A Lightweight authentication scheme for IoT against Rogue Base Station Attacks

Mikail Mohammed Salim; Jungho Kang; Yi Pan; Jong Hyuk Park; Mikail Mohammed Salim; Jungho Kang; Yi Pan; Jong Hyuk Park

doi:10.3934/mbe.2022546

Mathematical Biosciences and Engineering

2022, Volume 19, Issue 11: 11735-11755. doi: 10.3934/mbe.2022546

Previous Article Next Article

Research article Special Issues

A Lightweight authentication scheme for IoT against Rogue Base Station Attacks

1.
Department of Computer Science and Engineering, Seoul National University of Science and Technology, (SeoulTech), Seoul 01811, Korea
2.
Department of Information Security, Baewha Woman University, Korea
3.
Department of Computing Science, Georgia State University, USA

Received: 12 May 2022 Revised: 22 July 2022 Accepted: 10 August 2022 Published: 16 August 2022

Internet of Things (IoT) devices supporting intelligent cloud applications such as healthcare for hospitals rely on connecting with local base stations and access points to provide rich data analysis and real-time services to users. Devices authenticate with local base stations and perform handover operations to connect with access points with higher signal strength. Attackers disguise as valid base stations and access points using publicly accessible SSID information connect with local IoT devices during the handover process and give rise to data integrity and privacy concerns. This paper proposes a lightweight authentication scheme for private blockchain-based networks for securing devices from rogue base stations during the handover process. An authentication certificate is designed for base stations and machines in local clusters using SHA256 and modulo operations for enabling quick handover operations. The keys assigned to each device and base station joining the network are hashed, and their sizes are reduced using modulo operations. Furthermore, the compressed key size forms a certificate, which is used by the machines and the base stations to authenticate mutually. In comparison with existing studies, the performance analysis of the proposed scheme is based on the transmission of three messages required for completing the authentication process. Evaluation based on the Communication Overhead demonstrates a minimum improvement of 99.30% fewer bytes exchanged during the handover process and 89.58% reduced Storage Overhead compared with existing studies.
- Handover,
- Authentication,
- IoT,
- Privacy,
- SHA256
Citation: Mikail Mohammed Salim, Jungho Kang, Yi Pan, Jong Hyuk Park. A Lightweight authentication scheme for IoT against Rogue Base Station Attacks[J]. Mathematical Biosciences and Engineering, 2022, 19(11): 11735-11755. doi: 10.3934/mbe.2022546

Related Papers:

Abstract

Internet of Things (IoT) devices supporting intelligent cloud applications such as healthcare for hospitals rely on connecting with local base stations and access points to provide rich data analysis and real-time services to users. Devices authenticate with local base stations and perform handover operations to connect with access points with higher signal strength. Attackers disguise as valid base stations and access points using publicly accessible SSID information connect with local IoT devices during the handover process and give rise to data integrity and privacy concerns. This paper proposes a lightweight authentication scheme for private blockchain-based networks for securing devices from rogue base stations during the handover process. An authentication certificate is designed for base stations and machines in local clusters using SHA256 and modulo operations for enabling quick handover operations. The keys assigned to each device and base station joining the network are hashed, and their sizes are reduced using modulo operations. Furthermore, the compressed key size forms a certificate, which is used by the machines and the base stations to authenticate mutually. In comparison with existing studies, the performance analysis of the proposed scheme is based on the transmission of three messages required for completing the authentication process. Evaluation based on the Communication Overhead demonstrates a minimum improvement of 99.30% fewer bytes exchanged during the handover process and 89.58% reduced Storage Overhead compared with existing studies.

References

[1]	S. Selvaraj, S. Sundaravaradhan, Challenges and opportunities in IoT healthcare systems: A systematic review, SN Appl. Sci., 2 (2020), 1–8. https://doi.org/10.1007/s42452-019-1925-y doi: 10.1007/s42452-019-1925-y
[2]	K. R. Cho, J. J. Lee, E. S. Lee, A study on the design of test item framework for the reliability of frozen and refrigerated products with IoT function, KIPS Transact. Software Data Eng., 10 (2021), 211–222. https://doi.org/10.3745/KTSDE.2021.10.6.211 doi: 10.3745/KTSDE.2021.10.6.211
[3]	H. Alshammari, S. A. El-Ghany, A. Shehab, Big IoT healthcare data analytics framework based on Fog and cloud computing, J. Inform. Process. Syst., 16 (2020), 1238–1249. https://doi.org/10.3745/JIPS.04.0193 doi: 10.3745/JIPS.04.0193
[4]	T. Almalki, S. Alzahrani, W. Alhakami, Healthcare Security based on Blockchain, J. Inform. Process. Syst., 21 (2021), 149–160. https://doi.org/10.22937/IJCSNS.2021.21.8.20 doi: 10.22937/IJCSNS.2021.21.8.20
[5]	X. Wang, S. Cai, Secure healthcare monitoring framework integrating NDN-based IoT with edge cloud, Future Gener. Computer Syst., 112 (2020), 320–329. https://doi.org/10.1016/j.future.2020.05.042 doi: 10.1016/j.future.2020.05.042
[6]	R. M. Abdelmoneem, A. Benslimane, E. Shaaban, Mobility-aware task scheduling in cloud-Fog IoT-based healthcare architectures, 179 (2020), 107348. https://doi.org/10.1016/j.comnet.2020.107348
[7]	M. Haghi, S. Neubert, A. Geissler, H. Fleisher, N. Stoll, R. Stoll, et al., A flexible and pervasive IoT-based healthcare platform for physiological and environmental parameters monitoring, IEEE Int. Things J., 7 (2020), 5628–5647. https://doi.org/10.1109/JIOT.2020.2980432 doi: 10.1109/JIOT.2020.2980432
[8]	J. H. Im, H. R. Oh, Y. R. Seong, Simulation of a mobile IoT system using the DEVS formalism, J. Inform. Process. Syst., 17 (2020), 28–36. https://doi.org/10.3745/JIPS.03.0155 doi: 10.3745/JIPS.03.0155
[9]	H. N. Qureshi, M. Manalastas, S. M. A. Zaidi, A. Imran, M. O. A. Kalaa, Service level agreements for 5G and beyond: Overview, challenges and enablers of 5G-healthcare systems, IEEE Access, 9 (2020), 1044–1061. https://doi.org/10.1109/ACCESS.2020.3046927 doi: 10.1109/ACCESS.2020.3046927
[10]	J. H. Park, S. Rathore, S. K. Singh, M. M. Salim, A. E. Azzaoui, T. Kim, et al., A comprehensive survey on core technologies and services for 5G security: Taxonomies, issues, and solutions, Human-centric Comput. Inform. Sci., 11 (2021), 1–23. https://doi.org/10.22967/HCIS.2021.11.003 doi: 10.22967/HCIS.2021.11.003
[11]	Y. Zhang, R. H. Deng, E. Bertino, D. Zheng, Robust and universal seamless handover authentication in 5G HetNets, IEEE Transact. Depend. Secure Comput., 18 (2019), 858–874. https://doi.org/10.1109/TDSC.2019.2927664 doi: 10.1109/TDSC.2019.2927664
[12]	A. Calhan, M. Cicioglu, Handover scheme for 5G small cell networks with non-orthogonal multiple access, Computer Networks, 183 (2020), 107601. https://doi.org/10.1016/j.comnet.2020.107601 doi: 10.1016/j.comnet.2020.107601
[13]	J. Cao, M. Ma, Y. Fu, H. Li, Y. Zhang, CPPHA: Capability-based privacy-protection handover authentication mechanism for SDN-based 5G HetNets, IEEE Transact. Depend. Secure Comput., 18 (2021), 1182–1195. https://doi.org/10.1109/TDSC.2019.2916593 doi: 10.1109/TDSC.2019.2916593
[14]	P. Ziayi, S. M. Farmanbar, M. Rezvani, YAICD: Yet another IMSI catcher detector in GSM, Secur. Commun. Networks, (2021). https://doi.org/10.1155/2021/8847803
[15]	A. S. Abdalla, K. Powell, V. Marojevic, G. Geraci, UAV-assisted attack prevention, detection, and recovery of 5G networks, IEEE Wireless Commun., 27 (2020), 40–47. https://doi.org/10.1109/MWC.01.1900545 doi: 10.1109/MWC.01.1900545
[16]	D. J. Jeyakumar, S. Lingeshwari, Fake sensor detection and secure data transmission based on predictive parser in WSNs, Wireless Personal Commun., 110 (2020), 531–544. https://doi.org/10.1007/s11277-019-06740-0 doi: 10.1007/s11277-019-06740-0
[17]	Y. Kim, J. Park, Hybrid decentralized PBFT blockchain framework for openstack message queue, Human-centric Comput. Inform. Sci., 10 (2020), 1–12. https://doi.org/10.1186/s13673-020-00238-6 doi: 10.1186/s13673-020-00238-6
[18]	V. Gomathy, N. Padhy, D. Samanta, M. Sivaram, V. Jain, I. S. Amiri, Malicious node detection using heterogeneous cluster based secure routing protocol (HCBS) in wireless adhoc sensor networks, J. Ambient Intell. Human. Comput., 11 (2020), 4995–5001. https://doi.org/10.1007/s12652-020-01797-3 doi: 10.1007/s12652-020-01797-3
[19]	H. Khan, K. M. Martin, A survey of subscription privacy on the 5G radio interface—The past, present and future, J. Inform. Secur. Appl., 53 (2020), 102537. https://doi.org/10.1016/j.jisa.2020.102537 doi: 10.1016/j.jisa.2020.102537
[20]	S. Mondal, S. A. Rubaye, A. Tsourdos, Handover prediction for aircraft dual connectivity using model predictive control, IEEE Access, 9 (2021), 44463–44475. https://doi.org/10.1109/ACCESS.2021.3066554 doi: 10.1109/ACCESS.2021.3066554
[21]	K. W. Huang, H. M. Wang, Identifying the fake base station: A location based approach, IEEE Commun. Letters, 22 (2018), 1604–1607. https://doi.org/10.1109/LCOMM.2018.2843334 doi: 10.1109/LCOMM.2018.2843334
[22]	Q. Bin, C. Ziwen, X. Yong, H. Liang, S. Sheng, Rogue base stations detection for advanced metering infrastructure based on signal strength clustering, IEEE Access, 8 (2019), 158798–158805. https://doi.org/10.1109/ACCESS.2019.2934222 doi: 10.1109/ACCESS.2019.2934222
[23]	Y. Xiao, B. Qian, Z. Cai, L. Hong, S. Su, Eliminating rogue femtocells for iot open meter system based on expert system, J. Eng., (2019). https://doi.org/10.1155/2019/4910232
[24]	R. Ma, J. Cao, D. Feng, H. Li, Y. Zhang, X. Lv, PPSHA: Privacy preserving secure handover authentication scheme for all application scenarios in LTE-A networks, Ad Hoc Networks, 87 (2019), 49–60. https://doi.org/10.1016/j.adhoc.2018.11.012 doi: 10.1016/j.adhoc.2018.11.012
[25]	Y. Qiu, M. Ma, X. Wang, A proxy signature-based handover authentication scheme for LTE wireless networks, J. Network Computer Appl., 83 (2017), 63–71. https://doi.org/10.1016/j.jnca.2017.01.023 doi: 10.1016/j.jnca.2017.01.023
[26]	J. Cao, H. Li, M. Ma, Y. Zhang, C. Lai, A simple and robust handover authentication between HeNB and eNB in LTE networks, Computer Networks, 56 (2012), 2119–2131. https://doi.org/10.1016/j.comnet.2012.02.012 doi: 10.1016/j.comnet.2012.02.012
[27]	M. C. Chow, M. Ma, A secure blockchain-based authentication and key agreement scheme for 3GPP 5G networks, Sensors, 22 (2022), 4525. https://doi.org/10.3390/s22124525 doi: 10.3390/s22124525
[28]	X. Yang, X. Yang, X. Yi, I. Khalil, X. Zhou, D. He, et al., Blockchain-based secure and lightweight authentication for Internet of Things, IEEE Int. Things J., 9 (2022), 3321–3332. https://doi.org/10.1109/JIOT.2021.3098007 doi: 10.1109/JIOT.2021.3098007
[29]	S. Koteshwara, A. Das, K. K. Parhi, Architecture optimization and performance comparison of Nonce-misuse-resistant authenticated encryption algorithms, IEEE Transact. Very Large Scale Integr. (VLSI) Syst., 27 (2019), 1053–1066. https://doi.org/10.1109/TVLSI.2019.2894656 doi: 10.1109/TVLSI.2019.2894656

Reader Comments

Your name:*

Email:*
© 2022 the Author(s), licensee AIMS Press. This is an open access article distributed under the terms of the Creative Commons Attribution License (http://creativecommons.org/licenses/by/4.0)