Your Smart Home Can't Keep a Secret: Towards Automated Fingerprinting of IoT Traffic with Neural Networks

The IoT (Internet of Things) technology has been widely adopted in recent years and has profoundly changed the people's daily lives. However, in the meantime, such a fast-growing technology has also introduced new privacy issues, which need to be better understood and measured. In this work, we look into how private information can be leaked from network traffic generated in the smart home network. Although researchers have proposed techniques to infer IoT device types or user behaviors under clean experiment setup, the effectiveness of such approaches become questionable in the complex but realistic network environment, where common techniques like Network Address and Port Translation (NAPT) and Virtual Private Network (VPN) are enabled. Traffic analysis using traditional methods (e.g., through classical machine-learning models) is much less effective under those settings, as the features picked manually are not distinctive any more. In this work, we propose a traffic analysis framework based on sequence-learning techniques like LSTM and leveraged the temporal relations between packets for the attack of device identification. We evaluated it under different environment settings (e.g., pure-IoT and noisy environment with multiple non-IoT devices). The results showed our framework was able to differentiate device types with a high accuracy. This result suggests IoT network communications pose prominent challenges to users' privacy, even when they are protected by encryption and morphed by the network gateway. As such, new privacy protection methods on IoT traffic need to be developed towards mitigating this new issue

Predicting Temporal Aspects of Movement for Predictive Replication in Fog Environments

To fully exploit the benefits of the fog environment, efficient management of data locality is crucial. Blind or reactive data replication falls short in harnessing the potential of fog computing, necessitating more advanced techniques for predicting where and when clients will connect. While spatial prediction has received considerable attention, temporal prediction remains understudied. Our paper addresses this gap by examining the advantages of incorporating temporal prediction into existing spatial prediction models. We also provide a comprehensive analysis of spatio-temporal prediction models, such as Deep Neural Networks and Markov models, in the context of predictive replication. We propose a novel model using Holt-Winter's Exponential Smoothing for temporal prediction, leveraging sequential and periodical user movement patterns. In a fog network simulation with real user trajectories our model achieves a 15% reduction in excess data with a marginal 1% decrease in data availability

An adaptive trust based service quality monitoring mechanism for cloud computing

Cloud computing is the newest paradigm in distributed computing that delivers computing resources over the Internet as services. Due to the attractiveness of cloud computing, the market is currently flooded with many service providers. This has necessitated the customers to identify the right one meeting their requirements in terms of service quality. The existing monitoring of service quality has been limited only to quantification in cloud computing. On the other hand, the continuous improvement and distribution of service quality scores have been implemented in other distributed computing paradigms but not specifically for cloud computing. This research investigates the methods and proposes mechanisms for quantifying and ranking the service quality of service providers. The solution proposed in this thesis consists of three mechanisms, namely service quality modeling mechanism, adaptive trust computing mechanism and trust distribution mechanism for cloud computing. The Design Research Methodology (DRM) has been modified by adding phases, means and methods, and probable outcomes. This modified DRM is used throughout this study. The mechanisms were developed and tested gradually until the expected outcome has been achieved. A comprehensive set of experiments were carried out in a simulated environment to validate their effectiveness. The evaluation has been carried out by comparing their performance against the combined trust model and QoS trust model for cloud computing along with the adapted fuzzy theory based trust computing mechanism and super-agent based trust distribution mechanism, which were developed for other distributed systems. The results show that the mechanisms are faster and more stable than the existing solutions in terms of reaching the final trust scores on all three parameters tested. The results presented in this thesis are significant in terms of making cloud computing acceptable to users in verifying the performance of the service providers before making the selection

A trend study on the impact of social media on advertisement

This paper presents a comprehensive scientometric study for the impact of social networks on advertisement. The study uses the Scopus database as a search engine to accomplish the survey. To better understand the evolution and identity of this category, the study covers 1216 most cited data over the period 1983-2019. Qualitative and quantitative data analysis techniques are applied to determine author distribution, country, individual and institutional-level productivity rankings. In terms of keywords, the study indicates that social media was jointly studied with gender and be-havior and researchers from the United States maintained the highest rate of contribution. The survey also indicates that there were strong collaboration between the researchers from China and United States. Moreover, there were also remarkable collaborations between the researchers in United States from one side and other countries

A Comprehensive Bibliometric Analysis on Social Network Anonymization: Current Approaches and Future Directions

In recent decades, social network anonymization has become a crucial research field due to its pivotal role in preserving users' privacy. However, the high diversity of approaches introduced in relevant studies poses a challenge to gaining a profound understanding of the field. In response to this, the current study presents an exhaustive and well-structured bibliometric analysis of the social network anonymization field. To begin our research, related studies from the period of 2007-2022 were collected from the Scopus Database then pre-processed. Following this, the VOSviewer was used to visualize the network of authors' keywords. Subsequently, extensive statistical and network analyses were performed to identify the most prominent keywords and trending topics. Additionally, the application of co-word analysis through SciMAT and the Alluvial diagram allowed us to explore the themes of social network anonymization and scrutinize their evolution over time. These analyses culminated in an innovative taxonomy of the existing approaches and anticipation of potential trends in this domain. To the best of our knowledge, this is the first bibliometric analysis in the social network anonymization field, which offers a deeper understanding of the current state and an insightful roadmap for future research in this domain.Comment: 73 pages, 28 figure

Demystifying Privacy Policy of Third-Party Libraries in Mobile Apps

The privacy of personal information has received significant attention in mobile software. Although previous researchers have designed some methods to identify the conflict between app behavior and privacy policies, little is known about investigating regulation requirements for third-party libraries (TPLs). The regulators enacted multiple regulations to regulate the usage of personal information for TPLs (e.g., the "California Consumer Privacy Act" requires businesses clearly notify consumers if they share consumers' data with third parties or not). However, it remains challenging to analyze the legality of TPLs due to three reasons: 1) TPLs are mainly published on public repositoriesinstead of app market (e.g., Google play). The public repositories do not perform privacy compliance analysis for each TPL. 2) TPLs only provide independent functions or function sequences. They cannot run independently, which limits the application of performing dynamic analysis. 3) Since not all the functions of TPLs are related to user privacy, we must locate the functions of TPLs that access/process personal information before performing privacy compliance analysis. To overcome the above challenges, in this paper, we propose an automated system named ATPChecker to analyze whether the Android TPLs meet privacy-related regulations or not. Our findings remind developers to be mindful of TPL usage when developing apps or writing privacy policies to avoid violating regulation

A survey of cognitive radio handoff schemes, challenges and issues for industrial wireless sensor networks (CR-IWSN)

Industrial wireless sensor network (IWSN) applications are mostly time-bound, mission-critical and highly delay sensitive applications therefore IWSN defines strict, stringent and unique QoS requirements such as timeliness, reliability and availability. In IWSN, unlike other sensor networks, late arrival of packets or delay or disruption to an on-going communication are considered as critical failure. Also, because IWSN is deployed in the overcrowded industrial, scientific, and medical (ISM) band it is difficult to meet this unique QoS requirements due to stiff competition for bandwidth from other technologies operating in ISM band resulting in scarcity of spectrum for reliable communication and/or disruption of ongoing communication. However, cognitive radio (CR) provides more spectral opportunities through opportunistic-use of unused licensed spectrum while ensuring minimal interference to licensed users. Similarly, spectrum handoff, which is a new type of handoff in cognitive radio, has the potential to offer increase bandwidth, reliable, smooth and interference-free communication for IWSNs through opportunistic-use of spectrum, minimal switching-delays, and efficient target channel selection strategies as well as effective link recovery maintenance. As a result, a new paradigm known as cognitive radio industrial wireless sensor network (CR-IWSN) has become the interest of recent research efforts. In this paper, we highlight and discuss important QoS requirements of IWSN as well as efforts of existing IWSN standards to address the challenges. We discuss the potential and how cognitive radio and spectrum handoff can be useful in the attempt to provide real-time reliable and smooth communication for IWSNs.The Council for Scientific and Industrial Research (CSIR), South Africa [ICT: Meraka].http://www.elsevier.com/locate/jnca2018-11-01hj2017Electrical, Electronic and Computer Engineerin