A comprehensive survey of hardware-based security techniques from an architectural perspective

Wireless sensor networks (WSNs) have a significant potential in diverse applications. In contrast to WSNs in a small-scale setting, the real-world adoption of large-scale WSNs is quite slow particularly due to the lack of robustness of protocols at all levels. Upon the demanding need for their experimental verification and evaluation, researchers have developed numerous WSN testbeds. While each individual WSN testbed contributes to the progress with its own unique innovation, still a missing element is an analysis on the overall system architecture and methodologies that can lead to systematic advances. This paper seeks to provide a framework to reason about the evolving WSN testbeds from the architectural perspective. We define three core requirements for WSN testbeds, which are scalability, flexibility, and efficiency. Then, we establish a taxonomy of WSN testbeds that represents the architectural design space by a hierarchy of design domains and associated design approaches. Through a comprehensive literature survey of existing prominent WSN testbeds, we examine their best practices for each design approach in our taxonomy. Finally, we qualitatively evaluate WSN testbeds for their responsiveness to the aforementioned core requirements by assessing the influence by each design approach on the core requirements and suggest future directions of research.

PurposeWith the increasing spread of ontologies in various domains, units have gradually become an essential part of ontologies and units ontologies have been developed to offer a better expression ability for the practical usage. From the perspectives of architecture, comparison and reuse, the purpose of this paper is to provide a comprehensive survey on four mainstream units ontologies: quantity-unit-dimension-type, quantities, units, dimensions and values, ontology of units of measure and units ontology (UO) of the open biomedical ontologies, in order to address well the state of the art and the reuse strategies of the UO.Design/methodology/approachAn architecture of units ontologies is presented, in which the relations between key factors (i.e. units of measure, quantity and dimension) are discussed. The criteria for comparing units ontologies are developed from the perspectives of organizational structure, pattern design and application scenario. Then, the authors compare four typical units ontologies based on the proposed comparison criteria. Furthermore, how to reuse these units ontologies is discussed in materials science domain by utilizing two reuse strategies of partial reference and complete reference.FindingsUnits ontologies have attracted high attention in the scientific domain. Based on the comparison of four popular units ontologies, this paper finds that different units ontologies have different design features from the perspectives of basis structure, units conversion and axioms design; a UO is better to be applied to the application areas that satisfy its design features; and many challenges remain to be done in the future research of the UO.Originality/valueThis paper makes an extensive review on units ontologies, by defining the comparison criteria and discussing the reuse strategies in the materials domain. Based on this investigation, guidelines are summarized for the selection and reuse of units ontologies.

As the complexity and the scale of networks continue to grow, the management of the network operations and security defense has become a challenging task for network administrators, and many network devices may not be updated timely, leaving the network vulnerable to potential attacks. Moreover, the static nature of our existing network infrastructure allows attackers to have enough time to study the static configurations of the network and to launch well-crafted attacks at their convenience while defenders have to work around the clock to defend the network. This asymmetry, in terms of time and money invested, has given attackers greater advantage than defenders and has made the security defense even more challenging. It calls for new and innovative ideas to fix the problem. Moving Target Defense (MTD) is one of the innovative ideas which implements diverse and dynamic configurations of network systems with the goal of puzzling the exact attack surfaces available to attackers. As a result, the system status with the MTD strategy is unpredictable to attackers, hard to exploit, and is more resilient to various forms of attacks. There are existing survey papers on various MTD techniques, but to the best of our knowledge, insufficient focus was given on the architectural perspective of MTD strategies or some new technologies such as Internet of Things (IoT). This paper presents a comprehensive survey on MTD and implementation strategies from the perspective of the architecture of the complete network system, covering the motivation for MTD, the explanation of main MTD concepts, ongoing research efforts of MTD and its implementation at each level of the network system, and the future research opportunities offered by new technologies such as Software-Defined Networking (SDN) and Internet of Things (IoT).

The data scale, science analysis and processing complexity in scientific community are growing exponentially in the "big data" era. Cloud computing paradigm has been widely adopted to provide unprecedented scalability and resources on demand, while scientific workflow management systems (SWFMSs) have been proven essential to scientific computing and services computing. Uniting the advantages of both cloud computing and SWFMSs can bring a valuable solution to the scientific "big data" problem to researchers. Although a series of work have concentrated on integrating SWFMSs with Cloud platforms that provide much experience for future research and development, a study from an architectural perspective is still missing. The main contributions of this paper are: 1) based on a comprehensive survey of the available integration options, we propose a service framework for integrating SWFMSs with Cloud computing, 2) we implement the service framework based on various Cloud platforms to validate the feasibility of the proposed framework, and 3) we conduct a set of experiments to demonstrate the capability and use a NASA MODIS image processing workflow as a showcase of the implementation.

Scientific workflows have recently emerged as a new paradigm for scientists to formalize and structure complex and distributed scientific processes to enable and accelerate many scientific discoveries. In contrast to business workflows, which are typically control flow oriented, scientific workflows tend to be dataflow oriented, introducing a new set of requirements for system development. These requirements demand a new architectural design for scientific workflow management systems (SWFMSs). Although several SWFMSs have been developed that provide much experience for future research and development, a study from an architectural perspective is still missing. The main contributions of this paper are: 1) based on a comprehensive survey of the literature and identification of key requirements for SWFMSs, we propose the first reference architecture for SWFMSs; 2) according to the reference architecture, we further propose a service-oriented architecture for View (a VIsual sciEntific Workflow management system); 3) we implemented View to validate the feasibility of the proposed architectures; and 4) we present a View-based scientific workflow application system (SWFAS), called FiberFlow, to showcase the application of our View system.

Scientific workflows have recently emerged as a new paradigm for scientists to formalize and structure complex and distributed scientific processes to enable and accelerate many scientific discoveries. In contrast to business workflows, which are typically control flow oriented, scientific workflows tend to be dataflow oriented, introducing a new set of requirements for system development. These requirements demand a new architectural design for scientific workflow management systems (SWFMSs). Although several SWFMSs have been developed that provide much experience for future research and development, a study from an architectural perspective is still missing. The main contributions of this paper are: (i) based on a comprehensive survey of the literature and identification of key requirements for SWFMSs, we propose the first reference architecture for SWFMSs, (ii) in compliance with the reference architecture, we further propose a service-oriented architecture for VIEW (a VIsual sciEntificWorkflow management system), (iii) we implement VIEW to validate the feasibility of the proposed architectures, and (iv) we present two case studies to showcase the applications of our VIEW system.

A comprehensive survey of robust deep learning in computer vision

Precision medicine provides a holistic perspective of an individual’s health, including genetic, environmental, and lifestyle aspects to realize individualized therapy. The development of the internet of things (IoT) devices, the widespread emergence of electronic medical records (EMR), and the rapid progress of cloud computing and artificial intelligence provide an opportunity to collect healthcare big data throughout the lifespan and analyze the disease risk at all stages of life. Thus, the focus of precision medicine is shifting from treatment toward prediction and prevention,i.e., precision health. To this end, various types of data such as omics, imaging, EMR, continuous physiological monitoring, lifestyle, and environmental information, need to be collected, tracked, managed and shared. Thus, internet-of-medical things (IoMT) is crucial for assimilating the health systems, applications, services, and devices that can improve the speed and accuracy of diagnosis and treatments along with real-time monitoring and modification of patient behavior as well as health status. However, security has emerged as a growing concern owing to the proliferation of IoMT devices. The increasing interconnectivity of IoMT-enabled devices with health data reception, transmission, and processing significantly increases the number of potential vulnerabilities within a system. To address the security issues of precision health in IoMT systems, this study reviews the state-of-the-art techniques and schemes from the perspective of a hierarchical system architecture. We present an IoMT system model comprising three layers: the sensing layer, network layer, and cloud infrastructure layer. In particular, we discuss the vulnerabilities and threats to security in each layer and review the existing security techniques and schemes corresponding to the system components along with their functionalities. Owing to the unique nature of biometric features in medical and health services, we highlight the biometrics-based technologies applied in IoMT systems, which contribute toward a considerable difference between the security solutions of existing IoT systems. Furthermore, we summarize the challenges and future research directions of IoMT systems to ensure an improved and more secure future of precision health.

The CRN technology permits the unlicensed operation to be in licensed band. The CRN model poses many challenges in power efficiency, spectrum management, spectrum detection, environment awareness, new distributed algorithm design, distributed spectrum measurements, QoS guarantees, and security. Cognitive radio (CR) is an emerging technology that allows the dynamic deployment of highly adaptive radios that are built upon software-defined radio technology. CR has been considered as a main technology for future wireless communications and mobile communication. This paper presents a comprehensive survey on the CRN specifically from the perspectives of applications, network architectures and protocol design issues. First, major applications of the CRN are reviewed. Then, different architectures of the CRN are presented. The unique characteristics of CRN rise to different protocol design issues. These research issues (e.g. spectrum management, interference, routing, security, and location complexity) and the related approaches to address them in the CRN are described.

In recent years, deep neural networks have been successful in both industry and academia, especially for computer vision tasks. The great success of deep learning is mainly due to its scalability to encode large-scale data and to maneuver billions of model parameters. However, it is a challenge to deploy these cumbersome deep models on devices with limited resources, e.g., mobile phones and embedded devices, not only because of the high computational complexity but also the large storage requirements. To this end, a variety of model compression and acceleration techniques have been developed. As a representative type of model compression and acceleration, knowledge distillation effectively learns a small student model from a large teacher model. It has received rapid increasing attention from the community. This paper provides a comprehensive survey of knowledge distillation from the perspectives of knowledge categories, training schemes, teacher-student architecture, distillation algorithms, performance comparison and applications. Furthermore, challenges in knowledge distillation are briefly reviewed and comments on future research are discussed and forwarded.

The mobile social network (MSN) combines techniques in social science and wireless communications for mobile networking. The MSN can be considered as a system which provides a variety of data delivery services involving the social relationship among mobile users. This paper presents a comprehensive survey on the MSN specifically from the perspectives of applications, network architectures, and protocol design issues. First, major applications of the MSN are reviewed. Next, different architectures of the MSN are presented. Each of these different architectures supports different data delivery scenarios. The unique characteristics of social relationship in MSN give rise to different protocol design issues. These research issues (e.g., community detection, mobility, content distribution, content sharing protocols, and privacy) and the related approaches to address data delivery in the MSN are described. At the end, several important research directions are outlined.

Physical layer security (PLS) has emerged as a new concept and powerful alternative that can complement and may even replace encryption-based approaches, which entail many hurdles and practical problems for future wireless systems. The basic idea of PLS is to exploit the characteristics of the wireless channel and its impairments including noise, fading, interference, dispersion, diversity, etc. in order to ensure the ability of the intended user to successfully perform data decoding while preventing eavesdroppers from doing so. Thus, the main design goal of PLS is to increase the performance difference between the link of the legitimate receiver and that of the eavesdropper by using well-designed transmission schemes. In this survey, we propose a conceptual, generic, and expandable framework for classifying the existing PLS techniques against wireless passive eavesdropping. In this flexible framework, the security techniques that we comprehensively review in this treatise are divided into two primary approaches: signal-to-interference-plus-noise ratio-based approach and complexity-based approach. The first approach is classified into three major categories: first, secrecy channel codes-based schemes; second, security techniques based on channel adaptation; third, schemes based on injecting interfering artificial (noise/jamming) signals along with the transmitted information signals. The second approach (complexity-based), which is associated with the mechanisms of extracting secret sequences from the shared channel, is classified into two main categories based on which layer the secret sequence obtained by channel quantization is applied on. The techniques belonging to each one of these categories are divided and classified into three main signal domains: time, frequency and space. For each one of these domains, several examples are given and illustrated along with the review of the state-of-the-art security advances in each domain. Moreover, the advantages and disadvantages of each approach alongside the lessons learned from existing research works are stated and discussed. The recent applications of PLS techniques to different emerging communication systems such as visible light communication, body area network, power line communication, Internet of Things, smart grid, mm-Wave, cognitive radio, vehicular ad-hoc network, unmanned aerial vehicle, ultra-wideband, device-to-device, radio-frequency identification, index modulation, and 5G non-orthogonal multiple access based-systems, are also reviewed and discussed. The paper is concluded with recommendations and future research directions for designing robust, efficient and strong security methods for current and future wireless systems.

Information security has always been a critical issue in wireless networks. Apart from other secure techniques, covert communication emerges as a potential solution to security for wireless networks owing to its high-security level. In covert communication networks, the transmitter hides the transmitted signals into environmental or artificial noise by introducing randomness to avoid detection at the warden. By eliminating the existence of transmitted signals at the warden, information security can be preserved more solidly than other secure transmission techniques, i.e., without noticing the existence. Due to the promising security protection, covert communication has been successfully utilized in tremendous wireless communication scenarios. However, fundamental challenges in its practical implementation still exist, e.g., the effectiveness of randomness utilization, the low signal-to-interference-plus-noise ratio at legitimate users, etc. In this survey, we demonstrate a comprehensive review concentrating on the applications, solutions, and future challenges of covert communications. Specifically, the covert principle and research categories are first introduced. Then, the applications in the networks with different topologies and the effective covert techniques in the existing literature are reviewed. We also discuss the potential implementation of covert communications in future networks and the open challenges.

With the ever-increasing requirement of storage and computation resources, it is unrealistic for local devices (with limited sources) to implement large-scale data processing. Therefore, individuals or corporations incline to outsource their computation requirements to the cloud. However, data outsourcing brings security and privacy concerns to users when the cloud servers are not fully trusted. Recently, extensive research works are conducted, aiming at secure outsourcing schemes for diverse computational tasks via different technologies. In this survey, we provide a technical review and comparison of existing outsourcing schemes using diverse secure computation methods. Specifically, we begin the survey by describing security threats and requirements of secure outsourcing computation. Meanwhile, we introduce four secure techniques (i.e., secure multi-party computation, pseudorandom functions, software guard extensions, and perturbation approaches) and their related works. Then, we focus on the theories and evolution of homomorphic encryption, as well as the applications of the basic operations and application-specific tasks. Finally, we discuss the security and performance of existing works and give future directions in this field.

As a complement to high-layer encryption techniques, physical layer security has been widely recognized as a promising way to enhance wireless security by exploiting the characteristics of wireless channels, including fading, noise, and interference. In order to enhance the received signal power at legitimate receivers and impair the received signal quality at eavesdroppers simultaneously, multiple-antenna techniques have been proposed for physical layer security to improve secrecy performance via exploiting spatial degrees of freedom. This paper provides a comprehensive survey on various multiple-antenna techniques in physical layer security, with an emphasis on transmit beamforming designs for multiple-antenna nodes. Specifically, we provide a detailed investigation on multiple-antenna techniques for guaranteeing secure communications in point-to-point systems, dual-hop relaying systems, multiuser systems, and heterogeneous networks. Finally, future research directions and challenges are identified.