Biblio
Security attacks against Internet of Things (IoT) are on the rise and they lead to drastic consequences. Data confidentiality is typically based on a strong symmetric-key algorithm to guard against confidentiality attacks. However, there is a need to design an efficient lightweight cipher scheme for a number of applications for IoT systems. Recently, a set of lightweight cryptographic algorithms have been presented and they are based on the dynamic key approach, requiring a small number of rounds to minimize the computation and resource overhead, without degrading the security level. This paper follows this logic and provides a new flexible lightweight cipher, with or without chaining operation mode, with a simple round function and a dynamic key for each input message. Consequently, the proposed cipher scheme can be utilized for real-time applications and/or devices with limited resources such as Multimedia Internet of Things (MIoT) systems. The importance of the proposed solution is that it produces dynamic cryptographic primitives and it performs the mixing of selected blocks in a dynamic pseudo-random manner. Accordingly, different plaintext messages are encrypted differently, and the avalanche effect is also preserved. Finally, security and performance analysis are presented to validate the efficiency and robustness of the proposed cipher variants.
The Internet of Things (IoT) systems are vulnerable to many security threats that may have drastic impacts. Existing cryptographic solutions do not cater for the limitations of resource-constrained IoT devices, nor for real-time requirements of some IoT applications. Therefore, it is essential to design new efficient cipher schemes with low overhead in terms of delay and resource requirements. In this paper, we propose a lightweight stream cipher scheme, which is based, on one hand, on the dynamic key-dependent approach to achieve a high security level, and on the other hand, the scheme involves few simple operations to minimize the overhead. In our approach, cryptographic primitives change in a dynamic lightweight manner for each input block. Security and performance study as well as experimentation are performed to validate that the proposed cipher achieves a high level of efficiency and robustness, making it suitable for resource-constrained IoT devices.
One of the main concerns for smartphone users is the quality of apps they download. Before installing any app from the market, users first check its rating and reviews. However, these ratings are not computed by experts and most times are not associated with malicious behavior. In this work, we present an IDS/rating system based on a game theoretic model with crowdsourcing. Our results show that, with minor control over the error in categorizing users and the fraction of experts in the crowd, our system provides proper ratings while flagging all malicious apps.
Recommender systems have become quite popular recently. However, such systems are vulnerable to several types of attacks that target user ratings. One such attack is the Sybil attack where an entity masquerades as several identities with the intention of diverting user ratings. In this work, we propose evolutionary game theory as a possible solution to the Sybil attack in recommender systems. After modeling the attack, we use replicator dynamics to solve for evolutionary stable strategies. Our results show that under certain conditions that are easily achievable by a system administrator, the probability of an attack strategy drops to zero implying degraded fitness for Sybil nodes that eventually die out.