A secure lightweight texture encryption scheme
- Authors: Jolfaei, Alireza , Wu, Xinwen , Muthukkumarasamy, Vallipuram
- Date: 2016
- Type: Text , Conference paper
- Relation: 7th Pacific-Rim Symposium on Image and Video Technology, PSIVT 2015; Auckland, New Zealand; 23rd-27th November 2015; published in Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) Vol. 9555, p. 344-356
- Full Text:
- Reviewed:
- Description: Due to the widespread application of augmented and virtual environments, the research into 3D content protection is fundamentally important. To maintain confidentiality, encryption of 3D content, including the 3D objects and texture images, is essential. In this paper, a novel texture encryption scheme is proposed which complements the existing 3D object encryption methods. The proposed method encrypts texture images by bit masking and a permutation procedure using the Salsa20/12 stream cipher. The method is lightweight and satisfies the security requirement. It also prevents the partial disclosure of the encrypted 3D surface geometry by protecting the texture patterns from being partially leaked. The scheme has a better speed-security profile than the full encryption and the selective (4most significant bit-plane) encryption by 128-bit AES. The encryption schemes are implemented and tested with 500 sample texture images. The experimental results show that the scheme has a better encryption performance compared to the full/selective encryption by 128-bit AES.
- Description: Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Preserving the confidentiality of digital images using a chaotic encryption scheme
- Authors: Jolfaei, Alireza , Matinfar, Ahmadreza , Mirghadri, Abdolrasoul
- Date: 2015
- Type: Text , Journal article
- Relation: International Journal of Electronic Security and Digital Forensics Vol. 7, no. 3 (2015), p. 258-277
- Full Text:
- Reviewed:
- Description: Confidentiality of digital images is an important requirement for many multimedia applications and services. To maintain confidentiality, encryption of digital images is essential. Digital images are usually very large and encrypting such bulky data induces many performance overheads, which can be too expensive for real-time applications in resource constrained environments. In this paper, we propose a chaotic image encryption scheme which satisfies the need for both light-weightedness and security. To justify the security and efficiency, the new cipher was evaluated using a series of statistical tests. These tests included a visual testing and a histogram analysis, a randomness analysis, a correlation analysis, an entropy analysis and an image encryption quality analysis. Based on all analyses and experimental results, it is concluded that the proposed scheme is effective, efficient and trustworthy and therefore can be adopted for image encryption.
Detection and compensation of covert service-degrading intrusions in cyber physical systems through intelligent adaptive control
- Authors: Farivar, Faezeh , Haghighi, Mohammad , Barchinezhad, Soheila , Jolfaei, Alireza
- Date: 2019
- Type: Text , Conference proceedings , Conference paper
- Relation: 2019 IEEE International Conference on Industrial Technology, ICIT 2019; Melbourne, Australia; 13th-15th February 2019 Vol. 2019-February, p. 1143-1148
- Full Text:
- Reviewed:
- Description: Cyber-Physical Systems (CPS) are playing important roles in the critical infrastructure now. A prominent family of CPSs are networked control systems in which the control and feedback signals are carried over computer networks like the Internet. Communication over insecure networks make system vulnerable to cyber attacks. In this article, we design an intrusion detection and compensation framework based on system/plant identification to fight covert attacks. We collect error statistics of the output estimation during the learning phase of system operation and after that, monitor the system behavior to see if it significantly deviates from the expected outputs. A compensating controller is further designed to intervene and replace the classic controller once the attack is detected. The proposed model is tested on a DC motor as the plant and is put against a deception signal amplification attack over the forward link. Simulation results show that the detection algorithm well detects the intrusion and the compensator is also successful in alleviating the attack effects.
Data exchange in delay tolerant networks using joint inter- and intra-flow network coding
- Authors: Ostovari, Pouya , Wu, Jie , Jolfaei, Alireza
- Date: 2018
- Type: Text , Conference proceedings
- Relation: 37th IEEE International Performance Computing and Communications Conference, IPCCC 2018; Orlando, United States; 17th-19th November 2018 p. 1-8
- Full Text:
- Reviewed:
- Description: Data transmission in delay tolerant networks (DTNs) is a challenging problem due to the lack of continuous network connectivity and nondeterministic mobility of the nodes. Epidemic routing and spray-and-wait methods are two popular mechanisms that are proposed for DTNs. In order to reduce the transmission delay in DTNs, some previous works combine intra-flow network coding with the routing protocols. In this paper, we propose two routing mechanisms using systematic joint inter- and intra-flow network coding for the purpose of data exchange between the nodes. We discuss the reasons why inter-flow network coding helps to reduce the delivery delay of the packets, and we also analyze the delays related with only using intra-flow coding, and joint inter- and intra-flow coding methods. We empirically show the benefit of joint coding over just intra-flow coding. Based on our simulation, joint coding can reduce the delay up to 40%, compared to only intra-flow coding.
- Description: 2018 IEEE 37th International Performance Computing and Communications Conference, IPCCC 2018
On the security of permutation-only image encryption schemes
- Authors: Jolfaei, Alireza , Wu, Xinwen , Muthukkumarasamy, Vallipuram
- Date: 2016
- Type: Text , Journal article
- Relation: IEEE Transactions on Information Forensics and Security Vol. 11, no. 2 (2016), p. 235-246
- Full Text:
- Reviewed:
- Description: Permutation is a commonly used primitive in multimedia (image/video) encryption schemes, and many permutation-only algorithms have been proposed in recent years for the protection of multimedia data. In permutation-only image ciphers, the entries of the image matrix are scrambled using a permutation mapping matrix which is built by a pseudo-random number generator. The literature on the cryptanalysis of image ciphers indicates that the permutation-only image ciphers are insecure against ciphertext-only attacks and/or known/chosenplaintext attacks. However, the previous studies have not been able to ensure the correct retrieval of the complete plaintext elements. In this paper, we revisited the previous works on cryptanalysis of permutation-only image encryption schemes and made the cryptanalysis work on chosen-plaintext attacks complete and more efficient. We proved that in all permutationonly image ciphers, regardless of the cipher structure, the correct permutation mapping is recovered completely by a chosenplaintext attack. To the best of our knowledge, for the first time, this paper gives a chosen-plaintext attack that completely determines the correct plaintext elements using a deterministic method. When the plain-images are of size M × N and with L different color intensities, the number n of required chosen plain-images to break the permutation-only image encryption algorithm is n = logL(MN). The complexity of the proposed attack is O (n · M N) which indicates its feasibility in a polynomial amount of computation time. To validate the performance of the proposed chosen-plaintext attack, numerous experiments were performed on two recently proposed permutation-only image/video ciphers. Both theoretical and experimental results showed that the proposed attack outperforms the state-of-theart cryptanalytic methods.
Security hardening of implantable cardioverter defibrillators
- Authors: Jaffar, Iram , Usman, Muhammad , Jolfaei, Alireza
- Date: 2019
- Type: Text , Conference proceedings , Conference paper
- Relation: 2019 IEEE International Conference on Industrial Technology, ICIT 2019; Melbourne, Australia; 13th-15th February 2019 Vol. 2019-February, p. 1173-1178
- Full Text:
- Reviewed:
- Description: Contemporary healthcare has witnessed a wide deployment of Implantable Cardioverter Defibrillators (ICDs), which have the capability to be controlled remotely, making them equally accessible from both home and hospitals. The therapeutic benefits of ICDs seem to outweigh potential security concerns, yet overlooking the presence of malicious attacks cannot be justified. This study investigates the scenario where an adversary falsifies a controller command and sends instructions to issue high electric shocks in succession. We propose a novel security hardening mechanism to protect data communications between ICD and controller from malicious data manipulations. Our proposed method verifies the correctness of an external command with respect to the history of heart rhythms. The proposed method is evaluated using real data. Multi-aspect analyses show the effectiveness of the proposed scheme.
- Description: Proceedings of the IEEE International Conference on Industrial Technology
Vulnerability modelling for hybrid IT systems
- Authors: Ur-Rehman, Attiq , Gondal, Iqbal , Kamruzzuman, Joarder , Jolfaei, Alireza
- Date: 2019
- Type: Text , Conference proceedings , Conference paper
- Relation: 2019 IEEE International Conference on Industrial Technology, ICIT 2019; Melbourne, Australia; 13th-15th February 2019 Vol. 2019-February, p. 1186-1191
- Full Text:
- Reviewed:
- Description: Common vulnerability scoring system (CVSS) is an industry standard that can assess the vulnerability of nodes in traditional computer systems. The metrics computed by CVSS would determine critical nodes and attack paths. However, traditional IT security models would not fit IoT embedded networks due to distinct nature and unique characteristics of IoT systems. This paper analyses the application of CVSS for IoT embedded systems and proposes an improved vulnerability scoring system based on CVSS v3 framework. The proposed framework, named CVSSIoT, is applied to a realistic IT supply chain system and the results are compared with the actual vulnerabilities from the national vulnerability database. The comparison result validates the proposed model. CVSSIoT is not only effective, simple and capable of vulnerability evaluation for traditional IT system, but also exploits unique characteristics of IoT devices.
- Description: Proceedings of the IEEE International Conference on Industrial Technology
A 3D object encryption scheme which maintains dimensional and spatial stability
- Authors: Jolfaei, Alireza , Wu, Xinwen , Muthukkumarasamy, Vallipuram
- Date: 2015
- Type: Text , Journal article
- Relation: IEEE Transactions on Information Forensics and Security Vol. 10, no. 2 (2015), p. 409-422
- Full Text:
- Reviewed:
- Description: Due to widespread applications of 3D vision technology, the research into 3D object protection is primarily important. To maintain confidentiality, encryption of 3D objects is essential. However, the requirements and limitations imposed by 3D objects indicate the impropriety of conventional cryptosystems for 3D object encryption. This suggests the necessity of designing new ciphers. In addition, the study of prior works indicates that the majority of problems encountered with encrypting 3D objects are about point cloud protection, dimensional and spatial stability, and robustness against surface reconstruction attacks. To address these problems, this paper proposes a 3D object encryption scheme, based on a series of random permutations and rotations, which deform the geometry of the point cloud. Since the inverse of a permutation and a rotation matrix is its transpose, the decryption implementation is very efficient. Our statistical analyses show that within the cipher point cloud, points are randomly distributed. Furthermore, the proposed cipher leaks no information regarding the geometric structure of the plain point cloud, and is also highly sensitive to the changes of the plaintext and secret key. The theoretical and experimental analyses demonstrate the security, effectiveness, and robustness of the proposed cipher against surface reconstruction attacks.
A low-complexity equalizer for video broadcasting in cyber-physical social systems through handheld mobile devices
- Authors: Solyman, Ahmad , Attar, Hani , Khosravi, Mohammad , Menon, Varun , Jolfaei, Alireza , Balasubramanian, Venki , Selvaraj, Buvana , Tavallali, Pooya
- Date: 2020
- Type: Text , Journal article
- Relation: IEEE Access Vol. 8, no. (2020), p. 67591-67602
- Full Text:
- Reviewed:
- Description: In Digital Video Broadcasting-Handheld (DVB-H) devices for cyber-physical social systems, the Discrete Fractional Fourier Transform-Orthogonal Chirp Division Multiplexing (DFrFT-OCDM) has been suggested to enhance the performance over Orthogonal Frequency Division Multiplexing (OFDM) systems under time and frequency-selective fading channels. In this case, the need for equalizers like the Minimum Mean Square Error (MMSE) and Zero-Forcing (ZF) arises, though it is excessively complex due to the need for a matrix inversion, especially for DVB-H extensive symbol lengths. In this work, a low complexity equalizer, Least-Squares Minimal Residual (LSMR) algorithm, is used to solve the matrix inversion iteratively. The paper proposes the LSMR algorithm for linear and nonlinear equalizers with the simulation results, which indicate that the proposed equalizer has significant performance and reduced complexity over the classical MMSE equalizer and other low complexity equalizers, in time and frequency-selective fading channels. © 2013 IEEE.
Privacy and Security of Connected Vehicles in Intelligent Transportation System
- Authors: Jolfaei, Alireza , Kant, Krishna
- Date: 2019
- Type: Text , Conference proceedings , Conference paper
- Relation: 49th Annual IEEE/IFIP International Conference on Dependable Systems and Networks - Supplemental Volume, DSN-S 2019, Portland, United States; 24-27 June 2019. p. 9-10
- Full Text:
- Reviewed:
- Description: The paper considers data security and privacy issues in intelligent transportation systems which involve data streams coming out from individual vehicles to road side units. In this environment, there are issues in regards to the scalability of key management and computation limitations at the edge of the network. To address these issues, we suggest the formation of groups in the vehicular layer, where a group leader is assigned to communicate with group members and the road side unit. We propose a lightweight permutation mechanism for preserving the confidentiality and privacy of sensory data. © 2019 IEEE.
- Description: E1
A scalable framework for healthcare monitoring application using the Internet of Medical Things
- Authors: Balasubramanian, Venki , Jolfaei, Alireza
- Date: 2021
- Type: Text , Journal article
- Relation: Software - Practice and Experience Vol. 51, no. 12 (2021), p. 2457-2468
- Full Text:
- Reviewed:
- Description: Internet of Things (IoT) is finding application in many areas, particularly in health care where an IoT can be effectively used in the form of an Internet of Medical Things (IoMT) to monitor the patients remotely. The quality of life of the patients and health care outcomes can be improved with the deployment of an IoMT because health care professionals can monitor conditions; access the electronic medical records and communicates with each other. This remote monitoring and consultations might reduce the traditional stressful and costly exercise of frequent hospitalization. Also, the rising costs of health care in many developed countries have influenced the introduction of the Healthcare Monitoring Application (HMA) to their existing health care practices. To materialize the HMA concepts for successful deployment for civilian and commercial use with ease, application developers can benefit from a generic, scalable framework that provides significant components for building an HMA. In this chapter, a generic maintainable HMA is advanced by amalgamating the advantages of event-driven and the layered architecture. The proposed framework is used to establish an HMA with an end-to-end Assistive Care Loop Framework (ACLF) to provide a real-time alarm and assistance to monitor pregnant women. © 2020 John Wiley & Sons, Ltd.
A lightweight integrity protection scheme for low latency smart grid applications
- Authors: Jolfaei, Alireza , Kant, Krishna
- Date: 2019
- Type: Text , Journal article
- Relation: Computers and Security Vol. 86, no. (2019), p. 471-483
- Full Text:
- Reviewed:
- Description: The substation communication protocol used in smart grid allows the transmission of messages without integrity protection for applications that require very low communication latency. This leaves the real-time measurements taken by phasor measurement units (PMUs) vulnerable to man-in-the-middle attacks, and hence makes high voltage to medium voltage (HV/MV) substations vulnerable to cyber-attacks. In this paper, a lightweight and secure integrity protection algorithm has been proposed to maintain the integrity of PMU data, which fills the missing integrity protection in the IEC 61850-90-5 standard, when the MAC identifier is declared 0. The rigorous security analysis proves the security of the proposed integrity protection method against ciphertext-only attacks and known/chosen plaintext attacks. A comparison with existing integrity protection methods shows that our method is much faster, and is also the only integrity protection scheme that meets the strict timing requirement. Not only the proposed method can be used in power protection applications, but it also can be used in emerging anomaly detection scenarios, where a fast integrity check coupled with low latency communications is used for multiple rounds of message exchanges. This paper is an extension of work originally reported in Proceedings of 14th International Conference on Security and Cryptography (Jolfaei and Kant, 2017).
RaSEC : an intelligent framework for reliable and secure multilevel edge computing in industrial environments
- Authors: Usman, Muhammad , Jolfaei, Alireza , Jan, Mian
- Date: 2020
- Type: Text , Journal article
- Relation: IEEE Transactions on Industry Applications Vol. 56, no. 4 (2020), p. 4543-4551
- Full Text:
- Reviewed:
- Description: Industrial applications generate big data with redundant information that is transmitted over heterogeneous networks. The transmission of big data with redundant information not only increases the overall end-to-end delay but also increases the computational load on servers which affects the performance of industrial applications. To address these challenges, we propose an intelligent framework named Reliable and Secure multi-level Edge Computing (RaSEC), which operates in three phases. In the first phase, level-one edge devices apply a lightweight aggregation technique on the generated data. This technique not only reduces the size of the generated data but also helps in preserving the privacy of data sources. In the second phase, a multistep process is used to register level-two edge devices (LTEDs) with high-level edge devices (HLEDs). Due to the registration process, only legitimate LTEDs can forward data to the HLEDs, and as a result, the computational load on HLEDs decreases. In the third phase, the HLEDs use a convolutional neural network to detect the presence of moving objects in the data forwarded by LTEDs. If a movement is detected, the data is uploaded to the cloud servers for further analysis; otherwise, the data is discarded to minimize the use of computational resources on cloud computing platforms. The proposed framework reduces the response time by forwarding useful information to the cloud servers and can be utilized by various industrial applications. Our theoretical and experimental results confirm the resiliency of our framework with respect to security and privacy threats. © 1972-2012 IEEE.
Sensitivity analysis for vulnerability mitigation in hybrid networks
- Authors: Ur‐rehman, Attiq , Gondal, Iqbal , Kamruzzaman, Joarder , Jolfaei, Alireza
- Date: 2022
- Type: Text , Journal article
- Relation: Electronics (Switzerland) Vol. 11, no. 2 (2022), p.
- Full Text:
- Reviewed:
- Description: The development of cyber‐assured systems is a challenging task, particularly due to the cost and complexities associated with the modern hybrid networks architectures, as well as the recent advancements in cloud computing. For this reason, the early detection of vulnerabilities and threat strategies are vital for minimising the risks for enterprise networks configured with a variety of node types, which are called hybrid networks. Existing vulnerability assessment techniques are unable to exhaustively analyse all vulnerabilities in modern dynamic IT networks, which utilise a wide range of IoT and industrial control devices (ICS). This could lead to having a less optimal risk evaluation. In this paper, we present a novel framework to analyse the mitigation strategies for a variety of nodes, including traditional IT systems and their dependability on IoT devices, as well as industrial control systems. The framework adopts avoid, reduce, and manage as its core principles in characterising mitigation strategies. Our results confirmed the effectiveness of our mitigation strategy framework, which took node types, their criticality, and the network topology into account. Our results showed that our proposed framework was highly effective at reducing the risks in dynamic and resource constraint environments, in contrast to the existing techniques in the literature. © 2022 by the authors. Licensee MDPI, Basel, Switzerland.
Attacks on self-driving cars and their countermeasures : a survey
- Authors: Chowdhury, Abdullahi , Karmakar, Gour , Kamruzzaman, Joarder , Jolfaei, Alireza , Das, Rajkumar
- Date: 2020
- Type: Text , Journal article , Review
- Relation: IEEE Access Vol. 8, no. (2020), p. 207308-207342
- Full Text:
- Reviewed:
- Description: Intelligent Traffic Systems (ITS) are currently evolving in the form of a cooperative ITS or connected vehicles. Both forms use the data communications between Vehicle-To-Vehicle (V2V), Vehicle-To-Infrastructure (V2I/I2V) and other on-road entities, and are accelerating the adoption of self-driving cars. The development of cyber-physical systems containing advanced sensors, sub-systems, and smart driving assistance applications over the past decade is equipping unmanned aerial and road vehicles with autonomous decision-making capabilities. The level of autonomy depends upon the make-up and degree of sensor sophistication and the vehicle's operational applications. As a result, self-driving cars are being compromised perceived as a serious threat. Therefore, analyzing the threats and attacks on self-driving cars and ITSs, and their corresponding countermeasures to reduce those threats and attacks are needed. For this reason, some survey papers compiling potential attacks on VANETs, ITSs and self-driving cars, and their detection mechanisms are available in the current literature. However, up to our knowledge, they have not covered the real attacks already happened in self-driving cars. To bridge this research gap, in this paper, we analyze the attacks that already targeted self-driving cars and extensively present potential cyber-Attacks and their impacts on those cars along with their vulnerabilities. For recently reported attacks, we describe the possible mitigation strategies taken by the manufacturers and governments. This survey includes recent works on how a self-driving car can ensure resilient operation even under ongoing cyber-Attack. We also provide further research directions to improve the security issues associated with self-driving cars. © 2013 IEEE.