Adaptive trust and reputation system as a security service in group communications

Group communications has been facilitating many emerging applications which require packet delivery from one or more sender(s) to multiple receivers. Owing to the multicasting and broadcasting nature, group communications are susceptible to various kinds of attacks. Though a number of proposals have been reported to secure group communications, provisioning security in group communications remains a critical and challenging issue. This work first presents a survey on recent advances in security requirements and services in group communications in wireless and wired networks, and discusses challenges in designing secure group communications in these networks. Effective security services to secure group communications are then proposed. This dissertation also introduces the taxonomy of security services, which can be applied to secure group communications, and evaluates existing secure group communications schemes. This dissertation work analyzes a number of vulnerabilities against trust and reputation systems, and proposes a threat model to predict attack behaviors. This work also considers scenarios in which multiple attacking agents actively and collaboratively attack the whole network as well as a specific individual node. The behaviors may be related to both performance issues and security issues. Finally, this work extensively examines and substantiates the security of the proposed trust and reputation system. This work next discusses the proposed trust and reputation system for an anonymous network, referred to as the Adaptive Trust-based Anonymous Network (ATAN). The distributed and decentralized network management in ATAN does not require a central authority so that ATAN alleviates the problem of a single point of failure. In ATAN, the trust and reputation system aims to enhance anonymity by establishing a trust and reputation relationship between the source and the forwarding members. The trust and reputation relationship of any two nodes is adaptive to new information learned by these two nodes or recommended from other trust nodes. Therefore, packets are anonymously routed from the \u27trusted\u27 source to the destination through \u27trusted\u27 intermediate nodes, thereby improving anonymity of communications. In the performance analysis, the ratio of the ATAN header and data payload is around 0.1, which is relatively small. This dissertation offers analysis on security services on group communications. It illustrates that these security services are needed to incorporate with each other such that group communications can be secure. Furthermore, the adaptive trust and reputation system is proposed to integrate the concept of trust and reputation into communications. Although deploying the trust and reputation system incurs some overheads in terms of storage spaces, bandwidth and computation cycles, it shows a very promising performance that enhance users\u27 confidence in using group communications, and concludes that the trust and reputation system should be deployed as another layer of security services to protect group communications against malicious adversaries and attacks

MANAGING UNKNOWN-UNKNOWNS IN CYBER-SECURITY

Techniques are described herein for managing unknown-unknowns in cyber-security. Trust degradation is a precursor index to failure. The use cases of scoring the trust degradation in a system span to almost every aspect in networking, edge and cloud included. A well devised Trust Evaluation Function (TEF) will cover many use cases: for example (1) better and adaptive private key management (e.g., re-keying); (2) better and adaptive end user experience password management and its fine grain monitoring in a data center; (3) better and adaptive digital asset certifications; (4) troubleshooting; and (5) real-time scalability and risk assessment for extremely large network, for example in federated cloud environment. The features of a digital trust scoring will start to reflect the likelihood of erosion of trust created on day 0. Platform independency is achieved when the score is a degradation of the trust and not the trust value alone. A trust value may start erroneously, but the rate of change may lead to continuous evaluation. Therefore, the originating trust is set as a prior. Erosion will thus work with time against the assumed original trust. In the example of an expiration date or a combinatorial complexity erosion of a private key, the realization of a trust erosion is not a Boolean fail pass type, but a relative factor number. On a comprehensive integrated analytical dashboard, the trust factor produces the percent life left of given a digital secret

Fuzzy Based Trust Model for Peer to Peer Systems

Unknown nature of peer to peer system opens them to malicious actions. A fuzzy based trust model can create trust relationships among peers. Trust decisions are adaptive to modifications in trust between peers. A peer’s trustworthiness in giving services and recommendations are assessed in service and recommendation context. The model utilizes fuzzy logic to integrate eight trust evaluation factors into the reputation evaluation process for improving the efficiency and security of peer to peer system. The reputation and recommendation trust metric is combined for computing a global trust metric which helps in selecting the best service provider. In this manner peers develop a trust network in their vicinity without utilizing earlier information and can tone down attack of malicious peers

Securing Critical IoT Infrastructures with Blockchain-Supported Federated Learning

Network trustworthiness is considered a very crucial element in network security and is developed through positive experiences, guarantees, clarity and responsibility. Trustworthiness becomes even more compelling with the ever-expanding set of Internet of Things (IoT) smart city services and applications. Most of today;s network trustworthy solutions are considered inadequate, notably for critical applications where IoT devices may be exposed and easily compromised. In this article, we propose an adaptive framework that integrates both federated learning and blockchain to achieve both network trustworthiness and security. The solution is capable of dealing with individuals’ trust as a probability and estimates the end-devices’ trust values belonging to different networks subject to achieving security criteria. We evaluate and verify the proposed model through simulation to showcase the effectiveness of the framework in terms of network lifetime, energy consumption, and trust using multiple factors. Results show that the proposed model maintains high accuracy and detection rates with values of ≈0.93 and ≈0.96, respectively

CENTRALIZED SECURITY PROTOCOL FOR WIRELESS SENSOR NETWORKS

Wireless Sensor Networks (WSN) is an exciting new technology with applications in military, industry, and healthcare. These applications manage sensitive information in potentially hostile environments. Security is a necessity, but building a WSN protocol is difficult. Nodes are energy and memory constrained devices intended to last months. Attackers are physically able to compromise nodes and attack the network from within. The solution is Centralized Secure Low Energy Adaptive Clustering Hierarchy (CSLEACH). CSLEACH provides security, energy efficiency, and memory efficiency. CSLEACH takes a centralized approach by leveraging the gateways resources to extend the life of a network as well as provide trust management. Using a custom event based simulator, I am able to show CSLEACH\u27s trust protocol is more energy efficient and requires less memory per node than Trust-based LEACH (TLEACH). In terms of security, CSLEACH is able to protect against a wide range of attacks from spoofed messages to compromised node attacks and it provides confidentiality, authentication, integrity and freshness

Adaptive Threat Modeling for Secure Ad Hoc Routing Protocols

Secure routing protocols for mobile ad hoc networks provide the required functionality for proper network operation. If the underlying routing protocol cannot be trusted to follow the protocol operations, additional trust layers, such as authentication, cannot be obtained. Threat models drive analysis capabilities, affecting how we evaluate trust. Current attacker threat models limit the results obtained during protocol security analysis over ad hoc routing protocols. Developing a proper threat model to evaluate security properties in mobile ad hoc routing protocols presents a significant challenge. If the attacker strength is too weak, we miss vital security flaws. If the attacker strength is too strong, we cannot identify the minimum required attacker capabilities needed to break the routing protocol. In this paper we present an adaptive threat model to evaluate route discovery attacks against ad hoc routing protocols. Our approach enables us to evaluate trust in the ad hoc routing process and allows us to identify minimum requirements an attacker needs to break a given routing protocol

Adaptive threshold scheme for touchscreen gesture continuous authentication using sensor trust

In this study we produce a continuous authentication scheme for mobile devices that adjusts an adaptive threshold for touchscreen interactions based on trust in passively collected sensor data. Our framework unobtrusively compares real-time sensor data of a user to historic data and adjusts a trust parameter based on the similarity. We show that the trust parameter can be used to adjust an adaptive threshold in continuous authentication schemes. The framework passively models temporal, spatial and activity scenarios using sensor data such as location, surrounding devices, wi-fi networks, ambient noise, movements, user activity, ambient light, proximity to objects and atmospheric pressure from study participants. Deviations from the models increases the level of threat the device perceives from the scenario. We also model the user touchscreen interactions. The touchscreen interactions are authenticated against a threshold that is continually adjusted based on the perceived trust. This scheme provides greater nuance between security and usability, enabling more refined decisions. We present our novel framework and threshold adjustment criteria and validate our framework on two state-of-the-art sensor datasets. Our framework more than halves the false acceptance and false rejection rates of a static threshold system

e-Authentication for online assessment: A mixed-method study

Authenticating the students’ identity and authenticity of their work is increasingly important to reduce academic malpractices and for quality assurance purposes in Education. There is a growing body of research about technological innovations to combat cheating and plagiarism. However, the literature is very limited on the impact of e-authentication systems across distinctive end-users because it is not a widespread practice at the moment. A considerable gap is to understand whether the use of e-authentication systems would increase trust on e-assessment, and to extend, whether students’ acceptance would vary across gender, age and previous experiences. This study aims to shed light on this area by examining the attitudes and experiences of 328 students who used an authentication system known as adaptive trust-based e-assessment system for learning (TeSLA). Evidence from mixed-method analysis suggests a broadly positive acceptance of these e-authentication technologies by distance education students. However, significant differences in the students’ responses indicated, for instance, that men were less concerned about providing personal data than women; middle-aged participants were more aware of the nuances of cheating and plagiarism;while younger students were more likely to reject e-authentication, considerably due to data privacy and security and students with disabilities due to concerns about their special needs

AI Security Threats against Pervasive Robotic Systems: A Course for Next Generation Cybersecurity Workforce

Robotics, automation, and related Artificial Intelligence (AI) systems have become pervasive bringing in concerns related to security, safety, accuracy, and trust. With growing dependency on physical robots that work in close proximity to humans, the security of these systems is becoming increasingly important to prevent cyber-attacks that could lead to privacy invasion, critical operations sabotage, and bodily harm. The current shortfall of professionals who can defend such systems demands development and integration of such a curriculum. This course description includes details about seven self-contained and adaptive modules on "AI security threats against pervasive robotic systems". Topics include: 1) Introduction, examples of attacks, and motivation; 2) - Robotic AI attack surfaces and penetration testing; 3) - Attack patterns and security strategies for input sensors; 4) - Training attacks and associated security strategies; 5) - Inference attacks and associated security strategies; 6) - Actuator attacks and associated security strategies; and 7) - Ethics of AI, robotics, and cybersecurity