Journal of Network and Computer Applications最新文献

In recent years, the website fingerprinting (WF) attack against the Tor anonymity system has become a hot research issue. The state-of-the-art WF studies have shown that the detection accuracy of websites is up to more than 95%. However, they are mainly conducted under the single-tab assumption, where each sample contains only one website traffic. The single-tab setting could not be realistic because users often open multiple tabs to browse simultaneously. The requests and responses from multiple tabs will overlap and interfere with each other, destroying existing single-tab WF attacks. In addition, the proposed multi-tab WF attack works poorly when traffic overlaps seriously. It remains challenging to implement WF attacks in multi-tab scenarios. This paper investigates a new spatial separated boxes-based multi-tab website fingerprinting model, called SSBM, to solve the multi-tab WF problem. It is an end-to-end model that separates traffic by equal-sized boxes and extracts features with convolutional neural networks. By predicting the label of each box, the tabs of the whole traffic are inferred. We design and implement SSBM and compare it with state-of-the-art multi-tab WF attacks in two different multi-tab modes: overlapping mode and delayed mode. In the overlapping mode, SSBM can successfully identify 81.24% of the first tab and 64.72% of the second tab when the overlapping proportions of the two tabs’ traffic reaches 50%, which are 4% and 29% higher than the current strongest BAPM. In the delayed mode, when the second tab traffic starts to overlap with the first tab traffic with a 5-second delay, SSBM improves the first tab’s classification accuracy from 60% to 69% and the second tab’s detection rates from 33% to 53%. Moreover, SSBM achieves the highest improvement, nearly 40%, in the three-tab evaluations. The experimental results show that SSBM outperforms existing multi-tab WF attack methods.

Over the past decade, the adoption of Internet of Things (IoT) devices has greatly revolutionized the retail and commerce industries. However, these devices are vulnerable to attacks, such as theft, which raises significant security and privacy concerns for business assets. Securing such business-owned devices is challenging, particularly due to the business contexts that require not only authenticating the devices but also verifying the environment in which the devices are located. In this study, we present a zero-effort authentication approach based on acoustic fingerprints, namely AcousticAuth. AcousticAuth enables a “verifier” device to authenticate and verify the work environment of multiple “prover” devices (e.g., kiosks) by extracting their acoustic fingerprints and direction information. Additionally, we adopt a novel method based on beamforming to expand the fingerprint space of the provers. We implemented a prototype of AcousticAuth using real-world IoT devices, and the evaluation of the prototype indicates that AcousticAuth is highly effective and achieves high sensitivity when authenticating different devices across environments. Our results demonstrate that AcousticAuth can accurately distinguish between different devices and the same model devices with the error rate of 0.03%, significantly enhancing the security of IoT devices in retail settings. AcousticAuth also distinguishes between the different environments with an error rate of 0.00%. Lastly, the system shows robustness against various acoustic interference scenarios, making it a practical solution for dynamic business environments. We not only introduce a novel security mechanism that pushes the limit of fingerprint-based authentication by expanding the fingerprint pool but also provide comprehensive insights into its implementation and performance, paving the way for more secure IoT deployments in the commercial sector.

This survey delves into the synergy between Digital Twin technology and Task Offloading within safety-critical sectors, offering a nuanced understanding of their integration, potential benefits, and associated challenges. By defining fundamental concepts and exploring real-world implementations, this study evaluates the impact of Digital Twin-Assisted Task Offloading on optimizing resource utilization in safety-critical environments. Central to our analysis is the evaluation of key performance metrics guiding task offloading strategies, notably latency, and energy consumption, which are critical for achieving real-time efficiency and sustainable operations in edge computing environments. The survey further identifies a gap in the literature concerning cybersecurity and privacy concerns, crucial elements given the vulnerability of these systems to cyber threats and data breaches. It also highlights the emerging significance of 6G technology as a pivotal enabler for future advancements. This work not only serves as a valuable resource for professionals and researchers in safety-critical industries but also underscores the importance of addressing cybersecurity measures, advocating for standardized frameworks, and aligning with future technological trends to fully harness the potential of Digital Twin-Assisted Task Offloading.

Surveillance systems are very important to prevent situations where armed people appear. To minimize human supervision, there are algorithms based on artificial intelligence that perform a large part of the identification and detection tasks. These systems usually require large data processing servers. However, a high number of cameras causes congestion in the networks due to a large amount of data being sent. This work introduces a novel system for identifying individuals with weapons by leveraging Edge, Fog, and Cloud computing. The key advantages include minimizing the data transmitted to the Cloud and optimizing the computations performed within it. The main benefits of our proposal are the high and simple scalability, the immediacy of the detection, as well as the optimization of processes through distributed processing of high performance in the Fog layer. Moreover, the structure of this proposal is suitable for 5G camera networks, which require low latency and quick responses.

Blockchain technology has emerged as a transformative force in various sectors, including finance, healthcare, supply chains, and intellectual property management. Beyond Bitcoin’s role as a decentralized payment system, Ethereum represents a notable application of blockchain, featuring Smart Contract functionality that enables the development and execution of decentralized applications (DApps). A key feature of Ethereum, and public blockchains in general, is pseudonymity, typically achieved by using public keys as pseudonyms for users. Despite implementing several privacy-preserving techniques, the public recording of user activities on the blockchain allows various deanonymization methods that can profile users, reveal sensitive information, and potentially re-identify them. Most blockchains, such as Bitcoin, Litecoin, and Cardano, employ the Unspent Transaction Output (UTXO) model for accounting, which focuses on individual transactions and is susceptible to various deanonymization techniques. In contrast, Ethereum uses an account-based transaction model, integrating the concepts of accounts and wallets at the protocol level. This makes most UTXO-based deanonymization techniques ineffective for Ethereum. However, alternative methods with the potential to deanonymize Ethereum users have been proposed and developed. Privacy preservation techniques have been used to counteract deanonymization attempts; however, the challenges related to these techniques, their effectiveness and efficiency, and the trade-off between usability and protection levels remain areas for further exploration. This survey presents a comprehensive analysis of state-of-the-art privacy preservation along with deanonymization techniques in the blockchain and Ethereum ecosystems. This survey examines the intrinsic mechanisms supporting pseudonymity in Ethereum, providing a detailed assessment of the advantages and disadvantages of privacy preservation techniques, and suggests potential countermeasures against those deanonymization methods. It also discusses the implications arising from the intersection of DApps and data protection legislation, which is vital for ensuring the coexistence and advancement of groundbreaking blockchain capabilities and protecting user data.

Two-tier 360° video streaming provides a robust solution for handling inaccurate viewport prediction and varying network conditions. Within this paradigm, the client employs a dual-buffer mechanism consisting of a long buffer for panoramic basic-quality segments and a short buffer for high-quality tiles. However, designing an efficient edge caching strategy for two-tier 360° videos is non-trivial. First, as basic-quality segments and high-quality tiles possess different delivery deadlines as well as content popularity, ignoring these discrepancies may result in inefficient edge caching. Second, accurately predicting the popularity of 360° videos at a fine granularity of video segments and tiles remains a challenge. To address these issues, we present DeCa360, a deadline-aware edge caching framework for 360° videos. Specifically, we introduce a lightweight runtime cache partitioning approach to achieve a careful balance between improving the cache hit ratio and guaranteeing more on-time delivery of objects. Moreover, we design a content popularity prediction method for two-tier 360° videos that combines a learning-based prediction model with domain knowledge of video streaming, leading to improved prediction accuracy and efficient cache replacement. Extensive experimental evaluations demonstrate that DeCa360 outperforms all baseline algorithms in terms of byte-hit ratio and on-time delivery ratio, making it a promising approach for efficient edge caching of 360° videos.

The development of the industrial Internet of Things enables industrial control systems to become inter-networked and inter-connected, making them intelligent with high productivity. However, these systems are exposed to external environments and vulnerable to network attacks, which also suffer from internal vulnerabilities. Fuzz testing, in short fuzzing, is a technique to enhance the security of industrial control systems by finding errors when repeatedly executing software that injects illegal, malformed, or unexpected inputs into the systems. Unfortunately, traditional fuzzing of communication protocols faces low coverage and efficiency problems when being applied to industrial protocols, considering the characteristics of industrial protocols such as real-time and multi-interaction. Moreover, fuzzing is difficult to perform because many structures of industrial control protocols are not publicly available. Although researchers have started to focus on the fuzzing of industrial control protocols, existing literature still lacks a thorough survey of its recent advances. To fill this gap, we conduct a comprehensive survey on existing fuzzing methods for industrial control protocols. After a brief introduction to industrial control protocols and fuzzing, we propose a set of metrics for judging the pros and cons of existing fuzzing methods. Based on these metrics, we evaluate and compare the performance of fuzzing methods of industrial control protocols in the past eight years. Based on our review and analysis, we further summarize the open problems of these methods for achieving the proposed metrics and elaborate on future research directions toward secure industrial control systems.

The popularity of the Android operating system has itself become a reason for privacy concerns. To deal with such malware threats, researchers have proposed various detection approaches using static and dynamic features. Static analysis approaches are the most convenient for practical detection. However, several patterns of feature usage were found to be similar in the normal and malware datasets. Such high similarity in both datasets’ feature patterns motivates us to rank and select only the distinguishing set of features. Hence, in this study, we present a novel Android malware detection system, termed as PHIGrader for ranking and evaluating the efficiency of the three most commonly used static features, namely permissions, intents, and hardware components, when used for Android malware detection. To meet our goals, we individually rank the three feature types using frequency-based Multi-Criteria Decision Making (MCDM) techniques, namely TOPSIS and EDAS. Then, the system applies a novel detection algorithm to the rankings involving machine learning and deep learning classifiers to present the best set of features and feature type with higher detection accuracy as an output. The experimental results highlight that our proposed approach can effectively detect Android malware with 99.10% detection accuracy, achieved with the top 46 intents when ranked using TOPSIS, which is better than permissions, hardware components, or even the case where other popular MCDM techniques are used. Furthermore, our experiments demonstrate that the proposed system with frequency-based MCDM rankings is better than other statistical tests such as mutual information, Pearson correlation coefficient, and t-test. In addition, our proposed model outperforms various popularly used feature ranking methods such as Chi-square, Principal Component Analysis (PCA), Entropy-based Category Coverage Difference (ECCD), and other state-of-the-art Android malware detection techniques in terms of detection accuracy.

Wireless Sensor Networks (WSNs) security is a serious concern due to the lack of hardware protection on sensor nodes. One common attack on WSNs is the cloning attack, where an adversary captures legitimate nodes, creates multiple replicas, and reprograms them for malicious activities. Therefore, creating an efficient defense to mitigate this challenge is essential. Several witness node-based techniques have been developed to solve this issue, but they often suffer from higher communication and memory overheads or low detection accuracy, making them less effective. In response to the limitations of existing techniques, we propose a novel approach called Hybrid Random Walk assisted Zone-based (HRWZ) for clone node detection in static WSNs. The HRWZ method relies on the random selection of Zone-Leader ($Z_L$) in WSNs to detect clones effectively while maintaining network lifespan. We compared HRWZ to known witness node-based techniques, namely Randomized Multicast (RM), Line Selected Multicast (LSM), Random Walk (RAWL) and Table-assisted RAndom WaLk (TRAWL), under different simulation settings. The simulation results confirmed the improved performance and reliability of the proposed HRWZ technique. Our approach reduces communication costs and provides an effective way of selecting $Z_L$ for high-probability clone node detection.

Named Data Networking (NDN) aims to establish an efficient content delivery architecture. In NDN, secure and effective identity authentication schemes ensure secure communication between producers and routers. Currently, there is no feasible solution to perform identity authentication of mobile producers in NDNs. Identity authentication schemes in other networks are either weak in security or performance, such as privacy leakage, difficulty to establish cross-domain trust, and long handover delays, and are not fully adaptable to the security requirements of NDNs. Additionally, the mobility of producers was not fully considered in the initial design of NDNs. This paper first revises the structure of packets and routers to support the identity authentication and mobility of producers. On this basis, this paper proposes a secure and efficient certificateless ECC-based producer identity authentication scheme (CL-BPA), which includes initial authentication and re-authentication, aimed at achieving rapid switch authentication and integrating blockchain to solve single-point failure issues. Using the Canetti and Krawczyk (CK) adversarial model and informal security analysis, the proposed CL-BPA scheme is demonstrated to be resistant to anonymity attacks, identity forgery attacks, and man-in-the-middle attacks. The performance analysis demonstrates that the proposed CL-BPA scheme exhibits excellent capabilities in terms of computation delay, communication cost, smart contract execution time, average response delay, and throughput.