Security Considerations on Three-Factor Anonymous Authentication Scheme for WSNs

Wireless sensor networks (WSNs) are used to monitor various environmental conditions including movement, pollution level, temperature, humidity, and etc. Secure authentication is very important for the success of WSNs. Li et al. proposed a three-factor anonymous authentication scheme in WSNs over Internet of things (IoT). They argued that their authentication scheme achieves more security and functional features, which are required for WSNs over IoT. Especially, they insisted that their user authentication scheme provides security against sensor node impersonation attack, and resists session-specific temporary information attack and various other attacks. However, this paper shows some security weaknesses in Li et al.’s scheme, especially focused on sensor node masquerading attack, known session-specific temporary information attack and deficiency of perfect forward secrecy. Especially, security considerations are very important to the modern IoT based applications. Thereby, the result of this paper could be very helpful for the IoT security researches.

A Transductive Scheme Based Inference Techniques for Network Forensic Analysis

Network forensics is a security infrastructure,and becomes the research focus of forensic investigation.However many challenges still exist in conducting network forensics:network has produced large amounts of data;the comprehensibility of evidence extracting from collected data;the efficiency of evidence analysis methods,etc.To solve these problems,in this paper we develop a network intrusion forensics system based on transductive scheme that can detect and analyze efficiently computer crime in networked environments,and extract digital evidence automatically.At the end of the paper,we evaluate our method on a series of experiments on KDD Cup 1999 dataset.The results demonstrate that our methods are actually effective for real-time network forensics,and can provide comprehensible aid for a forensic expert.

A Dual-Channel Secure Transmission Scheme for Internet-Based Networked Control Systems

Two significant issues in Internet-based networked control systems （ INCSs）, transport performance of different protocols and security breach from Internet side, are investigated. First, for improving the performance of data transmission, user datagram protocol （UDP） is adopted as the main stand for controllers and plants using INCSs. Second, a dual-channel secure transmission scheme （DCSTS）based on data transmission characteristics of INCSs is proposed, in which a raw UDP channel and a secure TCP （transmission control protocol） connection making use of SSL/TLS （secure sockets layer/transport layer security） are included. Further, a networked control protocol （NCP） at application layer for supporting DCSTS between the controllers and plants in INCSs is designed, and it also aims at providing a universal communication mechanism for interoperability of devices among the networked control laboratories in Beijing Institute of Technology of China, Central South University of China and Tokyo University of Technology of Japan. By means of a networked single-degree-of-free- dom robot arm, an INCS under the new protocol and security environment is created. Compared with systems such as IPSec or SSL/TLS, which may cause more than 91% network throughput deduction, the new DCSTS protocol may yield results ten times better, being just 5.67%.

SBOOSP for Massive Devices in 5G WSNs Using Conformable Chaotic Maps

The commercialization of the fifth-generation(5G)wireless network has begun.Massive devices are being integrated into 5G-enabled wireless sensor networks(5GWSNs)to deliver a variety of valuable services to network users.However,there are rising fears that 5GWSNs will expose sensitive user data to new security vulnerabilities.For secure end-to-end communication,key agreement and user authentication have been proposed.However,when billions of massive devices are networked to collect and analyze complex user data,more stringent security approaches are required.Data integrity,nonrepudiation,and authentication necessitate special-purpose subtree-based signature mechanisms that are pretty difficult to create in practice.To address this issue,this work provides an efficient,provably secure,lightweight subtreebased online/offline signature procedure(SBOOSP)and its aggregation(Agg-SBOOSP)for massive devices in 5G WSNs using conformable chaotic maps.The SBOOSP enables multi-time offline storage access while reducing processing time.As a result,the signer can utilize the pre-stored offline information in polynomial time.This feature distinguishes our presented SBOOSP from previous online/offline-signing procedures that only allow for one signature.Furthermore,the new procedure supports a secret key during the pre-registration process,but no secret key is necessary during the offline stage.The suggested SBOOSP is secure in the logic of unforgeability on the chosen message attack in the random oracle.Additionally,SBOOSP and Agg-SBOOSP had the lowest computing costs compared to other contending schemes.Overall,the suggested SBOOSP outperforms several preliminary security schemes in terms of performance and computational overhead.

APPLICATION OF ID-BASED AGGREGATE SIGNATURE IN MANETS

Aggregate signatures are a useful primitive which allows aggregating many signatures on different messages computed by different users into a single and constant-length signature and adapts to Mobile Ad hoc NETwork (MANETs) very much. Jumin Song, et al. presented an ID-based aggregate signature, applied it to MANETs and proposed a secure routing scheme. In this work, we analyze Jumin Song, et al.’s aggregate signature scheme and find some limitations on its batch verification. In addition, in this work, we apply Craig Gentry, et al.’s ID-based aggregate signature to on-demand routing pro-tocol to present a secure routing scheme. Our scheme not only provides sound authentication and a secure routing protocol in ad hoc networks, but also meets the nature of MANETs.

Lightweight Trusted Security for Emergency Communication Networks of Small Groups

Public communication infrastructures are susceptible to disasters. Thus, the Emergency Communication Networks(ECNs) of small groups are necessary to maintain real-time communication during disasters. Given that ECNs are self-built by users, the unavailability of infrastructures and the openness of wireless channels render them insecure. ECN security, however, is a rarely studied issue despite of its importance. Here, we propose a security scheme for the ECNs of small groups. Our scheme is based on the optimized Byzantine Generals’ Problem combined with the analysis of trusted security problems in ECNs. Applying the Byzantine Generals’ Problem to ECNs is a novel approach to realize two new functions, debugging and error correction, for ensuring system consistency and accuracy. Given the limitation of terminal devices, the lightweight fast ECDSA algorithm is introduced to guarantee the integrity and security of communication and the efficiency of the network. We implement a simulation to verify the feasibility of the algorithm after theoretical optimization.