post-quantum era is Fully Homomorphic Encryption based on. National Institute of ...... [52] D. Naccache and J. Stern., “A new public key cryptosystem based on.
JOURNAL OF LATEX CLASS FILES, VOL. 6, NO. 1, JANUARY 2007
1
Secure Internet of Things (IoT) Architecture Based on Homomorphic Encryption Inoussa N. Mouiche, Samer Moein, Member, IEEE, T. Aaron Gulliver, Senior Member, IEEE, Bernard Essimbi
Abstract—The rapid growth of Information and Communication Technologies (ICT) interconnecting small devices, intend to improve urban environments toward smart cities. This is known as Internet of Things (IoT) because it has the ability to monitor and control almost all devices and create the communication between them through ad-hoc sensor networks and facilitate human activities. This paper examine the security challenges for general IoT architecture. A secure IoT architecture based on Homomorphic encryption is proposed. Moreover, a case study of smart city is given to illustrate the usefulness of the proposed architecture. Keywords—Internet of Things (IoT), smart city, risk analysis
I.
I NTRODUCTION
N Internet of Things (IoT) system is a uniquely identifiable “Thing” connected to the Internet, perhaps with static data stored in RFID tags, so that this data can be accessed from anywhere, at anytime, by anything. The “Thing” can be connected with a sensor/actuator so that the current state can be sensed and action can be taken using actuation, and it can also have a programmability capabilities [9]. IoT systems encompass a broad range of technologies from small Radio Frequency Identification (RFID) systems to large battery powered or mains powered sensor and control systems. The term, Internet of Things, a system of interconnected devices, was first proposed in [15]. IoT has four major components including sensing, heterogeneous access, information processing, applications and services, and additional components such as security and privacy. With over 50% of the worlds population now in cities, significant strains are placed on city resources and infrastructures. The use of Information and Communications Technologies (ICT) to modernize cities promises to create Smart Cities that mitigate the impacts of increased city populations while improving the quality of life for all inhabitants. Smart Cities are large, complex, distributed and continuous systems containing mission-critical data that must be secured end-to-end. Smart Cities are increasingly becoming IoT-enabled and IoT dependent [11], while their security is dependent upon the security of the underlying IoT protocols that have welldocumented vulnerabilities [12]. Smart City IoT networks operate over heterogeneous technologies and across multiple device types. The basic security building blocks enable secure communications and authentication across these heterogeneous technologies [13]. Not all security can be embedded within
A
I. N. Mouiche, S. Moein, and T. Gulliver are with the Department of Electrical and Computer Engineering, University of Victoria, Victoria, Canada. Manuscript received April 19, 2005; revised January 11, 2007.
the IoT sensing nodes because of their resource constraints. We present four fundamental building blocks of a secure IoT architecture for a Smart City. In a Smart City environment, there are multiple wireless technologies in use, there are multiple protocols in use, and there are multiple addressing schemes in use. All of these identities need a unified attribute set for identity management, authentication, authorization and accounting. In addition, translations between technologies, protocols and addressing schemes may have to be done, and the Unified registry facilitates the conversion. Resource-constrained IoT nodes communicate securely by means of a shared key. Symmetric keys are used for simplicity and resource efficiency. Key management is a critical part of all security architectures. Keys must be generated, stored, communicated and used in a secure fashion. Key distribution is a critical problem for symmetric keys in a distributed mobile system. The use of a hierarchical Key Management System enables efficient key distribution while providing secure symmetric keys for authorized devices [14]. Since one of the recommended encryption algorithm for post-quantum era is Fully Homomorphic Encryption based on National Institute of Standards and Technology (NIST) [66]. In this paper, we present a secure IoT architecture based on homomorphic encryption algorithm. In addition, the security challenges of an IoT architecture is studied. Based on this study, a secure IoT architecture based on Homomorphic encryption is presented to secure processing and transferring data between IoT architecture layers. The risk analysis, computation, and impact factors are studied. A smart city example is provided. The remainder of this paper is organized as follows. General architecture of IoT and its security goal and challenges are presented in Section II. Our proposed architecture and its risk analysis is proposed in Section III. Smart city is discussed as a case study in Section IV. Finally, Section V provides some concluding remarks. II.
G ENERAL A RCHITECTURE
Several governments and industries have launched several projects despite that the key technologies including the basic architecture of IoT. Paper [17] proposed the future IoT architecture based on two aspects: first, unit IoT, which refers to the basic IoT unit with focus on providing solutions for special applications and its architecture is a Man-Like Nervous (MLN) model. Second, ubiquitous IoT, which refers to the global IoT, national IoT, industrial IoT or local IoT which is integration of multiple Unit IoTs with ”ubiquitous” characters.
JOURNAL OF LATEX CLASS FILES, VOL. 6, NO. 1, JANUARY 2007
The Ubiquitous IoT architecture resembles the Social Organization Framework (SOF) model [17]. A secure IoT architecture for smart cities that addresses the vulnerabilities in traditional IoT systems is proposed in [14]. This architecture includes a black networks, Trusted Software Defined Networking (SDN) controllers, unified registry, and key management system. Secure all data, including the metadata, associated with each frame or packet in an IoT protocol is secured by using the black network [18]. Manage the flow of communications amongst IoT nodes and the networking infrastructure is controlled by SDN. The unified registry is used to consolidate the heterogeneous technologies, addressing schemes and devices that make up the IoT networks. Key management system is responsible for generating, storing, and distributing encryption keys. Another Internet of Things architecture based on Object Linking and Embedding for Process Control (OPC.NET) specifications, which can be used in both industrial environments and smart building was proposed in [19]. This architecture is based on the uniform engineering of distributed control systems model proposed in [20]. There are many different proposed architecture, but they are almost agree in four key levels architecture. Based on [12], IoT can be divided into four key levels architecture, as shown in Fig. 1.
2
B. Network Layer The network layer is responsible for the reliable transmission of information from perceptual layer, initial processing of information, classification and polymerization. The transmission of the collected data is relied on several networks, such as internet, mobile communication network, satellite nets, wireless network, network infrastructure and communication protocols are also essential to the information exchange between devices. C. Support Layer The support layer provides a reliable support platform for the application layer. This layer consists of information processing systems that take automated actions based on the results of processed data and links the system with the database which provides storage capabilities to the collected data. This layer is service-oriented which ensures same service type between the connected devices. D. Application Layer The application layer provides the personalized services according to the needs of the users, such as smart home, environment, transportation, and hospital. E. Security Goals
Fig. 1: General Secure Architecture of IoT
A. Perceptual Layer In this layer, data is collected through sensing nodes and identifies the physical world object uniquely objects and deal with its collected data obtained from the real world with the help of its respective sensors. This data includes object properties, environmental condition, and physical equipments. This layer consists of different kinds of data sensors like RFID, barcodes or any other sensor network.
Network security and key management play an important role in each layer. Therefore, the major security goals of IoT are to ensure essential components of information assurance are considered such as: confidentiality, integrity, identification/authentication, non-repudiation, and availability. Moreover, resilience and safety in cyber-physical systems. 1) Confidentiality: It is the ability to provide confidence to user about the privacy of the sensitive information by using different mechanisms such that its disclosure to the unauthorized party is prevented and can be accessed by the permitted users only. Data encryption and the two-step verification are examples of mechanism could be used to provide confidentiality of the data. For the IoT based devices, it ensures that the sensor nodes of the sensor networks do not reveal their data to the neighbouring nodes, similarly the tags do not transmit their data to an unauthorized reader [21]. 2) Integrity: The protection of useful information from the cybercriminals or the external interference during transmission and reception with some common tracking methods, so that the data cannot be tampered without the system catching the threat [22]. Hashing primitive is one of the method that could be used to ensure the accuracy and originality of data. 3) Identification/Authentication: Identification is the process by which an entity declares its identity, while verifying that the source of data is from a known identity or endpoint is known as authentication. Identification and authentication are always used together as a single two-step process. Without both, a subject cannot gain access to a system [26].
JOURNAL OF LATEX CLASS FILES, VOL. 6, NO. 1, JANUARY 2007
4) Non-repudiation: Nonrepudiation ensures that the subject of an activity or event cannot deny that the event occurred. Nonrepudiation can be established using digital certificates, session identifiers, transaction logs, and numerous other transactional and access control mechanisms. 5) Availability: Data Availability ensures the immediate access of authorized party to their information resources not only in the normal conditions but also in disastrous conditions. The Redundancy and Failover backup methods provide duplication of the system components in conditions of system failure or various system conflicting to ensure reliability and availability of data [16]. 6) Resilience: Resilient control system which utilizes Information technology considers stability and quality of service in the face of threats to the computing and networking infrastructure [23]. However, control systems provide a layer of complexity not adequately encompassed within the objectives of information technology [24]. As control systems become more decentralized, the ability to characterize interactions, performance and security becomes more critical to ensuring resilience. While more decentralization can provide additional reliability due to implicit redundancy and diversity, it may also provide more avenues or vectors to cyber attack. Therefore, the design of complex networks (i.e. IoT) needs to consider all factors that influence resilience, and optimize for multiple considerations [25]. 7) Safety: Safety is the condition that keep the person safe from undergoing or causing hurt, injury, or lose. A complex and connected environment such as IoT is supposed to have many security challenges. One of these challenges is ensuring safety when a sudden failure occurs for a system components. Safety must be considered as a counter to reduce the possibility of damage [27]. F. Security Challenges IoT facing severe security challenges because of the extension of existing traditional networks by connecting everything. Moreover, All these things will communicate with each other. The new security and privacy problems will arise which leads to more attention to issues related to confidentiality, authenticity, and integrity of data in the IoT [12]. In this section, the studying of security challenges in IoT layers are presented. 1) Perceptual Layer: This layer consists of different sensor technologies like RFID which are exposed to many kinds of threats which are discussed below: a) Tag attacks: They can be on multiple forms: (i) Tag disabling or DoS where the attackers compromise the RFID tags to presume the state from which they become unavailable or unassailable and cannot longer response. (ii) Tag Tracking due to the ubiquitous ability to associate RFID tag to every single object, including human being is the most vulnerable action to disclose personal information in communication security. (iii) Tag Cloning, since tags are deployed on different objects which are visible and their data can be read and modified with some hacking techniques. Therefore, they can be easily captured by any cybercriminal who can create a replica
3
of the tag and hence compromising it in a way that the reader cannot distinguish between the original and the compromised tag [29]. Protection against unauthorized access to the tags is the main countermeasure. Each entity involved in the communication need to be identified and any shared message between tags and readers should be signed by the sender for authentication. Therefore, public cryptographic system can be used to guarantee the authentication and ensure the privacy of the information exchanged [16], [71]. Generally, these algorithms should be slighter enough to be implemented in small objects with limited resources and must be trusted to resist sidechannel attacks. b) Eavesdropping: Because of the wireless characteristics of the RFID it becomes very easy for the attacker to sniff out the confidential information like passwords or any other data flowing from tag-to-reader or reader-to-tag which makes it vulnerable because the attacker can make it to use in despicable ways. these types of attacks cause leakage or theft of the sensitive information [31]. The countermeasures against these attacks pass through a reliable encryption method to prevent attackers to gain access to the data transmitted between readers and tags. c) Spoofing: When an attacker broadcasts fake information to the RFID systems and makes it to assume its originality falsely which makes it appearing from the original source [33]. This way attacker gets full access to the system making it vulnerable. WSNs are basically more exposed to this type of attack, the sensors capture everything at their vicinity including malicious components from different attempts. To prevent from these menaces, a secure public cryptographic method is required for authentication, but due to the resource constraints at different levels in WSNs, [28] proposed the utilize of Received Signal Strength (RSS) measured across a set of access points to perform spoofing detection and localization, as it does not require any additional cost to the wireless devices and the localization of the attack point is automatically launched. d) RF Jamming: RFID tags can also be compromised by kind of a DoS attack in which communication through RF signals is disrupted with an excess of noise signals [34]. RF Jamming introduces noise to create chaos in communication systems so that the desired signals become fuzzy. One way to mitigate this threat requires that the hostile transmitter and receiver be designed with the reliable filters to defeat the jammer spot or filter the signals received. In [81] the deception jammer receives and memorizes the jammed signals and will resend them back in time into the network with allocated phase, amplitude and polarization modulations. e) Crypto-Attack: Relies on the weakness of some techniques used to secure data stored in an RFID tag. When the algorithm for data encryption or decryption is not complex enough, it becomes easy for the attacker to crack and get the contain of the message stored in the RFID tag [69]. To stop these attacks, the use of strong cryptographic methods with slighter algorithms because of resource constraint in small things is recommended. 2) Network Layer: Network layer consists of the Wireless Sensor Network (WSN) which transmits the data from the
JOURNAL OF LATEX CLASS FILES, VOL. 6, NO. 1, JANUARY 2007
sensor to its destination with reliability. The related security issues are discussed below: a) Sybil Attack: Sybil is a kind of attack in which the attacker manipulates the node to present multiple identities for a single node due to which a considerable part of the system can be compromised resulting in false information about the redundancy [35]. Different forms of sybil attacks and their respective countermeasures are summarized in [76]. Depending on the forms in which the system is attacked, it can be external or internal. Authentication techniques can be used to sense and preclude external attacks by checking whether or not the node is authorized to communicate with any other node in the network [77]. No general defense exists to discard these threats, but some of the initiated countermeasures not limited to radio resource testing, position verification and registration, random key pre-distribution, are worthy to mitigate the attack and simplify it to a possible minimum. b) Sinkhole Attack: This attack intends to capture a maximum traffic from different nodes destined to the base station by making one node look more attractive in order to track down packets from its neighbouring nodes. The traffic is silenced while the system is fooled to believe that the data has been received on the other side [36]. Preventing from this attack will save the network from several attacks proposed in [78]. The reported countermeasures include data consistency and network flow information approach, hop count monitoring scheme, RSSI based Scheme, monitoring nodes CPU usage, mobile agent based approach, and using message digest algorithm [79], [80]. c) Sleep Deprivation Attack: Sleep deprivation is the kind of attack which keeps the nodes awake, resulting in more battery consumption and as a result battery lifetime is minimized which causes the nodes to shut down [37]. In [8], three techniques were discussed to mitigate sleep deprivation attack: the random vote scheme, the round robin scheme, and the hash-based scheme. d) Wormhole Attack: The attacker establishes new connections between nodes to capture the transmitted packets and tunnels them into new locations. The recorded packets are retransmitted from these locations. The scheme developed in [70] for preventing such attacks is called packet leash. It assigns a certain propagation delay according to the network design and ensures the maximum lifetime of the packets. The receiver will automatically discard all other packet traveled beyond the leash. e) Distributed Denial of Service (DDoS) Attack: This attack aims to flood the network with a useless lot of traffic by an attacker, resulting in resource exhaustion of the system due to which the network becomes unavailable to the legitimate users [38]. Several countermeasures for this attack are reported in the literature in several forms [72]–[74] and many are threshold-based according to the layer level. In addition, a fuzzy logic defense model is proposed in [75] as a similarity based learning mechanism that can be applied to find out the malicious packets and activate the corresponding protection response to mitigate the attack. f) Malicious code injection: An attacker compromises a node to inject malicious code into the system which could
4
result in a complete shutdown of the network or the attacker can get a full control of the network [39]. Malicious code can be injected during assembling or transmission of data between nodes or between nodes and cell site. These unwanted data may reduce the parametric functionality of the system like inducing quickly battery drain, depreciating the available bandwidth, or provoking information leakage. In addition to data confidentiality that can be used at different node levels, data aggregation protocol is proposed in [39] as a secure technique to pick up false data injection during data aggregation and also help to localize and track back the attacker. The protocol is called lightweight as it does not require computing resource. g) Man-in-the-Middle Attack (MitM): This is a form of eavesdropping in which target of the attack is the communication channel due to which the unauthorized party can monitor or control all the private communications between the two parties. The unauthorized party can even fake the identity of the victim and communicate normally to gain more information [40]. To counter this attack, an authentication system in place to ensure that the communication is established between trusted or proper hosts. The attack can be easily detect by analyzing the MAC addresses or IP addresses of both parties. Replay attack is another extension of MitM where the attacker exploits a normal response of a tag to present a similar identity to a reader [29]. h) Man-in-the-Browser (MitB): MitB attack is an extension of MitM attacks which prove to be more sophisticated and have capabilities including HTML rewriting, credential theft, corporate espionage, or trojans. Current malware attacks which employ MitB technique including Zeus, Torpig, and URLzone [30]. Many countermeasures have been proposed in the literature to mitigate and prevent MitB attacks. Different proposed techniques and their effectiveness against MitB were evaluated in [32]. 3) Support Layer: This layer is composed of data storage technologies like cloud computing. The security challenges of this layer are discussed below. a) Unauthorized Access: Support Layer provides different interfaces for the applications and data storage facilities. The attacker can damage the system by forbidding access to the related services of IoT or by deleting existing data. So an unauthorized access could be fatal for the system. The prevention to improve the level of security is the same as discussing earlier with the access control, authentication, data confidentiality, data security and integrity. b) DoS Attack: It is similar to the DoS attack discussed in the previous two layers. The measures against these threats have been one of the major concerns of researchers. The detection techniques proposed in [72]–[75] remain valid at other level layers including application layer as long as the important network parameters taken for the entropy check, do consider the parameters at different layers. c) Malicious Insider: This kind of attack occurs when an attacker from the inside tampers with data. The data can be easily extracted and then altered from the inside. The consequences of the attack and the countermeasures can be found in [82]. The countermeasures require to install the sophisticated access control infrastructures for both detection
JOURNAL OF LATEX CLASS FILES, VOL. 6, NO. 1, JANUARY 2007
and protection, and ensure audits at the level of the administration and also at the clients side. These measures intend to ensure data integrity, non repudiation, confidentiality and authentication. 4) Application Layer: The security measures explored here are restricted to phishing and sniffing attacks since malicious code injection and denial of service have been argued earlier. a) Malicious Code Injection: An attacker can leverage the attack on the system from end-user by injecting malicious code into the system to steal data [41]. b) DoS Attack: DoS attacks have become sophisticated, it offers a cover channel to carry out attacks to breach the defensive system and hence data privacy of the user, while deceiving the victim into believing that the actual attack is happening somewhere else. This put the non-encrypted personal details of the user at the hands of the hacker. c) Spear-Phishing Attack: It is an email spoofing attack in which victim is lured into opening the email through which the adversary gains access to the credentials of that victim and then by a pretence retrieves more sensitive information [42]. Attackers developed a context-aware phishing attacks in which they look after the victim in advance for more precise information, by tracking or exploring through the website or by contacting other company’s members in order to improve the efficiency of the attack. Paper [83] discussed several concepts for anti-phishing tools including mutual authentication with server, reduce reliance on users, avoid dependence on the browser interface, and strong cryptographic method. d) Sniffing Attack: An attacker can force an attack on the system by introducing a sniffer application into the system, which could gain network information resulting in corruption of the system [43]. The attackers sniff data transmitted across the network as administrators to control all network traffic. Several countermeasures are proposed in [84] to prevent against packet sniffers and detect the existence of this threat in the network according to the method used. One may temporary change its MAC address and send the packets to the old address, if the packets are accepted, then it is running a sniffer. Other methods include, anti-sniff Software, Simple Network Management Protocol (SNMP), packets switched network, and implement strong encryption techniques. Sniffing, phishing, spoofing attacks are most common in cloud computing and network virtualization. III.
P ROPOSED A RCHITECTURE
A new secure IoT architecture attached in Appendix A & B is designed as an attack surface at each layer in order to match the real world scenario. This approach fill out the IoT architecture to reinforce the security level. To construct evidence of the reliability of this technique and the effectiveness of the security level in the very handy way, SecurItree platform from Amenaza [10] is used to perform advance risk analysis on the proposed IoT architecture. Such example not only supports defenders to clarify how IoT architecture is viewed externally, but also contribute in building a secure IoT architecture in the work place and implement only workable countermeasures at their convenience. SecurItree is a risk assessment tool which
5
provides a graphical environment to construct an attack tree model. A. Homomorphic Encryption Homomorphic encryption scheme under the name privacy homomorphism proposed in [67] to encrypt the data and do an unlimited computations on it while it remains encrypted without the necessity of decrypting it. Some security issues related to the proposal of [67] are identified in [68]. After the realization of the privacy homomorphism notion in [67], numerous efforts have been made to obtain a Homomorphic scheme. The first semantically secure homomorphic encryption scheme was proposed in [45]. A various encryption schemes that either additively or multiplicatively homomorphic were proposed later. Paper [46] proposed encryption systems that support homomorphic multiplication operations. Later, an encryption scheme that allows homomorphic addition operations was invented in [47]. In addition, many others homomorphic encryption schemes were introduced [48]–[54]. Other encryption systems were developed, that enabled both additions and multiplications operations, but for limited number of operations [55]–[57]. One branch of fully homomorphic encryption is based on encryption over the integers [58]. Several improvements have been made, describing new optimizations in order to increase the efficiency and reduce the public key size [59], [60]. A batching technique was proposed recently to enhance the performance level of integer based encryption [61]–[63]. Furthermore, paper [64] introduced a scale-free fully Homomorphic encryption over the integersfollowing work in [65]. Implementation and a full description of this work is presented in [44]. One of the most power technique could be used is operating and transmitting data when it is encrypted. These features could be reached by using homomorphic encryption. Therefore, we provided in this work a secure design of IoT based on homomorphic encryption. B. Identify Threat and Terminology In the attack tree security architecture presented in Appendix A, the topmost node called root node represents the overall objective of the adversary. An attacker aims to compromise IoT system (i.e breaking either the availability, integrity, confidentiality or the combination of these security attributes). In SecurItree environment, AND and OR gates work the same as universal gates in boolean algebra and they are also called parent nodes. For instance the OR gate compromise IoT system as root node can be achieved by breaking one of the architecture layers. In addition, the AND gate Compromise nodes under Perceptual layer is achieved if and only if both Access nodes and Attack nodes are successfully carried out by the attacker. Adversaries usually have intermediate benefits which force them to decide which paths to go through. This approach allows a number of strategies to be formulated from the adversary point of view. The leaf nodes (squared nodes) represent activities that can be performed by adversaries while
JOURNAL OF LATEX CLASS FILES, VOL. 6, NO. 1, JANUARY 2007
AND and OR represent the states achieved as a result of these activities. The example of the case study is given to explain how the model was designed in different layers. C. Risk Analysis Risk is the likelihood that a particular threat agent exploits vulnerabilities and the impact caused if the attack is successful. Risk assessment allows to identify which attacks are more likely to occur based on the defined class of hostile individuals who have resource motivation to attack the system. These threat agents have different abilities and capabilities characterized by a set of predefined indicators. Two main types of indicators include Behavioural and Impact indicators. The use of SecurItree requires to define each of these indicators accordingly. For the practical example, the following set of indicators are used. 1) Behavioural indicators: They represent the ability and resource the threat agent needs in order to carry out an attack scenario. In this work, several indicators are considered: (i) Cost of attack, which defines the resource capabilities of the adversary to attack the system. It is evaluated in dollars and it varies depending on the type of attack. (ii) Breach of trust, this is a boolean variable set to be true if the attack requires someone from inside (for instance someone with authorized access). (iii) Defender error, also a boolean variable set to be true if the attack requires a defender error (e.g use stable account which was not suppressed by the defender after loss). (iv) Noticeability, it defines the probability rate of how noisy is the attack. High noticeability is bad for the adversary in the sense that victim will notice and trigger the response system. (v) Technical ability, which measures the attacker ability to realize an attack scenario and it is graded out of 100 scale. 2) Impact-attacker Benefit: It represents the motivation of the threat agents to harm the system, what the adversaries will gain after a successful attack. It measures the willingness of the attackers and it varies from one agent to another. This indicator could be measured according to the value of the assets in the system. No matter the crime group, their principal objectives lie in the security triangle attribute. (i) Confidentiality, adversaries are interested in getting and reading sensitive data like credit card numbers, passwords and other credential information. Capturing packet traffic is one the techniques used by the hackers, mostly successful if the traffic is not encrypted. It is set between 0 and 10 for the case study. (ii) Integrity, adversaries benefit in altering or changing data during the transmission. MitM and the session hijacking by MiTB successfully violate integrity on changing transaction information. It ranges from 0 to 10. (iii) Availability, the objective of the attacker could be to launch DoS attack against the system. For example, Steal nodes breaches the availability by reducing the amount of information. SYN flood and ICMP flood attacks are example of DoS attacks used in the network. The value varies here from 0 to 10. 3) Victim Impact: It represents the potential losses after the adversary exploits or performs an action at the leaf node. Analysts evaluate the damage caused by assuming the case of a successful attack on the different assets in the system. Our
6
architecture assumes the following items: (i) Confidentiality, the victim will suffer loss of credential information if there are shared by hackers who might use against the victim. Depending on the nature of the information, the impacts range from $0 to ∞ for the case study as the attack benefit is not directly proportional to the damage left by the attachers. (ii) Integrity: as in the previous case, the damage caused can be much painful if adversaries have the capability to modify transaction details. For instance MitB attack with html rewriting capability can steal as much important data as possible and significant modifications when data travel. In the example, it ranges from 0 to ∞ as well. (iii) Availability, for many companies, data availability is the most important security goal. Business operating loss is hurting for the customers and as in the case of confidentiality and integrity, it ranges from 0 to ∞. D. Risk Computation As mentioned above, the risk is the combination of likelihood that the attack occurs and the impact caused if the attack is successful. It is given by Attack Risk = Attack Probability × Victim Impact
(1)
Attack probability is defined by Attack Probability = Ease of Attack × Attack Benefits, (2) where Ease of Attack is the inverse of Attack Cost. The Absolute Risk or Cumulative Risk is defined by Absolute Risk = Rate of Occurrence (RO) × Time × Impact, (3) where RO = (Probability × Encounters/time period). Based on (2), attack probability is seen from the perspective of the attacker while impact is viewed from the victim side and attack benefit. Ease of Attack is defined by Y Ease of Attack = 1 − fbind , (4) bind
where bind stands for behavioural indicators including cost of attack, technical ability, and noticeability. fbind is the utility function which maps each value from the indicator interval to its corresponding image [10]. For the Attack Benefits, it suffices to multiply the utility function value by it corresponding weight. The formula is given by: X Attack Benefits = wIind × fIind , (5) Iind
where Iind indicates the benefit including confidentiality, integrity and availability. wIind is the weight of each impact benefit. For example, a company could give more weight to availability compared to confidentiality and integrity even though confidentiality is most important from the government point of view. fIind is the utility function which maps each value from the impact benefit indicator interval to its corresponding image.
JOURNAL OF LATEX CLASS FILES, VOL. 6, NO. 1, JANUARY 2007
7
constructed, an example of the perceptual layer is given in detail in the next section.
Fig. 2: Smart City
When it comes to evaluate the impact from the victim perspective, the mathematical formula used for Attack Benefits works the same. The only difference is that the indictors and their corresponding weight are taken from the victim profile. X Victim Impact = wVind × fVind , (6) Vind
where Vind stands for victim indicators. IV. C ASE S TUDY: S MART C ITY Smart Cities ensure a broad range of characteristics or terminologies including smart services, economy, mobility, environment, people, living, and governance [6], [7]. However, reinforcing the quality of life for all citizens to create smart cities is constrained by the security of data transmission from one end to another, because the security in smart cities is IoT dependent [12]. In Fig. 2, smart technologies are used to gather information from various places including public transports, geographical locations, public and private organizations. Therefore, implementing effective information security architecture for IoT will guarantee data confidentiality, availability, and integrity that would support sustainable and easy-going environment for smart cities. The proposed secure IoT architecture is adopted for the case of smart city to prove its generality in protecting the higher levels of confidentiality, availability, and integrity as well as the stability. To explain how the enclosed architecture is
A. Perceptual Layer Example This layer collects data from the real world with the help of different nodes (sensors). The threats at the perceptual layer deals with different technologies deployed for data aggregation. Attacking this layer is to compromise deployed nodes: “Compromised nodes” as shown in Fig. 3. For an attacker to succeed to access nodes zone :“Access nodes” and attack the nodes: Attack nodes. Accessing nodes can be either by Authorized access or Unauthorized access. Authorized access could be someone from inside usually called ”Malicious insider” or also by “Social engineering”. For Unauthorized access, the adversary might “Break physical security” to access the node zone or might also go through Social engineering attack. When it comes to Attack nodes, it might be to Steal or Alter data depending on the objective of the attacker or the attacker might want to deny service DoS. Once in the node zone, DoS can be easily achieved by simply “Steal node” or attack the tag technologies with Tag disable, Tag cloning or Tag tracking. To Steal or Alter data, the adversary could prefer either Spoofing or Eavesdropping technique. Spoofing can be carried out by either Add or Duplicate nodes or through Counterfeit which combines Steal node, Examine and Overt Hardware Attacks (OHA). Counterfeit attack requires the adversary to Steal node and after he examines the item stolen before being able to drive an OHA. The Eavesdropping attack is realized with the combination of Analyze node and Covert Hardware Attacks (CHA). CHA attack is Examine and OHA attacks and does not necessary require to examine the same deployed node stolen in the node zone. There are many ways to construct the attack tree model for almost any system. This depends on the system and the expertise of the security engineers to protect the system. It is very difficult and almost impossible to expand the attack tree so as to enumerate all possible attack scenarios for a given system. For instance, one might add a subtree level to explain how the attack Steal node can be achieved depending on the security level implemented in the node zone. What is important is to have a class representative of different types of attacks whose the system is exposed to. In the full attack tree model presented in Appendix A, the attack Malicious code can be any malware family, cross-site script (XSS), SQL injection. These details are important to specify when one deals with a real practical situation like the security vulnerability of a company’s website. Generally, this is how the full tree was designed at each layer by attack class representative. B. Risk Computation Example This section elaborates how different factors of the risk equation (1) are computed based on the defined profiles. Our constructed tree given in Appendix A produced 130 attack scenarios to be considered. We will use scenario 130 as
JOURNAL OF LATEX CLASS FILES, VOL. 6, NO. 1, JANUARY 2007
8
Fig. 3: Attack scenario at the perceptual layer.
an example. The selected scenario is {Privilege escalation, Scan network, MitB} depicted in Fig. 4. Fig. 4 displays three activities of the attacker denoted by the leaf nodes. It explains that someone having authorized access might use Privilege escalation to get connected to LAN and Scan network, then combined with MitB attack (AND node) will compromise the Network Layer and therefore the IoT system is defeated. The resource capabilities and the impact for each node are provided in Table I. 1) Threat Agent Profile: SecurITree provides a template to characterize possible threat agents against the system depending on their available resource capabilities. This is known as behavioural indicators and are defined by the specific utility functions which map absolute quantities of resource into [0, 1]. For the case example, the profile of the organized crime group is defined. These hostile people most often have sufficient resources and required skills to harm the system, and their main objectives are not limited to gain benefit but they are also interested to know about the security system and the secrete information system people use at the other end. They
TABLE I: Value of indicators for the scenario: Privilege escalation, Scan network, MitB Indicators Cost of attack Technical A. Noticeability Breach of trust Defender E. Impact benefit Availability Confidentiality Integrity Victim impact Availability Confidentiality Integrity
Privilege escalation 5,000 80 0.0001 1 0
Scan network 20,000 70 0.2 0 0
MitB 20,000 85 0.01 0 0
0 0 0
0 0 0
6 10 10
0 0 0
0 0 0
7 10 10
can be supported by some anti-malware companies that want to promote the need of their products on the market. The profile for this class of agents is given in Fig. 5 and which explains the available resources these adversaries dispose in order to
JOURNAL OF LATEX CLASS FILES, VOL. 6, NO. 1, JANUARY 2007
9
TABLE II: Attack level: Behavioural indicator range values for the case studied Attack Level 1 Level 2 Level 3
Fig. 4: Scenario 130
attack the system. For example, Fig. 5a indicates that despite the resources available, the willingness of the attacker decreases as the attack cost increases. From Fig. 5b adversaries have sufficient skills to exploit possible flaws and bypass the security system. It shows that their willing to think increases to less than 0.5 after the technical ability required is greater than 80.2. The agent’s noticeability decreases faster in Fig. 5c, reason that this class of individuals does not want to be exposed. Therefore, they are willing to spend as much resource and technical thinking to reduce their noticeability. These information or assumptions provided in Fig. 5 will be more accurate depending on how much the analysts know about their adversaries. Utility functions cross the horizontal axis at the limit of the attacker’s capability. This is a good approach to estimate the difficulty of a particular attack scenario compared to the weighted sum because it gives the clear view on the resource and effort to prevent a given adversary from carrying out the attack. When it comes to threat agent benefit and victim’s pain possible gains and damage caused are mapped into three security’s attribute known as availability, confidentiality and integrity to maintain consistency and generality. For the case studied, the agent’s benefit is defined in Fig. 6, where each gain varies between 0 and 10. Fig. 6a describes that the agent’s motivation to benefit availability grows exponentially but was initially more interested about the confidentiality as spilled out in Fig. 6b. Well, it turns out in Fig. 6c that the interest of the attacker in stealing or gaining
level attack attack attack
Attack Cost ≤ 1k [1k − 25k] ≥ 25k
Technical A. [0.0 − .9] [0.0 − .9] [0.0, −.9]
Noticeability [1 − 40] [40 − 80] [60 − 100]
integrity increases linearly. Depending on the nature of the system in place, analysts can quickly figure out which assets are more valuable for the company and based on the ratio cost/benefit will assign corresponding weight to each asset. In this case, the weight is set equal for each of the benefit parameter. 2) Victim Profile: As opposed to attack benefit, victim profile makes the case of the damage left behind each attack. To ensure consistency and generality, availability, confidentiality and integrity are maintained as parameters to explain the perceived pain of the victim. However, their values are set to range from 0 to ∞ since the attack benefit is not directly proportional to the loss incurred by the victim. For instance, DoS attack will violate the availability of the data and might probability break down the server. The victim will suffer the loss of information and the money to hire engineers to replace or fix the server. Security analysts make this out to evaluate the overall damage generated by the attack. Fig. 7 gives the explanation about the victim profile considered in this example. The first observation is the domaine range of the horizontal axis which differs from one to another. Fig. 7, Fig. 7a, Fig. 7b, and Fig. 7c have the same behaviour. The attack is more painful as the value of the perceived parameter goes up, and at the very low level the victim does not suffer at all. However, how these indicators were defined at each node is one main important step to discover in Table II. Table II gives the interval from which the indicator values are picked to fill the whole attacktree attached in the Appendix A to perform advanced risk analysis on SecurITree. Level 1 attacks represent attacks which requires authorized physical access like Authorized access, SE, and Break physical security at the perception layer where some deployed nodes can be accessed easily even from the cars. This could change significantly depending on the system and how engineers analyze or appreciate the situation. Similarly, the physical access at the perceptual layer is not the same with that of the application and support layers. Level 2 attacks stand for the class network attacks for which adversaries need to buy computers, write codes or hack the network which requires more technical ability. Though, attack like Botnet might require more resources and excellent soft skills. Level 3 attacks are the set of attacks which combine network and hardware. The example of such attacks include Conterfeit, OHA, CHA, and they can be launched by qualified attackers with required resources. Considering the whole scenario to compute the Ease of attack or Attack feasibility defined by Eq. (4), Table III is considered, where the effect of the AND gate to compute the resulting noticeability is given by Eq. (7) [10]. Noticeability = [1 − [(1 − a)(1 − b) . . . (1 − n)]],
(7)
JOURNAL OF LATEX CLASS FILES, VOL. 6, NO. 1, JANUARY 2007
(a) Cost of attack
10
(b) Technical ability
(c) Noticeability
Fig. 5: Threat agent behavioural indicators.
(a) Availability
(b) Confidentiality
(c) Integrity
Fig. 6: Threat agent’s benefit.
(a) Availability
(b) Confidentiality
(c) Integrity
Fig. 7: Victim impact explain how hurting is the damage caused by the attack.
JOURNAL OF LATEX CLASS FILES, VOL. 6, NO. 1, JANUARY 2007
TABLE III: Feasibility of the scenario Indicators Cost of attack Technical A. Noticeability
AND gate effect Sum of Cost Maximum value Eq. (7)
Considered scenario 45,000 85 0.2081
Utility value (f) 0.9615 0.394 0.8489
11
TABLE V: Encounter parameters over 1 year period Single shot encounter Single threaded encounters Multi-threaded encounters
Encounter per year 0.01 0.75 500
TABLE IV: Impacts of the scenario Indicators Availability Confidentiality Integrity
Benefit 6 10 10
Utility (f) 0.5766 1 1
Victim 7 10 10
Utility (f) 0.2909 0.3729 0.2021
Weight (w=1/3) 0.3333 0.3333 0.3333
where a, b, . . . , n represent the noticeability of the corresponding attack. For this attack scenario, it results that 1 − [(1 − 10−4 )(1 − 0.2)(1 − 0.01)] = 0.2081. The utility value f of each indicator is obtained from the utility function defined in Fig. 5. Therefore, the Ease of attack is calculated to be Eq.(8): Ease of attack = 1−(0.9615×0.394×0.8489) = 0.6784 (8) The Impact benefit and Victim impact can easily be deduced from Table IV. The attack node considered in this phase is only MitB which has values different from zero. Table IV leads to the computation of Impact benefit Eq.(9) and Victim impact Eq. (10). Impact benefit = (0.5766 + 1 + 1) × 0.3333 = 0.8589 (9)
Fig. 8: 10 Highest Cumulative Risk Scenarios.
Victim impact = (0.2909+0.3729+0.2021) = 0.46168 (10) Therefore, combining (8), (9) and (10), one obtains the resulting Attack Risk (1) per Encouneter also called Relative Risk (RR) per encounter of the considered attack scenario given by Eq. (11). Relative Risk = 0.46168 × 0.8589 × 0.6784 = 0.2717. (11) Given this risk in (11), deciding wether or not it is acceptable depends on the tolerance or boundary decision of the defender and from which basis the analyst calibrated the system of both party. Though, it requires expertise and sufficient knowledge about the threat agent. Similarly, it suffices to determine the number of encounter the targeted system will undergo with this threat agent in a period of time, combined with the scenario’s propensity to have the Absolute Risk or Cumulative Risk defined in (3). For the case example, the setting is provided in Table V where single-shot attack constraints the attacker’s resource to only one attempt. Single threaded or sequential attacks estimate how long the attacker need to get ready for the next attack while Multi-threaded raise the number of possible simultaneous attacks per time period. C. Results and Discussion The above example of risk computation of one attack scenario fill out some background about the advance risk analysis
process. The absence of one indicator factor might prevent the adversary from harming the system, which does not show up in the previous risk analysis method. The proposed architecture does have 130 scenarios which could probably be less when it comes to analyzing a real deployed system in depth. The analyst would like to explain how the attack Steal nodes, devices, or key can happen or which type of Malicious codes the target is exposed. However, the proposed system covers the general understanding of the IoT architecture in order to design a very secure architecture. The risk analysis results of 130 scenarios from SecurITree are presented in Table VI and it follows the standard computational details of the attack’s scenario mentioned above and highlighted in the figure. Fig. 8 gives the top 10 highest Cumulative Risks and are also the highest Relative Risks. The corresponding attack scenarios are given in Table VII. They show the critical attack scenarios that the defender has to care the most to implement workable countermeasures. The acceptance level depends on the defender’s tolerance from his knowledge about the system and potential threat agents. This is not the main objective of the paper, rather to prove the security level of the new proposed IoT architecture based on the efficiency of the homomorphic encryption in cloud computing. Fig. 9 shows the Relative Probability and Relative Risk in
JOURNAL OF LATEX CLASS FILES, VOL. 6, NO. 1, JANUARY 2007
12
TABLE VI: Relative and Cumulative Risks.
TABLE VII: 10 Highest Risk Scenarios.
terms of the Impact. The scenarios are represented by the dot points and they are grouped in terms of their probability, the risk level and their painfulness. The two top scenarios have probability 0.6066 and 0.05885, the impact of 0.4118 and 0.4617 respectively, and their associated risk level 0.2494 and 0.2717 as shown in Fig. 9. The more painful scenarios at the bottom-right have low risk between 0.0404 and 0.0808. D. Countermeasures It is impossible to ensure 100% of the security in any deployed system. The main goal of the risk analysis is to mitigate the risk till acceptable level. The extension of the proposed architecture is designed to achieve an acceptable
level of security based on above vulnerability analysis as seen in Appendix B. Generally, risk analysis allows the defender to quickly figure out which internal asset needs more reliable security measure. The strategy adopted here considers the countermeasures falling beneath the AND nodes and the basic idea is that all the nodes under the AND node must be combined together for the attack to happen. If the AND node already exist, it suffices to add the mitigation technique as a leaf node placed beneath. Afterward, the same procedures to perform risk analysis follows. For instance, after designing different countermeasures in the system, the attack scenario studied in the previous section with high risk becomes Privilege escalation, Bypass Homomorphic/Multifactor authentication, Scan network, Firewall
JOURNAL OF LATEX CLASS FILES, VOL. 6, NO. 1, JANUARY 2007
13
Fig. 9: Scenario Scatter, Relative Probability vs Impact
system, MitB, Anomaly-based/IDS, Homomorphic encryption as presented in Fig. 10. Observing the difference between Fig. 4 and Fig. 10, it turns out that Fig. 10 adds more obstacles on attacker’s way to reaching the goal. Different from before scenario, the authorized insider using Privilege escalation has to Bypass Homomorphic/Multifactor authentication to connect to Connect to LAN, then using MitB technique has to bypass Anomaly-based IDS. Afterward, to drive Network based attack, the adversary should Scan network which requires to get around Firewall system and before breaking down the system (Compromised IoT), he has to bypass the Homomorphic Encryption. This proves to be more complex path for the attacker than before (Fig. 4). This way of constructing countermeasure is easily understandable and explainable. The idea of adding another root level node and changing the OR node to AND node is to ensure that all attempts from any layer to compromise the IoT system have to bypass Homomorphic Encryption. Homomorphic encryption proves to be effective in cloud computing as reported in [1]–[5]. In [5], authors developed the new security scheme for authentication using homomorphic encryption. Basically, homomorphic encryption method allows user to perform multiple types of operations on encrypted data stored in the cloud. The data get decrypted only at the end-user level. In general, the system can be more secure if one disposes sufficient resources to construct the countermeasures. The combination of simple security controls can be effective and prevent the system from attacks. Fig. 11 and Table VIII give the top 10 highest Cumulative Risks after the countermeasures. They explain the significant drop in risk when compared with those depicted in Fig. 8 and Table VII. The studied attack scenario having the highest risk value (0.2038) in Fig. 8 (first
Fig. 10: Considered Attack Scenario with Countermeasures
scenario) drops to 0.0489 in Fig. 11. This is supported by the Scenario Scatter plot of 141 scenarios presented in Fig. 12. The scenario with high probability 0.3673 has the impact value close to 0.27 and the Relative Risk approximatively equal to 0.085. The more painful scenario with maximum impact value 0.67 at the bottom-right have the lowest risks. The defender would determine easily wether or not the proposed countermeasure is reliable and decide what to do next. V.
C ONCLUSION
This paper considered the security challenges effect IoT architecture. Attacker and victim impact were considered during the risk and computation phase. Secure IoT architecture proposed showed a great benefit over the general architecture. Securing the data transferred and processed between the architecture layers is defined with a countermeasure techniques that protect data in all phases. In order to evaluate our architecture, we have used smart city as a case study. Evaluation results showed that our architecture improve IoT security and can be used with any IoT system.
JOURNAL OF LATEX CLASS FILES, VOL. 6, NO. 1, JANUARY 2007
14
TABLE VIII: Highest Cumulative Risk Scenarios after the Countermeasures
Fig. 11: Highest Cumulative Risk Scenarios after the Countermeasures
Fig. 12: Scenario Scatter, Relative Probability vs Impact after the Countermeasures
[5]
R EFERENCES [6] [1]
M. Tebaa, and S. E. Hajji, “Secure cloud computing through homomorphic encryption”. arXiv preprint arXiv:1409.0829. 2014 [2] M.M. Potey, C.A. Dhote, and D.H. Sharma, “Homomorphic Encryption for Security of Cloud Data”, Procedia Computer Science, vol. 79, pp.175181, 2016. [3] G. Rastogi and R. Sushil, “Cloud Computing Security and Homomorphic Encryption”, IUP Journal of Computer Sciences, vol. 9, no. 3, p.48, 2015. [4] S. Bajpai and P. Srivastava, “A fully homomorphic encryption Implementation on cloud computing”, International Journal of Information & Computation Technology, pp.0974-2239, 2014.
[7] [8]
[9]
K. Zkik M. Tebaa, and S. E. Hajji, “New homomorphic platform for authentication and downloading data in MCC”, In Proceedings of the world congress on engineering Vol. 1, 2015. S. Talari, M. Shafie-khah, P. Siano, V. Loia, A. Tommasetti, and J.P. Catalo, “A Review of Smart Cities Based on the Internet of Things Concept”, Energies, vol. 10, no. 4, p.421, 2017. C. Cerrudo, A. Hasbini, and B. Russell, “Cyber Security Guidelines for Smart City Technology Adoption”, Cloud Security Alliance, 2015. M. Pirretti, S. Zhu, N. Vijaykrishnan, P. McDaniel, M. Kandemir, and R. Brooks, “The sleep deprivation attack in sensor networks: Analysis and methods of defense”, International Journal of Distributed Sensor Networks, vol. 2, no. 3, pp.267-287, 2006. R. Minerva, A. Biru, and D. Rotondi. Towards a definition of the Internet of Things (IoT). [online]. Available: http:
JOURNAL OF LATEX CLASS FILES, VOL. 6, NO. 1, JANUARY 2007
[10]
[11]
[12]
[13]
[14]
[15] [16]
[17]
[18]
[19]
[20]
[21]
[22] [23]
[24] [25] [26]
[27]
[28]
[29]
[30]
//iot.ieee.org/images/files/pdf/IEEE IoT Towards Definition Internet of Things Revision1 27MAY15.pdf Terrance R Ingoldsby, “Attack Tree-based Threat Risk Analysis” Amenaza Technologies Limited 550,(2013), Accessed on Feb, 2017. [Online] Available: https://www.amenaza.com/downloads/docs/ AttackTreeThreatRiskAnalysis.pdf A. Zanella, N. Bui, A. Castellani, L. Vangelista, and M. Zorzi. “Internet of things for smart cities,” IEEE Internet of Things Journal, vol. 1, no. 1, pp. 22–32, 2014. H. Suo, J. Wan, C. Zou, and J. Liu. “Security in the internet of things: a review,” in International Conference on Computer Science and Electronics Engineering (ICCSEE), 2012, pp. 648–651. H. C. P¨ ohls, V. Angelakis, S. Suppan, K. Fischer, G. Oikonomou, E. Z. Tragos, R. D. Rodriguez, and T. Mouroutis. “RERUM: Building a reliable IoT upon privacy-and security-enabled smart objects,” in Wireless Communications and Networking Conference Workshops (WCNCW), 2014, pp. 122–127. S. Chakrabarty and D. W. Engels. “A secure IoT architecture for Smart Cities,” In 2016 13th IEEE Annual Consumer Communications & Networking Conference (CCNC), 2016, pp. 812–813. K. Ashton. “That ”internet of things” thing,” RFiD Journal, vol. 22, no. 7, pp. 97–114, 2009. M. U. Farooq, M. Waseem, A. Khairi, and S. Mazhar. “A critical analysis on the security concerns of internet of things (IoT),” International Journal of Computer Applications, vol. 111, no. 7, 2015. H. Ning and Z. Wang. “Future internet of things architecture: like mankind neural system or social organization framework?,” IEEE Communications Letters, vol. 15, no. 4, pp. 461–463, 2011. S. Chakrabarty, D. W. Engels and S. Thathapudi. “Black SDN for the Internet of Things,” In IEEE 12th International Conference on Mobile Ad Hoc and Sensor Systems (MASS), 2015, pp. 190–198. I. Ungurean, N. C. Gaitan, and V. G. Gaitan. “An IoT architecture for things from industrial environment,” In International Conference on Communications (COMM), 2014, pp. 1–4. V. G. Gaitan, V. Popa, C. Turcu, N. C. Gaitan, and I. Ungureanu. “The Uniform Engineering of Distributed Control Systems Using the OPC Specification,” Advances in Electrical and Computer Engineering, vol. 8, no. 2, pp. 71–77, 2008. D. Miorandi, S. Sicari, F. De Pellegrini, and I. Chlamtac. “Internet of things: Vision, applications and research challenges,” Ad Hoc Networks, vol. 10, no.7, pp. 1497–1516, 2012. L. Atzori, A. Iera, and G. Morabito. “The internet of things: A survey,” Computer networks, vol. 54, no.15, pp. 2787–2805, 2010. C. G. Rieger, D. I. Gertman, and M. A. McQueen. “Resilient control systems: next generation design research,” In IEEE 2nd Conference on Human System Interactions, pp. 632–636, 2009. F. -Y. Wang and D. Liu. “Networked Control Systems: Theory and Applications,” Springer-Verlag, London, UK, 2008. S. P. Meyn. “Control Techniques for Complex Networks,” Cambridge University Press, New York, NY, 2008. A. Riahi, Y. Challal, E. Natalizio, Z. Chtourou, and A. Bouabdallah. “A systemic approach for IoT security,” In IEEE International Conference on Distributed Computing in Sensor Systems, pp. 351–355, 2013. M. R. Uttarkar and R. Kulkarni, R. “Internet of Things: Architecture and Security,” In International Journal of Computer Application, vol. 3, no. 4, pp. 12–19, 2014. V. B. Srinivas and S. Umar. “Spoofing attacks in wireless sensor networks,” International Journal of Science, Engineering and Computer Technology, vol. 3, no.6, p.201, 2013. M. Burmester and B. De Medeiros. “RFID security: attacks, countermeasures and challenges,” In the 5th RFID Academic Convocation and the RFID Journal Conference, 2007. T. Dougan and K. Curran. “Man in the Browser Attacks,” International Journal of Ambient Computing and Intelligence, pp. 29–39, 2012.
15
[31]
[32]
[33] [34]
[35] [36]
B. Khoo. “RFID as an Enabler of the Internet of Things: Issues of Security and Privacy,” In International Conference on Internet of Things (iThings/CPSCom) and 4th International Conference on Cyber, Physical and Social Computing, pp. 709–712, 2011. Entrust. (2014). Defeating Man-in-the-Browser. Retrieved April 29, 2017, from Internet Security and Encryption White Papers website: https://www.entrust.com/wp-content/uploads/2014/03/WP Entrust-MITB March2014.pdf A. Mitrokotsa, M. R. Rieback, and A. S. Tanenbaum. “Classification of RFID attacks,” Gen, 15693, 14443, 2010. L. Li. “Study on security architecture in the Internet of Things,” In International Conference on Measurement, Information and Control (MIC), pp. 374–377. 2012. J. R. Douceur. “The sybil attack,” In International Workshop on Peerto-Peer Systems, pp. 251-260, 2002. N. Ahmed, S. S. Kanhere, and S. Jha. “The holes problem in wireless sensor networks: a survey,” ACM SIGMOBILE Mobile Computing and Communications Review, vol. 9, no. 2, pp. 4–18, 2005.
[37]
T. Bhattasali, R. Chaki, and S. Sanyal. “Sleep deprivation attack detection in wireless sensor network,” In International Journal of Computer Applications, vol. 40, no. 15, pp. 19–25, 2012.
[38]
D. G. Padmavathi and M. hanmugapriya. “A survey of attacks, security mechanisms and challenges in wireless sensor networks, In International Journal of Computer Science and Information Security (IJCSIS), vol. 4, no. 1 & 2, 2009. P. S. Fulare and N. Chavhan. “False Data Detection in Wireless Sensor Network with Secure Communication,” In International Journal of Smart Sensors and AdHoc Networks (IJSSAN), vol.1, no. 1, pp. 66–71, 2011. R. P. Padhy, M. R. Patra, and S. C. Satapathy. “Cloud computing: security issues and research challenges,” In International Journal of Computer Science and Information Technology & Security (IJCSITS), vol. 1, no. 2, pp. 136–146, 2011. W. Zhang and B. Qu. “Security Architecture of the Internet of Things Oriented to Perceptual Layer,” In International Journal on Computer, Consumer and Control (IJ3C), vol. 2, no. 2, pp. 37–45, 2013. J. Wang, T. Herath, R. Chen, A. Vishwanath, and H. R. Rao. “Research article phishing susceptibility: An investigation into the processing of a targeted spear phishing email,” In IEEE transactions on professional communication, vol. 55, no. 4, pp. 345–362, 2012. B. S. Thakur and S. Chaudhary. “Content sniffing attack detection in client and server side: A survey,” In International Journal of Advanced Computer Research, vol. 3, no. 2, pp. 7–10, 2013. [36] A. Alzahrani, S. Moein, N. Houghton, and F. Gebali. “CRT based somewhat homomorphic encryption over the integers,” In IEEE Pacific Rim Conference on Communications, Computers and Signal Processing, pp. 174–180, 2015. S. Goldwasser and S. Micali. “Probabilistic encryption,” In Journal of computer and system sciences, vol. 28, no. 2, pp. 270–299, 1984. T. ElGamal. “A public key cryptosystem and a signature scheme based on discrete logarithms,” In Advances in Cryptology, pp. 10–18, 1985.
[39]
[40]
[41]
[42]
[43]
[44]
[45] [46] [47]
[48]
[49]
[50] [51]
P. Paillier. “Public-key cryptosystems based on composite degree residuosity classes,” In Advances in Cryptology EUROCRYPT99, pp. 223–238, 1999. I. Damgard, M. Jurik, and J. B. Nielsen. “A generalization of pailliers public-key system with applications to electronic voting,” In International Journal of Information Security, vol. 9, no. 6, pp. 371–385, 2010. M. Ajtai and C. Dwork. “A public-key cryptosystem with worstcase/average-case equivalence,” In Proceedings of the twenty-ninth annual ACM symposium on Theory of computing, pp. 284–293, 1997. O. Regev. “New lattice-based cryptographic constructions,” In Journal of the ACM (JACM), vol. 51, no. 6, pp. 899–942, 2004. J. D. Cohen and M. J. Fischer., “A robust and verifiable cryptographically secure election scheme,” In Foundations of Computer Science, vol. 85, pp. 372–382, 1985.
JOURNAL OF LATEX CLASS FILES, VOL. 6, NO. 1, JANUARY 2007
[52]
D. Naccache and J. Stern., “A new public key cryptosystem based on higher residues,” In Proceedings of the 5th ACM conference on Computer and communications security, pp. 59–66, 1998.
[53]
T. Okamoto and S. Uchiyama., “A new public-key cryptosystem as secure as factoring,” In Advances in Cryptology EUROCRYPT, pp. 308– 318, 1998.
[54]
D. Boneh, E.-J. Goh, and K. Nissim. “Evaluating 2-dnf formulas on ciphertexts,” In Theory of cryptography, pp. 325–341, 2005.
[55]
C. Gentry, S. Halevi, and V. Vaikuntanathan. “A simple BGN-type cryptosystem from LWE, In Advances in Cryptology-EUROCRYPT, pp. 506–522, 2010.
[56]
C. A. Melchor, P. Gaborit, and J. Herranz. “Additively homomorphic encryption with d-operand multiplications,” In Advances in CryptologyCRYPTO, pp. 138–154, 2010.
16
[74]
[75]
[76]
[77] [78]
[57]
T. Sander, A. Young, and M. Yung. “Non-interactive cryptocomputing for nc 1,” In Foundations of Computer Science, pp. 554–566, 1999.
[58]
M. V. Dijk, C. Gentry, S. Halevi, and V. Vaikuntanathan. “Fully homomorphic encryption over the integers,” In Advances in CryptologyEUROCRYPT, pp. 24–43, 2010.
[79]
[59]
J.-S. Coron, A. Mandal, D. Naccache, and M. Tibouchi. “Fully homomorphic encryption over the integers with shorter public keys,” In Advances in Cryptology-CRYPTO, pp. 487–504, 2011.
[80]
[60]
J.-S. Coron, D. Naccache, and M. Tibouchi. “Public key compression and modulus switching for fully homomorphic encryption over the integers,” In Advances in Cryptology-EUROCRYPT, pp. 446–464, 2012.
[81]
[61]
J. H. Cheon, J.-S. Coron, J. Kim, M. S. Lee, T. Lepoint, M. Tibouchi, and A. Yun. “Batch fully homomorphic encryption over the integers,” In EUROCRYPT, vol. 7881, pp. 315–335, 2013.
[83]
[62]
J.-S Coron, T. Lepoint, and M. Tibouchi. “Batch fully homomorphic encryption over the integers,” Cryptology ePrint Archive, Report 2013/036, 2013.
[84]
[63]
J. Kim, M. S. Lee, A. Yun, and J. H. Cheon. “Crt-based fully homomorphic encryption over the integers,” IACR Cryptology ePrint Archive, vol. 2103, p. 57, 2016.
[64]
J.-S. Coron, T. Lepoint, and M. Tibouchi. “Scale-invariant fully homomorphic encryption over the integers,” In Public-Key Cryptography-PKC, pp. 311–328, 2014.
[65]
Z. Brakerski. “Fully homomorphic encryption without modulus switching from classical gapsvp,” In Advances in Cryptology-CRYPTO, pp. 868–886, 2012.
[66]
L. Chen, S. Jordan, Y. K. Liu, D. Moody, R. Peralta, R. Perlner, and D. Smith-Tone. “Report on post-quantum cryptography,” National Institute of Standards and Technology, Internal Report, 8105., p. 10, 2016.
[67]
R. L. Rivest, L. Adleman, and M. L. Dertouzos. “On data banks and privacy homomorphisms,” Foundations of secure computation, vol. 4, no. 11, pp. 169–180, 1987.
[68]
E. F. Brickell and Y. Yacobi., “On privacy homomorphisms,” In Advances in Cryptology EUROCRYPT, pp. 117–125, 1988.
[69]
M. Dawson, M. Eltayeb, and M. Omar, (Eds.). “Security Solutions for Hyperconnectivity and the Internet of Things”, IGI Global, 2016
[70]
Y.C. Hu, A. Perrig and D.B. Johnson. “Packet leashes: a defense against wormhole attacks in wireless networks”, In INFOCOM 2003. Twenty-Second Annual Joint Conference of the IEEE Computer and Communications. IEEE Societies vol. 3, pp. 1976-1986, 2003.
[71]
K.E. Emam, F.K. Dankar, “Protecting Privacy Using k-Anonymity”, Journal of the American Medical Informatics Association, vol. 15, no 5, pp. 627-637, 2008.
[72]
K. Lee J. Kim, Ki Hoon Kwon, Y. Han, and S. Kim. “DDoS attack detection method using cluster analysis”, Expert Systems with Applications, vol. 34, no. 3, pp. 1659-1665, 2008.
[73]
T.T Miu, A. K. Hui, W. L. Lee, D.X. Luo, A.K. Chung, and W.S. Wong, “Universal DDoS Mitigation Bypass”, Black Hat USA, 2013.
[82]
S.T. Zargar, J. Joshi, and D. Tipper, “A Survey of Defense Mechanisms Against Distributed Denial of Service (DDoS) Flooding Attacks”, IEEE Communications Surveys and Tutorials, vol. no. 15, No. 4, pp. 20462069, 2013. N.C.S Iyengar, A. Banerjee, and G. Ganapathy, “A fuzzy logic based defense mechanism against distributed denial of service attack in cloud computing environment”. In International Journal of Communication Networks and Information Security, vol. 6, no. 3, pp. 233-245, 2014. R. Singh, J. Singh, and R. Singh, “Sybil Attack Countermeasures in Wireless Sensor networks”, International Journal of Computer Networks and Wireless Communications, vol. 6, no. 3, pp. 2250-3501, 2016. N. Balachandran and S. Sanyal, “A review of techniques to mitigate sybil attacks”, arXiv preprint arXiv:1207.2617, Jul 11, 2012. I. Krontiris, T. Giannetsos, and T. Dimitriou. “Launching a sinkhole attack in wireless sensor networks; the intruder side”, In IEEE International Conference on Wireless and Mobile Computing, Networking and Communications, pp. 526–531, 2008. J.S.A. Priyanka, S. Tephillah, and A.M. Balamurugan, “Attacks and Countermeasures in WSN”, In International Journal of Electronics and Communication, vol. 2, no. 1, pp. 2321–5984, 2014. V. Soni, P. Modi, and V. Chaudhri, “Detecting Sinkhole attack in wireless sensor network”, International Journal of Application or Innovation in Engineering and Management, vol. 2, no. 2, pp.29–32, 2013. F.B. Dube, “International electronic countermeasures handbook”, Horizon House Publications, 1999. A. Mahajan and S. Sharma, “The Malicious Insiders Threat in the Cloud”, International Journal of Engineering Research and General Science, vol. 3, pp. 245–256, 2015. B. Parno, C. Kuo, A. Perrig, “Phoolproof Phishing Prevention”, International Conference on Financial Cryptography and Data Security, pp. 1–19, 2006. S. Ansari, S.G. Rajeev, and H.S. Chandrashekar. “Packet sniffing: a brief introduction”, In IEEE potentials, vol. 21, no. 5, pp.17–19, 2002.
