Visible to the public Biblio

Found 274 results

Filters: First Letter Of Title is L  [Clear All Filters]
A B C D E F G H I J K [L] M N O P Q R S T U V W X Y Z   [Show ALL]
Lee, Y., Choi, S. S., Choi, J., Song, J..  2017.  A Lightweight Malware Classification Method Based on Detection Results of Anti-Virus Software. 2017 12th Asia Joint Conference on Information Security (AsiaJCIS). :5–9.

With the development of cyber threats on the Internet, the number of malware, especially unknown malware, is also dramatically increasing. Since all of malware cannot be analyzed by analysts, it is very important to find out new malware that should be analyzed by them. In order to cope with this issue, the existing approaches focused on malware classification using static or dynamic analysis results of malware. However, the static and the dynamic analyses themselves are also too costly and not easy to build the isolated, secure and Internet-like analysis environments such as sandbox. In this paper, we propose a lightweight malware classification method based on detection results of anti-virus software. Since the proposed method can reduce the volume of malware that should be analyzed by analysts, it can be used as a preprocess for in-depth analysis of malware. The experimental showed that the proposed method succeeded in classification of 1,000 malware samples into 187 unique groups. This means that 81% of the original malware samples do not need to analyze by analysts.

Naeem, H., Guo, B., Naeem, M. R..  2018.  A light-weight malware static visual analysis for IoT infrastructure. 2018 International Conference on Artificial Intelligence and Big Data (ICAIBD). :240–244.

Recently a huge trend on the internet of things (IoT) and an exponential increase in automated tools are helping malware producers to target IoT devices. The traditional security solutions against malware are infeasible due to low computing power for large-scale data in IoT environment. The number of malware and their variants are increasing due to continuous malware attacks. Consequently, the performance improvement in malware analysis is critical requirement to stop rapid expansion of malicious attacks in IoT environment. To solve this problem, the paper proposed a novel framework for classifying malware in IoT environment. To achieve flne-grained malware classification in suggested framework, the malware image classification system (MICS) is designed for representing malware image globally and locally. MICS first converts the suspicious program into the gray-scale image and then captures hybrid local and global malware features to perform malware family classification. Preliminary experimental outcomes of MICS are quite promising with 97.4% classification accuracy on 9342 windows suspicious programs of 25 families. The experimental results indicate that proposed framework is quite capable to process large-scale IoT malware.

Pappu, Aasish, Blanco, Roi, Mehdad, Yashar, Stent, Amanda, Thadani, Kapil.  2017.  Lightweight Multilingual Entity Extraction and Linking. Proceedings of the Tenth ACM International Conference on Web Search and Data Mining. :365–374.

Text analytics systems often rely heavily on detecting and linking entity mentions in documents to knowledge bases for downstream applications such as sentiment analysis, question answering and recommender systems. A major challenge for this task is to be able to accurately detect entities in new languages with limited labeled resources. In this paper we present an accurate and lightweight, multilingual named entity recognition (NER) and linking (NEL) system. The contributions of this paper are three-fold: 1) Lightweight named entity recognition with competitive accuracy; 2) Candidate entity retrieval that uses search click-log data and entity embeddings to achieve high precision with a low memory footprint; and 3) efficient entity disambiguation. Our system achieves state-of-the-art performance on TAC KBP 2013 multilingual data and on English AIDA CONLL data.

Win, E. K., Yoshihisa, T., Ishi, Y., Kawakami, T., Teranishi, Y., Shimojo, S..  2017.  A Lightweight Multi-receiver Encryption Scheme with Mutual Authentication. 2017 IEEE 41st Annual Computer Software and Applications Conference (COMPSAC). 2:491–497.

In this paper, we propose a lightweight multi-receiver encryption scheme for the device to device communications on Internet of Things (IoT) applications. In order for the individual user to control the disclosure range of his/her own data directly and to prevent sensitive personal data disclosure to the trusted third party, the proposed scheme uses device-generated public keys. For mutual authentication, third party generates Schnorr-like lightweight identity-based partial private keys for users. The proposed scheme provides source authentication, message integrity, replay-attack prevention and implicit user authentication. In addition to more security properties, computation expensive pairing operations are eliminated to achieve less time usage for both sender and receiver, which is favourable property for IoT applications. In this paper, we showed a proof of security of our scheme, computational cost comparison and experimental performance evaluations. We implemented our proposed scheme on real embedded Android devices and confirmed that it achieves less time cost for both encryption and decryption comparing with the existing most efficient certificate-based multi-receiver encryption scheme and certificateless multi-receiver encryption scheme.

Kim, H., Yun, S., Lee, J., Yi, O..  2018.  Lightweight Mutual Authentication and Key Agreement in IoT Networks and Wireless Sensor Networks Proposal of Authentication and Key Agreement in IoT Network and Sensor Network Using Poor Wireless Communication of Less Than 1 Kbps. 2018 International Conference on Platform Technology and Service (PlatCon). :1–6.

Recently, as the age of the Internet of Things is approaching, there are more and more devices that communicate data with each other by incorporating sensors and communication functions in various objects. If the IoT is miniaturized, it can be regarded as a sensor having only the sensing ability and the low performance communication ability. Low-performance sensors are difficult to use high-quality communication, and wireless security used in expensive wireless communication devices cannot be applied. Therefore, this paper proposes authentication and key Agreement that can be applied in sensor networks using communication with speed less than 1 Kbps and has limited performances.

Ben Ameur, S., Zarai, F., Smaoui, S., Obaidat, M.S., Hsiao, K.F..  2014.  A lightweight mutual authentication mechanism for improving fast PMIPV6-based network mobility scheme. Network Infrastructure and Digital Content (IC-NIDC), 2014 4th IEEE International Conference on. :61-68.

In the last decade, the request for Internet access in heterogeneous environments keeps on growing, principally in mobile platforms such as buses, airplanes and trains. Consequently, several extensions and schemes have been introduced to achieve seamless handoff of mobile networks from one subnet to another. Even with these enhancements, the problem of maintaining the security concerns and availability has not been resolved yet, especially, the absence of authentication mechanism between network entities in order to avoid vulnerability from attacks. To eliminate the threats on the interface between the mobile access gateway (MAG) and the mobile router (MR) in improving fast PMIPv6-based network mobility (IFP-NEMO) protocol, we propose a lightweight mutual authentication mechanism in improving fast PMIPv6-based network mobility scheme (LMAIFPNEMO). This scheme uses authentication, authorization and accounting (AAA) servers to enhance the security of the protocol IFP-NEMO which allows the integration of improved fast proxy mobile IPv6 (PMIPv6) in network mobility (NEMO). We use only symmetric cryptographic, generated nonces and hash operation primitives to ensure a secure authentication procedure. Then, we analyze the security aspect of the proposed scheme and evaluate it using the automated validation of internet security protocols and applications (AVISPA) software which has proved that authentication goals are achieved.

Pudukotai Dinakarrao, Sai Manoj, Sayadi, Hossein, Makrani, Hosein Mohammadi, Nowzari, Cameron, Rafatirad, Setareh, Homayoun, Houman.  2019.  Lightweight Node-level Malware Detection and Network-level Malware Confinement in IoT Networks. 2019 Design, Automation Test in Europe Conference Exhibition (DATE). :776–781.
The sheer size of IoT networks being deployed today presents an "attack surface" and poses significant security risks at a scale never before encountered. In other words, a single device/node in a network that becomes infected with malware has the potential to spread malware across the network, eventually ceasing the network functionality. Simply detecting and quarantining the malware in IoT networks does not guarantee to prevent malware propagation. On the other hand, use of traditional control theory for malware confinement is not effective, as most of the existing works do not consider real-time malware control strategies that can be implemented using uncertain infection information of the nodes in the network or have the containment problem decoupled from network performance. In this work, we propose a two-pronged approach, where a runtime malware detector (HaRM) that employs Hardware Performance Counter (HPC) values to detect the malware and benign applications is devised. This information is fed during runtime to a stochastic model predictive controller to confine the malware propagation without hampering the network performance. With the proposed solution, a runtime malware detection accuracy of 92.21% with a runtime of 10ns is achieved, which is an order of magnitude faster than existing malware detection solutions. Synthesizing this output with the model predictive containment strategy lead to achieving an average network throughput of nearly 200% of that of IoT networks without any embedded defense.
Mispan, M. S., Halak, B., Zwolinski, M..  2017.  Lightweight Obfuscation Techniques for Modeling Attacks Resistant PUFs. 2017 IEEE 2nd International Verification and Security Workshop (IVSW). :19–24.

Building lightweight security for low-cost pervasive devices is a major challenge considering the design requirements of a small footprint and low power consumption. Physical Unclonable Functions (PUFs) have emerged as a promising technology to provide a low-cost authentication for such devices. By exploiting intrinsic manufacturing process variations, PUFs are able to generate unique and apparently random chip identifiers. Strong-PUFs represent a variant of PUFs that have been suggested for lightweight authentication applications. Unfortunately, many of the Strong-PUFs have been shown to be susceptible to modelling attacks (i.e., using machine learning techniques) in which an adversary has access to challenge and response pairs. In this study, we propose an obfuscation technique during post-processing of Strong-PUF responses to increase the resilience against machine learning attacks. We conduct machine learning experiments using Support Vector Machines and Artificial Neural Networks on two Strong-PUFs: a 32-bit Arbiter-PUF and a 2-XOR 32-bit Arbiter-PUF. The predictability of the 32-bit Arbiter-PUF is reduced to $\approx$ 70% by using an obfuscation technique. Combining the obfuscation technique with 2-XOR 32-bit Arbiter-PUF helps to reduce the predictability to $\approx$ 64%. More reduction in predictability has been observed in an XOR Arbiter-PUF because this PUF architecture has a good uniformity. The area overhead with an obfuscation technique consumes only 788 and 1080 gate equivalents for the 32-bit Arbiter-PUF and 2-XOR 32-bit Arbiter-PUF, respectively.

Garcia, Joshua, Hammad, Mahmoud, Malek, Sam.  2018.  Lightweight, Obfuscation-Resilient Detection and Family Identification of Android Malware. Proceedings of the 40th International Conference on Software Engineering. :497–497.

The number of malicious Android apps has been and continues to increase rapidly. These malware can damage or alter other files or settings, install additional applications, obfuscate their behaviors, propagate quickly, and so on. To identify and handle such malware, a security analyst can significantly benefit from identifying the family to which a malicious app belongs rather than only detecting if an app is malicious. To address these challenges, we present a novel machine learning-based Android malware detection and family-identification approach, RevealDroid, that operates without the need to perform complex program analyses or extract large sets of features. RevealDroid's selected features leverage categorized Android API usage, reflection-based features, and features from native binaries of apps. We assess RevealDroid for accuracy, efficiency, and obfuscation resilience using a large dataset consisting of more than 54,000 malicious and benign apps. Our experiments show that RevealDroid achieves an accuracy of 98% in detection of malware and an accuracy of 95% in determination of their families. We further demonstrate RevealDroid's superiority against state-of-the-art approaches. [URL of original paper:]

Ren, Zhengwei, Zha, Xianye, Zhang, Kai, Liu, Jing, Zhao, Heng.  2019.  Lightweight Protection of User Identity Privacy Based on Zero-knowledge Proof. 2019 IEEE International Conference on Systems, Man and Cybernetics (SMC). :2549–2554.
A number of solutions have been proposed to tackle the user privacy-preserving issue. Most of existing schemes, however, focus on methodology and techniques from the perspective of data processing. In this paper, we propose a lightweight privacy-preserving scheme for user identity from the perspective of data user and applied cryptography. The basic idea is to break the association relationships between User identity and his behaviors and ensure that User can access data or services as usual while the real identity will not be revealed. To this end, an interactive zero-knowledge proof protocol of identity is executed between CSP and User. Besides, a trusted third-party is introduced to manage user information, help CSP to validate User identity and establish secure channel between CSP and User via random shared key. After passing identity validation, User can log into cloud platform as usual without changing existing business process using random temporary account and password generated by CSP and sent to User by the secure channel which can further obscure the association relationships between identity and behaviors. Formal security analysis and theoretic and experimental evaluations are conducted, showing that the proposal is efficient and practical.
Dai, D., Chen, Y., Carns, P., Jenkins, J., Ross, R..  2017.  Lightweight Provenance Service for High-Performance Computing. 2017 26th International Conference on Parallel Architectures and Compilation Techniques (PACT). :117–129.

Provenance describes detailed information about the history of a piece of data, containing the relationships among elements such as users, processes, jobs, and workflows that contribute to the existence of data. Provenance is key to supporting many data management functionalities that are increasingly important in operations such as identifying data sources, parameters, or assumptions behind a given result; auditing data usage; or understanding details about how inputs are transformed into outputs. Despite its importance, however, provenance support is largely underdeveloped in highly parallel architectures and systems. One major challenge is the demanding requirements of providing provenance service in situ. The need to remain lightweight and to be always on often conflicts with the need to be transparent and offer an accurate catalog of details regarding the applications and systems. To tackle this challenge, we introduce a lightweight provenance service, called LPS, for high-performance computing (HPC) systems. LPS leverages a kernel instrument mechanism to achieve transparency and introduces representative execution and flexible granularity to capture comprehensive provenance with controllable overhead. Extensive evaluations and use cases have confirmed its efficiency and usability. We believe that LPS can be integrated into current and future HPC systems to support a variety of data management needs.

Heigl, Michael, Schramm, Martin, Fiala, Dalibor.  2019.  A Lightweight Quantum-Safe Security Concept for Wireless Sensor Network Communication. 2019 IEEE International Conference on Pervasive Computing and Communications Workshops (PerCom Workshops). :906–911.

The ubiquitous internetworking of devices in all areas of life is boosted by various trends for instance the Internet of Things. Promising technologies that can be used for such future environments come from Wireless Sensor Networks. It ensures connectivity between distributed, tiny and simple sensor nodes as well as sensor nodes and base stations in order to monitor physical or environmental conditions such as vibrations, temperature or motion. Security plays an increasingly important role in the coming decades in which attacking strategies are becoming more and more sophisticated. Contemporary cryptographic mechanisms face a great threat from quantum computers in the near future and together with Intrusion Detection Systems are hardly applicable on sensors due to strict resource constraints. Thus, in this work a future-proof lightweight and resource-aware security concept for sensor networks with a processing stage permeated filtering mechanism is proposed. A special focus in the concepts evaluation lies on the novel Magic Number filter to mitigate a special kind of Denial-of-Service attack performed on CC1350 LaunchPad ARM Cortex-M3 microcontroller boards.

Shi, Z., Chen, J., Chen, S., Ren, S..  2017.  A lightweight RFID authentication protocol with confidentiality and anonymity. 2017 IEEE 2nd Advanced Information Technology, Electronic and Automation Control Conference (IAEAC). :1631–1634.

Radio Frequency IDentification(RFID) is one of the most important sensing techniques for Internet of Things(IoT) and RFID systems have been applied to various different fields. But an RFID system usually uses open wireless radio wave to communicate and this will lead to a serious threat to its privacy and security. The current popular RFID tags are some low-cost passive tags. Their computation and storage resources are very limited. It is not feasible for them to complete some complicated cryptographic operations. So it is very difficult to protect the security and privacy of an RFID system. Lightweight authentication protocol is considered as an effective approach. Many typical authentication protocols usually use Hash functions so that they require more computation and storage resources. Based on CRC function, we propose a lightweight RFID authentication protocol, which needs less computation and storage resources than Hash functions. This protocol exploits an on-chip CRC function and a pseudorandom number generator to ensure the anonymity and freshness of communications between reader and tag. It provides forward security and confidential communication. It can prevent eavesdropping, location trace, replay attack, spoofing and DOS-attack effectively. It is very suitable to be applied to RFID systems.

Burmester, Mike, Munilla, Jorge.  2011.  Lightweight RFID Authentication with Forward and Backward Security. ACM Trans. Inf. Syst. Secur.. 14:11:1–11:26.

We propose a lightweight RFID authentication protocol that supports forward and backward security. The only cryptographic mechanism that this protocol uses is a pseudorandom number generator (PRNG) that is shared with the backend Server. Authentication is achieved by exchanging a few numbers (3 or 5) drawn from the PRNG. The lookup time is constant, and the protocol can be easily adapted to prevent online man-in-the-middle relay attacks. Security is proven in the UC security framework.

Yang, Xiaodong, Chen, Guilan, Wang, Meiding, Pei, Xizhen.  2019.  Lightweight Searchable Encryption Scheme Based on Certificateless Cryptosystem. 2019 4th International Conference on Mechanical, Control and Computer Engineering (ICMCCE). :669–6693.
Searchable encryption technology can guarantee the confidentiality of cloud data and the searchability of ciphertext data, which has a very broad application prospect in cloud storage environments. However, most existing searchable encryption schemes have problems, such as excessive computational overhead and low security. In order to solve these problems, a lightweight searchable encryption scheme based on certificateless cryptosystem is proposed. The user's final private key consists of partial private key and secret value, which effectively solves the certificate management problem of the traditional cryptosystem and the key escrow problem of identity-based cryptosystem. At the same time, the introduction of third-party manager has significantly reduced the burden in the cloud server and achieved lightweight multi-user ciphertext retrieval. In addition, the data owner stores the file index in the third-party manager, while the file ciphertext is stored in the cloud server. This ensures that the file index is not known by the cloud server. The analysis results show that the scheme satisfies trapdoor indistinguishability and can resist keyword guessing attacks. Compared with similar certificateless encryption schemes, it has higher computational performance in key generation, keyword encryption, trapdoor generation and keyword search.
Gritti, Clémentine, Molva, Refik, Önen, Melek.  2018.  Lightweight Secure Bootstrap and Message Attestation in the Internet of Things. Proceedings of the 33rd Annual ACM Symposium on Applied Computing. :775-782.

Internet of Things (IoT) offers new opportunities for business, technology and science but it also raises new challenges in terms of security and privacy, mainly because of the inherent characteristics of this environment: IoT devices come from a variety of manufacturers and operators and these devices suffer from constrained resources in terms of computation, communication and storage. In this paper, we address the problem of trust establishment for IoT and propose a security solution that consists of a secure bootstrap mechanism for device identification as well as a message attestation mechanism for aggregate response validation. To achieve both security requirements, we approach the problem in a confined environment, named SubNets of Things (SNoT), where various devices depend on it. In this context, devices are uniquely and securely identified thanks to their environment and their role within it. Additionally, the underlying message authentication technique features signature aggregation and hence, generates one compact response on behalf of all devices in the subnet.

Ye, M., Hu, N., Wei, S..  2016.  Lightweight secure sensing using hardware isolation. 2016 IEEE SENSORS. :1–3.
This paper develops a new lightweight secure sensing technique using hardware isolation. We focus on protecting the sensor from unauthorized accesses, which can be issued by attackers attempting to compromise the security and privacy of the sensed data. We satisfy the security requirements by employing the hardware isolation feature provided by the secure processor of the target sensor system. In particular, we deploy the sensor in a hardware isolated secure environment, which eliminates the potential vulnerability exposed to unauthorized attackers. We implement the hardware isolation-based secure sensing approach on an Xilinx Zynq-7000 SoC leveraging ARM TrustZone. Our experiments and security analysis on the real hardware prove the effectiveness and low overhead of the proposed approach.
Sharma, V., Vithalkar, A., Hashmi, M..  2018.  Lightweight Security Protocol for Chipless RFID in Internet of Things (IoT) Applications. 2018 10th International Conference on Communication Systems Networks (COMSNETS). :468–471.

The RFID based communication between objects within the framework of IoT is potentially very efficient in terms of power requirements and system complexity. The new design incorporating the emerging chipless RFID tags has the potential to make the system more efficient and simple. However, these systems are prone to privacy and security risks and these challenges associated with such systems have not been addressed appropriately in the broader IoT framework. In this context, a lightweight collision free algorithm based on n-bit pseudo random number generator, X-OR hash function, and rotations for chipless RFID system is presented. The algorithm has been implemented on an 8-bit open-loop resonator based chipless RFID tag based system and is validated using BASYS 2 FPGA board based platform. The proposed scheme has been shown to possess security against various attacks such as Denial of Service (DoS), tag/reader anonymity, and tag impersonation.

Yongdong, C., Wei, W., Yanling, Z., Jinshuai, W..  2018.  Lightweight Security Signaling Mechanism in Optical Network for Smart Power Grid. 2018 IEEE International Conference on Computer and Communication Engineering Technology (CCET). :110–113.

The communication security issue brought by Smart Grid is of great importance and should not be ignored in backbone optical networks. With the aim to solve this problem, this paper firstly conducts deep analysis into the security challenge of optical network under smart power grid environment and proposes a so-called lightweight security signaling mechanism of multi-domain optical network for Energy Internet. The proposed scheme makes full advantage of current signaling protocol with some necessary extensions and security improvement. Thus, this lightweight security signaling protocol is designed to make sure the end-to-end trusted connection. Under the multi-domain communication services of smart power grid, evaluation simulation for the signaling interaction is conducted. Simulation results show that this proposed approach can greatly improve the security level of large-scale multi-domain optical network for smart power grid with better performance in term of connection success rate performance.

Noura, Hassan, Couturier, Raphael, Pham, Congduc, Chehab, Ali.  2019.  Lightweight Stream Cipher Scheme for Resource-Constrained IoT Devices. 2019 International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob). :1–8.

The Internet of Things (IoT) systems are vulnerable to many security threats that may have drastic impacts. Existing cryptographic solutions do not cater for the limitations of resource-constrained IoT devices, nor for real-time requirements of some IoT applications. Therefore, it is essential to design new efficient cipher schemes with low overhead in terms of delay and resource requirements. In this paper, we propose a lightweight stream cipher scheme, which is based, on one hand, on the dynamic key-dependent approach to achieve a high security level, and on the other hand, the scheme involves few simple operations to minimize the overhead. In our approach, cryptographic primitives change in a dynamic lightweight manner for each input block. Security and performance study as well as experimentation are performed to validate that the proposed cipher achieves a high level of efficiency and robustness, making it suitable for resource-constrained IoT devices.

Huang, Y., Wang, W., Wang, Y., Jiang, T., Zhang, Q..  2020.  Lightweight Sybil-Resilient Multi-Robot Networks by Multipath Manipulation. IEEE INFOCOM 2020 - IEEE Conference on Computer Communications. :2185–2193.

Wireless networking opens up many opportunities to facilitate miniaturized robots in collaborative tasks, while the openness of wireless medium exposes robots to the threats of Sybil attackers, who can break the fundamental trust assumption in robotic collaboration by forging a large number of fictitious robots. Recent advances advocate the adoption of bulky multi-antenna systems to passively obtain fine-grained physical layer signatures, rendering them unaffordable to miniaturized robots. To overcome this conundrum, this paper presents ScatterID, a lightweight system that attaches featherlight and batteryless backscatter tags to single-antenna robots to defend against Sybil attacks. Instead of passively "observing" signatures, ScatterID actively "manipulates" multipath propagation by using backscatter tags to intentionally create rich multipath features obtainable to a single-antenna robot. These features are used to construct a distinct profile to detect the real signal source, even when the attacker is mobile and power-scaling. We implement ScatterID on the iRobot Create platform and evaluate it in typical indoor and outdoor environments. The experimental results show that our system achieves a high AUROC of 0.988 and an overall accuracy of 96.4% for identity verification.

Khan, M., Rehman, O., Rahman, I. M. H., Ali, S..  2020.  Lightweight Testbed for Cybersecurity Experiments in SCADA-based Systems. 2020 International Conference on Computing and Information Technology (ICCIT-1441). :1—5.

A rapid rise in cyber-attacks on Cyber Physical Systems (CPS) has been observed in the last decade. It becomes even more concerning that several of these attacks were on critical infrastructures that indeed succeeded and resulted into significant physical and financial damages. Experimental testbeds capable of providing flexible, scalable and interoperable platform for executing various cybersecurity experiments is highly in need by all stakeholders. A container-based SCADA testbed is presented in this work as a potential platform for executing cybersecurity experiments. Through this testbed, a network traffic containing ARP spoofing is generated that represents a Man in the middle (MITM) attack. While doing so, scanning of different systems within the network is performed which represents a reconnaissance attack. The network traffic generated by both ARP spoofing and network scanning are captured and further used for preparing a dataset. The dataset is utilized for training a network classification model through a machine learning algorithm. Performance of the trained model is evaluated through a series of tests where promising results are obtained.

Zhai, Zhongyi, Qian, Junyan, Tao, Yuan, Zhao, Lingzhong, Cheng, Bo.  2018.  A Lightweight Timestamp-Based MAC Detection Scheme for XOR Network Coding in Wireless Sensor Networks. Proceedings of the 24th Annual International Conference on Mobile Computing and Networking. :735-737.

Network coding has become a promising approach to improve the communication capability for WSN, which is vulnerable to malicious attacks. There are some solutions, including cryptographic and information-theory schemes, just can thwart data pollution attacks but are not able to detect replay attacks. In the paper, we present a lightweight timestamp-based message authentication code method, called as TMAC. Based on TMAC and the time synchronization technique, the proposed detection scheme can not only resist pollution attacks but also defend replay attacks simultaneously. Finally

Thulasiraman, Preetha, Wang, Yizhong.  2019.  A Lightweight Trust-Based Security Architecture for RPL in Mobile IoT Networks. 2019 16th IEEE Annual Consumer Communications Networking Conference (CCNC). :1–6.

Military communities have come to rely heavily on commercial off the shelf (COTS) standards and technologies for Internet of Things (IoT) operations. One of the major obstacles to military use of COTS IoT devices is the security of data transfer. In this paper, we successfully design and develop a lightweight, trust-based security architecture to support routing in a mobile IoT network. Specifically, we modify the RPL IoT routing algorithm using common security techniques, including a nonce identity value, timestamp, and network whitelist. Our approach allows RPL to select a routing path over a mobile IoT wireless network based on a computed node trust value and average received signal strength indicator (ARSSI) value across network members. We conducted simulations using the Cooja network simulator and Wireshark to validate the algorithm against stipulated threat models. We demonstrate that our algorithm can protect the network against Denial of Service (DoS) and Sybil based identity attacks. We also show that the control overhead required for our algorithm is less than 5% and that the packet delivery rate improves by nearly 10%.

Wu, Shanglun, Yuan, Yujie, Kar, Pushpendu.  2020.  Lightweight Verification and Fine-grained Access Control in Named Data Networking Based on Schnorr Signature and Hash Functions. 2020 IEEE 20th International Conference on Communication Technology (ICCT). :1561–1566.
Named Data Networking (NDN) is a new kind of architecture for future Internet, which is exactly satisfied with the rapidly increasing mobile requirement and information-depended applications that dominate today's Internet. However, the current verification-data accessed system is not safe enough to prevent data leakage because no strongly method to resist any device or user to access it. We bring up a lightweight verification based on hash functions and a fine-grained access control based on Schnorr Signature to address the issue seamlessly. The proposed scheme is scalable and protect data confidentiality in a NDN network.