Smart hospital emergency system via mobile-based requesting services

In recent years, the UK’s emergency call and response has shown elements of great strain as of today. The strain on emergency call systems estimated by a 9 million calls (including both landline and mobile) made in 2014 alone. Coupled with an increasing population and cuts in government funding, this has resulted in lower percentages of emergency response vehicles at hand and longer response times. In this paper, we highlight the main challenges of emergency services and overview of previous solutions. In addition, we propose a new system call Smart Hospital Emergency System (SHES). The main aim of SHES is to save lives through improving communications between patient and emergency services. Utilising the latest of technologies and algorithms within SHES is aiming to increase emergency communication throughput, while reducing emergency call systems issues and making the process of emergency response more efficient. Utilising health data held within a personal smartphone, and internal tracked data (GPU, Accelerometer, Gyroscope etc.), SHES aims to process the mentioned data efficiently, and securely, through automatic communications with emergency services, ultimately reducing communication bottlenecks. Live video-streaming through real-time video communication protocols is also a focus of SHES to improve initial communications between emergency services and patients. A prototype of this system has been developed. The system has been evaluated by a preliminary usability, reliability, and communication performance study

Video Streaming to Empowered Video Walls

Video walls are useful to display large size video content. Empowered video walls combine display functionality with computing power. Such video walls can display large scientific visualizations. If they can also display high-resolution video streamed over a network, they could enable distance collaboration over scientific data.We proposed several methods of network streaming of highresolution video content to a major type of empowered video walls, which is the SAGE2 system. For all methods, we evaluated their performance and discussed their scalability and properties. The results should be applicable to other web-based empowered video walls as well

Implementing in-browser screen sharing library for robust, high-performance co-browsing

Ühisbrausimine on tegevus, mille käigus kaks või enam inimest näevad sama veebilehte erinevate arvutite tagant samaaegselt ja suhtlevad teineteisega hiireklikkide, kerimise ja muude juhtseadmete toimingute kaudu. Selline tegevus võib olla kasulik erinevatel põhjustel, nagu meelelahutus, teabe jagamine, õppetöö, juhendamine, järelvalve jne. Käesolevas töös keskendub autor küsimustele ja väljakutsetele, mis on seotud ühisbrausimisega kasutajate abistamise eesmärgil. Ekraanijagamine nõuab tavaliselt eriotstarbelise tarkvara paigaldamist. Sellise tarkvara paigaldamine on tihti seotud kõrgentatud kasutajaõigustega, mis omakorda võib põhjustada turvariske. Iga operatsioonisüsteemi jaoks eraldi programmikoodi kirjutamine muudab sedasorti tarkvara arendamise kulukaks. Seetõttu on paljud rakenduste arendajad oma tooted veebisirvikutesse ümber kolinud. Kuna järjest rohkem rakendusi kirjutatakse veebisirvikus käitamiseks, siis on viimase veetlus ühisbrausimise platvormina suurenenud. Ekraani jagamist veebisirvikus nimetatakse ühisbrausimiseks.Co-browsing is the activity of two or more people viewing and interacting with the same web page simultaneously using web browsers running on different computers. It can be useful for many purposes: entertainment, information sharing, learning, supervision, surveillance, etc. In this work the author concentrates on the issues and challenges in implementing co-browsing for assisting users. Sharing user's screen has historically required installation of additional software. Installing such software often requires elevating user privileges and can introduce security risks. Also separate implementations on different operating systems make it more expensive to develop. Many application developers have discovered browsers as their new *platform independent* platform. As more applications are moving into the browser, it has become a good candidate to implement screen sharing on. Screen sharing in a browser is called co-browsing

Computational Resource Abuse in Web Applications

Internet browsers include Application Programming Interfaces (APIs) to support Web applications that require complex functionality, e.g., to let end users watch videos, make phone calls, and play video games. Meanwhile, many Web applications employ the browser APIs to rely on the user's hardware to execute intensive computation, access the Graphics Processing Unit (GPU), use persistent storage, and establish network connections. However, providing access to the system's computational resources, i.e., processing, storage, and networking, through the browser creates an opportunity for attackers to abuse resources. Principally, the problem occurs when an attacker compromises a Web site and includes malicious code to abuse its visitor's computational resources. For example, an attacker can abuse the user's system networking capabilities to perform a Denial of Service (DoS) attack against third parties. What is more, computational resource abuse has not received widespread attention from the Web security community because most of the current specifications are focused on content and session properties such as isolation, confidentiality, and integrity. Our primary goal is to study computational resource abuse and to advance the state of the art by providing a general attacker model, multiple case studies, a thorough analysis of available security mechanisms, and a new detection mechanism. To this end, we implemented and evaluated three scenarios where attackers use multiple browser APIs to abuse networking, local storage, and computation. Further, depending on the scenario, an attacker can use browsers to perform Denial of Service against third-party Web sites, create a network of browsers to store and distribute arbitrary data, or use browsers to establish anonymous connections similarly to The Onion Router (Tor). Our analysis also includes a real-life resource abuse case found in the wild, i.e., CryptoJacking, where thousands of Web sites forced their visitors to perform crypto-currency mining without their consent. In the general case, attacks presented in this thesis share the attacker model and two key characteristics: 1) the browser's end user remains oblivious to the attack, and 2) an attacker has to invest little resources in comparison to the resources he obtains. In addition to the attack's analysis, we present how existing, and upcoming, security enforcement mechanisms from Web security can hinder an attacker and their drawbacks. Moreover, we propose a novel detection approach based on browser API usage patterns. Finally, we evaluate the accuracy of our detection model, after training it with the real-life crypto-mining scenario, through a large scale analysis of the most popular Web sites

Hyp3rArmor: reducing web application exposure to automated attacks

Web applications (webapps) are subjected constantly to automated, opportunistic attacks from autonomous robots (bots) engaged in reconnaissance to discover victims that may be vulnerable to specific exploits. This is a typical behavior found in botnet recruitment, worm propagation, largescale fingerprinting and vulnerability scanners. Most anti-bot techniques are deployed at the application layer, thus leaving the network stack of the webapp’s server exposed. In this paper we present a mechanism called Hyp3rArmor, that addresses this vulnerability by minimizing the webapp’s attack surface exposed to automated opportunistic attackers, for JavaScriptenabled web browser clients. Our solution uses port knocking to eliminate the webapp’s visible network footprint. Clients of the webapp are directed to a visible static web server to obtain JavaScript that authenticates the client to the webapp server (using port knocking) before making any requests to the webapp. Our implementation of Hyp3rArmor, which is compatible with all webapp architectures, has been deployed and used to defend single and multi-page websites on the Internet for 114 days. During this time period the static web server observed 964 attempted attacks that were deflected from the webapp, which was only accessed by authenticated clients. Our evaluation shows that in most cases client-side overheads were negligible and that server-side overheads were minimal. Hyp3rArmor is ideal for critical systems and legacy applications that must be accessible on the Internet. Additionally Hyp3rArmor is composable with other security tools, adding an additional layer to a defense in depth approach.This work has been supported by the National Science Foundation (NSF) awards #1430145, #1414119, and #1012798

Real-time WebRTC-based design for a telepresence wheelchair

© 2017 IEEE. This paper presents a novel approach to the telepresence wheelchair system which is capable of real-time video communication and remote interaction. The investigation of this emerging technology aims at providing a low-cost and efficient way for assisted-living of people with disabilities. The proposed system has been designed and developed by deploying the JavaScript with Hyper Text Markup Language 5 (HTML5) and Web Real-time Communication (WebRTC) in which the adaptive rate control algorithm for video transmission is invoked. We conducted experiments in real-world environments, and the wheelchair was controlled from a distance using the Internet browser to compare with existing methods. The results show that the adaptively encoded video streaming rate matches the available bandwidth. The video streaming is high-quality with approximately 30 frames per second (fps) and round trip time less than 20 milliseconds (ms). These performance results confirm that the WebRTC approach is a potential method for developing a telepresence wheelchair system

Hybrid client-server and P2P network for web-based collaborative 3D design

National audienceOur proposed research project is to enable 3D distributed visualization and manipulation involving collaborative effort through the use of web-based technologies. Our project resulted from a wide collaborative application research fields: Computer Aided Design (CAD), Building Information Modeling (BIM) or Product Life Cycle Management (PLM) where design tasks are often performed in teams and need a fluent communication system. The system allows distributed remote assembling in 3D scenes with real-time updates for the users. This paper covers this feature using hybrid networking solution: a client-server architecture (REST) for 3D rendering (WebGL) and data persistence (NoSQL) associated to an automatically built peer-to-peer (P2P) mesh for real-time communication between the clients (WebRTC). The approach is demonstrated through the development of a web-platform prototype focusing on the easy manipulation, fine rendering and light update messages for all participating users. We provide an architecture and a prototype to enable users to design in 3D together in real time with the benefits of web based online collaboration