A Reliable and Efficient Wireless Sensor Network System for Water Quality Monitoring

Wireless sensor networks (WSNs) are strongly useful to monitor physical and environmental conditions to provide realtime information for improving environment quality. However, deploying a WSN in a physical environment faces several critical challenges such as high energy consumption, and data loss.In this work, we have proposed a reliable and efficient environmental monitoring system in ponds using wireless sensor network and cellular communication technologies. We have designed a hardware and software ecosystem that can limit the data loss yet save the energy consumption of nodes. A lightweight protocol acknowledges data transmission among the nodes. Data are transmitted to the cloud using a cellular protocol to reduce power consumption. Information in the cloud is mining so that realtime warning notifications can be sent to users. If the values are reaching the threshold, the server will send an alarm signal to the pond\u27s owner phone, enable him to take corrective actions in a timely manner. Besides, the client application system also provides the feature to help the user to manage the trend of a physical environment such as shrimp ponds by viewing charts of the collected data by hours, days, months. We have deployed our system using IEEE 802.15.4 Standard, ZigBEE, KIT CC2530 of Texas Instrument, and tested our system with temperature and pH level sensors. Our experimental results demonstrated that the proposed system have a low rate of data loss and long energy life with low cost while it can provide real-time data for water quality monitoring

Context-driven Policies Enforcement for Edge-based IoT Data Sharing-as-a-Service

Sharing real-time data originating from connected devices is crucial to real-world intelligent Internet of Things (IoT) applications, i.e., based on artificial intelligence/machine learning (AI/ML). Such IoT data sharing involves multiple parties for different purposes and is usually based on data contracts that might depend on the dynamic change of IoT data variety and velocity. It is still an open challenge to support multiple parties (aka tenants) with these dynamic contracts based on the data value for their specific contextual purposes.This work addresses these challenges by introducing a novel dynamic context-based policy enforcement framework to support IoT data sharing (on-Edge) based on dynamic contracts. Our enforcement framework allows IoT Data Hub owners to define extensible rules and metrics to govern the tenants in accessing the shared data on the Edge based on policies defined with static and dynamic contexts. We have developed a proof-of-concept prototype for sharing sensitive data such as surveillance camera videos to illustrate our proposed framework. The experimental results demonstrated that our framework could soundly and timely enforce context-based policies at runtime with moderate overhead. Moreover, the context and policy changes are correctly reflected in the system in nearly real-time.acceptedVersio

P4SINC – An Execution Policy Framework for IoT Services in the Edge

Internet of Things (IoT) services are increasingly deployed at the edge to access and control Things. The execution of such services needs to be monitored to provide information for security, service contract, and system operation management. Although different techniques have been proposed for deploying and executing IoT services in IoT gateways and edge servers, there is a lack of generic policy frameworks for instrumentation and assurance of various types of execution policies for IoT services. In this paper, we present P4SINC as an execution policy framework that covers various functionalities for IoT services deployed in software-defined machines in IoT infrastructures. P4SINC supports the instrumentation and enforcement of IoT services during their deployment and execution, thus being leveraged for other purposes such as security and service contract management. We illustrate our prototype with realistic examples

Toward An IoT-based Expert System for Heart Disease Diagnosis

IoT technology has been recently adopted in the healthcare system to collect Electrocardiogram (ECG) signals for heart disease diagnosis and prediction. However, noises in collected ECG signals make the diagnosis and prediction system unreliable and imprecise. In this work, we have proposed a new lightweight approach to removing noises in collected ECG signals to perform precise diagnosis and prediction. First, we have used a revised Sequential Recursive (SR) algorithm to transform the signals into digital format. Then, the digital data is proceeded using a revised Discrete Wavelet Transform (DWT) algorithm to detect peaks in the data to remove noises. Finally, we extract some key features from the data to perform diagnosis and prediction based on a feature dataset. Redundant features are removed by using Fishers Linear Discriminant (FLD). We have used an ECG dataset from MIT-BIH (PhisioNet) to build a knowledge-base diagnosis features. We have implemented a proof-of concept system that collects and processes real ECG signals to perform heart disease diagnosis and prediction based on the built knowledge base

HybridGuard: A Principal-based Permission and Fine-Grained Policy Enforcement Framework for Web-based Mobile Applications

Web-based or hybrid mobile applications (apps) are widely used and supported by various modern hybrid app development frameworks. In this architecture, any JavaScript code, local or remote, can access available APIs, including JavaScript bridges provided by the hybrid framework, to access device resources. This JavaScript inclusion capability is dangerous, since there is no mechanism to determine the origin of the code to control access, and any JavaScript code running in the mobile app can access the device resources through the exposed APIs. Previous solutions are either limited to a particular platform (e.g., Android) or a specific hybrid framework (e.g., Cordova) or only protect the device resources and disregard the sensitive elements in the web environment. Moreover, most of the solutions require the modification of the base platform. In this paper, we present HybridGuard, a novel policy enforcement framework that can enforce principal-based, stateful policies, on multiple origins without modifying the hybrid frameworks or mobile platforms. In HybridGuard, hybrid app developers can specify principal-based permissions, and define fine-grained, and stateful policies that can mitigate a significant class of attacks caused by potentially malicious JavaScript code included from third-party domains, including ads running inside the app. HybridGuard also provides a mechanism and policy patterns for app developers to specify fine-grained policies for multiple principals. HybridGuard is implemented in JavaScript, therefore, it can be easily adapted for other hybrid frameworks or mobile platforms without modification of these frameworks or platforms. We present attack scenarios and report experimental results to demonstrate how HybridGuard can thwart attacks against hybrid mobile apps

Between Worlds: Securing Mixed JavaScript/ActionScript Multi-Party Web Content

Mixed Flash and JavaScript content has become increasingly prevalent; its purveyance of dynamic features unique to each platform has popularized it for myriad Web development projects. Although Flash and JavaScript security has been examined extensively, the security of untrusted content that combines both has received considerably less attention. This article considers this fusion in detail, outlining several practical scenarios that threaten the security of Web applications. The severity of these attacks warrants the development of new techniques that address the security of Flash-JavaScript content considered as a whole, in contrast to prior solutions that have examined Flash or JavaScript security individually. Toward this end, the article presents FlashJaX, a cross-platform solution that enforces fine-grained, history-based policies that span both Flash and JavaScript. Using in-lined reference monitoring, FlashJaX safely embeds untrusted JavaScript and Flash content in Web pages without modifying browser clients or using special plug-ins. The architecture of FlashJaX, its design and implementation, and a detailed security analysis are exposited. Experiments with advertisements from popular ad networks demonstrate that FlashJaX is transparent to policy-compliant advertisement content, yet blocks many common attack vectors that exploit the fusion of these Web platforms

Leveraging Static Analysis Tools for Improving Usability of Memory Error Sanitization Compilers

Memory errors such as buffer overruns are notorious security vulnerabilities. There has been considerable interest in having a compiler to ensure the safety of compiled code either through static verification or through instrumented runtime checks. While certifying compilation has shown much promise, it has not been practical, leaving code instrumentation as the next best strategy for compilation. We term such compilers Memory Error Sanitization Compilers (MESCs). MESCs are available as part of GCC, LLVM and MSVC suites. Due to practical limitations, MESCs typically apply instrumentation indiscriminately to every memory access, and are consequently prohibitively expensive and practical to only small code bases. This work proposes a methodology that applies state-of-the-art static analysis techniques to eliminate unnecessary runtime checks, resulting in more efficient and scalable defenses. The methodology was implemented on LLVM\u27s Safecode, Integer Overflow, and Address Sanitizer passes, using static analysis of Frama-C and Codesurfer. The benchmarks demonstrate an improvement in runtime performance that makes incorporation of runtime checks a viable option for defenses

DASSR: A Distributed Authentication Scheme for Secure Routing in Wireless Ad-hoc Networks

Secure routing is vital in wireless ad-hoc networks for establishing reliable networks and secure data transmission. However, most routing security solutions in wireless ad-hoc networks make assumptions about the availability of key management infrastructures that are against the very nature of ad-hoc networks. In this paper, we propose DASSR scheme, a new secure routing approach based on a fully distributed authentication and self-organized public key management scheme without any central authorizing entity. In DASSR, routing messages are authenticated between neighboring nodes (hop-by-hop) and between source and destination nodes (end-to-end) by using nodes’ signatures. Once authenticated, messages are guaranteed for integrity and non-repudiation, hence the scheme could prevent potential routing attacks from malicious nodes. We evaluate our proposed scheme DASSR by applying it to the AODV routing protocol, a representative of reactive ad-hoc routing protocols, and demonstrate the effectiveness and security properties of the proposed approach. A comprehensive review of related secure routing protocols is presented and compared with the proposed scheme DASSR

Context-driven Policies Enforcement for Edge-based IoT Data Sharing-as-a-Service

Sharing real-time data originating from connected devices is crucial to real-world intelligent Internet of Things (IoT) applications, i.e., based on artificial intelligence/machine learning (AI/ML). Such IoT data sharing involves multiple parties for different purposes and is usually based on data contracts that might depend on the dynamic change of IoT data variety and velocity. It is still an open challenge to support multiple parties (aka tenants) with these dynamic contracts based on the data value for their specific contextual purposes.This work addresses these challenges by introducing a novel dynamic context-based policy enforcement framework to support IoT data sharing (on-Edge) based on dynamic contracts. Our enforcement framework allows IoT Data Hub owners to define extensible rules and metrics to govern the tenants in accessing the shared data on the Edge based on policies defined with static and dynamic contexts. We have developed a proof-of-concept prototype for sharing sensitive data such as surveillance camera videos to illustrate our proposed framework. The experimental results demonstrated that our framework could soundly and timely enforce context-based policies at runtime with moderate overhead. Moreover, the context and policy changes are correctly reflected in the system in nearly real-time.Peer reviewe

Involvement of Secondary Metabolites in Response to Drought Stress of Rice (Oryza sativa L.)

In this study, responses of rice under drought stress correlating with changes in chemical compositions were examined. Among 20 studied rice cultivars, Q8 was the most tolerant, whereas Q2 was the most susceptible to drought. Total phenols, total flavonoids, and antioxidant activities, and their accumulation in water deficit conditions were proportional to drought resistance levels of rice. In detail, total phenols and total flavonoids in Q8 (65.3 mg gallic acid equivalent (GAE) and 37.8 mg rutin equivalent (RE) were significantly higher than Q2 (33.9 mg GAE/g and 27.4 mg RE/g, respectively) in both control and drought stress groups. Similarly, the antioxidant activities including DPPH radical scavenging, β-carotene bleaching, and lipid peroxidation inhibition in Q8 were also higher than in Q2, and markedly increased in drought stress. In general, contents of individual phenolic acids in Q8 were higher than Q2, and they were significantly increased in drought stress to much greater extents than in Q2. However, p-hydroxybenzoic acid was found uniquely in Q8 cultivars. In addition, only vanillic acid was found in water deficit stress in both drought resistant and susceptible rice, suggesting that this phenolic acid, together with p-hydroxybenzoic acid, may play a key role in drought-tolerance mechanisms of rice. The use of vanillic acid and p-hyroxybenzoic acid, and their derivatives, may be useful to protect rice production against water shortage stress