Biblio

Homomorphic encryption (HE) facilitates computing over encrypted data without using the secret keys. It is currently inefficient for practical implementation on the Internet of Things (IoT). However, the performance of these HE schemes may increase with optimized libraries and hardware capabilities. Thus, implementing and analyzing HE schemes and protocols on resource-constrained devices is essential to deriving optimized and secure schemes. This paper develops an energy profiling framework for homomorphic encryption on IoT devices. In particular, we analyze energy consumption and performance such as CPU and Memory utilization and execution time of numerous HE schemes using SEAL and HElib libraries on the Raspberry Pi 4 hardware platform and study energy-performance-security trade-offs. Our analysis reveals that HE schemes can incur a maximum of 70.07% in terms of energy consumption among the libraries. Finally, we provide guidelines for optimization of Homomorphic Encryption by leveraging multi-threading and edge computing capabilities for IoT applications. The insights obtained from this study can be used to develop secure and resource-constrained implementation of Homomorphic encryption depending on the needs of IoT applications.

Hardware Trojans are modifications made by malicious insiders or third party providers during the design or fabrication phase of the IC (Integrated Circuits) design cycle in a covert manner. These cause catastrophic consequences ranging from manipulating the functionality of individual blocks to disabling the entire chip. Thus, a need for detecting trojans becomes necessary. In this work, we propose a deep learning based approach for detecting trojans in IC chips. In particular, we insert trojans at the circuit-level and generate data by measuring power during normal operation and under attack. Further, we develop deep learning models using Neural networks and Auto-encoders to analyze datasets for outlier detection by profiling the normal behavior and leveraging them to detect anomalies in power consumption. Our approach is generic and non-invasive in that it can be applied to any block without any modifications to the design. Evaluation of the proposed approach shows an accuracy ranging from 92.23% to 99.33% in detecting trojans.

The advent of 5G, one of the most recent and promising technologies currently under deployment, fulfills the emerging needs of mobile subscribers by introducing several new technological advancements. However, this may lead to numerous attacks in the emerging 5G networks. Thus, to guarantee the secure transmission of user data, 5G Authentication protocols such as Extensible Authentication Protocol - Authenticated Key Agreement Protocol (EAP-AKA) were developed. These protocols play an important role in ensuring security to the users as well as their data. However, there exists no guarantees about the security of the protocols. Thus formal verification is necessary to ensure that the authentication protocols are devoid of vulnerabilities or security loopholes. Towards this goal, we formally verify the security of the 5G EAP-AKA protocol using an automated verification tool called ProVerif. ProVerif identifies traces of attacks and checks for security loopholes that can be accessed by the attackers. In addition, we model the complete architecture of the 5G EAP-AKA protocol using the language called typed pi-calculus and analyze the protocol architecture through symbolic model checking. Our analysis shows that some cryptographic parameters in the architecture can be accessed by the attackers which cause the corresponding security properties to be violated.

Recent advancements in the field of in-vehicle network and wireless communication, has been steadily progressing. Also, the advent of technologies such as Vehicular Adhoc Networks (VANET) and Intelligent Transportation System (ITS), has transformed modern automobiles into a sophisticated cyber-physical system rather than just a isolated mechanical device. Modern automobiles rely on many electronic control units communicating over the Controller Area Network (CAN) bus. Although protecting the car's external interfaces is an vital part of preventing attacks, detecting malicious activity on the CAN bus is an effective second line of defense against attacks. This paper proposes a hybrid anomaly detection system for CAN bus based on patterns of recurring messages and time interval of messages. The proposed method does not require modifications in CAN bus. The proposed system is evaluated on real CAN bus traffic with simulated attack scenarios. Results obtained show that our proposed system achieved a good detection rate with fast response times.