Showing papers in "Peer-to-peer Networking and Applications in 2018"
TL;DR: An improved three-factor remote authentication scheme for WSNs that is robust enough to keep away from various security vulnerabilities and suitable for the application.
Abstract: In wireless sensor networks(WSNs), the process that a legal user retrieving the information in real-time from the sensor nodes should be based on mutual authentication among the user, the sensors and the gateway. So security issues have attracted researchers. In 2014, A. K. Das proposed a new three-factor user authentication scheme for WSNs to overcome the disadvantages in Jiang et al.’s two-factor user authentication scheme. However, we find that the scheme has several weaknesses including susceptibility to the off-line guessing attack and the de-synchronization attack and destitution of strong forward security. We also find weaknesses in two three-factor user authentication schemes for WSNs presented by A. K. Das in 2015, containing under the off-line password guessing attack and the user forgery attack. Also, the two schemes lack user anonymity and strong forward security. Then we give an improved three-factor remote authentication scheme for WSNs to eliminate the above weaknesses. To illustrate the security of our scheme, we give a standard formal proof in the random oracle model, a formal verification with ProVerif and the informal analysis of security properties. The results demonstrate that our scheme is robust enough to keep away from various security vulnerabilities. Through the comparison with some other recent schemes, ours is suitable for the application.
90 citations
TL;DR: A resource allocation scheme based on double-sided combinational auctions (DCA) is proposed so that the resource can be shared by both the service side and the client side with the welfare of the whole society being maximized.
Abstract: Transparent Computing (TC) is becoming a promising paradigm in network computing era. Although many researchers believe that TC model has a high requirement for the communication bandwidth, there is no research on the communication bandwidth boundary or resource allocation, which impedes the development of TC. This paper focuses on studying an efficient transparent computing resource allocation model in an economic view. First, under the quality of experiments (QoE) ensured, the utility function of clients and transparent computing providers (TCPs) is constructed. After that, the demand boundary of communication bandwidth is analyzed under the ideal transparent computing model. Based on the above analyses, a resource allocation scheme based on double-sided combinational auctions (DCA) is proposed so that the resource can be shared by both the service side and the client side with the welfare of the whole society being maximized. Afterward, the results scheduled in different experimental scenarios are given, which verifies the effectiveness of the proposed strategy. Overall, this work provides an effective resource allocation model for optimizing the performance of TC.
62 citations
TL;DR: This paper investigates the MCC-assisted execution of multi-t tasks scheduling problem in hybrid MCC architecture and proposes a Cooperative Multi-tasks Scheduling based on Ant Colony Optimization algorithm (CMSACO), which is more efficient than a few typical existing algorithms.
Abstract: The explosive growth of mobile devices and the rapid development of wireless networks and mobile computing technologies have stimulated the emergence of many new computing paradigms, such as Fog Computing, Mobile Cloud Computing (MCC) etc. These newly emerged computation paradigms try to promote the mobile applications’ Quality of Service (QoS) through allowing the mobile devices to offload their computation tasks to the edge cloud and provide their idle computation capabilities for executing other devices’ offloaded tasks. Therefore, it is very critical to efficiently schedule the offloaded tasks especially when the available computation, storage, communication resources and energy supply are limited. In this paper, we investigate the MCC-assisted execution of multi-tasks scheduling problem in hybrid MCC architecture. Firstly, this problem is formulated as an optimization problem. Secondly, a Cooperative Multi-tasks Scheduling based on Ant Colony Optimization algorithm (CMSACO) is put forward to tackle this problem, which considers task profit, task deadline, task dependence, node heterogeneity and load balancing. Finally, a series of simulation experiments are conducted to evaluate the performance of the proposed scheduling algorithm. Experimental results have shown that our proposal is more efficient than a few typical existing algorithms.
61 citations
TL;DR: An adjustable duty cycle based fast disseminate (ADCFD) scheme is proposed for minimum-transmission broadcast (MTB) in a smart wireless software-define network and the number of transmission in an ADCFD scheme is reduced, while retaining network lifetime.
Abstract: Program codes as one of big data should be disseminated to all sensor nodes in a wireless software-define smart network (WSDSN) quickly Due to the limited energy of sensor nodes, sensor nodes adopt asynchronous duty-cycle model to save energy But neighbor nodes with sleep status can’t receive program codes, resulting in longer transmission delay for spreading program codes In this paper, an adjustable duty cycle based fast disseminate (ADCFD) scheme is proposed for minimum-transmission broadcast (MTB) in a smart wireless software-define network In an ADCFD scheme, the duty cycle of nodes are adjusted to receive program codes timely Thus, the transmission times and emergency transmission delay are reduced The theoretical analysis and experimental results show that compare to previous broadcast scheme, the number of transmission in an ADCFD scheme is reduced by 44776%–118519%, the delay from disseminating program codes is reduced by 17895%- 107527%, while retaining network lifetime
50 citations
TL;DR: The advanced LRMAPC satisfies desirable security requirements and maintains acceptable efficiency in terms of the costs of storage space and computation time, and is a very promising solution for resource-constrained devices in RFID-based IoT systems.
Abstract: The use of radio frequency identification (RFID) in Internet of things (IoT) has led to a significant progress in numerous intelligent devices. However, due to its restrictions on computation ability, storage space and battery capacity, RFID-based IoT system has to confront with various security and efficiency challenges. Recently, a lightweight RFID mutual authentication protocol with cache in the reader is introduced by Fan et al., named LRMAPC. Fan et al.’s LRMAPC can achieve stronger security and privacy requirements and reduce the computation and storage overheads during authentication process. Unfortunately, we discover that Fan et al.’s LRMAPC is susceptible to reader impersonation attack, tag forgery attack and message eavesdropping attack. Besides, it fails to preserve mutual authentication between the reader and the database. In order to remedy these flaws mentioned above, we further present an advanced authentication mechanisms and demonstrate the correctness of the advanced LRMAPC through the Gong-Needham-Yahalom (GNY) logic analysis. Compared the security and efficiency with Fan et al.’s LRMAPC, the advanced LRMAPC satisfies desirable security requirements and maintains acceptable efficiency in terms of the costs of storage space and computation time. As a result, our advanced LRMAPC is a very promising solution for resource-constrained devices in RFID-based IoT systems.
49 citations
TL;DR: This paper proposes a trigger-based pseudonym exchange scheme, which aims to thwart to track vehicle from the sending beacons and reduce the storage consumption, and proposes two trigger- based algorithms to decide when and how a vehicle exchange pseudonym with others.
Abstract: Location privacy plays an important role in Vehicular Ad Hoc Networks (VANETs). Pseudonym is normally used to preserve location privacy, which can meet the requirements of both privacy and security. When the same pseudonym is constantly used for a vehicle, the adversary can easily track it. To improve location privacy, a lot of pseudonym change schemes have been proposed. However, the tracker can match vehicles by the beacon message when it has found that the pseudonym is changed. Besides, every vehicle must hold lots of pseudonyms to change in these schemes. In this paper, we propose a trigger-based pseudonym exchange scheme, which aims to thwart to track vehicle from the sending beacons and reduce the storage consumption. We propose two trigger-based algorithms to decide when and how a vehicle exchange pseudonym with others. To evaluate the performance of our scheme, we conduct the probability of exchanging pseudonym in a road segment and a traffic intersection, and measure the tracking percent by an empirical tracker. The simulation results show that our scheme is resilient to confuse the tracker efficiently.
42 citations
TL;DR: Simulations show that improved geographic routing (IGR) has a significant improvement in terms of the achieved packet rate and end-to-end delay.
Abstract: Geographic routing scheme has received considerable attention recently. We present a position-based routing scheme called improved geographic routing (IGR) for the inter-vehicle communication in city environments. IGR uses the vehicular fog computing to make the best utilization of the vehicular communication and computational resources. IGR consists of two modes: (i) junction selection according to the distance to the destination and the vehicle density of each street, and (ii) an improved greedy forwarding strategy to transmit a data packet between two junctions. In the improved greedy forwarding mode, link error rate is considered in the path selection. Simulations are conducted to evaluate the performance of IGR. Simulation results show that IGR has a significant improvement in terms of the achieved packet rate and end-to-end delay.
40 citations
TL;DR: A secure energy-saving data aggregation scheme designed for the large-scale WSNs that employs Okamoto-Uchiyama homomorphic encryption algorithm, use MAC to achieve in-network false data filtering, and utilize the homomorphic MAC algorithm to achieve end-to-end data integrity.
Abstract: In wireless sensor networks, data aggregation allows in-network processing, which leads to reduced packet transmissions and reduced redundancy, and thus is helpful to prolong the overall lifetime of wireless sensor networks. In current studies, Elliptic Curve ElGamal homomorphic encryption algorithm has been widely used to protect end-to-end data confidentiality. However, these works suffer from the expensive mapping function during decryption. If the aggregated results are huge, the base station has no way to gain the original data due to the hardness of the elliptic curve discrete logarithm problem. Therefore, these schemes are unsuitable for the large-scale WSNs. In this paper, we propose a secure energy-saving data aggregation scheme designed for the large-scale WSNs. We employ Okamoto-Uchiyama homomorphic encryption algorithm to protect end-to-end data confidentiality, use MAC to achieve in-network false data filtering, and utilize the homomorphic MAC algorithm to achieve end-to-end data integrity. Two popular IEEE 802.15.4-compliant wireless sensor network platforms, Tmote Sky and iMote 2 have been used to evaluate the efficiency and feasibility of our scheme. The results demonstrate that our scheme achieved better performance in reducing energy consumption. Moreover, system delay, especially decryption delay at the base station, has been reduced when compared to other state-of-art methods.
40 citations
TL;DR: This study proposes a routing algorithm called sensor communication area node extend (SCANE), which aims to select relevance nodes and to recombine communication areas and enables information to be transmitted from the start node to the destination node easily.
Abstract: In opportunistic networks, sensor communication areas are established by node movements. Information can be transmitted among communication areas. Relevance nodes in communication areas are important because they carry information and build bridges between areas and data packets so that information can be delivered to the destination node. This study proposes a routing algorithm called sensor communication area node extend (SCANE), which aims to select relevance nodes and to recombine communication areas. This algorithm also enables information to be transmitted from the start node to the destination node easily. The simulation indicates that compared with Epidemic, PRoPHET, and Spray and wait algorithms in opportunistic networks, the proposed algorithm improves delivery ratio, overhead, and delay time.
35 citations
TL;DR: A mining-basedlifecare-recommendation mobile service can also be developed to enhance the quality of life, as it provides user-based health management and reduces the medical expenses; accordingly, it enhances the service satisfaction and quality in the lifecare field.
Abstract: Due to the enhancing of life quality, increasing of chronic diseases, changing lifestyles, and an expanding life expectancy, rapid population aging requires a new business model that promotes happiness and emphasizes a healthy body and mind through the “anytime, anywhere well-being” lifestyle. Recently, lifecare systems using IoT devices are being released as products that are influential on the overall society, and their effectiveness is continuously proven. In addition, based on peer-to-peer (P2P) networking, diverse companies are conducting investments and research to develop devices as well as solutions that connect to these devices. Accordingly, in this study, a mining-based lifecare-recommendation method using a peer-to-peer dataset and adaptive decision feedback is proposed. In addition to collecting PHRs, the proposed method measures life-logs such as dietary life, life pattern, sleep pattern, life behavior, and job career; the P2P-dataset preprocessed index information; and biometric information using a wearable device. It uses the Open API to collect the health-weather and life-weather index data from public data, and it uses a smart-band-type wearable device known as a biosensor to measure the heart rate, daily activity, and body temperature. It monitors the current status and conditions through the classification of life data, and it mines big data and uses a decision tree to analyze the association rules and correlations, as well as to discover new knowledge patterns. In the peer-to-peer networking, a lifecare recommendation model that uses adaptive decision feedback has been developed for the peer-to-peer platform. This adaptive decision feedback reflects an individual’s importance or sensory level. Accordingly, it proposes more individualized and flexible results and can be configured to support intellectual lifecare. A mining-based lifecare-recommendation mobile service can also be developed to enhance the quality of life, as it provides user-based health management and reduces the medical expenses; accordingly, it enhances the service satisfaction and quality in the lifecare field.
35 citations
TL;DR: This paper proposes a method of predicting a user’s health status using similarity-based data mining, where the PHRs are employed in a hybrid P2P environment consisting of a peer, a server, and a gateway.
Abstract: In an era of many diseases and increased longevity, more attention has been paid to chronic diseases that require constant health care. Under this circumstance, the development of research and development (R&D) for smart-device-based constant health care has drawn great attention. With the emergence of wearable devices, personal health devices (PHDs), and smartphones, various contents for constant health care have been developed. By using these devices, the users are able to collect personal health records (PHRs) that include data such as activity amount, heart rate, stress, and blood sugar. The range of the collected PHRs can be limited depending on the equipment or the surrounding environment. To overcome this problem, it is necessary to make a comparison with similar users in a cluster. Also, it is necessary to provide a service that can analyze and visually display the collected personal-health information. In this paper, we propose the mining of health-risk factors using the PHR similarity in a hybrid P2P network. This is a method of predicting a user’s health status using similarity-based data mining, where the PHRs are employed in a hybrid P2P environment consisting of a peer, a server, and a gateway. In a hybrid P2P environment, a user receives feedback on the result of a structured-data analysis. A peer searches for a different peer and gateway through a server and exchanges information. Depending on the data type, the PHR is divided into medical health examination, self-diagnosis, and personal-health data. The medical health examination contains the personal-health data that are generated regularly by a medical institution. Self-diagnosis represents the data of mental health, pains, and fatigue that can be changed often but cannot be collected by devices. Personal-health data mean the data that can be collected by individuals in everyday life. For the PHR-data analysis, an index is given to each attribute, and preprocessing is performed after a binary-code conversion. To predict a user’s health status, the PHR data are clustered on the basis of similarity in a hybrid P2P environment. The similarity between a user’s PHR and a PHR that is searched for in the network is measured. After the measurement, an index is given to the PHR that meets the minimum similarity and the PHR is incorporated into a Similarity PHR Group. The Similarity PHR Group flexibly changes depending on a user’s PHR status and the statuses of the users who have accessed the hybrid P2P network. A representative value of the Similarity PHR Group is extracted and is then compared with the user’s PHR to judge the user’s health status. The proposed method is suitable for a smart health service for chronic diseases requiring constant care, elderly health, and aftercare. This is a user-oriented health-care and promotion service wherein a user’s health status can be predicted through the mining of the health-risk factors of PHRs.
TL;DR: The proposed method processes time information and numerical information as de-identification data, respectively, so that pattern information cannot be analyzed by the data.
Abstract: Various security threats exist in the smart grid environment due to the fact that information and communication technology are grafted onto an existing power grid. In particular, smart metering data exposes a variety of information such as users’ life patterns and devices in use, and thereby serious infringement on personal information may occur. Therefore, we are in a situation where a de-identification algorithm suitable for metering data is required. Hence, this paper proposes a new de-identification method for metering data. The proposed method processes time information and numerical information as de-identification data, respectively, so that pattern information cannot be analyzed by the data. In addition, such a method has an advantage that a query such as a direct range search and aggregation processing in a database can be performed even in a de-identified state for statistical processing and availability.
TL;DR: A novel MCC architecture consisting of remote cloud server, cloudlet and mobile terminal to guarantee low latency and low energy mobile consumption is considered and an iterative algorithm is proposed to obtain Stackelberg equilibrium.
Abstract: Mobile cloud computing (MCC) is an emerging technology to relieve the tension between compute-intensive mobile applications and resource-constrained mobile terminals by offloading computing tasks to remote cloud servers. In this paper, we consider a novel MCC architecture consisting of remote cloud server, cloudlet and mobile terminal to guarantee low latency and low energy mobile consumption. To overcome the main bottlenecks of wireless bandwidth between mobile terminal and cloudlet, and the computation capability of cloudlet, the joint optimization strategy is proposed to enhance the quality of mobile cloud service. We formulate the wireless bandwidth and computing resource allocation model as a triple-stage Stackelberg game, and solve it by using backward method. In addition, the interplays of triple-stage game are discussed and the subgame optimal equilibrium for each stage is analyzed. An iterative algorithm is proposed to obtain Stackelberg equilibrium. Numerical results demonstrate the effectiveness of the proposed algorithm.
TL;DR: A multipath scheme by using the DODAG structure, and use the scheme to solve the congestion problem is proposed, which shows better performance in terms of network load, end-to-end delay, packet delivery ratio, percentage of the optimal parent node change, energy consumption and network lifetime.
Abstract: With the rising trend of the incidence and prevalence of chronic diseases all over the world, proactive healthcare systems with wireless sensor network (WSN) technology have attracted people’s extensive attention. One of the researches, such as routing protocol for low power and lossy networks (RPL) only takes into consideration a single metric, energy, hops or routing quality, and so on. To extend the survival time of the network effectively and maximize the utilization of energy, we need to consider both node metric and link metric that affect the network, and design IRPL (Improved RPL) protocol. We propose the life cycle index (LCI) as path selection objective function. The index takes node metric (node energy and node hops) and link metric (throughput, packet loss, link quality) into consideration. In order to detect and distribute congestion information, we add congestion detection factor to the index. According to node energy, hop and congestion detection factor, we optimize the calculation method of rank. Our method redesigns parent node selection strategy. Not only does the strategy select the best parent node by using the improved index, but also saves other parent nodes that meet the conditions. Meanwhile, we propose a multipath scheme by using the DODAG structure, and use the scheme to solve the congestion problem. The simulation results show that the scheme shows better performance in terms of network load, end-to-end delay, packet delivery ratio, percentage of the optimal parent node change, energy consumption and network lifetime.
TL;DR: Through extensive analysis, it is shown that PDiag ensures users’ health information and service provider’s prediction model are kept confidential, and has significantly less computation and communication overhead than existing schemes.
Abstract: With the advances of machine learning algorithms and the pervasiveness of network terminals, online medical primary diagnosis scheme, which can provide the primary diagnosis service anywhere anytime, has attracted considerable interest recently. However, the flourish of online medical primary diagnosis scheme still faces many challenges including information security and privacy preservation. In this paper, we propose an efficient and privacy-preserving medical primary diagnosis scheme, called PDiag, on naive Bayes classification. With PDiag, the sensitive personal health information can be processed without privacy disclosure during online medical primary diagnosis service. Specifically, based on an improved expression for the naive Bayes classifier, an efficient and privacy-preserving classification scheme is introduced with lightweight polynomial aggregation technique. The encrypted user query is directly operated at the service provider without decryption, and the diagnosis result can only be decrypted by user. Through extensive analysis, we show that PDiag ensures users’ health information and service provider’s prediction model are kept confidential, and has significantly less computation and communication overhead than existing schemes. In addition, performance evaluations via implementing PDiag on smartphone and computer demonstrate PDiag’s effectiveness in term of real environment.
TL;DR: A Self-Adaptive Bat Algorithm (SABA) is proposed to tackle the Manufacturing Service Composition (MSC) problem and significantly outperforms PSO, DE and GL25.
Abstract: In order to cope with the current economic situation and the trend of global manufacturing, Cloud Manufacturing Mode (CMM) is proposed as a new manufacturing model recently. Massive manufacturing capabilities and resources are provided as manufacturing services in CMM. How to select the appropriate services optimally to complete the manufacturing task is the Manufacturing Service Composition (MSC) problem, which is a key factor in the CMM. Since MSC problem is NP hard, solving large scale MSC problems using traditional methods may be highly unsatisfactory. To overcome this shortcoming, this paper investigates the MSC problem firstly. Then, a Self-Adaptive Bat Algorithm (SABA) is proposed to tackle the MSC problem. In SABA, three different behaviors based on a self-adaptive learning framework, two novel resetting mechanisms including Local and Global resetting are designed respectively to improve the exploration and exploitation abilities of the algorithm for various MSC problems. Finally, the performance of the different flying behaviors and resetting mechanisms of SABA are investigated. The statistical analyses of the experimental results show that the proposed algorithm significantly outperforms PSO, DE and GL25.
TL;DR: A new multi-authority ciphertext policy attribute-based encryption (CP-ABE) scheme with efficient decryption to realize data access control in vehicular network system, and design an efficient user and attribute revocation method for it.
Abstract: With the rapid development of vehicular networks, the problem of data sharing in vehicular networks has attached much attention. However, existing data access control schemes in cloud computing cannot be applied to the scenario of vehicular networks, because cloud computing paradigm cannot satisfy the rigorous requirement posed by latency-sensitive mobile application. Fog Computing is a paradigm that extends Cloud computing and services to the edge of the network. The vehicular fog is the ideal platform to achieve data sharing in vehicular networks. In this paper, we propose a revocable data sharing scheme for vehicular fogs. We construct a new multi-authority ciphertext policy attribute-based encryption (CP-ABE) scheme with efficient decryption to realize data access control in vehicular network system, and design an efficient user and attribute revocation method for it. The analysis and the simulation results show that our scheme is secure and highly efficient.
TL;DR: This paper proposes an authentication method that performs minimum encryption and decryption operations by combining session key and public key to securely control smart farm system and reduces the encryption/decryption time, the registration time, and facilitates the use of the smart card with low computing performance by using the session key compared with the existing authentication method.
Abstract: The application of ICT technology to agriculture has raised interest in smart farm systems that can remotely manage growing environments. Data transmission in smart farm systems uses wireless networks such as ZigBee and Wireless LAN and TCP/IP based wired networks. And also use the P2P network to share smart farm system data with other smart farm systems. There are security vulnerabilities that may arise in information communication environment in smart farm system unlike traditional farms, the smart farm system automatically stores and manages data for growth environments such as temperature, humidity, and CO2. Therefore, an attacker can use a security vulnerability to manage temperature, humidity, and Co2, which can cause significant damage. In this paper, we propose an authentication method that performs minimum encryption and decryption operations by combining session key and public key to securely control smart farm system. The proposed authentication method reduces the encryption/decryption time, the registration time, and facilitates the use of the smart card with low computing performance by using the session key compared with the existing authentication method.
TL;DR: The experimental results in OpenStack cloud platform indicates that the above strategy can effectively reduce the possibility of malicious tenants and targeted tenants on the same physical node, and reduce energy consumption and resource loss at the data center.
Abstract: The problem of Virtual Machine (VM) placement is critical to the security and efficiency of the cloud infrastructure. Nowadays most research focuses on the influences caused by the deployed VM on the data center load, energy consumption, resource loss, etc. Few works consider the security and privacy issues of the tenant data on the VM. For instance, as the application of virtualization technology, the VM from different tenants may be placed on one physical host. Hence, attackers may steal secrets from other tenants by using the side-channel attack based on the shared physical resources, which will threat the data security of the tenants in the cloud computing. To address the above issues, this paper proposes an efficient and secure VM placement strategy. Firstly, we define the related security and efficiency indices in the cloud computing system. Then, we establish a multi-objective constraint optimization model for the VM placement considering the security and performance of the system, and find resolution towards this model based on the discrete firefly algorithm. The experimental results in OpenStack cloud platform indicates that the above strategy can effectively reduce the possibility of malicious tenants and targeted tenants on the same physical node, and reduce energy consumption and resource loss at the data center.
TL;DR: The gravitation is introduced into the process of clustering in order to develop an improved Tor anonymous traffic identifier called gravitational clustering algorithm (GCA), which considers each sample in the dataset as an object in the feature space and the new object moves into the corresponding cluster according to gravitational force and similarity.
Abstract: The anonymous communication technology has brought new challenges to traffic analysis since it creates a private network pathway. Clustering analysis has been proved to be efficient in grouping Internet traffic. However, the cluster number of traditional clustering algorithms must be pointed, like K-means. In this paper, the gravitation is introduced into the process of clustering in order to develop an improved Tor anonymous traffic identifier called gravitational clustering algorithm (GCA). In the proposed method, we consider each sample in the dataset as an object in the feature space, and the new object moves into the corresponding cluster according to gravitational force and similarity. The GCA was applied to a data set consisting of 2366 Tor network flows and 20926 other network flows. Simulation test evaluated and compared the performance of the proposed classifier with three state-of-the-art clustering algorithms. The tests yielded that the average accuracy rate, R and FM coefficient of the proposed GCA algorithm exceed 0.8. However, among the other three clustering algorithms, K-means can achieve the highest detection rate (0.5).
TL;DR: The benefits of virtualization and software-defined networking are used to present a virtual version of the RPL protocol which is named OMC-RPL (Optimized Multi-Class RPL), and an SDN-enabled architecture consisting of a central controller and some SDN nodes is presented.
Abstract: Routing Protocol for Low Power and Lossy Network (RPL) is standardized and known as the primary solution for the last mile communication network in the smart grid. Various applications with different requirements are rapidly developed in the smart grid. The need to provide Quality of Service (QoS) for such a communication network is inevitable. In this paper, we use the benefits of virtualization and software-defined networking to present a virtual version of the RPL protocol which we name OMC-RPL (Optimized Multi-Class RPL). We present an SDN-enabled architecture consisting of a central controller and some SDN nodes. This implementation reduces the complexity and controls interactions to distribute the network states and other related information in the network. The proposed SDN-enabled architecture consists of different components including Network Link Discovery, Topology Manager, and Virtual Routing. OMC-RPL utilizes a holistic objective function including distinctive metrics related to QoS, and supports the data classification which is an essential requirement in this context. The proposed objective function considers different numbers of traffic classes by using weighting parameters. An optimization algorithm determines the best values of these coefficients. OMC-RPL is evaluated in different aspects. Simulation results show that the new idea significantly decreases both the end-to-end delay and packet loss which are the important factors of QoS. The virtualization idea is also investigated, which results in less message exchange.
TL;DR: This paper devise an efficient cryptographic primitive called as verifiable multi-keyword search over encrypted cloud data for dynamic data-owner scheme to protect both data confidentiality and integrity and proves that the scheme is efficient and feasible in practical applications.
Abstract: The advantages of cloud computing encourage individuals and enterprises to outsource their local data storage and computation to cloud server, however, data security and privacy concerns seriously hinder the practicability of cloud storage. Although searchable encryption (SE) technique enables cloud server to provide fundamental encrypted data retrieval services for data-owners, equipping with a result verification mechanism is still of prime importance in practice as semi-trusted cloud server may return incorrect search results. Besides, single keyword search inevitably incurs many irrelevant results which result in waste of bandwidth and computation resources. In this paper, we are among the first to tackle the problems of data-owner updating and result verification simultaneously. To this end, we devise an efficient cryptographic primitive called as verifiable multi-keyword search over encrypted cloud data for dynamic data-owner scheme to protect both data confidentiality and integrity. Rigorous security analysis proves that our scheme is secure against keyword guessing attack (KGA) in standard model. As a further contribution, the empirical experiments over real-world dataset show that our scheme is efficient and feasible in practical applications.
TL;DR: Wang et al. as mentioned in this paper proposed a method based on fog computing that performs most computations at terminal (mobile devices) It only uses the interaction between the account and its neighbors, which makes it easy to store and calculate a local graph on a mobile device Each interaction value can be applied to any request COLOR+ detects spammers based on a threshold of the suspicion degree
Abstract: Now, mobile devices play an increasingly important role in social networks by sharing information quickly, such as mobile phones and wearable health surveillance devices Mobile social networks are vulnerable to spammers because of the fragile security policies of mobile operating systems Especially, social networks on mobile devices face many difficulties in defending against spammers due to their low computing power, poor network quality and long response time Since graph-based algorithms require huge computing power, machine-learning classifiers require very short response time, and existing PC-based research is not suitable for mobile devices, we need a lightweight and fast response method for mobile devices to detect spammers in mobile social networks Regarded as the extension of cloud computing, fog computing puts the data, data processing and applications in the devices that are at the edge of the Internet (without storing all of them in the cloud), which leads to a better real-time performance, adapts to the wide geographical distribution and the high mobility of mobile devices In this paper, we propose COLOR + , a method based on fog computing that performs most computations at terminal (mobile devices) It only uses the interaction between the account and its neighbors, which makes it easy to store and calculate a local graph on a mobile device Each interaction value can be applied to any request COLOR + detects spammers based on a threshold of the suspicion degree We collect 50 million normal accounts and about 40,000 spammers from Twitter Experiments show that the accuracy of COLOR + is about 8595%, whose average time to detect an account is 001s Therefore, COLOR + is an effective detection method that can be quickly applied
TL;DR: An improved mutual authentication and key establishment protocol that conquers the security weaknesses in Lu et al.
Abstract: The Session Initiation Protocol (SIP) is a communication protocol that controls multimedia communication sessions. As the Internet users widely use SIP services, mutual authentication between the user and SIP server becomes an important issue. Several authentication protocols for SIP have been proposed for enhancing security and better complexities. Very recently, Lu et al. proposes an authenticated key agreement protocol for SIP and claims that it withstands various attacks and efficient. This paper points out that their protocol does not provide one of the most important features user anonymity. In addition, the same protocol is not able to resist user impersonation attack, server impersonation attack and fails to provide mutual authentication. The paper also presents an improved mutual authentication and key establishment protocol that conquers the security weaknesses in Lu et al.’s protocol. Informal security analysis is also carried out for several security properties. The formal proof for the correctness of mutual authentication and session key agreement is provided using BAN logic. It is shown that the proposed protocol is provably secure against identity and password guessing attacks in the random oracle model. The performance of the proposed scheme is compared with that of the existing related Elliptic Curve Cryptography (ECC) based schemes for SIP and shown that our scheme outperforms the others.
TL;DR: The proposed method predicts the connection status using naïve Bayesian classifier and determines whether the delay tolerant node transmits data to the mobile sink node or not and the efficiency of the proposed method was validated through extensive computer simulations.
Abstract: These days Internet of Things (IoT), which consists of smart objects such as sensor nodes is the most important technology for providing intelligent services. In the IoT ecosystem, wireless sensor networks deliver collected information from IoT devices to a server via sink nodes, and IoT services are provided by peer-to-peer (P2P) networking between the server and the IoT devices. Particularly, IoT applications with wide service area requires the mobile sink nodes to cover the service area. To employ mobile sink nodes, the network adopts delay-tolerant capability by which delay-tolerant nodes try to transmit data when they connect to the mobile sink node in the application service field. However, if the connection status between a IoT device and a mobile sink node is not good, the efficiency of data forwarding will be decreased. In addition, retransmission in bad connection cause high energy consumption for data transmission. Therefore, data forwarding in the delay-tolerant based services needs to take the connection status into account. The proposed method predicts the connection status using naive Bayesian classifier and determines whether the delay tolerant node transmits data to the mobile sink node or not. Furthermore, the efficiency of the proposed method was validated through extensive computer simulations.
TL;DR: A jammer-based secure communications scheme is developed to maximize the secure utility of PU, to confront of the situation that the eavesdropper could overheard the signals from SUi and the jammer.
Abstract: In this paper, an innovative framework labeled as cooperative cognitive maritime big data systems (CCMBDSs) on the sea is developed to provide opportunistic channel access and secure communication. A two-phase frame structure is applied to let Secondary users (SUs) entirely utilize the transmission opportunities for a portion of time as the reward by cooperation with Primary users (PUs). Amplify-and-forward (AF) relaying mode is exploited in SU nodes, and Backward induction method based Stackelberg game is employed to achieve optimal determination of SU, power consumption and time portion of cooperation both for non-secure communication scenario and secure communication. Specifically, a jammer-based secure communications scheme is developed to maximize the secure utility of PU, to confront of the situation that the eavesdropper could overheard the signals from SU i and the jammer. Close-form solutions for the best access time portion as well as the power for SU i and jammer are derived to realize the Nash Equilibrium. Simulation results validate the effectiveness of our proposed strategy.
TL;DR: Simulation results show that the proposed scheme can improve the handoff performance in terms of handoff delay and throughput and enable vehicles to keep always-on-line connections when they are moving along urban roads.
Abstract: With the fast development of vehicular technology and the emergence of mobile applications, it has become urgent to connect moving vehicles to Internet due to the ever-growing user demands. As an emerging paradigm of Internet of vehicles (IoV), vehicular fog communication (VFC) can not only efficiently enable drivers to access traditional Internet multimedia services, but also possible to enjoy new Internet applications dedicated to intelligent transportations. However, in VFC, travelling vehicles move with a high velocity and change their points of attachment frequently, which results in frequent network handoffs and even connection interruptions. In order to provide a satisfactory user experience, and enable vehicles to keep always-on-line connections when they are moving along urban roads, this paper proposes a cross-layer and neighboring vehicle-aided fast handoff (CVFH) scheme. A vehicle in CVFH utilizes the neighboring vehicle’s assistance to find a qualified vehicle to determine the target AP, and get related information before the vehicle moves into the coverage of the target AP. Simulation results show that the proposed scheme can improve the handoff performance in terms of handoff delay and throughput.
TL;DR: This paper proposes a mutual authentication protocol to protect driver’s privacy, TC is used in the protocol, so the protocol can make full use of client hardware, improve the quality of user experience and security.
Abstract: Transparent Computing (TC) has become a promising paradigm in the network computing era, the appearance of Transparent Computing have a real impact on the industry. A growing number of cars on the road, in order to reduce road congestion, improve efficiency, and increase travelers satisfaction, IoV (Internet of Vehicles) arises at the proper time. RFID as an excellent sensing equipment is widely used in the IoV. Tags can collect information separately. The surrounding readers transmit the information to the central processing unit by using the Transparent Computing technique. Data sharing is the premise of IoV, drivers can share their information, in the meantime, they do not want to expose their own privacy information, so anonymity and untraceability is very important. Unfortunately, current applicable or proposed protocols fail to satisfy the security, efficiency and usability. In this paper, we propose a mutual authentication protocol to protect driver’s privacy, TC is used in our protocol, so we can make full use of client hardware, improve the quality of user experience. The last but not least, because the existence of OS-level monitoring and attack tracing, system security increase greatly.
TL;DR: This paper designs a more powerful deduplication-based covert channel that can be used to transmit a complete message and introduces a novel coding scheme that allows each file to represent multiple bits in the message.
Abstract: To efficiently provide cloud storage services, most providers implement data deduplication schemes so as to reduce storage and network bandwidth consumption. Due to its broad application, many security issues about data deduplication have been investigated, such as data security, user privacy, etc. Nevertheless, we note that the threat of establishing covert channel over cloud storage has not been fully investigated. In particular, existing studies only demonstrate the potential of a single-bit channel, in which a sender can upload one of the two predefined files for a receiver to infer the information of “0” and “1”. In this paper, we design a more powerful deduplication-based covert channel that can be used to transmit a complete message. Specifically, the key features of our design include: (1) a synchronization scheme that can establish a covert channel between a sender and a receiver, and (2) a novel coding scheme that allows each file to represent multiple bits in the message. To evaluate the proposed design, we implement the covert channel and conduct extensive experiments in different cloud storage systems. Our work highlights a more severe security threat in cloud storage services.
TL;DR: Mobius and &Cube are introduced, which are oneM2M-compliant M2M/IoT software platforms for servers and devices, respectively, and three aspects, advanced discovery, open API, and peer-to-peer that are required for the oneM1M to build IoT ecosystem are discussed.
Abstract: As the Internet of Things (IoT) revolution presents an enormous opportunity for all industry verticals ranging from startups to large enterprises to create new types of services, standard bodies and global alliances have been working on establishing common standards for IoT systems. The oneM2M is the global partnership developing standards for Machine-to-Machine (M2M) communications and the Internet of Things. It develops technical specifications for the globally-applicable, interoperable common M2M/IoT service layer platforms, which play a pivotal role in building the ecosystem driven by key players, including developers and consumers. In this paper, we analyze the oneM2M standards, and introduce Mobius and &Cube, which are oneM2M-compliant M2M/IoT software platforms for servers and devices, respectively. We also present four pilot services using the platforms and several prototype IoT devices. Finally, we discuss three aspects, advanced discovery, open API, and peer-to-peer that are required for the oneM2M to build IoT ecosystem by attracting developers and consumers into the emerging IoT ecosystem.