Secure digital voting system based on blockchain technology

Electronic voting or e-voting has been used in varying forms since 1970s with fundamental benefits over paper based systems such as increased efficiency and reduced errors. However, there remain challenges to achieve wide spread adoption of such systems especially with respect to improving their resilience against potential faults. Blockchain is a disruptive technology of current era and promises to improve the overall resilience of e-voting systems. This paper presents an effort to leverage benefits of blockchain such as cryptographic foundations and transparency to achieve an effective scheme for e-voting. The proposed scheme conforms to the fundamental requirements for e-voting schemes and achieves end-to-end verifiability. The paper presents details of the proposed e-voting scheme along with its implementation using Multichain platform. The paper presents in-depth evaluation of the scheme which successfully demonstrates its effectiveness to achieve an end-to-end verifiable e-voting scheme

A novel framework for collaborative intrusion detection for M2M networks

The proliferation of sensor devices has introduced exciting possibilities such as the Internet of Things (IoT). Machine to Machine (M2M) communication underpins efficient interactions within such infrastructures. The resource constraints and ad-hoc nature of these networks have significant implications for security in general and with respect to intrusion detection in particular. Consequently, contemporary solutions mandating a stable infrastructure are inadequate to fulfill these defining characteristics of M2M networks. In this paper, we present COLIDE (COLlaborative Intrusion Detection Engine) a novel framework for effective intrusion detection in the M2M networks without incurring high energy and communication cost on the participating host and edge nodes. The framework is envisioned to address challenges such as flexibility, resource constraints, and the collaborative nature of the M2M networks. The paper presents a detailed system description along with its formal and empirical evaluation using Contiki OS. Our evaluation for different communication scenarios demonstrates that the proposed approach has limited overhead in terms of energy utilization and memory consumption

A privacy-preserving framework for smart context-aware healthcare applications

Smart connected devices are widely used in healthcare to achieve improved well-being, quality of life, and security of citizens. While improving quality of healthcare, such devices generate data containing sensitive patient information where unauthorized access constitutes breach of privacy leading to catastrophic outcomes for an individual as well as financial loss to the governing body via regulations such as the General Data Protection Regulation. Furthermore, while mobility afforded by smart devices enables ease of monitoring, portability, and pervasive processing, it introduces challenges with respect to scalability, reliability, and context awareness. This paper is focused on privacy preservation within smart context-aware healthcare emphasizing privacy assurance challenges within Electronic Transfer of Prescription. We present a case for a comprehensive, coherent, and dynamic privacy-preserving system for smart healthcare to protect sensitive user data. Based on a thorough analysis of existing privacy preservation models, we propose an enhancement to the widely used Salford model to achieve privacy preservation against masquerading and impersonation threats. The proposed model therefore improves privacy assurance for smart healthcare while addressing unique challenges with respect to context-aware mobility of such applications. © 2019 John Wiley & Sons, Ltd

A privacy‐preserving framework for smart context‐aware healthcare applications

Internet of things (IoT) is a disruptive paradigm with wide ranging applications including healthcare, manufacturing, transportation and retail. Within healthcare, smart connected wearable devices are widely used to achieve improved wellbeing, quality of life and security of citizens. Such connected devices generate significant amount of data containing sensitive information about patient requiring adequate protection and privacy assurance. Unauthorized access to an individual’s private data constitutes a breach of privacy leading to catastrophic outcomes for an individuals personal and professional life. Furthermore, breach of privacy may also lead to financial loss to the governing body such as those proposed as part of the General Data Protection Regulation (GDPR) in Europe. Furthermore, while mobility afforded by smart devices enables ease of monitoring, portability and pervasive processing, it also introduces challenges with respect to scalability, reliability and context-awareness for its applications. This paper is focused on privacy preservation within smart context-aware healthcare with a special emphasis on privacy assurance challenges within the Electronic Transfer of Prescription (ETP). To this extent, we present a case for a comprehensive, coherent, and dynamic privacypreserving system for smart healthcare to protect sensitive user data. Based on a thorough analysis of existing privacy preservation models we propose an enhancement for the widely used Salford model to achieve privacy preservation against masquerading and impersonation threats. The proposed model therefore improves privacy assurance for cutting edge IoT applications such as smart healthcare whilst addressing unique challenges with respect to context-aware mobility of such applications

Clustering VoIP caller for SPIT identification

The number of unsolicited and advertisement telephony calls over traditional and Internet telephony has rapidly increased over recent few years. Every year, the telecommunication regulators, law enforcement agencies and telecommunication operators receive a very large number of complaints against these unsolicited, unwanted calls. These unwanted calls not only bring financial loss to the users of the telephony but also annoy them with unwanted ringing alerts. Therefore, it is important for the operators to block telephony spammers at the edge of the network so to gain trust of their customers. In this paper, we propose a novel spam detection system by incorporating different social network features for combating unwanted callers at the edge of the network. To this extent the reputation of each caller is computed by processing call detailed records of user using three social network features that are the frequency of the calls between caller and the callee, the duration between caller and the callee and the number of outgoing partners associated with the caller. Once the reputation of the caller is computed, the caller is then places in a spam and non-spam clusters using unsupervised machine learning. The performance of the proposed approach is evaluated using a synthetic dataset generated by simulating the social behaviour of the spammers and the non-spammers. The evaluation results reveal that the proposed approach is highly effective in blocking spammer with 2% false positive rate under a large number of spammers. Moreover, the proposed approach does not require any change in the underlying VoIP network architecture, and also does not introduce any additional signalling delay in a call set-up phase

A bibliometric approach to quantitatively assess current research trends in 5G security

Cellular communication has seen remarkable growth since its inception and has now evolved into fifth generation (5G) networks. Promising services and use cases are envisioned leveraging the advancements within this technology including but not limited to the Internet of Things (IoT), massive MIMO, Device to Device communication (D2D), Vehicle to Everything (V2X) communication, and VR/AR applications. It integrates enabling technologies such as Edge computing, Network Function Virtualization (NFV), and Software Defined Networks (SDN) to support a broad range of use cases and application scenarios. Significant security and privacy challenges have arisen and are attracting interest from both academia and industry to develop bespoke solutions to address them. This study aims to examine research within security and privacy for 5G-based systems highlighting contributions made by the research community and identify research trends within different subdomains of 5G security where open issues still exist. The paper uses a bibliographic approach to review the state-of-the-art in the field of 5G security and is the pioneering effort to investigate 5G security research using this methodology. Specifically, the paper presents a quantitative description of the existing contributions in terms of authors, organizations, and countries. It then presents detailed keyword and co-citation analysis which shows the quantity and pattern of research work in different subfields. Finally, 5G security areas, having open challenges, are identified for future research work

Decentralized document version control using ethereum blockchain and IPFS

In this paper, we propose a blockchain-based solution and framework for document sharing and version control to facilitate multi-user collaboration and track changes in a trusted, secure, and decentralized manner, with no involvement of a centralized trusted entity or third party. This solution is based on utilizing Ethereum smart contracts to govern and regulate the document version control functions among the creators and developers of the document and its validators. Moreover, our solution leverages the benefits of IPFS (InterPlanetary File System) to store documents on a decentralized file system. The proposed solution automates necessary interactions among multiple actors comprising developers and approvers. Smart contracts have been developed using Solidity language, and their functionalities were tested using the Remix IDE (Integrated Development Environment). The paper demonstrates that our smart contract code is free of commonly known security vulnerabilities and attacks. The code has been made publically available at Github

Automated Framework for Validation of Embedded Linux Build System in Continuous Integration Environment

Availability of open source build systems like OpenEmbedded can simplify the usage of embedded Linux by allowing creation of highly customizable Linux distributions in time efficient fashion. Testing matrix becomes huge if build system supports various host operating systems and target platforms. In this paper we present a comprehensive model for executing unattended tests covering both the host side build system testing and target side runtime testing including benchmarking of an embedded Linux. This model facilitates testing for “Agile distributed development” in continuous Integration environment. Utilizing this model enabled us to identify some critical issues that would have gone undetected otherwise.&nbsp

Investigating performance constraints for blockchain based secure e-voting system

Voting is one of the fundamental pillars of modern democracy. Continuous efforts have been made to strengthen the processes and methods involved to achieve verifiable, transparent voting systems. In recent years, blockchain has been increasingly used to address multi-dimensional challenges across widespread application domains including healthcare, finance and e-voting. However, achieving an efficient solution via use of blockchain requires consideration of a range of factors such as block generation rate, transaction speed, and block size which have a profound role in determining the overall performance of the solution. Current research into this aspect of blockchain is focused on Bitcoin with the objective to achieve comparable performance as of existing online payment systems such as VISA. However, there exists a gap in literature with respect to investigating performance constraints for wider application domains. In this paper, we present our efforts to address this gap by presenting a detailed study into performance and scalability constraints for an e-voting system. Specifically, we conducted rigorous experimentation with permissioned and permissionless blockchain settings across different scenarios with respect to voting population, block size, block generation rate and transaction speed. The experiments highlighted interesting observations with respect to the impact of these parameters on the overall efficiency and scalability of the e-voting model including trade-offs between different parameters as well as security and performance. present our efforts to address this gap by presenting a detailed study into performance and scalability constraints for an e-voting system. Specifically, we conducted rigorous experimentation with permissioned and permissionless blockchain settings across different scenarios with respect to voting population, block size, block generation rate and transaction speed. The experiments highlighted interesting observations with respect to the impact of these parameters on the overall efficiency and scalability of the e-voting model including trade-offs between different parameters as well as security and performance