CICIoT2023: A Real-Time Dataset and Benchmark for Large-Scale Attacks in IoT Environment.

Nowadays, the Internet of Things (IoT) concept plays a pivotal role in society and brings new capabilities to different industries. The number of IoT solutions in areas such as transportation and healthcare is increasing and new services are under development. In the last decade, society has experienced a drastic increase in IoT connections. In fact, IoT connections will increase in the next few years across different areas. Conversely, several challenges still need to be faced to enable efficient and secure operations (e.g., interoperability, security, and standards). Furthermore, although efforts have been made to produce datasets composed of attacks against IoT devices, several possible attacks are not considered. Most existing efforts do not consider an extensive network topology with real IoT devices. The main goal of this research is to propose a novel and extensive IoT attack dataset to foster the development of security analytics applications in real IoT operations. To accomplish this, 33 attacks are executed in an IoT topology composed of 105 devices. These attacks are classified into seven categories, namely DDoS, DoS, Recon, Web-based, brute force, spoofing, and Mirai. Finally, all attacks are executed by malicious IoT devices targeting other IoT devices. The dataset is available on the CIC Dataset website.

IoT malware: An attribute-based taxonomy, detection mechanisms and challenges.

During the past decade, the Internet of Things (IoT) has paved the way for the ongoing digitization of society in unique ways. Its penetration into enterprise and day-to-day lives improved the supply chain in numerous ways. Unfortunately, the profuse diversity of IoT devices has become an attractive target for malware authors who take advantage of its vulnerabilities. Accordingly, enhancing the security of IoT devices has become the primary objective of industrialists and researchers. However, most present studies lack a deep understanding of IoT malware and its various aspects. As understanding IoT malware is the preliminary base of research, in this work, we present an IoT malware taxonomy with 100 attributes based on the IoT malware categories, attack types, attack surfaces, malware distribution architecture, victim devices, victim device architecture, IoT malware characteristics, access mechanisms, programming languages, and protocols. In addition, we have mapped these categories into 77 IoT Malwares identified between 2008 and 2022. Furthermore, To provide insight into the challenges in IoT malware research for future researchers, our study also reviews the existing IoT malware detection works.

Langevin dynamics simulation on optimal conditions for large and stable loops of adsorbed homopolymers on substrates.

Adsorption of polymer chains on a solid surface is a universal interfacial behavior. Loops in the adsorbed chains are considered to exert a significant effect on the overall properties of a substrate-supported polymer film via entanglement with non-adsorbed chains in the film. In this work, the size and stability of loops formed by adsorbed homopolymer chains on an attractive substrate were studied by Langevin dynamics simulations. The size of loops decreases while the stability increases with increasing attraction strength of the substrate. In contrast, with an increase in the polymer concentration, the size of loops increases but the stability decreases. However, both the size and stability of loops increase with increasing chain length. Simulation results show that the optimal conditions for forming large and stable loops are long homopolymer chains, substrates with moderate attraction strength, and moderate polymer concentration.

Entropy-Enhanced Mechanochemical Activation for Thermal Degrafting of Surface-Tethered Dry Polystyrene Brushes.

Dry polymer brushes have attracted great attention because of their potential utility in regulating interface properties. However, it is still unknown whether dry polymer brushes will exhibit degrafting behavior as a result of thermal annealing. Herein, a study of the conformational entropy effect on thermal degrafting of dry polystyrene (PS) brushes is presented. For PS brushes with an initial grafting density (σpini) of 0.61 nm-2, degrafting behavior was observed at 393 K, and the equilibrium σp was approximately 0.14 nm-2 at 413 K. However, for brushes with σpini ≤ 0.14 nm-2, thermal degrafting was not observed even if the temperature was increased to 453 K. Furthermore, we found that the degrafting rate was faster for PS brushes with higher σpini and higher molecular weights when σpini > 0.14 nm-2. Our findings confirmed that degrafting is a mechanochemical activation process driven by tension imposed on bonds that anchor the chains to the surface, and the process is amplified by conformational entropy.

A simulation study on the subdiffusion of polymer chains in crowded environments containing nanoparticles.

Polymer chains in crowded environments often show subdiffusive behavior. We adopt molecular dynamics simulations to study the conditions for the subdiffusion of polymer chains in crowded environments containing randomly distributed, immobile, attractive nanoparticles (NPs). The attraction is strong enough to adsorb polymer chains on NPs. The results show that subdiffusion occurs at a low concentration of polymer chains (cp). A transition from subdiffusion to normal diffusion is observed when cp exceeds the transition concentration , which increases with increasing concentration of NPs while decreases with increasing size of NPs. The high concentration and small size of NPs exert a big effect on the subdiffusion of polymer chains. The subdiffusive behavior of polymer chains can be attributed to the strong adsorption of polymer chains on the attractive NPs. For the subdiffusion case, polymer chains are adsorbed strongly on multiple NPs, and they diffuse via the NP-exchange diffusion mechanism. However for the normal diffusion case, polymer chains are either free or weakly adsorbed on one or a few NPs, and they diffuse mainly via the adsorption-and-desorption diffusion mechanism.

An Efficient Privacy-Preserving Public Auditing Protocol for Cloud-Based Medical Storage System.

The booming Internet of Things makes smart healthcare a reality, while cloud-based medical storage systems solve the problems of large-scale storage and real-time access of medical data. The integrity of medical data outsourced in cloud-based medical storage systems has become crucial since only complete data can make a correct diagnosis, and public auditing protocol is a key technique to solve this problem. To guarantee the integrity of medical data and reduce the burden of the data owner, we propose an efficient privacy-preserving public auditing protocol for the cloud-based medical storage systems, which supports the functions of batch auditing and dynamic update of data. Detailed security analysis shows that our protocol is secure under the defined security model. In addition, we have conducted extensive performance evaluations, and the results indicate that our protocol not only remarkably reduces the computational costs of both the data owner and the third-party auditor (TPA), but also significantly improves the communication efficiency between the TPA and the cloud server. Specifically, compared with other related work, the computational cost of the TPA in our protocol is negligible and the data owner saves more than 2/3 of computational cost. In addition, as the number of challenged blocks increases, our protocol saves nearly 90% of communication overhead between the TPA and the cloud server.

Glass transition and dynamics of semiflexible polymer brushes.

The glass transition and dynamics of densely grafted semiflexible polymer brushes are studied by molecular dynamics simulation. The glass transition temperature (Tg) increases with the polymer rigidity. The local glass transition temperature (Tg,local) is estimated from the temperature-dependent dynamics of individual segments including the lateral position fluctuation and lateral mean square displacement. Different from the flexible polymer brush, Tg,local of semiflexible polymer brushes is roughly independent of the segment height. Our simulation reveals that the glass transition is in synchronism with an abrupt change of the chain conformation in semiflexible polymer brushes. When the temperature drops to near Tg, the semiflexible polymer chains elongate, tilt, and become more ordered. Moreover, enhanced segmental dynamics is observed at temperatures just above Tg for the semiflexible polymer brushes.

A comprehensive survey on smart contract construction and execution: paradigms, tools, and systems.

Smart contracts are regarded as one of the most promising and appealing notions in blockchain technology. Their self-enforcing and event-driven features make some online activities possible without a trusted third party. Nevertheless, problems such as miscellaneous attacks, privacy leakage, and low processing rates prevent them from being widely applied. Various schemes and tools have been proposed to facilitate the construction and execution of secure smart contracts. However, a comprehensive survey for these proposals is absent, hindering new researchers and developers from a quick start. This paper surveys the literature and online resources on smart contract construction and execution over the period 2008-2020. We divide the studies into three categories: (1) design paradigms that give examples and patterns on contract construction, (2) design tools that facilitate the development of secure smart contracts, and (3) extensions and alternatives that improve the privacy or efficiency of the system. We start by grouping the relevant construction schemes into the first two categories. We then review the execution mechanisms in the last category and further divide the state-of-the-art solutions into three classes: private contracts with extra tools, off-chain channels, and extensions on core functionalities. Finally, we summarize several challenges and identify future research directions toward developing secure, privacy-preserving, and efficient smart contracts.

Simulation on diffusivity and statistical size of polymer chains in polymer nanocomposites.

The dynamical and conformational properties of polymer chains are affected significantly by strongly attractive nanoparticles. The adsorption of polymer chains on nanoparticles not only reduces the dynamics but also changes the conformation of polymer chains. For orderly distributed nanoparticles of size roughly the same as the radius of gyration of polymer chains, the variation of the diffusivity is highly related to that of the statistical size and can be explained mainly from the adsorption of polymers. In particular, both the polymer's size and diffusivity reach the minimum when the number of polymer chains matches the number of nanoparticles where polymer chains are mostly adsorbed on separate nanoparticles. The behavior of diffusivity can be explained from the cooperation of polymer adsorption and nanoparticle-exchange motion. Adsorption of the polymer chain slows down the diffusion, whereas the nanoparticle-exchange motion accelerates the diffusion of polymer chains.

Achieving Efficient and Privacy-Preserving k-NN Query for Outsourced eHealthcare Data.

The boom of Internet of Things devices promotes huge volumes of eHealthcare data will be collected and aggregated at eHealthcare provider. With the help of these health data, eHealthcare provider can offer reliable data service (e.g., k-NN query) to doctors for better diagnosis. However, the IT facility in the eHealthcare provider is incompetent with the huge volumes of eHealthcare data, so one popular solution is to deploy a powerful cloud and appoint the cloud to execute the k-NN query service. In this case, since the eHealthcare data are very sensitive yet cloud servers are not fully trusted, directly executing the k-NN query service in the cloud inevitably incurs privacy challenges. Apart from the privacy issues, efficiency issues also need to be taken into consideration because achieving privacy requirement will incur additional computational cost. However, existing focuses on k-NN query do not (fully) consider the data privacy or are inefficient. For instance, the best computational complexity of k-NN query over encrypted eHealthcare data in the cloud is as large as [Formula: see text], where N is the total number of data. In this paper, aiming at addressing the privacy and efficiency challenges, we design an efficient and privacy-preserving k-NN query scheme for encrypted outsourced eHealthcare data. Our proposed scheme is characterized by integrating the k d-tree with the homomorphic encryption technique for efficient storing encrypted data in the cloud and processing privacy-preserving k-NN query over encrypted data. Compared with existing works, our proposed scheme is more efficient in terms of privacy-preserving k-NN query. Specifically, our proposed scheme can achieve k-NN computation over encrypted data with [Formula: see text] computational complexity, where l and N respectively denote the data dimension and the total number of data. In addition, detailed security analysis shows that our proposed scheme is really privacy-preserving under our security model and performance evaluation also indicates that our proposed scheme is indeed efficient in terms of computational cost.

Achieve Location Privacy-Preserving Range Query in Vehicular Sensing.

Modern vehicles are equipped with a plethora of on-board sensors and large on-board storage, which enables them to gather and store various local-relevant data. However, the wide application of vehicular sensing has its own challenges, among which location-privacy preservation and data query accuracy are two critical problems. In this paper, we propose a novel range query scheme, which helps the data requester to accurately retrieve the sensed data from the distributive on-board storage in vehicular ad hoc networks (VANETs) with location privacy preservation. The proposed scheme exploits structured scalars to denote the locations of data requesters and vehicles, and achieves the privacy-preserving location matching with the homomorphic Paillier cryptosystem technique. Detailed security analysis shows that the proposed range query scheme can successfully preserve the location privacy of the involved data requesters and vehicles, and protect the confidentiality of the sensed data. In addition, performance evaluations are conducted to show the efficiency of the proposed scheme, in terms of computation delay and communication overhead. Specifically, the computation delay and communication overhead are not dependent on the length of the scalar, and they are only proportional to the number of vehicles.

PAVS: A New Privacy-Preserving Data Aggregation Scheme for Vehicle Sensing Systems.

Air pollution has become one of the most pressing environmental issues in recent years. According to a World Health Organization (WHO) report, air pollution has led to the deaths of millions of people worldwide. Accordingly, expensive and complex air-monitoring instruments have been exploited to measure air pollution. Comparatively, a vehicle sensing system (VSS), as it can be effectively used for many purposes and can bring huge financial benefits in reducing high maintenance and repair costs, has received considerable attention. However, the privacy issues of VSS including vehicles' location privacy have not been well addressed. Therefore, in this paper, we propose a new privacy-preserving data aggregation scheme, called PAVS, for VSS. Specifically, PAVS combines privacy-preserving classification and privacy-preserving statistics on both the mean E(·) and variance Var(·), which makes VSS more promising, as, with minimal privacy leakage, more vehicles are willing to participate in sensing. Detailed analysis shows that the proposed PAVS can achieve the properties of privacy preservation, data accuracy and scalability. In addition, the performance evaluations via extensive simulations also demonstrate its efficiency.

Efficient and Privacy-Preserving Online Medical Prediagnosis Framework Using Nonlinear SVM.

With the advances of machine learning algorithms and the pervasiveness of network terminals, the online medical prediagnosis system, which can provide the diagnosis of healthcare provider anywhere anytime, has attracted considerable interest recently. However, the flourish of online medical prediagnosis system still faces many challenges including information security and privacy preservation. In this paper, we propose an e fficient and privacy-preserving online medical prediagnosis framework, called eDiag, by using nonlinear kernel support vector machine (SVM). With eDiag, the sensitive personal health information can be processed without privacy disclosure during online prediagnosis service. Specifically, based on an improved expression for the nonlinear SVM, an efficient and privacy-preserving classification scheme is introduced with lightweight multiparty random masking and polynomial aggregation techniques. The encrypted user query is directly operated at the service provider without decryption, and the diagnosis result can only be decrypted by user. Through extensive analysis, we show that eDiag can ensure that users' health information and healthcare provider's prediction model are kept confidential, and has significantly less computation and communication overhead than existing schemes. In addition, performance evaluations via implementing eDiag on smartphone and computer demonstrate eDiag's effectiveness in term of real online environment.

TripSense: A Trust-Based Vehicular Platoon Crowdsensing Scheme with Privacy Preservation in VANETs.

In this paper, we propose a trust-based vehicular platoon crowdsensing scheme, named TripSense, in VANET. The proposed TripSense scheme introduces a trust-based system to evaluate vehicles' sensing abilities and then selects the more capable vehicles in order to improve sensing results accuracy. In addition, the sensing tasks are accomplished by platoon member vehicles and preprocessed by platoon head vehicles before the data are uploaded to server. Hence, it is less time-consuming and more efficient compared with the way where the data are submitted by individual platoon member vehicles. Hence it is more suitable in ephemeral networks like VANET. Moreover, our proposed TripSense scheme integrates unlinkable pseudo-ID techniques to achieve PM vehicle identity privacy, and employs a privacy-preserving sensing vehicle selection scheme without involving the PM vehicle's trust score to keep its location privacy. Detailed security analysis shows that our proposed TripSense scheme not only achieves desirable privacy requirements but also resists against attacks launched by adversaries. In addition, extensive simulations are conducted to show the correctness and effectiveness of our proposed scheme.

Privacy-Preserving Patient-Centric Clinical Decision Support System on Naïve Bayesian Classification.

Clinical decision support system, which uses advanced data mining techniques to help clinician make proper decisions, has received considerable attention recently. The advantages of clinical decision support system include not only improving diagnosis accuracy but also reducing diagnosis time. Specifically, with large amounts of clinical data generated everyday, naïve Bayesian classification can be utilized to excavate valuable information to improve a clinical decision support system. Although the clinical decision support system is quite promising, the flourish of the system still faces many challenges including information security and privacy concerns. In this paper, we propose a new privacy-preserving patient-centric clinical decision support system, which helps clinician complementary to diagnose the risk of patients' disease in a privacy-preserving way. In the proposed system, the past patients' historical data are stored in cloud and can be used to train the naïve Bayesian classifier without leaking any individual patient medical data, and then the trained classifier can be applied to compute the disease risk for new coming patients and also allow these patients to retrieve the top- k disease names according to their own preferences. Specifically, to protect the privacy of past patients' historical data, a new cryptographic tool called additive homomorphic proxy aggregation scheme is designed. Moreover, to leverage the leakage of naïve Bayesian classifier, we introduce a privacy-preserving top- k disease names retrieval protocol in our system. Detailed privacy analysis ensures that patient's information is private and will not be leaked out during the disease diagnosis phase. In addition, performance evaluation via extensive simulations also demonstrates that our system can efficiently calculate patient's disease risk with high accuracy in a privacy-preserving way.