Malware Detection Using Decision Tree Based SVM Classifier for IoT

The development in Information and Communication Technology has led to the evolution of new computing and communication environment. Technological revolution with Internet of Things (IoTs) has developed various applications in almost all domains from health care, education to entertainment with sensors and smart devices. One of the subsets of IoT is Internet of Medical things (IoMT) which connects medical devices, hardware and software applications through internet. IoMT enables secure wireless communication over the Internet to allow efficient analysis of medical data. With these smart advancements and exploitation of smart IoT devices in health care technology there increases threat and malware attacks during transmission of highly confidential medical data. This work proposes a scheme by integrating machine learning approach and block chain technology to detect malware during data transmission in IoMT. The proposed Machine Learning based Block Chain Technology malware detection scheme (MLBCT-Mdetect) is implemented in three steps namely: feature extraction, Classification and blockchain. Feature extraction is performed by calculating the weight of each feature and reduces the features with less weight. Support Vector Machine classifier is employed in the second step to classify the malware and benign nodes. Furthermore, third step uses blockchain to store details of the selected features which eventually improves the detection of malware with significant improvement in speed and accuracy. ML-BCT-Mdetect achieves higher accuracy with low false positive rate and higher True positive rate.     

Optimal Confidential Mechanisms in Smart City Healthcare

Smart City Healthcare (SHC²) system is applied in monitoring the patient at home while it is also expected to react to their needs in a timely manner. The system also concedes the freedom of a patient. IoT is a part of this system and it helps in providing care to the patients. IoT-based healthcare devices are trustworthy since it almost certainly recognizes the potential intensifications at very early stage and alerts the patients and medical experts to such an extent that they are provided with immediate care. Existing methodologies exhibit few shortcomings in terms of computational complexity, cost and data security. Hence, the current research article examines SHC² security through Light Weight Cipher (LWC) with Optimal S-Box model in PRESENT cipher. This procedure aims at changing the sub bytes in which a single function is connected with several bytes’ information to upgrade the security level through Swam optimization. The key contribution of this research article is the development of a secure healthcare model for smart city using SHC² security via LWC and Optimal S-Box models. The study used a nonlinear layer and single 4-bit S box for round configuration after verifying SHC² information, constrained by Mutual Authentication (MA). The security challenges, in healthcare information systems, emphasize the need for a methodology that immovably concretes the establishments. The methodology should act practically, be an effective healthcare framework that depends on solidarity and adapts to the developing threats. Healthcare service providers integrated the IoT applications and medical services to offer individuals, a seamless technology-supported healthcare service. The proposed SHC² was implemented to demonstrate its security levels in terms of time and access policies. The model was tested under different parameters such as encryption time, decryption time, access time and response time in minimum range. Then, the level of the model and throughput were analyzed by maximum value i.e., 50 Mbps/sec and 95.56% for PRESENT-Authorization cipher to achieve smart city security. The proposed model achieved better results than the existing methodologies.     

Blockchain-Based SQKD and IDS in Edge Enabled Smart Grid Network

Smart Grid is a power grid that improves flexibility, reliability, and efficiency through smart meters. Due to extensive data exchange over the Internet, the smart grid faces many security challenges that have led to data loss, data compromise, and high power consumption. Moreover, the lack of hardware protection and physical attacks reduce the overall performance of the smart grid network. We proposed the BLIDSE model (Blockchain-based secure quantum key distribution and Intrusion Detection System in Edge Enables Smart Grid Network) to address these issues. The proposed model includes five phases: The first phase is blockchain-based secure user authentication, where all smart meters are first registered in the blockchain, and then the blockchain generates a secret key. The blockchain verifies the user ID and the secret key during authentication matches the one authorized to access the network. The secret key is shared during transmission through secure quantum key distribution (SQKD). The second phase is the lightweight data encryption, for which we use a lightweight symmetric encryption algorithm, named Camellia. The third phase is the multi-constraint-based edge selection; the data are transmitted to the control center through the edge server, which is also authenticated by blockchain to enhance the security during the data transmission. We proposed a perfect matching algorithm for selecting the optimal edge. The fourth phase is a dual intrusion detection system which acts as a firewall used to drop irrelevant packets, and data packets are classified into normal, physical errors and attacks, which is done by Double Deep Q Network (DDQN). The last phase is optimal user privacy management. In this phase, smart meter updates and revocations are done, for which we proposed Forensic based Investigation Optimization (FBI), which improves the security of the smart grid network. The simulation is performed using network simulator NS3.26, which evaluates the performance in terms of computational complexity, accuracy, false detection, and false alarm rate. The proposed BLIDSE model effectively mitigates cyber-attacks, thereby contributing to improved security in the network.     

Efficient Joint Key Authentication Model in E-Healthcare

Many patients have begun to use mobile applications to handle different health needs because they can better access high-speed Internet and smartphones. These devices and mobile applications are now increasingly used and integrated through the medical Internet of Things (mIoT). mIoT is an important part of the digital transformation of healthcare, because it can introduce new business models and allow efficiency improvements, cost control and improve patient experience. In the mIoT system, when migrating from traditional medical services to electronic medical services, patient protection and privacy are the priorities of each stakeholder. Therefore, it is recommended to use different user authentication and authorization methods to improve security and privacy. In this paper, our prosed model involves a shared identity verification process with different situations in the e-health system. We aim to reduce the strict and formal specification of the joint key authentication model. We use the AVISPA tool to verify through the well-known HLPSL specification language to develop user authentication and smart card use cases in a user-friendly environment. Our model has economic and strategic advantages for healthcare organizations and healthcare workers. The medical staff can increase their knowledge and ability to analyze medical data more easily. Our model can continuously track health indicators to automatically manage treatments and monitor health data in real time. Further, it can help customers prevent chronic diseases with the enhanced cognitive functions support. The necessity for efficient identity verification in e-health care is even more crucial for cognitive mitigation because we increasingly rely on mIoT systems.     

Developmental trajectories of blockchain research and its major subfields

Unlike previous reviews, most of which focus on a field and use qualitative methods to analyze blockchain technology, herein main path analysis was used to determine the key route of citations and identify the developmental trajectories of blockchain technology and its major themes. A total of 3159 blockchain-related articles published through August 5, 2019, were gathered from the Web of Science. In all, 2478 articles formed the citation network, 27 of which were on the key route. These 27 key papers on blockchain represented the four developmental stages. Stage 1 focused on challenges to bitcoin. Stage 2 focused on smart contract issues. Stage 3 focused on opportunities, challenges, and development in blockchain. Finally, Stage 4 focused on smart contract applications, especially in e-healthcare, where blockchain technology is paving the way to a quicker, more secure, and more efficient means of storing and accessing medical data. The Girvan-Newman clustering technique was used to classify articles, and keyword analysis was used to analyze the top six major themes. These were bitcoin security, bitcoin financial applications, e-healthcare, Ethereum smart contracts, security and privacy in IoT, and energy. Main path analysis was also used to analyze their developmental trends. The results have significant value for both academics and practitioners.     

Real Estate Management via a Decentralized Blockchain Platform

Blockchain technology is one of the key technological breakthroughs of the last decade. It has the ability to revolutionize numerous aspects of society, including financial systems, healthcare, e-government and many others. One such area that is able to reap the benefits of blockchain technology is the real estate industry. Like many other industries, real estate faces major administrative problems such as high transaction fees, a lack of transparency, fraud and the effects of a middleman including undue influence and commissions. Blockchain enables supporting technologies to overcome the obstacles inherent within the real estate investment market. These technologies include smart contracts, immutable record management and time-stamped storage. We utilize these key properties of blockchain technology in our work by proposing a system that has the ability to record real estate transactions in a private blockchain, using smart contracts. The immutability of the blockchain ledger and transactions can provide a safe space for the real estate business. Blockchain technology can also assist the authentication process by hastening background checks. Personal digital keys are provided to parties that are involved in a contract, thus minimizing the risk of fraud. We also discuss the rationale behind the advantages of using a blockchain in this manner, and how we selected the consensus mechanism for our proposed system.     

Privacy-preserving association rule mining for horizontally partitioned healthcare data: a case study on the heart diseases

In recent years, a trend of electronic health record (EHR) system can be seen increasingly in the hospitals, which has generated huge amount of electronically stored data of patients. Association rule mining technique is very helpful in the numerous applications of healthcare (e.g., correlation between disease and symptoms, disease and offering effective treatment and predicting risks of disease based on the historical data, etc.). The data collected by an EHR system are very important for the medical research. Currently, a patient health report is derived on the basis of a physician’s own experience and on the association rule mining results of a local EHR system maintained by a particular hospital. Association rule mining results will be more accurate if the data of all local EHR systems are integrated and association rule mining is performed. Integration of local EHR systems requires the sharing of local EHR data. Sharing of patient records violates the privacy of patients. Hence, medical research is focused on the problem of mining association rules without sharing of local private EHR data. Privacy-preserving distributed association rule mining (PPDARM) solves this issue by mining the association rules while preserving the privacy of patients. In this paper, an approach for the PPDARM is proposed for collaboratively performing association rule mining by all local EHR systems while preserving the privacy. The proposed approach is also analysed with the heart disease dataset.     

数据驱动的智能医疗产品服务系统设计研究

目的 面向医疗领域,探究以数据驱动的智能产品服务系统框架,以数据驱动价值创造,为新型医疗系统解决方案提供理论指导。方法 运用文献研究和典型案例分析法,概述了目前医疗服务的现状与挑战,梳理了智能产品服务系统的发展脉络,并通过文献的归纳整合,对面向医疗领域的智能产品服务系统数据进行总结分类,构建了以“产品—服务—环境—用户”四个方面数据驱动的智能医疗产品服务系统设计框架,结合代表性的医疗产品案例,详细阐述了具体的数据驱动范式和价值共创过程。结论 智能产品服务系统在医疗领域具有巨大的研究潜力,业务流程和服务的数字化,加上新的信息通信技术的出现,使信息的集成与整合创新成为可能,医疗场景的海量数据也得以发挥更大的潜在价值。数据驱动的智能医疗产品服务系统设计框架为该领域的设计策略研究和方法开发奠定了基础,同时为数据驱动的智能医疗产品服务系统设计实践提供了一定理论支撑和指导。     

Towards Privacy-Preserving Cloud Storage: A Blockchain Approach

With the rapid development of cloud computing technology, cloud services have now become a new business model for information services. The cloud server provides the IT resources required by customers in a self-service manner through the network, realizing business expansion and rapid innovation. However, due to the insufficient protection of data privacy, the problem of data privacy leakage in cloud storage is threatening cloud computing. To address the problem, we propose BC-PECK, a data protection scheme based on blockchain and public key searchable encryption. Firstly, all the data is protected by the encryption algorithm. The privacy data is encrypted and stored in a cloud server, while the ciphertext index is established by a public key searchable encryption scheme and stored on the blockchain. Secondly, based on the characteristics of trusted execution of smart contract technology, a control mechanism for data accessing and sharing is given. Data transaction is automatically recorded on the blockchain, which is fairer under the premise of ensuring the privacy and security of the data sharing process. Finally, we analyzed the security and fairness of the current scheme. Through the comparison with similar schemes, we have shown the advantages of the proposed scheme.     

Blockchain application in healthcare service mode based on Health Data Bank

Blockchain is commonly considered a potential disruptive technology. Moreover, the healthcare industry has experienced rapid growth in the adoption of health information technology, such as electronic health records and electronic medical records. To guarantee data privacy and data security as well as to harness the value of health data, the concept of Health Data Bank (HDB) is proposed. In this study, HDB is defined as an integrated health data service institution, which bears no “ownership” of health data and operates health data under the principal–agent model. This study first comprehensively reviews the main characters of blockchain and identifies the blockchain-based healthcare industry projects and startups in the areas of health insurance, pharmacy, and medical treatment. Then, we analyze the fundamental principles of HDB and point out four challenges faced by HDB’s sustainable development: (1) privacy protection and interoperability of health data; (2) data rights; (3) health data supervision; (4) and willingness to share health data. We also analyze the important benefits of blockchain adoption in HDB. Furthermore, three application scenarios including distributed storage of health data, smart-contract-based healthcare service mode, and consensus-algorithm-based incentive policy are proposed to shed light on HDB-based healthcare service mode. In the end, this study offers insights into potential research directions and challenges.     

智慧医疗系统中移动终端导引服务设计探析

目的探讨智慧医疗的发展方向及其在提升医疗服务体验方面的可能性。方法运用观察和访谈的方法,来分析复杂医疗流程中提升服务体验的机会点,依据前文归纳出的智慧医疗发展方向,对机会点或痛点逐一提出解决策略,并将这些策略整合进原来的医疗服务中,以此提升医疗服务体验。结论智慧医疗的三个发展方向为医疗服务内容的数字化、服务关键决策者的网络化和医疗数据处理的智能化。智慧医疗的发展不仅为医疗行业的管理运作提供便利,也存在改善医疗体验的巨大潜力。在本案例研究中,医疗信息的数字化和网络化是增强患方信息支持的基础,增强就医流程中患方的信息支持有助于提高所有服务参与者(医护人员、患者、陪同者)的体验。智慧医疗服务则有潜力被应用于智能分析病例,并提供专业医疗咨询以减轻医护人员的工作压力,助其提供更优质的服务。     

条件接收系统中机顶盒和智能卡安全通信协议

提出了条件接收系统中智能卡和机顶盒安全通信的协议.协议使用了Schnorr身份方案实现机顶盒对智能卡的认证,并使用一个非对称密码系统实现智能卡对机顶盒的认证.协议最小化了智能卡的在线计算负担,同时保持与其它协议同样的安全水平.对协议的安全性和性能进行了分析.分析结果表明,协议对于恶意攻击是鲁棒的,并且非常适合于只有有限处理能力的智能卡.而且,协议为不同的条件接收系统使用同样的机顶盒提供了可能,因为在协议中机顶盒不需要事先存储任何条件接收系统的秘密私有数据.     

A Distributed Privacy Preservation Approach for Big Data in Public Health Emergencies Using Smart Contract and SGX

Security and privacy issues have become a rapidly growing problem with the fast development of big data in public health. However, big data faces many ongoing serious challenges in the process of collection, storage, and use. Among them, data security and privacy problems have attracted extensive interest. In an effort to overcome this challenge, this article aims to present a distributed privacy preservation approach based on smart contracts and Intel Software Guard Extensions (SGX). First of all, we define SGX as a trusted edge computing node, design data access module, data protection module, and data integrity check module, to achieve hardware-enhanced data privacy protection. Then, we design a smart contract framework to realize distributed data access control management in a big data environment. The crucial role of the smart contract was revealed by designing multiple access control contracts, register contracts, and history contracts. Access control contracts provide access control methods for different users and enable static access verification and dynamic access verification by checking the user’s properties and history behavior. Register contract contains user property information, edge computing node information, the access control and history smart contract information, and provides functions such as registration, update, and deletion. History contract records the historical behavior information of malicious users, receives the report information of malicious requestors from the access control contract, implements a misbehavior check method to determines whether the requestor has misbehavior, and returns the corresponding result. Finally, we design decentralized system architecture, prove the security properties, and analysis to verify the feasibility of the system. Results demonstrate that our method can effectively improve the timeliness of data, reduce network latency, and ensure the security, reliability, and traceability of data.     

A Key Recovery System Based on Password-Protected Secret Sharing in a Permissioned Blockchain

In today’s fourth industrial revolution, various blockchain technologies are being actively researched. A blockchain is a peer-to-peer data-sharing structure lacking central control. If a user wishes to access stored data, she/he must employ a private key to prove ownership of the data and create a transaction. If the private key is lost, blockchain data cannot be accessed. To solve such a problem, public blockchain users can recover the key using a wallet program. However, key recovery in a permissioned blockchain (PBC) has been but little studied. The PBC server is Honest-but-Curious (HBC), and should not be able to learn anything of the user; the server should simply recover and store the key. The server must also be resistant to malicious attacks. Therefore, key recovery in a PBC must satisfy various security requirements. Here, we present a password-protected secret sharing (PPSS) key recovery system, protected by a secure password from a malicious key storage server of a PBC. We describe existing key recovery schemes and our PPSS scheme.     

Trustworthiness Evaluation for Permissioned Blockchain-Enabled Applications

As permissioned blockchain becomes a common foundation of blockchain-based circumstances for current organizations, related stakeholders need a means to assess the trustworthiness of the applications involved within. It is extremely important to consider the potential impact brought by the Blockchain technology in terms of security and privacy. Therefore, this study proposes a rigorous security risk management framework for permissioned blockchain-enabled applications. The framework divides itself into different implementation domains, i.e., organization security, application security, consensus mechanism security, node management and network security, host security and perimeter security, and simultaneously provides guidelines to control the security risks of permissioned blockchain applications with respect to these security domains. In addition, a case study, including a security testing and risk evaluation on each stack of a specific organization, is demonstrated as an implementation instruction of our proposed risk management framework. According to the best of our knowledge, this study is one of the pioneer researches that provide a means to evaluate the security risks of permissioned blockchain applications from a holistic point of view. If users can trust the applications that adopted this framework, this study can contribute to the adoption of permissioned blockchain-enabled technologies. Furthermore, application providers can use the framework to perform gap analysis on their existing systems and controls and understand the risks of their applications.     

Droid-IoT: Detect Android IoT Malicious Applications Using ML and Blockchain

One of the most rapidly growing areas in the last few years is the Internet of Things (IoT), which has been used in widespread fields such as healthcare, smart homes, and industries. Android is one of the most popular operating systems (OS) used by IoT devices for communication and data exchange. Android OS captured more than 70 percent of the market share in 2021. Because of the popularity of the Android OS, it has been targeted by cybercriminals who have introduced a number of issues, such as stealing private information. As reported by one of the recent studies Android malware are developed almost every 10 s. Therefore, due to this huge exploitation an accurate and secure detection system is needed to secure the communication and data exchange in Android IoT devices. This paper introduces Droid-IoT, a collaborative framework to detect Android IoT malicious applications by using the blockchain technology. Droid-IoT consists of four main engines: (i) collaborative reporting engine, (ii) static analysis engine, (iii) detection engine, and (iv) blockchain engine. Each engine contributes to the detection and minimization of the risk of malicious applications and the reporting of any malicious activities. All features are extracted automatically from the inspected applications to be classified by the machine learning model and store the results into the blockchain. The performance of Droid-IoT was evaluated by analyzing more than 6000 Android applications and comparing the detection rate of Droid-IoT with the state-of-the-art tools. Droid-IoT achieved a detection rate of 97.74% with a low false positive rate by using an extreme gradient boosting (XGBoost) classifier.     

An End-to-End Authentication Scheme for Healthcare IoT Systems Using WMSN

The healthcare internet of things (IoT) system has dramatically reshaped this important industry sector. This system employs the latest technology of IoT and wireless medical sensor networks to support the reliable connection of patients and healthcare providers. The goal is the remote monitoring of a patient’s physiological data by physicians. Moreover, this system can reduce the number and expenses of healthcare centers, make up for the shortage of healthcare centers in remote areas, enable consultation with expert physicians around the world, and increase the health awareness of communities. The major challenges that affect the rapid deployment and widespread acceptance of such a system are the weaknesses in the authentication process, which should maintain the privacy of patients, and the integrity of remote medical instructions. Current research results indicate the need of a flexible authentication scheme. This study proposes a scheme with enhanced security for healthcare IoT systems, called an end-to-end authentication scheme for healthcare IoT systems, that is, an E2EA. The proposed scheme supports security services such as a strong and flexible authentication process, simultaneous anonymity of the patient and physician, and perfect forward secrecy services. A security analysis based on formal and informal methods demonstrates that the proposed scheme can resist numerous security-related attacks. A comparison with related authentication schemes shows that the proposed scheme is efficient in terms of communication, computation, and storage, and therefore cannot only offer attractive security services but can reasonably be applied to healthcare IoT systems.     

Exploring behavioural intentions toward smart healthcare services among medical practitioners: a technology transfer perspective

Recently, a variety of artificial intelligence (AI)-driven smart healthcare services are rapidly emerging in the medical market, such as intelligent image analysis, surgical navigation systems, and aided diagnosis. However, one of the major challenges is practitioners’ hesitation and unwillingness to employ these new technologies in medical practice. This study focuses on identifying the influential factors of adoption intention of smart healthcare services for both clinicians and non-clinicians from the perspective of technology transfer. Through collecting 484 questionnaire data from doctors in Anhui, China, we find support to show that perceived usefulness (PU), attitude, and the experience of using mHealth are key factors that influence both clinicians and non-clinician’s adoption intention. Meanwhile, it is confirmed that subjective norm has a positive effect on only clinicians’ behavioural intention (BI) while perceived risk (PR) has a negative impact on only non-clinicians’ attitude. Among all the constructs, the experience of using mHealth has the strongest positive effect on doctors’ adoption intention on smart healthcare services, a positive impact on the PU and perceived ease of use, and a negative impact on the PR. This study provides an improved understanding of doctors’ BI of smart healthcare services, and practice guidance for product development and marketing strategies.     

Security Requirement Management for Cloud-Assisted and Internet of Things—Enabled Smart City

The world is rapidly changing with the advance of information technology. The expansion of the Internet of Things (IoT) is a huge step in the development of the smart city. The IoT consists of connected devices that transfer information. The IoT architecture permits on-demand services to a public pool of resources. Cloud computing plays a vital role in developing IoT-enabled smart applications. The integration of cloud computing enhances the offering of distributed resources in the smart city. Improper management of security requirements of cloud-assisted IoT systems can bring about risks to availability, security, performance, confidentiality, and privacy. The key reason for cloud- and IoT-enabled smart city application failure is improper security practices at the early stages of development. This article proposes a framework to collect security requirements during the initial development phase of cloud-assisted IoT-enabled smart city applications. Its three-layered architecture includes privacy preserved stakeholder analysis (PPSA), security requirement modeling and validation (SRMV), and secure cloud-assistance (SCA). A case study highlights the applicability and effectiveness of the proposed framework. A hybrid survey enables the identification and evaluation of significant challenges.     

Privacy Preserving Blockchain Technique to Achieve Secure and Reliable Sharing of IoT Data

In present digital era, an exponential increase in Internet of Things (IoT) devices poses several design issues for business concerning security and privacy. Earlier studies indicate that the blockchain technology is found to be a significant solution to resolve the challenges of data security exist in IoT. In this view, this paper presents a new privacy-preserving Secure Ant Colony optimization with Multi Kernel Support Vector Machine (ACOMKSVM) with Elliptical Curve cryptosystem (ECC) for secure and reliable IoT data sharing. This program uses blockchain to ensure protection and integrity of some data while it has the technology to create secure ACOMKSVM training algorithms in partial views of IoT data, collected from various data providers. Then, ECC is used to create effective and accurate privacy that protects ACOMKSVM secure learning process. In this study, the authors deployed blockchain technique to create a secure and reliable data exchange platform across multiple data providers, where IoT data is encrypted and recorded in a distributed ledger. The security analysis showed that the specific data ensures confidentiality of critical data from each data provider and protects the parameters of the ACOMKSVM model for data analysts. To examine the performance of the proposed method, it is tested against two benchmark dataset such as Breast Cancer Wisconsin Data Set (BCWD) and Heart Disease Data Set (HDD) from UCI AI repository. The simulation outcome indicated that the ACOMKSVM model has outperformed all the compared methods under several aspects.