The far side of mobile application integrated development environments

© Springer International Publishing Switzerland 2016. Smart phones are, nowadays, a necessity for the vast majority of individuals around the globe. In addition to the ubiquitous computing paradigm supported by such devices, there are numerous software applications that utilize the high computational capabilities that they offer. This type of software is a vital part of what is known as e-Commerce, with a variety of business models proposed and implemented. Lately, a new era of free-ware mobile application has arisen with paid features and promoted content in them. Piracy is not only the weakest point of software’s financial ecosystem for conventional computing systems but also for smartphones. Actions like replication, redistribution and licensing violations can cause financial losses of colossal extent to their creators. Mobile applications also introduce the following peculiarity: They are distributed through predefined channels (Application Stores) owned by mobile operating system vendors such as Apple, Google and Microsoft. In this research we present several scenarios where cracked and modified applications can be freely used into every non jailbroken iOS device. Moreover it is demonstrated that not even in strict mobile environments, such as Apple’s, end-users should be considered as trusted entities from application developers by default

Towards a Security Enabled and SOA-based QoS (for the Smart Grid) Architecture

QoS and Security features are playing an important role in modern network architecures. Dynamic selection of services and by extension of service providers are vital in today’s liberalized market of energy. On the other hand it is equally important for Service Providers to spot the one QoS Module that offers the best QoS level in a given cost. Type of service, response time, availability and cost, consist a basic set of attributes that should be taken into consideration when building a concrete Grid network. In the proposed QoS architecture Prosumers request services based on the aforementioned set of attributes. The Prosumer requests the service through the QoS Module. It is then the QoS Module that seeks the Service Provider that best fits the needs of the client. The aforementioned approach is well supplemented with an in depth analysis on existing authentication and authorization protocols. The authors believe that QoS and security can work in parallel without adding extra burden in the Smart Grid infrastructure. This is feasible by building an in advance system for placing, scheduling, and assigning of the requests for energy consumption or production, thus decongesting the traffic in the whole network

The Greater The Power, The More Dangerous The Abuse: Facing Malicious Insiders in The Cloud

The financial crisis made companies around the world search for cheaper and more efficient solutions to cover their needs in terms of computational power and storage. Their quest came to end with the birth of Cloud Computing infrastructures. However, along with the new promising technology, new attack vectors were born, and one old and known threat, that of Malicious Insiders reappeared. Insiders can use their privileged position inside the Cloud infrastructure to accomplish or help in attacks against a Cloud infrastructure. In this paper, we propose a practical and efficient intrusion detection system solution for Cloud infrastructures based on Graphical Processing Unit (GPU) acceleration. Our solution monitors the deployed virtual machines operations and especially those of the host Operating System’s, known as Dom0, correlating the collected information to detect uncommon behavior based on the SmithWaterman algorithm. Our proposal makes possible the cooperation of a variety of known hypervisors along with every known GPU acceleration unit used, thus offering the maximum of security mechanics while at the same time minimizing the imposed overhead in terms of Central Processing Unit (CPU) usage

The far side of mobile application integrated development environments

© Springer International Publishing Switzerland 2016. Smart phones are, nowadays, a necessity for the vast majority of individuals around the globe. In addition to the ubiquitous computing paradigm supported by such devices, there are numerous software applications that utilize the high computational capabilities that they offer. This type of software is a vital part of what is known as e-Commerce, with a variety of business models proposed and implemented. Lately, a new era of free-ware mobile application has arisen with paid features and promoted content in them. Piracy is not only the weakest point of software’s financial ecosystem for conventional computing systems but also for smartphones. Actions like replication, redistribution and licensing violations can cause financial losses of colossal extent to their creators. Mobile applications also introduce the following peculiarity: They are distributed through predefined channels (Application Stores) owned by mobile operating system vendors such as Apple, Google and Microsoft. In this research we present several scenarios where cracked and modified applications can be freely used into every non jailbroken iOS device. Moreover it is demonstrated that not even in strict mobile environments, such as Apple’s, end-users should be considered as trusted entities from application developers by default

CellSecure: Securing Image Data in Industrial Internet-of-Things via Cellular Automata and Chaos-Based Encryption

In the era of Industrial IoT (IIoT) and Industry 4.0, ensuring secure data transmission has become a critical concern. Among other data types, images are widely transmitted and utilized across various IIoT applications, ranging from sensor-generated visual data and real-time remote monitoring to quality control in production lines. The encryption of these images is essential for maintaining operational integrity, data confidentiality, and seamless integration with analytics platforms. This paper addresses these critical concerns by proposing a robust image encryption algorithm tailored for IIoT and Cyber-Physical Systems (CPS). The algorithm combines Rule-30 cellular automata with chaotic scrambling and substitution. The Rule 30 cellular automata serves as an efficient mechanism for generating pseudo-random sequences that enable fast encryption and decryption cycles suitable for real-time sensor data in industrial settings. Most importantly, it induces non-linearity in the encryption algorithm. Furthermore, to increase the chaotic range and keyspace of the algorithm, which is vital for security in distributed industrial networks, a hybrid chaotic map, i.e., logistic-sine map is utilized. Extensive security analysis has been carried out to validate the efficacy of the proposed algorithm. Results indicate that our algorithm achieves close-to-ideal values, with an entropy of 7.99 and a correlation of 0.002. This enhances the algorithm's resilience against potential cyber-attacks in the industrial domain

If you want to know about a hunter, study his prey: detection of network based attacks on KVM based cloud environments

Computational systems are gradually moving towards Cloud Computing Infrastructures, using the several advantages they have to offer and especially the economic advantages in the era of an economic crisis. In addition to this revolution, several security matters emerged and especially the confrontation of malicious insiders. This paper proposes a methodology for detecting the co-residency and network stressing attacks in the kernel layer of a Kvm-based cloud environment, using an implementation of the Smith-Waterman genetic algorithm. The proposed approach has been explored in a test bed environment, producing results that verify its effectiveness