submit Opinions CrossRef Open Access Subscribe New Journal Ideal

Click on image to enlarge

Indexed in Scopus

Journal of Cyber Security and Mobility

Editors-in-Chief:
Ashutosh Dutta, Johns Hopkins University, USA
Ruby Lee, Princeton University, USA
Neeli R. Prasad, International Technological University, San Jose, USA
Wojciech Mazurczyk, Warsaw University of Technology, Poland


ISSN: 2245-1439 (Print Version),

ISSN: 2245-4578 (Online Version)
Vol: 1   Issue: Combined Issue 2 & 3

Published In:   July 2012

Publication Frequency: Quarterly


Search Available Volume and Issue for Journal of Cyber Security and Mobility


Journal Description        Editorial Foreword        Read Full Articles        Editorial Board        Subscription        Indexed       Opinions

SPDH - A Secure Plain Diffie-Hellman Algorithm


Henrik Tange and Birger Andersen

Center for Wireless Systems and Applications/CTIF-Copenhagen, Copenhagen University College of Engineering, Lautrupvang 15, 2750 Ballerup, Denmark

Abstract: [+]    |    Download File [ 306KB ]

Abstract: Secure communication in a wireless system or end-to-end communication requires setup of a shared secret. This shared secret can be obtained by the use of a public key cryptography system. The most widely used algorithm to obtain a shared secret is the Diffie–Hellman algorithm. However, this algorithm suffers from the Man-in-the-Middle problem; an attacker can perform an eavesdropping attack listen to the communication between participants A and B. Other algorithms as for instance ECMQV (Elliptic Curve Menezes Qo Vanstone) can handle this problem but is far more complex and slower because the algorithm is a three-pass algorithm whereas the Diffie–Hellman algorithm is a simple two-pass algorithm. Using standard cryptographic modules as AES and HMAC the purposed algorithm, Secure Plain Diffie–Hellman Algorithm, solves the Man-in-the-Middle problem and maintain its advantage from the plain Diffie–Hellman algorithm. Also the possibilities of replay attacks are solved by use of a timestamp.

Keywords: secure Diffie–Hellman algorithm, AES, HMAC, Man-in-the-Middle attacks, replay attacks

Impact of Constraints on the Complexity and Performance of Channel Assignment in Multi-Hop Wireless Networks


Chetan Nanjunda Mathur, M.A. Haleem, K.P. Subbalakshmi and R. Chandramouli

Department of Electrical and Computer Engineering, Stevens Institute of Technology, Hoboken, NJ 07030, USA

Abstract: [+]    |    Download File [ 578KB ]

Abstract: In this paper we systematically study several channel assignment problems in multi-hop ad-hoc wireless networks in the presence of several constraints. Both regular grids and random topology models are considered in the analysis. We identify three fairness constraints (unfair, fair, and 1-fair), Signal to Interference Ratio (SINR) constraint (to measure the link quality) and balance constraint (for uniform assignment) and study their impact on the complexity of the channel assignment problems. Note that these constraints have an impact on the network capacity, lifetime and connectivity.

Although optimal channel assignment for links in a multi-hop wireless network has been shown to be NP complete, the impact of fairness, link quality and balance constraints on the hardness of channel assignment problems is not well studied. In this paper, we show that a class of unfair SINR constrained channel assignment problems can be solved in polynomial time. We show that when fairness is desired the channel assignment problems are NP Complete. We propose two heuristic algorithms that provide 1-fair and fair channel assignments, comment on their complexity and compare their performance with optimal solutions.

Keywords: scheduling, set covering, graph coloring, wireless ad-hoc networks, NP

Authenticated Encryption for Low-Power Reconfigurable Wireless Devices


Samant Khajuria and Birger Andersen

Aalborg University, Denmark, and Copenhagen University College of Engineering, Lautrupvang 15, 2750 Ballerup, Denmark

Abstract: [+]    |    Download File [ 1428KB ]

Abstract: With the rapid growth of new wireless communication standards, a solution that is capable of providing a seamless shift between existing wireless protocols and high flexibility as well as capability is crucial. Technology based on reconfigurable devices offers this flexibility. In order to avail this enabling technology, these radios have to propose cryptographic services such as confidentiality, integrity and authentication. Therefore, integration of security services to these low-power devices is very challenging and crucial as they have limited resources and computational capabilities.

In this paper, we present a crypto solution for reconfigurable devices. The solution is a single pass Authenticated Encryption (AE) scheme that is designed for protecting both message confidentiality and its authenticity. This makes AE very attractive for low-cost low-power hardware implementation. For test and performance evaluation the design has been implemented in Xilinx Spartan-3 sxc3s700an FPGA. Additionally, this paper analyzes different hardware architectures and explores area/delay tradeoffs in the implementation.

Keywords: authenticated encryption, confidentiality, message authentication, FPGA, wireless devices

Activity Modelling and Comparative Evaluation of WSN MAC Security Attacks


Pranav M. Pawar1, Rasmus H. Nielsen2, Neeli R. Prasad2, Shingo Ohmori3 and Ramjee Prasad1

1Center for TeleInFrastruktur, Aalborg University, Aalborg, Denmark
2Center for TeleInFrastruktur, Princeton, USA
3Center for TeleInFrastruktur, Yokosuka, Japan

Abstract: [+]    |    Download File [ 1860KB ]

Abstract: Applications of wireless sensor networks (WSNs) are growing tremendously in the domains of habitat, tele-health, industry monitoring, vehicular networks, home automation and agriculture. This trend is a strong motivation for malicious users to increase their focus on WSNs and to develop and initiate security attacks that disturb the normal functioning of the network in a severe manner. Such attacks affect the performance of the network by increasing the energy consumption, by reducing throughput and by inducing long delays. Of all existing WSN attacks, medium access control (MAC) layer attacks are considered the most harmful as they directly affect the available resources and thus the nodes’ energy consumption.

The first endeavour of this paper is to model the activities of MAC layer security attacks to understand the flow of activities taking place when mounting the attack and when actually executing it. The second aim of the paper is to simulate these attacks on hybrid MAC mechanisms, which shows the performance degradation of a WSN under the considered attacks. The modelling and implementation of the security attacks give an actual view of the network which can be useful in further investigating secure mechanisms to reduce the degradation of the performance in WSNs due to an attack. Lastly, the paper proposes some solutions to reduce the effects of an attack.

Keywords: wireless sensor networks (WSNs), media access control (MAC), activity modelling, security attacks

Cooperative Wireless Communications and Physical Layer Security: State-of-the-Art


Vandana Milind Rohokale, Neeli Rashmi Prasad and Ramjee Prasad

Center for TeleInFrastruktur, Aalborg University, Aalborg, Denmark

Abstract: [+]    |    Download File [ 3115KB ]

Abstract: One morning, we were waiting for our college bus. The Wipro industry bus was slowly passing nearby us looking for its employees. At the last moment, when the driver increased speed, one person stepped down from the auto rickshaw and shouted “stop the bus, stop the bus”. Voluntarily, whoever was present started shouting “stop, stop the bus”. The sound finally reached the bus driver who stopped the bus, and the employee could catch it in time. This analog from everyday realistic life simply depicts the spirit of cooperative wireless communication which utilizes the information overheard by neighbouring nodes to offer reliable communication between sender and receiver. Future converged wireless networks are expected to provide high data rate services with extension in coverage area. Also, the next generation networks should possess bandwidth efficiency, less power consumption ability with small sized mobile equipment. Multiple-input multiple-output (MIMO) system is the best technique for the provision of communication diversity wherein multiple antennas are installed at the sender and receiver. In today’s miniaturizing electronics era, the hardware implementation of MIMO in the mobile equipment is not feasible due to resource constraints. Cooperative wireless communication (CWC) is the upcoming virtual MIMO technique to combat fading and achieve diversity through user cooperation. Physical layer security (PLS) is the imminent security guarantee for the cooperative communication.

Keywords: Multiple Input Multiple Output (MIMO), Cooperative Wireless Communication (CWC), Physical Layer Security (PLS)

Vulnerabilities and Countermeasures – A Survey on the Cyber Security Issues in the Transmission Subsystem of a Smart Grid


Yi Deng and Sandeep Shukla

Department of Electrical and Computer Engineering, Virginia Tech, Blacksburg, VA 24060, USA

Abstract: [+]    |    Download File [ 2198KB ]

Abstract: With the increased investment and deployment of embedded computing and communication technologies in the power system – the smart grid vision is shaping up into a reality. The future power grid is a large cyber physical system (CPS) which is vulnerable to cyber security threats. Among the three major subsystems of a power grid – generation, transmission and distribution – this survey focuses on the transmission subsystem because most of the cyberization of the grid has been happening in this subsystem. This is due to the need for distributed measurement, monitoring and control to retain the stability, security, and reliability of power transmission system. Given the geographically dispersed generation facilities, substations, control centers, data concentrators etc., efficient data communication is required, and therefore large scale networking – either proprietary or leased – is happening. The goal of this paper is not to be comprehensive to include all efforts of securing the transmission system from cyber borne threats, but to provide a survey of various vulnerabilities, and countermeasures proposed by various research efforts. One of the focus area in this survey is the Phasor Measurement Units (PMUs) and Wide Area Measurement System (WAMS) technology – mostly due to our familiarity with the issues for this specific technology deployment – rather than any attempt to indicate that this is the most vulnerable technology in the transmission subsystem. Our hope is that this survey will familiarize any uninitiated reader with the issues and provide incentive to undertake systematic research programs to thwart cyber attacks on our national power delivery infrastructure.

Keywords: smart grid cyber security, cyber attacks, synchrophasor technology, phasor measurement unit (PMU), wide area measurement system (WAMS), power system monitoring, power system protection, power system control

Understanding the Security, Privacy and Trust Challenges of Cloud Computing


Debabrata Nayak

Huawei, Bangalore

Abstract: [+]    |    Download File [ 383KB ]

Abstract: The overall objective of this paper is to understand the Security, Privacy and Trust Challenges and to advise on policy and other interventions which should be considered in order to ensure that Indian users of cloud environments are offered appropriate protections, and to underpin Indian cloud ecosystem. Cloud computing is increasingly subject to interest from policymakers and regulatory authorities. The Indian regulator needs to develop a pan-Indian ‘cloud strategy’ that will serve to support growth and jobs and build an innovation advantage for India. However, the concern is that currently a number of challenges and risks with respect to security, privacy and trust exist that may undermine the attainment of these policy objectives. Our approach has been to undertake an analysis of the technological, operational and legal intricacies of cloud computing, taking into consideration the Indian dimension and the interests and objectives of all stakeholders (citizens, individual users, companies, cloud service providers, regulatory bodies and relevant public authorities). This paper represents an evolutionary progression in understanding the implications of cloud computing for security, privacy and trust. Starting from an overview of the challenges identified in the area of cloud, the study builds upon real-life case study implementations of cloud computing for its analysis and subsequent policy considerations. As such, we intend to offer additional value for policymakers beyond a comprehensive understanding of the current theoretical or empirically derived evidence base, which will understand the cloud computing and the associated open questions surrounding some of the important security, privacy and trust issues.

Keywords: cloud, security, privacy, trust

River Publishers: Journal of Cyber Security and Mobility