4,753 research outputs found
Defending against Sybil Devices in Crowdsourced Mapping Services
Real-time crowdsourced maps such as Waze provide timely updates on traffic,
congestion, accidents and points of interest. In this paper, we demonstrate how
lack of strong location authentication allows creation of software-based {\em
Sybil devices} that expose crowdsourced map systems to a variety of security
and privacy attacks. Our experiments show that a single Sybil device with
limited resources can cause havoc on Waze, reporting false congestion and
accidents and automatically rerouting user traffic. More importantly, we
describe techniques to generate Sybil devices at scale, creating armies of
virtual vehicles capable of remotely tracking precise movements for large user
populations while avoiding detection. We propose a new approach to defend
against Sybil devices based on {\em co-location edges}, authenticated records
that attest to the one-time physical co-location of a pair of devices. Over
time, co-location edges combine to form large {\em proximity graphs} that
attest to physical interactions between devices, allowing scalable detection of
virtual vehicles. We demonstrate the efficacy of this approach using
large-scale simulations, and discuss how they can be used to dramatically
reduce the impact of attacks against crowdsourced mapping services.Comment: Measure and integratio
Sustaining Security and Safety in ICT: A Quest for Terminology, Objectives, and Limits
Security and safety are intertwined concepts in the world of computing. In
recent years, the terms "sustainable security" and "sustainable safety" came
into fashion and are being used referring to a variety of systems properties
ranging from efficiency to profitability, and sometimes meaning that a product
or service is good for people and planet. This leads to confusing perceptions
of products where customers might expect a sustainable product to be developed
without child labour, while the producer uses the term to signify that their
new product uses marginally less power than the previous generation of that
products. Even in research on sustainably safe and secure ICT, these different
notions of terminology are prevalent. As researchers we often work towards
optimising our subject of study towards one specific sustainability metric -
let's say energy consumption - while being blissfully unaware of, e.g., social
impacts, life-cycle impacts, or rebound effects of such optimisations.
In this paper I dissect the idea of sustainable safety and security, starting
from the questions of what we want to sustain, and for whom we want to sustain
it. I believe that a general "people and planet" answer is inadequate here
because this form of sustainability cannot be the property of a single industry
sector but must be addressed by society as a whole. However, with sufficient
understanding of life-cycle impacts we may very well be able to devise research
and development efforts, and inform decision making processes towards the use
of integrated safety and security solutions that help us to address societal
challenges in the context of the climate and ecological crises, and that are
aligned with concepts such as intersectionality and climate justice. Of course,
these solutions can only be effective if they are embedded in societal and
economic change towards more frugal uses of data and ICT
Privacy-enhancing Aggregation of Internet of Things Data via Sensors Grouping
Big data collection practices using Internet of Things (IoT) pervasive
technologies are often privacy-intrusive and result in surveillance, profiling,
and discriminatory actions over citizens that in turn undermine the
participation of citizens to the development of sustainable smart cities.
Nevertheless, real-time data analytics and aggregate information from IoT
devices open up tremendous opportunities for managing smart city
infrastructures. The privacy-enhancing aggregation of distributed sensor data,
such as residential energy consumption or traffic information, is the research
focus of this paper. Citizens have the option to choose their privacy level by
reducing the quality of the shared data at a cost of a lower accuracy in data
analytics services. A baseline scenario is considered in which IoT sensor data
are shared directly with an untrustworthy central aggregator. A grouping
mechanism is introduced that improves privacy by sharing data aggregated first
at a group level compared as opposed to sharing data directly to the central
aggregator. Group-level aggregation obfuscates sensor data of individuals, in a
similar fashion as differential privacy and homomorphic encryption schemes,
thus inference of privacy-sensitive information from single sensors becomes
computationally harder compared to the baseline scenario. The proposed system
is evaluated using real-world data from two smart city pilot projects. Privacy
under grouping increases, while preserving the accuracy of the baseline
scenario. Intra-group influences of privacy by one group member on the other
ones are measured and fairness on privacy is found to be maximized between
group members with similar privacy choices. Several grouping strategies are
compared. Grouping by proximity of privacy choices provides the highest privacy
gains. The implications of the strategy on the design of incentives mechanisms
are discussed
Overlay virtualized wireless sensor networks for application in industrial internet of things : a review
Abstract: In recent times, Wireless Sensor Networks (WSNs) are broadly applied in the Industrial Internet of Things (IIoT) in order to enhance the productivity and efficiency of existing and prospective manufacturing industries. In particular, an area of interest that concerns the use of WSNs in IIoT is the concept of sensor network virtualization and overlay networks. Both network virtualization and overlay networks are considered contemporary because they provide the capacity to create services and applications at the edge of existing virtual networks without changing the underlying infrastructure. This capability makes both network virtualization and overlay network services highly beneficial, particularly for the dynamic needs of IIoT based applications such as in smart industry applications, smart city, and smart home applications. Consequently, the study of both WSN virtualization and overlay networks has become highly patronized in the literature, leading to the growth and maturity of the research area. In line with this growth, this paper provides a review of the development made thus far concerning virtualized sensor networks, with emphasis on the application of overlay networks in IIoT. Principally, the process of virtualization in WSN is discussed along with its importance in IIoT applications. Different challenges in WSN are also presented along with possible solutions given by the use of virtualized WSNs. Further details are also presented concerning the use of overlay networks as the next step to supporting virtualization in shared sensor networks. Our discussion closes with an exposition of the existing challenges in the use of virtualized WSN for IIoT applications. In general, because overlay networks will be contributory to the future development and advancement of smart industrial and smart city applications, this review may be considered by researchers as a reference point for those particularly interested in the study of this growing field
- …