Fine-Grained Attribute-Based Multikeyword Search for Shared Multiowner in Internet of Things

At present, with the popularity of Internet of things (IoT), a huge number of datasets generated by IoT devices are being uploaded to the cloud storage in remote data management service, but a series of security and privacy defects also arises, where one of the best ways for preventing data disclosure is encryption. Among them, searchable encryption (SE) is considered to be a very attractive cryptographic technology, since it allows users to search records in an encrypted form and to protect user’s data on an untrusted server. For the sake of enhancing search permission, attribute-based keyword search (ABKS) is an efficient method to provide secure search queries and fine-grained access authentications over ciphertexts. However, most existing ABKS schemes concentrate on single keyword search, which usually returns redundant and irrelevant results, so it would cost some unnecessary computation and communication resources. Furthermore, existing work in the literature mostly only supports unshared multiowner where a specific data owner owns each file, which is not able to satisfy more desired expressive search. In this work, we propose a novel attribute-based multikeyword search for shared multiowner (ABMKS-SM) primitive in IoT to achieve enhanced access control for users; meanwhile, it can support multikeyword search over ciphertexts and give a formal security analysis in the adaptive against chosen keyword attack (IND-CKA) model. Finally, we have also implemented this prototype to show efficiency when compared with some previous schemes.

Download Full-text

Practical Attribute-Based Conjunctive Keyword Search Scheme

The Computer Journal ◽

10.1093/comjnl/bxz140 ◽

2019 ◽

Vol 63 (8) ◽

pp. 1203-1215 ◽

Cited By ~ 1

Author(s):

Yang Chen ◽

Wenmin Li ◽

Fei Gao ◽

Kaitai Liang ◽

Hua Zhang ◽

...

Keyword(s):

Keyword Search ◽

Inner Product ◽

Real World Data ◽

Data Set ◽

Fine Grained ◽

Keyword Guessing Attack ◽

Secure Search ◽

Data Owner ◽

Cryptographic Primitive ◽

Guessing Attack

Abstract To date cloud computing may provide considerable storage and computational power for cloud-based applications to support cryptographic operations. Due to this benefit, attribute-based keyword search (ABKS) is able to be implemented in cloud context in order to protect the search privacy of data owner/user. ABKS is a cryptographic primitive that can provide secure search services for users but also realize fine-grained access control over data. However, there have been two potential problems that prevent the scalability of ABKS applications. First of all, most of the existing ABKS schemes suffer from the outside keyword guessing attack (KGA). Second, match privacy should be considered while supporting multi-keyword search. In this paper, we design an efficient method to combine the keyword search process in ABKS with inner product encryption and deploy several proposed techniques to ensure the flexibility of retrieval mode, the security and efficiency of our scheme. We later put forward an attribute-based conjunctive keyword search scheme against outside KGA to solve the aforementioned problems. We provide security notions for two types of adversaries and our construction is proved secure against chosen keyword attack and outside KGA. Finally, all-side simulation with real-world data set is implemented for the proposed scheme, and the results of the simulation show that our scheme achieves stronger security without yielding significant cost of storage and computation.

Download Full-text

AntibIoTic: The Fog-enhanced distributed security system to protect the (legacy) Internet of Things

Journal of Computer Security ◽

10.3233/jcs-210027 ◽

2021 ◽

pp. 1-37

Author(s):

Michele De Donno ◽

Xenofon Fafoutis ◽

Nicola Dragoni

Keyword(s):

Internet Of Things ◽

Fog Computing ◽

Security System ◽

Security And Privacy ◽

Aggregated Data ◽

Fine Grained ◽

Computational Overhead ◽

Distributed Security ◽

Cloud Server ◽

Iot Devices

The Internet of Things (IoT) is evolving our society; however, the growing adoption of IoT devices in many scenarios brings security and privacy implications. Current security solutions are either unsuitable for every IoT scenario or provide only partial security. This paper presents AntibIoTic 2.0, a distributed security system that relies on Fog computing to secure IoT devices, including legacy ones. The system is composed of a backbone, made of core Fog nodes and Cloud server, a Fog node acting at the edge as the gateway of the IoT network, and a lightweight agent running on each IoT device. The proposed system offers fine-grained, host-level security coupled with network-level protection, while its distributed nature makes it scalable, versatile, lightweight, and easy to deploy, also for legacy IoT deployments. AntibIoTic 2.0 can also publish anonymized and aggregated data and statistics on the deployments it secures, to increase awareness and push cooperations in the area of IoT security. This manuscript recaps and largely expands previous works on AntibIoTic, providing an enhanced design of the system, an extended proof-of-concept that proves its feasibility and shows its operation, and an experimental evaluation that reports the low computational overhead it causes.

Download Full-text

A Lightweight Authentication Method in Perception Layer of IoT Through Digital Watermarking

International Journal of Recent Technology and Engineering - 2 ◽

10.35940/ijrte.c4793.098319 ◽

2019 ◽

Vol 8 (3) ◽

pp. 2937-2942

Keyword(s):

Internet Of Things ◽

Temporal Dynamics ◽

Low Cost ◽

Security Analysis ◽

Living Environment ◽

Security And Privacy ◽

Sensitive Data ◽

Privacy And Security ◽

Iot Devices ◽

Lightweight Authentication

Introduction of IoT (Internet of Things) has enjoyed vigorous support from governments and research institutions around the world, and remarkable achievements have been obtained till date. IoT systems collect the voluminous amount of data in real time from hospitals, battlefield and daily living environment which is related to privacy and security of people. So, securing collected sensitive data is one of the major challenges in the development of IoT systems. Authenticating the source of collected data is utmost important because the adversary may act as a source which may lead to a breach in security and privacy of people using the IoT network. IoT devices are resource scarce so lightweight methods for network security and privacy need to develop to achieve future development goals. In this paper, a novel lightweight node to node authentication scheme based on watermark is proposed to solve the contradiction between the security and restricted resources of perception layer. To improve the security, Proposed scheme usage node identity and the number of neighbours as input to generate the watermark and use the watermark to calculate the embedding positions which makes node authentication based on temporal dynamics of sensing network. The generated watermark is embedded in fixed size message digest generated using the variable message as input into a low-cost one-way hashing algorithm LOCHA. The embedded bits of watermark extracted at the receiving node and matched to check the authenticity of the sender node. The security analysis and simulations of the proposed scheme show that it can be a good candidate to ensure the authentication of the resource constraint devices which are integral part of Internet of Things at low cost

Download Full-text

The Audio Auditor: User-Level Membership Inference in Internet of Things Voice Services

Proceedings on Privacy Enhancing Technologies ◽

10.2478/popets-2021-0012 ◽

2021 ◽

Vol 2021 (1) ◽

pp. 209-228

Author(s):

Yuantian Miao ◽

Minhui Xue ◽

Chao Chen ◽

Lei Pan ◽

Jun Zhang ◽

...

Keyword(s):

Internet Of Things ◽

State Of The Art ◽

Rapid Development ◽

Black Box ◽

Problem Space ◽

Specific Data ◽

Learning Techniques ◽

Audio Data ◽

Iot Devices ◽

Asr System

AbstractWith the rapid development of deep learning techniques, the popularity of voice services implemented on various Internet of Things (IoT) devices is ever increasing. In this paper, we examine user-level membership inference in the problem space of voice services, by designing an audio auditor to verify whether a specific user had unwillingly contributed audio used to train an automatic speech recognition (ASR) model under strict black-box access. With user representation of the input audio data and their corresponding translated text, our trained auditor is effective in user-level audit. We also observe that the auditor trained on specific data can be generalized well regardless of the ASR model architecture. We validate the auditor on ASR models trained with LSTM, RNNs, and GRU algorithms on two state-of-the-art pipelines, the hybrid ASR system and the end-to-end ASR system. Finally, we conduct a real-world trial of our auditor on iPhone Siri, achieving an overall accuracy exceeding 80%. We hope the methodology developed in this paper and findings can inform privacy advocates to overhaul IoT privacy.

Download Full-text

Encryption Principles and Techniques for the Internet of Things

Cryptographic Security Solutions for the Internet of Things - Advances in Information Security, Privacy, and Ethics ◽

10.4018/978-1-5225-5742-5.ch002 ◽

2019 ◽

pp. 42-66

Author(s):

Kundankumar Rameshwar Saraf ◽

Malathi P. Jesudason

Keyword(s):

Internet Of Things ◽

Embedded System ◽

Security Analysis ◽

Block Size ◽

The Internet ◽

Lightweight Cryptography ◽

Execution Speed ◽

Security Algorithm ◽

Iot Devices ◽

The Internet Of Things

This chapter explores the encryption techniques used for the internet of things (IoT). The security algorithm used for IoT should follow many constraints of an embedded system. Hence, lightweight cryptography is an optimum security solution for IoT devices. This chapter mainly describes the need for security in IoT, the concept of lightweight cryptography, and various cryptographic algorithms along with their shortcomings given IoT. This chapter also describes the principle of operation of all the above algorithms along with their security analysis. Moreover, based on the algorithm size (i.e., the required number of gate equivalent, block size, key size, throughput, and execution speed of the algorithm), the chapter reports the comparative analysis of their performance. The chapter discusses the merits and demerits of these algorithms along with their use in the IoT system.

Download Full-text

A Survey of Authentication Schemes in the Internet of Things

International Journal of Smart Security Technologies ◽

10.4018/ijsst.2019010102 ◽

2019 ◽

Vol 6 (1) ◽

pp. 15-30 ◽

Cited By ~ 1

Author(s):

Yasmine Labiod ◽

Abdelaziz Amara Korba ◽

Nacira Ghoualmi-Zine

Keyword(s):

Internet Of Things ◽

Security Requirements ◽

Security And Privacy ◽

The Internet ◽

Privacy And Security ◽

Depth Study ◽

Authentication Schemes ◽

Iot Devices ◽

Privacy Issues ◽

The Internet Of Things

In the recent years, the Internet of Things (IoT) has been widely deployed in different daily life aspects such as home automation, electronic health, the electric grid, etc. Nevertheless, the IoT paradigm raises major security and privacy issues. To secure the IoT devices, many research works have been conducted to counter those issues and discover a better way to remove those risks, or at least reduce their effects on the user's privacy and security requirements. This article mainly focuses on a critical review of the recent authentication techniques for IoT devices. First, this research presents a taxonomy of the current cryptography-based authentication schemes for IoT. In addition, this is followed by a discussion of the limitations, advantages, objectives, and attacks supported of current cryptography-based authentication schemes. Finally, the authors make in-depth study on the most relevant authentication schemes for IoT in the context of users, devices, and architecture that are needed to secure IoT environments and that are needed for improving IoT security and items to be addressed in the future.

Download Full-text

A Lightweight Fine-Grained Search Scheme over Encrypted Data in Cloud-Assisted Wireless Body Area Networks

Wireless Communications and Mobile Computing ◽

10.1155/2019/9340808 ◽

2019 ◽

Vol 2019 ◽

pp. 1-12 ◽

Cited By ~ 2

Author(s):

Mingsheng Cao ◽

Luhan Wang ◽

Zhiguang Qin ◽

Chunwei Lou

Keyword(s):

Keyword Search ◽

Body Area Networks ◽

Wireless Body Area Networks ◽

Security And Privacy ◽

Body Area ◽

Encrypted Data ◽

Fine Grained ◽

Resource Limited ◽

Attribute Based Encryption ◽

Ciphertext Policy

The wireless body area networks (WBANs) have emerged as a highly promising technology that allows patients’ demographics to be collected by tiny wearable and implantable sensors. These data can be used to analyze and diagnose to improve the healthcare quality of patients. However, security and privacy preserving of the collected data is a major challenge on resource-limited WBANs devices and the urgent need for fine-grained search and lightweight access. To resolve these issues, in this paper, we propose a lightweight fine-grained search over encrypted data in WBANs by employing ciphertext policy attribute based encryption and searchable encryption technologies, of which the proposed scheme can provide resource-constraint end users with fine-grained keyword search and lightweight access simultaneously. We also formally define its security and prove that it is secure against both chosen plaintext attack and chosen keyword attack. Finally, we make a performance evaluation to demonstrate that our scheme is much more efficient and practical than the other related schemes, which makes the scheme more suitable for the real-world applications.

Download Full-text

Fine-Grained Control-Flow Integrity Based on Points-to Analysis for CPS

Security and Communication Networks ◽

10.1155/2018/3130652 ◽

2018 ◽

Vol 2018 ◽

pp. 1-11 ◽

Cited By ~ 1

Author(s):

Weizhong Qiang ◽

Shizhen Wang ◽

Hai Jin ◽

Jiangying Zhong

Keyword(s):

Security Analysis ◽

Control Flow ◽

Security And Privacy ◽

Code Reuse ◽

Fine Grained ◽

Function Calls ◽

Legitimate Target ◽

Control Flow Integrity ◽

Target Set ◽

And Performance

A cyber-physical system (CPS) is known as a mix system composed of computational and physical capabilities. The fast development of CPS brings new security and privacy requirements. Code reuse attacks that affect the correct behavior of software by exploiting memory corruption vulnerabilities and reusing existing code may also be threats to CPS. Various defense techniques are proposed in recent years as countermeasures to emerging code reuse attacks. However, they may fail to fulfill the security requirement well because they cannot protect the indirect function calls properly when it comes to dynamic code reuse attacks aiming at forward edges of control-flow graph (CFG). In this paper, we propose P-CFI, a fine-grained control-flow integrity (CFI) method, to protect CPS against memory-related attacks. We use points-to analysis to construct the legitimate target set for every indirect call cite and check whether the target of the indirect call cite is in the legitimate target set at runtime. We implement a prototype of P-CFI on LLVM and evaluate both its functionality and performance. Security analysis proves that P-CFI can mitigate the dynamic code reuse attack based on forward edges of CFG. Performance evaluation shows that P-CFI can protect CPS from dynamic code reuse attacks with trivial time overhead between 0.1% and 3.5% (Copyright © 2018 John Wiley & Sons, Ltd.).

Download Full-text

Internet of Things: A Comprehensive Study on Machine Learning-based Intrusion Detection approaches

10.21467/proceedings.114.29 ◽

2021 ◽

Author(s):

Priyanka Gupta ◽

Lokesh Yadav ◽

Deepak Singh Tomar

Keyword(s):

Machine Learning ◽

Internet Of Things ◽

Intrusion Detection ◽

Real Time ◽

Detection System ◽

Research Work ◽

Security And Privacy ◽

Iot Security ◽

Advantages And Disadvantages ◽

Iot Devices

The Internet of Things (IoT) connects billions of interconnected devices that can exchange information with each other with minimal user intervention. The goal of IoT to become accessible to anyone, anytime, and anywhere. IoT has engaged in multiple fields, including education, healthcare, businesses, and smart home. Security and privacy issues have been significant obstacles to the widespread adoption of IoT. IoT devices cannot be entirely secure from threats; detecting attacks in real-time is essential for securing devices. In the real-time communication domain and especially in IoT, security and protection are the major issues. The resource-constrained nature of IoT devices makes traditional security techniques difficult. In this paper, the research work carried out in IoT Intrusion Detection System is presented. The Machine learning methods are explored to provide an effective security solution for IoT Intrusion Detection systems. Then discussed the advantages and disadvantages of the selected methodology. Further, the datasets used in IoT security are also discussed. Finally, the examination of the open issues and directions for future trends are also provided.

Download Full-text

Lightweight Blockchain to Improve Security and Privacy in Smarthome

International Journal of Recent Technology and Engineering - 2 ◽

10.35940/ijrte.f9006.038620 ◽

2020 ◽

Vol 8 (6) ◽

pp. 5021-5027

Keyword(s):

Internet Of Things ◽

Smart Home ◽

Resource Constraints ◽

Security And Privacy ◽

Cyber Threats ◽

Distributed Ledger ◽

Application Architecture ◽

Share Data ◽

Iot Devices ◽

Smart Home Appliances

Internet of Things (IoT) growing at a rate of exponential numbers in recent years has received extensive attention with BlockChain (BC) technology which provide trust to IoT with its immutable nature, decentralization in computing, resource constraints, security and privacy. The distributed ledger of transactions in BC is path leading technology for addressing Cyber Threats in the form of data theft; it provides secure application architecture which has proven track of record for securing data. IoT devices using BC enabled to communicate between objects, share data, decide based on business criteria and act as a medium to securely transmit information. This work provides lightweight BlockChain with two prominent consensus mechanism PoW – Proof of Work and PoS – Proof of Stake for smart IoT devices. Next, Smart Home Device (SMD) is ensures providing best-in-class Security and Privacy for smart home Appliances. Further provides future advances in the Approach.

Download Full-text