Attack Resilience Research Articles

Comments on “Insider Attack Protection: Lightweight Password-Based Authentication Techniques Using ECC”

The radical progress in web services has drained more attraction towards escalating the security of several applications that serve and interact with the Internet users. In order to get authenticated from servers, the users must disclose their secret information to the server such as password and username so that they can access distinct applications on the Web. Due to distinct security attacks, such secret credentials should be discouraged from being revealed. Moreover, it is vibrant to secure the systems from known attacks. In contrast to all known security attacks, the insider attack is considered devastating because the privileged insiders of a system can violate the secret credentials, which may lead towards irrecoverable damage to both the system and the user. Therefore, to ensure the security of the system from insider attacks, different protocols have been proposed. Very recently, Rajamanickam et al. “Insider attack protection: Lightweight password-based authentication techniques using ECC,” presented novel authentication scheme for insider attack protection. They claimed that their protocol not only prevents insider attack but it is also immune to several known security attacks. This comment discloses the non-trivial weaknesses in the authentication phase between client and server. We have identified that the adversary can successfully impersonate the entities communicating with each other through this protocol. Moreover, their protocol fails to offer forward and backward secrecy. Consequently, we suggest possible solution for attack resilience.

Increased Output Corruption and Structural Attack Resilience for SAT Attack Secure Logic Locking

Current out-of-cone logic locking methodologies provide resilience against the satisfiability (SAT) attack with minimal corruption of the outputs when comparing an activated and locked integrated circuit (IC). In addition, the structure of the modifications to the original logic leaks functional information of the circuit, which allows an adversary to determine the correct key. A novel logic locking methodology, CORruption adaptable logic locking (CORALL), is introduced in this article that provides increased security against the SAT attack for modified logic cones that require a large corruption of the primary outputs of the circuit, where the corruption is quantified by comparing between an activated and locked state of the IC. In addition, the modifications to the logic cone utilized by CORALL provide increased resilience against structural attacks. The CORALL architecture increases the number of iterations required to successfully execute a SAT attack for a flip function with 20 inputs by 34.41× over SFLL-HD n/4 and 82.36× over SFLL-Flex. In addition, a protected-cube selection process based on iterative cofactors is introduced, which provides varying logical functions of the perturb unit and maps portions of the logic of the perturb unit into the look-up tables (LUTs) of the CORALL architecture. The variation in the logical functions implemented by the perturb unit and the mapped functionality of the perturb unit into a LUT provide resistance to all current structural attacks on out-of-cone logic locking techniques.

Efficient NTRU Lattice-Based Certificateless Signature Scheme for Medical Cyber-Physical Systems.

An electronic health (e-health) system, such as a medical cyber-physical system, offers a number of benefits (e.g. inform medical diagnosis). There are, however, a number of considerations in the implementation of the medical cyber-physical system, such as the integrity of medical / healthcare data (e.g. manipulated data can result in misdiagnosis). A number of digital signature schemes have been proposed in recent years to mitigate some of these challenges. However, the security of existing signatures is mostly based on conventional difficult mathematical problems, which are known to be insecure against quantum attacks. In this paper, we propose a certificateless signature scheme, based on NTRU lattice. The latter is based on the difficulty of small integer solutions on the NTRU lattice, and is known to be quantum attack resilience. Security analysis and performance evaluations demonstrate that our proposed scheme achieves significantly reduced communication and computation costs in comparison to two other competing quantum resilience schemes, while being quantum attack resilience.

Comments on “Toward Secure and Provable Authentication for Internet of Things: Realizing Industry 4.0”

Internet of Things (IoT) is the next era of communication networks. The concept of IoT is that everything within the global communication network is interconnected and accessible. Since IoT has various applications, including Industry 4.0. Therefore, upcoming and existing IoT applications are highly auspicious to enhance the level of automation, efficiency, and comfort for the users. However, to a certain extent, there are numerous challenges while deploying IoT devices in the Industry 4.0, like IoT devices are assumed to have inadequate resources to support security solutions. Therefore, in order to protect the communication environment, an efficient and lightweight security solution is needed. Recently, on the basis of a hierarchical approach, Garg et al. presented a lightweight, robust key agreement, and provably secure authentication protocol for the IoT environment. Their introduced protocol relies on lightweight operations, including XOR operation, concatenation, hash function, physically unclonable function (PUF), and elliptic curve cryptography. However, in this comment, we point out the security loopholes of Garg et al. ’s protocol and show that it is vulnerable to the IoT-node impersonation attack. Moreover, it has irrelevant generation and usage of some parameters. Therefore, we put forward some valuable suggestions for attack resilience.

Mutual Authentication using improved Chaotic Maps to remove packet dropping attack from MANETs

Background: MANET is self-organized wireless network with no infrastructure. Especially data transfer from one system to another system needs to be done in a secure way. In order to provide data integrity, authentication plays an important role in data communication. RSA, ECC are widely used algorithms in real world but authentication using these algorithms is time consuming. Towards this, various algorithms came into existence with different security primitives. However, it is important to study the key agreement process among these security mechanisms. We have studied the patents related to secure end to end communication in MANET. Methods: Therefore our aim is to design chaos based mutual authentication algorithm that takes less time than these existing algorithms and evaluate with respect to attack resiliency, Packet delivery fraction, delay, throughput and overhead. Results:: Simulation results show the result of the proposed mechanism and gives better performance in terms of said parameters. Conclusion: Comparison of proposed system presents better results when compared to RSA, ECC in terms of key generation mechanism.

Obfuscating spatial point tracks with simulated crowding

ABSTRACT Spatial point tracks are of concern for an increasing number of analysts studying spatial behaviour patterns and environmental effects. Take an epidemiologist studying the behaviour of cyclists and how their health is affected by the city’s air quality. The accuracy of such analyses critically depends on the positional accuracy of the tracked points. This poses a serious privacy risk. Tracks easily reveal a person’s identity since the places visited function as fingerprints. Current obfuscation-based privacy protection methods, however, mostly rely on point quality reduction, such as spatial cloaking, grid masking or random noise, and thus render an obfuscated track less useful for exposure assessment. We introduce simulated crowding as a point quality preserving obfuscation principle that is based on adding fake points. We suggest two crowding strategies based on extending and masking a track to defend against inference attacks. We test them across various attack strategies and compare them to state-of-the-art obfuscation techniques both in terms of information loss and attack resilience. Results indicate that simulated crowding provides high resilience against home attacks under constantly low information loss.

An Efficient Lightweight Authentication Scheme With Adaptive Resilience of Asynchronization Attacks for Wireless Sensor Networks

Until now, the pseudonym ID and one-time hash chain as the key technologies solve anonymous and forward secrecy properties, respectively, in lightweight authentication protocols for wireless sensor networks (WSNs) environment. However, both techniques have to face the limitation of asynchronization attack, which will cause the pseudonym ID and one-time hash chain value between participants to be loss of synchronization when the transmitted message is blocked. Most recently, a serial of lightweight anonymous authentication scheme with forward secrecy (LAASFS) have been built to resolve this problem. Unfortunately, they failed to handle this question satisfactorily. Besides, most of them are still vulnerable to smart card loss attack (SCLA). In this article, to address these issues and make more effective, we combine pseudonym ID, one-time hash chain and tag techniques to construct an LAASFS for WSNs environment. The proposed LAASFS can be adaptive resilience of asynchronization attacks. In addition, it is also able to resist a variety of known attacks like SCLA and wrong password login attack. Formal analyses are taken by BAN logic and ProVerif tool to demonstrate the security of properties of our LAASFS. Compared with several previous related schemes, the proposed LAASFS possesses obvious advantages in computation and communication costs.

Trust framework for attack resilience in MANET using AODV

Mobile Ad-hoc network (MANET) is a collection of arbitrary moving autonomous nodes having routing capabilities. Theoretically, nodes are expected to cooperate with each other to facilitate communication with not directly connected nodes but in real scenario some of the nodes may be malicious. These compromised /malicious nodes may be part of the network or any other node trying to intrude in the network. A trust based framework is proposed in this paper to make the network resilient to malicious nodes. Trust is calculated using route request and route reply counter to make it simple and scalable. Ad Hoc On- Demand Distance Vector (AODV) routing protocol is used as the basic protocol. Performance analysis is done by varying malicious node density and calculating packet loss & average packet delay. It shows that the proposed framework along with trust calculating mechanism is giving better results as compared to basic routing protocol AODV in the presence of malicious nodes.

Global Synchronization of Pulse-Coupled Oscillator Networks Under Byzantine Attacks

Synchronization of pulse-coupled oscillators (PCOs) has gained significant attention recently due to their increased applications in sensor networks and wireless communications. Given the distributed and unattended nature of wireless sensor networks, it is imperative to enhance the resilience of PCO synchronization against malicious attacks. However, most existing results on attack-resilient pulse-based synchronization are obtained under assumptions of all-to-all coupling topologies or restricted initial phase distributions. In this paper, we propose a new pulse-based synchronization mechanism to improve the attack resilience of PCO synchronization that is applicable to non-all-to-all networks. Under the proposed synchronization mechanism, we prove that perfect synchronization of legitimate oscillators can be guaranteed in the presence of multiple Byzantine attackers who can emit attack pulses arbitrarily without any constraint except that practical bit rate constraint renders the number of pulses from an attacker to be finite. The new mechanism can guarantee synchronization even when the initial phases of all legitimate oscillators are arbitrarily distributed in the entire oscillation period, which is in distinct difference from most existing attack-resilient synchronization approaches (including the seminal paper from Lamport and Melliar-Smith [1]) that require a priori (almost) synchronization among legitimate oscillators. Numerical simulation results are given to confirm the theoretical results.

A Secure and Reliable Device Access Control Scheme for IoT Based Sensor Cloud Systems

Among other security concerns, the reliable device to device direct communication is an important research aspect in sensor cloud system application of Internet of things (IoT). The access control mechanism can ensure the reliability through secure communication among two IoT devices without mediation of intermediate agent. Mainly, it requires twofold strategy involving the authentication of each other and session key establishment. Quite recently, in 2019, Das <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">et al.</i> proposed a certificate based lightweight access control and key agreement scheme for IoT devices (LACKA-IoT) to ensure smooth and secure access control and claimed LACKA-IoT to withstand the several attacks. Specifically, it is claimed that LACKA-IoT can resist device impersonation and man in middle attacks. However, the proof in this article refutes their claim and it is shown here, that LACKA-IoT is insecure against both device impersonation and man in middle attacks. An adversary just by using public parameters and by listening the communication channel can impersonate any device. Moreover, the same can also launch successful man in middle attack using public parameters and listened messages from public channel. An improved protocol iLACKA-IoT is then proposed in the paper. The iLACKA-IoT provides resistance against various types of threats and provides the required level of security, for evidence both formal validation through random or real (ROR) model as well as the informal validation through discussion on attack resilience is provided. The iLACKA-IoT is not only better in security but also provides performance efficiency as compared with LACKA-IoT and related schemes.

Securing Demand Response Management: A Certificate-Based Access Control in Smart Grid Edge Computing Infrastructure

The edge computing infrastructure has enabled a massive amount of data in the smart grid environment by a large number of connected automated devices to be processed at the edge of the network in proximity to the data generation source. The demand response management is a fundamental requirement for an efficient and reliable smart grid environment, which can be accomplished by the transfer of data between smart devices and the utility center (UC) in a smart city, very frequently. However, this frequent data transfer is subject to multiple threats including the tempering. Several authentication schemes were proposed to secure smart grid environment. However, many such schemes are either insecure or lack the required efficiency. To counter the threats and to provide efficiency, a new authentication scheme for demand response management (DRMAS) is proposed in this paper. DRMAS provides all necessary security requirements and resists known attacks. The proposed DRMAS is provably secure under formal analysis supplemented by a brief discussion on attack resilience. Moreover, the DRMAS completes the authentication procedure in just 20.11 ms by exchanging only 2 messages.

Federated Variance-Reduced Stochastic Gradient Descent With Robustness to Byzantine Attacks

This paper deals with distributed finite-sum optimization for learning over networks in the presence of malicious Byzantine attacks. To cope with such attacks, most resilient approaches so far combine stochastic gradient descent (SGD) with different robust aggregation rules. However, the sizeable SGD-induced stochastic gradient noise makes it challenging to distinguish malicious messages sent by the Byzantine attackers from noisy stochastic gradients sent by the 'honest' workers. This motivates us to reduce the variance of stochastic gradients as a means of robustifying SGD in the presence of Byzantine attacks. To this end, the present work puts forth a Byzantine attack resilient distributed (Byrd-) SAGA approach for learning tasks involving finite-sum optimization over networks. Rather than the mean employed by distributed SAGA, the novel Byrd- SAGA relies on the geometric median to aggregate the corrected stochastic gradients sent by the workers. When less than half of the workers are Byzantine attackers, the robustness of geometric median to outliers enables Byrd-SAGA to attain provably linear convergence to a neighborhood of the optimal solution, with the asymptotic learning error determined by the number of Byzantine workers. Numerical tests corroborate the robustness to various Byzantine attacks, as well as the merits of Byrd- SAGA over Byzantine attack resilient distributed SGD.

Comments on “Biometrics-Based Privacy-Preserving User Authentication Scheme for Cloud-Based Industrial Internet of Things Deployment”

Very recently, Das et al. (IEEE Internet of Things Journal, pp. 4900–4913, 5(6), DOI: 10.1109/JIOT.2018.2877690, 2018) presented a biometric-based solution for security and privacy in Industrial Internet of Things architecture. Das et al. claimed that their protocol is secure against known attacks. However, this comment shows that their protocol is defenseless against stolen verifier, stolen smart device, and traceability attacks. The attacker having access to public parameters and any of the verifier and parameters stored in smart device can easily expose the session key shared among the user and the smart device. Moreover, their protocol fails to provide perfect forward secrecy. Finally, this article also provides some necessary guidelines on attack resilience for the authentication schemes based on merely the symmetric key primitives, which are overlooked by Das et al.

Attack-Resilient Event-Triggered Controller Design of DC Microgrids Under DoS Attacks

This paper is concerned with the attack-resilient event-triggered controller design problem of a DC microgrid with multiple nonlinear constant power loads and intermittent denial-of-service (DoS) attacks. First, for a resource efficiency purpose, an event-triggering communication scheme is delicately devised in such a way to only invoke the data transmission over the communication line when the DoS attack is inactive. Second, via characterizing the DoS active and inactive time intervals, a new switching piecewise system model for the nonlinear DC microgrid system is presented. Third, a numerically efficient design criterion on the existence of the desired attack-resilient event-triggered controller is established. It is further shown that various performance indices including resource efficiency, attack resilience, robustness against disturbance, sampling performance of the DC microgrid system can be evaluated in a unified framework. Finally, an illustrative example is given to verify the effectiveness of the proposed control design method for the DC microgrid.

Server-Aided Attribute-Based Signature Supporting Expressive Access Structures for Industrial Internet of Things

Existing server-aided attribute-based signature (SA-ABS) to secure industrial Internet of Things (IIoT)-oriented applications raise challenges such as achieving collusion attack resilience and realizing expressive linear secret-sharing scheme (LSSS) access structures. In this paper, we positively address these challenges by proposing a novel SA-ABS for IIoT. Distinct from the existing works in this field, our SA-ABS protocol not only allows to delegate the heavy calculation in both signature generation and verification to a third-party server, but also resists the collusion attack and realizes expressive LSSS access structures. The formal proof about the unforgeability of the proposed SA-ABS has been given on the basis of the standard model. Theoretical analysis as well as experimental simulation reveal the fact that the proposed SA-ABS is feasible and efficient.

CAS-Lock: A Security-Corruptibility Trade-off Resilient Logic Locking Scheme

Logic locking has recently been proposed as a solution for protecting gatelevel semiconductor intellectual property (IP). However, numerous attacks have been mounted on this technique, which either compromise the locking key or restore the original circuit functionality. SAT attacks leverage golden IC information to rule out all incorrect key classes, while bypass and removal attacks exploit the limited output corruptibility and/or structural traces of SAT-resistant locking schemes. In this paper, we propose a new lightweight locking technique: CAS-Lock (cascaded locking) which nullifies both SAT and bypass attacks, while simultaneously maintaining nontrivial output corruptibility. This property of CAS-Lock is in stark contrast to the well-accepted notion that there is an inherent trade-off between output corruptibility and SAT resistance. We theoretically and experimentally validate the SAT resistance of CAS-Lock, and show that it reduces the attack to brute-force, regardless of its construction. Further, we evaluate its resistance to recently proposed approximate SAT attacks (i.e., AppSAT). We also propose a modified version of CAS-Lock (mirrored CAS-Lock or M-CAS) to protect against removal attacks. M-CAS allows a trade-off evaluation between removal attack and SAT attack resiliency, while incurring minimal area overhead. We also show how M-CAS parameters such as the implemented Boolean function and selected key can be tuned by the designer so that a desired level of protection against all known attacks can be achieved.

A Physically Unclonable Function Using Soft Oxide Breakdown Featuring 0% Native BER and 51.8 fJ/bit in 40-nm CMOS

This paper presents a physically unclonable function (PUF) based on the randomness of soft gate oxide breakdown (BD) locations in MOSFETs, namely, soft-BD PUF. The proposed PUF circuit features a self-limiting mechanism that generates exactly one soft-BD spot in a pair of NMOS transistors. Highly stable “0” and “1” bits with an equal probability of 0.5 are extracted based on the locations of the generated BDs. A differential readout scheme is employed based on the proposed reference-free sense amplifier (SA), resulting in good current sensitivity and side-channel attack resilience. The soft-BD PUF, fabricated in a 40-nm CMOS process, comprises all essential periphery circuits. Measurements show that the soft-BD PUF has good data stability in a wide operating range. The native bit error rate is 0% for V <sub xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">DD</sub> = 1 V and above, shown by measuring 10k readout cycles among 10k PUF cells. Data stability degrades at lower supply voltage and higher temperature due to the conductivity of PUF cells and the offset of SAs. Under the nominal V <sub xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">DD</sub> of 0.9 V in this technology, the throughput is shown to be at least 40 Mb/s and the PUF readout consumes only 51.8 fJ/bit. The averaged hamming weight and hamming distance are 0.497 and 0.496, respectively, showing a good randomness and uniqueness. The resulting PUF data show good statistical properties by passing all the relevant tests in the NIST 800-22 suite.

Characterization of In-Cone Logic Locking Resiliency Against the SAT Attack

The resiliency of in-cone logic locking techniques to the satisfiability (SAT) attack is characterized in this paper. An analysis of the parameters of the SAT solver that impact security and a characterization of the effect netlist topology has on the security of the circuit is presented. The analysis of SAT solver parameters and logic structure is used to develop three novel logic locking gate selection algorithms based on maximum fanout free cones (MFFCs) and gate controllability for circuits implementing XOR, look-up table (LUT), and $2\times 1$ MUX-based logic obfuscation. The XOR, LUT, and MUX MFFC-based algorithms resulted in an average increase of, respectively, 61.8%, 123.6%, and 38.5% in the minimum number of iterations required to complete the SAT attack across 1,000 different variable orderings of the netlist while applying the locking techniques to 5% of the gates within the netlist. In addition, the SAT attack resiliency and output corruption of the developed algorithms are compared with out-of-cone locking techniques.

Fast and Secure Medical Image Encryption Based on Non Linear 4D Logistic Map and DNA Sequences (NL4DLM_DNA).

This paper proposes an innovative image cryptosystem algorithm using the properties of the block encryption, 4D logistic map and DNA systems. Multiple key sequences are generated and pixel substitution is performed by using nonlinear 4D logistic map, then encryption is performed by using DNA rules to ensure that the different blocks are encrypted securely. The results of the experiment indicate that the proposed Non Linear 4D Logistic Map and DNA (NL4DLM_DNA) sequence based algorithm gives better performance, which is analyzed on the basis of security, quality, attack resilience, diffusion and running time as compared to some previous works.

White-Box Implementation of Shamir’s Identity-Based Signature Scheme

Digital signature schemes have been extensively studied in the literature, where a large number of such schemes with different properties have been designed for different applications. For example, identity-based signature (IBS) schemes can efficiently map a user’s digital public key to his/her real-world identity (e.g., e-mail address). However, existing implementations of IBS schemes are not generally designed for white-box security (WBS), particularly concerning the protection of the private key when special attackers have full access to the execution environment. Therefore, in this paper, we propose the first white-box implementation for the classical Shamir’s IBS scheme. The basic idea is to utilize a mathematical transformation for embedding private key into some special tables, such that the original private key could be “invisible” during the execution process. We then analyze the security requirements achieved in our implementation, including the conventional black-box security under the random oracle model and WBS (e.g., key recovery attack resilience). This is the first IBS scheme implementation that satisfies WBS. It is also shown from the simulation that the implementation incurs a constant computational cost, which is realistic in deployments where a high security level is required.