Ubaidullah Rajput

On security and privacy issues of fog computing supported Internet of Things environment

Recently, the concept of Internet of Things (IoT) is attracting much attention due to the huge potential. IoT uses the Internet as a key infrastructure to interconnect numerous geographically diversified IoT nodes which usually have scare resources, and therefore cloud is used as a key back-end supporting infrastructure. In the literature, the collection of the IoT nodes and the cloud is collectively called as an IoT cloud. Unfortunately, the IoT cloud suffers from various drawbacks such as huge network latency as the volume of data which is being processed within the system increases. To alleviate this issue, the concept of fog computing is introduced, in which foglike intermediate computing buffers are located between the IoT nodes and the cloud infrastructure to locally process a significant amount of regional data. Compared to the original IoT cloud, the communication latency as well as the overhead at the backend cloud infrastructure could be significantly reduced in the fog computing supported IoT cloud, which we will refer as IoT fog. Consequently, several valuable services, which were difficult to be delivered by the traditional IoT cloud, can be effectively offered by the IoT fog. In this paper, however, we argue that the adoption of IoT fog introduces several unique security threats. We first discuss the concept of the IoT fog as well as the existing security measures, which might be useful to secure IoT fog. Then, we explore potential threats to IoT fog.

A Hierarchical Privacy Preserving Pseudonymous Authentication Protocol for VANET

Vehicular ad hoc network (VANET) is a technology that enables smart vehicles to communicate with each other and form a mobile network. VANET facilitates users with improved traffic efficiency and safety. Authenticated communication becomes one of the prime requirements of VANET. However, authentication may reveal a users personal information such as identity or location, and therefore, the privacy of an honest user must be protected. This paper proposes an efficient and practical pseudonymous authentication protocol with conditional privacy preservation. Our protocol proposes a hierarchy of pseudonyms based on the time period of their usage. We propose the idea of primary pseudonyms with relatively longer time periods that are used to communicate with semi-trusted authorities and secondary pseudonyms with a smaller life time that are used to communicate with other vehicles. Most of the current pseudonym-based approaches are based on certificate revocation list (CRL) that causes significant communication and storage overhead or group-based approaches that are computationally expensive and suffer from group-management issues. These schemes also suffer from trust issues related to certification authority. Our protocol only expects an honest-but-curious behavior from otherwise fully trusted authorities. Our proposed protocol protects a users privacy until the user honestly follows the protocol. In case of a malicious activity, the true identity of the user is revealed to the appropriate authorities. Our protocol does not require maintaining a CRL and the inherent mechanism assures the receiver that the message and corresponding pseudonym are safe and authentic. We thoroughly examined our protocol to show its resilience against various attacks and provide computational as well as communicational overhead analysis to show its efficiency and robustness. Furthermore, we simulated our protocol in order to analyze the network performance and the results show the feasibility of our proposed protocol in terms of end-to-end delay and packet delivery ratio.

PRISM: PRivacy-Aware Interest Sharing and Matching in Mobile Social Networks

In a profile matchmaking application of mobile social networks, users need to reveal their interests to each other in order to find the common interests. A malicious user may harm a user by knowing his personal information. Therefore, mutual interests need to be found in a privacy preserving manner. In this paper, we propose an efficient privacy protection and interests sharing protocol referred to as PRivacy-aware Interest Sharing and Matching (PRISM). PRISM enables users to discover mutual interests without revealing their interests. Unlike existing approaches, PRISM does not require revealing the interests to a trusted server. Moreover, the protocol considers attacking scenarios that have not been addressed previously and provides an efficient solution. The inherent mechanism reveals any cheating attempt by a malicious user. PRISM also proposes the procedure to eliminate Sybil attacks. We analyze the security of PRISM against both passive and active attacks. Through implementation, we also present a detailed analysis of the performance of PRISM and compare it with existing approaches. The results show the effectiveness of PRISM without any significant performance degradation.

A two level privacy preserving pseudonymous authentication protocol for VANET

Vehicular ad hoc network (VANET) is gaining significant popularity due to their role in improving traffic efficiency and safety. However, communication in VANET needs to be secure as well as authenticated. The vehicles in the VANET not only broadcast traffic messages known as beacons but also broadcast safety critical messages such as electronic emergency brake light (EEBL). Due to the openness of the network, a malicious vehicles can join the network and broadcast bogus messages that could result in accident. On one hand, a vehicle needs to be authenticated while on the other hand, its private data such as location and identity information must be prevented from misuse. In this paper, we propose an efficient pseudonymous authentication protocol with conditional privacy preservation to enhance the security of VANET. Most of the current protocols either utilize pseudonym based approaches with certificate revocation list (CRL) that causes significant communicational and storage overhead or group signature based approaches that are computationally expensive. Another inherent disadvantage is to have full trust on certification authorities, as these entities have complete user profiles. We present a new protocol that only requires honest-but-curious behavior from certification authority. We utilize a mechanism for providing a user with two levels of pseudonyms named as base pseudonym and short time pseudonyms to achieve conditional privacy. However, in case of revocation, there is no need to maintain the revocation list of pseudonyms. The inherent mechanism assures the receiver of the message about the authenticity of the pseudonym. In the end of the paper, we analyze our protocol by giving the communication cost as well as various attack scenarios to show that our approach is efficient and robust.

A Trustless Broker Based Protocol to Discover Friends in Proximity-Based Mobile Social Networks

Due to the rapid growth of online social networking and mobile devices, proximity based mobile social networks (PMSN) are gaining increasing popularity. PMSN refers to the social interaction among physically proximate mobile users where they directly communicate through Bluetooth/Wi-Fi. In PMSN, while making friends, users match their profiles in accordance with their interests. In this regard, preserving a user’s privacy is crucial during profile matching. Users use their profiles for matching. An attacker in user’s near proximity can learn these profiles’ values. This poses significant threat to a user’s privacy. In this regard, we propose a protocol to preserve user’s sensitive information. During discovery of friends in our protocol we use a broker that is an intermediate entity between interacting mobile users. Our protocol does not require trustworthy broker and hence no valuable information is given to broker that can cause a privacy threat. For secure computations paillier encryption has been used in our protocol. Furthermore, we implement and analyze our protocol to show its acceptable computational and communication cost.

Say Hello Again: Privacy Preserving Matchmaking Using Cloud in Encounter Based Mobile Social Networks

Mobile social networks (MSNs) are getting increasingly popular day by day. With the help of MSNs people can connect with each other online as well as offline. One of the famous applications of MSNs is profile matchmaking in which users share their interests in order to find mutual friends. However, the user of such application can be a victim of various privacy related attacks due to the revelations of users personal interests during profile matchmaking. More recent dimension of MSN is encounter-based social networks. In this scenario, the users make social contacts while sharing a common location and time. Mobile devices record the encounter information when two users are within physical proximity and at a later time, their encounter history should be matched when they try to find each other again. In this paper, we propose a privacy preserving matchmaking protocol in which users share the encounter information and later utilize a cloud server to post encounter information in order to privately match their profiles with unknowns to whom they shared the encounter. In our protocol, neither the users nor the cloud server is able to discover the interests of either participants during matchmaking. To the best of our knowledge, this approach is the first attempt that combines encounter based social networks and fine-grained profile matchmaking. Towards the end of the paper, we present security analysis as well as performance evaluation that shows the effectiveness and feasibility of our protocol.

A Hybrid Approach for Efficient Privacy-Preserving Authentication in VANET

A vehicular ad hoc network (VANET) serves as an application of the intelligent transportation system that improves traffic safety as well as efficiency. Vehicles in a VANET broadcast traffic and safety-related information used by road safety applications, such as an emergency electronic brake light. The broadcast of these messages in an open-access environment makes security and privacy critical and challenging issues in the VANET. A misuse of this information may lead to a traffic accident and loss of human lives atworse and, therefore, vehicle authentication is a necessary requirement. During authentication, a vehicle’s privacy-related data, such as identity and location information, must be kept private. This paper presents an approach for privacy-preserving authentication in a VANET. Our hybrid approach combines the useful features of both the pseudonym-based approaches and the group signature-based approaches to preclude their respective drawbacks. The proposed approach neither requires a vehicle to manage a certificate revocation list, nor indulges vehicles in any group management. The proposed approach utilizes efficient and lightweight pseudonyms that are not only used for message authentication, but also serve as a trapdoor in order to provide conditional anonymity. We present various attack scenarios that show the resilience of the proposed approach against various security and privacy threats. We also provide analysis of computational and communication overhead to show the efficiency of the proposed technique. In addition, we carry out extensive simulations in order to present a detailed network performance analysis. The results show the feasibility of our proposed approach in terms of end-to-end delay and packet delivery ratio.

Priority-Aware Interests Similarity Protocol (PAISP) for Proximity Based Mobile Social Network

Mobile social network (MSN) is getting immense popularity these days. MSN enables people to make social relationship online as well as offline. Proximity based mobile social network (PMSN) is a subset of MSN where people in near proximity interact with each other. One of the famous applications of MSN (or PMSN) is profile matchmaking. In this application, users in near proximity run a matchmaking protocol in order to compute the similarity between their profiles. However, revealing such information may cause significant privacy threat due to the presence of an attacker in near proximity. The attacker can be an outsider as well as a malicious insider. This paper presents a privacy-aware interests similarity protocol (PAISP) in order to facilitate the users computing the similarity between profiles. PAISP proposes different levels of privacy that allow users to have control over information revelation during matchmaking. Towards the end of the paper, we present the security analysis to show the resilience of our proposed protocol against various threats. Furthermore, we implement our proposed protocol for performance evaluation. The results show that our protocol is feasible, effective and performs better in comparison to existing approaches.

Trust Evaluation Based Friend Recommendation in Proximity Based Mobile Social Network

Proximity Based Mobile Social Networks (PMSN) is a special type of Mobile Social Network (MSN) where a user interacts with other users present in near proximity in order to make social relationships between them. The users’ mobile devices directly communicate with each other with the help of Bluetooth/Wi-Fi interfaces. The possible presence of a malicious user in the near proximity poses significant threats to the privacy of legitimate users. Therefore, an efficient trust evaluation mechanism is necessary that enables a legitimate user to evaluate and decide about the trustworthiness of other user in order to make friendship. This paper proposes a protocol that evaluates various parameters in order to calculate a trust value that assists a PMSN user in decision making for building new social ties. This paper describes various components of trust such as friend of friend, credibility and the type of social spot where trust evaluation is being performed and then calculates these parameters in order to compute the final trust value. We utilize semi-trusted servers to authenticate users as well as to perform revocation of malicious users. In case of an attack on servers, real identities of users remain secure. We not only hide the real identity of the user from other users but also from the semi-trusted servers. The inherent mechanism of our trust evaluation protocol provides resilience against Sybil and Man-In-The-Middle (MITM) attacks. Towards the end of the paper, we present various attack scenarios to find the effectiveness and robustness of our trust evaluation protocol.

A Simple Yet Efficient Approach to Combat Transaction Malleability in Bitcoin

Bitcoin has emerged as a popular crypto currency. It was introduced in 2008 by Satoshi Nakamoto (A pseudonym). The reasons for its popularity include its decentralized nature, double spending prevention, smart strategy to counter inflation and providing a certain degree of anonymity. In February 2014, Bitcoin community was shocked to know that a Japan based company named Mt. Gox who, were dealing 70 percent of Bitcoin transactions that time, announced that they were hit by a bug in the Bitcoin protocol named as Transaction Malleability. The company lost hundreds of millions of dollars worth bitcoin. Soon after this, another company SilkRoad 2 also claimed to have affected by same issue. To date there is little research literature available on this recent issue and it is hard to grasp this problem. The purpose of writing this paper is twofold. We discuss Transaction Malleability in detail with respect to the structure of Bitcoin transactions in order to make reader properly understands what Transaction Malleability is and how it works. We also propose a mechanism to counter this issue.