Current Issue : July-September Volume : 2022 Issue Number : 3 Articles : 5 Articles
The Internet of Things is changing all sectors such as manufacturing, agriculture, city infrastructure, and the automotive industry. All these applications ask for secure processors that can be embedded in the IoTdevices. Furthermore, these devices are restricted in terms of computing capabilities, memory, and power consumption. A major challenge is how to meet the need for security in such resource-constrained devices. This paper presents a customized version of LEON3, the ReonV RISCV (Reduced Instruction Set Computer-five) processor, dedicated for IoT applications that has strong effective security mechanisms built in at the design stage. Firstly, efficient lightweight cipher designs are elaborated and validated. Then, the proposed cryptographic instructions (PRESENTand PRINCE) are integrated into the default instruction set architecture of the ReonV processor core. The instruction set extensions (ISE) of lightweight cipher modules can be instantiated in software routines exactly as the instructions of the base architecture. A single instruction is needed to implement a full lightweight cryptographic instruction. The customized ReonV RISCV processor is implemented on a Xilinx FPGA platform and is evaluated for Slice LUTs plus FF-pairs, frequency, and throughput. Obtained results show that our proposed concepts not only can achieve good encryption results with high performance and reduced cost but also are secure enough to resist against the most common attacks....
The security, privacy, and operation efficiency of radio frequency identification (RFID) must be fully measured in practical use. A few RFID authentication schemes based on elliptic curve cryptography (ECC) have been proposed, but most of them cannot resist the existing attacks. The scheme presented by Qian et al. could not resist impersonation attack according to our security analysis. Then, we propose a novel lightweight RFID authentication scheme, which is proved that it can resist server spoofing attack, tag masquerade attack, and provide other security properties of a RFID authentication scheme. Comparisons of computation and communication cost demonstrate that the proposed scheme is more suitable for the resource-constrained RFID authentication....
Recently, users have used open-source intelligence (OSINT) to gather and obtain information regarding the data of interest. The advantage of using data gathered by OSINT is that security threats arising in cyberspace can be addressed. However, if a user uses data collected by OSINTfor malicious purposes, information regarding the target of an attack can be gathered, which may lead to various cybercrimes, such as hacking, malware, and a denial-of-service attack. Therefore, from a cybersecurity point of view, it is important to positively use the data gathered by OSINT in a positive manner. If exploited in a negative manner, it is important to prepare countermeasures that can minimize the damage caused by cybercrimes. In this paper, the current status and security trends of OSINT will be explained. Specifically, we present security threats and cybercrimes that may occur if data gathered by OSINTare exploited by malicious users. Furthermore, to solve this problem, we propose security requirements that can be applied to the OSINT environment. The proposed security requirements are necessary for securely gathering and storing data in the OSINT environment and for securely accessing and using the data collected by OSINT. The goal of the proposed security requirements is to minimize the damage when cybercrimes occur in the OSINT environment....
The increasing popularity of the Internet of Things (IoT) has significantly impacted our daily lives in the past few years. On one hand, it brings convenience, simplicity, and efficiency for us; on the other hand, the devices are susceptible to various cyber-attacks due to the lack of solid security mechanisms and hardware security support. In this paper, we present IMIDS, an intelligent intrusion detection system (IDS) to protect IoT devices. IMIDS’s core is a lightweight convolutional neural network model to classify multiple cyber threats. To mitigate the training data shortage issue, we also propose an attack data generator powered by a conditional generative adversarial network. In the experiment, we demonstrate that IMIDS could detect nine cyber-attack types (e.g., backdoors, shellcode, worms) with an average F-measure of 97.22% and outperforms its competitors. Furthermore, IMIDS’s detection performance is notably improved after being further trained by the data generated by our attack data generator. These results demonstrate that IMIDS can be a practical IDS for the IoT scenario....
Blockchain technology has been widely used in digital currency, Internet of Things, and other important fields because of its decentralization, nontampering, and anonymity. The vigorous development of blockchain cannot be separated from the security guarantee. However, there are various security threats within the blockchain that have shown in the past to cause huge financial losses. This paper aims at studying the multi-level security threats existing in the Ethereum blockchain, and exploring the security protection schemes under multiple attack scenarios. There are ten attack scenarios studied in this paper, which are replay attack, short url attack, false top-up attack, transaction order dependence attack, integer overflow attack, re-entrancy attack, honeypot attack, airdrop hunting attack, writing of arbitrary storage address attack, and gas exhaustion denial of service attack. This paper also proposes protection schemes. Finally, these schemes are evaluated by experiments. Experimental results show that our approach is efficient and does not bring too much extra cost and that the time cost has doubled at most....
Loading....