Extending hybrid approach to secure Trivial File Transfer Protocol in M2M communication: a comparative analysis

Mohamed, Nur Nabila; Yussoff, Yusnani Mohd; Isa, Mohd Anuar Mat; Hashim, Habibah

doi:10.1007/s11235-018-0522-5

Cited by 5 publications

(4 citation statements)

References 24 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This involves establishing two connections between the hosts -one dedicated to data transfer with port number 20 and the other handling control information with port number 21.The control processes utilize the control connection, which remains open for the entirety of the FTP session. In parallel, the data transfer processes employ the data connection, specifically opened for the file transfer operation and subsequently closed once the transfer is completed [106], [107]. The fundamental FTP model is illustrated in the Figure 7 while Table 5 presents a summary of the TCP/IP Application Layer Protocols.…”

Section: Imapmentioning

confidence: 99%

Performance, privacy, and security issues of TCP/IP at the application layer: A comprehensive survey

Timothy Murkomen

2024

GSC Adv. Res. Rev.

View full text Add to dashboard Cite

TCP/IP is the backbone of modern network communication, connecting devices across the world. TCP/IP at its core is a suite of protocols that enables the transmission of data between computers, facilitating the foundation of the interconnected global network. At the Application Layer of TCP/IP is where the interaction between software applications and the network occurs. The user-centric protocols such as HTTP, SMTP, FTP, POP3, IMAP and DNS facilitate various tasks at this layer such as web browsing, email communication, and file transfer. This comprehensive survey conducted an exploration of the performance, security and privacy issues at the application layer of the TCP/IP. It initiated by providing a background of TCP/IP model, it’s architecture and the core characteristics, with major focus on the application layer. This paper aimed to discuss the state-of-the-art of performance, privacy and security concerns in TCP/IP application layer. It also proposed future research areas to equip researchers, practitioners, policy makers and the decision makers with tangible knowledge, offering guidance in navigating the performance, privacy and security concerns in TCP/IP Application Layer. It aimed to discuss the current performance, privacy and security research gaps at the Application Layer of the TCP/IP Model. The findings of this research sheds light on the performance, privacy and security issues while suggesting the countermeasures to strengthen and optimize the overall performance, security and privacy of TCP/IP model at the application layer. The paper finally suggests future directions and research areas at the TCP/IP application layer.

show abstract

Section: Imapmentioning

confidence: 99%

Performance, privacy, and security issues of TCP/IP at the application layer: A comprehensive survey

Timothy Murkomen

2024

GSC Adv. Res. Rev.

View full text Add to dashboard Cite

show abstract

“…New opcode for cryptographic key exchange was added and cryptographic keys are exchanged to encrypt data. Mohamed [ 18 , 19 ] implemented a TFTP based on Diffie–Hellman key exchange and advanced encryption standard public key encryption to improve the security of data and message exchange over the TFTP in machine-to-machine environments. We conducted a study to apply encryption to the data transmitted through this TFTP.…”

Section: Related Workmentioning

confidence: 99%

“…In the proposed system, public key exchanges and file access requests are handled separately. In the later work [ 19 ], public key exchange was performed as part of the file access request process, which yielded similar performance compared to the previously proposed system. This system provided security against man-in-the-middle attacks by applying encryption to data transmitted via the TFTP, but it did not handle actual file access control because it focused on data exchange security for the TFTP.…”

Section: Related Workmentioning

confidence: 99%

FLEX-IoT: Secure and Resource-Efficient Network Boot System for Flexible-IoT Platform

Park

Kim

Yun

et al. 2021

Sensors

View full text Add to dashboard Cite

In an internet of things (IoT) platform with a copious number of IoT devices and active variation of operational purpose, IoT devices should be able to dynamically change their system images to play various roles. However, the employment of such features in an IoT platform is hindered by several factors. Firstly, the trivial file transfer protocol (TFTP), which is generally used for network boot, has major security vulnerabilities. Secondly, there is an excessive demand for the server during the network boot, since there are numerous IoT devices requesting system images according to the variation of their roles, which exerts a heavy network overhead on the server. To tackle these challenges, we propose a system termed FLEX-IoT. The proposed system maintains a FLEX-IoT orchestrater which uses an IoT platform operation schedule to flexibly operate the IoT devices in the platform. The IoT platform operation schedule contains the schedules of all the IoT devices on the platform, and the FLEX-IoT orchestrater employs this schedule to flexibly change the mode of system image transfer at each moment. FLEX-IoT consists of a secure TFTP service, which is fully compatible with the conventional TFTP, and a resource-efficient file transfer method (adaptive transfer) to streamline the system performance of the server. The proposed secure TFTP service comprises of a file access control and attacker deception technique. The file access control verifies the identity of the legitimate IoT devices based on the hash chain shared between the IoT device and the server. FLEX-IoT provides security to the TFTP for a flexible IoT platform and minimizes the response time for network boot requests based on adaptive transfer. The proposed system was found to significantly increase the attack-resistance of TFTP with little additional overhead. In addition, the simulation results show that the volume of transferred system images on the server decreased by 27% on average, when using the proposed system.

show abstract

“…The zero client runs locally by downloading the client image from a virtual server used for diskless boot technology.The zero client does not install the client operating system, unlike the thin and fat clients.The zero client uses the PXE protocol to boot from the network, with the help of a virtual server using diskless boot technology on the desktop device.Virtual server using diskless boot technology installs the virtual machine operating system,as well as the DHCP [9]module and the TFTP [10] module.The zero client obtains an available IP address through the DHCP module,and then downloads the corresponding client image through the TFTP module,that is to say,they are downloaded to the client image.In this way,the zero client can be booted.…”

Section: A Desktop Delivery Device Implementation Approachmentioning

confidence: 99%

Research on Desktop Delivery Device Based on Virtualization Technology

2021

Proceedings of 2021 the 11th International Workshop on Computer Science and Engineering

View full text Add to dashboard Cite

This paper introduces a method of desktop delivery device based on virtualization technology [1].Desktop delivery device creates virtual desktop[2] and makes-desktop image through virtual desktop delivery management engines.When the thin client[3] requests, the virtual desktop is assigned to the thin client and recycled from the thin client;when the fat client requests,the desktop image is assigned to the fat client and recycled from the fat client;when the zero client requests,the client image is transferred to the zero client,and then works in the way of thin client or fat client.The method can support multiple clientsin one virtual desktop architecture.

show abstract

Extending hybrid approach to secure Trivial File Transfer Protocol in M2M communication: a comparative analysis

Cited by 5 publications

References 24 publications

Performance, privacy, and security issues of TCP/IP at the application layer: A comprehensive survey

Performance, privacy, and security issues of TCP/IP at the application layer: A comprehensive survey

FLEX-IoT: Secure and Resource-Efficient Network Boot System for Flexible-IoT Platform

Research on Desktop Delivery Device Based on Virtualization Technology

Contact Info

Product

Resources

About