Abstract

Agricultural industry is one of the most vital industries that has a major contribution to the economy due to its share in the Gross Domestic Product (GDP) and as a source of employment. The past few decades have seen immense change in the operation of agricultural sector with the introduction of precision farming in conjunction with Internet of Things (IoT). The application of such advancements is highly based on exchange of messages between various devices in the farming. This paper aims to study the security scenarios applicable in husbandry through the analysis of possible attacks and threats. The testbeds available for agriculture based on IoT have been studied. An architecture for smart farming is proposed which is independent of the underlying technologies that may be used and the requirements of security have been laid out based on the proposed architecture. A literature survey of security protocols …

Abstract

In an Intelligent Precision Agriculture (IPA), several Internet of Things (IoT) smart devices and drones can be deployed to monitor an agricultural environment. The drones can be further utilized to collect the data from smart devices and send to the Ground Station Server (GSS). However, insecure communication among the smart devices, drones and the GSS make the IoT agriculture environment vulnerable to various potential attacks. For this goal, a new authentication and key management scheme for IoT-enabled IPA, called AKMS-AgriIoT, has been put forward with the private blockchain-based solution. The blocks formed with the encrypted transactions and their respective signatures by the GSS are mined by the cloud servers to verify and add the blocks in the private blockchain center. A detailed security analysis and comparative study reveal that the proposed AKMS-AgriIoT supports better security, and provides more functionality features, less communication costs and comparable computation costs as compared to other relevant schemes. In addition, the blockchain-based implementation on the proposed AKMS-AgriIoT has been also carried out.

Abstract

—Effective design of autopilots for fixed-wing unmanned aerial vehicles (UAVs) is still a great challenge, due to unmodeled effects and uncertainties that these vehicles exhibit during flight. Unmodeled effects and uncertainties comprise longitudinal/lateral cross-couplings, as well as poor knowledge of equilibrium points (trimming points) of the UAV dynamics. The main contribution of this article is a new adaptive autopilot design, based on uncertain Euler–Lagrange dynamics of the UAV and where the control can explicitly take into account under-actuation in the dynamics, reduced structural knowledge of cross-couplings and trimming points. This system uncertainty is handled via appropriately designed adaptive laws: stability of the controlled UAV is analyzed. Hardware-in-the-loop tests, comparisons with an Ardupilot autopilot and with a robustified autopilot validate the effectiveness of the control design, even in the presence of strong saturation of the UAV actuators.

Abstract

—Connected vehicle means providing different services, such as advanced driver-assistance systems (ADAS) from vehicles connected to the network. Vehicular ad-hoc networks (VANETs) can support vehicle-to-vehicle (V2V) and vehicle-to-infrastructure (V2I) communications to realize connected vehicle. In VANETs, secure communication must be ensured, as otherwise it can lead to traffic accidents and human injuries. Recently, many studies on V2I authentication have been conducted to guarantee the security of V2I communications. However, recent V2I authentication protocols do not consider the handover situation, and it causes unnecessary computations. As vehicles have limited computing resources, unnecessary computation can lead to overload to the vehicles. In recent years, blockchain-based VANET is an active field of research because it can provide decentralization, data integrity and transparency. Using the strength of the blockchain technology, we design a blockchain-based handover authentication protocol for VANETs. In the proposed protocol, vehicles only perform lightweight computations in handover situations for efficiency of the network. We also conduct the formal analysis such as Burrows–Abadi–Needham (BAN) logic, Real-Or-Random (ROR) oracle model, and Automated Validation of Internet Security Protocols and Applications (AVISPA) simulation to the proposed protocol. We simulate the proposed protocol using network simulator 3 (NS-3) to verify that the proposed protocol is practical. Finally, we compare the computational cost and security features of the proposed protocol with existing protocols to show that the proposed protocol is more secure and efficient.

Abstract

—Smart vehicles-enabled intelligent transportation system (ITS) supports a wide range of applications, such as, but not limited to, traffic planning and management, collision avoidance alert system, automated road speed enforcement, electronic toll collection, and real-time parking management, to name a few. However, it suffers from various types of security and privacy issues due to insecure communication among the entities over public channels. Therefore, an efficient and lightweight security mechanism is essential to protect the data that is both at rest as well as in transit. To this direction, we propose a public blockchain-envisioned secure communication framework for ITS (in short, called PBSCF-ITS). The proposed PBSCFITS guarantees access control and key management among the vehicle to vehicle, vehicle to road side unit, and road side unit to cloud server. We analyze the security of PBSCF-ITS to prove its resilience against various types of possible attacks. Furthermore, the performance of PBSCF-ITS with other related competing schemes has been compared. The obtained results illustrate that PBSCF-ITS outperforms the existing ones. Additionally, the pragmatic study of PBSCF-ITS is conducted to check its influence on various network related performance parameters, like number of mined blocks and transactions per block.

Abstract

Healthcare service providers store the patients’ electronic medical records in the cloud in order to provide high quality healthcare services. Patients’ sensitive data is typically encrypted before storing in the cloud. However, it gives rise to a new challenge, namely access control over encrypted data. Attribute-Based Encryption (ABE) is a promising cryptographic technique to achieve the fine grained access control on outsourced encrypted data. Traditional ABE schemes assume a fixed access policy that is not suitable for the present dynamic environment. Although some ABE schemes with a dynamic access control policy have been proposed in the literature, these schemes have not addressed forward security, backward security, and user revocation after a policy update. In this paper, we propose an ABE scheme that supports access policy updates, and also provides forward security, backward security and user revocation at the same time. We have formally shown that the proposed scheme is Chosen Plaintext Attack (CPA)-secure under the Decisional Bilinear Diffie–Hellman (DBDH) assumption. Finally, the performance analysis exhibits that the proposed scheme is efficient in communication and computation, and is also suitable for resource constrained devices.

Abstract

The rapid development of smartphone technology and the Internet services in mobile devices facilitates easy access to online social networking (OSN) sites anytime, anywhere. At the same time, this allures the adversaries to exploit the OSNs as a soft target for easy execution of various attacks that can quickly spread to a large number of users. In distributed denial-of-service (DDoS) attacks, an adversary aims to overwhelm the normal traffic of a targeted server with a flood of fake login messages so that the associated Internet service or website turns inoperable. In this paper, we propose a secure and lightweight authentication scheme (𝑃 𝑅𝐷𝑜𝑆) that resists DDoS and other security attacks in mobile OSN environments. We provide a multi-faceted solution towards the remedy of DDoS attacks in the OSN environment. After a certain threshold, the scheme discards further user login attempts and blocks an adversary who intends to overload the network server. We use the pre-loaded shadow identity and emergency key pairs, and a key-refilling strategy that rebuilds the essential synchronization between a blocked naive user and the OSN server. This technique restores the intended unlinkability property of the protocol. Using NS3 simulation, we study the impact of DDoS attackers on network throughput and network delay. Moreover, we validate and compare the proposed scheme against state-ofthe-art solutions using the real attacks and benign datasets. We use the Canadian Institute for Cybersecurity (CIC) DoS dataset 2017, which is generated by capturing the normal and DoS attack packets separately with subsequent pre-processed for testing. We also use the machine learning (ML) algorithms, such as K-Nearest Neighbor (KNN), Gaussian Naive Bayes, and Multilayer Perceptron (MLP) to demonstrate the performance of the proposed solution in a practical attack detection scenario. We observe that these algorithms provide 97.05%, 95.48%, and 96.6% DDoS attack detection accuracy, respectively.

Abstract

In this article, we propose an efficient Bloom filter and fuzzy extractor based user authentication technique, which is significant for an Internet of Things (IoT)-enabled multi-hop Wireless Sensor Networks (IoT-WSNs). The novelty of the proposed authentication technique is that it prevents fraudulent querying data delivery at the starting phase (i.e., at the querying sensor node itself) to stop false or counterfeit data flooding (which can exhaust the resources of IoT-WSNs) from the resource-constrained IoT-enabled sensor nodes to the nearby gateway node. The proposed authentication technique has the ability to significantly reduce the Bloom filter based false positive for user authentication in IoT-WSNs, while also preserving the constraint resources of WSNs. To estimate the security robustness of the proposed protocol based on the security goals of IoT-WSNs, we perform the formal security analysis using the random oracle and Real-Or-Random (ROR) models, informal security analysis and also the formal security verification using a widely-recognized automated software validation tool, known as Automated Validation of Internet Security Protocols and Applications (AVISPA). Next, communication and computational overheads analysis reveal that the proposed protocol is appropriate for resource-constrained sensor nodes. Furthermore, a correlative security feature and complexity analysis outcomes validate that the proposed protocol is reliable, secure, and efficient in comparison with other existing state of art related user authentication protocols.

Abstract

Electric vehicles have emerged as the future of transport worldwide with the rising need for greener and energy-efficient transportation solutions. This remarkable shift delegated a wide variety of protocols for reliable, scalable and secure communications in the electric vehicle transportation system. With this vision in mind, security researchers have proposed diverse authentication protocols vital for the electric vehicle charging system to protect the information exchanged between the various principals involved. Several existing authentication techniques, on the other hand, are either vulnerable to significant security threats or are limited to static charging. This article proposes a robust authentication mechanism for charging electric vehicles while driving, a scenario that is rapidly approaching in the future. The proposed protocol makes use of secure and lightweight primitives such as elliptic curves and hash functions. The proposed protocol's security is being analyzed to demonstrate that it is capable of withstanding relevant attacks. Additionally, the protocol achieves its objectives at a cost that is practically conceivable in terms of transmission and computing.

Abstract

An Internet of Things (IoT)-based healthcare monitoring system is an amalgamation of smart healthcare devices and applications which connect to the healthcare information system through the internet. It has opened up a world of possibilities in the medical field. Connected smart healthcare devices can collect important healthcare data and provide extra details about the symptoms. That further enables remote care as the patient can consult the appropriate healthcare expert. It generally provides patients more control over their lives and treatment. Moreover, a blockchain-enabled IoT-based healthcare monitoring system (BIoT-HMS) is one step ahead as it can reduce unnecessary hospital visits and the burden on healthcare systems by connecting patients to their healthcare experts and allowing the secure transfer and storage of healthcare data by making use of the blockchain mechanism. Some of the possible applications of BIoT-HMS are “remote health monitoring,” “management of healthcare operations,” “detection and prevention of diseases” and many more. However, IoT-based healthcare monitoring systems have issues related to security breaches and privacy of healthcare data. Therefore, it is essential to design some security protocols for IoT-based healthcare monitoring systems. From time to time researchers propose different protocols to secure the data of IoT-based healthcare monitoring systems. However, most of them are vulnerable to various types of attack like, replay, MiTM, impersonation, secret credentials leakage, unauthorized data update, etc., Therefore, researchers came up with the idea of inclusion of blockchain-enabled security in the IoT-based healthcare monitoring system, which further can be considered as a blockchain-enabled IoT-based healthcare monitoring system (BIoT-HMS). In this chapter, we provide the details of various possible architectures of BIoT-HMS. We also provide the details of various threats and attacks along with the threat model in BIoT-HMS. The security requirements and applications of BIoT-HMS are also discussed. We then provide the summary of various existing security protocols related to BIoT-HMS. The comparison of “security and functionality features” of security protocols related to BIoT-HMS is also provided.