Defense and traceback mechanisms in opportunistic wireless networks

 In this thesis, we have identified a novel attack in OppNets, a special type of packet dropping attack where the malicious node(s) drops one or more packets (not all the packets) and then injects new fake packets instead. We name this novel attack as the Catabolism attack and propose a novel attack detection and traceback approach against this attack referred to as the Anabolism defence. As part of the Anabolism defence approach we have proposed three techniques: time-based, Merkle tree based and Hash chain based techniques for attack detection and malicious node(s) traceback. We provide mathematical models that show our novel detection and traceback mechanisms to be very effective and detailed simulation results show our defence mechanisms to achieve a very high accuracy and detection rate

Security and Privacy for Mobile Social Networks

With the ever-increasing demands of people's social interactions, traditional online social networking applications are being shifted to the mobile ones, enabling users' social networking and interactions anywhere anytime. Due to the portability and pervasiveness of mobile devices, such as smartphones, wearable devices and tablets, Mobile Social Network (MSN), as a promising social network platform, has become increasingly popular and brought immense benefits. In MSN, users can easily discover and chat with social friends in the vicinity even without the Internet; vehicle drivers and passengers can exchange traffic information, videos or images with other vehicles on the road; customers in a shopping mall can share sale information and recommend it to their friends. With MSNs, massive opportunities are created to facilitate people's social interactions and enlarge the inherent social circle. However, the flourish of MSNs also hinges upon fully understanding and managing the challenges, such as security threats and privacy leakage. Security and privacy concerns rise as the boom of MSN applications comes up, but few users have paid adequate attentions to protect their privacy-sensitive information from disclosing. First of all, to initiate social interactions, users sometimes exchange their social interests or preferences with each other (including strangers in the vicinity) without sufficient protections. As such, some private information may be inferred from the exchanged social interests by attackers and untrusted users. Secondly, some malicious attackers might forge fake identities or false contents, such as spam and advertisements, to disrupt MSNs or mislead other users. These attackers could even collude and launch a series of security threats to MSNs. In addition, massive social network data are usually stored in untrusted cloud servers, where data confidentiality, authentication, access control and privacy are of paramount importance. Last but not least, the trade-off between data availability and privacy should be taken into account when the data are stored, queried and processed for various MSN applications. Therefore, novel security and privacy techniques become essential for MSN to provide sufficient and adjustable protections. In this thesis, we focus on security and privacy for MSNs. Based on the MSN architecture and emerging applications, we first investigate security and privacy requirements for MSNs and introduce several challenging issues, i.e., spam, misbehaviors and privacy leakage. To tackle these problems, we propose efficient security and privacy preservation schemes for MSNs. Specifically, the main contributions of this thesis can be three-fold. Firstly, to address the issues of spam in autonomous MSNs, we propose a personalized fine-grained spam filtering scheme (PIF), which exploits social characteristics during data delivery. The PIF allows users to create personalized filters according to their social interests, and enables social friends to hold these filters, discarding the unwanted data before delivery. We also design privacy-preserving coarse-grained and fine-grained filtering mechanisms in the PIF to not only enable the filtering but also prevent users' private information included in the filters from disclosing to untrusted entities. Secondly, to detect misbehaviors during MSN data sharing, we propose a social-based mobile Sybil detection scheme (SMSD). The SMSD detects Sybil attackers by differentiating the abnormal pseudonym changing and contact behaviors, since Sybil attackers frequently or rapidly change their pseudonyms to cheat legitimate users. As the volume of contact data from users keeps increasing, the SMSD utilizes local cloud servers to store and process the users' contact data such that the burden of mobile users is alleviated. The SMSD also detects the collusion attacks and prevents user's data from malicious modification when employing the untrusted local cloud server for the detection. Thirdly, to achieve the trade-off between privacy and data availability, we investigate a centralized social network application, which exploits social network to enhance human-to-human infection analysis. We integrate social network data and health data to jointly analyze the instantaneous infectivity during human-to-human contact, and propose a novel privacy-preserving infection analysis approach (PIA). The PIA enables the collaboration among different cloud servers (i.e., social network cloud server and health cloud server). It employs a privacy-preserving data query method based on conditional oblivious transfer to enable data sharing and prevent data from disclosing to untrusted entities. A privacy-preserving classification-based infection analysis method is also proposed to enable the health cloud server to infer infection spread but preserve privacy simultaneously. Finally, we summarize the thesis and share several open research directions in MSNs. The developed security solutions and research results in this thesis should provide a useful step towards better understanding and implementing secure and privacy-preserving MSNs

Wide-Area Situation Awareness based on a Secure Interconnection between Cyber-Physical Control Systems

Posteriormente, examinamos e identificamos los requisitos especiales que limitan el diseño y la operación de una arquitectura de interoperabilidad segura para los SSC (particularmente los SCCF) del smart grid. Nos enfocamos en modelar requisitos no funcionales que dan forma a esta infraestructura, siguiendo la metodología NFR para extraer requisitos esenciales, técnicas para la satisfacción de los requisitos y métricas para nuestro modelo arquitectural. Estudiamos los servicios necesarios para la interoperabilidad segura de los SSC del SG revisando en profundidad los mecanismos de seguridad, desde los servicios básicos hasta los procedimientos avanzados capaces de hacer frente a las amenazas sofisticadas contra los sistemas de control, como son los sistemas de detección, protección y respuesta ante intrusiones. Nuestro análisis se divide en diferentes áreas: prevención, consciencia y reacción, y restauración; las cuales general un modelo de seguridad robusto para la protección de los sistemas críticos. Proporcionamos el diseño para un modelo arquitectural para la interoperabilidad segura y la interconexión de los SCCF del smart grid. Este escenario contempla la interconectividad de una federación de proveedores de energía del SG, que interactúan a través de la plataforma de interoperabilidad segura para gestionar y controlar sus infraestructuras de forma cooperativa. La plataforma tiene en cuenta las características inherentes y los nuevos servicios y tecnologías que acompañan al movimiento de la Industria 4.0. Por último, presentamos una prueba de concepto de nuestro modelo arquitectural, el cual ayuda a validar el diseño propuesto a través de experimentaciones. Creamos un conjunto de casos de validación que prueban algunas de las funcionalidades principales ofrecidas por la arquitectura diseñada para la interoperabilidad segura, proporcionando información sobre su rendimiento y capacidades.Las infraestructuras críticas (IICC) modernas son vastos sistemas altamente complejos, que precisan del uso de las tecnologías de la información para gestionar, controlar y monitorizar el funcionamiento de estas infraestructuras. Debido a sus funciones esenciales, la protección y seguridad de las infraestructuras críticas y, por tanto, de sus sistemas de control, se ha convertido en una tarea prioritaria para las diversas instituciones gubernamentales y académicas a nivel mundial. La interoperabilidad de las IICC, en especial de sus sistemas de control (SSC), se convierte en una característica clave para que estos sistemas sean capaces de coordinarse y realizar tareas de control y seguridad de forma cooperativa. El objetivo de esta tesis se centra, por tanto, en proporcionar herramientas para la interoperabilidad segura de los diferentes SSC, especialmente los sistemas de control ciber-físicos (SCCF), de forma que se potencie la intercomunicación y coordinación entre ellos para crear un entorno en el que las diversas infraestructuras puedan realizar tareas de control y seguridad cooperativas, creando una plataforma de interoperabilidad segura capaz de dar servicio a diversas IICC, en un entorno de consciencia situacional (del inglés situational awareness) de alto espectro o área (wide-area). Para ello, en primer lugar, revisamos las amenazas de carácter más sofisticado que amenazan la operación de los sistemas críticos, particularmente enfocándonos en los ciberataques camuflados (del inglés stealth) que amenazan los sistemas de control de infraestructuras críticas como el smart grid. Enfocamos nuestra investigación al análisis y comprensión de este nuevo tipo de ataques que aparece contra los sistemas críticos, y a las posibles contramedidas y herramientas para mitigar los efectos de estos ataques

Efficient Passive Clustering and Gateways selection MANETs

Passive clustering does not employ control packets to collect topological information in ad hoc networks. In our proposal, we avoid making frequent changes in cluster architecture due to repeated election and re-election of cluster heads and gateways. Our primary objective has been to make Passive Clustering more practical by employing optimal number of gateways and reduce the number of rebroadcast packets

Recent Developments in Smart Healthcare

Medicine is undergoing a sector-wide transformation thanks to the advances in computing and networking technologies. Healthcare is changing from reactive and hospital-centered to preventive and personalized, from disease focused to well-being centered. In essence, the healthcare systems, as well as fundamental medicine research, are becoming smarter. We anticipate significant improvements in areas ranging from molecular genomics and proteomics to decision support for healthcare professionals through big data analytics, to support behavior changes through technology-enabled self-management, and social and motivational support. Furthermore, with smart technologies, healthcare delivery could also be made more efficient, higher quality, and lower cost. In this special issue, we received a total 45 submissions and accepted 19 outstanding papers that roughly span across several interesting topics on smart healthcare, including public health, health information technology (Health IT), and smart medicine

Security and Privacy for Modern Wireless Communication Systems

The aim of this reprint focuses on the latest protocol research, software/hardware development and implementation, and system architecture design in addressing emerging security and privacy issues for modern wireless communication networks. Relevant topics include, but are not limited to, the following: deep-learning-based security and privacy design; covert communications; information-theoretical foundations for advanced security and privacy techniques; lightweight cryptography for power constrained networks; physical layer key generation; prototypes and testbeds for security and privacy solutions; encryption and decryption algorithm for low-latency constrained networks; security protocols for modern wireless communication networks; network intrusion detection; physical layer design with security consideration; anonymity in data transmission; vulnerabilities in security and privacy in modern wireless communication networks; challenges of security and privacy in node–edge–cloud computation; security and privacy design for low-power wide-area IoT networks; security and privacy design for vehicle networks; security and privacy design for underwater communications networks

De la Routine Humaine vers des Réseaux Mobiles Plus Efficaces

The proliferation of pervasive communication caused a recent boost up on the mobile data usage, which network operators are not always prepared for. The main origin of the mobile network demands are smartphone devices. From the network side those devices may be seen as villains for imposing an enormous traffic, but from the analytical point of view they provide today the best means of gathering users information about content consumption and mobility behavior on a large scale. Understanding users' mobility and network behavior is essential in the design of efficient communication systems. We are routinary beings. The routine cycles on our daily lives are an essential part of our interface with the world. Our habits define, for instance, where we are going Saturday night, or what is the typical website for the mornings of Monday. The repetitive behavior reflects on our mobility patterns and network activities. In this thesis we focus on metropolitan users generating traffic demands during their normal daily lives. We present a detailed study on both users' routinary mobility and routinary network behavior. As a study of case where such investigation can be useful, we propose a hotspot deployment strategy that takes into account the routine aspects of people's mobility.We first investigate urban mobility patterns. We analyze large-scale datasets of mobility in different cities of the world, namely Beijing, Tokyo, New York, Paris, San Francisco, London, Moscow and Mexico City. Our contribution is this area is two-fold. First, we show that there is a similarity on people's mobility behavior regardless the city. Second, we unveil three characteristics present on the mobility of typical urban population: repetitiveness, usage of shortest-paths, and confinement. Those characteristics undercover people's tendency to revisit a small portion of favorite venues using trajectories that are close to the shortest-path. Furthermore, people generally have their mobility restrict to a dozen of kilometers per day.We then investigate the users' traffic demands patterns. We analyze a large data set with 6.8 million subscribers. We have mainly two contributions in this aspect. First, a precise characterization of individual subscribers' traffic behavior clustered by their usage patterns. We see how the daily routine impacts on the network demands and the strong similarity between traffic on different days. Second, we provide a way for synthetically, still consistently, reproducing usage patterns of mobile subscribers. Synthetic traces offer positive implications for network planning and carry no privacy issues to subscribers as the original datasets.To assess the effectiveness of these findings on real-life scenario, we propose a hotspot deployment strategy that considers routine characteristics of mobility and traffic in order to improve mobile data offloading. Carefully deploying Wi-Fi hotspots can both be cheaper than upgrade the current cellular network structure and can concede significant improvement in the network capacity. Our approach increases the amount of offload when compared to other solution from the literature.L’omniprésence des communications a entraîné une récente augmentation des volumes de données mobiles, pour laquelle les opérateurs n’étaient pas toujours préparés. Les smartphones sont les plus gros consommateurs de données mobiles. Ces appareils peuvent être considérés comme méchants à cause d’un tel traffic, mais d’un point de vue analytique ils fournissent, aujourd’hui un des meilleurs moyens afin de collecter les données sur le comportement de consommation et de mobilité de grande échelle. Comprendre le comportement des utilisateurs sur leur mobilité et leur connectivité est nécessaire à la création d’un système de communication effectifs. Nous sommes routiniers. Ces cycles routiniers sont une grande partie de nos interactions avec le monde. Par exemple, nos habitudes definissent ce que l’on va faire le samedi ou les sites que nous consultons le lundi matin. Ces comportements répétés reflètent nos déplacements et activités en ligne. Dans cette thèse, nous allons nous concentrer sur les demandes de traffic générées par les usagers métropolitains durant leurs activités quotidiennes. Nous présentons une étude détaillée des usagers selon les comportements routiniers de mobilité ou d’activité sur internet. Dans une étude de cas, ou cette enquête serait utile, nous proposons une stratégies de déploiement de points de accès qui prendra en compte les aspects routiniers de la mobilités des utilisateurs.Nous étudirons en premier lieu, les modèles de mobilité en milieu urbain. Nous analyserons les données de mobilité à grande échelle dans de grandes villes comme Beijing, Tokyo, New York, Paris, San Francisco, London, Moscow, Mexico City. Cette contribution se fait en deux étapes. Premièrement, nous observerons les similitudes des déplacements peu importe la ville concernée. Ensuite, nous mettrons en évidence trois caractéristiques présentes dans les déplacements d’une population urbaine typique: Répétivité, utilisation de raccourcis, confinement. Ces caractéristiques sont dues à la tendance qu’ont les personnes à revisiter les même rues en utilisant les trajectoires proches du chemin le plus court. D’ailleurs, les personnes ont une mobilité quotidienne inférieure à dix kilomètres par jour.Nous avons ensuite étudié les modèles de demandes de traffic en utilisant une base de données comprenant les données de 6.8 millions d’utilisateurs. Pour cela nous avons principalement deux contributions. Premièrement, une caractérisation précise des comportements de consommation des utilisateurs agrégés par modèle. Nous pouvons voir comment les routines quotidiennes impactent nos demandes de connections et la similarité de ce traffic en fonction des jours. En suite, nous fournirons un moyen de reproduire artificiellement mais avec cohérence les modèles des utilisateurs de données mobiles. Ces données synthétisées ont l’avantage de permettre la planification du réseau sans information sur la vie privées de utilisateurs comme les bases de données d’origine.Afin d’évaluer l’efficacité de ces informations dans un scénario grandeur nature, nous proposerons une stratégie de deploiement de points de accès qui prend en compte les caractéristiques routinières en terme de déplacement et de demande de trafic dans le but d’améliorer la décharge de données mobile. Déployer correctement des points de accès WiFi peut être moins cher que d’améliorer l’infrastructure de réseaux mobiles, et peut permettre d’améliorer considérablement la capacité du réseau. Notre approche améliore l’évacuation de trafic comparée aux autres solutions disponibles dans la littérature

Combining SOA and BPM Technologies for Cross-System Process Automation

This paper summarizes the results of an industry case study that introduced a cross-system business process automation solution based on a combination of SOA and BPM standard technologies (i.e., BPMN, BPEL, WSDL). Besides discussing major weaknesses of the existing, custom-built, solution and comparing them against experiences with the developed prototype, the paper presents a course of action for transforming the current solution into the proposed solution. This includes a general approach, consisting of four distinct steps, as well as specific action items that are to be performed for every step. The discussion also covers language and tool support and challenges arising from the transformation

Internet of Things Applications - From Research and Innovation to Market Deployment

The book aims to provide a broad overview of various topics of Internet of Things from the research, innovation and development priorities to enabling technologies, nanoelectronics, cyber physical systems, architecture, interoperability and industrial applications. It is intended to be a standalone book in a series that covers the Internet of Things activities of the IERC – Internet of Things European Research Cluster from technology to international cooperation and the global "state of play".The book builds on the ideas put forward by the European research Cluster on the Internet of Things Strategic Research Agenda and presents global views and state of the art results on the challenges facing the research, development and deployment of IoT at the global level. Internet of Things is creating a revolutionary new paradigm, with opportunities in every industry from Health Care, Pharmaceuticals, Food and Beverage, Agriculture, Computer, Electronics Telecommunications, Automotive, Aeronautics, Transportation Energy and Retail to apply the massive potential of the IoT to achieving real-world solutions. The beneficiaries will include as well semiconductor companies, device and product companies, infrastructure software companies, application software companies, consulting companies, telecommunication and cloud service providers. IoT will create new revenues annually for these stakeholders, and potentially create substantial market share shakeups due to increased technology competition. The IoT will fuel technology innovation by creating the means for machines to communicate many different types of information with one another while contributing in the increased value of information created by the number of interconnections among things and the transformation of the processed information into knowledge shared into the Internet of Everything. The success of IoT depends strongly on enabling technology development, market acceptance and standardization, which provides interoperability, compatibility, reliability, and effective operations on a global scale. The connected devices are part of ecosystems connecting people, processes, data, and things which are communicating in the cloud using the increased storage and computing power and pushing for standardization of communication and metadata. In this context security, privacy, safety, trust have to be address by the product manufacturers through the life cycle of their products from design to the support processes. The IoT developments address the whole IoT spectrum - from devices at the edge to cloud and datacentres on the backend and everything in between, through ecosystems are created by industry, research and application stakeholders that enable real-world use cases to accelerate the Internet of Things and establish open interoperability standards and common architectures for IoT solutions. Enabling technologies such as nanoelectronics, sensors/actuators, cyber-physical systems, intelligent device management, smart gateways, telematics, smart network infrastructure, cloud computing and software technologies will create new products, new services, new interfaces by creating smart environments and smart spaces with applications ranging from Smart Cities, smart transport, buildings, energy, grid, to smart health and life. Technical topics discussed in the book include: • Introduction• Internet of Things Strategic Research and Innovation Agenda• Internet of Things in the industrial context: Time for deployment.• Integration of heterogeneous smart objects, applications and services• Evolution from device to semantic and business interoperability• Software define and virtualization of network resources• Innovation through interoperability and standardisation when everything is connected anytime at anyplace• Dynamic context-aware scalable and trust-based IoT Security, Privacy framework• Federated Cloud service management and the Internet of Things• Internet of Things Application