SBOOSP for Massive Devices in 5G WSNs Using Conformable Chaotic Maps

The commercialization of the fifth-generation (5G) wireless network has begun. Massive devices are being integrated into 5G-enabled wireless sensor networks (5G WSNs) to deliver a variety of valuable services to network users. However, there are rising fears that 5G WSNs will expose sensitive user data to new security vulnerabilities. For secure end-to-end communication, key agreement and user authentication have been proposed. However, when billions of massive devices are networked to collect and analyze complex user data, more stringent security approaches are required. Data integrity, non-repudiation, and authentication necessitate special-purpose subtree-based signature mechanisms that are pretty difficult to create in practice. To address this issue, this work provides an efficient, provably secure, lightweight subtree-based online/offline signature procedure (SBOOSP) and its aggregation (Agg-SBOOSP) for massive devices in 5G WSNs using conformable chaotic maps. The SBOOSP enables multi-time offline storage access while reducing processing time. As a result, the signer can utilize the pre-stored offline information in polynomial time. This feature distinguishes our presented SBOOSP from previous online/offline-signing procedures that only allow for one signature. Furthermore, the new procedure supports a secret key during the pre-registration process, but no secret key is necessary during the offline stage. The suggested SBOOSP is secure in the logic of unforgeability on the chosen message attack in the random oracle. Additionally, SBOOSP and Agg-SBOOSP had the lowest computing costs compared to other contending schemes. Overall, the suggested SBOOSP outperforms several preliminary security schemes in terms of performance and computational overhead.     

Social-Aware Based Secure Relay Selection in Relay-Assisted D2D Communications

Relay-assisted transmission could effectively enhance the performance of Device-to-Device (D2D) communications when D2D user equipments (UEs) are too far away from each other or the quality of D2D channel is not good enough for direct communications. Meanwhile, security is one of the major concerns for proximity services. The secure relay selection problem for D2D communications underlaying cellular network is studied in this paper. Firstly, we define a relay selection area and derive the closed-form of outage probability in D2D links using a Poisson Point Process (PPP) method. Next, in the defined relay selection area, we propose a secure relay selection scheme for the relay-assisted D2D communication system by exploiting the social relation as a security factor. Simulation results show that the scheme based on social relation can greatly improve the security performance of relay-assisted D2D communications.     

Multi-Gigabit CO-OFDM System over SMF and MMF Links for 5G URLLC Backhaul Network

The 5G cellular network aims at providing three major services: Massive machine-type communication (mMTC), ultra-reliable low-latency communications (URLLC), and enhanced-mobile-broadband (eMBB). Among these services, the URLLC and eMBB require strict end-to-end latency of 1 ms while maintaining 99.999% reliability, and availability of extremely high data rates for the users, respectively. One of the critical challenges in meeting these requirements is to upgrade the existing optical fiber backhaul network interconnecting the base stations with a multigigabit capacity, low latency and very high reliability system. To address this issue, we have numerically analyzed 100 Gbit/s coherent optical orthogonal frequency division multiplexing (CO-OFDM) transmission performance over 400 km single-mode fiber (SMF) and 100 km of multi-mode fiber (MMF) links. The system is simulated over optically repeated and non-repeated SMF and MMF links. Coherent transmission is used, and the system is analyzed in a linear and non-linear regime. The system performance is quantified by bit error ratio (BER). Spectrally efficient and optimal transmission performance is achieved for 400 km SMF and 100 km MMF link. The results designate that MMF links can be employed beyond short reach applications by using them in the existing SMF infrastructure for long haul transmission. In particular, the proposed CO-OFDM system can be efficiently employed in 5G backhaul network. The multi-gigabit capacity and lower BER of the proposed system makes it a suitable candidate especially for the eMBB and URLLC requirements for 5G backhaul network.     

Secrecy Outage Probability Analysis Based on Cognitive Decodeand-Forward Relaying

Wireless communications have to face to several different security issues in practice due to the nature of broadcast. The information theory is well known to provide efficient approaches to address security issues in wireless communications, which attracts much attention in both industry and academia in recent years. In this paper, inspired by information theory, we study the outage probability of the opportunistic relay selection based on cognitive decode-and-forward relaying with the secrecy consideration. Specifically, the closed-form expression of the outage probability is proposed. Moreover, the asymptotic performance evaluation on the basis of the analytical results is investigated. The simulation results show that the relay selection can reduce the outage probability in accordance with our theoretical analysis.     

WLAN 802.11/11b数据加密机制的安全分析

在802.11标准中的加密采用WEP协议，用于提供链路层数据传输的安全保护。目前，在原有EP的基础上提出了一些改进方案，能提高WEP的安全性能，但理论上缺少严密的安全分析。笔者通过数学模型对这些解决方案以及原有WEP协议进行量化分析，推导出机制内各模块与整个安全机制间安全性能的对应函数关系，并比较了这些方案间安全性能的差异，证明这些安全机制可以提高原有WEP的安全性能，在理论上为用户提供如何构造满足所需安全性能的WLAN数据加密增强机制。     

HARQ Optimization for PDCP Duplication-Based 5G URLLC Dual Connectivity

Packet duplication (PD) with dual connectivity (DC) was newly introduced in the 5G New Radio (NR) specifications to meet the stringent ultra reliable low latency communication (URLLC) requirements. PD technology uses duplicated packets in the packet data convergence protocol (PDCP) layer that are transmitted via two different access nodes (ANs) to the user equipment (UE) in order to enhance the reliability performance. However, PD can result in unnecessary retransmissions in the lower layers since the hybrid automatic retransmission request (HARQ) operation is unaware of the transmission success achieved through the alternate DC link to the UE. To overcome this issue, in this paper, a novel duplication-aware retransmission optimization (DRO) scheme is proposed to reduce the resource usage induced by unnecessary HARQ retransmissions. The proposed DRO scheme can minimize the average channel use while satisfying the URLLC requirements. The proposed DRO scheme derives the optimal HARQ retransmission attempts for different ANs by solving a nonlinear integer programming (NLIP) problem. The performance of the proposed DRO scheme was evaluated using MATLAB simulation and is compared to the existing 5G HARQ support schemes. The simulations results show that the proposed DRO scheme can provide a 14.71% and 15.11% reduced average channel use gain compared to the selective data duplication upon failure (SDUF) scheme and latency-aware dynamic multi-connectivity algorithm (LADMA) scheme, respectively, which are the existing 5G PD schemes that use HARQ.     

Joint Spectrum Partition and Performance Analysis of Full-Duplex D2D Communications in Multi-Tier Wireless Networks

Full-duplex (FD) has been recognized as a promising technology for future 5G networks to improve the spectrum efficiency. However, the biggest practical impediments of realizing full-duplex communications are the presence of self-interference, especially in complex cellular networks. With the current development of self-interference cancellation techniques, full-duplex has been considered to be more suitable for device-to-device (D2D) and small cell communications which have small transmission range and low transmit power. In this paper, we consider the full-duplex D2D communications in multi-tier wireless networks and present an analytical model which jointly considers mode selection, resource allocation, and power control. Specifically, we consider a distance based mode selection scheme. The performance analysis of different D2D communications modes are performed based on stochastic geometry, and tractable analytical solutions are obtained. Then we investigate the optimal resource partitions between dedicated D2D mode and cellular mode. Numerical results validate the theoretical anlaysis and indicate that with appropriate proportions of users operated in different transmission modes and optimal partitioning of spectrum, the performance gain of FD-D2D communication can be achieved.     

SECURITY OF VIRTUAL PRIVATE NETWORK

Virtual Private Networks(VPN) are a big part of networking because of the security tool that they use. VPN encrypts all of the data that is sent through networks. Because a lot of networks have gone wireless, the need for extremely secure networks is in high demand.VPN are definitely one of the types of networks that have help innovate wireless network security. By explaining how the various implementations of VPN help keep networks secure, we can understand the advantages and services that virtual private networks offer wireless networks.     

Cyber security

Network infrastructure with reliable communications and processing capabilities is key to commerce. In this note, different techniques for improving cybers security of data and wireless networks are described. First, network survivability, along with cost, is included in the objective function for network design algorithms. Second, persistent monitoring capabilities are added to network management protocols to provide early detection of network abnormalities. Finally, network equipments are enhanced with service intelligence to protect critical applications during attacks.     

Improved Multi-party Quantum Key Agreement with Four-qubit Cluster States

Quantum key agreement is a promising key establishing protocol that can play a significant role in securing 5G/6G communication networks. Recently, Liu et al. (Quantum Information Processing 18(8):1-10, 2019) proposed a multi-party quantum key agreement protocol based on four-qubit cluster states was proposed. The aim of their protocol is to agree on a shared secret key among multiple remote participants. Liu et al. employed four-qubit cluster states to be the quantum resources and the X operation to securely share a secret key. In addition, Liu et al.'s protocol guarantees that each participant makes an equal contribution to the final key. The authors also claimed that the proposed protocol is secure against participant attack and dishonest participants cannot generate the final shared key alone. However, we show here that Liu et al. protocol is insecure against a collusive attack, where dishonest participants can retrieve the private inputs of a trustworthy participant without being caught. Additionally, the corresponding modifications are presented to address these security flaws in Liu et al.'s protocol.     

Road Distance Computation Using Homomorphic Encryption in Road Networks

Road networks have been used in a wide range of applications to reduces the cost of transportation and improve the quality of related services. The shortest road distance computation has been considered as one of the most fundamental operations of road networks computation. To alleviate privacy concerns about location privacy leaks during road distance computation, it is desirable to have a secure and efficient road distance computation approach. In this paper, we propose two secure road distance computation approaches, which can compute road distance over encrypted data efficiently. An approximate road distance computation approach is designed by using Partially Homomorphic Encryption and road network set embedding. An exact road distance computation is built by using Somewhat Homomorphic Encryption and road network hypercube embedding. We implement our two road distance computation approaches, and evaluate them on the real city-scale road network. Evaluation results show that our approaches are accurate and efficient.     

Cogent and Energy Efficient Authentication Protocol for WSN in IoT

Given the accelerating development of Internet of things (IoT), a secure and robust authentication mechanism is urgently required as a critical architectural component. The IoT has improved the quality of everyday life for numerous people in many ways. Owing to the predominantly wireless nature of the IoT, connected devices are more vulnerable to security threats compared to wired networks. User authentication is thus of utmost importance in terms of security on the IoT. Several authentication protocols have been proposed in recent years, but most prior schemes do not provide sufficient security for these wireless networks. To overcome the limitations of previous schemes, we propose an efficient and lightweight authentication scheme called the Cogent Biometric-Based Authentication Scheme (COBBAS). The proposed scheme is based on biometric data, and uses lightweight operations to enhance the efficiency of the network in terms of time, storage, and battery consumption. A formal security analysis of COBBAS using Burrows–Abadi–Needham logic proves that the proposed protocol provides secure mutual authentication. Formal security verification using the Automated Validation of Internet Security Protocols and Applications tool shows that the proposed protocol is safe against man-in-the-middle and replay attacks. Informal security analysis further shows that COBBAS protects wireless sensor networks against several security attacks such as password guessing, impersonation, stolen verifier attacks, denial-of-service attacks, and errors in biometric recognition. This protocol also provides user anonymity, confidentiality, integrity, and biometric recovery in acceptable time with reasonable computational cost.     

Efficient secure channel coding based on quasi-cyclic low-density parity-check codes

A secure channel coding (joint encryption-channel coding) scheme provides both data security and reliability in one combined process to achieve faster processing and/or more efficient implementation. The issue of using quasi-cyclic low-density parity-check (QC-LDPC) codes in a symmetric-key secure channel coding scheme is addressed. A set of this class of LDPC codes has recently been recommended by the NASA Goddard Space Flight Center for near-earth and deep-space communications. The proposed scheme provides an efficient error performance, an acceptable level of security and a low-complexity practicable implementation. The results indicate that the proposed scheme can efficiently employ large QC-LDPC codes to achieve a relatively smaller secret-key size to be exchanged by the sender and the receiver, and higher information rates in comparison with the previous symmetric-key McEliece-like schemes. Simulation results indicate that there is no trade-off between the error performance and the security level of the proposed scheme unlike that of the previous ones. These characteristics make the proposed scheme suitable for high-speed communications, such as satellite communication systems.     

A Secure Communication Protocol for Unmanned Aerial Vehicles

Mavlink is a lightweight and most widely used open-source communication protocol used for Unmanned Aerial Vehicles. Multiple UAVs and autopilot systems support it, and it provides bi-directional communication between the UAV and Ground Control Station. The communications contain critical information about the UAV status and basic control commands sent from GCS to UAV and UAV to GCS. In order to increase the transfer speed and efficiency, the Mavlink does not encrypt the messages. As a result, the protocol is vulnerable to various security attacks such as Eavesdropping, GPS Spoofing, and DDoS. In this study, we tackle the problem and secure the Mavlink communication protocol. By leveraging the Mavlink packet’s vulnerabilities, this research work introduces an experiment in which, first, the Mavlink packets are compromised in terms of security requirements based on our threat model. The results show that the protocol is insecure and the attacks carried out are successful. To overcome Mavlink security, an additional security layer is added to encrypt and secure the protocol. An encryption technique is proposed that makes the communication between the UAV and GCS secure. The results show that the Mavlink packets are encrypted using our technique without affecting the performance and efficiency. The results are validated in terms of transfer speed, performance, and efficiency compared to the literature solutions such as MAVSec and benchmarked with the original Mavlink protocol. Our achieved results have significant improvement over the literature and Mavlink in terms of security.     

Efficient UAV Communications: Recent Trends and Challenges

Unmanned Ariel Vehicles (UAVs) are flying objects whose trajectory can be remotely controlled. UAVs have lot of potential applications in the areas of wireless communications, internet of things, security, traffic management, monitoring, and smart surveying. By enabling reliable communication between UAVs and ground nodes, emergency notifications can be efficiently and quickly disseminated to a wider area. UAVs can gather data from remote areas, industrial units, and emergency scenarios without human involvement. UAVs can support ubiquitous connectivity, green communications, and intelligent wireless resource management. To efficiently use UAVs for all these applications, important challenges need to be investigated. In this paper, we first present a detailed classification of UAVs based on factors such as their size, communication range, weight, and flight altitude. We also explain the hardware system configuration and uses of these UAVs. We present a brief overview of recent work done related to three major challenges in UAVs. These challenges include trajectory control, energy efficiency and resource allocation. We also present three open challenges and future opportunities for efficient UAV communications. These include use of learning algorithms for resource allocation and energy efficiency in UAVs, intelligent surfaces-based communications for enhanced reliability in UAVs, and security algorithms to combat malicious attacks against UAVs.     

Performance Evaluation of Virtualization Methodologies to Facilitate NFV Deployment

The development of the Next-Generation Wireless Network (NGWN) is becoming a reality. To conduct specialized processes more, rapid network deployment has become essential. Methodologies like Network Function Virtualization (NFV), Software-Defined Networks (SDN), and cloud computing will be crucial in addressing various challenges that 5G networks will face, particularly adaptability, scalability, and reliability. The motivation behind this work is to confirm the function of virtualization and the capabilities offered by various virtualization platforms, including hypervisors, clouds, and containers, which will serve as a guide to dealing with the stimulating environment of 5G. This is particularly crucial when implementing network operations at the edge of 5G networks, where limited resources and prompt user responses are mandatory. Experimental results prove that containers outperform hypervisor-based virtualized infrastructure and cloud platforms’ latency and network throughput at the expense of higher virtualized processor use. In contrast to public clouds, where a set of rules is created to allow only the appropriate traffic, security is still a problem with containers.     

Secure Multifactor Remote Access User Authentication Framework for IoT Networks

The term IoT refers to the interconnection and exchange of data among devices/sensors. IoT devices are often small, low cost, and have limited resources. The IoT issues and challenges are growing increasingly. Security and privacy issues are among the most important concerns in IoT applications, such as smart buildings. Remote cybersecurity attacks are the attacks which do not require physical access to the IoT networks, where the attacker can remotely access and communicate with the IoT devices through a wireless communication channel. Thus, remote cybersecurity attacks are a significant threat. Emerging applications in smart environments such as smart buildings require remote access for both users and resources. Since the user/building communication channel is insecure, a lightweight and secure authentication protocol is required. In this paper, we propose a new secure remote user mutual authentication protocol based on transitory identities and multi-factor authentication for IoT smart building environment. The protocol ensures that only legitimate users can authenticate with smart building controllers in an anonymous, unlinkable, and untraceable manner. The protocol also avoids clock synchronization problem and can resist quantum computing attacks. The security of the protocol is evaluated using two different methods: (1) informal analysis; (2) model check using the automated validation of internet security protocols and applications (AVISPA) toolkit. The communication overhead and computational cost of the proposed are analyzed. The security and performance analysis show that our protocol is secure and efficient.     

End-to-End Latency Evaluation of the Sat5G Network Based on Stochastic Network Calculus

Simultaneous use of heterogeneous radio access technologies to increase the performance of real-time, reliability and capacity is an inherent feature of satellite-5G integrated network (Sat5G). However, there is still a lack of theoretical characterization of whether the network can satisfy the end-to-end transmission performance for latencysensitive service. To this end, we build a tandem model considering the connection relationship between the various components in Sat5G network architecture, and give an end-to-end latency calculation function based on this model. By introducing stochastic network calculus, we derive the relationship between the end-to-end latency bound and the violation probability considering the traffic characteristics of multimedia. Numerical results demonstrate the impact of different burst states and different service rates on this relationship, which means the higher the burst of arrival traffic and the higher the average rate of arrival traffic, the greater the probability of end-to-end latency violation. The results will provide valuable guidelines for the traffic control and cache management in Sat5G network.     

Toward modeling and simulation of critical national infrastructure interdependencies

Modern society's physical health depends vitally upon a number of real, interdependent, critical infrastructure networks that deliver power, petroleum, natural gas, water, and communications. Its economic health depends on a number of other infrastructure networks, some virtual and some real, that link residences, industries, commercial sectors, and transportation sectors. The continued prosperity and national security of the US depends on our ability to understand the vulnerabilities of and analyze the performance of both the individual infrastructures and the entire interconnected system of infrastructures. Only then can we respond to potential disruptions in a timely and effective manner. Collaborative efforts among Sandia, other government agencies, private industry, and academia have resulted in realistic models for many of the individual component infrastructures. In this paper, we propose an innovative modeling and analysis framework to study the entire system of physical and economic infrastructures. That framework uses the existing individual models together with system dynamics, functional models, and nonlinear optimization algorithms. We describe this framework and demonstrate its potential use to analyze, and propose a response for, a hypothetical disruption.     

Introducing secure modes of operation for optical encryption

We analyze optical encryption systems using the techniques of conventional cryptography. All conventional block encryption algorithms are vulnerable to attack, and often they employ secure modes of operation as one way to increase security. We introduce the concept of conventional secure modes to optical encryption and analyze the results in the context of known conventional and optical attacks. We consider only the optical system "double random phase encoding," which forms the basis for a large number of optical encryption, watermarking, and multiplexing systems. We consider all attacks proposed to date in one particular scenario. We analyze only the mathematical algorithms themselves and do not consider the additional security that arises from employing these algorithms in physical optical systems.