Enable Reliable and Secure Data Transmission in Resource-Constrained Emerging Networks

The increasing deployment of wireless devices has connected humans and objects all around the world, benefiting our daily life and the entire society in many aspects. Achieving those connectivity motivates the emergence of different types of paradigms, such as cellular networks, large-scale Internet of Things (IoT), cognitive networks, etc. Among these networks, enabling reliable and secure data transmission requires various resources including spectrum, energy, and computational capability. However, these resources are usually limited in many scenarios, especially when the number of devices is considerably large, bringing catastrophic consequences to data transmission. For example, given the fact that most of IoT devices have limited computational abilities and inadequate security protocols, data transmission is vulnerable to various attacks such as eavesdropping and replay attacks, for which traditional security approaches are unable to address. On the other hand, in the cellular network, the ever-increasing data traffic has exacerbated the depletion of spectrum along with the energy consumption. As a result, mobile users experience significant congestion and delays when they request data from the cellular service provider, especially in many crowded areas. In this dissertation, we target on reliable and secure data transmission in resource-constrained emerging networks. The first two works investigate new security challenges in the current heterogeneous IoT environment, and then provide certain countermeasures for reliable data communication. To be specific, we identify a new physical-layer attack, the signal emulation attack, in the heterogeneous environment, such as smart home IoT. To defend against the attack, we propose two defense strategies with the help of a commonly found wireless device. In addition, to enable secure data transmission in large-scale IoT network, e.g., the industrial IoT, we apply the amply-and-forward cooperative communication to increase the secrecy capacity by incentivizing relay IoT devices. Besides security concerns in IoT network, we seek data traffic alleviation approaches to achieve reliable and energy-efficient data transmission for a group of users in the cellular network. The concept of mobile participation is introduced to assist data offloading from the base station to users in the group by leveraging the mobility of users and the social features among a group of users. Following with that, we deploy device-to-device data offloading within the group to achieve the energy efficiency at the user side while adapting to their increasing traffic demands. In the end, we consider a perpendicular topic - dynamic spectrum access (DSA) - to alleviate the spectrum scarcity issue in cognitive radio network, where the spectrum resource is limited to users. Specifically, we focus on the security concerns and further propose two physical-layer schemes to prevent spectrum misuse in DSA in both additive white Gaussian noise and fading environments

Human-Computer Interaction: Security Aspects

Along with the rapid development of intelligent information age, users are having a growing interaction with smart devices. Such smart devices are interconnected together in the Internet of Things (IoT). The sensors of IoT devices collect information about users' behaviors from the interaction between users and devices. Since users interact with IoT smart devices for the daily communication and social network activities, such interaction generates a huge amount of network traffic. Hence, users' behaviors are playing an important role in the security of IoT smart devices, and the security aspects of Human-Computer Interaction are becoming significant. In this dissertation, we provide a threefold contribution: (1) we review security challenges of HCI-based authentication, and design a tool to detect deceitful users via keystroke dynamics; (2) we present the impact of users' behaviors on network traffic, and propose a framework to manage such network traffic; (3) we illustrate a proposal for energy-constrained IoT smart devices to be resilient against energy attack and efficient in network communication. More in detail, in the first part of this thesis, we investigate how users' behaviors impact on the way they interact with a device. Then we review the work related to security challenges of HCI-based authentication on smartphones, and Brain-Computer Interfaces (BCI). Moreover, we design a tool to assess the truthfulness of the information that users input using a computer keyboard. This tool is based on keystroke dynamics and it relies on machine learning technique to achieve this goal. To the best of our knowledge, this is the first work that associates the typing users' behaviors with the production of deceptive personal information. We reached an overall accuracy of 76% in the classification of a single answer as truthful or deceptive. In the second part of this thesis, we review the analysis of network traffic, especially related to the interaction between mobile devices and users. Since the interaction generates a huge amount of network traffic, we propose an innovative framework, GolfEngine, to manage and control the impact of users behavior on the network relying on Software Defined Networking (SDN) techniques. GolfEngine provides users a tool to build their security applications and offers Graphical User Interface (GUI) for managing and monitoring the network. In particular, GolfEngine provides the function of checking policy conflicts when users design security applications and the mechanism to check data storage redundancy. GolfEngine not only prevents the malicious inputting policies but also it enforces the security about network management of network traffic. The results of our simulation underline that GolfEngine provides an efficient, secure, and robust performance for managing network traffic via SDN. In the third and last part of this dissertation, we analyze the security aspects of battery-equipped IoT devices from the energy consumption perspective. Although most of the energy consumption of IoT devices is due to user interaction, there is still a significant amount of energy consumed by point-to-point communication and IoT network management. In this scenario, an adversary may hijack an IoT device and conduct a Denial of Service attack (DoS) that aims to run out batteries of other devices. Therefore, we propose EnergIoT, a novel method based on energetic policies that prevent such attacks and, at the same time, optimizes the communication between users and IoT devices, and extends the lifetime of the network. EnergIoT relies on a hierarchical clustering approach, based on different duty cycle ratios, to maximize network lifetime of energy-constrained smart devices. The results show that EnergIoT enhances the security and improves the network lifetime by 32%, compared to the earlier used approach, without sacrificing the network performance (i.e., end-to-end delay)

A Proposal for Social Ethical Hacking Framework for Detecting and Managing Human-Induced Vulnerabilities in Organizational Cybersecurity

Organizations carry out an ethical hacking approach to combat cybersecurity challenges, focusing on the technical aspects of cybersecurity vulnerabilities. The practice persists despite evidence that shows that human-induced cybersecurity vulnerabilities constitute a significant threat to organizational cybersecurity. To address this gap, we propose the social-ethical hacking framework to deal with human-induced cybersecurity vulnerabilities in organizations. We adopted the interpretive case study research method, the community of practice theory as the theoretical study lens, and university undergraduate students as the study context. Research data was collected through interviews and participatory observation. The study reveals how the communities of practice undergraduate students established in the study context enabled the institutionalization of social actions and behaviors that constitute cybersecurity vulnerabilities. Organizational actors jointly create the social behaviors and actions that make organizations vulnerable to cybersecurity challenges and should focus on social-ethical hacking practices. The result shows the crucial role of competence in degenerating similar behaviors among undergraduate students; and how their social behaviors make their institution susceptible to cyber security threats

Digital Technology and Communications in Today\u27s Cuba

Drawing on four months of ethnographic fieldwork carried out in Havana in 2016, this thesis focuses on how digital technologies have been integrated into Cuban society and how they have been intertwined with the Cuban government’s educational goals and its attempt to control the circulation and quality of information at a time of change. Among the topics discussed are the role of digital technologies in: (1) reconfiguring space and sociality on the island; (2) expanding Cubans’ options to connect with people overseas and meet their desire for knowledge and pride in being worldly and up-to-date; and (3) generating alternative sources of information and entertainment that may compete with, replace, or complement government-sanctioned sources. Overall, the analysis allows me to explore significant societal transformations and the accompanying generational and social differences that characterize contemporary Cuba

Computers & Internet in daily use: учебное пособие для студентов факультета ВМК

Учебное пособие подготовлено для студентов, обучающихся в Институте вычислительной математики и информационных технологий (ВМиИТ-ВМК), имеющих уровень А1/A2, и включает в себя аутентичные тексты из современных электронных источников. Предлагаемые тексты дополняются упражнениями для расширения, закрепления и активизации как специальной, так и общеупотребительной лексики, а также для реферирования текстов по специальности010400.62 Прикладная математика и информатикаАнглийский языкбакалавриа

Computer-Mediated Communication

This book is an anthology of present research trends in Computer-mediated Communications (CMC) from the point of view of different application scenarios. Four different scenarios are considered: telecommunication networks, smart health, education, and human-computer interaction. The possibilities of interaction introduced by CMC provide a powerful environment for collaborative human-to-human, computer-mediated interaction across the globe

The Tethered Economy

Imagine a future in which every purchase decision is as complex as choosing a mobile phone. What will ongoing service cost? Is it compatible with other devices you use? Can you move data and applications across de- vices? Can you switch providers? These are just some of the questions one must consider when a product is “tethered” or persistently linked to the seller. The Internet of Things, but more broadly, consumer products with embedded software, are already tethered. While tethered products bring the benefits of connection, they also carry its pathologies. As sellers blend hardware and software—as well as product and service—tethers yoke the consumer to a continuous post-transaction rela- tionship with the seller. The consequences of that dynamic will be felt both at the level of individual consumer harms and on the scale of broader, economy- wide effects. These consumer and market-level harms, while distinct, reinforce and amplify one another in troubling ways. Seller contracts have long sought to shape consumers’ legal rights. But in a tethered environment, these rights may become nonexistent as legal processes are replaced with automated technological enforcement. In such an environment, the consumer-seller relationship becomes extractive, more akin to consumers captive in an amusement park than to a competitive marketplace in which many sellers strive to offer the best product for the lowest price. At the highest level, consumer protection law is concerned with promot- ing functioning free markets and insulating consumers from harms stemming from information asymmetries. We conclude by exploring legal options to re- duce the pathologies of the tethered economy

Cyber-Physical Threat Intelligence for Critical Infrastructures Security

Modern critical infrastructures can be considered as large scale Cyber Physical Systems (CPS). Therefore, when designing, implementing, and operating systems for Critical Infrastructure Protection (CIP), the boundaries between physical security and cybersecurity are blurred. Emerging systems for Critical Infrastructures Security and Protection must therefore consider integrated approaches that emphasize the interplay between cybersecurity and physical security techniques. Hence, there is a need for a new type of integrated security intelligence i.e., Cyber-Physical Threat Intelligence (CPTI). This book presents novel solutions for integrated Cyber-Physical Threat Intelligence for infrastructures in various sectors, such as Industrial Sites and Plants, Air Transport, Gas, Healthcare, and Finance. The solutions rely on novel methods and technologies, such as integrated modelling for cyber-physical systems, novel reliance indicators, and data driven approaches including BigData analytics and Artificial Intelligence (AI). Some of the presented approaches are sector agnostic i.e., applicable to different sectors with a fair customization effort. Nevertheless, the book presents also peculiar challenges of specific sectors and how they can be addressed. The presented solutions consider the European policy context for Security, Cyber security, and Critical Infrastructure protection, as laid out by the European Commission (EC) to support its Member States to protect and ensure the resilience of their critical infrastructures. Most of the co-authors and contributors are from European Research and Technology Organizations, as well as from European Critical Infrastructure Operators. Hence, the presented solutions respect the European approach to CIP, as reflected in the pillars of the European policy framework. The latter includes for example the Directive on security of network and information systems (NIS Directive), the Directive on protecting European Critical Infrastructures, the General Data Protection Regulation (GDPR), and the Cybersecurity Act Regulation. The sector specific solutions that are described in the book have been developed and validated in the scope of several European Commission (EC) co-funded projects on Critical Infrastructure Protection (CIP), which focus on the listed sectors. Overall, the book illustrates a rich set of systems, technologies, and applications that critical infrastructure operators could consult to shape their future strategies. It also provides a catalogue of CPTI case studies in different sectors, which could be useful for security consultants and practitioners as well

The Problematic of Privacy in the Namespace

In the twenty-first century, the issue of privacy--particularly the privacy of individuals with regard to their personal information and effects--has become highly contested terrain, producing a crisis that affects both national and global social formations. This crisis, or problematic, characterizes a particular historical conjuncture I term the namespace. Using cultural studies and the theory of articulation, I map the emergent ways that the namespace articulates economic, juridical, political, cultural, and technological forces, materials, practices and protocols. The cohesive articulation of the namespace requires that privacy be reframed in ways that make its diminution seem natural and inevitable. In the popular media, privacy is often depicted as the price we pay as citizens and consumers for security and convenience, respectively. This discursive ideological shift supports and underwrites the interests of state and corporate actors who leverage the ubiquitous network of digitally connected devices to engender a new regime of informational surveillance, or dataveillance. The widespread practice of dataveillance represents a strengthening of the hegemonic relations between these actors--each shares an interest in promoting an emerging surveillance society, a burgeoning security politics, and a growing information economy--that further empowers them to capture and store the personal information of citizens/consumers. In characterizing these shifts and the resulting crisis, I also identify points of articulation vulnerable to rearticulation and suggest strategies for transforming the namespace in ways that might empower stronger protections for privacy and related civil rights

Cyber-Physical Threat Intelligence for Critical Infrastructures Security

Modern critical infrastructures can be considered as large scale Cyber Physical Systems (CPS). Therefore, when designing, implementing, and operating systems for Critical Infrastructure Protection (CIP), the boundaries between physical security and cybersecurity are blurred. Emerging systems for Critical Infrastructures Security and Protection must therefore consider integrated approaches that emphasize the interplay between cybersecurity and physical security techniques. Hence, there is a need for a new type of integrated security intelligence i.e., Cyber-Physical Threat Intelligence (CPTI). This book presents novel solutions for integrated Cyber-Physical Threat Intelligence for infrastructures in various sectors, such as Industrial Sites and Plants, Air Transport, Gas, Healthcare, and Finance. The solutions rely on novel methods and technologies, such as integrated modelling for cyber-physical systems, novel reliance indicators, and data driven approaches including BigData analytics and Artificial Intelligence (AI). Some of the presented approaches are sector agnostic i.e., applicable to different sectors with a fair customization effort. Nevertheless, the book presents also peculiar challenges of specific sectors and how they can be addressed. The presented solutions consider the European policy context for Security, Cyber security, and Critical Infrastructure protection, as laid out by the European Commission (EC) to support its Member States to protect and ensure the resilience of their critical infrastructures. Most of the co-authors and contributors are from European Research and Technology Organizations, as well as from European Critical Infrastructure Operators. Hence, the presented solutions respect the European approach to CIP, as reflected in the pillars of the European policy framework. The latter includes for example the Directive on security of network and information systems (NIS Directive), the Directive on protecting European Critical Infrastructures, the General Data Protection Regulation (GDPR), and the Cybersecurity Act Regulation. The sector specific solutions that are described in the book have been developed and validated in the scope of several European Commission (EC) co-funded projects on Critical Infrastructure Protection (CIP), which focus on the listed sectors. Overall, the book illustrates a rich set of systems, technologies, and applications that critical infrastructure operators could consult to shape their future strategies. It also provides a catalogue of CPTI case studies in different sectors, which could be useful for security consultants and practitioners as well