Biblio

With the growing use of the Robot Operating System (ROS), it can be argued that it has become a de-facto framework for developing robotic solutions. ROS is used to build robotic applications for industrial automation, home automation, medical and even automatic robotic surveillance. However, whenever ROS is utilized, security is one of the main concerns that needs to be addressed in order to ensure a secure network communication of robots. Cyber-attacks may hinder evolution and adaptation of most ROS-enabled robotic systems for real-world use over the Internet. Thus, it is important to address and prevent security threats associated with the use of ROS-enabled applications. In this paper, we propose a novel approach for securing ROS-enabled robotic system by integrating ROS with the Message Queuing Telemetry Transport (MQTT) protocol. We manage to secure robots' network communications by providing authentication and data encryption, therefore preventing man-in-the-middle and hijacking attacks. We also perform real-world experiments to assess how the performance of a ROS-enabled robotic surveillance system is affected by the proposed approach.

The Robot Operating System (ROS) is a widely adopted standard robotic middleware. However, its preliminary design is devoid of any network security features. Military grade unmanned systems must be guarded against network threats. ROS 2 is built upon the Data Distribution Service (DDS) standard and is designed to provide solutions to identified ROS 1 security vulnerabilities by incorporating authentication, encryption, and process profile features, which rely on public key infrastructure. The Department of Defense is looking to use ROS 2 for its military-centric robotics platform. This paper seeks to demonstrate that ROS 2 and its DDS security architecture can serve as a functional platform for use in military grade unmanned systems, particularly in unmanned Naval aerial swarms. In this paper, we focus on the viability of ROS 2 to safeguard communications between swarms and a ground control station (GCS). We test ROS 2's ability to mitigate and withstand certain cyber threats, specifically that of rogue nodes injecting unauthorized data and accessing services that will disable parts of the UAV swarm. We use the Gazebo robotics simulator to target individual UAVs to ascertain the effectiveness of our attack vectors under specific conditions. We demonstrate the effectiveness of ROS 2 in mitigating the chosen attack vectors but observed a measurable operational delay within our simulations.

Internet of Things (IoT), commonly referred to a physical object connected to network, refers to a paradigm in information technology integrating the advances in terms of sensing, computation and communication to improve the service in daily life. This physical object consists of sensors and actuators that are capable of changing the data to offer the improvement of service quality in daily life. When a data exchange occurs, the exchanged data become sensitive; making them vulnerable to any security attacks, one of which, for example, is Sybil attack. This paper aimed to propose a method of trustworthiness management based upon the authentication and trust value. Once performing the test on three scenarios, the system was found to be capable of detecting the Sybil attack rapidly and accurately. The average of time to detect the Sybil attacks was 9.3287 seconds and the average of time required to detect the intruder object in the system was 18.1029 seconds. The accuracy resulted in each scenario was found 100% indicating that the detection by the system to Sybil attack was 100% accurate.

Major commercial Field Programmable Gate Arrays (FPGAs) vendors provide encryption and authentication for programmable logic fabric (PL) bitstream using AES and RSA respectively. They are limited in scope of security that they provide and have proven to be vulnerable to different attacks. As-such, in-field deployed devices are susceptible to attacks where either a configuration bitstream, application software or dynamically reconfigurable bitstreams can be maliciously replaced. This hardware demo presents a framework for secure boot and runtime authentication for FPGAs. The presented system employs on-board cryptographic mechanisms and third-party established architectures such as Trusted Platform Module (TPM). The scope of this hardware demo is of systems level.

Direct Anonymous Attestation (DAA) is a cryptographic scheme that provides Trusted Platform Module TPM-backed anonymous credentials. We develop Tamarin modelling of the ECC-based version of the protocol as it is standardised and provide the first mechanised analysis of this standard. Our analysis confirms that the scheme is secure when all TPMs are assumed honest, but reveals a break in the protocol's expected authentication and secrecy properties for all TPMs even if only one is compromised. We propose and formally verify a minimal fix to the standard. In addition to developing the first formal analysis of ECC-DAA, the paper contributes to the growing body of work demonstrating the use of formal tools in supporting standardisation processes for cryptographic protocols.

Nowadays interest in IoT solutions is growing. A significant barrier to the use of these solutions in military applications is to ensure the security of data transmission and authentication of data sources and recipients of the data. Developing an efficient solution to these problems requires finding a compromise between the facts that the sensors often are mobile, use wireless communication, usually have the small processing power and have little energy resources. The article presents the security domain designated for cooperating mobile sensor nodes. The domain has the following features: the strong authentication of each domain member, cryptographic protection of data exchange in the data link layer and protection of data stored in the sensor node resources. The domain is also prepared to perform diagnostic procedures and to exchange sensory data with other domains securely. At each node, the Trusted Platform Module (TPM) is used to support these procedures.

In the Internet of Things architecture, devices are frequently connected to the Internet either directly or indirectly. However, many IoT devices lack built-in security features such as device level encryption, user authentication and basic firewall protection. This paper discusses security risks in the layers of general Internet of Things architecture and shows examples of potential risks at each level of the architecture. The paper also compares IoT security solutions provided by three major vendors and shows that the solutions are mutually complementary. Nevertheless, none of the examined IoT solutions provides security at the device level of the IoT architecture model. In order to address risks at the device level of the architecture, an implementation of Trusted Platform Module and Unique Device Identifier on IoT devices and gateways for encryption, authentication and device management is advocated in the paper.

Firstly, this paper analyses the technical foundation of single sign-on solution of unified authentication platform, and analyses the advantages and disadvantages of each solution. Secondly, from the point of view of software engineering, such as function requirement, performance requirement, development mode, architecture scheme, technology development framework and system configuration environment of the unified authentication platform, the unified authentication platform is analyzed and designed, and the database design and system design framework of the system are put forward according to the system requirements. Thirdly, the idea and technology of unified authentication platform based on JA-SIG CAS are discussed, and the design and implementation of each module of unified authentication platform based on JA-SIG CAS are analyzed, which has been applied in ship cluster platform.

This paper presents the vision of establishing a global service for Global IoT Device Discovery and Integration (GIDDI). The establishment of a GIDDI will: (1) make IoT application development more efficient and cost-effective via enabling sharing and reuse of existing IoT devices owned and maintained by different providers, and (2) promote deployment of new IoT devices supported by a revenue generation scheme for their providers. More specifically, this paper proposes a distributed IoT blockchain ledger that is specifically designed for managing the metadata needed to describe IoT devices and the data they produce. This GIDDI Blockchain is Internet-owned (i.e., it is not controlled by any individual or organization) and is Internet-scaled (i.e., it can support the discovery and reuse billions of IoT devices). The paper also proposes a GIDDI Marketplace that provides the functionality needed for IoT device registration, query, integration, payment and security via the proposed GIDDI Blockchain. We outline the GIDDI Blockchain and Marketplace implementation. We also discuss ongoing research for automatically mining the IoT Device metadata needed for IoT Device query and integration from the data produce. This significantly reduces the need for IoT device providers to supply the metadata descriptions the devices and the data they produce during the registration of IoT Devices in the GIDDI Blockchain.

Many technological cases exploiting data science have been realized in recent years; machine learning, Internet of Things, and stream data processing are examples of this trend. Other advanced applications have focused on capturing the value from streaming data of different objects of transport and traffic management in an Intelligent Transportation System (ITS). In this context, security control and trust level play a decisive role in the sustainable adoption of this trend. However, conceptual work integrating the security approaches of different disciplines into one coherent reference architecture is limited. The contribution of this paper is a reference architecture for ITS security (called SITS). In addition, a classification of Big Data technologies, products, and services to address the ITS trust challenges is presented. We also proposed a novel multi-tier ITS security framework for validating the usability of SITS with business intelligence development in the enterprise domain.

As 5G transitions from an industrial vision to a tangible, next-generation mobile technology, security remains key business driver. Heterogeneous environment, new networking paradigms and novel use cases makes 5G vulnerable to new security threats. This in turn necessitates a flexible and dependable security mechanism. End-to-End (E2E) data protection provides better security, avoids repeated security operations like encryption/decryption and provides differentiated security based on the services. E2E security deals with authentication, integrity, key management and confidentiality. The attack surface of a 5G system is larger as 5G aims for a heterogeneous networked society. Hence attack resistance needs to be a design consideration when defining new 5G protocols. This framework has been designed for accessing the manifold applications with high security and trust by offering E2E security for various services. The proposed framework is evaluated based on computation complexity, communication complexity, attack resistance rate and security defensive rate. The protocol is also evaluated for correctness, and resistance against passive, active and dictionary attacks using random oracle model and Automated Validation of Internet Security Protocols and Applications (AVISPA) tool.

The main objective of the Third Generation Partnership Project (3GPP) is to fulfill the increasing security demands of IoT-based applications with the evolution of Fifth Generation (5G) mobile telecommunication technology. In June 2018, the 3GPP has published the study report of the handover architecture and security functions of in 5G communication network. In this paper, we discuss the 5G handover key mechanism with its key hierarchy. In addition, the inter-gNB handover authentication mechanism in 5G communication network is analyzed and identify the security vulnerabilities such as false base-station attack, de-synchronization attack, key compromise, etc. In addition, the handover mechanism suffers from authentication complexity due to high signaling overhead. To overcome these problems, we recommend some countermeasures as pre-authentication of communication entities, delegation of authentication and predistribution of secret keys. This is first work in the 5G handover security analysis. We anticipate that the above security issues and key resilience problem can be avoided from the proposed solutions.

Mobile Ad-hoc Networks (MANETs) are formed when a group of mobile nodes, communicate through wireless links in the absence of central administration. These features make them more vulnerable to several attacks like identity spoofing which leads to identity disclosure. Providing anonymity and privacy for identity are critical issues, especially when the size of such networks scales up. to avoid the centralization problem for key distribution in MANETs. This paper proposes a key distribution scheme for clustered ad-hoc networks. The network is divided into groups of clusters, and each cluster head is responsible for distributing periodically updated security keys among cluster members, for protecting privacy through encryption. Also, an authentication scheme is proposed to ensure the confidentiality of new members to the cluster. The simulation study proves the effectiveness of the proposed scheme in terms of availability and overhead. It scales well for high dense networks and gives less packet drop rate compared to its centralized counterpart in the presence of malicious nodes.

A deniable authentication (DA) protocol plays a vital role to provide security and privacy of the mobile nodes in a mobile ad hoc network (MANET). In recent years, a number of similar works have been proposed, but most of them experience heavy computational and communication overhead. Further, most of these protocols are not secure against different attacks. To address these concerns, we devised an identity-based deniable authentication (IBDA) protocol with adequate security and efficiency. The proposed IBDA protocol is mainly designed for MANETs, where the mobile devices are resource-limited. The proposed IBDA protocol used the elliptic curve cryptography (ECC) and identity-based cryptosystem (IBC). The security of our IBDA protocol depends on the elliptic curve discrete logarithm (ECDL) problem and bilinear Diffie-Hellman (BDH) problem.

Digital microfluidic biochips (DMFBs) have become popular in the healthcare industry recently because of its lowcost, high-throughput, and portability. Users can execute the experiments on biochips with high resolution, and the biochips market therefore grows significantly. However, malicious attackers exploit Intellectual Property (IP) piracy and Trojan attacks to gain illegal profits. The conventional approaches present defense mechanisms that target either IP piracy or Trojan attacks. In practical, DMFBs may suffer from the threat of being attacked by these two attacks at the same time. This paper presents a comprehensive security system to protect DMFBs from IP piracy and Trojan attacks. We propose an authentication mechanism to protect IP and detect errors caused by Trojans with CCD cameras. By our security system, we could generate secret keys for authentication and determine whether the bioassay is under the IP piracy and Trojan attacks. Experimental results demonstrate the efficacy of our security system without overhead of the bioassay completion time.

Internet of vehicles (IoV) is the evolution of conventional vehicle network (VANET), a recent domain attracting a large number of companies and researchers. It is an integration of three networks: an inter-vehicle network, an intra-vehicle network, and vehicular mobile Internet, in which the vehicle is considered as a smart object equipped with powerful multi-sensors platform, connectivity and communication technologies, enabling it to communicate with the world. The cooperative communication between vehicles and other devices causes diverse challenges in terms of: storage and computing capability, energy of vehicle and network's control and management. Security is very important aspect in IoV and it is required to protect connected cars from cybercrime and accidents. In this article, we propose a network model for IoV based on software Defined Network and Cloud Computing.

In many industry Internet of Things applications, resources like CPU, memory, and battery power are limited and cannot afford the classic cryptographic security solutions. Silicon physical unclonable function (PUF) is a lightweight security primitive that exploits manufacturing variations during the chip fabrication process for key generation and/or device authentication. However, traditional weak PUFs such as ring oscillator (RO) PUF generate chip-unique key for each device, which restricts their application in security protocols where the same key is required to be shared in resource-constrained devices. In this article, in order to address this issue, we propose a PUF-based key sharing method for the first time. The basic idea is to implement one-to-one input-output mapping with lookup table (LUT)-based interstage crossing structures in each level of inverters of RO PUF. Individual customization on configuration bits of interstage crossing structure and different RO selections with challenges bring high flexibility. Therefore, with the flexible configuration of interstage crossing structures and challenges, crossover RO PUF can generate the same shared key for resource-constrained devices, which enables a new application for lightweight key sharing protocols.

Most of the security algorithms proposed for the sensor networks such as secure routing, data encryption and authentication, and intrusion detection target protecting the content of the collected data from being exposed to different types of attacks. However, the context of the collected data, such as event occurrence, event time, and event location, is not addressed by these security mechanisms and can still be leaked to the adversaries. Therefore, we propose in this paper a novel and efficient unobservability scheme for source/sink location privacy for wireless multimedia sensor networks. The proposed privacy scheme is based on a cross-layer design between the application and routing layers in order to exploit the multimedia processing technique with multipath routing to hide the event occurrences and locations of important nodes without degrading the network performance. Simulation analysis shows that our proposed scheme satisfies the privacy requirements and has better performance compared to other existing techniques.

Cryptographic protocols are the basis for the security of any protected system, including the electronic voting system. One of the most effective ways to analyze protocol security is to use verifiers. In this paper, the formal verifier SPIN was used to analyze the security of the cryptographic protocol for e-voting, which is based on model checking using linear temporal logic (LTL). The cryptographic protocol of electronic voting is described. The main structural units of the Promela language used for simulation in the SPIN verifier are described. The model of the electronic voting protocol in the language Promela is given. The interacting parties, transferred data, the order of the messages transmitted between the parties are described. Security of the cryptographic protocol using the SPIN tool is verified. The simulation of the protocol with active intruder using the man in the middle attack (MITM) to substitute data is made. In the simulation results it is established that the protocol correctly handles the case of an active attack on the parties' authentication.

In our daily lives, the advances of new technology can be used to sustain the development of people across the globe. Particularly, e-government can be the dynamo of the development for the people. The development of technology and the rapid growth in the use of internet creates a big challenge in the administration in both the public and the private sector. E-government is a vital accomplishment, whereas the security is the main downside which occurs in each e-government process. E-government has to be secure as technology grows and the users have to follow the procedures to make their own transactions safe. This paper tackles the challenges and obstacles to enhance the security of information in e-government. Hence to achieve security data hiding techniques are found to be trustworthy. Reversible data hiding (RDH) is an emerging technique which helps in retaining the quality of the cover image. Hence it is preferred over the traditional data hiding techniques. Modification in the existing algorithm is performed for image encryption scheme and data hiding scheme in order to improve the results. To achieve this secret data is split into 20 parts and data concealing is performed on each part. The data hiding procedure includes embedding of data into least significant nibble of the cover image. The bits are further equally distributed in the cover image to obtain the key security parameters. Hence the obtained results validate that the proposed scheme is better than the existing schemes.

The low attention to security and privacy causes some problems on data and information that can lead to a lack of public trust in e-Gov service. Security threats are not only included in technical issues but also non-technical issues and therefore, it needs the implementation of inclusive security. The application of inclusive security to e-Gov needs to develop a model involving security and privacy requirements as a trusted security solution. The method used is the elicitation of security and privacy requirements in a security perspective. Identification is carried out on security and privacy properties, then security and privacy relationships are determined. The next step is developing the design of an inclusive security model on e-Gov. The last step is doing an analysis of e-Gov service activities and the role of inclusive security. The results of this study identified security and privacy requirements for building inclusive security. Identification of security requirements involves properties such as confidentiality (C), integrity (I), availability (A). Meanwhile, privacy requirement involves authentication (Au), authorization (Az), and Non-repudiation (Nr) properties. Furthermore, an inclusive security design model on e-Gov requires trust of internet (ToI) and trust of government (ToG) as an e-Gov service provider. Access control is needed to provide solutions to e-Gov service activities.

The use of biometric-based authentication systems spread over daily life consumer electronics. Over the years, researchers' interest shifted from hard (such as fingerprints, voice and keystroke dynamics) to soft biometrics (such as age, ethnicity and gender), mainly by using the latter to improve the authentication systems effectiveness. While newer approaches are constantly being proposed by domain experts, in the last years Deep Learning has raised in many computer vision tasks, also becoming the current state-of-art for several biometric approaches. However, since the automatic processing of data rich in sensitive information could expose users to privacy threats associated to their unfair use (i.e. gender or ethnicity), in the last years researchers started to focus on the development of defensive strategies in the view of a more secure and private AI. The aim of this work is to exploit Adversarial Perturbation, namely approaches able to mislead state-of-the-art CNNs by injecting a suitable small perturbation over the input image, to protect subjects against unwanted soft biometrics-based identification by automatic means. In particular, since ethnicity is one of the most critical soft biometrics, as a case of study we will focus on the generation of adversarial stickers that, once printed, can hide subjects ethnicity in a real-world scenario.

Advancement in communication technologies and the Internet of Things (IoT) is driving adoption in smart cities that aims to increase operational efficiency and improve the quality of services and citizen welfare, among other potential benefits. The privacy, reliability, and integrity of communications must be ensured so that actions can be appropriate, safe, accurate, and implemented promptly after receiving actionable information. In this work, we present a multi-tier methodology consisting of an authentication and trust-building/distribution framework designed to ensure the safety and validity of the information exchanged in the system. Blockchain protocols and Radio Frequency-Distinct Native Attributes (RF-DNA) combine to provide a hardware-software codesigned system for enhanced device identity and overall system trustworthiness. Our threat model accounts for counterfeiting, breakout fraud, and bad mouthing of one entity by others. Entity trust (e.g., IoT devices) depends on quality and level of participation, quality of messages, lifetime of a given entity in the system, and the number of known "bad" (non-consensus) messages sent by that entity. Based on this approach to trust, we are able to adjust trust upward and downward as a function of real-time and past behavior, providing other participants with a trust value upon which to judge information from and interactions with the given entity. This approach thereby reduces the potential for manipulation of an IoT system by a bad or byzantine actor.

To detect specific types of bugs and vulnerabilities, static analysis tools must be correctly configured with security-relevant methods (SRM), e.g., sources, sinks, sanitizers and authentication methods-usually a very labour-intensive and error-prone process. This work presents the semi-automated tool SWAN\_ASSIST, which aids the configuration with an IntelliJ plugin based on active machine learning. It integrates our novel automated machine-learning approach SWAN, which identifies and classifies Java SRM. SWAN\_ASSIST further integrates user feedback through iterative learning. SWAN\_ASSIST aids developers by asking them to classify at each point in time exactly those methods whose classification best impact the classification result. Our experiments show that SWAN\_ASSIST classifies SRM with a high precision, and requires a relatively low effort from the user. A video demo of SWAN\_ASSIST can be found at https://youtu.be/fSyD3V6EQOY. The source code is available at https://github.com/secure-software-engineering/swan.

Cyber attacks against automobiles have increased over the last decade due to the expansion in attack surfaces. This is the result of modern automobiles having connections such as Bluetooth, WiFi, and other broadband services. While there has been numerous proposed solutions in the literature, none have been widely adopted as maintaining real-time message deliverability in the Controller Area Networks (CAN) outweighs proposed security solutions. Through iterative research, we have developed a solution which mitigates an attacker's impact on the CAN bus by using CAN's inherent features of arbitration, error detection and signaling, and fault confinement mechanism. The solution relies on an access controller and message priority thresholds added to the CAN data-link layer. The results provide no time delay for non-malicious traffic and mitigates bus impact of a subverted node attempting to fabricate messages at an unauthorized priority level.