Trustworthiness and a Zero Leakage OTMP-P2L Scheme Based on NP Problems for Edge Security Access

Resource constraints have prevented comprehensive cryptography and multifactor authentication in numerous Internet of Things (IoT) connectivity scenarios. Existing IoT systems generally adopt lightweight security protocols that lead to compromise and privacy leakage. Edge computing enables better access control and privacy protection, furthermore, blockchain architecture has achieved a trusted store of value by open-source and distributed consensus mechanisms. To embrace these new paradigms, we propose a scheme that employs one-time association multitasking proofs for peer to local authentication (OTMP-P2L). The scheme chooses relevant nondeterministic polynomial (NP) problem tasks, and manages localized trust and anonymity by using smart devices such as phones and pads, thereby enabling IoT devices to autonomously perform consensus validation with an enhanced message authentication code. This nested code is a one-time zero-knowledge proof that comprises multiple logic verification arguments. To increase diversity and reduce the workload of each one, these arguments are chained by a method that establishes some of the inputs of the following task from the output of previous tasks. We implemented a smart lock system and confirmed that the scheme outperforms IoT authentication methods. The result demonstrates superior flexibility through dynamic difficulty strategies and succinct non-interactive peer-to-peer (P2P) verification.

Download Full-text

Vulnerabilities and Limitations of MQTT Protocol Used between IoT Devices

Applied Sciences ◽

10.3390/app9050848 ◽

2019 ◽

Vol 9 (5) ◽

pp. 848 ◽

Cited By ~ 24

Author(s):

Dan Dinculeană ◽

Xiaochun Cheng

Keyword(s):

Code Generation ◽

Transport Layer ◽

Smart Devices ◽

Message Authentication ◽

Message Authentication Code ◽

Authentication Code ◽

Experimental Procedure ◽

Novel Approach ◽

Symmetric Key ◽

Iot Devices

With the proliferation of smart devices capable of communicating over a network using different protocols, each year more and more successful attacks are recorded against these, underlining the necessity of developing and implementing mechanisms to protect against such attacks. This paper will review some existing solutions used to secure a communication channel, such as Transport Layer Security or symmetric encryption, as well as provide a novel approach to achieving confidentiality and integrity of messages. The method, called Value-to-Keyed-Hash Message Authentication Code (Value-to-HMAC) mapping, uses signatures to send messages, instead of encryption, by implementing a Keyed-Hash Message Authentication Code generation algorithm. Although robust solutions exist that can be used to secure the communication between devices, this paper considers that not every Internet of Things (IoT) device or network design is able to afford the overhead and drop in performance, or even support such protocols. Therefore, the Value-to-HMAC method was designed to maximize performance while ensuring the messages are only readable by the intended node. The experimental procedure demonstrates how the method will achieve better performance than a symmetric-key encryption algorithm, while ensuring the confidentiality and integrity of information through the use of one mechanism.

Download Full-text

iMAC: Implicit Message Authentication Code for IoT Devices

2020 IEEE 6th World Forum on Internet of Things (WF-IoT) ◽

10.1109/wf-iot48130.2020.9221331 ◽

2020 ◽

Author(s):

Ikram Ullah ◽

Nirvana Meratnia ◽

Paul J. M. Havinga

Keyword(s):

Message Authentication ◽

Message Authentication Code ◽

Authentication Code ◽

Iot Devices

Download Full-text

A Comprehensive Study of Anomaly Detection Schemes in IoT Networks Using Machine Learning Algorithms

Sensors ◽

10.3390/s21248320 ◽

2021 ◽

Vol 21 (24) ◽

pp. 8320

Author(s):

Abebe Diro ◽

Naveen Chilamkurti ◽

Van-Doan Nguyen ◽

Will Heyne

Keyword(s):

Machine Learning ◽

Anomaly Detection ◽

Resource Constraints ◽

Detection System ◽

Machine Learning Algorithms ◽

Smart Devices ◽

Detection Systems ◽

Massive Number ◽

Iot Devices ◽

Detection Schemes

The Internet of Things (IoT) consists of a massive number of smart devices capable of data collection, storage, processing, and communication. The adoption of the IoT has brought about tremendous innovation opportunities in industries, homes, the environment, and businesses. However, the inherent vulnerabilities of the IoT have sparked concerns for wide adoption and applications. Unlike traditional information technology (I.T.) systems, the IoT environment is challenging to secure due to resource constraints, heterogeneity, and distributed nature of the smart devices. This makes it impossible to apply host-based prevention mechanisms such as anti-malware and anti-virus. These challenges and the nature of IoT applications call for a monitoring system such as anomaly detection both at device and network levels beyond the organisational boundary. This suggests an anomaly detection system is strongly positioned to secure IoT devices better than any other security mechanism. In this paper, we aim to provide an in-depth review of existing works in developing anomaly detection solutions using machine learning for protecting an IoT system. We also indicate that blockchain-based anomaly detection systems can collaboratively learn effective machine learning models to detect anomalies.

Download Full-text

Dynamic Transmission Rate Control for Multi-Interface IoT Devices: A Stochastic Optimization Framework

Wireless Communications and Mobile Computing ◽

10.1155/2021/9974261 ◽

2021 ◽

Vol 2021 ◽

pp. 1-11

Author(s):

Yuming Zhang ◽

Bohao Feng ◽

Aleteng Tian ◽

Chengxiao Yu ◽

Zhiruo Liu ◽

...

Keyword(s):

Resource Constraints ◽

Transmission Rate ◽

A Priori ◽

Optimization Technique ◽

Network Capacity ◽

System Stability ◽

Smart Devices ◽

Transmission Scheme ◽

Transmission Rate Control ◽

Iot Devices

Recent advances in the Internet of Things (IoT) technologies have enabled ubiquitous smart devices to sense and process various kinds of data. However, these innovations also raise the concern of efficient data transmission. Tackling the above issue is nontrivial since the resource constraints and environmental randomness in IoT require a lightweight transmission scheme while guaranteeing system stability. In this paper, we formulate the transmission scheduling problem of multi-interface IoT devices as a concave optimization, aimed at accommodating the randomness of the IoT environment within the network capacity. By applying the Lyapunov optimization technique, we divide the stochastic problem into a series of low-complex subproblems, which can be individually solved per time slot, and develop a dynamical control algorithm that does not require a priori knowledge such as link states. Theoretical analysis shows that our algorithms nicely bound the average queue length and are asymptotically optimal. Finally, extensive simulation results verify the theoretical conclusions and validate the effectiveness of the proposed algorithm.

Download Full-text

An Effective Multifactor Authentication Mechanism Based on Combiners of Hash Function over Internet of Things

Sensors ◽

10.3390/s19173663 ◽

2019 ◽

Vol 19 (17) ◽

pp. 3663 ◽

Cited By ~ 1

Author(s):

Adel Ali Ahmed ◽

Waleed Ali Ahmed

Keyword(s):

Smart Cities ◽

Computation Time ◽

Authentication Code ◽

Security Vulnerabilities ◽

Smart Transportation ◽

Authentication Mechanism ◽

Smart Healthcare ◽

Multifactor Authentication ◽

Iot Devices ◽

The One

Internet of Thing (IoT) is the most emerging technology in which all the objects in the real world can use the Internet to communicate with each other as parts of a single unified system. This eventually leads to the development of many smart applications such as smart cities, smart homes, smart healthcare, smart transportation, etc. Due to the fact that the IoT devices have limited resources, the cybersecurity approaches that relied on complex and long processing cryptography are not a good fit for these constrained devices. Moreover, the current IoT systems experience critical security vulnerabilities that include identifying which devices were affected, what data or services were accessed or compromised, and which users were impacted. The cybersecurity challenge in IoT systems is to find a solution for handling the identity of the user, things/objects and devices in a secure manner. This paper proposes an effective multifactor authentication (CMA) solution based on robust combiners of the hash functions implemented in the IoT devices. The proposed CMA solution mitigates the authentication vulnerabilities of IoT and defends against several types of attacks. Also, it achieves multi-property robustness and preserves the collision-resistance, the pseudo-randomness, the message authentication code, and the one-wayness. It also ensures the integrity, authenticity and availability of sensed data for the legitimate IoT devices. The simulation results show that CMA outperforms the TOTP in term of the authentication failure rate. Moreover, the evaluation of CMA shows an acceptable QoS measurement in terms of computation time overhead, throughput, and packet loss ratio.

Download Full-text

Security Evaluation of the Enhanced Key Generation Algorithm of Hashing Message Authentication Code

International Journal of Advanced Trends in Computer Science and Engineering ◽

10.30534/ijatcse/2019/35842019 ◽

2019 ◽

pp. 1254-1259 ◽

Cited By ~ 1

Author(s):

Enrique G. Abad ◽

Keyword(s):

Security Evaluation ◽

Key Generation ◽

Message Authentication ◽

Message Authentication Code ◽

Authentication Code ◽

Generation Algorithm

Download Full-text

Virtualizing AI at the Distributed Edge Towards Intelligent IoT Applications

Journal of Sensor and Actuator Networks ◽

10.3390/jsan10010013 ◽

2021 ◽

Vol 10 (1) ◽

pp. 13

Author(s):

Claudia Campolo ◽

Giacomo Genovese ◽

Antonio Iera ◽

Antonella Molinaro

Keyword(s):

Resource Constraints ◽

Smart Cities ◽

Traditional Approach ◽

Low Cost ◽

Iot Applications ◽

Software And Hardware ◽

Iot Devices ◽

Consumer Devices ◽

Hardware Platforms ◽

Smart Factories

Several Internet of Things (IoT) applications are booming which rely on advanced artificial intelligence (AI) and, in particular, machine learning (ML) algorithms to assist the users and make decisions on their behalf in a large variety of contexts, such as smart homes, smart cities, smart factories. Although the traditional approach is to deploy such compute-intensive algorithms into the centralized cloud, the recent proliferation of low-cost, AI-powered microcontrollers and consumer devices paves the way for having the intelligence pervasively spread along the cloud-to-things continuum. The take off of such a promising vision may be hurdled by the resource constraints of IoT devices and by the heterogeneity of (mostly proprietary) AI-embedded software and hardware platforms. In this paper, we propose a solution for the AI distributed deployment at the deep edge, which lays its foundation in the IoT virtualization concept. We design a virtualization layer hosted at the network edge that is in charge of the semantic description of AI-embedded IoT devices, and, hence, it can expose as well as augment their cognitive capabilities in order to feed intelligent IoT applications. The proposal has been mainly devised with the twofold aim of (i) relieving the pressure on constrained devices that are solicited by multiple parties interested in accessing their generated data and inference, and (ii) and targeting interoperability among AI-powered platforms. A Proof-of-Concept (PoC) is provided to showcase the viability and advantages of the proposed solution.

Download Full-text

Privacy Leakage in Mobile Sensing: Your Unlock Passwords Can Be Leaked through Wireless Hotspot Functionality

Mobile Information Systems ◽

10.1155/2016/8793025 ◽

2016 ◽

Vol 2016 ◽

pp. 1-14 ◽

Cited By ~ 15

Author(s):

Jie Zhang ◽

Xiaolong Zheng ◽

Zhanyong Tang ◽

Tianzhang Xing ◽

Xiaojiang Chen ◽

...

Keyword(s):

Feature Extraction ◽

Mobile Sensing ◽

Experimental Results ◽

Smart Devices ◽

Detection Accuracy ◽

Phase Information ◽

Current Sensing ◽

Privacy Leakage ◽

Sensing Systems ◽

Additional Hardware

Mobile sensing has become a new style of applications and most of the smart devices are equipped with varieties of sensors or functionalities to enhance sensing capabilities. Current sensing systems concentrate on how to enhance sensing capabilities; however, the sensors or functionalities may lead to the leakage of users’ privacy. In this paper, we present WiPass, a way to leverage the wireless hotspot functionality on the smart devices to snoop the unlock passwords/patterns without the support of additional hardware. The attacker can “see” your unlock passwords/patterns even one meter away. WiPass leverages the impacts of finger motions on the wireless signals during the unlocking period to analyze the passwords/patterns. To practically implement WiPass, we are facing the difficult feature extraction and complex unlock passwords matching, making the analysis of the finger motions challenging. To conquer the challenges, we use DCASW to extract feature and hierarchical DTW to do unlock passwords matching. Besides, the combination of amplitude and phase information is used to accurately recognize the passwords/patterns. We implement a prototype of WiPass and evaluate its performance under various environments. The experimental results show that WiPass achieves the detection accuracy of 85.6% and 74.7% for passwords/patterns detection in LOS and in NLOS scenarios, respectively.

Download Full-text

Survey on DDoS Attacks and Defense Mechanisms in Cloud and Fog Computing

International Journal of E-Services and Mobile Applications ◽

10.4018/ijesma.2018070104 ◽

2018 ◽

Vol 10 (3) ◽

pp. 61-83 ◽

Cited By ~ 10

Author(s):

Deepali Chaudhary ◽

Kriti Bhushan ◽

B.B. Gupta

Keyword(s):

Cloud Computing ◽

Defense Mechanisms ◽

Low Cost ◽

Fog Computing ◽

Smart Devices ◽

Cloud Environment ◽

Security Issue ◽

Process Data ◽

Ddos Attack ◽

Iot Devices

This article describes how cloud computing has emerged as a strong competitor against traditional IT platforms by offering low-cost and “pay-as-you-go” computing potential and on-demand provisioning of services. Governments, as well as organizations, have migrated their entire or most of the IT infrastructure to the cloud. With the emergence of IoT devices and big data, the amount of data forwarded to the cloud has increased to a huge extent. Therefore, the paradigm of cloud computing is no longer sufficient. Furthermore, with the growth of demand for IoT solutions in organizations, it has become essential to process data quickly, substantially and on-site. Hence, Fog computing is introduced to overcome these drawbacks of cloud computing by bringing intelligence to the edge of the network using smart devices. One major security issue related to the cloud is the DDoS attack. This article discusses in detail about the DDoS attack, cloud computing, fog computing, how DDoS affect cloud environment and how fog computing can be used in a cloud environment to solve a variety of problems.

Download Full-text