liu.seSearch for publications in DiVA
Change search
Refine search result
1 - 10 of 10
CiteExportLink to result list
Permanent link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • oxford
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Rows per page
  • 5
  • 10
  • 20
  • 50
  • 100
  • 250
Sort
  • Standard (Relevance)
  • Author A-Ö
  • Author Ö-A
  • Title A-Ö
  • Title Ö-A
  • Publication type A-Ö
  • Publication type Ö-A
  • Issued (Oldest first)
  • Issued (Newest first)
  • Created (Oldest first)
  • Created (Newest first)
  • Last updated (Oldest first)
  • Last updated (Newest first)
  • Disputation date (earliest first)
  • Disputation date (latest first)
  • Standard (Relevance)
  • Author A-Ö
  • Author Ö-A
  • Title A-Ö
  • Title Ö-A
  • Publication type A-Ö
  • Publication type Ö-A
  • Issued (Oldest first)
  • Issued (Newest first)
  • Created (Oldest first)
  • Created (Newest first)
  • Last updated (Oldest first)
  • Last updated (Newest first)
  • Disputation date (earliest first)
  • Disputation date (latest first)
Select
The maximal number of hits you can export is 250. When you want to export more records please use the Create feeds function.
  • 1.
    Zineddine, Abdelhadi
    et al.
    Laboratory LIMATI, Department of Computer Sciences, Polydisciplinary Faculty Beni Mella (FPBM), Sultan Moulay Slimane University (USMS), Beni Mellal, Morocco.
    Chakir, Oumaima
    Laboratory LIMATI, Department of Computer Sciences, Polydisciplinary Faculty Beni Mella (FPBM), Sultan Moulay Slimane University (USMS), Beni Mellal, Morocco.
    Sadqi, Yassine
    Laboratory LIMATI, Department of Computer Sciences, Polydisciplinary Faculty Beni Mella (FPBM), Sultan Moulay Slimane University (USMS), Beni Mellal, Morocco.
    Maleh, Yassine
    Laboratory LaSTI, École Nationale des Sciences Appliquées de Khouribga (ENSAK), Sultan Moulay Slimane University (USMS), Beni Mellal, Morocco.
    Singh Gaba, Gurjot
    Linköping University, Department of Computer and Information Science, Database and information techniques. Linköping University, Faculty of Science & Engineering.
    Gurtov, Andrei
    Linköping University, Department of Computer and Information Science, Database and information techniques. Linköping University, Faculty of Science & Engineering.
    Dev, Kapal
    Department of Computer Science and LERO Centre, Munster Technological University, Bishopstown, Cork, T12 P928, Ireland.
    A systematic review of cybersecurity assessment methods for HTTPS2024In: Computers & electrical engineering, ISSN 0045-7906, E-ISSN 1879-0755, Vol. 115, article id 109137Article in journal (Refereed)
    Abstract [en]

    Cybersecurity assessments are critical for ensuring that security measures in organizational infrastructures, systems, and applications meet necessary requirements. Given the significant HTTPS vulnerabilities exposed in recent years, assessing HTTPS deployments is increasingly important. However, there has been no systematic literature review (SLR) comparing different cybersecurity assessment methods specifically for HTTPS deployment security issues. This study aims to address this gap by identifying, analyzing, and comparing various HTTPS deployment assessment methods documented in scientific literature. Our approach involved a structured research methodology with specific inclusion and exclusion criteria for selecting relevant methods. The review utilizes 16 comparison metrics, divided into two categories: critical security metrics, focusing on assessment metrics adopted and the number of vulnerabilities evaluated by each method, and additional metrics assessing the methods’ applicability and effectiveness in real-world scenarios. The findings indicate varied adoption rates of these metrics among the reviewed cybersecurity assessment methods, highlighting the absence of a standardized approach using common, well-defined security metrics for HTTPS deployment assessment. In contrast, merging all the comparison metrics outlined in this review would enable a more in-depth assessment of HTTPS deployment security issues, enhance the quality of reported results, and lead to the development of a more practical assessment method.

  • 2.
    Khan, Suleman
    et al.
    Linköping University, Department of Computer and Information Science, Database and information techniques. Linköping University, Faculty of Science & Engineering.
    Singh Gaba, Gurjot
    Linköping University, Department of Computer and Information Science, Database and information techniques. Linköping University, Faculty of Science & Engineering.
    Boeira, Felipe
    Linköping University, Department of Computer and Information Science, Software and Systems. Linköping University, Faculty of Science & Engineering.
    Gurtov, Andrei
    Linköping University, Department of Computer and Information Science, Database and information techniques. Linköping University, Faculty of Science & Engineering.
    Formal Verification and Security Assessment of the Drone Remote Identification Protocol2024Conference paper (Refereed)
    Abstract [en]

    The worldwide implementation of Remote Identification (RID) regulations mandates unmanned aircraft systems (UAS), or drones, to openly transmit their identity and real-time location as plain text on the wireless channel. This mandate serves the purpose of accounting for and monitoring drone operations effectively. However, the current RID standard's plain-text transmission exposes it to cyberattacks, including eavesdropping, injection, and impersonation. The Drone Remote Identification Protocol (DRIP) has been proposed to enhance the security of RID. The DRIP ensures information secrecy and confidentiality by using unique session keys while guaranteeing the authenticity of messages and entities through digital signatures. These security features of DRIP make it a preferable alternative to the existing RID standard. However, the lack of verification regarding its security claims raises concerns about its performance in hostile conditions. This paper comprehensively analyzes the DRIP protocol's security features using Tamarin Prover, a formal security verification tool. With its automated reasoning capabilities, Tamarin Prover accurately identifies potential security vulnerabilities within the DRIP protocol while thoroughly verifying its conformance to security properties. Our investigation demonstrates that the DRIP protocol is susceptible to replay attacks. We strongly recommend the inclusion of message freshness components, reducing the lifespan of DET broadcasts, and incorporating a not-after timestamp that is set only a few minutes ahead of the current time. These measures enhance the protocol's defence against replay attacks and ensure message authenticity and Integrity.

  • 3.
    Zerhouni, Kawtar
    et al.
    College of Computing, Mohammed VI Polytechnic University, Ben Guerir, Morocco.
    Singh Gaba, Gurjot
    Linköping University, Department of Computer and Information Science, Database and information techniques. Linköping University, Faculty of Science & Engineering.
    Hedabou, Mustapha
    College of Computing, Mohammed VI Polytechnic University, Ben Guerir, Morocco.
    Maksymyuk, Taras
    Department of Telecommunications, Lviv Polytechnic National University, Lviv, Ukraine.
    Gurtov, Andrei
    Linköping University, Department of Computer and Information Science, Database and information techniques. Linköping University, Faculty of Science & Engineering.
    Amhoud, El Mehdi
    College of Computing, Mohammed VI Polytechnic University, Ben Guerir, Morocco.
    GAN-Based Evasion Attack in Filtered Multicarrier Waveforms Systems2024In: IEEE Transactions on Machine Learning in Communications and Networking, E-ISSN 2831-316X, Vol. 2, p. 210-220Article in journal (Refereed)
    Abstract [en]

    Generative adversarial networks (GANs), a category of deep learning models, have become a cybersecurity concern for wireless communication systems. These networks enable potential attackers to deceive receivers that rely on convolutional neural networks (CNNs) by transmitting deceptive wireless signals that are statistically indistinguishable from genuine ones. While GANs have been used before for digitally modulated single-carrier waveforms, this study explores their applicability to model filtered multi-carrier waveforms, such as orthogonal frequency-division multiplexing (OFDM), filtered orthogonal FDM (F-OFDM), generalized FDM (GFDM), filter bank multi-carrier (FBMC), and universal filtered MC (UFMC). In this research, an evasion attack is conducted using GAN-generated counterfeit filtered multi-carrier signals to trick the target receiver. The results show that there is a remarkable 99.7% probability of the receiver misclassifying these GAN-based fabricated signals as authentic ones. This highlights the need for urgent investigation into the development of preventive measures to address this concerning vulnerability.

  • 4.
    Khan, Suleman
    et al.
    Linköping University, Department of Computer and Information Science, Database and information techniques. Linköping University, Faculty of Science & Engineering.
    Gaba, Gurjot Singh
    Linköping University, Department of Computer and Information Science, Database and information techniques. Linköping University, Faculty of Science & Engineering.
    Braeken, An
    Vrije Universiteit Brussel, Brussels, Belgium.
    Kumar, Pardeep
    Swansea University, Swansea, UK.
    Gurtov, Andrei
    Linköping University, Department of Computer and Information Science, Database and information techniques. Linköping University, Faculty of Science & Engineering.
    AKAASH: A realizable authentication, key agreement, and secure handover approach for controller-pilot data link communications2023In: International Journal of Critical Infrastructure Protection, ISSN 1874-5482, E-ISSN 2212-2087, Vol. 42, article id 100619Article in journal (Refereed)
    Abstract [en]

    Controller-Pilot Data Link Communications (CPDLC) are rapidly replacing voice-based Air Traffic Control (ATC) communications worldwide. Being digital, CPDLC is highly resilient and bandwidth efficient, which makes it the best choice for traffic-congested airports. Although CPDLC initially seems to be a perfect solution for modern-day ATC operations, it suffers from serious security issues. For instance, eavesdropping, spoofing, man-in-the-middle, message replay, impersonation attacks, etc. Cyber attacks on the aviation communication network could be hazardous, leading to fatal aircraft incidents and causing damage to individuals, service providers, and the aviation industry. Therefore, we propose a new security model called AKAASH, enabling several paramount security services, such as efficient and robust mutual authentication, key establishment, and a secure handover approach for the CPDLC-enabled aviation communication network. We implement the approach on hardware to examine the practicality of the proposed approach and verify its computational and communication efficiency and efficacy. We investigate the robustness of AKAASH through formal (proverif) and informal security analysis. The analysis reveals that the AKAASH adheres to the CPDLC standards and can easily integrate into the CPDLC framework.

    Download full text (pdf)
    fulltext
  • 5.
    Chakir, Oumaima
    et al.
    USMS Univ, Morocco.
    Rehaimi, Abdeslam
    USMS Univ, Morocco.
    Sadqi, Yassine
    USMS Univ, Morocco.
    Alaoui, El Arbi Abdellaoui
    Univ Moulay Ismail, Morocco.
    Krichen, Moez
    Al Baha Univ, Saudi Arabia; Univ Sfax, Tunisia.
    Singh Gaba, Gurjot
    Linköping University, Department of Computer and Information Science, Database and information techniques. Linköping University, Faculty of Science & Engineering.
    Gurtov, Andrei
    Linköping University, Department of Computer and Information Science, Database and information techniques. Linköping University, Faculty of Science & Engineering.
    An empirical assessment of ensemble methods and traditional machine for web-based attack detection in 5.02023In: JOURNAL OF KING SAUD UNIVERSITY-COMPUTER AND INFORMATION SCIENCES, ISSN 1319-1578, Vol. 35, no 3, p. 103-119Article in journal (Refereed)
    Abstract [en]

    Cybersecurity attacks that target software have become profitable and popular targets for cybercriminals who consciously take advantage of web-based vulnerabilities and execute attacks that might jeopardize essential industry 5.0 features. Several machine learning-based techniques have been developed in the literature to identify these types of assaults. In contrast to single classifiers, ensemble methods have not been evaluated empirically. To the best of our knowledge, this work is the first empirical evaluation of both homogeneous and heterogeneous ensemble approaches compared to single classifiers for web -based attack detection in industry 5.0, utilizing two of the most realistic public web-based attack data -sets. The authors divided the experiment into three main phases: In the first phase, they evaluated the performance of five well-established supervised machine learning (ML) classifiers. In the second phase, they constructed a heterogeneous ensemble of the three best-performing ML algorithms using max vot-ing and stacking methods. In the third phase, they used four well-known homogeneous ensembles to evaluate the performance of the bagging and boosting method. The results based on the ECML/PKDD 2007 and CSIC HTTP 2010 datasets revealed that bagging, particularly Random Forest, outperformed sin-gle classifiers in terms of accuracy, precision, F-value, FPR, and area of the ROC curve with values of 99.597%, 98.274%, 99.129%, 0.523%, 100 and 99.867%, 99.867%, 99.867%, 0.267%, 100, respectively. In con-trast, single classifiers performed better than boosting and stacking. However, in terms of FPR, the boost-ing exceeded single classifiers. Max voting is appropriate when accuracy, precision, and FPR are the primary concerns, whereas single classifiers can be employed when recall, FNR, training, and prediction times are critical elements. In terms of training time, ensemble approaches are more likely to be affected by data volume than single classifiers. The papers findings will help security researchers and practition-ers identify the most efficient learning techniques for securing web applications. (c) 2023 The Author(s). Published by Elsevier B.V. on behalf of King Saud University. This is an open access article under the CC BY license (http://creativecommons.org/licenses/by/4.0/).

    Download full text (pdf)
    fulltext
  • 6.
    Singh, Parminder
    et al.
    Mohammed VI Polytech Univ, Morocco; Lovely Profess Univ, India.
    Singh, Gurjot
    Linköping University, Department of Computer and Information Science, Database and information techniques. Linköping University, Faculty of Science & Engineering.
    Kaur, Avinash
    Lovely Profess Univ, India.
    Hedabou, Mustapha
    Mohammed VI Polytech Univ, Morocco.
    Gurtov, Andrei
    Linköping University, Department of Computer and Information Science, Database and information techniques. Linköping University, Faculty of Science & Engineering.
    Dew-Cloud-Based Hierarchical Federated Learning for Intrusion Detection in IoMT2023In: IEEE journal of biomedical and health informatics, ISSN 2168-2194, E-ISSN 2168-2208, Vol. 27, no 2, p. 722-731Article in journal (Refereed)
    Abstract [en]

    The coronavirus pandemic has overburdened medical institutions, forcing physicians to diagnose and treat their patients remotely. Moreover, COVID-19 has made humans more conscious about their health, resulting in the extensive purchase of IoT-enabled medical devices. The rapid boom in the market worth of the internet of medical things (IoMT) captured cyber attackers attention. Like health, medical data is also sensitive and worth a lot on the dark web. Despite the fact that the patients health details have not been protected appropriately, letting the trespassers exploit them. The system administrator is unable to fortify security measures due to the limited storage capacity and computation power of the resource-constrained network devices. Although various supervised and unsupervised machine learning algorithms have been developed to identify anomalies, the primary undertaking is to explore the swift progressing malicious attacks before they deteriorate the wellness systems integrity. In this paper, a Dew-Cloud based model is designed to enable hierarchical federated learning (HFL). The proposed Dew-Cloud model provides a higher level of data privacy with greater availability of IoMT critical application(s). The hierarchical long-term memory (HLSTM) model is deployed at distributed Dew servers with a backend supported by cloud computing. Data pre-processing feature helps the proposed model achieve high training accuracy (99.31%) with minimum training loss (0.034). The experiment results demonstrate that the proposed HFL-HLSTM model is superior to existing schemes in terms of performance metrics such as accuracy, precision, recall, and f-score.

    Download full text (pdf)
    fulltext
  • 7.
    Khan, Suleman
    et al.
    Linköping University, Department of Computer and Information Science, Database and information techniques. Linköping University, Faculty of Science & Engineering.
    Singh, Gurjot
    Linköping University, Department of Computer and Information Science, Database and information techniques. Linköping University, Faculty of Science & Engineering.
    Gurtov, Andrei
    Linköping University, Department of Computer and Information Science, Database and information techniques. Linköping University, Faculty of Science & Engineering.
    Maeurer, Nils
    German Aerosp Ctr DLR, Germany.
    Graeupl, Thomas
    German Aerosp Ctr DLR, Germany.
    Schmitt, Corinna
    Univ Bundeswehr Munchen, Germany.
    Enhancing Cybersecurity for LDACS: a Secure and Lightweight Mutual Authentication and Key Agreement Protocol2023In: 2023 IEEE/AIAA 42ND DIGITAL AVIONICS SYSTEMS CONFERENCE, DASC, IEEE , 2023Conference paper (Refereed)
    Abstract [en]

    The aviation industry faces significant challenges due to rising global air travel demand. Frequency saturation in Air Traffic Management (ATM) leads to communication problems, necessitating the enhancement of traditional systems. The Single European Sky ATM Research (SESAR) initiative, backed by the European Commission, aims to digitize ATM, with the L-band Digital Aeronautical Communications System (LDACS) as a key component. LDACS aims to improve communication, enhance surveillance, and optimize airspace usage for safer, more efficient ATM. Although LDACS is protected against most cyberattacks, a critical security objective, anonymity, is currently overlooked. To strengthen LDACS's security, robust authentication mechanisms, Post-Quantum security, and measures to ensure aircraft anonymity are crucial. Therefore, we propose a comprehensive security framework to enhance LDACS's cybersecurity, focusing on mutual authentication and key agreement. The protocol uses Physical Unclonable Function (PUF) for robust mutual authentication and Bit-flipping Key Encapsulation (BIKE) for secure session key establishment utilizing Post-Quantum Cryptography (PQC). This framework ensures anonymity and secure communication between aircraft and ground stations while minimizing message exchange, latency, and data overhead. An informal security analysis confirms our proposed framework's potential to augment the efficiency and security of ATM operations.

  • 8.
    Nee, Lukas
    et al.
    Linköping University, Department of Computer and Information Science. Linköping University, Faculty of Science & Engineering.
    Singh Gaba, Gurjot
    Linköping University, Department of Computer and Information Science, Database and information techniques. Linköping University, Faculty of Science & Engineering.
    Gurtov, Andrei
    Linköping University, Department of Computer and Information Science, Database and information techniques. Linköping University, Faculty of Science & Engineering.
    Peer-to-Peer Misbehavior Reporting Using Non-Interactive Zero-Knowledge Proofs for Intelligent Transport Systems2023In: CHILEAN Conference on Electrical, Electronics Engineering, Information and Communication Technologies (CHILECON), Chile: Institute of Electrical and Electronics Engineers (IEEE), 2023Conference paper (Refereed)
    Abstract [en]

    The integration of technologies like the Internet of Things (IoT), Big data, and Artificial Intelligence (AI) has empowered modern vehicles with the ability to communicate with one another for better cooperation on the roads. However, the communication between vehicles exposes the whole intelligent transportation system to new attack vectors. Malicious vehicles can spread misleading information, which, if acted upon, might result in traffic congestion, accidents, chaos, and even fatalities. As a countermeasure, the European Telecommunications Standards Institute (ETSI) proposes a framework, TR 103 460, for reporting abnormal behavior. However, there are many shortcomings, such as the absence of a peer-to-peer (P2P) misbehavior reporting (MR) service and the inability to secure the reporter's identity and reported information. To protect vehicles from abuse, we propose a P2P non-interactive zero-knowledge proof-based privacy-preserving MR framework. Upon testing, we found that the proposed framework prevented the disclosure of the reporter's identity and information and reduced the ITS-Stations' (ITS-Ss) exposure to misbehavior by 67.7% and 79.2% in suburban and highway traffic scenarios, respectively.

  • 9.
    Khan, Suleman
    et al.
    Linköping University, Department of Computer and Information Science, Database and information techniques. Linköping University, Faculty of Science & Engineering.
    Singh Gaba, Gurjot
    Linköping University, Department of Computer and Information Science, Database and information techniques. Linköping University, Faculty of Science & Engineering.
    Gurtov, Andrei
    Linköping University, Department of Computer and Information Science, Database and information techniques. Linköping University, Faculty of Science & Engineering.
    A Federated Learning Based Privacy-Preserving Intrusion Detection System For The Cpdlc2022Conference paper (Other academic)
    Abstract [en]

    The safety of the passengers and goods in airplanes depends upon a number of combined factors. An airplane's condition and the pilot's experience are pivotal, but another very crucial element is the synchronization among the pilots and the air traffic controller (ATC). The communication link between the two carries many uncertain aspects.  The aviation sector often tends to give more priority to safety rather than cybersecurity.  Although the controller-pilot data communication link (CPDLC) system has been proposed for consistent and reliable communication recently, it has some serious drawbacks. In this paper, we highlight the shortcomings of the CPDLC system from a cyber security perspective. We propose a federated learning-based privacy-preserving intrusion detection system (IDS) to protect the CPDLC from uplink and downlink cyber attacks. To ensure a realistic and viable solution, we created our own training dataset by eavesdropping on the air-ground communication at a site near Arlanda airport, Sweden. The anomaly detection model constructed through federated learning has achieved higher accuracy, precision, recall and F1 score as compared to the centrally and locally trained models, enabling higher security. Due to the lower training loss and time, the proposed approach is highly suitable for the sensitive aviation communications.

  • 10.
    Masud, Mehedi
    et al.
    Taif Univ, Saudi Arabia.
    Singh, Gurjot
    Linköping University, Department of Computer and Information Science, Database and information techniques. Linköping University, Faculty of Science & Engineering.
    Kumar, Pardeep
    Swansea Univ, Wales.
    Gurtov, Andrei
    Linköping University, Department of Computer and Information Science, Database and information techniques. Linköping University, Faculty of Science & Engineering.
    A user-centric privacy-preserving authentication protocol for IoT-AmI environments2022In: Computer Communications, ISSN 0140-3664, E-ISSN 1873-703X, Vol. 196, p. 45-54Article in journal (Refereed)
    Abstract [en]

    Ambient Intelligence (AmI) in Internet of Things (IoT) has empowered healthcare professionals to monitor, diagnose, and treat patients remotely. Besides, the AmI-IoT has improved patient engagement and gratification as doctors interactions have become more comfortable and efficient. However, the benefits of the AmI-IoT-based healthcare applications are not availed entirely due to the adversarial threats. IoT networks are prone to cyber attacks due to vulnerable wireless mediums and the absentia of lightweight and robust security protocols. This paper introduces computationally-inexpensive privacy-assuring authentication protocol for AmI-IoT healthcare applications. The use of blockchain & fog computing in the protocol guarantees unforgeability, non-repudiation, transparency, low latency, and efficient bandwidth utilization. The protocol uses physically unclonable functions (PUF), biometrics, and Ethereum powered smart contracts to prevent replay, impersonation, and cloning attacks. Results prove the resource efficiency of the protocol as the smart contract incurs very minimal gas and transaction fees. The Scyther results validate the robustness of the proposed protocol against cyber-attacks. The protocol applies lightweight cryptography primitives (Hash, PUF) instead of conventional public-key cryptography and scalar multiplications. Consequently, the proposed protocol is better than centralized infrastructure-based authentication approaches.

    Download full text (pdf)
    fulltext
1 - 10 of 10
CiteExportLink to result list
Permanent link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • oxford
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf