A Hybrid Secure Scheme for Wireless Sensor Networks against Timing Attacks Using Continuous-Time Markov Chain and Queueing Model

Wireless sensor networks (WSNs) have recently gained popularity for a wide spectrum of applications. Monitoring tasks can be performed in various environments. This may be beneficial in many scenarios, but it certainly exhibits new challenges in terms of security due to increased data transmission over the wireless channel with potentially unknown threats. Among possible security issues are timing attacks, which are not prevented by traditional cryptographic security. Moreover, the limited energy and memory resources prohibit the use of complex security mechanisms in such systems. Therefore, balancing between security and the associated energy consumption becomes a crucial challenge. This paper proposes a secure scheme for WSNs while maintaining the requirement of the security-performance tradeoff. In order to proceed to a quantitative treatment of this problem, a hybrid continuous-time Markov chain (CTMC) and queueing model are put forward, and the tradeoff analysis of the security and performance attributes is carried out. By extending and transforming this model, the mean time to security attributes failure is evaluated. Through tradeoff analysis, we show that our scheme can enhance the security of WSNs, and the optimal rekeying rate of the performance and security tradeoff can be obtained. View Full-Tex

Sicherheit und Leistung Tradeoff-Analyse von Offloading-Richtlinien in Mobile Cloud Computing

While the last decades witness great advances in hardware technology, new mobile applications have also become much more demanding. Hence, mobile devices still face the restrictions in resources, such as battery life, storage capacity, and processor performance. In Mobile Cloud Computing (MCC), offloading is a popular technique proposed to augment the capabilities of mobile systems by mitigating complex computation to resourceful cloud servers. While offloading may be beneficial from the performance and energy perspective, it certainly exhibits new challenges in terms of security due to increased data transmission over networks with potentially unknown threats. Among possible security issues are timing attacks which are not prevented by traditional cryptographic security. Timing attacks belong to side-channel attacks in which the attacker attempts to compromise a system by analyzing the time it takes to respond to various queries. Offloading is particularly vulnerable to timing attacks because it often needs many times sending/receiving. So metrics on which offloading decisions are based must include security aspects in addition to performance and energy-efficiency. This thesis covers both the theoretical and practical aspects of offloading policies in MCC systems. Unlike previous work that only considers the performance and energy perspectives, this thesis presents and evaluates offloading policies based on security-performance tradeoff analysis to satisfy the security and performance requirements in offloading systems. Proposed stochastic models are applied and evaluated by numerical simulation and real world experiments. Specifically, the contributions of this thesis can be summarized as follows: • Several stochastic model-based approaches to quantitatively assess the security and performance attributes of the mobile cloud offloading system are proposed. • Methods to formulate metrics that include both, performance and security aspects and that optimise the tradeoff between the two are studied. • A secure and cost-efficient offloading policy considering the specific threat of timing attacks against MCC systems is proposed and the offloading policy is evaluated with experiments. • Two widely used secure containers for Android: Samsung Knox and IBM MaaS360, to enhance the client security in MCC systems are compared.Während die letzten Jahrzehnte große Fortschritte der Hardware-Technologie erlebt haben, ist die Nachfrage nach neuen Applikationen viel größer geworden. Trotzdem sehen sich mobile Geräte immer noch mit Beschränkungen der Ressourcen konfrontiert sowie Batterielebensdauer, Speicherkapazität und Prozessorleistung. Im Feld Mobile Cloud Computing (MCC) ist Offloading eine populäre Technik, die aufgestellt wird, um die Kapazitäten von mobilen Systemen zu erweitern, indem sie komplexe Berechnungen auf ressourcenreiche Cloud-Server erleichtert. Zwar ist Offloading aus den Leistungs- und Energieperspektiven vortelhaft sein kann, stellt es aufgrund der erhöhten Datenübertragung über Netzwerke mit potenziellen unbekannten Bedrohungen sicherlich neue Herausforderungen dar. Zu den möglichen Sicherheitsfragen gehören Timing-Attacken, die die traditionelle kryptographische Sicherheit nicht verhindern kann. Timing-Attacken gehören zu Side-Channel-Attacken, in denen der Angreifer versucht, ein System zu kompromittieren, indem er die Zeit analysiert, die das System benötigt, um auf verschiedene Abfragen zu antworten. Offloading ist besonders anfällig für Timing-Attacken, weil es viele Male senden / empfangen muss. Die Metriken von Offloading müssen neben den Leistungs- und Energieperspektiven auch Sicherheitsaspekte beinhalten. Diese Theorie behandelt sowohl theoretischen als auch praktischen Aspekte der Richtlinien von Offloading in MCC-System. Ganz anders als die früheren Arbeiten, die nur die Leistungs- und Energieperspektiven berücksichtigen, werden die Offloading-Richtlinien auf der Grundlage der Security-Performance- Tradeoff-Analyse in unsrer Arbeit präsentiert und evaluiert. Vorgeschlagene stochastische Modelle werden durch numerische Simulationen und reale Experimente angewendet und evaluiert. Insbesondere können die Beiträge dieser Arbeit wie folgendes zusammengefasst werden: • Es werden mehrere stochastische modellbasierte Ansätze zur quantitativen Bewertung der Sicherheits- und Leistungsmerkmale des Mobile Cloud Offloading Systems vorgeschlagen. • Methoden zur Formulierung von Metriken, die sowohl Leistungs- als auch Sicherheitsaspekte beinhalten und die den Kompromiß zwischen den beiden optimieren, werden untersucht. • Eine sichere und kostengünstige Offloading Richtlinie unter Berücksichtigung der spezifischen Bedrohung von Timing- Attachen gegen MCC-Systeme wird vorgeschlagen und die Offloading Richtlinie wird mit Experimenten ausgewertet. • Zwei weitverbreitete sichere Container für Android: Samsung Knox und IBM MaaS360, um die Client-Sicherheit in MCC- Systemen zu verbessern, werden verglichen

Practical Performance Analysis for Multiple Information Fusion Based Scalable Localization System Using Wireless Sensor Networks

In practical localization system design, researchers need to consider several aspects to make the positioning efficiently and effectively, e.g., the available auxiliary information, sensing devices, equipment deployment and the environment. Then, these practical concerns turn out to be the technical problems, e.g., the sequential position state propagation, the target-anchor geometry effect, the Non-line-of-sight (NLOS) identification and the related prior information. It is necessary to construct an efficient framework that can exploit multiple available information and guide the system design. In this paper, we propose a scalable method to analyze system performance based on the Cramér–Rao lower bound (CRLB), which can fuse all of the information adaptively. Firstly, we use an abstract function to represent all of the wireless localization system model. Then, the unknown vector of the CRLB consists of two parts: the first part is the estimated vector, and the second part is the auxiliary vector, which helps improve the estimation accuracy. Accordingly, the Fisher information matrix is divided into two parts: the state matrix and the auxiliary matrix. Unlike the theoretical analysis, our CRLB can be a practical fundamental limit to denote the system that fuses multiple information in the complicated environment, e.g., recursive Bayesian estimation based on the hidden Markov model, the map matching method and the NLOS identification and mitigation methods. Thus, the theoretical results are approaching the real case more. In addition, our method is more adaptable than other CRLBs when considering more unknown important factors. We use the proposed method to analyze the wireless sensor network-based indoor localization system. The influence of the hybrid LOS/NLOS channels, the building layout information and the relative height differences between the target and anchors are analyzed. It is demonstrated that our method exploits all of the available information for the indoor localization systems and serves as an indicator for practical system evaluation

The overlapping effect : impact of product display on price–quality judgments

Product overlapping display is widely used in high-imagery ads, shopping websites, and retail displays. However, little is known about whether and how product overlapping display influences consumers’ use of heuristics in their decisions. The research seeks to fill this gap by examining the link between product overlapping display and consumers’ tendency to use price to judge product quality. Four experiments designed to address this question revealed that an overlapping product display increases consumers’ tendency to make price–quality judgments, driven by their lower perceived uniqueness of products and higher perceived product entitativity. However, this effect is shown to be dismissed when the product is hedonic

A6 peptide-tagged, ultra-small and reduction-sensitive polymersomal vincristine sulfate as a smart and specific treatment for CD44+ acute myeloid leukemia

Acute myeloid leukemia (AML) is a severe blood malignancy associated with a high relapse rate. The current clinical chemotherapy is typically perplexed with serious side effects. Here, A6 peptide-tagged, small and reduction-sensitive polymersomal vincristine sulfate (A6-cPS-VCR) is reported as a novel, smart and specific treatment for CD44 positive AML. A6-cPS-VCR stably loaded with 3.3 wt% VCR displays a size of ≈ 31 nm and pronounced selectivity toward CD44-overexpressed MV4-11 leukemia cells. Intriguingly, A6-cPS-VCR effectively represses the outgrowth of orthotopic MV4-11 AML in vivo, as revealed by significant reduction of leukemia burdens in the circulation, bone marrow, liver and spleen, and significantly extends the median survival time of MV4-11 AML-bearing mice. In addition to active targetability and therapeutic benefits, A6-cPS-VCR has the advantage of easy fabrication, rendering it potentially interesting for clinical translation

Fluorescent and Cross-linked Organic–Inorganic Hybrid Nanoshells for Monitoring Drug Delivery

Functionalized and monodisperse nanoshells have attracted significant attention owing to their well-defined structure, unique properties, and wide range of potential applications. Here, the synthesis of cross-linked organic–inorganic hybrid nanoshells with strong fluorescence properties was reported via a facile precipitation polymerization of hexachlorocyclotriphosphazene (HCCP) and fluorescein on silica particles used as templates. The resulting poly­(cyclotriphosphazene-<i>co</i>-fluorescein) (PCTPF) nanoshells were firm cross-linked shells with ∼2.2 nm mesopores that facilitated the transport of drug molecules. The fluorescent nanoshells also exhibited excellent water dispersibility and biocompatibility; thus, they can be considered as ideal drug vehicles with high doxorubicin storage capacity (26.2 wt %) and excellent sustained release (up to 14 days). Compared to doxorubicin (DOX) alone, the PCTPF nanoshells more efficiently delivered DOX into and killed cancer cells. Moreover, the PCTPF nanoshells also exhibited remarkable fluorescent emission properties and improved photobleaching stability in both suspension and solid state owing to the covalent immobilization of fluorescein in the highly cross-linked organic–inorganic hybrids. The exceptional fluorescent properties enabled the release of DOX as well as the distribution of nanoshells and DOX to be monitored