Internet of Things (IoT) is an increasingly popular technology that enables physical devices, vehicles, home appliances, etc., to communicate and even inter operate with one another. It has been widely used in industrial production and social applications including smart home, healthcare, and industrial automation. While bringing unprecedented convenience, accessibility, and efficiency, IoT has caused acute security and privacy threats in recent years. There are increasing research works to ease these threats, but many problems remain open. To better understand the essential reasons of new IoT threats and the challenges in current research, this survey first proposes the concept of "IoT features." Then, we discuss the security and privacy effects of eight IoT features including the threats they cause, existing solutions to threats and research challenges yet to be solved. To help researchers follow the up-to-date works in this field, this paper finally illustrates the developing trend of IoT security research and reveals how IoT features affect existing security research by investigating most existing research works related to IoT security from 2013 to 2017.
Abstract. As a crucial constituent of fine particulate matter (PM2.5), secondary organic aerosols (SOA) influence public health, regional air quality, and global climate patterns. This paper highlights the use of Hydrophilic interaction liquid chromatography (HILIC) which effectively retains strongly polar analytes that might exhibit incomplete or no retention in reverse chromatography, resulting in superior separation efficiency. A HILIC column was used to analyze 7 standards, environmental standards (1648a and 1649b), and samples collected in urban environments in the Pearl River Delta region of Guangzhou. That serve as valuable reference points for evaluating the organic composition of the atmospheric environment. The results indicate a high degree of accuracy in the analytical method, sodium octyl-d17 sulfate serves as the internal standard, with a linear correlation coefficient of the 7 standards, boasting a linear correlation coefficient R ranging from 0.987–0.999 and a slope, k, of the linear equation from 0.9662–2.2927. The instrument detection limit (IDLs) is established at 0.0026–0.0300 μg mL-1, while the method detection limit (MDLs) falls within the range of 0.0077–0.2300 ng m-3, demonstrating the method's exceptional sensitivity. Since isoprene sulphates are highly polar due to containing a hydrophilic bond to the hydroxyl group and a hydrophobic bond to the sulphate, and as such showed strong retention using this method. This technique employs Sodium ethyl sulfate and Sodium octyl sulfate standards for semi-quantitative compound analysis isoprene-derived OSs, the error in sample analysis (EA) ranged from 12.25–95.26 % and the two standards maintaining a consistent recovery rate between 116 %–131 % and 86 %–127 %. These findings indicate a high level of precision when semi-quantifying compounds with similar structural characteristics, affirming the analysis method's minimal relative error and underscoring its repeatability, process stability, and the reliability of its results for isoprene OSs. To enhance the method's reliability assessment, the study analyzed polar organic components of standard particulate matter samples (1648a and 1649b), providing precise determinations of several isoprene OSs using this method. Methyltetrol sulfate (m/z 215) is the highest concentration in the ambient samples, up to 67.33 ng m-3 at daytime. These results serve as valuable reference points for assessing the organic composition of the atmospheric environment.
Top-k queries can retrieve the most relevant tuples from massive datasets and have wide implementations, such as PageRank, healthcare analytics, and decision making. The increasing demands of outsourcing large datasets to public clouds with privacy concern expect new techniques to securely perform top-k queries on encrypted data on the cloud servers. Order-preserving encryption (OPE) can be used for answering top-k queries correctly and naturally. However, it is over qualified since it unnecessarily leaks too much information (i.e., orders of non-top-k values). In this paper, we propose a mutable top OPE (TOPE) to first enable top-1 (min or max) queries on encrypted data with minimized information leakage. Then, we extend this TOPE to support top-k queries in general. With TOPE, the ciphertexts of top-k values are still the top-k in the ciphertext domain, while the ciphertexts of non-top-k values are in meaningless order. In addition, we rigorously define and prove the security of TOPE with indistinguishability under top-ordered chosen-plaintext attacks. We implement our scheme on synthetic and real datasets to show its effectiveness and efficiency. The search performance of top-k queries on massive TOPE ciphertexts with our scheme is almost as fast as on the plaintexts.
Traffic-related messages exchange (TME) is considered as a powerful approach to improve traffic safety and efficiency in vehicular networks. However, TME assumes all vehicles always are honest, and thus offering opportunities for attackers to fake traffic-related messages. To combat such threat, recent efforts have been made to trust mechanism. In this article, a vulnerability for trust mechanism is found, that is, the ratings from initiator vehicles (IVs) are generally unchecked. Such ratings corresponding to the truth of traffic-related events can be exploited by attackers to disturb trust mechanism. Specially, attackers would form a clique to help with each other in an inside-and-outside collusive (IOC) manner. One of the IOC attackers can disguise as an IV who sends the rating in accordance with the traffic-related messages of his conspirators, result in promoting their trust value quickly. With high trust value, attackers can escape the detection of trust mechanism. We conduct an in-depth investigation on IOC attack and propose a defense scheme called TFAA from the design ideas of trust fluctuation association analysis. In addition, the trust data management of central and distributed trust mechanism may be unsuitable for vehicular networks. To support the trust data management for the TFAA scheme, we also design a semi-distributed trust data storage scheme called TruChain with the combination of consortium blockchain and vehicular regions partition. The simulation results show that the TFAA scheme can enhance the accuracy of trust value evaluation, and thus successfully reducing the power of IOC attack against TME.
Generalized signcryption is a new cryptographic primitive which is more useful than the common signcryption in some applications. In this paper, based on a short ECDSA, a sescure and efficient generalized signcryption scheme is proposed. It can work as the same with the original generalized signcryption scheme ECGSC and provides message confidentiality, unforgeability, non-repudiation. The notable property of our scheme is its additional secure properties and its high efficiency. It can provide forward secrecy and public verification which is important in many cases. Its computation cost and communication cost are all less than that of ECGSC due to the use of a short ECDSA and the short transmitted message in our scheme.
In software engineering, software defect prediction can help to discover the defect modules and improve the quality of software products. However, class imbalance makes the recognition of minority defective class difficult. Resampling on the datasets is a widely used approach to solve this problem and its objective is to balance the numbers of different classes without too much changes on their original distributions. A novel resampling approach called kernel density estimation-based variation sampling (DVS) is proposed to achieve this goal by generating new minority defective samples. The "variation" means that: For each new sample, more than half eigenvalues are directly inherited from the existing defective samples, but others will be varied. The varied eigenvalues can be obtained by sampling from their corresponding probability distribution models based on the kernel density estimation. Finally, the new defective samples different from those in training datasets but consistent with their overall distribution can be generated, which can help the prediction models to recognize various defective modules better. The DVS was compared with K-Means SMOTE, MAHAKIL, RUS and the No sampling approach using total 23 releases of defect datasets from the PROMISE, NASA and Eclipse repositories, and CART was adopted as the classifier. The experiment results indicate that the DVS can obviously improve the Recall and G-means of SDP model without too much loss on Precision.
Binder, which helps to package the functional codes of system processes into inter-process invocable interfaces for application-level processes, is the core mechanism to implement the Inter-Process Communication(IPC) in Android. This paper, for the first time, attempts to study the system-level security properties of this mechanism. The universal injection interface and the model of IPC data are proposed to implement a fuzzing test. A test case generation technique based on mutation algorithm of pre-captured IPC data is introduced in order to improve the fuzzing test efficiency. Two high-risk vulnerabilities are detected in Android 5.1.0. Analysis of these vulnerabilities highlights a critical design issue in the system services of Binder mechanism.
By using the algebraic dynamical approach, an atom-field bipartite system in mixed state is employed to investigate the partial entropy change and the entanglement in a cavity filled with Kerr medium. The effects of different nonlinear intensities are studied. One can find that the Kerr nonlinearity can reduce the fluctuation amplitudes of the partial entropy changes and the entanglement of the two subsystems, and also influence their periodic evolution. Meanwhile, increasing the Kerr nonlinear strength can convert the anti-correlated behaviour of the partial entropy change to the positively correlated behaviour. Furthermore, the entanglement greatly depends on the temperature. When the temperature or the nonlinear intensity increases to a certain value, the entanglement can be suppressed greatly.
'/%3e%3cuse xlink:href='%23a' transform='rotate(23.036 .093 25.536)'/%3e%3cuse xlink:href='%23a' transform='rotate(45.87 1.273 16.18)'/%3e%3cuse xlink:href='%23a' transform='rotate(69.945 .996 12.078)'/%3e%3cuse xlink:href='%23a' transform='rotate(20.66 -19.689 31.932)'/%3e%3c/svg%3e)