Explore the vast range of titles available.

Exploiting Radio Frequency Identification (RFID) technology in healthcare systems has become a common practice, as it ensures better patient care and safety. However, these systems are prone to security vulnerabilities that can jeopardize patient privacy and the secure management of patient credentials. This paper aims to advance state-of-the-art approaches by developing more secure and private RFID-based healthcare systems. More specifically, we propose a lightweight RFID protocol that safeguards patients’ privacy in the Internet of Healthcare Things (IoHT) domain by utilizing pseudonyms instead of real IDs, thereby ensuring secure communication between tags and readers. The proposed protocol has undergone rigorous testing and has been proven to be secure against various security attacks. This article provides a comprehensive overview of how RFID technology is used in healthcare systems and benchmarks the challenges faced by these systems. Then, it reviews the existing RFID authentication protocols proposed for IoT-based healthcare systems in terms of their strengths, challenges, and limitations. To overcome the limitations of existing approaches, we proposed a protocol that addresses the anonymity and traceability issues in existing schemes. Furthermore, we demonstrated that our proposed protocol had a lower computational cost than existing protocols and ensured better security. Finally, our proposed lightweight RFID protocol ensured strong security against known attacks and protected patient privacy using pseudonyms instead of real IDs.

In recent years, massive development in the malware industry changed the entire landscape for malware development. Therefore, cybercriminals became more sophisticated by advancing their development techniques from file-based to fileless malware. As file-based malware depends on files to spread itself, on the other hand, fileless malware does not require a traditional file system and uses benign processes to carry out its malicious intent. Therefore, it evades conventional detection techniques and remains stealthy. This paper briefly explains fileless malware, its life cycle, and its infection chain. Moreover, it proposes a detection technique based on feature analysis using machine learning for fileless malware detection. The virtual machine acquired the memory dumps upon executing the malicious and non-malicious samples. Then the necessary features are extracted using the Volatility memory forensics tool, which is then analyzed using machine learning classification algorithms. After that, the best algorithm is selected based on the k-fold cross-validation score. Experimental evaluation has shown that Random Forest outperforms other machine learning classifiers (Decision Tree, Support Vector Machine, Logistic Regression, K-Nearest Neighbor, XGBoost, and Gradient Boosting). It achieved an overall accuracy of 93.33% with a True Positive Rate (TPR) of 87.5% at zeroFalse Positive Rate (FPR) for fileless malware collected from five widely used datasets (VirusShare, AnyRun, PolySwarm, HatchingTriage, and JoESadbox).

Smart cameras are key sensors in Internet of Things (IoT) applications and often capture highly sensitive information. Therefore, security and privacy protection is a key concern. This paper introduces a lightweight security approach for smart camera IoT applications based on elliptic-curve (EC) signcryption that performs data signing and encryption in a single step. We deploy signcryption to efficiently protect sensitive data onboard the cameras and secure the data transfer from multiple cameras to multiple monitoring devices. Our multi-sender/multi-receiver approach provides integrity, authenticity, and confidentiality of data with decryption fairness for multiple receivers throughout the entire lifetime of the data. It further provides public verifiability and forward secrecy of data. Our certificateless multi-receiver aggregate-signcryption protection has been implemented for a smart camera IoT scenario, and the runtime and communication effort has been compared with single-sender/single-receiver and multi-sender/single-receiver setups.

Smart cities assure the masses a higher quality of life through digital interconnectivity, leading to increased efficiency and accessibility in cities. In addition, a huge amount of data is being exchanged through smart devices, networks, cloud infrastructure, big data analysis and Internet of Things (IoT) applications in the various private and public sectors, such as critical infrastructures, financial sectors, healthcare, and Small and Medium Enterprises (SMEs). However, these sectors require maintaining certain security mechanisms to ensure the confidentiality and integrity of personal and critical information. However, unfortunately, organizations fail to maintain their security posture in terms of security mechanisms and controls, which leads to data breach incidents either intentionally or inadvertently due to the vulnerabilities in their information management systems that either malicious insiders or attackers exploit. In this paper, we highlight the importance of data breaches and issues related to information leakage incidents. In particular, the impact of data breaching incidents and the reasons contributing to such incidents affect the citizens’ well-being. In addition, this paper also discusses various preventive measures such as security mechanisms, laws, standards, procedures, and best practices, including follow-up mitigation strategies.

In smart home environments, the interaction between a remote user and devices commonly occurs through a gateway, necessitating the need for robust user authentication. Despite numerous state-of-the-art user-authentication schemes proposed over the years, these schemes still suffer from security vulnerabilities exploited by the attackers. One severe physical attack is the node capture attack, which allows adversaries to compromise the security of the entire scheme. This research paper advances the state of the art by conducting a security analysis of user-authentication approaches regarding their vulnerability to node capture attacks resulting in revelations of several security weaknesses. To this end, we propose a secure user-authentication scheme to counter node capture attacks in smart home environments. To validate the effectiveness of our proposed scheme, we employ the BAN logic and ProVerif tool for verification. Lastly, we conduct performance analysis to validate the lightweight nature of our user-authentication scheme, making it suitable for IoT-based smart home environments.

The exponential growth of the Internet of Things (IoT) has led to the rapid expansion of interconnected systems, which has also increased the vulnerability of IoT devices to security threats such as distributed denial-of-service (DDoS) attacks. In this paper, we propose a machine learning pipeline that specifically addresses the issue of DDoS attack detection in IoT networks. Our approach comprises of (i) a processing module to prepare the data for further analysis, (ii) a dynamic attribute selection module that selects the most adaptive and productive features and reduces the training time, and (iii) a classification module to detect DDoS attacks. We evaluate the effectiveness of our approach using the CICI-IDS-2018 dataset and five powerful yet simple machine learning classifiers—Decision Tree (DT), Gaussian Naive Bayes, Logistic Regression (LR), K-Nearest Neighbor (KNN), and Random Forest (RF). Our results demonstrate that DT outperforms its counterparts and achieves up to 99.98% accuracy in just 0.18 s of CPU time. Our approach is simple, lightweight, and accurate for detecting DDoS attacks in IoT networks.

This study focuses on understanding the bioconvection in Jeffery–Hamel (JH) flow, which has valuable applications in areas like converging dies, hydrology, and the automotive industry, which make it a topic of practical importance. This research aims to explore Homogeneous–Heterogeneous (HH) chemical reactions in a magnetic Darcy–Forchheimer model with bioconvection in convergent/divergent channels. To analyze the role of porosity, the Darcy–Forchheimer law is applied. The main system of equations is simplified through similarity transformation into ordinary differential equations solved numerically with the help of the NDSolve technique. The results, compared with previous studies for validation, are presented through graphs and tables. The study reveals that in divergent channels, the velocity decreases with higher solid volume fractions, while in convergent channels, it increases. Furthermore, various physical parameters, such as the Eckert number and porosity parameter, increase skin friction in divergent channels but decrease it in convergent channels. These findings suggest that the parameters investigated in this study can effectively enhance homogeneous reactions, providing valuable insights for practical applications.

Trojan Detection—the process of understanding the behaviour of a suspicious file has been the talk of the town these days. Existing approaches, e.g., signature-based, have not been able to classify them accurately as Trojans. This paper proposes TrojanDetector—a simple yet effective multi-layer hybrid approach for Trojan detection. TrojanDetector analyses every downloaded application and extracts and correlates its features on three layers (i.e., application-, user-, and package layer) to identify it as either a benign application or a Trojan. TrojanDetector adopts a hybrid approach, combining static and dynamic analysis characteristics, for feature extraction from any downloaded application. We have evaluated our scheme on three publicly available datasets, namely (i) CCCS- CIC-AndMal-2020, (ii) Cantagio-Mobile, and (iii) Virus share, by using simple yet state-of-the-art classifiers, namely, random forest (RF), decision tree (DT), support vector machine (SVM), and logistic regression (LR) in binary—class settings. SVM outperformed its counterparts and attained the highest accuracy of 96.64%. Extensive experimentation shows the effectiveness of our proposed Trojan detection scheme.

The Marwat-Khisor Range, part of Pakistan's Himalayan frontal fold-thrust belt, showcases thin-skinned tectonics driven by north-south crustal shortening from the Indo-Asian collision. This work presents the structural style, geometries, and potential of the hydrocarbon in the western part of the Marwat Khisor and Sheikh Budin hills. The key structures include the south-divergent thrust sheets, asymmetric folds, and active faults (e.g., Khisor Frontal Thrust) juxtaposing Cambrian strata against younger sediments. Recent deformation near Dhupsari shapes the Punjab foredeep basin, accumulating synorogenic deposits having Permian-Triassic marine sequences that correlate with adjacent ranges. The notable units have shale with high organic content that is rich in carbon, as seen in the outcrop. These units are the Amb Formation and the Sardhai Formation of Permian Age. Based on outcrop observations, these units can act as source rock in the area. The Reservoir potential exists in porous Permian sandstones (e.g., Warchha Sandstone), sealed by Triassic evaporites. The Structural traps (anticlines, fault compartments) and thick carbonate overburden enhance hydrocarbon retention. This system mirrors productive analogs in the Potwar Basin, suggesting significant untapped potential. Recommended exploration includes 3D seismic surveys and geochemical analysis to target areas where mature source rocks align with structural complexity. The region is positioned as a promising frontier for hydrocarbon development, having source, reservoir, and cap rocks within Pakistan's fold-thrust belt.

Cryptojacking is a type of computer piracy in which a hacker uses a victim’s computer resources, without their knowledge or consent, to mine for cryptocurrency. This is made possible by new memory-based cryptomining techniques and the growth of new web technologies such as WebAssembly, allowing mining to occur within a browser. Most of the research in the field of cryptojacking has focused on detection methods rather than prevention methods. Some of the detection methods proposed in the literature include using static and dynamic features of in-browser cryptojacking malware, along with machine learning algorithms such as Support Vector Machine (SVM), Random Forest (RF), and others. However, these methods can be effective in detecting known cryptojacking malware, but they may not be able to detect new or unknown variants. The existing prevention methods are shown to be effective only against web-assembly (WASM)-based cryptojacking malware and cannot handle mining service-providing scripts that use non-WASM modules. This paper proposes a novel hybrid approach for detecting and preventing web-based cryptojacking. The proposed approach performs the real-time detection and prevention of in-browser cryptojacking malware, using the blacklisting technique and statistical code analysis to identify unique features of non-WASM cryptojacking malware. The experimental results show positive performances in the ease of use and efficiency, with the detection accuracy improved from 97% to 99.6%. Moreover, the time required to prevent already known malware in real time can be decreased by 99.8%.