Journal of Information Processing Systems

Korea Information Processing Society (한국정보처리학회)
권호 표지
DOI QR코드

DOI QR Code

Two-Phase Security Protection for the Internet of Things Object

  • Suryani, Vera (School of Computing, Telkom University) ;
  • Sulistyo, Selo (Dept. of Electrical Engineering and Information Technology, Universitas Gadjah Mada) ;
  • Widyawan, Widyawan (Dept. of Electrical Engineering and Information Technology, Universitas Gadjah Mada)
  • Received : 2018.07.09
  • Accepted : 2018.07.20
  • Published : 2018.12.31
Download PDF
⟨ Previous Next ⟩

Abstract

Securing objects in the Internet of Things (IoT) is essential. Authentication model is one candidate to secure an object, but it is only limited to handle a specific type of attack such as Sybil attack. The authentication model cannot handle other types of attack such as trust-based attacks. This paper proposed two-phase security protection for objects in IoT. The proposed method combined authentication and statistical models. The results showed that the proposed method could handle other attacks in addition to Sybil attacks, such as bad-mouthing attack, good-mouthing attack, and ballot stuffing attack.

Keywords

E1JBB0_2018_v14n6_1431_f0001.png 이미지

Fig. 1. Network topology illustrated by a graph.

E1JBB0_2018_v14n6_1431_f0002.png 이미지

Fig. 3. Attacks result simulation. (a) Normal condition without an attack, (b) bad-mouthing attack, (c)good mouthing attack, and (d) ballot-stuffing attack.

E1JBB0_2018_v14n6_1431_f0003.png 이미지

Fig. 2. Sub-graph of group A.

References

  1. J. D. Bokefode, A. S. Bhise, P. A. Satarkar, and D. G. Modani, "Developing a secure cloud storage system for storing IoT data by applying role based encryption," Procedia Computer Science, vol. 89, pp. 43-50, 2016. https://doi.org/10.1016/j.procs.2016.06.007
  2. Y. Mao, J. Li, M. R. Chen, J. Liu, C. Xie, and Y. Zhan, "Fully secure fuzzy identity-based encryption for secure IoT communications," Computer Standards and Interfaces, vol. 44, pp. 117-121, 2016. https://doi.org/10.1016/j.csi.2015.06.007
  3. F. Wu, L. Xu, S. Kumari, and X. Li, "A privacy-preserving and provable user authentication scheme for wireless sensor networks based on Internet of Things security," Journal of Ambient Intelligence and Humanized Computing, vol. 8, no. 1, pp. 101-116, 2017. https://doi.org/10.1007/s12652-016-0345-8
  4. I. R. Chen, F. Bao, and J. Guo, "Trust-based service management for social internet of things systems," IEEE Transactions on Dependable and Secure Computing, vol. 13, no. 6, pp. 684-696, 2016. https://doi.org/10.1109/TDSC.2015.2420552
  5. Z. A. Khan and P. Herrmann, "A trust based distributed intrusion detection mechanism for Internet of Things," in Proceedings of IEEE 31st International Conference on Advanced Information Networking and Applications, Taipei, Taiwan, 2017, pp. 1169-1176.
  6. H. Kim and E. A. Lee, "Authentication and authorization for the Internet of Things," IT Professional, vol. 19, no. 5, pp. 27-33, 2017. https://doi.org/10.1109/MITP.2017.3680960
  7. V. Suryani, S. Sulistyo, and W. Widyawan, "Internet of Things (IoT) framework for granting trust among objects," Journal of Information Processing Systems, vol. 13, no. 6, pp. 1613-1627, 2017. https://doi.org/10.3745/JIPS.03.0088
  8. V. Suryani, S. Sulistyo, and W. Widyawan, "ConTrust : a trust model to enhance the privacy in Internet of Things," International Journal of Intelligent Engineering and Systems, vol. 10, no. 3, pp. 30-37, 2017.