Research Interests:
Research Interests:
Research Interests:
HTTP cookie plays an important role in web applications, as it is used for session authentication without using the login information repeatedly. On the other hand, such technique introduces several security vulnerabilities allowing an... more
HTTP cookie plays an important role in web applications, as it is used for session authentication without using the login information repeatedly. On the other hand, such technique introduces several security vulnerabilities allowing an attacker, to have the complete control of a session by extracting the corresponding cookie. Therefore, HTTPS is recommended to prevent the exposure of cookie. Unfortunately, cookie can be extracted by different techniques even if HTTPS is employed. This work proposes a simple but effective solution called CookiesWall to prevent session hijacking. CookiesWall is implemented as a client side proxy using Python. The proposed mechanism imposes negligible overhead. False positive and false negative of this mechanism is observed to be much lesser.
Research Interests:
Cloud computing is an emergent paradigm to provide reliable and resilient infrastructure enabling the users (data owners) to store their data and the data consumers (users) can access the data from cloud servers. This paradigm reduces... more
Cloud computing is an emergent paradigm to provide reliable and resilient infrastructure enabling the users (data owners) to store their data and the data consumers (users) can access the data from cloud servers. This paradigm reduces storage and maintenance cost of the data owner. At the same time, the data owner loses the physical control and possession of data which leads to many security risks. Therefore, auditing service to check data integrity in the cloud is essential. This issue has become a challenge as the possession of data needs to be verified while maintaining the privacy. To address these issues this work proposes a secure and efficient privacy preserving provable data possession (SEPDP). Further, we extend SEPDP to support multiple owners, data dynamics and batch verification. The most attractive feature of this scheme is that the auditor can verify the possession of data with low computational overhead.
Research Interests:
Research Interests:
Research Interests:
Online Social Networks facilitate their users with the creation and maintenance of interpersonal relationships. These OSNs offer attractive means for digital social interactions and information sharing, but also raise a number of security... more
Online Social Networks facilitate their users with the creation and maintenance of interpersonal relationships. These OSNs offer attractive means for digital social interactions and information sharing, but also raise a number of security and privacy issues. While OSNs allow users to restrict access to personal data, they currently do not provide any satisfactory mechanism to enforce privacy concerns over data associated with multiple users. Unfortunately, the exposure and availability of personal data of users expose them to numerous privacy risks. The proposed approach in this paper provides a mechanism which allows users to control access of their shared resources in a collaborative manner. We have developed a Facebook application " msecure " as proof-of-concept. We also did a survey based user study of the app with a user base of (n=50). The results of the study reveals popularity of it among users. The study also indicates that users are still concerned about the privacy of their shared contents and they believe that a tool like " msecure " could be useful for managing their shared images and other shared contents.
Research Interests:
ABSTRACT Routing metric plays a vital role in path selection process. A variety of routing metrics have been proposed to enhance the performance of routing protocols. Considering the forwarding behavior of neighbor node in the design of a... more
ABSTRACT Routing metric plays a vital role in path selection process. A variety of routing metrics have been proposed to enhance the performance of routing protocols. Considering the forwarding behavior of neighbor node in the design of a routing metric would address the most generic packet dropping attacks in wireless mesh network (WMN). The existing routing metrics to address packet dropping attack in WMN only consider selfish mesh routers. On the other hand, to the best of our knowledge no such routing metric has been proposed to address the malicious behavior of mesh routers in a network. In this paper, we propose an airtime link metric AFC (Airtime Forwarding Capability), that considers both selfish and malicious behavior of mesh routers. AFC is computed using local station level measurements and does not require direct cooperation from any neighbor node, thereby avoiding neighbor lying attacks. The analysis of proposed metric shows that it satisfies the required design properties of a routing metric. The experimental results confirm the performance enhancement by accounting for the malicious behavior of mesh routers.
Research Interests:
Abstract Wireless mesh network (WMN) is a multihop wireless network in which the mesh nodes are spread over large area. In most of the WMN applications the mesh nodes are maintained by different operators which lack cooperation and prone... more
Abstract Wireless mesh network (WMN) is a multihop wireless network in which the mesh nodes are spread over large area. In most of the WMN applications the mesh nodes are maintained by different operators which lack cooperation and prone to several attacks. In ...
Research Interests:
Research Interests:
Wireless Mesh Network (WMN) is an emergent technology, in which the nodes depend on their peers for carrying out their network operations. This collaborative action of nodes can severely degrade the networking performance, if a peer node... more
Wireless Mesh Network (WMN) is an emergent technology, in which the nodes depend on their peers for carrying out their network operations. This collaborative action of nodes can severely degrade the networking performance, if a peer node gets compromised. Cryptographic ...
Research Interests:
ABSTRACT Multicast is a communication technique that allows a source to transmit data to a set of recipients in an efficient manner. Therefore, the primary objective of a multicast routing protocol would be to minimize number of... more
ABSTRACT Multicast is a communication technique that allows a source to transmit data to a set of recipients in an efficient manner. Therefore, the primary objective of a multicast routing protocol would be to minimize number of transmissions to conserve bandwidth. The problem of computing multicast trees with minimal bandwidth consumption is similar to Steiner tree problem and has shown to be NP-complete. So, heuristic based algorithms are suitable to approximate such bandwidth optimal trees. This paper proposes a multicast routing protocol based on minimum number of transmission trees using an heuristic approach. The simulation results show that the proposed algorithm offers better performance over existing protocols, even in the worst-case scenario when the set of multicast receivers are sparsely distributed across the network.
Research Interests:
ABSTRACT A wireless sensor network WSN consists of a large number of resource constrained sensor nodes, usually deployed in hostile environments, where they face a variety of malicious attacks. To address the security vulnerabilities in... more
ABSTRACT A wireless sensor network WSN consists of a large number of resource constrained sensor nodes, usually deployed in hostile environments, where they face a variety of malicious attacks. To address the security vulnerabilities in WSN, this paper proposes an efficient security framework ESF, which comprises of two security building blocks. The first one security building block is to establish key between the sending and receiving nodes while other component provides confidentiality and integrity of data. Owing to the limited resources available with the sensor nodes, ESF avoids intensive computations like public key cryptography and encryption mechanisms. Analysis of ESF shows that the framework provides a secure environment and resistant against the wireless threats using simple bit-wise operations and cryptographic hash functions.
Research Interests:
AbstractTo achieve security in wireless sensor networks (WSNs), pairwise key establishment between two sensor nodes is important. Public key cryptography based key establishment mechanisms are not suitable for WSN, due to their more... more
AbstractTo achieve security in wireless sensor networks (WSNs), pairwise key establishment between two sensor nodes is important. Public key cryptography based key establishment mechanisms are not suitable for WSN, due to their more energy consumption and complex hardware ...
Confidentiality and authenticity are two important security services required for almost every WSN application. However, small memory, weak processor and limited battery power of the sensor nodes are the major obstacles to implement... more
Confidentiality and authenticity are two important security services required for almost every WSN application. However, small memory, weak processor and limited battery power of the sensor nodes are the major obstacles to implement traditional security primitives in them. Owing to both, the requirement as well as the obstacles, this paper proposes a LIghtweight Security Algorithm (LISA) tailored to implement in resource restrained sensor nodes. The novelty of this scheme is that it achieves both, confidentiality and authenticity of data, without using traditional encryption algorithm.
Research Interests:
Radio Frequency Identification (RFID) technology is a promising approach for automated identification of physical objects. A typical RFID system consists of a microchip, and an antenna through which, it emits a unique sequence number as a... more
Radio Frequency Identification (RFID) technology is a promising approach for automated identification of physical objects. A typical RFID system consists of a microchip, and an antenna through which, it emits a unique sequence number as a query response to the reader. Cheap cost ...
User authentication is most essential to prevent the unauthorized adversaries from obtaining the system resources. This paper proposes a cellular automata based remote-user authentication (CARA) scheme to reduce the complexity of... more
User authentication is most essential to prevent the unauthorized adversaries from obtaining the system resources. This paper proposes a cellular automata based remote-user authentication (CARA) scheme to reduce the complexity of encryption and hash-based cryptosystems. CARA uses cache-based nonce to avoid synchronization problems and thwart replay attacks. This scheme is robust against other attacks as well. The inherent parallelism of cellular automata provides for its fast implementation
Research Interests:
Wireless sensor networks (WSNs) are best suited for perceiving a phenomenon, which in turn forms the basis for controlling an actuator in a corrective plane. However, before the corrective action can be invoked, it is necessary to... more
Wireless sensor networks (WSNs) are best suited for perceiving a phenomenon, which in turn forms the basis for controlling an actuator in a corrective plane. However, before the corrective action can be invoked, it is necessary to validate that the data was not injected with a malicious intent. To this end we propose CADA (cellular automata based data authentication mechanism), a lightweight protocol to authenticate data from valid nodes. Unlike its predecessors, it is designed to assume scarcity of multiple resources viz power, processing, storage, bandwidth and radio range.CADA takes advantage of the concurrent operations in cellular automata components and is therefore not only fast but also easily realizable in hardware.
Research Interests:
With the rapid development of communication technologies, resources are distributed over multiple servers in the network. These resources are usually restricted to authorized users. To provide access control and secure communication in... more
With the rapid development of communication technologies, resources are distributed over multiple servers in the network. These resources are usually restricted to authorized users. To provide access control and secure communication in the network, remote user authentication and key establishment is found to be most important. A Reversible Cellular Automata based remote user authentication and key establishment scheme using smart card is proposed in this paper. The scheme is simple, less computational and robust against various known attacks.
Mutual authentication between a service provider and its users is essential to prevent unauthorized adversaries from misutilizing system resources. The traditional method of password table lookups is not scalable and is susceptible to... more
Mutual authentication between a service provider and its users is essential to prevent unauthorized adversaries from misutilizing system resources. The traditional method of password table lookups is not scalable and is susceptible to overloading. Therefore this paper proposes a cellular automata based remote-mutual authentication (CARMA) Scheme to reduce the complexity of encryption and hash-based cryptosystems, as well as avoid table lookups. CARMA also uses cache-based nonces to avoid synchronization problems and thwart replay attacks. The inherent parallelism of cellular automata provides for its fast implementation.
Research Interests:
A password authenticated key exchange (PAKE) is a secure and authenticated bilateral key-exchange scheme, which uses a memorable password. Most of the key exchange protocols have high computational complexity leading complex hardware... more
A password authenticated key exchange (PAKE) is a secure and authenticated bilateral key-exchange scheme, which uses a memorable password. Most of the key exchange protocols have high computational complexity leading complex hardware implementations. Though CA based PAKE is easily realizable in hardware, we observe that it has serious security flaws. In this paper we propose RPAKE, a secure PAKE scheme, basing on the features of reversible cellular automata (RCA). Our analysis shows that RPAKE is immune against numerous attacks and its hardware realization is also simpler
Abstract Though SMAC achieves energy efficiency by reducing idle listening, it is not adaptive to the traffic changes. Moreover, it is not secure against DoS attacks. In this paper, we propose a new protocol called OSASMAC (opportunistic... more
Abstract Though SMAC achieves energy efficiency by reducing idle listening, it is not adaptive to the traffic changes. Moreover, it is not secure against DoS attacks. In this paper, we propose a new protocol called OSASMAC (opportunistic secure adaptive sensor MAC) ...
A password authenticated key exchange (PAKE) is a secure and authenticated bilateral key-exchange scheme, which uses a memorable password. Most of the key exchange protocols have high computational complexity leading complex hardware... more
A password authenticated key exchange (PAKE) is a secure and authenticated bilateral key-exchange scheme, which uses a memorable password. Most of the key exchange protocols have high computational complexity leading complex hardware implementations. Though CA based PAKE is easily realizable in hardware, we observe that it has serious security flaws. In this paper we propose RPAKE, a secure PAKE scheme, basing on the features of reversible cellular automata (RCA). Our analysis shows that RPAKE is immune against numerous attacks and its hardware realization is also simpler
Research Interests:
Abstract Though SMAC achieves energy efficiency by reducing idle listening, it is not adaptive to the traffic changes. Moreover, it is not secure against DoS attacks. In this paper, we propose a new protocol called OSASMAC (opportunistic... more
Abstract Though SMAC achieves energy efficiency by reducing idle listening, it is not adaptive to the traffic changes. Moreover, it is not secure against DoS attacks. In this paper, we propose a new protocol called OSASMAC (opportunistic secure adaptive sensor MAC) ...
... user anonymity to both public and service providers. This scheme incorporates a Smart Card Producing Center (SCPC) that initialises system parameters and assigns secret token to users and service providers. It operates in two phases... more
... user anonymity to both public and service providers. This scheme incorporates a Smart Card Producing Center (SCPC) that initialises system parameters and assigns secret token to users and service providers. It operates in two phases discussed hereafter. 2.1 Registration ...
Research Interests:
Research Interests:
... user anonymity to both public and service providers. This scheme incorporates a Smart Card Producing Center (SCPC) that initialises system parameters and assigns secret token to users and service providers. It operates in two phases... more
... user anonymity to both public and service providers. This scheme incorporates a Smart Card Producing Center (SCPC) that initialises system parameters and assigns secret token to users and service providers. It operates in two phases discussed hereafter. 2.1 Registration ...
Research Interests:
Research Interests:
Research Interests:
To achieve security in wireless sensor networks (WSN), communications between sensor nodes need to be encrypted and authenticated. Therefore, keys for encryption and authentication must be agreed among the communicating nodes. At the same... more
To achieve security in wireless sensor networks (WSN), communications between sensor nodes need to be encrypted and authenticated. Therefore, keys for encryption and authentication must be agreed among the communicating nodes. At the same time, small memory, weak processor and limited battery power of a sensor node are the major obstacles to implement the traditional security primitives. Owing to both
Research Interests:
To achieve security in wireless sensor networks (WSN), communications between sensor nodes need to be encrypted and authenticated. Therefore, keys for encryption and authentication must be agreed among the communicating nodes. At the same... more
To achieve security in wireless sensor networks (WSN), communications between sensor nodes need to be encrypted and authenticated. Therefore, keys for encryption and authentication must be agreed among the communicating nodes. At the same time, small memory, weak processor and limited battery power of a sensor node are the major obstacles to implement the traditional security primitives. Owing to both