Cyber-storms come from clouds:Security of cloud computing in the IoT era

The Internet of Things (IoT) is rapidly changing our society to a world where every “thing” is connected to the Internet, making computing pervasive like never before. This tsunami of connectivity and data collection relies more and more on the Cloud, where data analytics and intelligence actually reside. Cloud computing has indeed revolutionized the way computational resources and services can be used and accessed, implementing the concept of utility computing whose advantages are undeniable for every business. However, despite the benefits in terms of flexibility, economic savings, and support of new services, its widespread adoption is hindered by the security issues arising with its usage. From a security perspective, the technological revolution introduced by IoT and Cloud computing can represent a disaster, as each object might become inherently remotely hackable and, as a consequence, controllable by malicious actors. While the literature mostly focuses on the security of IoT and Cloud computing as separate entities, in this article we provide an up-to-date and well-structured survey of the security issues of cloud computing in the IoT era. We give a clear picture of where security issues occur and what their potential impact is. As a result, we claim that it is not enough to secure IoT devices, as cyber-storms come from Clouds

Privacy Intelligence: A Survey on Image Sharing on Online Social Networks

Image sharing on online social networks (OSNs) has become an indispensable part of daily social activities, but it has also led to an increased risk of privacy invasion. The recent image leaks from popular OSN services and the abuse of personal photos using advanced algorithms (e.g. DeepFake) have prompted the public to rethink individual privacy needs when sharing images on OSNs. However, OSN image sharing itself is relatively complicated, and systems currently in place to manage privacy in practice are labor-intensive yet fail to provide personalized, accurate and flexible privacy protection. As a result, an more intelligent environment for privacy-friendly OSN image sharing is in demand. To fill the gap, we contribute a systematic survey of 'privacy intelligence' solutions that target modern privacy issues related to OSN image sharing. Specifically, we present a high-level analysis framework based on the entire lifecycle of OSN image sharing to address the various privacy issues and solutions facing this interdisciplinary field. The framework is divided into three main stages: local management, online management and social experience. At each stage, we identify typical sharing-related user behaviors, the privacy issues generated by those behaviors, and review representative intelligent solutions. The resulting analysis describes an intelligent privacy-enhancing chain for closed-loop privacy management. We also discuss the challenges and future directions existing at each stage, as well as in publicly available datasets.Comment: 32 pages, 9 figures. Under revie

Information Leakage Attacks and Countermeasures

The scientific community has been consistently working on the pervasive problem of information leakage, uncovering numerous attack vectors, and proposing various countermeasures. Despite these efforts, leakage incidents remain prevalent, as the complexity of systems and protocols increases, and sophisticated modeling methods become more accessible to adversaries. This work studies how information leakages manifest in and impact interconnected systems and their users. We first focus on online communications and investigate leakages in the Transport Layer Security protocol (TLS). Using modern machine learning models, we show that an eavesdropping adversary can efficiently exploit meta-information (e.g., packet size) not protected by the TLS’ encryption to launch fingerprinting attacks at an unprecedented scale even under non-optimal conditions. We then turn our attention to ultrasonic communications, and discuss their security shortcomings and how adversaries could exploit them to compromise anonymity network users (even though they aim to offer a greater level of privacy compared to TLS). Following up on these, we delve into physical layer leakages that concern a wide array of (networked) systems such as servers, embedded nodes, Tor relays, and hardware cryptocurrency wallets. We revisit location-based side-channel attacks and develop an exploitation neural network. Our model demonstrates the capabilities of a modern adversary but also presents an inexpensive tool to be used by auditors for detecting such leakages early on during the development cycle. Subsequently, we investigate techniques that further minimize the impact of leakages found in production components. Our proposed system design distributes both the custody of secrets and the cryptographic operation execution across several components, thus making the exploitation of leaks difficult

Advances in Information Security and Privacy

With the recent pandemic emergency, many people are spending their days in smart working and have increased their use of digital resources for both work and entertainment. The result is that the amount of digital information handled online is dramatically increased, and we can observe a significant increase in the number of attacks, breaches, and hacks. This Special Issue aims to establish the state of the art in protecting information by mitigating information risks. This objective is reached by presenting both surveys on specific topics and original approaches and solutions to specific problems. In total, 16 papers have been published in this Special Issue

Trustworthiness in Mobile Cyber Physical Systems

Computing and communication capabilities are increasingly embedded in diverse objects and structures in the physical environment. They will link the ‘cyberworld’ of computing and communications with the physical world. These applications are called cyber physical systems (CPS). Obviously, the increased involvement of real-world entities leads to a greater demand for trustworthy systems. Hence, we use "system trustworthiness" here, which can guarantee continuous service in the presence of internal errors or external attacks. Mobile CPS (MCPS) is a prominent subcategory of CPS in which the physical component has no permanent location. Mobile Internet devices already provide ubiquitous platforms for building novel MCPS applications. The objective of this Special Issue is to contribute to research in modern/future trustworthy MCPS, including design, modeling, simulation, dependability, and so on. It is imperative to address the issues which are critical to their mobility, report significant advances in the underlying science, and discuss the challenges of development and implementation in various applications of MCPS

Architecture and communication protocol to monitor and control water quality and irrigation in agricultural environments

[ES] La introducción de soluciones tecnológicas en la agricultura permite reducir el uso de recursos y aumentar la producción de los cultivos. Además, la calidad del agua de regadío se puede monitorizar para asegurar la seguridad de los productos para el consumo humano. Sin embargo, la localización remota de la mayoría de los campos presenta un problema para proveer de cobertura inalámbrica a los nodos sensores y actuadores desplegados en los campos y los canales de agua para regadío. El trabajo presentado en esta tesis aborda el problema de habilitar la comunicación inalámbrica entre los dispositivos electrónicos desplegados para la monitorización de la calidad del agua y el campo a través de un protocolo de comunicación y arquitectura heterogéneos. La primera parte de esta tesis introduce los sistemas de agricultura de precisión (PA) y la importancia de la monitorización de la calidad del agua y el campo. Asimismo, las tecnologías que permiten la comunicación inalámbrica en sistemas PA y el uso de soluciones alternativas como el internet de las cosas bajo tierra (IoUT) y los vehículos aéreos no tripulados (UAV) se introducen también. Después, se realiza un análisis en profundidad del estado del arte respecto a los sensores para la monitorización del agua, el campo y las condiciones meteorológicas, así como sobre las tecnologías inalámbricas más empleadas en PA. Además, las tendencias actuales y los desafíos de los sistemas de internet de las cosas (IoT) para regadío, incluyendo las soluciones alternativas introducidas anteriormente, han sido abordados en detalle. A continuación, se presenta la arquitectura propuesta para el sistema, la cual incluye las áreas de interés para las actividades monitorización que incluye las áreas de los canales y el campo. A su vez, la descripción y los algoritmos de operación de los nodos sensores contemplados para cada área son proporcionados. El siguiente capítulo detalla el protocolo de comunicación heterogéneo propuesto, incluyendo los mensajes y alertas del sistema. Adicionalmente, se presenta una nueva topología de árbol para redes híbridas LoRa/WiFi multisalto. Las funcionalidades específicas adicionales concebidas para la arquitectura propuesta están descritas en el siguiente capítulo. Éstas incluyen algoritmos de agregación de datos para la topología propuesta, un esquema de las amenazas de seguridad para los sistemas PA, algoritmos de ahorro de energía y tolerancia a fallos, comunicación bajo tierra para IoUT y el uso de drones para adquisición de datos. Después, los resultados de las simulaciones para las soluciones propuestas anteriormente son presentados. Finalmente, se tratan las pruebas realizadas en entornos reales para el protocolo heterogéneo presentado, las diferentes estrategias de despliegue de los nodos empleados, el consumo energético y la función de cuantificación de fruta. Estas pruebas demuestran la validez de la arquitectura y protocolo de comunicación heterogéneos que se han propuesto.[CA] La introducció de solucions tecnològiques en l'agricultura permet reduir l'ús de recursos i augmentar la producció dels cultius. A més, la qualitat de l'aigua de regadiu es pot monitoritzar per assegurar la qualitat dels productes per al consum humà. No obstant això, la localització remota de la majoria dels camps presenta un problema per a proveir de cobertura sense fils als nodes sensors i actuadors desplegats als camps i els canals d'aigua per a regadiu. El treball presentat en aquesta tesi tracta el problema d'habilitar la comunicació sense fils entre els dispositius electrònics desplegats per a la monitorització de la qualitat de l'aigua i el camp a través d'un protocol de comunicació i arquitectura heterogenis. La primera part d'aquesta tesi introdueix els sistemes d'agricultura de precisió (PA) i la importància de la monitorització de la qualitat de l'aigua i el camp. Així mateix, també s'introdueixen les tecnologies que permeten la comunicació sense fils en sistemes PA i l'ús de solucions alternatives com l'Internet de les coses sota terra (IoUT) i els vehicles aeris no tripulats (UAV). Després, es realitza una anàlisi en profunditat de l'estat de l'art respecte als sensors per a la monitorització de l'aigua, el camp i les condicions meteorològiques, així com sobre les tecnologies sense fils més emprades en PA. S'aborden les tendències actuals i els reptes dels sistemes d'internet de les coses (IoT) per a regadiu, incloent les solucions alternatives introduïdes anteriorment. A continuació, es presenta l'arquitectura proposada per al sistema, on s'inclouen les àrees d'interès per a les activitats monitorització en els canals i el camp. Finalment, es proporciona la descripció i els algoritmes d'operació dels nodes sensors contemplats per a cada àrea. El següent capítol detalla el protocol de comunicació heterogeni proposat, així como el disseny del missatges i alertes que el sistema proposa. A més, es presenta una nova topologia d'arbre per a xarxes híbrides Lora/WiFi multi-salt. Les funcionalitats específiques addicionals concebudes per l'arquitectura proposada estan descrites en el següent capítol. Aquestes inclouen algoritmes d'agregació de dades per a la topologia proposta, un esquema de les alertes de seguretat per als sistemes PA, algoritmes d'estalvi d'energia i tolerància a fallades, comunicació per a IoUT i l'ús de drons per a adquisició de dades. Després, es presenten els resultats de les simulacions per a les solucions proposades. Finalment, es duen a terme les proves en entorns reals per al protocol heterogeni dissenyat. A més s'expliquen les diferents estratègies de desplegament dels nodes empleats, el consum energètic, així com, la funció de quantificació de fruita. Els resultats d'aquetes proves demostren la validesa de l'arquitectura i protocol de comunicació heterogenis propost en aquesta tesi.[EN] The introduction of technological solutions in agriculture allows reducing the use of resources and increasing the production of the crops. Furthermore, the quality of the water for irrigation can be monitored to ensure the safety of the produce for human consumption. However, the remote location of most fields presents a problem for providing wireless coverage to the sensing nodes and actuators deployed on the fields and the irrigation water canals. The work presented in this thesis addresses the problem of enabling wireless communication among the electronic devices deployed for water quality and field monitoring through a heterogeneous communication protocol and architecture. The first part of the dissertation introduces Precision Agriculture (PA) systems and the importance of water quality and field monitoring. In addition, the technologies that enable wireless communication in PA systems and the use of alternative solutions such as Internet of Underground Things (IoUT) and Unmanned Aerial Vehicles (UAV) are introduced as well. Then, an in-depth analysis on the state of the art regarding the sensors for water, field and meteorology monitoring and the most utilized wireless technologies in PA is performed. Furthermore, the current trends and challenges for Internet of Things (IoT) irrigation systems, including the alternate solutions previously introduced, have been discussed in detail. Then, the architecture for the proposed system is presented, which includes the areas of interest for the monitoring activities comprised of the canal and field areas. Moreover, the description and operation algorithms of the sensor nodes contemplated for each area is provided. The next chapter details the proposed heterogeneous communication protocol including the messages and alerts of the system. Additionally, a new tree topology for hybrid LoRa/WiFi multi-hop networks is presented. The specific additional functionalities intended for the proposed architecture are described in the following chapter. It includes data aggregation algorithms for the proposed topology, an overview on the security threats of PA systems, energy-saving and fault-tolerance algorithms, underground communication for IoUT, and the use of drones for data acquisition. Then, the simulation results for the solutions previously proposed are presented. Finally, the tests performed in real environments for the presented heterogeneous protocol, the different deployment strategies for the utilized nodes, the energy consumption, and a functionality for fruit quantification are discussed. These tests demonstrate the validity of the proposed heterogeneous architecture and communication protocol.García García, L. (2021). Architecture and communication protocol to monitor and control water quality and irrigation in agricultural environments [Tesis doctoral]. Universitat Politècnica de València. https://doi.org/10.4995/Thesis/10251/17422

Novel Internet of Vehicles Approaches for Smart Cities

Smart cities are the domain where many electronic devices and sensors transmit data via the Internet of Vehicles concept. The purpose of deploying many sensors in cities is to provide an intelligent environment and a good quality of life. However, different challenges still appear in smart cities such as vehicular traffic congestion, air pollution, and wireless channel communication aspects. Therefore, in order to address these challenges, this thesis develops approaches for vehicular routing, wireless channel congestion alleviation, and traffic estimation. A new traffic congestion avoidance approach has been developed in this thesis based on the simulated annealing and TOPSIS cost function. This approach utilizes data such as the traffic average travel speed from the Internet of Vehicles. Simulation results show that the developed approach improves the traffic performance for the Sheffield the scenario in the presence of congestion by an overall average of 19.22% in terms of travel time, fuel consumption and CO2 emissions as compared to other algorithms. In contrast, transmitting a large amount of data among the sensors leads to a wireless channel congestion problem. This affects the accuracy of transmitted information due to the packets loss and delays time. This thesis proposes two approaches based on a non-cooperative game theory to alleviate the channel congestion problem. Therefore, the congestion control problem is formulated as a non-cooperative game. A proof of the existence of a unique Nash equilibrium is given. The performance of the proposed approaches is evaluated on the highway and urban testing scenarios. This thesis also addresses the problem of missing data when sensors are not available or when the Internet of Vehicles connection fails to provide measurements in smart cities. Two approaches based on l1 norm minimization and a relevance vector machine type optimization are proposed. The performance of the developed approaches has been tested involving simulated and real data scenarios

On Improving Generalization of CNN-Based Image Classification with Delineation Maps Using the CORF Push-Pull Inhibition Operator

Deployed image classification pipelines are typically dependent on the images captured in real-world environments. This means that images might be affected by different sources of perturbations (e.g. sensor noise in low-light environments). The main challenge arises by the fact that image quality directly impacts the reliability and consistency of classification tasks. This challenge has, hence, attracted wide interest within the computer vision communities. We propose a transformation step that attempts to enhance the generalization ability of CNN models in the presence of unseen noise in the test set. Concretely, the delineation maps of given images are determined using the CORF push-pull inhibition operator. Such an operation transforms an input image into a space that is more robust to noise before being processed by a CNN. We evaluated our approach on the Fashion MNIST data set with an AlexNet model. It turned out that the proposed CORF-augmented pipeline achieved comparable results on noise-free images to those of a conventional AlexNet classification model without CORF delineation maps, but it consistently achieved significantly superior performance on test images perturbed with different levels of Gaussian and uniform noise

Design revolutions: IASDR 2019 Conference Proceedings. Volume 1: Change, Voices, Open

In September 2019 Manchester School of Art at Manchester Metropolitan University was honoured to host the bi-annual conference of the International Association of Societies of Design Research (IASDR) under the unifying theme of DESIGN REVOLUTIONS. This was the first time the conference had been held in the UK. Through key research themes across nine conference tracks – Change, Learning, Living, Making, People, Technology, Thinking, Value and Voices – the conference opened up compelling, meaningful and radical dialogue of the role of design in addressing societal and organisational challenges. This Volume 1 includes papers from Change, Voices and Open tracks of the conference

Emotion and Stress Recognition Related Sensors and Machine Learning Technologies

This book includes impactful chapters which present scientific concepts, frameworks, architectures and ideas on sensing technologies and machine learning techniques. These are relevant in tackling the following challenges: (i) the field readiness and use of intrusive sensor systems and devices for capturing biosignals, including EEG sensor systems, ECG sensor systems and electrodermal activity sensor systems; (ii) the quality assessment and management of sensor data; (iii) data preprocessing, noise filtering and calibration concepts for biosignals; (iv) the field readiness and use of nonintrusive sensor technologies, including visual sensors, acoustic sensors, vibration sensors and piezoelectric sensors; (v) emotion recognition using mobile phones and smartwatches; (vi) body area sensor networks for emotion and stress studies; (vii) the use of experimental datasets in emotion recognition, including dataset generation principles and concepts, quality insurance and emotion elicitation material and concepts; (viii) machine learning techniques for robust emotion recognition, including graphical models, neural network methods, deep learning methods, statistical learning and multivariate empirical mode decomposition; (ix) subject-independent emotion and stress recognition concepts and systems, including facial expression-based systems, speech-based systems, EEG-based systems, ECG-based systems, electrodermal activity-based systems, multimodal recognition systems and sensor fusion concepts and (x) emotion and stress estimation and forecasting from a nonlinear dynamical system perspective