Pub Date : 2018-09-01DOI: 10.1109/Trustcom/BigDataSE/ICESS.2017.227
A. Gamachchi, S. Boztaş
While most organizations continue to invest in traditional network defences, a formidable security challenge has been brewing within their own boundaries. Malicious insiders with privileged access in the guise of a trusted source have carried out many attacks causing far reaching damage to financial stability, national security and brand reputation for both public and private sector organizations. Growing exposure and impact of the whistleblower community and concerns about job security with changing organizational dynamics has further aggravated this situation. The unpredictability of malicious attackers, as well as the complexity of malicious actions, necessitates the careful analysis of network, system and user parameters correlated with insider threat problem. Thus it creates a high dimensional, heterogeneous data analysis problem in isolating suspicious users. This research work proposes an insider threat detection framework, which utilizes the attributed graph clustering techniques and outlier ranking mechanism for enterprise users. Empirical results also confirm the effectiveness of the method by achieving the best area under curve value of 0.7648 for the receiver operating characteristic curve.
{"title":"Insider Threat Detection Through Attributed Graph Clustering","authors":"A. Gamachchi, S. Boztaş","doi":"10.1109/Trustcom/BigDataSE/ICESS.2017.227","DOIUrl":"https://doi.org/10.1109/Trustcom/BigDataSE/ICESS.2017.227","url":null,"abstract":"While most organizations continue to invest in traditional network defences, a formidable security challenge has been brewing within their own boundaries. Malicious insiders with privileged access in the guise of a trusted source have carried out many attacks causing far reaching damage to financial stability, national security and brand reputation for both public and private sector organizations. Growing exposure and impact of the whistleblower community and concerns about job security with changing organizational dynamics has further aggravated this situation. The unpredictability of malicious attackers, as well as the complexity of malicious actions, necessitates the careful analysis of network, system and user parameters correlated with insider threat problem. Thus it creates a high dimensional, heterogeneous data analysis problem in isolating suspicious users. This research work proposes an insider threat detection framework, which utilizes the attributed graph clustering techniques and outlier ranking mechanism for enterprise users. Empirical results also confirm the effectiveness of the method by achieving the best area under curve value of 0.7648 for the receiver operating characteristic curve.","PeriodicalId":170253,"journal":{"name":"2017 IEEE Trustcom/BigDataSE/ICESS","volume":"101 1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123520248","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-09-11DOI: 10.1109/Trustcom/BigDataSE/ICESS.2017.329
I. Triguero, G. Figueredo, M. Mesgarpour, J. Garibaldi, R. John
In this work we introduce a fast big data approach for road incident hot spot identification using Apache Spark. We implement an existing immuno-inspired mechanism, namely SeleSup, as a series of MapReduce-like operations. SeleSup is composed of a number of iterations that remove data redundancies and result in the detection of areas of high likelihood of vehicles incidents. It has been successfully applied to large datasets, however, as the size of the data increases to millions of instances, its performance drops significantly. Our objective therefore is to re-conceptualise the method for big data. In this paper we present the new implementation, the challenges faced when converting the method for the Apache Spark platform as well as the outcomes obtained. For our experiments we employ a large dataset containing hundreds of thousands of Heavy Good Vehicles incidents, collected via telematics. Results show a significant improvement in performance with no detriment to the accuracy of the method.
{"title":"Vehicle Incident Hot Spots Identification: An Approach for Big Data","authors":"I. Triguero, G. Figueredo, M. Mesgarpour, J. Garibaldi, R. John","doi":"10.1109/Trustcom/BigDataSE/ICESS.2017.329","DOIUrl":"https://doi.org/10.1109/Trustcom/BigDataSE/ICESS.2017.329","url":null,"abstract":"In this work we introduce a fast big data approach for road incident hot spot identification using Apache Spark. We implement an existing immuno-inspired mechanism, namely SeleSup, as a series of MapReduce-like operations. SeleSup is composed of a number of iterations that remove data redundancies and result in the detection of areas of high likelihood of vehicles incidents. It has been successfully applied to large datasets, however, as the size of the data increases to millions of instances, its performance drops significantly. Our objective therefore is to re-conceptualise the method for big data. In this paper we present the new implementation, the challenges faced when converting the method for the Apache Spark platform as well as the outcomes obtained. For our experiments we employ a large dataset containing hundreds of thousands of Heavy Good Vehicles incidents, collected via telematics. Results show a significant improvement in performance with no detriment to the accuracy of the method.","PeriodicalId":170253,"journal":{"name":"2017 IEEE Trustcom/BigDataSE/ICESS","volume":"87 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-09-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126187237","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-09-11DOI: 10.1109/Trustcom/BigDataSE/ICESS.2017.246
Zhanyong Tang, Kaiyuan Kuang, Lei Wang, Chao Xue, Xiaoqing Gong, Xiaojiang Chen, Dingyi Fang, Jie Liu, Z. Wang
Increasingly sophisticated code obfuscation techniques are quickly adopted by malware developers to escape from malware detection and to thwart the reverse engineering effort of security analysts. State-of-the-art de-obfuscation approaches rely on dynamic analysis, but face the challenge of low code coverage as not all software execution paths and behavior will be exposed at specific profiling runs. As a result, these approaches often fail to discover hidden malicious patterns. This paper introduces SEEAD, a novel and generic semantic-based de-obfuscation system. When building SEEAD, we try to rely on as few assumptions about the structure of the obfuscation tool as possible, so that the system can keep pace with the fast evolving code obfuscation techniques. To increase the code coverage, SEEAD dynamically directs the target program to execute different paths across different runs. This dynamic profiling scheme is rife with taint and control dependence analysis to reduce the search overhead, and a carefully designed protection scheme to bring the program to an error free status should any error happens during dynamic profile runs. As a result, the increased code coverage enables us to uncover hidden malicious behaviors that are not detected by traditional dynamic analysis based de-obfuscation approaches. We evaluate SEEAD on a range of benign and malicious obfuscated programs. Our experimental results show that SEEAD is able to successfully recover the original logic from obfuscated binaries.
{"title":"SEEAD: A Semantic-Based Approach for Automatic Binary Code De-obfuscation","authors":"Zhanyong Tang, Kaiyuan Kuang, Lei Wang, Chao Xue, Xiaoqing Gong, Xiaojiang Chen, Dingyi Fang, Jie Liu, Z. Wang","doi":"10.1109/Trustcom/BigDataSE/ICESS.2017.246","DOIUrl":"https://doi.org/10.1109/Trustcom/BigDataSE/ICESS.2017.246","url":null,"abstract":"Increasingly sophisticated code obfuscation techniques are quickly adopted by malware developers to escape from malware detection and to thwart the reverse engineering effort of security analysts. State-of-the-art de-obfuscation approaches rely on dynamic analysis, but face the challenge of low code coverage as not all software execution paths and behavior will be exposed at specific profiling runs. As a result, these approaches often fail to discover hidden malicious patterns. This paper introduces SEEAD, a novel and generic semantic-based de-obfuscation system. When building SEEAD, we try to rely on as few assumptions about the structure of the obfuscation tool as possible, so that the system can keep pace with the fast evolving code obfuscation techniques. To increase the code coverage, SEEAD dynamically directs the target program to execute different paths across different runs. This dynamic profiling scheme is rife with taint and control dependence analysis to reduce the search overhead, and a carefully designed protection scheme to bring the program to an error free status should any error happens during dynamic profile runs. As a result, the increased code coverage enables us to uncover hidden malicious behaviors that are not detected by traditional dynamic analysis based de-obfuscation approaches. We evaluate SEEAD on a range of benign and malicious obfuscated programs. Our experimental results show that SEEAD is able to successfully recover the original logic from obfuscated binaries.","PeriodicalId":170253,"journal":{"name":"2017 IEEE Trustcom/BigDataSE/ICESS","volume":"63 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-09-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123322114","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-09-11DOI: 10.1109/Trustcom/BigDataSE/ICESS.2017.299
Denys A. Flores, A. Jhumka
During forensic database investigations, audit records become a crucial evidential element; particularly, when certain events can be attributed to insider activity. However, traditional reactive forensic methods may not be suitable, urging the adoption of proactive approaches that can be used to ensure accountability through audit records whilst satisfying Chain of Custody (CoC) requirements for forensic purposes. In this paper, role segregation, evidence provenance, event timeliness and causality are considered as CoC requirements in order to implement a forensically ready architecture for the proactive generation, collection and preservation of database audit records that can be used as digital evidence for the investigation of insider activity. Our proposal implements triggers and stored procedures as forensic routines in order to build a vector-clock-based timeline for explaining causality in transactional events recorded in audit tables. We expect to encourage further work in the field of proactive digital forensics and forensic readiness; in particular, for justifying admissibility of audit records under CoC restrictions.
{"title":"Implementing Chain of Custody Requirements in Database Audit Records for Forensic Purposes","authors":"Denys A. Flores, A. Jhumka","doi":"10.1109/Trustcom/BigDataSE/ICESS.2017.299","DOIUrl":"https://doi.org/10.1109/Trustcom/BigDataSE/ICESS.2017.299","url":null,"abstract":"During forensic database investigations, audit records become a crucial evidential element; particularly, when certain events can be attributed to insider activity. However, traditional reactive forensic methods may not be suitable, urging the adoption of proactive approaches that can be used to ensure accountability through audit records whilst satisfying Chain of Custody (CoC) requirements for forensic purposes. In this paper, role segregation, evidence provenance, event timeliness and causality are considered as CoC requirements in order to implement a forensically ready architecture for the proactive generation, collection and preservation of database audit records that can be used as digital evidence for the investigation of insider activity. Our proposal implements triggers and stored procedures as forensic routines in order to build a vector-clock-based timeline for explaining causality in transactional events recorded in audit tables. We expect to encourage further work in the field of proactive digital forensics and forensic readiness; in particular, for justifying admissibility of audit records under CoC restrictions.","PeriodicalId":170253,"journal":{"name":"2017 IEEE Trustcom/BigDataSE/ICESS","volume":"53 6","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-09-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132287075","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-09-11DOI: 10.1109/Trustcom/BigDataSE/ICESS.2017.216
Jiangshan Yu, M. Ryan, Liqun Chen
A service may be implemented over several servers, and those servers may become compromised by an attacker, e.g. through software vulnerabilities. When this happens, the service manager will remove the vulnerabilities and re-instate the server. Typically, this will involve regenerating the public key by which clients authenticate the service, and revoking the old one. This paper presents a scheme which allows a storage service composed of several servers to create a group public key in a decentralised manner, and maintain its security even when such compromises take place. By maintaining keys for a long term, we reduce the reliance on public-key certification. The storage servers periodically update the decryption secrets corresponding to a public key, in such a way that secrets gained by an attacker are rendered useless after an update takes place. An attacker would have to compromise all the servers within a short period lying between two updates in order to fully compromise the system.
{"title":"Authenticating Compromisable Storage Systems","authors":"Jiangshan Yu, M. Ryan, Liqun Chen","doi":"10.1109/Trustcom/BigDataSE/ICESS.2017.216","DOIUrl":"https://doi.org/10.1109/Trustcom/BigDataSE/ICESS.2017.216","url":null,"abstract":"A service may be implemented over several servers, and those servers may become compromised by an attacker, e.g. through software vulnerabilities. When this happens, the service manager will remove the vulnerabilities and re-instate the server. Typically, this will involve regenerating the public key by which clients authenticate the service, and revoking the old one. This paper presents a scheme which allows a storage service composed of several servers to create a group public key in a decentralised manner, and maintain its security even when such compromises take place. By maintaining keys for a long term, we reduce the reliance on public-key certification. The storage servers periodically update the decryption secrets corresponding to a public key, in such a way that secrets gained by an attacker are rendered useless after an update takes place. An attacker would have to compromise all the servers within a short period lying between two updates in order to fully compromise the system.","PeriodicalId":170253,"journal":{"name":"2017 IEEE Trustcom/BigDataSE/ICESS","volume":"30 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-09-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133355374","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-09-11DOI: 10.1109/Trustcom/BigDataSE/ICESS.2017.226
I. G. Ray, M. Rajarajan
One of the major limitations of index based encrypted string search on big dataset is the inherent problem of big index generation, maintenance and update which stops it from being dynamic in a sense that one could not modify data or add or remove keywords. Also for a resource constraint client, to generate an index linear in the size of big dataset is difficult. In this paper, we provide an efficient easy-toimplement public key based searchable encryption scheme for string search which is adaptively secure and does not need any index. We provide concrete proof of the adaptive security of our scheme against honest-but-curious server. We validate our scheme against three different publicly available datasets.
{"title":"A Public Key Encryption Scheme for String Identification","authors":"I. G. Ray, M. Rajarajan","doi":"10.1109/Trustcom/BigDataSE/ICESS.2017.226","DOIUrl":"https://doi.org/10.1109/Trustcom/BigDataSE/ICESS.2017.226","url":null,"abstract":"One of the major limitations of index based encrypted string search on big dataset is the inherent problem of big index generation, maintenance and update which stops it from being dynamic in a sense that one could not modify data or add or remove keywords. Also for a resource constraint client, to generate an index linear in the size of big dataset is difficult. In this paper, we provide an efficient easy-toimplement public key based searchable encryption scheme for string search which is adaptively secure and does not need any index. We provide concrete proof of the adaptive security of our scheme against honest-but-curious server. We validate our scheme against three different publicly available datasets.","PeriodicalId":170253,"journal":{"name":"2017 IEEE Trustcom/BigDataSE/ICESS","volume":"32 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-09-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125117844","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-09-07DOI: 10.1109/Trustcom/BigDataSE/ICESS.2017.364
Amber Umair, P. Nanda, Xiangjian He
Online Social Networks (OSN) such as Facebook, Twitter, LinkedIn, and Instagram are heavily used to socialize, entertain or gain insights on people behavior and their activities. Everyday terabytes of data is generated over these networks, which is then used by the businesses to generate revenue or misused by the wrongdoers to exploit vulnerabilities of these social network platforms. Specifically social network information helps in extracting various important features such as; user association, access pattern, location information etc. Recent research shows, many such features could be used to develop novel attack models and investigate further into defending the users from exposing their information to outsiders. This paper analyzes some of the available tools to extract OSN information and discusses research work on similar type of unstructured data. Recent research works, which focus on gathering bits and pieces of information to extract meaningful results for digital forensics, has been discussed. An online survey is conducted to gauge the cautiousness of users in social media usage in terms of personal information dissemination.
{"title":"Online Social Network Information Forensics: A Survey on Use of Various Tools and Determining How Cautious Facebook Users are?","authors":"Amber Umair, P. Nanda, Xiangjian He","doi":"10.1109/Trustcom/BigDataSE/ICESS.2017.364","DOIUrl":"https://doi.org/10.1109/Trustcom/BigDataSE/ICESS.2017.364","url":null,"abstract":"Online Social Networks (OSN) such as Facebook, Twitter, LinkedIn, and Instagram are heavily used to socialize, entertain or gain insights on people behavior and their activities. Everyday terabytes of data is generated over these networks, which is then used by the businesses to generate revenue or misused by the wrongdoers to exploit vulnerabilities of these social network platforms. Specifically social network information helps in extracting various important features such as; user association, access pattern, location information etc. Recent research shows, many such features could be used to develop novel attack models and investigate further into defending the users from exposing their information to outsiders. This paper analyzes some of the available tools to extract OSN information and discusses research work on similar type of unstructured data. Recent research works, which focus on gathering bits and pieces of information to extract meaningful results for digital forensics, has been discussed. An online survey is conducted to gauge the cautiousness of users in social media usage in terms of personal information dissemination.","PeriodicalId":170253,"journal":{"name":"2017 IEEE Trustcom/BigDataSE/ICESS","volume":"124 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-09-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124197904","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-09-07DOI: 10.1109/Trustcom/BigDataSE/ICESS.2017.267
Shahzaib Tahir, S. Ruj, M. Rajarajan
Cloud computing motivates data owners to economically outsource large amounts of data to the cloud. To preserve the privacy and confidentiality of the documents, the documents need to be encrypted prior to being outsourced to the cloud. In this paper, we propose a lightweight construction that facilitates ranked disjunctive keyword (multi-keyword) searchable encryption based on probabilistic trapdoors. The security analysis yieldsthat the probabilistic trapdoors help resist distinguishability attacks. Through the computational complexity analysis we realize that our scheme outperforms similar existing schemes. We explore the use of searchable encryption in the telecom domain by implementing and deploying our proof of concept prototypeonto the British Telecommunication's Public Cloud offering and testing it over a real corpus of audio transcriptions. The extensive experimentation thereafter validates our claim that our scheme is lightweight.
{"title":"An Efficient Disjunctive Query Enabled Ranked Searchable Encryption Scheme","authors":"Shahzaib Tahir, S. Ruj, M. Rajarajan","doi":"10.1109/Trustcom/BigDataSE/ICESS.2017.267","DOIUrl":"https://doi.org/10.1109/Trustcom/BigDataSE/ICESS.2017.267","url":null,"abstract":"Cloud computing motivates data owners to economically outsource large amounts of data to the cloud. To preserve the privacy and confidentiality of the documents, the documents need to be encrypted prior to being outsourced to the cloud. In this paper, we propose a lightweight construction that facilitates ranked disjunctive keyword (multi-keyword) searchable encryption based on probabilistic trapdoors. The security analysis yieldsthat the probabilistic trapdoors help resist distinguishability attacks. Through the computational complexity analysis we realize that our scheme outperforms similar existing schemes. We explore the use of searchable encryption in the telecom domain by implementing and deploying our proof of concept prototypeonto the British Telecommunication's Public Cloud offering and testing it over a real corpus of audio transcriptions. The extensive experimentation thereafter validates our claim that our scheme is lightweight.","PeriodicalId":170253,"journal":{"name":"2017 IEEE Trustcom/BigDataSE/ICESS","volume":"600 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-09-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115107463","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-09-07DOI: 10.1109/Trustcom/BigDataSE/ICESS.2017.238
Mosarrat Jahan, P. Roy, K. Sakurai, A. Seneviratne, Sanjay Jha
In this paper we explore the problem of providing selective read/write access to the outsourced data for clients using mobile devices in an environment that supports users from multiple domains and where attributes are generated by multiple authorities. We consider Ciphertext-Policy Attribute-based Encryption (CP-ABE) scheme as it can provide access control on the encrypted outsourced data. One limitation of CP-ABE is that users can modify the access policy specified by the data owner if write operations are introduced in the scheme. We propose a protocol for providing different levels of access to outsourced data that permits the authorized users to perform write operation without altering the access policy specified by the data owner. Our scheme provides fine-grained read/write access to the users, accompanied with a light weight signature scheme and computationally inexpensive user revocation mechanism suitable for resource-constrained mobile devices. The security analysis demonstrates the robustness of the proposed scheme.
{"title":"Secure and Light Weight Fine-grained Access Mechanism for Outsourced Data","authors":"Mosarrat Jahan, P. Roy, K. Sakurai, A. Seneviratne, Sanjay Jha","doi":"10.1109/Trustcom/BigDataSE/ICESS.2017.238","DOIUrl":"https://doi.org/10.1109/Trustcom/BigDataSE/ICESS.2017.238","url":null,"abstract":"In this paper we explore the problem of providing selective read/write access to the outsourced data for clients using mobile devices in an environment that supports users from multiple domains and where attributes are generated by multiple authorities. We consider Ciphertext-Policy Attribute-based Encryption (CP-ABE) scheme as it can provide access control on the encrypted outsourced data. One limitation of CP-ABE is that users can modify the access policy specified by the data owner if write operations are introduced in the scheme. We propose a protocol for providing different levels of access to outsourced data that permits the authorized users to perform write operation without altering the access policy specified by the data owner. Our scheme provides fine-grained read/write access to the users, accompanied with a light weight signature scheme and computationally inexpensive user revocation mechanism suitable for resource-constrained mobile devices. The security analysis demonstrates the robustness of the proposed scheme.","PeriodicalId":170253,"journal":{"name":"2017 IEEE Trustcom/BigDataSE/ICESS","volume":"37 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-09-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121643948","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-09-07DOI: 10.1109/Trustcom/BigDataSE/ICESS.2017.260
Annie Gilda Roselin, P. Nanda, S. Nepal
6LoWPAN networks involving wireless sensors consist of resource starving miniature sensor nodes. Since secured authentication of these resource-constrained sensors is one of the important considerations during communication, use of asymmetric key distribution scheme may not be the perfect choice to achieve secure authentication. Recent research shows that Lucky Thirteen attack has compromised Datagram Transport Layer Security (DTLS) with Cipher Block Chaining (CBC) mode for key establishment. Even though EAKES6Lo and S3K techniques for key establishment follow the symmetric key establishment method, they strongly rely on a remote server and trust anchor for secure key distribution. Our proposed Lightweight Authentication Protocol (LAUP) used a symmetric key method with no preshared keys and comprised of four flights to establish authentication and session key distribution between sensors and Edge Router in a 6LoWPAN environment. Each flight uses freshly derived keys from existing information such as PAN ID (Personal Area Network IDentification) and device identities. We formally verified our scheme using the Scyther security protocol verification tool for authentication properties such as Aliveness, Secrecy, Non-Injective Agreement and Non-Injective Synchronization. We simulated and evaluated the proposed LAUP protocol using COOJA simulator with ContikiOS and achieved less computational time and low power consumption compared to existing authentication protocols such as the EAKES6Lo and SAKES.
{"title":"Lightweight Authentication Protocol (LAUP) for 6LoWPAN Wireless Sensor Networks","authors":"Annie Gilda Roselin, P. Nanda, S. Nepal","doi":"10.1109/Trustcom/BigDataSE/ICESS.2017.260","DOIUrl":"https://doi.org/10.1109/Trustcom/BigDataSE/ICESS.2017.260","url":null,"abstract":"6LoWPAN networks involving wireless sensors consist of resource starving miniature sensor nodes. Since secured authentication of these resource-constrained sensors is one of the important considerations during communication, use of asymmetric key distribution scheme may not be the perfect choice to achieve secure authentication. Recent research shows that Lucky Thirteen attack has compromised Datagram Transport Layer Security (DTLS) with Cipher Block Chaining (CBC) mode for key establishment. Even though EAKES6Lo and S3K techniques for key establishment follow the symmetric key establishment method, they strongly rely on a remote server and trust anchor for secure key distribution. Our proposed Lightweight Authentication Protocol (LAUP) used a symmetric key method with no preshared keys and comprised of four flights to establish authentication and session key distribution between sensors and Edge Router in a 6LoWPAN environment. Each flight uses freshly derived keys from existing information such as PAN ID (Personal Area Network IDentification) and device identities. We formally verified our scheme using the Scyther security protocol verification tool for authentication properties such as Aliveness, Secrecy, Non-Injective Agreement and Non-Injective Synchronization. We simulated and evaluated the proposed LAUP protocol using COOJA simulator with ContikiOS and achieved less computational time and low power consumption compared to existing authentication protocols such as the EAKES6Lo and SAKES.","PeriodicalId":170253,"journal":{"name":"2017 IEEE Trustcom/BigDataSE/ICESS","volume":"24 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-09-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116300521","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: