No Arabic abstract
Continuous Authentication (CA) has been proposed as a potential solution to counter complex cybersecurity attacks that exploit conventional static authentication mechanisms that authenticate users only at an ingress point. However, widely researched human user characteristics-based CA mechanisms cannot be extended to continuously authenticate Internet of Things (IoT) devices. The challenges are exacerbated with increased adoption of device-to-device (d2d) communication in critical infrastructures. Existing d2d authentication protocols proposed in the literature are either prone to subversion or are computationally infeasible to be deployed on constrained IoT devices. In view of these challenges, we propose a novel, lightweight, and secure CA protocol that leverages communication channel properties and a tunable mathematical function to generate dynamically changing session keys. Our preliminary informal protocol analysis suggests that the proposed protocol is resistant to known attack vectors and thus has strong potential for deployment in securing critical and resource-constrained d2d communication.
Radio Frequency Identification (RFID) technology one of the most promising technologies in the field of ubiquitous computing. Indeed, RFID technology may well replace barcode technology. Although it offers many advantages over other identification systems, there are also associated security risks that are not easy to be addressed. When designing a real lightweight authentication protocol for low cost RFID tags, a number of challenges arise due to the extremely limited computational, storage and communication abilities of Low-cost RFID tags. This paper proposes a real mutual authentication protocol for low cost RFID tags. The proposed protocol prevents passive attacks as active attacks are discounted when designing a protocol to meet the requirements of low cost RFID tags. However the implementation of the protocol meets the limited abilities of low cost RFID tags.
The growing popularity of Internet-of-Things (IoT) has created the need for network-based traffic anomaly detection systems that could identify misbehaving devices. In this work, we propose a lightweight technique, IoT-guard, for identifying malicious traffic flows. IoT-guard uses semi-supervised learning to distinguish between malicious and benign device behaviours using the network traffic generated by devices. In order to achieve this, we extracted 39 features from network logs and discard any features containing redundant information. After feature selection, fuzzy C-Mean (FCM) algorithm was trained to obtain clusters discriminating benign traffic from malicious traffic. We studied the feature scores in these clusters and use this information to predict the type of new traffic flows. IoT-guard was evaluated using a real-world testbed with more than 30 devices. The results show that IoTguard achieves high accuracy (98%), in differentiating various types of malicious and benign traffic, with low false positive rates. Furthermore, it has low resource footprint and can operate on OpenWRT enabled access points and COTS computing boards.
A constant need to increase the network capacity for meeting the growing demands of the subscribers has led to the evolution of cellular communication networks from the first generation (1G) to the fifth generation (5G). There will be billions of connected devices in the near future. Such a large number of connections are expected to be heterogeneous in nature, demanding higher data rates, lesser delays, enhanced system capacity and superior throughput. The available spectrum resources are limited and need to be flexibly used by the mobile network operators (MNOs) to cope with the rising demands. An emerging facilitator of the upcoming high data rate demanding next generation networks (NGNs) is device-to-device (D2D) communication. An extensive survey on device-to-device (D2D) communication has been presented in this paper, including the plus points it offers, the key open issues associated with it like peer discovery, resource allocation etc, demanding special attention of the research community, some of its integrant technologies like millimeter wave D2D (mmWave), ultra dense networks (UDNs), cognitive D2D, handover procedure in D2D and its numerous use cases. Architecture is suggested aiming to fulfill all the subscriber demands in an optimal manner. The Appendix mentions some ongoing standardization activities and research projects of D2D communication.
Considering the energy-efficient emergency response, subject to a given set of constraints on emergency communication networks (ECN), this article proposes a hybrid device-to-device (D2D) and device-to-vehicle (D2V) network for collecting and transmitting emergency information. First, we establish the D2D network from the perspective of complex networks by jointly determining the optimal network partition (ONP) and the temporary data caching centers (TDCC), and thus emergency data can be forwarded and cached in TDCCs. Second, based on the distribution of TDCCs, the D2V network is established by unmanned aerial vehicles (UAV)-based waypoint and motion planning, which saves the time for wireless transmission and aerial moving. Finally, the amount of time for emergency response and the total energy consumption are simultaneously minimized by a multiobjective evolutionary algorithm based on decomposition (MOEA/D), subject to a given set of minimum signal-to-interference-plus-noise ratio (SINR), number of UAVs, transmit power, and energy constraints. Simulation results show that the proposed method significantly improves response efficiency and reasonably controls the energy, thus overcoming limitations of existing ECNs. Therefore, this network effectively solves the key problem in the rescue system and makes great contributions to post-disaster decision-making.
The Internet of Things (IoT) is one of the emerging technologies that has grabbed the attention of researchers from academia and industry. The idea behind Internet of things is the interconnection of internet enabled things or devices to each other and to humans, to achieve some common goals. In near future IoT is expected to be seamlessly integrated into our environment and human will be wholly solely dependent on this technology for comfort and easy life style. Any security compromise of the system will directly affect human life. Therefore security and privacy of this technology is foremost important issue to resolve. In this paper we present a thorough study of security problems in IoT and classify possible cyberattacks on each layer of IoT architecture. We also discuss challenges to traditional security solutions such as cryptographic solutions, authentication mechanisms and key management in IoT. Device authentication and access controls is an essential area of IoT security, which is not surveyed so far. We spent our efforts to bring the state of the art device authentication and access control techniques on a single paper.