Abstract

Secure real-time data about goods in transit in supply chains needs bandwidth having capacity that is not fulfilled with the current infrastructure. Hence, 5G-enabled Internet of Things (IoT) in mobile edge computing is intended to substantially increase this capacity. To deal with this issue, we design a new efficient lightweight blockchain-enabled RFID-based authentication protocol for supply chains in 5G mobile edge computing environment, called LBRAPS. LBRAPS is based on bitwise exclusive-or (XOR), one-way cryptographic hash and bitwise rotation operations only. LBRAPS is shown to be secure against various attacks. Moreover, the simulation-based formal security verification using the broadly-accepted Automated Validation of Internet Security Protocols and Applications (AVISPA) tool assures that LBRAPS is secure. Finally, it is shown that LBRAPS has better trade-off among its security and functionality features, communication and computation costs as compared to those for existing protocols

Abstract

Recently, research in audio watermarking technology makes it a promising tool for copyright protection of digital audio files in networked environments. In this paper, we propose a new mean quantization based watermarking mechanism for audio based on the technique due to Singular Value Decomposition (SVD). In this method, the host signal is divided into a number of two-dimensional matrix frames. The SVD is then employed to every frame, and also the Euclidean norm of the Singular Values (SVs) are calculated for every frame. The watermark is then hidden into an audio signal by quantization of the norm of the SVs. The watermark is extracted blindly using the inverse process. Both the subjective and objective tests demonstrate good imperceptibility of the watermark in the audio file. Furthermore, the experimental results show good robustness of the proposed scheme against various common audio attacks and Stirmark benchmark attacks. The false-negative error of the method is very near to zero against Stirmark and audio attacks. The proposed scheme has a high payload, and its performance is superior compared to other related watermarking methods for audio signals. Finally, the proposed method achieves better trade-offs between conflicting requirements of imperceptibility, payload, and robustness.

Abstract

Internet of Things (IoT) becomes a new era of the Internet, which consists of several connected physical smart objects (i.e., sensing devices) through the Internet. IoT has different types of applications, such as smart home, wearable devices, smart connected vehicles, industries, and smart cities. Therefore, IoT based applications become the essential parts of our day-to-day life. In a cloud-based IoT environment, cloud platform is used to store the data accessed from the IoT sensors. Such an environment is greatly scalable and it supports real-time event processing which is very important in several scenarios (i.e., IoT sensors based surveillance and monitoring). Since some applications in cloud-based IoT are very critical, the information collected and sent by IoT sensors must not be leaked during the communication. To accord with this, we design a new lightweight authentication mechanism in cloud-based IoT environment, called LAM-CIoT. By using LAM-CIoT, an authenticated user can access the data of IoT sensors remotely. LAM-CIoT applies efficient “one-way cryptographic hash functions” along with “bitwise XOR operations”. In addition, fuzzy extractor mechanism is also employed at the user's end for local biometric verification. LAM-CIoT is methodically analyzed for its security part through the formal security using the broadly-accepted “Real-Or-Random (ROR)” model, formal security verification using the widely-used “Automated Validation of Internet Security Protocols and Applications (AVISPA)” tool as well as the informal security analysis. The performance analysis shows that LAM-CIoT offers better security, and low communication and computation overheads as compared to the closely related authentication schemes. Finally, LAM-CIoT is evaluated using the NS2 network simulator for the measurement of network performance parameters that envisions the impact of LAM-CIoT on the network performance of LAM-CIoT and other schemes.

Abstract

first_pagesettings Open AccessArticle LDAKM-EIoT: Lightweight Device Authentication and Key Management Mechanism for Edge-Based IoT Deployment by Mohammad Wazid 1OrcID,Ashok Kumar Das 2OrcID,Sachin Shetty 3OrcID,Joel J. P. C. Rodrigues 4,5OrcID andYoungho Park 6,*,†OrcID 1 Department of Computer Science and Engineering, Graphic Era Deemed to be University, Dehradun 248 002, India 2 Center for Security, Theory and Algorithmic Research, International Institute of Information Technology, Hyderabad 500 032, India 3 Virginia Modeling, Analysis and Simulation Center, Center for Cybersecurity Education and Research, Department of Computational Modeling and Simulation Engineering, Old Dominion University, Suffolk, VA 23435, USA 4 Federal University of Piauí (UFPI), 64049-550 Teresina-Pi, Brazil 5 Instituto de Telecomunicações, 1049-001 Lisbon, Portugal 6 School of Electronics Engineering, Kyungpook National University, Daegu 41566, Korea * Author to whom correspondence should be addressed. † Current address: School of Electronics Engineering, Kyungpook National University, 80 Daehak-ro, Sangyeok-dong, Buk-gu, Daegu 41566, Korea. Sensors 2019, 19(24), 5539; https://doi.org/10.3390/s19245539 Received: 19 November 2019 / Revised: 9 December 2019 / Accepted: 11 December 2019 / Published: 14 December 2019 (This article belongs to the Special Issue Security and Privacy in Wireless Sensor Network) Download PDF Browse Figures Abstract In recent years, edge computing has emerged as a new concept in the computing paradigm that empowers several future technologies, such as 5G, vehicle-to-vehicle communications, and the Internet of Things (IoT), by providing cloud computing facilities, as well as services to the end users. However, open communication among the entities in an edge based IoT environment makes it vulnerable to various potential attacks that are executed by an adversary. Device authentication is one of the prominent techniques in security that permits an IoT device to authenticate mutually with a cloud server with the help of an edge node. If authentication is successful, they establish a session key between them for secure communication. To achieve this goal, a novel device authentication and key management mechanism for the edge based IoT environment, called the lightweight authentication and key management scheme for the edge based IoT environment (LDAKM-EIoT), was designed. The detailed security analysis and formal security verification conducted by the widely used “Automated Validation of Internet Security Protocols and Applications (AVISPA)” tool prove that the proposed LDAKM-EIoT is secure against several attack vectors that exist in the infrastructure of the edge based IoT environment. The elaborated comparative analysis of the proposed LDAKM-EIoT and different closely related schemes provides evidence that LDAKM-EIoT is more secure with less communication and computation costs. Finally, the network performance parameters are calculated and analyzed using the NS2 simulation to demonstrate the practical facets of the proposed LDAKM-EIoT

Abstract

The advancement in Information and Communications Technology (ICT) has changed the entire paradigm of computing. Because of such advancement, we have new types of computing and communication environments, for example, Internet of Things (IoT) that is a collection of smart IoT devices. The Internet of Medical Things (IoMT) is a specific type of IoT communication environment which deals with communication through the smart healthcare (medical) devices. Though IoT communication environment facilitates and supports our day-to-day activities, but at the same time it has also certain drawbacks as it suffers from several security and privacy issues, such as replay, man-in-the-middle, impersonation, privileged-insider, remote hijacking, password guessing and denial of service (DoS) attacks, and malware attacks. Among these attacks, the attacks which are performed through the malware botnet (i.e., Mirai) are the malignant attacks. The existence of malware botnets leads to attacks on confidentiality, integrity, authenticity and availability of the data and other resources of the system. In presence of such attacks, the sensitive data of IoT communication may be disclosed, altered or even may not be available to the authorized users. Therefore, it becomes essential to protect the IoT/IoMT environment from malware attacks. In this review paper, we first perform the study of various types of malware attacks, and their symptoms. We also discuss some architectures of IoT environment along with their applications. Next, a taxonomy of security protocols in IoT environment is provided. Moreover, we conduct a comparative study on various existing schemes for malware detection and prevention in IoT environment. Finally, some future research challenges and directions of malware detection in IoT/IoMT environment are highlighted.

Abstract

As we all know that the technology is projected to be next to humans very soon because of its holistic growth. Now-a-days, we see a lot of applications that are making our lives comfortable such as smart cars, smart homes, smart traffic management, smart offices, smart medical consultation, smart cities, etc. All such facilities are in the reach of a common man because of the advancement in Information and Communications Technology (ICT). Because of this advancement, new computing and communication environment such as Internet of Things (IoT) came into picture. Lot of research work is in progress in IoT domain which helps for the overall development of the society and makes the lives easy and comfortable. But in the resource constrained environment of Wireless Sensor Network (WSN) and IoT, it is almost inconceivable to establish a fully secure system. As we are moving forward very fast, technology is becoming more and more vulnerable to the security threats. In future, the number of Internet connected people will be less than the smart objects so we need to prepare a robust system for keeping the above mentioned environments safe and standardized it for the smooth conduction of communication among IoT objects. In this survey paper, we provide the details of threat model applicable for the security of WSN and IoT based communications. We also discuss the security requirements and various attacks possible in WSN and IoT based communication environments. The emerging projects of WSNs integrated to IoT are also briefed. We then provide the details of different architectures of WSN and IoT based communication environments. Next, we discuss the current issues and challenges related to WSN and IoT. We also provide a critical literature survey of recent intrusion detection protocols for IoT and WSN environments along with their comparative analysis. A taxonomy of security and privacy-preservation protocols in WSN and IoT is also highlighted. Finally, we discuss some research challenges which need to be addressed in the coming future.

Abstract

Mobile banking refers to the use of a mobile device (e.g., a smartphone) to perform online banking activities, while away from the home computer, for transferring funds, monitoring account balance and bill payments, and so on. It provides a great convenience to bank customers, but it suffers from various types of attacks that are possible on the mobile banking infrastructure. We present the evolution of mobile banking and discuss the various threats associated with it as well as some of the most recent malware attacks. Finally, we include a review of recent security solutions for enabling secure mobile banking.

Abstract

A user (external party) is interested in accessing the real-time data from some designated drones of a particular fly zone in the Internet of Drones (IoD) deployment. However, to provide this facility, the user needs to be authenticated by an accessed remote drone and vice-versa. After successful authentication both parties can establish a secret session key for the secure communication. To handle this important problem in IoD environment, we design a novel temporal credential based anonymous lightweight user authentication mechanism for IoD environment, called TCALAS. A detailed security analysis using formal security under the broadly applied real-or-random (ROR) model, formal security verification under the broadly used software verification tool, known as automated validation of internet security protocols and applications, and also informal security analysis reveal that TCALAS has the capability to resist various known attacks against passive/active adversary. In addition, a detailed comparative study has been conducted for TCALAS and other related schemes, and the study also reveals that TCALAS provides better security and functionality features, and lower costs in both computation and communication as compared to existing schemes.

Abstract

An authentication scheme handling multiple servers offers a feasible environment to users to conveniently access the rightful services from various servers using one-time registration. The practical realization of distribution of online services efficiently and transparently in multiple-server systems has come true by virtue of multi-server user authentication schemes. Due to distinguished properties like, difficulty to forge or copy, in-feasibility to lose or guess or forget, etc., biometrics have been widely preferred as a third authenticating factor in password and smart card based user authentication protocols. In this paper, we design a new biometrics-based multi-server authentication scheme based on trusted multiple-servers. We harness the concept of fuzzy extractor to provide the proper matching of biometric patterns. We evaluate our scheme through informal discussions on performance and also using Burrows-Abadi-Needham logic (BAN-logic) & random oracle model for formal security analysis. We also compose a comparative assessment of our scheme and the related ones. Outcome of the analysis and assessment shows our scheme an edge above many related and contemporary schemes.

Abstract

Remote user authentication without compromising user anonymity is an emerging area in the last few years. In this paper, we propose a new anonymity preserving mobile user authentication scheme for the global mobility networks (GLOMONETs). We also propose a new anonymity preserving group formation phase for roaming services in GLOMONETs that meets the extended anonymity requirement without compromising any standard security requirements. We provide the security analysis using the widely-accepted Burrows-Abadi-Needham logic and informal analysis for the proposed scheme to show that it is secure against possible well-known attacks, such as replay, man-in-the-middle, impersonation, privileged-insider, stolen smart card, ephemeral secret leakage, and password guessing attacks. In addition, the formal security verification with the help of the broadly accepted automated validation of internet security protocols and applications software simulation tool is tested on the proposed scheme and the simulation results confirm that the proposed scheme is safe. Moreover, the comparative study of the proposed scheme with other relevant schemes reveals that it performs well as compared to other techniques.