Security analysis of mobile crowd sensing applications

An Adaptive Temporal Convolutional Network Autoencoder for Malicious Data Detection in Mobile Crowd Sensing

Mobile crowdsensing (MCS) systems rely on the collective contribution of sensor data from numerous mobile devices carried by participants. However, the open and participatory nature of MCS renders these systems vulnerable to adversarial attacks or data poisoning attempts where threat actors can inject malicious data into the system. There is a need for a detection system that mitigates malicious sensor data to maintain the integrity and reliability of the collected information. This paper addresses this issue by proposing an adaptive and robust model for detecting malicious data in MCS scenarios involving sensor data from mobile devices. The proposed model incorporates an adaptive learning mechanism that enables the TCN-based model to continually evolve and adapt to new patterns, enhancing its capability to detect novel malicious data as threats evolve. We also present a comprehensive evaluation of the proposed model's performance using the SherLock datasets, demonstrating its effectiveness in accurately detecting malicious sensor data and mitigating potential threats to the integrity of MCS systems. Comparative analysis with existing models highlights the performance of the proposed TCN-based model in terms of detection accuracy, with an accuracy score of 98%. Through these contributions, the paper aims to advance the state of the art in ensuring the trustworthiness and security of MCS systems, paving the way for the development of more reliable and robust crowdsensing applications.

A Batch Processing Technique for Wearable Health Crowd-Sensing in the Internet of Things

The influx of wearable sensor devices has influenced a new paradigm termed wearable health crowd-sensing (WHCS). WHCS enables wearable data collection through active sensing to provide health monitoring to users. Wearable sensing devices capture data and transmit it to the cloud for data processing and analytics. However, data sent to the cloud is vulnerable to on-path attacks. The bandwidth limitation issue is also another major problem during large data transfers. Moreover, the WHCS faces several anonymization issues. In light of this, this article presents a batch processing method to solve the identified issues in WHCS. The proposed batch processing method provides an aggregate authentication and verification approach to resolve bandwidth limitation issues in WHCS. The security of our scheme shows its resistance to forgery and replay attacks, as proved in the random oracle (ROM), while offering anonymity to users. Our performance analysis shows that the proposed scheme achieves a lower computational and communication cost with a reduction in the storage overhead compared to other existing schemes. Finally, the proposed method is more energy-efficient, demonstrating that it is suitable for the WHCS system.

A comprehensive easy-to-use techno-human solution for the resource-constrained nations in the fight against communicable disease like the coronavirus pandemic

Following the advent of the novel Coronavirus, the governments and authorities introduced various mobile applications in the fight against COVID-19. However, these are either restricted by the developer country or not comprised of certain key features, due to which, a vast population from the low- or middle-income country, remains underprivileged from associated benefits. The purpose of this study is to explore and demonstrate how to build a comprehensive and easy-to-use application for mobile health service delivery especially fabricated to fight communicable diseases like COVID-19. Mostly open-source technologies are used to build a distributed scalable client-server application. Then the application is evaluated with the stress-test and usability-test. Besides COVID-19 advisories and guidelines, the study demonstrates complete conceptualization and development of an IoT-based mobile application. It comprises three key features that bring comprehensiveness. One is the ‘contact logger & tracer’ that enables users to maintain a list of contacts who get notified if any of them reported COVID-19 positive in the last 14 days. Two is the ‘self-assessment' which helps users to predict the chances of COVID-19 infection using a scientific rationale. Three is the ‘infection tracker’ that guides users to identify infected hotspots to plan the route accordingly. The usability-test affirmed that the application is easy-to-use. Further, this study demonstrates how to construct such an easy-to-use application mostly with open-source resources. It can help the needy authorities or groups from resource-constrained countries to adopt and develop such applications quickly. Further research on the post-implementation effect will add value to this study.

A Privacy Preservation Quality of Service (QoS) Model for Data Exposure in Android Smartphone Usage

An Android smartphone contains built-in and externally downloaded applications that are used for entertainment, finance, navigation, communication, health and fitness, and so on. The behaviour of granting permissions requested by apps might expose the Android smartphone user to privacy risks. The existing works lack a formalized mathematical model that can quantify user and system applications risks. No multifaceted data collector tool can also be used to monitor the collection of user data and the risk posed by each application. A benchmark of the risk level that alerts the user and distinguishes between acceptable and unacceptable risk levels in Android smartphone user does not exist. Hence, to address privacy risk, a formalized privacy model called PRiMo that uses a tree structure and calculus knowledge is proposed. An App-sensor Mobile Data Collector (AMoDaC) is developed and implemented in real life to analyse user data accessed by mobile applications through the permissions granted and the risks involved. A benchmark is proposed by comparing the proposed PRiMo outcome with the existing available testing metrics. The results show that Tools & Utility/Productivity applications posed the highest risk as compared to other categories of applications. Furthermore, 29 users faced low and acceptable risk, while two users faced medium risk. According to the benchmark proposed, users who faced risks below 25% are considered as safe. The effectiveness and accuracy of the proposed work is 96.8%.

SenseCrypt: A Security Framework for Mobile Crowd Sensing Applications

The proliferation of mobile devices such as smartphones and tablets with embedded sensors and communication features has led to the introduction of a novel sensing paradigm called mobile crowd sensing. Despite its opportunities and advantages over traditional wireless sensor networks, mobile crowd sensing still faces security and privacy issues, among other challenges. Specifically, the security and privacy of sensitive location information of users remain lingering issues, considering the "on" and "off" state of global positioning system sensor in smartphones. To address this problem, this paper proposes "SenseCrypt", a framework that automatically annotates and signcrypts sensitive location information of mobile crowd sensing users. The framework relies on K-means algorithm and a certificateless aggregate signcryption scheme (CLASC). It incorporates spatial coding as the data compression technique and message query telemetry transport as the messaging protocol. Results presented in this paper show that the proposed framework incurs low computational cost and communication overhead. Also, the framework is robust against privileged insider attack, replay and forgery attacks. Confidentiality, integrity and non-repudiation are security services offered by the proposed framework.