Visible to the public Biblio

Found 2105 results

Filters: First Letter Of Last Name is A  [Clear All Filters]
2021-11-08
Qaisar, Muhammad Umar Farooq, Wang, Xingfu, Hawbani, Ammar, Khan, Asad, Ahmed, Adeel, Wedaj, Fisseha Teju.  2020.  TORP: Load Balanced Reliable Opportunistic Routing for Asynchronous Wireless Sensor Networks. 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom). :1384–1389.
Opportunistic routing (OR) is gaining popularity in low-duty wireless sensor network (WSN), so the need for efficient and reliable data transmission is becoming more essential. Reliable transmission is only feasible if the routing protocols are secure and efficient. Due to high energy consumption, current cryptographic schemes for WSN are not suitable. Trust-based OR will ensure security and reliability with fewer resources and minimum energy consumption. OR selects the set of potential candidates for each sensor node using a prioritized metric by load balancing among the nodes. This paper introduces a trust-based load-balanced OR for duty-cycled wireless sensor networks. The candidates are prioritized on the basis of a trusted OR metric that is divided into two parts. First, the OR metric is based on the average of four probability distributions: the distance from node to sink distribution, the expected number of hops distribution, the node degree distribution, and the residual energy distribution. Second, the trust metric is based on the average of two probability distributions: the direct trust distribution and the recommended trust distribution. Finally, the trusted OR metric is calculated by multiplying the average of two metrics distributions in order to direct more traffic through the higher priority nodes. The simulation results show that our proposed protocol provides a significant improvement in the performance of the network compared to the benchmarks in terms of energy consumption, end to end delay, throughput, and packet delivery ratio.
Aygül, Mehmet Ali, Nazzal, Mahmoud, Ekti, Ali Rıza, Görçin, Ali, da Costa, Daniel Benevides, Ateş, Hasan Fehmi, Arslan, Hüseyin.  2020.  Spectrum Occupancy Prediction Exploiting Time and Frequency Correlations Through 2D-LSTM. 2020 IEEE 91st Vehicular Technology Conference (VTC2020-Spring). :1–5.
The identification of spectrum opportunities is a pivotal requirement for efficient spectrum utilization in cognitive radio systems. Spectrum prediction offers a convenient means for revealing such opportunities based on the previously obtained occupancies. As spectrum occupancy states are correlated over time, spectrum prediction is often cast as a predictable time-series process using classical or deep learning-based models. However, this variety of methods exploits time-domain correlation and overlooks the existing correlation over frequency. In this paper, differently from previous works, we investigate a more realistic scenario by exploiting correlation over time and frequency through a 2D-long short-term memory (LSTM) model. Extensive experimental results show a performance improvement over conventional spectrum prediction methods in terms of accuracy and computational complexity. These observations are validated over the real-world spectrum measurements, assuming a frequency range between 832-862 MHz where most of the telecom operators in Turkey have private uplink bands.
Afroz, Sabrina, Ariful Islam, S.M, Nawer Rafa, Samin, Islam, Maheen.  2020.  A Two Layer Machine Learning System for Intrusion Detection Based on Random Forest and Support Vector Machine. 2020 IEEE International Women in Engineering (WIE) Conference on Electrical and Computer Engineering (WIECON-ECE). :300–303.
Unauthorized access or intrusion is a massive threatening issue in the modern era. This study focuses on designing a model for an ideal intrusion detection system capable of defending a network by alerting the admins upon detecting any sorts of malicious activities. The study proposes a two layered anomaly-based detection model that uses filter co-relation method for dimensionality reduction along with Random forest and Support Vector Machine as its classifiers. It achieved a very good detection rate against all sorts of attacks including a low rate of false alarms as well. The contribution of this study is that it could be of a major help to the computer scientists designing good intrusion detection systems to keep an industry or organization safe from the cyber threats as it has achieved the desired qualities of a functional IDS model.
Abbas, Syed Ghazanfar, Zahid, Shahzaib, Hussain, Faisal, Shah, Ghalib A., Husnain, Muhammad.  2020.  A Threat Modelling Approach to Analyze and Mitigate Botnet Attacks in Smart Home Use Case. 2020 IEEE 14th International Conference on Big Data Science and Engineering (BigDataSE). :122–129.
Despite the surging development and utilization of IoT devices, the security of IoT devices is still in infancy. The security pitfalls of IoT devices have made it easy for hackers to take over IoT devices and use them for malicious activities like botnet attacks. With the rampant emergence of IoT devices, botnet attacks are surging. The botnet attacks are not only catastrophic for IoT device users but also for the rest of the world. Therefore, there is a crucial need to identify and mitigate the possible threats in IoT devices during the design phase. Threat modelling is a technique that is used to identify the threats in the earlier stages of the system design activity. In this paper, we propose a threat modelling approach to analyze and mitigate the botnet attacks in an IoT smart home use case. The proposed methodology identifies the development-level and application-level threats in smart home use case using STRIDE and VAST threat modelling methods. Moreover, we reticulate the identified threats with botnet attacks. Finally, we propose the mitigation techniques for all identified threats including the botnet threats.
Aitchison, Callum, Buckle, Roman, Ch'ng, Alvin, Clarke, Christian, Malley, Jacob, Halak, Basel.  2020.  On the Integration of Physically Unclonable Functions into ARM TrustZone Security Technology. 2020 European Conference on Circuit Theory and Design (ECCTD). :1–4.
As Internet of Things (IoT) devices are increasingly used in industry and become further integrated into our daily lives the security of such devices is of paramount concern. Ensuring that the large amount of information that these devices collect is protected and only accessible to authenticated users is a critical requirement of the industry. One potentially inexpensive way to improve device security utilises a Physically Unclonable Function (PUF) to generate a unique random response per device. This random response can be generated in such a way that it can be regenerated reliably and repeatably allowing the response to be considered a signature for each device. This signature could then be used for authentication or key generation purposes, improving trust in IoT devices. The advantage of a PUF based system is that the response does not need to be stored in nonvolatile memory as it is regenerated on demand, hardening the system against physical attacks. With SoC FPGAs being inexpensive and widely available there is potential for their use in both industrial and consumer applications as an additional layer of hardware security. In this paper we investigate and implement a Trusted Execution Environment (TEE) based around a PUF solely implemented in the FPGA fabric on a Xilinx Zynq-7000 SoC FPGA. The PUF response is used to seed a generic entropy maximisation function or Pseudorandom Number Generator (PRNG) with a system controller capable of encrypting data to be useful only to the device. This system interacts with a software platform running in the ARM TrustZone on the ARM Cortex core in the SoC, which handles requests between user programs and the FPGA. The proposed PUF-based security module can generate unique random keys able to pass all NIST tests and protects against physical attacks on buses and nonvolatile memories. These improvements are achieved at a cost of fewer than half the resources on the Zynq-7000 SoC FPGA.
Hedabou, Mustapha, Abdulsalam, Yunusa Simpa.  2020.  Efficient and Secure Implementation of BLS Multisignature Scheme on TPM. 2020 IEEE International Conference on Intelligence and Security Informatics (ISI). :1–6.
In many applications, software protection can not be sufficient to provide high security needed by some critical applications. A noteworthy example are the bitcoin wallets. Designed the most secure piece of software, their security can be compromised by a simple piece of malware infecting the device storing keys used for signing transactions. Secure hardware devices such as Trusted Platform Module (TPM) offers the ability to create a piece of code that can run unmolested by the rest of software applications hosted in the same machine. This has turned out to be a valuable approach for preventing several malware threats. Unfortunately, their restricted functionalities make them inconsistent with the use of multi and threshold signature mechanisms which are in the heart of real world cryptocurrency wallets implementation. This paper proposes an efficient multi-signature scheme that fits the requirement of the TPM. Based on discrete logarithm and pairings, our scheme does not require any interaction between signers and provide the same benefits as the well established BLS signature scheme. Furthermore, we proposed a formal model of our design and proved it security in a semi-honest model. Finally, we implemented a prototype of our design and studied its performance. From our experimental analysis, the proposed design is highly efficient and can serve as a groundwork for using TPM in future cryptocurrency wallets.
Khalfaoui, Chaima, Ayed, Samiha, Esseghir, Moez.  2020.  A Stochastic Approach for an Enhanced Trust Management in a Decentralized Healthcare Environment. 2020 16th International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob). :26–31.
Medical institutions are increasingly adopting IoT platforms to share data, communicate rapidly and improve healthcare treatment abilities. However, this trend is also raising the risk of potential data manipulation attacks. In decentralized networks, defense mechanisms against external entities have been widely enabled while protection against insider attackers is still the weakest link of the chain. Most of the platforms are based on the assumption that all the insider nodes are trustworthy. However, these nodes are exploiting of this assumption to lead manipulation attacks and violate data integrity and reliability without being detected. To address this problem, we propose a secure decentralized management system able to detect insider malicious nodes. Our proposal is based on a three layer architecture: storage layer, blockchain based network layer and IoT devices layer. In this paper, we mainly focus on the network layer where we propose to integrate a decentralized trust based authorization module. This latter allows updating dynamically the nodes access rights by observing and evaluating their behavior. To this aim, we combine probabilistic modelling and stochastic modelling to classify and predict the nodes behavior. Conducted performance evaluation and security analysis show that our proposition provides efficient detection of malicious nodes compared to other trust based management approaches.
2021-10-12
Suharsono, Teguh Nurhadi, Anggraini, Dini, Kuspriyanto, Rahardjo, Budi, Gunawan.  2020.  Implementation of Simple Verifiability Metric to Measure the Degree of Verifiability of E-Voting Protocol. 2020 14th International Conference on Telecommunication Systems, Services, and Applications (TSSA. :1–3.
Verifiability is one of the parameters in e-voting that can increase confidence in voting technology with several parties ensuring that voters do not change their votes. Voting has become an important part of the democratization system, both to make choices regarding policies, to elect representatives to sit in the representative assembly, and to elect leaders. the more voters and the wider the distribution, the more complex the social life, and the need to manage the voting process efficiently and determine the results more quickly, electronic-based voting (e-Voting) is becoming a more promising option. The level of confidence in voting depends on the capabilities of the system. E-voting must have parameters that can be used as guidelines, which include the following: Accuracy, Invulnerability, Privacy and Verifiability. The implementation of the simple verifiability metric to measure the degree of verifiability in the e-voting protocol, the researchers can calculate the degree of verifiability in the e-voting protocol and the researchers have been able to assess the proposed e-voting protocol with the standard of the best degree of verifiability is 1, where the value of 1 is is absolutely verified protocol.
Yang, Howard H., Arafa, Ahmed, Quek, Tony Q. S., Vincent Poor, H..  2020.  Age-Based Scheduling Policy for Federated Learning in Mobile Edge Networks. ICASSP 2020 - 2020 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP). :8743–8747.
Federated learning (FL) is a machine learning model that preserves data privacy in the training process. Specifically, FL brings the model directly to the user equipments (UEs) for local training, where an edge server periodically collects the trained parameters to produce an improved model and sends it back to the UEs. However, since communication usually occurs through a limited spectrum, only a portion of the UEs can update their parameters upon each global aggregation. As such, new scheduling algorithms have to be engineered to facilitate the full implementation of FL. In this paper, based on a metric termed the age of update (AoU), we propose a scheduling policy by jointly accounting for the staleness of the received parameters and the instantaneous channel qualities to improve the running efficiency of FL. The proposed algorithm has low complexity and its effectiveness is demonstrated by Monte Carlo simulations.
Adibi, Mahya, van der Woude, Jacob.  2020.  Distributed Learning Control for Economic Power Dispatch: A Privacy Preserved Approach*. 2020 IEEE 29th International Symposium on Industrial Electronics (ISIE). :821–826.
We present a privacy-preserving distributed reinforcement learning-based control scheme to address the problem of frequency control and economic dispatch in power generation systems. The proposed control approach requires neither a priori system model knowledge nor the mathematical formulation of the generation cost functions. Due to not requiring the generation cost models, the control scheme is capable of dealing with scenarios in which the cost functions are hard to formulate and/or non-convex. Furthermore, it is privacy-preserving, i.e. none of the units in the network needs to communicate its cost function and/or control policy to its neighbors. To realize this, we propose an actor-critic algorithm with function approximation in which the actor step is performed individually by each unit with no need to infer the policies of others. Moreover, in the critic step each generation unit shares its estimate of the local measurements and the estimate of its cost function with the neighbors, and via performing a consensus algorithm, a consensual estimate is achieved. The performance of our proposed control scheme, in terms of minimizing the overall cost while persistently fulfilling the demand and fast reaction and convergence of our distributed algorithm, is demonstrated on a benchmark case study.
El-Sobky, Mariam, Sarhan, Hisham, Abu-ElKheir, Mervat.  2020.  Security Assessment of the Contextual Multi-Armed Bandit - RL Algorithm for Link Adaptation. 2020 2nd Novel Intelligent and Leading Emerging Sciences Conference (NILES). :514–519.
Industry is increasingly adopting Reinforcement Learning algorithms (RL) in production without thoroughly analyzing their security features. In addition to the potential threats that may arise if the functionality of these algorithms is compromised while in operation. One of the well-known RL algorithms is the Contextual Multi-Armed Bandit (CMAB) algorithm. In this paper, we explore how the CMAB can be used to solve the Link Adaptation problem - a well-known problem in the telecommunication industry by learning the optimal transmission parameters that will maximize a communication link's throughput. We analyze the potential vulnerabilities of the algorithm and how they may adversely affect link parameters computation. Additionally, we present a provable security assessment for the Contextual Multi-Armed Bandit Reinforcement Learning (CMAB-RL) algorithm in a network simulated environment using Ray. This is by demonstrating CMAB security vulnerabilities theoretically and practically. Some security controls are proposed for CMAB agent and the surrounding environment. In order to fix those vulnerabilities and mitigate the risk. These controls can be applied to other RL agents in order to design more robust and secure RL agents.
Hassan, Mehmood, Sultan, Aiman, Awan, Ali Afzal, Tahir, Shahzaib, Ihsan, Imran.  2020.  An Enhanced and Secure Multiserver-based User Authentication Protocol. 2020 International Conference on Cyber Warfare and Security (ICCWS). :1–6.
The extensive use of the internet and web-based applications spot the multiserver authentication as a significant component. The users can get their services after authenticating with the service provider by using similar registration records. Various protocol schemes are developed for multiserver authentication, but the existing schemes are not secure and often lead towards various vulnerabilities and different security issues. Recently, Zhao et al. put forward a proposal for smart card and user's password-based authentication protocol for the multiserver environment and showed that their proposed protocol is efficient and secure against various security attacks. This paper points out that Zhao et al.'s authentication scheme is susceptive to traceability as well as anonymity attacks. Thus, it is not feasible for the multiserver environment. Furthermore, in their scheme, it is observed that a user while authenticating does not send any information with any mention of specific server identity. Therefore, this paper proposes an enhanced, efficient and secure user authentication scheme for use in any multiserver environment. The formal security analysis and verification of the protocol is performed using state-of-the-art tool “ProVerif” yielding that the proposed scheme provides higher levels of security.
Al Omar, Abdullah, Jamil, Abu Kaisar, Nur, Md. Shakhawath Hossain, Hasan, Md Mahamudul, Bosri, Rabeya, Bhuiyan, Md Zakirul Alam, Rahman, Mohammad Shahriar.  2020.  Towards A Transparent and Privacy-Preserving Healthcare Platform with Blockchain for Smart Cities. 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom). :1291–1296.
In smart cities, data privacy and security issues of Electronic Health Record(EHR) are grabbing importance day by day as cyber attackers have identified the weaknesses of EHR platforms. Besides, health insurance companies interacting with the EHRs play a vital role in covering the whole or a part of the financial risks of a patient. Insurance companies have specific policies for which patients have to pay them. Sometimes the insurance policies can be altered by fraudulent entities. Another problem that patients face in smart cities is when they interact with a health organization, insurance company, or others, they have to prove their identity to each of the organizations/companies separately. Health organizations or insurance companies have to ensure they know with whom they are interacting. To build a platform where a patient's personal information and insurance policy are handled securely, we introduce an application of blockchain to solve the above-mentioned issues. In this paper, we present a solution for the healthcare system that will provide patient privacy and transparency towards the insurance policies incorporating blockchain. Privacy of the patient information will be provided using cryptographic tools.
Zaeem, Razieh Nokhbeh, Anya, Safa, Issa, Alex, Nimergood, Jake, Rogers, Isabelle, Shah, Vinay, Srivastava, Ayush, Barber, K. Suzanne.  2020.  PrivacyCheck's Machine Learning to Digest Privacy Policies: Competitor Analysis and Usage Patterns. 2020 IEEE/WIC/ACM International Joint Conference on Web Intelligence and Intelligent Agent Technology (WI-IAT). :291–298.
Online privacy policies are lengthy and hard to comprehend. To address this problem, researchers have utilized machine learning (ML) to devise tools that automatically summarize online privacy policies for web users. One such tool is our free and publicly available browser extension, PrivacyCheck. In this paper, we enhance PrivacyCheck by adding a competitor analysis component-a part of PrivacyCheck that recommends other organizations in the same market sector with better privacy policies. We also monitored the usage patterns of about a thousand actual PrivacyCheck users, the first work to track the usage and traffic of an ML-based privacy analysis tool. Results show: (1) there is a good number of privacy policy URLs checked repeatedly by the user base; (2) the users are particularly interested in privacy policies of software services; and (3) PrivacyCheck increased the number of times a user consults privacy policies by 80%. Our work demonstrates the potential of ML-based privacy analysis tools and also sheds light on how these tools are used in practice to give users actionable knowledge they can use to pro-actively protect their privacy.
Radhakrishnan, C., Karthick, K., Asokan, R..  2020.  Ensemble Learning Based Network Anomaly Detection Using Clustered Generalization of the Features. 2020 2nd International Conference on Advances in Computing, Communication Control and Networking (ICACCCN). :157–162.
Due to the extraordinary volume of business information, classy cyber-attacks pointing the networks of all enterprise have become more casual, with intruders trying to pierce vast into and grasp broader from the compromised network machines. The vital security essential is that field experts and the network administrators have a common terminology to share the attempt of intruders to invoke the system and to rapidly assist each other retort to all kind of threats. Given the enormous huge system traffic, traditional Machine Learning (ML) algorithms will provide ineffective predictions of the network anomaly. Thereby, a hybridized multi-model system can improve the accuracy of detecting the intrusion in the networks. In this manner, this article presents a novel approach Clustered Generalization oriented Ensemble Learning Model (CGELM) for predicting the network anomaly. The performance metrics of the anticipated approach are Detection Rate (DR) and False Predictive Rate (FPR) for the two heterogeneous data sets namely NSL-KDD and UGR'16. The proposed method provides 98.93% accuracy for DR and 0.14% of FPR against Decision Stump AdaBoost and Stacking Ensemble methods.
Ivaki, Naghmeh, Antunes, Nuno.  2020.  SIDE: Security-Aware Integrated Development Environment. 2020 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW). :149–150.
An effective way for building secure software is to embed security into software in the early stages of software development. Thus, we aim to study several evidences of code anomalies introduced during the software development phase, that may be indicators of security issues in software, such as code smells, structural complexity represented by diverse software metrics, the issues detected by static code analysers, and finally missing security best practices. To use such evidences for vulnerability prediction and removal, we first need to understand how they are correlated with security issues. Then, we need to discover how these imperfect raw data can be integrated to achieve a reliable, accurate and valuable decision about a portion of code. Finally, we need to construct a security actuator providing suggestions to the developers to remove or fix the detected issues from the code. All of these will lead to the construction of a framework, including security monitoring, security analyzer, and security actuator platforms, that are necessary for a security-aware integrated development environment (SIDE).
Ackley, Darryl, Yang, Hengzhao.  2020.  Exploration of Smart Grid Device Cybersecurity Vulnerability Using Shodan. 2020 IEEE Power Energy Society General Meeting (PESGM). :1–5.
The generation, transmission, distribution, and storage of electric power is becoming increasingly decentralized. Advances in Distributed Energy Resources (DERs) are rapidly changing the nature of the power grid. Moreover, the accommodation of these new technologies by the legacy grid requires that an increasing number of devices be Internet connected so as to allow for sensor and actuator information to be collected, transmitted, and processed. With the wide adoption of the Internet of Things (IoT), the cybersecurity vulnerabilities of smart grid devices that can potentially affect the stability, reliability, and resilience of the power grid need to be carefully examined and addressed. This is especially true in situations in which smart grid devices are deployed with default configurations or without reasonable protections against malicious activities. While much work has been done to characterize the vulnerabilities associated with Supervisory Control and Data Acquisition (SCADA) and Industrial Control System (ICS) devices, this paper demonstrates that similar vulnerabilities associated with the newer class of IoT smart grid devices are becoming a concern. Specifically, this paper first performs an evaluation of such devices using the Shodan platform and text processing techniques to analyze a potential vulnerability involving the lack of password protection. This work further explores several Shodan search terms that can be used to identify additional smart grid components that can be evaluated in terms of cybersecurity vulnerabilities. Finally, this paper presents recommendations for the more secure deployment of such smart grid devices.
2021-10-04
Zhong, Chiyang, Sakis Meliopoulos, A. P., AlOwaifeer, Maad, Xie, Jiahao, Ilunga, Gad.  2020.  Object-Oriented Security Constrained Quadratic Optimal Power Flow. 2020 IEEE Power Energy Society General Meeting (PESGM). :1–5.
Increased penetration of distributed energy resources (DERs) creates challenges in formulating the security constrained optimal power flow (SCOPF) problem as the number of models for these resources proliferate. Specifically, the number of devices with different mathematical models is large and their integration into the SCOPF becomes tedious. Henceforth, a process that seamlessly models and integrates such new devices into the SCOPF problem is needed. We propose an object-oriented modeling approach that leads to the autonomous formation of the SCOPF problem. All device models in the system are cast into a universal syntax. We have also introduced a quadratization method which makes the models consisting of linear and quadratic equations, if nonlinear. We refer to this model as the State and Control Quadratized Device Model (SCQDM). The SCQDM includes a number of equations and a number of inequalities expressing the operating limits of the device. The SCOPF problem is then formed in a seamless manner by operating only on the SCQDM device objects. The SCOPF problem, formed this way, is also quadratic (i.e. consists of linear and quadratic equations), and of the same form and syntax as the SCQDM for an individual device. For this reason, we named it security constrained quadratic optimal power flow (SCQOPF). We solve the SCQOPF problem using a sequential linear programming (SLP) algorithm and compare the results with those obtained from the commercial solver Knitro on the IEEE 57 bus system.
Abbas Hamdani, Syed Wasif, Waheed Khan, Abdul, Iltaf, Naima, Iqbal, Waseem.  2020.  DTMSim-IoT: A Distributed Trust Management Simulator for IoT Networks. 2020 IEEE Intl Conf on Dependable, Autonomic and Secure Computing, Intl Conf on Pervasive Intelligence and Computing, Intl Conf on Cloud and Big Data Computing, Intl Conf on Cyber Science and Technology Congress (DASC/PiCom/CBDCom/CyberSciTech). :491–498.
In recent years, several trust management frame-works and models have been proposed for the Internet of Things (IoT). Focusing primarily on distributed trust management schemes; testing and validation of these models is still a challenging task. It requires the implementation of the proposed trust model for verification and validation of expected outcomes. Nevertheless, a stand-alone and standard IoT network simulator for testing of distributed trust management scheme is not yet available. In this paper, a .NET-based Distributed Trust Management Simulator for IoT Networks (DTMSim-IoT) is presented which enables the researcher to implement any static/dynamic trust management model to compute the trust value of a node. The trust computation will be calculated based on the direct-observation and trust value is updated after every transaction. Transaction history and logs of each event are maintained which can be viewed and exported as .csv file for future use. In addition to that, the simulator can also draw a graph based on the .csv file. Moreover, the simulator also offers to incorporate the feature of identification and mitigation of the On-Off Attack (OOA) in the IoT domain. Furthermore, after identifying any malicious activity by any node in the networks, the malevolent node is added to the malicious list and disseminated in the network to prevent potential On-Off attacks.
Mohiuddin, Irfan, Almogren, Ahmad.  2020.  Security Challenges and Strategies for the IoT in Cloud Computing. 2020 11th International Conference on Information and Communication Systems (ICICS). :367–372.
The Internet of Things is progressively turning into a pervasive computing service, needing enormous volumes of data storage and processing. However, due to the distinctive properties of resource constraints, self-organization, and short-range communication in Internet of Things (IoT), it always adopts to cloud for outsourced storage and computation. This integration of IoT with cloud has a row of unfamiliar security challenges for the data at rest. Cloud computing delivers highly scalable and flexible computing and storage resources on pay-per-use policy. Cloud computing services for computation and storage are getting increasingly popular and many organizations are now moving their data from in-house data centers to the Cloud Storage Providers (CSPs). Time varying workload and data intensive IoT applications are vulnerable to encounter challenges while using cloud computing services. Additionally, the encryption techniques and third-party auditors to maintain data integrity are still in their developing stage and therefore the data at rest is still a concern for IoT applications. In this paper, we perform an analysis study to investigate the challenges and strategies adapted by Cloud Computing to facilitate a safe transition of IoT applications to the Cloud.
Sayed, Ammar Ibrahim El, Aziz, Mahmoud Abdel, Azeem, Mohamed Hassan Abdel.  2020.  Blockchain Decentralized IoT Trust Management. 2020 International Conference on Innovation and Intelligence for Informatics, Computing and Technologies (3ICT). :1–6.
IoT adds more flexibility in many areas of applications to makes it easy to monitor and manage data instantaneously. However, IoT has many challenges regarding its security and storage issues. Moreover, the third-party trusting agents of IoT devices do not support sufficient security level between the network peers. This paper proposes improving the trust, processing power, and storage capability of IoT in distributed system topology by adopting the blockchain approach. An application, IoT Trust Management (ITM), is proposed to manage the trust of the shared content through the blockchain network, e.g., supply chain. The essential key in ITM is the trust management of IoT devices data are done using peer to peer (P2P), i.e., no third-party. ITM is running on individual python nodes and interact with frontend applications creating decentralized applications (DApps). The IoT data shared and stored in a ledger, which has the IoT device published details and data. ITM provides a higher security level to the IoT data shared on the network, such as unparalleled security, speed, transparency, cost reduction, check data, and Adaptability.
Sallal, Muntadher, Owenson, Gareth, Adda, Mo.  2020.  Security and Performance Evaluation of Master Node Protocol in the Bitcoin Peer-to-Peer Network. 2020 IEEE Symposium on Computers and Communications (ISCC). :1–6.
This paper proposes a proximity-aware extensions to the current Bitcoin protocol, named Master Node Based Clustering (MNBC). The ultimate purpose of the proposed protocol is to evaluate the security and performance of grouping nodes based on physical proximity. In MNBC protocol, physical internet connectivity increases as well as the number of hops between nodes decreases through assigning nodes to be responsible for propagating based on physical internet proximity.
Alsoghyer, Samah, Almomani, Iman.  2020.  On the Effectiveness of Application Permissions for Android Ransomware Detection. 2020 6th Conference on Data Science and Machine Learning Applications (CDMA). :94–99.
Ransomware attack is posting a serious threat against Android devices and stored data that could be locked or/and encrypted by such attack. Existing solutions attempt to detect and prevent such attack by studying different features and applying various analysis mechanisms including static, dynamic or both. In this paper, recent ransomware detection solutions were investigated and compared. Moreover, a deep analysis of android permissions was conducted to identify significant android permissions that can discriminate ransomware with high accuracy before harming users' devices. Consequently, based on the outcome of this analysis, a permissions-based ransomware detection system is proposed. Different classifiers were tested to build the prediction model of this detection system. After the evaluation of the ransomware detection service, the results revealed high detection rate that reached 96.9%. Additionally, the newly permission-based android dataset constructed in this research will be made available to researchers and developers for future work.
AIT ALI, Mohamed Elamine, AGOUZOUL, Mohamed, AANNAQUE, Abdeslam.  2020.  Analytical and numerical study of an oscillating liquid inside a U-tube used as wave energy converter. 2020 5th International Conference on Renewable Energies for Developing Countries (REDEC). :1–5.
The objective of this work is to study, using an analytical approach and a numerical simulation, the dynamic behavior of an oscillating liquid inside a fixed U-tube with open ends used as wave energy converter. By establishing a detailed liquid's motion equation and developing a numerical simulation, based on volume of fluid formulation, we quantified the available power that could be extracted for our configuration. A parametrical study using the analytical model showed the effect of each significant parameter on first peak power and subsequent dampening of this peak power, which constitutes a tool for choosing optimal designs. The numerical simulation gave a more realistic model, the obtained results are in good agreements with those of the analytical approach that underestimates the dampening of oscillations. We focused after on influence of the numerical model formulation, mesh type and mesh size on simulation results: no noticeable effect was observed.
Badran, Sultan, Arman, Nabil, Farajallah, Mousa.  2020.  Towards a Hybrid Data Partitioning Technique for Secure Data Outsourcing. 2020 21st International Arab Conference on Information Technology (ACIT). :1–9.
In light of the progress achieved by the technology sector in the areas of internet speed and cloud services development, and in addition to other advantages provided by the cloud such as reliability and easy access from anywhere and anytime, most data owners find an opportunity to take advantage of the cloud to store data. However, data owners find a challenge that was and is still facing them in the field of outsourcing, which is protecting sensitive data from leakage. Researchers found that partitioning data into partitions, based on data sensitivity, can be used to protect data from leakage and to increase performance by storing the partition, which contains sensitive data in an encrypted form. In this paper, we review the methods used in designing partitions and dividing data approaches. A hybrid data partitioning approach is proposed to improve these techniques. We consider the frequency attack types used to guess the sensitive data and the most important properties that must be available in order for the encryption to be strong against frequency attacks.