Biblio

Cognitive Radio (CR) has garnered much attention in the last decade, while the security issues are not fully studied yet. Existing research on attacks and defenses in CR - based networks focuses mostly on individual network layers, whereas cross-layer attacks remain fortified against single-layer defenses. In this paper, we shed light on a new vulnerability in cross-layer routing protocols and demonstrate how a perpetrator can exploit this vulnerability to manipulate traffic flow around it. We propose this cross-layer attack in CR-based wireless mesh networks (CR-WMNs), which we call off-sensing and route manipulation (OS-RM) attack. In this cross-layer assault, off-sensing attack is launched at the lower layers as the point of attack but the final intention is to manipulate traffic flow around the perpetrator. We also introduce a learning strategy for a perpetrator, so that it can gather information from the collaboration with other network entities and capitalize this information into knowledge to accelerate its malice intentions. Simulation results show that this attack is far more detrimental than what we have experienced in the past and need to be addressed before commercialization of CR-based networks.

The Internet of Things (IoT) devices perform security-critical operations and deal with sensitive information in the IoT-based systems. Therefore, the increased deployment of smart devices will make them targets for cyber attacks. Adversaries can perform malicious actions, leak private information, and track devices' and their owners' location by gaining unauthorized access to IoT devices and networks. However, conventional security protocols are not primarily designed for resource constrained devices and therefore cannot be applied directly to IoT systems. In this paper, we propose Boot-IoT - a privacy-preserving, lightweight, and scalable security scheme for limited resource devices. Boot-IoT prevents a malicious device from joining an IoT network. Boot-IoT enables a device to compute a unique identity for authentication each time the device enters a network. Moreover, during device to device communication, Boot-IoT provides a lightweight mutual authentication scheme that ensures privacy-preserving identity usages. We present a detailed analysis of the security strength of BootIoT. We implemented a prototype of Boot-IoT on IoT devices powered by Contiki OS and provided an extensive comparative analysis of Boot-IoT with contemporary authentication methods. Our results show that Boot-IoT is resource efficient and provides better scalability compared to current solutions.

The Internet of Vehicles (IoV) is a complex and dynamic mobile network system that enables information sharing between vehicles, their surrounding sensors, and clouds. While IoV opens new opportunities in various applications and services to provide safety on the road, it introduces new challenges in the field of digital forensics investigations. The existing tools and procedures of digital forensics cannot meet the highly distributed, decentralized, dynamic, and mobile infrastructures of the IoV. Forensic investigators will face challenges while identifying necessary pieces of evidence from the IoV environment, and collecting and analyzing the evidence. In this article, we propose TrustIoV - a digital forensic framework for the IoV systems that provides mechanisms to collect and store trustworthy evidence from the distributed infrastructure. Trust-IoV maintains a secure provenance of the evidence to ensure the integrity of the stored evidence and allows investigators to verify the integrity of the evidence during an investigation. Our experimental results on a simulated environment suggest that Trust-IoV can operate with minimal overhead while ensuring the trustworthiness of evidence in a strong adversarial scenario.