A Secure and Distributed Architecture for Vehicular Cloud and Protocols for Privacy-preserving Message Dissemination in Vehicular Ad Hoc Networks

Given the enormous interest in self-driving cars, Vehicular Ad hoc NETworks (VANETs) are likely to be widely deployed in the near future. Cloud computing is also gaining widespread deployment. Marriage between cloud computing and VANETs would help solve many of the needs of drivers, law enforcement agencies, traffic management, etc. The contributions of this dissertation are summarized as follows: A Secure and Distributed Architecture for Vehicular Cloud: Ensuring security and privacy is an important issue in the vehicular cloud; if information exchanged between entities is modified by a malicious vehicle, serious consequences such as traffic congestion and accidents can occur. In addition, sensitive data could be lost, and human lives also could be in danger. Hence, messages sent by vehicles must be authenticated and securely delivered to vehicles in the appropriate regions. In this dissertation, we present a secure and distributed architecture for the vehicular cloud which uses the capabilities of vehicles to provide various services such as parking management, accident alert, traffic updates, cooperative driving, etc. Our architecture ensures the privacy of vehicles and supports secure message dissemination using the vehicular infrastructure. A Low-Overhead Message Authentication and Secure Message Dissemination Scheme for VANETs: Efficient, authenticated message dissemination in VANETs are important for the timely delivery of authentic messages to vehicles in appropriate regions in the VANET. Many of the approaches proposed in the literature use Road Side Units (RSUs) to collect events (such as accidents, weather conditions, etc.) observed by vehicles in its region, authenticate them, and disseminate them to vehicles in appropriate regions. However, as the number of messages received by RSUs increases in the network, the computation and communication overhead for RSUs related to message authentication and dissemination also increases. We address this issue and present a low-overhead message authentication and dissemination scheme in this dissertation. On-Board Hardware Implementation in VANET: Design and Experimental Evaluation: Information collected by On Board Units (OBUs) located in vehicles can help in avoiding congestion, provide useful information to drivers, etc. However, not all drivers on the roads can benefit from OBU implementation because OBU is currently not available in all car models. Therefore, in this dissertation, we designed and built a hardware implementation for OBU that allows the dissemination of messages in VANET. This OBU implementation is simple, efficient, and low-cost. In addition, we present an On-Board hardware implementation of Ad hoc On-Demand Distance Vector (AODV) routing protocol for VANETs. Privacy-preserving approach for collection and dissemination of messages in VANETs: Several existing schemes need to consider safety message collection in areas where the density of vehicles is low and roadside infrastructure is sparse. These areas could also have hazardous road conditions and may have poor connectivity. In this dissertation, we present an improved method for securely collecting and disseminating safety messages in such areas which preserves the privacy of vehicles. We propose installing fixed OBUs along the roadside of dangerous roads (i.e., roads that are likely to have more ice, accidents, etc., but have a low density of vehicles and roadside infrastructure) to help collect data about the surrounding environment. This would help vehicles to be notified about the events on such roads (such as ice, accidents, etc.).Furthermore, to enhance the privacy of vehicles, our scheme allows vehicles to change their pseudo IDs in all traffic conditions. Therefore, regardless of whether the number of vehicles is low in the RSU or Group Leader GL region, it would be hard for an attacker to know the actual number of vehicles in the RSU/GL region

Fingerprinting Smart Devices Through Embedded Acoustic Components

The widespread use of smart devices gives rise to both security and privacy concerns. Fingerprinting smart devices can assist in authenticating physical devices, but it can also jeopardize privacy by allowing remote identification without user awareness. We propose a novel fingerprinting approach that uses the microphones and speakers of smart phones to uniquely identify an individual device. During fabrication, subtle imperfections arise in device microphones and speakers which induce anomalies in produced and received sounds. We exploit this observation to fingerprint smart devices through playback and recording of audio samples. We use audio-metric tools to analyze and explore different acoustic features and analyze their ability to successfully fingerprint smart devices. Our experiments show that it is even possible to fingerprint devices that have the same vendor and model; we were able to accurately distinguish over 93% of all recorded audio clips from 15 different units of the same model. Our study identifies the prominent acoustic features capable of fingerprinting devices with high success rate and examines the effect of background noise and other variables on fingerprinting accuracy

Building and evaluating an inconspicuous smartphone authentication method

Tese de mestrado em Engenharia Informática, apresentada à Universidade de Lisboa, através da Faculdade de Ciências, 2013Os smartphones que trazemos connosco estão cada vez mais entranhados nas nossas vidas intimas. Estes dispositivos possibilitam novas formas de trabalhar, de socializar, e ate de nos divertirmos. No entanto, também criaram novos riscos a nossa privacidade. Uma forma comum de mitigar estes riscos e configurar o dispositivo para bloquear apos um período de inatividade. Para voltar a utiliza-lo, e então necessário superar uma barreira de autenticação. Desta forma, se o aparelho cair das mãos de outra pessoa, esta não poderá utiliza-lo de forma a que tal constitua uma ameaça. O desbloqueio com autenticação e, assim, o mecanismo que comummente guarda a privacidade dos utilizadores de smartphones. Porem, os métodos de autenticação atualmente utilizados são maioritariamente um legado dos computadores de mesa. As palavras-passe e códigos de identificação pessoal são tornados menos seguros pelo facto de as pessoas criarem mecanismos para os memorizarem mais facilmente. Alem disso, introduzir estes códigos e inconveniente, especialmente no contexto móvel, em que as interações tendem a ser curtas e a necessidade de autenticação atrapalha a prossecução de outras tarefas. Recentemente, os smartphones Android passaram a oferecer outro método de autenticação, que ganhou um grau de adoção assinalável. Neste método, o código secreto do utilizador e uma sucessão de traços desenhados sobre uma grelha de 3 por 3 pontos apresentada no ecrã táctil. Contudo, quer os códigos textuais/numéricos, quer os padrões Android, são suscetíveis a ataques rudimentares. Em ambos os casos, o canal de entrada e o toque no ecrã táctil; e o canal de saída e o visual. Tal permite que outras pessoas possam observar diretamente a introdução da chave; ou que mais tarde consigam distinguir as marcas deixadas pelos dedos na superfície de toque. Alem disso, estes métodos não são acessíveis a algumas classes de utilizadores, nomeadamente os cegos. Nesta dissertação propõe-se que os métodos de autenticação em smartphones podem ser melhor adaptados ao contexto móvel. Nomeadamente, que a possibilidade de interagir com o dispositivo de forma inconspícua poderá oferecer aos utilizadores um maior grau de controlo e a capacidade de se auto-protegerem contra a observação do seu código secreto. Nesse sentido, foi identificada uma modalidade de entrada que não requer o canal visual: sucessões de toques independentes de localização no ecrã táctil. Estes padrões podem assemelhar-se (mas não estão limitados) a ritmos ou código Morse. A primeira contribuição deste trabalho e uma técnica algorítmica para a deteção destas sucessões de toques, ou frases de toque, como chaves de autenticação. Este reconhecedor requer apenas uma demonstração para configuração, o que o distingue de outras abordagens que necessitam de vários exemplos para treinar o algoritmo. O reconhecedor foi avaliado e demonstrou ser preciso e computacionalmente eficiente. Esta contribuição foi enriquecida com o desenvolvimento de uma aplicação Android que demonstra o conceito. A segunda contribuição e uma exploração de fatores humanos envolvidos no uso de frases de toque para autenticação. E consubstanciada em três estudos com utilizadores, em que o método de autenticação proposto e comparado com as alternativas mais comuns: PIN e o padrão Android. O primeiro estudo (N=30) compara os três métodos no que que diz respeito a resistência a observação e à usabilidade, entendida num sentido lato, que inclui a experiencia de utilização (UX). Os resultados sugerem que a usabilidade das três abordagens e comparável, e que em condições de observação perfeitas, nos três casos existe grande viabilidade de sucesso para um atacante. O segundo estudo (N=19) compara novamente os três métodos mas, desta feita, num cenário de autenticação inconspícua. Com efeito, os participantes tentaram introduzir os códigos com o dispositivo situado por baixo de uma mesa, fora do alcance visual. Neste caso, demonstra-se que a autenticação com frases de toque continua a ser usável. Já com as restantes alternativas existe uma diminuição substancial das medidas de usabilidade. Tal sugere que a autenticação por frases de toque suporta a capacidade de interação inconspícua, criando assim a possibilidade de os utilizadores se protegerem contra possíveis atacantes. O terceiro estudo (N=16) e uma avaliação de usabilidade e aceitação do método de autenticação com utilizadores cegos. Neste estudo, são também elicitadas estratégias de ocultação suportadas pela autenticação por frases de toque. Os resultados sugerem que a técnica e também adequada a estes utilizadores.As our intimate lives become more tangled with the smartphones we carry, privacy has become an increasing concern. A widely available option to mitigate security risks is to set a device so that it locks after a period of inactivity, requiring users to authenticate for subsequent use. Current methods for establishing one's identity are known to be susceptible to even rudimentary observation attacks. The mobile context in which interactions with smartphones are prone to occur further facilitates shoulder-surfing. We submit that smartphone authentication methods can be better adapted to the mobile context. Namely, the ability to interact with the device in an inconspicuous manner could offer users more control and the ability to self-protect against observation. Tapping is a communication modality between a user and a device that can be appropriated for that purpose. This work presents a technique for employing sequences of taps, or tap phrases, as authentication codes. An efficient and accurate tap phrase recognizer, that does not require training, is presented. Three user studies were conducted to compare this approach to the current leading methods. Results indicate that the tapping method remains usable even under inconspicuous authentications scenarios. Furthermore, we found that it is appropriate for blind users, to whom usability barriers and security risks are of special concern

Evaluating the Efficacy of Implicit Authentication Under Realistic Operating Scenarios

Smartphones contain a wealth of personal and corporate data. Several surveys have reported that about half of the smartphone owners do not configure primary authentication mechanisms (such as PINs, passwords, and fingerprint- or facial-recognition systems) on their devices to protect data due to usability concerns. In addition, primary authentication mechanisms have been subject to operating system flaws, smudge attacks, and shoulder surfing attacks. These limitations have prompted researchers to develop implicit authentication (IA), which authenticates a user by using distinctive, measurable patterns of device use that are gathered from the device users without requiring deliberate actions. Researchers have claimed that IA has desirable security and usability properties and it seems a promising candidate to mitigate the security and usability issues of primary authentication mechanisms. Our observation is that the existing evaluations of IA have a preoccupation with accuracy numbers and they have neglected the deployment, usability and security issues that are critical for its adoption. Furthermore, the existing evaluations have followed an ad-hoc approach based on synthetic datasets and weak adversarial models. To confirm our observations, we first identify a comprehensive set of evaluation criteria for IA schemes. We gather real-world datasets and evaluate diverse and prominent IA schemes to question the efficacy of existing IA schemes and to gain insight into the pitfalls of the contemporary evaluation approach to IA. Our evaluation confirms that under realistic operating conditions, several prominent IA schemes perform poorly across key evaluation metrics and thereby fail to provide adequate security. We then examine the usability and security properties of IA by carefully evaluating promising IA schemes. Our usability evaluation shows that the users like the convenience offered by IA. However, it uncovers issues due to IA's transparent operation and false rejects, which are both inherent to IA. It also suggests that detection delay and false accepts are concerns to several users. In terms of security, our evaluation based on a realistic, stronger adversarial model shows the susceptibility of highly accurate, touch input-based IA schemes to shoulder surfing attacks and attacks that train an attacker by leveraging raw touch data of victims. These findings exemplify the significance of realistic adversarial models. These critical security and usability challenges remained unidentified by the previous research efforts due to the passive involvement of human subjects (only as behavioural data sources). This emphasizes the need for rapid prototyping and deployment of IA for an active involvement of human subjects in IA research. To this end, we design, implement, evaluate and release in open source a framework, which reduces the re-engineering effort in IA research and enables deployment of IA on off-the-shelf Android devices. The existing authentication schemes available on contemporary smartphones fail to provide both usability and security. Authenticating users based on their behaviour, as suggested by the literature on IA, is a promising idea. However, this thesis concludes that several results reported in the existing IA literature are misleading due to the unrealistic evaluation conditions and several critical challenges in the IA domain need yet to be resolved. This thesis identifies these challenges and provides necessary tools and design guidelines to establish the future viability of IA

A Context-Aware System to Secure Enterprise Content: Incorporating Reliability Specifiers

The sensors of a context-aware system extract contextual information from the environment and relay that information to higher-level processes of the system so to influence the system\u2019s control decisions. However, an adversary can maliciously influence such controls indirectly by manipulating the environment in which the sensors are monitoring, thereby granting privileges the adversary would otherwise not normally have. To address such context monitoring issues, we extend CASSEC by incorporating sentience-like constructs, which enable the emulation of \u201dconfidence\u201d, into our proximity-based access control model to grant the system the ability to make more inferable decisions based on the degree of reliability of extracted contextual information. In CASSEC 2.0, we evaluate our confidence constructs by implementing two new authentication mechanisms. Co-proximity authentication employs our time-based challenge-response protocol, which leverages Bluetooth Low Energy beacons as its underlying occupancy detection technology. Biometric authentication relies on the accelerometer and fingerprint sensors to measure behavioral and physiological user features to prevent unauthorized users from using an authorized user\u2019s device. We provide a feasibility study demonstrating how confidence constructs can improve the decision engine of context-aware access control systems

Persistent Phosphors for Smartphone-Based Luminescence Thermometry and Anti-Counterfeiting Applications

Leuchtstoffe anhaltender Lumineszenz im sichtbaren Spektrum eröffnen neue Möglichkeiten für Smartphone-basierte Anwendungen. Videoaufnahmen mit dem Smartphone mit 30 Bildern pro Sekunde können persistente Lumineszenzlebenszeiten einer Größenordnung von 100 ms und länger bestimmen. Die mit dem Smartphone aufgezeichneten Daten können benutzt werden um Anwendungen zu realisieren, die ansonsten nur für kurze Lebenszeiten möglich sind. Diese Alternative umgeht den Bedarf an teuren und relativ komplizierten Messinstrumenten, die für die Detektion von kurzen Lebenszeiten eingesetzt werden, wie zum Beispiel Multichannel scaling, Hochgeschwindigkeitskameras und Mikroskope zur Messung der Fluoreszenzlebenszeit. Diese Arbeit konzentriert sich auf die Detektion anhaltender Lumineszenz für Temperaturmessung und Anwendungen zur Fälschungssicherung mit dem Smartphone. Für die Smartphone-basierte Temperaturmessung wurde ein optimierter Gd2O2S: Eu3+ als Leuchtstoff verwendet, der mithilfe einer UV-Quelle angeregt werden kann. Der Leuchtstoff zeigte eine temperaturabhängige Lumineszenz, die hell und lange anhaltend genug war, um mit einer Smartphone-Kamera mit 30 Bildern pro Sekunde aufgezeichnet zu werden. Der Leuchtstoff hat eine Photolumineszenz-Quantenausbeute von 65 % und seine Lebenszeit nimmt mit steigender Temperatur ab. Dies wurde beobachtet über einen Temperaturbereich von 270 K bis 338 K, in dem die Lebenszeit von 1107 ms bis auf 100 ms abfiel. Die Analyse der zeitintegrierten Emission mit dem Smartphone nach einer Anregung mit 375 nm zeigte, dass die Temperaturen im Bereich von 270 K bis 338 K präzise gemessen werden konnten mit einer Messungenauigkeit unter 2 K. Darüber hinaus wurde die Lebenszeitmessung nicht durch Hintergrundstrahlung beeinträchtigt und ermöglichte somit eine genaue Temperaturmessung auch bei einer Hintergrundbeleuchtungsstärke von bis zu 1500 lx. Um eine Smartphone-basierte Fälschungssicherung zu realisieren wurden anhaltende Leuchtstoffe mit einstellbarer Lebenszeit bei Raumtemperatur benutzt, um dynamische, lumineszierende Etiketten zu entwickeln. Dynamische Fälschungssicherung wurde mithilfe von Ti4+-dotierten Gd2O2S: Eu3+ realisiert, wobei die Ti4+-Dotierung eine Kontrolle der Lebenszeit bei Raumtemperatur ermöglicht. Durch eine Veränderung der Kodotierung von 0 bis 0.09 mol% konnte die Lebenszeit von 1.17 ± 0.02 bis 5.95 ± 0.07 s durchgestimmt werden mit einer Anregung bei 375 nm. Durch eine Kombination von Leuchtstoffen mit verschiedenen Lebenszeiten konnten somit dynamische Etiketten zur Fälschungssicherung entwickelt werden. Die Lebenszeit der Leuchtstoffe für diese dynamischen Muster bestimmte dabei die Komplexität der Fälschungssicherung. Solche Muster, die aus einer Kombination von Leuchtstoffen mit großen Unterschieden in der Lumineszenzlebenszeit entwickelt wurden, konnten mit bloßem Auge beobachtet werden. Im Gegensatz dazu sind zeitliche Änderungen in Etiketten mit viel kürzerer Lebenszeit im Bereich von 0.2 s nur schwer mit bloßem Auge nachzuvollziehen. Mithilfe der Smartphone-Kamera mit einer Aufzeichnungsrate von 30 Bildern pro Sekunde können die versteckten Merkmale jedoch leicht entschlüsselt werden. In Hinblick auf die tatsächliche Anwendung am Verkaufsort, ist eine UV-Quelle einerseits normalerweise nicht vorhanden in einem Smartphone und andererseits stellt der Einsatz von UV-Strahlung für die Anregung der Leuchtstoffe eine Gesundheitsrisiko dar. Um die Nutzung einer UV-Quelle gänzlich zu vermeiden, wurden zweifarbige dynamische Etiketten zur Fälschungssicherung entwickelt. Diese erlauben eine Anregung mithilfe eines herkömmlichen Smartphone-Blitzlichtes während die Emission einfach mit der Kamera aufgezeichnet werden kann. Zu diesem Zweck wurden grün emittierende (SrAl2O4: Eu2+, Dy3+ (SAED)) und rot emittierende (CaS: Eu2+ und SrS: Eu2+) Leuchtstoffe entwickelt. Die Lebenszeit von SAED konnte variiert werden von 0.5 s bis 11.7 s durch Glühen des kommerziell erhältlichen Stoffes, was eine Verringerung der Störstellendichte im Material zur Folge hat. Die Lumineszenzlebenszeit von CaS: Eu2+ und SrS: Eu2+ konnte dagegen zwischen 0.1 bis 0.6 s und 150 bis 377 ms eingestellt werden mithilfe der Eu2+-Dotierdichte. Die Nutzung eines Smartphones ermöglicht nicht nur lebenszeit-basierte Temperaturmessungen ohne teure Messinstrumente, sondern eröffnet darüber hinaus eine kostengünstige Methode zur Authentifizierung von lumineszenzbasierten, dynamischen Markierungen zur Fälschungssicherung

Benchmarking Applicability of Cryptographic Wireless Communication over Arduino Platforms

The spaces around us are becoming equipped with devices and appliances that collect data from their surroundings and react accordingly to provide smarter networks where they are interconnected and able to communicate with one another. These smart networks of devices and appliances along with the applications that utilize them build smart spaces known as Internet of Things (IoT). With the on growing popularity of such smart devices (e.g., smart cars, watches, home-security systems) and IoT, the need for securing these environments increases. The smart devices around us can collect private and personal information, and the challenge lies in maintaining the confidentiality of the collected data and preventing unsecured actions—from tapping into surveillance cameras to tracking someone’s daily schedule. For example, digital health, devices that record personal data from blood pressure, heart rate, weight and daily activities sensors are storing the personal data of users for processing and monitoring and may give future recommendations. If such personal information reaches unwanted third parties who distribute or use the data without user consent or knowledge, they are attacking the user’s confidentiality. Therefore, selecting the appropriate security protocols and procedures is critical. The limited processing, storage and power capabilities. In this thesis, the focus is to provide an experimental benchmark study that shows the cost (e.g., processing time of encryption and decryption algorithms) of applying different security protocols on restricted devices equipped with lightweight Bluetooth or Wi-Fi communication modules over the Arduino Uno sensor platform