Abstract
To ensure the security of Internet of Things (IoT) communications, one can use deep packet inspection (DPI) on network middleboxes to detect and mitigate anomalies and suspicious activities in network traffic of IoT, although doing so over encrypted traffic is challenging. Therefore, in this article, an efficient and privacy-preserving encrypted traffic detection scheme is proposed. The scheme uses only lightweight cryptographic operations (i.e., symmetric encryption, hash functions, and pseudorandom functions) to achieve both privacy and security within an inspection round. A dispute resolution mechanism is also designed to address potential disputes between client(s) and server(s). We also present the corresponding security proof and experimental evaluation, which demonstrate that our proposed scheme achieves strong security and privacy preservation and good performance.
Original language | English |
---|---|
Pages (from-to) | 17265-17279 |
Number of pages | 15 |
Journal | IEEE Internet of Things Journal |
Volume | 9 |
Issue number | 18 |
Early online date | 28 Feb 2022 |
DOIs | |
Publication status | Published - 15 Sept 2022 |
Bibliographical note
Publisher Copyright:© 2014 IEEE.
Funding
The work of Dajiang Chen, Hao Wang, and Xuyun Nie was supported by NSFC under Grant 61872059, Grant 61771417, and Grant 61502085; in part by the Project The Verification Platform of Multi-tier Coverage Communication Network for Oceans under Grant LZC0020; in part by the International Scientific and Technological Innovation Cooperation Project in Sichuan Province under Grant 2020YFH0062; and in part by the Open Foundation of State Key Laboratory of Networking and Switching Technology (Beijing University of Posts and Telecommunications) under Grant SKLNST-2019-2-13. The work of Kim-Kwang Raymond Choo was supported by the Cloud Technology Endowed Professorship.
Keywords
- Encrypted traffic inspection
- IoT security
- privacy preserving
- symmetric cryptographic techniques