Abstract

The Artificial Intelligence of Things (AIoT) is the amalgamation of Artificial Intelligence (AI) methods and the Internet of Things (IoT) infrastructure, which are deployed there to improve the overall performance of the system. AIoT can be deployed to achieve more efficient IoT operations; thereby can improve human-machine interactions and provide better data analysis. AI methods can be used to transform IoT data into useful information for the better decision-making processes, and it further increases the overall usability of the system. AIoT frameworks are very useful and applicable in a variety of applications, like security and surveillance system, smart home, intelligent transportation system, smart farming, secure and safe healthcare monitoring, industrial automation and control, eCommerce, logistics operations and control, and many more. However, AIoT frameworks may have issues related to data security and privacy as they are vulnerable to various types of information security-related attacks. These issues further cause the serious consequences, like the unauthorized data leakage and data update. Blockchain is a specific type of database. It is a digital ledger of transactions, which is duplicated and distributed across the entire network of computer systems. It stores data in the form of some blocks, which are then chained together. Blockchain is tamper proof and provides more security as compared to the traditional security mechanisms. Hence, blockchain can be integrated in various AIoT applications to provide more security. A generalized blockchain-envisioned secure authentication framework for AIoT has been proposed. The adversary model of blockchain-envisioned secure authentication framework for AIoT is also highlighted that covers most of the potential threats of a kind of communication environment. Various applications of the proposed framework are also discussed. Furthermore, different issues and challenges of the proposed framework are highlighted. In the end, we also provide some future research directions relevant to the proposed framework.

Abstract

Crowdsourcing is a practice of using collective intelligence of a group in order to achieve a common goal to solve complex problems in an innovative way. It involves obtaining information and opinions from a group of participants who submit their data (i.e., solutions) via the Internet using some applications. The application domains, where crowdsourcing can be used, include, but not limited to, healthcare, environment, public safety, disaster management, and transportation. Despite the unprecedented advantages of crowdsourcing, security and privacy are rising concerns that need to be addressed. Therefore, it is crucially important to provide effective solutions that address the security and privacy issues in crowdsourcing systems. To this end, the salient features of blockchain technology such as immutability, decentralization, transparency and resiliency can play a pivotal role to address the afore-mentioned security challenges. To fill these gaps, in this paper, we propose a new blockchain-based user authentication and key agreement scheme for crowdsourcing (BUAKA-CS) through lightweight cryptographic techniques. The security of the BUAKA-CS is proved through the formal method and also through other mathematical methods that depict the resilience of BUAKA-CS against various types of possible attacks. Moreover, the robustness of BUAKA-CS against possible attacks is proved through widelyrecognized automated software validation tools. We also compare BUAKA-CS with other existing schemes and prove its out performance in terms of security, functionality, computation and communication costs. Finally, we conduct the extensive blockchain-based simulations to measure the impact of BUAKA-CS on the performance of the system.

Abstract

Coronavirus 2019, called COVID-19, is a transmissible disease caused by severe acute respiratory syndrome coronavirus 2 (SARS-CoV-2). It earlier impacted the citizens of China alone. However, it has rapidly spread all over the world. The COVID-19 supply chain system aims to facilitate access to several critical items, such as personal protective equipment (PPE), biomedical equipment, diagnostics supplies, and vaccines. In this article, we discuss a robust security framework for vaccine distribution and tracking in an Internet of Medical Things (IoMT)-based cloud-assisted COVID-19 environment by considering both intra-country and inter-country scenarios. Various transactions related to vaccine requests, orders, distribution, and tracking are put into the blockchain in the form of blocks. Since blockchain technology offers immutability, transparency, and decentralization, the security of the proposed framework has been improved significantly. The proposed framework also supports artificial intelligence(AI)-based big data analytics on the information stored into the blocks in the blockchain. Furthermore, a practical demonstration of the proposed framework has been done through a blockchain simulation study.

Abstract

—In an Internet of Things (IoT) enabled e-health system, smart health devices sense the health data continuously and share the collected data with the neighboring controller device (i.e., personal server) via some wireless communication mechanism (i.e., bluetooth and zigbee), and finally the data is stored on some health server (i.e., a server over the cloud). The health data is then accessible to healthcare service providers (for example, doctors, nursing staff, relatives of patient) for tracking and monitoring of health conditions of the patients for their better treatment at the earliest. In an IoT enabled health system, the smart healthcare devices communicate over public channel, which causes various types of threats and attacks on the ongoing communication. Therefore, we need a powerful privacypreserving security mechanism to secure the communication happens in an IoT enabled e-health system as the health data is strictly private and confidential. In this paper, we propose a new privacy-preserving access control and key management scheme for the secure communication of IoT enabled e-health system (SPCS-IoTEH). We also conduct informal security analysis of the proposed SPCS-IoTEH to show its robustness against various types of active and passive attacks. The performance of SPCSIoTEH is also shown to be better than other existing competing schemes.

Abstract

In recent years, the Internet of Things (IoT) enabled drones, also called as unmanned aerial vehicles (UAVs), are widely used in many applications ranging from military to civilian applications, such as wildlife monitoring. Since the drones provide a risk-free as well as low-cost facility in order to quickly and persistently monitor natural circumstances at high spacial temporal resolution, they help in wildlife monitoring research. Due to wireless communication nature, the communication among the deployed drones in their respective flying zones and the IoT smart devices installed in animal bodies, and also among the drones and their respective ground station server (GSS), is susceptible to various passive and active attacks. To mitigate these issues, we propose a public blockchain based access control implementation for wild-life monitoring purpose. The application of both access control and blockchain at the same time not only protects various attacks, but also maintains immutability, transparency as well as decentralization properties. Next, we simulate the proposed security framework for the blockchain part to measure the total computational time needed to add a varied number of blocks in a blockchain and also a varied number of transactions per block. Finally, a practical testbed experiment has been implemented to show the feasibility of the proposed framework. Index Terms—Wildlife monitoring, blockchain, consensus, access control, security, testbed experiments.

Abstract

Software-defined networking (SDN) is a programmable architecture for networking domain in which the security is provided by devising the network policies with the help of the network administrator. This is very cumbersome for the administrator to handle different attacks at various planes in SDN architecture. Blockchain can be used to prevent various attacks in SDN by providing a decentralization authentication environment. In this article, a secure Blockchain-based privacy-preserving protocol is proposed to thwart various security vulnerabilities in the SDN architecture. The proposed approach uses Modified-Delegated Proof of Stake as the consensus protocol to ensure safety and reliability in the network. Besides, a security protocol is designed using cryptographic primitives and analyzed using a detailed security analysis. Initially, the consensus protocols are implemented using solidity smart contracts and deployed to the public Blockchain using Ethereum. Consequently, the proposed approach is simulated on OMNet++ using INET framework. The experimental results show that the proposed SDN-Chain is secure, efficient, less incentive to centralize, and practically implementable in resource-limited wireless and mobile environments.

Abstract

Emerging next-generation Internet yields proper administration of a wide-ranging dynamic network to assist rapid ubiquitous resource accessibility, whilst providing higher channel bandwidth. Since its inception, the traditional static network infrastructure-based solutions involve manual configuration and proprietary controls of networked devices. It then leads to improper utilization of the overall resources, and hence experiences various security threats. Although transport layer security (TLS)-based solution is presently advocated in the said framework, it is vulnerable to many security threats like man-in-the-middle, replay, spoofing, privileged-insider, impersonation, and denial-of-service attacks. Moreover, the current settings of the said tool do not facilitate any secure and reliable mechanisms for data forwarding, application flow routing, new configuration deployment, and network event management. Also, it suffers from the single point of controller failure issue. In this paper, we propose a new private blockchain-enabled fine-grained access control mechanism for the SDN environment. In this regard, attribute-based encryption (ABE) and certificate-based access control protocol are incorporated. This proposed solution can resist several well-known security threats, and alleviate different system-level inconveniences. The formal and informal security inspections and performance-wise comparative study of the proposed scheme endorse better qualifying scores as compared to the other existing competing state-of-art schemes. Besides, the experimental testbed implementation and blockchain simulation show the implementation feasibility of the proposed mechanism.

Abstract

Fog computing as an extension to the cloud computing infrastructure has been invaluable in enhancing the applicability of the Internet of Things (IoT) paradigm. IoT based Fog systems magnify the range and minimize the latency of IoT applications. However, as fog nodes are considered transient and they offer authenticated services, when an IoT end device loses connectivity with a fog node, it must authenticate freshly with a secondary fog node. In this work, we present a new security mechanism to leverage the initial authentication to perform fast lightweight secondary authentication to ensure smooth failover among fog nodes. The proposed scheme is secure in the presence of a current de-facto Canetti and Krawczyk (CK)-adversary. We demonstrate the security of the proposed scheme with a detailed security analysis using formal security under the broadly recognized Real-Or-Random (ROR) model, informal security analysis as well as through formal security verification using the broadly-used Automated Validation of Internet Security Protocols and Applications (AVISPA) software tool. A testbed experiment for measuring computational time for different cryptographic primitives using the Multiprecision Integer and Rational Arithmetic Cryptographic Library (MIRACL) has been done. Finally, through comparative analysis with other related schemes, we show how the presented approach is uniquely advantageous over other schemes.

Abstract

Due to wide-spread use of the Information and Communications Technology (ICT) and Internet of Things (IoT) enabled smart devices, called unmanned aerial vehicles (UAVs) (popularly known as drones), a lot of potential applications of Internet of Drones (IoD) are available ranging from the military to civilian applications. Access control mechanism is an important potential security service that is needed to secure communication among the drones in their respective flying zones, and also among the drones and the Ground Service Station (GSS). In 2021, Chaudhry et al. proposed a certificate based generic access control scheme for IoD environment, called GCACS-IoD. Their claims about the possible security attacks resistant of GCACS-IoD is not justified. In fact, we first prove that GCACS-IoD is unable to protect the disclosure of the private key rCR of the trusted control room (CR), which is extremely unfortunate careless design flaw and it leads to compromise the entire network. Using the disclosed private key rCR , we further show that GCACS-IoD is completely insecure against other serious attacks, such as malicious drones deployment attack, drone/GSS impersonation attacks and Ephemeral Secret Leakage (ESL) attack, which lead to compromise the session key between any two drones communicating in a particular flying zone. We thus feel that there is a strong need to remedy such serious weaknesses found in Chaudhry et al. ’s GCACS-IoD. An improved certificate-enabled generic access control scheme for IoD deployment, called as i GCACS-IoD, has been suggested, which overcomes the weaknesses found in the previous GCACS-IoD. The practical demonstration of i GCACS-IoD has been done through formal security verification and also through NS2 simulation study.

Abstract

A substantial number of authentication protocols are designed to safeguard vehicular ad-hoc network (VANET) communication from potential attacks; however, they experienced an inability to provide a balance between lightweight and security. Existing security and privacy-preserving based authentication protocols in vehicular networks mostly rely on the trusted authority and signatures to validate the communication on road. Accomplishing the quick validation and correspondence is difficult in such methodologies and further, they endure execution obliges from coming about overhead. To overcome these issues, we have developed an enhanced lightweight and secure authentication protocol (ELSAP) for V2V Communication in VANETs. Moreover, the scheme withheld with self-authentication prior to communication that enhances the network feasibilities, which in return needs less message transfer during authentication as well as communication, indicates lightweight features. Furthermore, two or more vehicles can securely perform mutual authentication, proven by Burrow–Abadi–Needham (BAN) logic. Additionally, the competency of the proposed protocol against the current updated threats is shown via security analysis and comparisons tools such as Automated Validation of Internet Security Protocols and Applications (AVISPA). The result of the performance analysis shows that the communication cost and computational cost outperformed the earlier authentication schemes alongside the security features of the proposed protocol.