Pub Date : 2018-02-01DOI: 10.1109/NTMS.2018.8328695
I. Kabin, Z. Dyka, D. Kreiser, P. Langendörfer
With the advent of the Internet of Things security features become more and more important. Especially data integrity and authentication of its origin are of utmost importance. Digital signatures are a well-known means to provide these features. In this paper we detail our horizontal DEMA attack against a hardware implementation of the Montgomery kP algorithm for the NIST elliptic curve B-233. We apply the attack successfully against the ECDSA algorithm. In the past vertical attacks exploiting the key dependable activity of the bus and addressing of registers have been published. In contrast to those attacks we performed a horizontal attack exploiting the same phenomena using a single trace of electromagnetic emanations.
{"title":"Horizontal Address-Bit DEMA against ECDSA","authors":"I. Kabin, Z. Dyka, D. Kreiser, P. Langendörfer","doi":"10.1109/NTMS.2018.8328695","DOIUrl":"https://doi.org/10.1109/NTMS.2018.8328695","url":null,"abstract":"With the advent of the Internet of Things security features become more and more important. Especially data integrity and authentication of its origin are of utmost importance. Digital signatures are a well-known means to provide these features. In this paper we detail our horizontal DEMA attack against a hardware implementation of the Montgomery kP algorithm for the NIST elliptic curve B-233. We apply the attack successfully against the ECDSA algorithm. In the past vertical attacks exploiting the key dependable activity of the bus and addressing of registers have been published. In contrast to those attacks we performed a horizontal attack exploiting the same phenomena using a single trace of electromagnetic emanations.","PeriodicalId":140704,"journal":{"name":"2018 9th IFIP International Conference on New Technologies, Mobility and Security (NTMS)","volume":"30 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123278116","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2018-02-01DOI: 10.1109/NTMS.2018.8328721
E. D. Ayele, N. Meratnia, P. Havinga
In this paper we introduce an opportunistic dual radio IoT network architecture for wildlife monitoring systems (WMS). Since data processing consumes less energy than transmitting the raw data, the proposed architecture leverages opportunistic mobile networks in a fixed LPWAN IoT network infrastructure. This solution will facilitate an IoT devices to be deployed for ultra-low power and sustainable wildlife monitoring applications. As part of the IoT infrastructure, a LoRa based network is presented with coverage characterization and preliminary test bed deployment for wildlife tracking purpose. In addition, through simulation, the utilization of existing BLE based opportunistic data collection protocols for the proposed architecture is investigated.
{"title":"Towards a New Opportunistic IoT Network Architecture for Wildlife Monitoring System","authors":"E. D. Ayele, N. Meratnia, P. Havinga","doi":"10.1109/NTMS.2018.8328721","DOIUrl":"https://doi.org/10.1109/NTMS.2018.8328721","url":null,"abstract":"In this paper we introduce an opportunistic dual radio IoT network architecture for wildlife monitoring systems (WMS). Since data processing consumes less energy than transmitting the raw data, the proposed architecture leverages opportunistic mobile networks in a fixed LPWAN IoT network infrastructure. This solution will facilitate an IoT devices to be deployed for ultra-low power and sustainable wildlife monitoring applications. As part of the IoT infrastructure, a LoRa based network is presented with coverage characterization and preliminary test bed deployment for wildlife tracking purpose. In addition, through simulation, the utilization of existing BLE based opportunistic data collection protocols for the proposed architecture is investigated.","PeriodicalId":140704,"journal":{"name":"2018 9th IFIP International Conference on New Technologies, Mobility and Security (NTMS)","volume":"52 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114169551","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2018-02-01DOI: 10.1109/NTMS.2018.8328736
Runchao Han, V. Gramoli, Xiwei Xu
As proof-of-work blockchains are inherently energy greedy and offer probabilistic guarantees, blockchains based on Byzantine consensus appear as a promising technology to track billions of connected devices. In this paper, we evaluate the performance of prominent blockchains that solve the classic Byzantine consensus problem. Our results show that while offering reasonable throughput their performance usually do not scale to tens of devices and drops dramatically as the number of devices increases. This study motivates the need for solutions that solves the Blockchain consensus problem, a scalable variant of the classic Byzantine consensus problem but dedicated to blockchains.
{"title":"Evaluating Blockchains for IoT","authors":"Runchao Han, V. Gramoli, Xiwei Xu","doi":"10.1109/NTMS.2018.8328736","DOIUrl":"https://doi.org/10.1109/NTMS.2018.8328736","url":null,"abstract":"As proof-of-work blockchains are inherently energy greedy and offer probabilistic guarantees, blockchains based on Byzantine consensus appear as a promising technology to track billions of connected devices. In this paper, we evaluate the performance of prominent blockchains that solve the classic Byzantine consensus problem. Our results show that while offering reasonable throughput their performance usually do not scale to tens of devices and drops dramatically as the number of devices increases. This study motivates the need for solutions that solves the Blockchain consensus problem, a scalable variant of the classic Byzantine consensus problem but dedicated to blockchains.","PeriodicalId":140704,"journal":{"name":"2018 9th IFIP International Conference on New Technologies, Mobility and Security (NTMS)","volume":"423 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121825425","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2018-02-01DOI: 10.1109/NTMS.2018.8328670
M. Lahby, A. Sekkaki
The major trend in heterogeneous wireless networks is determining the best access network for the end user in terms of quality of service (QoS)and providing ubiquitous connectivity during the network selection transition. In this paper, we propose a new mechanism based on graph theory for the selection of the best path for network selection decision. We carry out experiments evaluation on a testbed by using mininet, to demonstrate the efficacy of our proposed mechanism as compared to conventional network selection algorithms. Our experimental results show that our proposed mechanism can achieve a significant performance in terms of QoS metrics for two services FTP and video streaming.
{"title":"A Graph Theory Based Network Selection Algorithm in Heterogeneous Wireless Networks","authors":"M. Lahby, A. Sekkaki","doi":"10.1109/NTMS.2018.8328670","DOIUrl":"https://doi.org/10.1109/NTMS.2018.8328670","url":null,"abstract":"The major trend in heterogeneous wireless networks is determining the best access network for the end user in terms of quality of service (QoS)and providing ubiquitous connectivity during the network selection transition. In this paper, we propose a new mechanism based on graph theory for the selection of the best path for network selection decision. We carry out experiments evaluation on a testbed by using mininet, to demonstrate the efficacy of our proposed mechanism as compared to conventional network selection algorithms. Our experimental results show that our proposed mechanism can achieve a significant performance in terms of QoS metrics for two services FTP and video streaming.","PeriodicalId":140704,"journal":{"name":"2018 9th IFIP International Conference on New Technologies, Mobility and Security (NTMS)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129788989","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2018-02-01DOI: 10.1109/NTMS.2018.8328743
Ence Zhou, Song Hua, Bingfeng Pi, Jun Sun, Yashihide Nomura, K. Yamashita, H. Kurihara
Currently, Bitcoin and Ethereum are the two most popular cryptocurrency systems, especially Ethereum. It permits complex financial transactions or rules through scripts, which is called smart contracts. Since Ethereum smart contracts hold millions of dollars, their execution correctness is crucial against attacks which aim at stealing the assets. In this paper, we proposed a security assurance method for smart contract source code to find potential security risks. It contains two main functions, the first is syntax topological analysis of smart contract invocation relationship, to help developers to understand their code structure clearly; the second is logic risk (which may lead to vulnerabilities) detection and location, and label results on topology diagram. For developers' convenience, we have built a static analysis tool called SASC to generate topology diagram of invocation relationship and to find potential logic risks. We have made an evaluation on 2,952 smart contracts, experiment results proved that our method is intuitive and effective.
{"title":"Security Assurance for Smart Contract","authors":"Ence Zhou, Song Hua, Bingfeng Pi, Jun Sun, Yashihide Nomura, K. Yamashita, H. Kurihara","doi":"10.1109/NTMS.2018.8328743","DOIUrl":"https://doi.org/10.1109/NTMS.2018.8328743","url":null,"abstract":"Currently, Bitcoin and Ethereum are the two most popular cryptocurrency systems, especially Ethereum. It permits complex financial transactions or rules through scripts, which is called smart contracts. Since Ethereum smart contracts hold millions of dollars, their execution correctness is crucial against attacks which aim at stealing the assets. In this paper, we proposed a security assurance method for smart contract source code to find potential security risks. It contains two main functions, the first is syntax topological analysis of smart contract invocation relationship, to help developers to understand their code structure clearly; the second is logic risk (which may lead to vulnerabilities) detection and location, and label results on topology diagram. For developers' convenience, we have built a static analysis tool called SASC to generate topology diagram of invocation relationship and to find potential logic risks. We have made an evaluation on 2,952 smart contracts, experiment results proved that our method is intuitive and effective.","PeriodicalId":140704,"journal":{"name":"2018 9th IFIP International Conference on New Technologies, Mobility and Security (NTMS)","volume":"12 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130945303","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2018-02-01DOI: 10.1109/NTMS.2018.8328676
Tao Wu, C. Ruland
Compressive Sensing (CS) based imaging (CSI) method can recover N pixel information from only M measurements with N ≫ M, if the source information is sparse in some domain. With help of CSI mechanism an imaging system could capture information directly, meanwhile, the confidentiality could be also supported with some configuration due to the random projection, i.e., CSI method integrates sensing, compression and encryption in one step. However, image should be also protected against tampering and forgery, which could be realized by providing the origin and integrity. Since CSI method captures measurements instead of pixel information, the authenticity should be provided in an unconventional but semantic way. This paper introduces an Authenticated Encrypted Compressive Sensing based Imaging (AE-CSI) mechanism, which is constructed by the existed CSMAC and improved CSI mechanism, such that the system provides the origin, integrity and confidentiality of the target image while the sensing process.
{"title":"An Authenticated Encrypted Compressive Sensing based Imaging Mechanism","authors":"Tao Wu, C. Ruland","doi":"10.1109/NTMS.2018.8328676","DOIUrl":"https://doi.org/10.1109/NTMS.2018.8328676","url":null,"abstract":"Compressive Sensing (CS) based imaging (CSI) method can recover N pixel information from only M measurements with N ≫ M, if the source information is sparse in some domain. With help of CSI mechanism an imaging system could capture information directly, meanwhile, the confidentiality could be also supported with some configuration due to the random projection, i.e., CSI method integrates sensing, compression and encryption in one step. However, image should be also protected against tampering and forgery, which could be realized by providing the origin and integrity. Since CSI method captures measurements instead of pixel information, the authenticity should be provided in an unconventional but semantic way. This paper introduces an Authenticated Encrypted Compressive Sensing based Imaging (AE-CSI) mechanism, which is constructed by the existed CSMAC and improved CSI mechanism, such that the system provides the origin, integrity and confidentiality of the target image while the sensing process.","PeriodicalId":140704,"journal":{"name":"2018 9th IFIP International Conference on New Technologies, Mobility and Security (NTMS)","volume":"11 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127931201","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2018-02-01DOI: 10.1109/NTMS.2018.8328712
Zi-Yuan Liu, Jen-Chieh Hsu, R. Tso, Tzong-Chen Wu
Policy-controlled signature (PCS) was introduced by Pairat Thorncharoensri et al. at ICICS 2009, and improved at Computer Standards & Interfaces 2017. In this type of digital signature, signer can sign a message with some policies. Any verifier who does not satisfies the policies cannot verify the message. They also extended the notion of policy-controlled signature, and called it "universal policy-controlled signature". In their extended notion, they improve the flexibility of the PCS scheme by allowing a third party to equip the signature with policy, rather than the signer. In this work, we use the recent techniques in lattice to construct policy- controlled based signature from NTRU lattice. In particular, we adapt Léo Ducas et al.'s encryption and signature protocol on lattice (ASIACRYPT 2014), and combine them with Pairat Thorncharoensri et al.'s work to satisfy the properties of policy-controlled signature. Our contribution is developing the first quantum- resistant schema based on the policy-controlled signature.
{"title":"Policy-Controlled Signature from NTRU Lattice","authors":"Zi-Yuan Liu, Jen-Chieh Hsu, R. Tso, Tzong-Chen Wu","doi":"10.1109/NTMS.2018.8328712","DOIUrl":"https://doi.org/10.1109/NTMS.2018.8328712","url":null,"abstract":"Policy-controlled signature (PCS) was introduced by Pairat Thorncharoensri et al. at ICICS 2009, and improved at Computer Standards & Interfaces 2017. In this type of digital signature, signer can sign a message with some policies. Any verifier who does not satisfies the policies cannot verify the message. They also extended the notion of policy-controlled signature, and called it \"universal policy-controlled signature\". In their extended notion, they improve the flexibility of the PCS scheme by allowing a third party to equip the signature with policy, rather than the signer. In this work, we use the recent techniques in lattice to construct policy- controlled based signature from NTRU lattice. In particular, we adapt Léo Ducas et al.'s encryption and signature protocol on lattice (ASIACRYPT 2014), and combine them with Pairat Thorncharoensri et al.'s work to satisfy the properties of policy-controlled signature. Our contribution is developing the first quantum- resistant schema based on the policy-controlled signature.","PeriodicalId":140704,"journal":{"name":"2018 9th IFIP International Conference on New Technologies, Mobility and Security (NTMS)","volume":"35 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132144017","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2018-02-01DOI: 10.1109/NTMS.2018.8328672
Sarah Abdallah, I. Elhajj, A. Chehab, A. Kayssi
Software Defined Networking (SDN) is a networking technology that caught the interest of many researchers and specialists in the field. The attention that SDN management obtained wasn't any less since traditional techniques were no longer sufficient for managing this new concept, and fully exploiting the flexibility and agility introduced with it. The purpose of this paper is to survey techniques used for network management for Software Defined Networks, and build on the FCAPS (Fault, Configuration, Accounting, Performance, Security) model to propose a new management framework to serve SDN orchestration. Results showed an improvement of 27.5% for our proposed design as compared to the Controller-only and Manager-only scenarios.
{"title":"A Network Management Framework for SDN","authors":"Sarah Abdallah, I. Elhajj, A. Chehab, A. Kayssi","doi":"10.1109/NTMS.2018.8328672","DOIUrl":"https://doi.org/10.1109/NTMS.2018.8328672","url":null,"abstract":"Software Defined Networking (SDN) is a networking technology that caught the interest of many researchers and specialists in the field. The attention that SDN management obtained wasn't any less since traditional techniques were no longer sufficient for managing this new concept, and fully exploiting the flexibility and agility introduced with it. The purpose of this paper is to survey techniques used for network management for Software Defined Networks, and build on the FCAPS (Fault, Configuration, Accounting, Performance, Security) model to propose a new management framework to serve SDN orchestration. Results showed an improvement of 27.5% for our proposed design as compared to the Controller-only and Manager-only scenarios.","PeriodicalId":140704,"journal":{"name":"2018 9th IFIP International Conference on New Technologies, Mobility and Security (NTMS)","volume":"47 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115309693","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2018-02-01DOI: 10.1109/NTMS.2018.8328728
M. Balaji, C. Kumar
Biased pricing model is a cardinal factor that is keeping Cloud from becoming the primary choice for an enterprise. Current pricing model is complex because of their datacenter lineage and favors the Cloud service providers. The onus to maximize resource utilization and minimize the total-cost-of-ownership both belongs to the end-user. End-users are not rewarded for adhering to the fair usage policy. The current study proposes an Inter-Application Resource Management approach comprising of a Just-In-Time resource management design and a flexible pricing model to overcome the limitations of the existing cloud pricing model.
{"title":"Inter-Application Based Resource Management Approach for Cloud Infrastructure","authors":"M. Balaji, C. Kumar","doi":"10.1109/NTMS.2018.8328728","DOIUrl":"https://doi.org/10.1109/NTMS.2018.8328728","url":null,"abstract":"Biased pricing model is a cardinal factor that is keeping Cloud from becoming the primary choice for an enterprise. Current pricing model is complex because of their datacenter lineage and favors the Cloud service providers. The onus to maximize resource utilization and minimize the total-cost-of-ownership both belongs to the end-user. End-users are not rewarded for adhering to the fair usage policy. The current study proposes an Inter-Application Resource Management approach comprising of a Just-In-Time resource management design and a flexible pricing model to overcome the limitations of the existing cloud pricing model.","PeriodicalId":140704,"journal":{"name":"2018 9th IFIP International Conference on New Technologies, Mobility and Security (NTMS)","volume":"14 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130529113","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2018-02-01DOI: 10.1109/NTMS.2018.8328674
Davide Ferraris, M. C. Gago, Javier López
The Internet of Things (IoT) is an environment of interconnected entities, that are identifiable, usable and controllable via the Internet. Trust is necessary in a system such as IoT as the entities involved should know the effect of interacting with other entities. Moreover, the entities must also be able to trust a system to reliably use it. An IoT system is composed of different entities from different vendors, each of them with a different purpose and a different lifecycle. So considering trust in the whole IoT system lifecycle is useful and necessary to guarantee a good service for the whole system. The heterogeneity and dynamicity of this field make it difficult to ensure trust in IoT. We propose a trust by design framework for including trust in the development of an IoT entity considering all the phases of the life-cycle. It is composed of the K-Model and transversal activities.
{"title":"A Trust-by-Design Framework for the Internet of Things","authors":"Davide Ferraris, M. C. Gago, Javier López","doi":"10.1109/NTMS.2018.8328674","DOIUrl":"https://doi.org/10.1109/NTMS.2018.8328674","url":null,"abstract":"The Internet of Things (IoT) is an environment of interconnected entities, that are identifiable, usable and controllable via the Internet. Trust is necessary in a system such as IoT as the entities involved should know the effect of interacting with other entities. Moreover, the entities must also be able to trust a system to reliably use it. An IoT system is composed of different entities from different vendors, each of them with a different purpose and a different lifecycle. So considering trust in the whole IoT system lifecycle is useful and necessary to guarantee a good service for the whole system. The heterogeneity and dynamicity of this field make it difficult to ensure trust in IoT. We propose a trust by design framework for including trust in the development of an IoT entity considering all the phases of the life-cycle. It is composed of the K-Model and transversal activities.","PeriodicalId":140704,"journal":{"name":"2018 9th IFIP International Conference on New Technologies, Mobility and Security (NTMS)","volume":"117 6","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"120823721","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: