55 research outputs found
A Multi-User, Single-Authentication Protocol for Smart Grid Architectures
open access articleIn a smart grid system, the utility server collects data from various smart grid devices. These data play an important role in the energy distribution and balancing between the energy providers and energy consumers. However, these data are prone to tampering attacks by an attacker, while traversing from the smart grid devices to the utility servers, which may result in energy disruption or imbalance. Thus, an authentication is mandatory to efficiently authenticate the devices and the utility servers and avoid tampering attacks. To this end, a group authentication algorithm is proposed for preserving demand–response security in a smart grid. The proposed mechanism also provides a fine-grained access control feature where the utility server can only
access a limited number of smart grid devices. The initial authentication between the utility server and smart grid device in a group involves a single public key operation, while the subsequent authentications with the same device or other devices in the same group do not need a public key operation. This reduces the overall computation and communication overheads and takes less time to successfully establish a secret session key, which is used to exchange sensitive information over an unsecured wireless channel. The resilience of the proposed algorithm is tested against various attacks using formal and informal security analysis
Secure Communication Architecture for Dynamic Energy Management in Smart Grid
open access articleSmart grid takes advantage of communication technologies for efficient energy management and utilization. It entails sacrifice from consumers in terms of reducing load during peak hours by using a dynamic energy pricing model. To enable an active participation of consumers in load management, the concept of home energy gateway (HEG) has recently been proposed in the literature. However, the HEG concept is rather new, and the literature still lacks to address challenges related to data representation, seamless discovery, interoperability, security, and privacy. This paper presents the design of a communication framework that effectively copes with the interoperability and integration challenges between devices from different manufacturers. The proposed communication framework offers seamless auto-discovery and zero- con figuration-based networking between heterogeneous devices at consumer sites. It uses elliptic-curve-based security mechanism for protecting consumers' privacy and providing the best possible shield against different types of cyberattacks. Experiments in real networking environment validated that the proposed communication framework is lightweight, secure, portable with low-bandwidth requirement, and flexible to be adopted for dynamic energy management in smart grid
Data Confidentiality in Mobile Ad hoc Networks
Mobile ad hoc networks (MANETs) are self-configuring infrastructure-less
networks comprised of mobile nodes that communicate over wireless links without
any central control on a peer-to-peer basis. These individual nodes act as
routers to forward both their own data and also their neighbours' data by
sending and receiving packets to and from other nodes in the network. The
relatively easy configuration and the quick deployment make ad hoc networks
suitable the emergency situations (such as human or natural disasters) and for
military units in enemy territory. Securing data dissemination between these
nodes in such networks, however, is a very challenging task. Exposing such
information to anyone else other than the intended nodes could cause a privacy
and confidentiality breach, particularly in military scenarios. In this paper
we present a novel framework to enhance the privacy and data confidentiality in
mobile ad hoc networks by attaching the originator policies to the messages as
they are sent between nodes. We evaluate our framework using the Network
Simulator (NS-2) to check whether the privacy and confidentiality of the
originator are met. For this we implemented the Policy Enforcement Points
(PEPs), as NS-2 agents that manage and enforce the policies attached to packets
at every node in the MANET.Comment: 12 page
Security management for mobile ad hoc network of networks (MANoN
Mobile Ad hoc Network of Networks (MANoN) are a group of large autonomous wireless nodes communicating on a peer-to-peer basis in a heterogeneous environment with no pre-defined infrastructure. In fact, each node by itself is an ad hoc network with its own management. MANoNs are evolvable systems, which mean each ad hoc network has the ability to perform separately under its own policies and management without affecting the main system; therefore, new ad hoc networks can emerge and disconnect from the MANoN without conflicting with the policies of other networks. The unique characteristics of MANoN makes such networks highly vulnerable to security attacks compared with wired networks or even normal mobile ad hoc networks. This thesis presents a novel security-management system based upon the Recommendation ITU-T M.3400, which is used to evaluate, report on the behaviour of our MANoN and then support complex services our system might need to accomplish. Our security management will concentrate on three essential components:
Security Administration, Prevention and Detection and Containment and Recovery.
In any system, providing one of those components is a problem; consequently, dealing with an infrastructure-less MANoN will be a dilemma, yet we approached each set group of these essentials independently, providing unusual solutions for each one of them but concentrating mainly on the prevention and detection category.
The contributions of this research are threefold. First, we defined MANoN Security Architecture based upon the ITU-T Recommendations: X.800 and X.805. This security architecture provides a comprehensive, end-to-end security solution for MANoN that could be applied to every wireless network that satisfies a similar scenario, using such networks in order to predict, detect and correct security vulnerabilities. The security architecture identifies the security requirements needed, their objectives and the means by which they could be applied to every part of the MANoN, taking into consideration the different security attacks it could face. Second, realising the prevention component by implementing some of the security requirements identified in the Security Architecture, such as authentication, authorisation, availability, data confidentiality, data integrity and non-repudiation has been proposed by means of defining a novel Security Access Control Mechanism based on Threshold Cryptography Digital Certificates in MANoN. Network Simulator (NS-2) is a real network environment simulator, which is used to test the performance of the proposed security mechanism and demonstrate its effectiveness. Our ACM-MANoN results provide a fully distributed security protocol that provides a high level of secure, available, scalable, flexible and efficient management services for MANoN. The third contribution is realising the detection component, which is represented by providing a Behavioural Detection Mechanism based on nodes behavioural observation engaged with policies. This behaviour mechanism will be used to detect malicious nodes acting to bring the system down. This approach has been validated using an attacks case study in an unknown military environment to cope with misbehaving nodes
Developing a New Driver Assistance System for Overtaking on Two-Lane Roads using Predictive Models
The complexity of an overtaking maneuver on two-lane roads merits a thorough method for developing an assistance system to prevent accidents, thus reducing the number of fatalities and the associated economic costs. This research aims to introduce a new Driver Overtaking Assistance System (DOAS). This system is based on the proactive prediction of the possibility of overtaking any preceding vehicle(s) both accurately and safely. To provide a comprehensive system, different factors related to the driver, the vehicle, the road, and the environment which have an impact on the maneuver have been taken into consideration. In addition to considering the main overtaking strategies including accelerative, flying, piggybacking, and the 2+. The proposed system is a vehicle-based safety system based on the collection of contextual information from the driving vicinity through Hello beacon messages and a set of sensors that are used as part of the reasoning process of the context-aware architecture to safely initiate the overtaking maneuver. A classification model was implemented for both the Artificial Neural Network (ANN) and Support Vector Machine (SVM) learning algorithms. A vehicle driving simulator STISIM Drive® was used to conduct driving experiments for 100 participants of different ages, gender, and levels of mental awareness. The results obtained from the DOAS show high accuracy in aiding a safe overtaking maneuver. The classification model shows promising results in the predictions, through perfect accuracy and a very low level of outcome errors
Resource Efficient Authentication and Session Key Establishment Procedure for Low-Resource IoT Devices
open access journalThe Internet of Things (IoT) can includes many resource-constrained devices, with most usually needing to securely communicate with their network managers, which are more resource-rich devices in the IoT network. We propose a resource-efficient security scheme that includes authentication of devices with their network managers, authentication between devices on different networks, and an attack-resilient key establishment procedure. Using automated validation with internet security protocols and applications tool-set, we analyse several attack scenarios to determine the security soundness of the proposed solution, and then we evaluate its performance analytically and experimentally. The performance analysis shows that the proposed solution occupies little memory and consumes low energy during the authentication and key generation processes respectively. Moreover, it protects the network from well-known attacks (man-in-the-middle attacks, replay attacks, impersonation attacks, key compromission attacks and denial of service attacks)
Cooperative Volunteer Protocol to Detect Non-Line of Sight Nodes in Vehicular Ad hoc Networks
The file attached to this record is the author's final peer reviewed version. The Publisher's final version can be found by following the DOI link.
CTIA vehicular Ad hoc Network (VANET) is a special type of Mobile Ad hoc Network (MANET) application that impacts wireless communications and Intelligent Transport Systems (ITSs). VANETs are employed to develop safety applications for vehicles to create a safer and less cluttered environment on the road. The many remaining challenges relating to VANETs have encouraged researchers to conduct further investigation in this field to meet these challenges. For example, issues pertaining to routing protocols, such as the delivery of warning messages to vehicles facing Non-Line of Sight (NLOS) situations without causing a broadcasting storm and channel contention are regarded as a serious dilemma, especially in congested environments. This prompted the design of an efficient mechanism for a routing protocol capable of broadcasting warning messages from emergency vehicles to vehicles under NLOS conditions to reduce the overhead and increase the packet delivery ratio with reduced time delay and channel utilisation. This work used the cooperative approach to develop the routing protocol named the Co-operative Volunteer Protocol (CVP), which uses volunteer vehicles to disseminate the warning message from the source to the target vehicle experiencing an NLOS situation. A novel architecture has been developed by utilising the concept of a Context-Aware System (CAS), which clarifies the OBU components and their interaction with each other to collect data and make decisions based on the sensed circumstances. The simulation results showed that the proposed protocol outperformed the GRANT protocol with regard to several metrics such as packet delivery ratio, neighbourhood awareness, channel utilisation, overhead, and latency. The results also showed that the proposed CVP could successfully detect NLOS situations and solve them effectively and efficiently for both the intersection scenario in urban areas and the highway scenario
A Fuzzy-Logic Approach to Dynamic Bayesian Severity Level Classification of Driver Distraction Using Image Recognition
open access articleDetecting and classifying driver distractions is crucial in the prevention of road accidents. These distractions impact both driver behavior and vehicle dynamics. Knowing the degree of driver distraction can aid in accident prevention techniques, including transitioning of control to a level 4 semi- autonomous vehicle, when a high distraction severity level is reached. Thus, enhancement of Advanced Driving Assistance Systems (ADAS) is a critical component in the safety of vehicle drivers and other road users. In this paper, a new methodology is introduced, using an expert knowledge rule system to predict the severity of distraction in a contiguous set of video frames using the Naturalistic Driving American University of Cairo (AUC) Distraction Dataset. A multi-class distraction system comprises the face orientation, drivers’ activities, hands and previous driver distraction, a severity classification model is developed as a discrete dynamic Bayesian (DDB). Furthermore, a Mamdani-based fuzzy system was implemented to detect multi- class of distractions into a severity level of safe, careless or dangerous driving. Thus, if a high level of severity is reached the semi-autonomous vehicle will take control. The result further shows that some instances of driver’s distraction may quickly transition from a careless to dangerous driving in a multi-class distraction context
Routing management for DTN networks in VANET
Routing protocols in VANET are considered as
one of the critical dilemmas that need to be tackled, especially
in sparse environment. Thus designing an efficient routing
mechanism has an impact on enhancing the network
performance in terms of disseminating messages to their
desired destinations. This paper proposes a novel routing
protocol in VANET for sparse environment called Vehicle
Second Heading Direction Routing Protocol (VSHDRP), which
is designed to leverage the probability of delivering a data
packet to its destination and to increase connectivity and route
stability by utilizing the knowledge of the Second Heading
Direction (SHD) in the process of selecting the next-hop node.
This new routing protocol contains two modes; the highway
straight mode and the roundabout\intersection mode.
Moreover, the two modes of VSHDRP protocol are formalized
in the Calculus of Context-aware Ambients (CCA) and
simulated using the CCA interpreter ccaPL in order to analyse
and validate the behaviour of the protocol
- …