TOPSIS with fuzzy belief structure for group belief multiple criteria decision making

TOPSIS is one of the major techniques in dealing with multiple criteria decision making (MCDM) problems, and Belief Structure (BS) model and Fuzzy BS model have been used successfully for uncertain MCDM with incompleteness, impreciseness or ignorance. In this paper, the TOPSIS method with Fuzzy BS model is proposed to solve Group Belief MCDM problems. Firstly, the Group Belief MCDM problem is structured as a fuzzy belief decision matrix in which the judgments of each decision maker are described as Fuzzy BS models, and then the Evidential Reasoning approach is used for aggregating the multiple decision makers’ judgments. Subsequently, the positive and negative ideal belief solutions are defined with the principle of TOPSIS. In order to measure the separation from the ideal belief solutions, the concept and algorithm of Belief Distance Measure are introduced to compare the difference between Fuzzy BS models. Using the Belief Distance Measure, the relative closeness and ranking index can be calculated for ranking the alternatives. A numerical example is finally given to illustrate the proposed method.     

Cyber Secure Framework for Smart Containers Based on Novel Hybrid DTLS Protocol

The Internet of Things (IoTs) is apace growing, billions of IoT devices are connected to the Internet which communicate and exchange data among each other. Applications of IoT can be found in many fields of engineering and sciences such as healthcare, traffic, agriculture, oil and gas industries, and logistics. In logistics, the products which are to be transported may be sensitive and perishable, and require controlled environment. Most of the commercially available logistic containers are not integrated with IoT devices to provide controlled environment parameters inside the container and to transmit data to a remote server. This necessitates the need for designing and fabricating IoT based smart containers. Due to constrained nature of IoT devices, these are prone to different cyber security attacks such as Denial of Service (DoS), Man in Middle (MITM) and Replay. Therefore, designing efficient cyber security framework are required for smart container. The Datagram Transport Layer Security (DTLS) Protocol has emerged as the de facto standard for securing communication in IoT devices. However, it is unable to minimize cyber security attacks such as Denial of Service and Distributed Denial of Service (DDoS) during the handshake process. The main contribution of this paper is to design a cyber secure framework by implementing novel hybrid DTLS protocol in smart container which can efficiently minimize the effects of cyber attacks during handshake process. The performance of our proposed framework is evaluated in terms of energy efficiency, handshake time, throughput and packet delivery ratio. Moreover, the proposed framework is tested in IoT based smart containers. The proposed framework decreases handshake time more than 9% and saves 11% of energy efficiency for transmission in compare of the standard DTLS, while increases packet delivery ratio and throughput by 83% and 87% respectively.     

A fuzzy multi-criteria decision making model for supplier selection

This paper presents a hybrid fuzzy model for group Multi Criteria Decision Making (MCDM). A modified fuzzy DEMATEL model is presented to deal with the influential relationship between the evaluation criteria. The modified DEMATEL captures such relationship and divides the criteria into two groups, particularly, the cause group and the effect group. The cause group has an influence on the effect group where such influence is used to estimate the criteria weights. In addition, a modified TOPSIS model is proposed to evaluate the criteria against each alternative. Here, a fuzzy distance measure is used in which the distance from the Fuzzy Positive Ideal Solution (FPIS) and Fuzzy Negative Ideal Solution (FNIS) are calculated. The resulted distances were used to calculate the similarity to Ideal and Anti-ideal points. Later, an optimal membership degree (closeness coefficient) of each alternative is computed to estimate to which extent an alternative belongs to both FPIS and FNIS. The closer the degree of membership to FPIS and the farther from FNIS the more preferred the alternative. The membership degree is obtained by the optimization of a defined objective function that measures the degree to which an alternative is similar/dissimilar to the Ideal/Anti-Ideal solutions. The closeness coefficient is used to rank the alternatives. To better have a high contrast between the ranks of alternatives an optimization problem was introduced and solved to maximize the contrast.The presented hybrid model was applied on an industrial case study for the selection of cans supplier/suppliers at Nutridar Factory in Amman-Jordan to demonstrate the proposed model. Finally a sensitivity analysis is introduced to verify the resulting ranks of the available suppliers via testing different values of the used parameters. The sensitivity analysis has shown robust and valid results that are close to real preferences of the consulted experts.     

A new fuzzy methodology-based structured framework for RAM and risk analysis

The aim of this paper is to propose a new hybridized framework for analyzing the performance issues of a chemical process plant by utilizing uncertain, imprecise and vague information. In the proposed framework, Fuzzy Lambda–Tau (FLT) approach has been used for computing reliability, availability and maintainability (RAM) parameters of the considered system. Further, for enhancing the RAM characteristics of the system, improved Fuzzy Failure Mode Effect Analysis (FMEA) approach is adopted. Under improved Fuzzy FMEA approach, defined Fuzzy linguistic rating values in the form of triangular and trapezoidal Fuzzy numbers have been assigned by the experts to each risk factor of the listed failure causes. The proposed framework is demonstrated with an industrial application in a chlorine production plant of a chemical process industry. The results show decreasing trend for system availability and deposition of solid Nacl, mechanical failure, corrosion due to wet chlorine, scanty lubrication, improper adsorption and valve malfunctioning are identified as the most critical failure causes for the considered system. A comparative performance analysis between the proposed framework, Fuzzy technique for order of preference by similarity to ideal solution (Fuzzy TOPSIS), Fuzzy evaluation based on distance from average solution (Fuzzy EDAS) and Fuzzy Vlse Kriterijumska Optimizacija I Kompromisno Resenje (Fuzzy VIKOR) are then carried out to show the competence of the proposed framework. It is expected that the analytical results would be highly useful in formulating an optimal maintenance policy for such complex systems and may also be used for improving performance of similar plants.     

Exploring ICMetrics to detect abnormal program behaviour on embedded devices

Execution of unknown or malicious software on an embedded system may trigger harmful system behaviour targeted at stealing sensitive data and/or causing damage to the system. It is thus considered a potential and significant threat to the security of embedded systems. Generally, the resource constrained nature of commercial off-the-shelf (COTS) embedded devices, such as embedded medical equipment, does not allow computationally expensive protection solutions to be deployed on these devices, rendering them vulnerable. A Self-Organising Map (SOM) based and Fuzzy C-means based approaches are proposed in this paper for detecting abnormal program behaviour to boost embedded system security. The presented technique extracts features derived from processor’s Program Counter (PC) and Cycles per Instruction (CPI), and then utilises the features to identify abnormal behaviour using the SOM. Results achieved in our experiment show that the proposed SOM based and Fuzzy C-means based methods can identify unknown program behaviours not included in the training set with 90.9% and 98.7% accuracy.     

Proof of Activity Protocol for IoMT Data Security

The Internet of Medical Things (IoMT) is an online device that senses and transmits medical data from users to physicians within a time interval. In, recent years, IoMT has rapidly grown in the medical field to provide healthcare services without physical appearance. With the use of sensors, IoMT applications are used in healthcare management. In such applications, one of the most important factors is data security, given that its transmission over the network may cause obtrusion. For data security in IoMT systems, blockchain is used due to its numerous blocks for secure data storage. In this study, Blockchain-assisted secure data management framework (BSDMF) and Proof of Activity (PoA) protocol using malicious code detection algorithm is used in the proposed data security for the healthcare system. The main aim is to enhance the data security over the networks. The PoA protocol enhances high security of data from the literature review. By replacing the malicious node from the block, the PoA can provide high security for medical data in the blockchain. Comparison with existing systems shows that the proposed simulation with BSD-Malicious code detection algorithm achieves higher accuracy ratio, precision ratio, security, and efficiency and less response time for Blockchain-enabled healthcare systems.     

G-TOPSIS: a cloud service selection framework using Gaussian TOPSIS for rank reversal problem

The dynamic resource requirement of applications has forced a large number of business organizations to join the cloud market and provide cloud services. It has posed a challenge for cloud users to select the best service providers and to minimize losses occurring due to its improper selection. This paper aims to propose a robust rank reversal technique for order of preference by similarity to ideal solution (TOPSIS) method based on Gaussian distribution and used to develop a cloud service selection framework. The proposed framework ranks cloud services based on the quality of services provided by cloud service providers and cloud user’s priority. A case study is performed on a real dataset obtained from CloudHarmony to show the effectiveness and correctness of the proposed framework. The results obtained demonstrate that the proposed framework ranks cloud services similar to TOPSIS-based frameworks. A sensitivity analysis has also been performed to check its robustness in six different cases causing rank reversal and found that the proposed framework is robust to handle rank reversal phenomenon in all the scenarios in comparison with other studies available in the literature.

     

Fuzzy AHP to determine the relative weights of evaluation criteria and Fuzzy TOPSIS to rank the alternatives

The aim of this study is to propose a Fuzzy multi-criteria decision-making approach (FMCDM) to evaluate the alternative options in respect to the user's preference orders. Two FMCDM methods are proposed for solving the MCDM problem: Fuzzy Analytic Hierarchy Process (FAHP) is applied to determine the relative weights of the evaluation criteria and the extension of the Fuzzy Technique for Order Preference by Similarity to Ideal Solution (FTOPSIS) is applied to rank the alternatives. Empirical results show that the proposed methods are viable approaches in solving the problem. When the performance ratings are vague and imprecise, this Fuzzy MCDM is a preferred solution.     

Implementation of a Formal Security Policy Refinement Process in WBEM Architecture

Security mechanisms enforcement consists in configuring devices with the aim that they cooperate and guarantee the defined security goals. In the network context, this task is complex due to the number, the nature, and the interdependencies of the devices to consider. In previous papers, we have proposed a formal framework that focuses on network security information management refinement. The framework includes three abstraction levels: the network security objectives, the network security tactics, and the network security device configurations. The information models of each abstraction level (consistency, correctness and feasibility) are formally specified and analyzed. In this paper we present the integration of this formal refinement process in the WBEM initiative in order to provide a management infrastructure that guarantees the validity of the deployed security configurations.     

A new methodology for Decisions in Medical Informatics using fuzzy cognitive maps based on fuzzy rule-extraction techniques

In this research work, a novel framework for the construction of augmented Fuzzy Cognitive Maps based on Fuzzy Rule-Extraction methods for decisions in medical informatics is investigated. Specifically, the issue of designing augmented Fuzzy Cognitive Maps combining knowledge from experts and knowledge from data in the form of fuzzy rules generated from rule-based knowledge discovery methods is explored. Fuzzy cognitive maps are knowledge-based techniques which combine elements of fuzzy logic and neural networks and work as artificial cognitive networks. The knowledge extraction methods used in this study extract the available knowledge from data in the form of fuzzy rules and insert them into the FCM, contributing to the development of a dynamic decision support system. The fuzzy rules, which derived by these extraction algorithms (such as fuzzy decision trees, association rule-based methods and neuro-fuzzy methods) are implemented to restructure the FCM model, producing new weights into the FCM model, that initially structured by experts. Concluding, our scope is to present a new methodology through a framework for decision making tasks using the soft computing technique of FCMs based on knowledge extraction methods. A well known medical decision making problem pertaining to the problem of radiotherapy treatment planning selection is presented to illustrate the application of the proposed framework and its functioning.     

工业控制系统安全态势感知技术研究

工业控制系统(简称工控)是国家关键基础设施的核心,越来越多的工作开始关注工控系统安全。然而,这些工作的实际应用场景并不统一,因此他们取得的成果无法相互借鉴。为了解决这个问题,在深入研究这些安全技术的基础上,我们提出了工控系统安全态势感知(Situational Awareness for Industrial Control Systems Security, SA-ICSS)框架,该框架由态势觉察、态势理解和态势投射三个阶段构成。在态势觉察阶段,我们首先利用网络测绘和脆弱性发现技术获取完善的目标系统环境要素,如网络拓扑和漏洞信息;其次,我们将入侵检测和入侵诱捕等5种设备部署在目标系统中,以便从控制系统中捕获所有的可疑活动。在态势理解阶段,我们首先基于结构化威胁信息表达(Structured Threat Information Expression,STIX)标准对目标系统进行本体建模,构建了控制任务间的依赖关系以及控制任务与运行设备的映射关系;其次,自动化推理引擎通过学习分析师推理技术,从可疑活动中识别出攻击意图以及目标系统可能受到的影响。在态势投射阶段,我们首先利用攻击图、贝叶斯...     

A comprehensive health assessment framework to facilitate IoT-assisted smart workouts: A predictive healthcare perspective

Enormous potential of Internet of Things (IoT) Technology has made it feasible to perceive and analyze real time health conditions in ubiquitous manner. Moreover, incorporation of IoT in healthcare industry has led researchers around the world to develop smart applications like mobile healthcare, health-aware recommendations, and intelligent healthcare systems. Inspired from these aspects, this research presents an intelligent healthcare framework based on IoT Technology to provide ubiquitous healthcare to person during his/her workout sessions. The intelligence of the presented framework lies with its ability to analyze real time health conditions during workouts and predict probabilistic health state vulnerability. For predictive purpose, the proposed framework indulges the utilization of Artificial Neural Network (ANN) model, which is comprised of three phases namely, monitor, learn, and predict. In addition to this, the presented framework is supported by a mathematical foundation to predict probabilistic vulnerability, in terms of Probabilistic State of Vulnerability (PSoV). In order to determine the validity and applicability of the proposed framework, experiments were performed where 5 people with different attributes are monitored for 14 days using numerous smart sensors. Results, upon comparison with various state-of-the-art techniques, depict that the proposed system is superior in performance and is highly effective in delivering healthcare services during workouts.     

Risk identification and assessment for build–operate–transfer projects: A fuzzy multi attribute decision making model

In recent years, BOT approach has provided an increasingly popular project financing to move toward infrastructure development in Asian countries such as Iran. There are many complexities in projects because of the variety of factors in project’s trend and also the dependence of project on mainly national factors. Due to these complexities and their long-term operating, the projects meet with uncertainty and numerous risks. In this paper, an attempt is made at identifying common risks in BOT projects. A novel hierarchical structure of risks is presented on the basis of the project-oriented point of view; next, some effective criteria for risk ranking in BOT projects are introduced.Then, the problem is defined in Fuzzy Multi Attribute Decision Making (FMADM) field. Therefore, Fuzzy Technique for Order Preference by Similarity to Ideal Solution (FTOPSIS) and Fuzzy Linear Programming Technique for Multidimensional Analysis of Preference (FLINMAP) methods are presented in order to rank high risks in BOT projects. In this study, these two methods are compared in four respects: separation among alternatives, fuzzy error in criteria’s weights, risk response planning, and numerousness of alternatives in proportion to criteria. The proposed model is used for identifying and assessing risks in Iran BOT power plant project. Finally, the rankings of high risks are determined according to their results at the end of this paper.     

Secured Cloud Communication Using Lightweight Hash Authentication with PUF

Internet-of-Things (IoT) is an awaited technology in real-world applications to process daily tasks using intelligent techniques. The main process of data in IoT involves communication, integration, and coordination with other real-world applications. The security of transferred, stored, and processed data in IoT is not ensured in many constraints. Internet-enabled smart devices are widely used among populations for all types of applications, thus increasing the popularity of IoT among widely used server technologies. Smart grid is used in this article with IoT to manage large data. A smart grid is a collection of numerous users in the network with the fastest response time. This article aims to provide high authentication to the smart grid, which constitutes secure communication in cloud-based IoT. Many IoT devices are deployed openly in all places. This open-access is vulnerable toward cloning attacks. Authentication is a significant process that provides strength while attacking. The security of the cloud and IoT must be computationally high. A lightweight authentication using hashing technique is proposed considering the aforementioned condition. The main factor of the authentication involves physically unclonable functions, which are utilized in improving the performance of the authentication. The proposed approach is evaluated with the existing techniques. Results show that the performance of the proposed algorithm provides high robust security.     

Improved estimation of software development effort using Classical and Fuzzy Analogy ensembles

Delivering an accurate estimate of software development effort plays a decisive role in successful management of a software project. Therefore, several effort estimation techniques have been proposed including analogy based techniques. However, despite the large number of proposed techniques, none has outperformed the others in all circumstances and previous studies have recommended generating estimation from ensembles of various single techniques rather than using only one solo technique. Hence, this paper proposes two types of homogeneous ensembles based on single Classical Analogy or single Fuzzy Analogy for the first time. To evaluate this proposal, we conducted an empirical study with 100/60 variants of Classical/Fuzzy Analogy techniques respectively. These variants were assessed using standardized accuracy and effect size criteria over seven datasets. Thereafter, these variants were clustered using the Scott-Knott statistical test and ranked using four unbiased errors measures. Moreover, three linear combiners were used to combine the single estimates. The results show that there is no best single Classical/Fuzzy Analogy technique across all datasets, and the constructed ensembles (Classical/Fuzzy Analogy ensembles) are often ranked first and their performances are, in general, higher than the single techniques. Furthermore, Fuzzy Analogy ensembles achieve better performance than Classical Analogy ensembles and there is no best Classical/Fuzzy ensemble across all datasets and no evidence concerning the best combiner.     

Modeling Agent Negotiation Via Fuzzy Constraints in E-Business

In e-business, disputes between two or more parties arise for various reasons and involve different issues. Thus, resolution of these disputes frequently relies on some form of negotiation. This article presents a general problem-solving framework for modeling multi-issue multilateral agent negotiation using fuzzy constraints in e-business. Fuzzy constraints are thus used not only to define each agent's demands involving human concepts, but also to represent the relationships among agents. A concession strategy, based on fuzzy constraint-based problem-solving, is proposed to relax demands, and a trade-off strategy is presented to evaluate existing alternatives. This approach provides a systematic method for reaching an agreement that benefits all agents with a high satisfaction degree of constraints. Meanwhile, by applying the method, agents can move toward an agreement more quickly, because their search focuses only on the feasible solution space. An example application to negotiate an insurance policy among agents is provided to demonstrate the usefulness and effectiveness of the proposed framework.     

Identification of malicious edge devices in fog computing environments

Device security is one of the major challenges for successful implementation of Internet of Things (IoT) and fog computing. Researchers and IT organizations have explored many solutions to protect systems from unauthenticated device attacks (known as outside device attacks). Fog computing uses many edge devices (e.g., router, switch, and hub) for latency-aware processing of collected data. So, identification of malicious edge devices is one of the critical activities in data security of fog computing. Preventing attacks from malicious edge devices is more difficult because they have certain granted privileges to store and process the data. In this article, a proposed framework uses three technologies, a Markov model, an intrusion detection system (IDS), and a virtual honeypot device (VHD) to identify malicious edge devices in a fog computing environment. A two-stage Markov model is used to categorize edge devices effectively into four different levels. The VHD is designed to store and maintain a log repository of all identified malicious devices, which assists the system to defend itself from any unknown attacks in the future. The proposed model is tested in a simulated environment, and results indicate the effectiveness of the system. The proposed model is successful in identifying the malicious device as well as reducing the false IDS alarm rate.     

Active authentication for mobile devices utilising behaviour profiling

With nearly 6 billion subscribers around the world, mobile devices have become an indispensable component in modern society. The majority of these devices rely upon passwords and personal identification numbers as a form of user authentication, and the weakness of these point-of-entry techniques is widely documented. Active authentication is designed to overcome this problem by utilising biometric techniques to continuously assess user identity. This paper describes a feasibility study into a behaviour profiling technique that utilises historical application usage to verify mobile users in a continuous manner. By utilising a combination of a rule-based classifier, a dynamic profiling technique and a smoothing function, the best experimental result for a users overall application usage was an equal error rate of 9.8 %. Based upon this result, the paper proceeds to propose a novel behaviour profiling framework that enables a user’s identity to be verified through their application usage in a continuous and transparent manner. In order to balance the trade-off between security and usability, the framework is designed in a modular way that will not reject user access based upon a single application activity but a number of consecutive abnormal application usages. The proposed framework is then evaluated through simulation with results of 11.45 and 4.17 % for the false rejection rate and false acceptance rate, respectively. In comparison with point-of-entry-based approaches, behaviour profiling provides a significant improvement in both the security afforded to the device and user convenience.     

FOSSES: Framework for open-source software evaluation and selection

A plethora of approaches exists for the evaluation and selection of open-source software (OSS) in the literature. However, these approaches are hardly ever used in practice for the following reasons: first, the lack of a situational-based procedure to define the evaluation criteria for OSS given its varied and dynamic nature; second, the inability of existing evaluation techniques, such as the analytic hierarchy process, to cope well with uncertainty factors, thus producing misleading results that affect the quality of decisions made; and third, a significant number of existing approaches require the prototyping of alternatives being considered in order to facilitate evaluation and decision-making. This study addresses the aforementioned challenges by evolving a process framework for evaluating and selecting OSS. The proposed framework is validated by applying it to a case study. In addition, expert opinion was elicited via questionnaires from 10 experts, and overall feedback suggests that 80% of them are willing to adopt the approach.     

A Usability Management Framework for Securing Healthcare Information System

Transformation from conventional business management systems to smart digital systems is a recurrent trend in the current era. This has led to digital revolution, and in this context, the hardwired technologies in the software industry play a significant role However, from the beginning, software security remains a serious issue for all levels of stakeholders. Software vulnerabilities lead to intrusions that cause data breaches and result in disclosure of sensitive data, compromising the organizations’ reputation that translates into, financial losses and compromising software usability as well. Most of the data breaches are financially motivated, especially in the healthcare sector. The cyber invaders continuously penetrate the E- Health data because of the high cost of the data on the dark web. Therefore, security assessment of healthcare web-based applications demands immediate intervention mechanisms to weed out the threats of cyber-attacks for the sake of software usability. The proposed disclosure is a unique process of three phases that are combined by researchers in order to produce and manage usability management framework for healthcare information system. In this most threatened time of digital era where, Healthcare data industry has borne the brunt of the highest number of data breach episodes in the last few years. The key reason for this is attributed to the sensitivity of healthcare data and the high costs entailed in trading the data over the dark web. Hence, usability management of healthcare information systems is the need of hour as to identify the vulnerabilities and provide preventive measures as a shield against the breaches. The proposed unique developed model of usability management workflow is prepared by associating steps like learn; analyze and manage. All these steps gives an all in one package for the healthcare information management industry because there is no systematic model available which associate identification to implementation steps with different evaluation steps.