Gregory Epiphaniou

Guidelines for Internet of Things Deployment Approaches – The Thing Commandments

Abstract The Internet of Things (IoT) describes the interconnection of objects (or Things) for various purposes including identification, communication, sensing, and data collection. “Things” in this context range from traditional computing devices like Personal Computers (PC) to general household objects embedded with capabilities for sensing and/or communication through the use of technologies such as Radio Frequency Identification (RFID). This conceptual paper, from a philosophical viewpoint, introduces an initial set of guiding principles - also referred to in the paper as commandments - that can be applied by all the stakeholders involved in the IoT during its introduction, deployment and thereafter.

Affects of Queuing Mechanisms on RTP Traffic: Comparative Analysis of Jitter, End-to-End Delay and Packet Loss

The idea of converging voice and data into a best-effort service network, such as the Internet, has rapidly developed the need to effectively define the mechanisms for achieving preferential handling of traffic. This sense of QoS assurance has increased due to the enormous growth of users accessing networks, different types of traffic competing for available bandwidth and multiple services running on the core network, defined by different protocols and vendors. VoIP traffic behaviour has become a crucial element of the intrinsic QoS mainly affected by jitter, latency and packet loss rates. This paper focuses on three different mechanisms, DropTail (FIFO), RED and DiffServ, and their effects on real-time voice traffic. Measurements of jitter, end-to-end delay and packet loss, based on simulation scenarios using the NS-2 network simulator are also presented and analyzed.

A Survey of QoS-aware Web Service Composition Techniques

process of aggregating services with disparate functionalities into a new composite service in order to meet increasingly complex needs of users. Service composition process has been accurate on dealing with services having disparate functionalities, however, over the years the number of web services in particular that exhibit similar functionalities and varying Quality of Service (QoS) has significantly increased. As such, the problem becomes how to select appropriate web services such that the QoS of the resulting composite service is maximized or, in some cases, minimized. This constitutes an NP-hard problem as it is complicated and difficult to solve. In this paper, a discussion of concepts of web service composition and a holistic review of current service composition techniques proposed in literature is presented. Our review spans several publications in the field that can serve as a road map for future research.

How technology can mitigate and counteract cyber-stalking and online grooming

With the virtual world having become part of the social lives of adults and minors alike, new attack vectors emerged to increase the severity of human-related attacks to a level the community has not experienced before. This article investigates this phenomenon and shares an outline of how technology could develop further to counteract and mitigate the damage caused by online perpetrators. Cyber-stalking and online bullying can have devastating effects on individuals, but its affecting the workplace too. In response, relevant technology could be used to counteract and mitigate the damage caused by online perpetrators. Haider M al-Khateeb and Gregory Epiphaniou of the University of Bedfordshire approach this issue using an incident response methodology and discuss the role of machine learning to identify and classify such attacks. They also examine how digital forensic investigations can be carried out in order to analyse the nature of the offence and preserve evidence.

Cyberstalking: Investigating formal intervention and the role of Corporate Social Responsibility

Abstract Context Online harassment and stalking have been identified with growing accordance as anti-social behaviours, potentially with extreme consequences including indirect or direct physical injury, emotional distress and/or financial loss. Objective As part of our ongoing work to research and establish better understanding of cyberstalking, this study aims to investigate the role of Police, Mobile Operators, Internet Service Providers (ISPs) and owners/administrators of online platforms (e.g. websites, chatrooms) in terms of intervention in response to offences. We ask to what different authorities do people report incidents of cyberstalking? Do these authorities provide satisfactory responses or interventions? And how can this be improved? Furthermore, we discuss the role of Corporate Social Responsibility (CSR) to encourage the implementation of cyberstalking-aware schemes by service providers to support victims. In addition, CSR can be used as a means to measure the effects of externality factor in dictating the relationship between the impact of a given individuals’ privacy loss and strategic decisions on investment to security controls in an organisational context. Method A mixed method design has been used in this study. Data collection took place by means of an online survey made available for three years to record both qualitative and quantitative data. Overall, 305 participants responded from which 274 identified themselves as victims of online harassment. Result Our results suggest that most offences were communicated through private channels such as emails and/or mobile texts/calls. A significant number of victims did not report this to their service provider because they did not know they could. While Police were recognised as the first-point-of-contact in such cases, 41.6% of our sample did not contact the Police due to reasons such as fear of escalation, guilt/sympathy and self-blaming. Experiences from those who have reported offences to service providers demonstrate that no or very little support was offered. Overall, the majority of participants shared the view that third-party intervention is required on their behalf in order to mitigate risks associated with cyberstalking. An independent specialist anti-stalking organisation was a popular choice to act on their behalf followed by the Police and network providers. Conclusion Incidents are taking place on channels owned and controlled by large, cross-border international companies providing mobile services, webmail and social networking. The lack of support offered to victims in many cases of cyberstalking can be identified as Corporate Social Irresponsibility (CSI). We anticipate that awareness should be raised as regarding service providers’ liability and social responsibility towards adopting better strategies.

Fruit Fly Optimization Algorithm for Network-Aware Web Service Composition in the Cloud

Service Oriented Computing (SOC) provides a framework for the realization of loosely coupled service oriented applications. Web services are central to the concept of SOC. Currently, research into how web services can be composed to yield QoS optimal composite service has gathered significant attention. However, the number and spread of web services across the cloud data centers has increased, thereby increasing the impact of the network on composite service performance experienced by the user. Recently, QoS-based web service composition techniques focus on optimizing web service QoS attributes such as cost, response time, execution time, etc. In doing so, existing approaches do not separate QoS of the network from web service QoS during service composition. In this paper, we propose a network-aware service composition approach which separates QoS of the network from QoS of web services in the Cloud. Consequently, our approach searches for composite services that are not only QoS-optimal but also have optimal QoS of the network. Our approach consists of a network model which estimates the QoS of the network in the form of network latency between services on the cloud. It also consists of a service composition technique based on fruit fly optimization algorithm which leverages the network model to search for low latency compositions without compromising service QoS levels. The approach is discussed and the results of evaluation are presented. The results indicate that the proposed approach is competitive in finding QoS optimal and low latency solutions when compared to recent techniques.

A Model for Android and iOS Applications Risk Calculation: CVSS Analysis and Enhancement Using Case-Control Studies

Various researchers have shown that the Common Vulnerability Scoring System (CVSS) has many drawbacks and may not provide a precise view of the risks related to software vulnerabilities. However, many threat intelligence platforms and industry-wide standards are relying on CVSS score to evaluate cyber security compliance. This paper suggests several improvements to the calculation of Impact and Exploitability sub-scores within the CVSS, improve its accuracy and help threat intelligence analysts to focus on the key risks associated with their assets. We will apply our suggested improvements against risks associated with several Android and iOS applications and discuss achieved improvements and advantages of our modelling, such as the importance and the impact of time on the overall CVSS score calculation.

Adaptive Traffic Fingerprinting for Darknet Threat Intelligence

Darknet technology such as Tor has been used by various threat actors for organising illegal activities and data exfiltration. As such there is a case for organisations to block such traffic, or to try and identify when it is used and for what purposes. However, anonymity in cyberspace has always been a domain of conflicting interests. While it gives enough power to nefarious actors to masquerade their illegal activities, it is also the corner stone to facilitate freedom of speech and privacy. We present a proof of concept for a novel algorithm that could form the fundamental pillar of a darknet-capable Cyber Threat Intelligence platform. The solution can reduce anonymity of users of Tor, and considers the existing visibility of network traffic before optionally initiating targeted or widespread BGP interception. In combination with server HTTP response manipulation, the algorithm attempts to reduce the candidate data set to eliminate client-side traffic that is most unlikely to be responsible for server-side connections of interest. Our test results show that MITM manipulated server responses lead to expected changes received by the Tor client. Using simulation data generated by shadow, we show that the detection scheme is effective with false positive rate of 0.001, while sensitivity detecting non-targets was 0.016±0.127. Our algorithm could assist collaborating organisations willing to share their threat intelligence or cooperate during investigations.

Classification of colloquial Arabic tweets in real-time to detect high-risk floods

Twitter has eased real-time information flow for decision makers, it is also one of the key enablers for Open-source Intelligence (OSINT). Tweets mining has recently been used in the context of incident response to estimate the location and damage caused by hurricanes and earthquakes. We aim to research the detection of a specific type of high-risk natural disasters frequently occurring and causing casualties in the Arabian Peninsula, namely ‘floods’. Researching how we could achieve accurate classification suitable for short informal (colloquial) Arabic text (usually used on Twitter), which is highly inconsistent and received very little attention in this field. First, we provide a thorough technical demonstration consisting of the following stages: data collection (Twitter REST API), labelling, text pre-processing, data division and representation, and training models. This has been deployed using ‘R’ in our experiment. We then evaluate classifiers’ performance via four experiments conducted to measure the impact of different stemming techniques on the following classifiers SVM, J48, C5.0, NNET, NB and k-NN. The dataset used consisted of 1434 tweets in total. Our findings show that Support Vector Machine (SVM) was prominent in terms of accuracy (F1=0.933). Furthermore, applying McNemar’s test shows that using SVM without stemming on Colloquial Arabic is significantly better than using stemming techniques.

A Novel Anonymity Quantification and Preservation Model for UnderNet Relay Networks

With the wide spread of Internet applications in both the surface net (Internet) and Darknet, the necessity to safeguard privacy and anonymity has become more prominent than ever. In an attempt to assure untraceability and undetectability between entities, as part of the communication process, traditional confidentiality mechanisms have proved insufficient to address attacks against those principles. In addition, different international laws and cross-continental cybercrimes become immune from being affected by a global public policy on how data traffic should be treated. In this article, a holistic view of anonymity preservation approaches and techniques is given with emphasis on the partial articulation of a novel anonymity preservation model based on infrastructure elements, circuit attributes and adversarial engagement rates on clustered and unindexed portions of the cyberspace.