MARINE: Man-in-the-middle attack resistant trust model IN connEcted vehicles

Vehicular Ad-hoc NETwork (VANET), a novel technology holds a paramount importance within the transportation domain due to its abilities to increase traffic efficiency and safety. Connected vehicles propagate sensitive information which must be shared with the neighbors in a secure environment. However, VANET may also include dishonest nodes such as Man-in-the-Middle (MiTM) attackers aiming to distribute and share malicious content with the vehicles, thus polluting the network with compromised information. In this regard, establishing trust among connected vehicles can increase security as every participating vehicle will generate and propagate authentic, accurate and trusted content within the network. In this paper, we propose a novel trust model, namely, Man-in-the-middle Attack Resistance trust model IN connEcted vehicles (MARINE), which identifies dishonest nodes performing MiTM attacks in an efficient way as well as revokes their credentials. Every node running MARINE system first establishes trust for the sender by performing multi-dimensional plausibility checks. Once the receiver verifies the trustworthiness of the sender, the received data is then evaluated both directly and indirectly. Extensive simulations are carried out to evaluate the performance and accuracy of MARINE rigorously across three MiTM attacker models and the bench-marked trust model. Simulation results show that for a network containing 35% MiTM attackers, MARINE outperforms the state of the art trust model by 15%, 18%, and 17% improvements in precision, recall and F-score, respectively.N/A

Trust-based security for the OLSR routing protocol

International audienceThe trust is always present implicitly in the protocols based on cooperation, in particular, between the entities involved in routing operations in Ad hoc networks. Indeed, as the wireless range of such nodes is limited, the nodes mutually cooperate with their neighbors in order to extend the remote nodes and the entire network. In our work, we are interested by trust as security solution for OLSR protocol. This approach fits particularly with characteristics of ad hoc networks. Moreover, the explicit trust management allows entities to reason with and about trust, and to take decisions regarding other entities. In this paper, we detail the techniques and the contributions in trust-based security in OLSR. We present trust-based analysis of the OLSR protocol using trust specification language, and we show how trust-based reasoning can allow each node to evaluate the behavior of the other nodes. After the detection of misbehaving nodes, we propose solutions of prevention and countermeasures to resolve the situations of inconsistency, and counter the malicious nodes. We demonstrate the effectiveness of our solution taking different simulated attacks scenarios. Our approach brings few modifications and is still compatible with the bare OLSR

On the Use of Blockchain Technology for Education During Pandemics

During the recent pandemic events and lockdown, most educational institutions have moved into online and distance learning. Certain institutions have been more ready than others to shift into full online learning and teaching mode. However, many technical and security challenges and issues related to the learning management system have been encountered. In this article, we investigate the technical benefits of blockchain, and we propose a secured and trusted online-leaning framework based on blockchain. Our proposal takes advantage of blockchain technology to ensure the expected standard of teaching and fairness of assessment while respecting the schedule of courses and exams. Through blockchains reward methods, it also motivates both students and teachers to persist in their efforts, even from home

A Systematic Approach for Cyber Security in Vehicular Networks

Vehicular Networks (VANET) are the largest real-life paradigm of ad hoc networks which aim to ensure road safety and enhance drivers’ comfort. In VANET, the vehicles communicate or collaborate with each other and with adjacent infrastructure by exchanging significant messages, such as road accident warnings, steep-curve ahead warnings or traffic jam warnings. However, this communication and other assets involved are subject to major threats and provide numerous opportunities for attackers to launch several attacks and compromise security and privacy of vehicular users. This paper reviews the cyber security in VANET and proposes an asset-based approach for VANET security. Firstly, it identifies relevant assets in VANET. Secondly, it provides a detailed taxonomy of vulnerabilities and threats on these assets, and, lastly, it classifies the possible attacks in VANET and critically evaluates them

TEAM: A Trust Evaluation and Management Framework in Context-Enabled Vehicular Ad-Hoc Networks

Vehicular ad-hoc network (VANET) provides a unique platform for vehicles to intelligently exchange critical information, such as collision avoidance messages. It is, therefore, paramount that this information remains reliable and authentic, i.e., originated from a legitimate and trusted vehicle. Trust establishment among vehicles can ensure security of a VANET by identifying dishonest vehicles and revoking messages with malicious content. For this purpose, several trust models (TMs) have been proposed but, currently, there is no effective way to compare how they would behave in practice under adversary conditions. To this end, we propose a novel trust evaluation and management (TEAM) framework, which serves as a unique paradigm for the design, management, and evaluation of TMs in various contexts and in presence of malicious vehicles. Our framework incorporates an asset-based threat model and ISO-based risk assessment for the identification of attacks against critical risks. The TEAM has been built using VEINS, an open source simulation environment which incorporates SUMO traffic simulator and OMNET++ discrete event simulator. The framework created has been tested with the implementation of three types of TMs (data oriented, entity oriented, and hybrid) under four different contexts of VANET based on the mobility of both honest and malicious vehicles. Results indicate that the TEAM is effective to simulate a wide range of TMs, where the efficiency is evaluated against different quality of service and security-related criteria. Such framework may be instrumental for planning smart cities and for car manufacturers

A comparative analysis of trust models for safety applications in IoT-enabled vehicular networks

To achieve these goals, VANET requires a secure environment for authentic, reliable and trusted information dissemination among the network entities. However, VANET is prone to different attacks resulting in the dissemination of compromised/false information among network nodes. One way to manage a secure and trusted network is to introduce trust among the vehicular nodes. To this end, various Trust Models (TMs) are developed for VANET and can be broadly categorized into three classes, Entity-oriented Trust Models (ETM), Data oriented Trust Models (DTM) and Hybrid Trust Models (HTM). These TMs evaluate trust based on the received information (data), the vehicle (entity) or both through different mechanisms. In this paper, we present a comparative study of the three TMs. Furthermore, we evaluate these TMs against the different trust, security and quality-of-service related benchmarks. Simulation results revealed that all these TMs have deficiencies in terms of end-to-end delays, event detection probabilities and false positive rates. This study can be used as a guideline for researchers to design new efficient and effective TMs for VANET.N/

The Case of HyperLedger Fabric as a Blockchain Solution for Healthcare Applications

The healthcare industry deals with highly sensitive data which must be managed in a secure way. Electronic Health Records (EHRs) hold various kinds of personal and sensitive data which contain names, addresses, social security numbers, insurance numbers, and medical history. Such personal data is valuable to the patients, healthcare service providers, medical insurance companies, and research institutions. However, the public release of this highly sensitive personal data poses serious privacy and security threats to patients and healthcare service providers. Hence, we foresee the requirement of new technologies to address the privacy and security challenges for personal data in healthcare applications. Blockchain is one of the promising solutions, aimed to provide transparency, security, and privacy using consensus-driven decentralised data management on top of peer-to-peer distributed computing systems. Therefore, to solve the mentioned problems in healthcare applications, in this paper, we investigate the use of private blockchain technologies to assess their feasibility for healthcare applications. We create testing scenarios using HyperLedger Fabric to explore different criteria and use-cases for healthcare applications. Additionally, we thoroughly evaluate the representative test case scenarios to assess the blockchain-enabled security criteria in terms of data confidentiality, privacy and access control. The experimental evaluation reveals the promising benefits of private blockchain technologies in terms of security, regulation compliance, compatibility, flexibility, and scalability

Polyphosphate application influences morpho-physiological root traits involved in P acquisition and durum wheat growth performance

peer reviewedAbstract Background Among phosphate (P) fertilizers, polyphosphates (PolyPs) have shown promising results in terms of crop yield and plant P nutrition. However, compared to conventional P inputs, very little is known on the impact of PolyPs fertilizers on below- and above-ground plant functional traits involved in P acquisition. This study aims to evaluate agro-physiological responses of durum wheat variety ´Karim´ under different PolyPs applications. Three PolyPs fertilizers (PolyA, PolyB, and PolyC) versus one orthophosphate (OrthoP) were applied at three doses; 30 (D30), 60 (D60), and 90 (D90) kg P/ha under controlled conditions. The PolyPs (especially PolyB and PolyC) application at D60 significantly increased morphophysiological root traits (e.g., RL: 42 and 130%; RSA:40 and 60%), shoot inorganic P (Pi) content (159 and 88%), and root P acquisition efficiency (471 and 296%) under PolyB and PolyC, respectively compared to unfertilized plants. Above-ground physiological parameters, mainly nutrient acquisition, chlorophyll content and chlorophyll fluorescence parameters were also improved under PolyB and PolyA application at D60. A significant and positive correlation between shoot Pi content and rhizosphere soil acid phosphatase activity was observed, which reveal the key role of these enzymes in PolyPs (A and B) use efficiency. Furthermore, increased P uptake/RL ratio along with shoot Pi indicates more efficient P allocation to shoots with less investment in root biomass production under PolyPs (especially A and B). Conclusions Under our experimental conditions, these findings report positive impacts of PolyPs on wheat growth performance, particularly on photosynthesis and nutrient acquisition at D60, along with modulation of root morpho-physiological traits likely responsible of P acquisition efficiency