Browsing by Author "Gupta, Shashank"

Now showing 1 - 20 of 70

Achieving Ambient Intelligence in Addressing the COVID-19 Pandemic Using Fog Computing-Driven IoT
(IGI Global, 2022) Gupta, Shashank
In this chapter, the authors present a comprehensive review on how the fog computing-based IoT can be utilized for the outbreak prevention and its existing control systems. The authors have also explained how numerous edge computing devices (e.g., sensors/actuators, RFID systems, webcams, drones, etc.) are playing a key role in controlling this disease using IoT protocols like 6LoWPAN. In addition, the authors also emphasize IoT security attacks and vulnerabilities which are prevalent in the existing infrastructure setup of smart cities. The key aspects of emerging uses of IoT (such as smart retail store automation, smart transportation, smart waste management, etc.) are described that played a key role in controlling this epidemic in the existing infrastructure of sustainable smart cities. Finally, some future research directions are also discussed that highlight the steps in mitigating the effect of this pandemic using fog-enabled IoT and AI techniques.
Alleviating the proliferation of JavaScript worms from online social network in cloud platforms
(IEEE, 2016) Gupta, Shashank
This paper presents a robust framework deployed in the settings of cloud environment that alleviates the propagation of JS worms from Web applications. The proposed framework automates the process of detecting the hidden injection points from the OSN-based web applications. In addition, it also detects the partial JavaScript injection by the attacker and performs the sanitization on the detected JavaScript attack vectors in a context-aware manner. The prototype of our framework was developed in java and installed in the virtual machines of cloud platforms as a Google Chrome extension. The testing of our framework is performed on the platform of real world OSN-based web applications in cloud platform. The performance analysis and experimental results reveal that our framework detects the partial JS worms with low false negative rate and acceptable false positive rate. We have also optimized the sanitization process in a context-aware manner in contrast to the methods adopted by existing defensive methodologies.
Artificial intelligence inspired task offloading and resource orchestration in intelligent transportation systems
(Springer, 2025) Gupta, Shashank
Internet of Vehicles (IoV) applications require the support of communication, caching, and computation (3C) resources to offload the computation-intensive tasks and for uplifting the traffic conditions in the development of sustainable smart cities. Intelligent Transportation Systems (ITS) lack the integrated ecosystems of addressing the low-latency task handovers, resource management issues, and centralized incentivization strategies. Digital Twin (DT) aids in capturing the real-time varying resource needs of the vehicles and the communication infrastructure that will regulate the task offloading process and facilitates in incentivizing the vehicular instances. In this manuscript, we establish a digital twin counterpart ( ) of the physical IoV (PIoV) to meet the QoS requirements during dynamic offloading and the time-varying resource supply–demand of computationally intensive applications. We formulate a response delay minimization function which is solved by the proposed DT-driven context-aware dynamic offloading method (CADOM). Furthermore, we use M/M/1/N/FCFS queueing method that combats the drawbacks of handling the simultaneous deadline-based tasks in a volatile environment of PIoV. In addition, we also maximize the utilities of vehicle and RSU service satisfaction by employing a reward-based mechanism for on-demand allocation of resources based on the Stackelberg game, where the DT of vehicle is deemed as a leader and service provider RSUs as a follower. The simulation results establish that the proposed system outpaces the conventional traffic management system by emphasizing the role of in jointly optimizing the overall response latency for different task sizes and also ensure a better utility satisfaction by catering on-demand resource allocation.
Artificial Intelligence-Empowered Optimal Roadside Unit (RSU) Deployment Mechanism for Internet of Vehicles (IoV)
(IEEE, 2022) Gupta, Shashank; Chamola, Vinay
Currently, the world is witnessing a huge growth in additional computing proficiency and extensive network coverage capability, which resulted in a paradigm shift from VANETs to Internet of Vehicles (IoV). Moreover, enhanced network capabilities facilitate enabling of IoV technology for latency-critical applications in energy-constrained smart IoT devices. However, IoV networks demand energy efficiency due to its dynamic nature for which Roadside Units (RSUs) are critical. However, in cities, huge deployment of RSUs and their maintenance is expensive in IoV infrastructure, requiring a trade-off between the network coverage and installation-related expenses. Also, the latency issues in IoV are highly dependent on the positioning of accessible RSUs. Motivated by the above highlighted issues, we propose an upgraded RSU placement method to boost network efficiency through placement of RSUs in optimal locations in a given road map. The Memetic Framework-based Optimal RSU Deployment (MFRD) algorithm is proposed to maximize the coverage area among the vehicles in an IoV and minimize the overlap in the coverage of the different RSUs. We observed from simulation results based on real-world maps that MFRD yields a significantly higher fitness score as compared to the existing state-of-the-art in terms of optimal positioning of the RSUs.
Artificial intelligence-empowered vision-based self driver assistance system for internet of autonomous vehicles
(Wiley, 2022-11) Gupta, Shashank
Artificial intelligence (AI) and edge computing have truly advanced in vehicular networks encouraging assessment of real-time traffic conditions using kinetic information of autonomous vehicles with the help of road side units (RSUs). However, regardless of numerous improvements in sensor fusion technologies the existing vision/LIDAR-based systems have found severe difficulties during perception on roads. In addition, the inter-vehicular communications are hampered due to inefficient RSU placement techniques causing high-latency issues during transmission of messages. Therefore, this article presents an AI-driven vision-based self driver assistance system (VSDAS) comprising a joint RSU deployment mechanism that utilizes enhanced memetic architecture-based optimal RSU placement (MARP) method and an object detection model that implements an improved Haar-cascade object detection algorithm for speedy identification of object. We have designed two varieties of genetic algorithm (GA) to solve optimal placement problem of RSUs: genetic architecture-based with random restart hill climbing (GARRH) and the other is MARP for efficient placement of RSUs. After our experimental results, we see that the MARP algorithm shows best possible RSU locations over different generations achieving significantly better fitness scores than the GAHRC and GA ascribing to its local search process. In addition, Haar-cascade achieves better mean average precision than local binary pattern and histogram of oriented gradients by selecting key frames. The experimental outcomes of our model reveals that the proposed enhanced memetic algorithm reduces the transmission delay to a greater extent. Additionally, the outcomes of our investigations on two public datasets (KITTI and Panasonic) showed that our improved algorithm clearly enhances the object detection performance.
Asynchronous deep reinforcement learning for semantic communication and digital-twin deployment in transportation networks
(IEEE, 2025-08) Gupta, Shashank
The dynamically evolving and technologically-driven hybrid landscape of transportation networks integrated with advanced edge computing capabilities has demonstrated efficient communication and computation techniques to guarantee robust quality of services (QoS) to vehicles. However, conventional communication systems in the Internet of Vehicles (IoV) still encounter challenges in providing meaningful low-latency communication and AI-assisted real-time synchronization on the edge. One reason is that it has exhausted the Shannon limit by utilizing cellular, NOMA, and Wi-Fi technologies. Therefore, we present an integrated approach leveraging Semantic Communication (SC), and Digital Twin (DT) deployment to tackle the challenges caused by high-dimensional data exchanges and resource spectrum crunch leading to inevitable latency constraints. SC stimulates meaningful transmission of data to high-mobility vehicles by providing a relevant knowledge base (KB) and DT deployment. In this paper, we established the vehicular SC (VSC) model, and DT deployment strategy. We formulate a multi-objective optimization problem (MOP) to maximize the overall QoS of the system by jointly optimizing VSC and DT deployment. Compared to traditional deep-reinforcement learning (DRL) schemes, we propose a Digital Twin Semantic Sensing using the Multi-vehicle DRL ( DTS2 -MVDL) algorithm which addresses the MOP and persistent issues of multi-dimensional, continuous, and discrete nature of the vehicular environment. Lastly, we employ age of Information (AoI), latency, and QoS as the performance metrics to determine the algorithmic efficiency.
An Authentication-Centric Multi-Layered Security Model for Data Security in IoT-Enabled Biomedical Applications
(IEEE, 2019) Gupta, Shashank
IoT-enabled technologies have been creating phenomenal impacts in the field of biomedical applications ever since the advancements in ubiquitous computing has begun. Securing these biomedical applications has always been a key concern due to the highly openness nature of Wireless Computing Technologies (WCT) to the vulnerabilities. Access control is an important factor in designing a security system for such applications which involves seamless healthcare devices. However, several existing approaches provide token-based access control mechanisms that are still facing the challenges in integrating the multilayered security architecture. In this regard, the proposed model contributes towards in designing two-way authentication centric and generic security framework for healthcare applications under the protected resource accessing environment. The model features its heterogeneous set of users to interact with the token-based resource accessing environment in healthcare scenario, preventing unauthorized users accessing the personalized medical devices. The proposed model produced the extensive better results in comparison with conventional single layered security approaches in terms of Human to Machine (H2M) interactions under the presumption of distributed and context-aware approaches
Automated Discovery of JavaScript Code Injection Attacks in PHP Web Applications
(Elsevier, 2016) Gupta, Shashank
This paper discussed some of the performance issues in the existing defensive solutions of Java Script injection attacks (e.g. Cross-Site Scripting (XSS) attacks). Moreover, a high level of comparison for such existing solutions has been done based on some useful metrics. Based on the identified performance issues, this paper proposed an automated detection system, which scans the numerous possible locations of web sites for JavaScript injection vulnerabilities. Our detection system, firstly, scans the web site for discovering the injection locations. Secondly, it injects the malicious XSS attack vectors in such injection points. Lastly, it takes an input as the list of different XSS attacks exploited in the second step and scan for these attacks in the vulnerable web application. Detection capability of our automated system is evaluated on a real world PHP web application i.e. BlogIt and results obtained are very promising.
BDS: Browser Dependent XSS Sanitizer
(IGI Global, 2015) Gupta, Shashank
Cross-Site Scripting (XSS) attack is a vulnerability on the client-side browser that is caused by the improper sanitization of the user input embedded in the Web pages. Researchers in the past had proposed various types of defensive strategies, vulnerability scanners, etc., but still XSS flaws remains in the Web applications due to inadequate understanding and implementation of various defensive tools and strategies. Therefore, in this chapter, the authors propose a security model called Browser Dependent XSS Sanitizer (BDS) on the client-side Web browser for eliminating the effect of XSS vulnerability. Various earlier client-side solutions degrade the performance on the Web browser side. But in this chapter, the authors use a three-step approach to bypass the XSS attack without degrading much of the user's Web browsing experience. While auditing the experiments, this approach is capable of preventing the XSS attacks on various modern Web browsers.
A client-server JavaScript code rewriting-based framework to detect the XSS worms from online social network
(Wiley, 2018-05) Gupta, Shashank
This article presents a client-server JavaScript code rewriting-based framework that protects and preserves the privacy of online users against XSS worms on Online Social Network (OSN). The server-side generates an estimation graph which is explored for extracting the JavaScript code and shifts such code in a separate file. This shifting is done for completely isolating the untrusted JavaScript code and data. The client-side performs runtime monitoring of the dynamic JavaScript code to recognize the tainted flow of untrusted JavaScript variables. The context of such dynamic tainted variables is determined, for performing the string analysis to examine whether it may be considered as vulnerable point or not. Finally, decoding operation is performed on the obfuscated malicious JavaScript code and the JavaScript code embedded in the parameter values of HTTP request. If match is found, then XSS attack vector is present. Otherwise, it is not. The authors have developed their prototype on the Java development framework and have estimated the malicious script alleviation capability of this proposed work on tested web applications (Humhub, Elgg, WordPress, Joomla, Drupal).
A Combined Model to Ensure Complete Security and Reliability in Cloud Computing
(WCECS, 2015) Gupta, Shashank
Cloud Computing is the fastest growing technique in the IT (Information Technology) industry as its main idea is to maximising the capacity and capabilities vigorously without investing in new infrastructure and licensing software. It provides a large amount of storage capacity over the internet but the management and security of the data and services over the cloud is not entirely trustworthy. Because of the lack in trust, most of the businesses are still reluctant to deploy their business over cloud, so security is the major concern in cloud computing and becoming a major issue in the implementation of cloud. In this paper, a new framework is proposed which focuses on almost every aspect of security ie protection of data from beginning to end, ie, from cloud owner to user. This work focuses on major four aspects of security, ie, Confidentiality, Availability, Integrity and Non-Repudiation. This framework will work on all the categories of Cloud ie Public, Private and Hybrid Cloud and proposes an algorithm to select the correct category of cloud to put a data on to it
Comparative study of risk assessment models corresponding to risk elements
(IEEE, 2012) Gupta, Shashank
In the modern era of software engineering, the development of software in static and dynamic environment results in several vulnerabilities that need to be handled so that they do not step in with the clear defined project goals. Previous studies show that the wide variety of different risk analysis strategies provide a valid solution to address the lack of risk management strategies in Software risk assessment model (SRAM), Software risk assessment and estimation model (SRAEM) etc. In this paper we have discussed the comparison between different software risk assessment models corresponding to certain risk elements. These risk elements must be taken into account in order to cover some perspectives of the software industry which have not been covered up to now. Based on this analysis, we have also concluded the weaknesses and strengths of risk assessment models.
ConvXSS: A deep learning-based smart ICT framework against code injection attacks for HTML5 web applications in sustainable smart city infrastructure
(Elsevier, 2022-05) Dua, Amit; Gupta, Shashank
In this paper we propose ConvXSS, a novel deep learning approach for the detection of XSS and code injection attacks, followed by context-based sanitization of the malicious code if the model detects any malicious code in the application. Firstly, we briefly discuss XSS and code injection attacks that might pose threat to sustainable smart cities. Along with this, we discuss various approaches proposed previously for the detection and alleviation of these attacks followed by their respective limitations. Then we propose our deep learning model adopting whose novelty is based on the approach followed for Data Pre-Processing. Then we finally propose Context-based Sanitization to replace the malicious part of the code with sanitized code. Numerical experiments conducted on various datasets have shown various results out of which the best model has an accuracy of 99.42%, a precision of 99.81% and a recall of 99.35%. When compared with other state of the art techniques in this domain, our approach shows at par or in the best case, better results in terms of detection speed and accuracy of CSS attacks.
Cross-Site Scripting (XSS) Abuse and Defense: Exploitation on Several Testing Bed Environments and Its Defense
(Taylor & Francis, 2015-07) Gupta, Shashank
Today cyber physical systems (CPS) facilitate physical world devices to integrate with several Internet data sources and services. In the contemporary era of Web 2.0 technologies, web applications are being developed on several advanced technologies (e.g., AJAX, JavaScript, Flash, ASP.net). However, due to the frequent usage in daily life, web applications are constantly under attack. Cross-site scripting (XSS) attacks are presently the most exploited security problems in the modern web applications. XSS attacks are generally caused by the improper sanitization of user-supplied input on the applications. These attacked use vulnerabilities in the source code, resulting in serious consequences such as stealing of session-identifications embedded in cookies, passwords, credit card numbers, and several other related personal credentials. This article describes a three-fold approach: 1) testing the vulnerabilities of XSS attack on the local host server Apache Tomcat by utilizing the malicious scripts from XSS cheat sheet website; 2) exploiting the same vulnerabilities on Web Goat; and 3) exploiting encoded versions of the injected scripts for testing the level of XSS attack prevention capability. Based on the observed results, further work is also discussed.
Cross-site scripting (XSS) worms in Online Social Network (OSN): Taxonomy and defensive mechanisms
(IEEE, 2016) Gupta, Shashank
The propagation of XSS worms on the social networking sites like Twitter, LinkedIn, Facebook, etc. has observed exponential growth in modern era of Web 2.0 technology. According to recent survey, 43% of web applications are vulnerable to XSS worms. Such unbearable growth of XSS worms has raised some serious security and privacy concerns in OSN. This article discusses a detailed classification of XSS attacks and presents the recent occurrences of XSS attacks on numerous platforms of OSN-based web applications. Numerous existing XSS defensive solutions on OSN have been discussed in order to identify their main contributions and existing performance issues. We present the unique security challenges and issues that exist in the recent state-of-art techniques and based on this, we recommend the further scope.
CSSXC: Context-sensitive Sanitization Framework for Web Applications against XSS Vulnerabilities in Cloud Environments
(Elsevier, 2016) Gupta, Shashank
This paper presents a context-sensitive sanitization based XSS defensive framework for the cloud environment. It discovers all the hidden injection points in HTML5-based web applications deployed on the platforms of cloud and sanitizes the XSS attack payloads injected in such points in a context sensitive manner. The identification of such injection points permits our technique to retrieve each possible web page of application, allowing a wider exploration and accelerating the process of applying the sanitizers on the untrusted variables of web application. The XSS attack mitigation capability of our framework was evaluated on web applications deployed for the cloud users in the cloud environment. The experimental results reveal that this technique detects the XSS attack payloads with minimum rate of false negatives and less runtime overhead.
Defending the OSN-Based Web Applications from XSS Attacks Using Dynamic JavaScript Code and Content Isolation
(Springer, 2017-10) Gupta, Shashank
Online social networks (OSNs) are continuously suffering from the plague of cross-site scripting (XSS) vulnerabilities. This article presents a contemporary XSS defensive framework for the OSN-based web applications that is completely based on the context type qualifier. The proposed framework executes in two key phases: Context-Aware Sanitization Generator (CASG) and Context-Aware Dynamic Parsing (CADP). The former phase performs the static analysis of HTML document to determine the context of the untrusted JavaScript code. In addition to this, it also injects the context-sensitive sanitizers in the location of the untrusted JavaScript code. The later phase performs the dynamic parsing of HTML document generated by the first phase. The main objective of this phase is to determine the context of the untrusted malicious script code that is statically ambiguous to identify in the first phase. It also performs the sanitization depending on the context identified. The testing and evaluation of proposed framework was done on a tested suite of real-world OSN-based web applications (e.g., HumHub and Elgg). The experimental results revealed that the proposed framework is capable of implementing auto-context aware sanitization on the untrusted JavaScript malicious code with less number of false positives and false negatives. Evaluation outcomes also revealed that the technique has accomplished the untrusted malicious JavaScript code isolation in the HTML document generated by OSN-based web applications for mitigating the effect of XSS worms with less dynamic runtime overhead.
Defense Against HTML5 XSS Attack Vectors: A Nested Context-Aware Sanitization Technique
(IEEE, 2018) Gupta, Shashank
The authors suggested an offline and online based model based on nested context aware sanitization method for detection and alleviation of malicious XSS attack vectors for OSN's. The offline mode extracts JS from webpage, calculates features and stores them in the depository for additional usage. The online approach embodies URI link extraction and feature estimation thus detecting anomaly on comparison with offline modes feature repository. The authors have developed their prototype in J avaScript and its infrastructure settings are implemented as an extension on infrastructure settings of browser. Our proposed design is implemented and tested on five OSN platforms vulnerable to XSS. The results estimated have the competency to identify the XSS worms with acceptable little false positives in comparison to recent state of art. The outcome of our design draws upon nested context of JS for efficacious sanitization
Designing a XSS Defensive Framework for Web Servers Deployed in the Existing Smart City Infrastructure
(IGI Global, 2020) Gupta, Shashank
Cross-site scripting is one of the notable exceptions effecting almost every web application. Hence, this article proposed a framework to negate the impact of the XSS attack on web servers deployed in one of the major applications of the Internet of Things (IoT) i.e. the smart city environment. The proposed framework implements 2 approaches: first, it executes vulnerable flow tracking for filtering injected malicious scripting code in dynamic web pages. Second, it accomplished trusted remark generation and validation for unveiling any suspicious activity in static web pages. Finally, the filtered and modified webpage is interfaced to the user. The prototype of the framework has been evaluated on a suite of real-world web applications to detect XSS attack mitigation capability. The performance analysis of the framework has revealed that this framework recognizes the XSS worms with very low false positives, false negatives and acceptable performance overhead as compared to existent XSS defensive methodologies.
Detecting Different Attack Instances of DDoS Vulnerabilities on Edge Network of Fog Computing using Gaussian Naive Bayesian Classifier
(IEEE, 2020) Dua, Amit; Gupta, Shashank
Fog computing generally uses the host's resources instead of acquiring resources from remote PC leading to less latency problems and moreover, improving the performance which makes it more competent. Distributed denials of service (DDOS) attack exhausts the existing resources which make the services inaccessible to genuine users. DDoS has deep impact on the computer networks. As a cyber-threat, it compromises the standard performance of the organization by Internet protocol (IP) spoofing, overflow of bandwidth, memory space consumption and leading to immense loss. DoS attacks are a great threat to computerized association. Primary objective of any defense system for DoS is knowledge that it exists, preferably as early prior to accumulation of attack traffic. In case of large traffic inflow to an attacked server, it is essential to categorize the legitimate acquisitions and intrusions. In this work, the authors present a model that draws out the key parameters from requests in traffic for DDoS attack recognition in fog network. It benefits from existing data, and presents competent algorithms to detect and predict most probable cases. Authors have used Bayesian Network to calculate the conditional probabilities to decide whether the new packet is normal or intruded. A log of the path of the attacker is maintained in a VHD so as to easily detect attacks that have previously occurred. Having both the systems in place, the false positives of DDoS attacks detection have decreased immensely which has been observed through the implementation of this experiment.