Hoh Peter In

Selfish attacks and detection in cognitive radio Ad-Hoc networks

Cognitive radio is an opportunistic communication technology designed to help unlicensed users utilize the maximum available licensed bandwidth. Cognitive radio has recently attracted a lot of research interest. However, little research has been done regarding security in cognitive radio, while much more research has been done on spectrum sensing and allocation problems. A selfish cognitive radio node can occupy all or part of the resources of multiple channels, prohibiting other cognitive radio nodes from accessing these resources. Selfish cognitive radio attacks are a serious security problem because they significantly degrade the performance of a cognitive radio network. In this article we identify a new selfish attack type in cognitive radio ad-hoc networks and propose an easy and efficient selfish cognitive radio attack detection technique, called COOPON, with multichannel resources by cooperative neighboring cognitive radio nodes.

Identifying quality-requirement conflicts

One of the biggest risks in software requirements engineering is the risk of overemphasizing one quality attribute requirement (e.g., performance) at the expense of others at least as important (e.g., evolvability and portability). The paper describes an exploratory knowledge based tool for identifying potential conflicts among quality attributes early in the software/ system life cycle. The Quality Attribute Risk and Conflict Consultant (QARCC) examines the quality attribute tradeoffs involved in software architecture and process strategies. It operates in the context of the USC CSE WinWin system, a groupware support system for determining software and system requirements as negotiated win conditions. We have developed and experimented with an initial QARCC 1 prototype. We are using the results of the experiment to develop an improved QARCC 2 tool. From our initial experimentation, we concluded that QARCC can alert users, developers, customers, and other stakeholders to conflicts among their software quality requirements and can help them identify additional, potentially important quality requirements. We also concluded that QARCC needs further refinement to avoid overloading users with insignificant quality conflict suggestions. We are now refining the knowledge base to address more detailed quality attributes in a more selective fashion.

From requirements negotiation to software architecture decisions

Architecture design and requirements negotiations are conceptually tightly related but often performed separately in real-world software development projects. As our prior case studies have revealed, this separation causes uncertainty in requirements negotiation that hinders progress, limits the success of architecture design, and often leads to wasted effort and substantial re-work later in the development life-cycle. Explicit requirements elicitation and negotiation is needed to be able to appropriately consider and evaluate architecture alternatives and the architecture alternatives need be understood during requirements negotiation. This paper propose the WinCBAM framework, extending an architecture design method, called cost benefit analysis method (CBAM) framework to include an explicit requirements negotiation component based on the WinWin methodology. We then provide a retrospective case study that demonstrates the use of the WinCBAM. We show that the integrated method is substantially more powerful than the WinWin and CBAM methods performed separately. The integrated method can assist stakeholders to elicit, explore, evaluate, negotiate, and agree upon software architecture alternatives based on each of their requirement Win conditions. By understanding the architectural implication of requirements they can be negotiated more successfully: potential requirements conflicts can be discovered or alleviated relatively early in the development life-cycle.

A quality-based cost estimation model for the product line life cycle

In reusing common organizational assets, the software product line (SPL) provides substantial business opportunities for reducing the unit cost of similar products, improving productivity, reducing time to market, and promoting customer satisfaction [4]. By adopting effective product line practices, return on investment (ROI) becomes increasingly critical in the decision-making process. The majority of SPL cost estimation and ROI models [5-9] confine themselves to software development costs and savings. However, if software quality cost is considered in the spectrum of the SPL < life cycle, product lines can result in considerably larger payoffs, compared to non-product lines. This article proposes a quality-based product line life cycle cost estimation model, called qCOPLIMO, and investigates the effect of software quality cost on the ROI ofSPL. qCOPLIMO is derived from two COCOMO suite models: COPLIMO and COQUALMO, as presented in Figure 1. COPLIMO [2] provides a baseline cost estimation model of the product line life cycle, and COQUALMO [3] estimates the number of residual defects. These models are used to estimate software quality cost. Both models are an extension of COCOMO II [1].

Situation-aware contract specification language for middleware for ubiquitous computing

Ubicomp applications are characterized as situation-aware, frequently-and-ephemerally-communicated and QoS-properties-associated. Using middleware to provide multiple QoS support for these ubicomp applications will enhance the development of the ubicomp applications. To satisfy the different QoS requirements of various applications in ubicomp environments, which are heterogeneous and resource-variant, it is important for the underlining middleware to adapt to different QoS requirements and environments. Situation-Aware Contract Specification Language (SA-CSL) specifies the QoS requirements of the applications. The specification includes requirements in situation-awareness, real-time constraints and security properties. This specification is used to customize the middleware architecture to better satisfy these requirements. SA-CSL is based on the Separation of Concern (SoC) discipline used in the Aspect-Oriented Software Development (AOSD). It specifies the crosscutting aspects of situation-awareness, real-time constraints and security property separately. Because of the object-oriented design, SA-CSL is open for incorporating new QoS properties specification.

A security risk analysis model for information systems

Information security is a crucial technique for an organization to survive in these days. However, there is no integrated model to assess the security risk quantitatively and optimize its resources to protect organization information and assets effectively. In this paper, an integrated, quantitative risk analysis model is proposed including asset, threat and vulnerability evaluations by adapting software risk management techniques. It is expected to analyze security risk effectively and optimize resources to mitigate the risk.

Cyber Threat Trend Analysis Model Using HMM

Prevention is normally recognized as one of the best defense strategy against malicious hackers or attackers. The desire of deploying better prevention mechanisms has motivated many security researchers and practitioners, who are studies threat trend analysis models. However, threat trend is not directly revealed from the time-series data because the trend is implicit in its nature. Besides, traditional time-series analysis, which predicts the future trend pattern by relying exclusively on the past trend pattern, is not appropriate for predicting a trend pattern in dynamic network environments (e.g., the Internet). Thus, supplemental environmental information is required to uncover a trend pattern from the implicit (or hidden) raw data. In this paper, we propose cyber threat trend analysis model using hidden Markov model (HMM) by incorporating the supplemental environmental information into the trend analysis.

A requirements negotiation model based on multi-criteria analysis

Many software projects have failed because their requirements were poorly negotiated among stakeholders. Requirements negotiation is more critical than other factors such as tools, process maturity, and design methods. The WinWin negotiation model successfully supports general requirements negotiation. However, making decisions to evaluate alternatives is still an ad-hoc process. This paper presents a systematic model, called Multi-Criteria Preference Analysis Requirements Negotiation (MPARN) to assist stakeholders to evaluate, negotiate and agree upon alternatives among stakeholders using multi-criteria preference analysis techniques.

A scheme for data confidentiality in Cloud-assisted Wireless Body Area Networks

Abstract The integration of Wireless Body Area Networks with a cloud computing platform creates a new digital ecosystem with advanced features called Cloud-assisted Wireless Body Area Networks. This ecosystem enables users to globally access e-healthcare services at competitive costs. However, the secure data communications between the cloud and Wireless Body Area Networks are critical because the data is related to users’ privacy information. In this paper, we propose the Multi-valued and Ambiguous Scheme to capture data confidentiality in the Cloud-assisted Wireless Body Area Networks since it is the most important issue. The approach combining the scheme with existing encryption schemes provides a general paradigm for deploying applications. The obtained results show that secure data communications between the cloud and Wireless Body Area Networks can be achieved.

An adaptive FEC mechanism using cross-layer approach to enhance quality of video transmission over 802.11 WLANs

Forward Error Correction (FEC) techniques have been adopted to overcome packet losses and to improve the quality of video delivery. The efficiency of the FEC has been significantly compromised, however, due to the characteristics of the wireless channel such as burst packet loss, channel fluctuation and lack of Quality of Service (QoS) support. We propose herein an Adaptive Cross-layer FEC mechanism (ACFEC) to enhance the quality of video streaming over 802.11 WLANs. Under the conventional approaches, FEC functions are implemented on the application layer, and required feedback information to calculate redundancy rates. Our proposed ACFEC mechanism, however, leverages the functionalities of different network layers. The Automatic Repeat reQuest (ARQ) function on the Media Access Control (MAC) layer can detect packet losses. Through cooperation with the User Datagram Protocol (UDP), the redundancy rates are adaptively controlled based on the packet loss information. The experiment results demonstrate that the ACFEC mechanism is able to adaptively adjust and control the redundancy rates and, thereby, to overcome both of temporary and persistent channel fluctuations. Consequently, the proposed mechanism, under various network conditions, performs better in recovery than the conventional methods, while generating a much less volume of redundant traffic.