A Survey on Quantitative Risk Estimation Approaches for Secure and Usable User Authentication on Smartphones.

Mobile user authentication acts as the first line of defense, establishing confidence in the claimed identity of a mobile user, which it typically does as a precondition to allowing access to resources in a mobile device. NIST states that password schemes and/or biometrics comprise the most conventional user authentication mechanisms for mobile devices. Nevertheless, recent studies point out that nowadays password-based user authentication is imposing several limitations in terms of security and usability; thus, it is no longer considered secure and convenient for the mobile users. These limitations stress the need for the development and implementation of more secure and usable user authentication methods. Alternatively, biometric-based user authentication has gained attention as a promising solution for enhancing mobile security without sacrificing usability. This category encompasses methods that utilize human physical traits (physiological biometrics) or unconscious behaviors (behavioral biometrics). In particular, risk-based continuous user authentication, relying on behavioral biometrics, appears to have the potential to increase the reliability of authentication without sacrificing usability. In this context, we firstly present fundamentals on risk-based continuous user authentication, relying on behavioral biometrics on mobile devices. Additionally, we present an extensive overview of existing quantitative risk estimation approaches (QREA) found in the literature. We do so not only for risk-based user authentication on mobile devices, but also for other security applications such as user authentication in web/cloud services, intrusion detection systems, etc., that could be possibly adopted in risk-based continuous user authentication solutions for smartphones. The target of this study is to provide a foundation for organizing research efforts toward the design and development of proper quantitative risk estimation approaches for the development of risk-based continuous user authentication solutions for smartphones. The reviewed quantitative risk estimation approaches have been divided into the following five main categories: (i) probabilistic approaches, (ii) machine learning-based approaches, (iii) fuzzy logic models, (iv) non-graph-based models, and (v) Monte Carlo simulation models. Our main findings are summarized in the table in the end of the manuscript.

Blockchain-Based Security Mechanisms for IoMT Edge Networks in IoMT-Based Healthcare Monitoring Systems.

Despite the significant benefits that the rise of Internet of Medical Things (IoMT) can bring into citizens' quality of life by enabling IoMT-based healthcare monitoring systems, there is an urgent need for novel security mechanisms to address the pressing security challenges of IoMT edge networks in an effective and efficient manner before they gain the trust of all involved stakeholders and reach their full potential in the market of next generation IoMT-based healthcare monitoring systems. In this context, blockchain technology has been foreseen by the industry and research community as a disruptive technology that can be integrated into novel security solutions for IoMT edge networks, as it can play a significant role in securing IoMT devices and resisting unauthorized access during data transmission (i.e., tamper-proof transmission of medical data). However, despite the fact that several blockchain-based security mechanisms have already been proposed in the literature for different types of IoT edge networks, there is a lack of blockchain-based security mechanisms for IoMT edge networks, and thus more effort is required to be put on the design and development of security mechanisms relying on blockchain technology for such networks. Towards this direction, the first step is the comprehensive understanding of the following two types of blockchain-based security mechanisms: (a) the very few existing ones specifically designed for IoMT edge networks, and (b) those designed for other types of IoT networks but could be possibly adopted in IoMT edge networks due to similar capabilities and technical characteristics. Therefore, in this paper, we review the state-of-the-art of the above two types of blockchain-based security mechanisms in order to provide a foundation for organizing research efforts towards the design and development of reliable blockchain-based countermeasures, addressing the pressing security challenges of IoMT edge networks in an effective and efficient manner.

Generating Datasets for Anomaly-Based Intrusion Detection Systems in IoT and Industrial IoT Networks.

Over the past few years, we have witnessed the emergence of Internet of Things (IoT) and Industrial IoT networks that bring significant benefits to citizens, society, and industry. However, their heterogeneous and resource-constrained nature makes them vulnerable to a wide range of threats. Therefore, there is an urgent need for novel security mechanisms such as accurate and efficient anomaly-based intrusion detection systems (AIDSs) to be developed before these networks reach their full potential. Nevertheless, there is a lack of up-to-date, representative, and well-structured IoT/IIoT-specific datasets which are publicly available and constitute benchmark datasets for training and evaluating machine learning models used in AIDSs for IoT/IIoT networks. Contribution to filling this research gap is the main target of our recent research work and thus, we focus on the generation of new labelled IoT/IIoT-specific datasets by utilising the Cooja simulator. To the best of our knowledge, this is the first time that the Cooja simulator is used, in a systematic way, to generate comprehensive IoT/IIoT datasets. In this paper, we present the approach that we followed to generate an initial set of benign and malicious IoT/IIoT datasets. The generated IIoT-specific information was captured from the Contiki plugin "powertrace" and the Cooja tool "Radio messages".

Hepatorenal Revascularization Enables Endovascular Aneurysm Repair on a Patient with Abdominal Aortic Aneurysm and an Ectopic Right Renal Artery.

In last 30 years, the endovascular aneurysm repair (EVAR) has become the standard method of treatment of abdominal aortic aneurysms (AAAs). Nevertheless, the method has limitations mainly based on the anatomic characteristics of the specific aneurysm. In these cases, a combination of endovascular and open techniques can be used. We describe a case of a patient with an infrarenal AAA and an ectopic right renal artery emerging from within the aneurysm sac. The patient was treated with a combination of endovascular and open techniques. In particular, he underwent a hepatorenal revascularization followed by a standard EVAR procedure, with a successful final outcome. For the treatment of AAA disease, the combination of open and endovascular procedures can overcome difficulties, where a standard EVAR cannot be an option.

Effect of diabetes mellitus on the clinical outcome of lower limb arterial bypass surgery: A propensity score analysis.

Objectives Diabetic patients who undergo lower limb arterial bypass surgery are considered to have a worse clinical outcome compared to non-diabetics. The aim of the study was to test this hypothesis after applying propensity score matching analysis. Patients and methods A total of 113 consecutive lower limb bypass procedures (55 diabetic and 58 non-diabetic) were evaluated regarding their clinical outcome. Endpoints of the study included amputation-free survival, limb salvage, patency and patients' survival up to 36 months post-procedure. After propensity score matching analysis, two new groups, diabetic and non-diabetic, of 31 limbs in each one were created, both equivalent regarding all baseline characteristics. Results Between the propensity score matching groups, the amputation-free survival was 68.8% in the non-diabetic and 37.7% in the diabetic group at 36 months ( p = 0.004). Similarly, the survival was 88.6% and 57.6%, respectively, in the two groups at the same time point ( p = 0.01). On the contrary, no difference was found in patency (58.3% vs. 56%) and in limb salvage rate (74.1% vs. 60.8%). Conclusions Lower limbs arterial bypass surgery has similar results regarding patency and limb salvage rate in diabetic and non-diabetic patients. On the contrary, mortality is worse in diabetic patients, this affecting negatively their amputation-free survival.

Endovascular reconstruction of iliac artery bifurcation atherosclerotic disease with the kissing technique.

A 71-year-old male patient with severe left buttock and lower-extremity claudication due to iliac artery bifurcation stenoses was referred to our institution for endovascular treatment. A 'kissing' technique was used in order to dilate the proximal parts of both internal and external iliac arteries and avoid compromization of the internal iliac artery during proximal external iliac artery stenting. A balloon expandable stent was inserted via a left ipsilateral retrograde access to the narrowed origin of the left external iliacartery and a balloon catheter via a right contralateral access inside the origin of the left internal iliac artery. Simultaneous balloons inflation restored full patency of both vessels. Twelve months later the patient is doing well, free of buttock or lower-extremity claudication symptoms. For iliac artery bifurcation atherosclerotic disease, endovascular repair with the 'kissing' technique can achieve a complete bifurcation reconstruction offering significant clinical benefit in selected patients.

PKI security in large-scale healthcare networks.

During the past few years a lot of PKI (Public Key Infrastructures) infrastructures have been proposed for healthcare networks in order to ensure secure communication services and exchange of data among healthcare professionals. However, there is a plethora of challenges in these healthcare PKI infrastructures. Especially, there are a lot of challenges for PKI infrastructures deployed over large-scale healthcare networks. In this paper, we propose a PKI infrastructure to ensure security in a large-scale Internet-based healthcare network connecting a wide spectrum of healthcare units geographically distributed within a wide region. Furthermore, the proposed PKI infrastructure facilitates the trust issues that arise in a large-scale healthcare network including multi-domain PKI infrastructures.

Group profile management in ubiquitous healthcare environment.

Nowadays, ubiquitous healthcare is of utmost importance in the patient-centric model. Furthermore, the personalization of ubiquitous healthcare services plays a very important role to make the patient-centric model a reality. The personalization of the ubiquitous healthcare services is based on the profiles of the entities participating in these services. In this paper, we propose a group profile management system in a ubiquitous healthcare environment. The proposed system is responsible for the dynamic creation of a group profile and its management.

Integrity mechanism for eHealth tele-monitoring system in smart home environment.

During the past few years, a lot of effort has been invested in research and development of eHealth tele-monitoring systems that will provide many benefits for healthcare delivery from the healthcare provider to the patient's home. However, there is a plethora of security requirements in eHealth tele-monitoring systems. Data integrity of the transferred medical data is one of the most important security requirements that should be satisfied in these systems, since medical information is extremely sensitive information, and even sometimes life threatening information. In this paper, we present a data integrity mechanism for eHealth tele-monitoring system that operates in a smart home environment. Agent technology is applied to achieve data integrity with the use of cryptographic smart cards. Furthermore, the overall security infrastructure and its various components are described.