Security and Privacy最新文献

筛选
英文 中文
Physically secure and privacy‐preserving blockchain enabled authentication scheme for internet of drones 无人机互联网的物理安全和隐私保护区块链认证方案
IF 1.9
Security and Privacy Pub Date : 2024-01-10 DOI: 10.1002/spy2.364
Jegadeesan Subramani, Azees Maria, ArunSekar Rajasekaran, Jaime Lloret
{"title":"Physically secure and privacy‐preserving blockchain enabled authentication scheme for internet of drones","authors":"Jegadeesan Subramani, Azees Maria, ArunSekar Rajasekaran, Jaime Lloret","doi":"10.1002/spy2.364","DOIUrl":"https://doi.org/10.1002/spy2.364","url":null,"abstract":"The wide applications of the Internet of Drones (IoD), ranging from package delivery to surveillance, attract the attention of industrialists and academicians. Drones are given the task of obtaining sensitive field information within the flying zone in real‐time. Hence, it is important to tackle the privacy and security issues associated with drones that are employed in these kinds of situations. Also, when the drones move to the new unmanned aerial vehicle (UAV) operator coverage area, the drones are required to execute the authentication process again, which affects the performance of IoD. To overcome the above‐said shortcomings, a physically secure and privacy‐preserving blockchain enabled authentication method is proposed in this paper. The blockchain network permits drones to perform quick re‐authentication by transferring drone authentication codes to the following UAV operators. In the proposed work, the drone does not need to store the secret keys to perform anonymous authentication, and it provides physical security for the drones. When compared to competing techniques, the proposed scheme delivers the needed security features while incurring lower storage, computational, and communication costs.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":"5 43","pages":""},"PeriodicalIF":1.9,"publicationDate":"2024-01-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"139439697","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
A new authentication scheme for dynamic charging system of electric vehicles in fog environment 雾环境下电动汽车动态充电系统的新型认证方案
IF 1.9
Security and Privacy Pub Date : 2024-01-01 DOI: 10.1002/spy2.365
Zhongming Huang, Feng Wang, Chin-Chen Chang, Xiuqiang Chen
{"title":"A new authentication scheme for dynamic charging system of electric vehicles in fog environment","authors":"Zhongming Huang, Feng Wang, Chin-Chen Chang, Xiuqiang Chen","doi":"10.1002/spy2.365","DOIUrl":"https://doi.org/10.1002/spy2.365","url":null,"abstract":"The dynamic charging system of electric vehicles has great potential for development. Electric vehicles initiate charging requests, and charging stations charge authorized electric vehicles. Fog computing improves the efficiency of request processing. However, open channels can be vulnerable to various attacks by a malicious adversary. Mutual authentication schemes allow users and charging stations to confirm each other. Therefore, numerous authentication and key agreement schemes have been proposed. In 2021, Babu et al. proposed an authentication scheme based on fog servers. Unfortunately, we found that their scheme can not resist FS impersonation attack and replay attack. Hence, we propose an authentication scheme between electric vehicles and fog servers to resolve the security weakness. Our scheme uses lightweight hash functions and XOR operations, which is more suitable for resource‐constrained electric vehicles. We proved our scheme can achieve mutual authentication by using BAN logic, and analyzed that our scheme can resist impersonation, replay, and known session key attacks, ensuring anonymity and untraceability. We finally compare computation cost and communication cost of our scheme with the existing schemes. The result shows that our scheme performs better than others overall. Therefore, our scheme is secure and suitable for dynamic charging systems.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":"12 1","pages":""},"PeriodicalIF":1.9,"publicationDate":"2024-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"139457125","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
An efficient lightweight authentication scheme for dew‐assisted IoT networks 用于露水辅助物联网网络的高效轻量级认证方案
IF 1.9
Security and Privacy Pub Date : 2023-12-11 DOI: 10.1002/spy2.360
Upendra Verma, M. Sohani
{"title":"An efficient lightweight authentication scheme for dew‐assisted IoT networks","authors":"Upendra Verma, M. Sohani","doi":"10.1002/spy2.360","DOIUrl":"https://doi.org/10.1002/spy2.360","url":null,"abstract":"The dew computing is currently considered as one of the promising technology, due to its ability to give data access in the absence of internet. However, dew computing also brings new challenges, particularly security and privacy issues. In dew computing paradigm, authentication and key agreement pose substantial challenges that must be taken into account. In this context, the present work is to provide a secure authentication scheme for Internet of Things and dew server based on elliptic curve cryptography. Moreover, the performance evaluation of proposed scheme has been assessed in terms of communication and computation cost, which shows the proposed scheme outperforms than existing related schemes. The proposed scheme has also been compared with the related schemes in terms of various security features such as location privacy, anonymity, forward secrecy, mutual authentication, key agreement, forgery attack, replay attack, denial of service attack and replay attack. Furthermore, the formal security evaluation has been verified by automated validation internet security protocols and applications (AVISPA) under on‐the‐fly model‐checker (OFMC) and constraint logic based attack searcher (CL‐AtSE) backends. The OFMC backend analyzed 228 visited nodes with four plies using search time of 0.24 s. The CL‐AtSE analyzed three states with translation time of 0.12 s. The OFMC and CL‐AtSE backends have not identified any attack trace. Therefore, the simulation results demonstrate that the proposed scheme is safe against the security threats.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":"28 2","pages":""},"PeriodicalIF":1.9,"publicationDate":"2023-12-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"139010561","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Enhancing android application security: A novel approach using DroidXGB for malware detection based on permission analysis 增强安卓应用程序的安全性:基于权限分析使用 DroidXGB 检测恶意软件的新方法
IF 1.9
Security and Privacy Pub Date : 2023-12-11 DOI: 10.1002/spy2.361
Pawan Kumar, Sukhdip Singh
{"title":"Enhancing android application security: A novel approach using DroidXGB for malware detection based on permission analysis","authors":"Pawan Kumar, Sukhdip Singh","doi":"10.1002/spy2.361","DOIUrl":"https://doi.org/10.1002/spy2.361","url":null,"abstract":"The prevalence of malicious Android applications targeting the platform has introduced significant challenges in the realm of security testing. Traditional solutions have proven insufficient in handling the growing number of malicious apps, resulting in persistent exposure of Android smartphones to evolving forms of malware. This study investigates the potential of extreme gradient boosting (XGB) in identifying complex and high‐dimensional malicious permissions. By leveraging attribute combination and selection techniques, XGBoost demonstrates promising capabilities in this area. However, enhancing the XGBoost model presents a formidable challenge. To overcome this, This research employs adaptive grey wolf optimization (AGWO) for hyper‐parameter tuning. AGWO utilizes continuous values to represent the position and movement of the grey wolf, enabling XGBoost to search for optimal hyper‐parameter values in a continuous space. The proposed approach, DroidXGB, utilizes XGBoost and AGWO to analyze permissions and identify malware Android applications. It aims to address security vulnerabilities and compares its performance with baseline algorithms and state‐of‐the‐art methods using four benchmark datasets. The results showcase DroidXGB's impressive accuracy of 98.39%, outperforming other existing methods and significantly enhancing Android malware detection and security testing capabilities.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":"8 3","pages":""},"PeriodicalIF":1.9,"publicationDate":"2023-12-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"138980209","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Designing access control security protocol for Industry 4.0 using Blockchain‐as‐a‐Service 利用区块链即服务为工业 4.0 设计访问控制安全协议
IF 1.9
Security and Privacy Pub Date : 2023-12-11 DOI: 10.1002/spy2.362
Anusha Vangala, Ashok Kumar Das, Neeraj Kumar, P. Vijayakumar, Marimuthu Karuppiah, Youngho Park
{"title":"Designing access control security protocol for Industry 4.0 using Blockchain‐as‐a‐Service","authors":"Anusha Vangala, Ashok Kumar Das, Neeraj Kumar, P. Vijayakumar, Marimuthu Karuppiah, Youngho Park","doi":"10.1002/spy2.362","DOIUrl":"https://doi.org/10.1002/spy2.362","url":null,"abstract":"Industry 4.0 is a revolution of the operations in the industrial manufacturing for increased productivity, trade and commerce. It is heavily reliant on the automation of the processes and equipment along with complex interconnectivity and insightful analysis using machine learning. The interconnectivity of the manufacturing devices from various industrial sites brings with it several security issues related to communication. This article focuses on solving the security issue of access control between such devices and enable seamless secure communication for the proper functioning of the industry. An access control scheme has been proposed that achieves the necessary security features of anonymity, traceability, and forward secrecy. It is also shown that the proposed scheme takes less communication and computational costs, and is strongly resilient against various attacks such as impersonation attack, replay attack, and denial‐of‐service attack as compared to other relevant schemes.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":"102 1","pages":""},"PeriodicalIF":1.9,"publicationDate":"2023-12-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"138981531","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Chaos and DNA coding technique for image cryptography 用于图像加密的混沌和 DNA 编码技术
IF 1.9
Security and Privacy Pub Date : 2023-12-08 DOI: 10.1002/spy2.359
Grishan Pradhan, Babu R. Dawadi, Abiral Chaulagain, Anish Lal Joshi, Prajal Govinda Vaidya
{"title":"Chaos and DNA coding technique for image cryptography","authors":"Grishan Pradhan, Babu R. Dawadi, Abiral Chaulagain, Anish Lal Joshi, Prajal Govinda Vaidya","doi":"10.1002/spy2.359","DOIUrl":"https://doi.org/10.1002/spy2.359","url":null,"abstract":"In today's cybersphere, cryptography plays a vital role in various fields. Image encryption is an integral part for securing information because of its vast application areas such as military (defense), multimedia, healthcare and so forth. In this article, an image encryption algorithm for both grayscale and color image is proposed based on Tangential Delay‐Ellipse Reflecting Curve System (TD‐ERCS) chaotic map system and deoxyribonucleic acid (DNA) coding. Chaotic map is used to scramble the pixel positions; to achieve confusion and for creation of mask image, and DNA coding is used for changing the pixel values; to achieve diffusion. Upon experimental analysis, proposed work achieved significantly high mean square error and low peak signal to noise ratio, almost zero correlation, high number of pixel change rate and unified averaged changed intensity values, and resistance to noise and data loss attacks. In addition, the decryption is possible without loss in quality of image.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":"19 16","pages":""},"PeriodicalIF":1.9,"publicationDate":"2023-12-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"138589532","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
V2XCom: Lightweight and secure message dissemination scheme for Internet of vehicles V2XCom:面向车联网的轻量级安全消息分发方案
Security and Privacy Pub Date : 2023-11-02 DOI: 10.1002/spy2.352
Umesh Bodkhe, Sudeep Tanwar
{"title":"<i>V2XCom:</i> Lightweight and secure message dissemination scheme for Internet of vehicles","authors":"Umesh Bodkhe, Sudeep Tanwar","doi":"10.1002/spy2.352","DOIUrl":"https://doi.org/10.1002/spy2.352","url":null,"abstract":"Abstract Smart cities provide a sustainable transport ecosystem to connect smart vehicles through sensors and networking units. Internet‐of‐vehicles (IoV) is vital in disseminating various messages, including road safety, exact location sharing, road accidents and blocks, collision warning, driver assistance, network congestion, or toll payment among vehicle‐to‐anything (V2X) units. Due to the mission‐critical nature of the IoV ecosystem, it requires reliable, lightweight, and real‐time communication for vehicle‐to‐vehicle (V2V) and V2X units. However, due to the availability of insecure wireless channels, an adversary can perform several security attacks such as replay, password guessing, masquerade, trace, message tampering, Man‐in‐the‐middle attack (MIMA), and plain‐text attacks in an IoV environment which may lead to potential disruptions. Motivated by the aforementioned facts, we propose a V2XCom , a lightweight and secure message dissemination scheme for the IoV network using low‐cost cryptographic SHA‐256, XoR operation, and concatenation. We performed security verification of V2XCom using the Scyther and AVISPA tools. Moreover, security proofs are provided for an informal security analysis of the proposed scheme. We have done a comparative analysis of a V2XCom with recent dissemination schemes in the IoV ecosystem concerning security features, communication latency, computational cost, and energy usage.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":"165 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-11-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"135974295","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
A secure signature‐based access control and key management scheme for fog computing‐based IoT‐enabled big data applications 一种安全的基于签名的访问控制和密钥管理方案,用于基于雾计算的物联网大数据应用
Security and Privacy Pub Date : 2023-11-01 DOI: 10.1002/spy2.353
Vijay Karnatak, Amit Kumar Mishra, Neha Tripathi, Mohammad Wazid, Jaskaran Singh, Ashok Kumar Das
{"title":"A secure signature‐based access control and key management scheme for fog computing‐based IoT‐enabled big data applications","authors":"Vijay Karnatak, Amit Kumar Mishra, Neha Tripathi, Mohammad Wazid, Jaskaran Singh, Ashok Kumar Das","doi":"10.1002/spy2.353","DOIUrl":"https://doi.org/10.1002/spy2.353","url":null,"abstract":"Fog computing is a distributed computing architecture, as opposed to depending entirely on centralized cloud servers, which brings the processing of data, functionality of an application, and its storage closer to the network's edge, where it can be closer to the data source or an end‐user device. Some of the potential applications of the fog computing‐based Internet of Things (IoT)‐enabled system are smart healthcare, smart agriculture, smart manufacturing, intelligent transportation system, and smart cities (i.e., in parking management, lighting control, traffic control, and security of civilians). The fog computing‐based IoT‐enabled system is vulnerable to various attacks. Therefore, one needs to deploy security mechanisms, like authentication, access control, key management, and malware detection, in order to secure its communication. In this article, we design a signature‐based access control and key management scheme for fog computing‐based IoT‐enabled big data applications (in short, SBAC‐FC). A detailed security analysis and performance comparison of the SBAC‐FC with other similar existing schemes reveal that the SBAC‐FC surpasses the existing schemes in terms of security and functionality characteristics, as well as complexity overheads.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":"36 6","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"135271757","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Personal health record storage and sharing using searchable encryption and blockchain: A comprehensive survey 使用可搜索加密和区块链的个人健康记录存储和共享:一项综合调查
Security and Privacy Pub Date : 2023-10-23 DOI: 10.1002/spy2.351
Abhishek Bisht, Ashok Kumar Das, Debasis Giri
{"title":"Personal health record storage and sharing using searchable encryption and blockchain: A comprehensive survey","authors":"Abhishek Bisht, Ashok Kumar Das, Debasis Giri","doi":"10.1002/spy2.351","DOIUrl":"https://doi.org/10.1002/spy2.351","url":null,"abstract":"Abstract Personal Health Records (PHRs) allow patients to have full control over their health data. However, storage and sharing of PHRs still remains a difficult but necessary task, especially when health data is one of the major targets of cyber attacks worldwide. Searchable Encryption (SE) is a feasible solution for this problem and can be augmented by Blockchain to address some of its issues, such as verifiability. Therefore, SE using blockchain is a promising technologies to tackle the challenge of PHR storage and sharing. In this survey, we have explored the research works that use SE and blockchain technology for the same. The work starts with an introduction of cloud, searchable encryption and blockchain. Subsequently, we present a literature survey of the corresponding technologies. We then describe SE in detail and how it fits with blockchain. This is followed by description of noteworthy existing solutions for secure storage and sharing of PHRs. Even though there have been a number of surveys related to SE, none of them have surveyed the use of blockchain with SE or use of SE and blockchain in PHR sharing. The work concludes with a comparative study of these existing solutions and future scope in this direction.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":"391 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-10-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"135413459","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
An identity‐based secure VANET communication system 基于身份的安全VANET通信系统
Security and Privacy Pub Date : 2023-10-21 DOI: 10.1002/spy2.349
Vankamamidi S. Naresh, Sivaranjani Reddi
{"title":"An identity‐based secure <scp>VANET</scp> communication system","authors":"Vankamamidi S. Naresh, Sivaranjani Reddi","doi":"10.1002/spy2.349","DOIUrl":"https://doi.org/10.1002/spy2.349","url":null,"abstract":"Abstract Vehicular ad‐hoc networks (VANETs) are mobile networks intended to connect vehicles and provide secure communication. In this direction, many researchers worked on establishing secure communication in VANETs. However, VANETs still face potential security and privacy issues due to network openness. In this paper, we proposed a secure communication system for VANETs with privacy, consisting of an Enhanced privacy‐preserving mutual authentication procedure for safe communication in V2V and deriving a session key using vehicle identities and time stamps the secret values (nonce) shared during the session. Further, we compared the proposed technique with existing techniques, and satisfactory results were obtained in favor of the proposed less computation. Finally, a formal security model is established to secure against unknown key share attacks, replay attacks, and key‐compromised impersonation attacks.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":"62 3","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-10-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"135511976","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信