An AODV Based Multifactor Authentication Scheme for Wireless Sensor Network

Wireless Sensor Network (WSN) is a type of wireless network that is fast getting a lot of attention in scientific and industrial applications, and it is a network of decentralized autonomous standalone sensor devices. However, WSN is easily prone to malicious attacks as anyone can access the server through the node without a proper security authentication. In this paper, we proposed a secure AODV based multi-factor authentication scheme for WSN to mitigate physical attack, offline guessing attack and replay attack. Our proposed scheme is preferred to keep the scheme lightweight while providing enough security that requires smart card, user identity, password, and OTP. Our proposed scheme has relatively lower computational cost with a total of 10Th than the other compared schemes except for Adil et al.’s scheme. However, we have around 8288 bits of authentication overhead due to the nature of packet and the addition of factors. Hence, our scheme is outperformed from computational cost perspective, but the scheme is slightly higher on authentication overhead perspective. In the future, multiple device authentication, implementation of biometric feature can be added to improve the scheme.

System End-User Actions as a Threat to Information System Security

As universities migrate online due to the advent of Covid-19, there is a need for enhanced security in information systems in the institution of higher learning. Many opted to invest in technological approaches to mitigate cybersecurity threats; however, the most common types of cybersecurity breaches happen due to the human factor, well known as end-user error or actions. Thus, this study aimed to identify and explore possible end-user errors in academia and the resulting vulnerabilities and threats that could affect the integrity of the university's information system. The study further presented state-of-the-art humanoriented security threats countermeasures to compliment universities' cybersecurity plans. Countermeasures include well-tailored ICT policies, incident response procedures, and education to protect themselves from security events (disruption, distortion, and exploitation). Adopted is a mixedmethod research approach with a qualitative research design to guide the study. An open-ended questionnaire and semi-structured interviews were used as data collection tools. Findings showed that system end-user errors remain the biggest security threat to information systems security in institutions of higher learning. Indeed errors make information systems vulnerable to certain cybersecurity attacks and, when exploited, put legitimate users, institutional network, and its computers at risk of contracting viruses, worms, Trojan, and expose it to spam, phishing, e-mail fraud, and other modern security attacks such as DDoS, session hijacking, replay attack and many more. Understanding that technology has failed to fully protect systems, specific recommendations are provided for the institution of higher education to consider improving employee actions and minimizing security incidents in their eLearning platforms, post Covid-19.

Improved Verifier-Based Three-Party Password-Authenticated Key Exchange Protocol from Ideal Lattices

With the advent of large-scale social networks, two communication users need to generate session keys with the help of a remote server to communicate securely. In the existing three-party authenticated key exchange (3PAKE) protocols, users’ passwords need to be stored on the server; it cannot resist the server disclosure attack. To solve this security problem, we propose a more efficient 3PAKE protocol based on the verification element by adopting a public-key cryptosystem and approximate smooth projection hash (ASPH) function on an ideal lattice. Using the structure of separating authentication from the server, the user can negotiate the session key only after two rounds of communication. The analysis results show that it can improve the efficiency of computation and communication and resist the server disclosure attack, quantum algorithm attack, and replay attack; moreover, it has session key privacy to the server. This protocol can meet the performance requirement of the current communication network.

High Camouflage Intrusion Detection Method for Structured Database Based on Multi Pattern Matching

with the rise and rapid development of mobile communication, intelligent terminal and data system, we are entering the era of mobile Internet. In recent years, more and more data need to be processed and transmitted in daily life, and structured data is becoming more and more important. Among them, multi-mode matching technology can search data in a wider range. Matching for multiple patterns at a time avoids unnecessary matching, accelerates the matching process, and helps to find longer matching information and obtain higher accuracy. This paper mainly introduces the high camouflage intrusion detection method of structured database based on multi-mode matching. This paper uses the high disguised intrusion detection method of structured database based on multi-mode matching, collects sensitive information of wireless access points and stations through the communication of WLAN in multimodal matching, then intercepts and forges data packets to initiate replay attack. Replay attack is characterized by abnormal traffic in the network, which can be detected by statistical analysis. The experimental results show that the high camouflage intrusion detection method based on multi-mode matching makes the camouflage intrusion detection rate increase by 23%. The limitations of the design and research of camouflage intrusion detection are analyzed, discussed and summarized, so as to enrich the academic research results.

IoT Cloud-Based Framework for Face Spoofing Detection with Deep Multicolor Feature Learning Model

A face-based authentication system has become an important topic in various fields of IoT applications such as identity validation for social care, crime detection, ATM access, computer security, etc. However, these authentication systems are vulnerable to different attacks. Presentation attacks have become a clear threat for facial biometric-based authentication and security applications. To address this issue, we proposed a deep learning approach for face spoofing detection systems in IoT cloud-based environment. The deep learning approach extracted features from multicolor space to obtain more information from the input face image regarding luminance and chrominance data. These features are combined and selected by the Minimum Redundancy Maximum Relevance (mRMR) algorithm to provide an efficient and discriminate feature set. Finally, the extracted deep color-based features of the face image are used for face spoofing detection in a cloud environment. The proposed method achieves stable results with less training data compared to conventional deep learning methods. This advantage of the proposed approach reduces the time of processing in the training phase and optimizes resource management in storing training data on the cloud. The proposed system was tested and evaluated based on two challenging public access face spoofing databases, namely, Replay-Attack and ROSE-Youtu. The experimental results based on these databases showed that the proposed method achieved satisfactory results compared to the state-of-the-art methods based on an equal error rate (EER) of 0.2% and 3.8%, respectively, for the Replay-Attack and ROSE-Youtu databases.

An improved NFC device authentication protocol

Aimed at the security authentication problem between Near Field Communication (NFC) devices, this paper uses the technology of asymmetric encryption algorithm, symmetric encryption algorithm, hash function, timestamp and survival period to improve the confidentiality, performance and security of the protocol. The symmetric encryption algorithm encrypts the transmission content, while the asymmetric encryption algorithm encrypts the shared key. The whole authentication process is secure, and the key distribution is secure. The improved NFC device authentication protocol can effectively resist the brute force attack, man-in-the-middle attack and replay attack in the authentication process, it can reduce the number of message transmission in the authentication process, improve the transmission efficiency, enhance the confidentiality, integrity, non-repudiation and improve the security of NFC device authentication.

A novel multi-stage distributed authentication scheme for smart meter communication

Smart meters have ensured effective end-user energy consumption data management and helping the power companies towards network operation efficiency. However, recent studies highlighted that cyber adversaries may launch attacks on smart meters that can cause data availability, integrity, and confidentiality issues both at the consumer side or at a network operator’s end. Therefore, research on smart meter data security has been attributed as one of the top priorities to ensure the safety and reliability of the critical energy system infrastructure. Authentication is one of the basic building blocks of any secure system. Numerous authentication schemes have been proposed for the smart grid, but most of these methods are applicable for two party communication. In this article, we propose a distributed, dynamic multistage authenticated key agreement scheme for smart meter communication. The proposed scheme provides secure authentication between smart meter, NAN gateway, and SCADA energy center in a distributed manner. Through rigorous cryptanalysis we have proved that the proposed scheme resist replay attack, insider attack, impersonation attack and man-in-the-middle attack. Also, it provides perfect forward secrecy, device anonymity and data confidentiality. The proposed scheme security is formally proved in the CK—model and, using BAN logic, it is proved that the scheme creates a secure session between the communication participants. The proposed scheme is simulated using the AVISPA tool and verified the safety against all active attacks. Further, efficiency analysis of the scheme has been made by considering its computation, communication, and functional costs. The computed results are compared with other related schemes. From these analysis results, it is proved that the proposed scheme is robust and secure when compared to other schemes.