No full-text available
To read the full-text of this research,
you can request a copy directly from the authors.
Lightweight security protection system architecture for digital grid mobile application platform
ResearchGate has not been able to resolve any citations for this publication.
One of the important characteristics envisioned for 6G is Security Function Virtualization (SFV). Similar to Network Function Virtualization (NFV) in 5G networks, SFV provides new opportunities for improving security while reducing the security overhead. In particular, it provides an attractive way of solving compatibility issues related to security. Malware in Internet of Things (IoT) systems is gaining popularity among cyber-criminals because of the expected number of IoT devices in 5G and 6G networks. To solve this issue, this paper proposes a security framework which exploits softwarization of security functions via SFV to improve trust in IoT systems and contain the propagation of malware. IoT devices are categorized into trusted, vulnerable, and compromised levels using remote attestation. To isolate the devices in the three distinct categories, NFV is used to create separate networks for each category and a distributed ledger is used to store the state of each device. Virtualized remote attestation routines are employed to avoid any compatibility issues among heterogeneous IoT devices and effectively contain malware propagation. The results show that the proposed framework can reduce the number of infected devices by 66% in only 10 seconds.
The invention of smartphones has opened a new market for mobile application development. Amateur android app developers often do not possess knowledge of the latest android vulnerabilities and thus create applications with attack surface that hackers exploit. In this literature review, many available frameworks and techniques have been analyzed using ISO/IEC 25010 software quality model and identified challenges that android developers face in designing a secure application for android. This paper also presents a comprehensive survey of different penetration tools, evaluated by using criteria such as code analysis, code review, vulnerability analysis, vulnerability exploit, payload and whether these can be used in vulnerability modeling during the design phase. Our study effectively identifies the issues and gaps which can further help develop a framework/tool for designing a penetration secure mobile application by embedding all the vulnerabilities during the design phase using an android vulnerability repository.
In today's age of instant gratification, dating apps provide the comfort of meeting new people at the swipe of a finger. However, recent high profile incidents have raised privacy-related concerns with the use of these apps. The level of harm inflicted on a victim can be either physical (e.g. murder, stalking, sexual assault) or non-physical (e.g. identity theft, harassment and cyberstalking). In this paper, we study ten popular Android dating apps. Using an adversary model, we demonstrate how one can trivially conduct a man-in-the-middle attack against these apps. We then explain how the Routine Activity Theory can be applied to design mitigation strategies for dating apps.
With the widely adopted GPS technology in mobile devices, users enjoy many types of location services. As a recently proposed application, determining the optimal private meeting location with an aid of a location server has been an interesting research topic. The challenge in this paper is due to the requirements of security and privacy, because user locations should not be revealed to the honest-but-curious or semi-trusted location server. Adding the security and privacy protection to a location service will inevitably introduce computational complexity and communication overhead. In order to introduce robust location service and make this location service practical, we propose an efficient optimal private meeting location determination protocol, which needs only one round communication and light computation. Our proposed protocol satisfies the requirement of location privacy against outsiders, the semi-trusted meeting location determination server, and the semi-trusted group users. In order to study the performance of our protocol in a real deployment, we simulate our scheme on smartphones. The simulation results and the performance comparison with another scheme demonstrate its advantages in communication and computation efficiency.
In this paper, we investigate and analyze the network security risks faced by 5G private industrial networks. Based on current network security architecture and 3GPP requirements and considering the actual application of 5G private industrial networks, a comparative analysis is used to plan and design a private network security construction scheme. The network security construction model, network organization, and key processes of 5G private industrial networks at the current stage are investigated. In addition, the key direction for the next stage of construction is discussed.
Fueled by widespread adoption of employee-owned devices in the workplace and the explosion of mobile applications, mobile device security is under heavy debate in both the academic and industry security communities. Businesses and government agencies are struggling to find some sense of control at a time when employee-owned devices now access some of the most sensitive data in an organization. Various approaches and solutions have been proposed, ranging from device-based intrusion detection systems, execution isolation through application sandboxing and bare metal hypervisors, ontology-based firewalls, behavior-based detection, to cloud-based protection through the use of VPN technology. The challenge of heterogeneous hardware and software platforms, such as iOS vs. Android OS, adds yet another layer of complexity to creating a comprehensive solution. The authors provide an overview of the current threats based on data collected from observing the interaction of 75 million users with the Internet. Extrapolating this data gives an insight into what threats wait on the horizon.
Companies are looking for new ways to secure their data and networks now that many employees are using their own mobile devices in the workplace.
Applications for mobile platforms are being developed at a tremendous rate, but often without proper security implementation. Insecure mobile applications can cause serious information security and data privacy issues and can have severe repercussions on users and organizations alike.
Mobile commerce is an emerging discipline that involves mobile
devices, applications, middleware, and wireless networks. Although most
e-commerce applications can be modified to run in a wireless
environment, m-commerce includes a wide range of new services ranging
from locational advertising to mobile offices that are only possible
with a wireless infrastructure. Among the many challenges m-commerce
presents to network designers, service providers, vendors, and
applications developers is providing support for multicast
communications. Unlike broadcasting, in which everyone is sent a
message, or replicated unicasting, in which messages are sent one by one
to individual clients, multicasting involves sending messages to only a
select group of mobile users. It thus avoids sending messages to too
many users or using too many resources to send messages. The article
presents five classes of m-commerce applications that require or can
benefit from multicast support in wireless networks. Even among those
requiring such support, specific requirements vary considerably.
Reliability is an important requirement for many m-commerce
applications, while real-time applications need low latency or a certain
quality of service. Security is also a major concern in some instances