, including affected software products and versions, to help security professionals prioritize their patches. Associating product names and versions with disclosed vulnerabilities may require a labor-intensive process that may delay their publication and fix, and thereby give attackers more time to exploit them. This work proposes a machine learning method to extract software product names and versions from unstructured CVE descriptions automatically. It uses Word2Vec and Char2Vec models to create context-aware features from CVE descriptions and uses these features to train a Named Entity Recognition (NER) model using bidirectional Long short-term memory (LSTM) networks. Based on the attributes of the product names and versions in previously published CVE descriptions, we created a set of Expert System (ES) rules to refine the predictions of the NER model and improve the performance of the developed method. Experiment results on real-life CVE examples indicate that using the trained NER model and the set of ES rules, software names and versions in unstructured CVE descriptions could be identified with F-Measure values above 0.95.

Developers of mobile applications rely on the trust of their customers. On the one hand the requirement exists to create feature-rich and secure apps, which adhere to privacy standards to not deliberately disclose user information. On the other hand the development process must be streamlined to reduce costs. Here third-party libraries come into play. Inclusion of many, possibly nested libraries pose security risks, app-creators are often not aware of. This paper presents a way to combine free open-source tools to support developers in checking their application that it does not induce security issues by using third-party libraries. The tools FlowDroid, Frida, and mitm-proxy are used in combination in a simple and viable way to perform checks to identify privacy leaks of third-party apps. Our proposed setup and configuration empowers average app developers to preserve user privacy without being dedicated security experts and without expensive external advice.

The problem of privacy protection of trajectory data has received increasing attention in recent years with the significant grow in the volume of users that contribute trajectory data with rich user information. This creates serious privacy concerns as exposing an individual's privacy information may result in attacks threatening the user's safety. In this demonstration we present TP$^\textrm3$ a novel practical framework for supporting trajectory privacy preservation in Mobile Cloud Environments (MCEs). In TP$^\textrm3$, non-expert users submit their trajectories and the system is responsible to determine their privacy exposure before sharing them to data analysts in return for various benefits, e.g. better recommendations. TP$^\textrm3$ makes a number of contributions: (a) It evaluates the privacy exposure of the users utilizing various privacy operations, (b) it is latency-efficient as it implements the privacy operations as serverless functions which can scale automatically to serve an increasing number of users with low latency, and (c) it is practical and cost-efficient as it exploits the serverless model to adapt to the demands of the users with low operational costs for the service provider. Finally, TP$^\textrm3$'s Web-UI provides insights to the service provider regarding the performance and the respective revenue from the service usage, while enabling the user to submit the trajectories with recommended preferences of privacy.

The development of marine environment monitoring equipment has been improved by leaps and bounds in recent years. Numerous types of marine environment monitoring equipment have mushroomed with a wide range of high-performance capabilities. However, the existing data recording software cannot meet the demands of real-time and comprehensive data recording in view of the growing data types and the exponential data growth rate generated by various types of marine environment monitoring equipment. Based on the above-mentioned conundrum, this paper proposes a multi-source heterogeneous marine environmental data acquisition and storage method, which can record and replay multi-source heterogeneous data based upon the needs of real-time and accurate performance and also possess good compatibility and expandability.