Incremental Composition Process for the Construction of Component-Based Management Systems.

Cyber-physical systems (CPS) are composed of software and hardware components. Many such systems (e.g., IoT based systems) are created by composing existing systems together. Some of these systems are of critical nature, e.g., emergency or disaster management systems. In general, component-based development (CBD) is a useful approach for constructing systems by composing pre-built and tested components. However, for critical systems, a development method must provide ways to verify the partial system at different stages of the construction process. In this paper, for system architectures, we propose two styles: rigid architecture and flexible architecture. A system architecture composed of independent components by coordinating exogenous connectors is in flexible architecture style category. For CBD of critical systems, we select EX-MAN from flexible architecture style category. Moreover, we define incremental composition mechanism for this model to construct critical systems from a set of system requirements. Incremental composition is defined to offer preservation of system behaviour and correctness of partial architecture at each incremental step. To evaluate our proposed approach, a case study of weather monitoring system (part of a disaster management) system was built using our EX-MAN tool.

MARC: A Novel Framework for Detecting MITM Attacks in eHealthcare BLE Systems.

Real-time and ubiquitous patient monitoring demands the use of wireless data acquisition through resource constrained medical sensors, mostly configured with No-input No-output (NiNo) capabilities. Bluetooth is one of the most popular and widely adopted means of communicating this sensed information to a mobile terminal. However, over simplified implementations of Bluetooth low energy (BLE) protocol in eHealth sector is susceptible to several wireless attacks, in particular the Man-in-the-Middle (MITM) attack. The issue arises due to a lack of mutual authentication and integrity protection between the communicating devices, which may lead to compromise of confidentiality, availability and even the integrity of this safety-critical information. This research paper presents a novel framework named MARC to detect, analyze, and mitigate Bluetooth security flaws while focusing upon MITM attack against NiNo devices. For this purpose, a comprehensive solution has been proposed, which can detect MITM signatures based upon four novel anomaly detection metrics: analyzing Malicious scan requests, Advertisement intervals, RSSI levels, and Cloned node addresses. The proposed solution has been evaluated through practical implementation and demonstration of different attack scenarios, which show promising results concerning accurate and efficient detection of MITM attacks.

Forensic Analysis of Tor Browser: A Case Study for Privacy and Anonymity on the Web.

Web browsers are among the most commonly used applications to access the web from any platform nowadays. With recent digital incidents involving breach of data, users are becoming more cognizant of the threat posed by malicious actors having access to personal data as well as vulnerable applications which may compromise their data. For this very reason, users are being offered privacy preserving solutions for trust maturity. The onion router (Tor) browser is one such application which not only ensures the privacy preservation goals but also provides promising anonymity. Due to this feature, majority of the users use Tor browser for normal use as well as malign activities. In order to validate the claims of Tor browser and help digital forensic investigators and researchers, we created different scenarios to forensically analyze the Tor browser privacy and anonymity. As a result of the findings, it can be concluded that the Tor browser leaves plethora of sensitive digital artifacts on host machine, which can be further used to compromise user data.