Design and implementation of a privacy preserved off-premises cloud storage

Despite several cost-effective and flexible characteristics of cloud computing, some clients are reluctant to adopt this paradigm due to emerging security and privacy concerns. Organization such as Healthcare and Payment Card Industry where confidentiality of information is a vital act, are not assertive to trust the security techniques and privacy policies offered by cloud service providers. Malicious attackers have violated the cloud storages to steal, view, manipulate and tamper client’s data. Attacks on cloud storages are extremely challenging to detect and mitigate. In order to formulate privacy preserved cloud storage, in this research paper, we propose an improved technique that consists of five contributions such as Resilient role-based access control mechanism, Partial homomorphic cryptography, metadata generation and sound steganography, Efficient third-party auditing service, Data backup and recovery process. We implemented these components using Java Enterprise Edition with Glassfish Server. Finally we evaluated our proposed technique by penetration testing and the results showed that client’s data is intact and protected from malicious attackers

A three-level ransomware detection and prevention mechanism

Ransomware encrypts victim's files or locks users out of the system. Victims will have to pay the attacker a ransom to decrypt and regain access to the user files. Petya targets individuals and companies through email attachments and download links. NotPetya has worm-like capabilities and exploits EternalBlue and EternalRomance vulnerabilities. Protection methods include vaccination, applying patches, et cetera. Challenges faced to combat ransomware include social engineering, outdated infrastructures, technological advancements, backup issues, and conflicts of standards. Three- Level Security (3LS) is a solution to ransomware that utilizes virtual machines along with browser extensions to perform a scan, on any files that the user wishes to download from the Internet. The downloaded files would be sent over a cloud server relay to a virtual machine by a browser extension. Any changes to the virtual machine after downloading the file would be observed, and if there were a malfunction in the virtual machine, the file would not be retrieved to the user's system

A secure communication protocol for unmanned aerial vehicles

Mavlink is a lightweight and most widely used open-source communication protocol used for Unmanned Aerial Vehicles. Multiple UAVs and autopilot systems support it, and it provides bi-directional communication between the UAV and Ground Control Station. The communications contain critical information about the UAV status and basic control commands sent from GCS to UAV and UAV to GCS. In order to increase the transfer speed and efficiency, the Mavlink does not encrypt the messages. As a result, the protocol is vulnerable to various security attacks such as Eavesdropping, GPS Spoofing, and DDoS. In this study, we tackle the problem and secure the Mavlink communication protocol. By leveraging the Mavlink packet's vulnerabilities, this research work introduces an experiment in which, first, the Mavlink packets are compromised in terms of security requirements based on our threat model. The results show that the protocol is insecure and the attacks carried out are successful. To overcome Mavlink security, an additional security layer is added to encrypt and secure the protocol. An encryption technique is proposed that makes the communication between the UAV and GCS secure. The results show that the Mavlink packets are encrypted using our technique without affecting the performance and efficiency. The results are validated in terms of transfer speed, performance, and efficiency compared to the literature solutions such as MAVSec and benchmarked with the original Mavlink protocol. Our achieved results have significant improvement over the literature and Mavlink in terms of security

Protocol-specific and sensor network-inherited attack detection in IoT using machine learning

For networks with limited resources, such as IoT-enabled smart homes, smart industrial equipment, and urban infrastructures, the Routing Protocol for Low-power and Lossy Networks (RPL) was developed. Additionally, a number of optimizations have been suggested for its application in other contexts, such as smart hospitals, etc. Although these networks offer efficient routing, the lack of active security features in RPL makes them vulnerable to attacks. The types of attacks include protocol-specific ones and those inherited by wireless sensor networks. They have been addressed by a number of different proposals, many of which have achieved substantial prominence. However, concurrent handling of both types of attacks is not considered while developing a machine-learning-based attack detection model. Therefore, the ProSenAD model is proposed for addressing the identified gap. Multiclass classification has been used to optimize the light gradient boosting machine model for the detection of protocol-specific rank attacks and sensor network-inherited wormhole attacks. The proposed model is evaluated in two different scenarios considering the number of attacks and the benchmarks for comparison in each scenario. The evaluation results demonstrate that the proposed model outperforms with respect to the metrics including accuracy, precision, recall, Cohen’s Kappa, cross entropy, and the Matthews correlation coefficient

Smart Mobility Cities: Connecting Bristol and Kuala Lumpur project report

Financed by the British Council Institutional Links program this Smart Mobility Cities project has opened a fascinating window on a journey of discovery linking Bristol and Kuala Lumpur. This journey was in part directed towards the realisation of Smart Mobility solutions to the socio-economic and environmental challenges of global urbanisation. Beyond this, the journey was also concerned to strengthen research and innovation partnerships between the UK and the emerging knowledge economy of Malaysia, enabling UK social scientists to collaborate on challenging global issues with international researchers and vice versa. This Smart Mobility Cities project report presents innovative, creative and yet fully practical solutions for these societal challenges. Solutions that explore a range of opportunities, whichinclude those arising from new urban governance requirements, and which are in-line with visions for sustainable urban mobility.These Smart Mobility solutions have arisen from intensive co-design and co-creation engagement with a diversity of stakeholders. Research co-production has linked the principal university partners of the University of the West of England (UWE), Bristol, and Taylor’sUniversity, Kuala Lumpur, together with the Malaysia Institute of Transport (MITRANS), Universiti Teknologi Mara, and the University Sains Malaysia (USM) in intensive engagement with stakeholder interests in both UK and Malaysia over a two-year period

Secure cloud storage model to preserve confidentiality and integrity

Cloud Service Providers (CSPs) offer remotely located cloud storage services to business organizations which include cost-effective advantages. From an industrial perspective, Amazon Simple Storage Service (S3) and Google Cloud Storage (GCS) are the leading cloud storage services. These storages are secured using the latest data security approaches such as cryptography algorithms, data auditing processes, and strict access control policies. However, organizations where confidentiality of information is a significant act, they are not assertive to adopt these services due to emerging data confidentiality and integrity concerns. Malicious attackers have violated the cloud storages to steal, view, manipulate, and tamper clients’ data. The researchers have attempted to overcome these shortcomings by designing and developing various security models. These solutions incorporate limitations and require enhancements as well as improvements before they can be widely accepted by CSPs to guarantee secure cloud storage services. In order to solve the stated problem, this research developed an improved security solution namely Secure Cloud Storage Model (SCSM) which consists of Multi-factor authentication and authorization process using Role-Based Access Control (RBAC) with Complex Random Security Code Generator (CRSCG), Partial homomorphic cryptography using Rivest, Shamir and Adleman (RSA) algorithm, Trusted Third Party (TTP) services including Key Management (KM) approach and data auditing process, Implementation of 256-bit Secure Socket Layer (SSL), and Service Level Agreement (SLA). SCSM was implemented using Java Enterprise Edition with glassfish server and deployed on a cloud computing infrastructure. The model was evaluated using extended euclidean algorithm, system security analysis, key management recommendations, web-based testing tool, security scanner, and survey. The survey results presented that 83.33% of the respondents agreed for SCSM to be widely accepted by CSPs to offer secured cloud storage services. The aggregate evaluation results proved that SCSM is successful in preserving data confidentiality and integrity at remotely located cloud storages

IDENTIFYING AND ANALYZING THE TRANSIENT AND PERMANENT BARRIERS FOR BIG DATA

Auspiciously, big data analytics had made it possible to generate value from immense amounts of raw data. Organizations are able to seek incredible insights which assist them in effective decision making and providing quality of service by establishing innovative strategies to recognize, examine and address the customers’ preferences. However, organizations are reluctant to adopt big data solutions due to several barriers such as data storage and transfer, scalability, data quality, data complexity, timeliness, security, privacy, trust, data ownership, and transparency. Despite the discussion on big data opportunities, in this paper, we present the findings of our in-depth review process that was focused on identifying as well as analyzing the transient and permanent barriers for adopting big data. Although, the transient barriers for big data can be eliminated in the near future with the advent of innovative technical contributions, however, it is challenging to eliminate the permanent barriers enduringly, though their impact could be recurrently reduced with the efficient and effective use of technology, standards, policies, and procedures

Using virtual machine monitors to overcome the challenges of monitoring and managing virtualized cloud infrastructures

Virtualization is one of the hottest research topics nowadays. Several academic researchers and developers from IT industry are designing approaches for solving security and manageability issues of Virtual Machines (VMs) residing on virtualized cloud infrastructures. Moving the application from a physical to a virtual platform increases the efficiency, flexibility and reduces management cost as well as effort. Cloud computing is adopting the paradigm of virtualization, using this technique, memory, CPU and computational power is provided to clients' VMs by utilizing the underlying physical hardware. Beside these advantages there are few challenges faced by adopting virtualization such as management of VMs and network traffic, unexpected additional cost and resource allocation. Virtual Machine Monitor (VMM) or hypervisor is the tool used by cloud providers to manage the VMs on cloud. There are several heterogeneous hypervisors provided by various vendors that include VMware, Hyper-V, Xen and Kernel Virtual Machine (KVM). Considering the challenge of VM management, this paper describes several techniques to monitor and manage virtualized cloud infrastructure

Proposing an algorithm for UAVs interoperability: MAVLink to STANAG 4586 for securing communication

Recently, the use of unmanned aerial vehicles has become increased rapidly in both civilian and military applications. With the increased popularity and wide range of applications, these systems’ global manufacturer market has also been improved. UAVs play a vital role in modern warfares, and the country with this technology has many advantages over its enemies. A typical UAV interacts typically with a ground control station or a control station with different communication protocols. Among these protocols, an open-source protocol, MAVLink, is the most common and widely used protocol in the private sector. Despite being most commonly used, this protocol is weak, insecure communication. For military UAVs, the protocols and standards are generally different, and they are not openly available. NATO countries use such a protocol to agree on a standard protocol called STANAG (Standard and Agreement) 4586 for unmanned aerial vehicles. While other countries show interest in buying military UAVs, they need to upgrade their existing UAVs or ground control stations to be compatible with the standards. This paper proposes a communication bridge between MAVLink and STANAG 4586 to interoperate like AV Rodrigues et al. proposed. Additionally, this work will make the STANAG 4586 compliant GCSs operate with MAVLink supported UAVs more securely using our proposed algorithm to secure the MAVLink communication