Abstract

Sensor nodes in a wireless sensor network (WSN) may be lost due to enervation or malicious attacks by an adversary. WSNs deployed for several applications including military applications are prone to various attacks, which degrade the network performance very rapidly. Hybrid anomaly is a type of anomaly that contains the different types of attacker nodes such as blackhole, misdirection, wormhole etc. These multiple attacks can be launched in the network using the hybrid anomaly. In this situation, it is very difficult to find out which kind of attacker nodes are activated in the network. This motivates us to design a robust and efficient secure intrusion detection approach in order to extend thelifetime of a WSN. In this paper, we aim to propose a new intrusion detection technique forhybrid anomaly, which uses the existing data mining algorithm, called K-means clustering.For the detection purpose, patterns of intrusions are built automatically by the K-mean sclustering algorithm over training data. After that intrusions are detected by matching network activities against these detection patterns. We evaluate our approach over a WSNd ataset that is created using Opnet modeler, which contains various attributes, such as end-to-end delay, traffic sent and traffic received. The training data set contains the normal values of the network parameters. The testing dataset is created in actual working mode consists of normal and abnormal values of the network parameters. The proposed tech-nique has the ability to detect two types of malicious nodes: black hole and misdirection nodes. Our scheme achieves 98.6 % detection rate and 1.2 % false positive rate, which are significantly better than the existing related schemes.

Abstract

In recent years, high utility itemsets (HUIs) mining from the transactional databases becomes one of the most emerging research topic in the field of data mining due to its wide range of applications in online e-commerce data analysis, identifying interesting patterns in biomedical data and for cross marketing solutions in retail business. It aims to discover the itemsets with high utilities efficiently by considering item quantities in a transaction and profit values of each item. However, it produces a tremendous number of HUIs, which imposes further burden in analysis of the extracted patterns and also degrades the performance of mining methods. Mining the set of closed + high utility itemsets (CHUIs) solves this issue as it is a loss-less and condensed representation of all HUIs. In this paper, we aim to present a new algorithm for finding CHUIs from a transactional database, called the CHUM (Closed + High Utility itemset Miner), which is scalable and efficient. The proposed mining algorithm adopts a tricky aimed vertical representation of the database in order to speed up the execution time in generating itemset closures and compute their utility information without accessing the database. The proposed method makes use of the item co-occurrences strategy in order to further reduce the number of intersections needed to be performed. Several experiments are conducted on various sparse and dense datasets and the simulation results clearly show the scalability and superior performance of our algorithm as compared to those for the existing state-of-the-art CHUD (Closed + High Utility itemset Discovery) algorithm.

Abstract

User authentication is one of the most important security services required forthe resource-constrained wire-less sensor networks (WSNs). In user authentication, for critical applications of WSNs, a legitimate user is allowed to query and collect the real-time data at any time from a sensor node of the network as and when he/she demands for it. In order to get the real-time information from the nodes,the user needs to be first authenticated by the nodes as well as the gateway node (GWN) of WSN so that illegal accesst o nodes do not happen in the network. Recently, Jiang et al.proposed an efficient two-factor user authentication scheme with unlinkability property in WSNs Jiang (2014). In this paper, we analyze Jiang et al.’s scheme. Unfortunately, we point out that Jiang et al.’s scheme has still several draw-backs such as (1) it fails to protect privileged insider attack,(2) inefficient registration phase for the sensor nodes,(3) it fails to provide proper authentication in login and authentication phase, (4) it fails to update properly the new changed password of a user in the password update phase,(5) it lacks of supporting dynamic sensor node addition after initial deployment of nodes in the network, and (6) itlacks the formal security verification. In order to withstand these pitfalls found in Jiang et al.’s scheme, we aim to pro-pose a three-factor user authentication scheme for WSNs.Our scheme preserves the original merits of Jiang et al.’sscheme. Our scheme is efficient as compared to Jiang et al.’s

Abstract

The Session Initiation Protocol (SIP) is a signaling communications protocol, which has been chosen for controlling multimedia communication in 3G mobile networks. The proposed authentication in SIP is HTTP digest based authentication. Recently, Tu et al. presented an improvement of Zhang et al.’s smart card-based authenticated key agreement protocol for SIP. Their scheme efficiently resists password guessing attack. However, in this paper, we analyze the security of Tu et al.’s scheme and demonstrate their scheme is still vulnerable to user’s impersonation attack, server spoofing attack and man-in-the middle attack. We aim to propose an efficient improvement on Tu et al.’s scheme to overcome the weaknesses of their scheme, while retaining the original merits of their scheme. Through the rigorous informal and formal security analysis, we show that our scheme is secure against various known attacks including the attacks found in Tu et al.’sscheme. Furthermore, we simulate our scheme for the for-mal security analysis using the widely-accepted AVISPA(Automated Validation of Internet Security Protocols and Applications) tool and show that our scheme is secure against passive and active attacks including the replay and man-in-the-middle attacks. Additionally, the proposed scheme is comparable in terms of the communication and computational overheads with Tu et al.’s scheme and other related existing schemes.

Abstract

Several remote user authentication techniques for telecare medicine information system (TMIS) have been proposed in the literature. But most existing techniques have limitations such as vulnerable to various attacks, lack of functionalities, and inefficiency. Recently, Amin and Biswas proposed a three‐factor authentication and key agreement technique for TMIS. But their scheme is inefficient and has several security drawbacks. The attacks such as privileged‐insider, user impersonation, and strong reply attacks are possible on their scheme. It also has flaw in password update phase. In order to overcome drawbacks of their scheme, a new provably secure and efficient three‐factor remote user authentication scheme for TMIS is proposed in this paper. The proposed scheme overcomes all drawbacks of their scheme and also provides additional features such as user unlinkability, user anonymity, efficient password, and biometric update. The rigorous informal and formal security analysis using random oracle models and the mostly acceptable Automated Validation of Internet Security Protocols and Applications tool is also performed. During the experimentation, it has been observed that the proposed scheme is secure against various known attacks that include replay and man‐in‐the‐middle attacks. Furthermore, the analysis of computation and communication cost estimation of the proposed scheme depicts that our scheme is efficient as compared with other related exiting schemes.

Abstract

In 2012, Mun et al. proposed an enhanced secure authentication with key-agreement protocol for roaming service in global mobility networks environment based on elliptic curve cryptography. They claimed that their protocol is efficient and resistant to prominent security attacks. The careful analysis of this study proves that Mun et al.'s protocol is susceptible to several attacks such as replay attack, man-in-middle attack, user impersonation attack, privileged insider attack, denial-ofservice attack, no login phase and imperfect mutual authentication phase. In addition, this study proposes an enhanced lightweight authentication with key-agreement protocol for mobile networks based on elliptic curve cryptography using smart cards. The proposed protocol is lightweight and perfectly suitable for real-time applications as it accomplishes simple one-way hash function, message authentication code and exclusive-OR operation. Furthermore, it achieves all the eminent security properties and is resistant to various possible attacks. The security analysis and comparison section demonstrates that the proposed protocol is robust compared with Mun et al.'s protocol.

Abstract

User authentication in wireless sensor network (WSN) plays a very important role in which a legal registered user is allowed to access the real‐time sensing information from the sensor nodes inside WSN. To allow such access, a user needs to be authenticated by the accessed sensor nodes as well as gateway nodes inside WSNs. Because of resource limitations and vulnerability to physical capture of some sensor nodes by an attacker, design of a secure user authentication in WSN continues to be an important and challenging research area in recent years. In this paper, we propose a new three‐factor user authentication scheme based on the multi‐gateway WSN architecture. Through the widely‐accepted Burrows–Abadi–Needham logic, we prove that our scheme provides the secure mutual authentication. We then present the formal security verification of our proposed scheme using AVISPA tool, which is a powerful validation tool for network security applications, and show that our scheme is secure. In addition, the rigorous informal security analysis shows that our scheme is also secure against possible other known attacks including the sensor node capture attack. Furthermore, we present the additional functionality features that our scheme offers, which are efficient in communication and computation.

Abstract

A novel biometric identity-based digital multi-signature (BIO-IDMS) scheme is put forwarded in this paper. The proposed scheme is constructed with the help of fuzzy extractor and elliptic curve bilinear pairings. Furthermore, we designed the formal model and the security model of the proposed BIO-IDMS scheme. The formal security analysis demonstrates that the forgery of the proposed scheme is infeasible in the random oracle model based on the intractability assumption of the computational Diffie–Hellman (CDH) problem. The proposed scheme outperforms in terms of computational cost compared with other related existing multi-signature schemes.

Abstract

Traditional two party client server authentication protocol may not provide a scalable solution for present network environments where personal and ubiquitous computing technologies are involved as it is now becoming multi-server based. To achieve efficient authorized communication, multi-server based authentication protocols have been designed. The key feature of multi-server based protocols is one time registration. We study the existing multi-server based authentication protocols, and identify that many of the multi-server based authentication protocols involve control server in mutual authentication or trusted server environment is required. The involvement of central authority in mutual authentication may be a bottleneck for large network, and the servers may be semi-trusted. To erase these drawbacks, Wei et al. recently proposed a multi-server based authentication protocol. Their protocol does not require all servers to be trusted and involvement of control server in mutual authentication. Unfortunately, we identify the security vulnerability of Wei et al.'s scheme to insider attack and password guessing attack. Additionally, lack of pre-smart card authentication leads to denial of service attack. To enhance the security of Wei et al.'s protocol, we propose a secure biometric-based authentication scheme for multi-server environment using smart card. We simulate the proposed protocol for the formal security verification using the widely accepted AVISPA (Automated Validation of Internet Security Protocols and Applications) tool to show that our scheme is secure against active and passive attacks. In addition, we prove that our proposed scheme provides mutual authentication using the widely-accepted Burrows–Abadi–Needham (BAN) logic and is also secured against various well known attacks. In addition, our scheme is efficient in terms of computational and communication overheads as compared to Wei et al.'s scheme and other existing related schemes.

Abstract

In recent years, user authentication has emerged as an interesting field of research in wireless sensor networks. Most recently, in 2016, Chang and Le presented a scheme to authenticate the users in wireless sensor network using a password and smart card. They proposed two protocols urn:x-wiley:sec:media:sec1573:sec1573-math-0001 and urn:x-wiley:sec:media:sec1573:sec1573-math-0002. urn:x-wiley:sec:media:sec1573:sec1573-math-0003 is based on exclusive or (XOR) and hash functions, while urn:x-wiley:sec:media:sec1573:sec1573-math-0004 deploys elliptic curve cryptography in addition to the two functions used in urn:x-wiley:sec:media:sec1573:sec1573-math-0005. Although their protocols are efficient, we point out that both urn:x-wiley:sec:media:sec1573:sec1573-math-0006 and urn:x-wiley:sec:media:sec1573:sec1573-math-0007 are vulnerable to session specific temporary information attack and offline password guessing attack, while urn:x-wiley:sec:media:sec1573:sec1573-math-0008 is also vulnerable to session key breach attack. In addition, we show that both the protocols urn:x-wiley:sec:media:sec1573:sec1573-math-0009 and urn:x-wiley:sec:media:sec1573:sec1573-math-0010 are inefficient in authentication and password change phases. To withstand these weaknesses found in their protocols, we aim to design a new authentication and key agreement scheme using elliptic curve cryptography. Rigorous formal security proofs using the broadly accepted, the random oracle models, and the Burrows–Abadi–Needham logic and verification using the well‐known Automated Validation of Internet Security Protocols and Applications tool are preformed on our scheme. The analysis shows that our designed scheme has the ability to resist a number of known attacks comprising those found in both Chang–Le's protocols