Continuous Operator Authentication for Teleoperated Systems Using Hidden Markov Models

In this article, we present a novel approach for continuous operator authentication in teleoperated robotic processes based on Hidden Markov Models (HMM). While HMMs were originally developed and widely used in speech recognition, they have shown great performance in human motion and activity modeling. We make an analogy between human language and teleoperated robotic processes (i.e., words are analogous to a teleoperator’s gestures, sentences are analogous to the entire teleoperated task or process) and implement HMMs to model the teleoperated task. To test the continuous authentication performance of the proposed method, we conducted two sets of analyses. We built a virtual reality (VR) experimental environment using a commodity VR headset (HTC Vive) and haptic feedback enabled controller (Sensable PHANToM Omni) to simulate a real teleoperated task. An experimental study with 10 subjects was then conducted. We also performed simulated continuous operator authentication by using the JHU-ISI Gesture and Skill Assessment Working Set (JIGSAWS). The performance of the model was evaluated based on the continuous (real-time) operator authentication accuracy as well as resistance to a simulated impersonation attack. The results suggest that the proposed method is able to achieve 70% (VR experiment) and 81% (JIGSAWS dataset) continuous classification accuracy with as short as a 1-second sample window. It is also capable of detecting an impersonation attack in real-time.

Mutual Authentication in Body Area Networks (BANs) Using Multi-Biometric and Physiological Signal-Based Key Agreement

The development of wireless technology has had a major impact on the wireless body area networks (WBANs) especially in the medical field where a small wireless sensor is installed in, on, or around the patient’s body for real-time health monitoring and personalized medical treatment. However, the data is collected by the sensors and transmitted via wireless channels. This could make the channel vulnerable to being accessed and falsified by an unauthorized user and may put the lives of the patient at risk and might give a false alarm. Therefore, a secure authentication and data encryption scheme in BANs is needed in a device to establish the interaction. The asymmetric cryptosystems that function in BANs can cause a Man-in-the-Middle attack because the initial requirement in BAN requires the user to configure a master key or password. The impersonation attack may also involve BAN where other individual pretends to be the owner of the devices and lastly Eavesdropping attack where the attack eavesdrops on transmission to unlock devices. With the existing schemes, mutual authentication using the biometric features (fingerprint) and the physiological signal from the electrocardiogram database is used to make sure the authentication is more secure, reliable, and accurate. In this paper, we proposed a new multifactor authentication scheme on biometric authentication which is the retina scan. We proposed the retina scan because the retina of the human eye is unique, remains the same, and cannot be obtained from anywhere which makes it difficult to forge. We also added a new device which is a smart watch to receive a key agreement message from the fingerprint to double confirm the same identification. This is to make sure high security is obtained and offered simplicity, efficiency, and precision scheme for the authentication.

A novel multi-stage distributed authentication scheme for smart meter communication

Smart meters have ensured effective end-user energy consumption data management and helping the power companies towards network operation efficiency. However, recent studies highlighted that cyber adversaries may launch attacks on smart meters that can cause data availability, integrity, and confidentiality issues both at the consumer side or at a network operator’s end. Therefore, research on smart meter data security has been attributed as one of the top priorities to ensure the safety and reliability of the critical energy system infrastructure. Authentication is one of the basic building blocks of any secure system. Numerous authentication schemes have been proposed for the smart grid, but most of these methods are applicable for two party communication. In this article, we propose a distributed, dynamic multistage authenticated key agreement scheme for smart meter communication. The proposed scheme provides secure authentication between smart meter, NAN gateway, and SCADA energy center in a distributed manner. Through rigorous cryptanalysis we have proved that the proposed scheme resist replay attack, insider attack, impersonation attack and man-in-the-middle attack. Also, it provides perfect forward secrecy, device anonymity and data confidentiality. The proposed scheme security is formally proved in the CK—model and, using BAN logic, it is proved that the scheme creates a secure session between the communication participants. The proposed scheme is simulated using the AVISPA tool and verified the safety against all active attacks. Further, efficiency analysis of the scheme has been made by considering its computation, communication, and functional costs. The computed results are compared with other related schemes. From these analysis results, it is proved that the proposed scheme is robust and secure when compared to other schemes.

A Lightweight Three-Factor Authentication and Key Agreement Scheme for Multigateway WSNs in IoT

The Internet of Things (IoT) has built an information bridge between people and the objective world, wherein wireless sensor networks (WSNs) are an important driving force. For applications based on WSN, such as environment monitoring, smart healthcare, user legitimacy authentication, and data security, are always worth exploring. In recent years, many multifactor user authentication schemes for WSNs have been proposed using smart cards, passwords, as well as biometric features. Unfortunately, these schemes are revealed to various vulnerabilities (e.g., password guessing attack, impersonation attack, and replay attack) due to nonuniform security evaluation criteria. Wang et al. put forward 12 pieces of widely accepted evaluation criteria by investigating quantities of relevant literature. In this paper, we first propose a lightweight multifactor authentication protocol for multigateway WSNs using hash functions and XOR operations. Further, BAN logic and BPR model are employed to formally prove the correctness and security of the proposed scheme, and the informal analysis with Wang et al.’s criteria also indicates that it can resist well-known attacks. Finally, performance analysis of the compared schemes is given, and the evaluation results show that only the proposed scheme can satisfy all 12 evaluation criteria and keep efficient among these schemes.

A secure and privacy-preserving authentication protocol for wireless sensor networks in smart city

Smart city can improve the efficiency of managing assets and resources, optimize urban services and improve the quality of citizens’ life. Wireless sensor networks (WSNs) can solve many problems in smart city, such as smart transportation, smart healthcare and smart energy. However, security and privacy are the biggest challenges for WSN. Recently, Banerjee et al. proposed a security-enhanced authentication and key agreement scheme for WSN, but their scheme cannot resist offline password guessing attack, impersonation attack, and does not achieve session key secrecy, identity unlinkability, and perfect forward secrecy. In order to fix these flaws, a secure and privacy-preserving authentication protocol for WSN in smart city is proposed. We prove the security of the proposed protocol by using applied pi calculus-based formal verification tool ProVerif and show that it has high computational efficiency by comparison with some related schemes.

An Improved and Privacy-Preserving Mutual Authentication Scheme with Forward Secrecy in VANETs

Vehicular ad hoc network (VANETs) plays a major part in intelligent transportation to enhance traffic efficiency and safety. Security and privacy are the essential matters needed to be tackled due to the open communication channel. Most of the existing schemes only provide message authentication without identity authentication, especially the inability to support forward secrecy which is a major security goal of authentication schemes. In this article, we propose a privacy-preserving mutual authentication scheme with batch verification for VANETs which support both message authentication and identity authentication. More importantly, the proposed scheme achieves forward secrecy, which means the exposure of the shared key will not compromise the previous interaction. The security proof shows that our scheme can withstand various known security attacks, such as the impersonation attack and forgery attack. The experiment analysis results based on communication and computation cost demonstrate that our scheme is more efficient compared with the related schemes.