AMISEC: Leveraging Redundancy and Adaptability to Secure AmI Applications

Security in Ambient Intelligence (AmI) poses too many challenges due to the inherently insecure nature of wireless sensor nodes. However, there are two characteristics of these environments that can be used effectively to prevent, detect, and confine attacks: redundancy and continuous adaptation. In this article we propose a global strategy and a system architecture to cope with security issues in AmI applications at different levels. Unlike in previous approaches, we assume an individual wireless node is vulnerable. We present an agent-based architecture with supporting services that is proven to be adequate to detect and confine common attacks. Decisions at different levels are supported by a trust-based framework with good and bad reputation feedback while maintaining resistance to bad-mouthing attacks. We also propose a set of services that can be used to handle identification, authentication, and authorization in intelligent ambients. The resulting approach takes into account practical issues, such as resource limitation, bandwidth optimization, and scalability

On the Security of the Automatic Dependent Surveillance-Broadcast Protocol

Automatic dependent surveillance-broadcast (ADS-B) is the communications protocol currently being rolled out as part of next generation air transportation systems. As the heart of modern air traffic control, it will play an essential role in the protection of two billion passengers per year, besides being crucial to many other interest groups in aviation. The inherent lack of security measures in the ADS-B protocol has long been a topic in both the aviation circles and in the academic community. Due to recently published proof-of-concept attacks, the topic is becoming ever more pressing, especially with the deadline for mandatory implementation in most airspaces fast approaching. This survey first summarizes the attacks and problems that have been reported in relation to ADS-B security. Thereafter, it surveys both the theoretical and practical efforts which have been previously conducted concerning these issues, including possible countermeasures. In addition, the survey seeks to go beyond the current state of the art and gives a detailed assessment of security measures which have been developed more generally for related wireless networks such as sensor networks and vehicular ad hoc networks, including a taxonomy of all considered approaches.Comment: Survey, 22 Pages, 21 Figure

Elliptic curve and pseudo-inverse matrix based cryptosystem for wireless sensor networks

Applying asymmetric key security to wireless sensor network (WSN) has been challenging task for the researcher of this field. One common trade-off is that asymmetric key architecture does provide good enough security than symmetric key but on the other hand, sensor network has some resource limitations to implement asymmetric key approach. Elliptic curve cryptography (ECC) has significant advantages than other asymmetric key system like RSA, D-H etc. The most important feature of ECC is that it has much less bit requirement and at the same time, ensures better security compared to others. Hence, ECC can be a better option for implementing asymmetric key approach for sensor network. We propose a new cryptosystem which is based on Pseudo-inverse matrix and Elliptic Curve Cryptography. We establish a relationship between these two different concepts and evaluate our proposed system on the basis of the results of similar works as well as our own simulation done in TinyOS environment

Framework for integrated oil pipeline monitoring and incident mitigation systems

Wireless Sensor Nodes (motes) have witnessed rapid development in the last two decades. Though the design considerations for Wireless Sensor Networks (WSNs) have been widely discussed in the literature, limited investigation has been done for their application in pipeline surveillance. Given the increasing number of pipeline incidents across the globe, there is an urgent need for innovative and effective solutions for deterring the incessant pipeline incidents and attacks. WSN pose as a suitable candidate for such solutions, since they can be used to measure, detect and provide actionable information on pipeline physical characteristics such as temperature, pressure, video, oil and gas motion and environmental parameters. This paper presents specifications of motes for pipeline surveillance based on integrated systems architecture. The proposed architecture utilizes a Multi-Agent System (MAS) for the realization of an Integrated Oil Pipeline Monitoring and Incident Mitigation System (IOPMIMS) that can effectively monitor and provide actionable information for pipelines. The requirements and components of motes, different threats to pipelines and ways of detecting such threats presented in this paper will enable better deployment of pipeline surveillance systems for incident mitigation. It was identified that the shortcomings of the existing wireless sensor nodes as regards their application to pipeline surveillance are not effective for surveillance systems. The resulting specifications provide a framework for designing a cost-effective system, cognizant of the design considerations for wireless sensor motes used in pipeline surveillance

Securing IoT Network using Lightweight MultiFog (LMF) Blockchain Model

Security is one of the most important issues in the Internet of Things (IoT). The Mirai botnet case in September 2016 revealed a serious vulnerability in IoT devices. Researchers try to mitigate the issues using several approaches. One of them uses Blockchain for the solution. At first, the integration of the Blockchain on IoT seems promising. However, there are problems in resource consumption and latency. Several solutions emerge to make Blockchain uses low resource consumption i.e., LSB and FogBus. Unfortunately, each solution has its weaknesses. FogBus has a weakness in integrity, whereas LSB has a weakness in its availability when an attack occurs on a broker. We introduce Lightweight Multi-Fog (LMF) Blockchain Model to increase availability in the LSB model. The main idea is increasing the integrity availability by splitting location based on Broadcast Domains while using Fog Computing on each Broadcast Domain. An attack in some Broadcast Domain cannot impact transactions and process in other Broadcast Domain and each Broadcast Domain have its separate transaction and process. LMF enhances the integrity and availability of the Light Blockchain Model. However, it still requires simulations in the future to get a better understanding of LMF performance, resource consumption, and latenc

Still Wrong Use of Pairings in Cryptography

Several pairing-based cryptographic protocols are recently proposed with a wide variety of new novel applications including the ones in emerging technologies like cloud computing, internet of things (IoT), e-health systems and wearable technologies. There have been however a wide range of incorrect use of these primitives. The paper of Galbraith, Paterson, and Smart (2006) pointed out most of the issues related to the incorrect use of pairing-based cryptography. However, we noticed that some recently proposed applications still do not use these primitives correctly. This leads to unrealizable, insecure or too inefficient designs of pairing-based protocols. We observed that one reason is not being aware of the recent advancements on solving the discrete logarithm problems in some groups. The main purpose of this article is to give an understandable, informative, and the most up-to-date criteria for the correct use of pairing-based cryptography. We thereby deliberately avoid most of the technical details and rather give special emphasis on the importance of the correct use of bilinear maps by realizing secure cryptographic protocols. We list a collection of some recent papers having wrong security assumptions or realizability/efficiency issues. Finally, we give a compact and an up-to-date recipe of the correct use of pairings.Comment: 25 page

Access Point Security Service for wireless ad-hoc communication

This paper describes the design and implementation of a security solution for ad-hoc peer-to-peer communication. The security solution is based on a scenario where two wireless devices require secure communication, but share no security relationship a priori. The necessary requirements for the security solution described here comprise topics such as energy efficiency, security standards and ad-hoc networks. The devised solution is called Access Point Security Service (APSS). APSS is able to provide security by delivering a symmetric key to two wireless devices that require ad-hoc peer-to-peer communication. The main principle of APSS is that it makes use of an existing security relationship between a network provider and its customers. The existing security relationship enables the network provider to deliver security to two or more communicating parties in the form of a shared key. An implementation of APSS is provided making use of the existing Wi-Fi security standards

A Review on Internet of Things (IoT): Security and Privacy Requirements and the Solution Approaches

The world is undergoing a dramatic rapid transformation from isolated systems to ubiquitous Internet-based-enabled 2018;things2019; capable of interacting each other and generating data that can be analyzed to extract valuable information. This highly interconnected global network structure known as Internet of Things will enrich everyone2019;s life, increase business productivity, improve government efficiency, and the list just goes on. However, this new reality (IoT) built on the basis of Internet, contains new kind of challenges from a security and privacy perspective. Traditional security primitives cannot be directly applied to IoT technologies due to the different standards and communication stacks involved. Along with scalability and heterogeneity issues, major part of IoT infrastructure consists of resource constrained devices such as RFIDs and wireless sensor nodes. Therefore, a flexible infrastructure is required capable to deal with security and privacy issues in such a dynamic environment. This paper presents an overview of IoT, security and privacy challenges and the existing security solutions and identifying some open issues for future research