A novel framework for collaborative intrusion detection for M2M networks

The proliferation of sensor devices has introduced exciting possibilities such as the Internet of Things (IoT). Machine to Machine (M2M) communication underpins efficient interactions within such infrastructures. The resource constraints and ad-hoc nature of these networks have significant implications for security in general and with respect to intrusion detection in particular. Consequently, contemporary solutions mandating a stable infrastructure are inadequate to fulfill these defining characteristics of M2M networks. In this paper, we present COLIDE (COLlaborative Intrusion Detection Engine) a novel framework for effective intrusion detection in the M2M networks without incurring high energy and communication cost on the participating host and edge nodes. The framework is envisioned to address challenges such as flexibility, resource constraints, and the collaborative nature of the M2M networks. The paper presents a detailed system description along with its formal and empirical evaluation using Contiki OS. Our evaluation for different communication scenarios demonstrates that the proposed approach has limited overhead in terms of energy utilization and memory consumption

Clustering VoIP caller for SPIT identification

The number of unsolicited and advertisement telephony calls over traditional and Internet telephony has rapidly increased over recent few years. Every year, the telecommunication regulators, law enforcement agencies and telecommunication operators receive a very large number of complaints against these unsolicited, unwanted calls. These unwanted calls not only bring financial loss to the users of the telephony but also annoy them with unwanted ringing alerts. Therefore, it is important for the operators to block telephony spammers at the edge of the network so to gain trust of their customers. In this paper, we propose a novel spam detection system by incorporating different social network features for combating unwanted callers at the edge of the network. To this extent the reputation of each caller is computed by processing call detailed records of user using three social network features that are the frequency of the calls between caller and the callee, the duration between caller and the callee and the number of outgoing partners associated with the caller. Once the reputation of the caller is computed, the caller is then places in a spam and non-spam clusters using unsupervised machine learning. The performance of the proposed approach is evaluated using a synthetic dataset generated by simulating the social behaviour of the spammers and the non-spammers. The evaluation results reveal that the proposed approach is highly effective in blocking spammer with 2% false positive rate under a large number of spammers. Moreover, the proposed approach does not require any change in the underlying VoIP network architecture, and also does not introduce any additional signalling delay in a call set-up phase

Authentic-caller : self-enforcing authentication in a next generation network

The Internet of Things (IoT) or the Cyber-Physical System (CPS) is the network of connected devices, things and people which collect and exchange information using the emerging telecommunication networks (4G, 5G IP-based LTE). These emerging telecommunication networks can also be used to transfer critical information between the source and destination, informing the control system about the outage in the electrical grid, or providing information about the emergency at the national express highway. This sensitive information requires authorization and authentication of source and destination involved in the communication. To protect the network from unauthorized access and to provide authentication, the telecommunication operators have to adopt the mechanism for seamless verification and authorization of parties involved in the communication. Currently, the next-generation telecommunication networks use a digest-based authentication mechanism, where the call-processing engine of the telecommunication operator initiates the challenge to the request-initiating client or caller, which is being solved by the client to prove his credentials. However, the digest-based authentication mechanisms are vulnerable to many forms of known attacks e.g., the Man-In-The-Middle (MITM) attack and the password guessing attack. Furthermore, the digest-based systems require extensive processing overheads. Several Public-Key Infrastructure (PKI) based and identity-based schemes have been proposed for the authentication and key agreements. However, these schemes generally require smart-card to hold long-term private keys and authentication credentials. In this paper, we propose a novel self-enforcing authentication protocol for the SIPbased next-generation network based on a low-entropy shared password without relying on any PKI or trusted third party system. The proposed system shows effective resistance against various attacks e.g., MITM, replay attack, password guessing attack, etc. We a..

A privacy‐preserving framework for smart context‐aware healthcare applications

Internet of things (IoT) is a disruptive paradigm with wide ranging applications including healthcare, manufacturing, transportation and retail. Within healthcare, smart connected wearable devices are widely used to achieve improved wellbeing, quality of life and security of citizens. Such connected devices generate significant amount of data containing sensitive information about patient requiring adequate protection and privacy assurance. Unauthorized access to an individual’s private data constitutes a breach of privacy leading to catastrophic outcomes for an individuals personal and professional life. Furthermore, breach of privacy may also lead to financial loss to the governing body such as those proposed as part of the General Data Protection Regulation (GDPR) in Europe. Furthermore, while mobility afforded by smart devices enables ease of monitoring, portability and pervasive processing, it also introduces challenges with respect to scalability, reliability and context-awareness for its applications. This paper is focused on privacy preservation within smart context-aware healthcare with a special emphasis on privacy assurance challenges within the Electronic Transfer of Prescription (ETP). To this extent, we present a case for a comprehensive, coherent, and dynamic privacypreserving system for smart healthcare to protect sensitive user data. Based on a thorough analysis of existing privacy preservation models we propose an enhancement for the widely used Salford model to achieve privacy preservation against masquerading and impersonation threats. The proposed model therefore improves privacy assurance for cutting edge IoT applications such as smart healthcare whilst addressing unique challenges with respect to context-aware mobility of such applications

PriVeto: a fully private two round veto protocol.

Veto is a prerogative to unilaterally overrule a decision. A private veto protocol consists of a number of participants who wish to decide whether or not to veto a particular motion without revealing the individual opinions. Essentially all participants jointly perform a multi-party computation (MPC) on a boolean-OR function where an input of "1" represents veto and "0" represents not veto. In 2006, Hao and Zieli´ nski presented a two round veto protocol named Anonymous Veto network (AV-net), which is exceptionally efficient in terms of the number of rounds, computation and bandwidth usage. However, AV-net has two generic issues: 1) a participant who has submitted a veto can find out whether she is the only one who vetoed; 2) the last participant who submits her input can pre-compute the boolean-OR result before submission, and may amend her input based on that knowledge. These two issues generally apply to any multi-round veto protocol where participants commit their input in the last round. In this paper, we propose a novel solution to address both issues within two rounds, which are the best possible round efficiency for a veto protocol. Our new private veto protocol, called PriVeto, has similar system complexities to AV-net, but it binds participants to their inputs in the very first round, eliminating the possibility of runtime changes to any of the inputs. At the end of the protocol, participants are strictly limited to learning nothing more than the output of the boolean-OR function and their own inputs.ERC 306994 H2020 European Research Council http://dx.doi.org/10.13039/10001066

WFL: Edge-Enabled Weighted Federated Learning for Securing Heterogenous Networks

The operational aspects of the Internet of Things (IoT) are dependent on the security measures deployed to ensure user privacy, protect user data and prevent smart devices from being exploited for malicious activities. Traditional Intrusion Detection Systems often require collaboration from many individual devices in the centralised system for data processing and decision-making. However, centralised systems have some limitations in terms of privacy and scalability. This paper proposes a federated learning-based (FL) distributed framework for detecting and mitigating intrusion while ensuring privacy in IoT networks. The framework integrates two key security components: an intrusion detection module that employs Neural Networks (NN) at the edge device, and centralised aggregation systems that aggregate and coordinate the aggregated model to edge devices. The centralised system computes the global model using a weighted averaging mechanism to accurately represent the relative importance of each device’s local model. of each device’s contribution. This ensures that the global model is the complete representation of the overall data at the collaborating edge nodes. The framework ensures privacy as data remains local to edge devices, and the machine learning models are exchanged to the aggregation server. By supporting heterogeneous data from various sources, the framework demonstrates adaptability to diverse attack patterns and device behaviours. The evaluation is conducted on heterogeneous datasets, including CICIDS2017, UNSW-NB15, and KDD Cup 99 under heterogeneous scenarios, which represent a wide range of intrusion scenarios, such as DDoS, Botnet activities and malicious behaviours. With an increased number of iterations and collaborators, the framework demonstrates improved performance, achieving an average intrusion detection accuracy of 99% across the three datasets. These results highlight the importance of both the number of collaborators and iterations in improving the overall model performance while preserving privacy and minimising communication overhead

Decentralized document version control using ethereum blockchain and IPFS

In this paper, we propose a blockchain-based solution and framework for document sharing and version control to facilitate multi-user collaboration and track changes in a trusted, secure, and decentralized manner, with no involvement of a centralized trusted entity or third party. This solution is based on utilizing Ethereum smart contracts to govern and regulate the document version control functions among the creators and developers of the document and its validators. Moreover, our solution leverages the benefits of IPFS (InterPlanetary File System) to store documents on a decentralized file system. The proposed solution automates necessary interactions among multiple actors comprising developers and approvers. Smart contracts have been developed using Solidity language, and their functionalities were tested using the Remix IDE (Integrated Development Environment). The paper demonstrates that our smart contract code is free of commonly known security vulnerabilities and attacks. The code has been made publically available at Github

ROBO-SPOT: Detecting Robocalls by Understanding User Engagement and Connectivity Graph

Robo or unsolicited calls have become a persistent issue in telecommunication networks, posing significant challenges to individuals, businesses, and regulatory authorities. These calls not only trick users into disclosing their private and financial information, but also affect their productivity through unwanted phone ringing. A proactive approach to identify and block such unsolicited calls is essential to protect users and service providers from potential harm. Therein, this paper proposes a solution to identify robo-callers in the telephony network utilising a set of novel features to evaluate the trustworthiness of callers in a network. The trust score of the callers is then used along with machine learning models to classify them as legitimate or robo-caller. We use a large anonymized dataset (call detailed records) from a large telecommunication provider containing more than 1 billion records collected over 10 days. We have conducted extensive evaluation demonstrating that the proposed approach achieves high accuracy and detection rate whilst minimizing the error rate. Specifically, the proposed features when used collectively achieve a true-positive rate of around 97% with a false-positive rate of less than 0.01%