miun.sePublications
Change search
Refine search result
1 - 4 of 4
CiteExportLink to result list
Permanent link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Rows per page
  • 5
  • 10
  • 20
  • 50
  • 100
  • 250
Sort
  • Standard (Relevance)
  • Author A-Ö
  • Author Ö-A
  • Title A-Ö
  • Title Ö-A
  • Publication type A-Ö
  • Publication type Ö-A
  • Issued (Oldest first)
  • Issued (Newest first)
  • Created (Oldest first)
  • Created (Newest first)
  • Last updated (Oldest first)
  • Last updated (Newest first)
  • Disputation date (earliest first)
  • Disputation date (latest first)
  • Standard (Relevance)
  • Author A-Ö
  • Author Ö-A
  • Title A-Ö
  • Title Ö-A
  • Publication type A-Ö
  • Publication type Ö-A
  • Issued (Oldest first)
  • Issued (Newest first)
  • Created (Oldest first)
  • Created (Newest first)
  • Last updated (Oldest first)
  • Last updated (Newest first)
  • Disputation date (earliest first)
  • Disputation date (latest first)
Select
The maximal number of hits you can export is 250. When you want to export more records please use the Create feeds function.
  • 1.
    Eldefrawy, Mohamed
    et al.
    Mid Sweden University, Faculty of Science, Technology and Media, Department of Information Systems and Technology.
    Butun, Ismail
    Mid Sweden University, Faculty of Science, Technology and Media, Department of Information Systems and Technology.
    Pereira, Nuno
    Polytechnic of Porto (IPP), Porto, Portugal.
    Gidlund, Mikael
    Mid Sweden University, Faculty of Science, Technology and Media, Department of Information Systems and Technology.
    Formal security analysis of LoRaWAN2019In: Computer Networks, ISSN 1389-1286, E-ISSN 1872-7069, Vol. 148, p. 328-339Article in journal (Refereed)
    Abstract [en]

    Recent Low Power Wide Area Networks (LPWAN) protocols are receiving increased attention from industry and academia to offer accessibility for Internet of Things (IoT) connected remote sensors and actuators. In this work, we present a formal study of LoRaWAN security, an increasingly popular technology, which defines the structure and operation of LPWAN networks based on the LoRa physical layer. There are previously known security vulnerabilities in LoRaWAN that lead to the proposal of several improvements, some already incorporated into the latest protocol specification. Our analysis of LoRaWAN security uses Scyther, a formal security analysis tool and focuses on the key exchange portion of versions 1.0 (released in 2015) and 1.1 (the latest, released in 2017). For version 1.0, which is still the most widely deployed version of LoRaWAN, we show that our formal model allowed to uncover weaknesses that can be related to previously reported vulnerabilities. Our model did not find weaknesses in the latest version of the protocol (v1.1), and we discuss what this means in practice for the security of LoRaWAN as well as important aspects of our model and tools employed that should be considered. The Scyther model developed provides realistic models for LoRaWAN v1.0 and v1.1 that can be used and extended to formally analyze, inspect, and explore the security features of the protocols. This, in turn, can clarify the methodology for achieving secrecy, integrity, and authentication for designers and developers interested in these LPWAN standards. We believe that our model and discussion of the protocols security properties are beneficial for both researchers and practitioners. To the best of our knowledge, this is the first work that presents a formal security analysis of LoRaWAN.

  • 2.
    Eldefrawy, Mohamed
    et al.
    Mid Sweden University, Faculty of Science, Technology and Media, Department of Information Systems and Technology. Halmstad Högskola.
    Ferrari, Nico
    Mid Sweden University, Faculty of Science, Technology and Media, Department of Information Systems and Technology.
    Gidlund, Mikael
    Mid Sweden University, Faculty of Science, Technology and Media, Department of Information Systems and Technology.
    Dynamic User Authentication Protocol for Industrial IoT without Timestamping2019In: 2019 15th IEEE International Workshop on Factory Communication Systems (WFCS), IEEE, 2019, article id 8757984Conference paper (Refereed)
    Abstract [en]

    Internet of Things (IoT) technology has succeed ingetting a great attention in the industry where it has been ableand still can solve many industrial intractable issues. The emergingtechnology is suffering from severe security shortcomings.Authentication is a cornerstone of IoT security as it presents the measures of checking the legitimacy of communication’s entities.The Industrial IoT (IIoT) technology has special conditions, resulting from a lack of resources and a shortage of security skills. As far as we can tell, from the literature, IIoT user authentication has not been studied extensively. In 2017 Tai et al. presented an authenticated key agreement for IoT networks. Here we prove that Tai et al. is susceptible to sever security weaknesses, such as;i. stolen smart card attack, ii. unknown key share attack, iii. node capturing attack. In this research article, we offer an innovative IIoT user authentication scheme that can achieve secure remote user authentication without timestamping that requires precise synchronization, it only needs Hashing and Xor-ing. We examine the efficiency of our presented scheme using Tmote Sky node over an MSP430 microcontroller using COOJA simulator as well aswe show its correctness using Scyther verification tool.

  • 3.
    Eldefrawy, Mohamed
    et al.
    Mid Sweden University, Faculty of Science, Technology and Media, Department of Information Systems and Technology.
    Pereira, Nuno
    The Polytechnic of Porto (IPP), Portugal.
    Gidlund, Mikael
    Mid Sweden University, Faculty of Science, Technology and Media, Department of Information Systems and Technology.
    Key Distribution Protocol for Industrial Internet of Things without Implicit Certificates2019In: IEEE Internet of Things Journal, ISSN 2327-4662, Vol. 6, no 1, p. 906-917Article in journal (Refereed)
    Abstract [en]

    The deployment of the Internet of Things (IoT) in industry, called the Industrial IoT (IIoT), is supporting the introduction of very desirable improvements such as increasing production flexibility, self-organization and real-time and quick response to events. However, security and privacy challenges are still to be well addressed. The IIoT requires different properties to achieve secure and reliable systems and these requirements create extra challenges considering the limited processing and communication power available to IIoT field devices. In this research article, we present a key distribution protocol for IIoT that is computationally and communicationally lightweight (requires a single message exchange) and handles node addition and revocation, as well as fast re-keying. The scheme can also resist the consequences of node capture attacks (we assume that captured nodes can be detected by the Gateway and previous works have shown this assumption to be acceptable in practice), server impersonation attacks and provides forward/backward secrecy. We show formally the correctness of our protocol and evaluate its energy consumption under realistic scenarios using a real embedded platform compared to previous state-of-the-art key-exchange protocols, to show our protocol reliability for IIoT.

  • 4.
    Forsström, Stefan
    et al.
    Mid Sweden University, Faculty of Science, Technology and Media, Department of Information Systems and Technology.
    Butun, Ismail
    Mid Sweden University, Faculty of Science, Technology and Media, Department of Information Systems and Technology.
    Eldefrawy, Mohamed
    Mid Sweden University, Faculty of Science, Technology and Media, Department of Information Systems and Technology.
    Jennehag, Ulf
    Mid Sweden University, Faculty of Science, Technology and Media, Department of Information Systems and Technology.
    Gidlund, Mikael
    Mid Sweden University, Faculty of Science, Technology and Media, Department of Information Systems and Technology.
    Challenges of Securing the Industrial Internet of Things Value Chain2018In: 2018 Workshop on Metrology for Industry 4.0 and IoT, MetroInd 4.0 and IoT 2018 - Proceedings, IEEE, 2018, p. 218-223, article id 8428344Conference paper (Refereed)
    Abstract [en]

    We see a shift from todays Internet-of-Things (IoT)to include more industrial equipment and metrology systems,forming the Industrial Internet of Things (IIoT). However, thisleads to many concerns related to confidentiality, integrity,availability, privacy and non-repudiation. Hence, there is a needto secure the IIoT in order to cater for a future with smart grids,smart metering, smart factories, smart cities, and smart manufacturing.It is therefore important to research IIoT technologiesand to create order in this chaos, especially when it comes tosecuring communication, resilient wireless networks, protectingindustrial data, and safely storing industrial intellectual propertyin cloud systems. This research therefore presents the challenges,needs, and requirements of industrial applications when it comesto securing IIoT systems.

1 - 4 of 4
CiteExportLink to result list
Permanent link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf