1,217 research outputs found
A Trust Management Framework for Vehicular Ad Hoc Networks
The inception of Vehicular Ad Hoc Networks (VANETs) provides an opportunity for road users and public infrastructure to share information that improves the operation of roads and the driver experience. However, such systems can be vulnerable to malicious external entities and legitimate users. Trust management is used to address attacks from legitimate users in accordance with a userâs trust score. Trust models evaluate messages to assign rewards or punishments. This can be used to influence a driverâs future behaviour or, in extremis, block the driver. With receiver-side schemes, various methods are used to evaluate trust including, reputation computation, neighbour recommendations, and storing historical information. However, they incur overhead and add a delay when deciding whether to accept or reject messages. In this thesis, we propose a novel Tamper-Proof Device (TPD) based trust framework for managing trust of multiple drivers at the sender side vehicle that updates trust, stores, and protects information from malicious tampering. The TPD also regulates, rewards, and punishes each specific driver, as required. Furthermore, the trust score determines the classes of message that a driver can access. Dissemination of feedback is only required when there is an attack (conflicting information). A Road-Side Unit (RSU) rules on a dispute, using either the sum of products of trust and feedback or official vehicle data if available. These âuntrue attacksâ are resolved by an RSU using collaboration, and then providing a fixed amount of reward and punishment, as appropriate. Repeated attacks are addressed by incremental punishments and potentially driver access-blocking when conditions are met. The lack of sophistication in this fixed RSU assessment scheme is then addressed by a novel fuzzy logic-based RSU approach. This determines a fairer level of reward and punishment based on the severity of incident, driver past behaviour, and RSU confidence. The fuzzy RSU controller assesses judgements in such a way as to encourage drivers to improve their behaviour. Although any driver can lie in any situation, we believe that trustworthy drivers are more likely to remain so, and vice versa. We capture this behaviour in a Markov chain model for the sender and reporter driver behaviours where a driverâs truthfulness is influenced by their trust score and trust state. For each trust state, the driverâs likelihood of lying or honesty is set by a probability distribution which is different for each state. This framework is analysed in Veins using various classes of vehicles under different traffic conditions. Results confirm that the framework operates effectively in the presence of untrue and inconsistent attacks. The correct functioning is confirmed with the system appropriately classifying incidents when clarifier vehicles send truthful feedback. The framework is also evaluated against a centralized reputation scheme and the results demonstrate that it outperforms the reputation approach in terms of reduced communication overhead and shorter response time. Next, we perform a set of experiments to evaluate the performance of the fuzzy assessment in Veins. The fuzzy and fixed RSU assessment schemes are compared, and the results show that the fuzzy scheme provides better overall driver behaviour. The Markov chain driver behaviour model is also examined when changing the initial trust score of all drivers
Recommended from our members
Reconciling Shannon and Scott with a Lattice of Computable Information
This paper proposes a reconciliation of two different theories of information. The first, originally proposed in a lesser-known work by Claude Shannon (some five years after the publication of his celebrated quantitative theory of communication), describes how the information content of channels can be described qualitatively, but still abstractly, in terms of information elements, where information elements can be viewed as equivalence relations over the data source domain. Shannon showed that these elements have a partial ordering, expressing when one information element is more informative than another, and that these partially ordered information elements form a complete lattice. In the context of security and information flow this structure has been independently rediscovered several times, and used as a foundation for understanding and reasoning about information flow. The second theory of information is Dana Scott\u27s domain theory, a mathematical framework for giving meaning to programs as continuous functions over a particular topology. Scott\u27s partial ordering also represents when one element is more informative than another, but in the sense of computational progress - i.e. when one element is a more defined or evolved version of another. To give a satisfactory account of information flow in computer programs it is necessary to consider both theories together, in order to understand not only what information is conveyed by a program (viewed as a channel, \ue0 la Shannon) but also how the precision with which that information can be observed is determined by the definedness of its encoding (\ue0 la Scott). To this end we show how these theories can be fruitfully combined, by defining the Lattice of Computable Information (LoCI), a lattice of preorders rather than equivalence relations. LoCI retains the rich lattice structure of Shannon\u27s theory, filters out elements that do not make computational sense, and refines the remaining information elements to reflect how Scott\u27s ordering captures possible varieties in the way that information is presented. We show how the new theory facilitates the first general definition of termination-insensitive information flow properties, a weakened form of information flow property commonly targeted by static program analyses
LIPIcs, Volume 251, ITCS 2023, Complete Volume
LIPIcs, Volume 251, ITCS 2023, Complete Volum
Understanding U.S. Customers\u27 Intention to Adopt Robo-Advisor Technology
Finance and information technology scholars wrote that there is a literature gap on what factors drive investors in Western financial markets to use a Robo-advisor to manage their investments. The purpose of this qualitative, single case study with embedded units is to understand the adoption intentions of retail investors in U.S. markets to use a Robo-advisor instead of a human advisor. A single case study design addressed the literature gap, and qualitative data from seven semi=structured interviews, reflective field notes, and archival data were triangulated to answer the research question. This study was grounded in a theoretical framework that includes the theory of planned behavior, the technology acceptance model, the unified theory of acceptance, and the use of technology. Thematic analysis revealed nine themes of the study: a) awareness of Robo-advisory systems, (b) perceptions of risk connected to customerâs financial literacy, (c) data security risk lowers acceptance of Robo-advisor technology, (d) Robo-advisor is filtering out emotional customer biases, (e) customer ambivalence on Robo-advisor capabilities, (f) perceived ease of use, (g) trust in the Robo-advisor, (h) customer ambivalence on adoption intention, and (i) low adoption intention for customers with low financial literacy. This studyâs results indicated that financial institutions must still earn customersâ trust by protecting their data through secure platforms and processes and customizing Robo advisor services, products, and offers, to their needs. By further understanding retail investorsâ adoption intentions in using a Robo-advisor, this studyâs results may drive positive social change by offering pathways to very low-cost, automated financial management advice to a broader segment of new and intermediate investors
zk-Sherlock: Exposing Hardware Trojans in Zero-Knowledge
As integrated circuit (IC) design and manufacturing have become highly globalized, hardware security risks become more prominent as malicious parties can exploit multiple stages of the supply chain for profit. Two potential targets in this chain are third-party intellectual property (3PIP) vendors and their customers. Untrusted parties can insert hardware Trojans into 3PIP circuit designs that can both alter device functionalities when triggered or create a side channel to leak sensitive information such as cryptographic keys. To mitigate this risk, the absence of Trojans in 3PIP designs should be verified before integration, imposing a major challenge for vendors who have to argue their IPs are safe to use, while also maintaining the privacy of their designs before ownership is transferred. To achieve this goal, in this work we employ modern cryptographic protocols for zero-knowledge proofs and enable 3PIP vendors prove an IP design is free of Trojan triggers without disclosing the corresponding netlist. Our approach uses a specialized circuit compiler that transforms arbitrary netlists into a zero-knowledge-friendly format, and introduces a versatile Trojan detection module that maintains the privacy of the actual netlist. We evaluate the effectiveness of our methodology using selected benchmarks
Recurring Contingent Service Payment
Fair exchange protocols let two mutually distrustful parties exchange digital
data in a way that neither party can cheat. They have various applications such
as the exchange of digital items, or the exchange of digital coins and digital
services between a buyer/client and seller/server.
In this work, we formally define and propose a generic blockchain-based
construction called "Recurring Contingent Service Payment" (RC-S-P). It (i)
lets a fair exchange of digital coins and verifiable service reoccur securely
between clients and a server while ensuring that the server is paid if and only
if it delivers a valid service, and (ii) ensures the parties' privacy is
preserved. RC-S-P supports arbitrary verifiable services, such as "Proofs of
Retrievability" (PoR) or verifiable computation and imposes low on-chain
overheads. Our formal treatment and construction, for the first time, consider
the setting where either client or server is malicious.
We also present a concrete efficient instantiation of RC- S-P when the
verifiable service is PoR. We implemented the concrete instantiation and
analysed its cost. When it deals with a 4-GB outsourced file, a verifier can
check a proof in only 90 milliseconds, and a dispute between a prover and
verifier is resolved in 0.1 milliseconds.
At CCS 2017, two blockchain-based protocols were proposed to support the fair
exchange of digital coins and a certain verifiable service; namely, PoR. In
this work, we show that these protocols (i) are susceptible to a free-riding
attack which enables a client to receive the service without paying the server,
and (ii) are not suitable for cases where parties' privacy matters, e.g., when
the server's proof status or buyer's file size must remain private from the
public. RC- S-P simultaneously mitigates the above attack and preserves the
parties' privacy
Current issues of the management of socio-economic systems in terms of globalization challenges
The authors of the scientific monograph have come to the conclusion that the management of socio-economic systems in the terms of global challenges requires the use of mechanisms to ensure security, optimise the use of resource potential, increase competitiveness, and provide state support to economic entities. Basic research focuses on assessment of economic entities in the terms of global challenges, analysis of the financial system, migration flows, logistics and product exports, territorial development. The research results have been implemented in the different decision-making models in the context of global challenges, strategic planning, financial and food security, education management, information technology and innovation. The results of the study can be used in the developing of directions, programmes and strategies for sustainable development of economic entities and regions, increasing the competitiveness of products and services, decision-making at the level of ministries and agencies that regulate the processes of managing socio-economic systems. The results can also be used by students and young scientists in the educational process and conducting scientific research on the management of socio-economic systems in the terms of global challenges
Artificial Intelligence and International Conflict in Cyberspace
This edited volume explores how artificial intelligence (AI) is transforming international conflict in cyberspace. Over the past three decades, cyberspace developed into a crucial frontier and issue of international conflict. However, scholarly work on the relationship between AI and conflict in cyberspace has been produced along somewhat rigid disciplinary boundaries and an even more rigid sociotechnical divide â wherein technical and social scholarship are seldomly brought into a conversation. This is the first volume to address these themes through a comprehensive and cross-disciplinary approach. With the intent of exploring the question âwhat is at stake with the use of automation in international conflict in cyberspace through AI?â, the chapters in the volume focus on three broad themes, namely: (1) technical and operational, (2) strategic and geopolitical and (3) normative and legal. These also constitute the three parts in which the chapters of this volume are organised, although these thematic sections should not be considered as an analytical or a disciplinary demarcation
Family Life in the Time of COVID: International Perspectives
COVID-19 turned the world as we knew it upside down, impacting families around the world in profound ways. Seeking to understand this global experience, Family Life in the Time of COVID brings together case studies from 10 countries that explore how local responses to the pandemic shaped, and were shaped by, understandings and practices of family life. Carried out by an international team during the first year of the pandemic, these in-depth, longitudinal, qualitative investigations examined the impact of the pandemic on families and relationships across diverse contexts and cultures. They looked at how families made sense of complex lockdown laws, how they coped with collective worry about the unknown, managed their finances, fed themselves, and got to grips with online work and schooling to understand better how life had transformed (or not). In short, the research revealed their everyday joys and struggles in times of great uncertainty. Each case study follows the same methodology revealing experiences in Argentina, Chile, Pakistan, Russia, Singapore, South Africa, Sweden, Taiwan, the United Kingdom and the USA. They show how local government responses were understood and responded to by families, and how different cultures and life circumstances impacted everyday life during the pandemic. Ultimately the analysis demonstrates how experiences of global social upheaval are shaped by international and local policies, as well as the sociocultural ideas and practices of diverse families
- âŠ