Security and Privacy in Heterogeneous Wireless and Mobile Networks: Challenges and Solutions

abstract: The rapid advances in wireless communications and networking have given rise to a number of emerging heterogeneous wireless and mobile networks along with novel networking paradigms, including wireless sensor networks, mobile crowdsourcing, and mobile social networking. While offering promising solutions to a wide range of new applications, their widespread adoption and large-scale deployment are often hindered by people's concerns about the security, user privacy, or both. In this dissertation, we aim to address a number of challenging security and privacy issues in heterogeneous wireless and mobile networks in an attempt to foster their widespread adoption. Our contributions are mainly fivefold. First, we introduce a novel secure and loss-resilient code dissemination scheme for wireless sensor networks deployed in hostile and harsh environments. Second, we devise a novel scheme to enable mobile users to detect any inauthentic or unsound location-based top-k query result returned by an untrusted location-based service providers. Third, we develop a novel verifiable privacy-preserving aggregation scheme for people-centric mobile sensing systems. Fourth, we present a suite of privacy-preserving profile matching protocols for proximity-based mobile social networking, which can support a wide range of matching metrics with different privacy levels. Last, we present a secure combination scheme for crowdsourcing-based cooperative spectrum sensing systems that can enable robust primary user detection even when malicious cognitive radio users constitute the majority.Dissertation/ThesisPh.D. Electrical Engineering 201

POSTER: Privacy-preserving Indoor Localization

Upcoming WiFi-based localization systems for indoor environments face a conflict of privacy interests: Server-side localization violates location privacy of the users, while localization on the user's device forces the localization provider to disclose the details of the system, e.g., sophisticated classification models. We show how Secure Two-Party Computation can be used to reconcile privacy interests in a state-of-the-art localization system. Our approach provides strong privacy guarantees for all involved parties, while achieving room-level localization accuracy at reasonable overheads.Comment: Poster Session of the 7th ACM Conference on Security & Privacy in Wireless and Mobile Networks (WiSec'14

Review on IoT Security and Challenge in Industry 4.0

Wireless networks are very exposed to the danger of security. The majority of in military, commercial, health, retail, and transportation wireless communication network is used. These systems utilize networks that are wired, mobile, or adhoc. The Internet of Things (IoT) was quite attractive. The future of the Internet is regarded by IoT. In the future, IoT plays an important part and affects our way of life, norms, and business methods. IoT use is predicted to expand quickly in the next years in many applications. The IoT provides for the connection and information sharing of billions of equipment, people, and services. As IoT devices are being used more widely, several security threats are occurring in the IoT networks. In order to provide privacy, authentication, access, and integrity control, it is crucial to implement efficient protocols for the security of IoT networks and privacy among others. In addition, user privacy in the IoT environment is becoming critical since much personal information is provided and distributed among related items. It is, therefore, necessary to guarantee that personal data are protected and controlled from cloud events. The presentation addresses security and privacy dangers and concerns coming out of IoT services and presents ways to the industrial problem of security and privacy. In this article, a study on security and problems in IoT networks are discussed

Security in Distributed, Grid, Mobile, and Pervasive Computing

This book addresses the increasing demand to guarantee privacy, integrity, and availability of resources in networks and distributed systems. It first reviews security issues and challenges in content distribution networks, describes key agreement protocols based on the Diffie-Hellman key exchange and key management protocols for complex distributed systems like the Internet, and discusses securing design patterns for distributed systems. The next section focuses on security in mobile computing and wireless networks. After a section on grid computing security, the book presents an overview of security solutions for pervasive healthcare systems and surveys wireless sensor network security

Localization to Enhance Security and Services in Wi-Fi Networks under Privacy Constraints

Developments of seamless mobile services are faced with two broad challenges, systems security and user privacy - access to wireless systems is highly insecure due to the lack of physical boundaries and, secondly, location based services (LBS) could be used to extract highly sensitive user information. In this paper, we describe our work on developing systems which exploit location information to enhance security and services under privacy constraints. We describe two complimentary methods which we have developed to track node location information within production University Campus Networks comprising of large numbers of users. The location data is used to enhance security and services. Specifically, we describe a method for creating geographic firewalls which allows us to restrict and enhance services to individual users within a specific containment area regardless of physical association. We also report our work on LBS development to provide visualization of spatio-temporal node distribution under privacy considerations

Security for 5G Mobile Wireless Networks

The advanced features of 5G mobile wireless network systems yield new security requirements and challenges. This paper presents a comprehensive survey on security of 5G wireless network systems compared to the traditional cellular networks. The paper starts with a review on 5G wireless networks particularities as well as on the new requirements and motivations of 5G wireless security. The potential attacks and security services with the consideration of new service requirements and new use cases in 5G wireless networks are then summarized. The recent development and the existing schemes for the 5G wireless security are presented based on the corresponding security services including authentication, availability, data confidentiality, key management and privacy. The paper further discusses the new security features involving different technologies applied to 5G such as heterogeneous networks, device-to-device communications, massive multiple-input multiple-output, software defined networks and Internet of Things. Motivated by these security research and development activities, we propose a new 5G wireless security architecture, based on which the analysis of identity management and flexible authentication is provided. As a case study, we explore a handover procedure as well as a signaling load scheme to show the advantage of the proposed security architecture. The challenges and future directions of 5G wireless security are finally summarized

Supporting Quality-Of-Service of Mobile Commerce Transactions

With the deployment of 3G and 4G mobile networks, a sizable proportion of e-commerce traffic is expected to move to these networks. These transactions are likely to be diverse. Mobile transactions can include unique requirements such as atomicity (all or none steps), push or pull, security, and privacy. Because users are mobile, unpredictable link characteristics, and other problems associated with wireless networks, some mobile commerce transactions may not be completed causing significant annoyance to the users affected. Therefore, the probability of completing mobile transactions is an important parameter for measuring quality-of-service of a network supporting mobile commerce. The transaction completion probability measures the ability of networks to support completion of transactions. This research focuses on improving the support of mobile commerce transactions by the underlying wireless networks. Mobile commerce traffic is classified as messaging, information connectivity, and transactions in order to provide efficient quality-of-service to various applications. This paper introduces the use of priority, sociability and delegation to improve the transaction completion in wireless networks

Self-certified sybil-free pseudonyms

Accurate and trusted identifiers are a centerpiece for any security architecture. Protecting against Sybil attacks in a privacy-friendly manner is a non-trivial problem in wireless infrastructureless networks, such as mobile ad hoc networks. In this paper, we introduce self-certified Sybil-free pseudonyms as a means to provide privacy-friendly Sybil-freeness without requiring continuous online availability of a trusted third party. These pseudonyms are self-certified and computed by the users themselves from their cryptographic longterm identities. Contrary to identity certificates, we preserve location privacy and improve protection against some notorious attacks on anonymous communication systems