124 55 6MB
English Pages 267 [257] Year 2021
Studies in Systems, Decision and Control 341
Parikshit N. Mahalle Gitanjali R. Shinde Nilanjan Dey Aboul Ella Hassanien Editors
Security Issues and Privacy Threats in Smart Ubiquitous Computing
Studies in Systems, Decision and Control Volume 341
Series Editor Janusz Kacprzyk, Systems Research Institute, Polish Academy of Sciences, Warsaw, Poland
The series “Studies in Systems, Decision and Control” (SSDC) covers both new developments and advances, as well as the state of the art, in the various areas of broadly perceived systems, decision making and control–quickly, up to date and with a high quality. The intent is to cover the theory, applications, and perspectives on the state of the art and future developments relevant to systems, decision making, control, complex processes and related areas, as embedded in the fields of engineering, computer science, physics, economics, social and life sciences, as well as the paradigms and methodologies behind them. The series contains monographs, textbooks, lecture notes and edited volumes in systems, decision making and control spanning the areas of Cyber-Physical Systems, Autonomous Systems, Sensor Networks, Control Systems, Energy Systems, Automotive Systems, Biological Systems, Vehicular Networking and Connected Vehicles, Aerospace Systems, Automation, Manufacturing, Smart Grids, Nonlinear Systems, Power Systems, Robotics, Social Systems, Economic Systems and other. Of particular value to both the contributors and the readership are the short publication timeframe and the world-wide distribution and exposure which enable both a wide and rapid dissemination of research output. Indexed by SCOPUS, DBLP, WTI Frankfurt eG, zbMATH, SCImago. All books published in the series are submitted for consideration in Web of Science.
More information about this series at http://www.springer.com/series/13304
Parikshit N. Mahalle · Gitanjali R. Shinde · Nilanjan Dey · Aboul Ella Hassanien Editors
Security Issues and Privacy Threats in Smart Ubiquitous Computing
Editors Parikshit N. Mahalle Department of Computer Engineering Smt. Kashibai Navale College of Engineering Pune, India Nilanjan Dey JIS University Kolkata, West Bengal, India
Gitanjali R. Shinde Department of Computer Engineering Smt. Kashibai Navale College of Engineering Pune, India Aboul Ella Hassanien Department of Information Technology Cairo University Giza, Egypt
ISSN 2198-4182 ISSN 2198-4190 (electronic) Studies in Systems, Decision and Control ISBN 978-981-33-4995-7 ISBN 978-981-33-4996-4 (eBook) https://doi.org/10.1007/978-981-33-4996-4 © The Editor(s) (if applicable) and The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd. 2021, corrected publication 2021 This work is subject to copyright. All rights are solely and exclusively licensed by the Publisher, whether the whole or part of the material is concerned, specifically the rights of translation, reprinting, reuse of illustrations, recitation, broadcasting, reproduction on microfilms or in any other physical way, and transmission or information storage and retrieval, electronic adaptation, computer software, or by similar or dissimilar methodology now known or hereafter developed. The use of general descriptive names, registered names, trademarks, service marks, etc. in this publication does not imply, even in the absence of a specific statement, that such names are exempt from the relevant protective laws and regulations and therefore free for general use. The publisher, the authors and the editors are safe to assume that the advice and information in this book are believed to be true and accurate at the date of publication. Neither the publisher nor the authors or the editors give a warranty, expressed or implied, with respect to the material contained herein or for any errors or omissions that may have been made. The publisher remains neutral with regard to jurisdictional claims in published maps and institutional affiliations. This Springer imprint is published by the registered company Springer Nature Singapore Pte Ltd. The registered company address is: 152 Beach Road, #21-01/04 Gateway East, Singapore 189721, Singapore
Preface
A vision of ubiquitous computing stated by Mark Weiser in 1998, Ubiquitous computing names the third wave in computing, that is now beginning. First were mainframes, each shared by lots of people. Now we are in the personal computing era, person and machine staring uneasily at each other across the desktop. Next comes ubiquitous computing, or the age of calm technology, when technology recedes into the background of our lives.—Mark Weiser
Ubiquitous computing evolved in stages with different sizes of ubiquitous computers starting from “Post-It” sized tabs to “full size Boards”. Altogether, we can say that ubiquitous computing helps to enhance the performance of human activities by keeping technology in the background; hence, user can focus only on their normal activities instead of concentrating on the technology behind services that they are getting. In the digital era of 2020, there will be various reforms in technologies to realize ubiquitous computing in reality. These technologies perform users’ tasks in an optimized manner and keep computational complexities in the background.
The Security Challenges and Threats in Ubiquitous Computing Internet of Things (IoT) is the integral part of ubiquitous computing. In the recent developments of IoT, the use of tiny and smart devices in a ubiquitous environment with the help of Internet technologies has been increased widely. The emergence of these technologies and devices has led to communication and processing on a massive scale from user to user, machine to machine, and user to machine.
v
vi
Preface
IoT has evolved from a convergence of Internet, wireless technologies, microservices, and micro-electromechanical systems (MEMS). IoT is a new smart communication network paradigm that is affecting our daily life in a positive way. Across various driving use cases like driverless cars, smart refrigerators, healthcare, smart grid, and automation, IoT is changing everything. IoT is already altering the way we live in a multitude of ways, from the transformation of many business operations to the reshaping of how we drive and manage our homes. Considering predictions by Information Handling Services (IHS) that there will be approximately 70 billion IoT devices in existence by the end of 2025, we are truly still at the beginning of the changes that IoT will bring to our world. The major challenge for ubiquitous computing is the security of such huge number of ubiquitous devices.
Privacy Issues in Ubiquitous Computing IoT includes different types of communications user to machine, machine to user, machine to machine, etc. Essentially, Machine to Machine (M2M) refers to direct communications between machines that function, interact, and share information without any special configuration or other setup requirements. M2M is one of the emerging communication networks in the field of IoT which may attract a lot of attention in both automated industry and academic sectors for intelligence and ubiquitous environment. M2M refers to the networking of machines for the purpose of communication between small and inexpensive devices, remote monitoring, and control data exchange where no or little human intervention is required. Unfortunately, as is the case with the growth of all Internet-based technologies, security challenges will increase as M2M communication expands. Hackers will present new levels of concern for security experts, as more devices become connected to one another. The growth of industrial IoT will increase the potential for vulnerabilities in global infrastructure systems, thereby creating new challenges for network security experts to overcome in order to prevent malicious attacks, illegally access, and trust management on businesses, governments, and individuals. Furthermore, in the context of increasing Internet usage, user cannot keep track of the data they have provided to various services and applications. This has created a lot of cyber security and privacy issues, and there is a need to address trust issues between users and service providers. Nowadays the use of smartphones is skyrocketing and has been proved as the biggest breach of privacy. Popular mobile applications are actively involved in transmitting user data to unknown third parties without user consent, and it proves how third parties intrude user privacy. There are increasing attacks on the user privacy and users are aware of it. However, users are not erudite about dealing with these attacks. In the sequel, literature review shows that there is a need to address the issue related to user’ privacy like selective information disclosure, validity of claims, and lack of consent management. Potential outcomes
Preface
vii
for book will be an architecture/ecosystem to ensure user’s privacy in the digital era, policies for selective information disclosure, and the mechanism to deal with the absence of consent management. Due to the distributed nature of ubiquitous computing, protecting privacy, managing trust, and access control are crucial design issues.
Security Measures for Ubiquitous Computing Ubiquitous computing is essentially one of the more recent paradigms in computing. Identical to any new piece of computing technology, they inherit and confront numerous identical and some unique threats to this ecosystem. These systems need protection from threats through design, architecture, and implementation of a layered defence approach. Leading-edge technologies like ubiquitous computing ecosystems often provide a rich attack surface. Adversaries are often at the forefront of exploiting these vulnerabilities even before defenders had an opportunity to understand them or develop defensive measures. It is, therefore, incumbent upon the students, researchers, and practitioners of these domains to study, understand, anticipate, and address the shortcomings if any of this ecosystem. Security of ubiquitous computing continues to be a major concern and has been gaining a lot of traction in practical and academia circles. The work accomplished in the past includes threats to ubiquitous devices, infection, and exploitation through malicious code, vulnerabilities enabling such infection and defensive measures to thwart them in a mobile computing environment. Threats to the ubiquitous computing ecosystem have been increasing in a large scale. As devices in ubiquitous computing ecosystem are with limited security measures which required to defend them against adversarial actions. The impact of a successful attack on the ubiquitous computing environment can vary significantly and is typically a function of the criticality of the service offered by them. Factors like the popularity of the affected system, ease of exploitation, cost of remediation, and end of life support can all contribute to increasing or diminishing this impact. In extreme cases, the impact can be damaging when these systems are entrusted with the implicit or explicit responsibility of ensuring security, privacy, safety, and reliability of life and limb. Mitigation of vulnerabilities in these systems can be difficult owing to factors like time required to patch, cost of patching, and coverage provided by patching. Independent of the resources required to mitigate a vulnerability in ubiquitous computing systems, the adverse impact continues to reverberate.
viii
Preface
Organization of the Book The book is organized into sixteen chapters. A brief description of each of the chapters follows: Chapter “Introduction” This chapter presents the overview of the book. The main objective of this book is to explore architectural and algorithmic solutions in the context of smart ubiquitous computing. The contributions of this book are broadly divided into three categories which include threats and issues in ubiquitous computing, security measures, framework, and social aspects of smart ubiquitous computing. Overview of these three categories is presented in this chapter. Chapter “Taxonomy of Threats to Ubiquitous Computing” This chapter presents the threat taxonomy that includes macro- and microlevel details so that it can be readily consumed by business executives or system administrators working on ubiquitous systems with consummate ease. It can also readily use by designers and architects for creating threat models and attack trees while addressing threats to ubiquitous systems. A generic threat model that depicts typical data flows between the various components in a ubiquitous computing system is proposed in this chapter. This chapter also included a mind-map of the four threat categories, viz., hardware, software, network, and cyber in supply chain to visualize these threats and numerous attack patterns. Chapter “Cyber Crime and Their Restriction Through Laws and Techniques for Protecting Security Issues and Privacy Threats” This chapter explains the privacy and security threats belonging to information and data. As data is not fully secure because of sensitive information, opinions, ideas, likening, and disliking is a part of Internet and present in cyberspace where everyone is willing to access and manipulate information in an unauthorized way. An unauthorized access to data cannot be stopped if system security is being broken and system is not protected from such unauthorized activities. This chapter presents how long and how to protect and encapsulate system from the outside environment. A list of security measures, methods, and techniques for database and information system protection are elaborated in this chapter. If privacy and security being broken by hacker, what are the necessary security measures should have taken to restrict such type of violation are presented in this chapter. Chapter “Recent Challenges in IoT” This chapter entails an introduction to one of the most prominent technologies: Internet of Things. Internet of Things (IoT) is the current mainstream technology that is the extension of the Internet into everyday objects and physical devices. However, autonomous endpoints and customized protocols in use, the privacy of the data within devices, as well as legal and legitimacy issues make security for the IoT an upcoming research priority and a major concern. The aim of this chapter is to explain the security challenges faced while using IoT. It provides a brief view of IoT and its structure and issues in the existing systems such as their connectivity, processing, cloud computing issues, lack of skilled workforce, data security, insufficient updates, etc. After reading
Preface
ix
the chapter, the readers will be aware of the various challenges faced by IoT in all the levels: hardware, software, and security. Readers will also come to know about the implementation of IoT in different industries. Chapter “Data Acquisition and Knowledge Management in IoT: Security Issues, Challenges, and Road Map Ahead” This chapter describes security issues in IoT layered architecture, particularly Physical layer, Network layer, and Application layer, and IoT challenges like Information Management, Connectivity, Data Analysis & Reaction, Security, and Privacy. In network layer challenges, detail discussion of different attacks like Node Capture Attacks, False Data Injection Attacks, Tag Cloning, Unauthorized Access to Tags, and Network Layer Challenges. The related security problems are mentioned such as Spoofing Attack, Sinkhole Attack, Sleep Deprivation Attack, and Denial of Service (DoS) Attack. In application layer challenges few feasible challenges like Phishing Attack, Malicious Virus/worm, and Sniffing Attack. Chapter “OAuth-Based Authorization and Delegation in Smart Home for the Elderly Using Decentralized Identifiers and Verifiable Credentials” This chapter presents authorization and delegation challenges in the smart home for the elderly where there are many constrained devices and the people who are bed-ridden or guarded. Nowadays service providers are enriched with the user’s information which has become a vital asset for them. Current business models are bias more towards service-provider and therefore authorization and access control is the crucial issue in this connected digital world. Privacy protecting measures and scalable authorization is the need for IoT where most of the services and applications rely on disclosure of personal information. This chapter discusses the visitor use case for the smart home scenario and the need of delegating access to resources. It also presents an OAuth-based delegation using decentralized identifiers (DIDs) and verifiable credentials (VCs). The benefits of applying DIDs and VCs for delegation in a constrained environment are also discussed in this chapter. Chapter “Dynamic Access Control Solution for Cross-Tenancy in a Cloud Environment” This chapter presents the mechanism to deploy Access Control Models over the cloud environment. As sharing of resources over cloud environments has been gaining a lot of attention and it is expected that more than 70% of the businesses would shift their infrastructure to the cloud in near future. With the voluminous growth of information over the cloud, it becomes highly important to ensure the confidentiality, integrity, and privacy of the data shared over the cloud. The current Access Control Models are restricted as there aren’t many effective solutions available for their use over the cloud network. In this chapter, a solution is proposed to deploy Access Control Models over the cloud environment. The advantage of this solution is that there is no need for a change in the infrastructure to promote interoperability across tenants that employ various Access Control Models, locally. The aim of the proposed solution is directed towards enhancing interoperability among various tenants without compromising the privacy of the information shared. The future work would include amalgamating the concepts of network security and firewalls.
x
Preface
Chapter “Distributed Access Control Scheme for Machine-to-Machine Communication in IoT Using Trust Factor” This chapter presents a trust-based access control algorithm for service management, in this fuzzy approach is used to calculate trust factor. Access control is one of the earliest issues that remains a constant challenge. Its component determines whether the request to access a resource is granted. Its domain covers the various mechanisms by which a system grants or revokes the right to access data and services. This chapter presents a trust-based service management technique by using fuzzy approach. The innovation lies in the use of distributed collaborating filtering to select trust feedback from owners of IoT nodes sharing similar social interests. System is scalable to large IoT systems in terms of storage and computational costs. This adaptive IoT trust system detects malicious IPs and keywords from system and file, respectively. This chapter also presents algorithm to manage trust parameters dynamically to minimize trust estimation bias and maximize application performance. Chapter “Game Theory Approach for Trust Management in the Realm of IoT” This chapter presents Game Theory approach secure and trust-based routing algorithm to find trust-based secure route from initiator to destination which will satisfy few QoS constraints. The major challenges in implementing trust in IoT followed by different approaches for designing framework are highlighted and rightly pointed in this chapter. It proposes a solution for Trust framework and explains using Game theory approach by considering major challenges in this field. The Game theory gives a lightweight option for ID-based trust management for IoT. Chapter “Ransomware Attack Detection and Prevention for Android Devices” This chapter aims to provide details of detecting malware at kernel, application, user, and package level for android smartphones. It is also referred to as multilevel malware detection. It detects misbehaviour of android apps during its first-time installation and calculates security risk score at runtime. If a risk is observed, then it stops the installation and removes the susceptible application. Chapter “A Comparative Analysis of Machine Deep Learning Algorithms for Intrusion Detection in WSN” This chapter presents analysis of working of the well-known algorithms on the WSN dataset to detect Dos attack. The main focus of this chapter is to decide perfect parameters for every predefined algorithm to yield more accurate and propose the best algorithm(s) for intrusion detection in WSN. A discussion on an individual algorithm has been provided and also a brief description of each type of attack is given. In particular, the analysis of which algorithm(s) is more suitable for intrusion detection in terms of theoretical and graphical representation and why a particular algorithm yields more accuracy than others is presented in this chapter. The main focus of this chapter is to find the best parameters of predefined algorithms and decide the best algorithm from the plethora of algorithms that are present today. Chapter “Base for Trust Score Estimation for Device to Device Communication in Internet of Thing Using Fuzzy Approach and Machine Learning” There are various issues in the communication of IoT devices such as security, privacy, access control, and identity management one of the important issues is trust management. In this chapter estimation of trust score is proposed. Trust score is
Preface
xi
calculated with the help of fuzzy logic. Fuzzy approach proposed in this chapter uses six parameters and three linguistic value of that six parameters to estimate the trust score which were collected from IoT devices. In this two real-time datasets are generated for trust score calculation. Chapter “Systematic Review of Resource Allocation Methods Using Scheduling for M2M (Machine to Machine Communication) in IoT Network” This chapter presents a comprehensive parameterized analysis of recent studies related to resource allocation using scheduling in wireless networks. IoT comprised of interrelated physical objects with unique identity and are able to communicate without human intervention by means of the Internet. Various network challenges are infused during data transmission to end user as IoT devices in network are with limited energy and memory constrained. During transmission, routing of data should use proper scheduling for efficient resource allocation. Important issues such as delay or jitter within the network should be avoided for critical cases application such as fire detection, building health monitoring, smoke detection, disaster management, and intrusion detection. For IoT network, network transmission time should be less and optimized scheduling for efficient multi-hop routing should be prioritized. Hence efficient optimization link scheduling methods are essential to achieve successful data delivery in IoT network. The analysis of resource scheduling in wireless network is presented in this chapter. Chapter “Sarcasm Detection in Online Social Network: Myths, Realities and Issues” This chapter covers detailed literature that has been reviewed in the area of detection of sarcasm in a dataset collected from social websites such as Twitter, Facebook, and e-commerce websites. In this paper, the four approaches such as rule-based, Pattern-Based, Machine Learning-based, and context-Based approaches as well as different features used by these approaches are described. This chapter also discusses the different types of issues that occur while detecting sarcasm in text and also describes recent trends used for sarcasm detection. It summarizes a lot of work that has been done in the area of detection of sarcasm. Sarcasm formed mainly due to the incongruity in the text but sometimes the detection method may require going beyond this incongruity to correctly identify the sarcasm. Chapter “Farmer-Assistive Chatbot in Indian Context Using Learning Techniques” This chapter presents a smart chatbot using learning techniques to get correct information to farmers quickly. Farmer can interact with the chatbot with their local language as proposed chatbot is multi-linguistic. According to 2011 Agricultural Census of India, 61.5% population depends on Agriculture for livelihood. Agriculture contributes to only 23% of the country’s population. The low performance economically is primarily because of lack of proper information and resources to obtain genuine information. The farmer’s queries are hardly solved and heard by the concerned individual and thus leads to chaos and confusion in their mind regarding their farming activities. Proper attention and implementation are thus needed to assist the farmers of India. In proposed approach dataset from Kisan Call Centre is used to
xii
Preface
train the chatbot. K-Nearest Neighbours algorithm and sequence-to-sequence framework to enable Natural Language Processing as well as Natural Language Generation is used in the proposed chatbot. Farmers will get real-time answers to their questions through proposed system assisted by Machine Learning.
Concluding Remark This book will extend the work/outlets from introduction of ubiquitous computing, Internet of Things to security, privacy aspects of ubiquitous computing. This uniqueness of this book is the combination of important fields like the Internet of things and ubiquitous computing. The main characteristics of this book are as follows: • It assumes that the reader’s goal is to achieve a complete understanding of security issues, challenges, and possible solutions in ubiquitous computing. It is not oriented towards any specific uses cases and security issues and privacy threats in ubiquitous computing problems are discussed across various domains. • This book is motivating to address privacy threats in new inventions for wide range of stakeholders like layman to educated users, villages to metros, and national to global levels. • This book contains numerous examples, case studies, technical descriptions, scenarios, procedures, algorithms, and protocols. • The main endeavour of this book is threat analysis and activity modelling of attacks in order to give an actual view of the ubiquitous computing applications. This unique approach will certainly help readers for better understanding. Although ubiquitous computing aims primarily for undergraduate students, the book is accessible to a wider audience of researchers and designers who are interested in exploring pervasive computing further. The book is useful for Undergraduates, Postgraduates, Industry, Researchers and Research Scholars in ICT and we are sure that this book will be well received by all stakeholders.
Preface
xiii
The specific contributions of this book will be targeted to focus on IoT and ubiquitous computing with security and privacy issues, this unique combination is the need of an hour. This will help the researchers to see the latest issues, trends, challenges, and appropriate solutions.
March, 2021
Editors Dr. Parikshit N. Mahalle Senior Member IEEE Professor and Head of Department of Computer Engineering Smt. Kashibai Navale College of Engineering Pune, India PostDoc Researcher Center for Communication Media and Information Technologies (CMI) Aalborg University Copenhagen, Denmark Dr. Gitanjali R. Shinde Assistant Professor Smt. Kashibai Navale College of Engineering Pune, India Dr. Nilanjan Dey Assistant Professor Techno International New Town Kolkata, India Prof. Aboul Ella Hassanien Faculty of Computers and Information Information Technology Department Cairo University Giza, Egypt
Contents
Threats and Issues in Ubiquitous Computing Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Parikshit N. Mahalle
3
Taxonomy of Threats to Ubiquitous Computing . . . . . . . . . . . . . . . . . . . . . . S. Rangari
7
Cyber Crime and Their Restriction Through Laws and Techniques for Protecting Security Issues and Privacy Threats . . . . . . . . . . . . . . . . . . . . Qamar Atta Ul Haq Recent Challenges in IoT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Sumukh Maduskar, Maitri Gohil, and Ramchandra Mangrulkar Data Acquisition and Knowledge Management in IoT: Security Issues, Challenges, and Road Map Ahead . . . . . . . . . . . . . . . . . . . . . . . . . . . . Ganesh Shivaji Pise and Sachin D. Babar
31 65
83
Security Measures and Frameworks OAuth-Based Authorization and Delegation in Smart Home for the Elderly Using Decentralized Identifiers and Verifiable Credentials . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Parikshit N. Mahalle and Gitanjali R. Shinde
95
Dynamic Access Control Solution for Cross-Tenancy in a Cloud Environment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 111 Sakshi Garg, Deepti Mehrotra, and Shalini Bhartiya Distributed Access Control Scheme for Machine-to-Machine Communication in IoT Using Trust Factor . . . . . . . . . . . . . . . . . . . . . . . . . . . 131 Vinod V. Kimbahune, Parikshit N. Mahalle, Shafi K. Pathan, and Shaik Naser Game Theory Approach for Trust Management in the Realm of IoT . . . 145 Nikita Kulkarni, Gautam M. Borkar, and Nilesh Marathe xv
xvi
Contents
Ransomware Attack Detection and Prevention for Android Devices . . . . 159 Manikrao Dhore and Pravin Rathod A Comparative Analysis of Machine Deep Learning Algorithms for Intrusion Detection in WSN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 173 Saurabh Deshpande, J. Gujarathi, P. Chandre, and Pravin Nerkar Base for Trust Score Estimation for Device to Device Communication in Internet of Thing Using Fuzzy Approach and Machine Learning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 195 Rajkumar V. Patil, Parikshit N. Mahalle, and Gitanjali R. Shinde Systematic Review of Resource Allocation Methods Using Scheduling for M2M (Machine to Machine Communication) in IoT Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 213 Suvarna Patil and Prasad Gokhale Social Aspects of Smart Ubiquitous Computing Sarcasm Detection in Online Social Network: Myths, Realities, and Issues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 227 L. K. Ahire, Sachin D. Babar, and Gitanjali R. Shinde Farmer-Assistive Chatbot in Indian Context Using Learning Techniques . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 239 Tanmay Bhardwaj, Prathmesh Deshpande, Tanvi Murke, Shruti Deshpande, and Kashmira Deshpande Correction to: A Comparative Analysis of Machine Deep Learning Algorithms for Intrusion Detection in WSN . . . . . . . . . . . . . . . . . . . . . . . . . . Saurabh Deshpande, J. Gujarathi, P. Chandre, and Pravin Nerkar
C1
Editors and Contributors
About the Editors Dr. Parikshit N. Mahalle obtained B.E. degree in Computer Engineering from Amravati University, M.E. degree from SPPU, Pune and Ph.D. in specialization in Wireless Communication from Aalborg University, Denmark. He was Post Doc Researcher at CMI, Aalborg University, Copenhagen. Currently working as Professor and Head in the Department of Computer Engineering at Smt. Kashibai NavaleCollege of Engineering, and recognized as Ph.D. guide of SSPU Pune. He has 20 years of teaching and research experience. He is on the Research and Recognition Committee at several universities. He is a senior member IEEE, ACM, Life member CSI and ISTE. He is reviewer, editor of ACM, Springer, Elsevier Journals and Member-Editorial Review Board for IGI Global. He has published 150+ publications with 1242 citations and H index 14. He edited 5 and authored 13 books and 7 patents to his credit. He has published a book on Data Analytics for COVID-19 Outbreak. He has delivered 100+ lectures at national and international level on IoT, Big Data and Digitization. He had worked as BOS-Chairman for Information Technology and working as Member-BOS Computer Engineering SPPU and several other institutions also. He received “Best Faculty Award” by Sinhgad Institutes and Cognizant Technologies Solutions.
xvii
xviii
Editors and Contributors
Dr. Gitanjali R. Shinde has overall 11 years of experience, presently working as SPPU approved Assistant Professor in the Department of Computer Engineering, Smt. Kashibai Navale College of Engineering, Pune - 41 till date. She has done Ph.D. in Wireless Communication from CMI, Aalborg University, Copenhagen, Denmark, on Research Problem Statement “Cluster Framework for Internet of People, Things and Services” - Ph.D. awarded on 8th May 2018. She obtained M.E. (Computer Engineering) degree from the University of Pune, Pune, in 2012, and B.E. (Computer Engineering) degree from the University of Pune, Pune, in 2006. She has received research funding for project “lightweight group authentication for IoT” by SPPU, Pune. She has presented research article in World Wireless Research Forum (WWRF) meeting, Beijing, China. She has published 50+ papers in national and international conferences and journals. She is author of 5 books and also Editor of book “The Internet of Everything: Advances, Challenges and application”, De Gruyter Press. Dr. Nilanjan Dey is an Assistant Professor in Department of Information Technology at Techno India College of Technology, Kolkata, India. He is a visiting fellow of the University of Reading, UK. He was an honorary Visiting Scientist at Global Biomedical Technologies Inc., CA, USA (2012–2015). He was awarded his Ph.D. from Jadavpur Univeristy in 2015. He has authored/edited more than 70 books with Elsevier, Wiley, CRC Press and Springer, and published more than 300 papers. He is the Editor-in-Chief of International Journal of Ambient Computing and Intelligence, IGI Global, Associated Editor of IEEE Access and International Journal of Information Technology, Springer. He is the Series Co-Editor of Springer Tracts in Nature-Inspired Computing, Springer, Series Co-Editor of Advances in Ubiquitous Sensing Applications for Healthcare, Elsevier, Series Editor of Computational Intelligence in Engineering Problem Solving and Intelligent Signal processing and data analysis, CRC. His main research interests include Medical Imaging, Machine learning, Computer Aided Diagnosis, Data Mining etc. He is the Indian Ambassador of International Federation for Information Processing - Young ICT Group and Senior member of IEEE.
Editors and Contributors
xix
Prof. (Dr.). Aboul Ella Hassanien is Founder and Head of the Egyptian Scientific Research Group (SRGE) and Professor of Information Technology at the Faculty of Computer and Information, Cairo University. Professor Hassanien is ex-dean of the Faculty of Computers and Information, Beni Suef University. Professor Hassanien is a collaborative researcher member of the Computational Intelligence Laboratory at the Department of Electrical and Computer Engineering, University of Manitoba. He also holds the Chair of Computer Science and Information Technology at the Egyptian Syndicate of Scientific Professions (ESSP). Dr. Hassanien is Founder and Head of Africa Scholars Association in Information and Communication Technology. Professor Hassanien has more than 650 scientific research papers published in prestigious international journals and conferences and over 40 books covering such diverse topics as data mining, medical images, big data analysis, virtual reality, intelligent systems, social networks and smart environment. His other research areas include computational intelligence, medical image analysis, security, animal identification and multimedia data mining.
Contributors L. K. Ahire Computer Department, SKNCOE Pune, Savitribai Phule Pune University, Pune, India Qamar Atta Ul Haq Computer Science Department, IUB University Bahawalpur, Bahawalpur, Punjab, Pakistan Sachin D. Babar Computer Department, SIT Lonavala, Savitribai Phule Pune University, Pune, India; Computer Engineering, SPPU Pune, Pune, Maharashtra, India Tanmay Bhardwaj Computer Department, Savitribai Phule, Pune, India Shalini Bhartiya CSE Department, Vivekananda Institute of Professional Studies, GGSIPU India, New Delhi, Delhi, India Gautam M. Borkar Department of Information Technology, Ramrao Adik Institute of Technology, Nerul, Navi Mumbai, India P. Chandre Department of Computer Engineering, Smt. Kashibai Navale College of Engineering, Pune, India
xx
Editors and Contributors
Kashmira Deshpande Vishwakarma Institute of Technology, Pune, India Prathmesh Deshpande Computer Department, Savitribai Phule, Pune, India Shruti Deshpande Department of Computer Engineering, Smt. Kashibai Navale College of Engineering, Pune, India; Computer Department, Savitribai Phule, Pune, India Saurabh Deshpande Department of Computer Engineering, Smt. Kashibai Navale College of Engineering, Pune, India Manikrao Dhore Vishwakarma Institute of Technology, SPPU, Mumbai, India Sakshi Garg CSE Department, Amity University, Noida, Ghaziabad, Uttar Pradesh, India Maitri Gohil Dwarkadas J. Sanghvi College of Engineering, Mumbai, India Prasad Gokhale Department of Computer Engineering, Vishwakarma University, Pune, India J. Gujarathi Department of Computer Engineering, Smt. Kashibai Navale College of Engineering, Pune, India Vinod V. Kimbahune Department of Computer Engineering, Smt. Kashibai Navale College of Engineering Savitribai Phule Pune University, Pune, India Nikita Kulkarni Department of Computer Engineering, Vishwakarma University, Kondhwa, Pune, India Sumukh Maduskar St. Francis Institute of Technology, Mumbai, India Parikshit N. Mahalle Department of Computer Engineering, Shrimati Kashibai Navale College of Engineering, Savitribai Phule Pune University, Pune, India; Center for Communication, Media and Information Technologies (CMI), Aalborg University, Copenhagen, Denmark Ramchandra Mangrulkar Dwarkadas J. Sanghvi College of Engineering, Mumbai, India Nilesh Marathe Department of Information Technology, Ramrao Adik Institute of Technology, Nerul, Navi Mumbai, India Deepti Mehrotra IT Department, Amity University, Noida, Noida, Uttar Pradesh, India Tanvi Murke Computer Department, Savitribai Phule, Pune, India Shaik Naser Computer Department, Al Qaseem University, Buraydah, Kingdom of Saudi Arabia Pravin Nerkar Department of Computer Science and Engineering, Datta Meghe College, SGBA University, Amravati, Maharashtra, India
Editors and Contributors
xxi
Shafi K. Pathan Computer Department, Al Qaseem University, Buraydah, Kingdom of Saudi Arabia Rajkumar V. Patil Department of Computer Engineering, Shrimati Kashibai Navale College of Engineering, Savitribai Phule Pune University, Pune, India Suvarna Patil Department of Computer Engineering, Vishwakarma University, Pune, India Ganesh Shivaji Pise Computer Engineering, SPPU Pune, Pune, Maharashtra, India S. Rangari Security Engineering, AppDynamics, San Francisco, CA, USA Pravin Rathod Vishwakarma Institute of Technology, SPPU, Mumbai, India Gitanjali R. Shinde Department of Computer Engineering, Shrimati Kashibai Navale College of Engineering, Savitribai Phule Pune University, Pune, India
Threats and Issues in Ubiquitous Computing
Introduction Parikshit N. Mahalle
Abstract Due to Internet of Things (IoT), computing and communication is transforming from one-to-one to many-to-many, where multiple devices and users are interacting with each other. IoT is mainly service-oriented smart communication network, and smart home is an important and developing use case of the IoT. Smart home is equipped with multiple smart things which includes intelligent lighting system, wall, chair, floor, ubiquitous healthcare, etc., and they interact with each other at different levels. The main objective of this use case is to deliver multiple services seamlessly to all the elderly people living in the smart home. To take benefit of these services, the end user may try to access services and IoT devices. However, only authorized users should be allowed to access and use services autonomously as elderly people cannot participate in the process. Hence, it is important to verify the access rights of end users, and there is requirement of secure authentication and authorization mechanism for specifying/controlling access to the resources.
1 Introduction We are now in the era of ubiquitous computing which also gives notion to the Internet of Everything (IoE). In IoE, all the devices surrounding us are ubiquitous and connected to Internet. In order to connect any device to the Internet, it should have three basic functionalities which include sensing, computing, and communication. The main factors responsible for the growth of IoE are the availability of Internet at faster and cheaper rate due to advancement in broadband technology, due to this reason the cost of connecting has been decreasing drastically, in addition to this, more number of devices are being created with WiFi capabilities and the smartphone market is skyrocketing. Ubiquitous connectivity and on the fly autonomous and P. N. Mahalle (B) Center for Communication, Media and Information Technologies (CMI), Aalborg University, Copenhagen, Denmark e-mail: [email protected] Department of Computer Engineering, Smt. Kashibai Navale College of Engineering, Pune, India © The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd. 2021 P. N. Mahalle et al. (eds.), Security Issues and Privacy Threats in Smart Ubiquitous Computing, Studies in Systems, Decision and Control 341, https://doi.org/10.1007/978-981-33-4996-4_1
3
4
P. N. Mahalle
proactive operations are two major functional components of ubiquitous computing. For this, human intervention is being minimized day by day in all IoE use cases and applications and machines are replacing humans. Therefore, traditional applications are being replaced by smart and intelligent applications. However, due to decentralized and distributed architecture of ubiquitous computing, all use cases are more prone to security issues and privacy threats. The main objective of this book is to explore architectural and algorithmic solutions in the context of smart ubiquitous computing. The contributions in this book are broadly divided into three categories which include threats and issues in ubiquitous computing, security measures, and framework and social aspects of smart ubiquitous computing. As stated earlier, security issues and privacy threats in ubiquitous computing are of major concern due to several reasons like distributed architecture, resource constraints, communication complexity, reliability, latency, and use of open wireless media for communication. Replay attacks, man in the middle attacks, and principle of least privilege are the main issues in ubiquitous communication. In literature, there are several solutions presented by researchers consisting of solutions like crypto-based solution, optimized hardware-based implementation, solution based on embedded security, etc. However, very little attention has been paid to the design issues of ubiquitous computing like scarcity of resources (memory, energy, and computational power) as well as verification of those proposed solution against known attacks is completely missing. In the sequel, there is a need to revisit threat analysis and attack modelling of various attacks in smart ubiquitous environment to address appropriate security solutions for intelligent computing. In addition to this, distributed access control solution for machine to machine communication in IoE, robust trust management framework and mathematical model to calculate trust score, application of machine learning and deep learning techniques for initiating intelligent operations are main areas elaborated in this book. Identity management models play a vital role in identity exchange and mutual identity establishment in machine to machine communication towards IoE. Traditional identity management system was centralized based on the server, and the main issue of this model was single point of failure. Next identity management model is based on the federated approach where user is not the owner of his/her identity wherein the ownership is available with the third party service provider. For example, maximum users on web use their one of the email id provided by email service providers as a credential to multiple services and application. However, if email service provider terminates their services, then user will be no longer available live on these services and applications. This clearly indicates that, in the federated identity management model, user is not the owner of his/her identity, but ownership is with the third party. To address these issues in identity management models, there is a need of understanding authorization, delegation, and security challenges and requires frameworks to address these challenges. OAuth [1, 2], UMA [3, 4] are emerging frameworks for granting access to the resources and services to authorized users and devices. The future of identity management model Self-sovereignty [5] is an emerging solution for the privacy of users and their IoE devices which uses decentralized identifiers (DID) [6] and verifiable credentials (VC) [7] as fundamental
Introduction
5
building blocks. Machine learning and deep learning frameworks are very important to make solution smart and intelligent solutions like assistive chatbots, proactive data acquisition, and knowledge management in IoE, intelligent resource allocation based on scheduling algorithms are some of the interesting areas to explore further. An online social network (OSN) is another most attracted component in ubiquitous computing. The numbers of users on OSN are increasing at faster rate due to wide availability of Internet. Context-aware computing and applications are getting more popular due to rich services provided by OSN. OSN is also playing a major role in content contribution creating various challenges for big data management and data science and also creating security and privacy issues. Misuse of data by third parties, unauthorized users, and use of user’s personal data for commercial purposes are other upcoming threats in OSN. As stated in [8], the threats in OSN are classic threats and modern threats. Classic threats include malware, phishing attacks, spam attacks, and cross-site scripting. Modern threats include clickjacking, fake profiles, de-anonymization attacks, identity clone attacks, inference attacks, information leakage, location leakage, cyberstalking, user profiles, and surveillance. Privacy settings, user education for awareness, selective disclosure are some of the major mitigation strategies to control these threats. To summarize, the main objective of this book is to explore different security issues and privacy threats in smart ubiquitous computing, analyzing possible mitigation solutions to optimize these threats and provide more research avenues to the upcoming researchers by giving additional research problems.
References 1. Hardt, D.: The OAuth 2.0 Authorization Framework (2012) 2. Seitz, L., Selander, G., Wahlstroem, E., Erdtman, S., Tschofenig, H.: Authentication and authorization for constrained environments (ACE) using the OAuth 2.0 framework (ACE-OAuth). IETF, Internet-Draft draft-ietf-ace-oauth-authz-11 (2018) 3. Maler, E., Catalano, D., Machulak, M., Hardjono, T.: User-Managed Access (UMA) Profile of OAuth 2.0 (2016) 4. Protecting Personal Data in a IoT Network with UMA. https://www.slideshare.net/kantarainiti ative/uma-auth-ziotirmdublinv06. Accessed 09 May 2017 5. Allen, C.: The Path to Self-Sovereign Identity. Life With Alacrity (2016) 6. Reed, D., Sprony, M., Longley, D., Allen, C., Grant, R., Sabadello, M.: Decentralized Identifiers (DIDs) v0. 11 Data Model and Syntaxes for Decentralized Identifiers (DIDs). W3C (2018) 7. Sporny, M., Burnett, D. C., Longley, D., Kellogg, G.: Verifiable Credentials Data Model 1.0– Expressing Verifiable Information on the Web. s Draft, 7 (2018) 8. Ali, S., Islam, N., Rauf, A., Din, I.U., Guizani, M., Rodrigues, J.J.P.C.: Privacy and security issues in online social networks. Fut. Internet 10, 114 (2018)
Taxonomy of Threats to Ubiquitous Computing S. Rangari
Abstract Ubiquitous computing is used extensively to power devices and systems embedded intricately in the ecosystem we exist and have grown to depend on their flawless execution. Reliance on these ubiquitous computing systems has turned them into lucrative targets for adversaries to exploit and exposes them to a variety of attacks. In this chapter, we explore, enumerate, and catalog threats to these systems and later discuss the adversarial threat motivations. Keywords Ubiquitous computing · Threat taxonomy · Security
1 Introduction The root of the word “ubiquitous” originates from the mid nineteenth century modern Latin word “ubique” which means “everywhere.” Therefore, ubiquitous computing is often described as computing that is ceaseless, conveniently accessible, and system or location independent [24]. The complexities of these systems are entirely abstracted, their learning curve is gradual, and they are readily usable by the masses. Recent advances in hardware, software, storage, display, power, and networking capabilities have not only shrunk the size of components that are building blocks of these systems but also amplified their capabilities and helped advance this ecosystem. Constraints that plagued earlier generations of computing environments like wired networking and limitations of batteries have either been vanquished or are in the process of being relegated to the past. We have transitioned into an era where the ratio of personnel to computers has inversed from many-to-one (i.e., many personnel to one computer) to one-to-many (i.e., many computers to one personnel). Most importantly, these systems have shrunk significantly in their size, weight, and energy consumption to the point that they are now hand-held, wearable, mobile, and minute systems that can comfortably fit in a pocket or even inserted under the skin. S. Rangari (B) Security Engineering, AppDynamics, San Francisco, CA, USA e-mail: [email protected] © The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd. 2021 P. N. Mahalle et al. (eds.), Security Issues and Privacy Threats in Smart Ubiquitous Computing, Studies in Systems, Decision and Control 341, https://doi.org/10.1007/978-981-33-4996-4_2
7
8
S. Rangari
Ubiquitous computing is essentially one of the more recent paradigms in computing. Identical to any new piece of computing technology, they inherit and confront numerous identical and some unique threats to this ecosystem. These systems need protection from threats through design, architecture, and implementation of a layered defense approach. Leading-edge technologies and like ubiquitous computing ecosystems often provide a rich attack surface. Adversaries are often at the forefront of exploiting these vulnerabilities even before defenders had an opportunity to understand them or develop defensive measures. It is, therefore, incumbent upon the students, researchers, and practitioners of these domains to study, understand, anticipate, and address the shortcomings if any of this ecosystem. Threats to the ubiquitous computing ecosystem have been increasing in scale and impact due to the large attack surface presented on a diverse ecosystem with limited security measures to defend them against adversarial actions. The impact of a successful attack on the ubiquitous computing environment can vary significantly and is typically a function of the criticality of the service offered by them. Factors like the popularity of the affected system, ease of exploitation, cost of remediation, and end of life support can all contribute to increasing or diminishing this impact. In extreme cases, the impact can be damaging when these systems are entrusted with the implicit or explicit responsibility of ensuring security, privacy, safety, and reliability of life and limb. Mitigation of vulnerabilities in these systems can be difficult owing to factors like time required to patch, cost of patching, and coverage provided by patching. Independent of the resources required to mitigate a vulnerability in ubiquitous computing systems, the adverse impact continues to reverberate. The chapter is structured as follows: It discusses associated works discussed in Sect. 2. Section 3 presents various threat categories. Section 4 focuses on threat motivations, and Sect. 5 concludes that chapter.
2 Related Work Security of ubiquitous computing continues to be a major concern and has been gaining a lot of traction in practical and academia circles. The work accomplished in the past includes threats to ubiquitous computers, infection and exploitation through malicious code, vulnerabilities enabling such infection and defensive measures to thwart them in mobile computing environment [10]. In other instances, the focus has been more holistic in identifying the potential and application areas for ubiquitous computers and addressing the challenges of securing such systems [23]. Trust is pivotal to ubiquitous computing systems and approaches to protect them using “trust” as a fulcrum in-lieu of “threat” provide an alternative mechanism to threat and attack taxonomy [6]. The assessment of level of trust required and built into ubiquitous computing must be validated as these systems end up becoming an integral part of human civilization [11]. Threat taxonomies are used to classify threats in an orderly and hierarchical manner and multiple competing variants exist to achieve this ask. The Open Threat Taxonomy initiative focuses on categorizing threats to
Taxonomy of Threats to Ubiquitous Computing
9
the entire organization [9]. European Union Agency for Network and Information Security (ENISA) published their ENISA Threat Taxonomy (ETT) [4, 5] that focuses on “threats applying to assets related to information and communication technology [25].” The National Institute of Standards and Technology (NIST) SP 800-32 document provides guidance on conducting risk assessments and contains a detailed taxonomy of threats accompanied by their respective source(s) [15]. The Carnegie Mellon University’s Software Engineering Institute (SEI) published the Taxonomy of Operational Cyber Security Risks (TOCSR) that focuses on operational threats to cybersecurity [8]. Existing threat taxonomies focus on the operational or functional perspectives and miss the cyber supply chain side. We attempt to classify and categorize threats and attack patterns that emanate from Cyber Supply Chain and affect ubiquitous computing systems. The threat taxonomy proposed in this chapter includes macro- and micro-level details so that it can be readily consumed by business executives or system administrators working on ubiquitous systems with consummate ease.
3 Threat Categories A threat generically can be defined as a negative occurrence(s) or action(s) that can damage an asset, and that must be shielded from such activities. The attack is an action that attempts to manifest a threat(s) on an asset that has a deleterious impact on its value. The threats to computing systems can and have been classified and categorized in various permutations and combinations and to varying levels of depth and detail. We attempt to categorize these threats into four different categories based upon the component or layer of a system they affect. These four categories and their definition are listed below: Hardware Threats—Threats that manifest either through physical or remote attack vectors and affect the hardware, firmware, boot loader, memory buses, storage media, integrated circuits, input/output interfaces, et al. are covered in this category. Compared to other categories of attacks, hardware attacks are not trivial to execute as they require specialized knowledge and equipment that’s neither free nor readily available [26]. Essentially, the bar to pull off an attack on the hardware layer is higher than almost any other layer discussed in this chapter. Software Threats—This category covers threats confronting the software stack supporting ubiquitous computing systems. It includes but is not limited to threats to the embedded operating system, system drivers, display mechanisms, networking stack, over-the-air updates, parsers, et al. Existing knowledge and tools used for attacking software can be adapted or used to execute these attacks on the software used by ubiquitous systems and services. The bar to execute software style attacks is probably the lowest among the layer discussed in this chapter. Network Threats—This category covers threats that affect the communication channels used for sending and receiving information by a ubiquitous computing
10
S. Rangari
system and an associated sensor(s) using networking protocols. Successful exploitation typically leads to unauthorized access to information and can impact the confidentiality, integrity, and availability of information. Attacks on the networking portion are perhaps the easiest to execute, especially when the medium is wireless networking protocols. Identical to the software layer, the bar to execute a successful attack on the internetworking layer is identical to the software layer. Cyber Supply Chain Threats—This category covers threats confronted by the components and sub-components used in assembling and building ubiquitous computing systems and that pass through a supply chain. The passage of these components through a supply chain exposes them to personnel, entities, and elements who have opportunities to compromise their security posture. They can be mitigated through the implementation of one or more security controls tailored to address these threats. However, awareness and appetite to expend resources on this effort are minimal among most organizations that are operating in and building ubiquitous computing ecosystems.
3.1 Hardware Threats Since their earliest days, computing systems have depended on two foundational pillars that are inalienable to their operations—software and hardware. The software defines “how” operation is performed, and the hardware performs the operation, as mentioned earlier. This interplay between software and hardware requires they have unwavering trust in the instructions sent and subsequent results obtained by either party from these interactions. However, misplaced trust in either layer can and most often result in catastrophic consequences. Boeing’s 737 Max software glitches and Intel’s Spectre and Meltdown hardware debacles are an unfortunate but necessary reminder of the fact that this trust must consistently and continuously be verified. Computing now powers every conceivable system we encounter, and this goes beyond the typical commercial systems they were initially planned to operate. Moreover, we depend on these systems to maintain the safety and security of our homes, our vehicles, mass transportation systems, power grids, water supply, and distribution, et al. Ubiquitous computing systems and the hardware powering them have grown immensely complex from a simple circuit board with a few logic gates to ones with powerful System-on-Chip (SoC). These systems now compute the outcome of input by processing countless factors and variables. Ergo the security of this hardware powering ubiquitous computing transforms into an important consideration. The security of the entire system, including the hardware, software, network, and cyber supply chain layers, is critical. Hardware security is an intractable problem because mitigating vulnerabilities in insecure hardware that’s already deployed and consumed, cannot be accomplished by merely releasing a patch to fix the vulnerability. The choices are limited and hard, ranging from product recall to costly replacement of insecure hardware or accepting the risks and using systems with exploitable vulnerabilities. These choices pale in
Taxonomy of Threats to Ubiquitous Computing
11
comparison to software vulnerabilities that can be patched with an update remotely or by upgrading the software itself [17]. Therefore, it is imperative to get hardware security right during design, development, fabrication, and distribution. Efforts at improving security after that usually result in a reduced yield curve or a diminishing rate of return. Threats to hardware security exist throughout the entire lifecycle, from conception to end of life. In the next few sections, we attempt to categorize, describe, and discuss these threats in more detail. We then enumerate several known attack patterns that are covered by these threat categories. The constantly evolving threat landscape makes it is difficult if not impossible to create a comprehensive and inclusive list of all threats and related attack patterns that can adversely impact a hardware asset or the service it is expected to provide. The categories and threats listed here have been borrowed and adapted from the Hardware Threat Landscape and Good Practice Guide published by the European Union Agency For Network And Information Security (ENISA) in 2017 [4, 5]. These threat categories are briefly described below, and known attack patterns are listed after that. (1) Abuse—The term abuse in the context of hardware security is defined as the incorrect use of a hardware asset, one that is harmful to its durability and the service it provides. We use this term to cover adversarial actions that attempt to misuse hardware and obtain unauthorized access to information or the ability to modify it without the knowledge and approval of the affected system and user. Hardware abuse is one of the more common security concerns and is tackled by the various preventive, detective, and response mechanisms built and baked into hardware to address these threats. The typical attack pattern in this category is listed below. (a) (b) (c) (d) (e) (f)
Hardware/Firmware Modification Over-the-Air Update Boot Loader Modification Memory Corruption Business Logic Flaws Local/Remote Management/Debug Interfaces
(2) Man-in-the-Middle (MITM)—The term MITM is borrowed from the computer/network security parlance and applies to hardware security “as-is.” It covers unauthorized adversarial actions that attempt an intercept, access, and modify communication between two or more hardware assets. Note that in this section, we cover variants of MITM threats affecting the hardware layer only. The typical attack pattern in this category is listed below. (a) (b) (c) (d)
Network Traffic Memory Bus Traffic Sensor Traffic Audio Traffic
12
S. Rangari
(3) Physical Attacks—This category covers adversarial actions that require physical access to hardware assets and attempt to modify, steal, or destroy information and disable or depreciate the asset by such egregious actions. Physical access directed at discovering vulnerabilities is the most common threat confronted by hardware. In instances where physical access cannot be obtained to targeted hardware, it is safe to assume in most if not all cases that an adversary eventually gains access to an identical piece of hardware. The typical attack pattern in this category is listed below. (a) Rootkits/Trojans/Malware (b) Access Control Mechanism (c) Disabling Features (4) Intentional or Unintentional Damage—Actions that inadvertently or knowingly cause physical harm to a hardware asset in an attempt to diminish its value and functionality to its users are covered under this category. The actions referenced herein may or may not originate from an adversary who is attempting to damage a hardware asset. For example, hardware damage caused by insufficient cooling could be the result of a dysfunctional power supply. The power supply could be broken through deliberate adversarial actions like sabotage or a natural disaster like an earthquake. The typical attack pattern in this category is listed below. (a) (b) (c) (d) (e)
Heating/Cooling Functionality Rooting/Bricking Debug/Power/Communication/Display/Audio Interfaces Excessive Resource Consumption Environmental/Man-made disasters
(5) Disruption—This category covers failures, outages, and malfunctions of hardware assets that disrupt the service expected from them. Adversarial actions that attempt to force a system in a debilitated state are covered in this category. Note that we do not cover disruptions from environmental factors as they have been addressed in the earlier Intentional or Unintentional Damage category. The typical attack pattern in this category is listed below. (a) (b) (c) (d) (e)
Denial of Service Degradation of Service Vulnerability Exploitation Communication Outage Authentication/Authorization Failures
(6) Information Disclosure—The information disclosure threat category in a hardware realm deals with information revealed through atypical avenues like reverse engineering and side-channel analysis. These techniques are used to observe and study the functioning of hardware minutely and deduce information from them, which can either be used to compromise the security posture of the affected
Taxonomy of Threats to Ubiquitous Computing
13
system or access information that otherwise is protected and must remain inaccessible to regular user(s). The typical attack pattern in this category is listed below. (a) Reverse Engineering (b) Side-Channel Attack (7) Legal and Compliance—Interruptions to service delivery arising from actions undertaken by regulators, judiciary, law enforcement, competitors, customers, et al. are covered by this category. The typical attack pattern in this category is listed below. (a) Violation of Laws/Regulations/Compliance (b) Violation of Contract Hardware always has and continues to be one of the primal and fundamental blocks of any computing ecosystem. A secure and robust foundation is an essential prerequisite to build layers on top that not only enhance the security of the entire system but are also provide value to the end-users. This principle applies unequivocally to all computing environments, including ubiquitous computing systems. The hardware layer is undoubtedly challenging to exploit vis-a-vis the software or internetworking layers, but once prosperous, it is also the most difficult to detect and remediate. Securing this layer is a multi-faceted effort that begins at the hardware layer but transcends beyond this layer and requires a holistic approach to address the threats, vulnerabilities, and risks.
3.2 Software Threats The software in general parlance is the programmed instruction sets and logic that constitutes the soul of a computer. It provides the underlying hardware with procedures whose execution delivers us with actionable output. Software is a vast domain and contingent upon the context used, can be distinguished into several categories and sub-categories. Besides these semantics of categorization, it is an indisputable fact that software is the lifeblood that runs hardware in all computing systems. The software must be error and vulnerability free for the hardware layer to trust the input received and provide reliable output. However, vulnerabilities have plagued software since its inception, and the hardware layer must verify the input before trusting and processing it. The software powering our computing systems has grown exponentially complicated, which impacts its security, and there is an entire domain of Software/Application Security dedicated to addressing the need for building secure and reliable software. We expect the hardware and software that are powering our computing systems to always provide the “correct” output without exception. This expectation applies equally to ubiquitous computing systems where we expect our smart health devices to intervene and protect our well-being or our smart home alarm
14
S. Rangari
from alerting us of intruders. Fundamental to these expectations is the notion that hardware and software are safe, secure, reliable, and free of errors. Software used in ubiquitous computing face atypical challenges that regular software does not confront. The input received by ubiquitous computing systems can be both traditional (e.g., mouse, keyboard, et al.) and non-traditional (e.g., touchscreen, speech, et al.). Either source poses their challenges, but together they can be the Achilles heel of a ubiquitous computing system. Higher trust rested in a ubiquitous system; therefore, it must translate into a higher level of security, reliability, and robustness of the software layer. The software must not only be free of typical defects but must also be able to face prolonged scrutiny by an adversary intent on finding loopholes and exploiting them. The domain of Software/Application Security is vast and beyond the scope of this textbook and chapter to address. As stated earlier in the Hardware Threats section and reiterated here, it is tough to formulate a comprehensive list of all threats that need to be tackled to make secure software. In the next section, we list several prominent software threats that can be categorized and attributed to the ten threat categories listed in the next section. The threats and attack patterns discussed in this section are derived from the exemplary work accomplished by the folks at MITRE Corporation in their Common Attack Pattern Enumeration and Classification (CAPEC) repository [14]. (1)
Access Control Subversion—The attempts of an adversary to access resources and information beyond the realm of their existing privilege and authorization are covered under this category. This goal can be reached by unauthorized access to resources through impersonating legitimate users or by escalating their existing privileges. Access control models that govern and guarantee fine-grained access to information exist, but their programmatic expression in the form of software can be error-prone and exploited by adversaries to attain their means. The typical attack pattern in this category is listed below. (a) (b) (c) (d) (e) (f)
(2)
Exploitation of Trusted Credentials Exploiting Trust in Client Authentication Abuse Authentication Bypass Privilege Abuse Privilege Escalation
Denial of Service (DoS)—This is an umbrella term for all forms of resource consumption and exhaustion threats that starve legitimate user needs from the resources it requires and adversely impacts the expected performance or outcome. Individual classes or sub-categories of DoS conditions can proactively be identified and prevented. However, complete inoculation against DoS threats is neither possible nor feasible, and the focus is on reducing the occurrences and managing their impact. The typical attack pattern in this category is listed below. (a) Forced Deadlock
Taxonomy of Threats to Ubiquitous Computing
15
(b) Flooding (c) Excessive Allocation (d) Resource/Memory Leak Exposure (3)
Probabilistic Attack Techniques—Adversarial actions that focus on providing an exhaustive input to software to potentially discover and trigger atypical behavior are covered in this category. These techniques are often extremely noisy and time consuming with a low probability of success. Nevertheless, they are used extensively by security practitioners to fortify their software against such attacks. The typical attack pattern in this category is listed below. (a) Fuzzing (b) Brute Force
(4)
Manipulation—This category covers a vast range of threats that attempt to circumvent the expected parameters of usage envisioned by the programmer and deceive the software in performing actions that cause unwarranted and unexpected conditions. These conditions could range from obtaining unauthorized access to information, overwrite information without necessary privileges, and execute arbitrary code. The typical attack pattern in this category is listed below. (a) (b) (c) (d) (e) (f) (g) (h) (i)
(5)
Manipulating User State API Manipulation Buffer Manipulation Shared Data Manipulation Pointer Manipulation Input Data Manipulation File Manipulation Configuration/Environment Manipulation Race Conditions
Man-in-the-Middle Attack (MITM)—Actions intended to intercept, capture, modify, and even eliminate communication between two or more entities without their authorization are termed as a MITM attack. The success of this attack varies and is dependent on factors like the communication medium, frequency of communication, and countermeasures implemented to thwart these attacks if any. The typical attack pattern in this category is listed below. (a) Application API Message Manipulation via Man-in-the-Middle (b) Leveraging Active Man-in-the-Middle Attacks to Bypass Same Origin Policy
(6)
Abuse—Adversarial actions that impact the expected or intended outcome of software without subverting or altering the underlying logic are termed abuse. An example of abuse would be downgrading the encryption of a secure communication mechanism by channeling it to use weaker encryption standards that were included to meet export cipher requirements. However, an adversary can
16
S. Rangari
successfully abuse this functionality and abuse the software to downgrade its encryption standards to facilitate an attack. The typical attack pattern in this category is listed below. (a) Functionality Bypass (b) Functionality Misuse (c) Sustained Client Engagement (7)
Injection—A broad range of adversarial actions that aim to deliberately insert information snippets that are then interpreted or executed by the software are covered in this category. These information snippets can be operating system commands that are executed on a system or programmatic code that is interpreted and executed to facilitate information leakage, code execution, and privilege of escalation attacks. The injected information may or may not be malicious; however, the intention and execution are considered malicious, even if the output is harmless. The typical attack pattern in this category is listed below. (a) (b) (c) (d) (e) (f) (g)
(8)
Spoofing—The focus here is on malicious interactions where an adversary impersonates a legitimate entity and tricks other users in communicating with them. Note that users are unaware of this impersonation and believe that they are interacting with the authentic entity and not an impostor. These attacks typically lead to information disclosure, which then can adversely impact the security and privacy of the affected user and their information. The typical attack pattern in this category is listed below. (a) (b) (c) (d)
(9)
Parameter Injection Resource Injection Code Injection Command Injection Object Injection Code Inclusion Local Execution of Code
Content Spoofing Identity Spoofing Resource Location Spoofing Action Spoofing
Information Disclosure—This category covers inadvertent or deliberate disclosure of information that otherwise should remain inaccessible to the user(s) of software. Note that the information disclosed or obtained from the manifestation of these threats may or may not be sensitive and could be used as a stepping stone to executing complicated attacks. In other instances, the information gleaned may not be useful in executing any attacks but is merely non-public information that programmers and businesses did not intend to disclose. The typical attack pattern in this category is listed below.
Taxonomy of Threats to Ubiquitous Computing
(a) (b) (c) (d)
17
Footprinting Excavation Fingerprinting Reverse Engineering
(10) Integrity Attacks—The integrity attack domain covers adversarial actions that attempt to alter the state of information which is in rest/transit/processing without the knowledge and approval of entities affected by these changes. These attacks are usually subtle, but their impact can be significant on the expected outcome or results. The typical attack pattern in this category is listed below. (a) Software Integrity Attack (b) Malicious Logic Insertion (c) Contaminate Resource The software layer depends on a trusted and secure execution environment provided by the hardware in any computing environment. A secure, reliable, and resilient hardware layer, however, does not guarantee security at the software layer. Complexity is the antithesis of security and software has been continuously growing in size and complexity, making the task of securing it challenging. The software layer presents the most significant attack surface among its peers and ample opportunities for a developer to commit inadvertent mistakes that can be exploited by an adversary to their advantage. Software and hardware are inherently intertwined, and exposure in any one of them is fatal from the perspective of securing a single computing system or an entire ecosystem.
3.3 Network Threats Computers have excelled in processing raw data and gleaning meaningful information from them. This information, when siloed in a computer or a facility limits its value to a subset of users that have physical access to it. The alternative was to use traditional means of information exchange which introduced moderate to significant delays with information sharing. Computer networks originated from this need to find an elegant solution for communicating information over distances among one or more entities. These networks and their underlying protocols have evolved to meet the needs of users using them. Networking protocols are special-purpose software whose principal task is to facilitate the transmission, processing, and receiving of information between interconnected systems. The threats faced by any networking software are identical to those faced by regular software, which has already been discussed in the earlier section. However, networks have also entrusted the responsibility of sending and receiving information, error correction, encryption and decryption, route and system discovery, session initiation and termination, et al. The action of information exchange between
18
S. Rangari
computing systems can expose information to several threats and attack patterns that we discuss in the ensuing sections. All networks use some form of medium to relay information, and the threats discussed in this section are targeted towards the medium and not the software. In the age of ubiquitous computing, it is difficult to imagine an isolated system not connected to a network for exchanging information. These connections could be intermittent or persistent, unidirectional or bi-directional, using wired or wireless mediums, and traveling in a secure or insecure mode. Architecting a ubiquitous computing system that works in absolute isolation without ever having to connect to another system would fatally inhibit its utility to its users. Networking in ubiquitous computing is part of its fabric where these systems continuously exchange information with one or more nodes. They are not just connected to a central networking gateway but also interconnected with other systems and can simultaneously use multiple networking protocols and interfaces to facilitate communication. For example, a sensor could communicate with other sensors or a hub over a Wireless Personal Area Network (WPAN), the hub could communicate over Wireless Local Area Network (WLAN) to a networking gateway or GSM/CDMA cellular gateway. These gateways could further be connected upstream with Fiber Optics to Internet Service Provider (ISP) gateways responsible for communicating data over vast geographies and even continents. The use of various wired and wireless networking protocols exposes these systems and the information to unique threats and attacks that are distinct from what we have already covered in the hardware and software sections. An adversary may or may not need to be in the physical proximity of nodes sending and receiving information while targeting a networking protocol used by a system. They can be located anywhere between these nodes or at either endpoint to attack the network and gain unauthorized to information. We enumerate and briefly describe these threats in the next section. (1) Obstruction—This is an archetypal threat to any network where an adversary attempts to impede the communication of information among nodes by means that it could range from destroying networking gear to hindering the transmission mechanisms. The threats to the network can vary based on the media used for communication. For example, a wireless network medium is prone to jamming while its wired counterpart is immune to this attack. The typical attack pattern in this category is listed below. (a) (b) (c) (d)
Physical Destruction of Networking System Route Disabling Jamming Blockage
(2) Communication Channel Manipulation—Communication networking nodes can be altered through exposure to known vulnerabilities or misconfigurations. These can provide an adversary the ability to obtain unauthorized access to communication medium and read, write, modify, and delete information without
Taxonomy of Threats to Ubiquitous Computing
19
the knowledge and approval of users. A Downgrade Attack on SSL/TLS is an example of this attack where an adversary attempts to force endpoints into using a deprecated version of security protocol. This attack can facilitate an attack on encrypted communication, which is recorded and subsequently brute-forced in an offline mode to recover the clear text information. The typical attack pattern in this category is listed below. (a) Exploiting Incorrectly Configured SSL/TLS (3) Information Leakage—One of the primary functions of a network is to interconnect systems and facilitate information exchange. This function also makes it a lucrative target for an adversary attempting to gather information traversing the network. Information can be obtained through active or passive means of collection and later analyzed and digested for value. The active collection involves deliberate attempts of forcing communication nodes and medium to leak information by causing error conditions or reverse-engineering networking protocol(s). The passive collection is the exact opposite of active, unobstructive gathering of information through observation that does not force the communication nodes and medium to leak information deliberately. The typical attack pattern in this category is listed below. (a) Footprinting (b) Protocol Analysis (4) Access Control—The term “Access Control” is a catchall phrase that can be used in numerous contexts to describe entities that control and enforce access to a resource(s). We have covered several access control threats in the earlier sections and won’t be reiterating them in this section. The focus is on threats that are uniquely applicable to networks. Information exchange between two or more nodes connected to a network requires them to trust the other end implicitly. Network protocols that unequivocally verify trust exist but are used sparingly. In instances where trust is implied or established through easily forgeable means, an adversary can exploit it to obtain unauthorized access to resources by circumventing access control measures. This subversion includes attacks like Man-in-the-Middle or Evil Twin on nodes that are susceptible to these attacks. The typical attack pattern in this category is listed below. (a) Exploiting Trusts in Client (5) Interception—This threat category covers the practice of accessing information traversing a communication medium between two or more nodes. An interception occurs when an adversary who is not the intended recipient of information gains unauthorized access to it. Depending upon the nature and value of information intercepted, it can be used to gain unauthorized access to systems and resources. Intercepted information can also be used as a stepping stone to craft and execute sophisticated attacks. The typical attack pattern in this category is listed below.
20
S. Rangari
(a) Sniffing (b) Eavesdropping (6) Spoofing—The deception of nodes, systems, and users communicating information with a malicious/unauthorized entity that imitates a legitimate one covered in this threat category. Successful spoofing attacks usually lead to breaches in security and privacy of information, exposure of sensitive information, and similar unwanted outcomes [20]. The typical attack pattern in this category is listed below. (a) Resource Location Spoofing (b) Content Spoofing (c) Identity Spoofing (7) Infrastructure Manipulation—All manners of threats to the physical and logical networking infrastructure are covered under this category. Similar to manipulation threats described earlier, an adversary targets to manipulate the infrastructure responsible for the functioning of a network. This attack can include manipulating the configuration, architecture, et al. of a network to access information traversing it without the knowledge and approval of users and network administrators. The typical attack pattern in this category is listed below. (a) Cache Poisoning (b) Routing Table Poisoning (8) Protocol Manipulation—The threat category of protocol manipulation deals with adversarial attempts of injecting information in the communication traffic traversing a wired or wireless network segment. The purpose could be to exploit a vulnerability, adversely impact message integrity, disrupt communication flow, re-routing network traffic, et al. Note that Protocol Analysis discussed in Information Leakage and this section differs in that the former is an attack technique during the later in a threat category. The typical attack pattern in this category is listed below. (a) Traffic Injection Networking, in the context of computing, has fundamentally altered the speed and modes of information exchange among all computing systems. The advent of high-speed wireless networking protocols has further transformed and provided elegance to a particular class of computing ecosystems like ubiquitous computing. The multiple layers in networking protocols and standards also provide a significant attack surface that requires robust defenses at these layers to protect the payload it carries across networks and interconnected systems. Networking is built upon the secure hardware and software layers and needs to be accorded equal if not more protection from the risk of compromise arising from vulnerability exploitation. Exposure at this layer would defeat the security provided by the hardware and software layer as the protection would be lost and in vain.
Taxonomy of Threats to Ubiquitous Computing
21
3.4 Cyber Supply Chain Threats A suitable computing technology system consists of numerous physical and logical components that are designed, architected, manufactured, assembled, tested, packaged, and delivered through a complex supply chain spanning vast geographies. This entire chain consists of personnel and entities from several organizations who are responsible for the safety, security, reliability, and trustworthiness of these components as it moves through this logistical maze. Emphasis on security varies across personnel, business units, organizations, and geographies, which in turn impacts these products and components. Their exposure to less than secure environments in these supply chains makes them a lucrative target for adversaries. Factors like outsourcing of manufacturing and development, diversity in supply chain routes, changing laws and regulations of nations, physical security challenges et al. can increase the supply chain threats faced by these component(s). The domain of Cyber Supply Chain Risk Management attempts to address them by recommending security best practices that can be followed to reduce exposure. Organizations continue to face increasing cyber supply chain threats owing to competitive market economies, focus on cost reduction, globalized development of hardware and software, continuous need to innovate, and attempts to capture new markets. Threats to commodities moving through supply chains have always existed, but their impact on the security was less understood and rarely served. Adversaries understood that a successful compromise at the component level while it is in the design or manufacturing phase would not only be challenging to identify but also harder to defend. Introducing vulnerabilities in components at an early stage can be an onerous task, but once accomplished, this loophole can remain persistent and affect multiple systems using the sabotaged component. Ubiquitous computing systems face these cyber supply chain threats from adversaries who want to gain unauthorized access to them. A subset of these systems that we rely on for facilitating lifesaving procedures, critical safety, and security decisions, and whose reliability is of paramount importance to our well-being are vital targets for adversaries. The attack surface presented by a cyber supply chain is less understood and addressed by most businesses, thereby providing opportunities for exploitation. Threat(s) that have evaded detection and slipped into a component through the exploitation of vulnerabilities in the cyber supply chain can adversely impact a vast ecosystem of systems, which can be challenging to discover and resource-intensive to mitigate. The prevention and detection of threats to cyber supply chains are one of the best defenses in protecting components populating both, general-purpose and ubiquitous computing systems. We discuss commons threats and attacks patterns to the cyber supply chain in the next section and provide a brief context about their nature and occurrence. The threats and attack patterns discussed in this section are derived from work accomplished by the MITRE Corporation in the Common Attack Pattern Enumeration and Classification (CAPEC) [15] repository and Supply Chain Attack Framework and Attack Patterns [13].
22
S. Rangari
(1) Substitution—The replacement of legitimate physical and logical components with malicious ones while they are moving through the cyber supply chain is covered under this threat category. The goal of these substitution(s) is to provide an adversary the means to compromise the security of the affected system using these component(s). A successful substitution can compromise the security posture of an entire product or at least provide an avenue to achieve similar nefarious objectives. A successful substitution attack, especially at the hardware or firmware level, can be devastating and may go unnoticed for an extended period. The success of substitution attacks at the hardware and firmware level is inversely proportional to the built-in countermeasures to thwart and defend against such attacks. Maliciously substituted software can be equally, if not more damaging. However, numerous opportunities to identify patterns associated with such anomalous software behavior exist, making this avenue more likely to be identified and remediated by the vendor or manufacturer. Consequently, these attacks can be detected and mitigated with ease of vis-a-vis hardware attacks that are difficult and expensive to mitigate. The typical attack pattern in this category is listed below. (a) Malicious Hardware (b) Malicious Firmware (c) Malicious Software (2) Malicious Insertion—Threats covered in this category deal with adversarial actions that add a malicious entity to a computing system or component without the knowledge and approval of the designers, manufacturers, and users. This insertion almost always leads to degradation in the security posture of such systems or components, and the impact can range from unfettered access to denial of service conditions. Malicious insertion differs from malicious substitution in that the inserted piece of logic is additional to what was manufactured, which makes the task of identifying this variance slightly easier than substitution. The maliciously inserted piece can be identified by comparing the difference between the expected and delivered systems. The typical attack patterns in this category are listed below. (a) Counterfeit Hardware (b) Malware (c) Malicious Software (3) Alteration—A broad range of threats that change the state of a computing system and components to a sub-optimal or insecure one is covered in this category. The intent is to force a state change that adversely impacts their security and reliability or makes them non-compliant with the enforced laws and regulations. While the goal of most attacks on computing systems and components is to either gain unauthorized access to them or information stored therein, in certain instances the ability to deteriorate their performance can be devastating and an objective of these attacks [16]. The threats and attacks covered under this category are vast and affect the entire cyber supply chain, which also makes it
Taxonomy of Threats to Ubiquitous Computing
23
difficult to defend against them. The typical attack pattern in this category is listed below. (a) (b) (c) (d)
Insecure State Cyber Espionage Performance Degradation Non-Compliance
In the past, focus on securing components through their lifecycle in the cyber supply chain was restricted to components and systems that were mission-critical. However, in recent years, interest in protecting the cyber supply chain of all computing systems and their components has gained traction. This change can be attributed to the fact that the cyber supply chain remains one of the weakest links in their security. Cyber supply chains can and often involve numerous entities in disparate geographical locations who have access to part or sum of these components were the emphasis on security is limited. These variances and numerous human interactions beyond the safety and security provided by a secure facility transform the cyber supply chain into a magnet for adversaries trying to penetrate a system. The lack of globally accepted cyber supply chain security standards, policies, procedures, and practices makes it difficult for businesses to ascertain the level of resilience provided by an entity in their supply chain. Other factors like the cost of implementing and enforcing intricate security measures do not provide a significant return on investment. This ambiguity makes it difficult for businesses and management to invest in cyber supply chain security measures. However, the recent emphasis on cyber supply chain security by the National Institute of Technology and Standards (NIST) and the European Union Agency for Network and Information Security (ENISA) provides an excellent framework to kickstart this initiative in the supply chain organizations [4, 5].
4 Threat Motivations The users of technology and ubiquitous computing systems are the least trained and most affected by threats that have manifested into viable attacks. Ubiquitous computing, like any modern computing system, consists of multiple layers of input and output mechanisms, which translates into a more opulent attack surface and a rewarding target for adversarial actions. Unlike desktop, server, mobile, and cloud computing entities that are administered, managed, monitored, and controlled by trained professionals, ubiquitous computing may or may not inherit these benefits of oversight. Vital resources like processing capabilities, power consumption, and network bandwidth, although abundant in supply still need to be conserved in ubiquitous computing systems. The fine line between security and usability of these systems is more precarious and needs to be re-drawn to account for variances between a typical and ubiquitous computing ecosystem. In the best-case scenario, a portion of this ecosystem must be accorded the oversight of trained security and
24
S. Rangari
technology professionals who have an eye for detail and expertise to identify the numerous risks confronted by them. The worst-case scenario is the opposite where the entire ecosystem has minimum oversight, and the emphasis is on the availability of services and not security, privacy, or resiliency of systems. Adversaries who are aware of these limitations have been targeting vulnerable computing systems for years. The opportunities to exploit vulnerabilities in these systems are sometimes readily available owing to deviation from security best practices. On other occasions, vulnerabilities are discovered post-facto, and businesses are left with the unenvious choice of deciding between security and performance. Leading-edge computing paradigms like ubiquitous, fog computing, mist computing, et al. challenge businesses operating in this space in numerous ways. One of the fundamental challenges confronted by them and one which they continuously struggle with is the timely delivery of products and solutions while maintaining their security and privacy. Often the novelty of these systems also makes it difficult to ascertain the risks they may pose to products, users, and information processed, communicated, and stored by them. Businesses operating insensitive or mission-critical domains like national security and armed forces can and do attempt to minimize their exposure with investment in security diligently. However, even their best efforts can be in vain because they cannot protect against risks whose existence is not known. A new class or breed of a vulnerability affecting paradigm-changing products is not unheard of and defending against such surprising, and unanticipated turn of events with archaic defenses often yield disappointing results. There are several motivators for an adversary to target general-purpose computing as well as ubiquitous computing systems. We discuss some of them in the next section. The motivators referenced here are known, but their applicability and context to leading-edge technologies like ubiquitous computing is new and shines a spotlight on the need to inoculate these systems against them. (1) Lack of Detection—Detecting attacks on ubiquitous computing systems require sophisticated detection capabilities, and most organizations usually don’t invest heavily in them. Users who confront and are affected by them rarely have the appetite, let alone the expertise to defend against such attacks. Moreover, specific attacks like those on the hardware layer are significantly painful than one on the software or the internetworking layers to detect. Besides the detection of security vulnerabilities on these systems is rarely one of the top priorities of a business. (2) Ease of Persistence—Implementation and enforcement of a layered defense approach are limited in ubiquitous computing systems, and successful attacks can often provide unfettered access to them. These compromises can go undetected for prolonged durations and in some instances like hardware and firmware exploits survive reboots and software upgrades. Unlike the software and internetworking layers, compromised hardware rarely exhibits behavior or signature that could be interpreted as malicious [3]. The lack of such explicit signs makes the task of identifying ongoing and successful attacks extremely difficult for users.
Taxonomy of Threats to Ubiquitous Computing
25
(3) Inadequate Mitigation—Remediating vulnerabilities that have been discovered in ubiquitous computing systems can be challenging for multiple reasons. These can range from the lack of mitigations or user indifference in implementing them or their impact on the usability of the affected system. For example, even with successful detection, hardware vulnerabilities can remain unpatched for numerous reasons ranging from the cost of mitigation, end of life of affected hardware, difficulty with patching, and user awareness about the gravity of the situation. Software poses fewer challenges in patching but can impose constraints on the patch size, impact on system usability, et al. These challenges, unfortunately, lead to the users and businesses accepting the risk of co-existing with these vulnerabilities and unwittingly provide adversaries opportunities to target and compromise affected systems. (4) Inherent Insecurity—The security practices that are typically common on network and software layers are remarkably absent or inconsistently implemented or enforced on hardware. Even the defenses present on some or all of these layers are often inconsistent and insufficiently implemented or enforced. An adversary needs one insecurity to gain a foothold on a vulnerable system, exploit it to obtain privileged access, and pivot to interconnected systems or compromise other layers. The practice of threat and vulnerability management requires specialized skills, tools, and practices that are hard and often expensive to acquire. Consequently, some businesses end up practicing security through obscurity, knowing well that a large swathe of users won’t have the expertise to find insecurities in their products. (5) Lack of Attribution—The practice of attribution requires that businesses have robust security response practices to detect, respond, contain, and attribute malicious activities to entities that were responsible for their occurrence [12]. Businesses cannot acquire this capability swiftly, and even then, attribution can often be confusing and outright impossible in a subset of cases. Adversaries can utilize anonymization techniques like “The Onion Router” (TOR) or “Virtual Private Network” (VPN) and Proxies to route attack traffic such that tracing their exact origin becomes almost impossible. In cases of hardware vulnerability exploitation, attribution can be complicated and challenging, which in turn encourages adversaries to use this attack vector. The lack or difficulty of attribution is essentially a free pass to attackers who can exploit a system knowing well that it is unlikely they would be caught or have to face the consequences for their malicious activities. (6) Financial Gains—Vulnerabilities in computing systems, ubiquitous or otherwise can command a large bounty and provide hefty financial gains for personnel that discover them [1]. These gains can incentivize security professionals to discover vulnerabilities in products leading to financial gains. However, this can also be counterproductive, where organizations may not have the resources to pay for vulnerabilities, and they end up with entities with questionable motives but deep pockets to pay the highest price for them. (7) Competitive Advantage—The discovery of critical vulnerabilities in products competing in a lucrative market or commanding a market leader position can
26
S. Rangari
often have a deleterious financial impact on the product and the organization. Competitors can employ this tactic to discover vulnerabilities, release exploits, and discuss their adverse impact through intermediaries and independent vendors. This method can provide a competitor, opportunity to gain market share, inflict financial and reputational damage, loss of employee morale, and even disrupt release plans. (8) Lower Entry Bar for Adversaries—The ease of information exchange through the World Wide Web has a few drawbacks which include knowledge transfer of malicious activities that were once confined to fewer and mostly responsible entities. The lowering of this entry bar for obtaining the know-how of targeting, exploiting, and compromising ubiquitous or any computing system has increased their exposure to script kiddies. Unlike entities who are genuinely interested in identifying and responsibly reporting vulnerabilities to improve the security posture of an affected system, script kiddies do not subscribe to this philosophy. Their motivations and interests are aligned with attacking, exploiting, and disrupting systems for gains at the expense of affected users and organizations. The Tactics, Techniques, and Procedures (TTPs) are readily available on the World Wide Web to those who care to search and use them. They can be used “as is,” or with limited modifications, can be calibrated and adapted to suit the attacker’s goals and without ever needing to discover a vulnerability or understand its impact. Access to this information makes the task of an attacker easier, while those of the defenders are significantly harder.
5 Summary The evolution of a secure, ubiquitous computing system requires that security is firmly established in the entire product development lifecycle. This development lifecycle includes the use of secure design, architecture, implementation, and verification practices enforced in the software and hardware domains [22]. A secure, ubiquitous computing system needs a trusted hardware platform to execute, and the creation of dependable hardware, in turn, relies partly on a secure supply chain. The need to secure any computing system always needs to be tempered with its usability. This principle applies more rigorously to ubiquitous computing systems as they are expected to provide a seamless, inconspicuous, and genial user experience [7]. The need to build interoperable, adaptable, context-aware, secure, and reliable ubiquitous systems can often create a unique set of challenges [2]. Businesses run the risk of creating ubiquitous systems that may be user-friendly but unable to withstand sustained scrutiny by an attacker. The fundamental principles of secure design require the identification of potential threats and addressing them in the development cycle [18, 19, 21]. Designers and architects can readily use the threat taxonomy discussed in this chapter in creating threat models and attack trees while addressing threats to ubiquitous systems. A generic threat model that depicts typical data flows between the various components in a ubiquitous computing system is included for reference
Taxonomy of Threats to Ubiquitous Computing
27
in Appendix 1—Generic Threat Model for Ubiquitous Computing. We have also included a Mind Map of the four threat categories viz. hardware, software, network, and cyber supply chain in Appendix 2—Mind Map of Ubiquitous Computing Threats to visualize these threats and numerous attack patterns. As ubiquitous computing continues to evolve, incorporate next-generation technologies and integrate even more deeply into our lives; the threats confronted by them can only increase. The adverse impact of successful attacks can force users to insist and manufacturers to highlight the higher degree of security and privacy controls built into their products. However, even with these protection mechanisms, ubiquitous computers may never have the traditional security accorded to desktop and server computers by trained and seasoned information security professionals. The use of machine learning and artificial intelligence in information security may in the distant future help ubiquitous systems achieve parity with the security insights provided by trained human beings. However, the designers, architects, and developers of such systems must bake security in their products, from conception to end of life. The suppliers and manufacturers must be cognizant and alert to the nontraditional risks from cyber supply chain security. Last but not least, users have to be vigilant and consider the risks and benefits of integrating and using devices whose exposure may bring much more than financial harm their way. Even with the best efforts of manufacturers and users, risks continue to exist and confront ubiquitous systems throughout their lifetime. However, risks can and have been successfully eliminated, reduced, or transferred through the implementation of countermeasures. The diligence of businesses and users is vital in alleviating these risks to a tolerable level and help ubiquitous computers to achieve its potential of improving and empowering our lives.
Appendix 1—Generic Threat Model for Ubiquitous Computing See Fig. 1.
Appendix 2—Mind Map of Ubiquitous Computing Threats See Fig. 2.
Fig. 1 Generic threat model for a ubiquitous computing system
28 S. Rangari
Fig. 2 Mid map of threats to ubiquitous computing system
Taxonomy of Threats to Ubiquitous Computing 29
30
S. Rangari
References 1. Ablon, L.: The Motivations of Cyber Threat Actors and Their Use and Monetization of Stolen Data RAND Corporation (2018) 2. Anil Kumar, M., Yadav, P.: Essential characteristics for ubiquitous projects. Int. J. Comput. Sci. Inf. Technol., 1897–1899 (2015) 3. Candid, W., Himanshu, A.: Living off the land and file-less attack-techniques. Symantec Corporation (2018) 4. ENISA: ENISA Threat Landscape 2015 (2016) 5. ENISA: Hardware Threat Landscape and Good Practice Guide (2017) 6. Jagadamba, G., Sathish Babu, B.: Adaptive security schemes based on context and trust for ubiquitous computing environment: a comprehensive survey. Indian J. Sci. Technol. (2016) 7. García-Herranz, M.: Easing the Smart Home: a rule-based language and multi-agent structure for end user development. Intell. Environ. JAISE, 437–438 (2010) 8. James Cebula, J., Popeck, M., Young, L.R.: A Taxonomy of Operational Cyber Security Risks Version 2 Software Engineering Institute (2014) 9. James Tarala, J., Tarala, K.K.: Open Threat Taxonomy (2015) 10. Kang, B.H.: Ubiquitous computing environment threats and defensive measures. Int. J. Multim. Ubiquit. Eng. 2(1) (2007) 11. Langheinrich, M.: When Trust Does Not Compute—The Role of Trust in Ubiquitous Computing Zurich: Institute for Pervasive Computing Swiss Federal Institute of Technology (ETH) (nd) 12. Lin, H.: Attribution of Malicious Cyber Incidents. Hoover Institution Aegis Paper Series on National Security Technology and Law (2016) 13. Miller, J.F.: Supply Chain attack framework and attack patterns. MITRE (2013) 14. MITRE: Retrieved from Common Attack Pattern Enumeration and Classification (nd) 15. NIST: Guide for conducting risk assessments (2012) 16. Office of The Director of National Intelligence: Foreign Economic Espionage in Cyberspace National Counterintelligence and Security Center (2018) 17. Peter, M., Bergeron, T.: Creating a Patch and Vulnerability Management Program NIST (2005) 18. SAFECode: Tactical Threat Modeling SAFECode (2017) 19. SAFECode: Fundamental Practices for Secure Software Development (2018) 20. Sen, J.: Ubiquitous computing: potentials and challenges. In: Proceedings of the International Conference on Trends & Advances in Computation & Engineering (TRACE) (2010) 21. Stajano F (nd) 22. Threat Taxonomy www.enisa.europa.eu: https://www.enisa.europa.eu/topics/threat-risk-man agement/threats-and-trends/enisa-threat-landscape/threat-taxonomy/view (2016 September) 23. Villasenor, J.D.: Ensuring Hardware Cybersecurity Issue in Technology Innovation (2011)
Cyber Crime and Their Restriction Through Laws and Techniques for Protecting Security Issues and Privacy Threats Qamar Atta Ul Haq
Abstract This chapter explains the privacy and security threats belonging to information technology and personal data. Cyber Security plays a significant part in the world of information development. Cyber protection has been one of the greatest problems of our period. Whenever we talk about information protection, the first aspect that falls to our minds is cyber-attacks that are rising exponentially every day. A range of countries and businesses are implementing a variety of steps to combat such cybercrimes. Besides numerous information protection initiatives, others are also really worried regarding cybersecurity. This paper focuses primarily on threats to information protection in terms of the new technology. It also reflects on the current cyber management strategies, principles, and developments that transform the landscape of computer security. This chapter explores law enforcement cybercrime cases from a range of angles, including regulatory authorities for disciplinary initiatives, preservation of privacy concerns, barriers to prosecution and best practices, relationships with law enforcement and the business sector, and preparation and capability for law enforcement. That illustrates the difficulty of cybercrime cases and the necessity for clear regulatory mechanisms, along with cybercrime law enforcement expertise and operational abilities. This chapter discusses the role of global, foreign, and regional laws and structures in the prevention and battle against cybercrime. This states that reform is important in all respects, including criminalization, administrative control, authority, and foreign cooperation. Although important advances have taken place over the last decade in the implementation of multilateral treaties aimed at fighting cybercrime, the chapter illustrates the increasing deterioration of law at the foreign and national level. Keywords Cyber space · Cyber security · Cybercrime laws · Privacy · Encapsulation · Hacker · Encryption · Firewall · IP address · Malware · Virus · Vulnerabilities · Suspicious activities Q. Atta Ul Haq (B) Computer Science Department, IUB University Bahawalpur, University Chowk, Gulshan Colony, Bahawalpur, Punjab 63100, Pakistan e-mail: [email protected] © The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd. 2021 P. N. Mahalle et al. (eds.), Security Issues and Privacy Threats in Smart Ubiquitous Computing, Studies in Systems, Decision and Control 341, https://doi.org/10.1007/978-981-33-4996-4_3
31
32
Q. Atta Ul Haq
1 Introduction The Internet is defined as a worldwide network comprising thousands of computers and other technological gadgets. Through the Web, you can access virtually any content, connect with everyone else in the world, and do even more. The Internet has revolutionized the field of computing and interactions like nothing. The development of telegraphy, telecommunications, radio, and machine sets the way for an unparalleled convergence of technologies. The Internet is at once a global communication tool, a platform for disseminating information, and a forum for cooperation and networking between individuals and their devices, independent of their geographical position. Through this article, many of those interested in the creation and growth of the Internet express our thoughts on its roots and its past [1, 2]. Cybersecurity is the task of protecting computers, routers, personal devices, automated services, networks, and documents against malicious attacks. This is also recognized as the defense of digital technology or computer information protection.
1.1 Network Security It is the method of protecting an unauthorized access to a computer network or your personal computer, be it aggressive threats or opportunistic malware.
1.2 Information Security Information security (Data Protection) is not all about protecting knowledge against unauthorized entry. Information Protection is primarily a method of avoiding unauthorized entry, usage, dissemination, disturbance, alteration, review, storage, or destruction of knowledge. Data can be either tangible or online.
1.3 Disaster Recovery and Business Continuity Define how a company reacts to a computer security incident or some other occurrence that results in a failure of activities or records. Disaster recovery procedures determine how the company returns its activities and resources to the same operating ability that it had before the disaster.
Cyber Crime and Their Restriction Through Laws …
33
1.4 Operational Security Requires procedures and actions pertaining to the management and security of digital information. Users’ rights to enter a network and protocols that decide whether and when data should be accessed or exchanged are also part of this framework.
1.5 Application Security Depend on maintaining apps and systems safe from risks. A hacked program may have access to the data that it wanted to secure. Effective monitoring starts at the design level long before a system or computer is implemented.
1.6 End-User Education Addresses the most uncertain aspect of information security: human beings. Someone may inadvertently add a virus to a network that is normally protected by refusing to obey sound security practices. Teaching users to erase unwanted email attachments, not to connect unexplained USB sticks, and other essential lessons are key to the health of every enterprise (Fig. 1).
Fig. 1 How Internet users are growing rapidly more than expectations [3]
34
Q. Atta Ul Haq
1.7 Types of Cyber Threats 1.7.1
Cybercrime
Cybercrime is described as a crime perpetrated using a system attached to a network such as a computer or a cell phone. Computer-crime computers are classified as computer offenders or cyber crooks. Online crimes are now growing at a higher rate with the rising digitization.
1.7.2
Cyber-Attack
Cyber-attack is an effort to deactivate machines, access data, or exploit a compromised computer network to initiate more attacks. Cyber-attackers may use a variety of strategies to launch a cyber-attack.
1.7.3
Cyber-Terrorism
Cyber-terrorism is the intersection between cyberspace and criminals. This applies to illegal actions and threats of actions on machines, networks, and knowledge held therein in order to threaten or compel a country or the citizens to achieve political or social goals. The word “Big data” applies to data which is so massive, rapid, or complicated that it is challenging or impossible to handle using conventional methods. The process of collecting and processing vast volumes of knowledge for scientific purposes has been around for a long time. Big data represented by 3Vs (Fig. 2).
1.8 Volume Organizations are gathering data from a range of outlets, including customer sales, smart (IoT) tools, construction machines, images, social networking, and more. During the past, maintaining it may have been a challenge—but affordable storage on systems like data lakes and Hadoop has eased the pressure.
1.9 Velocity Data comes to companies at an incredible pace through the rise of the Internet of Things and must be managed in a timely fashion. RFID identifiers, cameras, and smart meters push the need to manage such data torrents in almost real time.
Cyber Crime and Their Restriction Through Laws …
35
Fig. 2 Representation of 3Vs of a Big Data [4]
1.10 Variety Data arrives in many forms of media—from organized, binary records in the standard repositories to unstructured text papers, texts, images, audio, ticker records, and financial transactions.
2 Background The development of information and cybersecurity started in the 1970s. During this point there were no terms like malware, spyware, bugs, spiders, and reasoning rockets. Yet now, the exponential spike in cybercrime has forced these phrases to make their way into news stories every day. The history of cryptography has started with a test initiative. It only came into being as a consequence of the creation of viruses. Many of the attacks originated from disgruntled outsiders who had connections to inform that they weren’t allowed to use. Application protection of information systems and protection concerning risk and regulatory control have also grown independently [5, 6].
36
Q. Atta Ul Haq
2.1 Pasword Protection in 1960s It was in the 1960s that companies first decided to become more aware of their machines. During this specific time, when we are trying to learn, there was no Internet or network to think about, and surveillance was mostly based on more practical interventions and stopping individuals with adequate awareness about how to use a machine. Passwords and several levels of security authentication have been applied to the software to achieve so. Fire protection steps have since been placed in order to insure that the encrypted data is secure. After all, back in those days, there was no iCloud available, and machines needed to be protected through certain methods.
3 CREEPER to Reaper The development of cybersecurity started with a study experiment in the 1970 s on what was then regarded as the Integrated Technology Projects Organization Network (ARPANET). Bob Thomas, a programmer, produced a computer program that was able to transfer ARPANET network, leaving a tiny trace everywhere it goes. Ray Tomlinson—the guy who created the email—subsequently developed a software that would push CREEPER to the next point, rendering it as self-replicating and the first ever machine worm. Luckily, he developed another application named Reaper, which followed and removed CREEPER and offered the first example of antivirus software. Thomas and Tomlinson systems might have been planned as a bit of a disaster, but they really accomplished a very useful function, exposing a variety of weaknesses in ARPANET network security. It became a big problem at the moment, because many large companies and governments were connecting their machines via telephone lines in order to establish their own networks.
3.1 Computer Virus In the years that followed, machines have begun to grow more and more interactive, computer bugs have been more sophisticated, and cyber protection programs have not been able to keep up with the endless flood of creative hacking methods. Two years later, in 1988, Morris Worm was born—one of the big turning points in the evolution of cyber technology. Network use has started to grow exponentially, and more and more colleges, military organizations, and governments have been related to it. Which implied that the requisite protection precautions have been often slow to grow more robust, giving rise to Morris Worm.
Cyber Crime and Their Restriction Through Laws …
37
3.2 The Firewalls Rising When the Web became accessible to the public, more and more people started placing their personal details online. As a result, organized criminal groups saw that as a new stream of income and began collecting data from individuals and governments across the network. By the mid-1990s, vulnerabilities to network protection had grown dramatically, and as such, firewalls and antivirus systems needed to be mass-produced to secure the public. This was a NASA engineer who, after a computer virus assault at their California headquarters, developed the very first firewall programming software. The development team and their colleagues developed a simulated firewall that they based on real systems to avoid the spread of specific fires inside buildings or structures.
3.3 Punishment Throughout the early 2000s, states started to clamp down on the crime of hacking, enforcing even more stringent penalties for those responsible—including lengthy jail periods and substantial fines. It was a long way from the 1980s, where criminals were issued far shorter penalties—varying from serious punishments to probation. Computer technology began to develop as the Internet expanded; however, sadly, the viruses failed. Hackers soon became capable of developing viruses that could threaten not just individual organizations, but even whole towns, states, and even continents. Some of cybersecurity terms is giver below (Fig. 3). Computer Vulnerability Monitoring is a method for evaluating the cyber operations and capacities of unknown government agencies or offenders. Cybersecurity danger or cyber-attack may be described as a disruptive act that attempts to interrupt digital existence. This may be disturbing the contact route, destroying the data, or stealing the data. Hackers threaten companies, states, corporations, or even individuals with sensitive knowledge. Threats raised by cyber threats include DOS (non-service assaults), computer viruses, ransomware, phishing emails, among others. The attacks threaten someone that has an online presence. Cyber-attacks may contribute to electrical blackouts, leaks of government security records, breakdown of military infrastructure, destruction of computer networks, collapse of telecommunications networks, and unavailability of sensitive data and could impact human life’s operation. Cyber-threats are growing day-to-day, when technical advancements in artificial intelligence or intelligent networks promote the need for improved expertise to circumvent extremely safe structures. Among these purposes, company members must conduct a rigorous and comprehensive review of cyber risks in order to realize the degree of which their companies or organizations are vulnerable to cyber-attacks.
38
Q. Atta Ul Haq
Fig. 3 Common types of cyber threats and actors [7]
3.4 Cybersecurity Terms • Cyber-Crime: A cyber-attack in which one person or group of members are involved to target a particular system in order to get the Financial benefits and disruption of someone’s system. • Cyber-attack is a computer network attack in which the hacker attempt is specifically motivated to gain illegal access and unauthorized use of someone’s information. • Virus: A virus is a self-replicating and self-restructuring computer program that is being activated by clicking on a file or a video or that may be a link. Virus may have the following types 1. 2. 3. 4. 5. 6. 7. 8.
Boot Sector File Infector Direct Action Space Filler Resident Overwrite Multipartite Polymorphic
Cyber Crime and Their Restriction Through Laws …
39
• Trojans: Trojan is a kind of malware that is masked to decriminalize computer program. When you are ready to click on a file they are ready to control your system intentionally. 1. 2. 3. 4. 5.
Distant control Destructive Proxy FTP DOS
• Spyware: A computer program that securely collects and records data from user system is called spyware. Particularly, it is used to trace the credit and smart card information. 1. Key loggers 2. Password burglary • Ransomware: Malevolent computer program which disables the access of the user in one’s own computer system, until it steals out or deletes the data and information by the hacker. • Adware: Promotional Advertising software is, particularly, used to spread out the malware. • Botnets: Networks of malware malicious program taint infected computer systems and control fully the access of a user computer without the permission of the user.
4 Threat Landscape Cybersecurity risks are possible cyber incidents resulting from unintended acts or as a consequence of attacks by unauthorized actors that leverage weaknesses and inflict damage to the network or entity. Understanding all current and potential challenges is essential for the sustainable growth and proper operation of information systems. A possible theoretical vulnerability review, Hardware Trojans: unintended, destructive, deliberate modifications to electrical circuitry, was performed. We are built to undermine the actions of circuit-containing devices, and pose a constant danger to their proper activity. Hardware Trojans may be inserted into an electrical circuit at any point of design and creation and maintenance. Changes may involve improvements at the device stage, such as inserting chips and circuits, or modifying current chips by implementing different logic functions or minor physical process differences during development. This new vulnerability threatens the fundamentals of existing security models owing to their ability to undermine the central source of trust in which device stability is cantered. As a result, the existing definition of threats and how they are handled must be revised; potential programs will function in the midst of these risks while preserving their optimal organizational and protection Targets (Fig. 4).
40
Q. Atta Ul Haq
Fig. 4 Prevention of cyber-attacks by legal, technical, organizational, capacity building and corporational [8]
4.1 Vulnerability In the sense of that dependency and potential security risks, five main weaknesses arose from the study of interviews with information communications technology (ICT)-dependent end-users and service network providers (SNP). Five main fields of growing digitization, growing innovation and rising uncertainty outsourcing, lagging protection posture, and growing inter-connectivity are introduced along with vignettes explaining how emerging threats might leverage such vulnerabilities. The research provides an image of the potential information security world • • • • •
Much is at risk owing to Australia reliance on ICT, This is a growing vulnerability to possible cyber threats, Technology appears to fall behind the technologies, Potential threats can be more effective and more challenging to track, and The size, inter-connectivity, and interdependence of the networks would complicate the response to the attacks.
Cyber Crime and Their Restriction Through Laws …
41
Security risks are possible cyber incidents resulting from unintended acts or as a consequence of attacks by external actors that leverage weaknesses and that damage the device or entity. Considering all current and potential challenges is essential for the sustainable growth and proper operation of information systems.
4.2 Targeted Attacks Targeted attack relates to a form of vulnerability in which the threat actors deliberately exploit and breach the network of a target organization while preserving anonymity. Such perpetrators have a certain amount of experience and ample money to maintain their projects over a long period of time. Threat actors recognize and collect knowledge that is publicly accessible regarding their target to tailor their assaults. The initial process is aimed at gathering quantitative knowledge not just regarding the IT landscape of the planned goal but also about the organizational structure. • Subverting the supply chain Strike facilities or tools to be sent to the company • Spear-phishing Send emails to selected individuals who might have a malware attachment or a connection installing malicious software • Deploying a botnet Operation of Distributed Denial of Service (DDOS) Attack The knowledge obtained will vary from market processes and technologies that an organization employs to the positions and partnerships that occur inside it. This process often incorporates methods in social psychology that exploit current developments, work-related problems or complaints, and other fields in focus toward the planned purpose. Once confidentiality has been broken, the threat actors actively connect to the software, either to execute destructive activities or to collect knowledge in the business network. Threatening performers employ tactics to mask their contact to bring their actions under the radar [9].
4.3 Untargeted Attack It is the most growing, pervasive type of deliberate attack. The purpose to do damage to human machines is the motivating factor behind such assaults, but there is no single user or entity to be attacked. These prefer to take the shape of malware, worms, and viruses, most of which are distributed across the Internet. Untargeted attacks occur
42
Q. Atta Ul Haq
Fig. 5 How cyber attackers breach our security [11]
where hackers may not have a particular direction, company, or individual they occur targeting. Alternatively, they actually throw as large a net as they can, and give out fake texts, connections, etc. trying to kill as many users as they can [10]. • Phishing Sending emails to vast quantities of people calling for personal details or urging them to visit bogus websites. • Ransomware That may involve disk encrypting ransom malware • Scanning Attacking large areas of the Web at random • Water holing Putting up a bogus website or modifying a real one to trick people accessing the app. If a cyber-attack is planned or not, whether the intruder utilizes goods, whether tailor-made devices, cyber threats have many levels in general. Cyber-attack may consist of repetitive steps, specifically if it is conducted out by a consistent adversary [11]. The intruder is essentially checking the defenses for vulnerabilities that would get them back to their end target if exploitable. Learning those steps will enable you to protect yourself more effectively (Fig. 5). Survey: Investigate and evaluate the accessible goal knowledge in order to find possible weaknesses. Delivery: Moving to the stage that a flaw can be abused in a device. Breach: Using vulnerabilities/ vulnerabilities to obtain any type of unauthorized access. Affect: Activities inside a program that meets the goal of the intruder Before investing in security, many companies also want clear proof that they are, or may be, threatened by particular attacks. However, it is still impossible to include an objective evaluation of the risks posed by individual entities in cyberspace (Fig. 6).
Cyber Crime and Their Restriction Through Laws …
43
Fig. 6 Representation of advanced cyber-attacker generations [10]
5 Threat Landscape Vulnerabilities Vulnerabilities allow attackers the ability to obtain entry to the programs. These may arise by bugs, functionality, or user error, and attackers may try to manipulate all of them, frequently mixing one or both, to accomplish their ultimate objective.
5.1 Flaws An error is an accidental function. It could be attributed to bad execution or two failures created during deployment. Faults can remain undetected for a considerable amount of time. Many of the successful threats we see today are targeting these kinds of vulnerabilities. Some of the successful threats we see today are targeting these kinds of vulnerabilities. About 8,000 popular and special in the past 12 months. Verified security bugs have been found in the US Local. List of Vulnerability National Vulnerability Database (NVD).
44
Q. Atta Ul Haq
5.2 Features A feature is meant to be a convenience that can be misused by an intruder to destroy the machine. Properties can be enhanced by the customer practice, aid to solve issues or strengthen performance; however, they may even be abused by an intruder.
5.3 User Error A device or program that has been properly developed and installed will mitigate the limitations of Internet access. Sadly, these measures will quickly be reversed.
6 How to Reduce Your Data Access to Cyber-Attacks Preventing, anticipating, or stopping an intrusion at the earliest moment reduces the market effect and scope for harm to credibility. If the intruder has established their influence, it would be more challenging to locate and eliminate them.
6.1 Knowing the Attack Pattern However, if they are typically the most inspired perpetrators who succeed in executing multiple-stage assaults, they frequently do so utilizing common resources and methods that are simpler and simple for them to use. And having in place protection checks and procedures that can minimize them would go some distance to making the company a difficult goal. Likewise, embracing a defense-in-depth strategy to risk reduction across a wide spectrum of future threats can give the company greater flexibility when coping with assaults that utilize greater specialized methods and techniques? Thankfully, there are successful and inexpensive ways to reduce the organization’s vulnerability to more specific forms of cyber threats on networks that are open to the Internet. The following safeguards are included in the Security Basics, along with further detail about how to enforce them [12].
7 Case Study Attackers used a strategy known as the “watering door” attack to spread ransomware to firms involved in the British electricity sector. The perpetrators also inserted links
Cyber Crime and Their Restriction Through Laws …
45
to official websites used by workers in the energy industry. Most of the pages have been operated by the same web design service. Visitors’ tabs have been secretly and surreptitiously routed to access malware from the website operated by the intruder [12]. The hackers learned during the survey stage that a specific web designing firm was running a variety of websites for energy sector companies. And if we can’t know for sure whether the intruder carried out the assault to penetrate the web, they might have penetrated the networks of a web designing firm by attempting to portray as a legal user credential obtained by active spear-phishing, or by leveraging an unpatched flaw on the site server. The intruder hacked the database server and then inserted a code that allowed their own website to be posted if the official website was accessed. The distribution step, then included sending the malware code to the victim’s machines to the attacker’s website. Unpatched sites have been abused by established Java program vulnerabilities and rising Web browsers. The attackers used a range of asset tactics to breach their goals in the energy market. We are likely to obtain exposure to legal websites utilizing advanced inspection software to leverage unpatched bugs or have utilized social manipulation to benefit from inadequate consumer training to awareness-raising. The script stored on the attacker’s website uses programs that are identified to enable RAT bugs in the program. Although the attack was identified by security surveillance, this protection is not 100% successful, because it is highly reliant on it. Science and ability. If sufficient critical controls had been in effect, the attack may not have been effective. Cyber challenges are getting increasingly complex by combining once separate styles of assaults into more destructive ways. Increased diversity and frequency of attacks is unavoidable, provided the ability of financial and criminally driven actors to gain personal and sensitive details, as illustrated in this article. We explain how the Daily Operation Principle may be used to reduce these threats by minimizing the incentives for cybercrime, rendering cybercrime more likely to undertake, and increasing the chances of identification and punishment correlated with cybercrime. Potential testing problems have also been established. Cybercriminals’ primary aim is to earn profits as the rising price of Bit Coin, crypto mining, and ransomwares are also the cyber criminals’ main objective. The focused attention of big companies is the changing patterns. In addition to smaller cases, one of the world’s leading aluminum manufacturers, Norsk Hydro, was threatened earlier this year (Fig. 7). Cyber threats are the malicious manipulation of operating infrastructure, technology-dependent organizations, and networks. Cyber-attacks employ malicious technology to modify machine code, reasoning or records, resulting in destructive effects that may damage records and contribute to cybercrimes such as intelligence and identity theft. Cyber threats are a sensitive problem in the Web protection environment. Governments and companies across the world are making massive efforts to protect their records [12]. The dilemma grows bigger every day, when growing types of ransomware tend to threaten networks. It is important to remember before and during these assaults, in
46
Q. Atta Ul Haq
Fig. 7 Historical cyberware fare introduction [13]
order to give our network better security. Understanding models of attacks provide more insight to network vulnerabilities and may, in turn, be used to protect the network against future assaults. In order to determine the top potential vulnerability list, it is necessary to evaluate the network, which will provide an insightful understanding of network security. Managing an active attack often presents considerable network danger and critical data, where timely action is expected. Proper usage of assault simulation techniques allows strategic preparation, which can be executed easily during a continuous attack. Our aim is to examine various forms of current modeling assault strategies to consider the network’s vulnerability; and the opponent’s actions and objectives. The ultimate aim is to tackle cyber threat efficiently utilizing tools for modeling attacks.
8 Types of Cyber Attack A cyber-attack is any variation of illegal and offensive action that targets database and computer information systems, network infrastructures, computer system networks, or computer and Internet connected devices, victimization varied strategies to steal, alter, or destroy information or computer information systems [14]. 1. 2. 3.
Denial of services (DOS) and distributed denial of services (DDOS) MITM attack P and SP
Cyber Crime and Their Restriction Through Laws …
4. 5. 6. 7. 8. 9. 10.
47
Driven Key/Password Cracking XSS (Cross site scripting) cyber-attack SQLI (SQL Injection) attack Eavesdropping cyber-attack BD (Birthday) attack Malware assail
8.1 DOS and DDOS A Distributed Denial of Service (DDoS) cyber-attack is one of the most common forms of DOS attacks currently in operation. Several applications bombard a single device with malicious traffic during a DDoS attack. Through utilizing different positions to target the device, the intruder may quickly switch the machine offline. The explanation for that is because there are more computers in the hands of the perpetrators and it is harder for the survivor to locate the target of the attack [14] (Fig. 8). Furthermore, utilizing a DDoS cyber-attack allows rehabilitation more difficult for the user. The tools used to perform DDoS attacks were infected nine times out of ten, meaning that the intruder would initiate attacks remotely utilizing slave computers. Such worker robots are called mutants or bots. 1. TCP and SYN flood assail 2. Teardrop assail
Fig. 8 Representation of DOA and DDOS [14]
48
Q. Atta Ul Haq
Fig. 9 Representation of cyber-attack Man in the middle [14]
3. Smurf attack 4. POD (Ping od Death) attack 5. Botnets
8.2 MITM A MITM is a type of cyber-attack and attack that arise when a hacker embed itself between and into the transmission medium when communications between client and server occur. A MitM (man-in-the-middle) intrusion occurs where an intruder intercepts two-party messages to either remotely eavesdrop or alter information between the two. Attackers can use MitM attacks to capture user credentials or personal details, spy on the target, or transmit sabotage or malicious details [14]. MitM cyber-attack consists of sitting between two groups communicating and then traffic monitoring or abuse. It may be due to the conflict with legitimate networks or the development of false networks operated by the intruder. Compromised and targeted traffic is then stripped of all security for manipulating, modifying, or redirecting the traffic to the goal of the option intruder. Since attackers may secretly track the intercepted traffic to their expected target after it has been registered or modified, it can be a challenging attack to detect. 1. Session Hijacking 2. IP Spoofing 3. Replay (Fig. 9).
8.3 Phishing and Spear Phishing Phishing is a process in which the hacker sends arbitrarily email to a large number of people more and less at least one of them responds to the received email called
Cyber Crime and Their Restriction Through Laws …
49
Fig. 10 Representation of phishing and spear phishing cyber-attack [14]
phishing. Spear Phishing is a process in which specifically particular email are designed in order to get a victim response for that trapped email called spear phishing [14] (Fig. 10). 1. 2. 3. 4.
Critical thinking Hovering over links Sandboxing Detail examining of the emails headers
8.4 Phishing and Spear Phishing Password cracking is a unique process by which the recapturing and re-attaining of a victim information system and a victim database then the password is take placed of a victim system and other social sites called password cracking assail cyber-attack [14] (Fig. 11).
8.5 SQL Injection SQL injection is process by which the hacker inserts, embeds, and injects the code into your computer information system and database, which may destroy the entire database called SQL injection; the second name of a SQL injection is a web hacking [14] (Fig. 12).
50
Fig. 11 Representation of password cracking cyber-attack [14]
Fig. 12 Representation of SQL injection cyber-attack [14]
Q. Atta Ul Haq
Cyber Crime and Their Restriction Through Laws …
51
8.6 XSS Cyber-Attack XSS (Cross-site scripting) is a technique by which malicious code and script to the terminals of a web application is as a victim of hacker, hacker is using a web application or site for this purpose called XSS [14] (Fig. 13).
9 World Cybersecurity Companies The SaaS Report (Software as a Service, The computer code Report) is happy to announce the highest 25 Cybersecurity firms of 2018. A 4-month method runs to gather nominations from many hundred executives and professionals within the computer code trade. We tend to gather information on every politico as well as adequacy of security technology, level of client support, information of the newest cyber threats, corporate executive leadership effectiveness, and CTO proficiency among different key areas [15]. 1. 2. 3. 4. 5. 6.
Symantec FireEye BlackBerry Proof-Point Fortinet McAfee
Fig. 13 Representation of XSS (cross-site scripting) cyber-attackTypes of Cyber Attack [14]
52
Q. Atta Ul Haq
7. Rapid7 8. Imperva 9. Cyber-Arck
10 International Human Rights and Cyber Crime Laws Cyber-crime regulation consists of legal guidelines that are related with a digital world crime, Internet crime, pc data structures crimes, communications crimes, and technological know-how crimes. Whereas the net and the digital economic system symbolize a most important chance, it is conjointly a companion in nursing enabler for crook activity. Cyber-crime legal guidelines rectangularly measure the legal guidelines that make the offences and penalties for cyber-crimes [16, 17].
10.1 Model Laws AUCCSPPDA stand for A = African U = Union C = Convention on C = Cyberspace S = Security and P = Personal D = Data P = Protection And the CECC stand as follows C = Council of E = Europe C = Convention on C = Cybercrime Approved the following international cyber laws for cyber-crime and for cyber criminals [3, 16]. 1. 2. 3. 4. 5. 6. 7. 8. 9.
CW Law (Law for Computer and computer relevance crime) SADC Law (Law on a cyber-crime and for computer crime) HIPCAR Law (E-Crime and Information Transmission Regulatory Polices) ITUCLR (The International Telecommunications Union Cyber-crime Legislation Resources) Cyber-Crime Bill (South Africa) CISA (Cyber security Information Sharing Act) EU (The Information system security of directives) CCA 1995 (Criminal Code Act) Australia CA 2001 (Cyber-Crime Act) Australia
Cyber Crime and Their Restriction Through Laws …
10. 11. 12. 13. 14. 15. 16. 17. 18. 19. 20. 21.
53
CCRC (Cyber-crime & Computer-related-Crimes) for Botswana CMA 2007 (Computer-Misuse-Act) for Brunei-Darussalam CCA (Criminal-Code-Act) from Canada CSA (Cyber-Security Act) of China CCA (Criminal Code Act) of France CCA (Computer-Crime Act) Malaysia CA 1961 (Crime Act) of New Zealand CPA 2012 (Cyber-Crime Prevention Act) of Philippines ACC (Act of Computer-Crime) of Thailand CA 2015 (Cyber-Crime Act) of Tanzania CMA 2013 (Computer-Misuse Act) of UK USC 2015 (United-States Codes) of USA
10.2 Freedom of Speech 1. 2. 3. 4. 5.
1948 Article 19 (Human Rights as Universal Declaration) 1950 Article 10 1966 Article 19 1969 Article 13 1981 Article 9(2)
10.3 Right to Privacy 1. 2. 3. 4.
1948 Article 12 (Personal Privacy and for Protection Civilian Act) 1950 Article 8 1966 Article 17 1969 Article 11
10.4 Internet Privacy Protection Laws 1. 2. 3. 4. 5. 6. 7. 8. 9.
1914 FTC (Federal Trade Commission Act) 1986 ECPA (Electronic Communication Privacy Act) 1986 CFAA (Computer Fraud and Abuse Act) 1998 COPPA (Children’s-Online and for the Privacy-Protection of Childs Act) 2003 CAN-SPAM Act 1999 GLBA (Financial Services & Modernization Act) 2003 FACTA (Fair and Accurate Credit Transactions Act) 1996 ECPA (Electronic Communications Privacy Act) 2011 CISPA (Cyber Intelligence & Sharing And Protection Act)
54 Table 1 Cyber-attack infected company victims recently [18]
Q. Atta Ul Haq Company
Accounts hacked Date of hack
Yahoo!
3 billion
Aug 2013
Marriott
500 million
2014–2018
Yahoo!
500 million
Late 2014
Adult FriendFinder
412 million
Oct 2016
MySpace
360 million
May 2016
Under Armor
150 million
Feb 2018
Equifax
145.5 million
Jul 2017
Ebay
145 million
May 2014
Target
110 million
Nov 2013
Heartland Payment Systems 100+ million
May 2008
LinkedIn
100 million
Jun 2012
Rambler.ru
98 million
Feb 2012
TJX
94 million
2003–2004
AOL
92 million
2004
MyHeritage
92 million
Oct 2017
Sony PlayStation Network
77 million
Apr 2011
JP Morgan Chase
83 million
Jul 2014
Tumblr
65 million
Feb 2013
Uber
57 million
Late 2016
Home Depot
53 million
Apr 2014
Facebook
50 million
Jul 2017
Cyber law is very important as a result; it touches the majority aspects of transactions and activities on and regarding the web, the planet wide Internet and Internet. At first it should appear that Cyber laws may be a terrible technical field which doesn’t have any bearing to most activities in Internet (Table 1).
11 Case Study In November 14, 2018 LOS ANGELES, the antecedent Information Technology Minister substantiated convicted for hacking the Information from the computers of his antecedent employer in California City Irvine [19, 8]. The US Department of Judicial Affairs, the “Computer Crime and Intellectual Property Section”, announced a press release of 18 - 185 on Wednesday 14 November 2018. In LOS ANGELES, A Man from Arizona (State of USA) convicted him of removing electronic files containing the sensitive information from federal computer systems.
Cyber Crime and Their Restriction Through Laws …
55
Nikishna Polequaptewa was found guilty by a Federal Jury of the United States Department of Justice on Tuesday. The jury condemn the sensitive harm and protected the computer system information by an unauthorized impairment that leads to $50,000 loss. Nikishna Polequaptewa was employed in April 2014 at the BSSG. Nikishna Polequaptewa is convicted of the federal penalty for up to 10 years under rule of law and the US Department of Justice Act 1986 CFAA (Computer Fraud and Abuse Act) by District Court Respondents Judiciary Judge its name C. J. Carney. In this inquiry, an analysis is conducted. In 2014, Nikishna Polequaptewa is residing in the courthouse in Garden Grove during proceedings.
12 Ways to Protect Yourself and Your System Against Cyber-Attack and Cyber-Crime You may count on that the sole form of crime you have obtained to stress involving is hackers stealing your economic data. However, it ought to no longer be consequently straightforward. This may place many greater issues than honestly fundamental financial ones. Crime continues to evolve with new threats regression per annum. When you hear and skim related to the fluctuate of cyber-crimes out there, you would maybe be tempted to forestall mistreatment of the Internet entirely. That is in all likelihood too forceful.
12.1 Emphasize on Employees to Obey Cybersecurity Principles Cyber Security Principles (CSP) possess or have a collection of strategies that may help to protect our data or information present in system by organizing our system for defending from hacker by employing security principles which is given below 1. 2. 3. 4.
Govern Protect Detect Respond
Govern (G1 , G2 —- G5 ) is used to detect the security issues and risks related to our system. After that identifying the risks, Protection (P1 , P2 — P14 ) comes to minimize the security issues that is identified. We secure our system from unauthorized access and now is a time to detect and identify what type of attack it is. After realizing the attacking event, we have to respond (R1 , R2 , R3 ) to the detected suspect.
56
Q. Atta Ul Haq
12.2 Installing Anti-virus and Anti-spyware Software PC infection is characterized as “A malevolent PC program that is implanted in a record or program and looks like clearly safe program and document. The infection loads itself to the PC without the information of client and makes the PC to work in a manner that isn’t encouraged by the approved and lawful proprietor or director of the PC The arrangement or solution for this bad dream is an antivirus programming. Antivirus programming is intended to distinguish, square, and afterward expel an infection. Antivirus programs utilize different procedures for identifying infections. These incorporate mark based checking, social filtering, and heuristics. When distinguished, the antivirus programming requests that the client perform fitting activity against the infection or chooses a particular reaction from choices like erase, fix, or isolate Spyware is a program that is built to take significant data from a PC. It works in covertness mode and is very hard to recognize and expel. A PC program that is created to identify and evacuate spyware programs is called against spyware. Against spyware programs are generally founded to conduct examining strategies that identify and evacuate spywares. 1. 2. 3. 4. 5. 6.
Spybot Norton-360 Standard SpywareBlaster Mcafee-Total Protection Adaware BottomLine
12.3 Firewall A firewall is just a program or equipment gadget that channels the data getting through the Internet association into your private Network or PC framework. In the event that an approaching parcel of data is hailed by the channels, it isn’t permitted through. 1. Packet separating—Packets (little lumps of information) are broke down against a lot of channels. Parcels that endure the channels are sent to the mentioning framework and all others are disposed of. 2. Proxy administration—Information from the Internet is recovered by the firewall and afterward sent to the mentioning framework and the other way around. 3. Stateful investigation—A more current strategy that doesn’t look at the substance of every bundle except that it rather thinks about certain key pieces of the parcel to a database of confided in data.
Cyber Crime and Their Restriction Through Laws …
57
12.4 Update Software to Meet the Security Requirements An update is new, improved, or fixed programming, which replaces more seasoned forms of a similar programming. For instance, refreshing your working framework carries it in the knowledge regarding the most recent drivers, framework utilities, and security programming. Updates are frequently given by the product distributer who is liberated from extra charge [20].
12.5 Periodically Data Backups An information reinforcement is the consequence of replicating or documenting records and envelopes to have the option to reestablish them if there should arise an occurrence of information misfortune. Information misfortune can be brought about by numerous things going from PC infections to equipment disappointments to record defilement to fire, flood, or burglary (and so forth). On the off chance that you are liable for business information, a misfortune may include basic budgetary, client, and friend’s information. In the event that the information is on a PC, you could lose budgetary information and other key records, pictures, music, and so forth that would be difficult to supplant. As a component of an information reinforcement plan, you ought to think about the accompanying [21] 1. 2. 3. 4. 5. 6.
What information (documents and organizers) to be reinforced? What pressure strategy to utilize? How frequently to run your reinforcements? What sort of reinforcements to run? What sort of media on which to store the reinforcements? Where to store the reinforcement information for supervision?
12.6 Make Secure and Strong Your Own Computer Network The realities encompassing cybersecurity can be absolute startling, and ensuring your framework is basic. However, it very well may be a test for little and mediumsize associations that don’t make some full-memories IT staff to manage framework upkeep. 1. 2. 3. 4. 5. 6.
Strongly spotlight on organize security standards Make your Password progressively more grounded Update system Restricted physical connection with organized gadgets Terminal might not have consent to introduce programming Firewall
58
Q. Atta Ul Haq
12.7 Secure Your Personal Wireless Fidelity Remote security is the counteraction of unapproved access or harm to PCs or information utilizing remote systems, which incorporate Wi-Fi systems. The most widely recognized sort is Wi-Fi security, which incorporates and includes (WEP) and (WPA). WEP = Wired Equivalent Privacy WPA = Wi-Fi Protected Access 1. 2. 3. 4. 5. 6. 7.
Open routers configuration page Strengthen your password selection Change network SSID (Service-set-identifier) Make Functional of Encryption Mode Separation of MAC—address through colander Control the limits of your Wi-Fi signals Restructure the Firmware of a router
12.8 Beware of Identity Theft Data fraud is the point at which another person utilizes your own data to mimic you on any stage to pick up benefits in your name while the bills are tended to for you. It is only a model, wholesale fraud can make you harm more genuinely than money related misfortunes. The most widely recognized purpose behind fraud is inappropriate administration of delicate individual information. There are a few things to be stayed away from when being managed by recognizable information: 1. Never share your Aadhar/PAN number (In India) with anybody whom you don’t have the foggiest idea/trust. 2. Never share your SSN(USA) with anybody whom you don’t have the foggiest idea/trust. 3. Do not post delicate information on interpersonal interaction locales. 4. Do not make all the individual data on your Internet-based life accounts open. 5. Please never share an Aadhar OTP got on your telephone with somebody over a call. 6. Make sure that you don’t get pointless OTP SMS about Aadhar(if you do, your Aadhar number is now in inappropriate hands) 7. Do not fill individual information on the site that guarantee to offer advantages consequently
Cyber Crime and Their Restriction Through Laws …
59
12.9 Mandatory Steps and Precautions if You’re Victimized by Someone Unknown • File a conventional grumbling with the police and advise the other significant specialists. • Try recovering access to your undermined accounts by using optional contacts. • Reset the secret word for different records and sites that were utilizing a similar secret word as the record that was undermined. • Perform a processing plant reset and legitimate designing of your gadgets that are affected (assuming you have your information sponsored up as of now). • Stay mindful of the present information that penetrates and different occurrences of the digital world to keep such episodes from happening again and remaining safe on the web.
12.10 Keep Track of Your Children Similarly as though you will wish to address your youngsters in regards to the web, you will also wish to help shield them against misrepresentation. Personality criminals normally target youths in light of their social protection assortment and records as a consumer periodically speak in a clean slate. You will encourage guard against extortion by being cautious once sharing your youngster’s very own data. It is also reasonable to comprehend what to appear for which may suggest your youngster’s personality traded off
12.11 Intrusion Detection System An IDS (Intrusion-Detection-System is defined as a system that monitors the NT (network traffic) for the suspicious activity and issues that makes alerts when such suspicious activity is discovered. IDS is a kind of utility and application software that scans entire network including a system for a harmful suspicious activity and police breaching activity [13] (Fig. 14).
12.12 Intrusion Prevention System Intrusion-prevention-system (IPS) is define as “a system that functions to monitor a network for suspicious and malicious activities on networks like security, privacy threats, and policy violations”. The main functionality of an IPS (intrusionprevention-system) is to detect and identify suspicious, malicious activity, and then
60
Q. Atta Ul Haq
Fig. 14 Representation of IDS (Intrusion detection system) [22]
Fig. 15 Representation of IPS (Intrusion prevention system) [24]
perform log information action, attempt to restrict and block the suspicious activity on network, after that finally report it to the administrator [23] (Fig. 15).
12.13 CAD CAD (Computer-aided-dispatch) is define as a method of dispatching the taxi cabs, couriers services, fields service technicians, mass (light and heavy) transit vehicles and the emergency services that is assisted by a computer based software called computer aided dispatch (CAD) (Fig. 16).
Cyber Crime and Their Restriction Through Laws …
61
Fig. 16 How Computer_Aided_Dispatching Works [16]
13 Conclusions Everyone knows that they are surrounded by a cyberspace (where a National and International communications of computer networks take place). In this chapter, the author explain the elaboration of fear and terror of cyber-attack and fear of stealing and editing of your personal information without your permission that is carried by a hacker. In this chapter, a detail explanation is given that a hacker can be stopped from stealing information by improving your computer system security by using different techniques (firewall, encryption, anti-malware, anti-spyware, IDS, IPS, CAD, cryptography). If some hacker steal your personal data and information, you need not worry. The author can control and suppress hacker by cybersecurity laws. Hacker can be muffled and restricted by the enforcement of cybersecurity laws, which is a big obstruction for hacker actions. A fear of cybersecurity laws and punishment by cybersecurity laws that makes hacker ponder against his unauthorized actions.
14 Key Terms and Definitions Cyber Space: The International and National conditions in which the communications of people occurs over the computer networks is called cyber space. Big Data: The term describes the volume of the large data and datasets, which includes the structured and unstructured data is called Big Data
62
Q. Atta Ul Haq
Suspicious Activity: Suspicious activity is the suspicious person whose attempt is to hide someone information and participate in some illegal action is called suspicious activity Cyber warfare: The virtual or constructive dispute initiated by provoking of politically motivated cyber-attack on an opponent computer or information system is called cyber warfare. Cybersecurity: The procedure or steps that are embraced to ensure the framework against the criminal transgressor or unapproved get to and the utilization of information of military, mechanical and business is called digital security Cyber Crime: A criminal way and movement that is received by an individual and a gathering using PC and web called digital wrongdoing Cyber-Laws: A legal way to protect information or give punishment to those whose are trying to hide your information and mak some illegal use of your information called cyber laws.
References 1. Miniwatts Marketing Group: stats. internetworldstats.com: https://internetworldstats.com/ stats.htm (2019, August 27) 2. Barry, M., Leiner, V.G.: Brief History of the Interne 1997. In: Barry, M., Leiner, V.G. (eds.) Brief History of the Interne 1997, p. 19 (2019) 3. Dambo Itari, E.O.: Cyber space technology: cyber crime,cyber security and models of cyber solution, a case study of Nigeria. Int. J. Comput. Sci. Mobile Comput., 94–113 (2017) 4. M Corporation USA: big-data-and-event-processing-pipeline-6e9664d0acef. www.medium. com: https://medium.com/@vptech/big-data-and-event-processing-pipeline-6e9664d0acef (2017) 5. Easttom, C.: Computer Security Fundamentals. 800 East 96th Street, Indianapolis, Indiana 46240 USA: David Dusthimer by Pearson (2012) 6. Jane LeClair, R.S.: National Cyber Security Institute Journal. Natl. Cyber Secur. Inst. J., 1–68 (2015) 7. Elsevier: Big Data Principles and Paradigms. Todd Green, India (2016) 8. Kyoung Jae Park, S.M.: A Case Study of the 2016 Korean Cyber Command Compromise. Legal Informatics and Forensic Science Institute Hallym University, Chuncheon, South Korea, Chuncheon (2016) 9. The Information Security ARM of GCHQ: Common Cyber Attacks: Reducing The Impact (2014) 10. Louis, M.: European Union Agency for Network and Information Security. Overview Of Current and Emerging Cyber-Threats (2013) 11. Alhaji Idi Babate, M.A.: (2015). State of Cyber Security: emerging threats landscape. Int. J. Adv. Res. Comput. Sci. Technol. (IJARCST 2015), 112–119 (2015) 12. Gazula, M.B.: Cyber Warfare Conflict Analysis and Case Studies. Cybersecurity Interdisciplinary Systems Laboratory (CISL) Sloan School of Management, Room E62–422 Massachusetts Institute of Technology Cambridge, MA 02142 (2017) 13. Manuel Cheminod, L.D.: Performance evaluation and modeling of an industrial applicationlayer firewall. IEEE Trans. Ind. Inf., 2159–2170 (2018) 14. Netwrix Blog: Top-10-Most-Common-Types-of-Cyber-Attacks. blog.netwrix.com: https:// blog.netwrix.com/2018/05/15/top-10-most-common-types-of-cyber-attacks/ (2018)
Cyber Crime and Their Restriction Through Laws …
63
15. TSR (The Software Reoprt): Top-25-Cybersecurity-Companies-of-2018. www.thesoftwa rereport.com: https://www.thesoftwarereport.com/top-25-cybersecurity-companies-of-2018/ (2018, Feb) 16. Michalsons: Cybercrime Law Around the World. www.michalsons.com: https://www.michal sons.com/focus-areas/cybercrime-law (2019) 17. UNODC (United Nations Office on Drugs and Crime): International-Human-Rights-andCybercrime-Law. www.unodc.org: https://www.unodc.org/e4j/en/cybercrime/module-3/keyissues/international-human-rights-and-cybercrime-law.html (2017) 18. Herjavec Group: Cybercriminal Activity is One of the Biggest Challenges that Humanity will Face in the Next Two Decades. Steve Morgan, Editor-in-Chief Cybersecurity Ventures, USA State 19. CCIPS (Computer Crime and Intellectual Property Section): The Department of Justice USA Former IT Administrator Found Guilty of Federal Charges for Hacking into Computers of His Former Employer in Irvine. Thom Mrozek Spokesperson/Public Affairs Officer United States Attorney’s Office Central District of California (Los Angeles), California (2018) 20. Check Point Software Technologies LTD.: 5th Generation Cyber Attacks Are Here And Most Businesses Are Behind A New Model For Assessing and Planning Security. 5 Ha’Solelim Street, Tel Aviv 67897, Israel (2018) 21. Leader, P.V.: Cyber Security Regained “Preparing to Face Cyber. EY (2018) 22. Leyi Shi, Y.L.: Performance Analysis of Honeypot with Petri Nets. Molecular Diversity Preservation International and Multidisciplinary Digital Publishing Institute (2018) 23. Asaf Shabtai, R.P.: Creation and management of social network Honeypots for detecting targeted cyber attacks. IEEE Trans. Comput. Soc. Syst., 65–79 (2017) 24. Martin, N.: Firewalls-How-is-Intrusion-Detection-System-Different-from-IntrusionPrevention-System. www.quora.com: https://www.quora.com/Firewalls-How-is-intrusion-det ection-system-different-from-intrusion-prevention-system (2016, July 10)
Recent Challenges in IoT Sumukh Maduskar, Maitri Gohil, and Ramchandra Mangrulkar
Abstract Internet of Things (IoT) is the extension of the Internet into everyday objects and physical devices. The IoT is expeditiously becoming ubiquitous. However, independent nodes and customized agreements in use, the privacy of data, coerce IoT security, being an upcoming agitation. These systems should be rated for their efficiency in heterogeneous networks and a wide range of protocols. IoT can be represented as a model with three layers of phases: Perception, movement, and functionality. Within security areas specifically, the lack of these standardization techniques creates issues to develop generalized research solutions to govern what needs to be protected. The challenges can be categorized according to their (IoT applications) usage as domestic, industrial, financial, etc. However, technical implementation and issues related to it are not the only concerns because of which IoT devices remain insecure. This chapter aims to elaborate on the challenges and privacy issues being faced by rapidly growing domestic appliances as well as Industry 4.0 revolution. The main objective is to represent the role of IoT in a day-to-day manner and the current as well as upcoming challenges in this emerging arena. Keywords Internet of things · IoT · Security · Privacy · Challenges in IoT · Ubiquitous computing · Blockchain · IoT applications · IoT security · OT · Modern developments · Cloud computing · Healthcare · Containerization
S. Maduskar (B) St. Francis Institute of Technology, Mumbai, India e-mail: [email protected] M. Gohil · R. Mangrulkar Dwarkadas J. Sanghvi College of Engineering, Mumbai, India e-mail: [email protected] R. Mangrulkar e-mail: [email protected] © The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd. 2021 P. N. Mahalle et al. (eds.), Security Issues and Privacy Threats in Smart Ubiquitous Computing, Studies in Systems, Decision and Control 341, https://doi.org/10.1007/978-981-33-4996-4_4
65
66
S. Maduskar et al.
1 Introduction Currently, most of the computing, as well as mobile equipment, are inner threaded through interconnected networks, thus moderately supplementing the computing paradigm to ubiquitous computing. Ubiquitous computing encloses its users with tractable data conditions that combine physical and logical foundations into incorporated circumambient. Existing living spaces will have hundreds or thousands of computing gadgets in them that will offer strict administration and better efficiency and cooperation between them. Computer engineers and software developers have defined these interconnected devices in several ways, for example, the Internet of Things (IoT) and fog computing. It is encouraged by the proliferation of new IP-enabled appliances that are transferring data back into the network. The IoT seems to be a revolutionary subject over the existing technologies, but actually, it is the comprehensive utilization of existing technologies with the creation of the new communication modes. In IoT, application platforms, services running on the provided platform, middleware components, networks gateway, and end nodes will be structurally ordered and used in entirely different ways. The Internet of Things provides a means to look into complex processes and relationships. Internet of Things (IoT), which is creating a network of networks of many “Things” communicating with one another, is still facing many technical challenges Several challenges thwart the securing of IoT devices because the concept of networking appliances and other entities is relatively novel. Security has not always been considered a top priority during the prototype phase in the production line. As IoT is a developing market, original equipment manufacturers (OEMs) compete in releasing their products in the market. They are not taking the crucial steps to build their products from the perspective of security in the initial stages. Now, devices not only collect the user data but also watch their activities, helping to develop an overview profile of users. Hence, IoT devices are always concerned about security and privacy. Specialists in cybersecurity have advised about the possible threat due to insecure nodes joining the networks. The growth of IoT environments includes the large volume of portable devices containing autonomous nodes and several other types of gadgets connected with universal access. Enterprises that are bringing new smart devices in their premises, without flexible but robust security solutions, could face significant problems. Ubiquitous networks are becoming a simple target for hackers. Private networks or small businesses that interconnect devices without paying enough attention to security measures are more at risk. In most cases, ubiquitous networks have been created with the proliferation of wireless and other mobile connectivity methodologies. These technologies often prove to be some of the weak points in the network topology. Securing ubiquitous networks does not signify only developing technologies but also finding innovative ways to implement existing security strategies. The remaining chapter is as follows—Section 2 outlines the numerous challenges encountered by IoT during implementation. Section 3 explains the ongoing security
Recent Challenges in IoT
67
problems and various trends to resolve those problems. It also presents a summary of the modern developments in IoT security. Section 4 includes the use of cases of IoT in various domains. Section 5 is the conclusion, while Sect. 6 has the references.
2 IoT Current Issues and Challenges Despite the massive efforts of standardization bodies, service partners, the association of various industries, and researchers, there is still a large range of problems to deal with to reach the full potential of IoT. These problems can be classified in different scenarios such as connectivity errors, performance issues, the paucity of trained technicians, and a major concern of privacy when the IoT network is bridged with the cloud platform. Internet of Things faces two major challenges to guarantee seamless network access; the first issue relates to the fact that today different networks coexist and the other issue is related to the big data size of the IoT [14].
2.1 Complications in Connectivity This is possibly the most ignored challenge since data connectivity has vastly improved. Yet, there still exist some areas where data connectivity is an IoT implementation challenge. Connectivity is an essential entity in IoT technology. At the perception level, the end nodes containing sensors, actuators, gateways collect information from their surroundings. This information is maneuvered to get processed on remote data centers or cloud services. Hence, the connectivity between heterogeneous devices and processing centers should remain uninterrupted. The data collected as well as data processed by these end nodes should get transmitted to data centers in a certain period. For example, if a batch of temperature and humidity sensors is accumulating the live forecast data, it is necessary to store it in regular time intervals in inappropriate data systems. This data can be used to speculate the weather report as well as to forecast future conditions. For this, data should be transferred to these systems from sensors, for which continuous delivery is essential in the networking scenario. Many times, the network establishment gets an exhausting task to the infrastructure teams in rural areas or inaccessible regions because of adverse geographical conditions over there. In such cases, the connectivity is negligible or not available to transmit or distribute the data among the end nodes in IoT infrastructure [2, 20] (Fig. 1).
68
S. Maduskar et al.
Fig. 1 IoT ecosystem and its security management
2.2 The Hurdle of Cloud Environment IoT tasks need many sensors to accumulate and deal with sizable amounts of data to create precise decisions in real time and the cloud is typically the hub for those activities. Generally, public clouds are used as they can handle large bandwidths, computations, and scalability demands. An organization can face issues when they collect, move, store, and secure data produced by IoT. IoT faces challenges in three sectors of cloud computing—network, storage, and security. For optimal results, the network needs to provide enough bandwidth to accommodate the flow of realtime data from the IoT devices in service. If the storage location is geographically away from the sensors, then more network hops are required, which results in slow processing and delay in the information needed. An increase in storage space can increase the cost of the cloud servers [24]. Besides, end nodes of systems are continuously connected to the central system to download and upload information that the devices collect to form the environment, for which they need to be well connected to the Internet. The roundtrip of processing information from the environment, sends a compressed representation of it to the cloud, the cloud has to uncompress that representation and process it and then the cloud sends the resultant information back to the device, hence cloud processing is slow. This low processing may work for devices that may not require immediate actions like smart refrigerators. But in high-end systems like autonomous self-driving cars, this system will result in accidents as it takes time to retrieve information from the cloud, thus, high processing power is required that will take decisions in the blink of an eye [21].
Recent Challenges in IoT
69
2.3 Inadequate Processing Resources An enterprise should diligently recognize the equipment, its hardware specification, and existing legacy machines based on their tasks and expected end product of the enterprise. When there are legacy machines that do not have required interfacing, the implementation becomes more critical. Therefore, identifying the physical devices and understanding the associated compatibility issues before actual implementation is necessary. In such cases, where standard processing technologies cannot work, new technologies like edge computing, come into the picture [10].
2.4 Lack of Skilled Workforce In emerging as well as a developed market, there is a lack of awareness as well as the lack of trained professionals who could manage the developments and upcoming challenging situations in IoT. Currently, the working professionals are bound to work under a centralized hood of IT systems that perform specific tasks for which they’ve been established in enterprises. But, unlike that, IoT is a different scenario. It is a conglomerate of diverse, distributed systems that perform as well as process tremendous data at edge level or with the assistance of cloud functioning. Henceforth, new systems need a massive amount of processing power with superior management resources. It is a critical factor while developing IoT platforms for the public or community as well as for an enterprise. However, the IoT market and systems both are facing inadequacy in skilled professionals as well as maintenance teams which will enhance the systems whenever needed and will ameliorate the system from existing issues along with tweaking their performance and reliability. IoT is a multi-disciplinary domain that requires professionals to not only master the main aspect of their genre but also learn associated faculties in engineering, design, and development and think out of the box for developing innovative solutions using technology. IoT is a specialized skill and currently, there are not many industry professionals who understand it completely. Even on the application side of IoT, one not only needs to understand the technology but also requires an understanding of the industry domain where it is going to get applied and the data relevance to map the processes efficiently.
3 Recent Security Trends in IoT Security—The protection of computer systems from the theft of or damage to their hardware, software, or digital data, as well as from the disruption or misdirection of the services they provide. For almost four decades, the term “security” has been used to define, to represent, or to dedicate the safeguarding methodologies for any
70
S. Maduskar et al.
computational system from any unwanted or more sophisticatedly said, illegitimate activity that occurred on the system intentionally or unintentionally. In terms of computer security or cybersecurity, it includes the protection and hardening of the system on physical as well as the logical level to ensure the CIA triangle (Confidentiality, Integrity, Availability). Similar to these terminologies, IoT Security is a field of cybersecurity concerned with protecting devices and their internetworks involved in that IoT system. It subsumes the connectivity to a network of multiple digital devices, mechanical instruments, even human beings, too. Every connected device you own can add another privacy concern, especially since most of them connect to mobile devices and the Internet. Now, the question arises—Why is IoT security essential? Appropriate practices of IoT security allow the developers as well as system maintainers to safeguard their appliances from all types of risks while arranging the protection level that can accomplish their applications’ needs. Cryptographic services are used to combat communication attacks and are offered for protecting the confidentiality of systems. A quarantine environment can be implemented to preempt software attacks. Eventually, IoT security should include damage protection and side-channel attack mitigation techniques for defending themselves from physical attacks on SoC (System-on-Chip) as well as application-based logical attacks on a software layer (Fig. 2).
3.1 Perception Layer At this level, IoT consists of endpoint devices with sensors and actuators within them. These endpoint devices are the first entity of the IoT ecosystem. The data traversing through these nodes is real time and critical in nature. The purpose of this layer is authentication, information privacy. Hence, from the hardware level perspective, these devices should be properly validated before deployment. Authorized manufacturers should be preferred during the implementation. As these manufacturers ensure their customers about the integrity and maintenance of their products, the process for inquiry and services after deployment gets easier. Broadcom Inc, Qualcomm Corp., Intel Corp., Arm Inc, etc, are the leading vendors in IoT devices and components manufacturing.
3.2 Network Layer The internetworking of IoT devices as well as with their global systems is another critical component of the IoT ecosystem. The network layer’s purpose is to validate the routing security. With various approaches in data routing, security is ensured. It assists the system in error classification and maintains performance even if any error has occurred. Thus, network topologies and the proper implementation of network practices are expected for better IoT security. In leading manufacturers for IoT networking
Recent Challenges in IoT
71
Fig. 2 Architecture of IoT [23]
devices, Cisco Systems, Ingram Micro, AT&T Corp, Juniper Networks Inc., etc, are some of the big names.
3.3 Application and Services Layer It consists of user-end applications and platform services offered by service partners and development ecosystems. It can be subdivided into two layers: 1. Application platform 2. Security and maintenance service. In the application platform, the developers and most of the enterprises prefer cloud platforms, nowadays. As the cloud is scalable and easy to maintain, the application development and delivery became faster and reliable. But, the developer of
72
S. Maduskar et al.
the application should ensure the IoT customer about the privacy of the data between IoT devices and cloud systems’ interconnection.
3.4 Security Issues As more and more devices are becoming smart and getting linked to the Internet, securing the devices from malicious payloads, ransom attacks, and protecting the data procured from the devices becomes a difficult task as the devices can be deployed anywhere from uncontrollable, hostile environments to restricted and safe environments. So, what are the major security challenges in the IoT arena?
3.4.1
Insufficient Updates and Testing
As you would have noticed, every week, there will be some updates regarding the operating systems (OS) or some software that you are using. These automatic updates keep the software and OS safe from the new viruses that keep coming on the Internet. Similarly, IoT devices need software and hardware updates regularly to secure them from malware. But the device manufacturers or OEMs are so focused on delivering the products that they don’t pay enough attention to device-related security. Many times, upgrade policies for endpoint devices are not maintained properly from the manufacturer’s side. They may get delayed or canceled because of a lack of auditing and unnoticed vulnerabilities. Due to this, the devices which were secure when the users first brought them are not secure as the technology upgrades and eventually gets prone to hackers and other security issues due to outdated software/ hardware. The end devices could be reprogrammed, (if they are not upgraded with the latest security patches) to send all the information not only to the registered server but also to the hacker. Thus, the possible threats to equipment can be categorized into three groups: eavesdropping, unauthorized access to data, and denial of service attack [16, 23]. As the volume and diversity of mobile devices rise, there is an increasing challenge to maintain classified information on these devices and to hold protection definitions updated. It will be impractical to require each device to connect to the cloud platform for up-to-date data. Such machines could have a very long service life, and their software and hardware may also be infeasible to update. However, they need to be kept safe every time.
3.4.2
Data Security and Privacy Concerns
The IoT devices work by regularly gathering information from their surroundings. User data such as name. mobile number, location, browser history, etc. are continuously being harnessed, stored, transmitted, and processed by large companies for
Recent Challenges in IoT
73
better user experience by using various IoT devices like smart TVs, mobile phones, HVAC systems, etc. Business research from IDC (International Data Corporation) forecasts that IoT systems will generate 40,000 exabytes of data till the end of 2020. Ensuring that this data collected in various forms should not get in the hands of hackers and stored securely is of utmost importance. Hence, data privacy continues to be one of the largest security issues in today’s Internet-connected world. Users’ profiles could be mapped by the information collected from various IoT devices. If hacked, the hacker can understand the profile preferences, behavioral patterns of users and leak confidential information. Thus, the privacy of the users can be compromised. Data can also be accessed by using the end devices. The gathered data is typically transferred by wireless mode in IoT systems; e.g., Wi-Fi, NFC, ZigBee, etc. For IT teams, it is a very laborious task to backtrack and inspect the status of endpoint devices in a multi-vendor environment. Unfortunately, if there is an insufficiency in managing the confidentiality and integrity of the data inside the network, the information transfers may get sniffed, intercepted, and disturbed easily. Most of the sensing devices are deployed in sites that don’t have direct human intervention. Strangers can also gain access to, monitor, or physically manipulate the devices [1].
3.4.3
Denial of Service (DoS)
Most of the IoT devices are linked to the cloud services and depend on the information exchange for smooth functioning. These services can be disrupted due to many reasons: network traffic, server failure, illegitimate activities. Many IoT devices are linked concurrently to the network, causing network congestion if they all are connected to the same public services through the same channel. Another reason for DoS can be the device that traverses into a region of low or no Internet connectivity. This can lead to loss of data which can be risky where the data needs to be continuously monitored.
3.4.4
Poor Network Visibility
In IoT ecosystems, undetectable elements within the network are one of the major vulnerabilities. Numerous devices are interconnected through a network from numerous locations via WAN in which networking devices are separated from control devices. The challenge here is that effective security policy is dependent on the ability of IT security professionals. It is a tough task for them to recognize each of the devices, assign the devices authentic ownership and restrict them under an appropriate group policy, segment them accordingly, and then actively monitor them even if they are not stationary. However, when IT professionals depend on manual analysis and traditional mitigation methods, this becomes extremely tedious and often leads to rogue access points, and shadow points for cybercriminals or scammers, allowing them to stay undetected.
74
3.4.5
S. Maduskar et al.
Headless Devices
Manufacturing cost is a major concern for most of the OEMs and equipment vendors due to the higher degree of demand of the market. To deliver the maximum amount from the production line, manufacturers fabricate the devices or equipment with only bare hardware. Such devices may consist of serious vulnerabilities, such as hard-coded back doors, improperly defined user group policies, which can be easily exploited if they are not appropriately protected. Cybercriminals are capable of deploying AI-assisted attacks that can detect and compromise such fragile nodes, transforming them into autonomous malicious proxies. Such proxies are able to attack unrestricted or open networks in a distributed manner by being a part of them or handling their traffic remotely.
3.4.6
Crypto-Jacking
Crypto-jacking is an uncertified way of mining cryptocurrencies from the victim’s system. This can happen by accessing a phishing email or malicious website unintendedly from a legitimate system. Improper control mechanism or absence of preventive measures, end devices become the most sought after target for cryptojacking attacks that exploit these devices. Crypto-jacking is a significant threat for private or enterprise networks that deploy OT to efficiently manage their largescale operations. Successful penetration into the network slows OT efficiency down, impacting the targeted organization.
3.5 Modern Approach 3.5.1
Implementing Blockchain in IoT
Blockchain is a decentralized ledger that facilitates the process of immutable transaction records and tracking assets on a network. An asset may be tangible or intangible. When a contract is generated, it is essential to have an agreement among the parties involved to maintain the knowledge. It is encrypted into a block of data that is having a unique cipher key. Multiple number of such blocks create an irreversible, immutable change. The benefit of these chains is to prevent any block from being manipulated or being altered with its positioning. In IoT systems, devices are allowed to send the collected or processed information to private blockchain ledgers for inclusion with distributed, shared transactions with impenetrable records. Blockchain-enabled IoT’s ecosystem to access and supply data without the need for centralized authority, as centralized systems are the prime target of hackers. In a blockchain, the information will be shared among all network nodes and encoded using a unique hashing algorithm. Hence, each transaction can be validated to avert the errors and ensure each end node is held accountable for the actions being performed on the network.
Recent Challenges in IoT
3.5.2
75
Containerization Solutions
Most IoT applications not only require integration with sensors and devices, but also need to accumulate the data from external networks, information bases, and external web services as well. Before deploying the end-devices, IoT device designers need to understand each device’s capabilities, according to the pre-planned models of the device, as upgrading their hardware may be infeasible, once the device is installed. On the contrary, the software will be upgraded with continuous engineering and at most, there might also be modest feature changes. One of the principal designtime decisions is which operating system will run on that device. Additionally, this decision impacts the system to assemble the software part of the device. But, IoT requires more flexibility and adaptability, which should be above device deployment. Hence, upgrading to a modular, container-based platform allows the system to confront the existing as well as upcoming laws with long-term support of the traditional approach. Hence, the containerization allows building modern microservices-based applications that can be deployed in IoT environments for better performance with a reliable environment.
3.5.3
Artificial Intelligence Based Security Measures’ Deployment
Artificial Intelligence is the simulation of smart devices that work and act the same as an ordinary human, especially computer systems. It has become an essential part of the IT industry. Proactive IT professionals are redesigning their security procedures to include AI as a part of integrated and autonomous security fabrics. Placing AI as the core of their network defense administrators can have the advantage to secure the digital transformation in IoT while preserving network integrity inside the IoT environment.
3.5.4
Advantages of AI in IoT
1. Increased Device Visibility: Administrators can keep track of each device in the network. Leveraging AI-assisted network access control it is possible to gain access to any device in the network at any given time. Thus, each device can be logged, tracked, assuring the required level of isolation within them. 2. Ease of risk assessment: As enterprises continue to inflate their digital networks, it becomes difficult to supervise risk assessment of all the devices in the network and keep pace with modern cyber threats. But with the help of AI, the IT teams can now swiftly gather the latest risk assessment report, spot the weak points in the network and incorporate fixes in the software that will help to defend against those attacks. 3. Automated threat containment: The security systems generate an avalanche of data on potential threats and indicators of compromises, which the security team needs to assess and respond to quickly. But, whenever the security systems are
76
S. Maduskar et al.
successfully breached, it is necessary to contain the threat as soon as possible because the longer the network violation resumes, the greater the damage is made to the system and the company may suffer severe losses. AI will help in automating the experimental features in IT as well as in OT operations, which will help the security team to sort through the data thoroughly, as well as allow defective nodes to be properly dismembered or disconnected before they have a possibility to escalate to other domains throughout the network. It provides outof-the-box sandboxing for a better understanding of the vulnerable environment.
4 Applications and Implementation from Platform Perspective Despite the challenges and bottlenecks in the present state, IoT has many benefits in today’s business world. It is beneficial enough, that many organizations are willing to take a risk, despite all its obstacles, and transit into the IoT world to get a headstart on their competition before it becomes a norm (Fig. 3).
Fig. 3 IoT Applications
Recent Challenges in IoT
77
4.1 Agriculture Implementing IoT in agriculture could have exceptional innovation. The demand for food must be fulfilled along with the increasing population. Various odds, for example, weather alteration, spoilt produce, intense agriculture methods, are impacting the overall sector. Hence, intelligent agriculture was invented. It is a profitmaking and modern way for mass cultivation and production. A system observes the fields with the set of sensors (light, humidity, temperature, soil moisture). Automated sprinkling systems are used for irrigation. IoT-based intelligent agriculture is not only bound to old methods but could also be applied to advance current trends in agriculture. These may contain irrigation management, crop protection, optimize nitrogen management, soil sensing, etc. Microsoft FarmBeats yields cognitive services to farming groups seeking to develop intelligent solutions to encourage environmental sustainability. The program is administered by senior researcher Raveen Chandra. The program provides an endto-end IoT model that comprises inexpensive sensors, drones, and computer vision algorithms to boost farm sales and profit. It also solves the problem of Internet connectivity by accessing unused TV white spaces to set up high-bandwidth links between a farmer’s home Internet connections and an IoT base station on the farm. All the IoT devices on the farm such as sensors, cameras, and drones connect to this base station, which is both solar and battery-powered. The base station utilizes weather forecasts to regulate its power usage which can help to prevent abrupt shutdowns from battery drain. Similarly, drones leverage an IoT-driven algorithm based on wind patterns to help accelerate and decelerate mid-flight, reducing battery draw.
4.2 Industry The industrial internet of things (IIoT) is the agglomeration of smart devices to amplify the performance of manufacturing and industrial processes. Widely known as Industry 4.0, IoT strengthens the potential of intelligent devices and real-time analytics to harvest the data into conventional appliances. The growth mindset behind industrial IoT is that intelligent devices are not only better than humans at grasping and interpreting real-time data rapidly, but they are also superior in communicating vital information that can be used to derive intelligent conclusions in modern business models, faster and more accurately. Predictive quality analytics extracts insightful information from industrial data sources such as environmental conditions, human observations, and manufacturing equipment to achieve the required quality of service. Using industrial IoT, industrial manufacturers can build predictive quality models that help them build better products. These high-quality products will improve customer satisfaction, decrease product recalls and increase the customer database for the company. Asset performance can be determined by capturing the state of the machines and types of equipment, which can be monitored by asset condition monitoring. In
78
S. Maduskar et al.
IIoT, you can capture all IoT inputs, such as temperature, heat generation, vibration, etc., and error codes indicate if the equipment is performing optimally. With increased visibility, you can maximize resource usage and fully capitalize on your investment. Another advantage is predictive maintenance. In this, the analytical data accumulated by various devices can be used to recognize potential failure or disintegration among equipment before its affection over worker safety, product lifespan, and supply chain maximization. IIoT continuously tracks and represents the status of involved end nodes in the network to perceive the information about issues in real-time. In 2016, Whirlpool Corporation announced a collaboration connecting Whirlpool home appliances with the IBM Watson IoT Platform. The data about how the devices are behaving and how they are being used in the real world are collected through the sensors connected on Whirlpool appliances such as washing machines, refrigerators, etc. which can be accessed through the IBM Cloud Platform. The data can also show customer usage of the machines, the time for which they are used and how the machines are responding. The benefit of this provision is that Whirpool can keep supervising and refining their products even after they are sold. Also, by analyzing this data, it will be easier for the company to tailor-make future designs according to the customers’ requirements [11].
4.3 Healthcare Before the invention of IoT, patients’ communication with doctors was limited to visits and texts. Thus, the doctors could not keep track of the progress of the patients until the patients visited them. Healthcare institutions are caught in a perfect storm of competing challenges to provide the best possible care for a growing number of patients while reducing costs and increasing efficiency. With the help of IoT-enabled devices, the users themselves can keep track of the progress of their health and get recommendations from doctors without having to visit them personally. Taking care of health today makes every investment valuable. For this, medical professionals would like to increase productivity while reducing equipment failures. In 2017, Philips announced the e-Alert system for MRI. It is a collaborative product of OpenMarket and Philips. The method integrates mobile sensor systems with the universal presence and reliability of OpenMarket mobile messaging. It prompts possible issues immediately with Magnetic Resonance Imaging (MRI) mechanisms, effectively recognizing possibilities that could lead to machine failure before the failure happens. To ensure MRI systems deliver the quality, efficiency, and uptime hospitals and patients need, critical factors such as cooled water supply, helium level, and humidity must be just right. Achieving the ideal balance of these environmental dynamics is key to optimum system performance. It allows users to supervise these crucial components 24/7 and notifies the hospital and Philips promptly. Hence, it enables them to find out the solutions to the problems preemptively.
Recent Challenges in IoT
79
4.4 Automobile There was a time when the idea of smart vehicles, vehicles that can guide themselves was considered a dream, as the technologies available in those times were underdeveloped to support that vision. However, the development of intelligent technologies like Machine Learning (ML), IoT (Internet of Things), and AI (Artificial Intelligence) has paved a path to make that dream a concrete reality. Cognitive computing along with IoT has enabled transformational changes in this sector. Through advanced communication capabilities and smart sensors, the IoT technology, in particular, is setting the path for the automotive industry and connected vehicles in the future economy. The key opportunities for automotive manufacturers include 1. Operational—including telematics, predictive maintenance, software updates, etc 2. Infotainment—in-car streaming and other consumer services 3. Value-Added Services—additional in-built intelligence to assist the owner 4. Self-driving/ autonomous vehicles Golden State Foods are one of the largest diversified suppliers to the FMCG sector, serving around 1,25,000 restaurants in over 60 countries from their 50 outlets. They are using cognitive analytics from their smart systems to improve the management and safety of their more than 2000 trucks, guaranteeing the punctual deliveries of their food supplies in the best condition. Transporting perishable materials such as meat items, milk products comes with its own set of challenges. Waiting time for deliveries increased by accident or scheduling errors not only spoils the perishable materials (like milk products, meat items, etc.) but also lessens the customers’ trust. However, if these vehicles are IoT-enabled, they become easier to track and maintain. This system is being practiced by Golden State Foods. Watson IoT Platform collects sensor data and analyzes it, which makes sure that issues are automatically reported and addressed before the situation gets worse. In order to optimize its performance, Golden State Foods are using IBM Blockchain. IBM Blockchain assists to create secure and unchangeable hyper ledgers, which can be viewed by individual stakeholders, improving visibility and accountability for involved parties. This enables them to provide their customers with fresher ingredients, improved food safety, fewer operational costs, and thus, increase the goodwill of the company (‘IBM Case Study Archives’, n.d.) (Figure 4).
5 Discussion As we know, we are surrounded by different gadgets and smart devices. There was no such shared connection which could have joined all of them. That became feasible because of IoT. Despite privacy concerns and compliance matters, IoT is
80
S. Maduskar et al.
Fig. 4 Various applications domains in IoT ecosystem
becoming universal. However, the heterogeneity of networks and mode of functioning, it becomes necessary for the devices in IoT to be standardized with specific procedures. Lack of these procedures creates issues in the required governance over different entities. The chapter strives to highlight the tragedies in the rising number of digital instruments in the industrial revolution. The central goal is to describe the purpose of IoT in the emerging world of technology. IoT is the incorporation of softwares, as well as hardwares in which securing both entities, is of absolute importance. A reader preferring to explore more about IoT and its security has an enormous source of articles, journals, chapters, books, and industrial case studies to refer. One can begin by apprehending the concept of IoT and the fundamentals of security. Then, there comes the practical usage of technology and the problem it is battling. A lot of big-time companies have documentation about their use cases which is a reliable source of knowledge. Readers should not only acquaint themselves with the IoT concepts but also gain detailed information about the ongoing research in it. Thus, the central goal of this chapter is to describe the purpose of IoT in the emerging world of technology from every perspective.
6 Summary IoT is a global infrastructure that links users, physical devices, and virtual devices using the Internet. It manages the information through computing devices. It bridges the logical and physical entities to provide the modern systems an ability to sense, learn, and process the data dependently as well as independently. The IoT is expanding briskly among diverse industries, maybe autonomous or dependent on
Recent Challenges in IoT
81
centralized governance, and are increasingly turning on the devices connected to the Internet in their environments. As more and more organizations continue to adopt IoT, the number of heterogeneous and resource-constrained devices in the network will continue to increase. As the market growth is becoming exponential, with an agitational networking paradigm, security parameters play an essential role but complex to handle. This chapter portrays a brief synopsis of the architecture and functioning of the IoT ecosystem and explains issues in IoT. IoT encounters many challenges, for example, connectivity, processing, cloud computing issues, lack of skilled workforce, data security, insufficient updates, etc. At present, IoT devices are insecure and incapable of defending the large-scale cyber-attacks. Various technologies like AI, containerization, Blockchain can be used to strengthen the security and thus protect the devices from malicious attacks are explained in brief. In this chapter, real-world applications of IoT with sector-wise focus had discussed. The Internet of Things assures a new way of computing when related to cloud, fast and distributed computing, big data, and information security. Consolidation from all the perspectives, the Internet of Things will encourage the development of smarter and intelligent applications. As technology continues to grow, new opportunities and services will be available for businesses. IoT will connect every possible device—from physical as well as the virtual world. Connectivity between the things shall be available to all at economic prices and owned by public entities. For IoT, best information understanding and interpreting, intelligent learning, fast deployment, against fraud and malicious attacks, and privacy protection are key necessities.
Bibliography 1. Abdullah, A., Hamad, R., Abdulrahman, M., Moala, H., Elkhediri, S.: CyberSecurity: a review of Internet of Things (IoT) security issues, challenges and techniques. In: 2019 2nd International Conference on Computer Applications & Information Security (ICCAIS), Riyadh, Saudi Arabia, 2019, pp. 1–6 2. Alansari, Z., NorBadrul, Amirrudin, A., Mohammad, K., Belgaum, R., Alshaer, J., Soomro, S., Miraz, M.H.: Internet of Things: infrastructure, architecture, security and privacy. In: 2018 International Conference On Computing, Electronics & Communications Engineering (ICCECE) (2018) 3. Alrawi, O., Lever, C., Antonakakis, M., Monrose, F.: SoK: Security evaluation of home-based IoT deployments. IEEE Secur. Privacy (SP) (2019) 4. Ammar, M., Russello, G., Crispo, B.: Internet of Things: a survey on the security of IoT frameworks. J. Inf. Secur. Appl. 38, 8–27 (2018) 5. Chasaki, D., Mansour, C.: Security challenges in the internet of things. Int. J. Space-Based Situated Comput. 5(3), 141–149 (2015) 6. Dimitrov, D.V.: Medical Internet of Things and Big Data in healthcare. Healthc Inform Res. 22(3), 156–163 (2016) 7. Dineva, K., Atanasova, T.: Security in IOT Systems (2019). https://doi.org/10.5593/sgem2019 8. Gou, Q., Yan, L., Liu, Y., Li, Y.: Construction and strategies in IoT security system. In: 2013 IEEE International Conference on Green Computing and Communications and IEEE Internet of Things and IEEE Cyber, Physical and Social Computing, Beijing, 2013, pp. 1129–1132
82
S. Maduskar et al.
9. Guth, J. et al.: A detailed analysis of IoT Platform architectures: concepts, similarities, and differences. In: Di Martino, B., Li, K.C., Yang, L., Esposito, A. (eds.) Internet of Everything. Internet of Things (Technology, Communications, and Computing). Springer, Singapore (2018) 10. Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A Survey on IoT Security: application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) 11. IBM Case Study Archives–IoT: https://www.ibm.com/blogs/internet-of-things/tag/case-study/ 12. Implementation and future trends. In: 11th International Conference on Wireless Communications, Networking and Mobile Computing (WiCOM 2015), Shanghai, 2015, pp. 1–6 13. Khanna, A., Kaur, S.: Evolution of Internet of Things (IoT) and its significant impact in the field of precision agriculture. Comput. Electron. Agric. 157, 218–231 (2019) 14. Kraijak, S., Tuwanut, P.: A survey on IoT architectures, protocols, applications, security, privacy, real-world. In:. Huh, S.C., Kim, S. (eds.) Managing IoT devices using blockchain platform. 2017 19th International Conference on Advanced Communication Technology (ICACT), Bongpyeong, 2017, pp. 464–467 15. Kumar, N.M., Mallick, P.K.: Blockchain technology for security issues and challenges in IoT. Procedia Comput. Sci. 132, 1815–1823 (2018) 16. Mahmoud, R., Yousuf, T., Aloul, F., Zualkernan, I.: Internet of things (IoT) security: Current status, challenges and prospective measures. In: 2015 10th International Conference for Internet Technology and Secured Transactions (ICITST), London, 2015, pp. 336–341 17. Mutlag, A.A., Ghani, M.K.A., Arunkumar, N., Mohamed, M.A., Mohd, O.: Enabling technologies for fog computing in healthcare IoT systems. Fut. Gen. Comput. Syst. (2018) 18. Sharma, M.L., Kumar, S., Mehta, N.: Internet Of Things application, challenges and future scope. Int. Res. J. Eng. Technol. (IRJET) 5(2), 1376–1382 (2018) 19. Sisinni, E., Saifullah, A., Han, S., Jennehag, U., Gidlund, M.: Industrial Internet of Things: challenges, opportunities, and directions. IEEE Trans. Ind. Inf. 14(11), 4724–4734 (2018) 20. Suo, H., Wan, J., Zou, C., Liu, J.: Security in the Internet of Things: a review. In: 2012 International Conference on Computer Science and Electronics Engineering, Hangzhou, 2012, pp. 648–651 21. Wang, T., Zhang, G., Liu, A., Bhuiyan, M.Z.A., Jin, Q.: A Secure IoT service architecture with an efficient balance dynamics based on cloud and edge computing. IEEE Internet Things J. 6(3), 4831–4843 (2019) 22. Yang, Y., Wu, L., Yin, G., Li, L., Zhao, H.: A survey on security and privacy issues in Internetof-Things. IEEE Internet Things J. 4(5), 1250–1258 (2017) 23. Zhang, Z., Cho, M.C.Y., Wang, C., Hsu, C., Chen, C., Shieh, S.: IoT Security: ongoing challenges and research opportunities. In: 2014 IEEE 7th International Conference on Service-Oriented Computing and Applications, Matsue, 2014, pp. 230–234 24. Zhao, K., Ge, L.: A Survey on the Internet of Things Security. In: 2013 Ninth International Conference on Computational Intelligence and Security, Leshan, 2013, pp. 663–667
Data Acquisition and Knowledge Management in IoT: Security Issues, Challenges, and Road Map Ahead Ganesh Shivaji Pise and Sachin D. Babar
Abstract In this digital era of IoT data storing and management is not a big issue however protecting of information and applying strong security on data is a major issue. The security issue and challenges in the Internet of things are directly linked to the large application of IoT system. This chapter starts with the introduction of IoT statistics, some IoT application domaina architecture, and feature of IoT safety. This chapter presents quite a few safety challenges and issues of IoT that live in the layered IoT architecture. In IoT data acquisition each IoT object that gathers information is a precious benefit. It is necessary to make sure that devices cannot disclose data to unauthorized users or parties. Thus the safety measures as well as major security challenges are concerned at all there layer in IoT architecture ithat is iphysical layer, network layer, and application layer. Keywords Sensor · RFID · IoT · Data security · Data acquisition
1 Introduction IoT—Internet of things is a set of several interconnected idevices, isuch as objects, humans that can share information and communicate all devices to each other. Common goal is to reach data in different areas and applications. Internet of Things has more than a few implementation domains like healthcare, smart home, connected car, smart city, smart grid, smart farming, safety, and security. Devices used in Internet of Things like sensor, smart mobile, smart watches, smart fire alarms, etc. these devices generate hues data for farther process. The recent technologies such as IoT helping business to get large volume of users data. Organization makes use of the acquired data for maintenance, analysis, as well as enhancing the effectiveness of G. S. Pise (B) Computer Engineering, SPPU Pune, SKNCOE Vadgaon (Bk), Pune, Maharashtra, India e-mail: [email protected] S. D. Babar Computer Engineering, SPPU Pune, SIT Lonavala, Pune, Maharashtra, India e-mail: [email protected] © The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd. 2021 P. N. Mahalle et al. (eds.), Security Issues and Privacy Threats in Smart Ubiquitous Computing, Studies in Systems, Decision and Control 341, https://doi.org/10.1007/978-981-33-4996-4_5
83
84
G. S. Pise and S. D. Babar
operation. This tendency of violent data collection and use has led to the increase of data-driven business practices. Though storing and sharing the collected data can be the most important concern for business leaders. Data privacy issues making headlines, businesses have to be very cautious with critical data. To apply IoT solutions in a secure and helpful approach, business leaders need to create an IoT data management strategy. A useful strategy can aid decrease the impact of cybersecurity risks and guarantee the privacy of data. Furthermore, IoT data management strategies permit business leaders to cut costs and implement IoT solutions efficiently. Smart home concept is the best application of IoT. It provides services like home monitor, centralizes control of all most all home appliances to the homeowner, access control, and most important is home safety. The fundamental thought of smart office, homes connected to the network with typical protocol for device interaction. Smart sensors, cameras are used for the same [1]. Now iIoT is more useful to the farmers for providing accurate agriculture information related to farming environmental conditions like current sunlight, current humidity, and current moisture and about wind speed. This IoT technique helps farmer to take timely and perfect decisions to improve the quality and productivity. In IoT—Internet of Things it has been observed that most of the IoT devices are very much capable to process the data, communication capability, data storage capacity, data transmission rate, as well as communication range, e.g., Ethernet, smartphone, laptop, etc. but some of the IoT devices have less capable in data security, communication range, data processing, and knowledge management. So in this chapter security issues challenges and road map are discussed. This paper is organized as follows. Section 2 describes the background of IoT devices, application of IoT, and layered architecture that will be used in this study. Section 3 describes different IoT challenges; security challenges layer-wise security attacks. Section 4 describes IoT security issues at different layers. Section 5 analyzes our conclusion and future work.
2 Background The Internet of Things (IoT) main aim is to improve day-to-day life, for example, cities, homes, environmental monitoring, and extensive hospital. The IoT model depends on interconnect to the variety of devices connected by the Internet using heterogeneous access network, for the purpose of exchange the information with gateway as well as sink. Sink can process the received data or information from various IoT devices and transfer it to other smart devices if required [2]. It is expected that up to 2030 IoT will play a very important role in technology, in 2030 thirty billion IoT devices will be connected to Internet. In 1962 JCR Liklider coined concept Internet that is initially called as Galactic network which is used to interconnect a set of computer device for the access data,after that DARPA concept comes into existence and finally ARPANET where the first hot computer was connected. After this more and more revolution done on Internet, nowadays not only computers are
Data Acquisition and Knowledge Management …
85
interconnected but also small smart devices like laptop, smartphone, and sensors are connected to Internet. So that such smart tiny devices have become essential components of human life. Using wireless technology and mobile technologies users’ daily life has become more convenient and more efficient as compared to a wired network. With help of wireless network technologies we use online services at any place. Such as reading online contents, sending information with the help of software applications, booking movie tickets, chatting with friends, home automation, playing online games, and so on. However many critical tasks have become easy now because of the integration of computers and smart devices. These small computers/laptop and smart devices like mobile phones, sensors, and cameras with the help of present information technology environments are becoming revolutionary. It can change the life of people, businesses, etc. Nowadays smart intelligent devices play an important role in human life, all these small intelligent tiny devices developed with full advanced software and strong hardware can perform all the operations and processes whenever required. Nowadays human requirements/expectations are more for fast data access and process, to fulfill this user’s requirement various devices have been developed and used in regular activity. For example, smart house, hospital, office automation, and business organization, etc. in this digital world Internet of Things plays a very important role to fulfill the human’s expectations. Day-by-day everywhere IoT is used, e.g., safety and security, quality control, factory digitalization, product flow management, smart home applications, health care, smart cities, agriculture, and so on. By considering the many application domains of IoT defined as it is a system of interrelated smart computing devices, objects, or animals that are provided with unique identifiers. UID has a good ability to transfer information from any device to any network without requiring person to person or person to computer. So since the last two centuries human technological development rate is increasing very fast. Nowadays everyone is connected to different devices with the help of network like advanced phone, desktop, laptop, personal digital assistant (PDA), by considering this growth of IoT network. In future with the help of IoT all computing devices will communicate with each other without any human interference. Kevin Ashton coined the term IoT in 1999 [3]. IoT has been used to connect electronic smart computing devices like computing sensor, computing electronic devices to the web network. Recently IoT has been illustrated more and more and the same process is going on till date. In 2005, ITU–International Telecommunication Union has posted yearly information on IoT (Srivatsava 2005). International Telecommunication Union has noticed that radiofrequency ID and computing technology had opened an era that interconnects worldwide things altogether at macro level. ITU-TY view there is no any standard IoT architecture. So IoT layers have been arranged into three different layers like physical, network, and application [4]. In IoT, every layer is defined by its functions and which devices that are used in the layer. It has been observed that there is a diverse opinion about how many layers in IoT. So according to several researchers [5], the Internet of Things operates on three important layers named as application, network, and physical. IoT layer has different
86
G. S. Pise and S. D. Babar
Fig. 1 Three-layer IoT architecture
security and privacy issues, Fig. 1 describe the three-layer architecture framework of IoT with respect to the smart tiny devices and technologies that encompass each layer. The physical layer is also called as the sensors layer in the Internet of Things. With the help of different sensor or smart tiny devices, physical layer can collect the data or information do process on it and sent to the next upper layer that is network layer. Physical layer can collaborate different nodes with large and small type of network [5]. Next important layer in the architecture framework is network layer it works as data routing and broadcasting to several IoT Hub as well as other devices over the Internet. Network layer operates very recent technologies such as Bluetooth, WiFi, LTE along with IEEE802.15, IPV6, IPv4, Zigbee, MQTT, and also it handles cloud computing platforms, Internet gateways, switching, and routing devices, etc. The network gateways work as the mediator between different IoT nodes by aggregating, filtering, and transmitting data to and from different sensors [5]. The third layer is the application layer which provide guarantees of authenticity, integrity, and confidentiality of the data. At this layer, the purpose of IoT or the creation of a smart environment is achieved. In [6], the author described the security problems and some solutions at each layer of IoT.
Data Acquisition and Knowledge Management …
87
3 IoT Challenges • Information Management: nowadays the main challenge is that everywhere hues amount of data are generating that data should be distributed between the significant entities or objects. Data generated by smart devices may be redundant and compressed. Therefore advanced method must be required to remove duplicate data which have to transfer over the wireless network. • Connectivity: in the future of IoT, data collection and data distribution from one device to other devices is the big challenge. So, narrative MAC protocols should be developed to fulfill such challenges [7]. • Security: connecting tremendous quantities of gadgets to the web uncovered the IoT system to genuine security vulnerabilities, even more so since the important elements are exceptionally restricted. In like manner, issues, for example, information encryption, validness, and weakness to assaults (e.g., gadget pantomime) are profoundly significant for the IoT worldview’s constant extension [2]. • Privacy: the Internet of Things creates exceptional privacy challenges. As the data transmitted on the Internet of Things may be top secret (e.g., activity monitoring, health reports), the collecting and sharing of such data create big challenge to data safety and privacy [8]. From last few years tremendous research is done in Internet of Things but there is some scope to review and address some security challenges and issues in current IoT applications in this section some threats at IoT layered architecture needs extraordinary concentrations are discussed [9]. IoT Safety Issues are Mostly Manifested as Follow: • Beginning step is to secure Internet of Things data or information to offer, first one is the sensor security, second one is the sensor interference, and last one is the signal intercept by the tiny sensors. • The second step is to keep the process of different components such as sensor action and broadcast systems to be protected. • The third step, information security, furthermore, live in numerous components, and it needs information inside the gadget sensor, the communication gadget framework, and the handling gadget never again be taken [10]. If the above issues are unable to handle nicely in the IoT, the economy and security could be at risk. So, it is very important to concentration come across at security dilemma may be encounter inside the usefulness of factors, to present and enhance its safety troubles counter-measures [10].
88
G. S. Pise and S. D. Babar
3.1 Physical Layer Challenges Unauthorized access to tags: Due to the improper verification method in RFID systems, tags might be accessed by unauthorized applications. In this case attacker not only observe information but also can modify the important data or they can delete the data [9]. Node Capture Attacks: Enemy or attacker knows how to take hold and how to handle the node or they can replace the node. As a result this attack is also called node replication attack. Most of the time such attacks made a severe impact on the network [11]. Tagcloning: Tags are connected to various things or gadgets which might be seeing and information might be analyzed and misshaped with few hacking procedures. There for it can easily capture by any cybercriminal who can make a reproduction tag and next be modifying it and reader machine can’t make a decision which one is unique and which one is compromised tag [9]. False data injection attacks: In this IoT device or node, the attacker can insert false details in the surrounding area of common facts considered by the capture node, and broadcast the fake details to the IoT application. After getting the incorrect data, IoT application will not work as per the decided objects so it will offer incorrect data [11].
3.2 Network Layer Challenges Major principle of network layer in the Internet of Things is to send data which is received from physical layer, the security challenges in the system layer center around the effect of the availability of system assets. It comprises the WSN which transmits the information from the sensor to its objective alongside consistency [11]. Related Security Problems are Discussed Below: Spoofing Attack: in this attack, the attacker enters into the IoT host node, devices, or framework and steals or wipe out information. Common spoofing attacks are IP address, ARP, DNS server. Sinkhole Attack: in the IoT environment it is the most critical routing attack. Such type of attack creates network traffic and disturbs the network communication. Sinkhole can create false information and transfer the path request to the adjacent computing node or devices as well as such types of attack can use the different routing metrics. Denial of Service (DoS) Attack In this attack, network is overwhelmed with an ineffectual gathering of traffic with the assistance of an attacker, bringing about valuable skill reduction of the focus on the structure due to which the system will get inaccessible to clients [12].
Data Acquisition and Knowledge Management …
89
3.3 Application Layer Challenges Following are the few challenges of the application layer described below. The main objective of application layer is to provide interactive mechanisms to the customer. So more challenges are addressed at this layer and more awareness on the different types of software attack [11]. Phishing Attack: In this attack, the attacker can collect the personal data of information of user, for example, user identity and user passwords. Spoofing the verification accreditations of clients by means of the exciting messages and phishing sites [13]. Malicious Virus/worm: The attacker can pollute IoTapplication with malicious self-propagation attacks with secret data and information [14]. Sniffing Attack: Attacker can force an attack on the system by introducing sniffer usefulness into the machine, which can help network specifics resulting in fraud of the machine [9].
4 IoT Security at Different Layer 4.1 Physical Layer Physical layer work about information or data collection, object control, and object perception. It can be divided into two parts: physical device, for example, device sensors or controllers and physical layer that communicate with the above layer that is called the transport layer. Physical node is mostly used for data control and data acquisition. Physical layer sends data/information to the local IoT gateway or sends control instruction to the controller. Physical layer includes RSN, RFID, GPS, WSNs, technologies [15]. At first device verification is very important to save you illegal device get correct of entry to; verification isaachieved from side to side cryptographic hash algorithms which offer digital signaturess to end devices that would endure all feasible known attacks such as side-channel attack, brute force attack, and collision attack [16]. This forestalls an illicit passage to the sensor information while collecting or sending it to the diverse layer. It is accomplished with little vitality use and with no issue [16]. With respect to ensuring the significant information, the mystery of the region and gadget personality is gotten by utilizing the k-anonymity strategy which guarantees the security of information like the acknowledgment of information, the situation of information, and different clients. (Mike Burmester) physical procedure or a blend of every technique is utilized for providing RFID security.
90
G. S. Pise and S. D. Babar
4.2 Network Layer In the IoT network layer different types of attacks are talked in network layer challenges. Because of the genuineness of the remote channels, interchanges might be checked easily by a couple of programmers or hackers [9]. With the assistance of a fitting verification strategy and start to finish encryption, unlawful passage to the sensor hubs to open out bogus information could be stayed away from [9]. After this authentication techniqueand steering calculations are utilized to ensure the private information trade among the ssensor hubs and the preparing frameworks. The routing security is guaranteed by bestowing more path for the information routingg which expands capability of framework to lurch on mistake and continue performing upon any kind of disappointment inside the framework [9]. With the making of IP proportional conventions for the IoT, the IoT gadgets are in a spot to communicate with various system gadgets each with their networkk and history that with low security dangers (Mike Burmester), [17], (Mitrokotsa 2013), [18].
4.3 Application Layer Application layer not only incorporates with middleware but also it covers all security method. The security classification is stated as [9] Isymmetric key cryptosystem and public key cryptosystem, and certification transfer technologies are used to increase aauthentication and key agreement with indistinctive net. Information security is guaranteeing by means of various encryption innovation which spares from information taking dangers. Furthermore, to maintain a strategic distance from different pernicious exercises from unapproved clients, Anti-Dos firewalls, and refreshed spyware and malware are presented [9]. Interruption discovery technique suggests an answer for different security issues by producing an alert at the occurrence of some doubtful movement in the framework because of then on quit checking and safeguarding a log of the.interloper’s exercises that may assist with subsequent the intruder. Gubbi and Buvya stated interesting recent intrusion detection methodology which incorporates with data mining technique and anomaly findings. In Internet of Things platform, middleware might be utilized stage that underpins interoperability, and it might offer security for IoT components and data. As a result, still we describe middleware configuration, security, and use of multii-communication standard are taken into consideration [19]. Some important security methods in Internet of Things are privacy, trusted data, trusted resources, proper validation, accessibility, and response securely. In IoT encryption and decryption method help us to achieve more privacy. Information trust ability is checked by using MIC—message integrity code. IDS and firewalls are used to ensure the good accessibility. In IoT reply protection or privacy, two basic methods are used first is time stamp and second is sequence number [20]. Along with all the above security techniques IoT framework is used in
Data Acquisition and Knowledge Management …
91
biometric verification method to design security events. Nowadays smart biometric authentication method contains face scanning and eyes scanning similar to smart android mobile phone, IoT smart devices are designed in such a way that every object or senor consists of fingerprint so that devices can certify only authenticate user can get enter into IoT device.
5 Summary This chapter focuses on the security and privacy framework and different security and privacy issues of layered architecture in IoT, basically it has been separated into three layers: physical llayer, networkl layer, and application layer. We have discussed the features and security problems at each and every layer, along with this we have given a brief introduction and equivalent solutions for listed problems. In the period in-between, we focused on data acquisition at physical layer and some current security issues and some challenges. For physical layer, wireless sensor network, radio frequency ID technology importance, we discussed the safety-related problems of radiofrequency ID and equivalent methods like symmetric and iasymmetric encryption algorithms. As well as physical layer challenges such as unauthorized access, node capture attack, tag cloning, false data injection attack, etc. then we discussed security issues and challenges and technical solutions in the network layer and application layer. Along with these issues we have included the history of IoT and impact on user life, change in user’s life after the tiny smart devices, some IoT application domain, etc.
References 1. Gaikwad, P.P., Gabhane, J.P., Golait, S.S.: A survey based on Smart Homes system using Internet-of-Things. In: 2015 International Conference on Computation of Power, Energy, Information and Communication (ICCPEIC) (pp. 0330-0335). IEEE (2015) 2. Mahalle, P.N., Anggorojati, B., Prasad, N.R., Prasad, R.: Identity authentication and capability based access control (iacac) for the internet of things. J. Cyber Secur. Mob. 1(4), 309–348 (2013) 3. Padmavathi, D.G., Shanmugapriya, M.: A survey of attacks, security mechanisms and challenges in wireless sensor networks (2009). arXiv preprint arXiv:0909.0576 4. Liu, L.A., Lai, S.L.: ALOHA-based anti-collision algorithms used in RFID system. In: Proceedings of the IEEE International Conference on Networking and Mobile Computing, pp. 1–4, 2006 5. Atzori, L., Iera, A., Morabito, G., Nitti, M.: The social internet of things (siot)–when social networks meet the internet of things: concept, architecture and network characterization. Comput. Netw. 56(16), 3594–3608 (2012) 6. Zhao, K., Ge, L.: A survey on the internet of things security. In: 2013 Ninth International Conference on Computational Intelligence and Security, pp. 663–667. IEEE (2013) 7. Da Xu, L., He, W., Li, S.: Internet of things in industries: a survey. IEEE Trans. Ind. Inf. 10(4), 2233–2243 (2014)
92
G. S. Pise and S. D. Babar
8. Ali, M., Ali, R., Khan, W.A., Han, S.C., Bang, J., Hur, T., Kang, B.H.: A data-driven knowledge acquisition system: An end-to-end knowledge engineering process for generating production rules. IEEE Access 6, 15587–15607 (2018) 9. Soni, M., Kumar, K., Sharma, A.: A review on security and privacy in application of IOT in Smart City (2018) 10. Qiang, C., Quan, G.R., Yu, B., Yang, L.: Research on security issues of the internet of things. Int. J. Fut. Gen. Commun. Netw. 6(6), 1–10 (2013) 11. Lin, J., Yu, W., Zhang, N., Yang, X., Zhang, H., Zhao, W.: A survey on internet of things: Architecture, enabling technologies, security and privacy, and applications. IEEE Internet Things J. 4(5), 1125–1142 (2017) 12. Mukaddam, A., Elhajj, I., Kayssi, A., Chehab, A.: Ip spoofing detection using modifiehop count. In: Proceedings of 2014 IEEE 28th International Conference on Advanced Information Networking and Applications, May 2014 13. Jagatic, T.N., Johnson, N.A., Jakobsson, M., Menczer, F.: Social phishing. Commun. ACM 50(10), 94–100 (2007) 14. Bhupendra Singh, T., Chaudhary, S.: Content sniffing attack detection in client and server side: a survey. Int. J. Adv. Comput. Res. 3(2) (2013) 15. Qu, J., Athanasios, V., Jiafu, W., Jingwei, L., Dechao, Q..: Security of the Internet of Things: perspectives and challenges. Published online: 17 June 2014 Springer Science+Business Media New York 2014. 16. Maleh, Y., Ezzati, A.: A review of security attacks and intrusion detection schemes in wireless sensor networks. Int. J. Wirel. Mobile Netw. (IJWMN) 5(6) (2013) 17. Benjamin, K.: RFID as an enabler of the internet of things: issues of security and privacy. In: IEEE International Conferences on Internet of Things, and Cyber, Physical and Social Computing, 2011. 18. Li, L.: Study on security architecture in the Internet of Things. In: Doyle, W.D.: (eds.) International Conference on Measurement, Information and Control (MIC), 2012 “Magnetization Reversal in Films with Biaxial Anisotropy, in 1987 Proceedings of the INTERMAG Conference, pp. 2.2-1–2.2-6 19. Ravindran, R., Yomas, J., Jubin Sebastian, E.: IoT: a review on security issues and measures. IRACST: Eng. Sci. Technol.: Int. J. (ESTIJ) 5(6) (2015). ISSN:2250-3498 20. Aminesh, P., Park, J.M.: An overview of anomaly detection techniques: Existing solutions and latest technological trends. Comput. Netw. 51(2) (2007) 21. Abbasi, M.A., Memon, Z.A., Memon, J., Syed, T.Q., Alshboul, R.: Addressing the future data management challenges in iot: A proposed framework. Int. J. Adv. Comput. Sci. Appl. 8(5), 197–207 (2017) 22. Ahmed, N., Kanhere, S.S., Jha, S.: The holes problem in wireless sensor networks: a survey. ACM Sigmobile Mobile Comput. Commun. Rev. 9(2), 4–18 (2005) 23. Andrea, I., Chrysostomou, C., Hadjichristofi, G.: Internet of Things: Security vulnerabilities and challenges. In: 2015 IEEE Symposium on Computers and Communication (ISCC), pp. 180– 187. IEEE (2015) 24. https://smart.electronicsforu.com/2017/11/03/3087 25. Wang, X., Yu, W., Champion, A., Fu, X., Xuan, D.: Detecting worms via mining dynamic program execution. In: Proceedings of Third International Conference on Security and Privacy in Communications Networks, 2007
Security Measures and Frameworks
OAuth-Based Authorization and Delegation in Smart Home for the Elderly Using Decentralized Identifiers and Verifiable Credentials Parikshit N. Mahalle and Gitanjali R. Shinde
Abstract Due to Internet of Things (IoT), computing and communication is transforming from one-to-one to many-to-many, where multiple devices and users are interacting with each other. IoT is mainly service-oriented smart communication network and smart home is an important and developing use case of the IoT. Smart home consists of collection of smart things. Theses smart things consist of smart home system in which light control system for home, healthcare system, remote assistance, etc. are provided. All these systems communicate with each other in order to provide services. The main objective of this use case is to deliver multiple services seamlessly to all the elderly people living in the smart home. To take benefit of these services the end user may try to access services and IoT devices. However, only authorized users should be allowed to access and use services autonomously as elderly people cannot participate in the process. Hence, it is important to verify the access rights of end users and there is requirement of secure authentication and authorization mechanism for specifying/controlling access to the resources. In this paper, we present authorization and delegation challenges in the smart home for the elderly where there are many constrained devices and the people who are bedridden or guarded. This paper discusses the visitor use case for the smart home scenario and the need of delegating access to resources. This paper proposes an OAuth-based delegation using decentralized identifiers (DIDs) and verifiable credentials (VCs). This paper also discusses the benefits of applying DIDs and VCs for delegation in constrained environment. Keywords Internet of things · Decentralized identifiers · Verifiable credentials · Authorization · Security P. N. Mahalle Center for Communication, Media and Information Technologies (CMI), Aalborg University, Copenhagen, Denmark Department of Computer Engineering, Smt. Kashibai Navale College of Engineering, Pune, India e-mail: [email protected] G. R. Shinde (B) Smt. Kashibai Navale College of Engineering, Pune, India e-mail: [email protected] © The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd. 2021 P. N. Mahalle et al. (eds.), Security Issues and Privacy Threats in Smart Ubiquitous Computing, Studies in Systems, Decision and Control 341, https://doi.org/10.1007/978-981-33-4996-4_6
95
96
P. N. Mahalle and G. R. Shinde
1 Introduction Service providers are enriched with the user’s information which has become vital asset for them. Current business models are biased more toward service provider and therefore authorization and access control is the crucial issue in this connected digital world. Privacy protecting measures and scalable authorization are the need of IoT where most of the services and applications rely on disclosure of personal information [1–3]. Nowadays, the numbers of internet-connected devices are increasing at faster rate and it is creating more risk of attacks on security. Smart home for the elderly or disabled people is more specialized use case where they are living alone at the smart home. They are being taken care by their kids or relatives often but remotely. Smart home for elderly and disabled family members helps to improve not only the quality of life and ease of use but also provides caretakers peace of mind. Smart locks (smartphone-operated locks relying on code rather than keys), medical alert devices (for emergency medical services), automated thermostats and lights (smartphone-operated devices for ease of use), and motion alert devices (for detecting suspicious activities) are few important devices in smart home for the elderly. Measuring home conditions, managing home appliances, and controlling home access for visitors are key challenges in smart home for the elderly where they have to rely on the technology. Therefore, it is important to provide the automated mechanism for authorization which meets all the requirements. However, as compared to this growth, there is lack of privacy-preserving solutions which can be applicable to newest scenarios. The IoT devices must be capable of preventing security attacks as security framework requires resources like enormous memory, more computational capability, uninterrupted large energy source, etc. However, in IoT, many devices are resource constraint, i.e., less computational capability, battery power, smaller memory, etc. [4]. Self-sovereignty [5] is an emerging solution for privacy of users and their IoT devices which uses decentralized identifiers (DID) [6] and verifiable credentials (VC) [7] as fundamental building blocks. The main advantage of DID is secure encrypted private channel with a person, institution, or device. It also provides VC-enabled digital attestation of identities. These identities help in making the communication more secure. The smart home is equipped with smart appliances such as smart door locks, smart light bulbs, sensors, HVAC, surveillance camera, etc. All the smart devices deployed in the home are under the control of smart home owner and single device can also be shared between users. Different users in smart home environments are visitors, guests, and friends. Even though these looks in the same category but their access control requirements in terms of privileges and duration are different. Therefore, it is challenging to define access control policies that can satisfy all of user’s ad hoc behaviors and demands [8]. The sharing of the devices, services, and delegation is also the main challenges in the smart home. Smart home consists of many communication connections like Internet, telephone, television, home security services, monitoring and alerting, etc. These all connections are integrated into home gateway (HGW) and it acts as key connecting component
OAuth-Based Authorization and Delegation …
97
between smart home infrastructure and Internet, cloud. Remote users can then access smart home services or information on cloud through their mobile smartphones. A HGW is also responsible to authorize smart home users and their access using predefined access control policies. A HGW required control specified by house owner to the door lock and is also authorized to access logs from door lock of the smart home. Bob is owner of the smart home and he can create digital key controlled by HGW that provides required control to all devices in the house based on predefined policies. Monitoring system running at home gateway notifies Bob that refrigerator is not functioning and logs complaint to the customer care of the refrigerator company. It is important to discuss whether the complaint is to be placed without house owner consent or it is to be decided based on some policies written at HGW. The policies may be written based on the parameters like level of repair, cost, downtime of the service, etc. Company then sent its technician to home and the problem is to give him access to door lock as well as refrigerator lock to control the repairing for limited time wherein the door lock and the refrigerator lock is in control of HGW. The above use case addresses the importance of having to deal with user and IoT device authorization problem where there are multiple parties involved. Moreover, most IoT devices have limited resources, such as low computational power or battery capacity. Therefore, devices like door locks and refrigerator lock cannot support complicated security mechanisms as well as the processing of DIDs and VCs. Decentralization (eliminates single point of failure) and privacy (minimal and selective disclosure) are the main design goals of DIDs and VCs. Although DIDs and VCs do not need central authorities, the distributed technologies like distributed ledgers, blockchain, or other form of decentralized network can be used for registration and storage. For smart home use case, the private blockchain may be more appropriate where pre-approved participants with known identities can only access it. The use case also justifies the need to build security service on the OAuth framework [9] and its ACE extension (Authentication and Authorization for Constrained Environments extension for OAuth) [10], and relies on the authorization server (AS) to authenticate the door lock and refrigerator lock to technician to process the authorization request from technician. There are four entities considered in the use case for delegation procedure and are listed below: 1. Owner: Person having required control on all the devices in smart home. 2. Trusted party (HGW): IT is authorized to grant access depending on DIDs and VCs. 3. Visitor: Technician requesting access to door lock and refrigerator lock. 4. IoT device: Door lock and refrigerator lock. The delegation flow among these entities is presented in Fig. 1. However, a method for delegating the processing of decentralized identifiers and verifiable credentials to the OAuth Authorisation Server is explained in the next section. This paper presents access control and delegation challenges for the constrained home IoT. This paper justifies the need of DIDs and VCS for providing privacypreserving identifiers and authorization, respectively. This paper analyzes existing
98
P. N. Mahalle and G. R. Shinde
Fig. 1 Delegation flow
authentication and authorization solutions and their limitations in order to apply them to the constrained environment. This paper proposes a method of delegating the processing of DIDs and VCs to OAuth authorization server instead of constrained IoT devices. The key feature of ACE, i.e., proof-of-possession access token and its utilization for authorization over insecure links between client and protected resource, is presented and discussed in this paper. Finally, the paper presents discussion of the proposed method and identifies opportunities for further enhancing the method. The rest of the paper is organized as follows: Sect. 2 describes various authentication and authorization methods and solution for IoT devices. Section 3 presents the need of self-sovereign identity (DIDs and VCs) as an upcoming standard to achieve privacy enhancement in the IoT. Section 4 presents the related work regarding authorization and access control in smart home for the elderly. Section 5 proposes OAuthbased delegation for the home IoT using DIDs and VCs. Section 6 discusses formal analysis of the proposed method. Finally, Sect. 7 concludes the paper with future outlook.
2 Authorization and Delegation with IoT Authorization is based on the three aspects; first, is the way of defining the authorization rules and properties, i.e., access management; the second aspect is an evaluation of authorization; and the third aspect is the interaction between the end points of the system for authorization. The second aspect is implemented using different access control models, e.g., access list, access matrix, and capability lists. The third aspect is fulfilled using different authorization protocols. In this paper, we focus on the authorization mechanism; few mechanisms are discussed as follows.
2.1 OAuth 2.0 OAuth 2.0 [9] is framework for authorization or rather delegation of authorization. It defines four roles: resource owner (user), resource server, client, and authorization server. The resource owner is typically the user. The resource server is an entity, which is hosting the protected resources, capable of accepting and responding to
OAuth-Based Authorization and Delegation …
99
the request for the usage of protected resources using access tokens. A client is an application requesting access to the protected resource, and the authorization server is an entity that is responsible for issuing access tokens to the client after successfully authenticating the resource owner and obtaining authorization. The client generates requests for authorization to the resource owner. After successful authorization, the client will request an access token from the authorization server. The authorization server checks the authorization grant and issues the access token to the client. OAuth 2.0 classifies two types of the clients, confidential and public clients. The confidential clients can provide security to the credentials and public clients are not capable of providing the security. OAuth 2.0 is applicable to the IoT settings, as before accessing resources the client will send a request to the resource owner. For security and privacy purposes, it is important to get the resource owner’s consent before accessing an IoT device or it uses predefined policies. OAuth 2.0 is widely used in web API as the design of OAuth 2.0 is based on technologies like RESTful architecture, JSON format, and TLS for the security. However, OAuth doesn’t specify how trust is developed and managed between client and the central authority. The dynamic resource addition, deletion, and updation in the central authority are not addressed in the OAuth 2.0.
2.2 ACE-OAuth In IoT, there are many constrained devices with limited memory, energy, and processing power. ACE-OAuth [10] is designed for constrained IoT environment which is built on re-use of OAuth 2.0. Key feature of ACE-OAuth is proof-ofpossession (PoP) access token that is used by resource server to authenticate request from client. PoP access token enables authorization between client and resources over untrusted links. New web transfer protocol and encoding technique are used to make it suitable for IoT devices and explained in detail in the proposed method. ACE-OAuth-based delegation for the printing use case is presented and discussed in [11] which uses DIDs and VCs for privacy enhancement.
2.3 Uma 2.0 UMA 2.0 [12] provides pro-active delegation of access, not just to the client, but to other requesting parties, who would like to benefit as well and it is profile of OAuth 2.0. It is developed by the Kantara initiative. The main objective of UMA is to protect resources, authorize access, and enforce policy. UMA has five entities, namely, resource owner, an authorization server, resource server, client, and the requesting party. Functioning of these four entities is enhanced in UMA than the OAuth 2.0. Resource owner of UMA can add or delete resources/services dynamically at runtime and UMA client is the extended version of OAuth 2.0 client. For
100
P. N. Mahalle and G. R. Shinde
dynamic addition of services, resource owner consists of the resource set, scope, and permission. The resource set is the collection of services that resource wants to add. The scope is the type of the access rights for usage of the resources. The permission is the decision of access request to the requesting party. UMA authorization server contains protection API (PAPI) and authorization API (AAPI). PAPI contains the permission registration and token verification endpoints. AAPI contains requesting side token distribution endpoints and permission entitlement endpoints. UMA works in three phases, i.e., protect the resource, get authorization, and access resource. In UMA, the resource owner directs the authorization server to assign access policies to protect the resources. To access protected resources, a requesting party has to provide claims/identity attributes to an authorization server [13]. In UMA, the resource owner has control on identity attributes shared with the authorization server. It also has the advantage that policies for accessing resources can be assigned in advance, and the resource owner does not need to take part in the authorization process for giving consent.
2.4 Self-sovereign Identity and IoT Any IoT device is controlled via not only owner but it also needs third parties in order to operate efficiently. This involvement of third parties creates a major problem in identification process. There is existing centralized solution to this problem. But this solution will not be sufficient when the few billion devices will try connecting to each other simultaneously. The main goal behind identity systems is mainly twofold. First is to create or establish trust between the interacting parties. Second is to create online identity which will make sure all the interactions are private and totally secured. There are three models that are developed also known as models of identity. The models are named as follows: (i) Basic model, (ii) Federated identity model, and (iii) Self-sovereign identity (SSI) model. The basic model makes use of user id and password which grants user access to different platforms via identity created with user id and password. In federated identity model, there is middle agent named service provider which exists between user and the organization. This middle agent provides user id to different organizations. There are several standards that can be implemented while creating federal identity. To name a few, SAML [14], OpenID Connect [15], etc. Nowadays, mostly federated identity model is implemented by tech giants including Facebook and Google. We can make use of the federated identity in order to gain access to other service providers via theses sites. In this model, the online-created identity is owned by service provider and not the user.
OAuth-Based Authorization and Delegation …
101
If the chosen third-party service provider decides to terminate the user account then in this case user may lose not only online identity but along with that all the services offered by that account will be terminated as well. This proves that owner is not in complete control of the identity, and hence a new model was designed called self-sovereign identity model [5]. The basic building block of SSI is known as DID. These are unique and also provides permanent encrypted, secured channel for communication among people, organization, or device. No central authority is used for DID. However, blockchain or distributed ledgers are used in order to register DID via public or private network. These are cryptically secured identifiers which are persistent and resolvable. In simple words, it simply means that identity can be authenticated with underlying cryptography and decentralized nature of technology. These new DIDs can be used in various IoT scenarios where high privacy is the basic demand. Digital machine consists of verifiable properties. These properties can be combined with the identifier of the entity. VCs can be very useful in order to perform the digital attestation of identity. VCs provide a space to sore and control the digital identity. This digital identity includes credentials like passport, driving licenses, etc. The very vital feature offered by DID is known as zero knowledge proof (ZKP). ZKP is like undercover identity which is authorized without revealing its authentication. In other words, there will be two parties involved. One will be the prover and other the verifier. The main aim of prover is to provide that they know some information about say “A” to verifier without disclosing any information. ZKP is a property of DID that aids in making the true and authorized claims without taking aid from replying party. It also provides data security. This will be very useful to IoT in context of location or other contextual data among user, organizations, and devices. Most recent technologies include Sovrin [16], verses One [17], and uPort [18]. For the processing of DIDs, all three technologies use distributed ledgers or blockchain.
3 Related Work In the literature, prominent work has been done in the domain of IoT security and privacy [19–27]. A very interesting discussion on how smart homes will be useful for the patients during their old age period is presented in [28] by Demiris et al. Various functionalities of smart home for elderly people and issues like privacy, full information disclosure, and the extent at which the technology can be used for autonomy are also discussed by authors. Demiris et al. proposed the framework of ethical considerations which provides important guidelines during the design, implementation, and evaluation of smart homes for patients at their old age. Useful research challenges and opportunities in smart home for the elderly people are presented and discussed in [29] by Viswam et al. Authors have also highlighted several recent works and described necessary future research directions. Research direction includes cyberthefts, unauthorized access, privacy protection of data, and the use of lightweight authorization and encryption techniques for battery-operated devices.
102
P. N. Mahalle and G. R. Shinde
Security challenges specific to access control for smart home and assignment of access control policies to visitors for IoT devices are discussed in [30] by Kim et al. A theoretical study is conducted based on the interview and authors have proposed four access control settings which include full, restricted, partial, and minimal control. Full control includes owners and closed relatives, restricted control includes teenagers (like entertainment and security system), partial control includes trusted users of owner, and minimal control is most restrictive access which includes visitors (technician) who are not close friends. Access right assignment mechanism for smart home is presented in [31] which is an extension of the work presented in [30]. Authors proposed the automated clairvoyant access right assignment (CARA) mechanism that utilizes home owners’ social relationship to automatically deduce to which class a visitor belongs. Authors also claim that the proposed work can be extended to enable non-expert home owners for letting visitors use their home network. Access control with delegation for smart home applications is discussed in [32]. Authors have proposed a lightweight authorization protocol with support of a delegation chain in which a user can easily transfer (part of) his/her access rights to smart appliances in the form of a Bloom filter. The security analysis of the proposed work is also discussed by authors and claims that the solution is lightweight and attack resistant. A risk-based permission model for smart homes is introduced in [33] by Amir et al. and claims that the permission model in smartphone operating system does not support required access to all granted devices. Authors have described Tyche, a secure development methodology that leverages the risk-asymmetry in physical device operations to limit the risk that apps pose to smart home users, without increasing the user’s decision overhead. Multi-level privacy-preserving access control mechanism for smart living is presented in [34]. Authors presented framework for ambient-assisted living which provides effective access control for securing collected healthcare data. Attributebased access control based on public key infrastructure is used to regulate access to healthcare data. A capability centric model where capability is defined as a particular action (online pizza ordering) is presented in [35]. The research questions set in the scope of this paper are based on differences in access control policies as per the device capabilities, consistency in access control policies with respect to relationship and capabilities [36], and dependency of access control policies on context and security measures. It is clear that the existing authorization solutions do not fulfill the major requirements of smart homes for the elderly people. A very little attention has been paid to address the problem of authenticating and authorizing visitors to the smart home where elderly or disabled people are living [37]. There is a need of rethinking and re-envisioning authorization and access control in the context of smart homes [38]. More attention is also required to define policies so that elderly people can trust the visitors who have been authorized to enter smart home.
OAuth-Based Authorization and Delegation …
103
4 Proposed OAuth-Based Delegation Method OAuth or ACE-OAuth is not application programming interface or service. It is an open standard mainly for delegation and can be implemented by an individual or enterprise. In smart home use case, house owner has choice to implement this standard either on HGW or on the cloud. The trusted device service (DS) is built on OAuth and its extension is ACE-OAuth. The DS has large number of devices deployed in smart home and it cannot assume that technician has some identifiers issued by his company and hence relies on DIDs and VCs. Instead of relying on centralized authority to issue identifiers, we propose that the technician can create DID which helps to authenticate himself and devices and use VC issued by his company to present proof of right to access device. The advantages of delegating the processing of DIDs, VCS as well as delegating authorization functionality to OAuth framework are as follows: • low processing load on constrained devices, • scalability as there is no need to operate on the smart home devices directly, and • limited involvement of devices in operations and selective disclosure. The proposed delegation method proposes to use ACE-OAuth for utilizing following benefits: • ACE-OAuth is designed specifically for the constrained IoT devices which recommend the use of COAP [39] as replacement for HTTP. COAP runs on the top of UDP and reduces the message size and handshaking making it suitable for constrained devices. • ACE-OAuth uses CBOR (lighter version of JSON) [40] for encoding which is binary encoding technique for small message size which is an extension of JSON. It is used for encoding self-contained tokens and payload. • ACE-OAuth uses CBOR-based secure message format which is used to secure self-contained tokens, e.g., proof-of-possession token (an extension of OAuth tokens). POP access token is unique to ACE-OAuth and used by client to present the possession of secret to the resource server while accessing the resource. The main goal of OAuth-based delegation method is to grant authorization to the technician to access door lock and refrigerator lock. Technician first creates DID and sends it to the claim issuer. In the proposed use case, refrigerator company acts as a claim issuer (certifier), creates claim object, and shares it privately to the technician. At the same time, hash of claim object is stored on blockchain. Technician then provides this DID to relying party (AS in this case) and further processing is described in the next session. Resource registration is important step which takes place between OAuth 2.0 AS and resource server. The information about semantics and discovery properties of the resources is registered by resource server with AS. Previously registered resources with the AS by resource server can be deleted or updated using appropriate method. Resource owner can perform CREATE, DREAD, UPDATE, DELETE, and LIST
104
P. N. Mahalle and G. R. Shinde
operations on the resource set. These operations are performed using RESTful API at the AS’s resource set registration end point. As mentioned in the use case, it is two-step process. The first step is to authenticate and authorize technician to use door lock which is in control of HGW. Technician can use the door lock installed by DS, and also wants to ensure that it is one of their door locks so that confidential information will not be leaked. Equally, it is also important for the door lock to guarantee that technician is authorized to use it. In order to enable decentralized identity management, DIDs and VCs are used in the proposed method. As door locks are constrained IoT devices, we propose to process DIDs and VCs on authorization server (AS). The actors of the use case are shown in Fig. 2 where dashed lines indicate the trust between the actors and solid lines indicate actual communication during the use case. The second step is to authenticate and authorize technician to use refrigerator lock which is in control of home gateway. The same procedure and handshaking flow can be used for this purpose. The life of access token depends on the type of resources we would like to protect. While building authorization server, access tokens can be kept short-lived for protecting critical resources and long-lived for less critical resources.
Fig. 2 Authentication and authorization flow between technician and door lock
OAuth-Based Authorization and Delegation …
105
5 Discussion In the proposed OAuth-based delegation method presented above, the main actors are technician who wants to access door lock and refrigerator lock, DS which owns the IoT devices, SC who has issued VC to technician, and AS that provides authentication and authorization on behalf of constrained door lock and refrigerator lock. The processing of DIDs and VCs is carried out on OAuth AS which benefits more privacy. The communication sequence between these actors is described below: 1. Technician discovers the door lock using Wi-Fi or Bluetooth with the help of mobile application (refrigerator company mobile app) installed on his smartphone. 2. Technician then proposes to use door lock and request AS to issue two proofs: • Door lock is trusted by HGW and • It is authorized by DS to handle door lock access request. 3. Corresponding credentials (pre-shared keys and access token) are used by AS to create the proofs. The proof and ASs request for technician to provide a proof of right to access door lock which is sent to technician. Semantics and discovery properties of the resources are already registered with AS by resource server. 4. After verification of proofs sent by AS, technician sends proof of right to access door lock issued by HGW. 5. AS verifies proof and sends PoP access token to technician. 6. Technician then uses this PoP access token issued by AS to access door lock. The same sequence of handshaking will take place when technician wishes to access refrigerator lock which is under the control of HGW. Once technician is authenticated and authorized to use door lock, he/she will get an entry into the smart home. Proof of right to access refrigerator lock will be created using the credentials issued by HG. This mechanism achieves selective disclosure of information (proof of right to access IoT device) and also constrained IoT devices can utilize DIDs and VCs. Another benefit of this proposed method is constrained door lock or refrigerator lock is not handshaking with AS during the process. Decentralized public key infrastructure (DPKI) is used for the processing of DIDs. In PKI, there is third-party mechanism involved. This mechanism is used for creation and issue of certificates. These certificates are used as identity proof. In DKPI, no third-party mechanism exists. As name suggests, it is distributed in nature and also completes all demands of wide range of IoT applications. In DKPI, DIDs are used for verification of identity. The proposed method replaces the traditional approach of registering all the technicians with IT department. The DIDS and VCs are useful for more flexible and privacy-aware authorization and also reduce the cost of issuing credentials. DIDs provide selective disclosure by using ZKP for data minimization. In the proposed method, technician receives credential that is valid during his/her visit to the smart home. During next visit, technician would require altogether fresh DID and VC, and thus AS, DS, and door lock cannot be tracked. Mutual identity establishment
106
P. N. Mahalle and G. R. Shinde
between technician and door lock and refrigerator lock is very important in order to ensure that technician is accessing trusted IoT device. POP access token is unique feature of ACE-OAuth and is used in the proposed method to prove that IoT devices are trusted. On the behalf of IoT device, AS verifies technician’s proof and sends POP access token back to technician. Then same POP access token is presented to door lock and refrigerator lock for access. However, there are many open questions/design issues which need to be taken into consideration while implementing the proposed delegation method. It is always recommended to incorporate these issues since the design phase to build more robust solution. Few open questions are listed below: • Power failure: What type of provision is available when technician is visiting smart home for repair and power failure occurs in the smart home? It is also important to note the duration of failure. Power failure can also occur at the refrigerator company for short time when technician is requesting for DID. The waiting time of the technician in such situation is another important factor to be considered during the design. • Internet failure: What is the alternative solution available during down time of the Internet? It is possible that when technician is requesting AS for the proofs and the Internet failure occurs. • Device tampering: What will happen if the door lock has been tampered? In such situation, technician will not be able to access door lock. It also raises another question: Does the physical layer security of the devices exists? • Alerting elderly people: What mechanism should be deployed in order to inform elderly people about technician visiting home? What kind of policies to be written at HGW to inform elderly people about visit of the technician? These are few open questions which need more attention while building the proposed solution in the smart home for the elderly. In addition to these, there are still areas like sensors and connectivity solutions, signal processing and data analytics, and development of database function techniques to protect the fundamental privacy rights in the context of smart home for the elderly.
6 Summary In this paper, we have discussed some of the major issues and challenges related to authentication and authorization of protected resources in IoT. We have presented a smart home use case for the elderly indicating the sharing of the devices, services, and delegation to visitors as the main challenges as elderly people cannot participate in the process. We have discussed some of the promising authorization framework and technologies, in particular, OAuth 2.0, ACE-OAuth, and UMA 2.0 which can be applied for accessing and disclosing protected resources. We have also discussed analysis of the various authorization mechanisms in the literature and it shows that very little attention has been paid to security issues in smart homes for the elderly.
OAuth-Based Authorization and Delegation …
107
Analysis also shows that authenticating and authorizing visitors to the smart home using decentralized identity management is an open problem to be addressed. Processing of identifiers like DIDs and VCs cannot be carried out on constrained IoT device. In the sequel, this paper has proposed ACE-OAuth-based delegation for smart home using DIDs and VCs by delegating their processing on AS. The use of DIDs and VCs for enhanced privacy and flexible authorization without direct involvement of constrained IoT devices and elderly people is the key contribution and can be interesting future direction for implementation. Subsequently, this paper has benefits of the proposed method in order to illustrate the use of POP access token for mutual identity establishment and secure authorization. Threat analysis of the proposed work and mitigation strategies for the same will be an interesting future outlook.
References 1. Olesen, H., Khajuria, S.: Accessing and disclosing protected resources: a user-centric view. In: 2015 IEEE 81st Vehicular Technology Conference (VTC Spring), pp. 1–5. IEEE (2015) 2. Dhotre, P.S., Olesen, H.: A Survey of Privacy Awareness and Current Online Practices of Indian Users. WWRF34, St. Clara, California, US (2015) 3. Dhotre, P.S., Olesen, H., Khajuria, S.: User privacy and empowerment: trends, challenges, and opportunities. In: Intelligent Computing and Information and Communication, pp. 291–304. Springer, Singapore (2018) 4. Fernandes, E., Paupore, J., Rahmati, A., Simionato, D., Conti, M., Prakash, A.: Flowfence: Practical data protection for emerging iot application frameworks. In: 25th {USENIX} Security Symposium ({USENIX} Security 16), pp. 531–548 (2016) 5. Allen, C.: The path to self-sovereign identity. Life With Alacrity (2016) 6. Reed, D., Sprony, M., Longley, D., Allen, C., Grant, R., Sabadello, M.: Decentralized Identifiers (DIDs) v0. 11 Data Model and Syntaxes for Decentralized Identifiers (DIDs). W3C (2018) 7. Sporny, M., Burnett, D.C., Longley, D., Kellogg, G.: Verifiable credentials data model 1.0– expressing verifiable information on the web. s Draft, 7 (2018) 8. Kim, T.H.J., Bauer, L., Newsome, J., Perrig, A., Walker, J.: Access right assignment mechanisms for secure home networks. J. Commun. Netw. 13(2), 175–186 (2011) 9. Hardt, D.: The OAuth 2.0 authorization framework (2012) 10. Seitz, L., Selander, G., Wahlstroem, E., Erdtman, S., Tschofenig, H.: Authentication and authorization for constrained environments (ACE) using the OAuth 2.0 framework (ACE-OAuth). IETF, Internet-Draft draft-ietf-ace-oauth-authz-11 (2018) 11. Lagutin, D., Kortesniemi, Y., Fotiou, N., Siris, V.A.: Enabling Decentralised Identifiers and Verifiable Credentials for Constrained Internet-of-Things Devices using OAuth-based Delegation. In: Proceedings of Workshop on Decentralized IoT Systems and Security (DISS 2019), in conjunction with the NDSS Symposium 2019 (2019) 12. Maler, E., Catalano, D., Machulak, M., Hardjono, T.: User-managed access (UMA) profile of OAuth 2.0 (2016) 13. Protecting Personal Data in a IoT Network with UMA. https://www.slideshare.net/kantarainiti ative/uma-auth-ziotirmdublinv06. Accessed 09 May 2017 14. Ordonez, L.D., Schweitzer, M.E., Galinsky, A.D., Bazerman, M.H.: Executive Overview SAML 101 Executive. Acad. Manag. Perspect. http://marcomconsultant.com/samples/pi-saml. pdf. Accessed 09 May 2017 15. OpenID Connect| OpenID. http://openid.net/connect/. Accessed 14 Feb 2015
108
P. N. Mahalle and G. R. Shinde
16. Sovrin Foundation: Identity For All, Sovrin Foundation, Northampton, MA, USA, 2018. https:// sovrin.org/. Accessed 14 Feb 2015 17. VeresOne: VeresOne: a globally interoperable blockchain for identity. https://veres.one/. Accessed 14 Feb 2015 18. Uport: Open identity system for the decentralized web. https://www.uport.me. Accessed 14 Feb 2015 19. Tamane, S., Solanki, V.K., Dey, N. (eds.):. Privacy and security policies in big data. IGI Global (2017) 20. Yamin, M., Sen, A.A.A.: Improving privacy and security of user data in location based services. Int. J. Ambient Comput. Intell. (IJACI) 9(1), 19–42 (2018) 21. Mahalle, P., Babar, S., Prasad, N. R., Prasad, R.: Identity management framework towards internet of things (IoT): Roadmap and key challenges. In: International Conference on Network Security and Applications, pp. 430–439. Springer, Berlin, Heidelberg (2010) 22. Nancy Ambritta, P., Railkar, P.N., Mahalle, P.N.: Proposed identity and access management in future internet (IAMFI): a behavioral modeling approach. J. ICT Stand. 2(1), 1–36 (2014) 23. Mokhtar, S.B., Raverdy, P.G., Urbieta, A., Cardoso, R.S.: Interoperable semantic and syntactic service discovery for ambient computing environments. Int. J. Ambient Comput. Intell. (IJACI) 2(4), 13–32 (2010) 24. Shelar, P.A., Mahalle, P.N., Shinde, G.: Secure data transmission in underwater sensor network: survey and discussion. In: Internet of Things, Smart Computing and Technology: A Roadmap Ahead, pp. 323–360. Springer, Cham (2020) 25. Tchepnda, C., Moustafa, H., Labiod, H., Bourdon, G.: Vehicular networks security: attacks, requirements, challenges and current contributions. Int. J. Ambient Comput. Intell. (IJACI) 1(1), 39–52 (2009) 26. Salunkhe, M., Mahalle, P.N.: Comprehensive threat analysis and activity modelling of physical layer attacks in internet of things. Handbook on ICT in Developing Countries, vol. 2, River Publication Denmark, 2018 27. Bouchemal, N., Maamri, R., Chihoub, M.: Securing ambient agents groups by using verification, judgment and surveillance. Int. J. Ambient Comput. Intell. (IJACI) 5(3), 44–60 (2013) 28. Demiris, G., Hensel, B.: “Smart homes” for patients at the end of life. J. Housing Elder. 23(1–2), 106–115 (2009) 29. Nathan, V., Paul, S., Prioleau, T., Niu, L., Mortazavi, B.J., Cambone, S.A., Jafari, R.: A survey on smart homes for aging in place: Toward solutions to the specific needs of the elderly. IEEE Signal Process. Mag. 35(5), 111–119 (2018) 30. Kim, T.H.J., Bauer, L., Newsome, J., Perrig, A., Walker, J.: Challenges in access right assignment for secure home networks. In: HotSec (2010) 31. Kim, T.H.J., Bauer, L., Newsome, J., Perrig, A., Walker, J.: Access right assignment mechanisms for secure home networks. J. Commun. Netw. 13(2), 175-186 (2011) 32. Le, T., Mutka, M.W.: Access control with delegation for smart home applications. In: Proceedings of the International Conference on Internet of Things Design and Implementation, pp. 142–147. ACM (2019) 33. Rahmati, A., Fernandes, E., Eykholt, K., Prakash, A.: Tyche: A risk-based permission model for smart homes. In: 2018 IEEE Cybersecurity Development (SecDev), pp. 29–36. IEEE (2018) 34. Salama, U., Yao, L., Paik, H.Y.: An Internet of Things based multi-level privacy-preserving access control for smart living. Informatics 5(2), 23. Multidisciplinary Digital Publishing Institute (2018) 35. He, W., Golla, M., Padhi, R., Ofek, J., Dürmuth, M., Fernandes, E., Ur, B. (2018). Rethinking access control and authentication for the home internet of things (iot). In: 27th {USENIX} Security Symposium ({USENIX} Security 18), pp. 255–272 36. Sarowar, M. G., Kamal, M. S., Dey, N.: Internet of Things and its impacts in computing intelligence: a comprehensive review–IoT application for Big Data. In: Big Data Analytics for Smart and Connected Cities, pp. 103–136. IGI Global (2019)
OAuth-Based Authorization and Delegation …
109
37. Hassanien, A.E., Dey, N., Borra, S. (eds.): Medical Big Data and Internet of Medical Things: Advances, Challenges and Applications. CRC Press (2018) 38. Dey, N., Ashour, A.S., Bhatt, C.: Internet of things driven connected healthcare. In: Internet of Things and Big Data Technologies for Next Generation Healthcare, pp. 3–12. Springer, Cham (2017) 39. Shelby, Z., Hartke, K., Bormann, C.: The constrained application protocol (CoAP) (2014) 40. Bormann, C., Hoffman, P.: Concise binary object representation (CBOR) (2013)
Dynamic Access Control Solution for Cross-Tenancy in a Cloud Environment Sakshi Garg, Deepti Mehrotra, and Shalini Bhartiya
Abstract Data sharing in an interoperable environment enhances the productivity and quality of services in the respective organizations. The organizations these days have been moving their data and resources over the cloud. The primary reason is that the cloud provides flexibility, resource sharing, and to a limit most apt solution for Disaster Recovery (DR). When two or more organizations agree to share their cloud resources to an extent, there is a huge risk of accessing the data beyond the extent of the agreed privileges. All tenants may have different access control models implemented at their place. Practically, further the rules are generated for access control which is decided on the organizational hierarchy. In this paper, dynamic system is proposed where cross-tenancy in access control models in an interoperable environment, i.e., it is able to address the dynamic nature of the cloud access control environment in an effective manner. Keywords Organization-based access control model · Attribute-based access control model · Tenant request handler · Intra-tenancy and Cross-tenancy
S. Garg (B) CSE Department, Amity University, Noida, KM-40, Kavi Nagar, Ghaziabad, Uttar Pradesh 201002, India e-mail: [email protected] D. Mehrotra IT Department, Amity University, Noida, B-1202, Prateek Wisteria, Sector-77, Noida, Uttar Pradesh 201301, India e-mail: [email protected] S. Bhartiya CSE Department, Vivekananda Institute of Professional Studies, GGSIPU India, AU Block, Pitampura, New Delhi, Delhi 110034, India e-mail: [email protected] © The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd. 2021 P. N. Mahalle et al. (eds.), Security Issues and Privacy Threats in Smart Ubiquitous Computing, Studies in Systems, Decision and Control 341, https://doi.org/10.1007/978-981-33-4996-4_7
111
112
S. Garg et al.
1 Introduction Cloud computing refers to an Internet-based utility computing, where resources are shared among a group of users. The resources, which are being shared, are hosted on virtual servers. Cloud computing is based on the time-sharing model, i.e., where the computing resources were shared among a large number of people. The time-sharing model dates back to 1960s and 1970s, where a large group of users would share a single computing system. The advantage of the time-sharing model is that a single user cannot effectively use the complete resources of the computing system, i.e., he can effectively only use a certain amount of the total resources at his disposal, and hence a large number of users collectively can utilize the complete resources effectively [1, 2]. It is composed of interconnecting thousands of virtual machines which are spread over the world as data centers. In literature, the customer of the cloud is referred to as a tenant, who uses the pool of resources provided by cloud owner on demand to conduct its operations [3]. The tenant is charged as per the usage of actual service. [4] gave an overview on extant cloud computing architectures, and exposed the related issues in cloud computing implementations. They also proposed ServiceOriented Cloud Computing Architecture (SOCCA) to enable clouds to interoperate among them. For optimal utilization of resources, multiple tenants are allowed to access the resources, but it leads to operational complexity and significant design, which in turn lead to vulnerabilities, misconfigurations, and infringement of secure properties. [5] said that authorization and authentication plug-in model for a cloud computing environment facilitates cloud customers to gain control over their project information when their work is deployed in the cloud. The multiple tenants lead to cross-tenant access control environment, which has the following problems. Each tenant may have different access control policies [6], with variation in resource utilization and thus the cloud administrator need to maintain a list of the tenant and his or her access control policy. [7] gave a strategy for allocating tenants of clients to offer occasions of an application or middleware that incorporates applications accessible from a server, deciding server asset limit of the server. Speaking of imperatives related with the tenants and the offering cases, creating a mapping of the tenants to the offering occurrences dependent on the server asset limit and requirements, and relegating an occupant to an offering case as per the mapping, wherein the offering case is made open to the clients of the appointed inhabitant. Therefore, designing an environment where the trust management of all tenant is ensured is a challenging task. [8] suggested resource-sharing mechanism between two different tenants through cloud resource mediation service. Analysis of the performance results stated that sharing of resources with this approach could be performed efficiently and securely among various tenants in the cloud environment. [9] described the need for the formal verification techniques in cloud computing where no comprehensive or systematic review of such standards and techniques is available. [10] discussed the framework for runtime security auditing for cloud computing. The response time of the authentication mechanisms was observed to reduce to a significant level due to the framework
Dynamic Access Control Solution for Cross-Tenancy …
113
being operated on OpenStack. [6] proposed a technique to model, analyze, and automatically fix Role-Based Access Control (RBAC) which does not need workers to scribble code or queries on their own. [11, 12] proposed a Cross-tenant Trust Model (CTTM) and its Role-Based Extension (RB-CTTM) to integrate different types of trust relations among cross-tenant access control models that can be implemented as a service (MTAS) platform in the cloud by multi-tenant authorization. Security assessment and designing simplified solution [13] for overall enhancement of security system have been devised for sharing between tenants. With the increasing user base of the cloud environment, the use of Access Control Lists (ACLs) for regulating the access privileges of the users will tend to become obsolete with time. The employment of access control models for regulating access privileges for cloud environments is on the rise. In this paper, a model is proposed where tenants employing different access control models can share resources among its user base. A system which is interoperable with two access control models— Attribute-Based Access Control Model (ABAC) and Organization-Based Access Control Model (OrBAC) interact to share the resources—is proposed. The paper is divided into five sections, the first being the introduction, the second section deals with the existing system and its limitations, the third section proposes a model for the environment, the fourth section deals with the implementation of the proposed model, and the final section concludes the paper along with specifying the future scope.
2 Existing Models of Access Control The problem of sharing of resources done on cloud magnifies if tenant and cloud access provider use different access control model for ensuring the security. The two models considered are, namely, attributed-access-based access control model and organization-based access control model. A brief description of both models is given below.
2.1 Attribute-Based Access Control Models The attribute-based access control [14, 15] employs the use of attributes and the permissions are assigned to the user based on their attributes. The ABAC model uses the authorization policies, which contain the policy groups. The administrator defines the authorization policies. The policy groups are a set of policy groups and policies, and the policies contain the entities. The attribute policies consist of the following components as cited in work [16, 17]:
114
S. Garg et al.
1. Attributes: The attributes contain the values about the resources, users, etc. There are three types of attributes—environmental attribute, subject attribute, and resource attribute. The attributes can have two types of values—1) distinct and unconnected values and 2) a range of values. 2. Actions: Subject uses actions on a resource to get its desired output. The action set includes read, write, append, delete, and execute. 3. Access request: The user submits an access request to the system in order to access a resource. The access request is basically a tuple of the form < s, r, a > , where the Subject “s” is trying to access resource “r” with the rights “a”. 4. Policy: A policy is a set of given rules, it can be represented as (see Eq. 1)
P = {R1, R2, . . . , Rn}
(1)
where R1, R2….Rn are the rules. 5. Policy set: A policy set is a combination of policies and policy sets (see Eq. 2).
P S = {φ, P1, P2, . . . , Pn}
(2)
where P1, P2 … Pn are the policies and Φ is the combination function. The ABAC model and its different variants are widely used in cloud computing to provide a secured access mechanism to all tenants [14, 15].
2.2 Organization-Based Access Control Model The organization-based access control model is similar to the role-based access control model [18, 19]. The rules in the security policies of an access control model are generally applied or forced on to the subject, action, and object. The main objective of the organization-based access control model is to allow the security administrator or the policy designer to define a set of policies or a set of rules independent of the implementation of the policies. In the organization-based access control model, the access control policies are defined as an “organizational” level different from the RBAC model. This definition of ACPs at the organizational level makes sure that the security policies are implemented independently of the subjects and information. The authorization privileges defined in the organization-based access control model are defined on an abstract level, i.e., the policies are not defined for the subject, action, and object triplet instead for the role, activity, and view triplet. The roles, activities, and the view are further mapped onto the subject, action, and object. Figure 1 describes the relationship among the two set of triplets.
Dynamic Access Control Solution for Cross-Tenancy …
115
Fig. 1 Organization-based access control model architecture
3 Limitations of Existing Models The Cloud Resource Management System (CRMS) cited in [8, 20] deals with CrossTenancy in Cloud Computing. The CRMS employs the use of Cross-Tenancy Access Control Model (CTAC model) to delegate authorizations to the users across the tenants. Users in this model are classified into two categories: 1. Intra-tenant users: These users belong to the tenant and share the resources allocated to the tenant. 2. Cross-tenant users: These are those users who are authorized to access the resources of various tenants. To explain the flow of control in the Cloud Resource Management System (CRMS), let us assume two tenants, T1 and T2, where a user from T2 wants to access the resource of T1. The user from T2 would generate a cross-tenant request to which the Tenant T1 has to respond positively or negatively. The steps for the permission activation request in CTAC are as follows and are depicted in Fig. 2: 1. The Tenant T1 accepts the request from the user of T2, and it redirects the request to the CRMS for further processing.
116
S. Garg et al.
Fig. 2 Flow of control in CTMS model
2. The CRMS redirects the request to T2 for authentication response. Once, the authentication of the user is complete, the user authentication response (valid or invalid) and tenant authentication response are sent to the CRMS. 3. Once the CRMS receives the response from the Tenant T2, the user’s attributes are evaluated against the T1’s policy and when the policy criteria are fulfilled, the user is provided service access at T1. The CRMS evaluates the attributes from the response it receives against the policies defined in the CTAC model. The flow of control of the CTAC model is described in the following stages: 1. Activation phase: In this phase, when an intra-tenant user produces a request for permission activation, the user is granted the request to access the resource. When a cross-tenant user generates a request for accessing the resource, the permission is activated only under two conditions: • After the activation of permission, an intra-tenant user has given the requested permission to a cross-tenant user. • An intra-tenant/cross-tenant user has given the permission to a tenant. 2. Delegation phase: In this phase, the cross-tenant/intra-tenant user delegates a subset of permissions to the tenant/cross-tenant, whenever a delegation constraint is assigned to the cross-tenant or the other tenant. 3. Forward revocation phase: In this phase, the intra-tenant user nullifies the subset of permissions assigned to a cross-tenant/tenant, in the process deactivating the delegation policy assigned to the user. 4. Backward revocation phase: In this phase, the intra-tenant user revokes the permissions assigned to a cross-tenant user/tenant, when the attributes produced by the cross-tenant/tenant mismatch.
Dynamic Access Control Solution for Cross-Tenancy …
117
3.1 Limitations of the CTAC and CRMS Model 1. Classification of users: The CTAC model consists of two sets of users—intratenant users and cross-tenant users. The set of intra-tenant users consists of the users belonging to a tenant, while the set of cross-tenant users consists of the users belonging to multiple tenants [21]. The limitations of this model are that it does not describe the classification of the users based on the hierarchy of the organization, i.e., there is no provision for providing uneven authorization privileges to the users. 2. Access control models: The CRMS model employs the CTAC model, where the permissions for the users are delegated by the users belonging to the set of intratenant or Cross-tenant users. The CRMS model does not specify any provisions for employing any other access control model in the tenants. 3. A delegation of permissions: The CTAC model employs a system where a user who is already assigned a set of permissions is responsible for delegation of permissions to a user who puts up a request. An approach of this kind is easily scalable, but as the number of users who have delegated permissions increases, there is a huge chance for the system delegating permissions to entities who are not supposed to be given permissions.
4 Proposed Model of Access Control In this section, a model is proposed that would facilitate cross-tenancy in a cloud environment. The proposed model consists of a system—tenant request handler system— which would work along with the tenants in a cloud environment. Consider two Tenants T1 and T2, which employ different access control models and are willing to share their resources among the subjects of the tenants. Whenever a user from the Tenant T1 produces an access request to access a resource of Tenant T2, the request is put forward to the tenant request handler system. The tenant request handler puts a request to the Tenant T2 and waits for the Tenant T2 to handle the request. The Tenant T2 handles the request and passes on the response to the tenant request handler. The proposed model is depicted in Fig. 3. The major hindrances in implementing this model are as follows: 1. Compatible system: The transaction request handler system should be compatible with all the access compatible models employed in its tenants. 2. Attribute classifier: The transaction request handler system should be able to classify the attributes from the security policies of the various access control models. 3. Communication channel: The transaction request handler system should employ a proper communication channel between the various tenants. The first step in establishing the proposed model is to establish a proper communication channel among the various tenants and the tenant request handler system.
118
S. Garg et al.
Fig. 3 Proposed model architecture
As the tenants and the tenant request handler system have a bidirectional flow of data, we can employ the TCP model of client–server architecture. The various phases of the proposed model are as follows and the timeline for the flow of control is depicted in Fig. 4.
4.1 Building Vocabulary Set The first and foremost objective of the system would be to be compatible with both the access control models employed in both the tenants. In the proposed system, we are employing two tenants which are employing attribute-based access control models and organization-based access control models. A vocabulary set is a collection of keywords, which can be used to map the subjects, actions, and resources in the security policies. In this phase, the system is provided with sample security policies which are used in populating the vocabulary sets. This phase consists of further two phases: 1. Phase 1—Vocabulary Set for Attribute-Based Access Control Model: The vocabulary set for the attribute-based access control models is built on its security policies. The subject, action, and resource attributes obtained from the security policies are stored under the subject, action, and resource tags of the vocabulary
Dynamic Access Control Solution for Cross-Tenancy …
119
Fig. 4 The flow of control in proposed model
set. The attribute-based access control models define the rules under the target tag. Whenever the transaction request handler encounters the < Target > tag in the security police, it parses the vocabulary set. 2. Phase 2—Vocabulary Set for Organization-Based Access Control Model: The complexity of the security policies of the organization-based access control model is very high. This can be mitigated by employing the supervised learning approach. The transaction request handler is provided with a set of sample security policies which act as test cases to the system. The security policies are compared among themselves, to cross-check for similarities. The elements are now grouped into two categories—similar, this group consists of all the elements which have similar attributes among themselves and different, this group consists of all the elements which are not similar.
120
S. Garg et al.
4.2 Reconnaissance In this phase, the transaction request handler checks for the attributes defined in the security policies. The transaction handler keeps note of all the attributes belonging to the action class. The action attributes of any access control model can be classified into three categories—read, write, and execute. The order of precedence for these categories of action attributes is executed > write > read. An access control model having an action attribute “view” can be grouped under the category of reading. In this phase, the attributes from both the access control models are grouped into three categories of action attributes—read, write, and execute. The action attribute count from each of the access control model is obtained. The next would involve calculating the Lowest Common Multiple (LCM) of both sets of attribute counts. The weights are calculated and mapped based on hierarchical structuring in respective organizations such that tenants can employ different access control models and will be able to share resources among its user base. attcountOrBAC ) = attcountABAC .attcountOrBAC /[ LCM (attcountABAC , gcd(attcountABAC , attcountOrBAC) ] The attributes are assigned weights among themselves with a range of (0, WLCM ) with equal intervals based on their category. The order of precedence of attributes is as follows: (read,write,execute) > (write,execute) > (read,execute) > (read,write) > (execute) > (write) > (read).
4.3 Request Dissemination The building vocabulary and reconnaissance phases can be classified to belong to the initialization phase. The request dissemination phase is where the user from a tenant puts forward an access request to the transaction request handler. The request received by the transaction request handler is disseminated, and the subject, resource, and action attributes are extracted. The necessary resource attributes are obtained and a request for the users having privileges to access the resource is put forward.
4.4 Classifying the Attributes In this phase, the weighted approach of classifying attributes is employed. The action attributes are assigned weights or ranks in phase 2 and the subjects are mapped to these action attributes. The subjects are grouped in the ascending order based on the ranks of the action attributes they are assigned. There might arise situations where subjects might be mapped to two or more attributes. Then the sum of weights is calculated. The sum of weights of the user (WU1 ) who put forward the request is compared to the user from the other tenant (WU2 ) whose weight is the lowest among
Dynamic Access Control Solution for Cross-Tenancy …
121
Fig. 5 Flow of control in user request dissemination and response determination phase
the users permitted to access the resource. If WU1 > WU2 , then the user from Tenant 1 is permitted to access the resource and the user is denied the access in any other case as in work [22].
4.5 Response Determination The response to the request put forward by the tenant request handler is sent to the transaction request handler. The response is disseminated and the attributes of all the users entitled to access the resource request by the user from Tenant T1 are stored. Figure 5 represents the flow of control disseminated by the proposed model when the user request is made and response is determined.
5 Implementation and Results 5.1 Network The network for the proposed model is implemented using the OpenStack architecture. The network consists of three networks—one network for the tenant request
122
S. Garg et al.
Fig. 6 C loud-init configuration
handler system, one network for depicting Tenant T1, and the other network for depicting Tenant T2. Virtual machines in OpenStack are employed to establish a means of communications among the various computer entities. The virtual machines in this network model are employed to implicate the functionality of the tenants. The OpenStack provides the functionality of instances which can be used to create virtual computing systems. The instances can have various operating systems ranging from Windows to Ubuntu. Every instance of the OpenStack can be accessed by ssh-ing it through the public/private key exchange mechanism. The keys required to connect the local host to the virtual machines can be generated by using an ssh-agent. The syntax for generating the public keys is as follows: Ssh-keygen–t RSA–f cloud.key The command above generates a random key pair of the public key (cloud.key.pub) and private key (cloud.key). Every virtual machine is created with a default username as the name of the flavor of the operating system employed by the virtual machine. The machines are created without any passwords. The passwords for the virtual machine can be assigned using cloud-init as shown in Fig. 6.
5.2 Algorithms 5.2.1
Establishing a Connection
One of the major hindrances in establishing this model was establishing a proper communication channel. This can be mitigated by employing a client–server architecture among the tenants and the transaction request handler. The algorithm aims at establishing a connection between the client and server end to send and receive data. The algorithm for setting up a client on the tenants is as follows: 1. 2. 3. 4. 5.
Start. Create a socket for the client. Connect to the server by employing the connect() function. Send and receive data from the server. Stop. The algorithm for setting up a server on the tenants is as follows:
Dynamic Access Control Solution for Cross-Tenancy …
1. 2. 3. 4. 5. 6. 7. 8.
123
Start. Create a socket for the server. Assign the port and address using the setsockopt() function. Bind the socket to the address and port number defined in step 3. Set the socket in the listen() mode in order to accept the requests. Accept the connections from the queue of pending connections. Send and receive data from the client. Stop.
5.3 Building Vocabulary Algorithm The building vocabulary algorithm is based on the building vocabulary set phase defined in the proposed model. The algorithm is part of the initiation phase, where the system is provided with sample test cases such that attribute, action, and resources are traversed in reference to the subjects as to define the position and accordingly decide their access rights. The algorithm is divided into two, one for attribute-based access control models and the other for organization-based access control models. The result for this phase is depicted in Fig. 7. The algorithm for attribute-based access control models is as follows:
Fig. 7 Generated output for Phase 1
124
S. Garg et al.
1. Start 2. Open and Parse SampleABACPolicy.xml 3. Iterate through the end of the file. 3.1 If element = “Target” 3.1.1 if “Subjects” is a child of “Target” 3.1.1.1 Traverse the child nodes of the “Subjects” element th 3.1.1.2 If “AttributeValue” is the n child of Subjects 3.1.1.2.1 Write “ “Subjects” n(integer) ” to the Vocabulary Set 3.1.2 if “Actions” is a child of “Target” 3.1.2.1 Traverse the child nodes of the “Actions” element th 3.1.2.2 If “AttributeValue” is the n child of Actions 3.1.2.2.1 Write “ “Actions” n(integer) ” to the Vocabulary Set 3.1.3 if “Resources” is a child of “Target” 3.1.3.1 Traverse the child nodes of the “Resources” element th 3.1.3.2 If “AttributeValue” is the n child of Resources 3.1.3.2.1 Write “ “Resources” n (integer) ” to the Vocabulary Set 4. Stop The algorithm for organization-based access control model gives the way to map different hierarchical structures at different organizations to provide a general vocabulary set for cross-tenants to use the information from the shared user base as per their organization [19] and can be given as follows:
Dynamic Access Control Solution for Cross-Tenancy …
125
1. 2. 3. 4.
Start Open and Parse SampleOrbac1.xml Open and Parse SampleOrbac2.xml Iterate through the elements in SampleOrbac1.xml 4.1 elem = the current element, the attribute and its value 4.2 create an element in the vocabulary set 4.3 iterate through the elements in SampleOrbac2.xml 4.3.1 if( elem. Current element = current elementORBAC2) 4.3.1.1 write to the element “Similar” in the Vocabulary set – “elem.current element elem.attribute< value>elem.value” 5. Stop
5.4 Reconnaissance Algorithm The reconnaissance algorithm is based on the reconnaissance phase described in the proposed model. This algorithm depicts the access rights based on the position of the subject calculated according to the above inputs. The redundant values are removed from the array and the rest obtained values are stored for further request inputs. The output for this phase is depicted in Fig. 8. The algorithm for the phase is as follows:
Fig. 8 Output for phase 2
126
1. 2. 3. 4. 5. 6. 7.
8. 9. 10. 11. 12.
13. 14. 15. 16. 17.
18.
S. Garg et al.
Start Open and parse VocabularySetABAC.xml Traverse to the actions tag in VocabularySetABAC.xml Position = get the attribute value of the positions tag. Close VocabularySetABAC.xml Open and parse ABACpolicy.xml If element = “Target” and Effect = “Permit” 7.1 traverse to the positioning of the element of the Actions element 7.2 ArabicarrABAC = attribute value Close ABACpolicy.xml Open and parse VocabularySetOrBAC.xml Open and parse OrBACpolicy.xml Traverse to the elements of the policy. If the attribute value of the nth-child of element = “privilege” 12.1 if element name not equal to tag of VocabularySetOrBAC.xml 12.1.1 if attribute name not equal to tag of VocabularySetOrBAC.xml 12.1.1.1 if attribute value not equal to tag of VocabularySetOrBAC.xml 12.1.1.1.1 arrORBAC= attribute value of “value” of the same element Close OrBACpolicy.xml Remove duplicate values from the arrays arrABAC and arrORBAC Now count the number of permuted cases of reading, write and execute satisfied by the actions present in the array and store the count into counABACandcounORBAC. Calculate the LCM of counABACandcounORBAC. Divide the weights among the actions based on the order of precedence mentioned in the proposed theory and store the corresponding weights of the actions with the actions into the arrays (WABAC, WORBAC) Stop
5.5 Request Disseminator Algorithm The request disseminator algorithm is based on the request dissemination phase defined in the proposed model where the request is received from the user.
Dynamic Access Control Solution for Cross-Tenancy …
127
1. Start. 2. Receive the access request. 3. Divide the access request into the constituent elements and store it in the variables subjectU1 , ActionU1 , ResourceT2 . 4. Stop.
5.6 Attribute Classifier Algorithm The attribute classifier algorithm is based on the classification of attributes phase, defined in the proposed model. The algorithm takes the input of the user and processes it to determine what rights or privileges can be provided to him. The output for the following is depicted in Fig. 9. The algorithm is as follows: 1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 11. 12. 13. 14. 15.
Start. Iterate through the array of subjects in SubT []. Open ABACpolicy.xml. Iterate through the Target tags. Store the actions associated with each subject from SubT [] into an array subactmap[][]. Calculate the sum of the weight of each Subject and store it into sumar[][]. Pick the subject with the lowest weight and store it into WT . Close ABACpolicy.xml. Open OrBACpolicy.xml. Store the actions associated with SubjectU1 into an array actU1 []. Calculate the sum of the weight of actions in WU1 . Close OrBACpolicy.xml. If (WT < WU1 ) 13.1 then the user U1 is permitted to access the resource. Stop.
Fig. 9 Output for phase V
128
S. Garg et al.
5.7 Response Determination Algorithm The response determination algorithm is based on the response determination phase defined in the proposed model where the evaluated results are sent to the user specifying him his rights according to his level in the hierarchical fashion of its organization. 1. 2. 3. 4.
Start. Receive the response. Store the subjects into an array SubT []. Stop.
6 Summary Sharing of resources over cloud environments has been gaining a lot of attention and it is expected that more than 70% of the businesses would shift their infrastructure to the cloud in near future. With the voluminous growth of information over the cloud, it becomes highly important to ensure the confidentiality, privacy, and integrity of the data shared over the cloud. The current access control models are restricted as there are not many effective solutions available for their use over the cloud network. In this report, a solution is proposed to deploy access control models over the cloud environment. The advantage of this solution is that there is no need for a change in the infrastructure to promote interoperability across tenants that employ various access control models, locally. The aim of the proposed solution is directed toward enhancing interoperability among various tenants without compromising on the privacy of the information shared. The future work would include amalgamating the concepts of network security and firewalls.
References 1. Fisher, B., Brickman, N., Jha, S., Weeks, S., Kolovos, T., Burden, P.: Attribute-Based Access Control. NIST Special Publication (2016) 2. Hu, V.C., Ferraiolo,D., Kuhn, R., Schnitzer, A., Sandlin, K., Miller, R., Scarfone, K.: Guide to Attribute Based Access Control (ABAC) Definition and Considerations. NIST Special Publication (2014) 3. Majumdar, S., Madi, T., Jarraya, Y., Pourzandi, M., Wang, L., Debbabi, M. Cloud Security Auditing: Major approaches and existing challenges. In: International Symposium on Foundations and Practice of Security, pp. 61–77. Springer, Cham (2018) 4. Tsai, W.T., Sun, X., Balasooriya, J.: Service-oriented cloud computing architecture. In: 2010 Seventh International Conference on Information Technology: New Generations (ITNG). IEEE (2010) 5. Chang, D.Y., et al.: Authentication and authorization methods for cloud computing security. U.S. Patent No. 8,769,622. 1 Jul. 2014
Dynamic Access Control Solution for Cross-Tenancy …
129
6. Montrieux, L., Wermelinger, M., Yu, Y.: Challenges in model-based evolution and merging of access control policies. In: Proceedings of the 12th International Workshop on Principles of Software Evolution and the 7th annual ERCIM Workshop on Software Evolution, pp. 116–120. ACM (2011) 7. Kwok, T.Y.-K., Mohindra, A.: Calculating multi-tenancy resource requirements and automated tenant dynamic placement in a multi-tenant shared environment.” U.S. Patent No. 8,424,059. 16 April 2013 8. Quratulain Alam, S., Malik, U.R., Akhunzada, A., Raymond Choo, K.K., Tabbasum, S., Alam, M.: A Cross Tenant Access Control (CTAC) Model for Cloud Computing: Formal Specification and Verification. IEEE Publication (2016) 9. Souri, A., Navimipour, N. J., Rahmani, A.M.: Formal verification approaches and standards in cloud computing: a comprehensive and systematic review. Comput. Stand. Interfaces (2017) 10. Majumdar, S., Madi, T., Wang, Y., Jarraya, Y., Pourzandi, M., Wang, L., Debbabi, M.: UserLevel runtime security auditing for the cloud. IEEE Trans. Inf. Forensics Secur. 13(5), 1185– 1199 (2018) 11. Tang, B., Sandhu, R.: Cross-tenant trust models in cloud computing.” Information Reuse and Integration (IRI). In: 2013 IEEE 14th International Conference on. IEEE, (2013) 12. Tang, Bo., Sandhu, Ravi, Li, Qi: Multi-tenancy authorization models for collaborative cloud services. Concurr. Comput.: Pract. Exp. 27(11), 2851–2868 (2015) 13. Pillai, P.: Security for cross tenant access control in Cloud computing. Int. J. Adv. Res. Comput. Eng. Technol. (IJARCET) 8(3) (2019) 14. Jin, X.: Attribute-based access control models and implementation in cloud infrastructure as a service. The University of Texas at San Antonio (2014) 15. Sookhak, M., Yu, F.R., Khan, M.K., Xiang, Y., Buyya, R.: Attribute-based data access control in mobile cloud computing: taxonomy and open issues. Fut. Gen. Comput. Syst. 72, 273–287 (2017) 16. Jin, X., Krishnan, R., Sandhu, R.: A unified attribute-based access control model covering DAC, MAC, and RBAC. In: IFIP Annual Conference on Data and Applications Security and Privacy, pp. 41–55. Springer, Berlin, Heidelberg (2012) 17. Hu, V.C., Ferraiolo, D., Kuhn, R., Friedman, A.R., Lang, A.J., Cogdell, M.M., … Scarfone, K.: Guide to Attribute- Based Access Control (ABAC) Definition and Considerations (draft), vol. 800, issue no. 162. NIST Special Publication (2013) 18. Zeng, W., Koutny, M., Watson, P., Germanos, V.: Formal verification of secure information flow in cloud computing. J. Inf. Secur. Appl. 27, 103–116 (2016) 19. Naushahi, U.M.A.: Profile-Based Access Control in Cloud Computing Environments with applications in Health Care Systems (2016) 20. Babu Sankar, R., Trlok, M., Nazeema, H.: A Cross Tenant Access Control (CTAC) model for cloud computing. Int. J. Adv. Res. Comput. Sci. Softw. Eng. 8(4), 333–337 (2019). ISSN(E): 2277-128X, ISBN: 978-93-87396-07-4 21. Tang, B.: Multi-Tenant Access Control for Cloud Services. The University of Texas at San Antonio (2014) 22. Riad, K., Yan, Z., Hu, H.: Ahn, G.J.: AR-ABAC: a new attribute based access control model supporting attribute-rules for cloud computing. In: 2015 IEEE Conference on Collaboration and Internet Computing (CIC), pp. 28–35
Distributed Access Control Scheme for Machine-to-Machine Communication in IoT Using Trust Factor Vinod V. Kimbahune, Parikshit N. Mahalle, Shafi K. Pathan, and Shaik Naser
Abstract Access control is one of the earliest issues that remains a constant challenge. Its component determines whether the request to access a resource is granted. Its domain covers the various mechanisms by which a system grants or revokes the right to access data and services. This paper presents a trust-based service management technique by using a fuzzy approach. The novelty resides in the use of decentralized collective filtering to collect trust input from IoT node owners, who share common social interests. In terms of storage and computing costs, framework is scalable to large IoT systems. This adaptive IoT trust system detects malicious IPs and keywords from system and file, respectively. This paper also presents to manage trust protocol parameters dynamically to minimize trust estimation bias and maximize application performance. Keywords Access control · Fuzzy approach · Authentication · Capability · Adaptive · Internet of things · Trust
1 Introduction Access control is the most noteworthy concept to ensure resources having been utilized in a variety of network environments. Here, we have considered the connected smart objects as resource clients. The client’s association and detachment from the V. V. Kimbahune (B) · P. N. Mahalle Department of Computer Engineering, Smt. Kashibai Navale College of Engineering Savitribai Phule Pune University, Pune, India e-mail: [email protected] P. N. Mahalle e-mail: [email protected] S. K. Pathan · S. Naser Computer Department, Al Qaseem University, Buraydah, Kingdom of Saudi Arabia e-mail: [email protected] S. Naser e-mail: [email protected] © The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd. 2021 P. N. Mahalle et al. (eds.), Security Issues and Privacy Threats in Smart Ubiquitous Computing, Studies in Systems, Decision and Control 341, https://doi.org/10.1007/978-981-33-4996-4_8
131
132
V. V. Kimbahune et al.
IoT framework randomly as indicated by prerequisite and there is presumably some malicious client, who gives forged data by means of records. Indeed, even malicious clients spread hostile information. For example, in the hotel management system, there are various services provided via mobile application (identity, check in-out, tables/rooms availability, air conditioner handling, and parking). These services can only apply to certain networking areas (on the hotel’s private Wi-Fi). If the user disconnects from this network and even after the user(admin) rejects the request of the user, then this node IP will get block by admin (owner of the system). These dynamic and dispersed qualities of IoT systems are essential for access control technology. In this, we propose an access control model based on attributes and trust to meet the essentials of fine-grained, dynamic secure access control in IoT conditions.
2 Motivation Nowadays IoT is a popular technology used everywhere for automation services. But for huge usage of IoT increases security issues. For IoT technology, there are various aspects to secure the data and activities. But up till now, no one secures the IoT by using trust-based access control. So from that, I am motivated to get this module to implement which we can secure IoT devices by using various trust factors, and methods. IoT provides interconnection between devices which are uniquely recognizable. By integrating several technologies, such as actuators and sensor networks, identification and detection technology, efficient communication protocol and decentralized intelligence of smart objects, IoT enables interaction between the objects in real time around each other. IoT ‘s effectiveness can be seen in the domestic and business sectors. Although different issues related to IoT applications, IoT security has a major impact on IoT application performance. When thinking about security systems, trust is an important factor. Even after security and privacy implementation, a device may act in an unreliable manner. Analysis of devices based on behavior that can predict device performance over time is needed. Trust management gives organizations conduct-based analysis utilizing its previous behavior; trust in the network or recommendation. A secure framework is required to prevent malicious devices from carrying out unauthorized activities. This research work is developing IoT devices with complex trust management system. To clarify the trust management system, the presumption is to consider trust in cloud computing by way of the trust associated with the behavior of objects. Figure 1 demonstrates the trust management system for access control with respect to cloud computing applications. There are various categories of entities in the entity layer as customers of cloud, cloud negotiators, and service providers of cloud and all these entities are interested in the cloud according to their responsibilities. Such organizations are demanding domain services and support. The entity’s credentials
Distributed Access Control Scheme for Machine …
133
Fig. 1 Trust management architecture
check access control architecture and describe the policies which were kept in the policy module. This model helps organizations access resources and services by confidencekeeping. The trust of an individual in the domain requires direct trust in the recommendations. Specific trust is created when each individual that participates in the network is directly observed, while trust recommendation is connected to a distributed individual without direct communication, often defined as indirect trust. The entity’s calculated trust degree is then deposited in the trusted source. The direct communication between different devices is nothing but machine-tomachine communication using a wireless channel. Nowadays, the current machineto-machine communication has evolved into a network system, which transmits data to individual files or services. Due to IP network expansion, the communication between different machines is faster and easier while using shrink resources. File sharing and access control is a serious issue in networks if there is no trust factor between sender and receiver. Any kind of file can be controlled by access controls
134
V. V. Kimbahune et al.
but still, these files cannot be trusted as they may contain suspicious or malicious data. Applications in the network cannot be trusted to execute as they can harm machines. There is a strong need for trust maintaining mechanism as well as trust defining factors with a combination of rules in this scenario. The paper is structured as follows: It discusses the history and associated works in Sect. 2. Section 3 introduces the conceptual Trust Calculation method and its mathematical model. The findings are discussed in Sect. 4. Section 5 eventually sum up the analysis and addresses future study.
3 Background and Related Work In [1], the authors presented a trusted execution environment that is security based. It used an open-TEE simulation system to create trust in an environment isolated from the rich environment. The proposed work preserves the confidentiality of private files over file slice, checking authentication of another process. In [2], the author has discussed about trust in the cloud environment, which is observed as a self-organizing framework and a dynamic trust evaluation approach along with a private attribute is suggested using bionic mechanism. IP, Time and behavior input are considerations for trust evaluation in this process. Trust record and Access record both the table data structures are considered to store the relationship between precursor nodes and successor nodes. By the number of iterations increasing, or adjusting searching criteria, it can be enhanced. With that trust information of ancestor nodes, the outcome of the trust assessment is reliable, which can successfully resolve the problem of combined fraud. [3] The author discussed trust-aware, role-based access control system with the public IoT context has been proposed, specifically TARAS, wherever a smart agent has no prior awareness of a user in a public location. Authorization and manual setup by allocating a user with a specific position to grant a right of access to a user without prior contact was an enormous administrative overhead that leads to a severe scalability problem for the IoT environment containing an enormous number of heterogeneous things. This paper provides a service quality assessment tool that can rate service providers based on characteristics that provide quality service. This will help to build an integrated trust model that takes into account all service requesters and service providers (Fig. 2). In [4], Vladimir Oleshchuk proposed a system of security execution in delaytolerant networks in which there is (almost) no centralized trusted authority. The framework incorporates attribute-based access control, distributed issuing attributes, and subject logic for calculating and support a trust-based security model. Flexible security solutions appropriate for crisis and disaster regions where the infrastructure of fixed telecommunications is weakened, and rapid deployment is crucial are the goal of the proposed approach. In [5], Ankur Chattopadhyay’s contribution to this work is a novel hybrid trust computing model based on biometric authentication that novelty OHI trust-related research with the advantage of a specific provider-centered
Distributed Access Control Scheme for Machine …
135
Fig. 2 User behavior policy for event trigger
approach and confirms trust building at organized level. The work presented reflects a special application of visual recognition biometrics focused on computer vision. In [6–8], Junshe Wang presented a unique access control model based on the ABAC model for IoT that supports trust attribute named as Trust-ABAC (T-ABAC). T-ABAC combines ABAC with TBAC, and achieves additional secure requirements for IoT system by arranging trust calculation module. The author must integrate the suggested model with the IoT method by optimizing the algorithm to further improve the evaluation performance. In [9, 10], the author proposed for the university campus to have a safe access control scheme based on TEE and IBE. First, they gave an in-depth IBE presentation outlining both the pros and cons. Then revealed the TEE architecture and presented OP-TEE that provides a stable OS that allows safe encryption keys storage and stable cryptographic operation computation that enhances the security of the IBE’s PKG. In [11, 12], the author discussed the Access Control Model (ACM). The paper primarily presents conventional role-based ACM and based on it blends the role-based ACM with the trust-based ACM to bring forward the new model of access control—trust-role access control model TBAC (Fig. 3). In [13], the paper explains the T-RBAC model’s flow and process and reputation value computation, and how simulation experiments can be used to equate T-RBAC model with RBAC model. The simulation experiment shows that the T- RBAC model has a great advantage in terms of shortening network latency, increasing system performance, and anti-interference aspects. Compared to the conventional RBAC model, the T-RBAC model has a more efficient mechanism for giving permission that could enhance the security of cloud data and other resources. In [14], the author has proposed an architecture based on a TEE cloud architecture relying on OP-TEE for trusted access control. In [15–20], the author discussed a more open approach to the overall access control protocol. More precisely, it is intended for TEE on the smartphone to securely embed various encryption keys to perform cryptographic operations to reduce the amount of secure cloud communications [8, 21]. Secure servers are investigating the implementation of the result on a JUNO card that is a hardware-based TEE to improve scalability (Fig. 4).
136
V. V. Kimbahune et al.
Fig. 3 Of Trust RBAC model
Fig. 4 TEE model
• GAP Analaysis After studying some papers, we found some parameters which will help to compare gap analysis between the existing system and the proposed system as shown in Tables 1 and 2:
Distributed Access Control Scheme for Machine …
137
Table 1 Overall GAP analysis Scalability
Delegation
Efficiency time
Availability
Security
Real-time performance
[1]
Yes
No
[2]
No
Yes
No
Yes
Yes
No
Yes
No
Yes
[3]
Yes
Yes
No
No
No
Yes
No
[4] [5]
Yes
No
No
Yes
Yes
Yes
No
No
No
No
Yes
No
[6]
No
Yes
No
Yes
Yes
No
[7]
Yes
Yes
Yes
No
Yes
Yes
[8]
No
No
No
No
Yes
No
[9]
No
Yes
No
Yes
Yes
No
[10]
Yes
No
Yes
No
Yes
No
Table 2 Comparative GAP analysis
4 Proposed Methodology • System Architecture • Several nodes or devices are connected through an IoT network with a third-party centralized server for communication and trust management. • Give access controls(permissions) in between devices. • Send a request to get connect (yes/no). If yes get connected. If no gives permission denied alert (If both communicators are in the same network). • File Access Control (Read-Write Execute) That is, if machine 1 sent file to machine 2 in read-only mode then machine 2 can only read it and cannot manipulate it. Malicious IP list (Knowledge Base):
138
V. V. Kimbahune et al.
A database for known malicious IP will be maintained and if the file is found to be received from that IP then the system will warn the user of possible threats (Fig. 5). • Malicious Keywords List (Knowledge Base) A database for known malicious keywords will be maintained and file will be analyzed before opening though the file is encrypted by using a public key approach to detect if a file contains malicious matter or violent or vulgar matter. • Service Request Access Any device can request for a service from another device connected in IoT as per user requirements. All requests will be handled through a centralized server and propagation of requests takes place according to trust calculated for the device requesting services.
Fig. 5 Proposed architecture
Distributed Access Control Scheme for Machine …
139
• Combination of Access, Past Experiences, and Knowledge Base As defined above, we will have a set of knowledge and as log procedures experiences with an individual machine would have been recorded. All these rules, experiences, and knowledge can be combined to generate trust factors. • Trust Factor Trust factor is calculated on the centralized server by its past experiences, current access rules specified, and knowledge which may be predefined or gained. How do I calculate the trust factor? Here is the trust calculation for deciding a the trustworthy user (TU) and malicious users (MU) We calculate the trust based on the three factors from Table 1—Experience (EX), knowledge (KN), access frequency (AF). And calculating trust by these factors current trust by probability experience (te), current trust by knowledge (tk), current trust by access frequencies (ta) followed by current trust of user’s by IP address P(TUcurrent ) = P(te ∗ EX) + P(tk ∗ KN) + P(ta ∗ AF)
(1)
P(TUcurrent ) = P(te ∗ EX) + P(tk ∗ KN) + AVG(P(ta ∗ AF))
(2)
where 0 < te, tk, ta EeeP Do dn=dn+d1 Phase 2: While PDR>SSe Do dn=dn+d2 Phase 3: While CSTi>CS Threshold Do dn=dn+d2 Phase 4: The value function is then restructured as (4) Phase 5: On behalf of every nodule Nij, If =Max {} Nij is greatest nodule Else if >=Min {} Nij is a average nodule Else if B. TRM-IoT (Trust and Reputation model) proposed by Dong Chen et al. [14], uses a fuzzy approach. Fuzzy sets manage trust and reputation relationship. NS-3 simulation is used by the author to analyze relationships between trust and reputation. In [21], Ikram Ud Din et al. has surveyed almost all the techniques designed for trust management, also techniques are classified on the basis of comprehensive analysis and there limitation and advantages are mentioned by the authors in there survey work. As the world is developing and huge amount of data is produced by IoT devices, the above trust management models [3–14] are insufficient for today’s IoT environment. The three parameters used in the above mentioned models are insufficient in the growing world, so this paper proposed a method that uses six parameters to estimate the trust. Trust is calculated using fuzzy logic [6] with the help of six parameters. This paper shows how to generate real time dataset. Also, this paper proposes a machine learning model and compares that model with predefined models.
3 Gap Analysis Method, Model and algorithm proposed in [3–14] has used three parameters to estimate the trust but only these three parameters are insufficient for growing world because increase in parameters accuracy also changes so this paper uses six parameter or we can say six parameters instead of three used in previous model. This paper practically demonstrates how to generate datasets as there is not any paper or related work found to generate the dataset for trust management model. Why dataset? since it can consume energy in calculating trust after every interaction, also we know that most of the IoT devices work on battery and interaction between devices is growing as the world is growing, so there should be some artificial system that can solve this
Base for Trust Score Estimation for Device to Device …
199
problem. In this paper, we have proposed one machine learning model which can be used to solve the problem of trust management.
4 Trust Parameters In this paper we have estimated trust score with the help of six parameters that are Experience (E) [5–7], Honesty (H) [4], Knowledge (K) [5–7], Recommendation (R) [5–7], Responsibility (RP) [4], and Cooperativeness (C) [4]. Before explaining these parameters we would like to define one characteristic of trust that changes as time passes or we can say it changes over time [5].
4.1 Experience (E) The experience between two devices can be calculated according to the number of times both devices have interacted. A device X experience over device Y for a particular transaction (1 Transaction = n no of interaction in z time) in context of c can be calculated by assuming that there is ni interaction in tth Transaction and vti be the value of experience for ith interaction in tth Transaction. vti equals to +1 if interaction is successful and vit equals to -1 if interaction is fail. Experience of tth transaction is given by It (see Eq. 1) It =
⎧ ⎨ ⎩
0, |if ni = 0 , |if ni = 0
n
t i=1 vi n j v i=1 i
(1)
So Experience (E) for Device X over B in the context of c for past j transaction is given by (see Eq. 2) j c X EY
=
i=1
j
Wi I i
i=1
i
(2)
where Wi is weight and given by (see Eq. 3) wi =
n(n + 1) i ∀i = 1, 2, . . . , nandS = S 2
Experience E ranges from −1 to 1
(3)
200
R. V. Patil et al.
4.2 Honestness (H) High Honestness (Ho) of any device X implies that the device is honest and device X sends the packet honestly to device B. Honestness(H(t)) is the honesty of device at tth Transaction and is given by (see Eq. 4). H(t) =
NH(t) , if NPS
NH < NPS and NPS = 0 1, Otherwise
(4)
where NH (t) is the number of successful packets sent by X in tth transaction and NPS is the number of packets sent by X in tth transaction. H(X) is Honestness of device X for past tth transaction (see Eq. 5) Hi (X) ← (1 − β)H(i−1) (X) + βHi (X)
(5)
where Hi (X) is the present Honestness and H(i − 1)(X) is the past Honestness and β is the weight associated with it. β [0,1]. Honestness ranges from 0 to 1.
4.3 Knowledge (K) Knowledge (K) of X device of Y device is a summation of total number of success interaction in tth transaction multiply by weight WS and total number of failed interaction multiply by weight WF . K is given by (see Eq. 6). c X KY
= WS S + WF F
(6)
where S, F is in the range [−1, 1], WF, WS in the range [0,1], and WS + WF = 1, S is the total number of successful interaction in tth transaction and F is the total number of failed interaction in tth transaction. Knowledge K [−1, 1].
4.4 Recommendation (R) Device X Recommendation by device Y value is given by division of addition of multiplication of successful interaction divided by total interaction in tth transaction with It of past n transation Divided by sum of n successful interaction tth transaction. Recommendation (R) is given by (see Eq. 7).
Base for Trust Score Estimation for Device to Device …
n Success i=1 v A −−−→ B .Ii c X RY = n Success i=1 v A −−−→ B
201
(7)
Success where v A −−−→ B is the total number of success interaction divided by total interaction in tth transaction. Recommendation (R) is between −1and 1.
4.5 Cooperativeness (C) High Cooperativeness of any device X over device Y says the device is cooperative. Cooperativeness is given by the total number of interaction in tth transaction divided by the average of success packet transfer in n tth transaction given (see Eq. 8). C=
NF , if NA
NF < NA 1, otherwise
(8)
where NF (A→B) is the total number of interaction in tth transaction and NA is the average of success packet transfer in n tth transaction. C(X) is the cooperativeness for tth transaction (see Eq. 9). C(X)i = (1 − β)C(X)i−1 + βC(X)i
(9)
C(X)i-1 is the past cooperativeness, C(X)i and C(X)i is the present value of cooperativeness of A for tth transaction, and β is weight β [0,1]. Cooperativeness (C) is between [0, 1]
4.6 Responsibility (RP) Responsibility (RP) of device X to its neighbor device Y is given as total number of successful interaction in tth transaction divided by the average of success packet transfer in n tth transaction (see Eq.10) RP(X) =
NR(X) , if NA
NR < NA and NA = 0 1, Otherwise
(10)
where NR(X) is the total successful interaction in tth transaction with device Y and NA average of success packet transfer in n tth transaction. RP(X) is the responsibility for tth transaction (see Eq.11).
202
R. V. Patil et al.
RPi (X) ← (1 − β)RP(i−1) (X) + βRPi (X)
(11)
Rei-1(m) is the past value, RPi(X) and RPi(X) is the present value of Responsibility at tth transaction. β is the weight associated with it β [0,1]. Responsibility (RP) ranges from [0, 1].
4.7 Estimation of Trust Score In the proposed estimation of trust score, we used Fuzzy logic. In fuzzy logic, we used Mamdani type [15, 16] fuzzy rule-based model. The six parameters described in section (IV) are used to calculate the trust score. We have described three linguistic values for all six parameters. The output of the model is a set of linguistic values [Trust, Ignorance and Distrust]. This output value is converted to crisp value by a method call defuzzification. We used the center of gravity (COG) [2] to difuzz the output value into crisp value (See Eq. 12) Nq
μA (x)xdx q=1 μA (x)x and COG(A) = Nq COG(A) = x μA (x) x μA (x)xdx
(12)
q=1
Trust can be said as a function of E, H, K, R, C, RP T = f(Ex, Ho, Kn, Rc, Co, Re) Output of this function is the fuzzy set given by T = {Trust, Ignorance, Distrust} This paper uses 4 steps to estimate the trust score with the help of fuzzy approach. 1. Add membership value to E, H, K, R, C, RP as input and Trust(T) as output in mamdani fuzzy interface system using MATLAB or Libraries by python 2. Development of fuzzy rule set 3. Calculation of trust using fuzzy model 4. Calculation of crisp value of trust using defuzzification by center of gravity method Linguistic value with their fuzzy function number of Experience, Recommendation, and Knowledge is shown in Table 1. Table 2 show fuzzy function number and linguistic value of Cooperativeness and Responsibility. Linguistic value and fuzzy number of Honesty is shown in Table 3. Table 1 Linguistic value of experience, recommendation and knowledge
L(E)
L(R)
L(K)
Fuzzy numbers
Bad
Negative
Insufficient
[-1,-1,0.1,0.25]
Average
Neutral
Less
[0.2,0.3,0.5,0.6]
Good
High
Complete
[0.5,0.7,0.8,1]
Base for Trust Score Estimation for Device to Device … Table 2 Linguistic value of cooperativeness and responsibility
Table 3 Linguistic value of honesty
L(C)
L(RP)
203 Fuzzy numbers
Less
Bad
[0, 0, 0.45]
Average
Average
[0,0.45,0.9]
Good
Good
[0.45,0.9,1,1]
L(H)
Fuzzy number
Dishonest
[0, 0, 0.8]
Partial
[0,0.8,1]
Honest
[0.8,1,1]
Figures 1, 2, 3, 4, 5 and 6 shows the membership function of six parameter. Membership function for the output variable Trust is shown in Fig. 7 and Table 4 shows the fuzzy function number and linguistic value for the output variable trust. Second step is to develop a rule, there is a total of 729 rules developed in this proposed method. Six parameters and their three linguistic values, so 36 = 729 rules, out of 729 rules, a few are shown in Table 5.
Fig. 1 Membership function for experience
Fig. 2 Membership function for Honesty
204
R. V. Patil et al.
Fig. 3 Membership function for Knowledge
Fig. 4 Membership function for Recommendation
Fig. 5 Membership function for cooperativeness
In the third step, we have put all the six parameters 1. fuzzy value, 2. Membership function and 3. rules in fuzzy model and run the model. Model output is fuzzy set discuss above. Then in step four, we use defuzzification method (discuss above) to get crisp value. The range of Trust value is from [0, 1].
Base for Trust Score Estimation for Device to Device …
205
Fig. 6 Membership function for Responsibility
Fig. 7 Membership function for output (TRUST) Table 4 Linguistic value of trust L(T)
Crisp Range
Fuzzy number
Distrust
Below 0.6
[0,0,0.6]
Ignorance
0.6 to 0.9
[0.6,0.8,0.9]
Trust
Above 0.9
[0.85,1,1]
Table 5 Fuzzy rule (few of them) Rule
IF E
AND H
AND K
AND R
AND C
AND RP
Then Trust
1
Bad
Dishonest
Insufficient
Negative
Less
Good
Distrust
2
Bad
Dishonest
Insufficient
Negative
Less
Average
Distrust
3
Average
Honest
Insufficient
Neutral
Average
Good
Ignorance
4
Average
Honest
Insufficient
Neutral
Average
Average
Ignorance
5
Good
Honest
Complete
High
Average
Average
Trust
6
Good
Honest
Complete
High
Average
Bad
Trust
7
Average
Honest
Complete
High
Good
Average
Trust
8
Bad
Dishonest
Insufficient
Neutral
Average
Good
Ignorance
9
Average
Dishonest
Complete
Negative
Less
Bad
Distrust
10
Average
Dishonest
Complete
Negative
Average
Good
Ignorance
206
R. V. Patil et al.
5 Generation of Dataset and Comparison of Two Datasets Figure 8 shows the network used to generate the dataset. There is a total of seven nodes named A, B, C, D, E, F, and G that are connected to two switches and one wireless router as shown in Fig. 8. To generate the dataset, we have calculated values of all six parameters which are discussed in Sect. 4 and then applied a fuzzy approach to estimate trust as discussed in Sect. 5. To calculate the value of E, H, K, R, C, and RP we have continuously forward the ICMP packets of 400bytes, 600bytes, and 800bytes using socket programing in python to any of the node randomly to generate dataset 1 for 60 s and 30 s for dataset 2. After forwarding this packet continuously, we capture sender node, receiver node, time period of forwarding packet, total packet forwarded, total successful packet forwarded, and packet loss. Also, we randomly selected the transmission of packet by TCP or UDP connection. On the first day, we have generated dataset 1 and on the second day after refreshing the network, we have generated dataset 2. With the help of total packet forwarded, successful packet forwarded, and failed packet, we have calculated E, H, K, R, C, and RP. After calculation, we send this data to fuzzy approach (Section V) to calculate trust value and crisp value of trust. Table 6 shows the few rows of the dataset. 4 Steps to generate the dataset Step 1. Design a network and start communication between them (Sect. 4). Step 2. Extract sender node, receiver nod, total packages send, total successful packages send, and package loss Step 3. Calculate E, H, K, R, C, RP (Sect. 4) Step 4. Calculate Trust (Sect. 5) and generate the dataset. We have generated 2 datasets. Dataset 1 contains 1931 rows and dataset 2 contains 4499 rows. Comparison of dataset 1 and dataset 2 is shown in the chart in Fig. 9 and Table 7. In the comparison chart, we can see that there is not more difference in the count of trust, distrust, and ignorance values in dataset 1 and dataset 2. There is a total of 50 to 54% of trusted communication or transaction and 46 to 50% Fig. 8 Network
Base for Trust Score Estimation for Device to Device …
207
Table 6 Dataset (Few rows) Client Server E
H
K
R
C
RP
Crisp_Output Trust_Value
A
B
0.1667 1.0000 1.0000 1.0000 1.0000 1.0000 0.9000
Trust
A
B
0.3600 1.0000 0.9999 1.0000 1.0000 1.0000 0.9000
Trust
A
B
0.5277 1.0000 1.0000 1.0000 0.5258 0.5258 0.9000
Trust
A
B
0.5277 1.0000 1.0000 1.0000 0.2840 0.2840 0.7929
Ignorance
A
B
0.5233 0.9868 0.8973 0.9827 0.6420 0.6420 0.9063
Trust
A
B
0.5125 0.9919 0.9877 0.9806 0.8210 0.8210 0.9045
Trust
A
B
0.3506 0.4963 0.9972 0.9701 0.4930 0.4106 0.5726
Distrust
A
B
−0.0283 0.7480 0.9992 0.9960 0.3345 0.2933 0.4496
A
B
0.1829 0.8392 0.7411 0.9320 0.6673 0.6466 0.8164
Ignorance
A
B
0.3226 0.4205 0.9930 0.9310 0.4366 0.3235 0.4986
Distrust
A
B
−0.2038 0.2486 0.7167 0.7278 0.3279 0.1702 0.3625
Distrust
A
B
−0.3178 0.6243 1.0000 0.8654 0.6639 0.5851 0.7929
B
D
0.0764 0.7901 0.9996 0.5291 0.5093 0.5015 0.4999
Distrust
B
E
0.5277 0.9998 1.0000 1.0000 0.6407 0.6407 0.9000
Trust
B
E
0.5273 0.9988 0.9916 0.9986 0.8203 0.8203 0.9005
Trust
B
E
0.1922 0.8115 1.0000 0.9946 0.9370 0.7812 0.9000
Trust
B
E
0.5262 0.9058 1.0000 0.9970 0.7384 0.6605 0.9000
Trust
B
E
0.1873 0.8483 0.8943 0.9566 0.9673 0.8356 0.9152
Trust
Fig. 9 Dataset 1 versus Dataset 2
Distrust
Ignorance
Dataset 1 vs Dataset 2 60.00% 40.00% 20.00% 0.00% Distrust
Ignorance
Dataset 1
Table 7 Dataset 1 versus Dataset 2
DATASET 1
Trust
Dataset 2
DATASET 2
DISTRUST
16.3
15.05
IGNORANCE
33.6
31.8
TRUST
50.2
53.1
of untrusted communication or transaction, i.e., distrust and ignorance. In dataset we had observe that as communication between two devices increase trust become increase or decreases. As we can see there is not much difference between count of
208
R. V. Patil et al.
value of output (Trust, Ignorance and Distrust) the formulas. The formulas (Sect. 4) and the method we used to generate the dataset (Sect. 5) was correct.
6 Proposed Machine Learning Model In the proposed machine learning model, we have first divided dataset into 3 random splits and formed 3 data frames for training the model (Train Data1, Train Data 2, and Train Data 3). Each Data frame is, i.e. train data are given to Naive Bayes (NB) [17], Decision Tree (DT) [18], Random Forest (RF) [19] algorithm as a input to train the model. So in total, there are 9 models, 3(Train Data) * 3 algorithms, and models are named as M1, M2, M3, M4, M5, M6, M7, M8, and M9. After generating this model, we apply maximum voting classification [20] to predict the output as 3 classes (Trust, ignorance, and distrust). Test data is fed to the model and the accuracy of the model is calculated. Figure 10 shows that the proposed model is divided into 3 levels: Level 1 split the dataset in 3 train Dataset Randomly, in Level 2 train data is send to each algorithm describe in Fig. 10 and generate the 9 model, Level 3 takes output of each model and perform maximum voting classification. Dataset 1 was used to train the data (1931 rows) and dataset 2 (4499 rows) is used to test the Model. Splitting of dataset is done using sklearn library and the Gaussian distribution is used to create the category of data because Naive Bayes need categorical dataset as an input. Again sklearn libraries of python are used to create a model of the algorithm (NB, DT, RF). The size of train data set is 1931, 9 and test dataset is 4499. Then the next level of voting is done. The maximum class will win the voting election and the class will be the final predicted output of the model or the proposed system. Output is in set of [Distrust (Class 0), Ignorance (Class 1), and Trust (Class 2)]. After the model/proposed model is trained. The Test dataset i.e. dataset 2 is passed to proposed model and performance of model is measured shown in Table 8. Table 8 shows the different between NB versus DT versus RF versus Proposed Model on basis of accuracy and error rate. Table 8 shows that the proposed model has the highest accuracy than the other 3 models (Random Forest (RF), Naive Bayes (NB), and Decision Tree (DT)). Table 9 shows the Confusion Matrix and Table 10 shows Precision, Recall, f1-score, support of all three classes, and their average and total value. In this paper, the proposed model describe above in section is more accurate then Random Forest (RF), Naive Bayes (NB) and Decision Tree (DT).
Base for Trust Score Estimation for Device to Device …
209
Fig. 10 Proposed Model Table 8 Random forest (RF) versus Naive bayes (NB) versus Decision tree (DT) versus Proposed model Model
Naive Bayes
Decision Tree
Random Forest
Proposed model
Accuracy
87.014
94.377
95.532
96.177
Error
12.986
5.623
4.468
3.823
Performance %
210
R. V. Patil et al.
Table 9 Confusion matrix Predicted Actual
Class 0 (Distrust)
Class 0
646
31
Class 1
37
Class 2
0 683
Total
Class 1 (Ignorance)
Class 2 (Trust)
Total
0
677
1384
11
1432
93
2297
2390
1508
2308
4499
Table 10 Precision, recall, f1-score, support Class
Precision
Recall
F1-score
Support
0 (Distrust)
0.95
0.95
0.95
677
1 (Ignorance)
0.92
0.97
0.94
1432
2 (Trust)
1.00
0.96
0.98
2390
Avg/Total
0.96
0.96
0.96
4499
7 Summary As the Internet of Things is growing rapidly, many devices communicate with each other, and lots of data is collected. But there are many issues and challenges, while two devices communicate with each other, like security, privacy, identity management, trust management, etc. In this paper, we have proposed a method to estimate the trust score. Trust gives decision- making power to make a judgment about devices. In this paper, we have used fuzzy approach to calculate the trust score with the help of already calculated six parameters. Also, we have proposed a method to generate datasets and we have generated 2 datasets at different times on the same system. We have compared and analyzed the 2 datasets. In this paper, we have also proposed a machine learning model that can be used for future work. The machine learning model proposed in this work is more accurate than other predefine model. In future work, we would like to design some artificial systems using the proposed machine learning model. This proposed work can be used to design a trust management framework. The fuzzy approach we have used in this paper can be used for the access control mechanism. This proposed method can be used in many real life application where device to device communication can be used like healthcare, smart city, weather forecasting, etc.
References 1. Ollivier, M.M.. (1995). RFID-a new solution technology for security problems, pp. 234–238 2. Mahalle, P.N., Anggorojati, B., Prasad, N., Rangistty, N.: Identity establishment and capability based access control (IECAC) scheme for Internet of Things, pp. 187–191 (2012)
Base for Trust Score Estimation for Device to Device …
211
3. Blaze, M., Feigenbaum, J., Lacy, J.: Decentralized trust management. In: Proceedings of the IEEE Computer Society Symposium on Research in Security and Privacy, pp. 164–173 (1996) 4. Guleng, S., Wu, C., Chen, X., Wang, X., Yoshinaga, T., Ji, Y.: Decentralized trust evaluation in vehicular Internet of Things. IEEE Access., 1–1 (2019) 5. Ray, I., Chakraborty, S.: A vector model of trust for developing trustworthy systems, pp. 260– 275 (1970) 6. Mahalle, P., Thakre, P., Prasad, N., Rangistty, N.: A fuzzy approach to trust based access control in internet of things, pp. 1–5 (2013) 7. Lei, J., Cui, G., Xing, G.: Trust calculation and delivery control in trust-based access control. Wuhan Univ. J. Nat. Sci. 13, 765–768 (2008) 8. Jayasinghe, U., Lee, G.M., Um, T.-W., Shi, Q.: Machine Learning based Trust computational model for IoT services. IEEE Trans. Sustain. Comput., 1–1 (2018) 9. Chen, I.-R., Bao, F., Guo, J.: Trust-based service management for social Internet of Things systems. IEEE Trans. Depend. Secure Comput. 13, 1–1 (2015) 10. Zhang, D., Yu, F., Yang, R.: A Machine learning approach for software-defined vehicular Ad Hoc Networks with trust management, pp. 1–6 (2018) 11. Liu, S., Zhang, L., Yan, Z.: Predict pairwise trust based on machine learning in online social networks: a survey. IEEE Access., 1–1 (2018) 12. López, J., Maag, S.: Towards a generic trust management framework using a machine-learningbased trust model (2015) 13. Fenye, B., Ing-Ray, C.: Trust management for the internet of things and its application to service composition. In: 2012 IEEE International Symposium on a World of Wireless, Mobile and Multimedia Networks (WoWMoM), San Francisco, CA, 2012, pp. 1–6 14. Chen, D., Chang, G., Sun, D., Li, J., Jia, J., Wang, X.: TRM-IoT: a trust management model based on fuzzy reputation for Internet of Things. Comput. Sci. Inf. Syst. 8, 1207–1228 (2011) 15. Procyk, T., Mamdani, E.: Paper: a linguistic self-organizing process controller. Automatica 15, 15–30 (1979) 16. Ross, T.: Fuzzy Logic With Engineering Applications. Fuzzy Logic with Engineering Applications, 3rd edn (2009) 17. Kaviani, P., Dhotre, S.: Short survey on Naive Bayes algorithm. Int. J. Adv. Res. Comput. Sci. Manag. 4 (2017) 18. Sharma, H., Kumar, S.: A survey on decision tree algorithms of classification in data mining. Int. J. Sci. Res. (IJSR) 5 (2016) 19. Ali, J., Khan, R., Ahmad, N., Maqsood, I.: Random forests and decision trees. Int. J. Comput. Sci. Issues (IJCSI) 9 (2012) 20. Leon, F., Floria, S.-A., Badica, C.: Evaluating the effect of voting methods on ensemble-based classification, pp. 1–6 (2017)
Systematic Review of Resource Allocation Methods Using Scheduling for M2M (Machine to Machine Communication) in IoT Network Suvarna Patil and Prasad Gokhale
Abstract With the recent trends of the Internet, embedded objects, wireless communication, pervasive and ubiquitous computing have emerged with a new evolving theory named as Internet of Things (IoT). The world of IoT comprised of interrelated static and dynamic physical objects with a unique identity and are able to communicate without human intervention by means of the Internet. All these IoT devices are connected through the Internet using different wireless technologies such as all five generation technologies and Machine to Machine(M2M) technologies. These processed data are transmitted to the end user as per requirement. Various network challenges are infused during data transmission to the intermediate and end user, as all these IoT devices in the network are with limited energy and memory constrained. During transmission, routing of data should use proper scheduling for efficient resource allocation. Important issues such as delay or jitter within the network should be avoided for critical case applications such as fire detection, building health monitoring, smoke detection, disaster management, and intrusion detection. For IoT networks, network transmission time should be less and optimized scheduling for efficient multi-hop routing should be prioritized. Hence, efficient optimization link scheduling methods are essential to achieve successful data delivery in IoT networks. In this article, a comprehensive parameterized analysis of recent studies related to resource allocation using scheduling in wireless networks is discussed. Keywords IoT · Resource allocation · Scheduling · M2M · IoT network
S. Patil (B) · P. Gokhale Department of Computer Engineering, Vishwakarma University, Pune, India e-mail: [email protected] P. Gokhale e-mail: [email protected] © The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd. 2021 P. N. Mahalle et al. (eds.), Security Issues and Privacy Threats in Smart Ubiquitous Computing, Studies in Systems, Decision and Control 341, https://doi.org/10.1007/978-981-33-4996-4_13
213
214
S. Patil and P. Gokhale
1 Introduction The traditional Internet is defined as a network of networks. Transmission of data within the network is handled with help of the internet using a specific IP address. In traditional internet, a user request for accessing data or other resources. Kevin Ashton initiated the concept of Internet of Things (IoT) [1] which constitutes sharing information among various sensors, resources, constrained devices, and embedded systems connected through internet. IoT generates and disseminates a large amount of dynamic data when an interested situation is detected as a notification or triggering action. This increases the traffic within the IoT network and overhead is imposed. Hence, various network problems such as routing, link scheduling, reliability, heterogeneity, congestion, scalability, security, and quality of service (QoS) are to be managed properly to decrease the overload in sensor network and increase the performance of the network. In recent years, due to the explosive growth of devices connected by the Internet, it is estimated to interconnect around 50 billion by 2020. It has increased the possibility of more research work to accommodate all these devices within the IoT network to provide smart service to various applications [2]. These smart services boost sensors or physical devices to accomplish the triggered task, activate the emergency alert system and utilize the cloud for storage. These interconnected devices give rise to global network of all these things; therefore, dynamic spectrum access and antijamming technologies are required in future [3]. Hence, the coordination of wireless devices is needed for spectrum usage optimization. Due to the availability of an internet facility, it automatically generates responses during an emergency situation. Existing traditional devices are transformed into smart devices by using various technologies like embedded devices, machine learning, pervasive computing, artificial intelligence, and heterogeneous wireless technologies using IoT. Various things and objects are interconnected within the IoT network to provide smarter services in various fields such as disaster management, traffic monitoring, smart city, garbage management, and many more. Each application requires data collection from devices and dissemination to the cloud for quick response to dynamic situations. These data need to be transmitted to the end user on demand. The devices in the IoT network have less memory and low energy constrained, which leads to network challenges while data transmission from the wireless sensor network to the internet cloud. Efficient routing techniques should be followed apart from proper utilization of the wireless and wired link. To ensure the transmission of data packets from source to the destination, traffic congestion and network scalability should be handled. Data is transmitted from source to destination through intermediate nodes called multi-hops communication. In IoT network, To manage multi-hop traffic for the application such as garbage bin management system, where dynamic information is shared about the individual nodes. Based on the data rate of each source and the amount of data to be transmitted, traffic is scheduled to avoid traffic congestion [2]. Due to critical monitoring in many applications such as fire detection, military application, quick health monitoring, smoke detection, packet delay or jitter in the wireless network is more
Systematic Review of Resource Allocation Methods …
215
as compared to existing applications. Network should be robust and should be properly placed for confirm delivery of the information within time to proper destination. Apart from confirm delivery of information energy conservation challenging task in multi-hop wireless network. To achieve energy efficiency, optimized scheduling and optimized routing of the data is planned. Nodes closer to the coordinating device or sink should be in an active state in order to collect the data continuously and ensure delivery of data to the coordinating device or sink node without compromising energy efficiency and delay [4]. Efficient integration of static multi-hop network with wired backbone in IoT network is a key issue [5]. In this article, a modified delivery mechanism is established to achieve clusterwise maximum throughput in network with QoS constraints. As IoT covers all kinds of application domains, factors mentioned in the above section challenges resource allocation for IoT applications. All these network challenges should be addressed to avoid a shortfall of spectrum resources in IoT development. Many traditional methods are used for proper spectrum utilization in various research papers. Proper investigation and comparative analysis of spectrum allocation techniques for proper data delivery in the wireless network is focused on in this paper. Scheduling within the network is gaining more importance in the field of wireless network, as an explosive amount of data is generated resulting high amount of dynamic traffic by IoT devices in recent years. Hence, to reduce the effect of dynamic traffic on other network factors such as delay and throughput within the network, network parameters need to be optimized in wireless networks. Hence, spectrum allocation in the wireless network is a major bottleneck in IoT development. This bottleneck motivated the investigation of various network parameters. It will also provide the solution for optimization of resource allocation in IoT which helps to solve the network problem.
2 Background of IoT and Machine to Machine (M2M) Communication Kevin Ashton introduced the concept of Internet and RFID which is used to count the availability of goods by tracking goods for the supply chain without human intervention. While deploying it, he introduced a new concept known as IoT [1]. IoT became popular in mid-2010. In 2011, IoT was introduced as an emerging technology by Gartner research. Again in 2012, LeWeb, Europe’s biggest Internet conference, the concept of the Internet of Things was highlighted. Forbes, Wireless communication, etc. magazines started introducing IoT [6]. In the current era of technology, people preferred automation everywhere to get things done without human intervention by controlling machines. To accomplish this, there should be interface between two machines to transmit data. M2M communication is an advanced technology that integrates information technology with data communication between machines or end devices. Initially, M2M
216
S. Patil and P. Gokhale
Fig. 1 M2M communication
communication was not only used to link two devices, but also it is used to transfer the data among multiple devices using the same technology without the intervention of humans using either wired or wireless communication. M2M is termed as a collection of heterogeneous sensors and systems. Some of the applications of M2M communication are robotics, garbage bin management, traffic control system, home security system, office security system, etc. M2M is a leading paradigm towards IoT with standardization to some extent using web and cellular technologies [7]. IoT is termed as extended M2M, i.e., M2M is considered as a subset of IoT. IoT interconnects various M2M technologies to solve various wired or wireless application problems. Applications of IoT include smart healthcare system and garbage system, connected automated cars, smart cities, smart meters, wearables, smart supply chains in retail field, waste management, and so on (Fig. 1).
2.1 M2M and IoT The differences between IoT and M2M are given in Table 1. The network should be flexible to provide scalability, as a large number of IoT devices are added into the network in an unpredicted manner at any time, and should be compatible to support any type of application at any which increases dynamic traffic overhead in the network. IoT devices should be placed properly to avoid congestion and should be scheduled properly to reduce traffic delay and energy consumption. Network optimization in IoT improves traffic management, operates efficiently, conserve energy, maximize throughput in case of IoT deployment.
3 Research Gap Identification In IoT networks, channel scheduling and channel selection and are getting more focus in the current scenario. For proper resource allocation in wireless networks, the channel scheduling can be introduced to increase the performance of the network. Many proposed research works are investigating throughput maximization in wireless
Systematic Review of Resource Allocation Methods …
217
Table 1 Difference between M2M and IoT Particulars
M2M
IoT
Size
M2M is the subset of IoT
IoT is the superset of M2M
Key components
Comprised of three components: 1. Devices responsible for generating and receiving data 2. Communication to transfer information among gateway and devices 3. Provides services as per user requirement
Comprised of four components 1. Sensing devices to generate or receive data 2. Communication to transfer data from devices to internet through gateways 3. Storage devices to store data to the cloud or into the database 4. Application to provide services runtime as per user requirement
Communication type
Point to Point Communication
Integration of various communication protocol
Internet Requirement
No need of internet for communication
Requirement of internet for communication among sensor devices and gateways in IoT network
networks, which would face research challenges of heterogeneity, dynamic network topologies, and different spectrum allocation techniques. Gateway placement [8, 9] in challenge for resource allocation in wirelss mesh network tos satisfy Quality of Service (QoS) prior to link scheduling in wireless mesh network. Authors [10] focused on the enhancement of multicast communication over wireless mesh network with QoS requirement in terms of throughput, jitter and delay. In this section, we have systematically reviewed different resource allocation methods using scheduling techniques in wireless networks. Authors [11] proved that unfairness is resource allocation due to heterogeneity in wireless networks would degrade the network performance and minimize the throughput within network. This paper proposed fairness driven scheduling algorithm achieving objective of maximum throughput in heterogeneous multichannel multiradio wireless mesh network (MCMR WMN). This algorithm used the concept of multiple coloring and maximum matching. It used a bipartite graph having two node sets for wireless channels and interference links. To achieve a minimal scheduling period, channels and their associated interfaces should be colored in an efficient manner to minimize the scheduling period. The outcome of these analytical results is max-min fairness with stability in the heterogeneous network during congestion of data flow. The proposed scheduling algorithm achieved fairness and stability efficiently for the utilization of wireless channel. As future work, power algorithm with dynamic transmitting can be included for more stability in scheduling algorithms to achieve higher throughput. In [12], reliability and latency are investigated as main requirements for industrial wireless network. It is stated that packet loss and packet delay have a negative impact on QoS of WSN for industry.
218
S. Patil and P. Gokhale
In [13], authors explored scheduling algorithm-based cross-layered concept with the scheme of time division multiple access (TDMA) for WSNs with battery aware constraints. The main aim of this solution is to maximize the utilization of battery embedded in wireless sensor nodes considering requirements of quality of service (QoS). To achieve this, three main constraints are packet queuing management, time variant wireless fading channels, and the joint effect of electrochemical properties of the battery [14]. To analyze the performance, a Markov chain model is developed. Authors analyzed the relation between the packet transmission delay and lifetime of the battery. Simulation results and analysis proved that the proposed solution can increase the battery lifetime of sensor nodes with negligible packet transmission delay. Authors [6] in this article, proposed a cross-layer scheme for joint link scheduling and routing. In this, the authors proposed two methods for better network performance. First method is routing with load balanced constraints for proper utilization of resources under given traffic conditions. Second method is the scheduling method to maximize link utilization on a specified route. Iteration of these two methods was performed to obtain an optimized solution. Mathematical LP problem-based model is formulated and proved that it is effective as compared to traditional TDMA protocol scheme in 802.11s in wireless mesh network. Authors devised a plan to study advanced joint link scheduling and routing algorithms in a continuous manner in multi-interface multichannel WMNs. In this system, the routing path is single, but can be extended to the multiple path routing. The cross-layered design in wirelss mesh network is introduced to achieve optimal network perforamce [15] by considering protocol-layer abstraction. Authors of this paper [16] focused on the knapsack problem (KP) to design scheduling problem and efficient resource allocation in smart vehicular networks not for real-time service. To maximize sum utility of wireless networks investigated multiple-choice knapsack scheduling problem for two-dimensional system for selection of the coordinator vehicles properly for corresponding sink vehicle and afterwards resources are allocated to Vehicle to Vehicle (V2V) and Vehicle-toInfrastructure (V2I) links to achieve optimization of MSU problem. The proposed scheme using simulation proved that a significant improvement is observed in maximizing resource utilization and data rates. Fairness is achieved for the given cooperative communication system. The proposed solution is compared with the existing non-cooperative schemes to prove the spectral efficiency of vehicular networks. As future work, the dynamic process in terms of data packets arrival and multiple services is considered such as traffic safety service and efficiency service to optimize the performance of the system. Authors [17] achieved the bandwidth max-min fair allocation for wireless ad hoc networks using logarithmic perspective under scheduling constraints. It presents fairness for bandwidth allocation. An algorithm that assigns weights dynamically to different sessions. Weights are assigned depending on the neighborhood congestion. Sessions are scheduled with maximum weighted matching. It is showed that fairness is achieved by this algorithm without analysis of packet arrival statistics.
Systematic Review of Resource Allocation Methods …
219
In [18], the authors solved the transformed problem to allocate power sequentially and removal of link using an iterative algorithm. The proposed algorithm performed better than the existing greedy power allocation algorithm by considering nonprioritized scheduled links along with the weighted sum rate. In the proposed solution, two stage optimization problem into a single-stage linear programming problem to achieve optimization of number of scheduled links and maximize weighted rate. This paper [19] achieved the main objective of adopting the proposed popular algorithm MaxWeight for the multiple carrier scheme for achieving the maximum network performance. They proved the performance in terms of various objective functions. The complexity of the variants within the network and their performance is focused on in this paper. Main approach used natural assumption which stated that a multi-carrier scheduler has information about the channel rates for all users and all carriers for all decision during scheduling. This optimized allocation of carriers helps to improve the performance of the network. Another objective of this paper is to discover the benefits of multiple carriers’ allocation jointly with single local optimization of the individual carrier. In this model [20], authors have assumed that the terminals in the network have different interference ranges and transmission ranges. In this article, synchronized TDMA link scheduling is developed in order to optimize the throughput in wireless networks. Two models with centralized and distributed approaches are presented as link scheduling interference model under CTS/RTS and fixed transmission power protocol interference model by assuming link traffic load and link capacities. For future research, different challenges are to be accepted. Due to maximum interference in a wireless network, the first challenge is efficiently gathering the information of the links. Improving the time complexity of distributed algorithms in the overall network becomes the second challenge, and the third challenge is for an asynchronized wireless network to investigate the link scheduling. In this system, authors [21] solved the problem for real-time traffic by combining routing and link scheduling in TDMA WMNs. Authors have designed a framework to compute the feasible set of paths and links by using a mixed integer-nonlinear problem. To find suboptimal solutions for larger and faster WMNs, investigated heuristics based on Lagrangian decomposition. It is proved that the heuristic algorithms achieve schedulability in WMN with a near-optimal solution. As future research, multipath routing needs to be studied by allowing splitting of traffic flow to balance link utilization. Authors [22] focused on the end-to-end delay in a TSCH MAC layer by proposing a distributed scheduling based on stratums. The end-to-end delay is considered as upper bound without the constraint of length of the path for the slot frame size. This scheme is efficient than a randomly distributed scheduling in order to account for retransmissions due to unreliable links. Authors [23] implemented TASA termed as Traffic Aware Scheduling Algorithm using improved matching and coloring based graph theory methods considering network topology and traffic load. The TASA algorithm supports industrial-based applications with low power consumption and low latency at a low duty cycle. In future research, TASA algorithm needs to be validated using theoretic arguments (based on theorems and lemmas) including mesh topologies, several uplinks and downlinks traffic, and slot frames.
220
S. Patil and P. Gokhale
Authors [24] studied scheduling in centralized manner in Time Slotted Channel Hopping (TSCH) networks by considering allocation regarding time and frequency slot by the gateway. The scheduling problem is considered as delay minimization and throughput maximization problem using graph theoretical approach in a centralized way. To reduce computational complexity, MWBM (maximum weighted bipartite matching) problems are formulated. The proposed algorithm achieved good throughput but not optimal throughput better than existing algorithm is proved using simulation. Authors [25] proposed an energy-balanced heuristic having three phases, which is used to solve the scheduling problem of mobile sinks to maximize the network lifetime. In this system, division of whole network into the grid cells based on the same geographical size and assignment of clusters these grid cells using by the concept of k-dimensional tree algorithm which ensured each cluster’s energy consumption is same during data gathering. These clusters are re-established to balance energy consumption in each cluster with energy consumption of sink. As a future direction, investigation of management mechanism for mobile sinks with various lifetime is recommended. Authors [26] demonstrated that balance among QoS, energy efficiency and network performance should be achieved for a better solution in Cloud of Things architecure for wireless network. In [27], it is proved that for multi-hop scheduling problem-decentralized approach performs better in IEEE 802.15.4e networks. Most of the studies mentioned above have proposed solutions for efficient resource allocation using scheduling in homogeneous wireless networks such as mesh networks, where each node has the same number of channels and interfaces in WMN. Only a few studies have adapted efficient resource allocation in heterogeneous MCMR WMN. More research work needs to be considered in heterogeneous wireless networks and in IoT networks to maximize network performance. For average latency minimization, satellite gateway placement was investigated for opimal placement of gateway for efficient resource allocation [28]. In [29], correlation between the channel assignment and link scheduling was studied and proved that to improve the network performance interaction between them plays an important role. Internet gateway selection and clustering scheme are improtant issues in Multi-Radio Multi-Channel wireless mesh network [30]. Table 2 highlights future research directions for researchers, which have elaborated various scheduling algorithms used to improve network performance for wireless networks. State of art evaluation is shown in Table 2. Related work is summarized based on parameters such as fairness, load balancing, packet delay, throughput, quality of service, fault tolerant, heterogeneity, and power consumption. Graphical analysis of parametric evaluation is given in the graph below, From Table 2 and Fig. 2 it is cleared that existing solutions for link scheduling do not fulfill the requirements to achieve fairness in data transmission at each gateway for better network performance.
No
Yes
No
No
No
Yes
No
No
Yes
Yes
No
No
No
No
Yes
No
[32]
[11]
[13]
[6]
[16]
[17]
[18]
[19]
[20]
[21]
[22]
[23]
[24]
[25]
[33]
Fairness
Parameters
[31]
Paper/solution
No
Yes
No
No
No
No
No
Yes
No
No
No
No
No
No
No
No
Load Balancing
No
No
No
No
No
No
Yes
No
No
No
No
No
Yes
No
Yes
Yes
Packet Delay
Table 2 Parametrized Analysis of Link Scheduling
Yes
Yes
Yes
No
No
Yes
Yes
Yes
Yes
Yes
No
Yes
Yes
Yes
Yes
Yes
Throughput
Yes
No
No
Yes
Yes
Yes
Yes
Yes
Yes
Yes
No
Yes
Yes
Yes
Yes
Yes
Fault tolerant
Yes
Yes
Yes
Yes
No
Yes
Yes
No
Yes
No
No
Yes
Yes
Yes
Yes
No
Wireless Technologies
No
No
No
No
No
No
No
No
No
No
No
No
No
Yes
No
Yes
Heterogeneity
No
Yes
Yes
Yes
No
Yes
No
Yes
No
No
No
No
Yes
Yes
No
No
Power Consumption
No
No
No
No
No
No
No
No
No
No
No
No
No
No
No
No
Fairness
Systematic Review of Resource Allocation Methods … 221
222
S. Patil and P. Gokhale
Fig. 2 Parametric analysis of link scheduling
4 Summary IoT is comprised of sensors, embedded systems, and mobile devices which are interconnected and interlinked through the Internet. Resource allocation with scheduling is an important challenge in the field of IoT as increasing demand for interconnectivity of devices for automation in all applications. Many researchers proposed approaches to handle network parameters which are responsible to achieve maximum network throughput. This review paper exhibited a comprehensive survey of routing and scheduling problems for network optimization in IoT machine to machine communication. Various algorithms such as energy efficient QOS based clustering approach, various approaches to optimize energy efficiency in heterogeneous sensor networks at different levels, link selection-based routing protocol achieving energy efficiency in wireless mesh networks are discussed which helped to improve network utilization rate. Also, various network parameters like fairness, load balancing, packet delay, throughput, fault tolerance, wireless technologies, heterogeneity, and power consumption are reviewed in recent papers. Different protocols for wireless networks have been investigated to address the challenges faced by the network to improve efficient wireless link utilization. The importance of network utilization in the IoT network with parameterized analysis of network parametersto motivate researchers to focus on network challenges for various IoT applications in future is depicted.
References 1. Li, S., Da Xu, L., Zhao, S.: The internet of things: a survey. Inf. Syst. Front. 17(2), 243–259 (2015) 2. Liu, Y., Liu, A., Hu, Y., Li, Z., Choi, Y.-J., Sekiya, H., Li, J.: FFSC: an energy efficiency communications approach for delay minimizing in internet of things. IEEE Access 4, 3775– 3793 (2016) 3. Jagannath, J., Polosky, N., Jagannath, A., Restuccia, F., Melodia, T.: Machine learning for wireless communications in the Internet of things: a comprehensive survey. Ad Hoc Netw., 101913 (2019)
Systematic Review of Resource Allocation Methods …
223
4. Prakash, T.S., Badrinath, G., Venugopal, K., Patnaik, L.M.: Energy aware topology management in Ad Hoc. Wirel. Netw. (2006) 5. Bejerano, Y.: Efficient integration of multihop wireless and wired networks with qos constraints. IEEE/ACM Trans. Netw. (TON) 12(6), 1064–1078 (2004) 6. Andrews, M., Zhang, L.: Scheduling algorithms for multicarrier wireless data systems. IEEE/ACM Trans. Netw. 19(2), 447–455 (2011) 7. Atzori, L., Iera, A., Morabito, G.: The internet of things: a survey. Comput. Netw. 54(15), 2787–2805 (2010) 8. Maolin, T.: Gateways placement in backbone wireless mesh networks. Int. J. Commun. Netw. Syst. Sci. 2(1), 44–50 (2009) 9. Akyildiz, et al.: Wireless mesh networks: a survey. Comput. Netw. 47, 445–487 (2005) 10. Zhao, L., Al-Dubai, A.Y., Min, G.: GLBM: a new QoS aware multicast scheme for Wireless Mesh Networks. Syst. Softw. 83, 1318–1326 (2010) 11. Tassiulas, L., Sarkar, S.: Maxmin fair scheduling in wireless ad hoc networks. IEEE J. Sel. Areas Commun. 23(1), 163–173 (2005) 12. Wan, J., Hong, J., Pang, Z., Jayaraman, B., Shen, F.: IEEE access special section editorial: key technologies for smart factory of industry 4.0. IEEE Access 7, 17969–17974 (2019) 13. Hoang, T.D., Le, L.B., Le-Ngoc, T.: Joint prioritized link scheduling and resource allocation for OFDMA-based wireless networks. In: 2016 IEEE International Conference on Communications (ICC), pp. 1–6. IEEE (2016) 14. Su, H., Xi, Z.: Battery-aware TDMA scheduling schemes for wireless sensor networks. In: Global Telecommunications Conference, 2008. IEEE GLOBECOM 2008. IEEE, pp. 1–5. IEEE (2008) 15. Akyildiz, et al.: Cross-layer design in wireless mesh networks. IEEE Trans. 57, 1061–1076 (2008) 16. Wang, W., Wang, Y.,Li, X.Y., Song, W.Z., Frieder, O.: Efficient interference-aware TDMA link scheduling for static wireless networks. In: Proceedings of the 12th Annual International Conference on Mobile Computing and Networking, pp. 262–273. ACM (2006) 17. Cappanera, P., Lenzini, L., Lori, A., Stea, G., Vaglini, G.: Optimal joint routing and link scheduling for real-time traffic in TDMA wireless mesh networks. Comput. Netw. 57(11), 2301–2312 (2013) 18. Yu, H., Mohapatra, P., Liu, X.: Dynamic channel assignment and link scheduling in multi-radio multi-channel wireless mesh networks. In: Fourth Annual International Conference on Mobile and Ubiquitous Systems: Networking & Services, 2007. MobiQuitous 2007, pp. 1–8. IEEE (2007) 19. Palattella, M.R., Accettura, N., Dohler, M., Grieco, L.A., Boggia, G.: Traffic Aware Scheduling Algorithm for reliable low-power multi-hop IEEE 802.15. 4e networks. In: 2012 IEEE 23rd International Symposium on Personal Indoor and Mobile Radio Communications (PIMRC), pp. 327–332. IEEE (2012) 20. Ojo, M., Giordano, S.: An efficient centralized scheduling algorithm in IEEE 802.15. 4e TSCH networks. In: 2016 IEEE Conference on Standards for Communications and Networking (CSCN), pp. 1–6. IEEE (2016) 21. Zhou, Z.B., Du, C., Shu, L., Hancke, G., Niu, J., Ning, H.: An energy-balanced heuristic for mobile sink scheduling in hybrid WSNs. IEEE Trans. Ind. Inf. 12(1), 28–40 (2016) 22. Raniwala, A., Gopalan, K., Chiueh, T.-C.: Centralized channel assignment and routing algorithms for multi-channel wireless mesh networks. Mobile Comput. Commun. 8, 50–65 (2004) 23. Wu, W., Luo, J., Yang, M.: Gateway placement optimization for load balancing in wireless mesh networks. In: CSCWD 2009. 13th International Conference on Computer Supported Cooperative Work in Design, 2009. IEEE, 2009, pp. 408–413 24. Karnik, A., Iyer, A., Rosenberg, C.: Throughput-optimal configuration of fixed wireless networks. IEEE/ACM Trans. Netw. (TON) 16(5), 1161–1174 (2008) 25. Jun, P., QiangQiang, Z.: Gateways placement optimization in wireless mesh networks. In: International Conference on Networking and Digital Society, 2009. ICNDS’09, vol. 1. IEEE, 2009, pp. 221–226
224
S. Patil and P. Gokhale
26. Mahmoud, M.M.E., Rodrigues, J.P.C., Saleem, K.: Cloud of things for healthcare: a survey from energy efficiency perspective. In: 2019 International Conference on Computer and Information Sciences (ICCIS), pp. 1–7. IEEE (2019) 27. Accettura, N., Palattella, M.R., Boggia, G., Grieco, L.A., Dohler, M.: Decentralized traffic aware scheduling for multi-hop low power lossy Networks in the internet of things. In: IEEE 14th International Symposium on “A World of Wireless, Mobile and Multimedia Networks” (WoWMoM), 2013, pp. 1–6 28. Cao, Y., Shi, Y., Liu, J., Kato, N.: Optimal satellite gateway placement in space-ground integrated network for latency minimization with reliability guarantee. IEEE Wirel. Commun. Lett. 7(2), 174–177 (2018) 29. Yang, P., Chen, G.: Fast cash: Fair and stable channel assignment on heterogeneous wireless mesh network. In: The 9th International Conference for Young Computer Scientists, 2008. ICYCS 2008, pp. 451–456. IEEE (2008) 30. Uzunlar, O.: Joint routing, IGW selection, scheduling and power management optimization in Wireless Mesh Networks. Department of Industrial Engineering. 2011, Bilkent University, Ankara, p. 215 31. Jung, W.J., Lee, J.Y., Kim, B.C.: Joint link scheduling and routing for load balancing in STDMA wireless mesh networks. Int. J. Commun. Netw. Inf. Secur. (IJCNIS) 6(3) (2014) 32. Zheng, Q., Zheng, P., Chatzimisios, P., Liu, F.: Joint optimization of link scheduling and resource allocation in cooperative vehicular networks. In: EURASIP Journal on Wireless Communications and Networking 2015, no. 1, p. 170 33. Li, F., Wang, Y., Li, X.-Y.: Gateway placement for throughput optimization in wireless mesh networks. In: IEEE International Conference on Communications, 2007. ICC’07. IEEE, 2007, pp. 4955–4960
Social Aspects of Smart Ubiquitous Computing
Sarcasm Detection in Online Social Network: Myths, Realities, and Issues L. K. Ahire, Sachin D. Babar, and Gitanjali R. Shinde
Abstract Sarcasm is a statement used by sophisticated people on social media and blog-oriented websites. It is used to express the indirect information on the statements which is already making a buzz on social media. It is a platform where the various forms of judgmental or normal statements are shared by millions of people. And it becomes hugely difficult to identify, whether the statements made are a complement or mockery statements, sometimes too hard for humans to identify. This increases the scope and need for recognizing the sarcastic statements for improving automatic sentiment analysis. Sentiment analysis is referred to as the method of identification and aggregation of the sarcasm statements by Internet users for specific attitudes or opinions. Sarcasm detection systems use different types of techniques such as Rule-Based Approach, Pattern-Based Approach, Machine Learning Approach, and Context-Based Approach. The system analyzes sarcasm detection on the Twitter dataset by using Techniques such as Support Vector Machine, Random Forest, Naïve Bayes, and Maximum Entropy. Keywords Twitter · Sentiment analysis · Sarcasm detection · Machine learning · Classification
1 Introduction With the rise of Smartphones and very high-speed Internet services, the number of users is rapidly growing up on social media websites like Facebook, Twitter, L. K. Ahire (B) · G. R. Shinde Computer Department, SKNCOE Pune, Savitribai Phule Pune University, Pune, India e-mail: [email protected] G. R. Shinde e-mail: [email protected] S. D. Babar Computer Department, SIT Lonavala, Savitribai Phule Pune University, Pune, India e-mail: [email protected] © The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd. 2021 P. N. Mahalle et al. (eds.), Security Issues and Privacy Threats in Smart Ubiquitous Computing, Studies in Systems, Decision and Control 341, https://doi.org/10.1007/978-981-33-4996-4_15
227
228
L. K. Ahire et al.
Instagram, etc. The increased volume of data produced is becoming very huge every day. Nearly 17 percent of users increase yearly, and the mobile users have reached 3.7 billion according to Statistics from GlobalWebIndex [1]. People feel free to open up on a social media platform and place their opinions on the same, for example, about an event or discuss products as well as business strategies. Some people use social media as a platform to set up their business and also exchange their ideas about starting new start-ups and many more things; thus, by using such a great platform people can share their views worldwide. There are 1.59 billion active users on Facebook every month, and each user is a friend of 130 people on average [2]. Also, there are 500 million people using Twitter, among whom 332 million are active [1]. People post 340 million tweets, and 1.6 billion queries are searched each day [1]. As data are growing rapidly, a number of challenges are faced by this sudden rise like storing, processing, and accessing data. Dealing with these huge data and verification becomes a tougher task. Among these huge collected data, most of the data are unstructured. With the developing technology, people are provided with many new ways of interaction, from text messages to images and video sharing. In today’s social media world, many manufacturers use social media as a platform for their product marketing and take feedback from customers about their products. Everyone uses social websites to see the latest trend and news about any event or other things. When an event occurrs or any new product is launched in the market, people start discussing the same and take an active part in giving their feedback it. On the other hand, many people read the reviews and comments posted by the people about the event or product. These reviews and comments from users on the social media platform also help organizations for improving their product or event. However, it is a very complex task to find and verify the legitimacy of opinions or reviews. “Sarcasm is defined as a specific type of sentiment where people express their negative feelings using positive or intensified positive words in the text”. To understand which opinions or reviews are expressed as sarcastic is a highly difficult task by reading manually all the opinions. Besides, the common user will have difficulty in understanding sarcasm in tweets or opinions about the product which may be misleading to the user. It is an influential statement that represents an important disagreement between the real situation and the content used in the statement. For example, a comment from user, “I feel happy to waste time while waiting for a delayed train!” shows the difference between the real situation of being “frustrated while waiting for a delayed train” and the statement also contains “happy”. This shows there is a contradiction in the given sarcastic statement that proves that sarcasm is a special type of sentiment analysis as depicted in Fig. 1. This indicates that sarcasm detection will improve the automatic sentiment analysis of the huge quantity of heterogeneous social data. It is a text classification problem that includes some natural learning techniques like stemming, stop word removing, etc. and feature extraction. Sarcasm detection is a vital area of research in natural language processing. Fields like sentiment analysis and classification of texts containing sarcastic statements may result in the misleading analysis of data. Generally, sarcasm is very common but
Sarcasm Detection in Online Social Network …
229
Fig. 1 Sentiment analysis
detecting it is a very complex task. In day-to-day life, people use sarcastic statements to make a joke about someone and it considerable but when sarcasm is used to criticize persons, ideas, or some events, it is dangerous. This sarcasm is used on social websites or in particular the websites where microblogs are exchanged, for example, Twitter. Due to this complicated nature of sarcastic tweets collected from Twitter, the highly effective approaches for sentiment analysis and opinion mining do not meet higher performance. The enhancement in performance is improved when the sarcasm of sarcastic tweets is detected. It increases the requirement of a highly efficient method to detect sarcasm from social websites.
2 Related Work In this section, we discuss identical kinds of work in the field of gap analysis adopted, and discussions are presented. In the following section, existing literature on the related topic is discussed. Ren et al. [3] proposed a deep learning approach to tweeter sarcasm detection. In this, the authors use context-augmented neural network models as an advanced deep learning technique. For implementation purposes, authors have used two models: a context-augmented neural model by integrating key contextual information (CANN KEY) and a context-augmented neural model by integrating all contextual information (CANN ALL). In this approach, contextual features from history tweets by the author are used. The context augmented neural network model gives better performance when compared with other state-of-the-art discrete models and context models. Mukherjee and Bala [4] proposed a machine learning mechanism for tweeter sarcasm detection. Here, the authors used a tenfold cross-validation verified on the training dataset. For the implementation, the authors test different feature sets which include function words and parts of speech n-grams by using naïve Bayes and fuzzy logic clustering. While detecting sarcasm, this approach achieves 65% accuracy. Bharti et al. [5] proposed a Hadoop-based framework that captures real-time tweets and processes it with a set of algorithms that identify sarcastic sentiment effectively. For effective sarcasm detection, the authors used features as part of speech
230
L. K. Ahire et al.
n-grams and bi-grams and syntactic features. For the implementation, they used Hadoop and Map-reduce functions, sarcasm detection engine, POS tagging, and parsing. Real-time tweets are captured and processed using Apache Flume and Hive under the Hadoop framework. This approach gives an accuracy of 96% of tweeter sarcasm detection. Bouazizi and Ohtsuki [6] proposed an approach that uses different pattern-based features of tweets to identify sarcasm from the tweets. In this approach, the authors make use of the part-of-speech tagger to tag tweets and Libsvm for the classification of the tweets. This approach achieves 83.1% of the accuracy of detecting sarcasm from tweets when compared with baseline methods. Lee et al. [7] proposed a deep learning approach for sentiment analysis. In this, the authors used the Convolutional Neural Network (CNN) as an advanced deep learning technique. For the implementation, they used the word localization model for sentiment classification. The proposed approach performs localization on input data using CNN. It achieves an average 85% accuracy for two types of the datasets (IMDB and Watcha). Poria et al. [8] proposed a deep learning approach to detect sarcasm from tweets. These authors made use of Deep Convolutional Neural Network as an advanced deep learning technique. They developed the models which are based on pretrained Convolutional Neural Networks to extract sentiment, emotions, and personality features. They also addressed the issue of generalizability in the classification of data when models are in the learning phase. They achieved 98% accuracy to detect sarcasm from tweets. Justo et al. [9] proposed a machine learning approach to detect sarcasm from an online conversation. In this, the authors used rule-based machine learning as an advanced machine learning technique. They combined multiple sources of information and classify them using rule-based classifiers and naïve Bayes classifiers. This approach gives 67.3% accuracy to detect sarcasm in online conversations. Kumar et al. [10–18] proposed a deep learning model to detect sarcasm in conversations using natural language. They used bidirectional long short-term memory (BLSTM) and Convolutional Neural Network (CNN) as an advanced deep learning technique. For the implementation, they made use of a hybrid approach that combines the soft attention-based bidirectional long short term memory (sAtt-BLSTM) and convolution neural network (convNet) to detect sarcasm from the natural language conversations. For BLSTM, global vector word representation is used to build word embeddings, and auxiliary punctuation-based features are used in convNet. An accuracy of 97.87% is achieved for the Twitter dataset and 93.71% accuracy for randomly taken tweets. Agrawal and An [11–19] proposed a deep learning approach to detect sarcasm from tweets, forum posts, and online reviews. They used bidirectional long short-term memory (BLSTM) as an advanced technique of deep learning. They used affective information from the representation of a word that is used while detecting sarcasm in the text. They achieved an accuracy of 67% to detect sarcasm.
Sarcasm Detection in Online Social Network …
231
3 Gap Analysis To identify the user’s attitudes, opinions, reviews, and emotions toward any specific event, topic, or product, sentiment analysis is used to a great extent. A special kind of sentiment called Sarcasm is made up of the words having the opposite orientation of the statement that one can to say in a sense of irritation, insult, or humor. When sarcasm is expressed in the text, the tonal and gestural marks are missing and sometimes its identification relies on punctuation, exclamation marks, word capitalization, etc. Text sarcasm mainly uses positive vocabulary to express the negative sentiments on a particular target as mentioned earlier. To avoid direct negativity, people often post sarcastic text on social websites like Twitter, Facebook, WhatsApp, etc. Therefore, detecting sarcasm on social websites has become vital as it impacts every field. When there is presence of sarcasm in sentiments, then sentiment analysis becomes a tough task. A sarcastic text has the property that there is a difference between the actual text and its exact orientation and it is challenging to detect sarcasm from the text [23, 24]. Therefore, a capable system is required to detect sarcasm from the text which would be strong to identify the actual orientation of the given tweet. The detection of sarcasm uses mainly four methods based on rules, patterns, machine learning techniques, and context-based methods as depicted in Fig. 2. As discussed earlier, the rule-based approach is the basic technique for detecting sarcasm in the comments posted by users. The hyperbolic and syntactic features are mainly focused on the rule-based method. Hyperbole features include interjections, intensifiers, and punctuations. Sometimes extreme adverbs and extreme adjectives are used as intensifiers to make messages sarcastic. The implementation of a Rulebased approach is easy and usually achieves good accuracy for the classification of text. The most common approach used for classification is Machine Learning. The dataset used and the quality of the feature set decide the performance of machine
Fig. 2 Sarcasm detection technique classification
232
L. K. Ahire et al.
learning classifiers. As discussed in the literature survey in this approach, lexical, sentiment, hyperbole, and syntactic features are used in different classification algorithms. The classifiers such as Support Vector Machine, Naïve Bayes, Decision Tree, and Random Forest are evaluated in this approach. In the Pattern-based approach, the structure of sarcastic tweets and sentences used in conversations are analyzed for effective classification for the detection of sarcasm. The following six unique patterns were discussed in this approach. 1. 2. 3. 4. 5.
The contradiction between sentiments in a tweet and its situation phrases. The contradiction between dislikes and likes of a Twitter user. The contradiction between an actual tweet and universal truth. The contradiction between tweets and facts which are time-dependent. The contradiction between a tweet and the background information on which it posted. 6. Positive text with a pair of antonyms either of verbs, adjectives, or adverb. This pattern-based approach achieves a high level of accuracy for the detection of sarcasm in the tweets. Though sarcasm detection can be achieved by the described rule-based, Machine Learning, and Pattern-based approaches by considering different types of features of the text, all the features alone are not enough to detect sarcasm in tweets until users don’t know the context of the tweet. The user, as well as the machine, should know the context of the tweet, and to detect sarcasm more accurately the context should be mapped with general world knowledge. There are many types of contexts; the main focus is the topical, situational, historical, political, and temporal context of the tweets. Context is a framework, background, environment, or surroundings of occurrences or events. In simple words, context is defined as circumstances that form the background of the event or idea or statement in the tweet that helps readers to understand the tweet. Some examples of the context of a text are as follows: • “The team was happy because they just found out they got placed in the semifinals”. • “The coordinator of the event wants to inspect the things, which is a general examination of all the events”. • “Mary is gregarious, not like her sister who is smart and beautiful”.
4 Proposed Approach The proposed scheme uses the dataset taken from the tweeter and the aim is to detect sarcasm from each tweet used. A collection of different features is extracted from tweets, and a suitable machine learning approach is applied to classify the tweets. While extracting features, various components of the tweets are used to cover various types of sarcasm.
Sarcasm Detection in Online Social Network …
233
Fig. 3 Proposed architecture of Sarcasm detection
As described in Fig. 3, a dataset collected from Twitter API is given as input and approximately 70% of data is utilized to train and evaluaten the model, and 30% data is utilized to test the model. The model is developed by using the training Data and the model is evaluated by using the testing Data. As shown, there are 4 key performance indicators used to measure the performance of the proposed technique such as Accuracy, Recall, Precision, and F-score.
4.1 Dataset Data is collected from Twitter API which are tweets posted by users. While collecting sarcastic posts, a query is fired to Twitter API for tweets containing the word “#sarcasm”. It is concluded that for collecting sarcastic posts, the use of this “# sarcasm” is not the perfect way, but sometimes it highlights the situation that this can be used for the identification of sarcasm. It is used mainly for 3 purposes: • To provide as a search entity. • To indicate that sarcasm may be present there in the history tweets. • To clarify sarcasm where it is very difficult to detect sarcastic tweets without a direct identifier, as in “Yesterday was fun. The first since months! # Sarcasm”. The Proposed approach takes 59000 tweets as input and classifies them as sarcastic and non-sarcastic.
4.2 Training Dataset and Model Development The final model is built using the data which comes from multiple datasets. The three datasets are commonly used while designing different steps of the model. At the initial phase, the model is fit on a training dataset. A training dataset is a collection of data or examples used to fit the parameters of the model. It is used to train the
234
L. K. Ahire et al.
model using a supervised learning technique. A combination of the input vector and the corresponding output vector (Target) is the training dataset. The training dataset is applied to the current model and the produced result by the model is then matched with the target for every input vector in the training dataset. The matched results and used learning algorithm are used to adjust the parameters of the model used. The appropriate model selection includes the selection of variables as well as the estimation of parameters.
4.3 Model Evaluation Model evaluation uses the validation dataset which is part of the training dataset to predict the results. The validation dataset fulfills the correct evaluation of the model selected for the training dataset. If the error on validation increases (overfitting), then the validation dataset is used to stop training.
4.4 Testing The testing dataset is the dataset which is used for the final unbiased evaluation of the selected model using the training dataset. The testing dataset is a completely new and unknown dataset for the selected model. If the dataset used for testing is new and not used in the training dataset, then the dataset is also called a holdout dataset.
4.5 Performance Measures After all the features extracted from the data experiments are performed on the data, the important performance measures which are used to evaluate the technique are • • • •
Accuracy Precision Recall F-score
5 Issues in Sarcasm Detection There are mainly three issues while detecting sarcasm from the text. Annotation quality is the first issue in sarcasm detection. The second issue arises when sentiment is used as a feature in the classification. The handling of unbalanced data is the third issue in sarcasm detection.
Sarcasm Detection in Online Social Network …
235
5.1 Annotation Issue It is observed that the hashtag (#) used with the sentence provides useful large-scale supervision, but sometimes users will have to know the author’s context to correctly identify the sarcastic tweet. In the given tweet “I am happy to work with you # Not”, #Not is used to denote sarcasm, but while processing the tweet “# Not” is removed and then “I am happy to work with you” becomes non-sarcastic as the user doesn’t know the context of the author behind this tweet. This suggests the requirement of deciding appropriate rules for the annotators.
5.2 Issue of Using Sentiment as Feature Many sarcasm prediction techniques use lexical sentiments as a classifier feature. These techniques use surface polarity (Apparent Polarity) of the text. If the negative phrase is present in a positive statement, then this statement is classified as sarcastic. The issue arises here, as many times the sarcasm does not flip the polarity of the sentence. That is the surface polarity alone cannot decide whether the sentence is sarcastic or not.
5.3 Issue of Unbalanced Dataset This issue arises when the dataset used is unbalanced or skewed. For example, if the dataset size is 100000 tweets and only 5% of tweets are sarcastic, then it is called as an unbalanced dataset. To deal with this issue, many techniques are used like F-score optimization, LSS regularization technique, multi-strategy ensemble approach, re-sampling of the dataset, etc.
6 Comparative Analysis A suitable model is evolved after appropriate training, validation, and testing dataset. Now it is time to perform the classification on the random dataset by using the developed model. The predicted values or results produced are categorized into four different categories as True Positive, True Negative, False Positive, and False Negative which form the confusion matrix as described in Table 1. By using these results, we can describe the performance of the model in key performance indicators: Accuracy, Precision, Recall, and F- measure.
236
L. K. Ahire et al.
Table 1 Table of confusion matrix
Actual class
Predicted class True
False
True
True Positive (TP)
False Negative (FN)
False
False Positive (FP)
True Negative (TN)
True Positive • Precision = True Positive+False Positive True Positive • Recall = True Positive+False Negative TruePositive+TrueNegative • Accuracy = TruePositive+TrueNegative+FalsePositive+FalseNegative
• F _ Measure =
2(Precision×Recall) Precision+Recall
To compare the classification of data, we mainly use 4 classifier algorithms: “Random Forest”, “Support Vector Machine” (SVM), “k Nearest Neighbor” (KNN), and Maximum Entropy. Figure 4 shows the analysis of comparisons for the said algorithms. As described in Table 2, the performance of various classification algorithms used to classify the data indicates that many tweets which were determined as containing sarcasm are actually sarcasm in it. However, very low percentages of the sarcasm posts were detected (almost 20%). That is, however, the SVM is able to detect sarcasm
Random Forest SVM KNN Max. Entropy
Fig. 4 Comparative analysis
Table 2 Comparative analysis Accuracy (%)
Precision (%)
Recall (%)
F1-score (%)
Random Forest
83.1
91.1
73.4
81.3
SVM
60.0
98.1
20.4
33.8
KNN
81.5
88.9
72.0
79.6
Maximum Entropy
77.4
84.6
67
74.8
Sarcasm Detection in Online Social Network …
237
with a high value of precision, and the given results are utilized to improve the process of sentiment analysis. In reality, from several comments, the number of tweets detected as sarcastic is less as the amount of data used, which turns into few detections of sarcastic tweets, it can be said as only one is identified from the five tweets. KNN and Maximum Entropy classifiers give accuracy and F1-scores high, Random Forest gives the highest performance. The results given by the random forest classifier are used for initial experiments.
7 Summary This paper covered detailed literature that has been reviewed in the area of detection of sarcasm in a dataset collected from social websites such as Twitter, Facebook, and e-commerce websites. In this paper, the four approaches such as Rule-based, PatternBased, Machine Learning-based, and Context-based approaches as well as different features used by these approaches are described. Sarcasm formed mainly due to the incongruity in the text but sometimes the detection method may require going beyond this incongruity to correctly identify it. This paper also discusses the different types of issues that occur while detecting sarcasm in text and also describes recent trends used for sarcasm detection. Finally, a comparative analysis is made for four algorithms, Random Forest, Support Vector Machine (SVM), k-Nearest Neighbors (KNN), and Maximum Entropy, used as classifying algorithms for the given dataset as sarcastic or not. A comparative analysis is made based on 4 performance metrics such as Accuracy, Recall, Precision, and F-Measure.
References 1. Chaffey, D.: GlobalSocialMediaResearchSummary2016. http://www.smartinsights.com/soc ial-media-marketing/social-media-strategy/new-global-social-media-research/ 2. Tan, W., Blake, M.B., Saleh, I., Dustdar, S.: Social-network-sourced big data analytics. Internet Comput. 17(5), 62–69 (2013) 3. Ren, Y., Ji, D., Ren, H.: Context-augmented convolutional neural networks for twitter sarcasm detection. Neurocomputing 308, 1–7 (2018) 4. Mukherjee, S., Bala, P.K.: Sarcasm detection in microblogs using Naïve Bayes and fuzzy clustering. Technol. Soc. 48, 19–27 (2017) 5. Bharti, S.K., Vachha, B., Pradhan, R.K., Babu, K.S., Jena, S.K.: Sarcastic sentiment detection in tweets streamed in real time: a big data approach. Digit. Commun. Netw. 2(3), 108–121 (2016) 6. Bouazizi, M., Ohtsuki, T.O.: A pattern-based approach for sarcasm detection on twitter. IEEE Access 4, 5477–5488 (2016) 7. Lee, G., Jeong, J., Seo, S., Kim, C., Kang, P.: Sentiment classification with word localization based on weakly supervised learning with a convolutional neural network. Knowl.-Based Syst. 152, 70–82 (2018)
238
L. K. Ahire et al.
8. Poria, S., Cambria, E., Hazarika, D., Vij, P.: A deeper look into sarcastic tweets using deep convolutional neural networks (2016). arXiv preprint arXiv:1610.08815 9. Justo, R., Corcoran, T., Lukin, S.M., Walker, M., Torres, M.I.: Extracting relevant knowledge for the detection of sarcasm and nastiness in the social web. Knowl.-Based Syst. 69, 124–133 (2014) 10. Kumar, A., Sangwan, S.R., Arora, A., Nayyar, A., Abdel-Basset, M.: sarcasm detection using soft attention-based bidirectional long short-term memory model with convolution network. IEEE Access 7, 23319–23328 (2019) 11. Agrawal, A., An, A.: Affective representations for sarcasm detection. In: The 41st International ACM SIGIR Conference on Research & Development in Information Retrieval, pp. 1029–1032. ACM (2018) 12. Bamman, D., Smith, N.A.: Contextualized sarcasm detection on twitter. In: Ninth International AAAI Conference on Web and Social Media (2015) 13. Barbieri, F., Saggion, H., Ronzano, F.: Modelling sarcasm in twitter, a novel approach. In: Proceedings of the 5th Workshop on Computational Approaches to Subjectivity, Sentiment and Social Media Analysis, pp. 50–58 (2014) 14. Bharti, S.K., Babu, K.S., Jena, S.K.: Parsing-based sarcasm sentiment recognition in twitter data. In: Proceedings of the 2015 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining, 2015, pp. 1373–1380. ACM (2015) 15. Fersini, E., Pozzi, F.A., Messina, E.: Detecting irony and sarcasm in microblogs: The role of expressive signals and ensemble classifiers. In 2015 IEEE International Conference on Data Science and Advanced Analytics (DSAA), pp. 1–8. IEEE (2015) 16. Ghosh, D., Guo, W., Muresan, S.: Sarcastic or not: Word embeddings to predict the literal or sarcastic meaning of words. In: Proceedings of the 2015 Conference on Empirical Methods in Natural Language Processing, pp. 1003–1012 (2015) 17. Joshi, A., Sharma, V., Bhattacharyya, P.: Harnessing context incongruity for sarcasm detection. In: Proceedings of the 53rd Annual Meeting of the Association for Computational Linguistics and the 7th International Joint Conference on Natural Language Processing, vol. 2, pp. 757–762 (2015) 18. Mahalle, P.N., Dhotre, P.S.: Context-aware computing: telecom perspective. In: Context-Aware Pervasive Systems and Applications (pp. 109–135). Springer, Singapore (2020) 19. Ashetakr, R., Mahalle, P.N., Shinde, G.R.: 5 Users’ privacy at online social networks in Indian context: comprehensive multiaged group survey and discussion. The Internet of Everything: Advances, Challenges and Applications, p. 95 (2019) 20. Liebrecht, C.C., Kunneman, F.A., van Den Bosch, A.P.J.: The perfect solution for detecting sarcasm in tweets# not (2013) 21. Wang, Z., Wu, Z., Wang, R., Ren, Y.: Twitter sarcasm detection exploiting a context-based model. In: International Conference on Web Information Systems Engineering, pp. 77–91. Springer, Cham (2015) 22. Wang, J., Peng, B., Zhang, X.: Using a stacked residual LSTM model for sentiment intensity prediction. Neurocomputing 322, 93–101 (2018) 23. Dey, N., Borah, S., Babo, R., Ashour, A.S.: Social Network Analytics: Computational Research Methods and Techniques. Academic Press (2018) 24. Dey, N., Babo, R., Ashour, A.S., Bhatnagar, V., Bouhlel, M.S. (eds.).: Social Networks Science: Design, Implementation, Security, and Challenges: From Social Networks Analysis to Social Networks Intelligence. Springer (2018)
Farmer-Assistive Chatbot in Indian Context Using Learning Techniques Tanmay Bhardwaj, Prathmesh Deshpande, Tanvi Murke, Shruti Deshpande, and Kashmira Deshpande
Abstract According to the 2011 Agricultural Census of India, 61.5% population depends on Agriculture for livelihood. Agriculture contributes to only 23% of the country’s population. The low performance economically is primarily because of a lack of proper information and resources to obtain genuine information. The farmers’ queries are hardly solved and heard by the concerned individuals thus leading to chaos and confusion in their minds regarding their farming activities. Proper attention and implementation are thus needed to assist the farmers of India. We propose to build a smart chatbot using learning techniques to get correct information to farmers quickly. A farmer can interact with the chatbot in their local language as our chatbot is multilinguistic. We use the dataset from Kisan Call Centre to train the chatbot. We use the k-Nearest Neighbors algorithm and sequence-to-sequence framework to enable Natural Language Processing as well as Natural Language Generation. Farmers will get real-time answers to their questions through our system assisted by Machine Learning. Keywords K-Nearest neighbors · Natural language processing · Machine learning
T. Bhardwaj (B) · P. Deshpande · T. Murke · S. Deshpande Computer Department, Savitribai Phule, Pune, India e-mail: [email protected] P. Deshpande e-mail: [email protected] T. Murke e-mail: [email protected] S. Deshpande e-mail: [email protected] K. Deshpande Vishwakarma Institute of Technology, Pune, India e-mail: [email protected] © The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd. 2021 P. N. Mahalle et al. (eds.), Security Issues and Privacy Threats in Smart Ubiquitous Computing, Studies in Systems, Decision and Control 341, https://doi.org/10.1007/978-981-33-4996-4_16
239
240
T. Bhardwaj et al.
1 Introduction India is one of the biggest countries to contribute toward agricultural activities throughout the world. More than half of the population depends on farming for livelihood. Listening to every farmer’s problem and trying to solve them is a very tedious task. A lot of calls hence go unanswered at Kisan Call Centre (KCC). There is a need for automation for a faster and efficient solution to the farmers’ problems. One such automation technique to solve the queries is the generation of a farmerassistive chatbot, which will listen to the problems and try giving them the most efficient solution in their native language so that the farmer can better understand it. As the reach of Internet connectivity is spreading in the whole country very fast and with cheaper rates, it is available to everyone and in every area now more than ever. With 451 million monthly active Internet users by end of the financial year 2019, India is now second only to China in terms of Internet users, according to a report by Internet and Mobile Association of India (IAMAI) [9]. So internet connectivity and reachability are not an issue, and every farmer despite being in the most remote area of India will have Internet connectivity and thus can use this chatbot for its assistance. As per the problems and queries asked by farmers, million questions can be clubbed into 5 major categories [10]. The categories are Plant protection, Pests and Diseases, Weather, Best practices, and Unbiased recommendation on products. These categories can help in the development of the model effectively, and countless queries asked by farmers can be categorized.
2 Literature Survey ‘A Neural Conversational Model’ [4] by Vinyals and V. Le is a paper by Google in which they have proposed to build a chatbot using the sequence-to-sequence framework. The model uses a Recurrent Neural Network to build a model that will generate tokens one by one. The model uses a vector of input tokens and produces an output word. This output word is used to create the next token. The whole process continues recursively. We will use the sequence to the sequence framework proposed in the model to create a Natural Language Generation model. The ‘Smart Chatbot for agriculture’ [1] published in IJESC in 2019 by Prof. Yashaswini. D. K et al. analyzes all conditions where a farmer could face difficulty in farming in India such as weather, season rainfall, and types of soil of a region. They use historic data of a region to train the system using Machine Learning algorithms and techniques. A KNN model is implemented in the chatbot so that the system could function on its own in the future. ‘FarmChat: A Conversational agent to answer Farmer queries’ [2] by Mohit Jain et al. uses the IBM Watson framework to create a chatbot. The Django framework is used to build the front-end communication system. The chatbot also uses Google’s speech to text API to convert the spoken
Farmer-Assistive Chatbot in Indian Context …
241
input to text. The paper proposes a need for the chatbot because of the inadequacy of call centers like KCC to serve all the incoming calls. Leonardo Barreto Campos et al. proposed ‘Agronomobot’ [3] which is a smart answering Chatbot applied to agricultural sensor networks 2018 paper Bot was developed to focus on the research done on a vineyard using a Wireless Sensor Network. It is a Telegram-based Bot API which can access information collected by eKo field sensors; the user then can interact using the Telegram application interface which makes it easy for the users. ‘Agriculture Advancement using Artificial Intelligence’ [7] by Kunal Verma et al. in ICRISTME16 the main concern is to highlight the issues faced by farmers in day-to-day life that can be solved using Artificial Intelligence. The ‘Virtual Conversational AssistantThe FARMBOT’ [6] published in IJETSR in 2018 by Kannagi et al. presented that FARMBOT is a chatbot which is a virtual conversational assistant for farmers where they can communicate with the chatbot as if they are conversing with a human. The system uses NLP to parse the queries, identify the keywords, match them with Knowledge Base and give desired results. The ‘Speech Based Information Retrieval System for Farmers’ [8] published in Research Review Journal in April 2019 by Arunkumar and Kulkarni proposed that the speech-based information retrieval system for farmers eliminates the drawbacks of conventional systems. It is a chatbot and a virtual assistant that accepts the queries in a user-friendly manner. The input for the system is in text and speech modes, and the textual query is preprocessed in order to understand the category of the query and provide the necessary response. Speech synthesis in this system helps to use the system efficiently. In ‘A Persona-Based Neural Conversation Model’ [5] by Jiwei Li et al., they show the use of a sequence-to-sequence framework in creating a persona-based chatbot. They have used Twitter FireHose and shown the accuracy to be 6.1% of all correct results and 56.7% acceptable results. The findings in this paper prove that the sequence-to-sequence framework is useful to build a chatbot and provide satisfactory results.
3 Field Survey India is an agrarian country with around 61.5% of its people depending directly or indirectly upon agriculture. India ranks second worldwide in farm outputs. As of 2019, agriculture employed 50% of the Indian workforce and contributed 17–18% to the country’s GDP. India ranks first in the world with the highest net cropped area followed by the US and China. Agriculture is demographically the broadest economic sector and plays a significant role in the overall socioeconomic fabric of India. We conducted semi-structured interviews with 7 farmers, in January 2020; a few glimpses of it are shown in Fig. 1. The farmers are from two different villages. The first village we visited was Atkarwadi, which is situated 30 km from Pune City. We interacted with 5 farmers there. Their native language was Marathi. The farmers we interacted with were namely Rohidas Jede, Baban Jede, Namdeo Shinde, Sharanappa Chavan and Tukaram More. We came across different problems which they face on a daily
242
T. Bhardwaj et al.
Date: 07/01/2020 Location: Pune Details: Out dated equipments are still used in small farms.
Date: 07/01/2020 Location: Pune Details: Interview with farmers about the difficulties they face today to build the dataset.
Fig. 1 Field survey
basis. The most common problems they faced were about stray animals and water issues. Moreover, they had more problems which have been addressed below. The farm that is cultivated is invaded and destroyed by stray animals like monkeys and pigs. The farmers can protect the farm during the daytime but it is not possible for them to protect it at night. The animals eat the crops as well as the trees of coconut, mango, banana, etc. They sit in potable water and make it dirty. This is a big loss for all the farmers. The solution for these stray animals is to build a compound wall with a metal net on top to restrict the entry of animals but this can cost up to 3-4 lakhs which a normal farmer cannot afford to invest in this extra expense. Many a time, the farmers have to bear more expense on farming and do not get the desired income. Their expenses exceed their income so many farmers have stopped doing farming or just do it for their personal use. There is a bit of water scarcity in this area, so water is to be stored for further use and water irrigation is also the main problem. Many farmers do not have work labor to work for them; workers can be rented but they charge a lot. Some farmers have workers but no machines or tractors. The daily rent for a tractor is 800-900 rupees per hour which many poor farmers cannot afford. Another problem is about fertilizers. When farmers go to shops to buy fertilizers, the shopkeepers charge them more than the actual prices. There is a lot of difference between the government price and the selling price of the shops. This affects the farmers as they have to bear more expenses. The farmers here usually cultivate rice
Farmer-Assistive Chatbot in Indian Context …
243
and that too Basmati or Indrayani. They are not sure which type to cultivate in which weather. Weather affects the type of the crop. Due to this, there are lots of pests on the crops. The farmers are not sure about the kind of pests also. And they don’t even know what kind of insecticides or pesticides to use. We interacted with two more farmers when we visited the next village— Renapur—which is located around 250 km from Pune. The farmers we interacted were namely Fulabai Shirname and Jaydeep Parte. The problems we came across there were quite different. The problems they faced are given below: • The farmers use spray for the fast growth of their crops but sometimes it results in the decaying of crops. So they have no idea about which and how much spray is to be used. • The farmers usually cultivate Soybean and Peas. They buy these seeds in the month of May but they last for around 90 days. But due to weather change, the rainfall takes place after June so the seed quality deteriorates. They cannot predict the rainfall. • The farmers do not have knowledge about advanced machines and how to use it. The equipment are expensive to buy so they need someone from where they can borrow it. • The farmers have no idea about which seed quality is the best and also their rates while buying it for good yields. • When farmers try to sell their crop products in the market, they do not get the best market price as there are middlemen who acquire the money. So the farmers do not get the expected financial returns. • The farmers are not aware of various government schemes and loans provided for farmers which can help them for their good farming practices. • We made a brief survey about all the problems of farmers and planned to assist them with the help of agri-experts.
4 Gap Analysis Our model doesn’t use any pre-implemented platform such as IBM Watson for the generation of the chatbot. The chatbot is implemented from scratch; even the dataset used was developed by doing a field survey of a nearby village just outside Pune city. Various queries and problems of farmers were added to the dataset, and the problems are further classified into categories for the efficient generation of the chatbot. Multi-linguistic support is the most differentiating point between the implemented chatbots and the chatbot of this paper. The farmer can interact in his local language as local languages are supported due to multi-linguistic support by this chatbot. Farmers can be relatively more expressive related to their problem and thus our system will responsd better.
244
T. Bhardwaj et al.
5 Proposed Work Figure 2 shows the system architecture for the proposed chatbot system. After a client query is obtained, it is translated using Google Translate. The translated query is given as an input to the model. The query is preprocessed using text preprocessing steps. The result is used to find the type of query using the KNN classifier. The answer is generated using a sequence-to-sequence framework. Algorithm Used: 1. K-Nearest Neighbors Classifier: • In machine learning, KNN is a supervised learning algorithm used for classification and regression. • In classification, the output is class membership and is determined by k votes from k-nearest neighbors. • In regression, the output is the property of the object and is determined by the average of k-nearest neighbors. • Euclidean or Mahalanobis distance is used to find the nearest neighbors. • Training Complexity O(nm) where n is the number of training samples, and m is the number of features. 2. Sequence-to-sequence framework • This model is based on a recurrent neural network which reads input token one at a time and generates output one token at a time. • During training, the true output sequence is given and the model learns by backpropagation. • In an output of n tokens, the n − 1th token is given as input to the nth token. • The strength of the model lies in simplicity and generality. • The predicted sequence can be selected based on the probability of the sequence.
Fig. 2 System architecture
Farmer-Assistive Chatbot in Indian Context …
245
Fig. 3 Seq 2Seq model
We propose to use the two algorithms, KNN and the sequence-to-sequence framework and an Android application for frontend. We use the dataset for training from Kisan Call Centre. The user will interact with the android application. The input will be given via voice. We will use Google speech-to-text and Google translate APIs to convert input in the local language to an English string. This input is fed to the backend. We clean the data using text preprocessing steps of tokenization, removal of stop words and lemmatization. Tokenization is the process of breaking down strings into tokens. It means breaking down paragraphs into sentences and sentences to words. It creates a bag of words and this can be used for further processing. Removal of stop words is a process in which we remove stop words like has, was, is, not, etc. which do not add any real value during analysis. Lemmatization is preferred over stemming to avoid overfitting while training the chatbot. After the data is clean, we feed the string to the KNN classifier to classify the user’s query into predetermined classes such as Weather, Fertilizer, Crop Protection, etc. Once the query type is identified, we feed the input query to the sequence-to-sequence framework. The sequence-to-sequence framework consists of two parts encoder and decoder, as shown in Fig. 3. The encoder uses deep neural nets to encode input into a vector. It holds the context of the current word. The decoder takes the input as the hidden vector generated by the encoder and produces the output word by word. It uses its hidden layers to generate words. The input to hidden layers is the previously generated word and the context. The output generated is returned to the user via text on the screen and also an additional option of listening to the output is provided. Google’s text-to-speech and translate APIs are used for the purpose.
6 Summary In the fast-growing world of Machine Learning, consumers are getting technological help in all facets of their lives. The Internet provides various ways to get information and has radically changed the way we communicate. Innovation has enhanced our lives with more opportunities, and everything is quite simple for us. Everybody likes to collaborate and expect quick answers without much delay. You can use online networking platforms or websites regularly for various reasons to connect
246
T. Bhardwaj et al.
with others. A chatbot for farmers is a program or service that easily connects with various farmers all over India to help solve their queries. The services that a chatbot can deliver are quite diverse, from providing important life-saving health messages to checking the weather forecast to grow a particular crop and expect maximum yield from it. While interacting with a chatbot, you should feel as if you are talking with a real person. The application can be further developed for better service in the following ways: • Increase the work of chatbot to even act as a psychological assistant for solving problems of sentiments and emotional problems of farmers. • Spread awareness about the chatbot to all the farmers globally and not only in our country. • Build a global repository from where the data can be mined.
References 1. Smart Chatbot for Agriculture Prof. Yashaswini. D. K 1, Hemalatha. R2, Niveditha. G3 Department of Computer Science and Engineering Don Bosco Institute of Technology, India 2. Jain, M., Kumar, P., Bhansali, I., Liao, V., Truong, K., Patel, S.: FarmChat: a conversational agent to answer farmer queries. http://qveraliao.com/ubicomp19.pdf 3. Mostaço1, G.M., Costa de Souza2, I.R., Campos2, L.B., Cugnasca1, C.E.: AgronomoBot: a smart answering Chatbot applied to agricultural sensor networks. https://www.researchgate. net/publication/327212062_ 4. Vinyals, O., Le, Q.: A Neural Conversational Model. ICML Deep Learning Workshop, 2015 5. Li, J., Galley, M., Brockett, C., Gao, J., Dolan, B.: A Persona-Based Neural Conversation Model (2016) 6. Virtual Conversational Assistant –“The FARMBOT” Mrs. L. Kannagi M.E., Assistant Professor Valliammai Engineering College Ramya, C., Shreya, R., Sowmiya, R. Valliammai Engineering College 7. Verma1, K., Pabbi,D., Singh Jat, A.: Agriculture Advancement Using Artificial Intelligence. Guru Nanak Dev University, Jalandhar, Jaypee Institute Of Information Technology, Noida 8. Arunkumar, T.R., Kulkarni, R.: Speech Based Information Retrieval System For Farmers. Assistant Professor, Department of Computer Science, Rani Channamma University, Brelagavi-591156 (India), Project Scholar, Department of Computer Science, Rani Channamma University, Brelagavi-591156 (India) 9. https://www.wttc.org/-/media/files/reports/benchmark-reports/country-reports-2017/india.pdf 10. https://economictimes.indiatimes.com/articleshow/71311705.cms?utm_source=contentofint erest&utm_medium=text&utm_campaign=cppst
Correction to: A Comparative Analysis of Machine Enep Learning Algorithms for Intrusion Entection in WSN Saurabh Deshpande, J. Gujarathi, P. Chandre, and Pravin Nerkar
Correction to: Chapter “A Comparative Analysis of Machine Deep Learning Algorithmsfor Intrusion Detection in WSN” in: P. N. Mahalle et al. (eds.), Security Issues and Privacy Threats in Smart Ubiquitous Computing, Studies in Systems, Decision and Control 341, https://doi.org/10.1007/978-981-33-4996-4_11 The original version of the book was published with incorrect author name, “Shruti Deshpande” has as “Saurabh Deshpande” in the chapter “A Comparative Analysis of Machine Deep Learning Algorithms for Intrusion Detection in WSN”. The chapter and book have been updated with change.
The updated version of this chapter can be found at https://doi.org/10.1007/978-981-33-4996-4_11 © The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd. 2021 P. N. Mahalle et al. (eds.), Security Issues and Privacy Threats in Smart Ubiquitous Computing, Studies in Systems, Decision and Control 341, https://doi.org/10.1007/978-981-33-4996-4_17
C1