Kuljeet Kaur

Sahil Garg, Kuljeet Kaur, Georges Kaddoum et al.

Smart metering infrastructure (SMI) is the core component of the smart grid (SG) which enables two-way communication between consumers and utility companies to control, monitor, and manage the energy consumption data. Despite their salient features, SMIs equipped with information and communication technology are associated with new threats due to their dependency on public communication networks. Therefore, the security of SMI communications raises the need for robust authentication and key agreement primitives that can satisfy the security requirements of the SG. Thus, in order to realize the aforementioned issues, this paper introduces a lightweight and secure authentication protocol, "LiSA", primarily to secure SMIs in SG setups. The protocol employs Elliptic Curve Cryptography at its core to provide various security features such as mutual authentication, anonymity, replay protection, session key security, and resistance against various attacks. Precisely, LiSA exploits the hardness of the Elliptic Curve Qu Vanstone (EVQV) certificate mechanism along with Elliptic Curve Diffie Hellman Problem (ECDHP) and Elliptic Curve Discrete Logarithm Problem (ECDLP). Additionally, LiSA is designed to provide the highest level of security relative to the existing schemes with least computational and communicational overheads. For instance, LiSA incurred barely 11.826 ms and 0.992 ms for executing different passes across the smart meter and the service providers. Further, it required a total of 544 bits for message transmission during each session.

Kuljeet Kaur, Sahil Garg, Georges Kaddoum et al.

With the advent of the Internet-of-Things (IoT), vehicular networks and cyber-physical systems, the need for real-time data processing and analysis has emerged as an essential pre-requite for customers' satisfaction. In this direction, Mobile Edge Computing (MEC) provides seamless services with reduced latency, enhanced mobility, and improved location awareness. Since MEC has evolved from Cloud Computing, it inherited numerous security and privacy issues from the latter. Further, decentralized architectures and diversified deployment environments used in MEC platforms also aggravate the problem; causing great concerns for the research fraternity. Thus, in this paper, we propose an efficient and lightweight mutual authentication protocol for MEC environments; based on Elliptic Curve Cryptography (ECC), one-way hash functions and concatenation operations. The designed protocol also leverages the advantages of discrete logarithm problems, computational Diffie-Hellman, random numbers and time-stamps to resist various attacks namely-impersonation attacks, replay attacks, man-in-the-middle attacks, etc. The paper also presents a comparative assessment of the proposed scheme relative to the current state-of-the-art schemes. The obtained results demonstrate that the proposed scheme incurs relatively less communication and computational overheads, and is appropriate to be adopted in resource constraint MEC environments.

Kuljeet Kaur, Sahil Garg, Georges Kaddoum et al.

With the increasing development of advanced communication technologies, vehicles are becoming smarter and more connected. Due to the tremendous growth of various vehicular applications, a huge amount of data is generated through advanced on-board devices and is deemed critical to improve driving safety and enhance vehicular services. However, cloud based models often fall short in applications where latency and mobility are critical. In order to fully realize the potential of vehicular networks, the challenges of efficient communication and computation need to be addressed. In this direction, vehicular fog computing (VFC) has emerged which extends the concept of fog computing to conventional vehicular networks. It is a geographically distributed paradigm that has the potential to conduct time-critical and data-intensive tasks by pushing intelligence (i.e. computing resources, storage, and application services) in the vicinity of end vehicles. However secure and reliable transmission are of significant importance in highly-mobile vehicular networks in order to ensure the optimal Quality of Service (QoS). In this direction, several authentication mechanisms have been proposed in the literature but most of them are found unfit due to absence of decentralization, anonymity, and trust characteristics. Thus, an effective cross-datacenter authentication and key-exchange scheme based on blockchain and elliptic curve cryptography (ECC) is proposed in this paper. Here, the distributed ledger of blockchain is used for maintaining the network information while the highly secure ECC is employed for mutual authentication between vehicles and road side units (RSUs). Additionally, the proposed scheme is lightweight and scalable for the considered VFC setup. The performance evaluation results against the existing state-of-the-art reveal that the proposed scheme accomplishes enhanced security features.

Poulmanogo Illy, Georges Kaddoum, Christian Miranda Moreira et al.

The growing interest in the Internet of Things (IoT) applications is associated with an augmented volume of security threats. In this vein, the Intrusion detection systems (IDS) have emerged as a viable solution for the detection and prevention of malicious activities. Unlike the signature-based detection approaches, machine learning-based solutions are a promising means for detecting unknown attacks. However, the machine learning models need to be accurate enough to reduce the number of false alarms. More importantly, they need to be trained and evaluated on realistic datasets such that their efficacy can be validated on real-time deployments. Many solutions proposed in the literature are reported to have high accuracy but are ineffective in real applications due to the non-representativity of the dataset used for training and evaluation of the underlying models. On the other hand, some of the existing solutions overcome these challenges but yield low accuracy which hampers their implementation for commercial tools. These solutions are majorly based on single learners and are therefore directly affected by the intrinsic limitations of each learning algorithm. The novelty of this paper is to use the most realistic dataset available for intrusion detection called NSL-KDD, and combine multiple learners to build ensemble learners that increase the accuracy of the detection. Furthermore, a deployment architecture in a fog-to-things environment that employs two levels of classifications is proposed. In such architecture, the first level performs an anomaly detection which reduces the latency of the classification substantially, while the second level, executes attack classifications, enabling precise prevention measures. Finally, the experimental results demonstrate the effectiveness of the proposed IDS in comparison with the other state-of-the-arts on the NSL-KDD dataset.