Lightweight Multifactor Authentication Scheme for NextGen Cellular Networks

With increased interest in 6G (6th Generation) cellular networks that can support intelligently small-cell communication will result in effective device-to-device (D2D) communication. High throughput requirement in 5G/6G cellular technology requires each device to act as intelligent transmission relays. Inclusion of such intelligence relays and support of quantum computing at D2D may compromise existing security mechanisms and may lead towards primitive attacks such as impersonation attack, rouge device attack, replay attack, MITM attack, and DoS attack. Thus, an effective yet lightweight security scheme is required that can support existing low computation devices and can address the challenges that 5G/6G poses. This paper proposes a Lightweight ECC (elliptic curve cryptography)-based Multifactor Authentication Protocol (LEMAP) for miniaturized mobile devices. LEMAP is the extension of our previous published work TLwS (trust-based lightweight security scheme) which utilizes ECC with Elgamal for achieving lightweight security protocol, confidentiality, integrity, and non-repudiation. Multi-factor Authentication is based on OTP (Biometrics, random number), timestamp, challenge, and password. This scheme has mitigated the above-mentioned attacks with significantly lower computation cost, communication cost, and authentication overhead. We have proven the correctness of the scheme using widely accepted Burrows-Abadi-Needham (BAN) logic and analyzed the performance of the scheme by using a simulator. The security analysis of the scheme has been conducted using the Discrete Logarithm Problem to verify any quantum attack possibility. The proposed scheme works well for 5G/6G cellular networks for single and multihop scenarios.

View this article on IEEE Xplore

 

Security and Privacy in Smart Farming: Challenges and Opportunities

Internet of Things (IoT) and smart computing technologies have revolutionized every sphere of 21 st century humans. IoT technologies and the data driven services they offer were beyond imagination just a decade ago. Now, they surround us and influence a variety of domains such as automobile, smart home, healthcare, etc. In particular, the Agriculture and Farming industries have also embraced this technological intervention. Smart devices are widely used by a range of people from farmers to entrepreneurs. These technologies are used in a variety of ways, from finding real-time status of crops and soil moisture content to deploying drones to assist with tasks such as applying pesticide spray. However, the use of IoT and smart communication technologies introduce a vast exposure to cybersecurity threats and vulnerabilities in smart farming environments. Such cyber attacks have the potential to disrupt the economies of countries that are widely dependent on agriculture. In this paper, we present a holistic study on security and privacy in a smart farming ecosystem. The paper outlines a multi layered architecture relevant to the precision agriculture domain and discusses the security and privacy issues in this dynamic and distributed cyber physical environment. Further more, the paper elaborates on potential cyber attack scenarios and highlights open research challenges and future directions.

View this article on IEEE Xplore

 

Prediction of Re-Occurrences of Spoofed ACK Packets Sent to Deflate a Target Wireless Sensor Network Node by DDOS

The Wireless Sensor Network (WSN) has evolved into a new IoT scheme, and its adoption has no restrictions at present. Sadly, security has an impact on the network of wireless sensors, and Denial-of-Service (DOS) categories of attacks are security concerns. This study therefore focuses on the distributed denial of service (DDOS), especially on DDoS-PSH-ACK (ACK & PUSH ACK Flood) in WSN. An experimental analysis was developed to predict that many spoofed ACK packets were reoccurring in order to deflate the target node. In the proposed approach, several experimental scenarios for the DDOS detection function were established and implemented. The experimental analysis draws traffic flow within the several transmission sessions involving “the normal transmission within sensor nodes and cluster head”, as well as the “transmission and retransmission scenarios within the sensor nodes and cluster head” at same time with different signal sizes. The main contribution of the paper is predicting DDoS attack by variability of transmission behavior with high degree accuracy. It was established that the most ideal delay between transmissions is 23 milliseconds in order to ensure that the receiving end is not overwhelmed. The result of the current study highlighted that when transmission session gets overwhelmed, that influence DDOS success.

View this article on IEEE Xplore

 

Reverse Engineering of Intel Microcode Update Structure

Microcode update mechanism have been widely used in modern processors. Due to the implementation details are not public, researchers are prevented from gaining any sort of further understanding currently. The microcode update binary which uploaded into Central Processing Unit (CPU) is the only accessible node in this update chain by researchers, but previous manual reverse analysis for a small amount of microcode updates has the disadvantages of incomplete coverage, slow speed, and low accuracy. Therefore, we first build a Sample Repository containing 504 Intel official microcode updates, then propose a semiautomatic analytical method named SJNW-MA to analyze samples. This work has the following merits: (1) automatic methods of similarity analysis and candidate feature mining improve the speed; (2) manual-assisted analysis based on expert knowledge can filter important features, to avoid redundant features or valuable common data blocks missing; (3) analysis for 504 microcode updates make the results of reverse engineering are more complete. Finally, we extract eleven structures of Intel microcode updates and group them into four categories. In addition, we also identify and describe some new metadata in microcode updates of the third and the fourth category, including a new 3072-bit RSA Modulus as well as corresponding RSA Exponent which indicates upgrade of security technology inside update mechanism.

View this article on IEEE Xplore

Improving Predictability of User-Affecting Metrics to Support Anomaly Detection in Cloud Services

Anomaly detection systems aim to detect and report attacks or unexpected behavior in networked systems. Previous work has shown that anomalies have an impact on system performance, and that performance signatures can be effectively used for implementing an IDS. In this paper, we present an analytical and an experimental study on the trade-off between anomaly detection based on performance signatures and system scalability. The proposed approach combines analytical modeling and load testing to find optimal configurations for the signature-based IDS. We apply a heavy-tail bi-modal modeling approach, where “long” jobs represent large resource consuming transactions, e.g., generated by DDoS attacks; the model was parametrized using results obtained from controlled experiments. For performance purposes, mean response time is the key metric to be minimized, whereas for security purposes, response time variance and classification accuracy must be taken into account. The key insights from our analysis are: (i) there is an optimal number of servers which minimizes the response time variance, (ii) the sweet-spot number of servers that minimizes response time variance and maximizes classification accuracy is typically smaller than or equal to the one that minimizes mean response time. Therefore, for security purposes, it may be worth slightly sacrificing performance to increase classification accuracy.

View this article on IEEE Xplore

Federating Cloud Systems for Collaborative Construction and Engineering

The construction industry has undergone a transformation in the use of data to drive its processes and outcomes, especially with the use of Building Information Modelling (BIM). In particular, project collaboration in the construction industry can involve multiple stakeholders (architects, engineers, consultants) that exchange data at different project stages. Therefore, the use of Cloud computing in construction projects has continued to increase, primarily due to the ease of access, availability and scalability in data storage and analysis available through such platforms. Federation of cloud systems can provide greater flexibility in choosing a Cloud provider, enabling different members of the construction project to select a provider based on their cost to benefit requirements. When multiple construction disciplines collaborate online, the risk associated with project failure increases as the capability of a provider to deliver on the project cannot be assessed apriori. In such uncontrolled industrial environments, “trust” can be an efficacious mechanism for more informed decision making adaptive to the evolving nature of such multi-organisation dynamic collaborations in construction. This paper presents a trust based Cooperation Value Estimation (CoVE) approach to enable and sustain collaboration among disciplines in construction projects mainly focusing on data privacy, security and performance. The proposed approach is demonstrated with data and processes from a real highway bridge construction project describing the entire selection process of a cloud provider. The selection process uses the audit and assessment process of the Cloud Security Alliance (CSA) and real world performance data from the construction industry workloads. Other application domains can also make use of this proposed approach by adapting it to their respective specifications. Experimental evaluation has shown that the proposed approach ensures on-time completion of projects and enhanced

View this article on IEEE Xplore

Blockchain-Enabled Trustworthy Systems

Submission Deadline: 01 April 2020

IEEE Access invites manuscript submissions in the area of Blockchain-Enabled Trustworthy Systems.

We are enjoying the benefits brought about by the accelerated development of computing systems and Internet. However, we are also suffering from a number of security and privacy vulnerabilities caused by the increasing system complexity, heterogeneity, dynamicity and decentralized nature. These security and privacy vulnerabilities may prevent the wide adoption of Information and communications technology (ICT) technologies. Therefore, trust management has become a crucial aspect in developing trustworthy systems with the preservation of security and privacy.

From the Oxford dictionary, the term blockchain is defined as “A system in which a record of transactions made in bitcoin or another cryptocurrency are maintained across several computers that are linked in a peer-to-peer network.” The recent advances in blockchain technologies bring opportunities to fully realize trustworthy systems. In particular, blockchain technologies can enable anonymous and trustful transactions in decentralized and trustless environments. As a result, blockchain-enabled trust management can help to reduce system risks, mitigate financial fraud and cut down operational cost of computing systems. Blockchain-enabled trustworthy systems can apply to diverse areas, such as financial services, social management, internet of things and supply chain management. Therefore, blockchains can potentially enable trustworthy systems, though there are a number of research issues to be solved before the formal adoption of blockchains to trustworthy systems.

This Special Section of IEEE Access will solicit high-quality, original contributions.  The topics of interest include, but are not limited to:

  • Theories and algorithms for blockchain-enabled trust management
  • Scalability and fault tolerance mechanisms for trustworthy systems
  • Platform development for blockchain-enabled trustworthy systems
  • Smart contracts for blockchain-enabled trust management and trustworthy systems
  • Security, privacy, safety, and risk management for trustworthy systems
  • Blockchain-based trustworthy applications
  • Security, privacy and trust for blockchain
  • Blockchain for trusted social management
  • Blockchain for big data in trustworthy systems
  • Blockchain for trusted service computing
  • Blockchain for trusted industrial systems
  • Blockchain for trusted cloud computing
  • Blockchain for trusted Internet of Things
  • Algorithms, architecture, framework, design patterns and techniques for trustworthy systems
  • Metrics and measurement for trustworthy systems
  • Quality assurance, maintenance and reverse engineering for trustworthy systems
  • Verification, validation, testing, and analysis for trustworthy systems
  • Communication, networking, optimization, and performance for trustworthy systems
  • Empirical studies, benchmarking, and industrial best practices for trustworthy systems
  • Service-based trustworthy systems
  • Other emerging ideas and solutions for blockchain and trustworthy systems.

We also highly recommend the submission of multimedia with each article as it significantly increases the visibility, downloads, and citations of articles.

 

Associate Editor: Hong-Ning Dai, Macau University of Science and Technology, Macau

Guest Editors:

    1. Sabita Maharjan, Simula Metropolitan Center for Digital Engineering, Norway
    2. Zibin Zheng, Sun Yat-sen University, China
    3. Patrick C. K. Hung, Ontario Tech University, Canada
    4. Quanqing Xu, Ant Financial Services Group and Blockchain lab, DAMO Academy, China
    5. Wen Sun, Northwestern Polytechnical University, China

 

Relevant IEEE Access Special Sections:

  1. Research Challenges and Opportunities in Security and Privacy of Blockchain Technologies
  2. Internet-of-Things (IoT) Big Data Trust Management
  3. Security and Trusted Computing for Industrial Internet of Things


IEEE Access Editor-in-Chief:
  Prof. Derek Abbott, University of Adelaide

Article submission: Contact Associate Editor and submit manuscript to:
http://ieee.atyponrex.com/journal/ieee-access

For inquiries regarding this Special Section, please contact:  hndai@ieee.org.

On the Automated Management of Security Incidents in Smart Spaces

 

The proliferation of smart spaces, such as smart buildings, is increasing opportunities for offenders to exploit the interplay between cyber and physical components, in order to trigger security incidents. Organizations are obliged to report security incidents to comply with recent data protection regulations. Organizations can also use incident reports to improve security of the smart spaces where they operate. Incident reporting is often documented in structured natural language. However, reports often do not capture relevant information about cyber and physical vulnerabilities present in a smart space that are exploited during an incident. Moreover, sharing information about security incidents can be difficult, or even impossible, since a report may contain sensitive information about an organization. In previous work, we provided a meta-model to represent security incidents in smart spaces. We also developed an automated approach to share incident knowledge across different organizations. In this paper we focus on incident reporting. We provide a System Editor to represent smart buildings where incidents can occur. Our editor allows us to represent cyber and physical components within a smart building and their interplay. We also propose an Incident Editor to represent the activities of an incident, including -for each activity- the target and the resources exploited, the location where the activity occurred, and the activity initiator. Building on our previous work, incidents represented using our editor can be shared across various organizations, and instantiated in different smart spaces to assess how they can re-occur. We also propose an Incident Filter component that allows viewing and prioritizing the most relevant incident instantiations, for example, involving a minimum number of activities. We assess the feasibility of our approach in assisting incident reporting using an example of a security incident that occurred in a research center.

View this article on IEEE Xplore

Security and Privacy in Emerging Decentralized Communication Environments

Submission Deadline: 30 September 2019

IEEE Access invites manuscript submissions in the area of Security and Privacy in Emerging Decentralized Communication Environments.

Modern, decentralized digital communication environments are changing with the availability of new technologies, and the development of new, real-world applications, which lead to novel challenges in security, such as: 5G/6G mobile applications, smart Internet of Things (IoT) devices, big data applications, and cloud systems. Mobile – cloud architecture is emerging as 5G /6G mobile IoT devices are generating large volumes of data, which need cloud infrastructure to process. Many IoT systems and cloud systems are decentralized and Blockchain is emerging in decentralized networks. The increasing interdependence of IT solutions accepted by society has led to a sharp increase in data. As a result, chances of data leakage or privacy infringement also increase, along with the need for new solutions for digital security and privacy protection.

This Special Section in IEEE Access aims to report highlighted security and privacy research in modern, decentralized digital communication environments. The Special Section invites experts and scholars in the fields of digital security, so that readers can keep abreast of the latest developments in the industry, and master the latest security technologies. The Special Section will support industry researchers working with emerging decentralized communication environments to solve real-world security problems. This Special Section will focus on relevant emerging digital security and privacy protection solutions.

The topics of interest include, but are not limited to:

  • Security and privacy in 5G /6G mobile / wireless networks
  • Security and privacy in the smart mobile Internet of Things
  • Security and privacy in Blockchain based decentralized networks
  • Security and privacy in 5G vehicular network
  • Security and privacy in 5G device to device communications
  • Security and privacy for big data in cloud applications

We also highly recommend the submission of multimedia with each article as it significantly increases the visibility, downloads, and citations of articles.

 

Associate Editor:   Xiaochun Cheng, Middlesex University, UK

Guest Editors:

  1.   Zheli Liu, Nankai University, China
  2.   James Xiaojiang Du, Temple University, USA
  3.   Shui Yu,   University of Technology Sydney, Australia
  4.  Leonardo Mostarda, Università di Camerino, Italy

 

Relevant IEEE Access Special Sections:

  1. Advances in Prognostics and System Health Management
  2. Smart Caching, Communications, Computing and Cybersecurity for Information-Centric Internet of Things
  3. D2D Communications: Security Issues and Resource Allocation


IEEE Access Editor-in-Chief:
  Prof. Derek Abbott, University of Adelaide

Paper submission: Contact Associate Editor and submit manuscript to:
http://ieee.atyponrex.com/journal/ieee-access

For inquiries regarding this Special Section, please contact: X.Cheng@mdx.ac.uk.