Keyvan Ansari

Vehicle-to-infrastructure (V2I) communication, a subset of Vehicle-to-everything (V2X), plays a critical role in enhancing road safety and traffic efficiency. While DSRC and C-V2X technologies have standardised physical layer communication, the upper layers remain flexible and open to diverse implementations. Existing IoT application layer protocols (ALPs), built on legacy TCP and UDP transport protocols, may exhibit suboptimal performance in dynamic V2I environments. This study evaluates six ALPs, i.e., AMQP, CoAP, DDS, MQTT, WebSocket (WS), and XMPP, across twenty protocol combinations, including modern QUIC and SCTP transport protocols. Using a simulation framework that integrates Omnet++, SUMO, Veins, and OpenStreetMap data, we assess key performance metrics: latency, packet delivery ratio, throughput, inter-arrival time, and connection establishment time. Our results indicate that while most protocol combinations perform adequately under low node densities (e.g., fewer than 100 nodes), network congestion leads to performance degradation. Nevertheless, CoAP over QUIC/UDP and WS over QUIC emerge as promising candidates for disseminating awareness messages across diverse V2I communication scenarios within the context and test limits.

The concept of smart cities continues to gain traction as urban and rural areas increasingly adopt Internet-of-things (IoT), sensors and smart devices, generating vast amounts of data. However, the collection, processing, and transmission of this big data introduce multi-dimensional challenges, intensifying the need for robust Information Assurance (IA) and Data Quality (DQ) solutions. Researchers have proposed various methodologies to address these challenges, including encryption techniques (e.g., homomorphic and lightweight encryption, cryptographic methods), deep learning models (e.g., LSTM), tree-based machine learning algorithms, government regulations (e.g., GDPR, ePrivacy Directive), blockchain-based integrity frameworks, and cloud-centric security and DQ architectures. This study iteratively classifies these methodologies. While researchers and experts have employed these methodologies and solutions to address IA/DQ challenges, our survey reveals a critical gap. There is a lack of holistic strategies for integrating IA and DQ in smart cities, particularly in big data and IoT use cases. Unlike prior surveys, this paper provides a novel IA/DQ-centric perspective, highlighting unresolved challenges such as governing standards for real-time data and DQ policy. As such, we provide a guide for future research toward developing a cohesive end-to-end assurance framework for smart cities.
[Display omitted]

Botnets represent a significant and evolving cybersecurity threat, leveraging networks of compromised devices for various malicious activities, including data exfiltration (e.g., Truebot malware), credential theft, and distributed denial-of-service (DDoS) attacks. heir increasing sophistication includes advanced evasion techniques such as domain generation algorithms (DGAs), encrypted command-and-control (C&C) channels, and peer-to-peer (P2P) architectures. These innovations pose substantial challenges to conventional detection systems. Existing surveys typically examine isolated detection methodologies or specific datasets, failing to address comprehensively the broader landscape, especially regarding adversarial manipulation of machine learning (ML) and artificial intelligence (AI) feature sets. To address this critical gap, this survey introduces the first systematic adversarial-aware analysis of botnet detection strategies. It specifically evaluates how adversaries exploit ML/AI feature manipulation, such as through noise injection and feature perturbation, to evade detection, a perspective that has not been quantitatively addressed in prior literature. A core contribution is our explicit benchmarking of detection model robustness across four quantitative metrics, faithfulness, monotonicity, sensitivity, and complexity, providing novel insights into the resilience of state-of-the-art models under adversarial conditions. Additionally, we highlight persistent practical challenges including limited dataset diversity and dependence on high-quality labeled data, and propose potential mitigation approaches such as synthetic data generation, federated and semi-supervised learning, and lightweight detection architectures tailored for resource-constrained IoT deployments. Finally, we outline key future research directions emphasizing standardized robustness evaluation frameworks, explainable AI to enhance interpretability and trust, and privacy-preserving collaborative data-sharing mechanisms. By integrating this adversarial-aware perspective with a comprehensive and practical evaluation framework, this work contributes to the field’s understanding of botnet detection and supports the design of more robust and resilient cybersecurity solutions through insights relevant to both researchers and practitioners.

Understanding the attributes of critical data and implementing suitable security measures help organisations bolster their data-protection strategies and diminish the potential impacts of ransomware incidents. Unauthorised extraction and acquisition of data are the principal objectives of most cyber invasions. We underscore the severity of this issue using a recent attack by the Clop ransomware group, which exploited the MOVEit Transfer vulnerability and bypassed network-detection mechanisms to exfiltrate data via a Command and Control server. As a countermeasure, we propose a method called Buffer-Based Signature Verification (BBSV). This approach involves embedding 32-byte tags into files prior to their storage in the cloud, thus offering enhanced data protection. The BBSV method can be integrated into software like MOVEit Secure Managed File Transfer, thereby thwarting attempts by ransomware to exfiltrate data. Empirically tested using a BBSV prototype, our approach was able to successfully halt the encryption process for 80 ransomware instances from 70 ransomware families. BBSV not only stops the encryption but also prevents data exfiltration when data are moved or written from the original location by adversaries. We further develop a hypothetical exploit scenario in which an adversary manages to bypass the BBSV, illicitly transmits data to a Command and Control server, and then removes files from the original location. We construct an extended state space, in which each state represents a tuple that integrates user authentication and system components at the filesystem level.

Intelligent transportation and autonomous mobility solutions rely on cooperative awareness developed by exchanging proximity and mobility data among road users. To maintain pervasive awareness on roads, all vehicles and vulnerable road users must be identified, either cooperatively, where road users equipped with wireless capabilities of Vehicle-to-Everything (V2X) radios can communicate with one another, or passively, where users without V2X capabilities are detected by means other than V2X communications. This necessitates the establishment of a communications channel among all V2X-enabled road users, regardless of whether their underlying V2X technology is compatible or not. At the same time, for cooperative awareness to realize its full potential, non-V2X-enabled road users must also be communicated with where possible or, leastwise, be identified passively. However, the question is whether current V2X technologies can provide such a welcoming heterogeneous road environment for all parties, including varying V2X-enabled and non-V2X-enabled road users? This paper investigates the roles of a propositional concept named Augmenting V2X Roadside Unit (A-RSU) in enabling heterogeneous vehicular networks to support and benefit from pervasive cooperative awareness. To this end, this paper explores the efficacy of A-RSU in establishing pervasive cooperative awareness and investigates the capabilities of the available communication networks using secondary data. The primary findings suggest that A-RSU is a viable solution for accommodating all types of road users regardless of their V2X capabilities.

Networking protocols have undergone significant developments and adaptations to cater for unique communication needs within the IoT paradigm. However, meeting these requirements in the context of vehicle-to-infrastructure (V2I) communications becomes a multidimensional problem due to factors like high mobility, intermittent connectivity, rapidly changing topologies, and an increased number of nodes. Thus, examining these protocols based on their characteristics and comparative analyses from the literature has shown that there is still room for improvement, particularly in ensuring efficiency in V2I interactions. This study aims to investigate the most viable network protocols for V2I communications, focusing on ensuring data quality (DQ) across the first three layers of the IoT protocol stack. This presents an improved understanding of the performance of network protocols in V2I communication. The findings of this paper showed that although each protocol offers unique strengths when evaluated against the identified dimensions of DQ, a cross-layer protocol fusion may be necessary to meet specific DQ dimensions. With the complexities and specific demands of V2I communications, it’s clear that no single protocol from our tri-layered perspective can solely fulfil all IP-based communication requirements given that the V2I communication landscape is teeming with heterogeneity, where a mixture of protocols is required to address unique communication demands.

Authentication for controller area network (CAN) buses in an intra-vehicular network involving electronic control units (ECUs) is a challenging factor. The Society of Automotive Engineers standard (SAE J1939) incorporating the ISO 11898-1 specification for the data link and physical layers of the standard CAN and CAN-flexible data rate (CAN-FD) handles communication among ECUs. The SAE J1939 is vulnerable to replay, masquerading and machine-in-the-middle (MITM) attacks. To prevent such attacks, there exist protocol suites for resource-constrained and resource-unconstrained nodes proposed in the literature which are not formally analysed. We formally analyse one of the comprehensive protocol suites using the state-of-the-art Tamarin automated validation tool. To mitigate the identified attacks, we propose two new authentication protocols. At first, we propose one pass authentication protocol for computationally restricted nodes. For nodes that are not restricted computationally, we present a certificateless signature-based authentication protocol. Additionally, we present a new certificateless key insulated manageable signature (CL-KIMS) scheme for signature-based authentication protocol. CL-KIMS ensures key insulation and random access key update properties, and assures self-healing property. The security of the proposed protocol suite and signature scheme is formally analysed using the random oracle model (ROM). Especially, CL-KIMS scheme is provably secure in the ROM against Type-I and Type-II adversaries. A detailed performance comparison and simulation study show that the proposed protocol suite has lesser communication overhead and ensures robust security as compared to the existing protocol suites.

Vehicular communications networks form the backbone of cooperative intelligent transport systems to support road safety and infotainment applications amongst users. IEEE 802.11p of the Dedicated Short-Range Communications protocol stack has been the technology of choice for Vehicle-to-Everything communications within the United States and Japan and has been extensively trailed in other countries such as Australia. With the advent of cellular technologies, a new, competing cellular-based Device-to-Device technology, known as Cellular Vehicle-to-Everything Sidelink, has emerged. Considering both technologies suffer from performance limitations, there is a current debate as to which of these technologies will eventually dominate the cooperative intelligent transport systems landscape if they cannot coexist. To investigate mechanisms of spectrum sharing between Dedicated Short-Range Communications and Cellular Vehicle-to-Everything for deployment in a common region, this paper initially reviews the background and technicalities of both technologies. The paper subsequently sets forth Vehicle-to-Everything platform models that allow not only spectrum sharing at the ITS band but also concurrent and simultaneous propagations of Dedicated Short-Range Communications and Cellular Vehicle-to-Everything messages. The transmission and reception mechanisms of hybrid Vehicle-to-Everything platforms are verified through a describing function model.

The Internet of Things (IoT) devices are being widely deployed and have been targeted and victimized by malware attacks. The mathematical modelling for an accurate prediction of malicious spreads of botnets across IoT networks is of great importance. Suppose the spread of IoT botnets can be predicted using mathematical models, the security community can then take the necessary steps to deter an outbreak of botnet attacks and minimize the damage caused by malware. This paper surveys mobile malware epidemiological models to understand the mechanisms and dynamics of malware spread for IoT botnets. We describe the characteristics of IoT botnets based on the Susceptible-Infection-Recovery-Susceptible and Susceptible-Exposed-Infection-Recovery-Susceptible epidemic models. These models extend the traditional SIR (Susceptible-Infection-Recovery) model by adding extra states and parameters specific to the epidemic spread of IoT botnets. We use mathematical modelling to simulate complex spreading processes of IoT botnets and interpret the influence of an epidemic on distributed denial of service attacks. We use MATLAB and R to illustrate the use of a stochastic IoT botnet transmission model in the identification and mitigation of challenges towards minimizing the impact of devastating IoT botnet epidemics.

In recent years, hospitals have spent a significant amount on technologically advanced medical equipment to ensure not only the accuracy and reliability of medical devices, but also the required level of performance. Although medical devices have been revolutionized thanks to technology advancements, outdated maintenance strategies are still used in healthcare systems and services. Also, maintenance plans must often be developed for a mixture of advanced and obsolete technologies being used in medical devices. Therefore, most healthcare organizations have been facing the challenge of detecting equipment-related risks that would have been alleviated if effective integrity monitoring mechanisms were in place. Additionally, continuously growing volumes of large data streams, collected from sensors and actuators embedded into network-enabled sensors and microprocessors of medical equipment, require a scalable platform architecture to support the necessary storage and real-time processing of the data for device monitoring and maintenance. This paper investigates the issue of maintaining medical devices through an Internet-of-Things (IoT)-enabled autonomous integrity monitoring mechanism for those devices generating large-scale real-time data in healthcare organizations. The proposed architecture that includes an integrity monitoring framework and a data analytics module ensures the complete visibility into medical devices and provides a facility to predict possible failures before happening.