Aniello Castiglione

Smart Cloud Storage Service Selection Based on Fuzzy Logic, Theory of Evidence and Game Theory

Cloud platforms encompass a large number of storage services that can be used to manage the needs of customers. Each of these services, offered by a different provider, is characterized by specific features, limitations and prices. In presence of multiple options, it is crucial to select the best solution fitting the customer requirements in terms of quality of service and costs. Most of the available approaches are not able to handle uncertainty in the expression of subjective preferences from customers, and can result in wrong (or sub-optimal) service selections in presence of rational/selfish providers, exposing untrustworthy indications concerning the quality of service levels and prices associated to their offers. In addition, due to its multi-objective nature, the optimal service selection process results in a very complex task to be managed, when possible, in a distributed way, for well-known scalability reasons. In this work, we aim at facing the above challenges by proposing three novel contributions. The fuzzy sets theory is used to express vagueness in the subjective preferences of the customers. The service selection is resolved with the distributed application of fuzzy inference or Dempster-Shafer theory of evidence. The selection strategy is also complemented by the adoption of a game theoretic approach for promoting truth-telling ones among service providers. We present empirical evidence of the proposed solution effectiveness through properly crafted simulation experiments.

Taking advantages of a disadvantage: Digital forensics and steganography using document metadata

All the information contained in a plain-text document are visible to everybody. On the other hand, compound documents using opaque formats, like Microsoft Compound Document File Format, may contain undisclosed data such as authors name, organizational information of users involved, previously deleted text, machine related information, and much more. Those information could be exploited by third party for illegal purposes. Computer users are unaware of the problem and, even though the Internet offers several tools to clean hidden data from documents, they are not widespread. Furthermore, there is only one paper about this problem in scientific literature, but there is no detailed analysis. In this paper we fill the gap, analyzing the problem with its causes and then we show how to take advantage of this issue: we show how hidden data may be extracted to gain evidence in forensic environment where even a small piece of information may be relevant and we also introduce a new stegosystem especially designed for Microsoft Office documents. We developed FTA, a tool to improve forensic analysis of Microsoft Office documents, and StegOle, another tool that implements a new stegosystem for Microsoft Office documents. This is the first scientific paper to address the problem from both a steganographic and a forensic point of view.

Interconnecting Federated Clouds by Using Publish-Subscribe Service

Cloud Federation is an emerging computing model where multiple resources from independent Cloud providers are leveraged to create large-scale distributed virtual computing clusters, operating as into a single Cloud organization. This model enables the implementation of environmental diversity for Cloud applications, and overcomes the provisioning and scalability limits of a single Cloud, by introducing minimal additional cost for the Cloud consumer. In such a scenario, it is necessary to leverage on specific networking technologies that enable the effective support of inter-Cloud communication services between Cloud providers. This paper proposes an interconnection solution for Cloud federations based on publish/subscribe services. Moreover, we discuss some fundamental concerns needed to satisfy the inter-Cloud communication requirements in terms of reliability and availability. Finally, we present some experimental results that highlight some key reliability and denial of service vulnerability concerns in this domain.

Cloud-based adaptive compression and secure management services for 3D healthcare data

Several studies show that the lack of access to resources and shared data is one of the main causes of errors in the healthcare sector. In particular, 3D medical images play a fundamental role in healthcare environment, but they are typically very large in size. Therefore, their management, which should be performed also by means of devices with limited characteristics, requires complex network protocols along with advanced compression and security techniques. This work concerns the secure management of 3D medical images, with the main aim that such management must take place in an almost completely transparent manner for the end-user, regardless of the computational and networking capabilities he may use. In particular, our contribution is twofold: first, we propose an engine for lossless dynamic and adaptive compression of 3D medical images, which also allows the embedding of security watermarks within them. Furthermore, in order to provide effective, secure and flexible access to healthcare resources that need to be managed by medical applications, we define the architecture of a SaaS Cloud system, which is based on the aforementioned engine. The resulting architecture allows devices with totally different and heterogeneous hardware and software characteristics to interact among them, so that these differences are almost completely transparent to the end-user. A Cloud-based solution for lossless dynamic and adaptive compression of 3D medical images.Management of such data may be considered as an atypical Big Data problem.It provides SaaS services based on an elastic and on-demand peer to peer overlay infrastructure.It also provides effective, secure and flexible access to healthcare resources that need to be managed by medical applications.Allows devices with totally different and heterogeneous hardware and software characteristics to interact among them.

A distributed approach to network anomaly detection based on independent component analysis

Network anomalies, circumstances in which the network behavior deviates from its normal operational baseline, can be due to various factors such as network overload conditions, malicious/hostile activities, denial of service attacks, and network intrusions. New detection schemes based on machine learning principles are therefore desirable as they can learn the nature of normal traffic behavior and autonomously adapt to variations in the structure of ‘normality’ as well as recognize the significant deviations as suspicious or anomalous events. The main advantages of these techniques are that, in principle, they are not restricted to any specific environment and that they can provide a way of detecting unknown attacks. Detection performance is directly correlated with the traffic model quality, in terms of ability of representing the traffic behavior from its most characterizing internal dynamics. Starting from these ideas, we developed a two‐stage anomaly detection strategy based on multiple distributed sensors located throughout the network. By using Independent Component Analysis, the first step, modeled as a Blind Source Separation problem, extracts the fundamental traffic components (the ‘source’ signals), corresponding to the independent traffic dynamics, from the multidimensional time series incoming from the sensors, corresponding to the perceived ‘mixed/aggregate’ effect of traffic on their interfaces. These components will be used to build the baseline traffic profiles needed in the second supervised phase, based on a binary classification scheme (detection is casted into an anomalous/normal classification problem) driven by machine learning‐inferred decision trees. Copyright

A knowledge-based platform for Big Data analytics based on publish/subscribe services and stream processing

Knowledge-based solution for automatic schema mapping to manage data heterogeneity.Automatic ontology extraction and semantic inference for novel Big Data analytics.Integration with publish/subscribe services for large-scale analytics infrastructures. Big Data analytics is considered an imperative aspect to be further improved in order to increase the operating margin of both public and private enterprises, and represents the next frontier for their innovation, competition, and productivity. Big Data are typically produced in different sectors of the above organizations, often geographically distributed throughout the world, and are characterized by a large size and variety. Therefore, there is a strong need for platforms handling larger and larger amounts of data in contexts characterized by complex event processing systems and multiple heterogeneous sources, dealing with the various issues related to efficiently disseminating, collecting and analyzing them in a fully distributed way.In such a scenario, this work proposes a way to overcome two fundamental issues: data heterogeneity and advanced processing capabilities. We present a knowledge-based solution for Big Data analytics, which consists in applying automatic schema mapping to face with data heterogeneity, as well as ontology extraction and semantic inference to support innovative processing. Such a solution, based on the publish/subscribe paradigm, has been evaluated within the context of a simple experimental proof-of-concept in order to determine its performance and effectiveness.

An Extensible Framework for Efficient Secure SMS

Nowadays, Short Message Service (SMS) still represents the most used mobile messaging service. SMS messages are used in many different application fields, even in cases where security features, such as authentication and confidentiality between the communicators, must be ensured. Unfortunately, the SMS technology does not provide a built-in support for any security feature. This work presents SEESMS (Secure Extensible and Efficient SMS), a software framework written in Java which allows two peers to exchange encrypted and digitally signed SMS messages. The communication between peers is secured by using public-key cryptography. The key-exchange process is implemented by using a novel and simple security protocol which minimizes the number of SMS messages to use. SEESMS supports the encryption of a communication channel through the ECIES and the RSA algorithms. The identity validation of the contacts involved in the communication is implemented through the RSA, DSA and ECDSA signature schemes. SEESMS is able to certify the phone number of the peers using the framework. Additional cryptosystems can be coded and added to SEESMS as plug-ins. Special attention has been devoted to the implementation of an efficient framework in terms of energy consumption and execution time. This efficiency is obtained in two steps. First, all the cryptosystems available in the framework are implemented using mature and fully optimized cryptographic libraries. Second, an experimental analysis was conducted to determine which combination of cryptosystems and security parameters were able to provide a better trade-off in terms of speed/security and energy consumption. This experimental analysis has also been useful to expose some serious performance issues affecting the cryptographic libraries which are commonly used to implement security features on mobile devices.

A Novel Anti-forensics Technique for the Android OS

In recent years traditional mobile-phones, used only to make calls and send text messages, have evolved into even more versatile and powerful devices (smart phones, tablets, etc.). These devices use a NAND flash memory type to store data, due to it being a memory that has been optimized for the fast updating of data. These flash memory drives usually contain sensitive data that could be a possible danger to the users privacy. This paper proposes a new anti-forensics technique for mobile devices with the Android OS. The technique makes it possible to modify and erase, securely and selectively, the digital evidence on an Android device without having to use any cryptographic primitives or make any file system changes. While the use of cryptographic primitives or changes to the file system create considerable suspicion in a forensic analysis, the proposed technique uses simple software tools commonly used in *nix-like OSes such as the Android OS.

Modeling energy-efficient secure communications in multi-mode wireless mobile devices

Mobile terminals support multiple and heterogeneous communication technologies.We study energy-related dynamics of secure communications among mobile terminals.We formulate an energy model which considers communication and security activities.The model is useful to minimize the overall energy consumption of involved terminals.The model has been validated through simulation. Despite the wide deployment of advanced wireless coverage infrastructures, finding the best way for achieving secure mobile communication in every-days life activities is still an open question. Indeed, a large number of mobile terminals, supporting multiple networking technologies, may be used to manage data from everywhere and at anytime. However, the effort required for achieving security, given the complexity of cryptographic algorithms, heavily affects the power consumption of terminals. Such energy demand, together with the one required to manage communication activities, makes energy-efficient secure communication among hardware-constrained handheld devices a challenging topic.In this work, we introduce an analytic energy model for secure communication among multi-mode terminals. This model describes the energy consumption of mobile terminals operating within a dynamic network scenario, considering both their interconnection and secure data exchange issues, in order to develop adaptive strategies for energy-efficient secure communications. Finally, the model has been validated through simulation.

A Forensic Analysis of Images on Online Social Networks

The Web 3.0 is approaching fast and the Online Social Networks (OSNs) are becoming more and more pervasive in today daily activities. A subsequent consequence is that criminals are running at the same speed as technology and most of the time highly sophisticated technological machineries are used by them. Images are often involved in illicit or illegal activities, with it now being fundamental to try to ascertain as much as information on a given image as possible. Today, most of the images coming from the Internet flow through OSNs. The paper analyzes the characteristics of images published on some OSNs. The analysis mainly focuses on how the OSN processes the uploaded images and what changes are made to some of the characteristics, such as JPEG quantization table, pixel resolution and related metadata. The experimental analysis was carried out in June-July 2011 on Facebook, Badoo and Google+. It also has a forensic value: it can be used to establish whether an image has been downloaded from an OSN or not.