• IEIE Transactions on Smart Processing and Computing
• /
• v.1 no.1
• /
• pp.65-71
• /
• 2012

Mobile RFID is a new application that uses a mobile phone as an RFID reader with wireless technology and provides a new valuable service to users by integrating RFID and ubiquitous sensor network infrastructures with mobile communication and wireless Internet. Whereas the mobile RFID system has many advantages, privacy violation problems on the reader side are very concerning to individuals and researchers. Unlike in regular RFID environments, where the communication channel between the server and reader is assumed to be secure, the communication channel between the backend server and the RFID reader in the mobile RFID system is not assumed to be safe. Therefore it has become necessary to devise a new communication protocol that secures the privacy of mobile RFID-enabled devices. Recently, Lo et al. proposed a mutual key agreement protocol that secures the authenticity and privacy of engaged mobile RFID readers by constructing a secure session key between the reader and server. However, this paper shows that this protocol does not meet all of the necessary security requirements. Therefore we developed an enhanced mutual key agreement protocol for mobile RFID-enabled devices that alleviates these concerns. We further show that our protocol can enhance data security and provide privacy protection for the reader in an unsecured mobile RFID environment, even in the presence of an active adversary.

• ETRI Journal
• /
• v.37 no.6
• /
• pp.1108-1119
• /
• 2015

Multicast communication of mobile ad hoc networks is vulnerable to internal attacks due to its routing structure and high scalability of its participants. Though existing intrusion detection systems (IDSs) act smartly to defend against attack strategies, adversaries also accordingly update their attacking plans intelligently so as to intervene in successful defending schemes. In our work, we present a novel indirect internal stealthy attack on a tree-based multicast routing protocol. Such an indirect stealthy attack intelligently makes neighbor nodes drop their routing-layer unicast control packets instead of processing or forwarding them. The adversary targets the collision avoidance mechanism of the Medium Access Control (MAC) protocol to indirectly affect the routing layer process. Simulation results show the success of this attacking strategy over the existing "stealthy attack in wireless ad hoc networks: detection and countermeasure (SADEC)" detection system. We design a cross-layer automata-based stealthy attack on multicast routing protocols (SAMRP) attacker detection system to identify and isolate the proposed attacker. NS-2 simulation and analytical results show the efficient performance, against an indirect internal stealthy attack, of SAMRP over the existing SADEC and BLM attacker detection systems.

• International conference on construction engineering and project management
• /
• 2013.01a
• /
• pp.517-520
• /
• 2013

In construction operation, the temporary structure is used to support designed facilities or to provide work spaces for construction activities. Since the structure is used only during the construction operation, the operation may be given insufficient attention. The contractor is likely to try to save cost on the material and labor cost. This contractor's behavior frequently leads to construction accidents. In order to prevent accidents from the failure, the operation should be carefully monitored for identifying the effect of dynamics in the surrounding site area. Otherwise, any unexpected adversary effect could result in a very costly construction failure. This study presents the feasibility of the ubiquitous sensor network (USN) technology in collecting construction data during the construction operation of earth retaining walls. The study is based on the result at the Construction System Integration Laboratory (CSIL) at the Pusan National University. A USN-based system has been developed for monitoring the behavior of the temporary structure of earth retaining walls. The data collected from the sensors were used to understand the behavior of the temporary structure. The result of this study will be used in increasing the safety during the construction operation of retaining walls.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.2
• /
• pp.73-90
• /
• 2010

Recently, Tan et al. introduced a serverless search protocol in which a mobile reader maintains a tag authentication list and authenticates a tag using the list without connecting authentication server. A serverless RFID system is different from general RFID systems which use on-line server models. In the serverless RFID system, since the mobility of a personalized reader must be considered, we have to protect not only the privacy of a tag but also the privacy of a mobile reader. In this paper, we define new security requirements for serverless RFID search system and propose a secure serverless RFID search system. In our system, since tag authentication information maintained by a reader is updated in every session, we can provide the backward untraceability of a mobile reader. Also we use an encrypted timestamp to block a replay attack which is major weakness of search protocols. In addition, we define a new adversary model to analyze a serverless RFID search system and prove the security of our proposed system using the model.

• Journal of the Korea Society for Simulation
• /
• v.16 no.4
• /
• pp.57-65
• /
• 2007

In many sensor network applications, sensor nodes are deployed in open environments, and hence are vulnerable to physical attacks, potentially compromising the node's cryptographic keys. False sensing report can be injected through compromised nodes, which can lead to not only false alarms but also the depletion of limited energy resource in battery powered networks. Fan Ye et al. proposed that statistical en-route filtering scheme(SEF) can do verify the false report during the forwarding process. In this scheme, the choice of a partition value represents a trade off between resilience and energy where the partition value is the total number of partitions which global key pool is divided. If every partition are compromised by an adversary, SEF disables the filtering capability. Also, when an adversary has compromised a very small portion of keys in every partition, the remaining uncompromised keys which take a large portion of the total cannot be used to filter false reports. We propose a fuzzy-based adaptive partitioning method in which a global key pool is adaptively divided into multiple partitions by a fuzzy rule-based system. The fuzzy logic determines a partition value by considering the number of compromised partitions, the energy and density of all nodes. The fuzzy based partition value can conserve energy, while it provides sufficient resilience.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.35 no.9B
• /
• pp.1350-1359
• /
• 2010

Recently many researchers have been proved that general RFID system for proximity authentication is vulnerable to various location-based relay attacks such as distance fraud, mafia fraud and terrorist fraud attacks. The distance-bounding protocol is used to prevent the relay attacks by measuring the round trip time of single challenge-response bit. In 2008, Munilla and Peinado proposed an improved distance-bounding protocol applying void-challenge technique based on Hancke-Kuhn's protocol. Compare with Hancke-Kuhn's protocol, Munilla and Peinado's protocol is more secure because the success probability of an adversary has (5/8)n. However, Munilla and Peinado's protocol is inefficient for low-cost passive RFID tags because it requires large storage space and many hash function computations. Thus, this paper proposes a new RFID distance-bounding protocol for low-cost passive RFID tags that can be reduced the storage space and hash function computations. As a result, the proposed distance-bounding protocol not only can provide both storage space efficiency and computational efficiency, but also can provide strong security against the relay attacks because the adversary's success probability can be reduced by $(5/8)^n$.

• The KIPS Transactions:PartC
• /
• v.9C no.4
• /
• pp.573-580
• /
• 2002

Within the security architecture of the 3GPP system there is a standardised integrity algorithm f9. The integrity algorithm f9 computes a MAC to authenticate the data integrity and data origin of signalling data over a radio access link of W-CDMA IMT-2000. f9 is a variant of the standard CBC MAC based on the block cipher KASUMI. In this paper we provide the provable security of f9 We prove that f9 is secure by giving concrete bound on an adversary's inability to forge in terms of her inability to distinguish the underlying block cipher from a pseudorandom permutation.

• International Journal of Computer Science & Network Security
• /
• v.21 no.11
• /
• pp.354-362
• /
• 2021

The device to device (D2D) communication is an important and emerging area for future cellular networks. It is concerned about all aspect of secure data transmission between end devices along with originality of the data. In this paradigm, the major concerns are about how keys are delivered between the devices when the devices require the cryptographic keys. Another major concern is how effectively the receiver device verifies the data sent by the sender device which means that the receiver checks the originality of the data. In order to fulfill these requirements, the proposed system able to derive a cryptographic key using a single secret key and these derived keys are securely transmitted to the intended receiver with procedure called mutual authentication. Initially, derived keys are computed by applying robust procedure so that any adversary feel difficulties for cracking the keys. The experimental results shows that both sender and receiver can identify themselves and receiver device will decrypt the data only after verifying the originality of the data. Only the devices which are mutually authenticated each other can interchange the data so that entry of the intruder node at any stage is not possible.

• International Journal of Computer Science & Network Security
• /
• v.21 no.11
• /
• pp.105-110
• /
• 2021

Contact between Vehicle-to-vehicle and vehicle-to-infrastructural is becoming increasingly popular in recent years due to their crucial role in the field of intelligent transportation. Vehicular Ad-hoc networks (VANETs) security and privacy are of the highest value since a transparent wireless communication tool allows an intruder to intercept, tamper, reply and erase messages in plain text. The security of a VANET based intelligent transport system may therefore be compromised. There is a strong likelihood. Securing and maintaining message exchange in VANETs is currently the focal point of several security testing teams, as it is reflected in the number of authentication schemes. However, these systems have not fulfilled all aspects of security and privacy criteria. This study is an attempt to provide a detailed history of VANETs and their components; different kinds of attacks and all protection and privacy criteria for VANETs. This paper contributed to the existing literature by systematically analyzes and compares existing authentication and confidentiality systems based on all security needs, the cost of information and communication as well as the level of resistance to different types of attacks. This paper may be used as a guide and reference for any new VANET protection and privacy technologies in the design and development.

• International Journal of Computer Science & Network Security
• /
• v.23 no.2
• /
• pp.101-110
• /
• 2023

Vehicular Ad Hoc Network (VANET) is considered to be a subclass of Mobile Ad Hoc Networks (MANET). It has some challenges and issues of privacy which require to be solved before practical implementation of the system i.e., location preservation privacy. Many schemes have been proposed. The most prominent is pseudonym change based location preservation scheme. Safety message can be compromised when it sends via a wireless medium, consequently, an adversary can eavesdrop the communication to analyze and track targeted vehicle. The issue can be counter by use of pseudo identity instead of real and their change while communication proves to be a sufficient solution for such problems. In this context, a large amount of literature on pseudonym change strategies has been proposed to solve such problems in VANET. In this paper, we have given details on strategies proposed last two decades on pseudonym change based location preservation along with issues that they focus to resolve and try to give full understanding to readers.