Security and Privacy of QR Code Applications: A Comprehensive Study, General Guidelines and Solutions

Cioara

IEEE Open J. Comput. Soc.

et al. 2021

105

In the context of COVID-19 pandemic, the rapid roll-out of a vaccine and the implementation of a worldwide immunization campaign is critical, but its success will depend on the availability of an operational and transparent distribution chain that can be audited by all relevant stakeholders. In this paper, we discuss how blockchain technology can help in several aspects of COVID-19 vaccination scheme. We present a system in which blockchain technology is used to guaranty data integrity and immutability of beneficiary registration for vaccination, avoiding identity thefts and impersonations. Smart contracts are defined to monitor and track the proper vaccine distribution conditions against the safe handling rules defined by vaccine producers enabling the awareness of all network peers. For vaccine administration, a transparent and tamper-proof solution for side effects self-reporting is provided considering beneficiary and administrated vaccine association. A prototype was implemented using the Ethereum test network, Ropsten, considering the COVID-19 vaccine distribution conditions. The results obtained for each onchain operation can be checked and validated on the Etherscan. In terms of throughput and scalability, the proposed blockchain system shows promising results while the estimated cost in terms of gas for vaccination scenario based on real data remains within reasonable limits.

Section: Blockchain and Smart Contractsmentioning

confidence: 99%

Blockchain Platform For COVID-19 Vaccine Supply Management

Cioara

IEEE Open J. Comput. Soc.

et al. 2021

105

“…Fiducial markers deployed in everyday environments are likely to suffer attacks similar to those targeting QR-codes [87]. The situation is worsened by the facts that fiducial markers have a limited dictionary space and that there is no place in the marker pattern for error correction codes, integrity check-sums, or other security guarantees that are typically used in the more information-capable QR-codes [88]. Considering only the marker pattern, it should thus be rather easy to change one message into another without discovery.…”

Section: Reliability and Security Issues With Csr Fiducialsmentioning

confidence: 99%

Linking physical objects to their digital twins via fiducial markers designed for invisibility to humans

et al. 2021

Proceedings of International Conference on Emerging Technologies and Intelligent Systems

“…Public key cryptography (asymmetric) is a cryptographic system with two keys; public and private. This method is widely used in data encryption and authentication [23]. At the same time, Hash Function takes a message as input and returns a fixed-size value called "hash."…”

Section: Lightweight Cryptographic Smssmentioning

confidence: 99%

“…Digital Signature is a security scheme that employs public-key cryptography to validate authentication, integrity, and non-repudiation of a message, it computes the hash and then signs it by the private key [23].…”

Section: Lightweight Cryptographic Smssmentioning

confidence: 99%

Lightweight Cryptographic and Artificial Intelligence Models for Anti-smishing

Wahsheh

Al-Zahrani

2021

Self Cite

The utilization of Short Message Service (SMS) in smartphones has expanded quickly during recent years. As text informing is the most prudent choice accessible to arrive at masses, it is broadly utilized for offering buy focal points and as a promoting medium. Roughly billions of instant SMSs are sent each hour worldwide, so the expanding utilization of these messages makes it profoundly suitable for assailants. Over 90% of SMS messages are opened within a few seconds, which shows SMS's importance, making it the focus of cyber-attacks. Smishing is one of the cybercrime types that combine SMS and phishing in which trespassers send SMS containing suspicious links and content to the victims. Usually, smishing directs users to harmful websites to silently download malware or show interfaces like legitimate sites to attract users to fill in their sensitive information, i.e., passwords. This study proposes two automated models for detecting smishing by employing Lightweight cryptographic and artificial intelligence (AI) techniques. For the first model, and since there is no official validation stage in SMS construction, we developed our first contribution using a lightweight cryptographic SMS model to protect SMS and detect possible phishing or fake content. We select the standard, popular signature schemes, and evaluating the performance according to time and signature size overhead. The results showed the proposed model's effectiveness to guarantee the main security goals, authentication, integrity, and non-repudiation. Our second model deals with legacy SMS, which doesn't follow the validation stage, so we collected the SMS dataset for an AI model and manually labeled their classes as phishing or legitimate according to their link content. We preprocessed the SMS dataset to extract the link-based distinguishing features, and we applied feature selection techniques to obtain the best performance. We experimented with two artificial intelligence classifiers and