Showing papers by "Ata Ullah published in 2018"

A Lightweight Digital Signature Based Security Scheme for Human-Centered Internet of Things

Abstract: Internet of Things (IoT) comprises of large number of smart devices that can exchange sensed data by availing online services. Smart devices can directly interact with the human beings for sensing the healthcare parameters and transmitting to a central repository. During the data exchange, it is mandatory to secure the messages between sender and receiver to handle the malicious human based attacks. For providing secure communication, a number of signature-based schemes are explored in literature but smart devices need more lightweight operations by ensuring desired security strengths. The main problem during signature based approaches is the computational overhead due to large real numbers required for signature and verification processes. This paper presents a light weight shortened complex digital signature algorithm for providing secure communication between smart devices in human centered IoT. We have used less extensive operations to achieve signature and verification processes like human beings do signatures on legal documents and verify later as per witness. We have also presented a multi-option parameter selection to use a signature-verification pair of expressions at particular index by adopting the common practice of human beings for using different signatures as per document criticality level. It enhances the security strength to guard against traffic analysis attacks. We have developed an experimental setup where a number of cell phones and smart devices are considered for secure communication using existing and proposed digital signature schemes. Results demonstrate the supremacy of our scheme as compared to preliminaries.

Physical Unclonable Function Based Authentication Scheme for Smart Devices in Internet of Things

Abstract: Internet of Things (IoT) comprises of huge number of connected smart devices to exchange sensed data across different networks. With the rapid growth in security applications development, Physical Unclonable Functions (PUF) has gain interest of researchers. PUF exploits the random factors of IC manufacturing process to generate a variety of mismatches. It helps to generate different unique challenge-response pairs to store in repository and then use for secure associations between the smart devices in IoT. Memory based and Analog electronic based PUFs are mostly used for providing dependable security where MOS transistors based PUF achieve a large variety of mismatches with smaller sizes as compared to others. This paper presents a PUF based Authentication Scheme (PAS) along session keying in order to ensure the secure interaction among smart devices in IoT. We have also proposed the registration and authentication mechanism along with session keying based on challenge-response pair. Next, we present the secure command execution protocol among requesting devices, gateway and smart devices. To validate our work, we have setup a testbed and compared the existing schemes with our proposed PAS in terms of communication overhead during authentication and resilience against device capturing. Results ensure the supremacy of proposed approach over the counterparts.

Reputation-Aware Trust and Privacy-Preservation for Mobile Cloud Computing

Abstract: Mobile Cloud Computing (MCC) is getting growing interest due to its wide applicability in variety of social, industrial, and commercial mobile applications. Mobile and smart devices can share complex computational operations with Cloud Service Providers (CSPs). It also provides storage, access polices enforcement, and security operations. In many cases, CSP requires services from crowd contributors CC s for data collection, sharing, and mobile application support. It requires trust management for CC s to guard against malicious CC s and ensure security and privacy of data. However, end users or data requesters also demand reliable security solutions for sharing their data or accessing data from unknown CC s. To ensure strong security, mobile devices are not computationally feasible to perform complex cryptographic operations for desired privacy. To resolve these issues, we propose Reputation-aware Trust and Privacy Preservation scheme for MCC. In first phase, we deal with the trust management by utilizing reputation aware selection of CC s and leverage cloud services where CSP maintains trust score for CC s and data requesters. In second phase, we manage privacy preservation by using our proposed Anonymous Secure-shell Ciphertext-policy Attribute Based Encryption (AS-CABE). We have also proposed a hybrid policy tree mechanism for dynamic attribute selection used for security solutions and key management. Next, an anonymous secure shell is maintained between the CC s and the crowd servers to ensure registration after approval from trusted authority. In the similar vein, we propose outsourced encryption and decryption mechanism for mobiles that further utilize encryption and decryption service providers for complex operations. To the best of our knowledge, we are the first one to deal with the trust issues of data requester and privacy concerns of CC s and users both at the same time. After that, we have presented the security analysis to analyze AS-CABE against security attacks. Finally, the results are presented that ensure the supremacy of our proposed scheme as compared to counterparts in terms of reputation score, storage, computation, trust, resilience, encryption, and decryption time.

FoG Assisted Secure De-duplicated Data Dissemination in Smart Healthcare IoT

Abstract: With the rapid enhancement of medical sensors, it has gain growing interest to explore the Healthcare Internet of Things (H-IoT) due to its wide applicability for patient's health monitoring It involves a large quantity of smart devices for sensing health parameters including temperature, heartbeat, blood pressure and patient mobility The medial sensing devices are connected with a somehow more powerful device like cell phone to exchange health parameters based data to central repositories at cloud During data aggregation process, the collector nodes receive duplicate values that should be eliminated to reduce communication overheads Due to sensitive nature of data, it must provide the secure data exchange to guard against various security attacks To resolve these issues, we have presented a Secure De-duplicated Data Dissemination (S-DDD) scheme for healthcare IoT scenario using FoG servers at the edge of the network To remove redundancy, we have also proposed a lightweight de-duplication mechanism that includes adaptive chunking algorithm (ACA) for identifying the cut-point between two windows Moreover, we propose a symmetric key based encryption mechanism for healthcare data exchange from smart devices towards a collector node We have simulated our work using NS-235 Results prove the supremacy of our scheme over counterparts in terms of cut-point identification failure, fixed and variable length chunk size

Cyber-Syndrome and its Formation, Classification, Recovery and Prevention

Abstract: The revolutionary change in information and communication technology has made the people’s lives much convenient more than ever before. But it has affected the human’s physical and mental health as well as community’s social connectivity. Cybersyndrome is the physical, social, and mental disorders that affect the human being due to the excessive interaction with the cyberspace. Many previous works have discussed the role that the technology plays in the development of specific disorders, such as Internet addiction disorder or gaming addiction disorder. However, none of these works have explored the effects of excessive interaction with the cyberspace on the people’s lives as a whole and its impact on the social connectivity of the community. Therefore, in this paper, we have presented the formation stages, classification, recovery, and prevention methods of cybersyndrome. We have explored the impact of cybersyndrome in physical, social, and thinking spaces and its future implications and complications.

Reputation-Aware Recruitment and Credible Reporting for Platform Utility in Mobile Crowd Sensing with Smart Devices in IoT.

Abstract: The Internet of things (IoT) comprises a huge collection of electronic devices connected to the Internet to ensure the dependable exchange of sensing information. It involves mobile workers (MWs) who perform various activities to support enormous online services and applications. In mobile crowd sensing (MCS), a massive amount of sensing data is also generated by smart devices. Broadly, in the IoT, verifying the credibility and truthfulness of MWs' sensing reports is needed for MWs to expect attractive rewards. MWs are recruited by paying monetary incentives that must be awarded according to the quality and quantity of the task. The main problem is that MWs may perform false reporting by sharing low-quality reported data to reduce the effort required. In the literature, false reporting is improved by hiring enough MWs for a task to evaluate the trustworthiness and acceptability of information by aggregating the submitted reports. However, it may not be possible due to budget constraints, or when malicious reporters are not identified and penalized properly. Recruitment is still not a refined process, which contributes to low sensing quality. This paper presents Reputation, Quality-aware Recruitment Platform (RQRP) to recruit MWs based on reputation for quality reporting with the intention of platform profit maximization in the IoT scenario. RQRP comprises two main phases: filtration in the selection of MWs and verifying the credibility of reported tasks. The former is focused on the selection of suitable MWs based on different criteria (e.g., reputation, bid, expected quality, and expected platform utility), while the latter is more concerned with the verification of sensing quality, evaluation of reputation score, and incentives. We developed a testbed to evaluate and analyze the datasets, and a simulation was performed for data collection scenario from smart sensing devices. Results proved the superiority of RQRP against its counterparts in terms of truthfulness, quality, and platform profit maximization. To the best of our knowledge, we are the first to study the impact of truthful reporting on platform utility.

Trust Management Schemes for Secure Routing in VANETs — A Survey

Abstract: With the dynamic growth of smart devices and connectivity with vehicles, researchers are getting growing interest due to variety of enormous application scenarios. Vehicular ad hoc networks (VANETs) comprises of huge number of vehicles and roadside units that communicate with each other in several realtime scenarios and internet application services. Security in VANET is more crucial, because of different network layers and trusting on unknown intermediate vehicles. There is critical demand of efficient trust management for VANETs, because it prevents fabricated information directed by suspicious nodes connected to the network. A number of factors including lack of infrastructure, autonomous modules, auto-pilot support and dynamic topology due to mobility can result in hardening the reliable trust management solutions. In this paper, we present a comprehensive overview of trust management schemes for routing protocols. This survey specifically elaborates Trust management approaches applicable for secure release of information for real time application services. Moreover, these schemes are analyzed and presented in a tabular form to highlight the concept, methodology, algorithm, QoS and performance capabilities. It can help the researcher in this field to quickly identify the weak and strong features of schemes. We have also provided categorical discussion for comparative overview. As a finals task, we have identified open research challenges.

Distributed Multiparty Key Management for Efficient Authentication in the Internet of Things

Abstract: With the inclusion of mobile devices and ubiquitous connectivity of smart devices in Internet of Things, secure key management is mandatory to ensure privacy for information exchange. In this regard, the multiparty key establishment schemes achieve better security strength by taking shared parameters from neighboring member nodes to calculate the key. The similar multiparty mechanism can be adopted among other hierarchical nodes, including head node, server and gateway node. Moreover, session keys can also be set up in a similar manner. The main problem in multiparty password-based authentication schemes is the computation of extensively hard problem that limits it to three parties and N-party is quite more complex or infeasible. This paper presents a novel distributed multiparty keying scheme where chaotic maps are used to provide one-way hashing and Chebyshev polynomial are used for establishing a common multiparty key. In this paper, Phase-I covers keying among trusted server and group heads and Phase-II elaborates the key establishment among smart devices and their group heads. The scheme is verified through the formal specification and security analysis using Rubin Logic for inter-group key establishment scenario. We have validated the intra-group and inter-group key establishment by doing extensive simulations in NS 2.35. Moreover, a test bed is setup for group head to server level authentication and key establishment. Results prove the supremacy of our scheme as compared with preliminaries in terms of computation cost, communication cost, and resilience.

Fog-assisted Congestion Avoidance Scheme for Internet of Vehicles

Abstract: Recently, Internet of Vehicles (IoVs) is getting growing interest because of their suitability for a wide range of emerging applications. Most of these applications require vehicles to continuously update their information to a centralized location in order to gain various services. However, frequent transmission of messages by an abundance number of vehicles may not only overwhelm a centralized server but also causes a huge congestion which might disrupt various services including emergency situations. The aim of this research is to minimize congestion and messaging delay. This paper presents a fog-assisted congestion avoidance scheme for IoV named Energy Efficient Message Dissemination (E2MD). To capitalize the merits of fog computing and minimize latency, E2MD opts a distributed approach by employing a fog server to complement services in IoVs. In E2MD, vehicles continuously update their status to a fog server either directly or through intermediate nodes. The performance of the proposed scheme is validated through NS 2.35 simulations. Simulation results confirm the performance supremacy of E2MD compared to contemporary schemes in terms of end-to-end delay and messaging cost.

Survey of Requirement Management Techniques for Safety Critical Systems

Abstract: Safety Critical Systems (SCS) are critical in organizing requirements and that's why needs appropriate requirement engineering. Requirements that are not completely understood and defined are the primary cause for safety related problems. In order to accomplish the task of eliminating chances of mismanaged requirement engineering. We have sorted out approaches of improvised communication between Requirement Engineering (RE) and SCS in Safety Engineering. We have analyzed activities and techniques that should be performed by RE during safety analysis. Moreover, specified tools are explored that are used for analysis. We have focuses on systematic literature review for SCS where main focus is on mandatory safety concerns. Schemes are analyzed as per research questions to identify that which schemes consider these questions in three conditions including satisfactory, partial or not handled. We have selected a large number of articles from different publishers and then identified the articles with duplicate features. Finally we have selected a set of articles after eliminating duplicate ones and then evaluated these schemes as per research questions. We have concluded that requirement completeness, strong need for standard safety analysis tool and compliance with safety standards are mandatory to meet safety requirements during RE process.

Synergy between Communication, Computing, and Caching for Smart Sensing in Internet of Things.

Abstract: Internet of Things (IoT) is composed of a large number of devices that are connected to the Internet and can exchange information regarding different applications including healthcare, transportation, and agriculture. In IoT, the information and communication technology refers to the involvement of computing to reduce the communication costs for information sharing along with managing the storage capabilities. It becomes more interesting and challenging by involving the concept of caching for optimization that can also be perfectly mapped to improve sensing capabilities. This paper presents the impact of Computing, Communication, and Caching (CCC) over the smart sensing capabilities to highlight the possible opportunities for this convergence in recent enabling technologies including 5G, cloud, fog and edge computing based networks. In this regard, different technologies have been identified that help solving bottlenecks during smart sensing operations by a large number of physical devices in IoT. We have investigated that how the convergence of CCC can improve the smart IoT sensing. A number of requirements for smart IoT based sensing are identified. Moreover, new challenges are identified that cause limited services for IoT applications due to sensing limitation of current and future convergence in IoT enabling technologies.