This page has only limited features, please log in for full access.

Dr. SK Hafizul Islam
Department of Computer Science and Engineering, Indian Institute of Information Technology Kalyani, West Bengal, India

Basic Info

Basic Info is private.

Research Keywords & Expertise

0 Cryptography
0 Information Security
0 Network Security
0 Blockchain Security
0 Lattice-based cryptography

Fingerprints

Cryptography
Blockchain Security

Honors and Awards

The user has no records in this section


Career Timeline

The user has no records in this section.


Short Biography

The user biography is not available.
Following
Followers
Co Authors
The list of users this user is following is empty.
Following: 0 users

Feed

Original research
Published: 22 August 2021 in Journal of Ambient Intelligence and Humanized Computing
Reads 0
Downloads 0

In a modern electronic medical system, data sharing between medical institutions must have a more comprehensive understanding of the patient’s condition. However, different hospitals typically use other databases, even if the data belong to the same person. Each hospital manages its database in a centralized and closed manner. This approach makes the databases vulnerable to single-point attacks by malicious attackers and undermines medical care continuity. In this paper, we use a blockchain concept that provides a secure distributed environment to avoid single-point attacks. We develop a novel medical data sharing schedule that uses the blockchain to integrate each hospital’s resources. Compared with other blockchain-based schemes, we categorize and manage different requests for medical data sharing: (i) sharing between hospitals of the same level; (ii) sharing between hospitals of different levels. Additionally, our schedule ensures the security of individual entities in the process of data sharing. We conduct a security analysis and a comparative validation to show that the proposed systems are secure. In the subsequent analysis of the system, the feasibility of the proposed system was examined.

ACS Style

Chien-Ming Chen; Xiaoting Deng; Sachin Kumar; Saru Kumari; Sk Hafizul Islam. Blockchain-based medical data sharing schedule guaranteeing security of individual entities. Journal of Ambient Intelligence and Humanized Computing 2021, 1 -10.

AMA Style

Chien-Ming Chen, Xiaoting Deng, Sachin Kumar, Saru Kumari, Sk Hafizul Islam. Blockchain-based medical data sharing schedule guaranteeing security of individual entities. Journal of Ambient Intelligence and Humanized Computing. 2021; ():1-10.

Chicago/Turabian Style

Chien-Ming Chen; Xiaoting Deng; Sachin Kumar; Saru Kumari; Sk Hafizul Islam. 2021. "Blockchain-based medical data sharing schedule guaranteeing security of individual entities." Journal of Ambient Intelligence and Humanized Computing , no. : 1-10.

Journal article
Published: 06 June 2021 in Neural Computing and Applications
Reads 0
Downloads 0

Advances in computer vision technologies lead to a renewed focus on content-based image retrieval (CBIR) in computer multimedia content analysis applications. CBIR is a technique for image retrieval using automatically derived features. As the size of image repositories grew, supported by increased cloud storage adoption, security concern around trust in cloud service provider (CSP) witnessed a resurgence of interest in user privacy. Hence, unlike in traditional CBIR, cloud-based image retrieval is based on the encrypted feature vector. This may reduce the overall retrieval performance of the system. Consequently, mechanisms are needed to protect the feature vector and the actual images during transmission. Second, to provide image content security, images are often encrypted by users before uploading to the cloud. This article addresses the challenges of retrieving images securely from an untrusted cloud environment. Images are represented in terms of their local invariant features to form an image feature vector. Later, an asymmetric scalar-product-preserving encryption (ASPE) is applied to secure the feature vector. Then, images are encrypted before they are uploaded to a cloud server. The proposed method has been tested on various Corel image datasets and the medical image repository. Performance evaluation shows that the proposed method outperforms its best secure CBIR systems in the literature.

ACS Style

Sumit Kumar; Arup Kumar Pal; Sk Hafizul Islam; Mohammad Hammoudeh. Secure and efficient image retrieval through invariant features selection in insecure cloud environments. Neural Computing and Applications 2021, 1 -26.

AMA Style

Sumit Kumar, Arup Kumar Pal, Sk Hafizul Islam, Mohammad Hammoudeh. Secure and efficient image retrieval through invariant features selection in insecure cloud environments. Neural Computing and Applications. 2021; ():1-26.

Chicago/Turabian Style

Sumit Kumar; Arup Kumar Pal; Sk Hafizul Islam; Mohammad Hammoudeh. 2021. "Secure and efficient image retrieval through invariant features selection in insecure cloud environments." Neural Computing and Applications , no. : 1-26.

Research article
Published: 28 May 2021 in Security and Communication Networks
Reads 0
Downloads 0

The heterogeneous resource-required application tasks increase the cloud service provider (CSP) energy cost and revenue by providing demand resources. Enhancing CSP profit and preserving energy cost is a challenging task. Most of the existing approaches consider task deadline violation rate rather than performance cost and server size ratio during profit estimation, which impacts CSP revenue and causes high service cost. To address this issue, we develop two algorithms for profit maximization and adequate service reliability. First, a belief propagation-influenced cost-aware asset scheduling approach is derived based on the data analytic weight measurement (DAWM) model for effective performance and server size optimization. Second, the multiobjective heuristic user service demand (MHUSD) approach is formulated based on the CPS profit estimation model and the user service demand (USD) model with dynamic acyclic graph (DAG) phenomena for adequate service reliability. The DAWM model classifies prominent servers to preserve the server resource usage and cost during an effective resource slicing process by considering each machine execution factor (remaining energy, energy and service cost, workload execution rate, service deadline violation rate, cloud server configuration (CSC), service requirement rate, and service level agreement violation (SLAV) penalty rate). The MHUSD algorithm measures the user demand service rate and cost based on the USD and CSP profit estimation models by considering service demand weight, tenant cost, and energy cost. The simulation results show that the proposed system has accomplished the average revenue gain of 35%, cost of 51%, and profit of 39% than the state-of-the-art approaches.

ACS Style

M. S. Mekala; Rizwan Patan; Sk Hafizul Islam; Debabrata Samanta; Ghulam Ali Mallah; Shehzad Ashraf Chaudhry. DAWM: Cost-Aware Asset Claim Analysis Approach on Big Data Analytic Computation Model for Cloud Data Centre. Security and Communication Networks 2021, 2021, 1 -16.

AMA Style

M. S. Mekala, Rizwan Patan, Sk Hafizul Islam, Debabrata Samanta, Ghulam Ali Mallah, Shehzad Ashraf Chaudhry. DAWM: Cost-Aware Asset Claim Analysis Approach on Big Data Analytic Computation Model for Cloud Data Centre. Security and Communication Networks. 2021; 2021 ():1-16.

Chicago/Turabian Style

M. S. Mekala; Rizwan Patan; Sk Hafizul Islam; Debabrata Samanta; Ghulam Ali Mallah; Shehzad Ashraf Chaudhry. 2021. "DAWM: Cost-Aware Asset Claim Analysis Approach on Big Data Analytic Computation Model for Cloud Data Centre." Security and Communication Networks 2021, no. : 1-16.

Original paper
Published: 28 March 2021 in Nonlinear Dynamics
Reads 0
Downloads 0

Transmission of the information in any form requires security. Security protocols used for communication rely on the use of random numbers. Pseudo-random numbers are required with good statistical properties and efficiency. The use of a single chaotic map may not produce enough randomness. The turbulence is padded into the existing map to improve its chaotic behaviour and increase the periodicity. A Pseudo-random number generator (PRNG) with this architecture is devised to generate random bit sequences from secret keys. The statistical properties of newly constructed PRNG are tested with NIST SP 800–22 statistical test suite and were shown to have good randomness. To ensure its usability in cryptographic applications, we analysed the size of its key space, key sensitivity, and performance speed. The test results show that the newly designed PRNG has a 3.6% increase in key space and a 5% increase in its performance speed compared to existing chaotic PRNGs. The novel PRNG with faster performance is found suitable for lightweight cryptographic applications.

ACS Style

Sathya Krishnamoorthi; Premalatha Jayapaul; Rajesh Kumar Dhanaraj; Vani Rajasekar; Balamurugan Balusamy; Sk Hafizul Islam. Design of pseudo-random number generator from turbulence padded chaotic map. Nonlinear Dynamics 2021, 104, 1627 -1643.

AMA Style

Sathya Krishnamoorthi, Premalatha Jayapaul, Rajesh Kumar Dhanaraj, Vani Rajasekar, Balamurugan Balusamy, Sk Hafizul Islam. Design of pseudo-random number generator from turbulence padded chaotic map. Nonlinear Dynamics. 2021; 104 (2):1627-1643.

Chicago/Turabian Style

Sathya Krishnamoorthi; Premalatha Jayapaul; Rajesh Kumar Dhanaraj; Vani Rajasekar; Balamurugan Balusamy; Sk Hafizul Islam. 2021. "Design of pseudo-random number generator from turbulence padded chaotic map." Nonlinear Dynamics 104, no. 2: 1627-1643.

Journal article
Published: 03 March 2021 in Journal of Information Security and Applications
Reads 0
Downloads 0

We propose a new bilateral generalization inhomogeneous short integer solution (Bi-GISIS)-based key exchange protocol with reusable key feature for post-quantum IoT security. It is aimed to reduce the time consumption in the key generation of key exchange protocols to be used in IoT devices. To obtain reusable key, we define modified bilateral pasteurization in the random oracle model. By ensuring reusable keys, the same key becomes available in several executions of the proposed protocol. This feature allows efficient usage of reusable keys in resource-constrained IoT architectures. The proposed scheme is suitable for quantum secure key exchange in D2D-aided fog computing environment. A key exchange protocol with improved key management process is constructed for D2D.

ACS Style

Kübra Seyhan; Tu N. Nguyen; Sedat Akleylek; Korhan Cengiz; S.K. Hafızul Islam. Bi-GISIS KE: Modified key exchange protocol with reusable keys for IoT security. Journal of Information Security and Applications 2021, 58, 102788 .

AMA Style

Kübra Seyhan, Tu N. Nguyen, Sedat Akleylek, Korhan Cengiz, S.K. Hafızul Islam. Bi-GISIS KE: Modified key exchange protocol with reusable keys for IoT security. Journal of Information Security and Applications. 2021; 58 ():102788.

Chicago/Turabian Style

Kübra Seyhan; Tu N. Nguyen; Sedat Akleylek; Korhan Cengiz; S.K. Hafızul Islam. 2021. "Bi-GISIS KE: Modified key exchange protocol with reusable keys for IoT security." Journal of Information Security and Applications 58, no. : 102788.

Journal article
Published: 18 February 2021 in Multimedia Tools and Applications
Reads 0
Downloads 0

Medical image analysis plays a very indispensable role in providing the best possible medical support to a patient. With the rapid advancements in modern medical systems, these digital images are growing exponentially and reside in discrete places. These images help a medical practitioner in understanding the problem and then the best suitable treatment. Radiological images are very often found to be the critical constituent of medical images. So, in health care, manual retrieval of visually similar images becomes a very tedious task. To address this issue, we have suggested a content-based medical image retrieval (CBMIR) system that effectively analyzes a Radiological image’s primitive visual features. Since radiological images are in gray-scale form, these images contain rich texture and shape features only. So, we have suggested a novel multi-resolution radiological image retrieval system that uses texture and shape features for content analysis. Here, we have employed a multi-resolution modified block difference of inverse probability (BDIP) and block-level variance of local variance (BVLC) for shape and texture features, respectively. Our proposed scheme uses a multi-resolution and variable window size feature extraction strategy to maintain the block-level co-relation and extract more salient visual features. Further, we have used the MURA x-ray image dataset, which has 40561 images captured from 12173 different patients to demonstrate the proposed scheme’s retrieval performance. We have also performed and compared image retrieval experiments on Brodatz and STex texture, Corel-1K, and GHIM-10K natural image datasets to demonstrate the robustness and improvement over other contemporaries.

ACS Style

Sumit Kumar; Jitesh Pradhan; Arup Kumar Pal; Sk Hafizul Islam; Muhammad Khurram Khan. Radiological image retrieval technique using multi-resolution texture and shape features. Multimedia Tools and Applications 2021, 1 -28.

AMA Style

Sumit Kumar, Jitesh Pradhan, Arup Kumar Pal, Sk Hafizul Islam, Muhammad Khurram Khan. Radiological image retrieval technique using multi-resolution texture and shape features. Multimedia Tools and Applications. 2021; ():1-28.

Chicago/Turabian Style

Sumit Kumar; Jitesh Pradhan; Arup Kumar Pal; Sk Hafizul Islam; Muhammad Khurram Khan. 2021. "Radiological image retrieval technique using multi-resolution texture and shape features." Multimedia Tools and Applications , no. : 1-28.

Journal article
Published: 16 February 2021 in Multimedia Tools and Applications
Reads 0
Downloads 0

Medical images with various modalities have become an integral part of the diagnosis and treatment of several diseases. The medical practitioners often use previous case studies to deal with the current medical condition of any particular patient. In such circumstance, they need to securely access medical images of various cases which are generally stored in a network and are vulnerable to malicious attacks. To address these sensitive inadequacies, we have proposed computational intelligence based secure healthcare Content based Image Retrieval (CBIR) for medical image retrieval scheme through which any medical practitioner can retrieve the image in an encrypted domain in cloud environment. In this regard, hamming distance-based similarity matching is the only available technique that effectively handles the comparison between encrypted features. This technique requires binary features to perform similarity matching, and the performance of such features in image retrieval is poor. In this concern, we have suggested a salient component-based binary feature extraction approach to enhance retrieval accuracy. Initially, we have re-arranged the input image using the saliency map, principal texture direction, and entropy to place the salient components at the starting blocks. Subsequently, we have employed a block-level majority voting scheme on the salient blocks of the image to obtain local binary features. As a result, the final feature vector carries more features from the salient part of the image, which propitiously improves the retrieval accuracy. Later, we have encrypted the binary feature vector and performed image retrieval on cloud environment which involve Data Owner, Database Service Provider and Client over encrypted domain to full fill the security aspect. Finally, we have used medical as well as Corel image datasets to validate the retrieval performance accuracy of the proposed scheme. The experimental results obtained from real life datasets exhibit that the proposed method is secure and provides comparable retrieval accuracy concerning other related schemes in the domain.

ACS Style

Mukul Majhi; Arup Kumar Pal; Jitesh Pradhan; Sk Hafizul Islam; Muhammad Khurram Khan. Computational intelligence based secure three-party CBIR scheme for medical data for cloud-assisted healthcare applications. Multimedia Tools and Applications 2021, 1 -33.

AMA Style

Mukul Majhi, Arup Kumar Pal, Jitesh Pradhan, Sk Hafizul Islam, Muhammad Khurram Khan. Computational intelligence based secure three-party CBIR scheme for medical data for cloud-assisted healthcare applications. Multimedia Tools and Applications. 2021; ():1-33.

Chicago/Turabian Style

Mukul Majhi; Arup Kumar Pal; Jitesh Pradhan; Sk Hafizul Islam; Muhammad Khurram Khan. 2021. "Computational intelligence based secure three-party CBIR scheme for medical data for cloud-assisted healthcare applications." Multimedia Tools and Applications , no. : 1-33.

Review
Published: 11 February 2021 in Journal of Information Security and Applications
Reads 0
Downloads 0

Hash functions have always attracted a lot of attention in modern cryptography because of their hard to invert nature. However, all previous constructions of cryptographic primitives face the threat of being broken by the recent advancements in quantum technology. The focus has thus shifted to developing cryptographic primitives on mathematical structures such as lattices that are intractable by quantum algorithms. We review the computational problems defined on lattices and their respective hardness and discuss constructions of hash function families based on both integer and ideal lattices whose security depends on these computational problems on lattices. We provide a comparative analysis of the theoretical security and concrete instantiations claimed by the different hash function families. Finally, we review techniques used in the reductions for the security proofs of constructions of different hash function families.

ACS Style

Nimish Mishra; Sk Hafizul Islam; Sherali Zeadally. A comprehensive review on collision-resistant hash functions on lattices. Journal of Information Security and Applications 2021, 58, 102782 .

AMA Style

Nimish Mishra, Sk Hafizul Islam, Sherali Zeadally. A comprehensive review on collision-resistant hash functions on lattices. Journal of Information Security and Applications. 2021; 58 ():102782.

Chicago/Turabian Style

Nimish Mishra; Sk Hafizul Islam; Sherali Zeadally. 2021. "A comprehensive review on collision-resistant hash functions on lattices." Journal of Information Security and Applications 58, no. : 102782.

Journal article
Published: 02 February 2021 in Journal of Information Security and Applications
Reads 0
Downloads 0

Due to rapid advancement in internet technologies, remote client access has become much more comfortable than in previous days. The responsibility of the system does not limit even after providing access to resources. In every system, there is a possibility that an adversary may use the resources of the system without prior authentication. This will create interruption, and the clients of the system will ultimately be affected, so the system must provide some authentication mechanism. Therefore, an authentication scheme needs to be introduced, which provides security against different attacks. Consequently, in this article, we propose a reliable and secure three factor authentication scheme that prevents various security attacks. The provable security of the proposed scheme is proved through a widely used random oracle model. We implemented the cryptographic operations of proposed and related schemes on a desktop system having good specifications to get the experimental results. Moreover, the presented scheme is compared with the existing schemes to compare its performance. The performance evaluation shows that our scheme is lightweight and efficient in terms of computation and communication costs as compared to related competing schemes.

ACS Style

Muhammad Asad Saleem; Sk Hafizul Islam; Shafiq Ahmed; Khalid Mahmood; Majid Hussain. Provably secure biometric-based client–server secure communication over unreliable networks. Journal of Information Security and Applications 2021, 58, 102769 .

AMA Style

Muhammad Asad Saleem, Sk Hafizul Islam, Shafiq Ahmed, Khalid Mahmood, Majid Hussain. Provably secure biometric-based client–server secure communication over unreliable networks. Journal of Information Security and Applications. 2021; 58 ():102769.

Chicago/Turabian Style

Muhammad Asad Saleem; Sk Hafizul Islam; Shafiq Ahmed; Khalid Mahmood; Majid Hussain. 2021. "Provably secure biometric-based client–server secure communication over unreliable networks." Journal of Information Security and Applications 58, no. : 102769.

Article
Published: 01 February 2021 in The Journal of Supercomputing
Reads 0
Downloads 0

Since most Internet of things (IoT) devices are energy-limited, increasingly more manufacturers have chosen to develop IoT applications based on group communication. For these applications, a secure and effective authenticated group secret key is fundamental to whole group communication. A large number of related protocols have been proposed to address this security problem. However, most of them have a centralized architecture, which is vulnerable to a single point of failure. Blockchain technology has the potential to address the challenges mentioned above because of its distributed, secure, and private property. Thus, this paper proposes a blockchain-based authenticated group key agreement protocol for IoT. The proposed protocol introduces a new entity called the device manager, who acts as an intermediary to connect IoT devices with blockchain networks. Security analysis demonstrates the robustness of the proposed protocol to various kinds of attacks. Besides, the simulation results further show that the time costs of protocol operations are reasonable and suitable for IoT environments.

ACS Style

Chien-Ming Chen; Xiaoting Deng; Wensheng Gan; Jiahui Chen; S. K. Hafizul Islam. A secure blockchain-based group key agreement protocol for IoT. The Journal of Supercomputing 2021, 77, 9046 -9068.

AMA Style

Chien-Ming Chen, Xiaoting Deng, Wensheng Gan, Jiahui Chen, S. K. Hafizul Islam. A secure blockchain-based group key agreement protocol for IoT. The Journal of Supercomputing. 2021; 77 (8):9046-9068.

Chicago/Turabian Style

Chien-Ming Chen; Xiaoting Deng; Wensheng Gan; Jiahui Chen; S. K. Hafizul Islam. 2021. "A secure blockchain-based group key agreement protocol for IoT." The Journal of Supercomputing 77, no. 8: 9046-9068.

Research article
Published: 19 January 2021 in Security and Communication Networks
Reads 0
Downloads 0

A multiserver environment can improve the efficiency of mobile network services more effectively than a single server in managing the increase in users. Because of the large number of users, the security of users’ personal information and communication information is more important in a multiserver environment. Recently, Wang et al. proposed a multiserver authentication scheme based on biometrics and proved the security of their scheme. However, we first demonstrate that their scheme is insecure against a known session-specific temporary information attacks, user impersonation attacks, and server impersonation attacks. To solve the security weakness, we propose an improved scheme based on Wang et al.’s scheme. The security of our improved scheme is also validated based on the formal security analysis, Burrows–Abadi–Needham (BAN) logic, ProVerif, and informal security analysis. Security and performance comparisons prove the security and efficiency of our scheme.

ACS Style

Tsu-Yang Wu; Lei Yang; Zhiyuan Lee; Chien-Ming Chen; Jeng-Shyang Pan; Sk Hafizul Islam. Improved ECC-Based Three-Factor Multiserver Authentication Scheme. Security and Communication Networks 2021, 2021, 1 -14.

AMA Style

Tsu-Yang Wu, Lei Yang, Zhiyuan Lee, Chien-Ming Chen, Jeng-Shyang Pan, Sk Hafizul Islam. Improved ECC-Based Three-Factor Multiserver Authentication Scheme. Security and Communication Networks. 2021; 2021 ():1-14.

Chicago/Turabian Style

Tsu-Yang Wu; Lei Yang; Zhiyuan Lee; Chien-Ming Chen; Jeng-Shyang Pan; Sk Hafizul Islam. 2021. "Improved ECC-Based Three-Factor Multiserver Authentication Scheme." Security and Communication Networks 2021, no. : 1-14.

Journal article
Published: 02 December 2020 in Journal of Systems Architecture
Reads 0
Downloads 0

Smart cities are made of different interconnected components that exchange data and facilitate the urban living for citizens. Unmanned Aerial Vehicles, known as drones, are components used in various civilian applications, such as agriculture, package delivery, and surveillance. To enhance drone’s flying safety and quality of service, a promising idea is to construct the Internet-of-Drones, where the drones are employed to collect the information, and citizens communicate with the drones of a particular flying zone via their mobile devices to obtain the data in real-time. However, due to the high sensitivity of the information, and the openness of communication media, privacy and security issues should be addressed. Specifically, an efficient and secure authentication scheme is needed to enable users and drones to authenticate each other and share a session key. Due to the drone’s limited resources and energy, the authentication scheme should be efficient regarding the computation overhead while providing high security. In this article, we devise a secure authentication scheme based on elliptic curve for drones to secure smart city surveillance. We demonstrate that our scheme is provably secure in the random oracle model, supporting the security requirements and resisting known attacks while incurring low computation and communication costs.

ACS Style

Mahdi Nikooghadam; Haleh Amintoosi; Sk Hafizul Islam; Mostafa Farhadi Moghadam. A provably secure and lightweight authentication scheme for Internet of Drones for smart city surveillance. Journal of Systems Architecture 2020, 115, 101955 .

AMA Style

Mahdi Nikooghadam, Haleh Amintoosi, Sk Hafizul Islam, Mostafa Farhadi Moghadam. A provably secure and lightweight authentication scheme for Internet of Drones for smart city surveillance. Journal of Systems Architecture. 2020; 115 ():101955.

Chicago/Turabian Style

Mahdi Nikooghadam; Haleh Amintoosi; Sk Hafizul Islam; Mostafa Farhadi Moghadam. 2020. "A provably secure and lightweight authentication scheme for Internet of Drones for smart city surveillance." Journal of Systems Architecture 115, no. : 101955.

Journal article
Published: 03 November 2020 in IEEE Transactions on Consumer Electronics
Reads 0
Downloads 0

Universal Serial Bus (USB) is widely used, for example to facilitate hot-swapping and plug-and-play. However, USB ports can be exploited by an adversary to extract private or personal data from the connected devices. Hence, a number of organizations and workplaces have prohibited their employees from using USB devices, and there have been efforts to design secure USB storage device schemes to more effectively resist different known security attacks. However, designing such schemes is challenging. For example, in this paper we revisit the scheme of Wei, Liu and Hu, and demonstrate that it is vulnerable to attacks such as password guessing and user impersonation. We also explain that the scheme does not verify the correctness of user’s input in the login phase, which is another design flaw. Then, we present an improved scheme and prove it secure in the random oracle model.

ACS Style

Muhammad Faizan Ayub; Salman Shamshad; Khalid Mahmood; Sk Hafizul Islam; Reza M. Parizi; Kim-Kwang Raymond Choo. A Provably Secure Two-Factor Authentication Scheme for USB Storage Devices. IEEE Transactions on Consumer Electronics 2020, 66, 396 -405.

AMA Style

Muhammad Faizan Ayub, Salman Shamshad, Khalid Mahmood, Sk Hafizul Islam, Reza M. Parizi, Kim-Kwang Raymond Choo. A Provably Secure Two-Factor Authentication Scheme for USB Storage Devices. IEEE Transactions on Consumer Electronics. 2020; 66 (4):396-405.

Chicago/Turabian Style

Muhammad Faizan Ayub; Salman Shamshad; Khalid Mahmood; Sk Hafizul Islam; Reza M. Parizi; Kim-Kwang Raymond Choo. 2020. "A Provably Secure Two-Factor Authentication Scheme for USB Storage Devices." IEEE Transactions on Consumer Electronics 66, no. 4: 396-405.

Journal article
Published: 24 October 2020 in Computers & Electrical Engineering
Reads 0
Downloads 0

The Internet-of-Multimedia-Things (IoMT) opens new doors towards various contingencies to improve applications and services through efficient multimedia data usage. The ever-enlarging content of multimedia information in an IoT system makes it a critical security concern. Whenever users access services or information through a public channel, he/she is exposed to numerous security threats. Many security schemes have been introduced for IoMT environments to tackle the above-said concerns. Still, most of them do not fulfill all the security requirements of the IoMT systems. Recently, Dhillon and Karla have presented an authentication scheme for the IoMT environment. They have declared that the scheme is robust and can resist significant security attacks. However, we noticed that Dhillon and Kalra’s scheme is susceptible to user masquerading attacks and a stolen verifier attack. Besides, their scheme also violates the anonymity and traceability of a user. This paper proposes a more secure remote user authentication scheme using the elliptic curve cryptosystem for the IoMT system. We have evaluated our scheme formally through the random oracle model. The informal security description proves that our scheme provides resistance against significant security attacks. Further, the performance analysis reveals that our scheme is more flexible, robust, and efficient than the relevant schemes.

ACS Style

Khalid Mahmood; Waseem Akram; Akasha Shafiq; Izwa Altaf; Muhammad Ali Lodhi; Sk Hafizul Islam. An enhanced and provably secure multi-factor authentication scheme for Internet-of-Multimedia-Things environments. Computers & Electrical Engineering 2020, 88, 106888 .

AMA Style

Khalid Mahmood, Waseem Akram, Akasha Shafiq, Izwa Altaf, Muhammad Ali Lodhi, Sk Hafizul Islam. An enhanced and provably secure multi-factor authentication scheme for Internet-of-Multimedia-Things environments. Computers & Electrical Engineering. 2020; 88 ():106888.

Chicago/Turabian Style

Khalid Mahmood; Waseem Akram; Akasha Shafiq; Izwa Altaf; Muhammad Ali Lodhi; Sk Hafizul Islam. 2020. "An enhanced and provably secure multi-factor authentication scheme for Internet-of-Multimedia-Things environments." Computers & Electrical Engineering 88, no. : 106888.

Journal article
Published: 21 September 2020 in IEEE Systems Journal
Reads 0
Downloads 0

Over the past few years, the Internet of Things (IoT) has played a crucial role in designing e-health systems. An IoT-enabled e-health system allows different entities to examine a patient’s health condition anywhere and anytime. However, the deployment of e-health systems in an IoT environment faces various security and privacy challenges. The authentication of participating entities, the confidentiality of information transferred through an insecure channel, and access control are essential issues to be resolved. To settle these challenges, we found many authentication protocols for e-health systems based on the discrete logarithm and integer factorization problems. However, quantum attacks expose all these protocols. In this article, we propose a lattice-based authentication and access control (LAAC) protocol for IoT-enabled e-health systems to mitigate the quantum attacks. We prove that LAAC is robust with the hardness assumption of the inhomogeneous small integer solution problem. Moreover, we provide provable security analysis of LAAC. Besides, performance evaluation shows it is reasonable to execute LAAC in an IoT device.

ACS Style

Daya Sagar Gupta; Sk Hafizul Islam; Mohammad S. Obaidat; Arijit Karati; Balqies Sadoun. LAAC: Lightweight Lattice-Based Authentication and Access Control Protocol for E-Health Systems in IoT Environments. IEEE Systems Journal 2020, 15, 3620 -3627.

AMA Style

Daya Sagar Gupta, Sk Hafizul Islam, Mohammad S. Obaidat, Arijit Karati, Balqies Sadoun. LAAC: Lightweight Lattice-Based Authentication and Access Control Protocol for E-Health Systems in IoT Environments. IEEE Systems Journal. 2020; 15 (3):3620-3627.

Chicago/Turabian Style

Daya Sagar Gupta; Sk Hafizul Islam; Mohammad S. Obaidat; Arijit Karati; Balqies Sadoun. 2020. "LAAC: Lightweight Lattice-Based Authentication and Access Control Protocol for E-Health Systems in IoT Environments." IEEE Systems Journal 15, no. 3: 3620-3627.

Special issue article
Published: 13 July 2020 in Transactions on Emerging Telecommunications Technologies
Reads 0
Downloads 0

In this article, a secure image retrieval scheme is proposed, which focuses on providing satisfactory retrieval results, and the framework searches relevant images even in an encrypted domain without compromising the performance of the retrieval process. Initially, bit‐level features have been endeavored from the luminance component of the image, from which statistical parameters are computed to generate more intrinsic values. These values are subsequently divided into bins to configure two histograms, which effectively reduce the length of the feature vector. These histograms are then eventually combined with quantized chrominance features to enhance the discriminative property of the feature vector. Since the proposed scheme is in the encrypted domain, conventional similarity measure distance for the image is not well suited. So, a modified Euclidean distance is incorporated, which is modeled to work with encrypted features. To comprehend the security, a piecewise logistic map sequence is considered, where seed values are assimilated to generate two secret keys. As a result, not only the system provides an efficient, secure retrieval system but also cryptographic components have no impact on its retrieval efficiency, and satisfactory results are obtained. Experimental results on Corel‐1K and GHIM‐10K illustrate decent performance in retrieval as compared to existing work in the retrieval domain.

ACS Style

Mukul Majhi; Arup Kumar Pal; Sk Hafizul Islam; Muhammad Khurram Khan. Secure content‐based image retrieval using modified Euclidean distance for encrypted features. Transactions on Emerging Telecommunications Technologies 2020, 32, 1 .

AMA Style

Mukul Majhi, Arup Kumar Pal, Sk Hafizul Islam, Muhammad Khurram Khan. Secure content‐based image retrieval using modified Euclidean distance for encrypted features. Transactions on Emerging Telecommunications Technologies. 2020; 32 (2):1.

Chicago/Turabian Style

Mukul Majhi; Arup Kumar Pal; Sk Hafizul Islam; Muhammad Khurram Khan. 2020. "Secure content‐based image retrieval using modified Euclidean distance for encrypted features." Transactions on Emerging Telecommunications Technologies 32, no. 2: 1.

Journal article
Published: 03 July 2020 in IEEE Systems Journal
Reads 0
Downloads 0

With the significant development of the Internet, Internet of Things (IoT) has become an emerging technology in many industries. To support security and privacy in the Industrial IoT environment, a user may interact with another user on the Internet to share confidential information, which requires an authenticated communication channel. To meet this demand, in this article the authors developed an identity-based two-party authenticated key agreement (ID-2PAKA) protocol that allows two users to communicate securely and share sensitive data across IoT-enabled regions. Similar protocols found in the literature either proven to be insecure or carry the burden of high communication and computational costs. The proposed ID-2PAKA protocol is analyzed in the random oracle model to achieve provable security based on the hardness assumptions of computational Diffie–Hellman and bilinear Diffie–Hellman problems. The performance analysis of the proposed ID-2PAKA protocol is performed using the pairing-based cryptography library. The comparative results from the perspective of the computation and communication costs against the competing protocols showed that the proposed ID-2PAKA protocol is secure and efficient.

ACS Style

Daya Sagar Gupta; S. K. Hafizul Islam; Mohammad S. Obaidat; Pandi Vijayakumar; Neeraj Kumar; Yohan Park. A Provably Secure and Lightweight Identity-Based Two-Party Authenticated Key Agreement Protocol for IIoT Environments. IEEE Systems Journal 2020, 15, 1732 -1741.

AMA Style

Daya Sagar Gupta, S. K. Hafizul Islam, Mohammad S. Obaidat, Pandi Vijayakumar, Neeraj Kumar, Yohan Park. A Provably Secure and Lightweight Identity-Based Two-Party Authenticated Key Agreement Protocol for IIoT Environments. IEEE Systems Journal. 2020; 15 (2):1732-1741.

Chicago/Turabian Style

Daya Sagar Gupta; S. K. Hafizul Islam; Mohammad S. Obaidat; Pandi Vijayakumar; Neeraj Kumar; Yohan Park. 2020. "A Provably Secure and Lightweight Identity-Based Two-Party Authenticated Key Agreement Protocol for IIoT Environments." IEEE Systems Journal 15, no. 2: 1732-1741.

Research article
Published: 08 June 2020 in Security and Privacy
Reads 0
Downloads 0

Security and threats are growing immensely due to the higher usage of internet of things applications in all aspects. Due to imbalanced nature of IoT security data, the designing of model‐based anomaly detection in IoT network poses a challenge for machine learning model as most of the machine learning model assumes the equal number of samples for each class. Approximately, 2.79% of IoT network profiles are of anomaly types which impose severe imbalance where there are three samples in the anomaly types for hundreds of samples in the majority normal class. This results in poor predictive performance for identification of anomaly type, which is essentially a problem because the anomaly type is more sensitive than the normal activity type. This work proposes a multiclass adaptive boosting ensemble learning‐based model with the synthetic minority oversampling technique for prediction of an anomaly in IoT network. The proposed approaches are simulated with DS2OS data and the performance is compared with other machine learning approaches. The evaluation metrics such as sensitivity, F1‐score, and receiver operating characteristic‐AUC imply the efficiency of the proposed approach in handling the imbalanced nature of the data and found efficient to identify both anomaly types and normal activity.

ACS Style

Pandit Byomakesha Dash; Janmenjoy Nayak; Bighnaraj Naik; Etuari Oram; Sk Hafizul Islam. Model based IoT security framework using multiclass adaptive boosting with SMOTE. Security and Privacy 2020, 3, 1 .

AMA Style

Pandit Byomakesha Dash, Janmenjoy Nayak, Bighnaraj Naik, Etuari Oram, Sk Hafizul Islam. Model based IoT security framework using multiclass adaptive boosting with SMOTE. Security and Privacy. 2020; 3 (5):1.

Chicago/Turabian Style

Pandit Byomakesha Dash; Janmenjoy Nayak; Bighnaraj Naik; Etuari Oram; Sk Hafizul Islam. 2020. "Model based IoT security framework using multiclass adaptive boosting with SMOTE." Security and Privacy 3, no. 5: 1.

Journal article
Published: 22 May 2020 in Journal of Information Security and Applications
Reads 0
Downloads 0

The two-party authenticated key agreement (2PAKA) protocol establishes a secure channel over the Internet between two users. This secure channel helps to transfer messages between them in the presence of an adversary. The invention of Shor’s algorithms makes current 2PAKA protocols vulnerable to quantum attacks. To mitigate quantum attacks, we designed an identity-based two-party authenticated key agreement (LB-ID-2PAKA) protocol on a lattice L(B) of dimension n. Besides, to avoid the public key infrastructure (PKI), which is required for the authentication of the public keys of users, we use the identity-based cryptography (IBC) in our protocol. We analyzed that our proposed LB-ID-2PAKA protocol is provably secure with the hardness assumptions of the computational bilateral inhomogeneous small integer solution (CBi-ISIS) and bilateral small integer solution (Bi-SIS) problems. We also analyzed the computation and communication overheads of our LB-ID-2PAKA protocol and compared its performance with a related protocol. The comparison results demonstrate that our LB-ID-2PAKA protocol yields better performance and can be used in post-quantum environments.

ACS Style

Sk Hafizul Islam; Sherali Zeadally. Provably secure identity-based two-party authenticated key agreement protocol based on CBi-ISIS and Bi-ISIS problems on lattices. Journal of Information Security and Applications 2020, 54, 102540 .

AMA Style

Sk Hafizul Islam, Sherali Zeadally. Provably secure identity-based two-party authenticated key agreement protocol based on CBi-ISIS and Bi-ISIS problems on lattices. Journal of Information Security and Applications. 2020; 54 ():102540.

Chicago/Turabian Style

Sk Hafizul Islam; Sherali Zeadally. 2020. "Provably secure identity-based two-party authenticated key agreement protocol based on CBi-ISIS and Bi-ISIS problems on lattices." Journal of Information Security and Applications 54, no. : 102540.

Journal article
Published: 01 April 2020 in Journal of Information Security and Applications
Reads 0
Downloads 0

Wireless Healthcare Sensor Network (WHSN) has become one of the major research fields over the past decades that play a very prominent role in the medical field. Due to the rapid growth of technology in wireless communication, different security challenges have been raised in WHSN. Authentication protocols are used to secure the information transferred over the public channels by WHSN. For this prospect recently, Liu & Chung proposed an authentication and data transmission mechanism for WHSN. However, Challa et al. identified that Liu-Chung’s scheme is vulnerable to stolen smart-card, offline password guessing, privileged insider, and user impersonation attacks. Challa et al. then proposed an enhanced scheme to overcome beforehand stated flaws. This paper denotes out that in accession to before mentioned attacks, Liu-Chung’s scheme is also prone to users’ private key leakage and user impersonation attacks towards sensors. Moreover, Challa et al.’s scheme suffers from incorrectness, broadcasting problem, lack of authentication between Trusted Authority (TA) and sensor nodes, replay attack, Denial of Service (DoS) attack, forgery attack and delay in communication due to the involvement of the TA. Using the elliptic curve cryptography and bilinear paring, an improved scheme is proposed in this paper, to mitigate the weaknesses of Challah et al. and Liu-Chang schemes. The formal security analysis using simulation tool AVISPA and BAN logic demonstrate that the proposed scheme is secure. The rigorous informal security analysis also attests that our scheme is safe against well-known attacks.

ACS Style

Zeeshan Ali; Anwar Ghani; Imran Khan; Shehzad Ashraf Chaudhry; Sk Hafizul Islam; Debasis Giri. A robust authentication and access control protocol for securing wireless healthcare sensor networks. Journal of Information Security and Applications 2020, 52, 102502 .

AMA Style

Zeeshan Ali, Anwar Ghani, Imran Khan, Shehzad Ashraf Chaudhry, Sk Hafizul Islam, Debasis Giri. A robust authentication and access control protocol for securing wireless healthcare sensor networks. Journal of Information Security and Applications. 2020; 52 ():102502.

Chicago/Turabian Style

Zeeshan Ali; Anwar Ghani; Imran Khan; Shehzad Ashraf Chaudhry; Sk Hafizul Islam; Debasis Giri. 2020. "A robust authentication and access control protocol for securing wireless healthcare sensor networks." Journal of Information Security and Applications 52, no. : 102502.