Visible to the public Biblio

Found 316 results

Filters: Keyword is Sensors  [Clear All Filters]
2019-01-16
Hossain, M., Xie, J..  2018.  Off-sensing and Route Manipulation Attack: A Cross-Layer Attack in Cognitive Radio based Wireless Mesh Networks. IEEE INFOCOM 2018 - IEEE Conference on Computer Communications. :1376–1384.
Cognitive Radio (CR) has garnered much attention in the last decade, while the security issues are not fully studied yet. Existing research on attacks and defenses in CR - based networks focuses mostly on individual network layers, whereas cross-layer attacks remain fortified against single-layer defenses. In this paper, we shed light on a new vulnerability in cross-layer routing protocols and demonstrate how a perpetrator can exploit this vulnerability to manipulate traffic flow around it. We propose this cross-layer attack in CR-based wireless mesh networks (CR-WMNs), which we call off-sensing and route manipulation (OS-RM) attack. In this cross-layer assault, off-sensing attack is launched at the lower layers as the point of attack but the final intention is to manipulate traffic flow around the perpetrator. We also introduce a learning strategy for a perpetrator, so that it can gather information from the collaboration with other network entities and capitalize this information into knowledge to accelerate its malice intentions. Simulation results show that this attack is far more detrimental than what we have experienced in the past and need to be addressed before commercialization of CR-based networks.
2018-12-10
Farooq, M. J., Zhu, Q..  2017.  Secure and reconfigurable network design for critical information dissemination in the Internet of battlefield things (IoBT). 2017 15th International Symposium on Modeling and Optimization in Mobile, Ad Hoc, and Wireless Networks (WiOpt). :1–8.

The Internet of things (IoT) is revolutionizing the management and control of automated systems leading to a paradigm shift in areas such as smart homes, smart cities, health care, transportation, etc. The IoT technology is also envisioned to play an important role in improving the effectiveness of military operations in battlefields. The interconnection of combat equipment and other battlefield resources for coordinated automated decisions is referred to as the Internet of battlefield things (IoBT). IoBT networks are significantly different from traditional IoT networks due to the battlefield specific challenges such as the absence of communication infrastructure, and the susceptibility of devices to cyber and physical attacks. The combat efficiency and coordinated decision-making in war scenarios depends highly on real-time data collection, which in turn relies on the connectivity of the network and the information dissemination in the presence of adversaries. This work aims to build the theoretical foundations of designing secure and reconfigurable IoBT networks. Leveraging the theories of stochastic geometry and mathematical epidemiology, we develop an integrated framework to study the communication of mission-critical data among different types of network devices and consequently design the network in a cost effective manner.

Mirzamohammadi, Saeed, Chen, Justin A., Sani, Ardalan Amiri, Mehrotra, Sharad, Tsudik, Gene.  2017.  Ditio: Trustworthy Auditing of Sensor Activities in Mobile & IoT Devices. Proceedings of the 15th ACM Conference on Embedded Network Sensor Systems. :28:1–28:14.
Mobile and Internet-of-Things (IoT) devices, such as smartphones, tablets, wearables, smart home assistants (e.g., Google Home and Amazon Echo), and wall-mounted cameras, come equipped with various sensors, notably camera and microphone. These sensors can capture extremely sensitive and private information. There are several important scenarios where, for privacy reasons, a user might require assurance about the use (or non-use) of these sensors. For example, the owner of a home assistant might require assurance that the microphone on the device is not used during a given time of the day. Similarly, during a confidential meeting, the host needs assurance that attendees do not record any audio or video. Currently, there are no means to attain such assurance in modern mobile and IoT devices. To this end, this paper presents Ditio, a system approach for auditing sensor activities. Ditio records sensor activity logs that can be later inspected by an auditor and checked for compliance with a given policy. It is based on a hybrid security monitor architecture that leverages both ARM's virtualization hardware and TrustZone. Ditio includes an authentication protocol for establishing a logging session with a trusted server and a formally verified companion tool for log analysis. Ditio prototypes on ARM Juno development board and Nexus 5 smartphone show that it introduces negligible performance overhead for both the camera and microphone. However, it incurs up to 17% additional power consumption under heavy use for the Nexus 5 camera.
2018-11-19
Sun, K., Esnaola, I., Perlaza, S. M., Poor, H. V..  2017.  Information-Theoretic Attacks in the Smart Grid. 2017 IEEE International Conference on Smart Grid Communications (SmartGridComm). :455–460.

Gaussian random attacks that jointly minimize the amount of information obtained by the operator from the grid and the probability of attack detection are presented. The construction of the attack is posed as an optimization problem with a utility function that captures two effects: firstly, minimizing the mutual information between the measurements and the state variables; secondly, minimizing the probability of attack detection via the Kullback-Leibler (KL) divergence between the distribution of the measurements with an attack and the distribution of the measurements without an attack. Additionally, a lower bound on the utility function achieved by the attacks constructed with imperfect knowledge of the second order statistics of the state variables is obtained. The performance of the attack construction using the sample covariance matrix of the state variables is numerically evaluated. The above results are tested in the IEEE 30-Bus test system.

Ali, S., Khan, M. A., Ahmad, J., Malik, A. W., ur Rehman, A..  2018.  Detection and Prevention of Black Hole Attacks in IOT Amp;Amp; WSN. 2018 Third International Conference on Fog and Mobile Edge Computing (FMEC). :217–226.

Wireless Sensor Network is the combination of small devices called sensor nodes, gateways and software. These nodes use wireless medium for transmission and are capable to sense and transmit the data to other nodes. Generally, WSN composed of two types of nodes i.e. generic nodes and gateway nodes. Generic nodes having the ability to sense while gateway nodes are used to route that information. IoT now extended to IoET (internet of Everything) to cover all electronics exist around, like a body sensor networks, VANET's, smart grid stations, smartphone, PDA's, autonomous cars, refrigerators and smart toasters that can communicate and share information using existing network technologies. The sensor nodes in WSN have very limited transmission range as well as limited processing speed, storage capacities and low battery power. Despite a wide range of applications using WSN, its resource constrained nature given birth to a number severe security attacks e.g. Selective Forwarding attack, Jamming-attack, Sinkhole attack, Wormhole attack, Sybil attack, hello Flood attacks, Grey Hole, and the most dangerous BlackHole Attacks. Attackers can easily exploit these vulnerabilities to compromise the WSN network.

Samudrala, A. N., Blum, R. S..  2017.  Asymptotic Analysis of a New Low Complexity Encryption Approach for the Internet of Things, Smart Cities and Smart Grid. 2017 IEEE International Conference on Smart Grid and Smart Cities (ICSGSC). :200–204.

Parameter estimation in wireless sensor networks (WSN) using encrypted non-binary quantized data is studied. In a WSN, sensors transmit their observations to a fusion center through a wireless medium where the observations are susceptible to unauthorized eavesdropping. Encryption approaches for WSNs with fixed threshold binary quantization were previously explored. However, fixed threshold binary quantization limits parameter estimation to scalar parameters. In this paper, we propose a stochastic encryption approach for WSNs that can operate on non-binary quantized observations and has the capability for vector parameter estimation. We extend a binary stochastic encryption approach proposed previously, to a non-binary generalized case. Sensor outputs are quantized using a quantizer with R + 1 levels, where R $ε$ 1, 2, 3,..., encrypted by flipping them with certain flipping probabilities, and then transmitted. Optimal estimators using maximum-likelihood estimation are derived for both a legitimate fusion center (LFC) and a third party fusion center (TPFC) perspectives. We assume the TPFC is unaware of the encryption. Asymptotic analysis of the estimators is performed by deriving the Cramer-Rao lower bound for LFC estimation, and the asymptotic bias and variance for TPFC estimation. Numerical results validating the asymptotic analysis are presented.

2018-11-14
Alagar, V., Alsaig, A., Ormandjiva, O., Wan, K..  2018.  Context-Based Security and Privacy for Healthcare IoT. 2018 IEEE International Conference on Smart Internet of Things (SmartIoT). :122–128.

Healthcare Internet of Things (HIoT) is transforming healthcare industry by providing large scale connectivity for medical devices, patients, physicians, clinical and nursing staff who use them and facilitate real-time monitoring based on the information gathered from the connected things. Heterogeneity and vastness of this network provide both opportunity and challenges for information collection and sharing. Patient-centric information such as health status and medical devices used by them must be protected to respect their safety and privacy, while healthcare knowledge should be shared in confidence by experts for healthcare innovation and timely treatment of patients. In this paper an overview of HIoT is given, emphasizing its characteristics to those of Big Data, and a security and privacy architecture is proposed for it. Context-sensitive role-based access control scheme is discussed to ensure that HIoT is reliable, provides data privacy, and achieves regulatory compliance.

2018-09-28
Husak, M., Čermák, M..  2017.  A graph-based representation of relations in network security alert sharing platforms. 2017 IFIP/IEEE Symposium on Integrated Network and Service Management (IM). :891–892.

In this paper, we present a framework for graph-based representation of relation between sensors and alert types in a security alert sharing platform. Nodes in a graph represent either sensors or alert types, while edges represent various relations between them, such as common type of reported alerts or duplicated alerts. The graph is automatically updated, stored in a graph database, and visualized. The resulting graph will be used by network administrators and security analysts as a visual guide and situational awareness tool in a complex environment of security alert sharing.

2018-08-23
Randles, Martin, Johnson, Princy, Hussain, Abir.  2017.  Internet of Things Eco-systems: Assured Interactivity of Devices and Data Through Cloud Based Team Work. Proceedings of the Second International Conference on Internet of Things, Data and Cloud Computing. :15:1–15:9.
IoT systems continue to grow in scale and exhibit similarities to complex systems seen in nature and biology: Systems are composed of heterogeneous entities (mobile devices, servers, sensors, data items, databases, etc.) coordinated in a Cloud environment forming a digital eco-system. Properties of such systems include variety, emergent outcome, self-organisation, etc. The scale of IoT systems, and the disparity in the capabilities of the devices on the market, means there needs to be a unifying model to enable a secure and assured interaction among those `things'. The authors propose conceptual designs for an efficient architecture, run-time decision models using assured models for such an interaction in a digital eco-system. This is done using the situation calculus modelling to represent the fundamental requirements for adjustable decentralised feedback control mechanisms necessary for the IoT-ready software systems: It is shown that complex properties and emergent outcomes of the system can be deduced, emanating from the simple distributed interaction models. A case study from the rail industry is used to assess the design and possible implementation.
Chaturvedi, P., Daniel, A. K..  2017.  Trust aware node scheduling protocol for target coverage using rough set theory. 2017 International Conference on Intelligent Computing, Instrumentation and Control Technologies (ICICICT). :511–514.

Wireless sensor networks have achieved the substantial research interest in the present time because of their unique features such as fault tolerance, autonomous operation etc. The coverage maximization while considering the resource scarcity is a crucial problem in the wireless sensor networks. The approaches which address these problems and maximize the network lifetime are considered prominent. The node scheduling is such mechanism to address this issue. The scheduling strategy which addresses the target coverage problem based on coverage probability and trust values is proposed in Energy Efficient Coverage Protocol (EECP). In this paper the optimized decision rules is obtained by using the rough set theory to determine the number of active nodes. The results show that the proposed extension results in the lesser number of decision rules to consider in determination of node states in the network, hence it improves the network efficiency by reducing the number of packets transmitted and reducing the overhead.

Chowdhury, F. H., Shuvo, B., Islam, M. R., Ghani, T., Akash, S. A., Ahsan, R., Hassan, N. N..  2017.  Design, control amp;amp; performance analysis of secure you IoT based smart security system. 2017 8th International Conference on Computing, Communication and Networking Technologies (ICCCNT). :1–6.

The paper introduces a smart system developed with sensors that is useful for internal and external security. The system is useful for people living in houses, apartments, high officials, bank, and offices. The system is developed in two phases one for internal security like home another is external security like open areas, streets. The system is consist of a mobile application, capacitive sensing, smart routing these valuable features to ensure safety of life and wealth. This security system is wireless sensor based which is an effective alternative of cctv cameras and other available security systems. Efficiency of this system is developed after going through practical studies and prototyping. The end result explains the feasibility rate, positive impact factor, reliability of the system. More research is possible in future based on this system this research explains that.

Pandey, S. B., Rawat, M. D., Rathod, H. B., Chauhan, J. M..  2017.  Security throwbot. 2017 International Conference on Inventive Systems and Control (ICISC). :1–6.

We all are very much aware of IoT that is Internet of Things which is emerging technology in today's world. The new and advanced field of technology and inventions make use of IoT for better facility. The Internet of Things (IoT) is a system of interrelated computing devices, mechanical and digital machines, objects, animals or people that are provided with unique identifiers and the ability to transfer data over a network without requiring human-to-human or human-to-computer interaction. Our project is based on IoT and other supporting techniques which can bring out required output. Security issues are everywhere now-a-days which we are trying to deal with by our project. Our security throwbot (a throwable device) will be tossed into a room after activating it and it will capture 360 degree panaromic video from a single IP camera, by using two end connectivity that is, robot end and another is user end, will bring more features to this project. Shape of the robot will be shperical so that problem of retrieving back can be solved. Easy to use and cheap to buy is one of our goal which will be helpful to police and soldiers who get stuck in situations where they have to question oneself before entering to dangerous condition/room. Our project will help them to handle and verify any area before entering by just throwing this robot and getting the sufficient results.

Prakash, Y. W., Biradar, V., Vincent, S., Martin, M., Jadhav, A..  2017.  Smart bluetooth low energy security system. 2017 International Conference on Wireless Communications, Signal Processing and Networking (WiSPNET). :2141–2146.

The need for security in today's world has become a mandatory issue to look after. With the increase in a number of thefts, it has become a necessity to implement a smart security system. Due to the high cost of the existing smart security systems which use conventional Bluetooth and other wireless technologies and their relatively high energy consumption, implementing a security system with low energy consumption at a low cost has become the need of the hour. The objective of the paper is to build a cost effective and low energy consumption security system using the Bluetooth Low Energy (BLE) technology. This system will help the user to monitor and manage the security of the house even when the user is outside the house with the help of webpage. This paper presents the design and implementation of a security system using PSoC 4 BLE which can automatically lock and unlock the door when the user in the vicinity and leaving the vicinity of the door respectively by establishing a wireless connection between the physical lock and the smartphone. The system also captures an image of a person arriving at the house and transmits it wirelessly to a webpage. The system also notifies the user of any intrusion by sending a message and the image of the intruder to the webpage. The user can also access the door remotely on the go from the website.

2018-07-18
Das, Sauvik, Laput, Gierad, Harrison, Chris, Hong, Jason I..  2017.  Thumprint: Socially-Inclusive Local Group Authentication Through Shared Secret Knocks. Proceedings of the 2017 CHI Conference on Human Factors in Computing Systems. :3764–3774.

Small, local groups who share protected resources (e.g., families, work teams, student organizations) have unmet authentication needs. For these groups, existing authentication strategies either create unnecessary social divisions (e.g., biometrics), do not identify individuals (e.g., shared passwords), do not equitably distribute security responsibility (e.g., individual passwords), or make it difficult to share or revoke access (e.g., physical keys). To explore an alternative, we designed Thumprint: inclusive group authentication with a shared secret knock. All group members share one secret knock, but individual expressions of the secret are discernible. We evaluated the usability and security of our concept through two user studies with 30 participants. Our results suggest that (1) individuals who enter the same shared thumprint are distinguishable from one another, (2) that people can enter thumprints consistently over time, and (3) that thumprints are resilient to casual adversaries.

Smith, E., Fuller, L..  2017.  Control systems and the internet of things \#x2014; Shrinking the factory. 2017 56th FITCE Congress. :68–73.

In this paper we discuss the Internet of Things (IoT) by exploring aspects which go beyond the proliferation of devices and information enabled by: the growth of the Internet, increased miniaturization, prolonged battery life and an IT literate user base. We highlight the role of feedback mechanisms and illustrate this with reference to implemented computer enabled factory control systems. As the technology has developed, the cost of computing has reduced drastically, programming interfaces have improved, sensors are simpler and more cost effective and high performance communications across a wide area are readily available. We illustrate this by considering an application based on the Raspberry Pi, which is a low cost, small, programmable and network capable computer based on a powerful ARM processor with a programmable I/O interface, which can provide access to sensors (and other devices). The prototype application running on this platform can sense the presence of human being, using inexpensive passive infrared detectors. This can be used to monitor the activity of vulnerable adults, logging the results to a central server using a domestic Internet solution over a Wireless LAN. Whilst this demonstrates the potential for the use of such control/monitoring systems, practical systems spanning thousands of sites will be more complex to deliver and will have more stringent data processing and management demands and security requirements. We will discuss these concepts in the context of delivery of a smart interconnected society.

2018-07-06
Zhang, R., Zhu, Q..  2017.  A game-theoretic defense against data poisoning attacks in distributed support vector machines. 2017 IEEE 56th Annual Conference on Decision and Control (CDC). :4582–4587.

With a large number of sensors and control units in networked systems, distributed support vector machines (DSVMs) play a fundamental role in scalable and efficient multi-sensor classification and prediction tasks. However, DSVMs are vulnerable to adversaries who can modify and generate data to deceive the system to misclassification and misprediction. This work aims to design defense strategies for DSVM learner against a potential adversary. We use a game-theoretic framework to capture the conflicting interests between the DSVM learner and the attacker. The Nash equilibrium of the game allows predicting the outcome of learning algorithms in adversarial environments, and enhancing the resilience of the machine learning through dynamic distributed algorithms. We develop a secure and resilient DSVM algorithm with rejection method, and show its resiliency against adversary with numerical experiments.

2018-06-20
Kebede, T. M., Djaneye-Boundjou, O., Narayanan, B. N., Ralescu, A., Kapp, D..  2017.  Classification of Malware programs using autoencoders based deep learning architecture and its application to the microsoft malware Classification challenge (BIG 2015) dataset. 2017 IEEE National Aerospace and Electronics Conference (NAECON). :70–75.

Distinguishing and classifying different types of malware is important to better understanding how they can infect computers and devices, the threat level they pose and how to protect against them. In this paper, a system for classifying malware programs is presented. The paper describes the architecture of the system and assesses its performance on a publicly available database (provided by Microsoft for the Microsoft Malware Classification Challenge BIG2015) to serve as a benchmark for future research efforts. First, the malicious programs are preprocessed such that they are visualized as gray scale images. We then make use of an architecture comprised of multiple layers (multiple levels of encoding) to carry out the classification process of those images/programs. We compare the performance of this approach against traditional machine learning and pattern recognition algorithms. Our experimental results show that the deep learning architecture yields a boost in performance over those conventional/standard algorithms. A hold-out validation analysis using the superior architecture shows an accuracy in the order of 99.15%.

Pooja, B. P., Manish, M. P., Megha, B. P..  2017.  Jellyfish attack detection and prevention in MANET. 2017 Third International Conference on Sensing, Signal Processing and Security (ICSSS). :54–60.

Jellyfish attack is type of DoS attack which is difficult to detect and prevent. Jellyfish attack is categorized as JF Reorder Attack, JF Periodic Dropping Attack and JF Delay Variance Attack. JF attack delay data packets for some amount of time before forwarding and after reception which results high end-to-end delay in the network. JF Attack disrupts whole functionality of transmission and reduces the performance of network. In this paper difference of receive time and sending time greater than threshold value then delay occur due to congestion or availability of JF nodes that confirm by checking load of network. This way detect and prevent jellyfish attack.

Kulkarni, S., Sawihalli, A., Ambika, R., Naik, L..  2017.  Mobile powered sub-group detection/formation using taste-based collaborative filtering technique. 2017 Innovations in Power and Advanced Computing Technologies (i-PACT). :1–5.

Social networking sites such as Flickr, YouTube, Facebook, etc. contain huge amount of user contributed data for a variety of real-world events. We describe an unsupervised approach to the problem of automatically detecting subgroups of people holding similar tastes or either taste. Item or taste tags play an important role in detecting group or subgroup, if two or more persons share the same opinion on the item or taste, they tend to use similar content. We consider the latter to be an implicit attitude. In this paper, we have investigated the impact of implicit and explicit attitude in two genres of social media discussion data, more formal wikipedia discussions and a debate discussion forum that is much more informal. Experimental results strongly suggest that implicit attitude is an important complement for explicit attitudes (expressed via sentiment) and it can improve the sub-group detection performance independent of genre. Here, we have proposed taste-based group, which can enhance the quality of service.

2018-06-11
Kakanakov, N., Shopov, M..  2017.  Adaptive models for security and data protection in IoT with Cloud technologies. 2017 40th International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO). :1001–1004.

The paper presents an example Sensor-cloud architecture that integrates security as its native ingredient. It is based on the multi-layer client-server model with separation of physical and virtual instances of sensors, gateways, application servers and data storage. It proposes the application of virtualised sensor nodes as a prerequisite for increasing security, privacy, reliability and data protection. All main concerns in Sensor-Cloud security are addressed: from secure association, authentication and authorization to privacy and data integrity and protection. The main concept is that securing the virtual instances is easier to implement, manage and audit and the only bottleneck is the physical interaction between real sensor and its virtual reflection.

Andročec, D., Tomaš, B., Kišasondi, T..  2017.  Interoperability and lightweight security for simple IoT devices. 2017 40th International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO). :1285–1291.

The Semantic Web can be used to enable the interoperability of IoT devices and to annotate their functional and nonfunctional properties, including security and privacy. In this paper, we will show how to use the ontology and JSON-LD to annotate connectivity, security and privacy properties of IoT devices. Out of that, we will present our prototype for a lightweight, secure application level protocol wrapper that ensures communication consistency, secrecy and integrity for low cost IoT devices like the ESP8266 and Photon particle.

Zayene, M., Habachi, O., Meghdadi, V., Ezzeddine, T., Cances, J. P..  2017.  Joint delay and energy minimization for Wireless Sensor Networks using instantly decodable network coding. 2017 International Conference on Internet of Things, Embedded Systems and Communications (IINTEC). :21–25.

Most of Wireless Sensor Networks (WSNs) are usually deployed in hostile environments where the communications conditions are not stable and not reliable. Hence, there is a need to design an effective distributed schemes to enable the sensors cooperating in order to recover the sensed data. In this paper, we establish a novel cooperative data exchange (CDE) scheme using instantly decodable network coding (IDNC) across the sensor nodes. We model the problem using the cooperative game theory in partition form. We develop also a distributed merge-and-split algorithm in order to form dynamically coalitions that maximize their utilities in terms of both energy consumption and IDNC delay experienced by all sensors. Indeed, the proposed algorithm enables these sensors to self-organize into stable clustered network structure where all sensors do not have incentives to change the cluster he is part of. Simulation results show that our cooperative scheme allows nodes not only to reduce the energy consumption, but also the IDNC completion time.

2018-05-24
Ding, P., Wang, Y., Yan, G., Li, W..  2017.  DoS Attacks in Electrical Cyber-Physical Systems: A Case Study Using TrueTime Simulation Tool. 2017 Chinese Automation Congress (CAC). :6392–6396.

Recent years, the issue of cyber security has become ever more prevalent in the analysis and design of electrical cyber-physical systems (ECPSs). In this paper, we present the TrueTime Network Library for modeling the framework of ECPSs and focuses on the vulnerability analysis of ECPSs under DoS attacks. Model predictive control algorithm is used to control the ECPS under disturbance or attacks. The performance of decentralized and distributed control strategies are compared on the simulation platform. It has been proved that DoS attacks happen at dada collecting sensors or control instructions actuators will influence the system differently.

HamlAbadi, K. G., Saghiri, A. M., Vahdati, M., TakhtFooladi, M. Dehghan, Meybodi, M. R..  2017.  A Framework for Cognitive Recommender Systems in the Internet of Things (IoT). 2017 IEEE 4th International Conference on Knowledge-Based Engineering and Innovation (KBEI). :0971–0976.

Internet of Things (IoT) will be emerged over many of devices that are dynamically networked. Because of distributed and dynamic nature of IoT, designing a recommender system for them is a challenging problem. Recently, cognitive systems are used to design modern frameworks in different types of computer applications such as cognitive radio networks and cognitive peer-to-peer networks. A cognitive system can learn to improve its performance while operating under its unknown environment. In this paper, we propose a framework for cognitive recommender systems in IoT. To the best of our knowledge, there is no recommender system based on cognitive systems in the IoT. The proposed algorithm is compared with the existing recommender systems.

2018-05-16
Salman, A., Diehl, W., Kaps, J. P..  2017.  A light-weight hardware/software co-design for pairing-based cryptography with low power and energy consumption. 2017 International Conference on Field Programmable Technology (ICFPT). :235–238.

Embedded electronic devices and sensors such as smartphones, smart watches, medical implants, and Wireless Sensor Nodes (WSN) are making the “Internet of Things” (IoT) a reality. Such devices often require cryptographic services such as authentication, integrity and non-repudiation, which are provided by Public-Key Cryptography (PKC). As these devices are severely resource-constrained, choosing a suitable cryptographic system is challenging. Pairing Based Cryptography (PBC) is among the best candidates to implement PKC in lightweight devices. In this research, we present a fast and energy efficient implementation of PBC based on Barreto-Naehrig (BN) curves and optimal Ate pairing using hardware/software co-design. Our solution consists of a hardware-based Montgomery multiplier, and pairing software running on an ARM Cortex A9 processor in a Zynq-7020 System-on-Chip (SoC). The multiplier is protected against simple power analysis (SPA) and differential power analysis (DPA), and can be instantiated with a variable number of processing elements (PE). Our solution improves performance (in terms of latency) over an open-source software PBC implementation by factors of 2.34 and 2.02, for 256- and 160-bit field sizes, respectively, as measured in the Zynq-7020 SoC.