SMDFbs: Specification-Based Misbehavior Detection for False Base Stations.

The advancement of cellular communication technology has profoundly transformed human life. People can now watch high-definition videos anytime, anywhere, and aim for the implementation of advanced autonomous driving capabilities. However, the sustainability of such an environment is threatened by false base stations. False base stations execute attacks in the Radio Access Network (RAN) of cellular systems, adversely affecting the network or its users. To address this challenge, we propose a behavior rule specification-based false base station detection system, SMDFbs. We derive behavior rules from the normal operations of base stations and convert these rules into a state machine. Based on this state machine, we detect network anomalies and mitigate threats. We conducted experiments detecting false base stations in a 5G RAN simulator, comparing our system with seven machine learning-based detection techniques. The experimental results showed that our proposed system achieved a detection accuracy of 98% and demonstrated lower overhead compared to other algorithms.

APSec1.0: Innovative Security Protocol Design with Formal Security Analysis for the Artificial Pancreas System.

The Medical Internet-of-Things (MIoT) has developed revolutionary ways of delivering medical care to patients. An example system, showing increasing demand, is the artificial pancreas system that offers convenience and reliable support care to patients with Type 1 Diabetes. Despite the apparent benefits, the system cannot escape potential cyber threats that may worsen a patient's condition. The security risks need immediate attention to ensure the privacy of the patient and preserve safe functionality. Motivated by this, we proposed a security protocol for the APS environment wherein support to essential security requirements is guaranteed, the security context negotiation is resource-friendly, and the protocol is resilient to emergencies. Accordingly, the security requirements and correctness of the design protocol were formally verified using BAN logic and AVISPA, and proved its feasibility through the emulation of APS in a controlled environment using commercial off-the-shelf devices. Moreover, the results of our performance analysis indicate that the proposed protocol is more efficient than the other existing works and standards.

Blockchain-Based Privacy Preservation Scheme for Misbehavior Detection in Lightweight IoMT Devices.

The Internet of Medical Things (IoMT) has risen to prominence as a possible backbone in the health sector, with the ability to improve quality of life by broadening user experience while enabling crucial solutions such as near real-time remote diagnostics. However, privacy and security problems remain largely unresolved in the safety area. Various rule-based methods have been considered to recognize aberrant behaviors in IoMT and have demonstrated high accuracy of misbehavior detection appropriate for lightweight IoT devices. However, most of these solutions have privacy concerns, especially when giving context during misbehavior analysis. Moreover, falsified or modified context generates a high percentage of false positives and sometimes causes a by-pass in misbehavior detection. Relying on the recent powerful consolidation of blockchain and federated learning (FL), we propose an efficient privacy-preserving framework for secure misbehavior detection in lightweight IoMT devices, particularly in the artificial pancreas system (APS). The proposed approach employs privacy-preserving bidirectional long-short term memory (BiLSTM) and augments the security through integrating blockchain technology based on Ethereum smart contract environment. The effectiveness of the proposed model is bench-marked empirically in terms of sustainable privacy preservation, commensurate incentive scheme with an untraceability feature, exhaustiveness, and the compact results of a variant neural network approach. As a result, the proposed model has a 99.93% recall rate, showing that it can detect virtually all possible malicious events in the targeted use case. Furthermore, given an initial ether value of 100, the solution's average gas consumption and Ether spent are 84,456.5 and 0.03157625, respectively.

5G-AKA-FS: A 5G Authentication and Key Agreement Protocol for Forward Secrecy.

5G acts as a highway enabling innovative digital transformation and the Fourth Industrial Revolution in our lives. It is undeniable that the success of such a paradigm shift hinges on robust security measures. Foremost among these is primary authentication, the initial step in securing access to 5G network environments. For the 5G primary authentication, two protocols, namely 5G Authentication and Key Agreement (5G-AKA) and Improved Extensible Authentication Protocol Method for 3rd Generation Authentication and Key Agreement (EAP-AKA'), were proposed and standardized, where the former is for 3GPP devices, and the latter is for non-3GPP devices. Recent scrutiny has unveiled vulnerabilities in the 5G-AKA protocol, exposing it to security breaches, including linkability attacks. Moreover, mobile communication technologies are dramatically evolving while 3GPP has standardized Authentication and Key Management for Applications (AKMA) to reuse the credentials, generated during primary authentication, for 5G network applications. That makes it so significant for 5G-AKA to be improved to support forward secrecy as well as address security attacks. In response, several protocols have been proposed to mitigate these security challenges. In particular, they tried to strengthen security by reusing secret keys negotiated through the Elliptic Curve Integrated Encryption Scheme (ECIES) and countering linkability attacks. However, they still have encountered limitations in completing forward secrecy. Motivated by this, we propose an augmentation to 5G-AKA to achieve forward security and thwart linkability attacks (called 5G-AKA-FS). In 5G-AKA-FS, the home network (HN), instead of using its static ECIES key pair, generates a new ephemeral key pair to facilitate robust session key negotiation, truly realizing forward security. In order to thoroughly and precisely prove that 5G-AKA-FS is secure, formal security verification is performed by applying both BAN Logic and ProVerif. As a result, it is demonstrated that 5G-AKA-FS is valid. Besides, our performance comparison highlights that the communication and computation overheads are intrinsic to 5G-AKA-FS. This comprehensive analysis showcases how the protocol effectively balances between security and efficiency.

Decentralized Policy Coordination in Mobile Sensing with Consensual Communication.

In a typical mobile-sensing scenario, multiple autonomous vehicles cooperatively navigate to maximize the spatial-temporal coverage of the environment. However, as each vehicle can only make decentralized navigation decisions based on limited local observations, it is still a critical challenge to coordinate the vehicles for cooperation in an open, dynamic environment. In this paper, we propose a novel framework that incorporates consensual communication in multi-agent reinforcement learning for cooperative mobile sensing. At each step, the vehicles first learn to communicate with each other, and then, based on the received messages from others, navigate. Through communication, the decentralized vehicles can share information to break through the dilemma of local observation. Moreover, we utilize mutual information as a regularizer to promote consensus among the vehicles. The mutual information can enforce positive correlation between the navigation policy and the communication message, and therefore implicitly coordinate the decentralized policies. The convergence of this regularized algorithm can be proved theoretically under certain mild assumptions. In the experiments, we show that our algorithm is scalable and can converge very fast during training phase. It also outperforms other baselines significantly in the execution phase. The results validate that consensual communication plays very important role in coordinating the behaviors of decentralized vehicles.

A Secrecy Transmission Protocol with Energy Harvesting for Federated Learning.

In federated learning (FL), model parameters of deep learning are communicated between clients and the central server. To better train deep learning models, the spectrum resource and transmission security need to be guaranteed. Toward this end, we propose a secrecy transmission protocol based on energy harvesting and jammer selection for FL, in which the secondary transmitters can harvest energy from the primary source. Specifically, a secondary transmitter STi is first selected, which can offer the best transmission performance for the secondary users to access the primary frequency spectrum. Then, another secondary transmitter STn, which has the best channel for eavesdropping, is also chosen as a friendly jammer to provide secrecy service. Furthermore, we use outage probability (OP) and intercept probability (IP) as metrics to evaluate performance. Meanwhile, we also derive closed-form expressions of OP and IP of primary users and OP of secondary users for the proposed protocol, respectively. We also conduct a theoretical analysis of the optimal secondary transmission selection (OSTS) protocol. Finally, the performance of the proposed protocol is validated through numerical experiments. The results show that the secrecy performance of the proposed protocol is better than the OSTS and OCJS, respectively.

A Survey of techniques for fine-grained web traffic identification and classification.

After decades of rapid development, the scale and complexity of modern networks have far exceed our expectations. In many conditions, traditional traffic identification methods cannot meet the demand of modern networks. Recently, fine-grained network traffic identification has been proved to be an effective solution for managing network resources. There is a massive increase in the use of fine-grained network traffic identification in the communications industry. In this article, we propose a comprehensive overview of fine-grained network traffic identification. Then, we conduct a detailed literature review on fine-grained network traffic identification from three perspectives: wired network, mobile network, and malware traffic identification. Finally, we also draw the conclusion on the challenges of fine-grained network traffic identification and future research prospects.

Can Formal Security Verification Really Be Optional? Scrutinizing the Security of IMD Authentication Protocols.

The need for continuous monitoring of physiological information of critical organs of the human body, combined with the ever-growing field of electronics and sensor technologies and the vast opportunities brought by 5G connectivity, have made implantable medical devices (IMDs) the most necessitated devices in the health arena. IMDs are very sensitive since they are implanted in the human body, and the patients depend on them for the proper functioning of their vital organs. Simultaneously, they are intrinsically vulnerable to several attacks mainly due to their resource limitations and the wireless channel utilized for data transmission. Hence, failing to secure them would put the patient's life in jeopardy and damage the reputations of the manufacturers. To date, various researchers have proposed different countermeasures to keep the confidentiality, integrity, and availability of IMD systems with privacy and safety specifications. Despite the appreciated efforts made by the research community, there are issues with these proposed solutions. Principally, there are at least three critical problems. (1) Inadequate essential capabilities (such as emergency authentication, key update mechanism, anonymity, and adaptability); (2) heavy computational and communication overheads; and (3) lack of rigorous formal security verification. Motivated by this, we have thoroughly analyzed the current IMD authentication protocols by utilizing two formal approaches: the Burrows-Abadi-Needham logic (BAN logic) and the Automated Validation of Internet Security Protocols and Applications (AVISPA). In addition, we compared these schemes against their security strengths, computational overheads, latency, and other vital features, such as emergency authentications, key update mechanisms, and adaptabilities.

Bluetooth 5.1: An Analysis of Direction Finding Capability for High-Precision Location Services.

This paper presents an in-depth overview of the Bluetooth 5.1 Direction Finding standard's potentials, thanks to enhancing the Bluetooth Low Energy (BLE) firmware. This improvement allows producers to create location applications based on the Angle of Departure (AoD) and the Angle of Arrival (AoA). Accordingly, it is conceivable to design proper Indoor Positioning Systems (IPS), for instance, for the traceability of resources, assets, and people. First of all, Radio Frequency (RF) radiogoniometry techniques, helpful in calculating AoA and AoD angles, are introduced in this paper. Subsequently, the topic relating to signal direction estimation is deepened. The Bluetooth Core Specification updates concerning version 5.1, both at the packet architecture and prototyping levels, are also reported. Some suitable platforms and development kits for running the new features are then presented, and some basic applications are illustrated. This paper's final part allows ascertaining the improvement made by this new definition of BLE and possible future developments, especially concerning applications related to devices, assets, or people's indoor localization. Some preliminary results gathered in a real evaluation scenario are also presented.

Drone Secure Communication Protocol for Future Sensitive Applications in Military Zone.

Unmanned Aerial Vehicle (UAV) plays a paramount role in various fields, such as military, aerospace, reconnaissance, agriculture, and many more. The development and implementation of these devices have become vital in terms of usability and reachability. Unfortunately, as they become widespread and their demand grows, they are becoming more and more vulnerable to several security attacks, including, but not limited to, jamming, information leakage, and spoofing. In order to cope with such attacks and security threats, a proper design of robust security protocols is indispensable. Although several pieces of research have been carried out with this regard, there are still research gaps, particularly concerning UAV-to-UAV secure communication, support for perfect forward secrecy, and provision of non-repudiation. Especially in a military scenario, it is essential to solve these gaps. In this paper, we studied the security prerequisites of the UAV communication protocol, specifically in the military setting. More importantly, a security protocol (with two sub-protocols), that serves in securing the communication between UAVs, and between a UAV and a Ground Control Station, is proposed. This protocol, apart from the common security requirements, achieves perfect forward secrecy and non-repudiation, which are essential to a secure military communication. The proposed protocol is formally and thoroughly verified by using the BAN-logic (Burrow-Abadi-Needham logic) and Scyther tool, followed by performance evaluation and implementation of the protocol on a real UAV. From the security and performance evaluation, it is indicated that the proposed protocol is superior compared to other related protocols while meeting confidentiality, integrity, mutual authentication, non-repudiation, perfect forward secrecy, perfect backward secrecy, response to DoS (Denial of Service) attacks, man-in-the-middle protection, and D2D (Drone-to-Drone) security.

TrMAps: Trust Management in Specification-Based Misbehavior Detection System for IMD-Enabled Artificial Pancreas System.

Advances of implantable medical devices (IMD) are transforming the traditional method of providing medical treatment, especially those patients under the most challenging condition. Accordingly, the IMD-enabled artificial pancreas system (APS) has now reached global market. It helped many patients suffering from chronic disease, called diabetes mellitus, in monitoring and maintaining blood glucose level conveniently. However, this advancement is accompanied by various security threats that place the life of patients at risk. Hence, protective measures, especially against yet unknown threats, are of paramount importance. This paper proposes a specification-based misbehavior detection system (SMDS) as an alternative solution to effectively mitigate security threats. Moreover, an outlier detection algorithm is also introduced to validate integrity of unprotected data transmitted by the different components. The monitor agent applies a smoothened-trust-based scheme to assess the trustworthiness of the APS. To demonstrate effectiveness of the proposed method, we first extend the UVA/Padova simulator for glucose-insulin data collection and subsequently simulate scenario with well-behave and malicious APS in MATLAB. The results show that there exists an optimal trust threshold that can achieve high specificity and sensitivity rate. Moreover, the proposed technique was compared to contemporary machine learning classifier including decision tree, support vector machine, k-nearest neighbor, and the SMDS called SMDAps. It is shown that our approach can dominate detection performance, especially to malicious behavior that manifests habitually (hidden mode).

Selected Papers from the First International Symposium on Future ICT (Future-ICT 2019) in Conjunction with the 4th International Symposium on Mobile Internet Security (MobiSec 2019).

The International Symposium on the Future ICT (Future-ICT 2019) in conjunction with the 4th International Symposium on Mobile Internet Security (MobiSec 2019) has been held on 17-19 October 2019 in Taichung, Taiwan [...].

Study and Investigation on 5G Technology: A Systematic Review.

In wireless communication, Fifth Generation (5G) Technology is a recent generation of mobile networks. In this paper, evaluations in the field of mobile communication technology are presented. In each evolution, multiple challenges were faced that were captured with the help of next-generation mobile networks. Among all the previously existing mobile networks, 5G provides a high-speed internet facility, anytime, anywhere, for everyone. 5G is slightly different due to its novel features such as interconnecting people, controlling devices, objects, and machines. 5G mobile system will bring diverse levels of performance and capability, which will serve as new user experiences and connect new enterprises. Therefore, it is essential to know where the enterprise can utilize the benefits of 5G. In this research article, it was observed that extensive research and analysis unfolds different aspects, namely, millimeter wave (mmWave), massive multiple-input and multiple-output (Massive-MIMO), small cell, mobile edge computing (MEC), beamforming, different antenna technology, etc. This article's main aim is to highlight some of the most recent enhancements made towards the 5G mobile system and discuss its future research objectives.

Efficient Resource Allocation for Backhaul-Aware Unmanned Air Vehicles-to-Everything (U2X).

Unmanned aerial vehicles (UAVs) allow better coverage, enhanced connectivity, and elongated lifetime when used in telecommunications. However, these features are predominately affected by the policies used for sharing resources amongst the involved nodes. Moreover, the architecture and deployment strategies also have a considerable impact on their functionality. Recently, many researchers have suggested using layer-based UAV deployment, which allows better communications between the entities. Regardless of these solutions, there are a limited number of studies which focus on connecting layered-UAVs to everything (U2X). In particular, none of them have actually addressed the aspect of resource allocation. This paper considers the issue of resource allocation and helps decide the optimal number of transfers amongst the UAVs, which can conserve the maximum amount of energy while increasing the overall probability of resource allocation. The proposed approach relies on mutual-agreement based reward theory, which considers Minkowski distance as a decisive metric and helps attain efficient resource allocation for backhaul-aware U2X. The effectiveness of the proposed solution is demonstrated using Monte-Carlo simulations.

Toward Efficient Image Recognition in Sensor-Based IoT: A Weight Initialization Optimizing Method for CNN Based on RGB Influence Proportion.

As the Internet of Things (IoT) is predicted to deal with different problems based on big data, its applications have become increasingly dependent on visual data and deep learning technology, and it is a big challenge to find a suitable method for IoT systems to analyze image data. Traditional deep learning methods have never explicitly taken the color differences of data into account, but from the experience of human vision, colors play differently significant roles in recognizing things. This paper proposes a weight initialization method for deep learning in image recognition problems based on RGB influence proportion, aiming to improve the training process of the learning algorithms. In this paper, we try to extract the RGB proportion and utilize it in the weight initialization process. We conduct several experiments on different datasets to evaluate the effectiveness of our proposal, and it is proven to be effective on small datasets. In addition, as for the access to the RGB influence proportion, we also provide an expedient approach to get the early proportion for the following usage. We assume that the proposed method can be used for IoT sensors to securely analyze complex data in the future.

Special Issue "Internet of Things for Smart Homes".

Smart homes represent one of the principal points in the new ecosystem of the Internet of Things (IoT), both for the centrality of the home in the life of individuals and the significant potential concerning the diffusion of smart objects and innovative services. While IoT-oriented smart homes can revise how inhabitants interact with the domestic environment, each well-defined piece of technology necessitates precise network performance and distinct levels of security based on the sensitivity of the controlled system and the information it handles. This editorial presents a review of the papers accepted in the special issue. The issue has focused at obtaining high-quality papers aimed at solving well-known technical problems and challenges typical of IoT-oriented smart homes.

A Deep Learning Approach for Maximum Activity Links in D2D Communications.

Mobile cellular communications are experiencing an exponential growth in traffic load on Long Term Evolution (LTE) eNode B (eNB) components. Such load can be significantly contained by directly sharing content among nearby users through device-to-device (D2D) communications, so that repeated downloads of the same data can be avoided as much as possible. Accordingly, for the purpose of improving the efficiency of content sharing and decreasing the load on the eNB, it is important to maximize the number of simultaneous D2D transmissions. Specially, maximizing the number of D2D links can not only improve spectrum and energy efficiency but can also reduce transmission delay. However, enabling maximum D2D links in a cellular network poses two major challenges. First, the interference between the D2D and cellular communications could critically affect their performance. Second, the minimum quality of service (QoS) requirement of cellular and D2D communication must be guaranteed. Therefore, a selection of active links is critical to gain the maximum number of D2D links. This can be formulated as a classical integer linear programming problem (link scheduling) that is known to be NP-hard. This paper proposes to obtain a set of network features via deep learning for solving this challenging problem. The idea is to optimize the D2D link schedule problem with a deep neural network (DNN). This makes a significant time reduction for delay-sensitive operations, since the computational overhead is mainly spent in the training process of the model. The simulation performed on a randomly generated link schedule problem showed that our algorithm is capable of finding satisfactory D2D link scheduling solutions by reducing computation time up to 90% without significantly affecting their accuracy.

Cooperative Jammer Selection for Secrecy Improvement in Cognitive Internet of Things.

Smart homes can improve the quality of life and be implemented by Internet of Things (IoT) technologies. However, security is a very important issue in smart homes. For this reason, we propose a secrecy transmission protocol for primary user (PU) by selecting friendly jammer in cognitive IoT model. In particular, a secondary transmitter (ST) is selected to transmit secondary signals by the PU's frequency spectrum, while another ST is chosen to transmit artificial noise to protect the transmission confidentiality of the PU against eavesdropping. Moreover, two selection schemes are presented to confirm the former and the latter ST, and the goal is to optimize the secondary transmission performance and the primary security performance, respectively. For the non-security model and the proposed protocol, we derive the closed-form expressions of the intercept probability and the outage probability for the PU. We also obtain the closed-form expression of outage probability for the secondary user. The numerical results show that the security performance of the PU is significantly enhanced in our protocol compared to the non-security model. In addition, the outage performance of the secondary users is also improved in high secondary transmit SNR region.

Dissimilarity Metric Based on Local Neighboring Information and Genetic Programming for Data Dissemination in Vehicular Ad Hoc Networks (VANETs).

This paper presents a novel dissimilarity metric based on local neighboring information and a genetic programming approach for efficient data dissemination in Vehicular Ad Hoc Networks (VANETs). The primary aim of the dissimilarity metric is to replace the Euclidean distance in probabilistic data dissemination schemes, which use the relative Euclidean distance among vehicles to determine the retransmission probability. The novel dissimilarity metric is obtained by applying a metaheuristic genetic programming approach, which provides a formula that maximizes the Pearson Correlation Coefficient between the novel dissimilarity metric and the Euclidean metric in several representative VANET scenarios. Findings show that the obtained dissimilarity metric correlates with the Euclidean distance up to 8.9% better than classical dissimilarity metrics. Moreover, the obtained dissimilarity metric is evaluated when used in well-known data dissemination schemes, such as p-persistence, polynomial and irresponsible algorithm. The obtained dissimilarity metric achieves significant improvements in terms of reachability in comparison with the classical dissimilarity metrics and the Euclidean metric-based schemes in the studied VANET urban scenarios.

An Enhanced LoRaWAN Security Protocol for Privacy Preservation in IoT with a Case Study on a Smart Factory-Enabled Parking System.

The Internet of Things (IoT) utilizes algorithms to facilitate intelligent applications across cities in the form of smart-urban projects. As the majority of devices in IoT are battery operated, their applications should be facilitated with a low-power communication setup. Such facility is possible through the Low-Power Wide-Area Network (LPWAN), but at a constrained bit rate. For long-range communication over LPWAN, several approaches and protocols are adopted. One such protocol is the Long-Range Wide Area Network (LoRaWAN), which is a media access layer protocol for long-range communication between the devices and the application servers via LPWAN gateways. However, LoRaWAN comes with fewer security features as a much-secured protocol consumes more battery because of the exorbitant computational overheads. The standard protocol fails to support end-to-end security and perfect forward secrecy while being vulnerable to the replay attack that makes LoRaWAN limited in supporting applications where security (especially end-to-end security) is important. Motivated by this, an enhanced LoRaWAN security protocol is proposed, which not only provides the basic functions of connectivity between the application server and the end device, but additionally averts these listed security issues. The proposed protocol is developed with two options, the Default Option (DO) and the Security-Enhanced Option (SEO). The protocol is validated through Burrows⁻Abadi⁻Needham (BAN) logic and the Automated Validation of Internet Security Protocols and Applications (AVISPA) tool. The proposed protocol is also analyzed for overheads through system-based and low-power device-based evaluations. Further, a case study on a smart factory-enabled parking system is considered for its practical application. The results, in terms of network latency with reliability fitting and signaling overheads, show paramount improvements and better performance for the proposed protocol compared with the two handshake options, Pre-Shared Key (PSK) and Elliptic Curve Cryptography (ECC), of Datagram Transport Layer Security (DTLS).