Computer Sciences Commons^™

Efficient And Secure Digital Signature Algorithm (Dsa), Nissa Mehibel, M'Hamed Hamadouche

Emirates Journal for Engineering Research

The digital signature is used to ensure the integrity of messages as well as the authentication and non-repudiation of users. Today it has a very important role in information security. Digital signature is used in various fields such as e-commerce and e-voting, health, internet of things (IOT). Many digital signature schemes have been proposed, depending on the computational cost and security level. In this paper, we analyzed a recently proposed digital signature scheme based on the discrete logarithm problem (DLP). Our analysis shows that the scheme is not secure against the repeated random number attack to determine the secret keys …

A Novel Authentication Method That Combines Honeytokens And Google Authenticator, Vassilis Papaspirou, Maria Papathanasaki, Leandros Maglaras, Ioanna Kantzavelou, Christos Douligeris, Mohamed A. Ferrag, Helge Janicke

Research outputs 2022 to 2026

Despite the rapid development of technology, computer systems still rely heavily on passwords for security, which can be problematic. Although multi-factor authentication has been introduced, it is not completely effective against more advanced attacks. To address this, this study proposes a new two-factor authentication method that uses honeytokens. Honeytokens and Google Authenticator are combined to create a stronger authentication process. The proposed approach aims to provide additional layers of security and protection to computer systems, increasing their overall security beyond what is currently provided by single-password or standard two-factor authentication methods. The key difference is that the proposed system resembles …

Using Probabilistic Context-Free Grammar To Create Password Guessing Models, Isabelle Hjelden

Scholarly Horizons: University of Minnesota, Morris Undergraduate Journal

This paper will discuss two versions of probabilistic context-free grammar password-guessing models. The first model focuses on using English semantics to break down passwords and identify patterns. The second model identifies repeating chunks in passwords and uses this information to create possible passwords. Then, we will show the performance of each model on leaked password databases, and finally discuss the observations made on these tests.

An Efficient Lightweight Provably Secure Authentication Protocol For Patient Monitoring Using Wireless Medical Sensor Networks, Garima Thakur, Sunil Prajapat, Pankaj Kumar, Ashok Kumar Das, Sachin Shetty

VMASC Publications

The refurbishing of conventional medical network with the wireless medical sensor network has not only amplified the efficiency of the network but concurrently posed different security threats. Previously, Servati and Safkhani had suggested an Internet of Things (IoT) based authentication scheme for the healthcare environment promulgating a secure protocol in resistance to several attacks. However, the analysis demonstrates that the protocol could not withstand user, server, and gateway node impersonation attacks. Further, the protocol fails to resist offline password guessing, ephemeral secret leakage, and gateway-by-passing attacks. To address the security weaknesses, we furnish a lightweight three-factor authentication framework employing the …

Performance Analysis Of Zero Trust In Cloud Native Systems, Simone Rodigari

Theses

Critical applications demand strong security implementations, low latency and high availability at constant rates, however, the performance of a software system is affected by the implementation of security. This research measures the performance overhead and possible mitigation in cloud native systems secured with a service mesh, which allows enabling security policies for the authentication, authorization and encryption of traffic within distributed systems. The side-car proxy is a core component of this architecture, acting as a policy enforcement point and intercepting networking communication from/to applications part of the mesh, consequently affecting the performance of applications hosted in the cloud. Physical resources …

A Survey Of Wearable Devices Pairing Based On Biometric Signals, Jafar Pourbemany, Ye Zhu, Riccardo Bettati

Electrical and Computer Engineering Faculty Publications

With the rapid growth of wearable devices, more applications require direct communication between wearable devices. To secure the communication between wearable devices, various pairing protocols have been proposed to generate common keys for encrypting the communication. Since the wearable devices are attached to the same body, the devices can generate common keys based on the same context by utilizing onboard sensors to capture a common biometric signal such as body motion, gait, heartbeat, respiration, and EMG signals. The context-based pairing does not need prior information to generate common keys. As context-based pairing does not need any human involvement in the …

A Data Taxonomy For Adaptive Multifactor Authentication In The Internet Of Health Care Things, Tance Suleski, Mohiuddin Ahmed

Research outputs 2022 to 2026

The health care industry has faced various challenges over the past decade as we move toward a digital future where services and data are available on demand. The systems of interconnected devices, users, data, and working environments are referred to as the Internet of Health Care Things (IoHT). IoHT devices have emerged in the past decade as cost-effective solutions with large scalability capabilities to address the constraints on limited resources. These devices cater to the need for remote health care services outside of physical interactions. However, IoHT security is often overlooked because the devices are quickly deployed and configured as …

Design Of Robust Blockchain-Envisioned Authenticated Key Management Mechanism For Smart Healthcare Applications, Siddhant Thapiyal, Mohammad Wazid, Devesh Pratap Singh, Ashok Kumar Das, Sachin Shetty

VMASC Publications

The healthcare sector is a very crucial and important sector of any society, and with the evolution of the various deployed technologies, like the Internet of Things (IoT), machine learning and blockchain it has numerous advantages. However, in this section, the data is much more vulnerable than others, because the data is strictly private and confidential, and it requires a highly secured framework for the transmission of data between entities. In this article, we aim to design a blockchain-envisioned authentication and key management mechanism for the IoMT-based smart healthcare applications (in short, we call it SBAKM-HS). We compare the various …

A Provable Secure And Efficient Authentication Framework For Smart Manufacturing Industry, Muhammad Hammad, Akhtar Badshah, Ghulam Abbas, Hisham Alasmary, Muhammad Waqas, Wasim A. Khan

Research outputs 2022 to 2026

Smart manufacturing is transforming the manufacturing industry by enhancing productivity and quality, driving growth in the global economy. The Internet of Things (IoT) has played a crucial role in realizing Industry 4.0, where machines can communicate and interact in real-time. Despite these advancements, security remains a major challenge in developing and deploying smart manufacturing. As cyber-attacks become more prevalent, researchers are making security a top priority. Although IoT and Industrial IoT (IIoT) are used to establish smart industries, these systems remain vulnerable to various types of attacks. To address these security issues, numerous authentication methods have been proposed. However, many …

Secure Authentication Scheme Based On Numerical Series Cryptography For Internet Of Things, Dr Khaled Nagaty, Maha Aladin, Abeer Hamdy Dr.

Computer Science

The rapid advancement of cellular networks and wireless networks has laid a solid basis for the Internet of Things. IoT has evolved into a unique standard that allows diverse physical devices to collaborate with one another. A service provider gives a variety of services that may be accessed via smart apps anywhere, at any time, and from any location over the Internet. Because of the public environment of mobile communication and the Internet, these services are highly vulnerable to a several malicious attacks, such as unauthorized disclosure by hostile attackers. As a result, the best option for overcoming these vulnerabilities …

Software Protection And Secure Authentication For Autonomous Vehicular Cloud Computing, Muhammad Hataba

Dissertations

Artificial Intelligence (AI) is changing every technology we deal with. Autonomy has been a sought-after goal in vehicles, and now more than ever we are very close to that goal. Vehicles before were dumb mechanical devices, now they are becoming smart, computerized, and connected coined as Autonomous Vehicles (AVs). Moreover, researchers found a way to make more use of these enormous capabilities and introduced Autonomous Vehicles Cloud Computing (AVCC). In these platforms, vehicles can lend their unused resources and sensory data to join AVCC.

In this dissertation, we investigate security and privacy issues in AVCC. As background, we built our …

A Systematic Review On Machine Learning Models For Online Learning And Examination Systems, Sanaa Kaddoura, Daniela Elena Popescu, Jude D. Hemanth

All Works

Examinations or assessments play a vital role in every student’s life; they determine their future and career paths. The COVID pandemic has left adverse impacts in all areas, including the academic field. The regularized classroom learning and face-to-face real-time examinations were not feasible to avoid widespread infection and ensure safety. During these desperate times, technological advancements stepped in to aid students in continuing their education without any academic breaks. Machine learning is a key to this digital transformation of schools or colleges from real-time to online mode. Online learning and examination during lockdown were made possible by Machine learning methods. …

Machine Learning-Based Device Type Classification For Iot Device Re- And Continuous Authentication, Kaustubh Gupta

Department of Computer Science and Engineering: Dissertations, Theses, and Student Research

Today, the use of Internet of Things (IoT) devices is higher than ever and it is growing rapidly. Many IoT devices are usually manufactured by home appliance manufacturers where security and privacy are not the foremost concern. When an IoT device is connected to a network, currently there does not exist a strict authentication method that verifies the identity of the device, allowing any rogue IoT device to authenticate to an access point. This thesis addresses the issue by introducing methods for continuous and re-authentication of static and dynamic IoT devices, respectively. We introduce mechanisms and protocols for authenticating a …

Ascp-Iomt: Ai-Enabled Lightweight Secure Communication Protocol For Internet Of Medical Things, Mohammad Wazid, Jaskaran Singh, Ashok Kumar Das, Sachin Shetty, Muhammad Khurram Khan, Joel J.P.C. Rodrigues

VMASC Publications

The Internet of Medical Things (IoMT) is a unification of smart healthcare devices, tools, and software, which connect various patients and other users to the healthcare information system through the networking technology. It further reduces unnecessary hospital visits and the burden on healthcare systems by connecting the patients to their healthcare experts (i.e., doctors) and allows secure transmission of healthcare data over an insecure channel (e.g., the Internet). Since Artificial Intelligence (AI) has a great impact on the performance and usability of an information system, it is important to include its modules in a healthcare information system, which will be …

A Review On Security Issues And Solutions Of The Internet Of Drones, Wencheng Yang, Song Wang, Xuefei Yin, Xu Wang, Jiankun Hu

Research outputs 2022 to 2026

The Internet of Drones (IoD) has attracted increasing attention in recent years because of its portability and automation, and is being deployed in a wide range of fields (e.g., military, rescue and entertainment). Nevertheless, as a result of the inherently open nature of radio transmission paths in the IoD, data collected, generated or handled by drones is plagued by many security concerns. Since security and privacy are among the foremost challenges for the IoD, in this paper we conduct a comprehensive review on security issues and solutions for IoD security, discussing IoD-related security requirements and identifying the latest advancement in …

Analysis Of Blockchain Solutions For E-Voting: A Systematic Literature Review, Ali Benabdallah, Antoine Audras, Louis Coudert, Nour El Madhoun, Mohamad Badra

All Works

To this day, abstention rates continue to rise, largely due to the need to travel to vote. This is why remote e-voting will increase the turnout by allowing everyone to vote without the need to travel. It will also minimize the risks and obtain results in a faster way compared to a traditional vote with paper ballots. In fact, given the high stakes of an election, a remote e-voting solution must meet the highest standards of security, reliability, and transparency to gain the trust of citizens. In literature, several remote e-voting solutions based on blockchain technology have been proposed. Indeed, …

Healthcare 5.0 Security Framework: Applications, Issues And Future Research Directions, Mohammad Wazid, Ashok Kumar Das, Noor Mohd, Youngho Park

VMASC Publications

Healthcare 5.0 is a system that can be deployed to provide various healthcare services. It does these services by utilising a new generation of information technologies, such as Internet of Things (IoT), Artificial Intelligence (AI), Big data analytics, blockchain and cloud computing. Due to the introduction of healthcare 5.0, the paradigm has been now changed. It is disease-centered to patient-centered care where it provides healthcare services and supports to the people. However, there are several security issues and challenges in healthcare 5.0 which may cause the leakage or alteration of sensitive healthcare data. This demands that we need a robust …

Secure Self-Checkout Kiosks Using Alma Api With Two-Factor Authentication, Ron Bulaon

Research Collection Library

Self-checkout kiosks have become a staple feature of many modern and digitized libraries. These devices are used by library patrons for self-service item loans. Most implementations are not new, in fact many of these systems are simple, straight forward and work as intended. But behind this useful technology, there is a security concern on authentication that has to be addressed.

In my proposed presentation, I will discuss the risk factors of self-checkout kiosks and propose a solution using Alma APIs. I will address the technical shortcomings of the current implementations, compared to the proposed solution, and where the weakest link …

Lightweight Mutual Authentication And Privacy Preservation Schemes For Iot Systems., Samah Mansour

Electronic Theses and Dissertations

Internet of Things (IoT) presents a holistic and transformative approach for providing services in different domains. IoT creates an atmosphere of interaction between humans and the surrounding physical world through various technologies such as sensors, actuators, and the cloud. Theoretically, when everything is connected, everything is at risk. The rapid growth of IoT with the heterogeneous devices that are connected to the Internet generates new challenges in protecting and preserving user’s privacy and ensuring the security of our lives. IoT systems face considerable challenges in deploying robust authentication protocols because some of the IoT devices are resource-constrained with limited computation …

Deep Learning Modalities For Biometric Alteration Detection In 5g Networks-Based Secure Smart Cities, Ahmed Sedik, Lo'ai A. Tawalbeh, Mohamed Hammad, Ahmed A. Abd El-Latif, Ghada M. El-Banby, Ashref A.M. Khalaf, Fathi E. Abd El-Samie, Abdullah M. Iliyasu

Computer Science Faculty Publications

Smart cities and their applications have become attractive research fields birthing numerous technologies. Fifth generation (5G) networks are important components of smart cities, where intelligent access control is deployed for identity authentication, online banking, and cyber security. To assure secure transactions and to protect user’s identities against cybersecurity threats, strong authentication techniques should be used. The prevalence of biometrics, such as fingerprints, in authentication and identification makes the need to safeguard them important across different areas of smart applications. Our study presents a system to detect alterations to biometric modalities to discriminate pristine, adulterated, and fake biometrics in 5G-based smart …

Ultrapin: Inferring Pin Entries Via Ultrasound, Liu, Ximing, Robert H. Deng, Robert H. Deng

Research Collection School Of Computing and Information Systems

While PIN-based user authentication systems such as ATM have long been considered to be secure enough, they are facing new attacks, named UltraPIN, which can be launched from commodity smartphones. As a target user enters a PIN on a PIN-based user authentication system, an attacker may use UltraPIN to infer the PIN from a short distance (50 cm to 100 cm). In this process, UltraPIN leverages smartphone speakers to issue human-inaudible ultrasound signals and uses smartphone microphones to keep recording acoustic signals. It applies a series of signal processing techniques to extract high-quality feature vectors from low-energy and high-noise signals …

Lightweight Encryption Based Security Package For Wireless Body Area Network, Sangwon Shin

Electronic Theses and Dissertations

As the demand of individual health monitoring rose, Wireless Body Area Networks (WBAN) are becoming highly distinctive within health applications. Nowadays, WBAN is much easier to access then what it used to be. However, due to WBAN’s limitation, properly sophisticated security protocols do not exist. As WBAN devices deal with sensitive data and could be used as a threat to the owner of the data or their family, securing individual devices is highly important. Despite the importance in securing data, existing WBAN security methods are focused on providing light weight security methods. This led to most security methods for WBAN …

An Efficient Privacy Preserving Message Authentication Scheme For Internet-Of-Things, Jiannan Wei, Tran Viet Xuan Phuong, Guomin Yang

Research Collection School Of Computing and Information Systems

As an essential element of the next generation Internet, Internet of Things (IoT) has been undergoing an extensive development in recent years. In addition to the enhancement of peoples daily lives, IoT devices also generate/gather a massive amount of data that could be utilized by machine learning and big data analytics for different applications. Due to the machine-to-machine communication nature of IoT, data security and privacy are crucial issues that must be addressed to prevent different cyber attacks (e.g., impersonation and data pollution/poisoning attacks). Nevertheless, due to the constrained computation power and the diversity of IoT devices, it is a …

Biometrics For Internet‐Of‐Things Security: A Review, Wencheng Yang, Song Wang, Nor Masri Sahri, Nickson M. Karie, Mohiuddin Ahmed, Craig Valli

Research outputs 2014 to 2021

The large number of Internet‐of‐Things (IoT) devices that need interaction between smart devices and consumers makes security critical to an IoT environment. Biometrics offers an interesting window of opportunity to improve the usability and security of IoT and can play a significant role in securing a wide range of emerging IoT devices to address security challenges. The purpose of this review is to provide a comprehensive survey on the current biometrics research in IoT security, especially focusing on two important aspects, authentication and encryption. Regarding authentication, contemporary biometric‐based authentication systems for IoT are discussed and classified based on different biometric …

Secure Authentication And Privacy-Preserving Techniques In Vehicular Ad-Hoc Networks (Vanets), Dakshnamoorthy Manivannan, Shafika Showkat Moni, Sherali Zeadally

Computer Science Faculty Publications

In the last decade, there has been growing interest in Vehicular Ad Hoc NETworks (VANETs). Today car manufacturers have already started to equip vehicles with sophisticated sensors that can provide many assistive features such as front collision avoidance, automatic lane tracking, partial autonomous driving, suggestive lane changing, and so on. Such technological advancements are enabling the adoption of VANETs not only to provide safer and more comfortable driving experience but also provide many other useful services to the driver as well as passengers of a vehicle. However, privacy, authentication and secure message dissemination are some of the main issues that …

Single Sign-On Model Based On Trusted-Daa Connection, Xiaohui Yang, Lijun Jiang, Wang Hong, Siyuan Chang

Journal of System Simulation

Abstract: Traditional single sign-on (SSO) models adopt SSL connections in the cloud computing environments, while there exist several problems such as certificates cannot be updated in time, certificate updating needs a third party CA, etc.. To solve above problems, TPM was introduced between cloud identity providers and cloud service providers, and a trusted DAA connection (T-D-SSL) was designed by adopting the DAA authentication method to implementation cross platform trusted authentication, secure channel establishment, and certificate updating operation. Combining with T-D-SSL, SAML2.0, and ID-FF1.2, a new SSO model of the cloud computing environments was proposed, which could make sure the system …

Designing Leakage-Resilient Password Entry On Head-Mounted Smart Wearable Glass Devices, Yan Li, Yao Cheng, Wenzhi Meng, Yingjiu Li, Robert H. Deng

Research Collection School Of Computing and Information Systems

With the boom of Augmented Reality (AR) and Virtual Reality (VR) applications, head-mounted smart wearable glass devices are becoming popular to help users access various services like E-mail freely. However, most existing password entry schemes on smart glasses rely on additional computers or mobile devices connected to smart glasses, which require users to switch between different systems and devices. This may greatly lower the practicability and usability of smart glasses. In this paper, we focus on this challenge and design three practical anti-eavesdropping password entry schemes on stand-alone smart glasses, named gTapper, gRotator and gTalker. The main idea is to …

Smart Sensing Enabled Secure And Usable Pairing And Authentication, Xiaopeng Li

Theses and Dissertations

Internet of Things (IoT) technologies have made our lives more convenient and better informed by sensing and monitoring our surroundings. Security applications, such as device pairing and user authentication, are the fundamentals for building a trustworthy smart environment. A secure and convenient pairing approach is critical to IoT enabled applications, as pairing is to establish a secure wireless communication channel for devices. Besides, a smart environment usually has multiple people (e.g., patients and doctors in a hospital), who have physical access to the deployed IoT devices and sensitive dumb objects (e.g., a cabinet storing medical records); but not all of …

Editing-Enabled Signatures: A New Tool For Editing Authenticated Data, Binanda Sengupta, Yingjiu Li, Yangguang Tian, Robert H. Deng

Research Collection School Of Computing and Information Systems

Data authentication primarily serves as a tool to achieve data integrity and source authentication. However, traditional data authentication does not fit well where an intermediate entity (editor) is required to modify the authenticated data provided by the source/data owner before sending the data to other recipients. To ask the data owner for authenticating each modified data can lead to higher communication overhead. In this article, we introduce the notion of editing-enabled signatures where the data owner can choose any set of modification operations applicable on the data and still can restrict any possibly untrusted editor to authenticate the data modified …

Mitigating Real-Time Relay Phishing Attacks Against Mobile Push Notification Based Two-Factor Authentication Systems, Casey Silver

Masters Theses, 2020-current

This paper explores how existing push notification based two-factor authentication systems are susceptible to real-time man-in-the-middle relay attacks and proposes a system for mitigating such attacks. A fully functional reference system of the proposed mitigation was built and compared to an existing push notification two-factor authentication system while undergoing a real-time man-in-the-middle relay attack. The reference systems used cloud infrastructure for hosting, an Apple iPhone as the notification receiver, and Apple’s push notification service to send notifications. A publicly available tool for conducting real-time man-in-the-middle relay attacks was used to conduct the attacks. The results of the tests were recorded …