Fog Computing-inspired Smart Home Framework for Predictive Veterinary Healthcare

Domestic Pet Care has been an important domain in the healthcare industry. In the presented study, a comprehensive framework of the Smart VetCare system for the health monitoring of domestic pets has been presented. The work is focused on the remote surveillance of domestic animals’ health conditions inside the home environment using IoMT Technology. Specifically, pet health is analyzed for vulnerability in the ambient home environment and ubiquitous activities over a fog computing platform of FogBus. Furthermore, a temporal data granule is formulated and the Probability of Health Vulnerability (PoHV) is defined for determining the health severity of the animal. Additionally, the Temporal Sensitivity Measure (TSM) is defined for real-time pet healthcare analysis, which is visualized using the Self Organized Mapping (SOM) Technique. For validation purposes, the framework is deployed in the smart home environment using 12 IoMT WiSense Nodes and Health Sensor belt for monitoring a domestic dog of American Bully breed over the dynamic resource management platform of FogBus and iFogSim simulator. Based on the comparison with numerous state-of-the-art techniques, the proposed framework can register a better precision value (94.78%), accuracy value (95.38%), sensitivity value (93.71%), and f-measure value (94.41%).     

ContractGuard：面向以太坊区块链智能合约的入侵检测系统

以太坊智能合约本质上是一种在网络上由相互间没有信任关系的节点共同执行的已被双方认证程序。目前,大量的智能合约被用于管理数字资产,使智能合约成为黑客的重要攻击对象。常见的攻击方法是通过利用智能合约的漏洞来实现特定操作的入侵攻击。ContractGuard 是首次提出面向以太坊区块链智能合约的入侵检测系统,它能检测智能合约的潜在攻击行为。ContractGuard 的入侵检测主要依赖检测潜在攻击可能引发的异常控制流来实现。由于智能合约运行在去中心化的环境以及在高度受限的环境中运行,现有的IDS技术或者工具等以外部拦截形式的部署架构不适合于以太坊智能合约。为了解决这些问题,通过设计一个嵌入式的架构,实现了把 ContractGuard 直接嵌入智能合约的执行代码中,作为智能合约的一部分。在运行时刻,ContractGuard通过相应的context-tagged无环路径来实现入侵检测,从而保护智能合约。由于嵌入了额外的代码,ContractGuard一定程度上会增加智能合约的部署开销与运行开销,为了降低这两方面的开销,基于以太坊智能合约的特性对 ContractGuard 进行优化。实验结果显示,可有效地检测 83%的异常行为,其部署开销仅增加了36.14%,运行开销仅增加了28.17%。     

A comprehensive survey on multimodal medical signals fusion for smart healthcare systems

Smart healthcare is a framework that utilizes technologies such as wearable devices, the Internet of Medical Things (IoMT), sophisticated machine learning algorithms, and wireless communication technology to seamlessly access health records, link individuals, resources, and organizations, and then effectively handle and react to health environment demands intelligently. One of the main ingredients of smart healthcare is medical sensors or IoMT. Due to the complex nature of diseases, in many cases, there is a need for multimodal medical signals for their diagnoses. While using multimodal signals, the most important issue is how to fuse them – an area of burgeoning interest within the research community. This paper presents a comprehensive survey of multimodal medical signals fusion schemes that have been proposed for smart healthcare applications. Research works included in major repositories, such as IEEE Xplore, Science Direct, Springer Link, and ACM digital library have been surveyed to address several related research questions. Focus is placed on recent developments, thus only works published between 2014-2020 are considered. Finally, key research challenges and possible future directions are also provided.     

Paillier Cryptography Based Message Authentication Code for IoMT Security

Health care visualization through Internet of Things (IoT) over wireless sensor network (WSN) becomes a current research attention due to medical sensor evolution of devices. The digital technology-based communication system is widely used in all application. Internet of medical thing (IoMT) assisted healthcare application ensures the continuous health monitoring of a patient and provides the early awareness of the one who is suffered without human participation. These smart medical devices may consume with limited resources and also the data generated by these devices are large in size. These IoMT based applications suffer from the issues such as security, anonymity, privacy, and interoperability. To overcome these issues, data aggregation methods are the solution that can concatenate the data generated by the sensors and forward it into the base station through fog node with efficient encryption and decryption. This article proposed a well-organized data aggregation and secured transmission approach. The data generated by the sensor are collected and compressed. Aggregator nodes (AN) received the compressed data and concatenate it. The concatenated and encrypted data is forward to fog node using the enhanced Paillier cryptography-based encryption with Message Authentication code (MAC). Fog node extracts the forwarded data from AN using Fog message extractor method (FME) with decryption. The proposed system ensures data integrity, security and also protects from security threats. This proposed model is simulated in Network Simulator 2.35 and the evaluated simulation results proves that the aggregation with MAC code will ensures the security, privacy and also reduces the communication cost. Fog node usages in between Aggregator and base station, will reduce the cloud server/base station computational overhead and storage cost. The proposed ideology is compared with existing data aggregation schemes in terms of computational cost, storage cost, communication cost and energy cost. Cost of communication takes 18.7 ms which is much lesser than existing schemes.     

智能合约安全漏洞研究综述

智能合约是一种基于区块链平台运行,为缔约的多方提供安全可信赖能力的去中心化应用程序。智能合约在去中心化应用场景中扮演着重要的角色,被广泛地应用于股权众筹、游戏、保险、物联网等多个领域,但同时也面临着严重的安全风险。相比于普通程序而言,智能合约的安全性不仅影响合约参与多方的公平性,还影响合约所管理的庞大数字资产的安全性。因此,对智能合约的安全性及相关安全漏洞开展研究显得尤为重要。本文系统分析了智能合约的特性及其带来的全新安全风险;提出了智能合约安全的三层威胁模型,即来自于高级语言、虚拟机、区块链三个层面的安全威胁;并以世界上最大的智能合约平台——以太坊为例,详细介绍了15类主要漏洞;并总结了智能合约安全研究在漏洞方面的进展和挑战,包括自动漏洞挖掘、自动漏洞利用和安全防御三个方面的研究内容;最后,本文对智能合约未来安全研究进行了展望,提出了两个潜在的发展方向。     

Ethereum smart contract security research: survey and future research opportunities

Blockchain has recently emerged as a research trend, with potential applications in a broad range of industries and context. One particular successful Blockchain technology is smart contract, which is widely used in commercial settings (e.g., high value financial transactions). This, however, has security implications due to the potential to financially benefit froma security incident (e.g., identification and exploitation of a vulnerability in the smart contract or its implementation). Among, Ethereum is the most active and arresting. Hence, in this paper, we systematically review existing research efforts on Ethereum smart contract security, published between 2015 and 2019. Specifically, we focus on how smart contracts can be maliciously exploited and targeted, such as security issues of contract program model, vulnerabilities in the program and safety consideration introduced by program execution environment. We also identify potential research opportunities and future research agenda.     

基于代码注释调优的智能合约自动生成方法

针对智能合约开发效率不高、安全漏洞频发等问题,提出了一种基于代码注释调优的智能合约自动生成方法。首先结合智能合约代码关联注释的语义信息,构建智能合约聚类分析模型,实现功能类似智能合约的快速精准聚类;接着划分注释关联的合约层、函数层、接口层等不同层次智能合约知识库,以聚类后的代码及注释信息为基础,构造多样化Prompt特征提示语句数据集;最后,以大语言模型ChatGLM2-6B为基础,借助P-Tuning v2微调技术,实现特定需求智能合约的自动生成。为检测该方法的有效性,借助双语互译质量评估辅助工具BLEU和代码安全检测工具Mythril与VaaS,同现有方法进行了对比。实验结果表明,该方法生成的代码BLEU平均值提升了13%左右,代码安全性提高6%左右。此方法将代码注释信息融入智能合约的自动生成,有效提升了智能合约的质量,为安全可靠智能合约的高效开发提供了一种新的方法。     

Elastic Smart Contracts in Blockchains

In this paper, we deal with questions related to blockchains in complex Internet of Things (IoT)-based ecosystems. Such ecosystems are typically composed of IoT devices, edge devices, cloud computing software services, as well as people, who are decision makers in scenarios such as smart cities. Many decisions related to analytics can be based on data coming from IoT sensors, software services, and people. However, they are typically based on different levels of abstraction and granularity. This poses a number of challenges when multiple blockchains are used together with smart contracts. This work proposes to apply our concept of elasticity to smart contracts and thereby enabling analytics in and between multiple blockchains in the context of IoT. We propose a reference architecture for Elastic Smart Contracts and evaluate the approach in a smart city scenario, discussing the benefits in terms of performance and self-adaptability of our solution.      

Analysis and assessment of a knowledge based smart city architecture providing service APIs

The main technical issues regarding smart city solutions are related to data gathering, aggregation, reasoning, data analytics, access, and service delivering via Smart City APIs (Application Program Interfaces). Different kinds of Smart City APIs enable smart city services and applications, while their effectiveness depends on the architectural solutions to pass from data to services for city users and operators, exploiting data analytics, and presenting services via APIs.Therefore, there is a strong activity on defining smart city architectures to cope with this complexity, putting in place a significant range of different kinds of services and processes. In this paper, the work performed in the context of Sii-Mobility smart city project on defining a smart city architecture addressing a wide range of processes and data is presented. To this end, comparisons of the state of the art solutions of smart city architectures for data aggregation and for Smart City API are presented by putting in evidence the usage semantic ontologies and knowledge base in the data aggregation in the production of smart services. The solution proposed aggregate and re-conciliate data (open and private, static and real time) by using reasoning/smart algorithms for enabling sophisticated service delivering via Smart City API. The work presented has been developed in the context of the Sii-Mobility national smart city project on mobility and transport integrated with smart city services with the aim of reaching a more sustainable mobility and transport systems. Sii-Mobility is grounded on Km4City ontology and tools for smart city data aggregation, analytics support and service production exploiting smart city API. To this end, Sii-Mobility/Km4City APIs have been compared to the state of the art solutions. Moreover, the proposed architecture has been assessed in terms of performance, computational and network costs in terms of measures that can be easily performed on private cloud on premise. The computational costs and workloads of the data ingestion and data analytics processes have been assessed to identify suitable measures to estimate needed resources. Finally, the API consumption related data in the recent period are presented.     

物联网应用中访问控制智能合约的形式化验证

蓝牙、WiFi等网络技术的进步推动物联网（IoT）的发展,然而IoT在方便了人们生活的同时也存在严重的安全隐患。若无安全的访问控制,非法接入IoT的访问可能给用户带来各方面的损失。传统的访问控制方法需要一个可信任的中心节点,不适合节点分散的IoT环境。区块链及智能合约的出现为IoT应用的访问控制提供了更有效的解决方案,但用一般测试方法难以保证实现IoT应用的访问控制智能合约的正确性。针对这个问题,提出一种利用模型检测工具Verds对访问控制智能合约进行形式化验证从而保障合约正确性的方法。该方法利用状态迁移系统定义Solidity智能合约的语义,应用计算树逻辑（CTL）公式描述所要验证的性质,并对智能合约交互及用户行为进行建模,从而形成Verds的输入模型及所要验证性质,然后利用Verds验证待测性质的正确性。方法核心是Solidity合约子集到Verds输入模型的转换。对两个IoT资源访问控制智能合约的实验结果表明,该方法可以对访问控制合约的典型场景及期望性质进行验证,提升了智能合约的可靠性。     

Internet of Things in Healthcare: Architecture,Applications, Challenges,and Solutions

Healthcare, the largest global industry, is undergoing significant transformations with the genesis of a new technology known as the Internet of Things (IoT). Many healthcare leaders are investing more money for transforming their services to harness the benefits provided by IoT, thereby paving the way for the Internet of Medical Things (IoMT), an extensive collection of medical sensors and associated infrastructure. IoMT has many benefits like providing remote healthcare by monitoring health vitals of patients at a distant place, providing healthcare services to elderly people, and monitoring a large group of people in a region or country for detection and prevention of epidemics. This paper provides a review of IoT in the healthcare domain by first describing the enabling technologies for delivering smart healthcare, followed by some of the key applications of IoT in healthcare. Next, a fog-based architecture consisting of three layers for IoT-based healthcare applications is proposed. Finally, we focus on some of the open challenges of IoT in healthcare, like fault tolerance, interoperability, latency, energy efficiency, and availability. Existing solutions for these challenges are also discussed.     

Proof of Activity Protocol for IoMT Data Security

The Internet of Medical Things (IoMT) is an online device that senses and transmits medical data from users to physicians within a time interval. In, recent years, IoMT has rapidly grown in the medical field to provide healthcare services without physical appearance. With the use of sensors, IoMT applications are used in healthcare management. In such applications, one of the most important factors is data security, given that its transmission over the network may cause obtrusion. For data security in IoMT systems, blockchain is used due to its numerous blocks for secure data storage. In this study, Blockchain-assisted secure data management framework (BSDMF) and Proof of Activity (PoA) protocol using malicious code detection algorithm is used in the proposed data security for the healthcare system. The main aim is to enhance the data security over the networks. The PoA protocol enhances high security of data from the literature review. By replacing the malicious node from the block, the PoA can provide high security for medical data in the blockchain. Comparison with existing systems shows that the proposed simulation with BSD-Malicious code detection algorithm achieves higher accuracy ratio, precision ratio, security, and efficiency and less response time for Blockchain-enabled healthcare systems.     

智能合约:架构及进展

智能合约是一种无需中介、自我验证、自动执行合约条款的计算机交易协议,近年来随着区块链技术的日益普及而备受关注.区块链上的智能合约具有去中心化、去信任、可编程、不可篡改等特性,可灵活嵌入各种数据和资产,帮助实现安全高效的信息交换、价值转移和资产管理,最终有望深入变革传统商业模式和社会生产关系,为构建可编程资产、系统和社会奠定基础.本文致力于以区块链智能合约为研究对象,对已有的研究成果进行全面梳理和系统概述,提出了智能合约的基础架构模型并以此为研究框架阐述了智能合约的运行机制与基础架构,总结了智能合约的研究挑战与进展,介绍了智能合约的技术优势与典型应用领域,讨论了智能合约的发展趋势,以期为智能合约的后续研究提供参考.     

基于软件度量的Solidity智能合约缺陷预测方法

随着区块链技术的兴起,智能合约安全问题被越来越多的研究者和企业重视,目前已有一些针对智能合约缺陷检测技术的研究.软件缺陷预测技术是软件缺陷检测技术的有效补充,能够优化测试资源分配,提高软件测试效率.然而,目前还没有针对智能合约的软件缺陷预测研究.针对这一问题,提出了面向Solidity智能合约的缺陷预测方法.首先,设计了一组针对Solidity智能合约特有的变量、函数、结构和Solidity语言特性的度量元集(smart contract-Solidity, SC-Sol度量元集),并将其与重点考虑面向对象特征的度量元集(code complexity and features of object-oriented program, COOP度量元集)组合为COOP-SC-Sol度量元集.然后,从Solidity智能合约代码中提取相关度量元信息,并结合缺陷检测结果,构建Solidity智能合约缺陷数据集.在此基础上,应用了7种回归模型和6种分类模型进行Solidity智能合约的缺陷预测,以验证不同度量元集和不同模型在缺陷数量和倾向性预测上的性能差异.实验结果表明,相对于COOP度量元集...     

Characterizing and Detecting Gas-Inefficient Patterns in Smart Contracts

Ethereum blockchain is a new internetware with tens of millions of smart contracts running on it.Different from general programs,smart contracts are decentralized,tamper-resistant and permanently running.Moreover,to avoid resource abuse,Ethereum charges users for deploying and invoking smart contracts according to the size of contract and the operations executed by contracts.It is necessary to optimize smart contracts to save money.However,since developers are not familiar with the operating environment of smart contracts(i.e.,Ethereum virtual machine)or do not pay attention to resource consumption during development,there are many optimization opportunities for smart contracts.To fill this gap,this paper defines six gas-inefficient patterns from more than 25,000 posts and proposes an optimization approach at the source code level to let users know clearly where the contract is optimized.To evaluate the prevalence and economic benefits of gas-inefficient patterns,this paper conducts an empirical study on more than 160,000 real smart contracts.The promising experimental results demonstrate that 52.75%of contracts contain at least one gas-inefficient pattern proposed in this paper.If these patterns are removed from the contract,at least 0.30 can be saved per contract.     

面向智能合约链上升级的松耦合模型研究

针对已部署到区块链上的智能合约无法实现升级的问题,结合以太坊技术提出了一种松耦合的新型智能合约模型。该模型将传统的智能合约拆分为接口合约集、逻辑合约集、数据合约集三个子集。以此松耦合智能合约模型为基础,设计了一个客户实名转账获取代币的业务场景,通过部署代币合约、接口合约、逻辑合约和数据合约,实现了基本的实名转账功能。最后通过以太坊平台进行系统测试,分析了实名转账场景的功能性、可升级性及成本花销。结果表明基于该模型设计的智能合约,在实现基本功能的同时,能够允许在上链之后对其合约子集进行升级,且能有效降低升级成本,相比传统的链下升级方案,松耦合模型合约的升级成本降低了32.43%,部署成本仅增加了24.16%。     

以太坊中间语言的可执行语义

智能合约是实现各类区块链应用的核心软件程序.近期,以太坊区块链平台（Ethereum）上的智能合约暴露出大量错误和安全隐患,在国际上引发了智能合约形式化验证的研究热潮.为提供高可信度的验证结果,智能合约程序语言的形式化必不可少.本工作对以太坊中间语言Yul进行形式化,首次给出了其类型系统和小步操作语义的形式化定义.该语义为可执行语义（executable semantics）,由120个Yul语言程序组成的测试集进行测试.本工作在Isabelle/HOL证明辅助工具中完成,为基于定理证明的智能合约正确性、安全性验证奠定了基础.     

面向合同的智能合约的形式化定义及参考实现

智能合约是区块链系统的核心组件,在现实中广泛应用.然而,目前没有关于智能合约的统一定义,在不同的区块链平台上,智能合约的实现也相差甚远.这样将影响公众对智能合约的认知,也对产业的发展造成障碍.回顾了智能合约的发展历史,梳理其概念的变化过程.归纳智能合约的本质,对现有智能合约的实现进行了分析和对比.给出了面向合同的智能合约的形式化定义,为智能合约的标准化奠定基础.提出了独立于区块链平台的、通用的智能合约实现方法.在目前广泛应用的联盟链区块链平台Hyperledger Fabric上面进行了具体实现.最后对未来工作进行了展望.     

Promoting employee health in smart office: A survey

The advancement of Internet-of-Things (IoT) and artificial intelligence contribute to the prevailing development of smart office, which is capable of understanding employees’ context and adapting to their demands. The smart office brings numerous opportunities for delivering prevention and control measures of health issues associated with office work (e.g., musculoskeletal disorders and computer vision syndrome). Even though there exist multiple studies across different disciplines, there still lacks a holistic survey on the smart office for employee health promotion. Hence, this paper focuses on three contributions: (1) clarifying the fundamentals of smart office, (2) reviewing the key aspects of this theme based on 60 studies selected from a systematic survey process, and (3) identifying the challenges and future research opportunities. We hope this study can bring an interdisciplinary and collaborative perspective for employee health promotion and encourage more researches in this emerging and promising field.     

An investigation and comparison of machine learning approaches for intrusion detection in IoMT network

The Journal of Supercomputing - Internet of Medical Things (IoMT) is network of interconnected medical devices (smart watches, pace makers, prosthetics, glucometer, etc.), software applications,...