احراز هویت سبکوزن متقابل مداوم بر اساس اولویتبندی گرهها با استفاده از نرخ ترافیک در اینترنت اشیا
الموضوعات :رضا سرابی میانجی 1 , سام جبه داری 2 , ناصر مدیری 3
1 - دانشگاه آزاد اسلامی واحد تهران شمال،گروه مهندسی کامپیوتر
2 - دانشگاه آزاد اسلامی واحد تهران شمال،گروه مهندسی کامپیوتر
3 - دانشگاه آزاد اسلامی واحد زنجان،دانشکده مهندسی برق و کامپیوتر
الکلمات المفتاحية: احراز هویت سبکوزن, احراز هویت مداوم, اینترنت اشیا, حریم خصوصی,
ملخص المقالة :
امروزه میلیاردها دستگاه از طریق اینترنت اشیا و در اغلب موارد از طریق ارتباطات ناامن به هم متصل شدهاند، بنابراین مسایل امنیتی و حریم خصوصی این دستگاهها به عنوان یک نگرانی عمده مطرح است. با توجه به محدودیت منابع دستگاههای اینترنت اشیا، راه حلهای امنیتی این محیط از نظر پردازش و حافظه باید امن و سبکوزن باشند. با این حال، بسیاری از راه حلهای امنیتی موجود به طور خاص در زمینه احراز هویت به دلیل محاسبات زیاد برای اینترنت اشیا مناسب نیستند و نیاز به یک پروتکل احراز هویت سبکوزن برای دستگاههای اینترنت اشیا احساس میشود. در این مقاله، یک پروتکل احراز هویت سبکوزن متقابل بین گرهها با منابع محدود و سرور در اینترنت اشیا معرفی شده است که از اولویتبندی گرهها بر اساس نرخ ترافیک استفاده میکند. این طرح به دلیل استفاده از عملیات XOR و Hash سبک میباشد. طرح پیشنهادی در برابر حملات سایبری مانند استراق سمع و حمله تلاش مجدد مقاوم است و همچنین با استفاده از ابزار AVISPA و در مدل تهدید Dolev-Yao امن میباشد. ریسکهای امنیتی این روش در مقایسه با روشهای سبکوزن دیگر کم است. در ضمن طرح پیشنهادی باعث کاهش هزینه محاسباتی، حفظ حریم خصوصی از طریق گمنامی گرهها و فراهمآوردن رازداری رو به جلو میشود. در روش ما، هزینه زمانی احراز هویت نسبت به روشهای بررسیشده 15% کاهش یافته است.
[1] D. G. O. Rourke, Internet of Things (IoT) Cybersecurity Colloquium Internet of Things Cybersecurity Colloquium, 2017.
[2] M. Ammar, G. Russello, and B. Crispo, "Internet of Things: a survey on the security of IoT frameworks," J. Inf. Secur. Appl., vol. 38, no. 1, pp. 8-27, Feb. 2018.
[3] J. Li, Y. Qu, F. Chao, H. P. H. Shum, E. S. L. Ho, and L. Yang, "Machine learning algorithms for network intrusion detection," In L. F. Sikos (Ed.), AI in Cybersecurity, pp. 151-179, Vol. 151, Springer, 1989.
[4] R. Mahmoud, T. Yousuf, F. Aloul, and I. Zualkernan, "Internet of Things (IoT) security : current status, challenges and prospective Measures," in Proc. 10th In. Conf. for Internet Technology and Secured Transactions, ICITST’15, pp. 336-341, London, UK, 14-16 2015.
[5] M. F. Aziz, A. N. Khan, J. Shuja, I. A. Khan, F. G. Khan, and A. ur R. Khan, "A lightweight and compromise-resilient authentication scheme for IoTs," Trans. on Emerging Telecommunications Technologies, vol. 33, no. 3, pp. 1-17, Nov. 2019.
[6] M. Abomhara and G. M. Køien, "Security and privacy in the Internet of Things: current status and open issues," in Proc. Int. Conf. Priv. Secur. Mob. Syst., 8 pp., Aalborg, Denmark, 11-14 May 2014.
[7] I. Alqassem and D. Svetinovic, "A taxonomy of security and privacy requirements for the Internet of Things (IoT)," in Proc. IEEE Int. Conf. Ind. Eng. Eng. Manag., pp. 1244-1248, Bandar Sunway, Malaysia, 9-12 Dec. 2014.
[8] Y. H. Chuang, N. W. Lo, C. Y. Yang, and S. W. Tang, "A lightweight continuous authentication protocol for the Internet of Things," Sensors, vol. 18, no. 4, pp. 1-26, Apr. 2018.
[9] I. Traore, et al., "Dynamic sample size detection in learning command line sequence for continuous authentication," IEEE Trans. Syst. Man, Cybern. Part Bvol. 42, no. 5, pp. 1343-1356, Oct. 2012.
[10] S. Mondal and P. Bours, "Continuous authentication in a real world settings," in Proc. 8th Int. Conf. on Advances in Pattern Recognition, ICAPR’15, 6 pp., Kolkata, India, 4-7 Jan. 2015.
[11] A. B. Buduru and S. S. Yau, "An effective approach to continuous user authentication for touch screen smart devices," in Proc. IEEE Int. Conf. on Software Quality, Reliability and Security, QRS’15, pp. 219-226, Vancouver, Canada, 3-5Aug. 2015.
[12] S. Mondal and P. Bours, "Continuous authentication and identification for mobile devices: combining security and forensics," in Proc. IEEE Int.Workshop on Information Forensics and Security, WIFS’15, 6 pp., Rome, Italy, 16-19 Nov. 2015.
[13] M. L. Brocardo, I. Traore, and I. Woungang, "Toward a framework for continuous authentication using stylometry," in Proc. IEEE 28th Int. Conf. on Advanced Information Networking and Applications, pp. 106-115, Victoria, Canada, 13-16 May 2014.
[14] C. Shen, Z. Cai, and X. Guan, "Continuous authentication for mouse dynamics: a pattern-growth approach," in Proc. IEEE/IFIP Int. Conf. on Dependable Systems and Networks, DSN’12, 12 pp., Boston, MA, USA, 25-28 Jun. 2012.
[15] O. O. Bamasag and S. Arabia, "Towards continuous authentication in internet of things based on secret sharing scheme, " in Proc. of the Workshop on Embedded Systems Security, WESS’15, 8 pp., Amsterdam, The Netherlands, 4-9 Oct 2015.
[16] H. Sethi, M. Arkko, J. Keranen, and A. Back, Practical Considerations and Implementation Experiences in Securing Smart Object Networks. Draft-Ietf-Lwig-Crypto-Sensors-06, 2018.
[17] C. Bormann, M. Ersue, and A. Kernen, Terminology for Constrained-Node Networks, no. 7228. RFC Editor, May 2014.
[18] T. Kothmayr, C. Schmitt, W. Hu, M. Brünig, and G. Carle, "DTLS based security and two-way authentication for the Internet of Things," Ad Hoc Networks, vol. 11, no. 8, pp. 2710-2723, Nov. 2013.
[19] E. Rescorla and N. Modadugu, Datagram Transport Layer Security Version 1.2. RFC 6347, Internet Engineering Task Force (IETF). 2012.
[20] P. Gope and T. Hwang, "Untraceable sensor movement in distributed IoT infrastructure," IEEE Sens. J., vol. 15, no. 9, pp. 5340-5348, Sept. 2015.
[21] Y. Kawamoto, H. Nishiyama, N. Kato, Y. Shimizu, A. Takahara, and T. Jiang, "Effectively collecting data for the location-based authentication in Internet of Things," IEEE Syst. J., vol. 11, no. 3, pp. 1403-1411, Sept. 2017.
[22] M. Durairaj and K. Muthuramalingam, "A new authentication scheme with elliptical curve cryptography for Internet of Things (IoT) environments," Int. J. Eng. Technol., vol. 7, no. 2, pp. 119-124, 2018.
[23] M. T. Hammi, B. Hammi, P. Bellot, and A. Serhrouchni, "Bubbles of trust: a decentralized blockchain-based authentication system for IoT," Comput. Secur., vol. 78, no. 1, pp. 126-142, Jul. 2018.
[24] S. Banerjee, V. Odelu, A. K. Das, S. Chattopadhyay, and Y. Park, "An efficient, anonymous and robust authentication scheme for smart home environments," Sensors, vol. 20, no. 4, pp. 1-19, Feb. 2020.
[25] M. Shuai, N. Yu, H. Wang, and L. Xiong, "Anonymous authentication scheme for smart home environment with provable security," Comput. Secur., vol. 86, no. 3, pp. 132-146, Sept. 2019.
[26] T. Shimshon, R. Moskovitch, L. Rokach, and Y. Elovici, "Continuous verification using keystroke dynamics," in Proc. Int. Conf. on Computational Intelligence and Securitypp. 411-415, Nanning, China, 11-14 Dec.2010.
[27] P. Porambage, C. Schmitt, P. Kumar, A. Gurtov, and M. Ylianttila, "Two-phase authentication protocol for wireless sensor networks in distributed IoT applications," in Proc. IEEE Wireless Communications and Networking Conf., WCNC’14, pp. 2728-2733, Istanbul, Turkey, 6-9 Apr. 2014.
[28] K. O. Bailey, J. S. Okolica, and G. L. Peterson, "User identification and authentication using multi-modal behavioral biometrics," Comput. Secur., vol. 43pp. 77-89, Mar. 2014.
[29] G. Peng, G. Zhou, D. T. Nguyen, X. Qi, Q. Yang, and S. Wang, "Continuous authentication with touch behavioral biometrics and voice on wearable glasses," IEEE Trans. Human-Machine Syst., vol. 47, no. 3, pp. 404-416, Jun. 2017.
[30] K. Niinuma, U. Park, and A. K. Jain, "Soft biometric traits for continuous user authentication," IEEE Trans. Inf. Forensics Secur., vol. 5, no. 4, pp. 771-780, Dec. 2010.
[31] K. Mock, J. Weaver, and M. Milton, "Real-time continuous iris recognition for authentication using an eye tracker," in Proc. of the 2012 ACM Conf. on Computer and Communications Security, CCS’12, pp. 1007-1009, Raleigh, NC, USA, 16-18 Oct. 2012.
[32] L. Zhou, C. Su, W. Chiu, and K. Yeh, "You think, therefore you are: transparent authentication system with brainwave-oriented bio-features for IoT networks," IEEE Trans. Emerg. Top. Comput., vol. 8, no. 2, pp. 303-312, Apr. 2020.
[33] P. N. Mahalle, N. R. Prasad, and R. Prasad, "Threshold cryptography-based group authentication (TCGA) scheme for the Internet of Things (IoT)," in Proc. 4th Inte. Conf. on Wireless Communications, Vehicular Technology, Information Theory and Aerospace & Electronic Systems, VITAE’14, 5 pp., Aalborg, Denmark, 11-14 May 2014.
[34] S. Seitz, L. Gerdes, S. Selander, G. Mani, and M. Kumar, Use Cases for Authentication and Authorization in Constrained Environments, RFC 7744, Internet Engineering Task Force (IETF). 2016.
[35] H. Khemissa and D. Tandjaoui, "A lightweight authentication scheme for E-health applications in the context of Internet of Things," in Proc. 9th Int. Conf. Next Gener. Mob. Appl. Serv. Technol., pp. 90-95, Cambridge, UK, 9-11 Sept. 2015.
[36] H. Khemissa and D. Tandjaoui, "A novel lightweight authentication scheme for heterogeneous wireless sensor networks in the context of Internet of Things," in Proc. Wirel. Telecommun. Symp., 6 pp., London, UK, 18-20 Apr. 2016.
[37] M. Hamada, S. Kumari, and A. Kumar, "Secure anonymous mutual authentication for star two-tier wireless body area networks," Comput. Methods Programs Biomed., vol. 135, pp. 37-50, Jul. 2016.
[38] C. Chen, B. Xiang, T. Wu, and K. Wang, "An anonymous mutual authenticated key agreement scheme for wearable sensors in wireless body area networks," Appl. Sci. (Basel), vol. 8, no. 7, pp. 1-15, Jul. 2018.
[39] Z. Xu, C. Xu, W. Liang, J. Xu, and H. Chen, "A lightweight mutual authentication and key agreement scheme for medical Internet of Things," IEEE Access, vol. 7, pp. 53922-53931, 2019.
[40] S. Swain, Priority Based Rate Control in Wireless Sensor Networks, 2013.
[41] A. Armando, D. Basin, Y. Boichut, Y. Chevalier, and L. Compagna, "The AVISPA Tool for the Automated Validation," in Proc. Int. Conf. on Computer Aided Verification, CAV’05, pp. 281-285, Edinburgh, Scotland, UK, 6-10 Jul. 2005.
[42] D. Dolev and A. Yao, "On the security of public key protocols," IEEE Trans. Inf. Theory, vol. 29, no. 2, pp. 198-208, Mar. 1983.
[43] R. Amin and G. P. Biswas, "A secure light weight scheme for user authentication and key agreement in multi-gateway based wireless sensor networks," Ad Hoc Networks, vol. 36no. 1, pp. 58-80, Jun. 2016.
