Sk. Md. Mizanur Rahman

Private key agreement and secure communication for heterogeneous sensor networks

Key management is an important building block for all security operations in sensor networks. Most existing key management schemes try to establish shared keys for all pairs of neighbor sensors; hence, a large number of keys need to be preloaded on each sensor, which necessitates a large key space for the nodes in the network. The recent trend in research is to mainly consider homogeneous sensor networks, and to a lesser degree heterogeneous sensor networks, for key management. In this paper, we propose a novel key agreement protocol which is based on pairing-based cryptography over an elliptic curve. Using this protocol, any two nodes that need to communicate can independently compute the same secret key by using pairing and identity-based encryption properties. The proposed protocol significantly reduces the key space of a node. Additionally, the security analysis of the proposed protocol shows that it is robust against a number of attacks including wormhole attack, masquerade attacks, reply attacks, and message manipulation attacks.

Continuous authentication by electrocardiogram data

Authentication is the process of verifying the claimed identity of a user. Traditional authentication systems suffer from vulnerabilities that can break the security of the system. An example of such vulnerabilities is Replay Attack: An attacker can use a pre-saved password or an authentication credential to log into the system. Another issue with existing authentication systems is that the authentication process is done only at the beginning of a session: once the user is authenticated in the system, her identity is assumed to remain the same during the lifetime of the session. In real world, an attacker can masquerade as a legitimate user by physically controlling an authenticated machine. Therefore, there is a need to continuously monitor the user to determine if the user who is using the computer is the same person that logged onto the system. In this paper, we present a framework for continuous authentication of the user based on the electrocardiogram data collected from the users heart signal. The electrocardiogram (ECG) data is used as a soft biometric to continuously authenticate the identity of the user; Experimental results demonstrate that electrocardiogram biometric trait can guarantee the safety of the system from illegal access.

Anonymous secure communication in wireless mobile ad-hoc networks

The main characteristic of a mobile ad-hoc network is its infrastructure-less, highly dynamic topology, which is subject to malicious traffic analysis. Malicious intermediate nodes in wireless mobile ad-hoc networks are a threat concerning security as well as anonymity of exchanged information. To protect anonymity and achieve security of nodes in mobile ad-hoc networks, an anonymous on-demand routing protocol, termed RIOMO, is proposed. For this purpose, pseudo IDs of the nodes are generated considering Pairing-based Cryptography. Nodes can generate their own pseudo IDs independently. As a result RIOMO reduces pseudo IDs maintenance costs. Only trust-worthy nodes are allowed to take part in routing to discover a route. To ensure trustiness each node has to make authentication to its neighbors through an anonymous authentication process. Thus RIOMO safely communicates between nodes without disclosing node identities; it also provides different desirable anonymous properties such as identity privacy, location privacy, route anonymity, and robustness against several attacks.

Toward end-to-end biomet rics-based security for IoT infrastructure

The IoT is the next generation of innovation in the smart world, which has the potential to improve safety, security, and the quality of our daily lives through pervasive communication and computation. Currently, we have observed that a plethora of interconnected smartphones, devices, and sensors are deployed for providing personalized services (e.g., social media, smart home, health monitoring) at any time from anywhere. The personalized services offered by IoT, although enhancing the quality of our lives, have serious challenges of securing networks and data in transit, as every day a myriad of devices and services are connected to the IoT. However, existing security solutions, such as two-factor authentication based on passwords along with second-level protection may not be efficient and reliable for providing end-to-end secure communication solutions among different devices and services connected to the IoT. To this end, this article proposes an end-to-end secure IoT-based solution using biometrics and pairing-based cryptography. Because of the uniqueness of ones biometric traits (e.g., face, fingerprint, palm, iris, voice, heartbeat), a biometric-based security solution is less vulnerable to security breaches for IoT systems or infrastructure. We present a biometric- based IoT infrastructure comprising four layers, and for each layer, we discuss possible security challenges along with the corresponding countermeasures. Finally, we provide a case study of face-based biometric recognition, where sensors or smartphones capture a face image and securely transmit it to the IoT platform to provide end-to end security.

Proposal and Evaluation of a Dynamic Resource Allocation Method Based on the Load of VMs on IaaS

Recently, Cloud computing has emerged as a new computing paradigm on the Internet. Cloud computing facilitates flexible and efficient computer resource management via virtualization technologies at anytime and from anywhere, so that users can add and/or delete IT resources. Users can set up and boot the required resources and they have to pay only for the required resources. However, they have to spend a considerable amount of time and money to design, set up, boot, and monitor their resources. Thus, in the future, providing a mechanism for efficient resource assignment and management will be an important objective of cloud computing. In this paper, we propose a dynamic resource allocation method based on the load of VMs on IaaS, abbreviated as DAIaS. This method enables users to dynamically add and/or delete one or more instances on the basis of the load and the conditions specified by the user. We implement a prototype to evaluate the effectiveness and efficiency of DAIaS. Furthermore, we perform an experiment to extract the prototype on a real cloud service, namely, Amazon EC2.

Reliability model for extending cluster lifetime using Backup Cluster Heads in cluster-based Wireless Sensor Networks

In cluster-based two-tier Wireless Sensor Networks (WSNs), the cluster-head nodes (CHs) gather data from sensors and then transmit to the base station. When these cluster head nodes start to die, the coverage of the respective clusters is lost and it leaves the region unmonitored. Even if the CHs are rotated and reassigned after some time, until the next rotation that cluster in question will be out of cluster head, causing a loss of information and loss of coverage. To select a Backup Cluster Head (BCH) is suggested for those CHs which are close to deplete their energy [1]. When the CH dies, BCH takes over the responsibility and continues to work as a new cluster head. In this paper we present an analytical model of cluster reliability in cluster-based WSN using BCH, based on Markov chain model. We use non-homogeneous Markov process, along with Forward Chapman-Kolmogorov equations to illustrate the cluster monitoring period in a finite three state space model. We test the accuracy of the model by applying the probabilities of failure of CH and BCH nodes, for a fixed number of sensor nodes in a cluster. The results show that the presented model is able to match the behaviour of the cluster state transition accurately and validates the simulation results and analysis published in [1].

Simultaneously aided diagnosis model for outpatient departments via healthcare big data analytics

Recent real medical datasets show that the number of outpatients in China has sharply increased since 2013, when the Chinese health insurance reform started. This situation leads to increased waiting time for the outpatients; in particular, the normal operation of a hospital will be congested at rush hour. The existence of this problem in outpatient departments causes a reduction in doctors’ diagnostic time, and a high working strength is required to address this issue. In this paper, a simultaneous model based on machine learning is proposed for aiding outpatient doctors in performing diagnoses. We use Support Vector Machine (SVM) and Neural Networks (NN) to classify hyperlipemia using the clinical features extracted from a real medical dataset. The results, with an accuracy of 90 %, indicate that our Simultaneously Aided Diagnosis Model (SADM) applied to aid diagnosis for outpatient doctors and achieves the objective of increasing efficiency and reducing working strength.

TOLA: Topic-oriented learning assistance based on cyber-physical system and big data

Abstract Massive open online courses (MOOC) is a novel educational model emerging in recent years, which is assisted by advanced techniques such as cloud computing, big data and Cyber-Physical Systems (CPS). Through adequate analysis assisted by big data, the quality of education is expected to be extensively improved. Unfortunately, the MOOC data are not fully utilized for educational innovation, because the existing research focuses on the data generated in the online learning but neglects other related data, such as the forum data. In this article, we propose a big-data-driven approach named TOLA for online learning evolution to discover students’ learning pattern and guide courses improvement. Specifically, topic feature is extracted from MOOC forum through Latent Dirichlet Allocation, which is incorporated with other hybrid features. Through experiments, TOLA exhibits good performance in terms of complexity, efficiency and accuracy, facilitating the improvement of the quality of online education.

Chaos-cryptography based privacy preservation technique for video surveillance

A multimedia surveillance system aims to provide security and safety of people in a monitored space. However, due to the nature of surveillance, privacy-sensitive information such as face, gait, and other physical parameters based on the captured media from multiple sensors, can be revealed without the permission of the people who appear in the surveillance video. This is a major concern in recent days. Therefore, it is desirable to have such mechanism that can hide privacy-sensitive information as much as possible, yet supporting effective surveillance tasks. In this article, we propose a chaos cryptography based data scrambling approach that can be applied on selected regions of interest (ROIs) in video camera footage, which contains privacy-sensitive data. Our approach also supports multiple levels of abstraction of data hiding depending on the role of the authorized user. In order to evaluate the suitability of this approach, we applied our algorithm on some video camera footage and observed that our approach is computationally efficient and, hence, it can be applied for real-time video surveillance tasks in preserving privacy sensitive information.

A real-time privacy-sensitive data hiding approach based on chaos cryptography

A multimedia surveillance system aims to provide security and safety of people in a monitored space. However, due to the nature of surveillance, privacy-sensitive information, such as face, gait and other physical parameters based on the captured media from multiple sensors, can be revealed without the concern of the people. This is a major concern in recent days. Therefore, it is desirable to have such mechanism that can hide privacy-sensitive information as much as possible, yet supporting effective surveillance tasks. In this paper, we propose a chaos cryptography based data hiding approach that can be applied on selected regions of interest (ROIs) in video camera footage, which contains privacy-sensitive data. Our approach also supports multiple levels of abstraction of data hiding depending on the role of the authorized user. In order to evaluate the suitability of this approach, we applied our algorithm on some video camera footage and observed that our approach is computationally efficient and applicable for real-time video surveillance tasks.