sensors-logo

Journal Browser

Journal Browser

Selected papers from WISA 2019

A special issue of Sensors (ISSN 1424-8220). This special issue belongs to the section "Sensor Networks".

Deadline for manuscript submissions: closed (30 April 2020) | Viewed by 47503

Special Issue Editor

Special Issue Information

Dear Colleagues,

WISA is one of the main security research venues hosted by the Korea Institute of Information Security and Cryptology (KIISC) and sponsored by the Ministry of Science, ICT and Future Planning (MSIP), and co-sponsored by the Electronics and Telecommunications Research Institute (ETRI), the Korea Internet and Security Agency (KISA), and the National Security Research Institute (NSRI). In 2019, WISA will celebrate its 20th anniversary while moving toward its new position as the best contributor to information security applications. The primary focus of WISA 2019 will be on systems and network security including all other technical and practical aspects of security applications. This Special Issue will include extended versions of selected papers from WISA 2019, along with general papers closely related to the conference themes. Potential topics include but are not limited to:

  • Analysis of network and security protocols    
  • Anonymity and censorship-resistant technologies    
  • Applications of cryptographic techniques    
  • Authentication and authorization     
  • Automated tools for source code/binary analysis    
  • Automobile security     
  • Botnet defense     
  • Blockchain security    
  • Critical infrastructure security     
  • Denial-of-service attacks and countermeasures     
  • Digital forensics    
  • Embedded systems security   
  • Exploit techniques and automation    
  • Hardware and physical security    
  • HCI security and privacy   
  • Intrusion detection and prevention    
  • Malware analysis  
  • Mobile/wireless/cellular system security    
  • Network-based attacks   
  • Network infrastructure security     
  • Operating system security    
  • Practical cryptanalysis (hardware, DRM, etc.)    
  • Security policy    
  • Side channel attacks and countermeasures     
  • Storage and file systems security     
  • Techniques for developing secure systems     
  • Trustworthy computing   
  • Trusted execution environments   
  • Unmanned system security for vehicle/drone/ship systems
  • Vulnerability research    
  • Web security

Prof. Ilsun You
Guest Editor

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Sensors is an international peer-reviewed open access semimonthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 2600 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Published Papers (10 papers)

Order results
Result details
Select all
Export citation of selected articles as:

Research

21 pages, 4235 KiB  
Article
Protecting Physical Communications in 5G C-RAN Architectures through Resonant Mechanisms in Optical Media
by Borja Bordel Sánchez, Ramón Alcarria, Tomás Robles and Antonio Jara
Sensors 2020, 20(15), 4104; https://doi.org/10.3390/s20154104 - 23 Jul 2020
Cited by 3 | Viewed by 2657
Abstract
Future 5G networks are characterized by three basic ideas: enhanced mobile broadband communications, massive machine-type communications, and ultra-low-latency communications. Any of these requirements needs, to be fulfilled, the implementation of high-efficiency technologies at all levels. This includes some of the costliest mechanisms in [...] Read more.
Future 5G networks are characterized by three basic ideas: enhanced mobile broadband communications, massive machine-type communications, and ultra-low-latency communications. Any of these requirements needs, to be fulfilled, the implementation of high-efficiency technologies at all levels. This includes some of the costliest mechanisms in terms of computational time and bitrate: information protection solutions. Typical techniques in this area employ complex algorithms and large protocol headers, which strongly reduces the effective baud rate and latency of future 5G networks and communications. This is especially relevant in the access network, which in 5G networks will follow a cloud-based architecture, where thousands of different devices must communicate, before aggregating all those streams to be sent to the backbone. Then, new and more efficient mechanisms are needed in the cloud radio access networks (C-RAN) for future 5G systems. Therefore, in this paper it is proposed a novel information protection scheme for C-RAN architectures based on resonant phenomena in optical fibers communicating the fronthaul and backhaul in 5G networks. Resonant structures and physical nonlinearities generate a chaotic signal which may encrypt and hide at physical level every communication stream in a very efficient manner. To evaluate the proposed mechanism, an experimental validation based on simulation techniques is also described and results discussed. Full article
(This article belongs to the Special Issue Selected papers from WISA 2019)
Show Figures

Figure 1

18 pages, 20104 KiB  
Article
A Multi-Component Analysis of CPTED in the Cyberspace Domain
by Jemin Justin Lee, Myong-Hyun Go, Yu-Kyung Kim, Minhee Joo, JeongEun Seo, Haengrok Oh, Janghyuk Kauh and Kyungho Lee
Sensors 2020, 20(14), 3968; https://doi.org/10.3390/s20143968 - 17 Jul 2020
Cited by 1 | Viewed by 3364
Abstract
The visual fidelity of a virtual environment lacks the exceedingly complex layers from the physical world, but the continuous improvements of image rendering technology and computation powers have led to greater demands for virtual simulations. Our study employs Crime Prevention through Environmental Design [...] Read more.
The visual fidelity of a virtual environment lacks the exceedingly complex layers from the physical world, but the continuous improvements of image rendering technology and computation powers have led to greater demands for virtual simulations. Our study employs Crime Prevention through Environmental Design (CPTED) as a risk control measure and utilizes two principles: Access Control and Natural Surveillance. We conducted an experiment with (n-sample: 100) graduate students. For the experiment, we utilized the Factor Analysis of Information Risk (FAIR) to quantitatively analyze the risk. Furthermore, we adopted the lme4 package for R to estimate the mixed effect of the 6,242,880 observations retrieved from Kaggle. Based on the two experiments, we were able to critically evaluate the contributions of CPTED through a multi-component analysis. Our study investigates how spatial syntax and territorial demarcation may translate in the cyberspace realm. We found that the corollaries of the mophology in the virtual environment effects the distribution of crime. The results of our study discusses how to determine the criminogenic designs and capacity in the cyberspace realm. Full article
(This article belongs to the Special Issue Selected papers from WISA 2019)
Show Figures

Figure 1

20 pages, 1475 KiB  
Article
Blockchain-Based Data Sharing and Trading Model for the Connected Car
by Byeong-Gyu Jeong, Taek-Young Youn, Nam-Su Jho and Sang Uk Shin
Sensors 2020, 20(11), 3141; https://doi.org/10.3390/s20113141 - 2 Jun 2020
Cited by 24 | Viewed by 5140
Abstract
Currently, “connected cars” are being actively designed over smart cars and autonomous cars, to establish a two-way communication network between the vehicle and all infrastructure. Additionally, because vehicle black boxes are becoming more common, specific processes for secure and efficient data sharing and [...] Read more.
Currently, “connected cars” are being actively designed over smart cars and autonomous cars, to establish a two-way communication network between the vehicle and all infrastructure. Additionally, because vehicle black boxes are becoming more common, specific processes for secure and efficient data sharing and transaction via vehicle networks must be developed. In this paper, we propose a Blockchain-based vehicle data marketplace platform model, along with a data sharing scheme, using Blockchain-based data-owner-based attribute-based encryption (DO-ABE). The proposed model achieves the basic requirements such as data confidentiality, integrity, and privacy. The proposed system securely and effectively handles large-capacity and privacy-sensitive black box video data by storing the metadata on Blockchain (on-chain) and encrypted raw data on off-chain (external) storage, and adopting consortium Blockchain. Furthermore, the data owners of the proposed model can control their own data by applying the Blockchain-based DO-ABE and owner-defined access control lists. Full article
(This article belongs to the Special Issue Selected papers from WISA 2019)
Show Figures

Figure 1

19 pages, 1978 KiB  
Article
Recurrent GANs Password Cracker For IoT Password Security Enhancement
by Sungyup Nam, Seungho Jeon, Hongkyo Kim and Jongsub Moon
Sensors 2020, 20(11), 3106; https://doi.org/10.3390/s20113106 - 31 May 2020
Cited by 25 | Viewed by 6720
Abstract
Text-based passwords are a fundamental and popular means of authentication. Password authentication can be simply implemented because it does not require any equipment, unlike biometric authentication, and it relies only on the users’ memory. This reliance on memory is a weakness of passwords, [...] Read more.
Text-based passwords are a fundamental and popular means of authentication. Password authentication can be simply implemented because it does not require any equipment, unlike biometric authentication, and it relies only on the users’ memory. This reliance on memory is a weakness of passwords, and people therefore usually use easy-to-remember passwords, such as “iloveyou1234”. However, these sample passwords are not difficult to crack. The default passwords of IoT also are text-based passwords and are easy to crack. This weakness enables free password cracking tools such as Hashcat and JtR to execute millions of cracking attempts per second. Finally, this weakness creates a security hole in networks by giving hackers access to an IoT device easily. Research has been conducted to better exploit weak passwords to improve password-cracking performance. The Markov model and probabilistic context-free-grammar (PCFG) are representative research results, and PassGAN, which uses generative adversarial networks (GANs), was recently introduced. These advanced password cracking techniques contribute to the development of better password strength checkers. We studied some methods of improving the performance of PassGAN, and developed two approaches for better password cracking: the first was changing the convolutional neural network (CNN)-based improved Wasserstein GAN (IWGAN) cost function to an RNN-based cost function; the second was employing the dual-discriminator GAN structure. In the password cracking performance experiments, our models showed 10–15% better performance than PassGAN. Through additional performance experiments with PCFG, we identified the cracking performance advantages of PassGAN and our models over PCFG. Finally, we prove that our models enhanced password strength estimation through a comparison with zxcvbn. Full article
(This article belongs to the Special Issue Selected papers from WISA 2019)
Show Figures

Figure 1

14 pages, 3982 KiB  
Article
Toward Efficient Image Recognition in Sensor-Based IoT: A Weight Initialization Optimizing Method for CNN Based on RGB Influence Proportion
by Zile Deng, Yuanlong Cao, Xinyu Zhou, Yugen Yi, Yirui Jiang and Ilsun You
Sensors 2020, 20(10), 2866; https://doi.org/10.3390/s20102866 - 18 May 2020
Cited by 8 | Viewed by 5392
Abstract
As the Internet of Things (IoT) is predicted to deal with different problems based on big data, its applications have become increasingly dependent on visual data and deep learning technology, and it is a big challenge to find a suitable method for IoT [...] Read more.
As the Internet of Things (IoT) is predicted to deal with different problems based on big data, its applications have become increasingly dependent on visual data and deep learning technology, and it is a big challenge to find a suitable method for IoT systems to analyze image data. Traditional deep learning methods have never explicitly taken the color differences of data into account, but from the experience of human vision, colors play differently significant roles in recognizing things. This paper proposes a weight initialization method for deep learning in image recognition problems based on RGB influence proportion, aiming to improve the training process of the learning algorithms. In this paper, we try to extract the RGB proportion and utilize it in the weight initialization process. We conduct several experiments on different datasets to evaluate the effectiveness of our proposal, and it is proven to be effective on small datasets. In addition, as for the access to the RGB influence proportion, we also provide an expedient approach to get the early proportion for the following usage. We assume that the proposed method can be used for IoT sensors to securely analyze complex data in the future. Full article
(This article belongs to the Special Issue Selected papers from WISA 2019)
Show Figures

Figure 1

16 pages, 521 KiB  
Article
Fast Number Theoretic Transform for Ring-LWE on 8-bit AVR Embedded Processor
by Hwajeong Seo, Hyeokdong Kwon, Yongbeen Kwon, Kyungho Kim, Seungju Choi, Hyunjun Kim and Kyoungbae Jang
Sensors 2020, 20(7), 2039; https://doi.org/10.3390/s20072039 - 5 Apr 2020
Cited by 3 | Viewed by 2804
Abstract
In this paper, we optimized Number Theoretic Transform (NTT) and random sampling operations on low-end 8-bit AVR microcontrollers. We focused on the optimized modular multiplication with secure countermeasure (i.e., constant timing), which ensures high performance and prevents timing attack and simple power analysis. [...] Read more.
In this paper, we optimized Number Theoretic Transform (NTT) and random sampling operations on low-end 8-bit AVR microcontrollers. We focused on the optimized modular multiplication with secure countermeasure (i.e., constant timing), which ensures high performance and prevents timing attack and simple power analysis. In particular, we presented combined Look-Up Table (LUT)-based fast reduction techniques in a regular fashion. This novel approach only requires two times of LUT access to perform the whole modular reduction routine. The implementation is carefully written in assembly language, which reduces the number of memory access and function call routines. With LUT-based optimization techniques, proposed NTT implementations outperform the previous best results by 9.0% and 14.6% for 128-bit security level and 256-bit security level, respectively. Furthermore, we adopted the most optimized AES software implementation to improve the performance of pseudo random number generation for random sampling operation. The encryption of AES-256 counter (CTR) mode used for random number generator requires only 3184 clock cycles for 128-bit data input, which is 9.5% faster than previous state-of-art results. Finally, proposed methods are applied to the whole process of Ring-LWE key scheduling and encryption operations, which require only 524,211 and 659,603 clock cycles for 128-bit security level, respectively. For the key generation of 256-bit security level, 1,325,171 and 1,775,475 clock cycles are required for H/W and S/W AES-based implementations, respectively. For the encryption of 256-bit security level, 1,430,601 and 2,042,474 clock cycles are required for H/W and S/W AES-based implementations, respectively. Full article
(This article belongs to the Special Issue Selected papers from WISA 2019)
Show Figures

Figure 1

33 pages, 2605 KiB  
Article
Security Architecture for Defining and Enforcing Security Profiles in DLT/SDN-Based IoT Systems
by Sara N. Matheu, Alberto Robles Enciso, Alejandro Molina Zarca, Dan Garcia-Carrillo, José Luis Hernández-Ramos, Jorge Bernal Bernabe and Antonio F. Skarmeta
Sensors 2020, 20(7), 1882; https://doi.org/10.3390/s20071882 - 28 Mar 2020
Cited by 25 | Viewed by 4608
Abstract
Despite the advantages that the Internet of Things (IoT) will bring to our daily life, the increasing interconnectivity, as well as the amount and sensitivity of data, make IoT devices an attractive target for attackers. To address this issue, the recent Manufacturer Usage [...] Read more.
Despite the advantages that the Internet of Things (IoT) will bring to our daily life, the increasing interconnectivity, as well as the amount and sensitivity of data, make IoT devices an attractive target for attackers. To address this issue, the recent Manufacturer Usage Description (MUD) standard has been proposed to describe network access control policies in the manufacturing phase to protect the device during its operation by restricting its communications. In this paper, we define an architecture and process to obtain and enforce the MUD restrictions during the bootstrapping of a device. Furthermore, we extend the MUD model with a flexible policy language to express additional aspects, such as data privacy, channel protection, and resource authorization. For the enforcement of such enriched behavioral profiles, we make use of Software Defined Networking (SDN) techniques, as well as an attribute-based access control approach by using authorization credentials and encryption techniques. These techniques are used to protect devices’ data, which are shared through a blockchain platform. The resulting approach was implemented and evaluated in a real scenario, and is intended to reduce the attack surface of IoT deployments by restricting devices’ communication before they join a certain network. Full article
(This article belongs to the Special Issue Selected papers from WISA 2019)
Show Figures

Figure 1

14 pages, 4396 KiB  
Article
CAPTCHA Image Generation: Two-Step Style-Transfer Learning in Deep Neural Networks
by Hyun Kwon, Hyunsoo Yoon and Ki-Woong Park
Sensors 2020, 20(5), 1495; https://doi.org/10.3390/s20051495 - 9 Mar 2020
Cited by 8 | Viewed by 6162
Abstract
Mobile devices such as sensors are used to connect to the Internet and provide services to users. Web services are vulnerable to automated attacks, which can restrict mobile devices from accessing websites. To prevent such automated attacks, CAPTCHAs are widely used as a [...] Read more.
Mobile devices such as sensors are used to connect to the Internet and provide services to users. Web services are vulnerable to automated attacks, which can restrict mobile devices from accessing websites. To prevent such automated attacks, CAPTCHAs are widely used as a security solution. However, when a high level of distortion has been applied to a CAPTCHA to make it resistant to automated attacks, the CAPTCHA becomes difficult for a human to recognize. In this work, we propose a method for generating a CAPTCHA image that will resist recognition by machines while maintaining its recognizability to humans. The method utilizes the style transfer method, and creates a new image, called a style-plugged-CAPTCHA image, by incorporating the styles of other images while keeping the content of the original CAPTCHA. In our experiment, we used the TensorFlow machine learning library and six CAPTCHA datasets in use on actual websites. The experimental results show that the proposed scheme reduces the rate of recognition by the DeCAPTCHA system to 3.5% and 3.2% using one style image and two style images, respectively, while maintaining recognizability by humans. Full article
(This article belongs to the Special Issue Selected papers from WISA 2019)
Show Figures

Figure 1

14 pages, 690 KiB  
Article
Malicious Network Traffic Detection Based on Deep Neural Networks and Association Analysis
by Minghui Gao, Li Ma, Heng Liu, Zhijun Zhang, Zhiyan Ning and Jian Xu
Sensors 2020, 20(5), 1452; https://doi.org/10.3390/s20051452 - 6 Mar 2020
Cited by 44 | Viewed by 6014
Abstract
Anomaly detection systems can accurately identify malicious network traffic, providing network security. With the development of internet technology, network attacks are becoming more and more sourced and complicated, making it difficult for traditional anomaly detection systems to effectively analyze and identify abnormal traffic. [...] Read more.
Anomaly detection systems can accurately identify malicious network traffic, providing network security. With the development of internet technology, network attacks are becoming more and more sourced and complicated, making it difficult for traditional anomaly detection systems to effectively analyze and identify abnormal traffic. At present, deep neural network (DNN) technology achieved great results in terms of anomaly detection, and it can achieve automatic detection. However, there still exists misclassified traffic in the prediction results of deep neural networks, resulting in redundant alarm information. This paper designs a two-level anomaly detection system based on deep neural network and association analysis. We made a comprehensive evaluation of experiments using DNNs and other neural networks based on publicly available datasets. Through the experiments, we chose DNN-4 as an important part of our system, which has high precision and accuracy in identifying malicious traffic. The Apriori algorithm can mine rules between various discretized features and normal labels, which can be used to filter the classified traffic and reduce the false positive rate. Finally, we designed an intrusion detection system based on DNN-4 and association rules. We conducted experiments on the public training set NSL-KDD, which is considered as a modified dataset for the KDDCup 1999. The results show that our detection system has great precision in malicious traffic detection, and it achieves the effect of reducing the number of false alarms. Full article
(This article belongs to the Special Issue Selected papers from WISA 2019)
Show Figures

Figure 1

16 pages, 6919 KiB  
Article
Design of Resistor-Capacitor Physically Unclonable Function for Resource-Constrained IoT Devices
by Sangjae Lee, Mi-Kyung Oh, Yousung Kang and Dooho Choi
Sensors 2020, 20(2), 404; https://doi.org/10.3390/s20020404 - 10 Jan 2020
Cited by 6 | Viewed by 3609
Abstract
Keeping IoT devices secure has been a major challenge recently. One of the possible solutions to secure IoT devices is to use a physically unclonable function (PUF). A PUF is a security primitive that can generate device-specific cryptographic information by extracting the features [...] Read more.
Keeping IoT devices secure has been a major challenge recently. One of the possible solutions to secure IoT devices is to use a physically unclonable function (PUF). A PUF is a security primitive that can generate device-specific cryptographic information by extracting the features of hardware uncertainty. Because PUF instances are very difficult to replicate even by the manufacturer, the generated bit sequence can be used as cryptographic keys or as a unique identifier for the device. Regarding the implementation of PUF, the majority of PUFs introduced over the past decade are in the form of active components and have been implemented as separate chips or embedded as a part of a chip, making it difficult to use them in low-cost IoT devices due to cost and design flexibility. One approach to easily adopt PUFs in resource-constrained IoT devices is to use passive components such as resistors and capacitors (RC) that can be configured at low cost. The main feature of this RC-based PUF is that it extracts the small difference caused by charging and discharging of RC circuits and uses it as a response. In this paper, we extend the previous research and show the possibility to secure IoT devices by using the RC-based PUF. Full article
(This article belongs to the Special Issue Selected papers from WISA 2019)
Show Figures

Figure 1

Back to TopTop