Improved ECG Watermarking Technique Using Curvelet Transform.

Hiding data in electrocardiogram signals are a big challenge due to the embedded information that can hamper the accuracy of disease detection. On the other hand, hiding data into ECG signals provides more security for, and authenticity of, the patient's data. Some recent studies used non-blind watermarking techniques to embed patient information and data of a patient into ECG signals. However, these techniques are not robust against attacks with noise and show a low performance in terms of parameters such as peak signal to noise ratio (PSNR), normalized correlation (NC), mean square error (MSE), percentage residual difference (PRD), bit error rate (BER), structure similarity index measure (SSIM). In this study, an improved blind ECG-watermarking technique is proposed to embed the information of the patient's data into the ECG signals using curvelet transform. The Euclidean distance between every two curvelet coefficients was computed to cluster the curvelet coefficients and after this, data were embedded into the selected clusters. This was an improvement not only in terms of extracting a hidden message from the watermarked ECG signals, but also robust against image-processing attacks. Performance metrics of SSIM, NC, PSNR and BER were used to measure the superiority of presented work. KL divergence and PRD were also used to reveal data hiding in curvelet coefficients of ECG without disturbing the original signal. The simulation results also demonstrated that the clustering method in the curvelet domain provided the best performance-even when the hidden messages were large size.

Energy Efficient Range-Free Localization Algorithm for Wireless Sensor Networks.

In this paper, an energy-efficient localization algorithm is proposed for precise localization in wireless sensor networks (WSNs) and the process is accomplished in three steps. Firstly, the beacon nodes discover their one-hop neighbor nodes with additional tone requests and reply packets over the media access control (MAC) layer to avoid collision of packets. Secondly, the discovered one-hop unknown nodes are divided into two sets, i.e. unknown nodes with direct communication, and with indirect communication for energy efficiency. In direct communication, source beacon nodes forward the information directly to the unknown nodes, but a common beacon node is selected for communication which reduces overall energy consumption during transmission in indirect communication. Finally, a correction factor is also introduced, and localized unknown nodes are upgraded into helper nodes for reducing the localization error. To analyze the efficiency and effectiveness of the proposed algorithm, various simulations are conducted and compared with the existing algorithms.

Improved Location Estimation in Wireless Sensor Networks Using a Vector-Based Swarm Optimized Connected Dominating Set.

Location estimation in wireless sensor networks (WSNs) has received tremendous attention in recent times. Improved technology and efficient algorithms systematically empower WSNs with precise location identification. However, while algorithms are efficient in improving the location estimation error, the factor of the network lifetime has not been researched thoroughly. In addition, algorithms are not optimized in balancing the load among nodes, which reduces the overall network lifetime. In this paper, we have proposed an algorithm that balances the load of computation for location estimation among the anchor nodes. We have used vector-based swarm optimization on the connected dominating set (CDS), consisting of anchor nodes for that purpose. In this algorithm, major tasks are performed by the base station with a minimum number of messages exchanged by anchor nodes and unknown nodes. The simulation results showed that the proposed algorithm significantly improves the network lifetime and reduces the location estimation error. Furthermore, the proposed optimized CDS is capable of providing a global optimum solution with a minimum number of iterations.

Clustering and Flow Conservation Monitoring Tool for Software Defined Networks.

Prediction systems present some challenges on two fronts: the relation between video quality and observed session features and on the other hand, dynamics changes on the video quality. Software Defined Networks (SDN) is a new concept of network architecture that provides the separation of control plane (controller) and data plane (switches) in network devices. Due to the existence of the southbound interface, it is possible to deploy monitoring tools to obtain the network status and retrieve a statistics collection. Therefore, achieving the most accurate statistics depends on a strategy of monitoring and information requests of network devices. In this paper, we propose an enhanced algorithm for requesting statistics to measure the traffic flow in SDN networks. Such an algorithm is based on grouping network switches in clusters focusing on their number of ports to apply different monitoring techniques. Such grouping occurs by avoiding monitoring queries in network switches with common characteristics and then, by omitting redundant information. In this way, the present proposal decreases the number of monitoring queries to switches, improving the network traffic and preventing the switching overload. We have tested our optimization in a video streaming simulation using different types of videos. The experiments and comparison with traditional monitoring techniques demonstrate the feasibility of our proposal maintaining similar values decreasing the number of queries to the switches.

Learning Perfectly Secure Cryptography to Protect Communications with Adversarial Neural Cryptography.

Researches in Artificial Intelligence (AI) have achieved many important breakthroughs, especially in recent years. In some cases, AI learns alone from scratch and performs human tasks faster and better than humans. With the recent advances in AI, it is natural to wonder whether Artificial Neural Networks will be used to successfully create or break cryptographic algorithms. Bibliographic review shows the main approach to this problem have been addressed throughout complex Neural Networks, but without understanding or proving the security of the generated model. This paper presents an analysis of the security of cryptographic algorithms generated by a new technique called Adversarial Neural Cryptography (ANC). Using the proposed network, we show limitations and directions to improve the current approach of ANC. Training the proposed Artificial Neural Network with the improved model of ANC, we show that artificially intelligent agents can learn the unbreakable One-Time Pad (OTP) algorithm, without human knowledge, to communicate securely through an insecure communication channel. This paper shows in which conditions an AI agent can learn a secure encryption scheme. However, it also shows that, without a stronger adversary, it is more likely to obtain an insecure one.

New DoS Defense Method Based on Strong Designated Verifier Signatures.

We present a novel technique for source authentication of a packet stream in a network, which intends to give guarantees that a specific network flow really comes from a claimed origin. This mechanism, named packet level authentication (PLA), can be an essential tool for addressing Denial of Service (DoS) attacks. Based on designated verifier signature schemes, our proposal is an appropriate and unprecedented solution applying digital signatures for DoS prevention. Our scheme does not rely on an expensive public-key infrastructure and makes use of light cryptography machinery that is suitable in the context of the Internet of Things (IoT). We analyze our proposed scheme as a defense measure considering known DoS attacks and present a formal proof of its resilience face to eventual adversaries. Furthermore, we compare our solution to already existent strategies, highlighting its advantages and drawbacks.

Security Architecture and Protocol for Trust Verifications Regarding the Integrity of Files Stored in Cloud Services.

Cloud computing is considered an interesting paradigm due to its scalability, availability and virtually unlimited storage capacity. However, it is challenging to organize a cloud storage service (CSS) that is safe from the client point-of-view and to implement this CSS in public clouds since it is not advisable to blindly consider this configuration as fully trustworthy. Ideally, owners of large amounts of data should trust their data to be in the cloud for a long period of time, without the burden of keeping copies of the original data, nor of accessing the whole content for verifications regarding data preservation. Due to these requirements, integrity, availability, privacy and trust are still challenging issues for the adoption of cloud storage services, especially when losing or leaking information can bring significant damage, be it legal or business-related. With such concerns in mind, this paper proposes an architecture for periodically monitoring both the information stored in the cloud and the service provider behavior. The architecture operates with a proposed protocol based on trust and encryption concepts to ensure cloud data integrity without compromising confidentiality and without overloading storage services. Extensive tests and simulations of the proposed architecture and protocol validate their functional behavior and performance.

Software Defined Networks in Wireless Sensor Architectures.

Nowadays, different protocols coexist in Internet that provides services to users. Unfortunately, control decisions and distributed management make it hard to control networks. These problems result in an inefficient and unpredictable network behaviour. Software Defined Networks (SDN) is a new concept of network architecture. It intends to be more flexible and to simplify the management in networks with respect to traditional architectures. Each of these aspects are possible because of the separation of control plane (controller) and data plane (switches) in network devices. OpenFlow is the most common protocol for SDN networks that provides the communication between control and data planes. Moreover, the advantage of decoupling control and data planes enables a quick evolution of protocols and also its deployment without replacing data plane switches. In this survey, we review the SDN technology and the OpenFlow protocol and their related works. Specifically, we describe some technologies as Wireless Sensor Networks and Wireless Cellular Networks and how SDN can be included within them in order to solve their challenges. We classify different solutions for each technology attending to the problem that is being fixed.

Distributed One Time Password Infrastructure for Linux Environments.

Nowadays, there is a lot of critical information and services hosted on computer systems. The proper access control to these resources is essential to avoid malicious actions that could cause huge losses to home and professional users. The access control systems have evolved from the first password based systems to the modern mechanisms using smart cards, certificates, tokens, biometric systems, etc. However, when designing a system, it is necessary to take into account their particular limitations, such as connectivity, infrastructure or budget. In addition, one of the main objectives must be to ensure the system usability, but this property is usually orthogonal to the security. Thus, the use of password is still common. In this paper, we expose a new password based access control system that aims to improve password security with the minimum impact in the system usability.

A Family of ACO Routing Protocols for Mobile Ad Hoc Networks.

In this work, an ACO routing protocol for mobile ad hoc networks based on AntHocNet is specified. As its predecessor, this new protocol, called AntOR, is hybrid in the sense that it contains elements from both reactive and proactive routing. Specifically, it combines a reactive route setup process with a proactive route maintenance and improvement process. Key aspects of the AntOR protocol are the disjoint-link and disjoint-node routes, separation between the regular pheromone and the virtual pheromone in the diffusion process and the exploration of routes, taking into consideration the number of hops in the best routes. In this work, a family of ACO routing protocols based on AntOR is also specified. These protocols are based on protocol successive refinements. In this work, we also present a parallelized version of AntOR that we call PAntOR. Using programming multiprocessor architectures based on the shared memory protocol, PAntOR allows running tasks in parallel using threads. This parallelization is applicable in the route setup phase, route local repair process and link failure notification. In addition, a variant of PAntOR that consists of having more than one interface, which we call PAntOR-MI (PAntOR-Multiple Interface), is specified. This approach parallelizes the sending of broadcast messages by interface through threads.

A Dimensionality Reduction-Based Multi-Step Clustering Method for Robust Vessel Trajectory Analysis.

The Shipboard Automatic Identification System (AIS) is crucial for navigation safety and maritime surveillance, data mining and pattern analysis of AIS information have attracted considerable attention in terms of both basic research and practical applications. Clustering of spatio-temporal AIS trajectories can be used to identify abnormal patterns and mine customary route data for transportation safety. Thus, the capacities of navigation safety and maritime traffic monitoring could be enhanced correspondingly. However, trajectory clustering is often sensitive to undesirable outliers and is essentially more complex compared with traditional point clustering. To overcome this limitation, a multi-step trajectory clustering method is proposed in this paper for robust AIS trajectory clustering. In particular, the Dynamic Time Warping (DTW), a similarity measurement method, is introduced in the first step to measure the distances between different trajectories. The calculated distances, inversely proportional to the similarities, constitute a distance matrix in the second step. Furthermore, as a widely-used dimensional reduction method, Principal Component Analysis (PCA) is exploited to decompose the obtained distance matrix. In particular, the top k principal components with above 95% accumulative contribution rate are extracted by PCA, and the number of the centers k is chosen. The k centers are found by the improved center automatically selection algorithm. In the last step, the improved center clustering algorithm with k clusters is implemented on the distance matrix to achieve the final AIS trajectory clustering results. In order to improve the accuracy of the proposed multi-step clustering algorithm, an automatic algorithm for choosing the k clusters is developed according to the similarity distance. Numerous experiments on realistic AIS trajectory datasets in the bridge area waterway and Mississippi River have been implemented to compare our proposed method with traditional spectral clustering and fast affinity propagation clustering. Experimental results have illustrated its superior performance in terms of quantitative and qualitative evaluations.

Distributed Data Service for Data Management in Internet of Things Middleware.

The development of the Internet of Things (IoT) is closely related to a considerable increase in the number and variety of devices connected to the Internet. Sensors have become a regular component of our environment, as well as smart phones and other devices that continuously collect data about our lives even without our intervention. With such connected devices, a broad range of applications has been developed and deployed, including those dealing with massive volumes of data. In this paper, we introduce a Distributed Data Service (DDS) to collect and process data for IoT environments. One central goal of this DDS is to enable multiple and distinct IoT middleware systems to share common data services from a loosely-coupled provider. In this context, we propose a new specification of functionalities for a DDS and the conception of the corresponding techniques for collecting, filtering and storing data conveniently and efficiently in this environment. Another contribution is a data aggregation component that is proposed to support efficient real-time data querying. To validate its data collecting and querying functionalities and performance, the proposed DDS is evaluated in two case studies regarding a simulated smart home system, the first case devoted to evaluating data collection and aggregation when the DDS is interacting with the UIoT middleware, and the second aimed at comparing the DDS data collection with this same functionality implemented within the Kaa middleware.

Estimation of Anonymous Email Network Characteristics through Statistical Disclosure Attacks.

Social network analysis aims to obtain relational data from social systems to identify leaders, roles, and communities in order to model profiles or predict a specific behavior in users' network. Preserving anonymity in social networks is a subject of major concern. Anonymity can be compromised by disclosing senders' or receivers' identity, message content, or sender-receiver relationships. Under strongly incomplete information, a statistical disclosure attack is used to estimate the network and node characteristics such as centrality and clustering measures, degree distribution, and small-world-ness. A database of email networks in 29 university faculties is used to study the method. A research on the small-world-ness and Power law characteristics of these email networks is also developed, helping to understand the behavior of small email networks.

A Methodological Approach for Assessing Amplified Reflection Distributed Denial of Service on the Internet of Things.

Concerns about security on Internet of Things (IoT) cover data privacy and integrity, access control, and availability. IoT abuse in distributed denial of service attacks is a major issue, as typical IoT devices' limited computing, communications, and power resources are prioritized in implementing functionality rather than security features. Incidents involving attacks have been reported, but without clear characterization and evaluation of threats and impacts. The main purpose of this work is to methodically assess the possible impacts of a specific class-amplified reflection distributed denial of service attacks (AR-DDoS)-against IoT. The novel approach used to empirically examine the threat represented by running the attack over a controlled environment, with IoT devices, considered the perspective of an attacker. The methodology used in tests includes that perspective, and actively prospects vulnerabilities in computer systems. This methodology defines standardized procedures for tool-independent vulnerability assessment based on strategy, and the decision flows during execution of penetration tests (pentests). After validation in different scenarios, the methodology was applied in amplified reflection distributed denial of service (AR-DDoS) attack threat assessment. Results show that, according to attack intensity, AR-DDoS saturates reflector infrastructure. Therefore, concerns about AR-DDoS are founded, but expected impact on abused IoT infrastructure and devices will be possibly as hard as on final victims.

Improvement of atopic dermatitis-like skin lesions by IL-4 inhibition of P14 protein isolated from Lactobacillus casei in NC/Nga mice.

Atopic dermatitis (AD) is a chronic inflammatory skin disease, with a complex etiology encompassing immunologic responses. AD is frequently associated with elevated serum immunoglobulin (Ig) E levels and is exacerbated by a variety of environmental factors, which contribute to its pathogenesis. However, the etiology of AD remains unknown. Recently, reports have documented the role of lactic acid bacteria (LAB) in the treatment and prevention of AD in humans and mice. The LAB, Lactobacillus casei (LC), is frequently used in the treatment of AD. To identify the active component of LC, we screened fractions obtained from the ion exchange chromatography of LC extracts. Using this approach, we identified the candidate protein, P14. We examined whether the P14 protein has anti-atopic properties, using both in vitro and in vivo models. Our results showed that the P14 protein selectively downregulated serum IgE and interleukin-4 cytokine levels, as well as the AD index and scratching score in AD-like NC/Nga mice. In addition, histological examination was also effective in mice. These results suggest that the P14 protein has potential therapeutic effects and that it may also serve as an effective immunomodulatory agent for treating patients with AD.

Extracting association patterns in network communications.

In network communications, mixes provide protection against observers hiding the appearance of messages, patterns, length and links between senders and receivers. Statistical disclosure attacks aim to reveal the identity of senders and receivers in a communication network setting when it is protected by standard techniques based on mixes. This work aims to develop a global statistical disclosure attack to detect relationships between users. The only information used by the attacker is the number of messages sent and received by each user for each round, the batch of messages grouped by the anonymity system. A new modeling framework based on contingency tables is used. The assumptions are more flexible than those used in the literature, allowing to apply the method to multiple situations automatically, such as email data or social networks data. A classification scheme based on combinatoric solutions of the space of rounds retrieved is developed. Solutions about relationships between users are provided for all pairs of users simultaneously, since the dependence of the data retrieved needs to be addressed in a global sense.

The absence of ferroelectric polarization in layered and rock-salt ordered NaLnMnWO6 (Ln = La, Nd, Tb) perovskites.

The ordered perovskites, NaLnMnWO6 (Ln = La, Nd, Tb), are reported to exhibit simultaneous ordering of A-site cations (Na and Ln) in layered arrangement and B-site cations (Mn and W) in rock salt structure. They have been shown to crystallize in a monoclinic structure with the polar space group P21. Based on density functional calculations and group theoretical analysis, it has recently been proposed that NaLaMnWO6 should be ferroelectric with a relatively large polarization (16 µC cm(-2)). Contrary to this prediction, our electrical measurements such as conventional P-E loop, Positive-Up and Negative-Down (PUND), piezoelectric response and Second Harmonic Generation (SHG) reveal the absence of ferroelectric polarization in NaLnMnWO6 (Ln = La, Nd, Tb). A dielectric anomaly is observed just below room temperature (∼270 K) for all the three compounds, which is related to the change in conductivity as revealed by temperature dependent ac and dc resistivity. A pyrocurrent peak is also observed at the same temperature. However, its origin cannot be attributed to a ferroelectric transition.

A layered trust information security architecture.

Information can be considered the most important asset of any modern organization. Securing this information involves preserving confidentially, integrity and availability, the well-known CIA triad. In addition, information security is a risk management job; the task is to manage the inherent risks of information disclosure. Current information security platforms do not deal with the different facets of information technology. This paper presents a layered trust information security architecture (TISA) and its creation was motivated by the need to consider information and security from different points of view in order to protect it. This paper also extends and discusses security information extensions as a way of helping the CIA triad. Furthermore, this paper suggests information representation and treatment elements, operations and support components that can be integrated to show the various risk sources when dealing with both information and security. An overview of how information is represented and treated nowadays in the technological environment is shown, and the reason why it is so difficult to guarantee security in all aspects of the information pathway is discussed.

BRON: A blockchained framework for privacy information retrieval in human resource management.

The correctness and the true validated data in Human Resource Management (HRM) are important for organizations as the data plays an impactful role in recruiting, developing, and retaining a skilled workforce. On one hand, the validated data in an organization helps in recruiting legitimate skillful employees; on the other hand, keeping the employee's data safe and maintaining privacy laws such as compliance with the General Data Protection Regulation (GDPR) is also an organization's responsibility. Besides, transparency in human resource management operations is crucial because it promotes trust and fairness within an organization. The present HRM systems are centralized in nature and their verifiable credential system is ineffective; this leads to the intentions of internal data sabotage or internal threats. Besides, the organizations' biases also become more prominent. In this paper, we address the above-mentioned problems with a blockchain framework for HRM to utilize the privacy of data access through a Privacy Information Retrieval (PIR) process. To be specific, our proposed framework called Blockchained piR of resOurces as humaN (BRON), is the first blockchain framework to show an effective mechanism to access data from organizations globally without hampering privacy. BRON uses a generalized user registration process to use the services of data access and in the background, it uses Zero-Knowledge Proofs (ZKPs) for global verification and PIR for privacy-based data retrieval. More specifically, credential verification and ZKP-based PIR are the highlights of our proposed BRON. Another interesting aspect of BRON is the use of Proof-of-Authority (PoA) to validate the anonymity and unlinkability of any HR operation. Finally, BRON has also contributed with a smart contract to incentivize the employees. BRON is very generic and easily be customizable as per the HR requirements. We run a set of experiments on BRON and observe that it is successful in providing privacy-assured data access and decentralized human resource data management. Overall, BRON provides 30% reduced latency and 35% better throughput as compared to the existing blockchain solutions in the direction of HRM.

PODE: privacy-enhanced distributed federated learning approach for origin-destination estimation.

The statewide consumer transportation demand model analyzes consumers' transportation needs and preferences within a particular state. It involves collecting and analyzing data on travel behavior, such as trip purpose, mode choice, and travel patterns, and using this information to create models that predict future travel demand. Naturalistic research, crash databases, and driving simulations have all contributed to our knowledge of how modifications to vehicle design affect road safety. This study proposes an approach named PODE that utilizes federated learning (FL) to train the deep neural network to predict the truck destination state, and in the context of origin-destination (OD) estimation, sensitive individual location information is preserved as the model is trained locally on each device. FL allows the training of our DL model across decentralized devices or servers without exchanging raw data. The primary components of this study are a customized deep neural network based on federated learning, with two clients and a server, and the key preprocessing procedures. We reduce the number of target labels from 51 to 11 for efficient learning. The proposed methodology employs two clients and one-server architecture, where the two clients train their local models using their respective data and send the model updates to the server. The server aggregates the updates and returns the global model to the clients. This architecture helps reduce the server's computational burden and allows for distributed training. Results reveal that the PODE achieves an accuracy of 93.20% on the server side.