Tapalina Bhattasali

Sleep Deprivation Attack Detection in Wireless Sensor Network

of sensor network in hostile environment makes it mainly vulnerable to battery drainage attacks because it is impossible to recharge or replace the battery power of sensor nodes. Among different types of security threats, low power sensor nodes are immensely affected by the attacks which cause random drainage of the energy level of sensors, leading to death of the nodes. The most dangerous type of attack in this category is sleep deprivation, where target of the intruder is to maximize the power consumption of sensor nodes, so that their lifetime is minimized. Most of the existing works on sleep deprivation attack detection involve a lot of overhead, leading to poor throughput. The need of the day is to design a model for detecting intrusions accurately in an energy efficient manner. This paper proposes a hierarchical framework based on distributed collaborative mechanism for detecting sleep deprivation torture in wireless sensor network efficiently. Proposed model uses anomaly detection technique in two steps to reduce the probability of false intrusion.

Secure and trusted cloud of things

Cloud based Internet of Things or Cloud of Things has emerged as a platform to allow intelligent usage of collection of applications, information and infrastructure in a cost-effective way. Security is one of the key factor which hampers growth of it. Effective implementation of this framework needs removal of a variety of security threats. In this paper, an insight has been presented for the security issues related to CoT environment. This paper focuses on security and trust issues arising from the usage of cloud services in IoT domain. Secure trusted things as a service has been proposed here to reduce majority of the challenges in Cloud of Things environment. The main focus is on encryption mechanism with less overhead besides a trust model to enable real time decision making authentic.

Study of Security Issues in Pervasive Environment of Next Generation Internet of Things

Internet of Things is a novel concept that semantically implies a world-wide network of uniquely addressable interconnected smart objects. It is aimed at establishing any paradigm in computing. This environment is one where the boundary between virtual and physical world is eliminated. As the network gets loaded with hitherto unknown applications, security threats also become rampant. Current security solutions fail as new threats appear to destruct the reliability of information. The network has to be transformed to IPv6 enabled network to address huge number of smart objects. Thus new addressing schemes come up with new attacks. Real time analysis of information from the heterogeneous smart objects needs use of cloud services. This can fall prey to cloud specific security threats. Therefore need arises for a review of security threats for a new area having huge demand. Here a study of security issues in this domain is briefly presented.

A Survey of Security and Privacy Issues for Biometrics Based Remote Authentication in Cloud

Rapid development of smart technologies enables use of cloud service for large-scale data storage. Remote access of original data as well as biometric data from cloud storage enhances several challenges. It is inevitable to prevent unauthorized access of data stored in cloud. Biometrics authentication is more efficient than the known traditional authentication mechanisms. Authentication is a major security feature used to protect data privacy, whereas additional security features used to protect data may adversely affect it. There must be a balance between security and privacy during secure authentication design. Here a survey of security and privacy issues for biometrics based remote authentication in cloud is briefly presented and the research gaps are identified to attract more research on this domain in near future.

LIGHTWEIGHT HIERARCHICAL MODEL FOR HWSNET

Heterogeneous wireless sensor networks (HWSNET) are more suitable for real life applications as compared to the homogeneous counterpart. Security of HWSNET becomes a very important issue with the rapid development of HWSNET. Intrusion detection system is one of the major and efficient defensive methods against attacks in HWSNET. Because of different constraints of sensor networks, security solutions have to be designed with limited usage of computation and resources. A particularly devastating attack is the sleep deprivation attack. Here a malicious node forces legitimate nodes to waste their energy by resisting the sensor nodes from going into low power sleep mode. The target of this attack is to maximize the power consumption of the affected node, thereby decreasing its battery life. Existing works on sleep deprivation attack have mainly focused on mitigation using MAC based protocols, such as S-MAC (sensor MAC), T-MAC (timeout MAC), B-MAC (Berkley MAC), G-MAC ( gateway MAC). In this article, a brief review of some of the recent intrusion detection systems in wireless sensor network environment is presented. Finally, a framework of cluster based layered countermeasure for Insomnia Detection has been proposed for heterogeneous wireless sensor network (HWSNET) to efficiently detect sleep deprivation attack. Simulation results on MATLAB exhibit the effectiveness of the proposed model.

Two factor remote authentication in healthcare

In order to control access of health related data stored in public cloud, efficient authentication mechanism needs to be considered. Biometrics authentication is more reliable than traditional means of authentication because of its uniqueness and low intrusiveness. To ensure high accuracy level, two factor authentication mechanism is proposed here. In this framework, biometrics authentication is fused with secret PIN. The first factor uses simple and effective behavioral biometrics keystroke analysis model whilst the second factor uses secret PIN mechanism. In factor one authentication, keystroke analysis is proposed where raw data are collected first; then processed data are stored and trust scores are generated finally. End-user gets trust score at each factor of authentication and decision is taken based on final trust score of end-user. Performance analysis of the proposed mechanism shows its efficiency to authenticate end-users.

Poster: Exploring Security as a Service for IoT Enabled Remote Application Framework

This paper discusses the need for new security frameworks for IoT enabled remote applications. It considers real life scenario as a case study to explicitly represent the relationship between security requirements and security goals. Security as a service is a subscription model in IoT environment that needs to be customized to meet the application specific goal. This paper provides the basic idea about how to do this.

Typing Signature Classification Model for User Identity Verification

Typing pattern is a behavioral trait of user that is simple, less costly, and workable at any place having only computing device. In this paper, n-graph typing signature is built during user profiling based on keyboard usage pattern. The main aim of this paper is to increase inclusion of number of typing features (both temporal and global) during decision generation and to simplify the procedure of considering missing typing patterns (various monographs, digraphs, etc), which are not enrolled before. A modular classification model collection–storage–analysis (CSA) is designed to identify user. Typing signature becomes adaptive in nature through learning from environment. Module 1 is used for pattern acquisition and processing, and module 2 is used for storage, whereas module 3 is used for analysis. Final decision is generated on the basis of evaluated match score and enrolled global parameters. Proposed CSA model is capable to reduce space and time overhead in terms of dynamic pattern acquisition and storage without using any approximation method. A customized editor HCI is designed for physical key-based devices to build our own data set. Proposed CSA model can classify typing signature of valid and invalid user without incurring high overhead.

Context and Trust Aware Workflow Oriented Access Framework

Service oriented computing (SoC) changes the way of conducting business as these services are often available on a network. As traditional access control approach may not work in the changed environment, protecting business resource from misuse is a big challenge. Again, static allocation of access right to users will not be an efficient solution as SoC environment changes with time. This paper focuses on design of dynamic access control approach for business process. Here, we propose a context and trust aware workflow oriented access framework. Proposed approach focuses on inter-component relationship where phases are executed either in online or offline mode to avoid performance bottleneck. The concept of static binding in role based access model is extended to support dynamic access control by including context awareness and trust relationship between owner and user. Trust is either directly or indirectly dependent on service level agreement (SLA) compliance, quality of service, reputation and provenance (historical data). In this paper, the framework is designed by mapping proposed access model to workflow instances at run-time. It is validated by workflow net model, where workflow instance can be successfully executed without any interruption and can satisfy soundness property while incorporating proposed access control approach.

Securing Service in Remote Healthcare

Health-care service in remote environment opens for several security challenges. These may affect confidentiality, integrity, and availability of resource. Securing service is a big concern for this kind of application. Encoding is required before uploading data to remote web server. Identity management is another primary aspect to validate any service. One-time identity verification during login has no importance, because valid session may be hijacked by impostors. Compared to other techniques, identity management based on human computer interaction is simple and less costly in remote environment. Service verification also needs to be considered to control access rights along with end user verification. A secured remote service (SecReS) framework is proposed here to ensure availability of health-care resource to valid end users. This service is capable to reduce time complexity, bandwidth cost, and to increase accuracy and attack resistance capacity. Theoretical analysis shows its efficiency.