Security testing in Android networks : a practical case study

Android is a new generation of an open operating system directed at mobile devices that are carried every day. The openness of this architecture is leading to new applications and opportunities including a host of multimedia services, new interfaces and browsers, multitasking including support for wireless local, personal and wide area networking services. Security with mobility and wireless connectivity thus becomes even more important with all these exciting developments. Vital security issues such as leakage of private information, file stealing and spambots abound in networks in practice and Android networks continue to be subject to these same families of vulnerabilities. This paper provides a demonstration of such vulnerabilities in spite of the best efforts of designers and implementers. In particular it describes examples of data leakage and file stealing (address books, contact lists, SMS messages, pictures) as well as demonstrating how Android devices can create spambots. © 2013 IEEE.

Molecularly engineered graphene surfaces for sensing applications: A review.

Graphene is scientifically and commercially important because of its unique molecular structure which is monoatomic in thickness, rigorously two-dimensional and highly conjugated. Consequently, graphene exhibits exceptional electrical, optical, thermal and mechanical properties. Herein, we critically discuss the surface modification of graphene, the specific advantages that graphene-based materials can provide over other materials in sensor research and their related chemical and electrochemical properties. Furthermore, we describe the latest developments in the use of these materials for sensing technology, including chemical sensors and biosensors and their applications in security, environmental safety and diseases detection and diagnosis.

A survey on differential privacy and applications

Privacy preserving in data release and mining is a hot topic in the information security field currently. As a new privacy notion, differential privacy (DP) has grown in popularity recently due to its rigid and provable privacy guarantee. After analyzing the advantage of differential privacy model relative to the traditional ones, this paper surveys the theory of differential privacy and its application on two aspects, privacy preserving data release (PPDR) and privacy preserving data mining (PPDM). In PPDR, we introduce the DP-based data release methodologies in interactive/non-interactive settings and compare them in terms of accuracy and sample complexity. In PPDM, we mainly summarize the implementation of DP in various data mining algorithms with interface-based/fully access-based modes as well as evaluating the performance of the algorithms. We finally review other applications of DP in various fields and discuss the future research directions.

On addressing the imbalance problem : A correlated KNN approach for network traffic classification

With the arrival of big data era, the Internet traffic is growing exponentially. A wide variety of applications arise on the Internet and traffic classification is introduced to help people manage the massive applications on the Internet for security monitoring and quality of service purposes. A large number of Machine Learning (ML) algorithms are introduced to deal with traffic classification. A significant challenge to the classification performance comes from imbalanced distribution of data in traffic classification system. In this paper, we proposed an Optimised Distance-based Nearest Neighbor (ODNN), which has the capability of improving the classification performance of imbalanced traffic data. We analyzed the proposed ODNN approach and its performance benefit from both theoretical and empirical perspectives. A large number of experiments were implemented on the real-world traffic dataset. The results show that the performance of “small classes” can be improved significantly even only with small number of training data and the performance of “large classes” remains stable.

Internet traffic clustering with side information

Internet traffic classification is a critical and essential functionality for network management and security systems. Due to the limitations of traditional port-based and payload-based classification approaches, the past several years have seen extensive research on utilizing machine learning techniques to classify Internet traffic based on packet and flow level characteristics. For the purpose of learning from unlabeled traffic data, some classic clustering methods have been applied in previous studies but the reported accuracy results are unsatisfactory. In this paper, we propose a semi-supervised approach for accurate Internet traffic clustering, which is motivated by the observation of widely existing partial equivalence relationships among Internet traffic flows. In particular, we formulate the problem using a Gaussian Mixture Model (GMM) with set-based equivalence constraint and propose a constrained Expectation Maximization (EM) algorithm for clustering. Experiments with real-world packet traces show that the proposed approach can significantly improve the quality of resultant traffic clusters. © 2014 Elsevier Inc.

Fog computing: a cloud to the ground support for smart things and machine-to-machine networks

Cloud services to smart things face latency and intermittent connectivity issues. Fog devices are positioned between cloud and smart devices. Their high speed Internet connection to the cloud, and physical proximity to users, enable real time applications and location based services, and mobility support. Cisco promoted fog computing concept in the areas of smart grid, connected vehicles and wireless sensor and actuator networks. This survey article expands this concept to the decentralized smart building control, recognizes cloudlets as special case of fog computing, and relates it to the software defined networks (SDN) scenarios. Our literature review identifies a handful number of articles. Cooperative data scheduling and adaptive traffic light problems in SDN based vehicular networks, and demand response management in macro station and micro-grid based smart grids are discussed. Security, privacy and trust issues, control information overhead and network control policies do not seem to be studied so far within the fog computing concept.

Agent-based smart grid protection and security

The vision of a smart grid is to provide a modern, resilient, and secure electric power grid as it boasts up with a highly reliable and efficient environment through effective use of its information and communication technology (ICT). Generally, the control and operation of a smart grid which integrate the distributed energy resources (DERs) such as, wind power, solar power, energy storage, etc., largely depends on a complex network of computers, softwares, and communication infrastructure superimposed on its physical grid architecture facilitated with the deployment of intelligent decision support system applications. In recent years, multi-agent system (MAS) has been well investigated for wide area power system applications and specially gained a significant attention in smart grid protection and security due to its distributed characteristics. In this chapter, a MAS framework for smart grid protection relay coordination is proposed, which consists of a number of intelligent autonomous agents each of which are embedded with the protection relays. Each agent has its own thread of control that provides it with a capability to operate the circuit breakers (CBs) using the critical clearing time (CCT) information as well as communicate with each other through high speed communication network. Besides physical failure, since smart grid highly depends on communication infrastructure, it is vulnerable to several cyber threats on its information and communication channel. An attacker who has knowledge about a certain smart grid communication framework can easily compromise its appliances and components by corrupting the information which may destabilize a system results a widespread blackout. To mitigate such risk of cyber attacks, a few innovative counter measuring techniques are discussed in this chapter.

Security and privacy of users' personal Information on smartphones

 This research investigated the proliferation of malicious applications on smartphones and a framework that can efficiently detect and classify such applications based on behavioural patterns was proposed. Additionally the causes and impact of unauthorised disclosure of personal information by clean applications were examined and countermeasures to protect smartphone users’ privacy were proposed.

Aggregating privatized medical data for secure querying applications

 This thesis analyses and examines the challenges of aggregation of sensitive data and data querying on aggregated data at cloud server. This thesis also delineates applications of aggregation of sensitive medical data in several application scenarios, and tests privatization techniques to assist in improving the strength of privacy and utility.

Cyber security and protection of ICS systems: An australian example

Many aspects of our modern society now have either a direct or implicit dependence upon information technology. As such, a compromise of the availability or integrity in relation to these systems (which may encompass such diverse domains as banking, government, health care, and law enforcement) could have dramatic consequences from a societal perspective. These key systems are often referred to as critical infrastructure. Critical infrastructure can consist of corporate information systems or systems that control key industrial processes; these specific systems are referred to as ICS (Industry Control Systems) systems. ICS systems have devolved since the 1960s from standalone systems to networked architectures that communicate across large distances, utilise wireless network and can be controlled via the Internet. ICS systems form part of many countries’ key critical infrastructure, including Australia. They are used to remotely monitor and control the delivery of essential services and products, such as electricity, gas, water, waste treatment and transport systems. The need for security measures within these systems was not anticipated in the early development stages as they were designed to be closed systems and not open systems to be accessible via the Internet. We are also seeing these ICS and their supporting systems being integrated into organisational corporate systems.

A framework for convergence of cloud services and Internet of things

Today, Cloud Computing and the Internet of things are two "major forces" that drive the development of new Information Technology (IT) solutions. Many Internet of things (IoT) based large-scale applications rely on a cloud platform for data processing and storage. However, big data generated or collected by large-scale geo-distributed devices needs to be transferred to the cloud, often becoming a bottleneck for the system. In this paper, we propose a framework that integrates popular cloud services with a network of loT devices. In the framework, novel methods have been designed for reliable and efficient data transportation. This framework provides a convergence of cloud services and devices that will ease the development of loT based, cloud-enabled applications. We have implemented a prototype of the framework to demonstrate the convergence of popular cloud services and IoT technologies.

A decentralized cloud firewall framework with resources provisioning cost optimization

Cloud computing is becoming popular as the next infrastructure of computing platform. Despite the promising model and hype surrounding, security has become the major concern that people hesitate to transfer their applications to clouds. Concretely, cloud platform is under numerous attacks. As a result, it is definitely expected to establish a firewall to protect cloud from these attacks. However, setting up a centralized firewall for a whole cloud data center is infeasible from both performance and financial aspects. In this paper, we propose a decentralized cloud firewall framework for individual cloud customers. We investigate how to dynamically allocate resources to optimize resources provisioning cost, while satisfying QoS requirement specified by individual customers simultaneously. Moreover, we establish novel queuing theory based model M/Geo/1 and M/Geo/m for quantitative system analysis, where the service times follow a geometric distribution. By employing Z-transform and embedded Markov chain techniques, we obtain a closed-form expression of mean packet response time. Through extensive simulations and experiments, we conclude that an M/Geo/1 model reflects the cloud firewall real system much better than a traditional M/M/1 model. Our numerical results also indicate that we are able to set up cloud firewall with affordable cost to cloud customers.

A review of security protocols in mHealth Wireless Body Area Networks (WBAN)

The popularity of smartphones has led to an increasing demand for health apps. As a result, the healthcare industry is embracing mobile technology and the security of mHealth is essential in protecting patient’s user data and WBAN in a clinical setting. Breaches of security can potentially be life-threatening as someone with malicious intentions could misuse mHealth devices and user information. In this article, threats to security for mHealth networks are discussed in a layered approach addressing gaps in this emerging field of research. Suite B and Suite E, which are utilized in many security systems, including in mHealth applications, are also discussed. In this paper, the support for mHealth security will follow two approaches; protecting patient-centric systems and associated link technologies. Therefore this article is focused on the security provisioning of the communication path between the patient terminal (PT; e.g., sensors) and the monitoring devices (e.g., smartphone, data-collector).

Secure object tracking protocol for the internet of things

In this paper, we propose a secure object tracking protocol to ensure the visibility and traceability of an object along the travel path to support the Internet of Things (IoT). The proposed protocol is based on radio frequency identification system for global unique identification of IoT objects. For ensuring secure object tracking, lightweight cryptographic primitives and physically unclonable function are used by the proposed protocol in tags. We evaluated the proposed protocol both quantitatively and qualitatively. In our experiment, we modeled the protocol using security protocol description language (SPDL) and simulated SPDL model using automated claim verification tool Scyther. The results show that the proposed protocol is more secure and requires less computation compared to existing similar protocols.