Impact on blockchain-based AI/ML-enabled big data analytics for Cognitive Internet of Things environment
Ankush Mitra,Basudeb Bera,Ashok Kumar Das,Sajjad Shaukat Jamal,Ilsun You
Computer Communications, CC, 2023
@inproceedings{bib_Impa_2023, AUTHOR = {Ankush Mitra, Basudeb Bera, Ashok Kumar Das, Sajjad Shaukat Jamal, Ilsun You}, TITLE = {Impact on blockchain-based AI/ML-enabled big data analytics for Cognitive Internet of Things environment}, BOOKTITLE = {Computer Communications}. YEAR = {2023}}
Cognitive Internet of Things (CIoT) supports the organizations to learn from the information (data) arriving from various connected devices, sensors, machines and other sources, and at the same time it inspires intelligence into different business operations, products, customer experiences, and people. Data poising attacks are very serious concerns because they may play a significant factor for businesses and organizations for both financial terms and damaging their reputations, when the Big data analytics on the analyzed data is itself corrupted. To mitigate this issue, in this paper, we suggest a blockchain-based Artificial Intelligence(AI)/Machine Learning(ML)-enabled Big data analytics mechanism for CIoT environment. The comprehensive experimental results have been provided under two circumstances: (1) performance of the ML model under data poisoning attacks and (2) performance of the ML model without data poisoning attacks. In the first case, we show how the data poison attacks can effect the ML model when the data is on some cloud storage (i.e. not in the blockchains), whereas in the second case we show the effect when the data is in the blockchains (i.e., without data poisoning attacks). The experimental results demonstrate that we have significant gains in performance in terms of accuracy, recall, precision and F1 score when there are no data poisoning attacks on the data. Moreover, a detailed blockchain simulation has carried out to demonstrate the practical aspects of the proposed security framework.
Post-Quantum Lattice-Based Secure Reconciliation Enabled Key Agreement Protocol for IoT
Dharminder Dharminder,Challa Bhageeratha Reddy,Ashok Kumar Das,Youngho Park
IEEE Internet of Things Journal, IOT, 2023
@inproceedings{bib_Post_2023, AUTHOR = {Dharminder Dharminder, Challa Bhageeratha Reddy, Ashok Kumar Das, Youngho Park}, TITLE = {Post-Quantum Lattice-Based Secure Reconciliation Enabled Key Agreement Protocol for IoT}, BOOKTITLE = {IEEE Internet of Things Journal}. YEAR = {2023}}
The authenticated key agreement is one of the major security services that can be used to secure an Internet of Things (IoT) environment, where the devices collect the data and the data is then aggregated at the cloud server, and then a user needs to access the data stored at the server(s) securely. For this purpose, after a mutual authentication performed between a user and the accessed server, a session key needs to be established among them for secure communication. In this article, we design an efficient lattice-based authenticated key exchange protocol using ring-based version of learning with errors assumption for the IoT-enabled smart devices. The proposed protocol is basically a key exchange that uses the reconciliation mechanism. The detailed security analysis under the standard model has been performed along with the informal security analysis to show that the proposed protocol is robust against different attacks. We then simulate the proposed protocol under the NS-3 simulator to measure the network performance parameters like network throughput and latency. A comparative analysis shows that the proposed protocol has superior security, less computational cost, and comparable communication cost when compered these parameters with the other competing schemes.
Explainable Artificial Intelligence Envisioned Security Mechanism for Cyber Threat Hunting
Pankaj Kumar,Mohammad Wazid,D. P. Singh,Jaskaran Singh,Ashok Kumar Das,Youngho Park,Joel J. P. C. Rodrigue
Security and Privacy, S&P, 2023
@inproceedings{bib_Expl_2023, AUTHOR = {Pankaj Kumar, Mohammad Wazid, D. P. Singh, Jaskaran Singh, Ashok Kumar Das, Youngho Park, Joel J. P. C. Rodrigue}, TITLE = {Explainable Artificial Intelligence Envisioned Security Mechanism for Cyber Threat Hunting}, BOOKTITLE = {Security and Privacy}. YEAR = {2023}}
Cyber threat hunting proactively searches for cyber threats, which are undetected by the traditional defense mechanisms. It scans deep to identify malicious programs (ie, malware) that escape from detection. It is important because sophisticated cyber threats can bypass the cyber security mechanisms. The performance of the cyber threat hunting can be improved through artificial intelligence (AI), especially, explainable AI (XAI), which adds trust component to the cyber threat hunting process. Due to the inclusion of XAI, the security experts get the full explanations of the detected threats as the working of the detection model in XAI is known. Information, like, which one is a threat, how it has been detected, and why it has been detected, can be obtained very easily due to the inclusion of XAI in the cyber threat hunting. Therefore, an XAI-envisioned mechanism for cyber threat hunting has been proposed (in short, XAISM-CTH). The network and threat models of XAISM-CTH are designed and discussed. The conducted security analysis proves the security of XAISM-CTH against various potential attacks. XAISM-CTH also performs better than the other existing schemes. At the end, a practical implementation of XAISM-CTH has been provided to observe its impact on the performance of the system. KEYWORDS cyber threat hunting, explainable artificial intelligence (XAI), intrusion detection, privacy, security
Public Blockchain-Envisioned Security Scheme Using Post Quantum Lattice-Based Aggregate Signature for Internet of Drones Applications
Prithwi Bagchi,Raj Maheshwari,Basudeb Bera,Ashok Kumar Das,Youngho Park,Pascal Lor
IEEE Transactions on Vehicular Technology, TVT, 2023
@inproceedings{bib_Publ_2023, AUTHOR = {Prithwi Bagchi, Raj Maheshwari, Basudeb Bera, Ashok Kumar Das, Youngho Park, Pascal Lor}, TITLE = {Public Blockchain-Envisioned Security Scheme Using Post Quantum Lattice-Based Aggregate Signature for Internet of Drones Applications}, BOOKTITLE = {IEEE Transactions on Vehicular Technology}. YEAR = {2023}}
Due to high effectiveness and robust security proto- cols, lattice-based cryptography becomes a very broadly appli- cable optimistic post-quantum technique that is recently used in public key cryptosystem. An aggregate signature scheme enables a party to bundle a set of signatures together into a single short cryptographic signature, which can be verified by any verifier using the public information. In this paper, we provide a lattice- based aggregate signature scheme where the security depends on the difficulty of the Ring Learning-with-Error (Ring-LWE) problem. Next, we use the basic scheme in Internet of Drones (IoD) applications using the blockchain technology for secure and transparent data storage. The detailed security analysis and comparative study show that the proposed scheme provides superior security including resistance to quantum attacks and is efficient as compared to the existing state of art approaches. The testbed experimental results and the blockchain simulation demonstrate that the proposed scheme can be applied in real-life drones applications. Index Terms—Internet of Drones (IoD), unmanned aerial vehi- cles, lattice-based cryptography, aggregate signature, blockchain, security.
Secure access privilege delegation using attribute-based encryption
Suryakanta Panda,Samrat Mondal,Ashok Kumar Das,Willy Susilo
International Journal of Information Security, IJIS, 2023
Abs | | bib Tex
@inproceedings{bib_Secu_2023, AUTHOR = {Suryakanta Panda, Samrat Mondal, Ashok Kumar Das, Willy Susilo }, TITLE = {Secure access privilege delegation using attribute-based encryption}, BOOKTITLE = {International Journal of Information Security}. YEAR = {2023}}
Attribute-based encryption (ABE) is widely used for a secure and efficient data sharing. The predetermined access policy of ABE shares the data with intended data users. However, ABE is not preferable in many applications that require collaboration among data users. In such applications, an authorized data user may be interested to collaborate with another data user who does not adhere to the access policy. Fixed access policy of ABE does not allow an authorized data user (who satisfies the access policy) to collaborate or share the data with any unauthorized data user (who fails to satisfy the access policy). Thus, due to the static and predefined access policy, data collaboration in ABE is significantly challenging. In this work,
Designing Attribute-Based Verifiable Data Storage and Retrieval Scheme in Cloud Computing Environment
Sourav Bera,Suryakant Prasad,Y.Sreenivasa Rao,Ashok Kumar Das,YoungHo Park
Journal of Information Security and Applications, JISA, 2023
Abs | | bib Tex
@inproceedings{bib_Desi_2023, AUTHOR = {Sourav Bera, Suryakant Prasad, Y.Sreenivasa Rao, Ashok Kumar Das, YoungHo Park}, TITLE = {Designing Attribute-Based Verifiable Data Storage and Retrieval Scheme in Cloud Computing Environment}, BOOKTITLE = {Journal of Information Security and Applications}. YEAR = {2023}}
The cloud computing technology is a novel storage and computing paradigm that enables individuals and organizations to store data, share data with intended group of users and retrieve data when require. It greatly improves peoples’ data storage and sharing, and data retrieval capabilities by providing flexible, less expensive and quality services. For data security and privacy concerns, secure and authenticated data storage, fine-grained access control of encrypted data, secure search for the outsourced data and search results verification are of critical importance. However, achieving the aforementioned functionalities simultaneously is quite challenging. In this paper, for the first time, we propose a secure lightweight Attribute-Based verifiable Data Storage and data Retrieval Scheme (ABDSRS) for cloud environments that attains the following features: (i) lightweight design, (ii) provably secure, (iii) fine-grained …
Provably secure public key encryption with keyword search for data outsourcing in cloud environments
Sudeep Ghosh,SK Hafizul Islam,Abhishek Bisht,Ashok Kumar Das
Journal of Systems Architecture, JSA, 2023
Abs | | bib Tex
@inproceedings{bib_Prov_2023, AUTHOR = {Sudeep Ghosh, SK Hafizul Islam, Abhishek Bisht, Ashok Kumar Das}, TITLE = {Provably secure public key encryption with keyword search for data outsourcing in cloud environments}, BOOKTITLE = {Journal of Systems Architecture}. YEAR = {2023}}
In recent days, the application of cloud computing has been gaining significant popularity among people. A considerable amount of data are being stored in the cloud server. However, data owners outsource their encrypted data to the cloud for various security reasons. Unfortunately, encrypted data cannot be searched, like plaintext data. So how to search encrypted data is an interesting problem in this era. Many public key encryption with keyword search (PEKS) schemes have been designed in the literature. However, most of them cannot prevent keyword-guessing attacks. In this paper, we develop a provably secure PEKS scheme in the random oracle model. This scheme may be used for secure email access from an email server containing a list of encrypted keywords. The proposed scheme can resist keyword-guessing attacks, and offer ciphertext and trapdoor indistinguishability properties. We use the data owner’s private key during encryption to prevent keyword-guessing attacks. Using the data owner’s public key in the verification phase ensures the resilience of keyword-guessing attacks. Finally, the proposed scheme has been tested on a real testbed, and the results show that it can be used in the cloud computing scenario to search for keywords on encrypted data
Design of Provably Secure Authentication Protocol for Edge-Centric Maritime Transportation System
Khalid Mahmood,Salman Shamshad,Muhammad Faizan Ayub,Zahid Ghaffar,Zahid Ghaffar,Ashok Kumar Das
IEEE Transactions on Intelligent Transportation Systems, ITS, 2023
Abs | | bib Tex
@inproceedings{bib_Desi_2023, AUTHOR = {Khalid Mahmood, Salman Shamshad, Muhammad Faizan Ayub, Zahid Ghaffar, Zahid Ghaffar, Ashok Kumar Das}, TITLE = {Design of Provably Secure Authentication Protocol for Edge-Centric Maritime Transportation System}, BOOKTITLE = {IEEE Transactions on Intelligent Transportation Systems}. YEAR = {2023}}
The epidemic growth of the Internet of Things (IoT) objects have revolutionized Maritime Transportation Systems (MTS). Though, it becomes challenging for the centralized cloud-centric framework to fulfil the application requirements such as low latency and power utilization. The introduction of the distributed edge-centric framework has recently helped the IoT-enabled MTS to meet these requirements by manipulating the tasks at the edge of the networks. Despite the fact that MTS leverages mobile subscribers by overcoming inherent cloud computing limitations, data security and user privacy requirements in establishing the MTS setup are still non-trivial challenges. In this article, we develop a key agreement solution for mobile users to realize mutual authentication in a single round. Our protocol offers user anonymity to maintain user privacy, and it can prevent physical attacks by physically unclonable functions. Initially, the security analysis is conferred to substantiate our protocol’s security persistence or strength. Later, its performance correlation is observed under the assumption of diverse metrics in a predefined empirical setup. The meticulous performance correlation endorses the precedence of our protocol over specified related protocols.
A hybrid ensemble machine learning model for detecting APT attacks based on network behavior anomaly detection
Neeraj Saini,Vivekananda Bhat Kasaragod,Krishna Prakasha,Ashok Kumar Das
Concurrency and Computation: Practice and Experience, CCPE, 2023
Abs | | bib Tex
@inproceedings{bib_A_hy_2023, AUTHOR = {Neeraj Saini, Vivekananda Bhat Kasaragod, Krishna Prakasha, Ashok Kumar Das}, TITLE = {A hybrid ensemble machine learning model for detecting APT attacks based on network behavior anomaly detection}, BOOKTITLE = {Concurrency and Computation: Practice and Experience}. YEAR = {2023}}
A persistent, targeted cyber attack is called an advanced persistent threat (APT) attack. The attack is mainly launched to gain sensitive information, take over the system, and for financial gain, which creates nowadays more hurdles and challenges for the organization in preventing, detecting, and recovering from such attacks. Due to the nature of APT attacks, it is difficult to detect them quickly. Therefore machine learning techniques come into these research areas. This study uses deep and machine learning models such as random forest, decision tree, convolutional neural network, multilayer perceptron and so forth to categorize and effectively detect APT attacks by utilizing publicly accessible datasets. The datasets used in this study are CSE-CIC-IDS2018, CIC-IDS2017, NSL-KDD, and UNSW-NB15. This study proposes the hybrid ensemble machine learning model, a mixed approach of random forest and XGBoost classifiers. It has obtained the maximum prediction accuracy of 98.92%, 99.91%, 99.24%, and 97.11% for datasets CSE-CIC-IDS2018, CIC-IDS2017, NSL-KDD, and UNSW-NB15, with a false positive rate of 0.52%, 0.12%, 0.62%, and 5.29% respectively. These results are compared to other closely related recent studies in the literature. Our experiment's findings show that our model has performed significantly better for all datasets.
Quantum Secure Threshold Private Set Intersection Protocol for IoT-Enabled Privacy Preserving Ride-Sharing Application
Tapaswini Mohanty,vikas Srivastava,Sumit kumar Debnath,Ashok Kumar Das
IEEE Internet of Things Journal, IOT, 2023
Abs | | bib Tex
@inproceedings{bib_Quan_2023, AUTHOR = {Tapaswini Mohanty, vikas Srivastava, Sumit Kumar Debnath, Ashok Kumar Das}, TITLE = {Quantum Secure Threshold Private Set Intersection Protocol for IoT-Enabled Privacy Preserving Ride-Sharing Application}, BOOKTITLE = {IEEE Internet of Things Journal}. YEAR = {2023}}
The Internet of Things (IoT)-enabled ride sharing is one of the most transforming and innovative technologies in the transportation industry. It has myriads of advantages, but with increasing demands there are security concerns as well. Traditionally, cryptographic methods are used to address the security and privacy concerns in a ride sharing system. Unfortunately, due to the emergence of quantum algorithms, these cryptographic protocols may not remain secure. Hence, there is a necessity for privacy-preserving ride sharing protocols which can resist various attacks against quantum computers. In the domain of privacy preserving ride sharing, a threshold private set intersection (TPSI) can be adopted as a viable solution because it enables the users to determine the intersection of private data sets if the set intersection cardinality is greater than or equal to a threshold value. Although TPSI can help to alleviate privacy concerns, none of the existing TPSI is quantum secure. Furthermore, the existing TPSI faces the issue of long-term security. In contrast to classical and post quantum cryptography, quantum cryptography (QC) provides a more robust solution, where QC is based on the postulates of quantum physics (e.g., Heisenberg uncertainty principle, no cloning theorem, etc.) and it can handle the prevailing issues of quantum threat and long-term security. Herein, we propose the first QC based TPSI protocol which has a direct application in privacy preserving ride sharing. Due to the use of QC, our IoT-enabled ride sharing scheme remains quantum secure and achieves long-term security as well.
Efficient Personal-Health-Records Sharing in Internet of Medical Things Using Searchable Symmetric Encryption, Blockchain, and IPFS
Abhishek Bisht,Ashok Kumar Das,DUSIT NIYATO,YoungHo Park
IEEE Open Journal of the Communications Society, OJ-COMS, 2023
@inproceedings{bib_Effi_2023, AUTHOR = {Abhishek Bisht, Ashok Kumar Das, DUSIT NIYATO, YoungHo Park}, TITLE = {Efficient Personal-Health-Records Sharing in Internet of Medical Things Using Searchable Symmetric Encryption, Blockchain, and IPFS}, BOOKTITLE = {IEEE Open Journal of the Communications Society}. YEAR = {2023}}
Secure storage and sharing of Personal Health Records (PHRs) in Internet of Medical Things (IoMT) is one of the significant challenges in the healthcare ecosystem. Due to the high value of personal health information, PHRs are one of the favourite targets of cyber attackers worldwide. Over the years, many solutions have been proposed; however, most solutions are inefficient for practical applications. For instance, several existing schemes rely on the bilinear pairings, which incur high computational costs. To mitigate these issues, we propose a novel PHR-sharing scheme that is dynamic, efficient, and practical. Specifically, we combine searchable symmetric encryption, blockchain technology and a decentralized storage system, known as Inter-Planetary File System (IPFS) to guarantee confidentiality of PHRs, verifiability of search results, and forward security. Moreover, we provide formal security proofs for the proposed scheme. Finally, we have conducted extensive test-bed experiments and the results demonstrate that the proposed scheme can be used in practical scenarios related to IoMT environment.
Design of Blockchain-Based Lightweight V2I Handover Authentication Protocol for VANET
JoonYoung Lee,SeungHwan Son,YoHan Park,YoungHo Park,Ashok Kumar Das
IEEE Transactions on Network Science and Engineering ( Early Access ), TNSE, 2022
@inproceedings{bib_Desi_2022, AUTHOR = {JoonYoung Lee, SeungHwan Son, YoHan Park, YoungHo Park, Ashok Kumar Das}, TITLE = {Design of Blockchain-Based Lightweight V2I Handover Authentication Protocol for VANET}, BOOKTITLE = {IEEE Transactions on Network Science and Engineering ( Early Access )}. YEAR = {2022}}
—Connected vehicle means providing different services, such as advanced driver-assistance systems (ADAS) from vehicles connected to the network. Vehicular ad-hoc networks (VANETs) can support vehicle-to-vehicle (V2V) and vehicle-to-infrastructure (V2I) communications to realize connected vehicle. In VANETs, secure communication must be ensured, as otherwise it can lead to traffic accidents and human injuries. Recently, many studies on V2I authentication have been conducted to guarantee the security of V2I communications. However, recent V2I authentication protocols do not consider the handover situation, and it causes unnecessary computations. As vehicles have limited computing resources, unnecessary computation can lead to overload to the vehicles. In recent years, blockchain-based VANET is an active field of research because it can provide decentralization, data integrity and transparency. Using the strength of the blockchain technology, we design a blockchain-based handover authentication protocol for VANETs. In the proposed protocol, vehicles only perform lightweight computations in handover situations for efficiency of the network. We also conduct the formal analysis such as Burrows–Abadi–Needham (BAN) logic, Real-Or-Random (ROR) oracle model, and Automated Validation of Internet Security Protocols and Applications (AVISPA) simulation to the proposed protocol. We simulate the proposed protocol using network simulator 3 (NS-3) to verify that the proposed protocol is practical. Finally, we compare the computational cost and security features of the proposed protocol with existing protocols to show that the proposed protocol is more secure and efficient.
ASPA-MOSN: An Efficient User Authentication Scheme for Phishing Attack Detection in Mobile Online Social Networks
Munmun Bhattacharya,Sandip Roy,Samiran Chattopadhyay,Ashok Kumar Das,Sajjad Shauk
IEEE Systems Journal, SYSJ, 2022
@inproceedings{bib_ASPA_2022, AUTHOR = {Munmun Bhattacharya, Sandip Roy, Samiran Chattopadhyay, Ashok Kumar Das, Sajjad Shauk}, TITLE = {ASPA-MOSN: An Efficient User Authentication Scheme for Phishing Attack Detection in Mobile Online Social Networks}, BOOKTITLE = {IEEE Systems Journal}. YEAR = {2022}}
Over the last few years, with the massive growth of smartphone technology and mobile Internet, the use of vari- ous online social networks (OSNs) have increased rapidly. This ever-growing use of social networks leverages cyber-attackers to exploit various phishing schemes, spoofed accounts, and other threats to steal users’ credentials. Phishing is an online crime that employs both technical subterfuge and social engineering to steal consumers’ personal identity, financial account credentials, and other sensitive information. In general, a phishing attack is carried out by the exercise of sending fraudulent communications (like a fake email with harmful uniform resource locators), that pretends to come from a reputable source. The problem of designing user authentication protocol for mitigating phishing attacks in OSNs is a challenging research problem. In this article, we propose a secure and lightweight cryptography-based authentication scheme, called authentication scheme for phishing attack (ASPA)-mobile online social network (mOSN), that provides resistance to phishing and other related attacks in OSNs. The security of the proposed scheme is explained using both informal security analysis and formal security analysis through the widely recognized real-or- random model and ProVerif simulation tool. Finally, we compare the security, functionality, computation, and communication costs of the proposed ASPA-mOSN with related schemes. The compar- ison results show that ASPA-mOSN outperforms other existing competing schemes. Index Terms—Authentication, mobile online social networks (mOSN), phishing attacks, random oracle, security
Blockchain-Enabled Authenticated Key Agreement Scheme for Mobile Vehicles-Assisted Precision Agricultural IoT Network
Vangala Anusha,Ashok Kumar Das,Ankush Mitra,Sajal K. Das,Youngho Park
IEEE Transactions on Information Forensics and Security, TIFS, 2022
@inproceedings{bib_Bloc_2022, AUTHOR = {Vangala Anusha, Ashok Kumar Das, Ankush Mitra, Sajal K. Das, Youngho Park}, TITLE = {Blockchain-Enabled Authenticated Key Agreement Scheme for Mobile Vehicles-Assisted Precision Agricultural IoT Network}, BOOKTITLE = {IEEE Transactions on Information Forensics and Security}. YEAR = {2022}}
Precision farming has a positive potential in the agricultural industry regarding water conservation, increased productivity, better development of rural areas, and increased income. Blockchain technology is a better alternative for storing and sharing farm data as it is reliable, transparent, immutable, and decentralized. Remote monitoring of an agricultural field requires security systems to ensure that any sensitive infor- mation is exchanged only among authenticated entities in the network. To this end, we design an efficient blockchain-enabled authenticated key agreement scheme for mobile vehicles-assisted precision agricultural Internet of Things (IoT) networks called Agr oM obi Bl ock. The limited existing work on authentication in agricultural networks shows passive usage of blockchains with very high costs. Agr oM obi Bl ock proposes a novel idea using the elliptic curve operations on an active hybrid blockchain over mobile farming vehicles with low computation and communica- tion costs. Formal and informal security analysis along with the formal security verification using the Automated Validation of Internet Security Protocols and Applications (AVISPA) software tool have shown the robustness of Agr oM obi Bl ock against man-in-the-middle, impersonation, replay, physical capture, and ephemeral secret leakage attacks among other potential attacks. The blockchain-based simulation on large-scale nodes shows the computational time for an increase in the network and block size
Blockchain-Envisioned Provably Secure Multivariate Identity-Based Multi-Signature Scheme for Internet of Vehicles Environment
Vikas Srivastava,Sumit Kumar Debnath,Basudeb Bera,Ashok Kumar Das,Youngho Park
IEEE Transactions on Vehicular Technology, TVT, 2022
@inproceedings{bib_Bloc_2022, AUTHOR = {Vikas Srivastava, Sumit Kumar Debnath, Basudeb Bera, Ashok Kumar Das, Youngho Park}, TITLE = {Blockchain-Envisioned Provably Secure Multivariate Identity-Based Multi-Signature Scheme for Internet of Vehicles Environment}, BOOKTITLE = {IEEE Transactions on Vehicular Technology}. YEAR = {2022}}
The deployed vehicles in an Internet of Vehicles (IoV) can take intelligent decisions by means of exchanging the real- time traffic-related information between the vehicles and IoV in- frastructures. This further reduces the probability of the traffic jams and accidents. However, the insecure (public) communication among the various entities in IoV makes various security threats and attacks that can be launched by passive/active adversaries present in the network. In view of this context, there is a need of an efficient cryptographic primitive which can produce single compact signature. A multi-signature scheme (MSS) empowers a collection of signers to conjointly sign a given message using a single compact signature that can be verified by any verifier. Herein, we put forward a new identity-based multivariate MSS, namely MV-MSS, which is built on top of the intractability of multivariate-quadratic (MQ) problem. The fact is that multivariate public key cryptosystem provides fast, post-quantum safe and effi- cient primitives, which makes it the front runner candidate among the post-quantum cryptographic candidates. MV-MSS is proven to be secure in the existential unforgeability under chosen-message and chosen identity attack model if solving the MQ problem is NP-hard. We then incorporate the designed MV-MSS in IoV ap- plication where the leader (cluster head) selected from a group of vehicles in a dynamic cluster forms the multi-signatures on the messages securely received from its member vehicles. Later, the messages along with their multi-signatures are forwarded to the nearby road-side unit (RSU) of the cluster head, which are then for- warded to a cloud server in the blockchain center maintained by a Peer-to-Peer (P2P) cloud servers network. In this way, the messages
EV-PUF: Lightweight Security Protocol for Dynamic Charging System of Electric Vehicles Using Physical Unclonable Functions
Ponnuru Raveendra Babu,Alavalapati Goutham Reddy,Basker Palaniswamy,Ashok Kumar Das
IEEE Transactions on Network Science and Engineering ( Early Access ), TNSE, 2022
@inproceedings{bib_EV-P_2022, AUTHOR = {Ponnuru Raveendra Babu, Alavalapati Goutham Reddy, Basker Palaniswamy, Ashok Kumar Das}, TITLE = {EV-PUF: Lightweight Security Protocol for Dynamic Charging System of Electric Vehicles Using Physical Unclonable Functions}, BOOKTITLE = {IEEE Transactions on Network Science and Engineering ( Early Access )}. YEAR = {2022}}
Dynamic charging is a potential technology that would enable electric vehicles to be charged while they are in motion. Significant security and privacy concerns, on the other hand, arise as a result of communications between electric vehicles and a variety of dynamic charging system entities occurring over a public channel. Numerous authentication protocols have been presented recently to address security concerns associated with dynamic charging system. Nonetheless, we provide a lightweight authentication protocol suite that enables mutual authentication and session key agreement between the electric vehicle and the charging system while safeguarding against numerous attacks. The EV-PUF is based on physical unclonability, which is gaining popularity as a substitute for ultra-lightweight authentication and resistance to machine learning based attacks. Additionally, the security of the EV-PUF suite has been demonstrated using the random oracle model and state-of-the-art tool, Tamarin. According to the performance analysis, it is apparent that the EV-PUF suite improves efficiency in terms of consumption of less communication and computing overhead.
Machine learning security attacks and defense approaches for emerging cyber physical applications: A comprehensive survey
Jaskaran Singh,Mohammad Wazid,Ashok Kumar Das,Vinay Chamola, Mohsen Guizani
Computer Communications, CC, 2022
Abs | | bib Tex
@inproceedings{bib_Mach_2022, AUTHOR = {Jaskaran Singh, Mohammad Wazid, Ashok Kumar Das, Vinay Chamola, Mohsen Guizani}, TITLE = {Machine learning security attacks and defense approaches for emerging cyber physical applications: A comprehensive survey}, BOOKTITLE = {Computer Communications}. YEAR = {2022}}
The cyber physical systems integrate the sensing, computation, control and networking processes into physical objects and infrastructure, which are connected through the Internet to execute a common task. Cyber physical systems can be applied in various applications, like healthcare, transportation, industrial production, environment and sustainability, and security and surveillance. However, the tight coupling of cyber systems with physical systems introduce challenges in addressing stability, security, efficiency and reliability. The machine learning (ML) security is the inclusion of cyber security mechanism to provide protection to the machine learning models against various cyber attacks. The ML models work through the traditional training and testing approaches. However, execution of such kind of approaches may not function effectively in case if a system is connected to the Internet. As online hackers can exploit deployed security mechanisms and poison the data. This data is then taken as the input by the ML models. In this article, we provide the details of various machine learning security attacks in cyber physical systems. We then discuss some defense mechanisms to protect against these attacks. We also present a threat model of ML security mechanisms deployed in cyber systems. Furthermore, we discuss various issues and challenges of ML security mechanisms deployed in cyber systems. Finally, we provide a detailed comparative study on performance of the ML models under the influence of various ML attacks in cyber physical systems.
Post-Quantum Secure Identity-Based Encryption Scheme Using Random Integer Lattices for IoT-Enabled AI Applications
Dharminder Dharminder,Ashok Kumar Das,Sourav Saha,Basudeb Bera,Athanasios V. Vasilakos
Security and Communication Networks, SCNW, 2022
@inproceedings{bib_Post_2022, AUTHOR = {Dharminder Dharminder, Ashok Kumar Das, Sourav Saha, Basudeb Bera, Athanasios V. Vasilakos}, TITLE = {Post-Quantum Secure Identity-Based Encryption Scheme Using Random Integer Lattices for IoT-Enabled AI Applications}, BOOKTITLE = {Security and Communication Networks}. YEAR = {2022}}
Identity-based encryption is an important cryptographic system that is employed to ensure confidentiality of a message in communication. &is article presents a provably secure identity based encryption based on post quantum security assumption. &e security of the proposed encryption is based on the hard problem, namely Learning with Errors on integer lattices. &is construction is anonymous and produces pseudo random ciphers. Both public-key size and ciphertext-size have been reduced in the proposed encryption as compared to those for other relevant schemes without compromising the security. Next, we incorporate the constructed identity based encryption (IBE) for Internet of &ings (IoT) applications, where the IoT smart devices send securely the sensing data to their nearby gateway nodes(s) with the help of IBE and the gateway node(s) secure aggregate the data from the smart devices by decrypting the messages using the proposed IBE decryption. Later, the gateway nodes will securely send the aggregated data to the cloud server(s) and the Big data analytics is performed on the authenticated data using the Artificial Intelligence (AI)/Machine Learning (ML) algorithms for accurate and better predictions.
SLAP-IoD: Secure and Lightweight Authentication Protocol Using Physical Unclonable Functions for Internet of Drones in Smart City Environments
Sungjin Yu,Ashok Kumar Das,Youngho Park,Pascal Lorenz
IEEE Transactions on Vehicular Technology, TVT, 2022
@inproceedings{bib_SLAP_2022, AUTHOR = {Sungjin Yu, Ashok Kumar Das, Youngho Park, Pascal Lorenz}, TITLE = {SLAP-IoD: Secure and Lightweight Authentication Protocol Using Physical Unclonable Functions for Internet of Drones in Smart City Environments}, BOOKTITLE = {IEEE Transactions on Vehicular Technology}. YEAR = {2022}}
With the emergence of the concept of smart city and the increasing demands for a range of drones, Internet of Drones (IoD) has achieved a variety of attention by providing multiple benefits in academia and industry. IoD offers numerous services, such as traffic monitoring, environmental monitoring, and disas- ter management by combining infrastructure, Internet of Things (IoT), and Flying Ad-Hoc Networks (FANET) in smart city envi- ronments. However, communication among drones is vulnerable to potential security threats because the sensitive messages in various applications are exchanged via an insecure channel in IoD-based smart city environments. Since IoDs can be operated in unat- tended environment with minimum human interventions, smart devices (e.g., drones and sensors) deployed in IoD architectures are vulnerable to physical capture attacks. In addition, drones are resource-constrained in terms of computation and communication overheads, and it is not much viable to apply public key cryptog- raphy (PKC) that requires high computation and communication overheads. Thus, we design a secure and lightweight authentication protocol using a physical unclonable function (PUF) for IoD to guarantee reliable and useful services in smart city environments, called SLAP-IoD. We prove the security of the SLAP-IoD using informal and formal security analyses using the broadly recog- nized Real-Or-Random (ROR) random oracle model, and also through the formal security verification using the widely-accepted Automated Validation of Internet Security-sensitive Protocols and Applications (AVISPA) security verification. Furthermore, we com- pare the performance of the SLAP-IoD with related schemes. Consequently, we show that SLAP-IoD offers better security and efficiency than other related schemes and is suitable for IoD-based smart city environments
AI-Envisioned Blockchain-Enabled Signature-Based Key Management Scheme for Industrial Cyber-Physical Systems
Ashok Kumar Das,Basudeb Bera,Sourav Saha,Neeraj Kumar,Ilsun You,Han-Chieh Chao,Han-Chieh Chao
IEEE Internet of Things Journal, IOT, 2022
Abs | | bib Tex
@inproceedings{bib_AI-E_2022, AUTHOR = {Ashok Kumar Das, Basudeb Bera, Sourav Saha, Neeraj Kumar, Ilsun You, Han-Chieh Chao, Han-Chieh Chao}, TITLE = {AI-Envisioned Blockchain-Enabled Signature-Based Key Management Scheme for Industrial Cyber-Physical Systems}, BOOKTITLE = {IEEE Internet of Things Journal}. YEAR = {2022}}
This article proposes a new blockchain-envisioned key management protocol for artificial intelligence (AI)-enabled industrial cyber–physical systems (ICPSs). The designed key management protocol enables key establishment among the Internet of Things (IoT)-enabled smart devices and their respective gateway nodes. The blocks partially constructed with secure data from smart devices by fog servers are provided to cloud servers that are responsible for completing blocks, and then mining those blocks for verification and addition in the blockchain. The most important application of the private blockchain construction is to apply AI algorithms for accurate predictions in Big data analytics. A detailed security analysis along with formal security verification show that the proposed scheme resists various potential attacks in an ICPS environment. Moreover, practical testbed experiments have been conducted using the multiprecision integer and rational arithmetic cryptographic library (MIRACL). Furthermore, a detailed comparative analysis shows superiority of the proposed scheme over recent relevant schemes. In addition, the practical implementation using the blockchain for the proposed scheme demonstrates the total computational costs when the number of transactions per block and also the number of blocks mined in the blockchain are varied.
Blockchain-Enabled Authenticated Key Agreement Scheme for Mobile Vehicles-Assisted Precision Agricultural IoT Networks
Vangala Anusha,Ashok Kumar Das,Ankush Mitra,Sajal K. Das,Youngho Park
IEEE Transactions on Information Forensics and Security, TIFS, 2022
Abs | | bib Tex
@inproceedings{bib_Bloc_2022, AUTHOR = {Vangala Anusha, Ashok Kumar Das, Ankush Mitra, Sajal K. Das, Youngho Park}, TITLE = {Blockchain-Enabled Authenticated Key Agreement Scheme for Mobile Vehicles-Assisted Precision Agricultural IoT Networks}, BOOKTITLE = {IEEE Transactions on Information Forensics and Security}. YEAR = {2022}}
Precision farming has a positive potential in the agricultural industry regarding water conservation, increased productivity, better development of rural areas, and increased income. Blockchain technology is a better alternative for storing and sharing farm data as it is reliable, transparent, immutable, and decentralized. Remote monitoring of an agricultural field requires security systems to ensure that any sensitive information is exchanged only among authenticated entities in the network. To this end, we design an efficient blockchain-enabled authenticated key agreement scheme for mobile vehicles-assisted precision agricultural Internet of Things (IoT) networks called AgroMobiBlock . The limited existing work on authentication in agricultural networks shows passive usage of blockchains with very high costs. AgroMobiBlock proposes a novel idea using the elliptic curve operations on an active hybrid blockchain over mobile farming vehicles with low computation and communication costs. Formal and informal security analysis along with the formal security verification using the Automated Validation of Internet Security Protocols and Applications (AVISPA) software tool have shown the robustness of AgroMobiBlock against man-in-the-middle, impersonation, replay, physical capture, and ephemeral secret leakage attacks among other potential attacks. The blockchain-based simulation on large-scale nodes shows the computational time for an increase in the network and block sizes. Moreover, the real-time testbed experiments have been performed to show the practical usefulness of the proposed scheme.
Authenticated Key Agreement Scheme With User Anonymity and Untraceability for 5G-Enabled Softwarized Industrial Cyber-Physical Systems
Anil Kumar Sutrala,Mohammad S. Obaidat,Sourav Saha,Ashok Kumar Das,Mamoun Alazab,Youngho Park
IEEE Transactions on Intelligent Transportation Systems, ITS, 2021
@inproceedings{bib_Auth_2021, AUTHOR = {Anil Kumar Sutrala, Mohammad S. Obaidat, Sourav Saha, Ashok Kumar Das, Mamoun Alazab, Youngho Park}, TITLE = {Authenticated Key Agreement Scheme With User Anonymity and Untraceability for 5G-Enabled Softwarized Industrial Cyber-Physical Systems }, BOOKTITLE = {IEEE Transactions on Intelligent Transportation Systems}. YEAR = {2021}}
With the tremendous growth of Information and Communications Technology (ICT), Cyber Physical Systems (CPS) have opened the door for many potential applications ranging from smart grids and smart cities to transportation, retail, public safety and networking, healthcare and industrial manufacturing. However, due to communication via public channel occurring among various entities in an industrial CPS (ICPS) with the help of the 5G technology and Software-Defined Networking (SDN), it poses several potential security threats and attacks. To mitigate these issues, we propose a new three-factor user authentication and key agreement scheme (UAKA-5GSICPS) for 5G-enabled SDN based ICPS environment. UAKA-5GSICPS allows an authorized user to access the real-time data directly from some designated Internet of Things (IoT)-based smart devices provided that a successful mutual authentication among them is executed via their controller node in the SDN network. It is shown to be robust against various potential attacks through detailed security analysis including the simulation-based formal security verification. A detailed comparative study with the help of experimental results shows that UAKA-5GSICPS achieves better trade-off among security and functionality features, communication and computation overheads as compared to other existing competing schemes.
AI-Enabled Blockchain-Based Access Control for Malicious Attacks Detection and Mitigation in IoE
Basudeb Bera,Ashok Kumar Das,Mohammad S. Obaidat,Pandi Vijayakumar,Kuei-Fang Hsiao,YoungHo Park
IEEE Consumer Electronics Magazine, CEM, 2020
@inproceedings{bib_AI-E_2020, AUTHOR = {Basudeb Bera, Ashok Kumar Das, Mohammad S. Obaidat, Pandi Vijayakumar, Kuei-Fang Hsiao, YoungHo Park}, TITLE = {AI-Enabled Blockchain-Based Access Control for Malicious Attacks Detection and Mitigation in IoE}, BOOKTITLE = {IEEE Consumer Electronics Magazine}. YEAR = {2020}}
In Internet of Everything (IoE), malicious attacks detection and mitigation are important issues. These issues can be resolved through an access control framework where two entities first authenticate each other prior to establish any secret key for their secure communication. The sensing data of various smart devices in an IoE environment are processed securely at the nearby fog servers and at the same time legitimate users can also access the real-time data directly from designated smart devices through access control mechanism. We first discuss various attack trends in IoE environment. After that we discuss evolution of the blockchain technology in the IoE. An Artificial Intelligence (AI)-based blockchain-envisioned access control framework for malicious attacks detection and mitigation has been suggested to secure the IoE environment. Finally, a blockchain based implementation has been conducted on the proposed blockchain-envisioned access control framework for measuring the computational time needed for varying number of blocks mined in the blockchain and also for varying number of transactions per block.
