WARP: A ICN architecture for social data

Social network companies maintain complete visibility and ownership of the data they store. However users should be able to maintain full control over their content. For this purpose, we propose WARP, an architecture based upon Information-Centric Networking (ICN) designs, which expands the scope of the ICN architecture beyond media distribution, to provide data control in social networks. The benefit of our solution lies in the lightweight nature of the protocol and in its layered design. With WARP, data distribution and access policies are enforced on the user side. Data can still be replicated in an ICN fashion but we introduce control channels, named \textit{thread updates}, which ensures that the access to the data is always updated to the latest control policy. WARP decentralizes the social network but still offers APIs so that social network providers can build products and business models on top of WARP. Social applications run directly on the user's device and store their data on the user's \textit{butler} that takes care of encryption and distribution. Moreover, users can still rely on third parties to have high-availability without renouncing their privacy

Design and Management of Collaborative Intrusion Detection Networks

In recent years network intrusions have become a severe threat to the privacy and safety of computer users. Recent cyber attacks compromise a large number of hosts to form botnets. Hackers not only aim at harvesting private data and identity information from compromised nodes, but also use the compromised nodes to launch attacks such as distributed denial-of-service (DDoS) attacks. As a counter measure, Intrusion Detection Systems (IDS) are used to identify intrusions by comparing observable behavior against suspicious patterns. Traditional IDSs monitor computer activities on a single host or network traffic in a sub-network. They do not have a global view of intrusions and are not effective in detecting fast spreading attacks, unknown, or new threats. In turn, they can achieve better detection accuracy through collaboration. An Intrusion Detection Network (IDN) is such a collaboration network allowing IDSs to exchange information with each other and to benefit from the collective knowledge and experience shared by others. IDNs enhance the overall accuracy of intrusion assessment as well as the ability to detect new intrusion types. Building an effective IDN is however a challenging task. For example, adversaries may compromise some IDSs in the network and then leverage the compromised nodes to send false information, or even attack others in the network, which can compromise the efficiency of the IDN. It is, therefore, important for an IDN to detect and isolate malicious insiders. Another challenge is how to make efficient intrusion detection assessment based on the collective diagnosis from other IDSs. Appropriate selection of collaborators and incentive-compatible resource management in support of IDSs' interaction with others are also key challenges in IDN design. To achieve efficiency, robustness, and scalability, we propose an IDN architecture and especially focus on the design of four of its essential components, namely, trust management, acquaintance management, resource management, and feedback aggregation. We evaluate our proposals and compare them with prominent ones in the literature and show their superiority using several metrics, including efficiency, robustness, scalability, incentive-compatibility, and fairness. Our IDN design provides guidelines for the deployment of a secure and scalable IDN where effective collaboration can be established between IDSs

Web3Recommend: Decentralised recommendations with trust and relevance

Web3Recommend is a decentralized Social Recommender System implementation that enables Web3 Platforms on Android to generate recommendations that balance trust and relevance. Generating recommendations in decentralized networks is a non-trivial problem because these networks lack a global perspective due to the absence of a central authority. Further, decentralized networks are prone to Sybil Attacks in which a single malicious user can generate multiple fake or Sybil identities. Web3Recommend relies on a novel graph-based content recommendation design inspired by GraphJet, a recommendation system used in Twitter enhanced with MeritRank, a decentralized reputation scheme that provides Sybil-resistance to the system. By adding MeritRank's decay parameters to the vanilla Social Recommender Systems' personalized SALSA graph algorithm, we can provide theoretical guarantees against Sybil Attacks in the generated recommendations. Similar to GraphJet, we focus on generating real-time recommendations by only acting on recent interactions in the social network, allowing us to cater temporally contextual recommendations while keeping a tight bound on the memory usage in resource-constrained devices, allowing for a seamless user experience. As a proof-of-concept, we integrate our system with MusicDAO, an open-source Web3 music-sharing platform, to generate personalized, real-time recommendations. Thus, we provide the first Sybil-resistant Social Recommender System, allowing real-time recommendations beyond classic user-based collaborative filtering. The system is also rigorously tested with extensive unit and integration tests. Further, our experiments demonstrate the trust-relevance balance of recommendations against multiple adversarial strategies in a test network generated using data from real music platforms

Secure, Efficient and Privacy-aware Framework for Unstructured Peer-to-Peer Networks

Recently, the advances in Ubiquitous Computing networks and the increased computational power of network devices have led designers to create more flexible distributed network models using decentralised network management systems. Security, resilience and privacy issues within such distributed systems become more complicated while important tasks such as routing, service access and state management become increasingly challenging. Low-level protocols over ubiquitous decentralised systems, which provide autonomy to network nodes, have replaced the traditional client-server arrangements in centralised systems. Small World networks represent a model that addresses many existing challenges within Ubiquitous Computing networks. Therefore, it is imperative to study the properties of Small World networks to help understanding, modelling and improving the performance, usability and resiliency of Ubiquitous Computing networks. Using the network infrastructure and trusted relationships in the Small World networks, this work proposes a framework to enhance security, resilience and trust within scalable Peer-to-Peer (P2P) networks. The proposed framework consists of three major components namely network-aware topology construction, anonymous global communication using community trust, and efficient search and broadcasting based on granularity and pro-active membership management. We utilise the clustering co-efficient and conditional preferential attachment to propose a novel topology construction scheme that organises nodes into groups of trusted users to improve scalability. Network nodes communicate locally without advertising node identity at a global scale, which ensures user anonymity. The global communication is organised and facilitated by Service Centres to maintain security, privacy and integrity of member nodes. Service Centres are allocated using a novel leader election mechanism within unstructured scalable P2P networks. This allows providing fair and equitable access for existing and new nodes without having to make complex changes to the network topology. Moreover, the scale-free and clustering co-efficient characteristics of Small World networks help organising the network layout to maintain its balance in terms of the nodes distribution. Simulation results show that the proposed framework ensures better scalability and membership management in unstructured P2P networks, and improves the performance of the search and broadcasting in terms of the average shortest path and control overhead while maintaining user anonymity and system resiliency

Managing the Internet of Things based on its Social Structure

Society is moving towards an “always connected” paradigm, where the Internet user is shifting from persons to things, leading to the so called Internet of Things (IoT) scenario. The IoT vision integrates a large number of technologies and foresees to embody a variety of smart objects around us (such as sensors, actuators, smartphones, RFID, etc.) that, through unique addressing schemes and standard communication protocols, are able to interact with each Others and cooperate with their neighbors to reach common goals [2, 3]. IoT is a hot research topic, as demonstrated by the increasing attention and the large worldwide investments devoted to it. It is believed that the IoT will be composed of trillions of elements interacting in an extremely heterogeneous way in terms of requirements, behavior and capabilities; according to [4], by 2015 the RIFD devices alone will reach hundreds of billions. Unquestionably, the IoT will pervade every aspect of our world and will have a huge impact in our everyday life: indeed, as stated by the US National Intelligence Council (NIC) [5], “by 2025 Internet nodes may reside in everyday things − food packages, furniture, paper documents, and more”. Then, communications will not only involve persons but also things thus bringing about the IoT environment in which objects will have virtual counterparts on the Internet. Such virtual entities will produce and consume services, collaborate toward common goals and should be integrated with all the other services. One of the biggest challenges that the research community is facing right now is to be able to organize such an ocean of devices so that the discovery of objects and services is performed efficiently and in a scalable way. Recently, several attempts have been made to apply concepts of social networking to the IoT. There are scientific evidences that a large number of individuals tied in a social network can provide far more accurate answers to complex problems than a single individual (or a small group of – even knowledgeable – individuals) [1]. The exploitation of such a principle, applied to smart objects, has been widely investigated in Internet-related researches. Indeed, several schemes have been proposed that use social networks to search Internet resources, to route traffic, or to select effective policies for content distribution. The idea that the convergence of the “Internet of Things” and the “Social Networks” worlds, which up to now were mostly kept separate by both scientific and industrial communities, is possible or even advisable is gaining momentum very quickly. This is due to the growing awareness that a “Social Internet of Things” (SIoT) paradigm carries with it many desirable implications in a future world populated by objects permeating the everyday life of human beings. Therefore, the goal of this thesis is to define a possible architecture for the SIoT, which includes the functionalities required to integrate things into a social network, and the needed strategies to help things to create their relationships in such a way that the resulting social network is navigable. Moreover, it focuses on the trustworthiness management, so that interaction among objects that are friends can be done in a more reliable way and proposes a possible implementation of a SIoT network. Since this thesis covers several aspects of the Social internet of Things, I will present the state of the art related to the specific research activities at the beginning of every Chapter. The rest of the thesis is structured as follows. In Chapter 1, I identify appropriate policies for the establishment and the management of social relationships between objects, describe a possible architecture for the IoT that includes the functionalities required to integrate things into a social network and analyze the characteristics of the SIoT network structure by means of simulations. Chapter 2 addresses the problem of the objects to manage a large number of friends, by analyzing possible strategies to drive the objects to select the appropriate links for the benefit of overall network navigability and to speed up the search of the services. In Chapter 3, I focus on the problem of understanding how the information provided by members of the social IoT has to be processed so as to build a reliable system on the basis of the behavior of the objects and define two models for trustworthiness management starting from the solutions proposed for P2P and social networks. Chapter 4 presents an implementation of a SIoT platform and its major functionalities: how to register a new social object to the platform, how the system manages the creation of new relationships, and how the devices create groups of members with similar characteristics. Finally, in Chapter 5, conclusions will be drawn regarding the effectiveness of the proposed Introduction 3 algorithms, and some possible future works will be sketche

Managing the Internet of Things based on its Social Structure

Society is moving towards an “always connected” paradigm, where the Internet user is shifting from persons to things, leading to the so called Internet of Things (IoT) scenario. The IoT vision integrates a large number of technologies and foresees to embody a variety of smart objects around us (such as sensors, actuators, smartphones, RFID, etc.) that, through unique addressing schemes and standard communication protocols, are able to interact with each Others and cooperate with their neighbors to reach common goals [2, 3]. IoT is a hot research topic, as demonstrated by the increasing attention and the large worldwide investments devoted to it. It is believed that the IoT will be composed of trillions of elements interacting in an extremely heterogeneous way in terms of requirements, behavior and capabilities; according to [4], by 2015 the RIFD devices alone will reach hundreds of billions. Unquestionably, the IoT will pervade every aspect of our world and will have a huge impact in our everyday life: indeed, as stated by the US National Intelligence Council (NIC) [5], “by 2025 Internet nodes may reside in everyday things − food packages, furniture, paper documents, and more”. Then, communications will not only involve persons but also things thus bringing about the IoT environment in which objects will have virtual counterparts on the Internet. Such virtual entities will produce and consume services, collaborate toward common goals and should be integrated with all the other services. One of the biggest challenges that the research community is facing right now is to be able to organize such an ocean of devices so that the discovery of objects and services is performed efficiently and in a scalable way. Recently, several attempts have been made to apply concepts of social networking to the IoT. There are scientific evidences that a large number of individuals tied in a social network can provide far more accurate answers to complex problems than a single individual (or a small group of – even knowledgeable – individuals) [1]. The exploitation of such a principle, applied to smart objects, has been widely investigated in Internet-related researches. Indeed, several schemes have been proposed that use social networks to search Internet resources, to route traffic, or to select effective policies for content distribution. The idea that the convergence of the “Internet of Things” and the “Social Networks” worlds, which up to now were mostly kept separate by both scientific and industrial communities, is possible or even advisable is gaining momentum very quickly. This is due to the growing awareness that a “Social Internet of Things” (SIoT) paradigm carries with it many desirable implications in a future world populated by objects permeating the everyday life of human beings. Therefore, the goal of this thesis is to define a possible architecture for the SIoT, which includes the functionalities required to integrate things into a social network, and the needed strategies to help things to create their relationships in such a way that the resulting social network is navigable. Moreover, it focuses on the trustworthiness management, so that interaction among objects that are friends can be done in a more reliable way and proposes a possible implementation of a SIoT network. Since this thesis covers several aspects of the Social internet of Things, I will present the state of the art related to the specific research activities at the beginning of every Chapter. The rest of the thesis is structured as follows. In Chapter 1, I identify appropriate policies for the establishment and the management of social relationships between objects, describe a possible architecture for the IoT that includes the functionalities required to integrate things into a social network and analyze the characteristics of the SIoT network structure by means of simulations. Chapter 2 addresses the problem of the objects to manage a large number of friends, by analyzing possible strategies to drive the objects to select the appropriate links for the benefit of overall network navigability and to speed up the search of the services. In Chapter 3, I focus on the problem of understanding how the information provided by members of the social IoT has to be processed so as to build a reliable system on the basis of the behavior of the objects and define two models for trustworthiness management starting from the solutions proposed for P2P and social networks. Chapter 4 presents an implementation of a SIoT platform and its major functionalities: how to register a new social object to the platform, how the system manages the creation of new relationships, and how the devices create groups of members with similar characteristics. Finally, in Chapter 5, conclusions will be drawn regarding the effectiveness of the proposed Introduction 3 algorithms, and some possible future works will be sketche

Trustworthy-based efficient data broadcast model for P2P interaction in resource-constrained wireless environments

AbstractIn a decentralised system like P2P where each individual peers are considerably autonomous, the notion of mutual trust between peers is critical. In addition, when the environment is subject to inherent resource constraints, any efficiency efforts are essentially needed. In light of these two issues, we propose a novel trustworthy-based efficient broadcast scheme in a resource-constrained P2P environment. The trustworthiness is associated with the peerʼs reputation. A peer holds a personalised view of reputation towards other peers in four categories namely SpEed, Correctness, qUality, and Risk-freE (SeCuRE). The value of each category constitutes a fraction of the reliability of individual peer. Another factor that contributes to the reliability of a peer is the peerʼs credibility concerning trustworthiness in providing recommendation about other peers. Our trust management scheme is applied in conjunction with our trust model in order to detect malicious and collaborative-based malicious peers. Knowledge of trustworthiness among peers is used in our proposed broadcast model named trustworthy-based estafet multi-point relays (TEMPR). This model is designed to minimise the communication overhead between peers while considering the trustworthiness of the peers such that only trustworthy peer may relay messages to other peers. With our approach, each peer is able to disseminate messages in the most efficient and reliable manner

A NOVEL FRAMEWORK FOR SOCIAL INTERNET OF THINGS: LEVERAGING THE FRIENDSHIPS AND THE SERVICES EXCHANGED BETWEEN SMART DEVICES

As humans, we tackle many problems in complex societies and manage the complexities of networked social systems. Cognition and sociability are two vital human capabilities that improve social life and complex social interactions. Adding these features to smart devices makes them capable of managing complex and networked Internet of Things (IoT) settings. Cognitive and social devices can improve their relationships and connections with other devices and people to better serve human needs. Nowadays, researchers are investigating two future generations of IoT: social IoT (SIoT) and cognitive IoT (CIoT). This study develops a new framework for IoT, called CSIoT, by using complexity science concepts and by integrating social and cognitive IoT concepts. This framework uses a new mechanism to leverage the friendships between devices to address service management, privacy, and security. The framework addresses network navigability, resilience, and heterogeneity between devices in IoT settings. This study uses a new simulation tool for evaluating the new CSIoT framework and evaluates the privacy-preserving ability of CSIoT using the new simulation tool. To address different CSIoT security and privacy issues, this study also proposes a blockchain-based CSIoT. The evaluation results show that CSIoT can effectively preserve the privacy and the blockchain-based CSIoT performs effectively in addressing different privacy and security issues

A Secure Peer-to-Peer Application Framework

The nature of the Internet has changed dramatically. From a modest research network, it has evolved into one of the most important fabrics of our modern society, affecting the lives of billions each day. We rely on it for everything from performing our daily chores to accessing rich media and keeping in touch with our friends. Despite this change, service provisioning has largely remained intact. Services are provided in a centralized manner, resulting in bottlenecks and vulnerable collections of, often unwittingly, submitted sensitive information. Peer-to-peer (P2P) technologies have the potential to provide a better alternative for future networking. P2P services distribute the load from a single node to a network of peers, relying on the resources of the end-users themselves. Not only does it remove the bottlenecks, it has the potential to provide a more personal and safe networking environment. In this dissertation, we inspect the feasibility and implications of a generic, cross-application, P2P framework. We present the design and implementation of a framework that uses existing infrastructure and advanced networking protocols to create a secure environment. Using this framework, applications are able to benefit from P2P networking without having to deploy new infrastructure or implement complex connection- and identity management. Users benefit from using a single, strong, cross-application identity management and having better control over their data. This improves the trust within the system and enables new ways of dealing with security threats. We demonstrate the feasibility of the framework by evaluating the performance and usability of the prototype implementation. This provides a model for future networking applications and insight into the security and usability issues these will face