-
A Blockchain-based Decentralised and Dynamic Authorisation Scheme for the Internet of Things
Authors:
Khizar Hameed,
Ali Raza,
Saurabh Garg,
Muhammad Bilal Amin
Abstract:
An authorisation has been recognised as an important security measure for preventing unauthorised access to critical resources, such as devices and data, within the Internet of Things (IoT) networks. Existing authorisation methods for the IoT network are based on traditional access control models, which have several drawbacks, including architecture centralisation, policy tampering, access rights…
▽ More
An authorisation has been recognised as an important security measure for preventing unauthorised access to critical resources, such as devices and data, within the Internet of Things (IoT) networks. Existing authorisation methods for the IoT network are based on traditional access control models, which have several drawbacks, including architecture centralisation, policy tampering, access rights validation, malicious third-party policy assignment and control, and network-related overheads. The increasing trend of integrating Blockchain technology with IoT networks demonstrates its importance and potential to address the shortcomings of traditional IoT network authorisation mechanisms. This paper proposes a decentralised, secure, dynamic, and flexible authorisation scheme for IoT networks based on attribute-based access control (ABAC) fine-grained policies stored on a distributed immutable ledger. We design a Blockchain-based ABAC policy management framework divided into Attribute Management Authority (AMA) and Policy Management Authority (PMA) frameworks that use smart contract features to initialise, store, and manage attributes and policies on the Blockchain. To achieve flexibility and dynamicity in the authorisation process, we capture and utilise the environmental-related attributes in conjunction with the subject and object attributes of the ABAC model to define the policies. Furthermore, we designed the Blockchain-based Access Management Framework (AMF) to manage user requests to access IoT devices while maintaining the privacy and auditability of user requests and assigned policies. We implemented a prototype of our proposed scheme and executed it on the local Ethereum Blockchain. Finally, we demonstrated the applicability and flexibility of our proposed scheme for an IoT-based smart home scenario, taking into account deployment, execution and financial costs.
△ Less
Submitted 15 August, 2022;
originally announced August 2022.
-
Towards a Formal Modelling, Analysis, and Verification of a Clone Node Attack Detection Scheme in the Internet of Things
Authors:
Khizar Hameed,
Saurabh Garg,
Muhammad Bilal Amin,
Byeong Kang
Abstract:
In a clone node attack, an attacker attempted to physically capture the devices to gather sensitive information to conduct various insider attacks. Several solutions for detecting clone node attacks on IoT networks have been presented in the viewpoints above. These solutions are focused on specific system designs, processes, and feature sets and act as a high-level abstraction of underlying system…
▽ More
In a clone node attack, an attacker attempted to physically capture the devices to gather sensitive information to conduct various insider attacks. Several solutions for detecting clone node attacks on IoT networks have been presented in the viewpoints above. These solutions are focused on specific system designs, processes, and feature sets and act as a high-level abstraction of underlying system architectures based on a few performance requirements. However, critical features like formal analysis, modelling, and verification are frequently overlooked in existing proposed solutions aimed at verifying the correctness and robustness of systems in order to ensure that no problematic scenarios or anomalies exist. This paper presents a formal analysis, modelling, and verification of our existing proposed clone node attack detection scheme in IoT. Firstly, we modelled the architectural components of the proposed scheme using High-Level Petri Nets (HLPNs) and then mapped them using their specified functionalities. Secondly, we defined and analysed the behavioural properties of the proposed scheme using Z specification language. Furthermore, we used the Satisfiability Modulo Theories Library (SMT-Lib) and the Z3 Solver to validate and demonstrate the overall functionality of the proposed scheme. Finally, in addition to modelling and analysis, this work employs Coloured Petri Nets (CPNs), which combine Petri Nets with a high-level programming language, making them more suitable for large-scale system modelling. To perform the simulations in CPN, we used both timed and untimed models, where timed models are used to evaluate performance, and untimed models are used to validate logical validity.
△ Less
Submitted 23 August, 2021;
originally announced August 2021.
-
A Context-Aware Information-Based Clone Node Attack Detection Scheme in Internet of Things
Authors:
Khizar Hameed,
Saurabh Garg,
Muhammad Bilal Amin,
Byeong Kang,
Abid Khan
Abstract:
The rapidly expanding nature of the Internet of Things (IoT) networks is beginning to attract interest across a range of applications, including smart homes, smart transportation, smart health, and industrial contexts. This cutting-edge technology enables individuals to track and control their integrated environment in real-time and remotely via a thousand IoT devices comprised of sensors and actu…
▽ More
The rapidly expanding nature of the Internet of Things (IoT) networks is beginning to attract interest across a range of applications, including smart homes, smart transportation, smart health, and industrial contexts. This cutting-edge technology enables individuals to track and control their integrated environment in real-time and remotely via a thousand IoT devices comprised of sensors and actuators that actively participate in sensing, processing, storing, and sharing information. Nonetheless, IoT devices are frequently deployed in hostile environments, wherein adversaries attempt to capture and breach them in order to seize control of the entire network. One such example of potentially malicious behaviour is the cloning of IoT devices, in which an attacker can physically capture the devices, obtain some sensitive information, duplicate the devices, and intelligently deploy them in desired locations to conduct various insider attacks. A device cloning attack on IoT networks is a significant security concern since it allows for selective forwarding, sink-hole, and black-hole attacks. To address this issue, this paper provides an efficient scheme for detecting clone node attacks on IoT networks that makes use of semantic information about IoT devices known as context information sensed from the deployed environment to locate them securely. We design a location proof mechanism by combining location proofs and batch verification of the extended elliptic curve digital signature technique to accelerate the verification process at selected trusted nodes. We demonstrate the security of our scheme and its resilience to secure clone node attack detection by conducting a comprehensive security analysis. The performance of our proposed scheme provides a high degree of detection accuracy with minimal detection time and significantly reduces the computation, communication and storage overhead.
△ Less
Submitted 30 June, 2021;
originally announced June 2021.
-
A Taxonomy Study on Securing Blockchain-based Industrial Applications: An Overview, Application Perspectives, Requirements, Attacks, Countermeasures, and Open Issues
Authors:
Khizar Hameed,
Mutaz Barika,
Saurabh Garg,
Muhammad Bilal Amin,
Byeong Kang
Abstract:
Blockchain technology has taken on a leading role in today's industrial applications by providing salient features and showing significant performance since its beginning. Blockchain began its journey from the concept of cryptocurrency and is now part of a range of core applications to achieve resilience and automation between various tasks. With the integration of Blockchain technology into diffe…
▽ More
Blockchain technology has taken on a leading role in today's industrial applications by providing salient features and showing significant performance since its beginning. Blockchain began its journey from the concept of cryptocurrency and is now part of a range of core applications to achieve resilience and automation between various tasks. With the integration of Blockchain technology into different industrial applications, many application designs, security and privacy challenges present themselves, posing serious threats to users and their data. Although several approaches have been proposed to address the specific security and privacy needs of targeted applications with functional parameters, there is still a need for a research study on the application, security and privacy challenges, and requirements of Blockchain-based industrial applications, along with possible security threats and countermeasures. This study presents a state-of-the-art survey of Blockchain-based Industry 4.0 applications, focusing on crucial application and security and privacy requirements, as well as corresponding attacks on Blockchain systems with potential countermeasures. We also analyse and provide the classification of different security and privacy techniques used in these applications to enhance the advancement of security features. Furthermore, we highlight some open issues in industrial applications that help to design secure Blockchain-based applications as future directions.
△ Less
Submitted 25 May, 2021;
originally announced May 2021.
-
Multiple Linear Regression-Based Energy-Aware Resource Allocation in the Fog Computing Environment
Authors:
Ranesh Kumar Naha,
Saurabh Garg,
Sudheer Kumar Battula,
Muhammad Bilal Amin,
Dimitrios Georgakopoulos
Abstract:
Fog computing is a promising computing paradigm for time-sensitive Internet of Things (IoT) applications. It helps to process data close to the users, in order to deliver faster processing outcomes than the Cloud; it also helps to reduce network traffic. The computation environment in the Fog computing is highly dynamic and most of the Fog devices are battery powered hence the chances of applicati…
▽ More
Fog computing is a promising computing paradigm for time-sensitive Internet of Things (IoT) applications. It helps to process data close to the users, in order to deliver faster processing outcomes than the Cloud; it also helps to reduce network traffic. The computation environment in the Fog computing is highly dynamic and most of the Fog devices are battery powered hence the chances of application failure is high which leads to delaying the application outcome. On the other hand, if we rerun the application in other devices after the failure it will not comply with time-sensitiveness. To solve this problem, we need to run applications in an energy-efficient manner which is a challenging task due to the dynamic nature of Fog computing environment. It is required to schedule application in such a way that the application should not fail due to the unavailability of energy. In this paper, we propose a multiple linear, regression-based resource allocation mechanism to run applications in an energy-aware manner in the Fog computing environment to minimise failures due to energy constraint. Prior works lack of energy-aware application execution considering dynamism of Fog environment. Hence, we propose A multiple linear regression-based approach which can achieve such objectives. We present a sustainable energy-aware framework and algorithm which execute applications in Fog environment in an energy-aware manner. The trade-off between energy-efficient allocation and application execution time has been investigated and shown to have a minimum negative impact on the system for energy-aware allocation. We compared our proposed method with existing approaches. Our proposed approach minimises the delay and processing by 20%, and 17% compared with the existing one. Furthermore, SLA violation decrease by 57% for the proposed energy-aware allocation.
△ Less
Submitted 10 March, 2021;
originally announced March 2021.
-
Fuzzy Logic-based Robust Failure Handling Mechanism for Fog Computing
Authors:
Ranesh Kumar Naha,
Saurabh Garg,
Muhammad Bilal Amin,
Rajiv Ranjan
Abstract:
Fog computing is an emerging computing paradigm which is mainly suitable for time-sensitive and real-time Internet of Things (IoT) applications. Academia and industries are focusing on the exploration of various aspects of Fog computing for market adoption. The key idea of the Fog computing paradigm is to use idle computation resources of various handheld, mobile, stationery and network devices ar…
▽ More
Fog computing is an emerging computing paradigm which is mainly suitable for time-sensitive and real-time Internet of Things (IoT) applications. Academia and industries are focusing on the exploration of various aspects of Fog computing for market adoption. The key idea of the Fog computing paradigm is to use idle computation resources of various handheld, mobile, stationery and network devices around us, to serve the application requests in the Fog-IoT environment. The devices in the Fog environment are autonomous and not exclusively dedicated to Fog application processing. Due to that, the probability of device failure in the Fog environment is high compared with other distributed computing paradigms. Solving failure issues in Fog is crucial because successful application execution can only be ensured if failure can be handled carefully. To handle failure, there are several techniques available in the literature, such as checkpointing and task migration, each of which works well in cloud based enterprise applications that mostly deals with static or transactional data. These failure handling methods are not applicable to highly dynamic Fog environment. In contrast, this work focuses on solving the problem of managing application failure in the Fog environment by proposing a composite solution (combining fuzzy logic-based task checkpointing and task migration techniques with task replication) for failure handling and generating a robust schedule. We evaluated the proposed methods using real failure traces in terms of application execution time, delay and cost. Average delay and total processing time improved by 56% and 48% respectively, on an average for the proposed solution, compared with the existing failure handling approaches.
△ Less
Submitted 10 March, 2021;
originally announced March 2021.
-
Predicting Prostate Cancer-Specific Mortality with A.I.-based Gleason Grading
Authors:
Ellery Wulczyn,
Kunal Nagpal,
Matthew Symonds,
Melissa Moran,
Markus Plass,
Robert Reihs,
Farah Nader,
Fraser Tan,
Yuannan Cai,
Trissia Brown,
Isabelle Flament-Auvigne,
Mahul B. Amin,
Martin C. Stumpe,
Heimo Muller,
Peter Regitnig,
Andreas Holzinger,
Greg S. Corrado,
Lily H. Peng,
Po-Hsuan Cameron Chen,
David F. Steiner,
Kurt Zatloukal,
Yun Liu,
Craig H. Mermel
Abstract:
Gleason grading of prostate cancer is an important prognostic factor but suffers from poor reproducibility, particularly among non-subspecialist pathologists. Although artificial intelligence (A.I.) tools have demonstrated Gleason grading on-par with expert pathologists, it remains an open question whether A.I. grading translates to better prognostication. In this study, we developed a system to p…
▽ More
Gleason grading of prostate cancer is an important prognostic factor but suffers from poor reproducibility, particularly among non-subspecialist pathologists. Although artificial intelligence (A.I.) tools have demonstrated Gleason grading on-par with expert pathologists, it remains an open question whether A.I. grading translates to better prognostication. In this study, we developed a system to predict prostate-cancer specific mortality via A.I.-based Gleason grading and subsequently evaluated its ability to risk-stratify patients on an independent retrospective cohort of 2,807 prostatectomy cases from a single European center with 5-25 years of follow-up (median: 13, interquartile range 9-17). The A.I.'s risk scores produced a C-index of 0.84 (95%CI 0.80-0.87) for prostate cancer-specific mortality. Upon discretizing these risk scores into risk groups analogous to pathologist Grade Groups (GG), the A.I. had a C-index of 0.82 (95%CI 0.78-0.85). On the subset of cases with a GG in the original pathology report (n=1,517), the A.I.'s C-indices were 0.87 and 0.85 for continuous and discrete grading, respectively, compared to 0.79 (95%CI 0.71-0.86) for GG obtained from the reports. These represent improvements of 0.08 (95%CI 0.01-0.15) and 0.07 (95%CI 0.00-0.14) respectively. Our results suggest that A.I.-based Gleason grading can lead to effective risk-stratification and warrants further evaluation for improving disease management.
△ Less
Submitted 24 November, 2020;
originally announced December 2020.
-
Similar Image Search for Histopathology: SMILY
Authors:
Narayan Hegde,
Jason D. Hipp,
Yun Liu,
Michael E. Buck,
Emily Reif,
Daniel Smilkov,
Michael Terry,
Carrie J. Cai,
Mahul B. Amin,
Craig H. Mermel,
Phil Q. Nelson,
Lily H. Peng,
Greg S. Corrado,
Martin C. Stumpe
Abstract:
The increasing availability of large institutional and public histopathology image datasets is enabling the searching of these datasets for diagnosis, research, and education. Though these datasets typically have associated metadata such as diagnosis or clinical notes, even carefully curated datasets rarely contain annotations of the location of regions of interest on each image. Because pathology…
▽ More
The increasing availability of large institutional and public histopathology image datasets is enabling the searching of these datasets for diagnosis, research, and education. Though these datasets typically have associated metadata such as diagnosis or clinical notes, even carefully curated datasets rarely contain annotations of the location of regions of interest on each image. Because pathology images are extremely large (up to 100,000 pixels in each dimension), further laborious visual search of each image may be needed to find the feature of interest. In this paper, we introduce a deep learning based reverse image search tool for histopathology images: Similar Medical Images Like Yours (SMILY). We assessed SMILY's ability to retrieve search results in two ways: using pathologist-provided annotations, and via prospective studies where pathologists evaluated the quality of SMILY search results. As a negative control in the second evaluation, pathologists were blinded to whether search results were retrieved by SMILY or randomly. In both types of assessments, SMILY was able to retrieve search results with similar histologic features, organ site, and prostate cancer Gleason grade compared with the original query. SMILY may be a useful general-purpose tool in the pathologist's arsenal, to improve the efficiency of searching large archives of histopathology images, without the need to develop and implement specific tools for each application.
△ Less
Submitted 5 February, 2019; v1 submitted 30 January, 2019;
originally announced January 2019.
-
Development and Validation of a Deep Learning Algorithm for Improving Gleason Scoring of Prostate Cancer
Authors:
Kunal Nagpal,
Davis Foote,
Yun Liu,
Po-Hsuan,
Chen,
Ellery Wulczyn,
Fraser Tan,
Niels Olson,
Jenny L. Smith,
Arash Mohtashamian,
James H. Wren,
Greg S. Corrado,
Robert MacDonald,
Lily H. Peng,
Mahul B. Amin,
Andrew J. Evans,
Ankur R. Sangoi,
Craig H. Mermel,
Jason D. Hipp,
Martin C. Stumpe
Abstract:
For prostate cancer patients, the Gleason score is one of the most important prognostic factors, potentially determining treatment independent of the stage. However, Gleason scoring is based on subjective microscopic examination of tumor morphology and suffers from poor reproducibility. Here we present a deep learning system (DLS) for Gleason scoring whole-slide images of prostatectomies. Our syst…
▽ More
For prostate cancer patients, the Gleason score is one of the most important prognostic factors, potentially determining treatment independent of the stage. However, Gleason scoring is based on subjective microscopic examination of tumor morphology and suffers from poor reproducibility. Here we present a deep learning system (DLS) for Gleason scoring whole-slide images of prostatectomies. Our system was developed using 112 million pathologist-annotated image patches from 1,226 slides, and evaluated on an independent validation dataset of 331 slides, where the reference standard was established by genitourinary specialist pathologists. On the validation dataset, the mean accuracy among 29 general pathologists was 0.61. The DLS achieved a significantly higher diagnostic accuracy of 0.70 (p=0.002) and trended towards better patient risk stratification in correlations to clinical follow-up data. Our approach could improve the accuracy of Gleason scoring and subsequent therapy decisions, particularly where specialist expertise is unavailable. The DLS also goes beyond the current Gleason system to more finely characterize and quantitate tumor morphology, providing opportunities for refinement of the Gleason system itself.
△ Less
Submitted 15 November, 2018;
originally announced November 2018.