Internet of Things (IoT) gains popularity in recent times due to its flexibility, usability, diverse applicability and ease of deployment. However, the issues related to security are less explored. The IoT devices are light weight in nature and have low computation power, low battery life and low memory. As incorporating security features are resource expensive, IoT devices are often found to be less protected and in recent times, more IoT devices have been routinely attacked due to high profile security flaws. This study aims to explore the security vulnerabilities of IoT devices particularly that use low power wide area networks (LPWANs). In this work, long range wide area network (LoRaWAN) based IoT security vulnerabilities are scrutinised and loopholes are identified. An attack was designed and simulated with the use of a predictive model of the device data generation. The study demonstrated that by predicting the data generation model, the jamming attack can be carried out to block devices from sending data successfully. This research will aid in the continual development of any necessary countermeasures and mitigations for LoRaWAN and LPWAN functionality of IoT networks in general.

With the advances in wireless communication and Internet of things, wireless body area networks (WBANs) have attracted more and more attention because of the potential in improving the quality of health care services. With the help of WBANs, the user can access the patient's life-critical data generated by miniaturised medical sensors, and remote health care monitoring services are provided. Since the open nature of wireless channel and sensitivity of transmitted information, the security and privacy of such personal data are becoming important issues that must be dealt with. In the past few years, a large number of authentication schemes had been proposed to solve these issues. However, most of the existing schemes are not secure enough. As a step toward this direction, in this study, the authors present a privacy-preserving authentication scheme with adaptive resilience of desynchronisation attacks for WBANs, in which lightweight crypto-modules are adopted to pursue the best efficiency. The proposed scheme adopts the pseudonym identity technique to provide user anonymity, and one-way hash chain technique and serial number method are employed to ensure forward secrecy and resist desynchronisation attack, respectively. Analysis and comparison results demonstrate that the proposed scheme achieves a delicate balance between security and efficiency.

Wireless mesh networks (WMNs) upraised as superior technology offering all aspects of services as compared to conventional networks. Due to the absence of centralised authority, WMNs suffers from both external and internal attacks, which decrease the overall performance of WMNs. In this study, the authors proposed an efficient handoff authentication protocol with privacy preservation of nonce and transfer ticket against external attacks during handoff and proposed round trip time (RTT)-based detection protocol to resist against internal attacks in WMNs. For privacy preservation of nonce and transfer ticket, encryption of the nonce and transfer ticket during handoff authentication process was considered. For detection, the calculation of RTT and processing time to identify the malicious nodes forming wormhole link were considered. The proposed work prevents the AODV routing protocol against the wormhole attack in WMNs. The simulation of the proposed work was done using NS-3 simulator, and the experimental results show that the performance of the proposed method prevents WMNs from both external and internal attacks.

In recent years, the security of online social networks (OSNs) has become an issue of widespread concern. Searching and detecting compromised accounts in OSNs is crucial for ensuring the security of OSN platforms. In this study, the authors proposed a new method of detecting compromised accounts based on a supervised analytical hierarchy process (SAHP). First, they considered the expression habits of a user to present the profile features of a user more comprehensively than previous research. Next, the information gain ratio was combined with the analytical hierarchy process algorithm to calculate the weight of each feature. Finally, a detection decision was taken, and varying thresholds were used to obtain different detection results. The experimental results showed that the accuracy and precision of the SAHP were 81.7 and 96.4%, respectively. The results indicated that the new method improved upon the previously established COMPA (detecting compromised accounts on social networks) methods for detecting compromised accounts.

In the previous study, authors proved that inversion of enhanced matrix power function (MPF), introduced as conjectured one-way function, is a nondeterministic polynomial time (NP)-complete problem. Furthermore, a key agreement protocol (KAP), the security of which relies on the inversion of this function, was previously proposed. The problem is that the application of MPF can yield weak keys under the linearisation attack. In this study, the authors perform a security analysis of the proposed KAP and give recommendations to avoid weak keys. Their method relies on the conjecture that enhanced MPF is an almost one-to-one function when entries of power matrices are bound to a certain range. Their result is a security parameter definition and its secure value determination using numerical simulation. On the basis of the obtained result, they estimate memory requirements for storing public parameter and keys.

Malware and malicious code do not only incur considerable costs and losses but impact negatively the reputation of the targeted organisations. Malware developers, hackers, and information security specialists are continuously improving their strategies to defeat each other. Unfortunately, there is no one-size-fits-all solution to detect and eradicate any malware. This situation is aggravated more by the undetected vulnerabilities that usually impair computer software and internet tools. Such vulnerabilities will remain undetected until fully exploited by malware developers, which will eventually cause considerable financial and reputation losses. In this paper, we propose a novel scheme to detect and classify malware using only image representations of the malware binaries. Highly discriminative features of the malware category and structure are extracted in a compact subspace using principal component analysis. Then, an optimised support vector machine model classifies the extracted features into malware categories. Unlike existing classification models, our solution requires simple algebraic dot products to classify malware based on representative digital images. To assess its performance, publicly-available image datasets, Malimg, Ember and BIG 2015, are considered. Our performance analysis indicates that their classifier outperforms state-of-the-art models and attains classification accuracies of 0.998, 0.911, and 0.997 using Malimg, Ember and BIG 2015 malware datasets, respectively.

Cube attacks are an important type of key recovery attacks against nonlinear feedback shift register (NFSR)-based cryptosystems. The key step in cube attacks closely related to key recovery is recovering superpolies. However, in the previous cube attacks including original, division property based and correlation cube attacks, the algebraic normal form of superpolies could hardly be shown to be exact due to an unavoidable failure probability or a requirement of large time complexity. In this study, the authors propose an algebraic method aiming at recovering the exact algebraic normal forms of superpolies practically. The proposed method is developed based on the degree of evaluation method proposed by Liu in Crypto 2017. As an illustration, the authors apply the proposed method to Trivium. As a result, they recover the algebraic normal forms of some superpolies for the 818-, 835-, 837- and 838-round Trivium. Based on these superpolies, the authors could mount key-recovery attacks on 818-, 835-, 837- and 838-round Trivium with the worst complexity slightly lower than a brute-force attack. Besides, for the cube proposed by Liu in Crypto 2017 as a zero-sum distinguisher for the 838-round Trivium, it is proved that its superpoly is not zero-constant. Hopefully, the proposed method would provide some new insights on cube attacks against NFSR-based ciphers.

The identity-based signature (IBS) scheme is one of the most promising secure and widely used cryptographic primitives for electronic commerce applications. For example, ID-based signing in a multi-party setting, without ever revealing any private and secret information, has received considerable interest in distributed applications such as a global manufacturer. However, there is no practical solution for such a group setting (e.g. more than two parties). Therefore, in this study, the authors present the first distributed identity-based signing protocol for the global electronic commerce system. Specifically, the authors’ designed protocol allows a group of parties to generate the signature in a decentralised and fair manner. They also prove that their proposed protocol is secure against a malicious adversary under the discrete logarithm and decisional Diffie–Hellman assumptions. Moreover, they implement the protocol using the MIRACL libraries on physical computing devices. Findings from the evaluations demonstrate the practical utility of their proposed protocol, in terms of achieving high level of security within a reasonable time framework (e.g. signing time (including communication latency and waiting delay) takes 311.86 ms for three parties, 558.2 ms for five parties, and 707.21 ms for seven parties, under a single-thread implementation).

Low-rate denial of service (LDoS) attack is a special DoS attack type of wireless sensor network (WSN). Routing protocol is the critical component of the WSN. Routing flood attack is a novel LDoS attack pattern in WSN. However, the attack is difficult to be detected by traditional intrusion detection algorithm. A novel LDoS attack detection method based on big data and signal analysis is proposed. Hilbert–Huang Transform (HHT) time–frequency signal analysis method is used to analyse the small non-linear signal from LDoS attack traffic signal. Spark-based Pearson and Spearman correlation coefficient calculation approaches are used to recognise the false intrinsic mode functions (IMFs) components decomposed by the HHT method. The effective threshold value of Pearson correlation coefficient is set to 0.2, the effective threshold value of Spearman correlation coefficient is set to 0.3, which are united to identify the false IMF components. SunSpot wireless nodes are used to build the wireless sensor nodes. If the difference between the IMF component and the normal IMF component is more than 40%, the LDoS attack will be detected. Experimental results show that this approach is effective to detect the LDoS attack in ZigBee WSN. This is a quantitative LDoS attack detection experimental research in WSN.

Scan chain is an architectural solution to facilitate in-field tests and debugging of digital chips, however, it is also known as a source of security problems, e.g. scan-based attacks in the chips. The authors conduct a comprehensive gate-level security analysis on crypto-chips, which are equipped with a scan chain, and then propose a set of protection mechanisms to immune vulnerable nets of the chips against scan-based attacks. After extracting the set of most vulnerable nets, they perform net pruning algorithms on them, and gate-level protection mechanisms to block the information leaking from the nets during test mode. The protection mechanisms employ net masking, net flipping, and net shuffling based on the specifications of every net, i.e. gate-type driving the net, fan-out of the net, and net's logical depth. Their evaluations on the hardware-implemented advanced encryption standard (AES) and data encryption standard (DES) encryption algorithms show 100% for all types of scan-based attack tolerance, while the area overhead is at most 1.5%, 6.1% for AES and DES crypto-chip, respectively. As they find the smallest set of nets that have a high contribution to the scan attack, the test coverage loss of their protection mechanism is evaluated to be <0.8%.

The publish/subscribe (P/S) service on Advanced Metering Infrastructure (AMI) servers of smart grid need to deal with huge amount of data, which may lead to data burst on AMI servers and serious server crash. Moreover, for protecting data security, sensitive data must be encrypted before being published. It obstacles traditional data utilisation based on plaintext P/S service. Thus, enabling an encrypted data-based P/S service is of paramount importance. Considering the huge amount of data and subscribers, it is necessary to allow conjunctive subscriptions containing mixtures of keywords, numeric data etc., and return data according to a reasonable access control mechanism (ACM). In this study, the authors propose a cloud-assisted secure conjunctive publish/subscribe protocol to challenge the encrypted data-based P/S service on AMI servers. To overcome the data burst, the P/S computation tasks are shifted from AMI servers to the cloud. To support conjunctive P/S operations in a reasonable ACM, a prefix-based membership verification algorithm combining with the ciphertext policy attribute-based encryption is explored. The proposed protocol is proved to be secure against chosen keyword/plaintext attacks under formally defined security models. Experiments on the real-world data set further show proposed protocol indeed introduce low overhead on computation and communication.