Extending hybrid approach to secure Trivial File Transfer Protocol in M2M communication: a comparative analysis

Published on Apr 1, 2019in Telecommunication Systems1.707
· DOI :10.1007/s11235-018-0522-5
Nur Nabila Mohamed3
Estimated H-index: 3
(UiTM: Universiti Teknologi MARA),
Yusnani Mohd Yussoff6
Estimated H-index: 6
(UiTM: Universiti Teknologi MARA)
+ 1 AuthorsHabibah Hashim11
Estimated H-index: 11
(UiTM: Universiti Teknologi MARA)
Embedded Machine-to-Machine (M2M) is one of the hottest research topics in recent industrial Internet of Things. In order to serve the communication to effectively transfer data and messages between machines, the system must incorporate a file transfer protocol, known as Trivial File Transfer Protocol (TFTP). However, the main constraint is lack of security mechanism during TFTP Client–Server communication whereby its reliability is questionable as the protocol does not support any authentication or encryption methods, also provide no access control and zero protection from Man-In-The-Middle. Hence, in order to enhance the protocol security, hybrid security approach combining Diffie Hellman Key Exchange (DHKE) scheme and Advanced Encryption Standard symmetric encryption algorithm are proposed to be integrated into TFTP packet header. In this work, we present a performance comparison of three different protocols: the original TFTP protocol, TFTP protocol with single security extension, and our proposed TFTP protocol integrated with hybrid security approach to analyse the effectiveness of the method. The finding demonstrates that our proposed secure TFTP protocol generates comparable execution time as when implementing single encryption option, also more reliable to be used in the commercial system especially for low-cost M2M embedded infrastructure.
  • References (32)
  • Citations (0)
📖 Papers frequently viewed together
179 Citations
9 Citations
3 Citations
78% of Scinapse members use related papers. After signing in, all features are FREE.
#1Vipindev Adat (National Institute of Technology, Kurukshetra)H-Index: 2
#2Brij B. Gupta (National Institute of Technology, Kurukshetra)H-Index: 28
Abstract Internet technology is very pervasive today. The number of devices connected to the Internet, those with a digital identity, is increasing day by day. With the developments in the technology, Internet of Things (IoT) become important part of human life. However, it is not well defined and secure. Now, various security issues are considered as major problem for a full-fledged IoT environment. There exists a lot of security challenges with the proposed architectures and the technologies w...
38 CitationsSource
#1Xiong Li (Hunan University of Science and Technology)H-Index: 29
#2Maged Hamada Ibrahim (Helwan University)H-Index: 10
Last. Rahul Kumar (P.G. College)H-Index: 3
view all 4 authors...
The mobility and openness of wireless communication technologies make Mobile Healthcare Systems (mHealth) potentially exposed to a number of potential attacks, which significantly undermines their utility and impedes their widespread deployment. Attackers and criminals, even without knowing the context of the transmitted data, with simple eavesdropping on the wireless links, may benefit a lot from linking activities to the identities of patient’s sensors and medical staff members. These vulnerab...
6 CitationsSource
#1K. Rasool ReddyH-Index: 2
#2Ch. Madhava RaoH-Index: 1
Currently safety is one of the primary concerns in the transmission of images due to increasing the use of images within the industrial applications. So it’s necessary to secure the image facts from unauthorized individuals. There are various strategies are investigated to secure the facts. In that encryption is certainly one of maximum distinguished method. This paper gives a sophisticated Rijndael (AES) algorithm to shield the facts from unauthorized humans. Here Exponential Key Change (EKE) c...
1 CitationsSource
#1Weiqing You (Beijing Electronic Science and Technology Institute)H-Index: 1
#2Guozhen Shi (Beijing Electronic Science and Technology Institute)H-Index: 1
Last. Chuang Qing (Beijing Electronic Science and Technology Institute)H-Index: 1
view all 5 authors...
The rapid development of computer technology will be the whole world as a whole, the widespread application of instant messaging technology to bring great convenience to people's lives, while privacy protection has become a more significant problem. For ordinary it's hard to equip themselves with a cryptograph machine. In this paper, through in-depth study of elliptic curve cryptosystem ECC and advanced encryption standard AES encryption algorithm, according to the characteristics of public key ...
1 CitationsSource
#1N. N. Mohamed (UiTM: Universiti Teknologi MARA)H-Index: 1
Last. Hashimah HashimH-Index: 1
view all 4 authors...
Advances in the communication technology of embedded systems have led to the situation where nowadays almost all systems should implement security for data safety. Trivial File Transfer Protocol (TFTP) has advantages for use in embedded systems due to its speed and simplicity, however without security mechanisms, it is vulnerable to various attacks. As an example, during upgrading of Wireless Access Points (WAPs), attackers can access the information and modify it, and then install malicious cod...
1 Citations
#1Muhammad Haikal Azaim (Telkom University)H-Index: 1
#2Dodi Wisaksono Sudiharto (Telkom University)H-Index: 2
Last. Erwid Musthofa Jadied (Telkom University)H-Index: 1
view all 3 authors...
A Short Message Service (SMS) is a popular mechanism to communicate. However, for an important purpose, a mechanism to protect SMS messages is needed so the SMS messages cannot be easily read by entities who are not permitted to see. Keeping an authentication of messages, and ensuring messages are received by a right entity are also an important aspect. Maintaining confidentiality of messages, by combining symmetric and asymmetric scheme are used. The combination can be implemented by using the ...
1 CitationsSource
#1Boris Sieklik (Edinburgh Napier University)H-Index: 1
#2Richard Macfarlane (Edinburgh Napier University)H-Index: 6
Last. William J Buchanan (Edinburgh Napier University)H-Index: 15
view all 3 authors...
Web threats are becoming a major issue for both governments and companies. Generally, web threats increased as much as 600% during last year (WebSense, 2013). This appears to be a significant issue, since many major businesses seem to provide these services. Denial of Service (DoS) attacks are one of the most significant web threats and generally their aim is to waste the resources of the target machine (Mirkovic & Reiher, 2004). Distributed Denial of Service (DDoS) attacks are typically execute...
10 CitationsSource
#1George Suciu (Politehnica University of Bucharest)H-Index: 12
#2Cristina Butca (Politehnica University of Bucharest)H-Index: 3
Last. Victor Suciu (Politehnica University of Bucharest)H-Index: 10
view all 3 authors...
Network monitoring represents an important factor in improving the quality of the services provided by communication networks. In this paper we describe a part of a network management and monitoring system that uses Machine-to-Machine (M2M) sensor systems, reducing costs through fast isolation of a subpart of the network that is not functional. The main contribution of this paper consists in the integration of data acquisition from the various equipments and sensors. Finally, the paper discusses...
1 CitationsSource
#1Mohd Anuar Mat Isa (UiTM: Universiti Teknologi MARA)H-Index: 6
#2Habibah Hashim (UiTM: Universiti Teknologi MARA)H-Index: 11
Last. Ramlan Mahmod (UPM: Universiti Putra Malaysia)H-Index: 14
view all 6 authors...
In this work, we present an adversary model that incorporates side channel attacks in the Indistinguishability Experiment for Adaptive Chosen Ciphertext Attack (CCA2). We propose security assumptions and an attack model for a secure SSW-ARQ protocol with an integration of TFTP protocol. We also present the security reduction of SSW-ARQ protocol from Cramer-Shoup encryption scheme, timing and power attacks as side channel security for the SSW-ARQ protocol. We suggest using a lightweight symmetric...
2 CitationsSource
#1Rashmi Singh (Graphic Era University)H-Index: 1
#2Isha Panchbhaiya (Graphic Era University)H-Index: 1
Last. R.H. GoudarH-Index: 1
view all 4 authors...
Abstract Internet and network application are growing at very fast rate, so the need to protect such application are increased. This paper solves this problem by proposing two different encryption techniques. The first proposed technique focus on compression of data by half and the second technique justify Shallon's idea of diffusion by generating different cipher text character for single plaintext character for its different occurrences in the plaintext. The combinatorial effect of using exist...
1 CitationsSource
Cited By0