Research (Thesis work)

The Internet of Things (IoT) is a network that integrates a variety of heterogeneous nodes, such as connected devices (sensors, robots, smart phones ...), connected cars, smart homes, etc. These smart objects communicate and collaborate in distributed and dynamic environments that are facing several security challenges. Trust management is one of the most important challenges in IoT. Existing trust management solutions do not meet the new requirements of IoT such as heterogeneity, mobility and scalability. In this work, we proposed a hierarchical and scalable blockchain-based trust management protocol with mobility support in massively distributed IoT systems. In our protocol, mobile smart objects disseminate trust information on service providers to the blockchain. Thus, all the objects will have a global view on each service provider in the architecture, which speeds up the trust evaluation process. In addition, our protocol is resilient against the most known malicious attacks such as bad-mouthing, ballot-stuffing and cooperative attacks. We confirm the efficiency of our proposal through theoretical analysis and extensive simulations. Finally, we show that it outperforms existing solutions especially in terms of scalability, mobility support, communication and computation costs.
In Université de Technologie de Compiègne, 2020.

The Internet of things (IoT) is a new technology that aims to connect billions of physical devices to the Internet. The components of IoT communicate and collaborate between each other in distributed and dynamic environments, which are facing several security challenges. In addition, the huge number of connected objects and the limitation of their resources make the security in IoT very difficult to achieve. In this thesis, we focus on the application of lightweight cryptographic approaches and blockchain technology to address security problems in IoT, namely : authentication and trust management. First, we were interested on some kind of IoT applications where we need to control remotely the execution of smart actuators using IoT devices. To solve this problem, we proposed an efficient and fine-grained access control solution, based on the Attribute Based Encryption (ABE) mechanism and oneway hash chains. Using formal security tools, we demonstrated the security of our scheme against malicious attacks. Second, we tackled the problem of authentication in IoT based fog computing environments. Existing authentication techniques do not consider latency constraints introduced in the context of fog computing architecture. In addition, some of them do not provide mutual authentication between devices and fog servers. To overcome these challenges, we proposed a novel, efficient and lightweight mutual authentication scheme based on blockchain technology and secret sharing technique. We demonstrated the efficiency of our authentication scheme through extensive simulations. The third problem treated in this work is the trust management in IoT. Existing trust management protocols do not meet the new requirements introduced in IoT such as heterogeneity, mobility and scalability. To address these challenges, we proposed a new scalable trust management protocol based on consortium blockchain technology and fog computing paradigm, with mobility support. Our solution allows IoT devices to accurately assess and share trust recommendations about other devices in a scalable way without referring to any pre-trusted entity. We confirmed the efficiency of our proposal through theoretical analysis and extensive simulations. Finally, we showed that our protocol outperforms existing solutions especially in terms of scalability, mobility support, communication and computation.
In Université de Technologie de Compiègne, 2019.

Publications

Filter by type:

Sort by year:

Internet of Things Security: a top-down survey

Djamel Eddine Kouicem, Abdelmadjid Bouabdallah, Hicham Lakhlef
Journal Paper in Computer networks , 2018

Abstract

Internet of Things (IoT) is one of the promising technologies that has attracted a lot of attention in both industrial and academic fields these years. It aims to integrate seamlessly both physical and digital worlds in one single ecosystem that makes up a new intelligent era of Internet. This technology offers a huge business value for organizations and provides opportunities for many existing applications such as energy, healthcare and other sectors. However, as new emergent technology, IoT suffers from several security issues which are most challenging than those from other fields regarding its complex environment and resources-constrained IoT devices. A lot of researches have been initiated in order to provide efficient security solutions in IoT, particularly to address resources constraints and scalability issues. Furthermore, some technologies related to networking and cryptocurrency fields such as Software Defined Networking (SDN) and Blockchain are revolutionizing the world of the Internet of Things thanks to their efficiency and scalability. In this paper, we provide a comprehensive top down survey of the most recent proposed security and privacy solutions in IoT. We discuss particularly the benefits that new approaches such as blockchain and Software Defined Networking can bring to the security and the privacy in IoT in terms of flexibility and scalability. Finally, we give a general classification of existing solutions and comparison based on important parameters.

Decentralized Blockchain-Based Trust Mnagement Protocol for the Internet of Things

Djamel Eddine Kouicem, Youcef Imine, Abdelmadjid Bouabdallah, Hicham Lakhlef
Journal Paper under minor revision in IEEE Transactions on Dependable and Secure Computing

Abstract

The Internet of Things (IoT) is a network that integrates a variety of heterogeneous nodes, such as connected devices (sensors, robots, smart phones ...), connected cars, smart homes, etc. These smart objects communicate and collaborate in distributed and dynamic environments that are facing several security challenges. Trust management is one of the most important challenges in IoT. Existing trust management solutions do not meet the new requirements of IoT such as heterogeneity, mobility and scalability. In this paper, we propose a hierarchical and scalable blockchain-based trust management protocol with mobility support in massively distributed IoT systems. In our protocol, mobile smart objects disseminate trust information on service providers to the blockchain. Thus, all the objects will have a global view on each service provider in the architecture, which speeds up the trust evaluation process. In addition, our protocol is resilient against the most known malicious attacks such as bad-mouthing, ballot-stuffing and cooperative attacks. We confirm the efficiency of our proposal through theoretical analysis and extensive simulations. Finally, we show that it outperforms existing solutions especially in terms of scalability, mobility support, communication and computation costs.

An Efficient Architecture for Trust Management in IoE Based Systems of Systems

Djamel Eddine Kouicem, Abdelmadjid Bouabdallah, Hicham Lakhlef
Conference Paper 13th Annual Conference on System of Systems Engineering,
Lisbon, Portugal, 8--12 May 2017. Paris, France, 19-22 June. 2018

Abstract

Internet of Every things (IoE) is a network that integrates a variety of heterogeneous nodes, such as connected portable devices, connected cars, smart home appliances, humans, etc. to Internet. The constituents of IoE are heterogeneous, distributed by nature and also autonomous in most of cases, which meet the criteria of what we call Systems of Systems (SoS). These smart objects communicate and collaborate between each other in dynamic environments which are subject to several security attacks. In this paper, we propose a hierarchical based blockchain trust management architecture with mobility support in highly distributed IoE based Systems of Systems. This architecture deals efficiently with scalability issues. It allows smart objects to disseminate the trustworthiness of the service providers they interact with them to the blockchain. This later makes the access to this information possible from anywhere and ensures a global view of trustworthiness information. Thanks to the blockchain technology, our architecture outperforms the existing trust management solutions especially in terms of scalability and mobility support.

MASFOG: An Efficient Mutual Authentication Scheme for Fog Computing Architecture

Youcef Imine, Djamel Eddine Kouicem, Abdelmadjid Bouabdallah, Ahmed Lounis
Conference Paper in proceedings 17th TrustCom - IEEE International Conference on Trust, Security and Privacy in Computing and Communications,
New York, NY, USA, 1--3 Aug. 2018

Abstract

Fog computing is a new paradigm which extends cloud computing services into the edge of the network. Indeed, it aims to pool edge resources in order to deal with cloud's shortcomings such as latency problems. However, this proposal does not ensure the honesty and the good behavior of edge devices. Thus, security places itself as an important challenge in front of this new proposal. Authentication is the entry point of any security system, which makes it an important security service. Traditional authentication schemes endure latency issues and some of them do not satisfy fog-computing requirements such as mutual authentication between end devices and fog servers. Thus, new authentication protocols need to be implemented. In this paper, we propose a new efficient authentication scheme for fog computing architecture. Our scheme ensures mutual authentication and remedies to fog servers' misbehaviors. Moreover, fog servers need to hold only a couple of information to verify the authenticity of every user in the system. Thus, it provides a low overhead in terms of storage capacity. Finally, we show through experimentation the efficiency of our scheme.

An Efficient and Anonymous Blockchain-Based Data Sharing Scheme for Vehicular Networks

Djamel Eddine Kouicem, Abdelmadjid Bouabdallah, Hicham Lakhlef
Conference Paper submitted to the 25th IEEE Symposium on Computers and Communications (ISCC),2020-Rennes, France

Abstract

Vehicular Ad Hoc networks (VANETs) is a new emerging technology that aims at connecting vehicles using wireless communication technologies. With the emergence of VANETs, new advanced applications have emerged away which aim at enhancing driving safety and traffic management. These applications exploit the huge amount of data, shared between vehicles and infrastructure, through advanced data analysis. Due to resources limitation of vehicles, this increasing volume of data is stored on powerful edge computing servers spread over the VANETs infrastructure. However, these edge servers are not fully trusted, which rise new serious security and privacy challenges regarding the shared data between vehicles. In this work, we propose a new data-sharing scheme that protects the privacy of vehicles and drivers. We base our construction on consortium blockchain, smart contracts and Zero-Knowledge Proofs (ZKP) to propose a decentralized and anonymous data-sharing scheme. In addition, we propose a fine-grained data storage scheme on the top of blockchain, based on publish-subscribe model to enhance the data management. We confirm the efficiency of our scheme through extensive simulations and experiments. The numerical results showed that our protocol achieves a reasonable efficiency while guaranteeing a high level of security.

A Novel SDN Scheme for QoS Path Allocation in Wide Area Networks

Ilhem Fajjari, Nadjib Aitsaadi, Djamel Eddine Kouicem
Conference Paper in proceedings GLOBECOM 2017 - 2017 IEEE Global Communications Conference,
Singapore, Singapore, 4--8 Dec. 2017

Abstract

The massive adoption of Cloud services has led to the explosion of traffic transiting over the Cloud infrastructure. Such an impressive evolution of data demand will inevitably be the catalyst of Operator infrastructure transformation. In this context, Software Defined Networking (SDN) is the technology that is shaping the future of carriers' networks. SDN considerably reduces the complexity of managing the network infrastructure while providing tremendous computational power compared to legacy devices. In this paper, we address the resource allocation issue in Wide Area Networks (WAN) while considering the requested QoS. To do so, we design an SD-WAN architecture to enhance the network resources allocation and hence improve the QoS of distributed applications. We formulate first the path computation problem as an Integer Linear Program while taking into consideration both network application requirements and the network occupation status. The problem is then resolved in a polynomial time leveraging the Branch-and-Cut algorithm. Results obtained with our experimental platform, show that the proposed SD-WAN framework outperforms the most prominent related solutions in terms of applications' satisfaction level and consumption of network's resources.

An enhanced Path Computation for Wide Area Networks based on Software Defined Networking

Djamel Eddine Kouicem, Ilhem Fajjari, Nadjib Aitsaadi
Conference Paper in proceedings Integrated Network and Service Management 2017, Lisbon, Portugal, 8--12 May. 2017

Abstract

Global IP traffic is forecast to triple by 2020 to reach 2.3 ZB per year. Such an explosion will inevitably be the catalyst of Operator infrastructure transformation. In this context, SDN is the technology that is shaping the future of carriers' networks. It offers the opportunity to implement more powerful control algorithms. In this perspective, we put forward a SD-WAN architecture to enhance the network resources allocation and hence improve the QoS of distributed applications. The main idea is to take profit from the accurate network view provided by the controller to optimize the flows routing in WAN environments. To do so, we formulate the path computation problem as an Integer Linear Program by taking into consideration both network application requirements and the network occupation status. The problem is then resolved in a polynomial time leveraging the branch-and-cut algorithm. Results obtained based an experimental platform show that our ONOS SDN framework outperforms the most prominent related work solutions in terms of network consumption and applications satisfaction level.

Distributed Fine-Grained Secure Control of Smart Actuators in Internet of Things

Djamel Eddine Kouicem, Abdelmadjid Bouabdallah, Hicham Lakhlef
Conference Paper in proceedings 15th IEEE International Symposium on Parallel and Distributed Processing with Applications,
Guangzhou, China, 12--15 Dec. 2017

Abstract

Internet of Things is a new emerging technology that promises a new era of Internet through encompassing seamlessly physical and digital worlds in one single intelligent ecosystem. This goal is achieved by interconnecting a large number of smart objects from the physical word such as smartphones, sensors, robots, connected cars, etc., to Internet. Nowadays, with the advent of Internet of Things, we need efficient mechanisms to remotely control IoT smart actuators by users and controllers using smartphones and IoT devices. This arises particularly in industrial Cyber-Physical Systems to supervise industrial processes. However, the complex environment of IoT systems makes this task very difficult to achieve regarding the number of connected objects and their resource limitation. In this paper, we tackle the problem of remote secure control of IoT actuators. We propose a distributed lightweight fine-grained access control based on Attribute Based Encryption mechanism and one way hash chain. We conducted security analysis and formal verification using AVISPA. The results demonstrated that our scheme is secure against various attacks. Moreover, the simulation results demonstrated the scalability and the efficiency of our solution, which saves substantially energy consumption and computation costs.

Teaching

SR 01 – Mastering Operating Systems

96h of labs. (TD) for undergraduate students

Ce cours est une initiation à l’apprentissage du langage C - Développement de programmes (compilation, make,...) - Utilisation pratique d’un système d’exploitation (commandes shell, fichiers, réseau, interface graphique,...) - Programmation système (gestion des processus, les signaux, ...) - apprentissage du langage Python (objets, modules, interfaces graphiques, ...).

SR 02 – Advanced Concepts in Operating Systems

64h of labs. (TD) for undergraduate students

Ce cours présente l’architecture d’un système d’exploitation et les mécanismes utilisés pour implémenter ses différents composants. Le cour permet aux étudiants de comprendre en particulier les mécanismes de base d’exécution de programmes : de la micro-architecture à la notion de processus, la commutation de contexte, interruptions, appels système, la gestion des processus dans un système multi-tâches et la problématique de synchronisation de processus, la gestion de la mémoire et la mise en oeuvre de la mémoire virtuelle. Par ailleurs, les étudiants réalisent des travaux pratiques à l’aide de l’API UNIX qui implémente les différents concepts introduits en cours.

NF 16 – Algorithm and data structures

40h of labs. (TD) for undergraduate students

This course presents the main data structures (tables, linked lists, stacks, queues, trees, etc). The tutorials study the key algorithms applied to these data structures along with their complexity. The course is taught in C language.

LO 21 – Object oriented Programming with C++

48h of labs. (TD) for undergraduate students

Ce cours présente une initiation à la conception et à la programmation objet. Études des différents concepts liés à l’orienté objet (Classe, Objet, Encapsulation, Héritage, Programmation Générique, UML, Design Patterns).