Evaluation of Out-of-Band Channels for IoT Security

Latvala, Sampsa; Sethi, Mohit; Aura, Tuomas

doi:10.1007/s42979-019-0018-8

Cited by 19 publications

(9 citation statements)

References 23 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Currently, the widely-used methods to onboard IoT devices are mostly out-of-band and include the use of QR codes physically printed on devices, pin codes, and serial numbers [38]. For example, once a user buys a smart IoT camera, he/she scans a QR code printed on the camera (or the packaging) with his/her mobile phone and through a mobile application, he/she connects the camera with a cloud service usually offered by its manufacturer.…”

Section: A Authorized Iot Device Onboardingmentioning

confidence: 99%

An Automated and Robust Image Watermarking Scheme Based on Deep Neural Networks

Zhong

Huang

Mastorakis

et al. 2021

IEEE Trans. Multimedia

103

View full text Add to dashboard Cite

Digital image watermarking is the process of embedding and extracting a watermark covertly on a cover-image. To dynamically adapt image watermarking algorithms, deep learning-based image watermarking schemes have attracted increased attention during recent years. However, existing deep learning-based watermarking methods neither fully apply the fitting ability to learn and automate the embedding and extracting algorithms, nor achieve the properties of robustness and blindness simultaneously. In this paper, a robust and blind image watermarking scheme based on deep learning neural networks is proposed. To minimize the requirement of domain knowledge, the fitting ability of deep neural networks is exploited to learn and generalize an automated image watermarking algorithm. A deep learning architecture is specially designed for image watermarking tasks, which will be trained in an unsupervised manner to avoid human intervention and annotation. To facilitate flexible applications, the robustness of the proposed scheme is achieved without requiring any prior knowledge or adversarial examples of possible attacks. A challenging case of watermark extraction from phone camera-captured images demonstrates the robustness and practicality of the proposal. The experiments, evaluation, and application cases confirm the superiority of the proposed scheme.

show abstract

Section: A Authorized Iot Device Onboardingmentioning

confidence: 99%

An Automated and Robust Image Watermarking Scheme Based on Deep Neural Networks

Zhong

Huang

Mastorakis

et al. 2021

IEEE Trans. Multimedia

103

View full text Add to dashboard Cite

show abstract

“…The human-check compares data across a visual channel, typically a display on the HM and on the computer interface. The visual channel is a type of out-of-band (OOB) communication channel, one which is independent of the primary in-band channel [LSA20] (in this case the communication between HM and computer interface). The OOB channel expands the effort required by an attacker to enact a payment or address generation attack since now both the in-band and OOB channels must be compromised.…”

Section: Mitigation For Corrupted Computer Interfacementioning

confidence: 99%

Custody Protocols Using Bitcoin Vaults

Swambo¹,

Spencer²,

McElrath³

et al. 2020

Preprint

View full text Add to dashboard Cite

A bitcoin covenant is a mechanism to enforce conditions on future bitcoin transactions. A bitcoin vault is a specific type of covenant transaction that enforces a time-lock on the transfer of control of funds to a hot wallet, but enables an immediate transfer of funds into a deep cold recovery wallet. This paper demonstrates how to integrate a bitcoin vault into a custody protocol and demonstrates the security properties of that protocol. The vault is implemented using pre-signed transactions with secure key deletion (as proposed in [SHMB20]). It is shown that vault-custody protocols enable the wallet owner to specify their desired balance for an inherent trade-off between the security of and accessibility of bitcoin holdings by adjusting the length of time-locks used. It is also demonstrated that wallet owners have increased control of risk-management by compartmentalizing funds across numerous vault transactions. While it isn't realistic to completely prevent theft, the most likely theft scenarios (compromising the hot wallet) have severely limited profitability for an attacker, deterring attempts at theft from the beginning. The proposed architecture was designed to offer defence-in-depth through redundancy and fault-tolerant functionality as well as countermeasures for class breaks through diversity across hardware and software layers. Finally, the architecture employs a detection (a watchtower) and response system that enables fail-safe recovery from attempted or partial thefts through a second type of covenant transaction, a push-to-recovery-wallet transaction.

show abstract

“…The selection of onboarding techniques depends on the design of the security architecture (e.g., distributed, centralized). Out-of-band techniques include the use of QR code and/or pre-defined passwords by users [2]. Onboarding in centralized architectures often relies on pre-established trust relations and utilize protocols, such as Extensible Authentication Protocol (EAP) [19], for authentication.…”

Section: Related Work On Iot Onboardingmentioning

confidence: 99%

“…In a world, where the number of IoT devices rapidly increases every year, the onboarding of such devices has been a challenge, especially when security becomes a requirement. One of the common techniques for IoT onboarding today is the use of Quick Response (QR) codes [1] (other popular out-of-band IoT onboarding techniques include the use pin codes or serial numbers [2]). A user scans the QR code of an IoT device with his/her mobile phone and this QR code is translated to a url, which allows the user to communicate with a server typically located on the cloud.…”

Section: Introductionmentioning

confidence: 99%

DLWIoT: Deep Learning-based Watermarking for Authorized IoT Onboarding

Mastorakis¹,

Zhong²,

Huang³

et al. 2020

Preprint

View full text Add to dashboard Cite

The onboarding of IoT devices by authorized users constitutes both a challenge and a necessity in a world, where the number of IoT devices and the tampering attacks against them continuously increase. Commonly used onboarding techniques today include the use of QR codes, pin codes, or serial numbers. These techniques typically do not protect against unauthorized device access-a QR code is physically printed on the device, while a pin code may be included in the device packaging. As a result, any entity that has physical access to a device can onboard it onto their network and, potentially, tamper it (e.g., install malware on the device). To address this problem, in this paper, we present a framework, called Deep Learningbased Watermarking for authorized IoT onboarding (DLWIoT), featuring a robust and fully automated image watermarking scheme based on deep neural networks. DLWIoT embeds user credentials into carrier images (e.g., QR codes printed on IoT devices), thus enables IoT onboarding only by authorized users. Our experimental results demonstrate the feasibility of DLWIoT, indicating that authorized users can onboard IoT devices with DLWIoT within 2.5-3sec.

show abstract

Evaluation of Out-of-Band Channels for IoT Security

Cited by 19 publications

References 23 publications

An Automated and Robust Image Watermarking Scheme Based on Deep Neural Networks

An Automated and Robust Image Watermarking Scheme Based on Deep Neural Networks

Custody Protocols Using Bitcoin Vaults

DLWIoT: Deep Learning-based Watermarking for Authorized IoT Onboarding

Contact Info

Product

Resources

About