A Markov-Based Intrusion Tolerance Finite Automaton

It is inevitable for networks to be invaded during operation. The intrusion tolerance technology comes into being to enable invaded networks to provide the necessary network services. This paper introduces an automatic learning mechanism of the intrusion tolerance system to update network security strategy, and derives an intrusion tolerance finite automaton model from an existing intrusion tolerance model. The proposed model was quantified by the Markov theory to compute the stable probability of each state. The calculated stable probabilities provide the theoretical guidance and basis for administrators to better safeguard network security. Verification results show that it is feasible, effective, and convenient to integrate the Markov model to the intrusion tolerance finite automaton

Location Privacy-Preserving Strategies for Secondary Spectrum Use

The scarcity of wireless spectrum resources and the overwhelming demand for wireless broadband resources have prompted industry, government agencies and academia within the wireless communities to develop and come up with effective solutions that can make additional spectrum available for broadband data. As part of these ongoing efforts, cognitive radio networks (CRNs) have emerged as an essential technology for enabling and promoting dynamic spectrum access and sharing, a paradigm primarily aimed at addressing the spectrum scarcity and shortage challenges by permitting and enabling unlicensed or secondary users (SUs) to freely search, locate and exploit unused licensed spectrum opportunities. Despite their great potentials for improving spectrum utilization efficiency and for addressing the spectrum shortage problem, CRNs suffer from serious location privacy issues, which essentially tend to disclose the location information of the SUs to other system entities during their usage of these open spectrum opportunities. Knowing that their whereabouts may be exposed, SUs can be discouraged from joining and participating in the CRNs, potentially hindering the adoption and deployment of this technology. In this thesis, we propose frameworks that are suitable for CRNs, but also preserve the location privacy information of these SU s. More specifically, 1. We propose location privacy-preserving protocols that protect the location privacy of SUs in cooperative sensing-based CRNs while allowing the SUs to perform their spectrum sensing tasks reliably and effectively. Our proposed protocols allow also the detection of malicious user activities through the adoption of reputation mechanisms. 2. We propose location privacy-preserving approaches that provide information-theoretic privacy to SU s’ location in database-driven CRNs through the exploitation of the structured nature of spectrum databases and the fact that database-driven CRNs, by design, rely on multiple spectrum databases. 3. We propose a trustworthy framework for new generation of spectrum access systems in the 3.5 GHz band that not only protects SUs’ privacy, but also ensures that they comply with the unique system requirements, while allowing the detection of misbehaving users

Blockchain-enabled cybersecurity provision for scalable heterogeneous network: A comprehensive survey

Blockchain-enabled cybersecurity system to ensure and strengthen decentralized digital transaction is gradually gaining popularity in the digital era for various areas like finance, transportation, healthcare, education, and supply chain management. Blockchain interactions in the heterogeneous network have fascinated more attention due to the authentication of their digital application exchanges. However, the exponential development of storage space capabilities across the blockchain-based heterogeneous network has become an important issue in preventing blockchain distribution and the extension of blockchain nodes. There is the biggest challenge of data integrity and scalability, including significant computing complexity and inapplicable latency on regional network diversity, operating system diversity, bandwidth diversity, node diversity, etc., for decision-making of data transactions across blockchain-based heterogeneous networks. Data security and privacy have also become the main concerns across the heterogeneous network to build smart IoT ecosystems. To address these issues, today’s researchers have explored the potential solutions of the capability of heterogeneous network devices to perform data transactions where the system stimulates their integration reliably and securely with blockchain. The key goal of this paper is to conduct a state-of-the-art and comprehensive survey on cybersecurity enhancement using blockchain in the heterogeneous network. This paper proposes a full-fledged taxonomy to identify the main obstacles, research gaps, future research directions, effective solutions, and most relevant blockchain-enabled cybersecurity systems. In addition, Blockchain based heterogeneous network framework with cybersecurity is proposed in this paper to meet the goal of maintaining optimal performance data transactions among organizations. Overall, this paper provides an in-depth description based on the critical analysis to overcome the existing work gaps for future research where it presents a potential cybersecurity design with key requirements of blockchain across a heterogeneous network

Cyber physical security of avionic systems

“Cyber-physical security is a significant concern for critical infrastructures. The exponential growth of cyber-physical systems (CPSs) and the strong inter-dependency between the cyber and physical components introduces integrity issues such as vulnerability to injecting malicious data and projecting fake sensor measurements. Traditional security models partition the CPS from a security perspective into just two domains: high and low. However, this absolute partition is not adequate to address the challenges in the current CPSs as they are composed of multiple overlapping partitions. Information flow properties are one of the significant classes of cyber-physical security methods that model how inputs of a system affect its outputs across the security partition. Information flow supports traceability that helps in detecting vulnerabilities and anomalous sources, as well as helps in rendering mitigation measures. To address the challenges associated with securing CPSs, two novel approaches are introduced by representing a CPS in terms of a graph structure. The first approach is an automated graph-based information flow model introduced to identify information flow paths in the avionics system and partition them into security domains. This approach is applied to selected aspects of the avionic systems to identify the vulnerabilities in case of a system failure or an attack and provide possible mitigation measures. The second approach is based on graph neural networks (GNN) to classify the graphs into different security domains. Using these two approaches, successful partitioning of the CPS into different security domains is possible in addition to identifying their optimal coverage. These approaches enable designers and engineers to ensure the integrity of the CPS. The engineers and operators can use this process during design-time and in real-time to identify failures or attacks on the system”--Abstract, page iii

Estimation of Primary Traffic Statistics Based on Spectrum Sensing

Cognitive Radio (CR) systems can benefit from the knowledge of the activity statistics of primary channels, which can use this information to intelligently adapt their spectrum use to the operating environment and work more efficiently and reduce interference on primary users. Particularly relevant statistics are the minimum, mean and variance of the on/off period durations, the channel duty cycle and the governing distribution. The main aim of this thesis is to improve the estimation of the primary user statistics under different environments. At the beginning of operation, the CR does not have any information about the primary traffic statistics. Spectrum sensing is one of the key methods to obtain this knowledge. Unfortunately, the estimation of primary traffic statistics based on spectrum sensing suffers from some flaws, which are investigated in detail in this thesis. In general, two main working environments for the CRs can be identified based on the primary signal power, namely low and high signal-to-noise ratio (SNR) at the secondary users. For the high SNR scenario, an analytical model to link the sensing period with the observed spectrum occupancy and quantify its impact is proposed. Simulation results show that the proposed model captures with reasonable accuracy the spectrum occupancy observed at the CR. Moreover, the effect of the sample size (number of on/off periods) on the estimated accuracy is studied as well. Closed form expressions to estimate the statistics of the primary channel to a certain desired level of accuracy are derived to link such sample size with the accuracy of the observed primary activity statistics. The accuracy of the obtained analytical results is validated and corroborated with both simulation and experimental results, showing a perfect agreement. For the low SNR scenario, both local and cooperative estimation are considered based on the number of SUs performing the estimation. For the single estimation scenario, three novel algorithms are proposed to enhance the estimation of primary user activity statistics under imperfect spectrum sensing given the knowledge of minimum transmission time. Simulation results show that the proposed methods enable an accurate estimation for the primary user statistics. For the cooperative estimation scenario, a new reporting mechanism is proposed in order to increase the spectrum and energy efficiency of the cooperative network and improve resilience under Byzantine attacks. The proposed method is compared in terms of efficiency with methods proposed in the literature and the default periodic reporting method. Simulation results show that the proposed scheme not only reduces significantly the signalling overhead, but with a minor modification it can estimate the primary user distribution under Byzantine attacks with high accuracy. In summary, this thesis contributes a holistic set of mathematical models and novel methods for an accurate estimation of the primary traffic statistics in CR networks based solely on spectrum sensing

Smart Wireless Sensor Networks

The recent development of communication and sensor technology results in the growth of a new attractive and challenging area - wireless sensor networks (WSNs). A wireless sensor network which consists of a large number of sensor nodes is deployed in environmental fields to serve various applications. Facilitated with the ability of wireless communication and intelligent computation, these nodes become smart sensors which do not only perceive ambient physical parameters but also be able to process information, cooperate with each other and self-organize into the network. These new features assist the sensor nodes as well as the network to operate more efficiently in terms of both data acquisition and energy consumption. Special purposes of the applications require design and operation of WSNs different from conventional networks such as the internet. The network design must take into account of the objectives of specific applications. The nature of deployed environment must be considered. The limited of sensor nodes� resources such as memory, computational ability, communication bandwidth and energy source are the challenges in network design. A smart wireless sensor network must be able to deal with these constraints as well as to guarantee the connectivity, coverage, reliability and security of network's operation for a maximized lifetime. This book discusses various aspects of designing such smart wireless sensor networks. Main topics includes: design methodologies, network protocols and algorithms, quality of service management, coverage optimization, time synchronization and security techniques for sensor networks