skip to main content


Title: Hash-MAC-DSDV: Mutual Authentication for Intelligent IoT-Based Cyber-Physical Systems
Cyber-Physical Systems (CPS) connected in the form of Internet of Things (IoT) are vulnerable to various security threats, due to the infrastructure-less deployment of IoT devices. Device-to-Device (D2D) authentication of these networks ensures the integrity, authenticity, and confidentiality of information in the deployed area. The literature suggests different approaches to address security issues in CPS technologies. However, they are mostly based on centralized techniques or specific system deployments with higher cost of computation and communication. It is therefore necessary to develop an effective scheme that can resolve the security problems in CPS technologies of IoT devices. In this paper, a lightweight Hash-MAC-DSDV (Hash Media Access Control Destination Sequence Distance Vector) routing scheme is proposed to resolve authentication issues in CPS technologies, connected in the form of IoT networks. For this purpose, a CPS of IoT devices (multi-WSNs) is developed from the local-chain and public chain, respectively. The proposed scheme ensures D2D authentication by the Hash-MAC-DSDV mutual scheme, where the MAC addresses of individual devices are registered in the first phase and advertised in the network in the second phase. The proposed scheme allows legitimate devices to modify their routing table and unicast the one-way hash authentication mechanism to transfer their captured data from source towards the destination. Our evaluation results demonstrate that Hash-MAC-DSDV outweighs the existing schemes in terms of attack detection, energy consumption and communication metrics.  more » « less
Award ID(s):
2016714
PAR ID:
10296934
Author(s) / Creator(s):
; ; ; ; ; ;
Date Published:
Journal Name:
IEEE Internet of Things Journal
ISSN:
2372-2541
Page Range / eLocation ID:
1 to 1
Format(s):
Medium: X
Sponsoring Org:
National Science Foundation
More Like this
  1. null (Ed.)
    The Host Identity Protocol (HIP) has emerged as the most suitable solution to uniquely identify smart devices in the mobile and distributed Internet of Things (IoT) systems, such as smart cities, homes, cars, and healthcare. The HIP provides authentication methods that enable secure communications between HIP peers. However, the authentication methods provided by the HIP cannot be adopted by the IoT devices with limited processing power because of the computation-intensive cryptographic operations involved in hash generation, signature validation, and session key establishment. Moreover, IoT devices cannot utilize the HIP as is to communicate securely in the low power and lossy networks as there is a considerable communication overhead, such as packet fragmentation and reassembly, for exchanging certificates over a lossy link. Additionally, the use of static host identifiers makes IoT devices vulnerable to cyber espionage and user-targeted attacks. In this article, we propose an authentication scheme, P-HIP, that protects the identity privacy of an IoT device by enabling the device to compute and use unique host identifiers from networks to networks and sessions to sessions. To make the HIP suitable for resource-constrained IoT devices, P-HIP provides methods that unburden IoT devices from computation-intensive operations, such as modular exponentiation, involved in authentication and session-key exchange. Additionally, P-HIP minimizes the communication overheads for exchanging certificates in lossy networks. We implement a prototype of P-HIP on Contiki enabled IoT that shows P-HIP can reduce computation costs, communication overheads, and the session-key establishment time when used by low-powered devices in a lossy network. 
    more » « less
  2. Structural Health Monitoring (SHM) uses wireless sensor network (WSN) to monitor a civil construction’s conditions remotely and constantly for its sustainable usage. Security in WSN for SHM is essential to safeguard critical transportation infrastructure such as bridges. While WSN offers cost-effective solutions for Bridge SHM, its wireless nature expands attack surfaces, making security a significant concern. Despite progress in addressing security issues in WSN for Bridge SHM, challenges persist in device authentication due to the unique placement of sensor nodes and their resource constraints, particularly in energy conservation requirements to extend the system’s lifetime. To overcome these limitations, this paper proposes an innovative authentication scheme with deep learning at the physical layer. Our approach steers away from conventional device authentication methods: no challenge-response protocol with heavy communication overhead and no cryptography of intensive computation. Instead, we use radio frequency (RF) fingerprinting to authenticate sensor nodes. Deep learning is chosen for its ability to discover patterns in large datasets without manual feature engineering. We model our scheme on IEEE 802.11ah, Wi-Fi HaLow of long-range communication and low-power consumption for machine-to-machine (M2M) applications. Simulations and experiments using universal software radio peripheral (USRP) demonstrate the effectiveness of the proposed scheme. By integrating security into Cyber-Physical System/the Internet-of-Things (CPS/IoT) design of WSN for Bridge SHM, our work contributes to critical infrastructure protection. 
    more » « less
  3. Padhy, Sudarsan ; Oria, Vincent (Ed.)
    The simplicity, low cost, and scalability of Internet of Things (IoT) devices have led researchers to study their applications in a wide range of areas such as Healthcare, Transportation, and Agriculture. IoT devices help farmers to monitor the conditions in a field. These are connected to edge devices for real-time analysis. The edge servers send commands to actuators in the farm directly, without human intervention. At the same time, security vulnerabilities are a big concern, concomitant with the increasing utilization of IoT devices. If the duplication of an IoT device occurs and attackers gain access to the system, then the integrity of the entire ecosystem will be at stake, regardless of the application domain. This paper presents a Physical Unclonable Function (PUF) based hardware security primitive for the authentication of Internet of Agro-Things (IoAT) devices. The proposed security scheme has been prototyped with a testbed evaluation. An arbiter PUF module has been used for the validation of the proposed scheme. The PUF based security primitive is lightweight, scalable, and robust as it mainly depends on inherent manufacturing variations, thereby ensuring no chance for the duplication of IoT devices. 
    more » « less
  4. Home area networks (HANs) are the most vulnerable part of smart grids since they are not directly controlled by utilities. Device authentication is one of most important mechanisms to protect the security of smart grid-enabled HANs (SG-HANs). In this paper, we propose a situation-aware scheme for efficient device authentication in SG-HANs. The proposed scheme utilizes the security risk information assessed by the smart home system with a situational awareness feature. A suitable authentication protocol with adequate security protection and computational and communication complexity is then selected based on the assessed security risk level. A protocol design of the proposed scheme considering two security risk levels is presented in the paper. The security of the design is verified by using both formal verification and informal security analysis. Our performance analysis demonstrates that the proposed scheme is efficient in terms of computational and communication costs. 
    more » « less
  5. null (Ed.)
    The edge devices connected to the Internet of Things (IoT) infrastructures are increasingly susceptible to piracy. These pirated edge devices pose a serious threat to security, as an adversary can get access to the private network through these non-authentic devices. It is necessary to authenticate an edge device over an unsecured channel to safeguard the network from being infiltrated through these fake devices. The implementation of security features demands extensive computational power and a large hardware/software overhead, both of which are difficult to satisfy because of inherent resource limitation in the IoT edge devices. This paper presents a low-cost authentication protocol for IoT edge devices that exploits power-up states of built-in SRAM for device fingerprint generations. Unclonable ID generated from the on-chip SRAM could be unreliable, and to circumvent this issue, we propose a novel ID matching scheme that alleviates the need for enhancing the reliability of the IDs generated from on-chip SRAMs. Security and different attack analysis show that the probability of impersonating an edge device by an adversary is insignificant. The protocol is implemented using a commercial microcontroller, which requires a small code overhead. However, no modification of device hardware is necessary. 
    more » « less