A framework for data privacy and security accountability in data breach communications
- Thomas, Louise, Gondal, Iqbal, Oseni, Taiwo, Firmin, Sally
- Authors: Thomas, Louise , Gondal, Iqbal , Oseni, Taiwo , Firmin, Sally
- Date: 2022
- Type: Text , Journal article
- Relation: Computers and Security Vol. 116, no. (2022), p.
- Full Text: false
- Reviewed:
- Description: Organisations need to take steps to protect the privacy and security of the personal information they hold. However, when data is breached, how do individuals know whether the organisation took reasonable steps to protect their data? When breached organisations notify affected individuals, this communication is likely to be one of the few windows into the incident from the outside and can become an important artefact for research. This desktop study aimed to consider the extent to which publicly available Australian data breach communications reflect data privacy and security best practices. This paper presents a brief review of literature and government guidance on data security and privacy best practices, along with the results of a qualitative content analysis of 33 publicly available Australian data breach communications. This analysis illustrated that there was little reflection of data privacy and security practices. Literature, government guidance and the content analysis were used to inform and develop a new voluntary framework for organisations. This consists of a series of evaluation questions divided into two broad categories: responsible data management and responsible portrayal of the breach. The framework has the potential to help organisations plan the inclusion of data privacy and security management aspects in their data breach communications. This could assist organisations to address their legal and ethical responsibility to account for their actions in managing privacy and security of the personal data they hold. © 2022
False data detection in a clustered smart grid using unscented Kalman filter
- Rashed, Muhammad, Kamruzzaman, Joarder, Gondal, Iqbal, Islam, Syed
- Authors: Rashed, Muhammad , Kamruzzaman, Joarder , Gondal, Iqbal , Islam, Syed
- Date: 2022
- Type: Text , Journal article
- Relation: IEEE Access Vol. 10, no. (2022), p. 78548-78556
- Full Text:
- Reviewed:
- Description: The smart grid accessibility over the Internet of Things (IoT) is becoming attractive to electrical grid operators as it brings considerable operational and cost efficiencies. However, this in return creates significant cyber security challenges, such as fortification of state estimation data such as state variables against false data injection attacks (FDIAs). In this paper, a clustered partitioning state estimation (CPSE) technique is proposed to detect FDIA by using static state estimation, namely, weighted least square (WLS) method in conjunction with dynamic state estimation using minimum variance unscented Kalman filter (MV-UKF) which improves the accuracy of state estimation. The estimates acquired from the MV-UKF do not deviate like WLS as these are purely based on the previous iteration saved in the transition matrix. The deviation between the corresponding estimations of WLS and MV-UKF are utilised to partition the smart grid into smaller sub-systems to detect FDIA and then identify its location. To validate the proposed detection technique, FIDAs are injected into IEEE 14-bus, IEEE 30-bus, IEEE 118-bus, and IEEE 300-bus distribution feeder using MATPOWER simulation platform. Our results clearly demonstrate that the proposed technique can locate the attack area efficiently compared to other techniques such as chi square. © 2013 IEEE.
- Authors: Rashed, Muhammad , Kamruzzaman, Joarder , Gondal, Iqbal , Islam, Syed
- Date: 2022
- Type: Text , Journal article
- Relation: IEEE Access Vol. 10, no. (2022), p. 78548-78556
- Full Text:
- Reviewed:
- Description: The smart grid accessibility over the Internet of Things (IoT) is becoming attractive to electrical grid operators as it brings considerable operational and cost efficiencies. However, this in return creates significant cyber security challenges, such as fortification of state estimation data such as state variables against false data injection attacks (FDIAs). In this paper, a clustered partitioning state estimation (CPSE) technique is proposed to detect FDIA by using static state estimation, namely, weighted least square (WLS) method in conjunction with dynamic state estimation using minimum variance unscented Kalman filter (MV-UKF) which improves the accuracy of state estimation. The estimates acquired from the MV-UKF do not deviate like WLS as these are purely based on the previous iteration saved in the transition matrix. The deviation between the corresponding estimations of WLS and MV-UKF are utilised to partition the smart grid into smaller sub-systems to detect FDIA and then identify its location. To validate the proposed detection technique, FIDAs are injected into IEEE 14-bus, IEEE 30-bus, IEEE 118-bus, and IEEE 300-bus distribution feeder using MATPOWER simulation platform. Our results clearly demonstrate that the proposed technique can locate the attack area efficiently compared to other techniques such as chi square. © 2013 IEEE.
Sensitivity analysis for vulnerability mitigation in hybrid networks
- Ur‐rehman, Attiq, Gondal, Iqbal, Kamruzzaman, Joarder, Jolfaei, Alireza
- Authors: Ur‐rehman, Attiq , Gondal, Iqbal , Kamruzzaman, Joarder , Jolfaei, Alireza
- Date: 2022
- Type: Text , Journal article
- Relation: Electronics (Switzerland) Vol. 11, no. 2 (2022), p.
- Full Text:
- Reviewed:
- Description: The development of cyber‐assured systems is a challenging task, particularly due to the cost and complexities associated with the modern hybrid networks architectures, as well as the recent advancements in cloud computing. For this reason, the early detection of vulnerabilities and threat strategies are vital for minimising the risks for enterprise networks configured with a variety of node types, which are called hybrid networks. Existing vulnerability assessment techniques are unable to exhaustively analyse all vulnerabilities in modern dynamic IT networks, which utilise a wide range of IoT and industrial control devices (ICS). This could lead to having a less optimal risk evaluation. In this paper, we present a novel framework to analyse the mitigation strategies for a variety of nodes, including traditional IT systems and their dependability on IoT devices, as well as industrial control systems. The framework adopts avoid, reduce, and manage as its core principles in characterising mitigation strategies. Our results confirmed the effectiveness of our mitigation strategy framework, which took node types, their criticality, and the network topology into account. Our results showed that our proposed framework was highly effective at reducing the risks in dynamic and resource constraint environments, in contrast to the existing techniques in the literature. © 2022 by the authors. Licensee MDPI, Basel, Switzerland.
- Authors: Ur‐rehman, Attiq , Gondal, Iqbal , Kamruzzaman, Joarder , Jolfaei, Alireza
- Date: 2022
- Type: Text , Journal article
- Relation: Electronics (Switzerland) Vol. 11, no. 2 (2022), p.
- Full Text:
- Reviewed:
- Description: The development of cyber‐assured systems is a challenging task, particularly due to the cost and complexities associated with the modern hybrid networks architectures, as well as the recent advancements in cloud computing. For this reason, the early detection of vulnerabilities and threat strategies are vital for minimising the risks for enterprise networks configured with a variety of node types, which are called hybrid networks. Existing vulnerability assessment techniques are unable to exhaustively analyse all vulnerabilities in modern dynamic IT networks, which utilise a wide range of IoT and industrial control devices (ICS). This could lead to having a less optimal risk evaluation. In this paper, we present a novel framework to analyse the mitigation strategies for a variety of nodes, including traditional IT systems and their dependability on IoT devices, as well as industrial control systems. The framework adopts avoid, reduce, and manage as its core principles in characterising mitigation strategies. Our results confirmed the effectiveness of our mitigation strategy framework, which took node types, their criticality, and the network topology into account. Our results showed that our proposed framework was highly effective at reducing the risks in dynamic and resource constraint environments, in contrast to the existing techniques in the literature. © 2022 by the authors. Licensee MDPI, Basel, Switzerland.
A smart priority-based traffic control system for emergency vehicles
- Karmakar, Gour, Chowdhury, Abdullahi, Kamruzzaman, Joarder, Gondal, Iqbal
- Authors: Karmakar, Gour , Chowdhury, Abdullahi , Kamruzzaman, Joarder , Gondal, Iqbal
- Date: 2021
- Type: Text , Journal article
- Relation: IEEE Sensors Journal Vol. 21, no. 14 (2021), p. 15849-15858
- Full Text: false
- Reviewed:
- Description: Unwanted events on roads, such as incidents and increased traffic jams, can cause human lives and economic loss. For efficient incident management, it is essential to send Emergency Vehicles (EVs) to the incident place as quickly as possible. To reduce incidence clearance time, several approaches exist to provide a clear pathway to EVs mainly fitted with RFID sensors in the urban areas. However, they neither assign priority to the EVs based on the type and severity of an incident nor consider the effect on other on-road traffic. To address this issue, in this paper, we introduce an Emergency Vehicle Priority System (EVPS) by determining the priority level of an EV based on the type and the severity of an incident, and estimating the number of necessary signal interventions while considering the impact of those interventions on the traffic in the roads surrounding the EV's travel path. We present how EVPS determines the priority code and a new algorithm to estimate the number of green signal interventions to attain the quickest incident response while concomitantly reducing impact on others. A simulation model is developed in Simulation of Urban Mobility (SUMO) using the real traffic data of Melbourne, Australia, captured by various sensors. Results show that our system recommends appropriate number of intervention that can reduce emergency response time significantly. © 2001-2012 IEEE.
Cross-compiler bipartite vulnerability search
- Authors: Black, Paul , Gondal, Iqbal
- Date: 2021
- Type: Text , Journal article
- Relation: Electronics (Switzerland) Vol. 10, no. 11 (2021), p.
- Full Text:
- Reviewed:
- Description: Open-source libraries are widely used in software development, and the functions from these libraries may contain security vulnerabilities that can provide gateways for attackers. This paper provides a function similarity technique to identify vulnerable functions in compiled programs and proposes a new technique called Cross-Compiler Bipartite Vulnerability Search (CCBVS). CCBVS uses a novel training process, and bipartite matching to filter SVM model false positives to improve the quality of similar function identification. This research uses debug symbols in programs compiled from open-source software products to generate the ground truth. This automatic extraction of ground truth allows experimentation with a wide range of programs. The results presented in the paper show that an SVM model trained on a wide variety of programs compiled for Windows and Linux, x86 and Intel 64 architectures can be used to predict function similarity and that the use of bipartite matching substantially improves the function similarity matching performance. © 2021 by the authors. Licensee MDPI, Basel, Switzerland.
- Authors: Black, Paul , Gondal, Iqbal
- Date: 2021
- Type: Text , Journal article
- Relation: Electronics (Switzerland) Vol. 10, no. 11 (2021), p.
- Full Text:
- Reviewed:
- Description: Open-source libraries are widely used in software development, and the functions from these libraries may contain security vulnerabilities that can provide gateways for attackers. This paper provides a function similarity technique to identify vulnerable functions in compiled programs and proposes a new technique called Cross-Compiler Bipartite Vulnerability Search (CCBVS). CCBVS uses a novel training process, and bipartite matching to filter SVM model false positives to improve the quality of similar function identification. This research uses debug symbols in programs compiled from open-source software products to generate the ground truth. This automatic extraction of ground truth allows experimentation with a wide range of programs. The results presented in the paper show that an SVM model trained on a wide variety of programs compiled for Windows and Linux, x86 and Intel 64 architectures can be used to predict function similarity and that the use of bipartite matching substantially improves the function similarity matching performance. © 2021 by the authors. Licensee MDPI, Basel, Switzerland.
Malware detection in edge devices with fuzzy oversampling and dynamic class weighting
- Khoda, Mahbub, Kamruzzaman, Joarder, Gondal, Iqbal, Imam, Tasadduq, Rahman, Ashfaqur
- Authors: Khoda, Mahbub , Kamruzzaman, Joarder , Gondal, Iqbal , Imam, Tasadduq , Rahman, Ashfaqur
- Date: 2021
- Type: Text , Journal article
- Relation: Applied Soft Computing Vol. 112, no. (2021), p.
- Full Text: false
- Reviewed:
- Description: In Internet-of-things (IoT) domain, edge devices are used increasingly for data accumulation, preprocessing, and analytics. Intelligent integration of edge devices with Artificial Intelligence (AI) facilitates real-time analysis and decision making. However, these devices simultaneously provide additional attack opportunities for malware developers, potentially leading to information and financial loss. Machine learning approaches can detect such attacks but their performance degrades when benign samples substantially outnumber malware samples in training data. Existing approaches for such imbalanced data assume samples represented as continuous features and thus can generate invalid samples when malware applications are represented by binary features. We propose a novel malware oversampling technique that addresses this issue. Further, we propose two approaches for malware detection. Our first approach uses fuzzy set theory, while the second approach dynamically assigns higher priority to malware samples using a novel loss function. Combining our oversampling technique with these approaches, the proposed approach attains over 9% improvement over competing methods in terms of F1_score. Our approaches can, therefore, result in enhanced privacy and security in edge computing services. © 2021 Elsevier B.V.
Malware variant identification using incremental clustering
- Black, Paul, Gondal, Iqbal, Bagirov, Adil, Moniruzzaman, Md
- Authors: Black, Paul , Gondal, Iqbal , Bagirov, Adil , Moniruzzaman, Md
- Date: 2021
- Type: Text , Journal article
- Relation: Electronics Vol. 10, no. 14 (2021), p.
- Relation: http://purl.org/au-research/grants/arc/DP190100580
- Full Text:
- Reviewed:
- Authors: Black, Paul , Gondal, Iqbal , Bagirov, Adil , Moniruzzaman, Md
- Date: 2021
- Type: Text , Journal article
- Relation: Electronics Vol. 10, no. 14 (2021), p.
- Relation: http://purl.org/au-research/grants/arc/DP190100580
- Full Text:
- Reviewed:
State estimation within ied based smart grid using kalman estimates
- Rashed, Muhammad, Gondal, Iqbal, Kamruzzaman, Joarder, Islam, Syed
- Authors: Rashed, Muhammad , Gondal, Iqbal , Kamruzzaman, Joarder , Islam, Syed
- Date: 2021
- Type: Text , Journal article
- Relation: Electronics (Switzerland) Vol. 10, no. 15 (2021), p.
- Full Text:
- Reviewed:
- Description: State Estimation is a traditional and reliable technique within power distribution and control systems. It is used for building a topology of the power grid network based on state measurements and current operational state of different nodes & buses. The protection of sensors and measurement units such as Intelligent Electronic Devices (IED) in Central Energy Management System (CEMS) against False Data Injection Attacks (FDIAs) is a big concern to grid operators. These are special kind of cyber-attacks that are directed towards the state & measurement data in such a way that mislead the CEMS into making incorrect decisions and create generation load imbalance. These are known to bypass the traditional bad data detection systems within central estimators. This paper presents the use of an additional novel state estimator based on Kalman filter along with traditional Distributed State Estimation (DSE) which is based on Weighted Least Square (WLS). Kalman filter is a feedback control mechanism that constantly updates itself based on state prediction and state correction technique and shows improvement in the estimates. The additional estimator output is compared with the results of DSE in order to identify anomalies and injection of false data. We evaluated our methodology by simulating proposed technique using MATPOWER over IEEE-14, IEEE-30, IEEE-118, IEEE-300 bus. The results clearly demonstrate the superiority of the proposed method over traditional state estimation. © 2021 by the authors. Licensee MDPI, Basel, Switzerland.
- Authors: Rashed, Muhammad , Gondal, Iqbal , Kamruzzaman, Joarder , Islam, Syed
- Date: 2021
- Type: Text , Journal article
- Relation: Electronics (Switzerland) Vol. 10, no. 15 (2021), p.
- Full Text:
- Reviewed:
- Description: State Estimation is a traditional and reliable technique within power distribution and control systems. It is used for building a topology of the power grid network based on state measurements and current operational state of different nodes & buses. The protection of sensors and measurement units such as Intelligent Electronic Devices (IED) in Central Energy Management System (CEMS) against False Data Injection Attacks (FDIAs) is a big concern to grid operators. These are special kind of cyber-attacks that are directed towards the state & measurement data in such a way that mislead the CEMS into making incorrect decisions and create generation load imbalance. These are known to bypass the traditional bad data detection systems within central estimators. This paper presents the use of an additional novel state estimator based on Kalman filter along with traditional Distributed State Estimation (DSE) which is based on Weighted Least Square (WLS). Kalman filter is a feedback control mechanism that constantly updates itself based on state prediction and state correction technique and shows improvement in the estimates. The additional estimator output is compared with the results of DSE in order to identify anomalies and injection of false data. We evaluated our methodology by simulating proposed technique using MATPOWER over IEEE-14, IEEE-30, IEEE-118, IEEE-300 bus. The results clearly demonstrate the superiority of the proposed method over traditional state estimation. © 2021 by the authors. Licensee MDPI, Basel, Switzerland.
Blockchain leveraged decentralized IoT eHealth framework
- Uddin, Ashraf, Stranieri, Andrew, Gondal, Iqbal, Balasubramanian, Venki
- Authors: Uddin, Ashraf , Stranieri, Andrew , Gondal, Iqbal , Balasubramanian, Venki
- Date: 2020
- Type: Text , Journal article
- Relation: Internet of Things Vol. 9, no. March 2020 p. 100159
- Full Text:
- Reviewed:
- Description: Blockchain technologies recently emerging for eHealth, can facilitate a secure, decentral- ized and patient-driven, record management system. However, Blockchain technologies cannot accommodate the storage of data generated from IoT devices in remote patient management (RPM) settings as this application requires a fast consensus mechanism, care- ful management of keys and enhanced protocols for privacy. In this paper, we propose a Blockchain leveraged decentralized eHealth architecture which comprises three layers: (1) The Sensing layer –Body Area Sensor Networks include medical sensors typically on or in a patient body transmitting data to a smartphone. (2) The NEAR processing layer –Edge Networks consist of devices at one hop from data sensing IoT devices. (3) The FAR pro- cessing layer –Core Networks comprise Cloud or other high computing servers). A Patient Agent (PA) software replicated on the three layers processes medical data to ensure reli- able, secure and private communication. The PA executes a lightweight Blockchain consen- sus mechanism and utilizes a Blockchain leveraged task-offloading algorithm to ensure pa- tient’s privacy while outsourcing tasks. Performance analysis of the decentralized eHealth architecture has been conducted to demonstrate the feasibility of the system in the pro- cessing and storage of RPM data.
- Authors: Uddin, Ashraf , Stranieri, Andrew , Gondal, Iqbal , Balasubramanian, Venki
- Date: 2020
- Type: Text , Journal article
- Relation: Internet of Things Vol. 9, no. March 2020 p. 100159
- Full Text:
- Reviewed:
- Description: Blockchain technologies recently emerging for eHealth, can facilitate a secure, decentral- ized and patient-driven, record management system. However, Blockchain technologies cannot accommodate the storage of data generated from IoT devices in remote patient management (RPM) settings as this application requires a fast consensus mechanism, care- ful management of keys and enhanced protocols for privacy. In this paper, we propose a Blockchain leveraged decentralized eHealth architecture which comprises three layers: (1) The Sensing layer –Body Area Sensor Networks include medical sensors typically on or in a patient body transmitting data to a smartphone. (2) The NEAR processing layer –Edge Networks consist of devices at one hop from data sensing IoT devices. (3) The FAR pro- cessing layer –Core Networks comprise Cloud or other high computing servers). A Patient Agent (PA) software replicated on the three layers processes medical data to ensure reli- able, secure and private communication. The PA executes a lightweight Blockchain consen- sus mechanism and utilizes a Blockchain leveraged task-offloading algorithm to ensure pa- tient’s privacy while outsourcing tasks. Performance analysis of the decentralized eHealth architecture has been conducted to demonstrate the feasibility of the system in the pro- cessing and storage of RPM data.
Cyberattack triage using incremental clustering for intrusion detection systems
- Taheri, Sona, Bagirov, Adil, Gondal, Iqbal, Brown, Simon
- Authors: Taheri, Sona , Bagirov, Adil , Gondal, Iqbal , Brown, Simon
- Date: 2020
- Type: Text , Journal article
- Relation: International Journal of Information Security Vol. 19, no. 5 (2020), p. 597-607
- Relation: http://purl.org/au-research/grants/arc/DP190100580
- Full Text:
- Reviewed:
- Description: Intrusion detection systems (IDSs) are devices or software applications that monitor networks or systems for malicious activities and signals alerts/alarms when such activity is discovered. However, an IDS may generate many false alerts which affect its accuracy. In this paper, we develop a cyberattack triage algorithm to detect these alerts (so-called outliers). The proposed algorithm is designed using the clustering, optimization and distance-based approaches. An optimization-based incremental clustering algorithm is proposed to find clusters of different types of cyberattacks. Using a special procedure, a set of clusters is divided into two subsets: normal and stable clusters. Then, outliers are found among stable clusters using an average distance between centroids of normal clusters. The proposed algorithm is evaluated using the well-known IDS data sets—Knowledge Discovery and Data mining Cup 1999 and UNSW-NB15—and compared with some other existing algorithms. Results show that the proposed algorithm has a high detection accuracy and its false negative rate is very low. © 2019, Springer-Verlag GmbH Germany, part of Springer Nature.
- Description: This research was conducted in Internet Commerce Security Laboratory (ICSL) funded by Westpac Banking Corporation Australia. In addition, the research by Dr. Sona Taheri and A/Prof. Adil Bagirov was supported by the Australian Government through the Australian Research Council’s Discovery Projects funding scheme (DP190100580).
- Authors: Taheri, Sona , Bagirov, Adil , Gondal, Iqbal , Brown, Simon
- Date: 2020
- Type: Text , Journal article
- Relation: International Journal of Information Security Vol. 19, no. 5 (2020), p. 597-607
- Relation: http://purl.org/au-research/grants/arc/DP190100580
- Full Text:
- Reviewed:
- Description: Intrusion detection systems (IDSs) are devices or software applications that monitor networks or systems for malicious activities and signals alerts/alarms when such activity is discovered. However, an IDS may generate many false alerts which affect its accuracy. In this paper, we develop a cyberattack triage algorithm to detect these alerts (so-called outliers). The proposed algorithm is designed using the clustering, optimization and distance-based approaches. An optimization-based incremental clustering algorithm is proposed to find clusters of different types of cyberattacks. Using a special procedure, a set of clusters is divided into two subsets: normal and stable clusters. Then, outliers are found among stable clusters using an average distance between centroids of normal clusters. The proposed algorithm is evaluated using the well-known IDS data sets—Knowledge Discovery and Data mining Cup 1999 and UNSW-NB15—and compared with some other existing algorithms. Results show that the proposed algorithm has a high detection accuracy and its false negative rate is very low. © 2019, Springer-Verlag GmbH Germany, part of Springer Nature.
- Description: This research was conducted in Internet Commerce Security Laboratory (ICSL) funded by Westpac Banking Corporation Australia. In addition, the research by Dr. Sona Taheri and A/Prof. Adil Bagirov was supported by the Australian Government through the Australian Research Council’s Discovery Projects funding scheme (DP190100580).
Function similarity using family context
- Black, Paul, Gondal, Iqbal, Vamplew, Peter, Lakhotia, Arun
- Authors: Black, Paul , Gondal, Iqbal , Vamplew, Peter , Lakhotia, Arun
- Date: 2020
- Type: Text , Journal article
- Relation: Electronics Vol. 9, no. 7 (Jul 2020), p. 20
- Full Text:
- Reviewed:
- Description: Finding changed and similar functions between a pair of binaries is an important problem in malware attribution and for the identification of new malware capabilities. This paper presents a new technique called Function Similarity using Family Context (FSFC) for this problem. FSFC trains a Support Vector Machine (SVM) model using pairs of similar functions from two program variants. This method improves upon previous research called Cross Version Contextual Function Similarity (CVCFS) e epresenting a function using features extracted not just from the function itself, but also, from other functions with which it has a caller and callee relationship. We present the results of an initial experiment that shows that the use of additional features from the context of a function significantly decreases the false positive rate, obviating the need for a separate pass for cleaning false positives. The more surprising and unexpected finding is that the SVM model produced by FSFC can abstract function similarity features from one pair of program variants to find similar functions in an unrelated pair of program variants. If validated by a larger study, this new property leads to the possibility of creating generic similar function classifiers that can be packaged and distributed in reverse engineering tools such as IDA Pro and Ghidra.
- Description: This research was performed in the Internet Commerce Security Lab (ICSL), which is a joint venture with research partners Westpac, IBM, and Federation University Australia.
- Authors: Black, Paul , Gondal, Iqbal , Vamplew, Peter , Lakhotia, Arun
- Date: 2020
- Type: Text , Journal article
- Relation: Electronics Vol. 9, no. 7 (Jul 2020), p. 20
- Full Text:
- Reviewed:
- Description: Finding changed and similar functions between a pair of binaries is an important problem in malware attribution and for the identification of new malware capabilities. This paper presents a new technique called Function Similarity using Family Context (FSFC) for this problem. FSFC trains a Support Vector Machine (SVM) model using pairs of similar functions from two program variants. This method improves upon previous research called Cross Version Contextual Function Similarity (CVCFS) e epresenting a function using features extracted not just from the function itself, but also, from other functions with which it has a caller and callee relationship. We present the results of an initial experiment that shows that the use of additional features from the context of a function significantly decreases the false positive rate, obviating the need for a separate pass for cleaning false positives. The more surprising and unexpected finding is that the SVM model produced by FSFC can abstract function similarity features from one pair of program variants to find similar functions in an unrelated pair of program variants. If validated by a larger study, this new property leads to the possibility of creating generic similar function classifiers that can be packaged and distributed in reverse engineering tools such as IDA Pro and Ghidra.
- Description: This research was performed in the Internet Commerce Security Lab (ICSL), which is a joint venture with research partners Westpac, IBM, and Federation University Australia.
Hybrid intrusion detection system based on the stacking ensemble of C5 decision tree classifier and one class support vector machine
- Khraisat, Ansam, Gondal, Iqbal, Vamplew, Peter, Kamruzzaman, Joarder, Alazab, Ammar
- Authors: Khraisat, Ansam , Gondal, Iqbal , Vamplew, Peter , Kamruzzaman, Joarder , Alazab, Ammar
- Date: 2020
- Type: Text , Journal article
- Relation: Electronics (Switzerland) Vol. 9, no. 1 (2020), p.
- Full Text:
- Reviewed:
- Description: Cyberttacks are becoming increasingly sophisticated, necessitating the efficient intrusion detection mechanisms to monitor computer resources and generate reports on anomalous or suspicious activities. Many Intrusion Detection Systems (IDSs) use a single classifier for identifying intrusions. Single classifier IDSs are unable to achieve high accuracy and low false alarm rates due to polymorphic, metamorphic, and zero-day behaviors of malware. In this paper, a Hybrid IDS (HIDS) is proposed by combining the C5 decision tree classifier and One Class Support Vector Machine (OC-SVM). HIDS combines the strengths of SIDS) and Anomaly-based Intrusion Detection System (AIDS). The SIDS was developed based on the C5.0 Decision tree classifier and AIDS was developed based on the one-class Support Vector Machine (SVM). This framework aims to identify both the well-known intrusions and zero-day attacks with high detection accuracy and low false-alarm rates. The proposed HIDS is evaluated using the benchmark datasets, namely, Network Security Laboratory-Knowledge Discovery in Databases (NSL-KDD) and Australian Defence Force Academy (ADFA) datasets. Studies show that the performance of HIDS is enhanced, compared to SIDS and AIDS in terms of detection rate and low false-alarm rates. © 2020 by the authors. Licensee MDPI, Basel, Switzerland.
- Authors: Khraisat, Ansam , Gondal, Iqbal , Vamplew, Peter , Kamruzzaman, Joarder , Alazab, Ammar
- Date: 2020
- Type: Text , Journal article
- Relation: Electronics (Switzerland) Vol. 9, no. 1 (2020), p.
- Full Text:
- Reviewed:
- Description: Cyberttacks are becoming increasingly sophisticated, necessitating the efficient intrusion detection mechanisms to monitor computer resources and generate reports on anomalous or suspicious activities. Many Intrusion Detection Systems (IDSs) use a single classifier for identifying intrusions. Single classifier IDSs are unable to achieve high accuracy and low false alarm rates due to polymorphic, metamorphic, and zero-day behaviors of malware. In this paper, a Hybrid IDS (HIDS) is proposed by combining the C5 decision tree classifier and One Class Support Vector Machine (OC-SVM). HIDS combines the strengths of SIDS) and Anomaly-based Intrusion Detection System (AIDS). The SIDS was developed based on the C5.0 Decision tree classifier and AIDS was developed based on the one-class Support Vector Machine (SVM). This framework aims to identify both the well-known intrusions and zero-day attacks with high detection accuracy and low false-alarm rates. The proposed HIDS is evaluated using the benchmark datasets, namely, Network Security Laboratory-Knowledge Discovery in Databases (NSL-KDD) and Australian Defence Force Academy (ADFA) datasets. Studies show that the performance of HIDS is enhanced, compared to SIDS and AIDS in terms of detection rate and low false-alarm rates. © 2020 by the authors. Licensee MDPI, Basel, Switzerland.
Rapid health data repository allocation using predictive machine learning
- Uddin, Ashraf, Stranieri, Andrew, Gondal, Iqbal, Balasubramanian, Venki
- Authors: Uddin, Ashraf , Stranieri, Andrew , Gondal, Iqbal , Balasubramanian, Venki
- Date: 2020
- Type: Text , Journal article
- Relation: Health Informatics Journal Vol. 26, no. 4 (2020), p. 3009-3036
- Full Text:
- Reviewed:
- Description: Health-related data is stored in a number of repositories that are managed and controlled by different entities. For instance, Electronic Health Records are usually administered by governments. Electronic Medical Records are typically controlled by health care providers, whereas Personal Health Records are managed directly by patients. Recently, Blockchain-based health record systems largely regulated by technology have emerged as another type of repository. Repositories for storing health data differ from one another based on cost, level of security and quality of performance. Not only has the type of repositories increased in recent years, but the quantum of health data to be stored has increased. For instance, the advent of wearable sensors that capture physiological signs has resulted in an exponential growth in digital health data. The increase in the types of repository and amount of data has driven a need for intelligent processes to select appropriate repositories as data is collected. However, the storage allocation decision is complex and nuanced. The challenges are exacerbated when health data are continuously streamed, as is the case with wearable sensors. Although patients are not always solely responsible for determining which repository should be used, they typically have some input into this decision. Patients can be expected to have idiosyncratic preferences regarding storage decisions depending on their unique contexts. In this paper, we propose a predictive model for the storage of health data that can meet patient needs and make storage decisions rapidly, in real-time, even with data streaming from wearable sensors. The model is built with a machine learning classifier that learns the mapping between characteristics of health data and features of storage repositories from a training set generated synthetically from correlations evident from small samples of experts. Results from the evaluation demonstrate the viability of the machine learning technique used. © The Author(s) 2020.
- Authors: Uddin, Ashraf , Stranieri, Andrew , Gondal, Iqbal , Balasubramanian, Venki
- Date: 2020
- Type: Text , Journal article
- Relation: Health Informatics Journal Vol. 26, no. 4 (2020), p. 3009-3036
- Full Text:
- Reviewed:
- Description: Health-related data is stored in a number of repositories that are managed and controlled by different entities. For instance, Electronic Health Records are usually administered by governments. Electronic Medical Records are typically controlled by health care providers, whereas Personal Health Records are managed directly by patients. Recently, Blockchain-based health record systems largely regulated by technology have emerged as another type of repository. Repositories for storing health data differ from one another based on cost, level of security and quality of performance. Not only has the type of repositories increased in recent years, but the quantum of health data to be stored has increased. For instance, the advent of wearable sensors that capture physiological signs has resulted in an exponential growth in digital health data. The increase in the types of repository and amount of data has driven a need for intelligent processes to select appropriate repositories as data is collected. However, the storage allocation decision is complex and nuanced. The challenges are exacerbated when health data are continuously streamed, as is the case with wearable sensors. Although patients are not always solely responsible for determining which repository should be used, they typically have some input into this decision. Patients can be expected to have idiosyncratic preferences regarding storage decisions depending on their unique contexts. In this paper, we propose a predictive model for the storage of health data that can meet patient needs and make storage decisions rapidly, in real-time, even with data streaming from wearable sensors. The model is built with a machine learning classifier that learns the mapping between characteristics of health data and features of storage repositories from a training set generated synthetically from correlations evident from small samples of experts. Results from the evaluation demonstrate the viability of the machine learning technique used. © The Author(s) 2020.
Vulnerability modelling for hybrid industrial control system networks
- Ur-Rehman, Attiq, Gondal, Iqbal, Kamruzzaman, Joarder, Jolfaei, Alireza
- Authors: Ur-Rehman, Attiq , Gondal, Iqbal , Kamruzzaman, Joarder , Jolfaei, Alireza
- Date: 2020
- Type: Text , Journal article
- Relation: Journal of Grid Computing Vol. 18, no. 4 (2020), p. 863-878
- Full Text: false
- Reviewed:
- Description: With the emergence of internet-based devices, the traditional industrial control system (ICS) networks have evolved to co-exist with the conventional IT and internet enabled IoT networks, hence facing various security challenges. The IT industry around the world has widely adopted the common vulnerability scoring system (CVSS) as an industry standard to numerically evaluate the vulnerabilities in software systems. This mathematical score of vulnerabilities is combined with environmental knowledge to determine the vulnerable nodes and attack paths. IoT and ICS systems have unique dynamics and specific functionality as compared to traditional computer networks, and therefore, the legacy cyber security models would not fit these advanced networks. In this paper, we studied the CVSS v3.1 framework’s application to ICS embedded networks and an improved vulnerability framework, named CVSSIoT-ICS, is proposed. CVSSIoT-ICS and CVSS v3.1 are applied to a realistic supply chain hybrid network which consists of IT, IoT, and ICS nodes. This hybrid network is assigned with actual vulnerabilities listed in the national vulnerability database (NVD). The comparison results confirm the effectiveness of CVSSIoT-ICS framework as it is equally applicable to all nodes of a hybrid network and evaluates the vulnerabilities based on the distinct features of each node type. © 2020, Springer Nature B.V.
A lightweight blockchain based framework for underwater ioT
- Uddin, Md, Stranieri, Andrew, Gondal, Iqbal, Balasubramanian, Venki
- Authors: Uddin, Md , Stranieri, Andrew , Gondal, Iqbal , Balasubramanian, Venki
- Date: 2019
- Type: Text , Journal article
- Relation: Electronics (Switzerland) Vol. 8, no. 12 (2019), p.
- Full Text:
- Reviewed:
- Description: The Internet of Things (IoT) has facilitated services without human intervention for a wide range of applications, including underwater monitoring, where sensors are located at various depths, and data must be transmitted to surface base stations for storage and processing. Ensuring that data transmitted across hierarchical sensor networks are kept secure and private without high computational cost remains a challenge. In this paper, we propose a multilevel sensor monitoring architecture. Our proposal includes a layer-based architecture consisting of Fog and Cloud elements to process and store and process the Internet of Underwater Things (IoUT) data securely with customized Blockchain technology. The secure routing of IoUT data through the hierarchical topology ensures the legitimacy of data sources. A security and performance analysis was performed to show that the architecture can collect data from IoUT devices in the monitoring region efficiently and securely. © 2020 by the authors. Licensee MDPI, Basel, Switzerland.
- Authors: Uddin, Md , Stranieri, Andrew , Gondal, Iqbal , Balasubramanian, Venki
- Date: 2019
- Type: Text , Journal article
- Relation: Electronics (Switzerland) Vol. 8, no. 12 (2019), p.
- Full Text:
- Reviewed:
- Description: The Internet of Things (IoT) has facilitated services without human intervention for a wide range of applications, including underwater monitoring, where sensors are located at various depths, and data must be transmitted to surface base stations for storage and processing. Ensuring that data transmitted across hierarchical sensor networks are kept secure and private without high computational cost remains a challenge. In this paper, we propose a multilevel sensor monitoring architecture. Our proposal includes a layer-based architecture consisting of Fog and Cloud elements to process and store and process the Internet of Underwater Things (IoUT) data securely with customized Blockchain technology. The secure routing of IoUT data through the hierarchical topology ensures the legitimacy of data sources. A security and performance analysis was performed to show that the architecture can collect data from IoUT devices in the monitoring region efficiently and securely. © 2020 by the authors. Licensee MDPI, Basel, Switzerland.
A novel ensemble of hybrid intrusion detection system for detecting internet of things attacks
- Khraisat, Ansam, Gondal, Iqbal, Vamplew, Peter, Kamruzzaman, Joarder, Alazab, Ammar
- Authors: Khraisat, Ansam , Gondal, Iqbal , Vamplew, Peter , Kamruzzaman, Joarder , Alazab, Ammar
- Date: 2019
- Type: Text , Journal article
- Relation: Electronics (Switzerland) Vol. 8, no. 11 (2019), p.
- Full Text:
- Reviewed:
- Description: The Internet of Things (IoT) has been rapidly evolving towards making a greater impact on everyday life to large industrial systems. Unfortunately, this has attracted the attention of cybercriminals who made IoT a target of malicious activities, opening the door to a possible attack to the end nodes. Due to the large number and diverse types of IoT devices, it is a challenging task to protect the IoT infrastructure using a traditional intrusion detection system. To protect IoT devices, a novel ensemble Hybrid Intrusion Detection System (HIDS) is proposed by combining a C5 classifier and One Class Support Vector Machine classifier. HIDS combines the advantages of Signature Intrusion Detection System (SIDS) and Anomaly-based Intrusion Detection System (AIDS). The aim of this framework is to detect both the well-known intrusions and zero-day attacks with high detection accuracy and low false-alarm rates. The proposed HIDS is evaluated using the Bot-IoT dataset, which includes legitimate IoT network traffic and several types of attacks. Experiments show that the proposed hybrid IDS provide higher detection rate and lower false positive rate compared to the SIDS and AIDS techniques. © 2019 by the authors. Licensee MDPI, Basel, Switzerland.
- Authors: Khraisat, Ansam , Gondal, Iqbal , Vamplew, Peter , Kamruzzaman, Joarder , Alazab, Ammar
- Date: 2019
- Type: Text , Journal article
- Relation: Electronics (Switzerland) Vol. 8, no. 11 (2019), p.
- Full Text:
- Reviewed:
- Description: The Internet of Things (IoT) has been rapidly evolving towards making a greater impact on everyday life to large industrial systems. Unfortunately, this has attracted the attention of cybercriminals who made IoT a target of malicious activities, opening the door to a possible attack to the end nodes. Due to the large number and diverse types of IoT devices, it is a challenging task to protect the IoT infrastructure using a traditional intrusion detection system. To protect IoT devices, a novel ensemble Hybrid Intrusion Detection System (HIDS) is proposed by combining a C5 classifier and One Class Support Vector Machine classifier. HIDS combines the advantages of Signature Intrusion Detection System (SIDS) and Anomaly-based Intrusion Detection System (AIDS). The aim of this framework is to detect both the well-known intrusions and zero-day attacks with high detection accuracy and low false-alarm rates. The proposed HIDS is evaluated using the Bot-IoT dataset, which includes legitimate IoT network traffic and several types of attacks. Experiments show that the proposed hybrid IDS provide higher detection rate and lower false positive rate compared to the SIDS and AIDS techniques. © 2019 by the authors. Licensee MDPI, Basel, Switzerland.
Robust malware defense in industrial IoT applications using machine learning with selective adversarial samples
- Khoda, Mahbub, Imam, Tasadduq, Kamruzzaman, Joarder, Gondal, Iqbal, Rahman, Ashfaqur
- Authors: Khoda, Mahbub , Imam, Tasadduq , Kamruzzaman, Joarder , Gondal, Iqbal , Rahman, Ashfaqur
- Date: 2019
- Type: Text , Journal article
- Relation: IEEE Transactions on Industry Applications Vol.56, no 4. (2020), p. 4415-4424
- Full Text:
- Reviewed:
- Description: Industrial Internet of Things (IIoT) deploys edge devices to act as intermediaries between sensors and actuators and application servers or cloud services. Machine learning models have been widely used to thwart malware attacks in such edge devices. However, these models are vulnerable to adversarial attacks where attackers craft adversarial samples by introducing small perturbations to malware samples to fool a classifier to misclassify them as benign applications. Literature on deep learning networks proposes adversarial retraining as a defense mechanism where adversarial samples are combined with legitimate samples to retrain the classifier. However, existing works select such adversarial samples in a random fashion which degrades the classifier's performance. This work proposes two novel approaches for selecting adversarial samples to retrain a classifier. One, based on the distance from malware cluster center, and the other, based on a probability measure derived from a kernel based learning (KBL). Our experiments show that both of our sample selection methods outperform the random selection method and the KBL selection method improves detection accuracy by 6%. Also, while existing works focus on deep neural networks with respect to adversarial retraining, we additionally assess the impact of such adversarial samples on other classifiers and our proposed selective adversarial retraining approaches show similar performance improvement for these classifiers as well. The outcomes from the study can assist in designing robust security systems for IIoT applications.
- Authors: Khoda, Mahbub , Imam, Tasadduq , Kamruzzaman, Joarder , Gondal, Iqbal , Rahman, Ashfaqur
- Date: 2019
- Type: Text , Journal article
- Relation: IEEE Transactions on Industry Applications Vol.56, no 4. (2020), p. 4415-4424
- Full Text:
- Reviewed:
- Description: Industrial Internet of Things (IIoT) deploys edge devices to act as intermediaries between sensors and actuators and application servers or cloud services. Machine learning models have been widely used to thwart malware attacks in such edge devices. However, these models are vulnerable to adversarial attacks where attackers craft adversarial samples by introducing small perturbations to malware samples to fool a classifier to misclassify them as benign applications. Literature on deep learning networks proposes adversarial retraining as a defense mechanism where adversarial samples are combined with legitimate samples to retrain the classifier. However, existing works select such adversarial samples in a random fashion which degrades the classifier's performance. This work proposes two novel approaches for selecting adversarial samples to retrain a classifier. One, based on the distance from malware cluster center, and the other, based on a probability measure derived from a kernel based learning (KBL). Our experiments show that both of our sample selection methods outperform the random selection method and the KBL selection method improves detection accuracy by 6%. Also, while existing works focus on deep neural networks with respect to adversarial retraining, we additionally assess the impact of such adversarial samples on other classifiers and our proposed selective adversarial retraining approaches show similar performance improvement for these classifiers as well. The outcomes from the study can assist in designing robust security systems for IIoT applications.
Continuous patient monitoring with a patient centric agent : A block architecture
- Uddin, Ashraf, Stranieri, Andrew, Gondal, Iqbal, Balasubramanian, Venki
- Authors: Uddin, Ashraf , Stranieri, Andrew , Gondal, Iqbal , Balasubramanian, Venki
- Date: 2018
- Type: Text , Journal article
- Relation: IEEE Access Vol. 6, no. (2018), p. 32700-32726
- Full Text:
- Reviewed:
- Description: The Internet of Things (IoT) has facilitated services without human intervention for a wide range of applications, including continuous remote patient monitoring (RPM). However, the complexity of RPM architectures, the size of data sets generated and limited power capacity of devices make RPM challenging. In this paper, we propose a tier-based End to End architecture for continuous patient monitoring that has a patient centric agent (PCA) as its center piece. The PCA manages a blockchain component to preserve privacy when data streaming from body area sensors needs to be stored securely. The PCA based architecture includes a lightweight communication protocol to enforce security of data through different segments of a continuous, real time patient monitoring architecture. The architecture includes the insertion of data into a personal blockchain to facilitate data sharing amongst healthcare professionals and integration into electronic health records while ensuring privacy is maintained. The blockchain is customized for RPM with modifications that include having the PCA select a Miner to reduce computational effort, enabling the PCA to manage multiple blockchains for the same patient, and the modification of each block with a prefix tree to minimize energy consumption and incorporate secure transaction payments. Simulation results demonstrate that security and privacy can be enhanced in RPM with the PCA based End to End architecture.
- Authors: Uddin, Ashraf , Stranieri, Andrew , Gondal, Iqbal , Balasubramanian, Venki
- Date: 2018
- Type: Text , Journal article
- Relation: IEEE Access Vol. 6, no. (2018), p. 32700-32726
- Full Text:
- Reviewed:
- Description: The Internet of Things (IoT) has facilitated services without human intervention for a wide range of applications, including continuous remote patient monitoring (RPM). However, the complexity of RPM architectures, the size of data sets generated and limited power capacity of devices make RPM challenging. In this paper, we propose a tier-based End to End architecture for continuous patient monitoring that has a patient centric agent (PCA) as its center piece. The PCA manages a blockchain component to preserve privacy when data streaming from body area sensors needs to be stored securely. The PCA based architecture includes a lightweight communication protocol to enforce security of data through different segments of a continuous, real time patient monitoring architecture. The architecture includes the insertion of data into a personal blockchain to facilitate data sharing amongst healthcare professionals and integration into electronic health records while ensuring privacy is maintained. The blockchain is customized for RPM with modifications that include having the PCA select a Miner to reduce computational effort, enabling the PCA to manage multiple blockchains for the same patient, and the modification of each block with a prefix tree to minimize energy consumption and incorporate secure transaction payments. Simulation results demonstrate that security and privacy can be enhanced in RPM with the PCA based End to End architecture.
- Truong, Mandy, Gibbs, Lisa, Pradel, Veronika, Morris, Michal, Gwatirisa, Pauline, Tadic, Maryanne, De Silva, Andrea, Hall, Martin, Young, Dana, Riggs, Elisha, Calache, Hanny, Gussy, Mark, Watt, Richard, Gondal, Iqbal, Waters, Elizabeth
- Authors: Truong, Mandy , Gibbs, Lisa , Pradel, Veronika , Morris, Michal , Gwatirisa, Pauline , Tadic, Maryanne , De Silva, Andrea , Hall, Martin , Young, Dana , Riggs, Elisha , Calache, Hanny , Gussy, Mark , Watt, Richard , Gondal, Iqbal , Waters, Elizabeth
- Date: 2017
- Type: Text , Journal article
- Relation: Health Promotion Practice Vol. 18, no. 3 (2017), p. 466-475
- Full Text: false
- Reviewed:
- Description: Cultural competence is an important aspect of health service access and delivery in health promotion and community health. Although a number of frameworks and tools are available to assist health service organizations improve their services to diverse communities, there are few published studies describing organizational cultural competence assessments and the extent to which these tools facilitate cultural competence. This article addresses this gap by describing the development of a cultural competence assessment, intervention, and evaluation tool called the Cultural Competence Organizational Review (CORe) and its implementation in three community sector organizations. Baseline and follow-up staff surveys and document audits were conducted at each participating organization. Process data and organizational documentation were used to evaluate and monitor the experience of CORe within the organizations. Results at follow-up indicated an overall positive trend in organizational cultural competence at each organization in terms of both policy and practice. Organizations that are able to embed actions to improve organizational cultural competence within broader organizational plans increase the likelihood of sustainable changes to policies, procedures, and practice within the organization. The benefits and lessons learned from the implementation of CORe are discussed. © 2017, Society for Public Health Education.
Decentralized content sharing among tourists in visiting hotspots
- Kaisar, Shahriar, Kamruzzaman, Joarder, Karmakar, Gour, Gondal, Iqbal
- Authors: Kaisar, Shahriar , Kamruzzaman, Joarder , Karmakar, Gour , Gondal, Iqbal
- Date: 2017
- Type: Text , Journal article
- Relation: Journal of Network and Computer Applications Vol. 79, no. (2017), p. 25-40
- Full Text:
- Reviewed:
- Description: Content sharing with smart mobile devices using decentralized approach enables users to share contents without the use of any fixed infrastructure, and thereby offers a free-of-cost platform that does not add to Internet traffic which, in its current state, is approaching bottleneck in its capacity. Most of the existing decentralized approaches in the literature consider spatio-temporal regularity in human movement patterns and pre-existing social relationship for the sharing scheme to work. However, such predictable movement patterns and social relationship information are not available in places like tourist spots where people visit only for a short period of time and usually meet strangers. No works exist in literature that deals with content sharing in such environment. In this work, we propose a content sharing approach for such environments. The group formation mechanism is based on users' interest score and stay probability in the individual region of interest (ROI) as well as on the availability and delivery probabilities of contents in the group. The administrator of each group is selected by taking into account its probability of stay in the ROI, connectivity with other nodes, its trustworthiness and computing and energy resources to serve the group. We have also adopted an incentive mechanism as encouragement that awards nodes for sharing and forwarding contents. We have used network simulator NS3 to perform extensive simulation on a popular tourist spot in Australia which facilitates a number of activities. The proposed approach shows promising results in sharing contents among tourists, measured in terms of content hit, delivery success rate and latency.
- Description: Content sharing with smart mobile devices using decentralized approach enables users to share contents without the use of any fixed infrastructure, and thereby offers a free-of-cost platform that does not add to Internet traffic which, in its current state, is approaching bottleneck in its capacity. Most of the existing decentralized approaches in the literature consider spatio-temporal regularity in human movement patterns and pre-existing social relationship for the sharing scheme to work. However, such predictable movement patterns and social relationship information are not available in places like tourist spots where people visit only for a short period of time and usually meet strangers. No works exist in literature that deals with content sharing in such environment. In this work, we propose a content sharing approach for such environments. The group formation mechanism is based on users' interest score and stay probability in the individual region of interest (ROI) as well as on the availability and delivery probabilities of contents in the group. The administrator of each group is selected by taking into account its probability of stay in the ROI, connectivity with other nodes, its trustworthiness and computing and energy resources to serve the group. We have also adopted an incentive mechanism as encouragement that awards nodes for sharing and forwarding contents. We have used network simulator NS3 to perform extensive simulation on a popular tourist spot in Australia which facilitates a number of activities. The proposed approach shows promising results in sharing contents among tourists, measured in terms of content hit, delivery success rate and latency. © 2016
- Authors: Kaisar, Shahriar , Kamruzzaman, Joarder , Karmakar, Gour , Gondal, Iqbal
- Date: 2017
- Type: Text , Journal article
- Relation: Journal of Network and Computer Applications Vol. 79, no. (2017), p. 25-40
- Full Text:
- Reviewed:
- Description: Content sharing with smart mobile devices using decentralized approach enables users to share contents without the use of any fixed infrastructure, and thereby offers a free-of-cost platform that does not add to Internet traffic which, in its current state, is approaching bottleneck in its capacity. Most of the existing decentralized approaches in the literature consider spatio-temporal regularity in human movement patterns and pre-existing social relationship for the sharing scheme to work. However, such predictable movement patterns and social relationship information are not available in places like tourist spots where people visit only for a short period of time and usually meet strangers. No works exist in literature that deals with content sharing in such environment. In this work, we propose a content sharing approach for such environments. The group formation mechanism is based on users' interest score and stay probability in the individual region of interest (ROI) as well as on the availability and delivery probabilities of contents in the group. The administrator of each group is selected by taking into account its probability of stay in the ROI, connectivity with other nodes, its trustworthiness and computing and energy resources to serve the group. We have also adopted an incentive mechanism as encouragement that awards nodes for sharing and forwarding contents. We have used network simulator NS3 to perform extensive simulation on a popular tourist spot in Australia which facilitates a number of activities. The proposed approach shows promising results in sharing contents among tourists, measured in terms of content hit, delivery success rate and latency.
- Description: Content sharing with smart mobile devices using decentralized approach enables users to share contents without the use of any fixed infrastructure, and thereby offers a free-of-cost platform that does not add to Internet traffic which, in its current state, is approaching bottleneck in its capacity. Most of the existing decentralized approaches in the literature consider spatio-temporal regularity in human movement patterns and pre-existing social relationship for the sharing scheme to work. However, such predictable movement patterns and social relationship information are not available in places like tourist spots where people visit only for a short period of time and usually meet strangers. No works exist in literature that deals with content sharing in such environment. In this work, we propose a content sharing approach for such environments. The group formation mechanism is based on users' interest score and stay probability in the individual region of interest (ROI) as well as on the availability and delivery probabilities of contents in the group. The administrator of each group is selected by taking into account its probability of stay in the ROI, connectivity with other nodes, its trustworthiness and computing and energy resources to serve the group. We have also adopted an incentive mechanism as encouragement that awards nodes for sharing and forwarding contents. We have used network simulator NS3 to perform extensive simulation on a popular tourist spot in Australia which facilitates a number of activities. The proposed approach shows promising results in sharing contents among tourists, measured in terms of content hit, delivery success rate and latency. © 2016