Search Results (17)

The rise of connected and automated vehicles has transformed in-vehicle infotainment (IVI) systems into critical gateways linking user interfaces, vehicular networks, and cloud-based fleet services. A concerning architectural reality is that hardcoded credentials like access point names (APNs) in IVI firmware create a cross-layer attack surface where local exposure can escalate into entire vehicle fleets being remotely compromised. To address this risk, we propose a cross-layer security framework that integrates firmware extraction, symbolic execution, and targeted fuzzing to reconstruct authentic IVI-to-backend interactions and uncover high-impact web vulnerabilities such as server-side request forgery (SSRF) and broken access control. Applied across seven diverse automotive systems, including major original equipment manufacturers (OEMs) (Mercedes-Benz, Tesla, SAIC, FAW-VW, Denza), Tier-1 supplier Bosch, and advanced driver assistance systems (ADAS) vendor Minieye, our approach exposes systemic anti-patterns and demonstrates a fully realized exploit that enables remote control of approximately six million Mercedes-Benz vehicles. All 23 discovered vulnerabilities, including seven CVEs, were patched within one month. In closed automotive ecosystems, we argue that the true measure of efficacy lies not in maximizing code coverage but in discovering actionable, fleet-wide attack paths, which is precisely what our approach delivers. Full article

Continuous and personalized monitoring are beneficial for patients suffering from neurodegenerative diseases such as Alzheimer’s disease, Parkinson’s disease and multiple sclerosis. However, such levels of monitoring are seldom ensured by traditional models of care. This paper presents NeuroPredict, a secure edge–cloud Internet of Medical Things (IoMT) platform that addresses this problem by integrating commercial wearables and in-house sensors with cognitive and behavioral evaluations. The NeuroPredict platform links high-frequency physiological signals with periodic cognitive tests through the use of a modular architecture with lightweight device connectivity, a semantic integration layer for timestamp alignment and feature harmonization across heterogeneous streams, and multi-timescale data fusion. Its use of encrypted transport and storage, role-based access control, token-based authentication, identifier separation, and GDPR-aligned governance addresses security and privacy concerns. Moreover, the platform’s user interface was built by considering human-centered design principles and includes role-specific dashboards, alerts, and patient-facing summaries that are meant to encourage engagement and decision-making for patients and healthcare providers. Experimental evaluation demonstrated the NeuroPredict platform’s data acquisition reliability, coherence in multimodal synchronization, and correctness in role-based personalization and reporting. The NeuroPredict platform provides a smart system infrastructure for eHealth and remote monitoring in neurodegenerative care, aligned with priorities on wearables/IoMT integration, data security and privacy, interoperability, and human-centered design. Full article

Studying the risk propagation mechanisms in agricultural systems is crucial for maintaining agricultural stability and promoting sustainable development. This research analyzes the risk effects and risk propagation mechanisms in agricultural systems using the DCC-t-Copula-CoVaR model, multi-layer network structures, and the mixed-frequency regression MIDAS model. The study finds that there is significant heterogeneity in risk spillover and absorption in agricultural systems; the risk propagation in agricultural systems is stable, and the stronger the connectivity of industry nodes, the greater the risk. Taking the seed industry as an example, its structural indicator values consistently range between 1.0 and 1.1, with fluctuations closely linked to industry development and policy adjustments. Major risks are caused by risk resonance across multiple industries, not triggered by a single industry alone; the interconnections between industries within the agricultural system can disperse risks, forming a collective risk-sharing mechanism. Understanding these dynamics is essential for developing resilient agricultural practices that support long-term sustainability, ensuring food security, and mitigating environmental impacts. By addressing risk propagation and fostering interconnected risk-sharing mechanisms, agricultural systems can better adapt to challenges such as climate change, resource scarcity, and market volatility, ultimately contributing to a more sustainable and stable global food system. Full article

The Low Earth Orbit (LEO) small satellites are extensively used for global connectivity to enable services in underpopulated, remote or underdeveloped areas. Their inherent broadcast nature exposes LEO–terrestrial communication links to severe security threats, which always reveal new challenges. The secrecy performance of the satellite-to-ground user link in the presence of a ground eavesdropper is studied in this paper. We observe both scenarios of the eavesdropper’s channel state information (CSI) being known or unknown to the satellite. Throughout the analysis, we consider that locations of the intended and unauthorized user are both arbitrary in the satellite’s footprint. On the other hand, we analyze the case when the user is in the center of the satellite’s central beam. In order to achieve realistic physical layer security features of the system, the satellite channels are assumed to undergo Gamma-shadowed Ricean fading, where both line-of-site and scattering components are influenced by shadowing effect. In addition, some practical effects, such as satellite multi-beam pattern and free space loss, are considered in the analysis. Capitalizing on the aforementioned scenarios, we derive the novel analytical expressions for the average secrecy capacity, secrecy outage probability, probability of non-zero secrecy capacity, and probability of intercept events in the form of Meijer’s G functions. In addition, novel asymptotic expressions are derived from previously mentioned metrics. Numerical results are presented to illustrate the effects of beam radius, satellite altitude, receivers’ position, as well as the interplay of the fading or/and shadowing impacts over main and wiretap channels on the system security. Analytical results are confirmed by Monte Carlo simulations. Full article

Unmanned aerial vehicle (UAV) communication using non-orthogonal multiple access-based coordinated direct and relay transmission (NOMA-CDRT) supports both massive connectivity and wide-area coverage, becoming a key technology for future emergency rescue communications. However, relay forwarding and high-quality line-of-sight links may subject UAV-aided NOMA-CDRT to multiple eavesdropping attempts by saboteurs. Therefore, we propose a multi-node joint jamming scheme using artificial noise (AN) for the UAV-assisted NOMA-CDRT to improve the system’s physical layer security. In the proposed scheme, the base station directly serves a nearby user while using a UAV relay to serve a disaster-affected user, and both the users and the UAV relay utilize AN to jointly interfere with eavesdroppers around the users. To accurately characterize and maximize the ergodic secrecy sum rate (ESSR) of the proposed scheme, we derive the corresponding closed-form expressions and design a joint power allocation and interference control (JPAIC) algorithm using particle swarm optimization. Simulations verify the correctness of the theoretical analysis, the ESSR advantage of the proposed scheme compared with the conventional NOMA-CDRT, and the effectiveness of the proposed JPAIC. Full article

Environmental monitoring systems have gained prominence across diverse applications, necessitating the integration of cutting-edge technologies. This article comprehensively explores such a system, emphasizing the integration of a Raspberry Pi cluster with the BME680 environmental sensor within a Kubernetes framework. This study encompasses the technical aspects of hardware configuration and places a significant focus on security benchmarks and robustness validation. The environmental monitoring infrastructure discussed in this article delves into the intricacies of the Raspberry Pi cluster’s hardware setup, including considerations for scalability and redundancy. This research addresses critical security gaps in contemporary environmental monitoring systems, particularly vulnerabilities linked to IoT deployments. Amidst increasing threats, this study introduces a robust framework that integrates advanced security tools—HashiCorp (San Francisco, CA, USA) Vault v1.16 for dynamic secret management and OpenID Connect for authentication processes—to enhance applications and system integrity and resilience within the Kubernetes environment. The approach involves a multi-layered security architecture that fortifies the storage and management of credentials and ensures authenticated and authorized interactions within IoT networks. Furthermore, our research incorporates a series of security benchmark tests, including vulnerability scanning, penetration testing, and access control assessments. Additionally, this article addresses crucial aspects related to data management and analysis, detailing the methodologies employed for storing, processing, and deriving insights from the collected environmental data. It further explores the integration of the monitoring system with existing infrastructure and systems, facilitating seamless data sharing and interoperability and offering valuable insights into the system’s ability to withstand potential threats and vulnerabilities. The integration of Raspberry Pi clusters with BME680 environmental sensors within a Kubernetes-managed framework significantly enhances the scalability and security of IoT systems. This study quantifies the improvements, demonstrating at least a 30% enhancement in system responsiveness and a minimum 40% reduction in vulnerability exposures, as verified by extensive security benchmarks, including penetration testing. These advancements facilitate robust, scalable IoT deployments, with potential applications extending beyond environmental monitoring to include industrial and urban settings. The incorporation of dynamic secret management with HashiCorp Vault and secure authentication with OpenID Connect provides a blueprint for developing resilient IoT architectures capable of supporting high-security and high-availability applications. In conclusion, this article contributes to the expanding body of knowledge in IoT and environmental monitoring and establishes a strong foundation for future work. These outcomes suggest promising directions for further research in secure IoT applications and present practical implications for the deployment of secure and scalable IoT solutions in critical infrastructures. Full article

Network security situational awareness (NSSA) aims to capture, understand, and display security elements in large-scale network environments in order to predict security trends in the relevant network environment. With the internet’s increasingly large scale, increasingly complex structure, and gradual diversification of components, the traditional single-layer network topology model can no longer meet the needs of network security analysis. Therefore, we conduct research based on a multi-layer network model for network security situational awareness, which is characterized by the three-layer network structure of a physical device network, a business application network, and a user role network. Its network characteristics require new assessment methods, so we propose a multi-layer network link importance assessment metric: the multi-layer-dependent link entropy (MDLE). On the one hand, the MDLE comprehensively evaluates the connectivity importance of links by fitting the link-local betweenness centrality and mapping entropy. On the other hand, it relies on the link-dependent mechanism to better aggregate the link importance contributions in each network layer. The experimental results show that the MDLE has better ordering monotonicity during critical link discovery and a higher destruction efficacy in destruction simulations compared to classical link importance metrics, thus better adapting to the critical link discovery requirements of a multi-layer network topology. Full article

Security identification solutions against WLAN network attacks according to straightforward digital detectors, such as SSID, IP addresses, and MAC addresses, are not efficient in identifying such hacking or router impersonation. These detectors can be simply mocked. Therefore, a further protected key uses new information by combining these simple digital identifiers with an RF signature of the radio link. In this work, a design of a convolutional neural network (CNN) based on fingerprinting radio frequency (RF) is developed with computer-generated data. The developed CNN is trained with beacon frames of a wireless local area network (WLAN) that is simulated as a result of identified and unidentified router nodes of fingerprinting RF. The proposed CNN is able to detect router impersonators by comparing the data pair of the MAC address and RF signature of the received signal from the known and unknown routers. ADAM optimizer, which is the extended version of stochastic gradient descent, has been used with a developed deep learning convolutional neural network containing three fully connected and two convolutional layers. According to the training progress graphic, the network converges to around 100% accuracy within the first epoch, which indicates that the developed architecture was efficient in detecting router impersonations. Full article

The Internet of Battlefield Things (IoBT) refers to interconnected battlefield equipment/sources for synchronized automated decision making. Due to difficulties unique to the battlefield, such as a lack of infrastructure, the heterogeneity of equipment, and attacks, IoBT networks differ significantly from regular IoT networks. In war scenarios, real-time location information gathering is critical for combat effectiveness and is dependent on network connectivity and information sharing in the presence of an enemy. To maintain connectivity and guarantee the safety of soldiers/equipment, location information must be exchanged. The location, identification, and trajectory of soldiers/devices are all contained in these messages. A malicious attacker may utilize this information to build a complete trajectory of a target node and track it. This paper proposes a location privacy-preserving scheme in IoBT networks using deception-based techniques. Dummy identifier (DID), sensitive areas location privacy enhancement, and silence period concepts are used to minimize the attacker’s ability to track a target node. In addition, to consider the security of the location information, another security layer is proposed, which generates a pseudonym location for the source node to use instead of its real location when sending messages in the network. We develop a Matlab simulation to evaluate our scheme in terms of average anonymity and probability of linkability of the source node. The results show that the proposed method improves the anonymity of the source node. It reduces the attacker’s ability to link the old DID of the source node with its new DID. Finally, the results show further privacy enhancement by applying the sensitive area concept, which is important for IoBT networks. Full article

The urban–rural relationship has been a critical issue in studies on urban and rural geography. Urban–rural integration development (URI), as an integral part of the urban–rural relationship, needs to be understood under an integrated theoretical framework. Based on the conceptual analysis from productivism to post-productivism, this study constructs a multidimensional framework to understand urban–rural integration, restructuring from five layers that integrate population, space, economic, social, and environmental concerns, and the revised dynamic coordination coupling degree (CCD) model is used to measure the level of URI. Many studies have focused on the connection between URI and factor allocation. However, it is yet to be determined how both fiscal decentralization and factor allocation are linked with URI. This study focuses on this unexplored topic, and the impact mechanism among URI, factor allocation, and Chinese-style fiscal decentralization is investigated by adopting spatial econometric models, for achieving the high-quality development of China’s urban–rural relations. Empirical analysis of China’s three major urban agglomerations reveals that there are promising signs in China’s urban–rural integration development, with an orderly and coordinated structure shaping over the period 2003–2017. The rationality of factor allocation depends heavily on the power comparison between the helping hand and the grabbing hand of local governments under Chinese-style fiscal decentralization. Moderate fiscal decentralization, with a perfect market and social security system, leads to the free flow of factors and promotes urban–rural integration. By contrast, excessive fiscal decentralization causes resource misallocation and hinders urban–rural integration development. In light of our empirical evidence, the coordinated development of small- and medium-sized cities and subcities in urban agglomerations is suggested, it is highly necessary to establish a perfect social and employment security system. In addition, a reasonable space planning system for land use needs to be constructed by China’s governments at all levels. Chinese local governments should pay more attention to rural development in their jurisdiction by stimulating their information advantages under Chinese-style fiscal decentralization. Full article

Telecommunication networks are growing exponentially due to their significant role in civilization and industry. As a result of this very significant role, diverse applications have been appeared, which require secured links for data transmission. However, Internet-of-Things (IoT) devices are a substantial field that utilizes the wireless communication infrastructure. However, the IoT, besides the diversity of communications, are more vulnerable to attacks due to the physical distribution in real world. Attackers may prevent the services from running or even forward all of the critical data across the network. That is, an Intrusion Detection System (IDS) has to be integrated into the communication networks. In the literature, there are numerous methodologies to implement the IDSs. In this paper, two distinct models are proposed. In the first model, a custom Convolutional Neural Network (CNN) was constructed and combined with Long Short Term Memory (LSTM) deep network layers. The second model was built about the all fully connected layers (dense layers) to construct an Artificial Neural Network (ANN). Thus, the second model, which is a custom of an ANN layers with various dimensions, is proposed. Results were outstanding a compared to the Logistic Regression algorithm (LR), where an accuracy of 97.01% was obtained in the second model and 96.08% in the first model, compared to the LR algorithm, which showed an accuracy of 92.8%. Full article

Although visible light communication (VLC) channels are more secure than radio frequency channels, the broadcast nature of VLC links renders them open to eavesdropping. As a result, VLC networks must provide security in order to safeguard the user’s data from eavesdroppers. In the literature, keyless security techniques have been developed to offer security for VLC. Even though these techniques provide strong security against eavesdroppers, they are difficult to deploy. Key generation algorithms are critical for securing wireless connections. Nonetheless, in many situations, the typical key generation methods may be quite complicated and costly. They consume scarce resources, such as bandwidth. In this paper, we propose a novel key extraction procedure that uses error-correcting coding and one time pad (OTP) to improve the security of VLC networks and the validity of data. This system will not have any interference problems with other devices. We also explain error correction while sending a message across a network, and suggest a change to the Berlekamp–Massey (BM) algorithm for error identification and assessment. Because each OOK signal frame is encrypted by a different key, the proposed protocol provides high physical layer security; it allows for key extraction based on the messages sent, so an intruder can never break the encryption system, even if the latter knows the protocol with which we encrypted the message; our protocol also enables for error transmission rate correction and bit mismatch rates with on-the-fly key fetch. The results presented in this paper were performed using MATLAB. Full article

Network Functions Virtualization (NFV) is a key technology for network automation and has been instrumental to materialize the disruptive view of 5G and beyond mobile networks. In particular, 5G embraces NFV to support the automated and agile provision of telecommunication and vertical services as a composition of versatile virtualized components, referred to as Virtual Network Functions (VNFs). It provides a high degree of flexibility in placing these components on distributed NFV infrastructures (e.g., at the network edge, close to end users). Still, this flexibility creates new challenges in terms of VNF connectivity. To address these challenges, we introduce a novel secure link-layer connectivity platform, L2S. Our solution can automatically be deployed and configured as a regular multi-site NFV service, providing the abstraction of a layer-2 switch that offers link-layer connectivity to VNFs deployed on remote NFV sites. Inter-site communications are effectively protected using existing security solutions and protocols, such as IP security (IPsec). We have developed a functional prototype of L2S using open-source software technologies. Our evaluation results indicate that this prototype can perform IP tunneling and cryptographic operations at Gb/s data rates. Finally, we have validated L2S using a multi-site NFV ecosystem at the Telefonica Open Network Innovation Centre (5TONIC), using our solution to support a multicast-based IP television service. Full article

As IoT (Internet of Things) devices are diversified in the fields of use (manufacturing, health, medical, energy, home, automobile, transportation, etc.), it is becoming important to analyze and process data sent and received from IoT devices connected to the Internet. Data collected from IoT devices is highly dependent on secure storage in databases located in cloud environments. However, storing directly in a database located in a cloud environment makes it not only difficult to directly control IoT data, but also does not guarantee the integrity of IoT data due to a number of hazards (error and error handling, security attacks, etc.) that can arise from natural disasters and management neglect. In this paper, we propose an optimized hash processing technique that enables hierarchical distributed processing with an n-bit-size blockchain to minimize the loss of data generated from IoT devices deployed in distributed cloud environments. The proposed technique minimizes IoT data integrity errors as well as strengthening the role of intermediate media acting as gateways by interactively authenticating blockchains of n bits into n + 1 and n − 1 layers to normally validate IoT data sent and received from IoT data integrity errors. In particular, the proposed technique ensures the reliability of IoT information by validating hash values of IoT data in the process of storing index information of IoT data distributed in different locations in a blockchain in order to maintain the integrity of the data. Furthermore, the proposed technique ensures the linkage of IoT data by allowing minimal errors in the collected IoT data while simultaneously grouping their linkage information, thus optimizing the load balance after hash processing. In performance evaluation, the proposed technique reduced IoT data processing time by an average of 2.54 times. Blockchain generation time improved on average by 17.3% when linking IoT data. The asymmetric storage efficiency of IoT data according to hash code length is improved by 6.9% on average over existing techniques. Asymmetric storage speed according to the hash code length of the IoT data block was shown to be 10.3% faster on average than existing techniques. Integrity accuracy of IoT data is improved by 18.3% on average over existing techniques. Full article

The Narrowband Internet of Things (NB-IoT) is a very promising licensed Internet of things (IoT) technology for accommodating massive device connections in 5G and beyond. To enable network scalability, this study proposes a two-layers novel mixed approach that aims not only to create an efficient spectrum sharing among the many NB-IoT devices but also provides an energy-efficient network. On one layer, the approach uses an Adaptive Frequency Hopping Spread Spectrum (AFHSS) technique that uses a lightweight and secure pseudo-random sequence to exploit the channel diversity, to mitigate inter-link and cross-technology interference. On the second layer, the approach consists of a clustering and network coding (data aggregation) approach based on an energy-signal strength mixed gradient. The second layer contributes to offload the BS, allows for energy-efficient network scalability, helps balance the energy consumption of the network, and enhances the overall network lifetime. The proposed mixed strategy algorithm is modelled and simulated using the Matrix Laboratory (MATLAB) Long Term Evolution (LTE) toolbox. The obtained results reveal that the proposed mixed approach enhances network scalability while improving energy efficiency, transmission reliability, and network lifetime when compared to the existing spread spectrum only, nodes clustering only, and mixed approach with no network coding approaches. Full article