This paper describes the deployment and experimentation architecture of the Internet of Things experimentation facility being deployed at Santander city. The facility is implemented within the SmartSantander project, one of the projects of the Future Internet Research and Experimentation initiative of the European Commission and represents a unique in the world city-scale experimental research facility. Additionally, this facility supports typical applications and services of a smart city. Tangible results are expected to influence the definition and specification of Future Internet architecture design from viewpoints of Internet of Things and Internet of Services. The facility comprises a large number of Internet of Things devices deployed in several urban scenarios which will be federated into a single testbed. In this paper the deployment being carried out at the main location, namely Santander city, is described. Besides presenting the current deployment, in this article the main insights in terms of the architectural design of a large-scale IoT testbed are presented as well. Furthermore, solutions adopted for implementation of the different components addressing the required testbed functionalities are also sketched out. The IoT experimentation facility described in this paper is conceived to provide a suitable platform for large scale experimentation and evaluation of IoT concepts under real-life conditions.
Context: One of the main targets of cyber-attacks is data exfiltration, which is the leakage of sensitive or private data to an unauthorized entity. Data exfiltration can be perpetrated by an outsider or an insider of an organization. Given the increasing number of data exfiltration incidents, a large number of data exfiltration countermeasures have been developed. These countermeasures aim to detect, prevent, or investigate exfiltration of sensitive or private data. With the growing interest in data exfiltration, it is important to review data exfiltration attack vectors and countermeasures to support future research in this field. Objective: This paper is aimed at identifying and critically analysing data exfiltration attack vectors and countermeasures for reporting the status of the art and determining gaps for future research. Method: We have followed a structured process for selecting 108 papers from seven publication databases. Thematic analysis method has been applied to analyse the extracted data from the reviewed papers. Results: We have developed a classification of (1) data exfiltration attack vectors used by external attackers and (2) the countermeasures in the face of external attacks. We have mapped the countermeasures to attack vectors. Furthermore, we have explored the applicability of various countermeasures for different states of data (i.e., in use, in transit, or at rest). Conclusion: This review has revealed that (a) most of the state of the art is focussed on preventive and detective countermeasures and significant research is required on developing investigative countermeasures that are equally important; (b) Several data exfiltration countermeasures are not able to respond in real-time, which specifies that research efforts need to be invested to enable them to respond in real-time (c) A number of data exfiltration countermeasures do not take privacy and ethical concerns into consideration, which may become an obstacle in their full adoption (d) Existing research is primarily focussed on protecting data in 'in use' state, therefore, future research needs to be directed towards securing data in 'in rest' and 'in transit' states (e) There is no standard or framework for evaluation of data exfiltration countermeasures. We assert the need for developing such an evaluation framework.
Security is one of the biggest challenges facing organisations in the modern hyper-connected world. A number of theoretical security models are available that provide best practice security guidelines and are widely utilised as a basis to identify and operationalise security requirements. Such models often capture high-level security concepts (e.g., whitelisting, secure configurations, wireless access control, data recovery, etc.), strategies for operationalising such concepts through specific security controls, and relationships between the various concepts and controls. The threat landscape, however, evolves leading to new tacit knowledge that is embedded in or across a variety of security incidents. These unknown knowns alter, or at least demand reconsideration of the theoretical security models underpinning security requirements. In this paper, we present an approach to discover such unknown knowns through multi-incident analysis. The approach is based on a novel combination of grounded theory and incident fault trees. We demonstrate the effectiveness of the approach through its application to identify revisions to a theoretical security model widely used in industry.
The innate dynamicity and complexity of mobile ad-hoc networks (MANETs) has resulted in numerous adhoc routing protocols being proposed. Furthermore, numerous variants and hybrids continue to be reported in the literature. This diversity appears to be inherent to the fieldit seems unlikely that there will ever be a 'one-size-fitsall' solution to the ad-hoc routing problem. However, typical deployment environments for ad-hoc routing protocols still force the choice of a single fixed protocol; and the resultant compromise can easily lead to sub-optimal performance, depending on current operating conditions. In this paper, we address this problem by exploring a framework approach to the construction and deployment of ad-hoc routing protocols. Our framework supports the simultaneous deployment of multiple protocols so that MANET nodes can switch protocols to optimise to current operating conditions. The framework also supports finer-grained dynamic reconfiguration in terms of protocol variation and hybridisation. We evaluate our framework by using it to construct and (simultaneously) deploy two popular ad-hoc routing protocols (DYMO and OLSR), and also to derive fine-grained variants of these. We measure the performance and resource overhead of these implementations compared to monolithic R. Ramdhany ( ) · P. Grace · G. ones, and find the comparison to be favourable to our approach.Keywords Ad-hoc routing · Protocol frameworks IntroductionMobile ad-hoc networks (MANETs) employ routing protocols so that out-of-range nodes can communicate with each other via intermediate nodes. Unfortunately, it is hard to design generically-applicable routing protocols in the MANET environment. This is for two main reasons: First, ranging from dynamic military networks consisting of hundreds of nodes to smaller-scale multi-hop extensions of WLAN technologies through low-power sensor networks, MANETs vary widely in size, node-density, node-degree, node-mobility and bandwidth-delay characteristics (network capacity). Even within each MANET environment, the network experiences dynamic variations in network connectivity as nodes join and leave the network. Over time, the network size, node density, mobility patterns of the nodes, the topological rate of change, degree of the nodes and link capacities vary, making network context dynamic and ephemeral. Second, MANETs are subject to a diverse and dynamic set of application requirements in terms of quality of service (QoS) demands and traffic patterns (i.e. in terms of messaging, request-reply, multicast, publishsubscribe, streaming, etc.). For example, a media-streaming application will make stricter packet latency demands on the network than a messaging application. Collaborative networking applications, on the other hand, produce intermittent and bursty data traffic but yet cannot tolerate prolonged route acquisition times when communication between users switches from instant messaging to video conferencing.
No abstract
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
334 Leonard St
Brooklyn, NY 11211
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.