Faculty Publications
Permanent URI for this communityhttps://idr.nitk.ac.in/handle/123456789/18736
Publications by NITK Faculty
Browse
8 results
Search Results
Item Mitigating Man-in-the-Middle Attack in Digital Signature(Institute of Electrical and Electronics Engineers Inc., 2020) Jain, S.; Sharma, S.; Chandavarkar, B.R.We all are living in the digital era, where the maximum of the information is available online. The digital world has made the transfer of information easy and provides the basic needs of security like authentication, integrity, nonrepudiation, etc. But, with the improvement in security, cyber-attacks have also increased. Security researchers have provided many techniques to prevent these cyber-attacks; one is a Digital Signature (DS). The digital signature uses cryptographic key pairs (public and private) to provide the message's integrity and verify the sender's identity. The private key used in the digital signature is confidential; if attackers find it by using various techniques, then this can result in an attack. This paper presents a brief introduction about the digital signature and how it is vulnerable to a man-in-the-middle attack. Further, it discusses a technique to prevent this attack in the digital signature. © 2020 IEEE.Item Intrusion Detection of Sinkhole Attack in Underwater Acoustic Sensor Networks(Institute of Electrical and Electronics Engineers Inc., 2021) Palisetti, S.; Chandavarkar, B.R.; Gadagkar, A.V.Underwater networks have the potential to allow previously unexplored applications as well as improve our ability to observe and forecast the ocean. Underwater acoustic sensor networks (UASNs) are often deployed in unprecedented and hostile waters and face many security threats. Applications based on UASNs such as coastal defense, pollution monitoring, assisted navigation to name a few, require secure communication. A new set of communication protocols and cooperative coordination algorithms have been proposed to enable collaborative monitoring tasks. However, such protocols overlook security as a key performance indicator. Spoofing, altering, or replaying routing information can affect the entire network, making UASN vulnerable to routing attacks such as selective forwarding, sinkhole attack, Sybil attack, acknowledgement spoofing and HELLO flood attack. The lack of security against such threats is startling if it is observed that security is indeed an important requirement in many emerging civilian and military applications. In this work, the sinkhole attack prevalent among UASNs is looked at and discuss mitigation approaches that can feasibly be implemented in UnetStack3. © 2021 IEEE.Item Demonstration of Selective Forwarding Attack and Detection Mechanism in UnetStack3(Institute of Electrical and Electronics Engineers Inc., 2021) Chandavarkar, B.R.; Suresh, N.Underwater networks provide new possibilities that can greatly improve our ability to observe and predict the ocean. Underwater acoustic sensor networks (UASNs) are frequently used in uncharted and unexplored waters, making them vulnerable to various security threats. Applications based on UASNs such as coastal defense, pollution monitoring, assisted navigation to name a few, require secure communication. Various communication protocols and algorithms have been developed to enable collaborative monitoring tasks. However, These protocols often place a low priority on security. Impersonating nodes or illegally manipulating routing information can affect the entire network, making UASNs vulnerable to attacks such as selective forwarding, sinkhole attack, Sybil attack, acknowledgement spoofing and HELLO flood attack. The lack of security against such threats is startling, since security is indeed an important requirement in many emerging civilian and military applications. This paper takes a look at the selective forwarding attack, examines a model as well as a detection mechanism created in UnetStack3. © 2021 IEEE.Item Hybrid cryptography for cloud computing(Institute of Electrical and Electronics Engineers Inc., 2021) Khan, H.K.; Pradhan, R.; Chandavarkar, B.R.In the present scenario, we come across millions and trillions of data in our daily lives which can be handled by a data center. Cloud is the data center that enables users to access the files and applications from almost any device and any geographical location as computing and storage take place on servers in the data center instead of the user device locally. It facilitates users with services like Software, Applications promptly without any hazard. Though the cloud has mesmerized the world with its advanced capabilities still there is safety concern involved in it because the cloud is shareable. All security components must ensure data security for every user. In this study report, a new security model using Hybrid Cryptography is designed as data in the cloud is vulnerable to issues like unauthorized data access, integrity violation, identity management, etc. Hybrid Cryptography comprises both symmetric and asymmetric algorithms. Encryption of communication requires Symmetric-key encryption whereas data exchange is taken care by the Public-key encryption technique. RSA algorithm deals with Authentication, blowfish algorithm ensures Data Confidentiality, and Secure Hash Algorithm-2 deals with Data Integrity. The present study concluded that advanced methods provide high data security over the internet and provide services on demand effectively without delay or error. © 2021 IEEE.Item Human-in-the-Loop Control and Security for Intelligent Cyber-Physical Systems (CPSs) and IoT(Springer, 2023) Jena, S.; Sundarrajan, S.; Meena, A.; Chandavarkar, B.R.In this era of connectivity and digitization, our appliances and equipment are becoming more intelligent and interlinked, creating an Internet of Things (IoT) that can be used to support new kinds of intelligent cyber-physical systems (CPSs). With the massive growth of CPSs, humans have become more involved within this structure. These types of CPSs/IoT systems containing humans are called human-in-the-loop cyber-physical systems (HiTLCPSs)/human-in-the-loop Internet of Things (HiTLIoT). The involvement of humans results in an external and unpredictable element that increases security concerns. This chapter proposes a unique “human-centric†framework to mitigate these issues, enabling humans as crucial components to make the CPS/IoT systems more robust and secure. Through this, the chapter tries to focus on “humans are a solution†rather than “humans are a problem.†Furthermore, the chapter looks into various components that make up the framework, how they are interlinked and how security can be bolstered with a human in the loop combined with this framework. © 2023, The Author(s), under exclusive license to Springer Nature Switzerland AG.Item Trust and Identity Management in IOT(Springer, 2023) Prateek, L.A.; Shah, R.; Tony, A.; Chandavarkar, B.R.The number of IoT devices has been growing exponentially for the past few years owing to the development of trends such as Cloud Computing, Big Data, and Artificial Intelligence. These devices contain microprocessors, sensors, and transceivers which are used to sense their surroundings, collect data, and execute actions based on stimuli. Due to the presence of a complex environment, these devices are exposed to the risks associated with privacy and security, which need to be addressed with the utmost concern to prevent the penetration and exploitation of these devices. Due to such concerns, the need for a reliable and efficient trust and identity management framework arises. The Identity Management System ensures that only authorized users have the right to use a service. This chapter explores different factors that determine the quality of an Identity Management System (IdMS). Alongside, this chapter presents a hybrid-based trust management system and the algorithm associated with it for trust computation involving the gateway and the devices. This improves the accuracy of the existing model in the case where indirect trust is not credible enough. This work uses a model for identity validation and verification, which is crucial for identity management. It also involves an exchange of a secure secret session key in order to ensure that the communication between the IoT devices is symmetrically encrypted and is not subjected to any typical and common attacks. This ensures the privacy, security, and integrity of the data/services being exchanged between IoT devices within the cluster. © 2023, The Author(s), under exclusive license to Springer Nature Switzerland AG.Item AuthBlock: Authentication Framework Using Ethereum Blockchain(Springer Science and Business Media Deutschland GmbH, 2023) Kamble, S.; Chandavarkar, B.R.When employing authentication mechanisms to store user credentials, a subtle point to note is that they are easily vulnerable to cyber attacks like sharing of user data without their consent, password stealing on a large scale, etc. By decentralizing ownership of credentials and providing a framework for confirming one’s record in an unalterable chain of data, i.e., Distributed Ledger Technology (DLT) in general and blockchain can provide a solution. Blockchain technology can help reduce the risk of attacks and user data leaks through backdoors by establishing a secure platform for online service providers to authenticate users without a single point of failure. Blockchain is being utilized increasingly for trusted, decentralized, secure registration, authentication, and valuation of digital assets (assets, real estate, etc.) and transactions, governing interactions, recording data, and managing identity among numerous parties. Smart contracts are used to do transactions on the blockchain. This work aims to analyze the shortcomings of traditional authentication systems and hence provide a blockchain-based authentication solution to address them. In this paper, we suggest AuthBlock, a robust, lightweight, and secure blockchain-based authentication system. It can be used by multiple parties as an authentication framework in parallel without any interference. The proposed approach leverages the Ethereum blockchain along with its provision of smart contracts. The proposed method is tested on the Ethereum localnet created using Go Ethereum (Geth) and evaluated to analyze user authentication, verification, and cost. © 2023, The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.Item Resource-Aware Cryptography: An Analysis of Lightweight Cryptographic Primitives(Springer, 2022) Rushad, M.; Nambiar, A.; Chandavarkar, B.R.With the increased use of highly constrained interconnected devices in various areas like healthcare, sensor networks, the internet of things (IoT), etc., the need for security and proper encryption of data in such devices has grown as well. To ease the integration of security into these devices, it is reasonable to standardize some primitives. Despite there being several cryptographic algorithms to safely encrypt data, they are mainly designed for heavier use and they not only consume a lot of energy, but also require a lot of processing power and space. To provide secure data transfer and storage while allowing implementation on smaller, constrained devices, various lightweight cryptographic primitives have been developed and implemented. In this paper, we first describe the constraints that must be followed to claim a lightweight design, then we analyze the design as well as security and cryptanalysis of some recently proposed state of the art primitives that are competing to be chosen as industry standards. Finally, we also compare the performance of each of these primitives when implemented on microcontrollers and categorize them according to their design, functionalities, claimed security and respective performance. Finally, we present various insights and observations based on our study. © The Author(s).