The problem of privacy protection of trajectory data has received increasing attention in recent years with the significant grow in the volume of users that contribute trajectory data with rich user information. This creates serious privacy concerns as exposing an individual’s privacy information may result in attacks threatening the user’s safety. In this demonstration we present T P 3 a novel practical framework for supporting trajectory privacy preservation in Mobile Cloud Environments (MCEs). In T P 3, non-expert users submit their trajectories and the system is responsible to determine their privacy exposure before sharing them to data analysts in return for various benefits, e.g. better recommendations. T P 3 makes a number of contributions: (a) It evaluates the privacy exposure of the users utilizing various privacy operations, (b) it is latencyefficient as it implements the privacy operations as serverless functions which can scale automatically to serve an increasing number of users with low latency, and (c) it is practical and cost-efficient as it exploits the serverless model to adapt to the demands of the users with low operational costs for the service provider. Finally, T P 3’s Web-UI provides insights to the service provider regarding the performance and the respective revenue from the service usage, while enabling the user to submit the trajectories with recommended preferences of privacy.

With the help of Voice-controlled Digital Assistants (VCDAs), end users can perform various tasks, such as creating shopping lists, setting reminders, or controlling smart home devices via voice commands. However, in multi-user environments, the different end users of VCDAs may not have access to the same controls to protect their privacy. The primary end users who set up VCDAs usually have full control over the data collected by VCDAs, including text transcripts and audio recordings of the other end users. In order for these secondary end users to gain access to privacy settings, they must also create an account with the appropriate manufacturer and accept an invitation from the primary end user to join the respective VCDA. As a result, they depend on the primary end user and the creation of a user account to be able to protect their privacy. Through a user account, however, personal information, such as name, address, or age can be linked to audio recordings, that poses additional privacy risks to secondary end users. For both primary and secondary end users, audio recordings are still maintained on cloud servers operated by manufacturers, resulting in a lack of transparency for all end users. In this paper, we thus propose an approach to improve the protection of both primary and secondary end users that reaches from the device set-up to its utilization. Our approach is based on the concept of a local registration and offline storage of voice commands.

A large number of establishments and organizations implement clouds to store their databases. More active attacks are used on clouds to get unauthorized access or to do harmful actions that may affect on user’s privacy. Therefore, many studies have proposed to increase the level of security in the clouds depended on several strategies. The behavior is one of the promising strategies that might prevent unauthorized or processes. In this paper, a set of features, are from several previous studies, and these features are based on the user activity and events in a special purpose cloud by which unauthorized process can be prevented and alert user about bad actions during his/her work in the cloud environment. The results of comparison show that the event-based features require less resources and time. Thus, they need to be enhanced by adding more informative features, or some available features form other strategies.

Cloud computing performs a significant part in sharing resources and data with other devices via data outsourcing. The data collaboration services, as a potential service given by the cloud service provider (CSP), is to assist the consistency and availability of the shared data amongst users. At the time of sharing resources, it is a complicated process for providing secure writing and access control operations. This study develops a Privacy Preserving Encryption with Optimal Key Generation Technique (PPE-OKGT) for CC environment. The presented PPE-OKGT technique secures the data prior to storing in the cloud sever via encryption process. For accomplishing this, the presented PPE-OKGT technique employs data encryption technology to secure the input data into a hidden format. Besides, in order to improve secrecy, the presented PPE-OKGT technique designs a chaotic search and rescue optimization (CSRO) algorithm for optimal generation of keys. The promising performance of the PPE-OKGT technique can be verified using a set of experimentations. A comprehensive comparison study reported the enhancements of the PPE-OKGT technique over other models.

Cloud computing platforms are the widely used state of the art platforms by various organizations. Data storage and data sharing services are the most widely used services in the cloud, while the maintenance of data integrity is a big challenge. A public cloud platform which is not reliable, users must generate digital signature of their data and then share generated signature for integrity auditing. Any attack on cloud can compromise the users valuable data which is most likely carried out by external entity. By generating signature we can write the rules of who can access update or delete the data. If data is updated by unauthorized user, then auditing can identify which data is compromised. Here we are using asymmetric keys that is when user upload his/her data over cloud then digital signature will get created with users private key, and when TPA (Third Party Auditor) wants to check the integrity of that users data then he can generate digital signature with users public key. Not only carried out low cost for data storage by compressing data but also established data access protocol to maintain data privacy.

When an underwater acoustic sensor network (UASN) is applied to underwater data collection, different data importance rating (DIR) of sensor nodes will affect the scheduling time slot of data collection. In this paper, we propose a Q-learning and DIRbased media access control (Q-DIR MAC) protocol for dynamic clustering underwater acoustic sensor networks (UASNs), in which the nodes in the network may drift with the movement of ocean currents. We use k-mean algorithm to divide the nodes into several clusters. Each partitioned cluster is composed of one cluster head (CH) and several cluster members (CMs). The CMs can be divided into three levels according to the DIR: non-urgent, normal, and very urgent. The number of three types of nodes follows normal distribution. The data importance of each node is introduced into reward function design of Q-learning. The results show that, in the dynamic clustering UASNs, the proposed QDIR MAC protocol can ensure that important data can be sent to the destination node in time without reducing the data success rate under the condition of priority transmission mechanism.

Propagation delay and channel loss are two vital factors affecting reliability of Underwater Acoustic Networks (UANs). Different from land networks, UANs have long propagation delay and poor channel quality, which lead to serious data collision and high bit error rate, respectively. However, complex underwater environments impose great challenges to evaluate propagation delay and channel loss. As temperature is the most critical factor affecting them, in this paper, we propose to employ temperature to evaluate them. However, existing temperature prediction research are insufficient for accuracy or efficiency. This paper proposes a temperature prediction-assisted approach for evaluating propagation delay and channel loss, aiming to improve reliability and performance of underwater acoustic networks. We build a nonlinear autoregressive dynamic neural network-based temperature prediction model to improve prediction accuracy and reduce time complexity. Then, we evaluate propagation delay and channel loss considering different marine environments, including shallow and deep sea. Extensive simulation results show that our approach performs better than five advanced baselines.

With the rapid development of underwater sensor networks, the design of underwater demodulators become increasingly significant. However, underwater acoustic communication is faced with many problems such as propagation time delay, multipath effect and Doppler effect due to the complexity of underwater environment. Demodulation of underwater communication signals is a challenging task. To solve this problem, we propose a novel binary phase shift keying (BPSK) demodulator for underwater acoustic communication based on convolutional neural network, which demodulates the modulation data by detecting the position of phase shift. The method proposed in this paper significantly reduces the bit error rate (BER) compared with the results of the traditional method in URPC1 datasets (Underwater Robot Picking Contest).

Underwater acoustic sensor network (UASN) is a promising underwater networking technology for wide applications, but there is an urgent need to design reliable and low power consumption routing protocols for UASN to extend network lifetime due to the limited energy supply. In this paper, we propose a Q-learning and data priority-based routing protocol with dynamic computing cluster head (QD-DCR) to extend the network lifetime of UASN. In QD-DCR protocol, the underwater nodes are clustered and set the cluster head (CH) nodes, which are only responsible for computing the optimal path of data transmission and the storage of Q-value table, while the non-CH nodes are responsible for data transmission. Meanwhile, according to the data priority, we design different data transmission methods that can effectively use the limited resources of UASN to transmit urgent data. To further make the residual energy of sensor nodes evenly distributed, we also design the dynamic selection of CH node, which can avoid the potential energy holes. In addition, we adopt Q-learning to determine the optimal next hop instead of the greedy next hop in a cluster. We also define an action utility function that takes into account both residual energy and node depth to extend the network lifetime by distributing the residual energy evenly. Simulation results show that the proposed QD-DCR protocol can effectively extend the network lifetime compared with a classic lifetime-extended routing protocol (QELAR), while alleviating the issue of uneven distribution of the residual energy in the network.

Underwater Acoustic Sensor Networks (UASNs) is a prominent field in communications due to several applications. UASNs enable underwater data collection and monitoring in different applications. UASNs face several challenges like node mobility, low bandwidth, high energy consumption, and routing. The complexity of the underwater routing is increased due to node mobility. Several underwater routing protocols exist in the literature; they determine next-hop based on different criteria. Some criteria to select next-hop are link quality, residual energy, hop-count, etc. Many underwater routing protocols either use hop-count or hop-count as one of the criteria to choose nexthop. Such routing protocols result in lower hop-count, resulting in smaller end-to-end delays. These routing protocols are instrumental in the delay-sensitive applications where the endto-end delay is the primary requirement. However, maintaining up-to-date information of the hop-count of nodes is one of the major challenges due to frequent changes in underwater topology caused due to the water current. This survey paper focuses on underwater routing protocols based on hop-count in selecting the next-hop. It focuses on updating hop-count information in various hop-count-based underwater routing protocols.

Traditional Web application category recognition is implemented by fingerprint rule matching, which is difficult to extract fingerprint rules and has limited coverage. At present, many improved identification methods semi-automatically extract fingerprints through certain rules and identify Web application categories through clustering or classification algorithms, but still rely on fingerprint rules and human intervention, and the time complexity of classification is too high to process a large amount of data. This paper proposes Multi-layer Simhash Algorithm and combines DBSCAN clustering to realize intelligent identification of Web application types, pioneering the complete automation of fingerprint identification of Web applications. This method has the function of discovering unknown Web applications and predicting unknown application types, and solves the problems of fingerprint rule extraction and manual dependence of Web applications. This paper through the TF-IDF algorithm to extract the Web page text key words and weight, Then, Multi-layer Simhash Algorithm is used to transform text feature words and weights into binary characteristic hash value, at last, the hamming distance between the input Web page and the characteristic hash value of the known category is compared with the radius of the base class, which determines the category of the input Web application. The experimental results show that the accuracy of Web application category recognition and prediction is more than 97\% and 93\% respectively.

Providing security to the IoT system is very essential to protect them from various attacks. Such security features include credential management to avoid hard-coding of credentials in web applications, key management for secure inter-device communication and assignment of trust score to the devices based on various parameters. This work contains the design and implementation details of an open source simulation environment with credential management, key management and trust score calculation features. In credential management, credentials are sent to the target device which is then stored in a JSON file. Web application in the device makes use of these credentials for authentication. In key management, X.509 certificate and private key file are generated. They are used for secure message communication using a session key that is secretly exchanged between the devices. For trust score calculation, parameters are collected from the device. Feedback parameters given by other devices are also sent to the centralised server. The dynamic weighted average model is applied to the trust values derived from these parameters to get the trust score of the device. In addition to the design, the source code of our simulation environment is also made publicly available so that researchers can alter and extend its capabilities.

Web technologies have created a worldwide web of problems and cyber risks for individuals and organizations. In this paper, we evaluate web technologies and present the different technologies and their positive impacts on individuals and business sectors. Also, we present a cyber-criminals metrics engine for attack determination on web technologies platforms’ weaknesses. Finally, this paper offers a cautionary note to protect Small and Medium Businesses (SMBs) and make recommendations to help minimize cyber risks and save individuals and organizations from cyberattack distress.

With the advancement in computing power and speed, the Internet is being transformed from screen-based information to immersive and extremely low latency communication environments in web 3.0 and the Metaverse. With the emergence of the Metaverse technology, more stringent demands are required in terms of connectivity such as secure access and data privacy. Future technologies such as 6G, Blockchain, and Artificial Intelligence (AI) can mitigate some of these challenges. The Metaverse is now on the verge where security and privacy concerns are crucial for the successful adaptation of such disruptive technology. The Metaverse and web 3.0 are to be decentralized, anonymous, and interoperable. Metaverse is the virtual world of Digital Twins and nonfungible tokens (NFTs).The control and possession of users’ data on centralized servers are the cause of numerous security and privacy concerns.This paper proposes a solution for the security and interoperability challenges using Self-Sovereign Identity (SSI) integrated with blockchain. The philosophy of Self-Sovereign Identity, where the users are the only holders and owners of their identity, comes in handy to solve the questions of decentralization, trust, and interoperability in the Metaverse. This work also discusses the vision of a single, open standard, trustworthy, and interoperable Metaverse with initial design and implementation of SSI concepts.

The internet has made everything convenient. Through the world wide web it has almost single-handily transformed the way we live our lives. In doing so, we have become so fuelled by cravings for fast and cheap web connections that we find it difficult to take in the bigger picture. It is widely documented that we need a safer and more trusting internet, but few know or agree on what this actually means. This paper introduces a new body of research that explores whether there needs to be a fundamental shift in how we design and deliver these online spaces. In detail, the authors suggest the need for an internet security aesthetic that opens up the internet (from end to end) to fully support the people that are using it. Going forward, this research highlights that social trust needs to be a key concern in defining the future value of the internet.

Current and future networks must tackle identity management to authenticate and authorise users to access services. Identity management solutions are widely employed nowadays, where one authenticates in third-party services using account information stored securely in identity providers. Solutions like OpenID Connect relying on OAuth 2.0 are employed to support Single-Sign-On, facilitating users’ login process, which does not need to manage multiple accounts in several services. Despite their wide usage in several domains (enterprise, web applications), they only consider entities like persons. Thus, trust information regarding the levels of trust a person can perceive when accessing services with its devices in specific environments (e.g. untrusted networks like public hotspots) can be employed to protect access to data. OIDC-TCI is an approach to convey context information reflecting the trust relations between endusers, the applications/services running in devices, and a specific environment where access to sensitive resources needs to be authorised. The results demonstrate OIDC-TCI as a feasible solution to convey trust with minimal impact, in compliance with OpenID Connect, in a web service - TeaStore.

COVID-19 has taught us the need of practicing social distancing. In the year 2020 because of sudden lockdown across the globe, E-commerce websites and e-shopping were the only escape to fulfill our basic needs and with the advancement of technology putting your websites online has become a necessity. Be it food, groceries, or our favorite outfit, all these things are now available online. It was noticed during the lockdown period that the businesses that had no social presence suffered heavy losses. On the other hand, people who had established their presence on the internet saw a sudden boom in their overall sales. This project discusses how the recent advancement in the field of Machine Learning and Artificial Intelligence has led to an increase in the sales of various businesses. The machine learning model analyses the pattern of customer’s behavior which affects the sales builds a dataset after many observations and finally helps generate an algorithm which is an efficient recommendation system. This project also discusses how cyber security helps us have secured and authenticated transactions which have aided ecommerce business growth by building customer s trust.

We are adopting blockchain-based security features for the usage in web service applications \& platforms. These technology concepts allow us to enhance the level of trustworthiness for any kind of public web service platform. Related platforms are using simple user registration and validation procedures, which provide huge potential for illegal activities. In contrast, more secure live video identity checks are binding massive resources for the individual, staff-intensive validation tasks. Our approach combines traditional web-based service platform features with blockchain-based security enhancements. The concepts are used on two layers, for the user identification procedures as well as the entire process history on the web service platform.

To improve the security and reliability of remote terminals under trusted cloud platform, an identity authentication model based on DAA optimization is proposed. By introducing a trusted third-party CA, the scheme issues a cross domain DAA certificate to the trusted platform that needs cross domain authentication. Then, privacy CA isolation measures are taken to improve the security of the platform, so that the authentication scheme can be used for identity authentication when ordinary users log in to the host equipped with TPM chip. Finally, the trusted computing platform environment is established, and the performance load distribution and total performance load of each entity in the DAA protocol in the unit of machine cycle can be acquired through experimental analysis. The results show that the scheme can take into account the requirements of anonymity, time cost and cross domain authentication in the trusted cloud computing platform, and it is a useful supplement and extension to the existing theories of web service security.

The objective of this paper is to introduce a scheme of comprehensive-factor authentication in edge computing, focusing on a case study of time attendance in smart environments. This authentication scheme deploys all possible factors to maximize security while maintaining usability at a specific smart context. The factors used include three classic elements: something you know, something you have, and something you are, plus an additional location factor. The usability issue involves the ability to reduce time used and to minimize the human actions required throughout the authentication process. The results show that all factors should be authenticated at once in background, and a user can successfully complete the authentication process by performing one or two actions simultaneously. Since user role in a smart environment can be more complicated than roles in other smart offices, role classification at an early stage is highly recommended. The case study reveals that the same setting can require varying levels of security and usability for each user.

Cyber-physical Systems can be defined as a complex networked control system, which normally develop by combining several physical components with the cyber space. Cyber Physical System are already a part of our daily life. As its already being a part of everyone life, CPS also have great potential security threats and can be vulnerable to various cyber-attacks without showing any sign directly to component failure. To protect user security and privacy is a fundamental concern of any kind of system; either it’s a simple web application or supplicated professional system. Digital Multifactor authentication is one of the best ways to make secure authentication. It covers many different areas of a Cyberconnected world, including online payments, communications, access right management, etc. Most of the time, Multifactor authentication is little complex as it requires extra step from users. This paper will discuss the evolution from single authentication to Multi-Factor Authentication (MFA) starting from Single-Factor Authentication (SFA) and through Two-Factor Authentication (2FA). This paper seeks to analyze and evaluate the most prominent authentication techniques based on accuracy, cost, and feasibility of implementation. We also suggest several authentication schemes which incorporate with Multifactor authentication for CPS.

Two-factor authentication (2FA) is commonly used in Internet of Things (IoT) authentication to provide multi-layer protection. Tokens, often known as One-Time Passwords (OTP), are used to offer additional information. While this technique provides flexible verification and an additional layer of security, it still has a number of security issues. This is because it relies on third-party services to produce tokens or OTPs, which leads to serious information leakage issues. Additionally, relying on a third party to provide authentication tokens significantly increases the risk of exposure and attacks, as tokens can be stolen via Man-In-The-Middle (MITM) attacks. In trying to rectify this issue, in this paper, we propose and develop a blockchain-based two-factor authentication method for web-based access to sensor data. The proposed method provides a lightweight and usercentric authentication that makes use of Ethereum blockchain and smart contracts technologies. Then we provided performance and security analysis of our system. Based on the evaluation results, our method has proven to be effective and has the ability to facilitate reliable authentication.

Two-factor authentication (2FA) offers very important security enhancement to traditional username-password authentication, while in many cases incurring undesirable user burdens (e.g., entering a one-time verification code sent to a phone via SMS). Some zero-effort authentication techniques (e.g., Sound-Proof) have been proposed to relieve such burdens without degrading security, but are vulnerable to prediction attacks and co-existence attacks. This paper proposes ABLE, a zeroeffort 2FA approach based on co-location detection leveraging environmental Bluetooth Low Energy (BLE) signal characteristics. In this approach, a laptop on which the user tries to authenticate to a web server, and the user’s smartphone placed nearby which is trusted by the server, both collect and send a record of environmental BLE signal characteristics to the server. The server decides whether the two devices are colocated by evaluating the similarity of the two records, and makes the authentication decision. ABLE is constructed based on the fact that only two devices in close proximity share similar environmental signal characteristics, which distinguishes a legitimate user device from potential adversaries. Due to its location-sensitive nature, combining favorable features brought with the BLE protocol, ABLE is gifted with good resistance to attacks that threaten existing zero-effort authentication schemes. ABLE is not only immune to remote attackers, but also achieves an accuracy over 90\% even against co-present attackers.

The development of IoT has penetrated various sectors. The development of IoT devices continues to increase and is predicted to reach 75 billion by 2025. However, the development of IoT devices is not followed by security developments. Therefore, IoT devices can become gateways for cyber attacks, including brute force and sniffing attacks. Authentication mechanisms can be used to ward off attacks. However, the implementation of authentication mechanisms on IoT devices is challenging. IoT devices are dominated by constraint devices that have limited computing. Thus, conventional authentication mechanisms are not suitable for use. Two-factor authentication using RFID and fingerprint can be a solution in providing an authentication mechanism. Previous studies have proposed a twofactor authentication mechanism using RFID and fingerprint. However, previous research did not pay attention to message exchange security issues and did not provide mutual authentication. This research proposes a secure mutual authentication protocol using two-factor RFID and fingerprint using MQTT protocol. Two processes support the authentication process: the registration process and authentication. The proposed protocol is tested based on biometric security by measuring the false acceptance rate (FAR) and false rejection rate (FRR) on the fingerprint, measuring brute force attacks, and measuring sniffing attacks. The test results obtained the most optimal FAR and FRR at the 80\% threshold. Then the equal error rate (ERR) on FAR and FRR is around 59.5\%. Then, testing brute force and sniffing attacks found that the proposed protocol is resistant to both attacks.

Increasing number of online services have brought great convenience to users, and remote user authentication schemes have been widely used to verify the legitimacy of the authorized users. However, most of the existing authentication schemes are based on password, in which users need to remember the complex passwords and change them frequently. In addition, the great majority of authentication schemes have security defects. Through the analysis of the scheme proposed by Haq et al., we find that it is difficult to resist the key compromise impersonation attack. Therefore, an improved two-factor multiserver authentication scheme without password is proposed. The perfect combination of the user s biological characteristics and the PUF s physical characteristics enhances the practicality and efficiency of the solution. Security analysis of the proposed scheme shows that it can resist various known security attacks.