Securing instant messaging based on blockchain with machine learning
ایمن سازی پیام های فوری بر اساس blockchain با یادگیری ماشین-2019
Instant Messaging (IM) offers real-time communications between two or more participants on Internet. Nowadays, most IMs take place on mobile applications, such as WhatsApp, WeChat, Viber and Facebook Messenger, which have more users than social networks, such as Twitter and Facebook. Among the applications of IMs, online shopping has become a part of our everyday life, primarily those who are busiest. However, transaction disputes are often occurred online shopping. Since most IMs are centralized and message history is not stored in the center, the messaging between users and owners of online shops are not reliable and traceable. In China, online shopping sales have soared from practically zero in 2003 to nearly 600 hundred million dollars last year, and now top those in the United States. It is very crucial to secure the instant messaging in online shopping in China. We present techniques to exploit blockchain and machine learning algorithms to secure instant messaging. Since the cryptography of Chinese national standard is encouraged to adopt in security applications of China, we propose a blockchain-based IM scheme with the Chinese cryptographic bases. First, we design a message authentication model based on SM2 to avoid the counterfeit attack and replay attack. Second, we design a cryptographic hash mode based on SM3 to verify the integrity of message. Third, we design a message encryption model based on SM4 to protect the privacy of users. Besides, we propose a method based on machine learning algorithms to monitor the activity on blockchain to detect anomaly. To prove and verify the blockchain-based IM scheme, a blockchain-based IM system has been designed on Linux platforms. The implementation result shows that it is a practical and secure IM system, which can be applied to a variety of instant messaging applications directly.
Keywords: Instant Messaging (IM) | BlockChain | Machine learning | Distributed Ledger Technology (DLT) | Safety and security
Modelling continued use of information systems from a forward-looking perspective: Antecedents and consequences of hope and anticipated regret
مدلسازی استفاده مستمر از سیستمهای اطلاعاتی از یک دیدگاه گاه به جلو: سوابق و پیامدهای امید و حسرت پیش بینی شده -2018
This study focuses on two future-oriented emotions, hope and anticipated regret, to predict continued use of information systems. Empirical results based on two studies show that these emotions can exert independent and additive effects on continued use, controlling for previous use behaviour and satisfaction. Interestingly, the effect of hope on continued use is insignificant during initial use but becomes significant at the later stage. Furthermore, disconfirmation and involvement are identified as antecedents of hope and anticipated regret. These findings suggest that incorporating forward-looking variables into models of continued use is necessary and that their influence can be dynamic in nature.
keywords: Continued use| Hope| Anticipated regret| Appraisal theory| Disconfirmation| Mobile applications
ٍٍEducational apps from the Android Google Play for Greek preschoolers: A systematic review
برنامه های کاربردی آموزشی از بازی اندروید گوگل برای پیش دبستانی های یونان: یک بررسی سیستماتیک-2018
In the seven years since the introduction of the tablet (Apple iPad) in 2010, the use of software for smart mobile devices has grown rapidly in popularity and has become a hotly debated issue in the field of education and child development. However, the rise in popularity of mobile applications (apps) mainly addressed to young children is not in line with a corresponding increase in their quality, as there is conflicting evidence about the real value and suitability of educational apps. The purpose of this study was to examine whether self-proclaimed educational apps for Greek preschoolers have been designed in accordance with developmentally appropriate standards to contribute to the social, emotional and cognitive development of children in formal and informal learning environments. The study results were discouraging. The majority of the apps aimed to teach children the basics about numbers and letters. Overall, they were drill-and-practice-style, based on a low level of thinking skills, thereby promoting rote learning, and were unable to contribute to a deeper conceptual understanding of certain concepts.
keywords: Media in education| Applications in subject areas| Elementary education| Interactive learning environments
ارزیابی عملکرد شبکه های نوری و بی سیم برای پروژه CONDOR
سال انتشار: 2018 - تعداد صفحات فایل pdf انگلیسی: 9 - تعداد صفحات فایل doc فارسی: 20
شبکه های بی سیم و نوری امروزه به طور گسترده مورد استفاده قرار می گیرند. این شبکه ها با توجه به اتصال نوری خود توانایی بالایی ایجاد کرده و اجازه توسعه برنامه های کاربردی چند کاربره را می دهند. از آنجائیکه عملکرد شبکه یک مسئله مهم برای ارائه خدمات به تعداد زیادی از کاربران است در حالی که اطمینان از کیفیت خدمات کاربران مورد نیاز می¬باشد، هدف این پروژه CONDOR ارزیابی عملکرد شبکه های بی سیم و نوری از لحاظ کیفیت لینک، خروجی، حرکت نامنظم اتفاقی و تاخیر است. نتایج ما نشان می دهد که خروجی بالا در شبکه های نوری و بی سیم یک بار خروجی بزرگ از طریق برنامه های تلفن همراه را حمایت می¬کند، در حالی که اتصالات شبکه بی سیم P2P برخی از برنامه های ویدئویی را برهم می زند.
کلید واژه ها: عملکرد شبکه | برنامه های موبایل | شبکه بی سیم P2P
|مقاله ترجمه شده|
Understanding the web maturity of Polish DMOs
درک بلوغ وب DMOs لهستان-2018
In recent years, online communication has become an integral part of the functioning of different institutions and enterprises. This includes the area of tourism. Due to the immense marketing opportunities offered by in formation and communication technologies, it can be argued that destination management organizations (DMOs) around the world should rise to the challenge of climbing to the next level of ‘web maturity’. The aims of this study are focused on investigating and comparing the online marketing activities of selected Polish DMOs in the years 2012 and 2016, as well as discovering and explaining the main motivations, facilitators and barriers to conducting such activities. The study is also an attempt to identify how any barriers encountered that are en countered may be overcome, and presents some potential solutions and good practices for DMOs to learn from. The results of the study show that Facebook is still the most popular social media platform used by Polish tourist organizations. Current trends are mainly focused on mobile applications development. In turn, there is a lack of relevant skills, financial and human resources, which are the main barriers related to the increased use of web marketing.
Keywords: eTourism ، Web maturity ، Online marketing ، DMOs ، Poland
آنتن های جدید پهن باند برای مخابرات سیار آینده
سال انتشار: 2018 - تعداد صفحات فایل pdf انگلیسی: 10 - تعداد صفحات فایل doc فارسی: 33
آنتن های فشرده، مسطح ، متقاطر و پهن باند سرآتش (انتهاآتش) مبتنی بر شکل جدید آسیاب بادی در این مقاله برای مخابرات سیار آینده، ارائه شده است. ساختار نامتقارن آنتن های پیشنهادی موجب تشعشع این آنتن ها در جهت تراز آنتن می شود در حالی که ساختار متقاطر، رفتار پهن باند را فراهم می آورد. در مرحله اول، یک آنتن UWB با استفاده از زیرلایه FR4 با اندازه 34 میلیمتر در 30 میلیمتر برای محدوده فرکانسی از 4 گیگاهرتز تا 10 گیگاهرتز و پیک بهره 5 dBi طراحی می شود. این آنتن سپس به آنتن دوم تبدیل شده و باند فرکانسی اش به بیشتر از 10 گیگاهرتز یعنی تا 150 گیگاهرتز تغییر می یابد. برای بهبود عملکرد آنتن دوم ، زیرلایه کم اتلاف از جنس راجرز RO4232 استفاده می شود. آنتن نهایی بهینه شده به حداقل پهنای باند کسری یعنی 175٪ در محدوده فرکانسی از 10 گیگاهرتز تا 150 گیگاهرتز دست می یابد و دارای پیک بهره 8.7dBi است در حالی که میانگین بهره کل برابر با 6.4dBi در تمام محدوده فرکانسی را حفظ می کند. طراحی و همچنین عملکرد تجزیه و تحلیل این آنتن نیز برای کاربردهای لینک ماهواره ای LEO به LEO با تجزیه و تحلیل توان اش، بررسی می شود.
کلمات کلیدی: شکل آسیاب بادی | تکنولوژی 5G | پیوندهای میانجی | LEO به LEO درون مداری | آنتن UWB | آنتن متقاطر سر آتش
|مقاله ترجمه شده|
A Survey on HTTPS Implementation by Android Apps: Issues and Countermeasures
یک بررسی در پیاده سازی HTTPS توسط برنامه های Android: مسائل و اقدامات مقابله با آن-2017
Received 5 July 2016; revised 5 October 2016; accepted 31 October 2016 Available online 11 November 2016 University of Cincinnati, United States KEYWORDS :HTTPS;Android;Mobile security;TLS/SSL;Mobile development Abstract As more and more sensitive data is transferred from mobile applications across unsecured channels, it seems imperative that transport layer encryption should be used in any nontrivial instance. Yet, research indicates that many Android developers do not use HTTPS or violate rules which protect user data from man-in-the-middle attacks. This paper seeks to find a root cause of the disparities between theoretical HTTPS usage and in-the-wild implementation of the protocol by looking into Android applications, online resources, and papers published by HTTPS and Android security researchers. From these resources, we extract a set of barrier categories that exist in the path of proper TLS use. These barriers not only include improper developer practices, but also server misconfiguration, lacking documentation, flaws in libraries, the fundamentally complexTLS PKI system, and a lack of consumer understanding of the importance of HTTPS. Following this discussion, we compile a set of potential solutions and patches to better secure Android HTTPS and the TLS/SSL protocol in general. We conclude our survey with gaps in current understanding of the environment and suggestions for further research. 2016 The Authors. Production and hosting by Elsevier B.V. on behalf of King Saud University. This is an open access article under the CCBY-NC-NDlicense (http://creativecommons.org/licenses/by-nc-nd/4.0/).
KEYWORDS: HTTPS | Android | Mobile security | TLS/SSL | Mobile development
Signalling over-privileged mobile applications using passive security indicators
سیگنالینگ برنامه های خاص تلفن همراه با استفاده از شاخص های امنیتی منفعل-2017
Article history:Available online 16 December 2016Keywords:Over-privilege Mobile applications Application store Usable security PrivacyAndroidAs mobile devices have evolved from simple phones to rich computing systems, the data stored on these multi-taskers have consequently become more sensitive and private. Due to this, modern mobile oper- ating systems include sophisticated permission systems for restricting the access to this device for the mobile applications. However, many applications acquire more permissions than required. These over- privileged applications can affect data security and user privacy. All application permissions are indicated to the user, but these notiﬁcations have been shown to be ignored or not understood. Thus, other mech- anisms need to be improved.This paper presents design approaches to communicate the degree of over-privilege in mobile applica- tions. It uses an additional rating system in application stores to inform users before making the decision of installing a speciﬁc application. The approaches have been evaluated in a usability study based on distinct prototype Android application stores. The ﬁndings show that passive security indicators can be applied to inﬂuence the decision-making process of users before downloading and installing an applica- tion.© 2016 Elsevier Ltd. All rights reserved.1.
Keywords: Over-privilege | Mobile applications | Application store | Usable security | Privacy Android
A cross-domain framework for designing healthcare mobile applications mining social networks to generate recommendations of training and nutrition planning
یک چارچوب متقابل دامنه برای طراحی برنامه های کاربردی سیار بهداشت و درمان برای ایجاد برنامه های آموزشی و برنامه ریزی تغذیه-2017
Nowadays, people are practicing physical exercise in order to maintain good health conditions. Such physical workouts are required by a plan, which should be designed and supervised by sport specialists and medical assistants. Thus, the exercise sessions shall start with consultation of a coach, doctor and dietician; however, many times this scenario is not presented. In typical activities such as running, cycling and fitness, people use health mobile apps with their smartphones, which offer support for these activities. Nevertheless, the functionality and operation of these applications are isolated, because many and long questionnaires are performed. Additionally, the physical and health state of a user is not considered. These issues would be taken into account for determining recommendations about the time for doing exercise and the kind of activity for each person. In this work, a social semantic mobile framework to generate recommendations where a mobile applica tion allows sensing the physical performance, taking into consideration medical criteria with smartphones is proposed. The approach includes a semantic cross-information that comes from social network and official data as well as sport activities and medical knowl edge. This knowledge is translated into application ontologies related directly to health, nutrition and training domains. The methodology also covers physical fitness tests and a monitoring tool for evaluating the nutrition plan and the correct execution of the training. As case study, the mobile application offers to evaluate the physical and health conditions of a runner, automatically generate a nutrition plan and training, monitor plans and recom puted them if users make changes in their routines. The data provided from the social net work are used as feedback in the application, in order to make the training and nutrition plans more flexible by applying spatio-temporal analysis based on machine learning. Finally, the generated training and nutrition plans were validated by specialists, they have demonstrated 82% of effectiveness rate in exercise training routines and 86% in nutrition plans. In addition, the results were compared with isolated approaches and manual recom mendations made by specialists, the obtained overall performance was 81%.
Breaking into the vault: privacy, security and forensic analysis of android vault applications
شکستن به درون طاق : حریم خصوصی ،امنیت و تحلیل و بررسی قانونی برنامه کاربردی طاق اندروید-2017
In this work we share the first account for the forensic analysis, security and privacy of Android vault applications. Vaults are designed to be privacy enhancing as they allow users to hide personal data but may also be misused to hide incriminating files. Our work has already helped law enforcement in the state of Connecticut to reconstruct 66 incriminating images and 18 videos in a single criminal case. We present case studies and results from analyzing 18 Android vault applications (accounting for nearly 220 million downloads from the Google Play store) by reverse engineering them and examining the forensic artifacts they produce. Our results showed that 12 18 obfuscated their code and 5 18 applications used native libraries hindering the reverse engineering process of these applications. However, we still recovered data from the applications without root access to the Android device as we were able to ascertain hidden data on the device without rooting for 10 18 of the applications. 6 18 of the vault applications were found to not encrypt photos they stored, and 8 18 were found to not encrypt videos. 7 18 of the applications were found to store passwords in cleartext. We were able to also implement a swap attack on 5 18 applications where we achieved unauthorized access to the data by swapping the files that contained the password with a self-created one. In some cases, our findings illustrate unfavorable security implementations of privacy enhancing applications, but also showcase practical mechanisms for investigators to gain access to data of evidentiary value. In essence, we broke into the vaults.
Keywords: Forensics | Mobile applications | Privacy | Security | Vault Applications | Android