96 research outputs found

    Efficient NFS model for risk estimation in a risk-based access control model

    Get PDF
    Providing a dynamic access control model that uses real-time features to make access decisions for IoT applications is one of the research gaps that many researchers are trying to tackle. This is because existing access control models are built using static and predefined policies that always give the same result in different situations and cannot adapt to changing and unpredicted situations. One of the dynamic models that utilize real-time and contextual features to make access decisions is the risk-based access control model. This model performs a risk analysis on each access request to permit or deny access dynamically based on the estimated risk value. However, the major issue associated with building this model is providing a dynamic, reliable, and accurate risk estimation technique, especially when there is no available dataset to describe risk likelihood and impact. Therefore, this paper proposes a Neuro-Fuzzy System (NFS) model to estimate the security risk value associated with each access request. The proposed NFS model was trained using three learning algorithms: Levenberg–Marquardt (LM), Conjugate Gradient with Fletcher–Reeves (CGF), and Scaled Conjugate Gradient (SCG). The results demonstrated that the LM algorithm is the optimal learning algorithm to implement the NFS model for risk estimation. The results also demonstrated that the proposed NFS model provides a short and efficient processing time, which can provide timeliness risk estimation technique for various IoT applications. The proposed NFS model was evaluated against access control scenarios of a children’s hospital, and the results demonstrated that the proposed model can be applied to provide dynamic and contextual-aware access decisions based on real-time features

    آغا شورش کاشمیری کی زندانی نثر

    No full text
    Politicians-cum-writers and poets have significantly contributed to the promotion of Urdu literature. Moulana Muhammad Ali Jauhar, Zafar Ali Khan, Abul Kalam Azad and Chaudhry Afzal Haq stand tall among these. Aga Shorish Kashmiri also belonged to this creed who was not only a great writer but also an active politician in pre-partition India and later in Pakistan. He was put behind the bars frequently owing to his political struggle which paved way to his landmark writings. In the present research paper, an attempt has been made to explore his work in prison

    Rapid detection of spammers through collaborative information sharing across multiple service providers

    Get PDF
    Spammers and telemarketers target a very large number of recipients usually dispersed across many Service Providers (SPs). Collaboration and Information sharing between SPs would increase the detection accuracy but detection effectiveness depends on the amount of information shared between SPs. Having service provider's exchange call detail records would arguably attain the best detection accuracy but would require significant network resources. Moreover, SPs are likely to feel uncomfortable in sharing their call records because call records contain user's private information as well as operational details of their networks. The challenge towards the design of collaborative Spam over Internet Telephony (SPIT) detection system is two-fold: it should attain high detection accuracy with a small false positive, and should fully protect the privacy of users and their service providers. In this paper, we propose a COllaborative Spit Detection System (COSDS)-a collaborative SPIT detection system for the Voice over IP (VoIP) network where service providers collaborate for the effective and early detection of SPIT callers without raising privacy concerns. To this extent, COSDS relies on a trusted Centralized Repository (CR) and exchange of non-sensitive reputation scores. The CR computes global reputation of users by aggregating the reputation scores provided by the respective collaborating SPs. The data exchanged to the CR is not sensitive regarding users privacy, and cannot be used to infer the relationship network of users. We evaluate the performance of our system using synthetic data that we have generated by simulating the realistic social behavior of spammers and non-spammers in a network. The results show that the COSDS approach has better detection accuracy as compared to the traditional stand-alone detection systems. For instances, in a setup where spammers are making calls to recipients of many SPs, COSDS successfully identifies spammers with the True Positive (TP) rate of around 80% and false positive (FP) rate of around 2% on a first day, which further increases to 100% TP rate and zero FP rate in three days. COSDS approach is fast, requires a small communication overhead, ensures privacy of users and collaborating SP, and requires only few iterations for the reputation convergence within the SP. © 2018 Elsevier B.V

    Securing Resource-Constrained IoT Nodes: Towards Intelligent Microcontroller-Based Attack Detection in Distributed Smart Applications

    No full text
    In recent years, the Internet of Things (IoT) devices have become an inseparable part of our lives. With the growing demand for Smart Applications, it becomes clear that IoT will bring regular automation and intelligent sensing to a new level thus improving quality of life. The core component of the IoT ecosystem is data which exists in various forms and formats. The collected data is then later used to create context awareness and make meaningful decisions. Besides an undoubtedly large number of advantages from the usage of IoT, there exist numerous challenges attributed to the security of objects that cannot be neglected for uninterrupted services. The Mirai botnet attack demonstrated that the IoT system is susceptible to different forms of cyberattacks. While advanced data analytics and Machine Learning have proved efficiency in various applications of cybersecurity, those still have not been explored enough in the literature from the applicability perspective in the domain of resource-constrained IoT. Several architectures and frameworks have been proposed for defining the ways for analyzing the data, yet mostly investigating off-chip analysis. In this contribution, we show how an Artificial Neural Network model can be trained and deployed on trivial IoT nodes for detecting intelligent similarity-based network attacks. This article proposes a concept of the resource-constrained intelligent system as a part of the IoT infrastructure to be able to harden the cybersecurity on microcontrollers. This work will serve as a stepping stone for the application of Artificial Intelligence on devices with limited computing capabilities such as end-point IoT nodes

    A privacy-aware decentralized and personalized reputation system

    No full text
    Reputation systems enable consumers to evaluate the trustworthiness of business entities (retailers, sellers) over the marketplace. In electronic marketplaces, the reputation of an business entity (retailer, seller) is computed by aggregating the “trust-scores” assigned to her by the parties who have had transactions with her. Most reputation systems designed for online marketplaces use all the available trust-scores to compute the reputation of business entity. However, in some scenarios, the consumer may wish to compute the reputation of a business entity by considering the trust-scores from a set of trustworthy participants, however, she does not want to disclose the identities of the users she trusts. There are two privacy protection challenges in the design of this kind of personalized reputation system: 1) protecting the set of trusted users of participants, and 2) protecting the trust-scores assigned by the participants in the trusted set. In this paper, we present a novel framework for computing the personalized global reputation of a business entity by considering the trust-scores from a set of trusted participants without disclosing identities of participants in the trusted set and their trust-scores. To this extent, the participants share cryptograms of their trust-scores for the business entity to the decentralized public bulletin board or tally center. These encrypted trust-scores are then used by the requester to compute the personalized reputation score of the business entity without leaking private information of participants in the system. We have analyzed the security and privacy properties of the scheme for the malicious adversarial model. The protocol has a linear message complexity, which proves that the system can be deployed in a real setup where such personalized recommendations may be required in practice. Furthermore, the system ensures correctness, privacy and security of trust-scores of participants in the trusted set under the malicious adversarial model
    corecore