Increasingly, Cyber–physical Systems are expected to operate in different environments and interconnect with a diverse set of systems, equipment, and networks. This openness to heterogeneity, ...diversity, and complexity introduces a new level of vulnerabilities, which adds to the consistent need for security including the digital forensics capabilities. Digital investigators utilize the information on the attacker’s computer to find clues that may help in proving a case. One aspect is the digital evidence that can be extracted from the main memory (RAM), which includes live information about running programs. A program’s states, represented by variables’ values, vary in their scope and duration. This paper explores RAM artifacts of Java programs. Because JVMs can run on various platforms, we compare the same program on three different implementations of JVM from forensic perspectives. Our investigation model assumes no information is provided by the underlying OS or JVM. Our results show that a program’s states can still be extracted even after the garbage collector is explicitly invoked, the software is stopped, or the JVM is terminated. This research helps investigators identify the software used to launch the attack and understand its internal flows. Investigators can utilize this information to accuse the perpetrators and recover from attacks.
Energy cloud systems continue to shape the future of the energy sector. The complexity of energy cloud systems stems from their widespread and distributed aspects such as renewable energy sources, ...energy storage, customers engagement, social media and the advancements in communication and computing technologies. The unprecedented large-scale growth of energy cloud systems requires a crucial and dramatic paradigm shift in managing and optimizing the available energy assets in order to satisfy the increasing customers’ requirements. This paper proposes and evaluates an edge computing based framework that aims to efficiently manage and optimize energy cloud systems while increasing their reliability, safety, and security. The proposed framework exploits the current expansion in computing capabilities of the edge computing and the Fifth Communication Generation (5G) technology. The evaluation of the proposed framework shows that an edge computing infrastructure improves the service efficiency by 22.6% compared with a cloud infrastructure. In addition, the latency is reduced by 69.1%. The proposed framework provides threat detection capability by using the edge layer as an extra layer for defense against energy cloud system attacks. However, this defense mechanism incurs 10.9% overhead and 9.6% extra delay per service request on average.
•A framework to manage the energy cloud system using edge computing infrastructure.•Exploiting the capabilities of the emerging 5G communication technology to reduce the latency.•Using edge server’s collaboration for better services quality.•Using privacy mediators and security information sharing for better energy cloud system security.
•We have investigated the literature and generated a survey regarding the use of blockchain as a tool for application within information systems.•An extensive comparison, clustering, and ...classification have been carried out regarding the current use of blockchain within information systems.•We conducted the first blockchain-based information system analysis and addressed all issues in the information systems management area.
Blockchain technologies have grown in prominence in recent years, with many experts citing the potential applications of the technology in regard to different aspects of any industry, market, agency, or governmental organizations. In the brief history of blockchain, an incredible number of achievements have been made regarding how blockchain can be utilized and the impacts it might have on several industries. The sheer number and complexity of these aspects can make it difficult to address blockchain potentials and complexities, especially when trying to address its purpose and fitness for a specific task. In this survey, we provide a comprehensive review of applying blockchain as a service for applications within today’s information systems. The survey gives the reader a deeper perspective on how blockchain helps to secure and manage today information systems. The survey contains a comprehensive reporting on different instances of blockchain studies and applications proposed by the research community and their respective impacts on blockchain and its use across other applications or scenarios. Some of the most important findings this survey highlights include the fact that blockchain’s structure and modern cloud- and edge-computing paradigms are crucial in enabling a widespread adaption and development of blockchain technologies for new players in today unprecedented vibrant global market. Ensuring that blockchain is widely available through public and open-source code libraries and tools will help to ensure that the full potential of the technology is reached and that further developments can be made concerning the long-term goals of blockchain enthusiasts.
The industrial Internet of Things (IIoT) supports recent developments in data management and information services, as well as services for smart factories. Nowadays, many mature IIoT cloud platforms ...are available to serve smart factories. However, due to the semicredibility nature of the IIoT cloud platforms, how to achieve secure storage, access control, information update and deletion for smart factory data, as well as the tracking and revocation of malicious users has become an urgent problem. To solve these problems, in this article, a blockchain-enhanced security access control scheme that supports traceability and revocability has been proposed in IIoT for smart factories. The blockchain first performs unified identity authentication, and stores all public keys, user attribute sets, and revocation list. The system administrator then generates system parameters and issues private keys to users. The domain administrator is responsible for formulating domain security and privacy-protection policies, and performing encryption operations. If the attributes meet the access policies and the user's ID is not in the revocation list, they can obtain the intermediate decryption parameters from the edge/cloud servers. Malicious users can be tracked and revoked during all stages if needed, which ensures the system security under the Decisional Bilinear Diffie-Hellman (DBDH) assumption and can resist multiple attacks. The evaluation has shown that the size of the public/private keys is smaller compared to other schemes, and the overhead time is less for public key generation, data encryption, and data decryption stages.
In the very near future, transportation will go through a transitional period that will shape the industry beyond recognition. Smart vehicles have played a significant role in the advancement of ...intelligent and connected transportation systems. Continuous vehicular cloud service availability in smart cities is becoming a crucial subscriber necessity which requires improvement in the vehicular service management architecture. Moreover, as smart cities continue to deploy diversified technologies to achieve assorted and high-performance cloud services, security issues with regards to communicating entities which share personal requester information still prevails. To mitigate these concerns, we introduce an automated secure continuous cloud service availability framework for smart connected vehicles that enables an intrusion detection mechanism against security attacks and provides services that meet users’ quality of service (QoS) and quality of experience (QoE) requirements. Continuous service availability is achieved by clustering smart vehicles into service-specific clusters. Cluster heads are selected for communication purposes with trusted third-party entities (TTPs) acting as mediators between service requesters and providers. The most optimal services are then delivered from the selected service providers to the requesters. Furthermore, intrusion detection is accomplished through a three-phase data traffic analysis, reduction, and classification technique used to identify positive trusted service requests against false requests that may occur during intrusion attacks. The solution adopts deep belief and decision tree machine learning mechanisms used for data reduction and classification purposes, respectively. The framework is validated through simulations to demonstrate the effectiveness of the solution in terms of intrusion attack detection. The proposed solution achieved an overall accuracy of 99.43% with 99.92% detection rate and 0.96% false positive and false negative rate of 1.53%.
The revolution in information technologies, and the spread of the Internet of Things (IoT) and smart city industrial systems, have fostered widespread use of smart systems. As a complex, 24/7 ...service, healthcare requires efficient and reliable follow-up on daily operations, service and resources. Cloud and edge computing are essential for smart and efficient healthcare systems in smart cities. Emergency departments (ED) are real-time systems with complex dynamic behavior, and they require tailored techniques to model, simulate and optimize system resources and service flow. ED issues are mainly due to resource shortage and resource assignment efficiency. In this paper, we propose a resource preservation net (RPN) framework using Petri net, integrated with custom cloud and edge computing suitable for ED systems. The proposed framework is designed to model non-consumable resources and is theoretically described and validated. RPN is applicable to a real-life scenario where key performance indicators such as patient length of stay (LoS), resource utilization rate and average patient waiting time are modeled and optimized. As the system must be reliable, efficient and secure, the use of cloud and edge computing is critical. The proposed framework is simulated, which highlights significant improvements in LoS, resource utilization and patient waiting time.
•A blockchain-empowered and centerless trusted service mechanism for the crowdsourcing system in 5G-enabled smart cities.•Crowdsourcing service process is divided into nine stages: initialization, ...task submission, task publication, task reception, scheme submission, scheme arbitration, payment, task rollback, and service compensation.•A smart contract has been used to controls the execution of each step in each stage, and the payment is completed by blockchain without the involvement of third-party central institutions.
With the development of 5G(5th generation mobile networks) technology, smart cities are an inevitable trend in modern city development. Among them, smart city services are the foundation of 5G-enabled smart cities. As an emerging and informational city service model, crowdsourcing has been widely used in our daily life. However, in the existing crowdsourcing systems, the requesters and the workers are usually required to use the crowdsourcing platform as the trust center, and the payment depends on the third-party central payment institutions, which have a massive security risk. Once these centers are attacked or do evil, it will bring higher losses to the crowdsourcing parties. These problems will negatively affect the further development of 5G-enabled smart cities. To address these issues, we propose a blockchain-empowered and decentralized trusted service mechanism for the crowdsourcing system in 5G-enabled smart cities. In the proposed mechanism, the crowdsourcing service process is divided into nine stages: initialization, task submission, task publication, task reception, scheme submission, scheme arbitration, payment, task rollback, and service compensation. The smart contract controls the execution of each step in each stage, and the payment is completed by blockchain without the involvement of third-party central institutions. Finally, we develop smart contracts to conduct experiments based on Ethereum and compare it with the existing crowdsourcing system. The experimental results show the effectiveness and applicability of the crowdsourcing system service mechanism without the central institutions.
Display omitted
Federated Learning (FL) has been foundational in improving the performance of a wide range of applications since it was first introduced by Google. Some of the most prominent and commonly used ...FL-powered applications are Android’s Gboard for predictive text and Google Assistant. FL can be defined as a setting that makes on-device, collaborative Machine Learning possible. A wide range of literature has studied FL technical considerations, frameworks, and limitations with several works presenting a survey of the prominent literature on FL. However, prior surveys have focused on technical considerations and challenges of FL, and there has been a limitation in more recent work that presents a comprehensive overview of the status and future trends of FL in applications and markets. In this survey, we introduce the basic fundamentals of FL, describing its underlying technologies, architectures, system challenges, and privacy-preserving methods. More importantly, the contribution of this work is in scoping a wide variety of FL current applications and future trends in technology and markets today. We present a classification and clustering of literature progress in FL in application to technologies including Artificial Intelligence, Internet of Things, blockchain, Natural Language Processing, autonomous vehicles, and resource allocation, as well as in application to market use cases in domains of Data Science, healthcare, education, and industry. We discuss future open directions and challenges in FL within recommendation engines, autonomous vehicles, IoT, battery management, privacy, fairness, personalization, and the role of FL for governments and public sectors. By presenting a comprehensive review of the status and prospects of FL, this work serves as a reference point for researchers and practitioners to explore FL applications under a wide range of domains.
•Draw the big picture of the fundamental of federated machine learning.•Presenting the most prominent federated learning applications and shows other potential use cases.•Provide a range of future applications and directions for the research in the federated machine learning.
The emerging advances in personal devices and privacy concerns have given the rise to the concept of Federated Learning. Federated Learning proves its effectiveness and privacy preservation through ...collaborative local training and updating a shared machine learning model while protecting the individual data-sets. This article investigates a new type of vehicular network concept, namely a Federated Vehicular Network (FVN), which can be viewed as a robust distributed vehicular network. Compared to traditional vehicular networks, an FVN has centralized components and utilizes both DSRC and mmWave communication to achieve more scalable and stable performance. As a result, FVN can be used to support data-/computation-intensive applications such as distributed machine learning and Federated Learning. The article first outlines the enabling technologies of FVN. Then, we briefly discuss the high-level architecture of FVN and explain why such an architecture is adequate for Federated Learning. In addition, we use auxiliary Blockchain-based systems to facilitate transactions and mitigate malicious behaviors. Next, we discuss in detail one key component of FVN, a federated vehicular cloud (FVC), that is used for sharing data and models in FVN. In particular, we focus on the routing inside FVCs and present our solutions and preliminary evaluation results. Finally, we point out open problems and future research directions of this disruptive technology.
PDF
