Blockchain-Based Privacy Preservation Scheme for Misbehavior Detection in Lightweight IoMT Devices.

The Internet of Medical Things (IoMT) has risen to prominence as a possible backbone in the health sector, with the ability to improve quality of life by broadening user experience while enabling crucial solutions such as near real-time remote diagnostics. However, privacy and security problems remain largely unresolved in the safety area. Various rule-based methods have been considered to recognize aberrant behaviors in IoMT and have demonstrated high accuracy of misbehavior detection appropriate for lightweight IoT devices. However, most of these solutions have privacy concerns, especially when giving context during misbehavior analysis. Moreover, falsified or modified context generates a high percentage of false positives and sometimes causes a by-pass in misbehavior detection. Relying on the recent powerful consolidation of blockchain and federated learning (FL), we propose an efficient privacy-preserving framework for secure misbehavior detection in lightweight IoMT devices, particularly in the artificial pancreas system (APS). The proposed approach employs privacy-preserving bidirectional long-short term memory (BiLSTM) and augments the security through integrating blockchain technology based on Ethereum smart contract environment. The effectiveness of the proposed model is bench-marked empirically in terms of sustainable privacy preservation, commensurate incentive scheme with an untraceability feature, exhaustiveness, and the compact results of a variant neural network approach. As a result, the proposed model has a 99.93% recall rate, showing that it can detect virtually all possible malicious events in the targeted use case. Furthermore, given an initial ether value of 100, the solution's average gas consumption and Ether spent are 84,456.5 and 0.03157625, respectively.

Can Formal Security Verification Really Be Optional? Scrutinizing the Security of IMD Authentication Protocols.

The need for continuous monitoring of physiological information of critical organs of the human body, combined with the ever-growing field of electronics and sensor technologies and the vast opportunities brought by 5G connectivity, have made implantable medical devices (IMDs) the most necessitated devices in the health arena. IMDs are very sensitive since they are implanted in the human body, and the patients depend on them for the proper functioning of their vital organs. Simultaneously, they are intrinsically vulnerable to several attacks mainly due to their resource limitations and the wireless channel utilized for data transmission. Hence, failing to secure them would put the patient's life in jeopardy and damage the reputations of the manufacturers. To date, various researchers have proposed different countermeasures to keep the confidentiality, integrity, and availability of IMD systems with privacy and safety specifications. Despite the appreciated efforts made by the research community, there are issues with these proposed solutions. Principally, there are at least three critical problems. (1) Inadequate essential capabilities (such as emergency authentication, key update mechanism, anonymity, and adaptability); (2) heavy computational and communication overheads; and (3) lack of rigorous formal security verification. Motivated by this, we have thoroughly analyzed the current IMD authentication protocols by utilizing two formal approaches: the Burrows-Abadi-Needham logic (BAN logic) and the Automated Validation of Internet Security Protocols and Applications (AVISPA). In addition, we compared these schemes against their security strengths, computational overheads, latency, and other vital features, such as emergency authentications, key update mechanisms, and adaptabilities.

Drone Secure Communication Protocol for Future Sensitive Applications in Military Zone.

Unmanned Aerial Vehicle (UAV) plays a paramount role in various fields, such as military, aerospace, reconnaissance, agriculture, and many more. The development and implementation of these devices have become vital in terms of usability and reachability. Unfortunately, as they become widespread and their demand grows, they are becoming more and more vulnerable to several security attacks, including, but not limited to, jamming, information leakage, and spoofing. In order to cope with such attacks and security threats, a proper design of robust security protocols is indispensable. Although several pieces of research have been carried out with this regard, there are still research gaps, particularly concerning UAV-to-UAV secure communication, support for perfect forward secrecy, and provision of non-repudiation. Especially in a military scenario, it is essential to solve these gaps. In this paper, we studied the security prerequisites of the UAV communication protocol, specifically in the military setting. More importantly, a security protocol (with two sub-protocols), that serves in securing the communication between UAVs, and between a UAV and a Ground Control Station, is proposed. This protocol, apart from the common security requirements, achieves perfect forward secrecy and non-repudiation, which are essential to a secure military communication. The proposed protocol is formally and thoroughly verified by using the BAN-logic (Burrow-Abadi-Needham logic) and Scyther tool, followed by performance evaluation and implementation of the protocol on a real UAV. From the security and performance evaluation, it is indicated that the proposed protocol is superior compared to other related protocols while meeting confidentiality, integrity, mutual authentication, non-repudiation, perfect forward secrecy, perfect backward secrecy, response to DoS (Denial of Service) attacks, man-in-the-middle protection, and D2D (Drone-to-Drone) security.

TrMAps: Trust Management in Specification-Based Misbehavior Detection System for IMD-Enabled Artificial Pancreas System.

Advances of implantable medical devices (IMD) are transforming the traditional method of providing medical treatment, especially those patients under the most challenging condition. Accordingly, the IMD-enabled artificial pancreas system (APS) has now reached global market. It helped many patients suffering from chronic disease, called diabetes mellitus, in monitoring and maintaining blood glucose level conveniently. However, this advancement is accompanied by various security threats that place the life of patients at risk. Hence, protective measures, especially against yet unknown threats, are of paramount importance. This paper proposes a specification-based misbehavior detection system (SMDS) as an alternative solution to effectively mitigate security threats. Moreover, an outlier detection algorithm is also introduced to validate integrity of unprotected data transmitted by the different components. The monitor agent applies a smoothened-trust-based scheme to assess the trustworthiness of the APS. To demonstrate effectiveness of the proposed method, we first extend the UVA/Padova simulator for glucose-insulin data collection and subsequently simulate scenario with well-behave and malicious APS in MATLAB. The results show that there exists an optimal trust threshold that can achieve high specificity and sensitivity rate. Moreover, the proposed technique was compared to contemporary machine learning classifier including decision tree, support vector machine, k-nearest neighbor, and the SMDS called SMDAps. It is shown that our approach can dominate detection performance, especially to malicious behavior that manifests habitually (hidden mode).