The Internet of Things Security and Privacy: Current Schemes, Challenges and Future Prospects

The Internet of Things devices and users exchange massive amount of data. Some of these exchanged messages are highly sensitive as they involve organizational, military or patient personally identifiable information. Therefore, many schemes and protocols have been put forward to protect the transmitted messages. The techniques deployed in these schemes may include blockchain, public key infrastructure, elliptic curve cryptography, physically unclonable function and radio frequency identification. In this paper, a review is provided of these schemes including their strengths and weaknesses. Based on the obtained results, it is clear that majority of these protocols have numerous security, performance and privacy issues

Efficient Authentication Algorithm for Secure Remote Access in Wireless Sensor Networks

Wireless sensor networks convey mission critical data that calls for adequate privacy and security protection. To accomplish this objective, numerous intrusion detection schemes based on machine learning approaches have been developed. In addition, authentication and key agreements techniques have been developed using techniques such as elliptic curve cryptography, bilinear pairing operations, biometrics, fuzzy verifier and Rabin cryptosystems. However, these schemes have either high false positive rates, high communication, computation, storage or energy requirements, all of which are not ideal for battery powered sensor nodes. Moreover, majority of these algorithms still have some security and privacy challenges that render them susceptible to various threats. In this paper, a WSN authentication algorithm is presented that is shown to be robust against legacy WSN privacy and security attacks such as sidechannel, traceability, offline guessing, replay and impersonations. From a performance perspective, the proposed algorithm requires the least computation overheads and average computation costs among its peers

Dynamic TCP pacing for Delay Intolerant Cloud Communications

Paper presented at the 4th Strathmore International Mathematics Conference (SIMC 2017), 19 - 23 June 2017, Strathmore University, Nairobi, Kenya.In the recent years, many organizations have turned to cloud technology to support their information technology services. The cloud servers are therefore increasingly holding huge and sensitive information belonging to diverse groups of individuals and companies. Additionally, some organizations employ the cloud to provide them with online backup services. One of the most outstanding requirements for cloud customers is availability – the customers must be able to access their information and other resources stored in the cloud any time and from anywhere on the globe. This means that there should be efficient network design such that any delays are averted. The connection between the customer and the cloud can therefore be regarded as delay intolerant. Network congestions often lead to delays and packet losses. Transmission control protocol employs four congestion control algorithms– slow start, congestion avoidance, fast retransmit and fast recovery, all of which fail to meet the requirements of delay intolerance. Transmission control protocol pacing has been suggested as a possible solution to delays and packet dropping in computer networks. However, the current pacing is static in nature, meaning that constant pauses are introduced between packet transmissions to prevent bursty transmissions which can lead to delays at the receiver buffers. This paper therefore presents a dynamic pacing where the delay period is hinged on the prevailing network conditions. This dynamic pacing algorithm was designed and implemented in Spyder using Python programming language. It employed probe signals to gather network intelligence such as the applicable round trip times of the network. Thereafter, this network intelligence was employed to tailor the paces to these network conditions. The results obtained showed that this algorithm introduced longer paces when more packets are transmitted and shorter paces when few packets are transmitted. In so doing, this new algorithm gives enough time for large packets to be delivered and smaller paces when few packets are sent. The analysis was done in terms of bandwidth utilization efficiency, round trip times and congestion window size adjustments. The congestion window – time graphs and throughput – time graphs showed that the developed dynamic pacing algorithm adjusted quickly to network congestions hence ensuring that the network is efficiently utilized by averting delays.Jaramogi Oginga Odinga University of Science & Technology, Bondo – Kenya

Security evaluation for Instant Messaging encryption algorithms

Paper presented at the 4th Strathmore International Mathematics Conference (SIMC 2017), 19 - 23 June 2017, Strathmore University, Nairobi, Kenya.Instant messaging applications such as Whats App, Facebook Messenger, Telegram and Skype provide a convenient means of passing information among company employees. Fueled by the bring your own device (BYOD) trend, organizations are allowing employees to access crucial information. The security flaws in such tools can create fear among the users leading to their slow uptake due to the leakage of organization sensitive information and attacks such as BEARST and POODLE. The rationale of this study provides a security evaluation of the current state-of- art on instant messaging encryption algorithm. The study deployed a survey approach as the master plan to throw light on the algorithms and their cons such as; Text secure, can encrypt chat messages but can also allow users to exchange unencrypted SMS and MMS messages with people who did not have Text Secure; Double ratchet algorithm, combines public key infrastructure in its operation, hence bringing in the challenges of key management; Off-the- record messaging, an extra symmetric key is derived during authenticated key exchanges that can be used for secure communication, hence also suffers from the key management constraints of public key infrastructure; Perfect forward secrecy intended to prevent the compromise of a long-term secret key from affecting the confidentiality of past conversations. However, forward secrecy cannot defend against a successful cryptanalysis of the underlying ciphers being used, since a cryptanalysis consists of finding a way to decrypt an encrypted message without the key, and forward secrecy only protects keys, not the ciphers themselves and Transport Layer Security / Secure Socket Layer algorithms however, have been shown to be easily compromised, for example exploiting initialization Vector chaining in Cipher Block Chaining weakness using a known plaintext attack and algorithm flaws in SSL v3. These security weakness in the current instant messaging encryption algorithms necessitates the development of port-based algorithm For protecting the information both in transit and at the endpoint. In this work, a security evaluation of these encryption algorithms given

Design for Social Presence and Exploring Its Mediating Effect in Mobile Data Communication Services

The mobility, flexibility, convenience, and ubiquity of mobile data services (MDS) have contributed to their enormous growth and popularity with users. MDS allow users to communicate through mobile texting (mTexting), mobile Instant Messaging (mIM), multimedia messaging services (MMS), and email. A unique feature of MDS that enhances its popularity among its users is the awareness capability, which is revolutionizing the way MDS is being used to communicate today. It allows potential communication partners to socialize through these technologies. This dissertation explored the relationship between user experience, perceived richness, perceived social presence and satisfaction with MDS. A research model for examining the antecedent conditions that influence social presence, richness, social interaction and satisfaction with MDS was developed. Partial least square analysis showed that user experience influenced both social presence and richness. Also supported was the relationship between richness, social presence and satisfaction with MDS. Social presence mediated the relationship between user experience and richness. However, only one dimension of interactivity influenced social presence