More Web Proxy on the site http://driver.im/

research-article

DoS Attacks Analysis and Improvement in DTLS Protocol for Internet of Things

Authors:

Abdellah Ezzati,

Mustapha BelaissaouiAuthors Info & Claims

BDAW '16: Proceedings of the International Conference on Big Data and Advanced Wireless Technologies

Article No.: 54, Pages 1 - 7

https://doi.org/10.1145/3010089.3010139

Published: 10 November 2016 Publication History

Abstract

The main contribution in this paper is to improve the weakness of cookies exchange in the handshake process in order to counter DoS attacks. The enhanced protocol is performed on Cooja simulator in Contiki operating system for the Internet of Things, and compared with the original DTLS. The simulation results lead to better performance of the proposed protocol in terms of handshake time processing, and energy consumption. The proposed enhanced DTLS protocol is analyzed through the AVISPA tool. The formal modelling analysis using the AVISPA tool has validated the security of the proposed DTLS authentication model against external attacks such as DoS, and ensures the important properties related to a communication security protocol, which is the authentication integrity, confidentiality.

References

[1]

A. Kotsev, F. Pantisano, S. Schade and S. Jirka, "Architecture of a Service Enabled Sensing Platform for the Environment", MDPI Sensors Journal, volume 15, pp. 4470-4495;, February 2015

[2]

C. Paquet, "Network Security Concepts and Policies", Cisco Press, February 2013.

[3]

L. Atzoria Author Vitae, A. IeraAuthor Vitae, G. Morabito "The Internet of Things: A survey", Elsevier Computer Networks Journal, volume 54, Issue 15, pp. 2787--2805, October 2010

Digital Library

[4]

A. Armando, D. Basin, Y. Boichut, Y. Chevalier, L. Compagna, J. Cuellar, P. Hankes Drielsma, P.C. Heám, O. Kouchnarenko, J. Mantovani, S. Mödersheim, D. von Oheimb, M. Rusinowitch, J. Santiago, M. Turuani, L. Viganò, et L. Vigneron, "The AVISPA Tool for the Automated Validation of Internet Security Protocols and Applications", Computer Aided Verification Book, Springer, volume 3576/2005, pp. 281--285, July, 2005,

Digital Library

[5]

Y. Glouche, T. Genet. "SPAN -- A Security Protocol ANimator for AVISPA -- User Manual", http://www.irisa.fr/lande/genet/span/, IRISA / University of Rennes 1, 2006.

[6]

Y. Chevalier, L. Compagna, J. Cuellar, P. Hankes Drielsma, J. Mantovani, S. Mödersheim, L. Vigneron, "A High Level Protocol Specification Language for Industrial Security-Sensitive Protocols", Proceedings of Workshop on Specification and Automated Processing of Security Requirements (SAPS), Linz, Austria, Oesterreichische Computer Gesellschaft (Austrian Computer Society), 2004.

[7]

T. Dierks, and E. Rescorla, "The Transport Layer Security (TLS) Protocol Version 1.2. RFC5246". Internet Engineering Task Force, August 2008.

[8]

J.F Vasseur, A. Dunkels, "Interconnecting Smart Objects with IP", Book chapter 8 -- Security for Smart Objects, Elsevier, pp. 81--89, 2010

[9]

Gupta V, Wurm M, Zhu, "Sizzle: A standards-based end-to-end security architecture for the embedded internet", Pervasive Mobile Comput Journal, pp. 425--445, December 2005.

Digital Library

[10]

Oliveira L, Kansal A, Priyantha B, Goraczko M, Zhao, "Secure-TWS: Authenticating node to multiuser communication in shared sensor networks", In: Proceedings of the 2009 International Conference on Information Processing in Sensor Networks, pp. 289--300, 2009.

Digital Library

[11]

E. Rescorla, "The Transport Layer Security (TLS) Protocol Version 1.3. Internet-Draft draft-ietftls-tls1307.txt", IETF Secretariat, July 2015.

[12]

A. Wood and J. Stankovic, "Denial of service in sensor networks," Computer, vol. 35, no. 10, pp. 54--62, 2002.

Digital Library

[13]

R. Cragie, Y. Ohba, R. Moskowitz, Z. Cao, and B. Sarikaya, "Security bootstrapping solution for resource-constrained devices" IETF, Nov. 2010.

[14]

Prabhakaran Kasinathan, Claudio Pastrone, Maurizio A. Spirito Mark Vinkovits Denial-of-Service detection in 6LoWPAN based Internet of Things", 5th International Conference on the Internet of Things (IOT), pp. 30--36, 2013

[15]

A.t Arış, S. F. Oktuğ, S. Berna Örs Yalçın, "Internet-of-Things security: Denial of service attacks", 23nd Signal Processing and Communications Applications Conference (SIU), pp. 903--906, 2015.

[16]

K. Bhargavan, A. Delignat-Lavaud, C. Fournet, A. Pironti and P. Strub "Triple Handshakes and Cookie Cutters: Breaking and Fixing Authentication over TLS", IEEE Symposium on Security and Privacy, pp. 98--113, 10.1109/SP.2014.14, 2015.

Digital Library

[17]

M. Tiloca, C. Gehrmann, L. Seitz, "On improving resistance to Denial of Service and key provisioning scalability of the DTLS handshake", International Journal of Information Security, March 2016.

[18]

D. Eastlake, "RFC 6066: Transport Layer Security (TLS) Extensions: Extension Definitions", January 2011.

[19]

H. Krawczyk, M. Bellare, R. Canetti, RFC 2104, "HMAC: Keyed-Hashing for Message Authentication", Internet Engineering Task Force, 1997.

Digital Library

[20]

D. Basin, Sebastian Modersheim, Luca Vigano, "OFMC: A symbolic model checker for security protocols", International Journal of Information Security, December 2004.

Digital Library

[21]

M. Turuani, "The CL-Atse Protocol Analyser", Lecture Notes in Computer Science, pp. 277--286,

Digital Library

[22]

A. Armando, R. Carbone, L. Compagna, &Lt; SATMC: A SAT-Based Model Checker for Security-Critical Systems", In the Proceedings of the 20th International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS 2014), pp. 31--45, Springer, France, April 2014

[23]

L. Viganò, Automated Security Protocol Analysis with the AVISPA Tool. Proceedings of the XXI Mathematical Foundations of Programming Semantics (MFPS'05), ENTCS, pp. 61--86, Elsevier, 2005

Digital Library

Cited By

Zhao QShu LLi KFerrag MLiu XLi Y(2024)Security and Privacy in Solar Insecticidal Lamps Internet of Things: Requirements and ChallengesIEEE/CAA Journal of Automatica Sinica10.1109/JAS.2023.12387011:1(58-73)Online publication date: Jan-2024
https://doi.org/10.1109/JAS.2023.123870
Gehlert LJørgensen MKoch CMøller TRusbjerg SBøgedal TPoulsen DHansen RLux D(2024)Modelling and Analysis of DTLS: Power Consumption and AttacksFormal Methods for Industrial Critical Systems10.1007/978-3-031-68150-9_8(136-151)Online publication date: 9-Sep-2024
https://dl.acm.org/doi/10.1007/978-3-031-68150-9_8
Alshammari B(2023)AIBPSF-IoMT: Artificial Intelligence and Blockchain-Based Predictive Security Framework for IoMT TechnologiesElectronics10.3390/electronics1223480612:23(4806)Online publication date: 28-Nov-2023
https://doi.org/10.3390/electronics12234806
Show More Cited By

Recommendations

DTLS for Lightweight Secure Data Streaming in the Internet of Things
3PGCIC '14: Proceedings of the 2014 Ninth International Conference on P2P, Parallel, Grid, Cloud and Internet Computing

The huge number of sensors envisioned to be deployed within Internet of Things applications will result in large amounts of likely confidential data that will be required to traverse the open Internet. This confidential data could range from the current ...
Internet of Things: information security challenges and solutions

Keeping up with the burgeoning Internet of Things (IoT) requires staying up to date on the latest network attack trends in dynamic and complicated cyberspace, and take them into account while developing holistic information security (IS) approaches for ...
Full Post-Quantum Datagram TLS Handshake in the Internet of Things
Codes, Cryptology and Information Security
Abstract
Quantum computers are a threat to the current standards for secure communication. The Datagram Transport Layer Security (DTLS) protocol is a common protocol used by Internet of Things (IoT) devices that will be broken by such computers. Although ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Other conferences

BDAW '16: Proceedings of the International Conference on Big Data and Advanced Wireless Technologies

November 2016

398 pages

ISBN:9781450347792

DOI:10.1145/3010089

Copyright © 2016 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

In-Cooperation

ANR: Agence Nationale pour la Recherche
LABSTICC: Labsticc

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 10 November 2016

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed limited

Conference

BDAW '16

BDAW '16: International Conference on Big Data and Advanced Wireless Technologies

November 10 - 11, 2016

Blagoevgrad, Bulgaria

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

12
Total Citations
View Citations
239
Total Downloads

Downloads (Last 12 months)17
Downloads (Last 6 weeks)1

Reflects downloads up to 12 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

Zhao QShu LLi KFerrag MLiu XLi Y(2024)Security and Privacy in Solar Insecticidal Lamps Internet of Things: Requirements and ChallengesIEEE/CAA Journal of Automatica Sinica10.1109/JAS.2023.12387011:1(58-73)Online publication date: Jan-2024
https://doi.org/10.1109/JAS.2023.123870
Gehlert LJørgensen MKoch CMøller TRusbjerg SBøgedal TPoulsen DHansen RLux D(2024)Modelling and Analysis of DTLS: Power Consumption and AttacksFormal Methods for Industrial Critical Systems10.1007/978-3-031-68150-9_8(136-151)Online publication date: 9-Sep-2024
https://dl.acm.org/doi/10.1007/978-3-031-68150-9_8
Alshammari B(2023)AIBPSF-IoMT: Artificial Intelligence and Blockchain-Based Predictive Security Framework for IoMT TechnologiesElectronics10.3390/electronics1223480612:23(4806)Online publication date: 28-Nov-2023
https://doi.org/10.3390/electronics12234806
Mishra KBhattacharjee VSaket SMishra S(2022)Cloud and Big Data Security System’s Review Principles: A Decisive InvestigationWireless Personal Communications10.1007/s11277-022-09781-0126:2(1013-1050)Online publication date: 10-Jun-2022
https://doi.org/10.1007/s11277-022-09781-0
Saputri RNuha HPrabowo S(2021)Learning Method of Performance-oriented Congestion Control (PCC) for Video Streaming Analysis2021 9th International Conference on Information and Communication Technology (ICoICT)10.1109/ICoICT52021.2021.9527484(539-543)Online publication date: 3-Aug-2021
https://doi.org/10.1109/ICoICT52021.2021.9527484
Baker SNori A(2021)Internet of Things Security: A SurveyAdvances in Cyber Security10.1007/978-981-33-6835-4_7(95-117)Online publication date: 5-Feb-2021
https://doi.org/10.1007/978-981-33-6835-4_7
Gobichettipalayam Krishnasamy KSelvaraj A(2020)Enhanced constrained application protocol for secured medical data transmission model for internet of thingsComputational Intelligence10.1111/coin.1232137:3(1014-1033)Online publication date: 26-Apr-2020
https://doi.org/10.1111/coin.12321
Maleh Y(2019)Machine Learning Techniques for IoT Intrusions Detection in Aerospace Cyber-Physical SystemsMachine Learning and Data Mining in Aerospace Technology10.1007/978-3-030-20212-5_11(205-232)Online publication date: 3-Jul-2019
https://doi.org/10.1007/978-3-030-20212-5_11
Maleh YSahid AEzzati ABelaissaoui M(2018)Key Management Protocols for Smart Sensor NetworksSecurity and Privacy in Smart Sensor Networks10.4018/978-1-5225-5736-4.ch001(1-23)Online publication date: 2018
https://doi.org/10.4018/978-1-5225-5736-4.ch001
Wei YDu J(2018)The Defect of DTLS toward Detected Aged PacketsProceedings of the 2nd International Conference on Cryptography, Security and Privacy10.1145/3199478.3199496(34-39)Online publication date: 16-Mar-2018
https://dl.acm.org/doi/10.1145/3199478.3199496
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents