Security protocols suite for machine-to-machine systems

Nowadays, the great diffusion of advanced devices, such as smart-phones, has shown that there is a growing trend to rely on new technologies to generate and/or support progress; the society is clearly ready to trust on next-generation communication systems to face today’s concerns on economic and social fields. The reason for this sociological change is represented by the fact that the technologies have been open to all users, even if the latter do not necessarily have a specific knowledge in this field, and therefore the introduction of new user-friendly applications has now appeared as a business opportunity and a key factor to increase the general cohesion among all citizens. Within the actors of this technological evolution, wireless machine-to-machine (M2M) networks are becoming of great importance. These wireless networks are made up of interconnected low-power devices that are able to provide a great variety of services with little or even no user intervention. Examples of these services can be fleet management, fire detection, utilities consumption (water and energy distribution, etc.) or patients monitoring. However, since any arising technology goes together with its security threats, which have to be faced, further studies are necessary to secure wireless M2M technology. In this context, main threats are those related to attacks to the services availability and to the privacy of both the subscribers’ and the services providers’ data. Taking into account the often limited resources of the M2M devices at the hardware level, ensuring the availability and privacy requirements in the range of M2M applications while minimizing the waste of valuable resources is even more challenging. Based on the above facts, this Ph. D. thesis is aimed at providing efficient security solutions for wireless M2M networks that effectively reduce energy consumption of the network while not affecting the overall security services of the system. With this goal, we first propose a coherent taxonomy of M2M network that allows us to identify which security topics deserve special attention and which entities or specific services are particularly threatened. Second, we define an efficient, secure-data aggregation scheme that is able to increase the network lifetime by optimizing the energy consumption of the devices. Third, we propose a novel physical authenticator or frame checker that minimizes the communication costs in wireless channels and that successfully faces exhaustion attacks. Fourth, we study specific aspects of typical key management schemes to provide a novel protocol which ensures the distribution of secret keys for all the cryptographic methods used in this system. Fifth, we describe the collaboration with the WAVE2M community in order to define a proper frame format actually able to support the necessary security services, including the ones that we have already proposed; WAVE2M was funded to promote the global use of an emerging wireless communication technology for ultra-low and long-range services. And finally sixth, we provide with an accurate analysis of privacy solutions that actually fit M2M-networks services’ requirements. All the analyses along this thesis are corroborated by simulations that confirm significant improvements in terms of efficiency while supporting the necessary security requirements for M2M networks

Efficient utilization of scalable multipliers in parallel to compute GF(p) elliptic curve cryptographic operations

This paper presents the design and implementation of an elliptic curve cryptographic core to realize point scalar multiplication operations used for the GF(p) elliptic curve encryption/decryption and the elliptic curve digital signature algorithm (ECDSA). The design makes use of projective coordinates together with scalable Montgomery multipliers for data size of up to 256-bits. We propose using four multiplier cores together with the ordinary projective coordinates which outperform implementations with Jacobean coordinates typically believed to perform better. The proposed architecture is particularly attractive for elliptic curve cryptosystems when hardware area optimization is the key concern

Optimizing the performance of the advanced encryption standard techniques for secured data transmission

Information security has emerged as a critical concern in data communications. The use of cryptographic methods is one approach for ensuring data security. A cryptography implementation often consists of complex algorithms that are used to secure the data. Several security techniques, including the Data Encryption Standard (DES), Triple Data Encryption Standard (3DES), Twofish, Rivest-Shamir-Adleman (RSA), Elliptic curve cryptography, and many others, have been created and are used in the data encryption process. However, the Advanced Encryption Standard (Rijndael) has received a lot of attention recently due to its effectiveness and level of security. To increase the scope of AES's numerous uses, it is crucial to develop high-performance AES. To enhance the processing time of AES methods, the research provided solution performance of the AES algorithm. This includes additional layers of encoding, decoding, shrinking and expansion techniques of the analysis that was performed. Data findings are produced for further actions based on the outcome

Advanced Intelligent Data Hiding Using Video Stego and Convolutional Neural Networks

        إخفاء المعلومات هو تقنية لإخفاء البيانات السرية ضمن ملفات أخرى من نفس النوع أو في أنواع أخرى. وتعد تقنية إخفاء البيانات من التقنيات الضروريه في أمن المعلومات الرقمية. يهدف هذا العمل إلى تصميم طريقة إخفاء المعلومات في الاتصال الإلكتروني (ستيجانوجرافيا) يمكنها إخفاء رسالة داخل صور ملف الفيديو بشكل فعال. في هذا العمل ، نحاول اقتراح نموذج إخفاء المعلومات بالفيديو من خلال تدريب نموذج لإخفاء الفيديو (أو الصور) داخل فيديو آخر باستخدام الشبكات العصبية الألتفافية (CNN). في النموذج المقترح يتم تدريب CNN بشكل متزامن لتوليد عمليات الكشف والاختباء ، وهي مصممة للعمل بشكل مزدوج (أي يتم تدريب الشبكتين بنفس الوقت). يحتوي هذا النموذج على إستراتيجية جيدة لأنماط الصور ، والتي تساعد على اتخاذ قرارات لتحديد أي أجزاء من صورة الغلاف يجب أن تكون زائدة عن الحاجة ، والتي تسمح بأخفاء المزيد من وحدات البكسل هناك. يمكن تنفيذ CNN باستخدام مكتبة (keras)، جنبًا إلى جنب مع مكتبة (tensorflow). بالإضافة إلى ذلك ، تم استخدام صور ملونه (RGB)عشوائية من مجموعة بيانات " ImageNet" لتدريب النموذج المقترح (حوالي 45000 صورة بالحجم (256 × 256)). تم تدريب النموذج المقترح باستخدام صور عشوائية مأخوذة من قاعدة بيانات ImageNet ويمكنه العمل على الصور المأخوذة من مجموعة واسعة من المصادر. ومن خلال توفير مساحة على الصورة عن طريق إزالة المساحة الزائدة ، يمكن زيادة كمية البيانات المخفية (تحسين السعة). ونظرًا لأن الأوزان معمارية النموذج يتم توزيعهما بشكل عشوائي ، فلا يمكن معرفة الطريقة الفعلية التي ستخفي الشبكة بها البيانات لأي شخص ليس لديه الأوزان. علاوة على ذلك ، تم التشفير بطريقة  خلط الكتلة (block-shuffling) كطريقة تشفير لتحسين الأمان ؛ وأيضا تم استخدام طرق تحسين الصورة لتحسين جودة الصور الناتجة. واظهرت النتائج ، أن الطريقة المقترحة حققت مستوى أمان عالي، وقدرة تضمين عالية. بالإضافة إلى ذلك ، اظهرت النتائج أن النظام حقق نتائج جيدة في إمكانية الرؤية والهجمات، حيث نجحت الطريقة المقترحة في خداع المراقب وبرنامج تحليل ستيجانوجرافيا.Steganography is a technique of concealing secret data within other quotidian files of the same or different types. Hiding data has been essential to digital information security. This work aims to design a stego method that can effectively hide a message inside the images of the video file.  In this work, a video steganography model has been proposed through training a model to hiding video (or images) within another video using convolutional neural networks (CNN). By using a CNN in this approach, two main goals can be achieved for any steganographic methods which are, increasing security (hardness to observed and broken by used steganalysis program), this was achieved in this work as the weights and architecture are randomized. Thus, the exact way by which the network will hide the information is unable to be known to anyone who does not have the weights.  The second goal is to increase hiding capacity, which has been achieved by using CNN as a strategy to make decisions to determine the best areas that are redundant and, as a result, gain more size to be hidden. Furthermore, In the proposed model, CNN is concurrently trained to generate the revealing and hiding processes, and it is designed to work as a pair mainly. This model has a good strategy for the patterns of images, which assists to make decisions to determine which is the parts of the cover image should be redundant, as well as more pixels are hidden there. The CNN implementation can be done by using Keras, along with tensor flow backend. In addition, random RGB images from the "ImageNet dataset" have been used for training the proposed model (About 45000 images of size (256x256)). The proposed model has been trained by CNN using random images taken from the database of ImageNet and can work on images taken from a wide range of sources. By saving space on an image by removing redundant areas, the quantity of hidden data can be raised (improve capacity). Since the weights and model architecture are randomized, the actual method in which the network will hide the data can't be known to anyone who does not have the weights. Furthermore, additional block-shuffling is incorporated as an encryption method to improved security; also, the image enhancement methods are used to improving the output quality. From results, the proposed method has achieved high-security level, high embedding capacity. In addition, the result approves that the system achieves good results in visibility and attacks, in which the proposed method successfully tricks observer and the steganalysis program

EFFICIENT AND SECURE ALGORITHMS FOR MOBILE CROWDSENSING THROUGH PERSONAL SMART DEVICES.

The success of the modern pervasive sensing strategies, such as the Social Sensing, strongly depends on the diffusion of smart mobile devices. Smartwatches, smart- phones, and tablets are devices capable of capturing and analyzing data about the user’s context, and can be exploited to infer high-level knowledge about the user himself, and/or the surrounding environment. In this sense, one of the most relevant applications of the Social Sensing paradigm concerns distributed Human Activity Recognition (HAR) in scenarios ranging from health care to urban mobility management, ambient intelligence, and assisted living. Even though some simple HAR techniques can be directly implemented on mo- bile devices, in some cases, such as when complex activities need to be analyzed timely, users’ smart devices should be able to operate as part of a more complex architecture, paving the way to the definition of new distributed computing paradigms. The general idea behind these approaches is to move early analysis to- wards the edge of the network, while relying on other intermediate (fog) or remote (cloud) devices for computations of increasing complexity. This logic represents the main core of the fog computing paradigm, and this thesis investigates its adoption in distributed sensing frameworks. Specifically, the conducted analysis focused on the design of a novel distributed HAR framework in which the heavy computation from the sensing layer is moved to intermediate devices and then to the cloud. Smart personal devices are used as processing units in order to guarantee real-time recognition, whereas the cloud is responsible for maintaining an overall, consistent view of the whole activity set. As compared to traditional cloud-based solutions, this choice allows to overcome processing and storage limitations of wearable devices while also reducing the overall bandwidth consumption. Then, the fog-based architecture allowed the design and definition of a novel HAR technique that combines three machine learning algorithms, namely k-means clustering, Support Vector Machines (SVMs), and Hidden Markov Models (HMMs), to recognize complex activities modeled as sequences of simple micro- activities. The capability to distribute the computation over the different entities in the network, allowing the use of complex HAR algorithms, is definitely one of the most significant advantages provided by the fog architecture. However, because both of its intrinsic nature and high degree of modularity, the fog-based system is particularly prone to cyber security attacks that can be performed against every element of the infrastructure. This aspect plays a main role with respect to social sensing since the users’ private data must be preserved from malicious purposes. Security issues are generally addressed by introducing cryptographic mechanisms that improve the system defenses against cyber attackers while, at the same time, causing an increase of the computational overhead for devices with limited resources. With the goal to find a trade-off between security and computation cost, the de- sign and definition of a secure lightweight protocol for social-based applications are discussed and then integrated into the distributed framework. The protocol covers all tasks commonly required by a general fog-based crowdsensing application, making it applicable not only in a distributed HAR scenario, discussed as a case study, but also in other application contexts. Experimental analysis aims to assess the performance of the solutions described so far. After highlighting the benefits the distributed HAR framework might bring in smart environments, an evaluation in terms of both recognition accuracy and complexity of data exchanged between network devices is conducted. Then, the effectiveness of the secure protocol is demonstrated by showing the low impact it causes on the total computational overhead. Moreover, a comparison with other state-of-art protocols is made to prove its effectiveness in terms of the provided security mechanisms