Aref MEDDEB
Research
The Internet of Things (IoT) is marking the launch of a new era in the history of humankind. A plethora of applications and services, that we could not even imagine a few years back, are becoming reality. IoT devices including sensors, tags, and actuators are generating an overwhelming amount of data that might be impossible to track and process in reasonable times. Therefore, IoT systems must be optimized to help gather useful information in a timely and secure manner.
Decisions that need to be made following the collection of data require further complex treatment. As such, learning and understanding the environment through the collected data becomes essential. Deep learning in big data is one of the most promising options to respond to such needs [1].
On the other hand, with the advent of IoT, ICT Technology is becoming more and more entwined with everything we use in our daily life and the consequences of security flaws escalate rapidly. As smart objects will govern most of the car’s, plants, road traffic, and home appliances, potential disaster scenarios become obvious. In this context, successful attacks could lead to scary scenarios [2]. Since its inception, there were several actions opposing IoT. For example, Americans seem to find future technology both fascinating and frightening [3]. Therefore, security of IoT systems must be addressed adequately.
Pushed by time to market constraints, plenty of IoT solutions are being commercialized over the current Internet infrastructure. IoT must also overcome some tricky regulatory issues [4]. While industry stakeholders argue that unnecessary regulation could cripple innovation and compromise business opportunities, consumers are worried about the potential risks of IoT with regards to privacy in the absence of regulation. Nonetheless, it may not be fair to place the emphasis solely on the potential problems of IoT. In fact, IoT is expected to grow mainly through users’ consent and trust.
Below I provide a summary of some of the main research activities that I conducted over the last couple of years. These activities range from Security and Privacy of IoT Systems, to the application of deep learning and vehicular networks to driving safety, and also network optimization. I also provide some of my new research directions.
Security and Privacy of IoT Systems
Billions of connected devices raise obvious security and privacy concerns [5]. While security issues are quite straightforward, mainly from background knowledge, privacy issues are more complex and may constitute challenging obstacles to large-scale deployment of IoT. In fact, unprotected personal information may expose sensitive and embarrassing data to the public.
As Vinton Cerf pointed out, “figuring out how to make a security system work well that doesn’t require the consumer to be an expert is a pretty big challenge.” In fact, technology seems to have evolved far beyond any expectations and we seem to be not prepared to deal with it. Further, Vinton Cerf’s statement “Privacy may actually be an anomaly” generated a whole lot of discussions among Internet users. In addition, as Scott McNealy further pointed out more than two decades ago: “You have zero privacy anyway. Get over it!”
From an industry perspective, privacy is a matter of user conduct and responsibility. Consumers need to be trained to understand that by saving their personal data on various devices, they expose themselves to various types of attacks. A recent Microsoft study on the “contextual nature of consumers’ comfort level with data sharing” reveals that acceptance depends on device and on the perceived value in return for sharing the data. For instance, sharing location information with Google maps may be accepted by travelers but not by residents. Also, in disaster situations, users are much more likely to divulgate their personal data.
Further, with the advances in Quantum Computing (QC) and Artificial Intelligence (AI), cryptanalysis on existing cryptographic algorithms and cipher suites can be made much faster than with traditional computers. Therefore, key exchange, public-key encryption, and signatures would no longer be secure due to Shor's algorithm. In addition, due to Grover's algorithm, the security of a block cipher with a key size of n bits will only offer n/2 bits of security. Further, the harvest and decrypt attack stores encrypted data today and decrypts it years later, once a quantum computer is available. This situation suggests that we must switch to quantum-resistant security solutions.
Furthermore, AI methods can be empowered by quantum computers to automate various attacks such as hacking, phishing, ransomware, and malware propagation at large scales. Quantum computers and AI can also be used to launch devastating Distributed Denial of Service (DDoS) attacks by generating large amounts of traffic to overload network components.
Nonetheless, QC and AI can be used to develop secure encryption methods that would be much more difficult to break. Further, QC and AI can be used to simulate and analyze complex systems to identify potential vulnerabilities in IoT networks and devices. They can also be used to empower Intrusion Detection and Prevention Systems.
With the advances in Quantum Computing (QC) and Artificial Intelligence (AI), cryptanalysis on existing cryptographic algorithms and cipher suites can be made much faster than with traditional computers. Therefore, key exchange, public-key encryption, and signatures would no longer be secure due to Shor's algorithm. In addition, due to Grover's algorithm, the security of a block cipher with a key size of n bits will only offer n/2 bits of security. Further, the harvest and decrypt attack stores encrypted data today and decrypts it years later, once a quantum computer is available. This situation suggests that we must switch to quantum-resistant security solutions.
Moreover, AI methods can be empowered by quantum computers to automate various attacks such as hacking, phishing, ransomware, and malware propagation at large scales. Quantum computers and AI can also be used to launch devastating Distributed Denial of Service (DDoS) attacks by generating large amounts of traffic to overload network components. Nonetheless, QC and AI can be used to develop secure encryption methods that would be much more difficult to break. Further, QC and AI can be used to simulate and analyze complex systems to identify potential vulnerabilities in IoT networks and devices. They can also be used to empower Intrusion Detection and Prevention Systems.
I have recently provided a lecture dealing with Quantum Computing at the University of Masaryk in the Czech Republic in March 2023. That lecture was focused on the impact of Quantum Computing on IoT security and how algorithms such as Shor’s and Grover’s may be used to mitigated current cryptographic systems. The lecture also introduces some key elements of Quantum Resistant Cryptography such as lattice-, isogeny-, and code-based cryptography.
I have supervised several PhD thesis dealing with security. In [6], we introduced a novel lightweight security protocol, 6LowPSec, that provides end-to-end security in the adaptation layer of the 6LowPAN protocol suite, that defeats the standard approach. Further, the Routing Protocol for Low- power and Lossy Networks (RPL) is one of the best candidates to ensure routing in 6LoWPAN networks. RPL is vulnerable to a number of attacks related to control messages. In collaboration with Prof. Abderrezak Rachedi of the University Paris-Est Marne-la-Vallée, in [7], we proposed a new secure routing protocol based on RPL referred to as Secure-RPL (SRPL). SRPL prevents misbehaving nodes from maliciously changing control messages such as the rank of a node that may create a fake topology. We show that SRPL is robust and resistant to such attacks.
In another work and in collaboration with Pr. Mohamed Mosbah of University of Bordeaux, in [8], we introduced an original way to secure communications that manage domestic electrical networks. We propose a secure data aggregation scheme that exploits Compressed Sensing (CS) to reduce the communication overhead of collected electrical power measurement. Data is encrypted by each sensor node after the compressing phase and a cryptography hash algorithm is used to ensure data integrity.
On the other hand, in [9] we propose a user-fog server anonymous mutual authentication scheme in which a fog user and a fog server authenticate each other and establish a session key, without disclosing user's real identity. Our scheme is based on Pseudonym Based Cryptography (PBC), Elliptic Curve Discrete Logarithm Problem (ECDLP), and bilinear pairing to establish the session key.
Moreover, with the proliferation of the COVID-19 pandemic, e-learning has gained a significant interest. In [10], we provided a new fog computing e-learning scheme. The proposed scheme extends learning content from the cloud to the edge of the network. This improves the efficiency of learning data analysis. It further reduces the encryption burden in terms of computation cost on user's devices by offloading part of encryption cost to fog servers and provides fine-grained access control to learning content by encrypting the course and the exam with different cryptographic techniques.
Finally, in collaboration with Pr. Vincent Beroulle of ESISAR, Grenoble INP, in [11], we presented a novel approach to evaluate the security and the safety of EPC Class-1 generation-2 UHF RFID systems. We simulated their behavior in presence of faults to distinguish the most sensitive system components in order to facilitate developing low cost, secure, and robust tag architectures. We explained why and how we should evaluate and improve robustness and security of UHF RFID systems.
Deep learning and Semantic Recognition for Road Traffic Safety
One of the most promising application of deep learning and data analytics is road traffic safety. Driving is a complex, continuous, and multitask process that involves driver's cognition, perception, and motor movements. The way road traffic signs and vehicle information is displayed affects strongly driver's attention with increased mental workload, leading to safety concerns. Drivers must keep their eyes on the road, but can always use some assistance in maintaining their awareness and directing their attention to potential hazards. In-vehicle contextual Augmented Reality (AR) has the potential to provide novel visual feedbacks to drivers for an enhanced driving experience.
With one of my PhD students and in collaboration with Prof. Thierry Chateau of the Pascal Institute, University of Clermont Auvergne in France, we have developed a framework that applies deep learning techniques and vehicular networks to traffic sign recognition for road safety applications [12]. This thesis was initiated within a joint industry-university MOBIDOC project N ° 83/2012, funded by the European Union. We presented a new real-time framework for fast and accurate traffic sign recognition, based on Cascade Deep learning and AR, which superimposes augmented virtual objects onto a real scene under all types of driving situations, including unfavorable weather conditions. Experiments show that by combining the Haar Cascade and deep convolutional neural networks, joint learning greatly enhances the capability of detection while maintaining its real-time performance.
Further, understanding the contents of an image or scene labeling is an important yet very challenging problem in artificial intelligence and computer vision to improve road safety. Semantic labeling and object detection in road scenes are strongly correlated tasks. Motivated by the complementary effect of the two tasks, we presented a novel framework to address the scene-understanding problem [13]. We proposed a new framework for semantic labeling and object detection problem, which combines deep Convolutional Neural Networks (CNN) for object detection and fully-connected Conditional Random Field (CRF) for segmenting and labeling. Specifically, we developed a new framework that uses global image features to predict detection, which drastically reduces its errors from background detections.
Optimization and Performance of IoT systems
With the IoT paradigm, optimization of network and system resources have regained significant attention. Timely and accurate responses and actions taken by various IoT devices is crucial in responding to mission critical applications. In such context, optimization deals with sensor, tag, and server placement, as well as traffic routing. I conducted various research activities on this topic and below are some of the most compelling ones.
In [14], we studied the balancing of the load among sensor nodes, which is a major challenge for the long run operation of wireless sensor networks. When a sensor node becomes overloaded, the likelihood of higher latency, energy depletion, and congestion becomes high. We formulated the network design problem as a mixed-integer linear programming one. We then proposed an optimal load balanced clustering for hierarchical cluster-based wireless sensor networks. We proposed an energy aware cluster head selection model for optimal cluster head selection. Then we proposed a delay and energy‐aware routing model for optimal inter‐cluster communication. Finally, we proposed an equal traffic for energy efficient clustering for optimal load balanced clustering. We show that energy consumption can be effectively balanced among sensor nodes and stability period can be greatly extended using our models.
In [15], we studied the Radio Frequency Identification (RFID) network planning problem. Finding an optimal planning for a large-scale RFID network is known to be an NP-hard problem. In this context, metaheuristics provide a suitable framework to solve the find near optimal solutions in reasonable times. We introduced a new variant of the cuckoo search algorithm, called the Self Adaptive Cuckoo Search (SACS) algorithm where control parameters are dynamically adjusted according to the evolution of the optimization processes. In [16], we proposed a new algorithm, called the RFID Network Planning - Cuckoo Search Algorithm (RNP-CSA) based on the constraint satisfaction problem framework. Results show that the RNP-CSA is faster and obtains better solutions than Particle Swarm Optimization (PSO), Greedy PSO (GPSO) and Variable Neighborhood Placing based PSO VNPSO-RNP.
On the other hand, public bike sharing systems have been introduced as part of the urban transportation system and could be used as the support of a mobile sensor network and data collection. In [17], with of one of my PhD students and the collaboration Prof. Hervé Rivano of the INSA de Lyon, we introduced the “Internet of Bikes” IoB-DTN protocol, which applies the Delay/Disruption Tolerant Network (DTN) paradigm to IoT applications, running on urban bike sharing system based sensor network. This thesis was part of the Citylab@inria Project led by Pr. Rivano and funded by the “Investments for the Future” Program (ANR-11-IDEX-0007) of the National Research Agency (ANR France).
Furthermore, Network Virtualization allows overcoming the limitations of the current Internet. It enables the embedding of virtual network resources on physical ones. The problem of allocation of such physical resources is also known to be NP hard. Several heuristics were therefore proposed to solve this problem approximately. In [18], we presented two novel resource allocation heuristics, depending on the ownership of the network infrastructure i.e., incumbent or competitive provider. We show that incumbent providers should distribute the allocated resources as “fairly” as possible among physical links and nodes, while in contrast, competitive providers prefer to concentrate the leased resources on the smallest possible number of physical links and nodes.
With another PhD student of mine, we are currently working on the performance of MAC layer access issues in sensor networks. In [19], we provided a comprehensive and detailed review on Wake-up Radio (WuR) techniques. A new classification of MAC and routing protocols utilizing WuR was proposed. In [20], we show that Carrier-Sense Multiple Access WuR (CSMA-WuR) outperforms other WuR mechanisms in the case of heavy traffic load and for large networks. Moreover, Cooperative Collision Avoidance WuR (CCA-WuR) is a good alternative in light traffic conditions and in heavy traffic conditions if we increase the number of Wake-up Call (WuC) attempts. We also show that the Performance of Back Off WuR (BO-WuR) strongly depends on the size of the contention window but cannot ensure good performances when the traffic is extremely heavy.
Other research directions
With the proliferation of new threats such as new pandemics, terrorism, natural disasters, climate change, theft, water shortage, and so on, it is necessary to review our habits. Technology is expected to play a fundamental role in our future, ranging from health monitoring, environmental sensing, tracking, cyber entertainment, to human augmentation, digital twin, hyper-automation, etc.
With one of my new PhD students, we aim to develop a reliable, non-disruptive, and risk free remote monitoring and tracking system. Subjects may be children, patients, people with special needs, criminals, prisoners, etc. The goal is to seamlessly detect health or behavioral anomalies and report them to a supervisory authority that must make adequate decisions. This latter may be a human being or a machine. The subject will be equipped with RFID tags and various sensors that allow his tracking and monitoring. Challenges include how many tags and sensors can we safely deploy without violating the Specific Absorption Rate (SAR), how to assure tradeoff between security and performance, where to place the tags, readers, and sensors, how to control interferences, etc.
In order to test and evaluate such solutions, we need state of the art equipment and means. Given the sensitivity of such applications, there is very little room for approximations and errors. We aim to perform simulations to provide guidelines for experimental implementations. We eventually aim to design and implement a prototype.
References
[1] Bilal Jan et Al., “Deep learning in big data Analytics: A comparative study,” Computer and Electrical Engineering, Elsevier, vol. 75, pp. 275-287, 2019.
[2] Marilyn Cohodas, “The Internet of Things: 7 Scary Security Scenarios,” www.darkreading.com, Oct. 2014.
[3] -, “Americans Find Future Tech Both Fascinating and Frightening, https://cruzersoftech.com/americans-find-future-tech-both-fascinating-and-frightening, Tech News Report, 2020.
[4] Aref Meddeb, “Internet of things standards: who stands out from the crowd?,” in IEEE Communications Magazine, vol. 54, no. 7, pp. 40-47, 2016.
[5] Tobias Heer et al., “Security Challenges in the IP-based Internet of Things,” Wireless Personal Communications, vol. 61, no. 3, 2011.
[6] Ghada Glissa and Aref Meddeb, “6LowPSec: An End-to-End Security Protocol for 6LoWPAN”, Ad hoc Networks, Elsevier, vol. 82, 2019.
[7] Ghada Glissa, Abderrazzak Rachedi and Aref Meddeb, “A Secure Routing Protocol Based on RPL for Internet of Things," IEEE Global Communications Conference, pp. 1-7, 2016.
[8] Bacem Mbarek an Aref Meddeb, “A Secure Electrical Energy Management in Smart Home,” International Journal of Communication Systems, Wiley & Sons, vol. 30, no. 17, 2017.
[9] Arij Ben Amor, Mohamed Abid and Aref Meddeb, “A Privacy-Preserving Authentication Scheme in an Edge-Fog Environment,” Proceedings of the IEEE/ACS International Conference on Computer Systems and Applications, 2017.
[10] Arij Ben Amor, Mohamed Abid and Aref Meddeb, “Secure Fog-Based E-Learning Scheme,” IEEE Access, vol. 8, pp. 31920-31933, 2020.
[11] Rahma Benfraj, Vincent Beroulle, Nicolas Fourty, and Aref Meddeb, “An approach to enhance the safety and security of EPC Class-1 generation-2 UHF RFID systems,” Proceedings of the International Conference on Inventive Systems and Control, 2018.
[12] Lotfi Abdi and Aref Meddeb, “Driver information system: a combination of augmented reality, deep learning and vehicular Ad-hoc networks,” Multimedia Tools and Applications, vol. 77, pp. 14673–14703, 2018.
[13] Lotfi Abdi and Aref Meddeb, “Semantic recognition: unified framework for joint object detection and semantic segmentation,” Proceedings of the Symposium on Applied Computing, pp. 83-88, 2017.
[14] Manel Souissi and Aref Meddeb, “Optimal load balanced clustering in homogeneous wireless sensor networks,” International Journal of Communication Systems, vol. 30, no. 10, 2017.
[15] Atef Jaballah and Aref Meddeb, “Self adaptive cuckoo search algorithm for RFID network planning,” Proceedings of the Internet Technologies and Applications, pp. 122-127, 2017.
[16] Atef Jaballah and Aref Meddeb, “A new algorithm based CSP framework for RFID network planning,” Journal of Ambient Intelligence and Humanized Computing, pp. 1-10, 2020.
[17] Yosra Zguira, Hervé Rivano, and Aref Meddeb, “IoB-DTN: A lightweight DTN protocol for mobile IoT applications to smart bike sharing systems, Wireless Days, pp. 131-136, 2018.
[18] Achraf El Amri and Aref Meddeb, “Resource Allocation Heuristics for Network Virtualization,” Proceedings of the International Conference on Computer Systems and Applications (AICCSA), pp. 55-62, 2017.
[19] Mayssa Ghribi and Aref Meddeb, “Survey and taxonomy of MAC, routing and cross layer protocols using wake-up radio,” Journal of Network and Computer Applications, vol. 149, 2020.
[20] Mayssa Ghribi and Aref Meddeb, “Performance Evaluation of Collision Avoidance Techniques using Wake-Up Radio in WSNs," Proceedings of the International Conference on Software, Telecommunications, and Computer Networks, 2020.