An Efficient and Secure Malicious User Detection Scheme Based on Reputation Mechanism for Mobile Crowdsensing VANET

With the increasing development of wireless communication technology and Vehicular Ad hoc Network (VANET), as well as the continuous popularization of various sensors, Mobile Crowdsensing (MCS) paradigm has been widely concerned in the field of transportation. As a currently popular data sensing way, it mainly relies on wireless sensing devices to complete large-scale and complex sensing tasks. However, since vehicles are highly mobile in this scenario and the sensing system is open, that is, any vehicle equipped with sensing device can join the system, the credibility of all participating vehicles cannot be guaranteed. In addition, malicious users will upload false data in the sensing system, which makes the sensing data not meet the needs of the sensing tasks and will threaten traffic safety in some serious cases. There are many solutions to the above problems, such as cryptography, incentive mechanism, and reputation mechanisms. Unfortunately, although these schemes guaranteed the credibility of users, they did not give much thought to the reliability of data. In addition, some schemes brought a lot of overhead, some used a centralized server management architecture, and some were not suitable for the scenario of VANET. Therefore, this paper firstly proposes the MCS-VANET architecture-based blockchain, which consists of participating vehicles (PVs), road side units (RSUs), cloud server (CS), and the blockchain (BC), and then designs a malicious user detection scheme composed of three phases. In the data collecting phase, to reduce the data uploading overhead, data aggregation and machine learning technologies are combined by fully considering the historical reputation value of PVs, and the proportion of data uploading is determined based on the historical data quality evaluation result of PVs. In the data quality evaluation phase, a new reputation computational model is proposed to effectively evaluate the sensing data, which contains four indicators: the reputation history of PVs, the data unbiasedness, the leadership of PVs, and the spatial force of PVs. In the reputation updating phase, to achieve the effective change of reputation values, the logistic model function curve is introduced and the result of the reputation updating is stored in the blockchain for security publicity. Finally, on real datasets, the feasibility and effectiveness of our proposed scheme are demonstrated through the experimental simulation and security analysis. Compared with existing schemes, the proposed scheme not only reduces the cost of data uploading but also has better performance.

A Register Access Control Scheme for SNR System to Counter CPA Attack Based on Malicious User Blacklist

Standalone Name Resolution (SNR) is an essential component of many Information-Centric Networking (ICN) infrastructures that maps and stores the mappings of IDs and locators. The delivery of data can be realized only when the name resolution process is completed correctly. It also makes the SNR become the key target of network attackers. In this paper, our research focuses on the more covert and complex Content Pollution Attack (CPA). By continuously sending invalid content to the network at a low speed, attackers will consume a lot of the resources and time of the SNR system, resulting in a serious increase in the resolution delay of normal users and further cache pollution in ICN. It is difficult to be quickly detected because the characteristics of attack are inconspicuous. To address the challenge, a register access control scheme for an SNR system based on a malicious user blacklist query is proposed. A neighbor voting algorithm is designed to discover possible attacks in the network quickly and build a blacklist of malicious users reasonably. Users on the blacklist will be restricted from accessing the ICN network during the registration phase with the resolution system. Incentives and punishments for network users are introduced to automate responses about the potential malicious behavior reports. Our scheme is more efficient as users do not have to wait for an additional system component to perform operations. In addition, our algorithm can better solve the collusion problem in the voting process when compared with the others. We experimentally evaluate our protocol to demonstrate that the probability of successful collusion attack can be reduced to less than 0.1 when the attacker ratio is 0.5.

Fine-Grained and Controllably Redactable Blockchain with Harmful Data Forced Removal

Notoriously, immutability is one of the most striking properties of blockchains. As the data contained in blockchains may be compelled to redact for personal and legal reasons, immutability needs to be skillfully broken. In most existing redactable blockchains, fine-grained redaction and effective deletion of harmful data are mutually exclusive. To close the gap, we propose a fine-grained and controllably redactable blockchain with harmful data forced removal. In the scheme, the originator of the transaction has fine-grained control over who can perform the redaction and which portions of the transaction can be redacted. The redaction transaction is performed after collecting enough votes from miners. All users can provide the index of the block containing the harmful data to receive rewards, which are borne by the malicious user who initially posted the data. Miners can forcibly remove the harmful data based on the index. The malicious user will be blacklisted if the reward is not paid within a period of time, and any transaction about such user will not be performed later. In addition, the scheme supports the redaction of additional data and unexpended transaction output (UTXO) simultaneously. We demonstrate that the scheme is secure and feasible via formal security analysis and proof-of-concept implementation.

Secure Encapsulation Schemes Using Key Recovery System in IoMT Environments

Recently, as Internet of Things systems have been introduced to facilitate diagnosis and treatment in healthcare and medical environments, there are many issues concerning threats to these systems’ security. For instance, if a key used for encryption is lost or corrupted, then ciphertexts produced with this key cannot be decrypted any more. Hence, this paper presents two schemes for key recovery systems that can recover the lost or the corrupted keys of an Internet of Medical Things. In our proposal, when the key used for the ciphertext is needed, this key is obtained from a Key Recovery Field present in the cyphertext. Thus, the recovered key will allow decrypting the ciphertext. However, there are threats to this proposal, including the case of the Key Recovery Field being forged or altered by a malicious user and the possibility of collusion among participating entities (Medical Institution, Key Recovery Auditor, and Key Recovery Center) which can interpret the Key Recovery Field and abuse their authority to gain access to the data. To prevent these threats, two schemes are proposed. The first one enhances the security of a multi-agent key recovery system by providing the Key Recovery Field with efficient integrity and non-repudiation functions, and the second one provides a proxy re-encryption function resistant to collusion attacks against the key recovery system.

Machine Learning-Based Malicious User Detection in Energy Harvested Cognitive Radio-Internet of Things

Our simulation data is generated from energy vector using ED technique.

Machine Learning-Based Malicious User Detection in Energy Harvested Cognitive Radio-Internet of Things

Our simulation data is generated from energy vector using ED technique.