Arrows in a Quiver: A Secure Certificateless Group Key Distribution Protocol for Drones

Drone-based applications continue to garner a lot of attention due to their significant potential in both commercial and non-commercial use. Owing to this increasing popularity, researchers have begun to pay attention to the communication security requirements involved in deploying drone-based applications and services on a large scale, with particular emphasis on group communication. The majority of existing works in this field focus on the use of symmetric key cryptographic schemes or group key agreement schemes. However, in this paper, we propose a pairing-free certificateless group authenticated key distribution protocol for drone-based applications which takes into consideration drones with varying computational resources. The proposed scheme ensures key freshness, group key secrecy, forward secrecy, and backward secrecy while ensuring that the scheme is lightweight enough to be implemented on very resource-constrained drones or smart devices. We extensively prove the security of our scheme and demonstrate its real-world applicability by evaluating its performance on three different kinds of drone boards (UP Xtreme i7 board, SamL11-Xpro board, and a Zolertia Re-mote Revb board)

A secure and lightweight drones-access protocol for smart city surveillance

The rising popularity of ICT and the Internet has enabled Unmanned Aerial Vehicle (UAV) to offer advantageous assistance to Vehicular Ad-hoc Network (VANET), realizing a relay node's role among the disconnected segments in the road. In this scenario, the communication is done between Vehicles to UAVs (V2U), subsequently transforming into a UAV-assisted VANET. UAV-assisted VANET allows users to access real-time data, especially the monitoring data in smart cities using current mobile networks. Nevertheless, due to the open nature of communication infrastructure, the high mobility of vehicles along with the security and privacy constraints are the significant concerns of UAV-assisted VANET. In these scenarios, Deep Learning Algorithms (DLA) could play an effective role in the security, privacy, and routing issues of UAV-assisted VANET. Keeping this in mind, we have devised a DLA-based key-exchange protocol for UAV-assisted VANET. The proposed protocol extends the scalability and uses secure bitwise XOR operations, one-way hash functions, including user's biometric verification when users and drones are mutually authenticated. The proposed protocol can resist many well-known security attacks and provides formal and informal security under the Random Oracle Model (ROM). The security comparison shows that the proposed protocol outperforms the security performance in terms of running time cost and communication cost and has effective security features compared to other related protocols

Design and Analysis of Lightweight Authentication Protocol for Securing IoD

The Internet-of-drones (IoD) environment is a layered network control architecture designed to maintain, coordinate, access, and control drones (or Unmanned Aerial vehicles UAVs) and facilitate drones' navigation services. The main entities in IoD are drones, ground station, and external user. Before operationalizing a drone in IoD, a control infrastructure is mandatory for securing its open network channel (Flying Ad Hoc Networks FANETs). An attacker can easily capture data from the available network channel and use it for their own purpose. Its protection is challenging, as it guarantees message integrity, non-repudiation, authenticity, and authorization amongst all the participants. Incredibly, without a robust authentication protocol, the task is sensitive and challenging one to solve. This research focus on the security of the communication path between drone and ground station and solving the noted vulnerabilities like stolen-verifier, privileged-insider attacks, and outdated-data-transmission/design flaws often reported in the current authentication protocols for IoD. We proposed a hash message authentication code/secure hash algorithmic (HMACSHA1) based robust, improved and lightweight authentication protocol for securing IoD. Its security has been verified formally using Random Oracle Model (ROM), ProVerif2.02 and informally using assumptions and pragmatic illustration. The performance evaluation proved that the proposed protocol is lightweight compared to prior protocols and recommended for implementation in the real-world IoD environment.Qatar University [IRCC-2021-010]

Dronecrypt - An Efficient Cryptographic Framework for Small Aerial Drones

Aerial drones are becoming an integral part of application domains including but not limited to, military operations, package delivery, construction, monitoring and search/rescue operations. It is critical to ensure the cyber security of networked aerial drone systems in these applications. Standard cryptographic services can be deployed to provide basic security services; however, they have been shown to be inefficient in terms of energy and time consumption, especially for small aerial drones with resource-limited processors. Therefore, there is a significant need for an efficient cryptographic framework that can meet the requirements of small aerial drones. We propose an improved cryptographic framework for small aerial drones, which offers significant energy efficiency and speed advantages over standard cryptographic techniques. (i) We create (to the best of our knowledge) the first optimized public key infrastructure (PKI) based framework for small aerial drones, which provides energy efficient techniques by harnessing special precomputation methods and optimized elliptic curves. (ii) We also integrate recent light-weight symmetric primitives into our PKI techniques to provide a full-fledged cryptographic framework. (iii) We implemented standard counterparts and our proposed techniques on an actual small aerial drone (Crazyflie 2.0), and provided an in-depth energy analysis. Our experiments showed that our improved cryptographic framework achieves up to 35$\times$ lower energy consumption than its standard counterpart

State-of-the-art authentication and verification schemes in VANETs:A survey

Vehicular Ad-Hoc Networks (VANETs), a subset of Mobile Ad-Hoc Networks (MANETs), are wireless networks formed around moving vehicles, enabling communication between vehicles, roadside infrastructure, and servers. With the rise of autonomous and connected vehicles, security concerns surrounding VANETs have grown. VANETs still face challenges related to privacy with full-scale deployment due to a lack of user trust. Critical factors shaping VANETs include their dynamic topology and high mobility characteristics. Authentication protocols emerge as the cornerstone of enabling the secure transmission of entities within a VANET. Despite concerted efforts, there remains a need to incorporate verification approaches for refining authentication protocols. Formal verification constitutes a mathematical approach enabling developers to validate protocols and rectify design errors with precision. Therefore, this review focuses on authentication protocols as a pivotal element for securing entity transmission within VANETs. It presents a comparative analysis of existing protocols, identifies research gaps, and introduces a novel framework that incorporates formal verification and threat modeling. The review considers key factors influencing security, sheds light on ongoing challenges, and emphasises the significance of user trust. The proposed framework not only enhances VANET security but also contributes to the growing field of formal verification in the automotive domain. As the outcomes of this study, several research gaps, challenges, and future research directions are identified. These insights would offer valuable guidance for researchers to establish secure authentication communication within VANETs

Identity and Aggregate Signature-Based Authentication Protocol for IoD Deployment Military Drone

With the rapid miniaturization in sensor technology, ruddervator, arduino, and multi-rotor system, drone technology has fascinated researchers in the field of network security. It is of critical significance given the advancement in modern strategic narratives. This has special relevance to drone-related operations. This technology can be controlled remotely by an invisible yet credible operator sitting to a powerful intelligence computer system (PICS) or an airborne control and command platform (AC2P). The two types of drones (reconnaissance and attacking) can communicate with each other and with the PICS or AC2P through wireless network channels referred to as Flying Ad Hoc Network or Unmanned Aerial Vehicular Network (FANET or UAVN). This mode of communication is not without some inconvenience. For instance, when the line of sight is broken, communication is mainly carried out through satellite using GPS (Global Positioning System) signals. Both GPS and UAVN/FANET use open network channels for data broadcasting, which are exposed to several threats, thus making security risky and challenging. This risk is specifically eminent in monitoring data transmission traffic, espionage, troop movement, border surveillance, searching, and warfare battlefield phenomenon, etc. This issue of security risk can be minimized conspicuously by developing a robust authentication scheme for IoD deployment military drones. Therefore, this research illustrates the designing of two separate protocols based on the aggregate signature, identity, pairing cryptography, and Computational Diffie-Hellman Problem (CDHP) to guarantee data integrity, authorization, and confidentiality among drones and AC2P/PICS. More importantly, the outdated data transmission flaw has also been tackled, which is of obvious concern to the past designed protocols. The security of the proposed designs is formally verified using a random oracle model (ROM), a real-or-random (ROR) model, and by informally using pragmatic illustration and mathematical lemmas. Nonetheless, the performance analysis section will be executed using the algorithmic big-O notation. The results show that these protocols are verifiably protected in the ROM and ROR model using the CDHP

Effects of Hacking an Unmanned Aerial Vehicle Connected to the Cloud

2018 IEEE Region 2 Student Activities Conference, 1st place paper competition2018 Denman Undergraduate Research Forum, 2nd place in Math, Computation, and AnalyticsControl systems with commercial and even military applications are utilizing more networked technologies to perform tasks associated with navigation and communication. Increasingly, these systems are experiencing cyber-attacks due to the interconnections with the internet and inter-operability protocols. Current research focuses on improving performance of a control system or improving cryptography methods separately; however, there is a need to understand the joint design of control and cyber-security methods in order to combat the growing cyber-attacks on these systems. Here, we seek to begin bridging this gap by determining how commonly employed cyber-attacks impact the performance criteria of control systems so that future research can aim for strong joint design. For this work, the control system of choice is the Parrot AR.Drone 2.0, which is a quadrotor unmanned aerial vehicle (UAV). The UAV sends navigation-related sensor data to the cloud to determine a control command to be executed by the UAV. There, we simulate an attacker and perform two common attacks, Denial of Service and Man in the Middle. For Man in the Middle, we leverage ARP spoofing which then allows the attacker to read the data streaming in and out of the cloud and manipulate it. To understand the effects of this attacker, we ran simulation tests using ROS and Gazebo. These tests added network traffic, manipulated velocities, added delays, and replayed messages to the UAV, which was tasked with following a line and landing on a target tag autonomously. Performance metrics such as spatial velocities, location, delays, and end state are analyzed for the tests and compared to a UAV not under attack. The analysis of the results highlights the weaknesses in this networked setup along with degree of damage and disruption this type of cyber-attack can impose on a UAV.National Science FoundationNo embargoAcademic Major: Electrical and Computer Engineerin

TD2SecIoT: Temporal, Data-Driven and Dynamic Network Layer Based Security Architecture for Industrial IoT

The Internet of Things (IoT) is an emerging technology, which comprises wireless smart sensors and actuators. Nowadays, IoT is implemented in different areas such as Smart Homes, Smart Cities, Smart Industries, Military, eHealth, and several real-world applications by connecting domain-specific sensors. Designing a security model for these applications is challenging for researchers since attacks (for example, zero-day) are increasing tremendously. Several security methods have been developed to ensure the CIA (Confidentiality, Integrity, and Availability) for Industrial IoT (IIoT). Though these methods have shown promising results, there are still some security issues that are open. Thus, the security and authentication of IoT based applications become quite significant. In this paper, we propose TD2SecIoT (Temporal, Data-Driven and Dynamic Network Layer Based Security Architecture for Industrial IoT), which incorporates Elliptic Curve Cryptography (ECC) and Nth-degree Truncated Polynomial Ring Units (NTRU) methods to ensure confidentiality and integrity. The proposed method has been evaluated against different attacks and performance measures (quantitative and qualitative) using the Cooja network simulator with Contiki-OS. The TD2SecIoT has shown a higher security level with reduced computational cost and time