Smart home networks have been recognized as one of its representative important applications in the forthcoming 5G era. It is also expected that in 5G networks, future smart home services will be much powered by mobility management, which enables users to remotely access and control their inhome Internet of Things (IoT) sensors and appliances anywhere anytime any device. As a major solution, Distributed IP Mobility Management (DMM) can be considered because it addresses the limitation of the centralized approaches as well as its flat architecture is suit for 5G networks. Obviously, without being protected, mobility management can cause smart home systems to be vulnerable to various security threats. Especially, it is of paramount important to protect data traffic transmitted between user mobile devices and their in-home IoT appliances because they include users' sensitive and critical privacy information. Taking this into consideration, it is necessary to support secure route optimization, which allows the involved devices to directly communicate each other in secure way while minimizing possibility of information leakage during data transmission. According to our best knowledge, there is no study on securing route optimization for DMM networks. Motivated by this, we propose a secure route optimization protocol for DMM-based smart home systems. The proposed security protocol, composed of the route optimization initialization and handover phases, is designed to provide mutual authentication, key exchange, perfect forward secrecy, and privacy protection. Its security is thoroughly verified through the two formal security analysis tools, BAN-logic and Automated Validation of Internet Security Protocols and Applications (AVISPA). From the comparison analysis, it is shown that the proposed protocol is better than other standard protocols.INDEX TERMS Security, route optimization, distributed mobility management, smart home, IoT.
To overcome the resource and computing power limitation of mobile devices in Internet of Things (IoT) era, a cloud computing provides an effective platform without human intervention to build a resource-oriented security solution. However, existing malware detection methods are constrained by a vague situation of information leaks. The main goal of this paper is to measure a degree of hiding intention for the mobile application (app) to keep its leaking activity invisible to the user. For real-world application test, we target Android applications, which unleash user privacy data. With the TaintDroid-ported emulator, we make experiments about the timing distance between user events and privacy leaks. Our experiments with Android apps downloaded from the Google Play show that most of leak cases are driven by user explicit events or implicit user involvement which make the user aware of the leakage. Those findings can assist a malware detection system in reducing the rate of false positive by considering malicious intentions. From the experiment, we understand better about app’s internal operations as well. As a case study, we also presents a cloud-based dynamic analysis framework to perform a traffic monitor.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.