scholarly journals Eavesdropping Vulnerability and Countermeasure in Infrared Communication for IoT Devices

Sensors ◽  
2021 ◽  
Vol 21 (24) ◽  
pp. 8207
Author(s):  
Minchul Kim ◽  
Taeweon Suh
Keyword(s):  
Credit Card ◽  
Personal Information ◽  
Cost Effective ◽  
Consumer Electronics ◽  
Sensitive Information ◽  
Infrared Communication ◽  
Set Top Box ◽  
Transmission Distance ◽  
Infrared Rays ◽  
Iot Devices

Infrared (IR) communication is one of the wireless communication methods mainly used to manipulate consumer electronics devices. Traditional IR devices support only simple operations such as changing TV channels. These days, consumer electronic devices such as smart TV are connected to the internet with the introduction of IoT. Thus, the user’s sensitive information such as credit card number and/or personal information could be entered with the IR remote. This situation raises a new problem. Since TV and the set-top box are visual media, these devices can be used to control and/or monitor other IoT devices at home. Therefore, personal information can be exposed to eavesdroppers. In this paper, we experimented with the IR devices’ reception sensitivity using remotes. These experiments were performed to measure the IR reception sensitivity in terms of distance and position between the device and the remote. According to our experiments, the transmission distance of the IR remote signal is more than 20 m. The experiments also revealed that curtains do not block infrared rays. Consequently, eavesdropping is possible to steal the user’s sensitive information. This paper proposes a simple, practical, and cost-effective countermeasure against eavesdropping, which does not impose any burden on users. Basically, encryption is used to prevent the eavesdropping. The encryption key is created by recycling a timer inside the microcontroller typically integrated in a remote. The key is regenerated whenever the power button on a remote is pressed, providing the limited lifecycle of the key. The evaluation indicates that the XOR-based encryption is practical and effective in terms of the processing time and cost.

scholarly journals Using Sequential Minimal Optimization for Phishing Attack Detection

2019 ◽  
Vol 13 (5) ◽  
pp. 114
Author(s):  
Ali Mohammad H. Al-Ibrahim
Keyword(s):  
Credit Card ◽  
Personal Information ◽  
Detection Algorithm ◽  
Attack Detection ◽  
Internet Technology ◽  
Sensitive Information ◽  
Classification Rate ◽  
Electronic Transactions ◽  
Smo Algorithm ◽  
A Site

With the development of Internet technology and electronic transactions, the problem of software security has become a reality that must be confronted and is no longer an option that can be abandoned. For this reason, software must be protected in all available ways. Where attackers use many methods to enable them to penetrate systems, especially those that rely on the Internet and hackers try to identify the vulnerabilities in the programs and exploit them to enter the database and steal sensitive information. Electronic phishing is a form of illegal access to information, such as user names, passwords, credit card details, etc. Where attackers use different types of tricks to reveal confidential user information. Where attacks appear as links and phishing is done by clicking on the links contained in them. This leads to obtaining confidential information by using those false emails, redirecting the user without his knowledge to a site similar to the site he wants to access and capturing information. The main purpose of this paper is to protect users from malicious pages that are intended to steal personal information. Therefore, an electronic phishing detection algorithm called the SMO algorithm, which deals only with the properties of links, has been used. Weka was used in the classification process. The samples were the characteristics of the links and they contain a number of sites which were 8266 and the number of phishing sites 4116 and legitimate sites 4150 sites and results were found to be new for the previous algorithms where the real classification rate 99.0202% in the time of 1.68 seconds.

scholarly journals Hybrid Machine Learning: A Tool to Detect Phishing Attacks in Communication Networks

2021 ◽  
Vol 15 (3) ◽  
pp. 374-389
Author(s):  
Ademola Philip Abidoye ◽  
Boniface Kabaso
Keyword(s):  
Machine Learning ◽  
Communication Networks ◽  
Credit Card ◽  
Personal Information ◽  
False Positive Rate ◽  
False Negative ◽  
False Negative Rate ◽  
Machine Learning Techniques ◽  
Sensitive Information ◽  
Cyber Attack

Phishing is a cyber-attack that uses disguised email as a weapon and has been on the rise in recent times.  Innocent Internet user if peradventure clicking on a fraudulent link may cause him to fall victim of divulging his personal information such as credit card pin, login credentials, banking information and other sensitive information. There are many ways in which the attackers can trick victims to reveal their personal information. In this article, we select important phishing URLs features that can be used by attacker to trick Internet users into taking the attacker’s desired action. We use two machine learning techniques to accurately classify our data sets. We compare the performance of other related techniques with our scheme. The results of the experiments show that the approach is highly effective in detecting phishing URLs and attained an accuracy of 97.8% with 1.06% false positive rate, 0.5% false negative rate, and an error rate of 0.3%. The proposed scheme performs better compared to other selected related work. This shows that our approach can be used for real-time application in detecting phishing URLs.

Directed adversarial sampling attacks on phishing detection

2021 ◽  
Vol 29 (1) ◽  
pp. 1-23
Author(s):  
Hossein Shirazi ◽  
Bruhadeshwar Bezawada ◽  
Indrakshi Ray ◽  
Chuck Anderson
Keyword(s):  
Machine Learning ◽  
Credit Card ◽  
Personal Information ◽  
Success Probability ◽  
Training Dataset ◽  
Sensitive Information ◽  
Learning Approaches ◽  
Adversarial Learning ◽  
The Face ◽  
Phishing Detection

Phishing websites trick honest users into believing that they interact with a legitimate website and capture sensitive information, such as user names, passwords, credit card numbers, and other personal information. Machine learning is a promising technique to distinguish between phishing and legitimate websites. However, machine learning approaches are susceptible to adversarial learning attacks where a phishing sample can bypass classifiers. Our experiments on publicly available datasets reveal that the phishing detection mechanisms are vulnerable to adversarial learning attacks. We investigate the robustness of machine learning-based phishing detection in the face of adversarial learning attacks. We propose a practical approach to simulate such attacks by generating adversarial samples through direct feature manipulation. To enhance the sample’s success probability, we describe a clustering approach that guides an attacker to select the best possible phishing samples that can bypass the classifier by appearing as legitimate samples. We define the notion of vulnerability level for each dataset that measures the number of features that can be manipulated and the cost for such manipulation. Further, we clustered phishing samples and showed that some clusters of samples are more likely to exhibit higher vulnerability levels than others. This helps an adversary identify the best candidates of phishing samples to generate adversarial samples at a lower cost. Our finding can be used to refine the dataset and develop better learning models to compensate for the weak samples in the training dataset.

Erbium/Ytterbium-Doped Waveguide Amplifier (EYDWA) for extended reach of Wavelength Division Multiplexing based free space optics system (WDM/FSO)

2020 ◽  
Vol 0 (0) ◽  
Author(s):  
Bentahar Attaouia ◽  
Kandouci Malika ◽  
Ghouali Samir
Keyword(s):  
Wavelength Division Multiplexing ◽  
Free Space ◽  
Cost Effective ◽  
Weather Conditions ◽  
Free Space Optical ◽  
Wavelength Division ◽  
Space Optics ◽  
Effective Implementation ◽  
Transmission Distance ◽  
The Cost

AbstractThis work is focused to carry out the investigation of wavelength division multiplexing (WDM) approach on free space optical (FSO) transmission systems using Erbium Ytterbium Doped Waveguide Amplifier (EYDWA) integrated as post-or pre-amplifier for extending the reach to 30 Km for the cost-effective implementation of FSO system considering weather conditions. Furthermore, the performance of proposed FSO-wavelength division multiplexing (WDM) system is also evaluated on the effect of varying the FSO range and results are reported in terms of Q factor, BER, and eye diagrams. It has been found that, under clear rain the post-amplification was performed and was able to reach transmission distance over 27 Km, whereas, the FSO distance has been limited at 19.5 Km by using pre-amplification.

scholarly journals Practical Cross-Layer Radio Frequency-Based Authentication Scheme for Internet of Things

Sensors ◽  
2021 ◽  
Vol 21 (12) ◽  
pp. 4034
Author(s):  
Arie Haenel ◽  
Yoram Haddad ◽  
Maryline Laurent ◽  
Zonghua Zhang
Keyword(s):  
Internet Of Things ◽  
Radio Frequency ◽  
Real Life ◽  
Computation Time ◽  
Cost Effective ◽  
Battery Life ◽  
Cross Layer ◽  
Security Level ◽  
Cost Of Energy ◽  
Iot Devices

The Internet of Things world is in need of practical solutions for its security. Existing security mechanisms for IoT are mostly not implemented due to complexity, budget, and energy-saving issues. This is especially true for IoT devices that are battery powered, and they should be cost effective to be deployed extensively in the field. In this work, we propose a new cross-layer approach combining existing authentication protocols and existing Physical Layer Radio Frequency Fingerprinting technologies to provide hybrid authentication mechanisms that are practically proved efficient in the field. Even though several Radio Frequency Fingerprinting methods have been proposed so far, as a support for multi-factor authentication or even on their own, practical solutions are still a challenge. The accuracy results achieved with even the best systems using expensive equipment are still not sufficient on real-life systems. Our approach proposes a hybrid protocol that can save energy and computation time on the IoT devices side, proportionally to the accuracy of the Radio Frequency Fingerprinting used, which has a measurable benefit while keeping an acceptable security level. We implemented a full system operating in real time and achieved an accuracy of 99.8% for the additional cost of energy, leading to a decrease of only ~20% in battery life.

scholarly journals Ciphertext-policy attribute-based encryption with hidden sensitive policy from keyword search techniques in smart city

2021 ◽  
Vol 2021 (1) ◽  
Author(s):  
Fei Meng ◽  
Leixiao Cheng ◽  
Mingqiang Wang
Keyword(s):  
Smart City ◽  
Keyword Search ◽  
Sensitive Information ◽  
Security Model ◽  
Computational Overhead ◽  
Diffie Hellman ◽  
Attribute Based Encryption ◽  
Iot Devices ◽  
Ciphertext Policy ◽  
Access Policies

AbstractCountless data generated in Smart city may contain private and sensitive information and should be protected from unauthorized users. The data can be encrypted by Attribute-based encryption (CP-ABE), which allows encrypter to specify access policies in the ciphertext. But, traditional CP-ABE schemes are limited because of two shortages: the access policy is public i.e., privacy exposed; the decryption time is linear with the complexity of policy, i.e., huge computational overheads. In this work, we introduce a novel method to protect the privacy of CP-ABE scheme by keyword search (KS) techniques. In detail, we define a new security model called chosen sensitive policy security: two access policies embedded in the ciphertext, one is public and the other is sensitive and hidden. If user's attributes don't satisfy the public policy, he/she cannot get any information (attribute name and its values) of the hidden one. Previous CP-ABE schemes with hidden policy only work on the “AND-gate” access structure or their ciphertext size or decryption time maybe super-polynomial. Our scheme is more expressive and compact. Since, IoT devices spread all over the smart city, so the computational overhead of encryption and decryption can be shifted to third parties. Therefore, our scheme is more applicable to resource-constrained users. We prove our scheme to be selective secure under the decisional bilinear Diffie-Hellman (DBDH) assumption.

Researching, building the routing algorithm in Zigbee networks

2021 ◽  
pp. 32-41
Author(s):  
Dao Xuan Uoc
Keyword(s):  
Ieee 802.15.4 ◽  
Mesh Networks ◽  
Routing Algorithm ◽  
Optimal Routing ◽  
Star Network ◽  
Transmission Distance ◽  
Zigbee Networks ◽  
Iot Devices ◽  
Ieee 802.15.4 Standard ◽  
Better Than

Zigbee wireless network built on IEEE 802.15.4 standard is becoming one of the most popular wireless networks in modern IoT devices. One of the disadvantages of Zigbee networks is the short transmission distance between devices. This paper focuses on researching and comparing routing algorithms in Zigbee networks, thereby building the optimal routing algorithm in the existing system. The paper’s objective is to form the basis for making Zigbee tree and mesh networks, which improves the transmission distance for Zigbee networks better than the star network.

Smishing Detection: Using Artificial Intelligence

2021 ◽  
Vol 9 (8) ◽  
pp. 2218-2224
Author(s):  
Samyak Sadanand Shravasti
Keyword(s):  
Artificial Intelligence ◽  
Short Message Service ◽  
Personal Information ◽  
Critical Issue ◽  
Cyber Attacks ◽  
Sensitive Information ◽  
Short Message ◽  
Proposed Model ◽  
Message Service ◽  
A Company

Abstract: Phishing occurs when people's personal information is stolen via email, phone, or text communications. In Smishing Short Message Service (SMS) is used for cyber-attacks, Smishing is a type of theft of sensitive information. People are more likely to give personal information such as account details and passwords when they receive SMS messages. This data could be used to steal money or personal information from a person or a company. As a result, Smishing is a critical issue to consider. The proposed model uses an Artificial Intelligence to detect smishing. Analysing a SMS and successfully detecting Smishing is possible. Finally, we evaluate and analyse our proposed model to show its efficacy. Keywords: Phishing, Smishing, Artificial Intelligence, LSTM, RNN

scholarly journals Assessment of current practices in creating and using passwords as a control mechanism for information access

2007 ◽  
Vol 9 (2) ◽  
Author(s):  
P. L. Wessels ◽  
L. P. Steenkamp
Keyword(s):  
Control Mechanism ◽  
Personal Information ◽  
Information Access ◽  
Sensitive Information ◽  
Access To Information ◽  
Network Servers ◽  
Critical Issues ◽  
Data Files ◽  
Gain Access ◽  
Current Practices

One of the critical issues in managing information within an organization is to ensure that proper controls exist and are applied in allowing people access to information. Passwords are used extensively as the main control mechanism to identify users wanting access to systems, applications, data files, network servers or personal information. In this article, the issues involved in selecting and using passwords are discussed and the current practices employed by users in creating and storing passwords to gain access to sensitive information are assessed. The results of this survey conclude that information managers cannot rely only on users to employ proper password control in order to protect sensitive information. 

Sign in / Sign up

Export Citation Format

Share Document