Security on Medical Wireless Sensor Networks

Wireless technology is fast becoming a very important tool for all aspects of communication. An area that lacks a strong implementation for wireless communication is the medical field. Wireless systems could be used by clinicians to be better able to diagnose and monitor patients. The reason behind the lack of adoption in healthcare is due to the need to meet the legislated and perceived requirements of security and privacy when dealing with clinical information. The current methods of wireless authentication are investigated and an existing issue in mobile networks is described and solved with two novel solutions; one solution within GSM and the other within UMTS. Strong authentication protocols are developed based on the existing wireless protocols, while using minimal messages and symmetric operations to limit resource utilization to meet the needs of the healthcare environment. To ensure the quality of the protocol a BAN (Burrows-Abadi-Needham logic) analysis is performed which verifies that the desired goals of the protocols are appropriately met within the results analysis. The developed security protocol is shown to be secure, uses minimal messages to maintain efficiency and meets the legal requirements to be used in medical wireless sensor networks

The Proceedings of 15th Australian Information Security Management Conference, 5-6 December, 2017, Edith Cowan University, Perth, Australia

Conference Foreword The annual Security Congress, run by the Security Research Institute at Edith Cowan University, includes the Australian Information Security and Management Conference. Now in its fifteenth year, the conference remains popular for its diverse content and mixture of technical research and discussion papers. The area of information security and management continues to be varied, as is reflected by the wide variety of subject matter covered by the papers this year. The papers cover topics from vulnerabilities in “Internet of Things” protocols through to improvements in biometric identification algorithms and surveillance camera weaknesses. The conference has drawn interest and papers from within Australia and internationally. All submitted papers were subject to a double blind peer review process. Twenty two papers were submitted from Australia and overseas, of which eighteen were accepted for final presentation and publication. We wish to thank the reviewers for kindly volunteering their time and expertise in support of this event. We would also like to thank the conference committee who have organised yet another successful congress. Events such as this are impossible without the tireless efforts of such people in reviewing and editing the conference papers, and assisting with the planning, organisation and execution of the conference. To our sponsors, also a vote of thanks for both the financial and moral support provided to the conference. Finally, thank you to the administrative and technical staff, and students of the ECU Security Research Institute for their contributions to the running of the conference

ACCE-GOV: a new theoretical framework for cloud computing adoption for e-government system in developing countries (Saudi Arabia perspective)

Electronic government (e-government) systems formed from the aggregation of various government organisations providing online services through web interfaces have become more common. This is a consequence of increasing use of the Internet to access information and services whereby governments engage new technologies to provide information and data to increase the effective adoption of their organisations’ online services. One technology that serves to enhance the provision of online services is cloud computing. A cloud is a model that functions as a parallel system and a distributor; and consists of a set of interconnected virtual machines that are dynamically displayed and connected to share the service that has been established by the service provider. Therefore, if e-government organisations systems suffer from numerous barriers to the adoption of new technologies, that would have various impacts on the development of effective e-government. Most of the government organisations have been suffering to overcome the issues in the IT infrastructure of the e-government system. This research thus also assists the government decision-makers to understand these factors in seeking to improve e-government systems. The research aims to determine and examine the more critical factors that influence the adoption of cloud computing in an e-government system takes into account the experiences of top government management and IT employees in government organisations. The theoretical research model of adoption of cloud computing in e-government based on a Technology, Organisations and Environment (TOE) framework with extending a Social context. Consequently, a conceptual framework has proposed the successful development and adoption of cloud computing in the e-government system (ACCE-GOV). The research method has been applied a mixed methods research methodology; with quantitative (survey) and qualitative (semi-structured interviews) methods used in a complementary manner. The main method of data collection was quantitative and utilised a survey questionnaire. The target sample size was around 383 respondents. The quantitative data was analysed using descriptive statistics as well as the structural equation model (SEM). The qualitative research data were collected via 8 detailed semi-structured interviews to represent the perspectives of senior IT managers in eight Saudi government organisations. A thematic analysis was carried out to analysing data. The results of research make a significant contribution to investigate the critical factors that should be taken into account by the Saudi government to develop an e-government system via the adoption of cloud computing. This research investigated the critical factors identified in the theoretical framework (ACCE-GOV). The research findings provide valuable information for top management in Saudi government organisations about what needs to be considered for enhancing the adoption of cloud computing in e-government system. This study has confirmed that there is a significant relationship between both trust and attitude with the adoption of cloud computing, however, an awareness and compatibility show that no significant relationship with the adoption of cloud computing for e-government systems

Computational Methods for Medical and Cyber Security

Over the past decade, computational methods, including machine learning (ML) and deep learning (DL), have been exponentially growing in their development of solutions in various domains, especially medicine, cybersecurity, finance, and education. While these applications of machine learning algorithms have been proven beneficial in various fields, many shortcomings have also been highlighted, such as the lack of benchmark datasets, the inability to learn from small datasets, the cost of architecture, adversarial attacks, and imbalanced datasets. On the other hand, new and emerging algorithms, such as deep learning, one-shot learning, continuous learning, and generative adversarial networks, have successfully solved various tasks in these fields. Therefore, applying these new methods to life-critical missions is crucial, as is measuring these less-traditional algorithms' success when used in these fields

New techniques and framework for sentiment analysis and tuning of CRM structure in the context of Arabic language

A thesis submitted to the University of Bedfordshire in partial fulfilment of the requirements for the degree of Doctor of PhilosophyKnowing customers’ opinions regarding services received has always been important for businesses. It has been acknowledged that both Customer Experience Management (CEM) and Customer Relationship Management (CRM) can help companies take informed decisions to improve their performance in the decision-making process. However, real-word applications are not so straightforward. A company may face hard decisions over the differences between the opinions predicted by CRM and actual opinions collected in CEM via social media platforms. Until recently, how to integrate the unstructured feedback from CEM directly into CRM, especially for the Arabic language, was still an open question. Furthermore, an accurate labelling of unstructured feedback is essential for the quality of CEM. Finally, CRM needs to be tuned and revised based on the feedback from social media to realise its full potential. However, the tuning mechanism for CEM of different levels has not yet been clarified. Facing these challenges, in this thesis, key techniques and a framework are presented to integrate Arabic sentiment analysis into CRM. First, as text pre-processing and classification are considered crucial to sentiment classification, an investigation is carried out to find the optimal techniques for the pre-processing and classification of Arabic sentiment analysis. Recommendations for using sentiment analysis classification in MSA as well as Saudi dialects are proposed. Second, to deal with the complexities of the Arabic language and to help operators identify possible conflicts in their original labelling, this study proposes techniques to improve the labelling process of Arabic sentiment analysis with the introduction of neural classes and relabelling. Finally, a framework for adjusting CRM via CEM for both the structure of the CRM system (on the sentence level) and the inaccuracy of the criteria or weights employed in the CRM system (on the aspect level) are proposed. To ensure the robustness and the repeatability of the proposed techniques and framework, the results of the study are further validated with real-word applications from different domains

Integrating Behavioural Analysis within the Digital Forensics Investigation Process

This programme of research focused on incorporating Behavioural Analysis (BA) within the digital forensics investigation process. A review of previously developed digital forensics investigation models indicated a lack of sufficient consideration of the behavioural and motivational dimensions of offending, and the way in which digital evidence can be used to address these issues during the investigation process. This programme of research aimed to build on previous work by scientific researchers and investigators by developing a digital forensics investigation model which incorporates greater consideration of the behavioural and motivational implications of case-related digital evidence based on current theoretical understandings of these aspects of offending from forensic psychology. This can aid with understanding of the crime events and reconstruction, and lead to the development of more detailed models and guidelines for examining computer-facilitated interpersonal crimes. The first study employed an abductive approach to forensically analyse individual cases (real cases obtained from the Dubai Police archives) applying BA to the online Sexually Exploitative Imagery of Children (SEIC) and cyberstalking. Its aim was to investigate what BA could contribute to the digital forensics investigation of cases within these crime categories. It identified five benefits: (1) providing focus, speed and investigative directions, (2) inferring victim/offender behaviours, (3) inferring offender motivation(s), (4) identifying potential victims, and (5) eliminating suspects. This was followed by a survey study empirically examining the perceptions of national and international digital forensics practitioners regarding the use and utility of BA during the process of investigating SEIC and cyberstalking cases. The results indicated that while the majority believed that BA has potential to contribute to many aspects of digital forensics investigations, their daily investigative activities involved a limited use of this technique. The implications of the study were outlined, and emphasised the need to design a digital forensics investigation model that provides guiding steps and illustrations on how to utilise BA in digital forensics investigations. Based on the findings from the conducted studies, a digital forensics investigation model that incorporates aspects of BA was designed. It aimed to provide a pragmatic, structured, multidisciplinary approach to performing a post mortem examination, analysis, and interpretation of the content of the digital devices associated with computer-facilitated interpersonal crimes. Two comprehensive case studies were also used to illustrate the investigative importance of the model in investigating computer-facilitated interpersonal crimes

Social, Private, and Trusted Wearable Technology under Cloud-Aided Intermittent Wireless Connectivity

There has been an unprecedented increase in the use of smart devices globally, together with novel forms of communication, computing, and control technologies that have paved the way for a new category of devices, known as high-end wearables. While massive deployments of these objects may improve the lives of people, unauthorized access to the said private equipment and its connectivity is potentially dangerous. Hence, communication enablers together with highly-secure human authentication mechanisms have to be designed.In addition, it is important to understand how human beings, as the primary users, interact with wearable devices on a day-to-day basis; usage should be comfortable, seamless, user-friendly, and mindful of urban dynamics. Usually the connectivity between wearables and the cloud is executed through the user’s more power independent gateway: this will usually be a smartphone, which may have potentially unreliable infrastructure connectivity. In response to these unique challenges, this thesis advocates for the adoption of direct, secure, proximity-based communication enablers enhanced with multi-factor authentication (hereafter refereed to MFA) that can integrate/interact with wearable technology. Their intelligent combination together with the connection establishment automation relying on the device/user social relations would allow to reliably grant or deny access in cases of both stable and intermittent connectivity to the trusted authority running in the cloud.The introduction will list the main communication paradigms, applications, conventional network architectures, and any relevant wearable-specific challenges. Next, the work examines the improved architecture and security enablers for clusterization between wearable gateways with a proximity-based communication as a baseline. Relying on this architecture, the author then elaborates on the social ties potentially overlaying the direct connectivity management in cases of both reliable and unreliable connection to the trusted cloud. The author discusses that social-aware cooperation and trust relations between users and/or the devices themselves are beneficial for the architecture under proposal. Next, the author introduces a protocol suite that enables temporary delegation of personal device use dependent on different connectivity conditions to the cloud.After these discussions, the wearable technology is analyzed as a biometric and behavior data provider for enabling MFA. The conventional approaches of the authentication factor combination strategies are compared with the ‘intelligent’ method proposed further. The assessment finds significant advantages to the developed solution over existing ones.On the practical side, the performance evaluation of existing cryptographic primitives, as part of the experimental work, shows the possibility of developing the experimental methods further on modern wearable devices.In summary, the set of enablers developed here for wearable technology connectivity is aimed at enriching people’s everyday lives in a secure and usable way, in cases when communication to the cloud is not consistently available

Shortest Route at Dynamic Location with Node Combination-Dijkstra Algorithm

Abstract— Online transportation has become a basic requirement of the general public in support of all activities to go to work, school or vacation to the sights. Public transportation services compete to provide the best service so that consumers feel comfortable using the services offered, so that all activities are noticed, one of them is the search for the shortest route in picking the buyer or delivering to the destination. Node Combination method can minimize memory usage and this methode is more optimal when compared to A* and Ant Colony in the shortest route search like Dijkstra algorithm, but can’t store the history node that has been passed. Therefore, using node combination algorithm is very good in searching the shortest distance is not the shortest route. This paper is structured to modify the node combination algorithm to solve the problem of finding the shortest route at the dynamic location obtained from the transport fleet by displaying the nodes that have the shortest distance and will be implemented in the geographic information system in the form of map to facilitate the use of the system. Keywords— Shortest Path, Algorithm Dijkstra, Node Combination, Dynamic Location (key words