Energy-aware dynamic Internet of Things security system based on Elliptic Curve Cryptography and Message Queue Telemetry Transport protocol for mitigating Replay attacks
Introduction
The term IoT was born as a title of a presentation made by Kevin Ashton in 1999 at MIT [1]. IoT overlaps between Mobile Computing, Pervasive Computing, Wireless Sensor Networks and Cyber–Physical System. IoT can be defined as a wired or wireless network constituted by connected and unequivocally identified devices able to process data and communicate with each other with or without human help. Nowadays, the IoT is used in many fields for example: Logistic, Smart environment, Smart Agriculture, Smart cities etc. By the end of 2020 it is estimated that there will be approximately 30 billion connected devices with a data exchange greater than 40 Zettabytes [2]. These expectations raise many IoT challenges such as scalability, data volumes, self-organizing, data interpretation, interoperability, automatic discovery, software complexity, security and privacy, wireless communication. Since sensors typically have limited computing and storage capabilities, it is common to forward the generated data to a cloud computing platform for data processing and analysis, but the network latency and jitter can become significant. As a result, the low latency requirement of various delay-sensitive applications such as vehicular networks and smart health services cannot be met. To address the above issue, the Mobile Edge Computing (MEC) paradigm has emerged in recent years. MEC is an essential paradigm shift toward a hierarchical architecture and a more responsive design. As shown in Fig. 1, the edge is an intermediate computing layer between the cloud and end devices that complements the advantages of cloud computing by performing data processing at the edge of radio access networks of mobile telecommunications networks [3], [4]. Although the fog computing paradigm offers many benefits for different IoT applications, it faces many challenges such as scalability, complexity, dynamicity, heterogeneity, latency and security [5].
One of the critical requirements of supporting IoT applications in MEC is security, because in wireless communications the medium can be accessed by both authorized users and adversaries; consequently, this makes it vulnerable to many security attacks [6]. Edge computing and fog computing terms are used interchangeably in both academia and industry. Their main objectives are the same, but they differ on how they process and handle the data and where the intelligence and computing power are placed [7]. This work aims to increase the security of an IoT context at edge layer in which there are a certain number of lightweight nodes exchanging messages by using the MQTT protocol through a broker which is placed on a fog node. It is proposed to mitigate data tampering and eavesdropping by applying the ECC on the MQTT payloads. As a higher key-strength causes more energy consumption than a lower one, the used security level will be dynamically changed, and it will be linked to the node energy level in an attempt to increase the system lifetime. Obviously, a low security level key must be changed with high frequency for guaranteeing good security. A mechanism is also proposed to mitigate Replay attacks by adding a timestamp to the ciphered payloads and by using some wake up patterns to preserve lightweight nodes energy by decreasing the received replicated messages that must be dropped. A Replay attack can be detected by an IDS that is placed on each network node which controls the packet timestamp.
Section snippets
Edge computing and its vulnerabilities
The successful deployment of MEC still has to face a number of open research challenges due to undefined incentives for the network service provider and the intrinsic limitations of wireless networks [3]. In fact, the MEC users remain in the coverage area of the MEC service provider for a limited time and they ask for variety of services that change rapidly, the resources available on the MEC server are limited compared to the Cloud server [8], [9], [10]. However in [11] authors emphasize the
Reference context
The system which is proposed in this work is collocated in an IoT context. In particular, it is collocated between the Smart devices Layer and the Fog/Edge Computing Layer. Then, the system is constituted by a certain number of lightweight nodes, each with a sensor or actuator module, and a central fog node. Monitored data by sensor nodes are sent periodically to the fog node by using the MQTT protocol. These messages are sent by the fog node to the actuator nodes. The system has a star
Security levels of elliptic curves
This section explains the key parameters relating to the used elliptic curves and their key exchange intervals for the considered security levels. This work considers three different security levels summarized in Fig. 7. All the domain parameters details of these curves can be found in [37].
An elliptic curve with a key length of bits has a key strength of approximately t bits. Then, approximately 2 operations are necessary to break the discrete logarithm problem associated to the relative
Simulation environment
The authors propose an event driven simulator for the evaluation of the system. The simulator is implemented entirely in Java language and uses the bcprov-jdk15on-160 library for ECC. Fig. 12 reports a diagram containing the main modules. The environment module creates, initializes and maintains all nodes. The fog node uses an MQTT broker for the management of topics, an authentication manager for managing stored credentials, generating and validating session tokens, a key manager for managing
Conclusions
This work proposes a new dynamic IoT security system in which there are sensor and actuator nodes exchanging data through a secured MQTT protocol in a fog network. The proposal encrypts the MQTT payloads with ECC for mitigating data tampering and eavesdropping and adds a timestamp to the payloads and uses lightweight node wake-up patterns for mitigating Replay attacks. To reduce the encryption energy consumption, we have proposed to change dynamically the key-strength of the used ECC on the
Declaration of Competing Interest
None declared under financial, general, and institutional competing interests.
Acknowledgment
This work was supported by ‘POR Calabria FSE/FESR 2014/2020 – International mobility of Ph.D. students and Research Grants/Type A Researchers” – Actions 10.5.6 and 10.5.12 actuated by ‘Regione Calabria, Italy .
References (38)
- et al.
Application optimization in mobile cloud computing: Motivation, taxonomies, and open challenges
J. Netw. Comput. Appl.
(2015) - et al.
Energy efficient distributed analytics at the edge of the network for IoT environments
Perv. Mobile Comput.
(2018) A secure and cost-efficient offloading policy for Mobile Cloud Computing against timing attacks
Perv. Mobile Comput.
(2018)- et al.
A Secure authentication scheme for Internet of Things
Perv. Mobile Comput.
(2017) - et al.
Secure authentication scheme for IoT and Cloud servers
Perv. Mobile Comput.
(2015) A privacy-preserving smart parking system using an IoT elliptic curve based security platform
Comput. Commun.
(2016)- et al.
A survey of internet of things (IoT)-applications, merits, demerits & challenges
- et al.
Review on internet of things: Recent applications and its challenges
Mobile edge computing: A survey
IEEE Internet Things
(2018)- et al.
Mobile Edge Computing: Opportunities, solutions, and challenges
Future Gener. Comput. Syst.
(2017)
Fog computing and the internet of things: A review
Big Data Cogn Comput
Security in the internet of things supported by mobile edge computing, multiple access mobile edge computing for heterogeneous IoT
IEEE Commun. Mag.
Security and Privacy in Fog Computing: Challenges
Resource management in mobile sink based wireless sensor networks through cloud computing
Case of arm emulation optimization for offloading mechanisms in mobile cloud computing
Future Gener. Comput. Syst.
New approach for securing communication over MQTT protocol A comparison between RSA and Elliptic Curve
Lightweight Cybersecurity Schemes using Elliptic Curve Cryptography in Publish-Subscribe Fog Computing
Secure MQTT for Internet of Things (IoT)
Mutual authentication scheme in secure internet of things technology for comfortable lifestyle
Sensors
Cited by (57)
A security-enhanced scheme for MQTT protocol based on domestic cryptographic algorithm
2024, Computer CommunicationsDesign of an IoT ultrasonic-vision based system for automatic fruit sorting utilizing size and color
2024, Internet of Things (Netherlands)Contemporary advances in multi-access edge computing: A survey of fundamentals, architecture, technologies, deployment cases, security, challenges, and directions
2023, Journal of Network and Computer ApplicationsArtificial Intelligence techniques to mitigate cyber-attacks within vehicular networks: Survey
2022, Computers and Electrical EngineeringCitation Excerpt :These security concerns are explored and listed based on the different cyber-attacks that target the vehicular systems, networks, and environment. We studied the existing vulnerabilities and attacks from different research papers, including [29–33,70–73]. We focus on the papers that discuss and analyze vehicular issues to work on solving them using AI techniques, among others.
Data security tolerance and portable based energy-efficient framework in sensor networks for smart grid environments
2022, Sustainable Energy Technologies and AssessmentsCitation Excerpt :A DoS and replay attack is a particular type that prevents sensor modules from waking up to drain their battery packs [17]. An attacker may start DoS and replay attacks on the sensor network to dismiss specific nodes, cause issues, and limit data transmission [18]. An offender can incorporate fake data into the network [19].