Rituparna Chaki

Secure and trusted cloud of things

Cloud based Internet of Things or Cloud of Things has emerged as a platform to allow intelligent usage of collection of applications, information and infrastructure in a cost-effective way. Security is one of the key factor which hampers growth of it. Effective implementation of this framework needs removal of a variety of security threats. In this paper, an insight has been presented for the security issues related to CoT environment. This paper focuses on security and trust issues arising from the usage of cloud services in IoT domain. Secure trusted things as a service has been proposed here to reduce majority of the challenges in Cloud of Things environment. The main focus is on encryption mechanism with less overhead besides a trust model to enable real time decision making authentic.

Study of Security Issues in Pervasive Environment of Next Generation Internet of Things

Internet of Things is a novel concept that semantically implies a world-wide network of uniquely addressable interconnected smart objects. It is aimed at establishing any paradigm in computing. This environment is one where the boundary between virtual and physical world is eliminated. As the network gets loaded with hitherto unknown applications, security threats also become rampant. Current security solutions fail as new threats appear to destruct the reliability of information. The network has to be transformed to IPv6 enabled network to address huge number of smart objects. Thus new addressing schemes come up with new attacks. Real time analysis of information from the heterogeneous smart objects needs use of cloud services. This can fall prey to cloud specific security threats. Therefore need arises for a review of security threats for a new area having huge demand. Here a study of security issues in this domain is briefly presented.

A Survey of Security and Privacy Issues for Biometrics Based Remote Authentication in Cloud

Rapid development of smart technologies enables use of cloud service for large-scale data storage. Remote access of original data as well as biometric data from cloud storage enhances several challenges. It is inevitable to prevent unauthorized access of data stored in cloud. Biometrics authentication is more efficient than the known traditional authentication mechanisms. Authentication is a major security feature used to protect data privacy, whereas additional security features used to protect data may adversely affect it. There must be a balance between security and privacy during secure authentication design. Here a survey of security and privacy issues for biometrics based remote authentication in cloud is briefly presented and the research gaps are identified to attract more research on this domain in near future.

Modular logic of authentication using dynamic keystroke pattern analysis

Authenticating users in a continual manner has become extremely critical for a wide range of applications in the domain of pervasive computing and Internet of Things (IoT). In these days, it’s also an accepted fact that user authentication based on biometric features is often more efficient than the traditional means of password-based authentication. However, many of the existing biometric techniques like Iris or finger-print recognition are effective only when the person to be authenticated or verified is physically accessible. Thus such technologies are good for applications like Passport Control and fall short of the requirements for IoT applications like an integrated remote-healthcare where different types of users like Doctors, patients, hospitals, insurance companies, other care-givers and even authorized civic-body administrators are to be continually authenticated from remote locations. It is important to ensure that the desired services are accessed only by a legitimate user and no one else. In ...

State of the art analysis of network traffic anomaly detection

In the present age of pervasive computing, network anomaly detection has become an essential research area. The idea behind anomaly detection originated from the perspective of network monitoring and security As more and more people and devices get connected over the net, the need for security of information being exchanged increases.. In network monitoring, the monitoring device observes such network features like flow and capacity of a link in network, number and size of distinct flows. Where as in network security the monitoring node monitors the anomalous behavior of the nodes. In this paper we present a review of some of the existing research works on anomaly detection.

A channel trust based approach for congestion control in IoT

In the present age of Internet of Things (Iot), congestion control has become an essential research area. The idea behind congestion control originated from the perspective of network bandwidth, node processing ability and server capacities. As more and more people and devices get connected over the net, the need for congestion control increases. In IoT, the monitoring device observes such network features like flow and capacity of a link in network, number and size of distinct flows. In this paper we present literature review of some of existing congestion control mechanisms. A congestion control model has also been proposed, which uses the measure of channel trust for decision making.

A new concurrency control mechanism for multi-threaded environment using transactional memory

Software transactional memory (STM) is one of the techniques used towards achieving non-blocking process synchronization in multi-threaded computing environment. In spite of its high potential, one of the major limitations of transactional memory (TM) is that in order to ensure data consistency as well as progress condition, TM often forces transactions to abort. This paper proposes a new concurrency control mechanism. It starts with the existing TM implementations for obstruction freedom and eventually builds a new STM methodology. The primary objective is to reduce aborting of transactions in some typical scenarios. A programming model is described for a chain of update transactions that share the same data object among themselves. Using the proposed approach, any new update transaction appended in this chain need not wait for the earlier transactions to finish. The proposed STM allows wait-free, non-blocking implementation of a mix of read and multiple update transactions on the same shared data object with higher throughput.

AESCRT: Agent enabled secure CRT based routing topology for MANET

In a MANET, existing techniques for secure routing involves key generation, encryption and decryption logics besides secret sharing. The dynamic nature of MANETs leads to insecurities and inconsistencies in secret sharing. The existing logics for securing the packet delivery seem to involve too many control signal interchanges. This often leads to congestion in the network, thus causing degraded performance. This paper proposes the use of multiple agents to detect secure routes with minimum load on the network. The Chinese remainder theorem is used in generating the secure key by the source node. Source node shares the secure key among all probable routes using multiple agents. These agents reduce control packet overheads and thus reduce congestion in the network. The final route is selected based on the highest weighted trust value of the routes. The three phased approach is aimed to increase the overall performance in the network and also control congestion in the network using agent based approach. Simulation results have been included to justify our claim.

MCBHIDS: Modified layered cluster based algorithm for black hole IDS

Mobile ad hoc networks are highly vulnerable to attacks due to infrastructure less environment. The features of MANETs are like open media, dynamic changes in topology, cooperative and collaborative algorithm and no centralized monitoring system. These features make the network more prone to malicious attack. The traditional way of protecting networks with firewalls and encryption software is no longer sufficient and effective for those features. In this paper, we present a new cluster based intrusion detection algorithm that takes care of black hole attacks in a MANET. This proposed algorithm is based on trustworthiness of the nodes in a network. The network is considered to be a layered structured. The nodes are member of a cluster. Each cluster has cluster head that takes care of all the members of its own cluster and communicates with cluster head at layer 2 whenever required. The cluster head at layer 2 communicate with all cluster head at layer 1. The selection of cluster head depends on three parameters battery power, mobility and trust value of a node in a cluster. Periodically the cluster head updation is done according to three parameters. We have implemented our algorithm using the NS simulator. The performance of the proposed Intrusion Detection System (IDS) has also been evaluated in the process. The performance graph shows marked improvement as far as packet dropping is concerned.

Typing Signature Classification Model for User Identity Verification

Typing pattern is a behavioral trait of user that is simple, less costly, and workable at any place having only computing device. In this paper, n-graph typing signature is built during user profiling based on keyboard usage pattern. The main aim of this paper is to increase inclusion of number of typing features (both temporal and global) during decision generation and to simplify the procedure of considering missing typing patterns (various monographs, digraphs, etc), which are not enrolled before. A modular classification model collection–storage–analysis (CSA) is designed to identify user. Typing signature becomes adaptive in nature through learning from environment. Module 1 is used for pattern acquisition and processing, and module 2 is used for storage, whereas module 3 is used for analysis. Final decision is generated on the basis of evaluated match score and enrolled global parameters. Proposed CSA model is capable to reduce space and time overhead in terms of dynamic pattern acquisition and storage without using any approximation method. A customized editor HCI is designed for physical key-based devices to build our own data set. Proposed CSA model can classify typing signature of valid and invalid user without incurring high overhead.