Adaptive Security Framework in Internet of Things (IoT) for Providing Mobile Cloud Computing

Internet of Things (IoT) has immense potential to change many of our daily activities, routines and behaviors. The pervasive nature of the information sources means that a great amount of data pertaining to possibly every aspect of human activity, both public and private, will be produced, transmitted, collected, stored and processed. Consequently, integrity and confidentiality of transmitted data as well as the authentication of (and trust in) the services that offer the data is crucial. Hence, security is a critical functionality for the IoT. Enormous growth of mobile devices capability, critical automation of industry fields and the widespread of wireless communication cast need for seamless provision of mobile web services in the Internet of Things (IoT) environment. These are enriched by mobile cloud computing. However, it poses a challenge for its reliability, data authentication, power consumption and security issues. There is also a need for auto self-operated sensors for geo-sensing, agriculture, automatic cars, factories, roads, medicals application and more. IoT is still highly not reliable in points of integration between how its devices are connected, that is, there is poor utilization of the existing IP security protocols. In this chapter, we propose a deep penetration method for the IoT connected set of devices, along with the mobile cloud. An architecture and testing framework for providing mobile cloud computing in the IoT that is based on the object security, power utilization, latency measures and packet loss rate is explained. Our solution is based on the use of existing security protocols between clients and the mobile hosts as well as a key management protocol between the individual mobile hosts implementing an out-of-band key exchange that is simple in practice, flexible and secure. We study the performance of this approach by evaluating a prototype implementation of our security framework. This chapter, in a preliminary manner, discusses the threats, hacks, misguided packets and over read sensor message. These packets are then translated by hardware and pushed through the web for later-on action or support. Our testing of a set of sensor-triggered scenario and setup clearly indicates the security threats from wireless connected small LAN environments and the overestimated sensor messages resulting from the initial set of the sensor readings, while we emphasize more on the security level of the web services serving the IoT-connected device. Also, we add a remark on how mobile web services and their enabling devices are by far vulnerable to a 4G hack over the utilization of power pack and a serious battery use power draining issues

Utilizing Output in Web Application Server-Side Testing

This thesis investigates the utilization of web application output in enhancing automated server-side code testing. The server-side code is the main driving force of a web application generating client-side code, maintaining the state and communicating with back-end resources. The output observed in those elements provides a valuable resource that can potentially enhance the efficiency and effectiveness of automated testing. The thesis aims to explore the use of this output in test data generation, test sequence regeneration, augmentation and test case selection. This thesis also addresses the web-specific challenges faced when applying search based test data generation algorithms to web applications and dataflow analysis of state variables to test sequence regeneration. The thesis presents three tools and four empirical studies to implement and evaluate the proposed approaches: SWAT (Search based Web Application Tester) is a first application of search based test data generation algorithms for web applications. It uses values dynamically mined from the intermediate and the client-side output to enhance the search based algorithm. SART (State Aware Regeneration Tool) uses dataflow analysis of state variables, session state and database tables, and their values to regenerate new sequences from existing sequences. SWAT-U (SWAT-Uniqueness) augments test suites with test cases that produce outputs not observed in the original test suite’s output. Finally, the thesis presents an empirical study of the correlation between new output based test selection criteria and fault detection and structural coverage. The results confirm that using the output does indeed enhance the effectiveness and efficiency of search based test data generation and enhances test suites’ effectiveness for test sequence regeneration and augmentation. The results also report that output uniqueness criteria are strongly correlated with both fault detection and structural coverage and are complementary to structural coverage

Speech Characteristics of Arabic Speakers: Dialect Variations

Arabic is spoken by more than 280 million people around the world and has been subject to attention in a number of acoustic phonetic studies. However, there are a limited number of studies on Gulf Arabic dialects and the majority of these studies have focused mainly on male speakers. Therefore, this study aimed to explore two Gulf Arabic dialects, the central Najdi dialect from Saudi Arabia and the Bahraini Bahraini dialect from Bahrain. It aimed to establish normative data for the Diadochokinetic Rate (DDK), Voice Onset Time (VOT), Fundamental Frequency (F0) and Formant Frequencies (F1-F3) for male (n = 40) and female (n = 40) speakers from both dialects. Furthermore, it aimed to investigate whether there are differences between the two dialects. Another direction of the research was to examine whether differences between male and female speech will be evident in both dialects. The study was accomplished using different stimuli where the monosyllables /ba, da, ga/ and a multisyllabic sequence /badaga/ were selected to analyse the DDK rates. VOT duration was examined in monosyllablic minimal pair words containing the initial voiced stops /b, d/ and the three long vowels /a:, i:, u:/, and in words containing the initial voiceless stops /t, k/, initial voiced/voiceless stops /d, t/ and plain/emphatic alveolar stops /t, t*/ and the two long vowels /i:, u:/. F0 was examined in the sustained phonation of the /a, i, u/, vowels in the words presented earlier and in sentences from the Arabic version of “The North Wind and the Sun” (Thelwall & Sa’Adeddin, 1990) and two verses from the first chapter of the Quran. F1, F2 and F3 values were examined in the sustained phonation of individual vowels and in vowels in the words described earlier. Acoustic analysis was carried out by using Praat (Boersma & Weenink, 2013). A series of mixed model ANOVAs were performed to investigate dialect and sex differences for each of the parameters. Dialect and sex were the main independent variables; however, additional variables were assessed (syllable type, voicing, vowel context, place of articulation and emphasis). The first aim has been met, with normative data being established for males and females from both dialects. The results showed that for each of the parameters (DDK, VOT, F0 and formant frequencies), the dialect differences as well as the degree of differences were dependent on the stimuli type. Furthermore, sex differences were apparent for F0, F1, F2 and F3 where males had lower frequencies than females in all tasks. In addition, the results showed that females had longer VOT durations than males for voiceless stops; and in the initial emphatic /t≥/ context; males had longer VOT duration than females. However, there were no differences between male and female speakers with regard to the DDK rates, and in the VOT analysis, initial voiced stops did not show an effect for dialect and sex. Furthermore, the impact of other variables other than dialect and sex are discussed. In conclusion, dialect, and to a lesser extent, sex differences in the Arabic dialects under study, are dependent on the stimulus type. The study also showed that emphatic /t*/ might help in differentiating between different Arabic dialects

Detecting malware with information complexity

Malware concealment is the predominant strategy for malware propagation. Black hats create variants of malware based on polymorphism and metamorphism. Malware variants, by definition, share some information. Although the concealment strategy alters this information, there are still patterns on the software. Given a zoo of labelled malware and benign-ware, we ask whether a suspect program is more similar to our malware or to our benign-ware. Normalized Compression Distance (NCD) is a generic metric that measures the shared information content of two strings. This measure opens a new front in the malware arms race, one where the countermeasures promise to be more costly for malware writers, who must now obfuscate patterns as strings qua strings, without reference to execution, in their variants. Our approach classifies disk-resident malware with 97.4% accuracy and a false positive rate of 3%. We demonstrate that its accuracy can be improved by combining NCD with the compressibility rates of executables using decision forests, paving the way for future improvements. We demonstrate that malware reported within a narrow time frame of a few days is more homogeneous than malware reported over two years, but that our method still classifies the latter with 95.2% accuracy and a 5% false positive rate. Due to its use of compression, the time and computation cost of our method is nontrivial. We show that simple approximation techniques can improve its running time by up to 63%. We compare our results to the results of applying the 59 anti-malware programs used on the VirusTotal website to our malware. Our approach outperforms each one used alone and matches that of all of them used collectively

State aware test case regeneration for improving web application test suite coverage and fault detection

This paper introduces two test cases regeneration approaches for web applications, one uses standard Def-Use testing but for state variables, the other uses a novel value-aware dataflow approach. Our overall approach is to combine requests from a test suite to form client-side request sequences, based on dataflow analysis of server-side session variables and database tables. We implemented our approach as a tool SART (State Aware Regeneration Tool) and used it to evaluate our proposed approaches on 4 real world web applications. Our results show that for all 4 applications, both server-side coverage and fault detection were statistically significantly improved. Even on relatively high quality test suites our algorithms improve average coverage by 14.74% and fault detection by 9.19%. © 2012 ACM

Diadochokinetic rate in Saudi and Bahraini arabic speakers : dialect and the influence of syllable type

Arabic is spoken by more than 420 million people worldwide and still there are a limited number of studies on dialects of the Gulf Arabic regions where most selected respondents are male speakers. This study aimed to explore and establish normative data for the Diadochokinetic Rate (DDK) for two dialects (Saudi Arabia’s Najdi and Bahrain’s Bahraini) speakers. Furthermore, it aimed to investigate whether there are differences between the two dialects and whether sex differences are evident. In addition, it investigated syllable type differences. The study used the monosyllables /ba, da, ga/ and the multisyllabic sequence /badaga/ to analyse the DDK rates. Acoustic analysis was carried out to obtain DDK rates for the syllables. A mixed model ANOVA was performed to investigate dialect and sex differences, in addition, to syllable type. The study included 40 males and 40 female speakers from each of the two dialects. Results showed that for DDK, Saudi speakers had faster DDK rates for the monosyllables /ba/, /da/, /ga/, than Bahrainis, while, no significant differences were observed for the multisyllabic sequences. However, there were no differences between male and female speakers with regard to the DDK rates. The syllable /ga/ showed the slowest DDK rate among the monosyllables while the multisyllabic sequences displayed the slowest DDK rates. In brief, normative data for DDK rates for clinic were determined for the Arabic Nadji and Bahrain’s Bahraini dialects. DDK rate was shown to be more sensitive to dialect differences for the monosyllable tasks. However, no sex differences were observed for the Arabic dialects in this study across all DDK tasks

Detecting Malware with Information Complexity

This work focuses on a specific front of the malware detection arms-race, namely the detection of persistent, disk-resident malware. We exploit normalised compression distance (NCD), an information theoretic measure, applied directly to binaries. Given a zoo of labelled malware and benign-ware, we ask whether a suspect program is more similar to our malware or to our benign-ware. Our approach classifies malware with 97.1% accuracy and a false positive rate of 3%. We achieve our results with off-the-shelf compressors and a standard machine learning classifier and without any specialised knowledge. An end-user need only collect a zoo of malware and benign-ware and then can immediately apply our techniques. We apply statistical rigour to our experiments and our selection of data. We demonstrate that accuracy can be optimised by combining NCD with the compressibility rates of the executables. We demonstrate that malware reported within a more narrow time frame of a few days is more homogenous than malware reported over a longer one of two years but that our method still classifies the latter with 95.2% accuracy and a 5% false positive rate. Due to the use of compression, the time and computation cost of our method is non-trivial. We show that simple approximation techniques can improve the time complexity of our approach by up to 63%. We compare our results to the results of applying the 59 anti-malware programs used on the VirusTotal web site to our malware. Our approach does better than any single one of them as well as the 59 used collectively

Hybrid Email Spam Detection Model Using Artificial Intelligence

The growing volume of spam Emails has generated the need for a more precise anti-spam filter to detect unsolicited Emails. One of the most common representations used in spam filters is the Bag-of-Words (BOW). Although BOW is very effective in the classification of the emails, it has a number of weaknesses. In this paper, we present a hybrid approach to spam filtering based on the Neural Network model Paragraph Vector-Distributed Memory (PV-DM). We use PV-DM to build up a compact representation of the context of an email and also of its pertinent features. This methodology represents a more comprehensive filter for classifying Emails. Furthermore, we have conducted an empirical experiment using Enron spam and Ling spam datasets, the results of which indicate that our proposed filter outperforms the PV-DM and the BOW email classification methods

Mimicking anti-viruses with machine learning and entropy profiles

The quality of anti-virus software relies on simple patterns extracted from binary files. Although these patterns have proven to work on detecting the specifics of software, they are extremely sensitive to concealment strategies, such as polymorphism or metamorphism. These limitations also make anti-virus software predictable, creating a security breach. Any black hat with enough information about the anti-virus behaviour can make its own copy of the software, without any access to the original implementation or database. In this work, we show how this is indeed possible by combining entropy patterns with classification algorithms. Our results, applied to 57 different anti-virus engines, show that we can mimic their behaviour with an accuracy close to 98% in the best case and 75% in the worst, applied on Windows’ disk resident malware