Securing internet of medical things with friendly-jamming schemes

The Internet of Medical Things (IoMT)-enabled e-healthcare can complement traditional medical treatments in a flexible and convenient manner. However, security and privacy become the main concerns of IoMT due to the limited computational capability, memory space and energy constraint of medical sensors, leading to the in-feasibility for conventional cryptographic approaches, which are often computationally-complicated. In contrast to cryptographic approaches, friendly jamming (Fri-jam) schemes will not cause extra computing cost to medical sensors, thereby becoming potential countermeasures to ensure security of IoMT. In this paper, we present a study on using Fri-jam schemes in IoMT. We first analyze the data security in IoMT and discuss the challenges. We then propose using Fri-jam schemes to protect the confidential medical data of patients collected by medical sensors from being eavesdropped. We also discuss the integration of Fri-jam schemes with various communication technologies, including beamforming, Simultaneous Wireless Information and Power Transfer (SWIPT) and full duplexity. Moreover, we present two case studies of Fri-jam schemes in IoMT. The results of these two case studies indicate that the Fri-jam method will significantly decrease the eavesdropping risk while leading to no significant influence on legitimate transmission

Beamforming optimization for two-way relay channel

In this thesis, we focus on the optimization of the two-way relay channel (TWRC), which can double the data rate of communications comparing to the traditional one-way relay channel (OWRC). Because of the broadcasting nature of wireless transmissions, secure transmission is an appealing research topic. We take secrecy rate consideration into the optimization of the TWRC. Overall we provide near-optimal solutions for the secrecy rate maximization problems of the TWRC with imperfect channel state information (ICSI). A much lower complexity optimal SOCP solution is provided for SNR balancing of the TWRC without secrecy consideration. We first look at a flat fading TWRC network model with a multiple-input multiple-output (MIMO) relay where perfect channel state information (CSI) is assumed available. We then formulate an optimization problem, with the objective to minimize the relay’s power usage under the constraints that the signal-to-noise ratio (SNR) of the two transceivers should exceed a preset threshold. A low-complexity optimal beamforming solution is provided to this optimization problem by reformulating it in the form of second-order cone programming (SOCP). Later in the thesis, we consider the presence of an eavesdropper and address the beamforming optimization for minimizing the relay’s power with the constraints of the secrecy rates of the two transceivers. A semi-definite programming (SDP) based searching algorithm is proposed to find a near-optimal solution. For each search of the proposed approach, the previous non-convex optimization problem is transferred into an SDP problem, which can guarantee the optimality of the beamforming matrix. Afterwards, more realistic imperfect CSI (ICSI) situations are considered for the TWRC network models. As ICSI completely changes the structure and the property of the optimization problems, we reformulate the optimization problems into two scenarios. For the first case, we consider that the relay is an untrusted eavesdropper and in this case an SDP solution is provided to maximize the joint-decoding sum-secrecy rate. For the second case, we investigate the robust beamforming problems where the relay is trusted but there is an external eavesdropper, another SDP solution is provided to maximize the sum-secrecy rate

PanCast: Listening to Bluetooth Beacons for Epidemic Risk Mitigation

During the ongoing COVID-19 pandemic, there have been burgeoning efforts to develop and deploy smartphone apps to expedite contact tracing and risk notification. Most of these apps track pairwise encounters between individuals via Bluetooth and then use these tracked encounters to identify and notify those who might have been in proximity of a contagious individual. Unfortunately, these apps have not yet proven sufficiently effective, partly owing to low adoption rates, but also due to the difficult tradeoff between utility and privacy and the fact that, in COVID-19, most individuals do not infect anyone but a few superspreaders infect many in superspreading events. In this paper, we proposePanCast, a privacy-preserving and inclusive system for epidemic risk assessment and notification that scales gracefully with adoption rates, utilizes location and environmental information to increase utility without tracking its users, and can be used to identify superspreading events. To this end, rather than capturing pairwise encounters between smartphones, our system utilizes Bluetooth encounters between beacons placed in strategic locations where superspreading events are most likely to occur and inexpensive, zero-maintenance, small devices that users can attach to their keyring. PanCast allows healthy individuals to use the system in a purely passive "radio" mode, and can assist and benefit from other digital and manual contact tracing systems. Finally, PanCast can be gracefully dismantled at the end of the pandemic, minimizing abuse from any malevolent government or entity

Secondary Network Throughput Optimization of NOMA Cognitive Radio Networks Under Power and Secure Constraints

Recently, the combination of cognitive radio networks with the nonorthogonal multiple access (NOMA) approach has emerged as a viable option for not only improving spectrum usage but also supporting large numbers of wireless communication connections. However, cognitive NOMA networks are unstable and vulnerable because multiple devices operate on the same frequency band. To overcome this drawback, many techniques have been proposed, such as optimal power allocation and interference cancellation. In this paper, we consider an approach by which the secondary transmitter (STx) is able to find the best licensed channel to send its confidential message to the secondary receivers (SRxs) by using the NOMA technique. To combat eavesdroppers and achieve reasonable performance, a power allocation policy that satisfies both the outage probability (OP) constraint of primary users and the security constraint of secondary users is optimized. The closed-form formulas for the OP at the primary base station and the leakage probability for the eavesdropper are obtained with imperfect channel state information. Furthermore, the throughput of the secondary network is analyzed to evaluate the system performance. Based on that, two algorithms (i.e., the continuous genetic algorithm (CGA) for CR NOMA (CGA-CRN) and particle swarm optimization (PSO) for CR NOMA (PSO-CRN)), are applied to optimize the throughput of the secondary network. These optimization algorithms guarantee not only the performance of the primary users but also the security constraints of the secondary users. Finally, simulations are presented to validate our research results and provide insights into how various factors affect system performance

Secondary Network Throughput Optimization of NOMA Cognitive Radio Networks Under Power and Secure Constraints

Recently, the combination of cognitive radio networks with the nonorthogonal multiple access (NOMA) approach has emerged as a viable option for not only improving spectrum usage but also supporting large numbers of wireless communication connections. However, cognitive NOMA networks are unstable and vulnerable because multiple devices operate on the same frequency band. To overcome this drawback, many techniques have been proposed, such as optimal power allocation and interference cancellation. In this paper, we consider an approach by which the secondary transmitter (STx) is able to find the best licensed channel to send its confidential message to the secondary receivers (SRxs) by using the NOMA technique. To combat eavesdroppers and achieve reasonable performance, a power allocation policy that satisfies both the outage probability (OP) constraint of primary users and the security constraint of secondary users is optimized. The closed-form formulas for the OP at the primary base station and the leakage probability for the eavesdropper are obtained with imperfect channel state information. Furthermore, the throughput of the secondary network is analyzed to evaluate the system performance. Based on that, two algorithms (i.e., the continuous genetic algorithm (CGA) for CR NOMA (CGA-CRN) and particle swarm optimization (PSO) for CR NOMA (PSO-CRN)), are applied to optimize the throughput of the secondary network. These optimization algorithms guarantee not only the performance of the primary users but also the security constraints of the secondary users. Finally, simulations are presented to validate our research results and provide insights into how various factors affect system performance

Optimising multiple antenna techniques for physical layer security

Wireless communications offer data transmission services anywhere and anytime, but with the inevitable cost of introducing major security vulnerabilities. Indeed, an eavesdropper can overhear a message conveyed over the open insecure wireless media putting at risk the confidentiality of the wireless users. Currently, the way to partially prevent eavesdropping attacks is by ciphering the information between the authorised parties through complex cryptographic algorithms. Cryptography operates in the upper layers of the communication model, bit it does not address the security problem where the attack is suffered: at the transmission level. In this context, physical layer security has emerged as a promising framework to prevent eavesdropping attacks at the transmission level. Physical layer security is based on information-theoretic concepts and exploits the randomness and the uniqueness of the wireless channel. In this context, this thesis presents signal processing techniques to secure wireless networks at the physical layer by optimising the use of multiple-antennas. A masked transmission strategy is used to steer the confidential information towards the intended receiver, and, at the same time, broadcast an interfering signal to confuse unknown eavesdroppers. This thesis considers practical issues in multiple-antenna networks such as limited transmission resources and the lack of accurate information between the authorised transmission parties. The worst-case for the security, that occurs when a powerful eavesdropper takes advantage of any opportunity to put at risk the transmission confidentiality, is addressed. The techniques introduced improve the security by offering efficient and innovative transmission solutions to lock the communication at the physical layer. Notably, these transmission mechanisms strike a balance between confidentiality and quality to satisfy the practical requirements of modern wireless networks

Security and Privacy in Mobile Computing: Challenges and Solutions

abstract: Mobile devices are penetrating everyday life. According to a recent Cisco report [10], the number of mobile connected devices such as smartphones, tablets, laptops, eReaders, and Machine-to-Machine (M2M) modules will hit 11.6 billion by 2021, exceeding the world's projected population at that time (7.8 billion). The rapid development of mobile devices has brought a number of emerging security and privacy issues in mobile computing. This dissertation aims to address a number of challenging security and privacy issues in mobile computing. This dissertation makes fivefold contributions. The first and second parts study the security and privacy issues in Device-to-Device communications. Specifically, the first part develops a novel scheme to enable a new way of trust relationship called spatiotemporal matching in a privacy-preserving and efficient fashion. To enhance the secure communication among mobile users, the second part proposes a game-theoretical framework to stimulate the cooperative shared secret key generation among mobile users. The third and fourth parts investigate the security and privacy issues in mobile crowdsourcing. In particular, the third part presents a secure and privacy-preserving mobile crowdsourcing system which strikes a good balance among object security, user privacy, and system efficiency. The fourth part demonstrates a differentially private distributed stream monitoring system via mobile crowdsourcing. Finally, the fifth part proposes VISIBLE, a novel video-assisted keystroke inference framework that allows an attacker to infer a tablet user's typed inputs on the touchscreen by recording and analyzing the video of the tablet backside during the user's input process. Besides, some potential countermeasures to this attack are also discussed. This dissertation sheds the light on the state-of-the-art security and privacy issues in mobile computing.Dissertation/ThesisDoctoral Dissertation Electrical Engineering 201

Private and censorship-resistant communication over public networks

Society’s increasing reliance on digital communication networks is creating unprecedented opportunities for wholesale surveillance and censorship. This thesis investigates the use of public networks such as the Internet to build robust, private communication systems that can resist monitoring and attacks by powerful adversaries such as national governments. We sketch the design of a censorship-resistant communication system based on peer-to-peer Internet overlays in which the participants only communicate directly with people they know and trust. This ‘friend-to-friend’ approach protects the participants’ privacy, but it also presents two significant challenges. The first is that, as with any peer-to-peer overlay, the users of the system must collectively provide the resources necessary for its operation; some users might prefer to use the system without contributing resources equal to those they consume, and if many users do so, the system may not be able to survive. To address this challenge we present a new game theoretic model of the problem of encouraging cooperation between selfish actors under conditions of scarcity, and develop a strategy for the game that provides rational incentives for cooperation under a wide range of conditions. The second challenge is that the structure of a friend-to-friend overlay may reveal the users’ social relationships to an adversary monitoring the underlying network. To conceal their sensitive relationships from the adversary, the users must be able to communicate indirectly across the overlay in a way that resists monitoring and attacks by other participants. We address this second challenge by developing two new routing protocols that robustly deliver messages across networks with unknown topologies, without revealing the identities of the communication endpoints to intermediate nodes or vice versa. The protocols make use of a novel unforgeable acknowledgement mechanism that proves that a message has been delivered without identifying the source or destination of the message or the path by which it was delivered. One of the routing protocols is shown to be robust to attacks by malicious participants, while the other provides rational incentives for selfish participants to cooperate in forwarding messages

Formal Foundations for Anonymous Communication

Mit jeder Online-Tätigkeit hinterlassen wir digitale Fußspuren. Unternehmen und Regierungen nutzen die privaten Informationen, die von den riesigen Datenmengen der Online-Spuren abgeleitet werden können, um ihre Nutzer und Büger zu manipulieren. Als Gegenmaßnahme wurden anonyme Kommunikationsnetze vorgeschlagen. Diesen fehlen jedoch umfassende formale Grundlagen und folglich ist der Vergleich zwischen verschiedenen Ansätzen nur sehr eingeschränkt möglich. Mit einer gemeinsamen Grundlage zwischen allen Forschern und Entwicklern von anonymen Kommunikationsnetzen können Missverständnisse vermieden werden und die dringend benötigte Entwicklung von den Netzen wird beschleunigt. Mit Vergleichbarkeit zwischen den Lösungen, können die für den jeweiligen Anwendungsfall optimalen Netze besser identifiziert und damit die Entwicklungsanstrengungen gezielter auf Projekte verteilt werden. Weiterhin ermöglichen formale Grundlagen und Vergleichbarkeit ein tieferes Verständnis für die Grenzen und Effekte der eingesetzten Techniken zu erlangen. Diese Arbeit liefert zuerst neue Erkenntnisse zu generellen Formalisierungen für anonyme Kommunikation, bevor sie sich dann auf die praktisch am meisten verbreitete Technik konzentriert: Onion Routing und Mix Netzwerke. Als erstes wird die Vergleichbarkeit zwischen Privatsphärezielen sichergestellt, indem sie formal definiert und miteinander verglichen werden. Dabei enteht eine umfangreiche Hierarchie von eindeutigen Privatsphärezielen. Als zweites werden vorgeschlagene Netzwerke analysiert, um deren Grundbausteine zu identifizieren und deren Schutz als Auswirkung in der Hierarchy zu untersuchen. Diese Grunlagen erlauben Konflikte und Schwachstellen in existierenden Arbeiten zu entdecken und aufzuklären. Genauer zeigt sich damit, dass basierend of derselben informalen Definition verschieden stark schützende formale Versionen entstanden sind. Weiterhin werden in dieser Arbeit die Notions genutzt um existierende Unmöglichkeitsresultate für anonyme Kommunikation zu vergleichen. Dabei wird nicht nur die erste vollständige Sicht auf alle bekannten Schranken für anonyme Kommunikationsnetze gegeben, sondern mit einem tiefgründigen Ansatz werden die existierenden Schranken auch gestärkt und zu praktischen, dem Stand der Kunst entsprechenden Netzen in Bezug gesetzt. Letztlich konnten durch die generellen Betrachtungen von vorgeschlagenen Netzwerken und ihren Grundbausteinen, insbesondere auch Angriffe auf die vorherrschende Klasse von anonymen Kommunikationsnetzen gefunden werden: auf Onion Routing und Mix-Netzwerke. Davon motiviert wurden als zweiter Teil dieser Arbeit die formalen Grundlagen und praktisch eingesetzten Lösungen for Onion Routing und Mix-Netzwerke untersucht. Dabei wurde festgestellt, dass die bereits erwähnten Angriffe teilweise auf eine fehlerhafte, aber weit verbreitete Beweisstrategie für solche Netze zurückzuführen sind und es wurde eine sichere Beweisstrategie als deren Ersatz vorgeschlagen. Weiterhin wurde die neue Strategie für ein vorgeschlagenes, aber bisher nicht weiter verwendetes Paketformat eingesetzt und dieses als sicher bewiesen. Dieses Paketformat unterstützt allerdings keine Rückantworten, was höchstwahrscheinlich der Grund ist, aus dem sich aktuelle Netze auf ein unsicheres Paketformat verlassen. Deshalb wurde im Rahmen dieser Arbeit eine konzeptuelle, sichere Lösung für Onion Routing mit Rückantworten entworfen. Als weitere verwandte Beiträge, zeigt die Arbeit Beziehungen von Teilen der generellen Ergebnisse für anonyme Kommunikationsnetze zu ähnlichen, aber bisher hauptsächlich getrennt betrachteten Forschungsbereichen, wie Privatsphäre auf der Bitübertragungsschicht, Kontaktnachverfolgung und privatsphäre-schützenden, digitalen Bezahlsystemen