Abstract

The authenticated key agreement is one of the major security services that can be used to secure an Internet of Things (IoT) environment, where the devices collect the data and the data is then aggregated at the cloud server, and then a user needs to access the data stored at the server(s) securely. For this purpose, after a mutual authentication performed between a user and the accessed server, a session key needs to be established among them for secure communication. In this article, we design an efficient lattice-based authenticated key exchange protocol using ring-based version of learning with errors assumption for the IoT-enabled smart devices. The proposed protocol is basically a key exchange that uses the reconciliation mechanism. The detailed security analysis under the standard model has been performed along with the informal security analysis to show that the proposed protocol is robust against different attacks. We then simulate the proposed protocol under the NS-3 simulator to measure the network performance parameters like network throughput and latency. A comparative analysis shows that the proposed protocol has superior security, less computational cost, and comparable communication cost when compered these parameters with the other competing schemes.

Abstract

Cognitive Internet of Things (CIoT) supports the organizations to learn from the information (data) arriving from various connected devices, sensors, machines and other sources, and at the same time it inspires intelligence into different business operations, products, customer experiences, and people. Data poising attacks are very serious concerns because they may play a significant factor for businesses and organizations for both financial terms and damaging their reputations, when the Big data analytics on the analyzed data is itself corrupted. To mitigate this issue, in this paper, we suggest a blockchain-based Artificial Intelligence(AI)/Machine Learning(ML)-enabled Big data analytics mechanism for CIoT environment. The comprehensive experimental results have been provided under two circumstances: (1) performance of the ML model under data poisoning attacks and (2) performance of the ML model without data poisoning attacks. In the first case, we show how the data poison attacks can effect the ML model when the data is on some cloud storage (i.e. not in the blockchains), whereas in the second case we show the effect when the data is in the blockchains (i.e., without data poisoning attacks). The experimental results demonstrate that we have significant gains in performance in terms of accuracy, recall, precision and F1 score when there are no data poisoning attacks on the data. Moreover, a detailed blockchain simulation has carried out to demonstrate the practical aspects of the proposed security framework.

Abstract

recently, the Digital Twin (DT) technology has procured a lot of attention because of its applicability in the manufacturing and space industries. The DT environment involves the formation of a clone of the tangible object to perform simulations in the virtual space. The combination of conceptual development, predictive maintenance, real-time monitoring, and simulation characteristics of DT has increased the utilization of DT in different scenarios, such as medical environments, healthcare, manufacturing industries, aerospace, etc. However, these utilizations have also brought serious security pitfalls in DT deployment. Towards this, several authentication protocols with different security and privacy features for DT environments have been proposed. In this article, we first review a recently proposed two-factor authentication protocol for DT environments that utilizes the blockchain technology. However, the analyzed scheme is unable to offer the desirable security and cannot withstand various security attacks like offline password-guessing attack, smart card stolen attack, anonymity property, and known session- specific temporary information attack. We also demonstrate that an attacker can impersonate the analyzed protocol’s legal user, owner, and cloud server. To mitigate these security loopholes, we devise an effective three-factor privacy-preserving authentication scheme for DT environments. The proposed work is demonstrated to be secure by performing the informal security analysis, the formal security analysis using the widely recognized Burrows-Abadi-Needham (BAN) logic, and the Real-or-Random (ROR) model. A detailed comparative study with the existing competing schemes including the analyzed scheme demonstrates that the devised framework furnishes better security features while also having lower computation costs and comparable communication costs than the existing schemes.

Abstract

The growth of IoT devices is so rapid that several billions of such devices would be in use in a span of four-year period. Essential security mechanisms need to be put in place to curb several security attacks prevalent in IoT. Access control is an important security mechanism that ensures legitimate and controlled access to critical and limited resources in IoT. The current access control schemes for IoT could not handle burgeoning number of IoT devices, while meeting the necessary level of security. Consequently, in this paper, we propose a new scalable and secure access control scheme for IoT. With blockchain as the root-of-trust, the proposed scheme performs access control for the IoT devices without having the resource-constrained IoT devices to be part of the blockchain network and to possess substantial amount of blockchain data. Blockchain’s tamper-proof property makes it an ideal candidate to be chosen as the root-of-trust. The scheme is secure against various security attacks prevalent in IoT. A proof-of-concept implementation for the scheme is developed and deployed in Ethereum Mainnet. The transaction costs of the different operations in the scheme are fairly below USD 3. Furthermore, scalability of the proposed scheme in different scenarios is investigated.

Abstract

IoT-enabled Smart Grid (IoT-SG) is an emerging paradigm that enables the bi-direction communication of IoT devices and hardware to efficiently collect and transmit the consumer’s information over the Internet. However, the underlying open communication network and resource-constrained capabilities of devices invite manifold challenges and threats in terms of security and privacy. To alleviate such issues, we designed a private blockchain-based access control protocol for IoT-SG using Physically Unclonable Function (PUF). Our protocol allows the Service Provider (SP) and smart meters to transfer the data in an efficient and secure manner. The participating SPs form the Peer-to-Peer (P2P) network, and each peer node is responsible for securely creating the blocks from the gathered data. Thereafter, all the peer nodes employ a voting-based consensus mechanism to verify and add the recently created block …

Abstract

With the continuous improvement of the public medical system, the current medical service industry is more intelligent. Among them, the Internet of Medical Things (IoMT) plays a significant role in intelligent medicine. The emergence of remote wireless monitoring platforms in the IoMT systems has significantly reduced the risk of virus infection among medical staff. However, data is easy to be stolen by criminals in the transmission process. To mitigate these issues, we propose a three-factor enhanced protocol for monitoring patient body information. The proposed protocol can provide the confidentiality of transmitted data and the privacy of doctors and patients. The security of the protocol is demonstrated in the Random Oracle Model (ROM) for formal security. In addition, by comparing the proposed protocol with other related works, our design has efficient performance both in execution time and communication costs.

Abstract

Multiple kinds of ransomware are currently posing a growing threat to the Internet users. Important user data is encrypted by the trendy ransomware, and its recovery requires payment of a ransom in terms of some amount of money. The trend of crypto-currencies may be a contributing factor to the rise of ransomware attacks. From time to time, different mechanisms for detection and mitigation of ransomware attacks have been proposed. However, the performance of the ransomware detection process can be improved through the deployment of Machine Learning/Deep Learning based mechanisms. In this article, we propose a novel Spline Interpolation envisioned Neural Network based Ransomware Detection Scheme (in short, we call it as SINN-RD). Additionally, we introduce the mechanisms for normalizing the data and generating the new features from the log files. The conducted security analysis of the

Abstract

Designing a secure and efficient authentication protocol is crucial and challenging in the mobility network. Due to the seamless roaming of mobile users over multiple foreign agents and the broadcast nature of the communication channel, the mobile networks are often exposed to several network attacks. To achieve perfect authentication and secure communication among mobility entities like MU (Mobile User), FA (Foreign Agent) and HA (Home Agent), the researchers have proposed numerous authentication protocols in the past. However, the existing protocols for the mobility environments are insufficient to address the fundamental security concerns and an adversary can impersonate the mobile user at anytime. Thus, we propose Mobile-Chain, a secure blockchain-based authentication system for mobility environments. The proposed Mobile-Chain is designed to protect user privacy and guarantees provable

Abstract

Precision farming has a positive potential in the agricultural industry regarding water conservation, increased productivity, better development of rural areas, and increased income. Blockchain technology is a better alternative for storing and sharing farm data as it is reliable, transparent, immutable, and decentralized. Remote monitoring of an agricultural field requires security systems to ensure that any sensitive information is exchanged only among authenticated entities in the network. To this end, we design an efficient blockchain-enabled authenticated key agreement scheme for mobile vehicles-assisted precision agricultural Internet of Things (IoT) networks called AgroMobiBlock . The limited existing work on authentication in agricultural networks shows passive usage of blockchains with very high costs. AgroMobiBlock proposes a novel idea using the elliptic curve operations on an active hybrid blockchain over mobile farming vehicles with low computation and communication costs. Formal and informal security analysis along with the formal security verification using the Automated Validation of Internet Security Protocols and Applications (AVISPA) software tool have shown the robustness of AgroMobiBlock against man-in-the-middle, impersonation, replay, physical capture, and ephemeral secret leakage attacks among other potential attacks. The blockchain-based simulation on large-scale nodes shows the computational time for an increase in the network and block sizes. Moreover, the real-time testbed experiments have been performed to show the practical usefulness of the proposed scheme.

Abstract

Elliptic Curve Cryptography (ECC)-based authenti-cation schemes for the Radio-frequency identification (RFID) environment have emerged as a very safe, secure, and robust candidate of mutual authentication. However, the limited resource availability in a passive tag makes such schemes difficult to realize in practice. Public/private key pair generation, storage, and the computation using those keys are the major bottlenecks towards the faster and efficient design of such schemes. Therefore, we have designed our scheme without using public/private key pairs. We only utilize the Elliptic Curve Discrete Logarithm Problem (ECDLP) property for the realization of our key-less scheme on the secure elliptic curves. Our scheme is primarily aimed at efficient implementation of authentication schemes in Warehouse Management System (WMS), where the data is stored in local servers. This new idea helps to save the memory space in the tags and the server. Moreover, the computation cost also reduces to a great extent in comparison to other schemes. We have compared our scheme with several other schemes and found it efficient in terms of storage cost as well. The simulation result of our scheme with the popular aut