As smartphones have become widespread in the past decade, Wi-Fi signal-based crowd estimation schemes are receiving increased attention. These estimation schemes count the number of unique MAC addresses in Wi-Fi signals, hereafter called probe requests (PRs), instead of counting the number of people. However, these estimation schemes have low accuracy of crowd estimation under MAC address randomization that replaces a unique MAC address with various dummy MAC addresses. To solve this problem, in this paper, we propose an indoor crowd estimation scheme using the number of PRs under MAC address randomization. The main idea of the proposed scheme is to leverage the fact that the number of PRs per a unit of time changes in proportion to the number of smartphones. Since a smartphone tends to send a constant number of PRs per a unit of time, the proposed scheme can estimate the accurate number of smartphones. Various experiment results show that the proposed scheme reduces estimation error by at most 75% compared to the conventional Wi-Fi signal-based crowd estimation scheme in an indoor environment.

Detecting phishing websites is imperative. Among several detection schemes, the promising ones are the visual similarity-based approaches. In those, targeted legitimate website's visual features referred to as signatures are stored in SDB (Signature Database) by the system administrator. They can only detect phishing websites whose signatures are highly similar to SDB's one. Thus, the system administrator has to register multiple signatures to detect various phishing websites and that cost is very high. This incurs the vulnerability of zero-day phishing attack. In order to address this issue, an auto signature update mechanism is needed. The naive way of auto updating SDB is expanding the scope of detection by adding detected phishing website's signature to SDB. However, the previous approaches are not suitable for auto updating since their similarity can be highly different among targeted legitimate website and subspecies of phishing website targeting that legitimate website. Furthermore, the previous signatures can be easily manipulated by attackers. In order to overcome the problems mentioned above, in this paper, we propose a hue signature auto update system for visual similarity-based phishing detection with tolerance to zero-day attack. The phishing websites targeting certain legitimate website tend to use the targeted website's theme color to deceive users. In other words, the users can easily distinguish phishing website if it has highly different hue information from targeted legitimate one (e.g. red colored Facebook is suspicious). Thus, the hue signature has a common feature among the targeted legitimate website and subspecies of phishing websites, and it is difficult for attackers to change it. Based on this notion, we argue that the hue signature fulfills the requirements about auto updating SDB and robustness for attackers' manipulating. This commonness can effectively expand the scope of detection when auto updating is applied to the hue signature. By the computer simulation with a real dataset, we demonstrate that our system achieves high detection performance compared with the previous scheme.

Distributing codes to specific target sensors in order to fix bugs and/or install a new application is an important management task in WSNs (Wireless Sensor Networks). For the energy efficient dissemination of such codes to specific target sensors, it is required to select the minimum required number of forwarders with the fewest control messages. In this paper, we propose a novel RPL (Routing Protocol for Low-power and lossy networks)-based tree construction scheme for target-specific code dissemination, which is called R-TCS. The main idea of R-TCS is that by leveraging the data collection tree created by a standard routing protocol RPL, it is possible to construct the code dissemination tree with the minimum numbers of non-target sensors and control messages. Since by creating a data collection tree each sensor exchanges RPL messages with the root of the tree, every sensor knows which sensors compose its upwards route, i.e. the route towards the root, and downwards route, i.e. the route towards the leaves. Because of these properties, a target sensor can select the upward route that contains the minimum number of non-target sensors. In addition, a sensor whose downward routes do not contain a target sensor is not required to transmit redundant control messages which are related to the code dissemination operation. In this way, R-TCS can reduce the energy consumption which typically happens in other target-specific code dissemination schemes by the transmission of control messages. In fact, various performance evaluation results obtained by means of computer simulations show that R-TCS reduces by at least 50% energy consumption as compared to the other previous known target-specific code dissemination scheme under the condition where ratio of target sensors is 10% of all sensors.

Delay Tolerant Networks (DTNs) are vulnerable to message flooding attacks in which a very large number of malicious messages are sent so that network resources are depleted. To address this problem, previous studies mainly focused on constraining the number of messages that nodes can generate per time slot by allowing nodes to monitor the other nodes' communication history. Since the adversaries may hide their attacks by claiming a false history, nodes exchange their communication histories and detect an attacker who has presented an inconsistent communication history. However, this approach increases node energy consumption since the number of communication histories increases every time a node communicates with another node. To deal with this problem, in this paper, we propose an energy-efficient defense against such message flooding attacks. The main idea of the proposed scheme is to time limit the communication history exchange so as to reduce the volume while ensuring the effective detection of inconsistencies. The advantage of this approach is that, by removing communication histories after they have revealed such inconsistencies, the energy consumption is reduced. To estimate such expiration time, analytical expressions based upon a Markov chain based message propagation model, are derived for the probability that a communication history reveals such inconsistency in an arbitrary time. Extensive performance evaluation results obtained by means of computer simulations and several performance criteria verify that the proposed scheme successfully improves the overall energy efficiency. For example, these performance results have shown that, as compared to other previously known defenses against message flooding attacks, the proposed scheme extends by at least 22% the battery lifetime of DTN nodes, while maintaining the same levels of protection.