A State-of-the-Art Assessment of US and EU C-ITS Security Solutions

In the near future with the innovative services and solutions being currently tested and deployed for cars, homes, offices, transport systems, smart cities, etc., the user connectivity will considerably change. It means that smart devices will be connected to the internet and produce a big impact on the internet traffic, increasing the service demand generated by devices and sensors. However most of these devices are vulnerable to attacks. Hence, the security and privacy become a crucial feature to be included in towards its appropriate deployment. Interconnected, cooperative, service-oriented devices and their related hardware/software solutions will contain sensitive data making such systems susceptible to attacks and leakage of information. Therefore, robust secure communication infrastructures must be established to aid suitable deployment. This chapter is a state-of-the-art assessment of US and EU C-ITS security solutions.

A Secure Routing Scheme Against Malicious Nodes in Ad Hoc Networks

This chapter proposes a new cluster-based secure routing scheme to detect and prevent intrusions in ad hoc networks. The proposed scheme combines both specification and anomaly detection techniques to provide an accurate detection of wide range of routing attacks. The proposed secure scheme provides an adaptive response mechanism to isolate malicious nodes from the network. A key advantage of the proposed secure scheme is its capacity to prevent wormhole and rushing attacks and its real-time detection of both known and unknown attacks which violate specification. The simulation results show that the proposed scheme shows high detection rate and low false positive rate compared to other security mechanisms.

A Novel Real-Time Lighting-Invariant Lane Departure Warning System

In recent years, in order to minimize traffic accidents, developing driving assistance systems for security has attracted much attention. Lane detection is an essential element of avoiding accidents and enhancing driving security. In this chapter, the authors implement a novel real-time lighting-invariant lane departure warning system. The proposed methodology works well in different lighting conditions, such as in poor conditions. The experimental results and accuracy evaluation indicates the efficiency of the system proposed for lane detection. The correct detection rate averages 97% and exceeds 95.6% in poor conditions. Furthermore, the entire process has only 29 ms per frame.

Key Management Protocols for Smart Sensor Networks

To deliver security services (integrity, confidentiality, authentication, availability), it is necessary that the communicating nodes share cryptographic keys for encryption and authentication. However, it is well known that the encryption systems represent the first line of defense against all types of attacks. Furthermore, cryptographic techniques must be designed to detect the execution of the most dangerous attacks. In addition, these techniques must be small to fit the limited resources of the WSN. The aims of this chapter are to discuss the mechanisms used to secure communications; to show their main adaptations required for adoption in smart sensors, which are described in the literature, particularly in terms of key management and distribution; and finally, to detail the different solutions proposed in the literature to secure the communication of smart and constrained sensor networks in the internet of things based on cryptography and intrusion detection systems.

A Review of Intrusion Detection Systems in Cloud Computing

Security is a major challenge faced by cloud computing (CC) due to its open and distributed architecture. Hence, it is vulnerable and prone to intrusions that affect confidentiality, availability, and integrity of cloud resources and offered services. Intrusion detection system (IDS) has become the most commonly used component of computer system security and compliance practices that defends cloud environment from various kinds of threats and attacks. This chapter presents the cloud architecture, an overview of different intrusions in the cloud, the challenges and essential characteristics of cloud-based IDS (CIDS), and detection techniques used by CIDS and their types. Then, the authors analyze 24 pertinent CIDS with respect to their various types, positioning, detection time, and data source. The analysis also gives the strength of each system and limitations in order to evaluate whether they carry out the security requirements of CC environment or not.

Security Threats in the Internet of Things

In the internet of things (IoT) vision, people, systems, and objects with sensing and/or actuating capabilities communicate to monitor and control the physical world. Nowadays, the IoT concept has attracted significant attention from different application domain such as healthcare and smart homes. Indeed, self-organization and self-configuration are key characteristics of IoT given that IoT represents a pervasive environment where objects are resource-constrained and communication technologies are very ubiquitous. These characteristics in addition to the vulnerability of objects themselves and of the communication channels make IoT more susceptible to malicious attacks. In this context, a deep analysis of IoT security breach and vulnerabilities is necessary. This chapter presents IoT requirements and existing threats as well as security protocols and mechanisms. It specifically analyzes existing and new threats against the IoT's routing protocol (the routing protocol for low-power and lossy networks: RPL) and presents intrusion detection solutions (IDS) to counter RPL attacks.

Trust Management Issues for Sensors Security and Privacy in the Smart Grid

Currently, smart grids have changed the world, given the great benefits of these critical infrastructures regarding the customers' satisfaction by offering them the electrical energy that they need for their business. Also, the smart grid aims to solve all the problems encountered in the current electrical grid (outage, lack of renewable energy, an excess in the produced power, etc.) by transmitting and sharing the information in real time between the different entities through the installation of the sensors. This chapter therefore presents the architecture of the smart grid by describing its objectives and advantages. In addition, the microgrids are presented as small electric networks. Then, focusing on the security aspects, an analysis of the different attacks and risks faced in the smart grids and more particularly in the microgrids is presented. After, different techniques and suitable security solutions are detailed to protect and secure the various elements of the smart grids and microgrids.

Security of Information Exchange Between Readers and Tags

RFID (radio frequency identification) systems tend to be one of the most predominant computing technologies due to their low cost and their broad applicability. Latest technologies have brought costs down, and standards are being developed. Now the RFID technology is very important and essential. It is used for innovative applications in personnel services. RFID technology is based on tags, distance and frequency, communication mode, antenna and power transfer, and communication. The attacks are based on the way the RFID systems are communicating and the way that are transferred between the entities of an RFID network (tags, readers). Securing information exchange between readers and tags needs some cryptography methods like symmetric (affine method, block stream method, etc.) or asymmetric (RSA, ECC, etc.) key methods. In this chapter, the authors compare methods based on complexity and power. Then they choose the best for securing communication between RFID tags and RFID readers.

Security in 4G

IMS is a standardized service architecture defined by 3GPP, ETSI, and IETF to provide multimedia services such as videoconferencing, VoD, and voice over IP. IMS is mainly based on the SIP protocol for session initialization. The convergence to full IP has advantages but also disadvantages. The latter are mainly inherited from the weaknesses of the IP protocol, in particular the QoS and the security aspects. It is in this context that this chapter is written. It has as main objective to analyze security in IMS networks as service layer in 4G to identify the most vulnerable points and propose security solutions that can be implemented without degrading the QoS.

Network Access Control and Collaborative Security Against APT and AET

Cybercrime is rising due to the appearance of a new generation of attacks, APT and AET, and the reactionary aspect of the protection systems implemented in the IP networks. In this chapter, the authors analyze the gap between the innovative aspect of those attacks and the reactive aspect of the security measures put in place inside victim networks. The challenge is to shift this security aspect from reactive to proactive by adopting a collaborative approach based on NAC technology as a multi-level protection and IF-MAP as a security standard exchange protocol. First, a brief overview of NAC and IF-MAP is given. Then, the authors analyze the anatomy of these chained exploits and their escape techniques in order to propose an approach able to counter such attacks through the convergence towards a security ecosystem having the correlative intelligence to respond to challenges in real time and in a proactive way.