Privacy-preserving scheme for mobile ad hoc networks.

This paper proposes a decentralized trust establishment protocol for mobile ad hoc networks (MANETs), where nodes establish security associations. In order to achieve privacy and security, we use homomorphic encryption and polynomial intersection so as to find the intersection of two sets. The first set represents a list of recommenders of the initiator and the second set is a list of trusted recommenders of the responder. The intersection of the sets represents a list of nodes that recommend the first node and their recommendations are trusted by the second node. In our experimental results we show that our scheme is effective even if there are 30 trusted nodes

Secure Data Aggregation in Vehicular-Adhoc Networks: A Survey

AbstractVehicular ad hoc networks (VANETs) are an upcoming technology that is gaining momentum in recent years. That may be the reason that the network attracts more and more attention from both industry and academia. Due to the limited bandwidth of wireless communication medium, scalability is a major problem. Data aggregation is a solution to this. The goal of data aggregation is to combine the messages and disseminate this in larger region. While doing aggregation integrity of the information can not be easily verified and attacks may be possible. Hence aggregation must be secure. Although there are several surveys covering VANETs, they do not concentrate on security issues specifically on data aggregation. In this paper, we discuss and analyse various data aggregation techniques and their solutions

MobileTrust: Secure Knowledge Integration in VANETs

Vehicular Ad hoc NETworks (VANET) are becoming popular due to the emergence of the Internet of Things and ambient intelligence applications. In such networks, secure resource sharing functionality is accomplished by incorporating trust schemes. Current solutions adopt peer-to-peer technologies that can cover the large operational area. However, these systems fail to capture some inherent properties of VANETs, such as fast and ephemeral interaction, making robust trust evaluation of crowdsourcing challenging. In this article, we propose MobileTrust—a hybrid trust-based system for secure resource sharing in VANETs. The proposal is a breakthrough in centralized trust computing that utilizes cloud and upcoming 5G technologies to provide robust trust establishment with global scalability. The ad hoc communication is energy-efficient and protects the system against threats that are not countered by the current settings. To evaluate its performance and effectiveness, MobileTrust is modelled in the SUMO simulator and tested on the traffic features of the small-size German city of Eichstatt. Similar schemes are implemented in the same platform to provide a fair comparison. Moreover, MobileTrust is deployed on a typical embedded system platform and applied on a real smart car installation for monitoring traffic and road-state parameters of an urban application. The proposed system is developed under the EU-founded THREAT-ARREST project, to provide security, privacy, and trust in an intelligent and energy-aware transportation scenario, bringing closer the vision of sustainable circular economy

ASMA: towards adaptive secured multipath in MANETs

As they are used to create open communities, Mobile Ad hoc NETworks (MANETs) are not favourable environments to establish trust, which is necessary to provide security. Multipath routing mechanisms within infrastructureless networks environment seems appropriate and useful to enhance security protection. In fact, the level of trust can be increased so as many of potential security attacks are detected, revealed and stopped. Nevertheless an excessive control overhead is always generated. In this paper, we propose a global framework that integrates a set of concepts and mechanisms aiming at enhancing security in highly dynamic decentralized ad hoc networks. Our solution focuses on authentication, routing securing, trust management with reliable estimation of trust. A large panoply of attacks are prevented using our various mechanisms.8th IFIP/IEEE International conference on Mobile and Wireless CommunicationRed de Universidades con Carreras en Informática (RedUNCI

Formal verification and access control approach of an IoT protocol

Dissertação (mestrado) - Universidade Federal de Santa Catarina, Centro Tecnológico, Programa de Pós-Graduação em Ciência da Computação, Florianópolis, 2017.Protocolos de Segurança estão na nossa rotina diária e exemplos distosão compras utilizando o cartão de crédito, eleição eletrônica, redes sem fio e etc. O primeiro objetivo deste trabalho é a verificação formal dos aspectos de segurança de um protocolo voltado para Wireless Sensor Networks (WSN). O Trustful Space-Time Protocol (TSTP) engloba a maioria das características necessárias para aplicações WSN como por exemplo controle de acesso, roteamento geográfico de pacotes, estimativa de localização, relógio precisamente sincronizado, canais de comunicação segura e um esquema de distribuição de chaves entre o gateway e os sensores. Após a análise formal do protocolo de distribuição de chaves do TSTP usando Proverif, nós encontramos duas falhas de segurança: uma relacionada ao componente de sincronização de tempo e outra relacionada ao método mac-then-encrypt empregado. Com as falhas encontradas nós propómos uma versão melhorada do protocolo de distribuição de chaves. O segundo objetivo é criar um esquema de controle de acesso sensível ao contexto para dispositivos Internet de Coisas(IoC) usando TSTP como canal de comunicação. O esquema da política foi projetado para um cenário Smart Campus e seu contexto. Aproveitamos os recursos do TSTP para adicionar dados de tempo e espaço como contexto para o nosso modelo. Após o desenho do modelo de política, descrevemos seu modelo simbólico e fizemos uma análise formal para ter certeza de que os valores das propriedades de contexto não foram adulterados.Abstract : Security protocols are included in our every day routine. A few examplesare credit card purchases, e-voting, wireless networks, etc. Thefirst goal of this dissertation is the formal verification of the securityaspects of a cross-layer, application-oriented communication protocolfor Wireless Sensor Networks (WSN). The Trustful Space-Time Protocol(TSTP) encompasses a majority of features recurrently needed byWSN applications like medium access control, geographic routing, locationestimation, precise time synchronization, secure communicationchannels and a key distribution scheme between sensors and the sink.After the security protocol analysis of TSTP?s key distribution protocolusing ProVerif we were able to find two security flaws: one related tothe time synchronization component and another being a bad approachrelated to a mac-then-encrypt method employed. With our findingswe propose an improved version of the key distribution protocol. Thesecond goal is to create a context-aware access control scheme for Internetof Things(IoT) devices using TSTP as a communication channel.The policy?s scheme was designed for a Smart Campus scenario andits context. We take advantage of TSTP?s features to add time andspace data as context for our model too. After the design of the policymodel, we described its symbolic model and we did a formal analysisto be sure that the context properties values were not tampered

Access Authentication Via Blockchain in Space Information Network

These authors contributed equally to this work. Abstract Space Information Network (SIN) has significant benefits of providing communication anywhere at any time. This feature offers an innovative way for conventional wireless customers to access enhanced internet services by using SIN. However, SIN's characteristics, such as naked links and maximum signal latency, make it difficult to design efficient security and routing protocols, etc. Similarly, existing SIN authentication techniques can't satisfy all of the essentials for secure communication, such as privacy leaks or rising authentication latency. The article aims to develop a novel blockchain-based access authentication mechanism for SIN. The proposed scheme uses a blockchain application, which has offered anonymity to mobile users while considering the satellites' limited processing capacity. The proposed scheme uses a blockchain application, which offers anonymity to mobile users while considering the satellites' limited processing capacity. The SIN gains the likelihood of far greater computational capacity devices as technology evolves. Since authenticating in SIN, the technique comprises three entities: low Earth orbit, mobile user, and network control centre. The proposed mutual authentication mechanism avoids the requirement of a ground station, resulting in less latency and overhead during mobile user authentication. Finally, the new blockchain-based authentication approach is being evaluated with AVISPA, a formal security tool. The simulation and performance study results illustrate that the proposed technique delivers efficient security characteristics such as low authentication latency, minimal signal overhead and less computational cost with group authentication

A lightweight group-key management protocol for secure ad-hoc-network routing

AbstractSecure routing protocols for ad hoc networks use group keys for authenticating control messages without high energy consumption. A distributed and robust group-key management is, thus, essential. This paper proposes and specifies a protocol for distributing and managing group keys in ad hoc environments based on the Secure Optimized Link State Routing protocol (SOLSR). The proposed protocol manages group keys taking into consideration frequent network partitions/mergers and also reduces the impact of non-authorized users that try to illegitimately obtain the group key to use network resources. The analysis shows that our proposal provides high availability and presents low energy consumption for the two most important group events in ad hoc network: joining-node events and network-partition-merging events. Our protocol reduces both the number of control messages and the energy spent with cryptographic operations by up to three orders of magnitude when compared to contributory group-key agreement algorithms. The proposed protocol provides an efficient key management in a timely manner

UAVouch : a distributed drone identity and location validation mechanism

As aplicações emergentes de vigilância, com equipes de VANTs, dependem de comunicação segura para trocar informações, coordenar seus movimentos e cumprir os objetivos da missão. Proteger a rede identificando o acesso de nós mal-intencionados tentando perturbar o sistema é uma tarefa importante, e particularmente sensível no domínio militar. Observando essa necessidade, este artigo apresenta o design e a avaliação do UAVouch: Um esquema distribuído de validação de localização e identidade de drones que combina uma autenticação baseada em chave pública com uma verificação de plausibilidade de movimento para grupos de VANTs. A ideia principal do UAVouch complementa o mecanismo de autenticação, verificando periodicamente a plausibilidade da localização dos VANTs vizinhos, permitindo a detecção de intrusos que não conseguem seguir as trajetórias esperadas. A solução proposta foi avaliada em simulação através de um cenário de vigilância militar, no qual detectou-se ataques de falsificação de posição de nós mal-intencionados com precisão em média acima de 85%.Emerging surveillance applications of UAV teams rely on secure communication to exchange information, coordinate their movements, and fulfill mission objectives. Protecting the network by identifying malicious nodes access trying to disturb the system is an important task, which is particularly sensitive in the military domain. Observing this need, this paper presents the design and evaluation of UAVouch: an identity and location validation scheme combining a public-key based authentication with a movement plausibility check for groups of UAVs. The key idea of UAVouch supplement the authentication mechanism by periodically checking the plausibility of the location of neighboring UAVs, allowing the detection of intruders that are unable to follow expected trajectories. The proposed solution was evaluated in a simulated military surveillance scenario in which it detects malicious nodes’ position falsification attacks with an accuracy on average above 85%

TACASHI: Trust-Aware Communication Architecture for Social Internet of Vehicles

[EN] The Internet of Vehicles (IoV) has emerged as a new spin-off research theme from traditional vehicular ad hoc networks. It employs vehicular nodes connected to other smart objects equipped with a powerful multisensor platform, communication technologies, and IP-based connectivity to the Internet, thereby creating a possible social network called Social IoV (SIoV). Ensuring the required trustiness among communicating entities is an important task in such heterogeneous networks, especially for safety-related applications. Thus, in addition to securing intervehicle communication, the driver/passengers honesty factor must also be considered, since they could tamper the system in order to provoke unwanted situations. To bridge the gaps between these two paradigms, we envision to connect SIoV and online social networks (OSNs) for the purpose of estimating the drivers and passengers honesty based on their OSN profiles. Furthermore, we compare the current location of the vehicles with their estimated path based on their historical mobility profile. We combine SIoV, path-based and OSN-based trusts to compute the overall trust for different vehicles and their current users. As a result, we propose a trust-aware communication architecture for social IoV (TACASHI). TACASHI offers a trust-aware social in-vehicle and intervehicle communication architecture for SIoV considering also the drivers honesty factor based on OSN. Extensive simulation results evidence the efficiency of our proposal, ensuring high detection ratios >87% and high accuracy with reduced error ratios, clearly outperforming previous proposals, known as RTM and AD-IoV.Kerrache, CA.; Lagraa, N.; Hussain, R.; Ahmed, SH.; Benslimane, A.; Tavares De Araujo Cesariny Calafate, CM.; Cano, J.... (2019). TACASHI: Trust-Aware Communication Architecture for Social Internet of Vehicles. IEEE Internet of Things. 6(4):5870-5877. https://doi.org/10.1109/JIOT.2018.2880332S587058776