MEC-enabled 5G use cases:a survey on security vulnerabilities and countermeasures

Abstract The future of mobile and internet technologies are manifesting advancements beyond the existing scope of science. The concepts of automated driving, augmented-reality, and machine-type-communication are quite sophisticated and require an elevation of the current mobile infrastructure for launching. The fifth-generation (5G) mobile technology serves as the solution, though it lacks a proximate networking infrastructure to satisfy the service guarantees. Multi-access Edge Computing (MEC) envisages such an edge computing platform. In this survey, we are revealing security vulnerabilities of key 5G-based use cases deployed in the MEC context. Probable security flows of each case are specified, while countermeasures are proposed for mitigating them

Anonymous lightweight proxy based key agreement for IoT (ALPKA)

Abstract The Internet of Things (IoT) technologies interconnect a broad range of network devices, differing in terms of size, weight, functionality, and resource capabilities. The main challenge is to establish the required security features in the most constrained devices, even if they are unknown to each other and do not share common pre-distributed key material. As a consequence, there is a high need for scalable and lightweight key establishment protocols. In this paper, we propose a key agreement protocol between two IoT devices without prior trust relation, using solely symmetric key based operations, by relying on a server or proxy based approach. This proxy is responsible for the verification of the authentication and the key agreement between the IoT devices, without being capable of deriving the established session key. We propose two versions. The first version does not require interactive input from the key distribution center to the proxy, but is not resistant if a compromised user and proxy are collaborating. The second version on the other hand is collision resistant, but needs an interactive key distribution center. In addition, we add the interesting features of anonymity and unlinkability of the sender and receiver in both protocol versions. The security properties of the proposed protocol are verified by using formal verification techniques

Novel MEC based approaches for smart hospitals to combat COVID-19 pandemic

Abstract COVID-19 or Coronavirus has thrilled the entire world population with uncertainty over their survival and well-being. The impact this pathogen has caused over the globe has been profound due to its unique transmission features; that urges for contact-less strategies to interact and treat the infected. The impending 5G mobile technology is immersing the applications that enable the provisioning of medical and healthcare services in a contact-less manner. The edge computing paradigms offer a de-centralized and versatile networking infrastructure capable of adhering to the novel demands of 5G. In this article, we are considering Multi-Access Edge Computing (MEC) flavour of the edge paradigms for realizing the contact-less approaches that assist the mediation of COVID-19 and the future of healthcare. In order to formulate this ideology, we propose three use cases and discuss their implementation in the MEC context. Further, the requirements for launching these services are provided. Additionally, we validate our proposed approaches through simulations

Realizing multi-access edge computing feasibility:security perspective

Abstract Internet of Things (IoT) and 5G are emerging technologies that prompt a mobile service platform capable of provisioning billions of communication devices which enable ubiquitous computing and ambient intelligence. These novel approaches are guaranteeing gigabit-level bandwidth, ultra-low latency and ultra-high storage capacity for their subscribers. To achieve these limitations, ETSI has introduced the paradigm of Multi-Access Edge Computing (MEC) for creating efficient data processing architecture extending the cloud computing capabilities in the Radio Access Network (RAN). Despite the gained enhancements to the mobile network, MEC is subjected to security challenges raised from the heterogeneity of IoT services, intricacies in integrating virtualization technologies, and maintaining the performance guarantees of the mobile networks (i.e. 5G). In this paper, we are identifying the probable threat vectors in a typical MEC deployment scenario that comply with the ETSI standards. We analyse the identified threat vectors and propose solutions to mitigate them

Survey on multi-access edge computing security and privacy

Abstract The European Telecommunications Standards Institute (ETSI) has introduced the paradigm of Multi-Access Edge Computing (MEC) to enable efficient and fast data processing in mobile networks. Among other technological requirements, security and privacy are significant factors in the realization of MEC deployments. In this paper, we analyse the security and privacy of the MEC system. We introduce a thorough investigation of the identification and the analysis of threat vectors in the ETSI standardized MEC architecture. Furthermore, we analyse the vulnerabilities leading to the identified threat vectors and propose potential security solutions to overcome these vulnerabilities. The privacy issues of MEC are also highlighted, and clear objectives for preserving privacy are defined. Finally, we present future directives to enhance the security and privacy of MEC services

Privacy Preservation Using Machine Learning in the Internet of Things

The internet of things (IoT) has prepared the way for a highly linked world, in which everything is interconnected, and information exchange has become more easily accessible via the internet, making it feasible for various applications that enrich the quality of human life. Despite such a potential vision, users’ privacy on these IoT devices is a significant concern. IoT devices are subject to threats from hackers and malware due to the explosive expansion of IoT and its use in commerce and critical infrastructures. Malware poses a severe danger to the availability and reliability of IoT devices. If left uncontrolled, it can have profound implications, as IoT devices and smart services can collect personally identifiable information (PII) without the user’s knowledge or consent. These devices often transfer their data into the cloud, where they are stored and processed to provide the end users with specific services. However, many IoT devices do not meet the same security criteria as non-IoT devices; most used schemes do not provide privacy and anonymity to legitimate users. Because there are so many IoT devices, so much malware is produced every day, and IoT nodes have so little CPU power, so antivirus cannot shield these networks from infection. Because of this, establishing a secure and private environment can greatly benefit from having a system for detecting malware in IoT devices. In this paper, we will analyze studies that have used ML as an approach to solve IoT privacy challenges, and also investigate the advantages and drawbacks of leveraging data in ML-based IoT privacy approaches. Our focus is on using ML models for detecting malware in IoT devices, specifically spyware, ransomware, and Trojan horse malware. We propose using ML techniques as a solution for privacy attack detection and test pattern generation in the IoT. The ML model can be trained to predict behavioral architecture. We discuss our experiments and evaluation using the “MalMemAnalysis” datasets, which focus on simulating real-world privacy-related obfuscated malware. We simulate several ML algorithms to prove their capabilities in detecting malicious attacks against privacy. The experimental analysis showcases the high accuracy and effectiveness of the proposed approach in detecting obfuscated and concealed malware, outperforming state-of-the-art methods by 99.50%, and would be helpful in safeguarding an IoT network from malware. Experimental analysis and results are provided in detail

IoT Vulnerabilities and Attacks: SILEX Malware Case Study

The Internet of Things (IoT) is rapidly growing and is projected to develop in future years. The IoT connects everything from Closed Circuit Television (CCTV) cameras to medical equipment to smart home appliances to smart automobiles and many more gadgets. Connecting these gadgets is revolutionizing our lives today by offering higher efficiency, better customer service, and more effective goods and services in a variety of industries and sectors. With this anticipated expansion, many challenges arise. Recent research ranked IP cameras as the 2nd highest target for IoT attacks. IoT security exhibits an inherent asymmetry where resource-constrained devices face attackers with greater resources and time, creating an imbalanced power dynamic. In cybersecurity, there is a symmetrical aspect where defenders implement security measures while attackers seek symmetrical weaknesses. The SILEX malware case highlights this asymmetry, demonstrating how IoT devices’ limited security made them susceptible to a relatively simple yet destructive attack. These insights underscore the need for robust, proactive IoT security measures to address the asymmetrical risks posed by adversaries and safeguard IoT ecosystems effectively. In this paper, we present the IoT vulnerabilities, their causes, and how to detect them. We focus on SILEX, one of the famous malware that targets IoT, as a case study and present the lessons learned from this malware

Intrusion Detection for Electric Vehicle Charging Systems (EVCS)

The market for Electric Vehicles (EVs) has expanded tremendously as seen in the recent Conference of the Parties 27 (COP27) held at Sharm El Sheikh, Egypt in November 2022. This needs the creation of an ecosystem that is user-friendly and secure. Internet-connected Electric Vehicle Charging Stations (EVCSs) provide a rich user experience and add-on services. Eventually, the EVCSs are connected to a management system, which is the Electric Vehicle Charging Station Management System (EVCSMS). Attacking the EVCS ecosystem remotely via cyberattacks is rising at the same rate as physical attacks and vandalism happening on the physical EVCSs. The cyberattack is more severe than the physical attack as it may affect thousands of EVCSs at the same time. Intrusion Detection is vital in defending against diverse types of attacks and unauthorized activities. Fundamentally, the Intrusion Detection System’s (IDS) problem is a classification problem. The IDS tries to determine if each traffic stream is legitimate or malicious, that is, binary classification. Furthermore, the IDS can identify the type of malicious traffic, which is called multiclass classification. In this paper, we address IoT security issues in EVCS by using different machine learning techniques and using the native IoT dataset to discover fraudulent traffic in EVCSs, which has not been performed in any previous research. We also compare different machine learning classifier algorithms for detecting Distributed Denial of Service (DDoS) attacks in the EVCS network environment. A typical Internet of Things (IoT) dataset obtained from actual IoT traffic is used in the paper. We compare classification algorithms that are placed in line with the traffic and contain DDoS attacks targeting the EVCS network. The results obtained from this research improve the stability of the EVCS system and significantly reduce the number of cyberattacks that could disrupt the daily life activities associated with the EVCS ecosystem

A New Scheme for Ransomware Classification and Clustering Using Static Features

Ransomware is a strain of malware that disables access to the user’s resources after infiltrating a victim’s system. Ransomware is one of the most dangerous malware organizations face by blocking data access or publishing private data over the internet. The major challenge of any entity is how to decrypt the files encrypted by ransomware. Ransomware’s binary analysis can provide a means to characterize the relationships between different features used by ransomware families to track the ransomware encryption mechanism routine. In this paper, we compare the different ransomware detection approaches and techniques. We investigate the criteria, parameters, and tools used in the ransomware detection ecosystem. We present the main recommendations and best practices for ransomware mitigation. In addition, we propose an efficient ransomware indexing system that provides search functionalities, similarity checking, sample classification, and clustering. The new system scheme mainly targets native ransomware binaries, and the indexing engine depends on hybrid data from the static analyzer system. Our scheme tracks and classifies ransomware based on static features to find the similarity between different ransomware samples. This is done by calculating the absolute Jaccard index. Results have shown that Import Address Table (IAT) feature can be used to classify different ransomware more accurately than the Strings feature