Secure Neighbor Discovery as a Service in the Internet of Ships Environment

IF 5.8 2区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS IEEE Transactions on Services Computing Pub Date : 2024-06-03 DOI:10.1109/TSC.2024.3407516

Ming Xu;Ling Liu

{"title":"Secure Neighbor Discovery as a Service in the Internet of Ships Environment","authors":"Ming Xu;Ling Liu","doi":"10.1109/TSC.2024.3407516","DOIUrl":null,"url":null,"abstract":"Ships as moving vehicles have intermittent connectivity and are connected to one another via ad-hoc networks with directional antennas. We refer to such Internet of Ships as IoSNET. Neighbor discovery (ND) is a fundamental requirement and a building block in an IoSNET. However, existing directional antenna-based ND protocols are known to be vulnerable under multi-end wormhole attacks. By analyzing such vulnerabilities, we propose a Directional Antennas powered SEcure Neighbor Discovery protocol, coined as \n<sc>DASEND</small>\n, for protecting IoSNET against two-end and multi-end wormhole attacks. The \n<sc>DASEND</small>\n protocol is novel in two aspects. First, we construct two timing constraints for detecting the wormhole attacks using a linear clock model without strict time synchronization and propose a message authentication mechanism for ensuring the security of the time stamps. Second, we propose a virtual grid structure to model the relative locations of transmitters jointly using their direction-of-arrival (DOA) and received signal strength (RSS) values. Based on this model, we propose a beam state-based steering approach to shorten the discovery latency of the ND process. Extensive experiments through IoSNET simulations demonstrate the effectiveness of our \n<sc>DASEND</small>\n protocol for delivering secure neighbor discovery as a service in the Internet of Ships environment under different movement scenarios.","PeriodicalId":13255,"journal":{"name":"IEEE Transactions on Services Computing","volume":"17 5","pages":"2807-2821"},"PeriodicalIF":5.8000,"publicationDate":"2024-06-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Transactions on Services Computing","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/10546269/","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

Ships as moving vehicles have intermittent connectivity and are connected to one another via ad-hoc networks with directional antennas. We refer to such Internet of Ships as IoSNET. Neighbor discovery (ND) is a fundamental requirement and a building block in an IoSNET. However, existing directional antenna-based ND protocols are known to be vulnerable under multi-end wormhole attacks. By analyzing such vulnerabilities, we propose a Directional Antennas powered SEcure Neighbor Discovery protocol, coined as DASEND , for protecting IoSNET against two-end and multi-end wormhole attacks. The DASEND protocol is novel in two aspects. First, we construct two timing constraints for detecting the wormhole attacks using a linear clock model without strict time synchronization and propose a message authentication mechanism for ensuring the security of the time stamps. Second, we propose a virtual grid structure to model the relative locations of transmitters jointly using their direction-of-arrival (DOA) and received signal strength (RSS) values. Based on this model, we propose a beam state-based steering approach to shorten the discovery latency of the ND process. Extensive experiments through IoSNET simulations demonstrate the effectiveness of our DASEND protocol for delivering secure neighbor discovery as a service in the Internet of Ships environment under different movement scenarios.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

船舶互联网环境中的安全邻居发现服务

船舶作为移动的交通工具，其连接时断时续，并通过带有定向天线的临时网络相互连接。我们将这种船舶互联网称为 IoSNET。邻居发现（ND）是 IoSNET 的基本要求和组成部分。然而，已知现有的基于定向天线的 ND 协议容易受到多端虫洞攻击。通过分析这些漏洞，我们提出了一种定向天线供电的安全邻居发现协议（被称为 DASEND），用于保护 IoSNET 免受两端和多端的虫洞攻击。DASEND 协议在两个方面具有创新性。首先，我们利用线性时钟模型构建了两个用于检测虫洞攻击的时序约束，无需严格的时间同步，并提出了一种消息认证机制，以确保时间戳的安全性。其次，我们提出了一种虚拟网格结构，利用发射机的到达方向（DOA）和接收信号强度（RSS）值来共同模拟发射机的相对位置。基于这一模型，我们提出了一种基于波束状态的转向方法，以缩短 ND 进程的发现延迟。通过 IoSNET 仿真进行的大量实验证明，我们的 DASEND 协议能在不同的移动场景下，在芯片互联网环境中提供安全的邻居发现服务。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

IEEE Transactions on Services Computing COMPUTER SCIENCE, INFORMATION SYSTEMS-COMPUTER SCIENCE, SOFTWARE ENGINEERING

CiteScore

11.50

自引率

6.20%

发文量

278

审稿时长

>12 weeks

期刊介绍： IEEE Transactions on Services Computing encompasses the computing and software aspects of the science and technology of services innovation research and development. It places emphasis on algorithmic, mathematical, statistical, and computational methods central to services computing. Topics covered include Service Oriented Architecture, Web Services, Business Process Integration, Solution Performance Management, and Services Operations and Management. The transactions address mathematical foundations, security, privacy, agreement, contract, discovery, negotiation, collaboration, and quality of service for web services. It also covers areas like composite web service creation, business and scientific applications, standards, utility models, business process modeling, integration, collaboration, and more in the realm of Services Computing.