Alexandria Engineering Journal (Feb 2021)
A lightweight cryptography (LWC) framework to secure memory heap in Internet of Things
Abstract
The extensive networking of devices and the large amount of data generated from the Internet of Things (IoT) has brought security issues to the attention of the researcher. Java is the most common platform for embedded applications such as IoT, Wireless Sensors Networks (WSN), Near Field Communications (NFC) and Radio Frequency Identification (RFID). The object programming languages such as Java, SWIFT, PHP and C++ use garbage collection after any object run which creates security loophole for attacks such as Next Memory Address Occupation (NMAO), memory replay, Learning Tasks Behaviors (LTB). The security risk increases in IoT when attacks exceeds the target device to the surrounding connected devices. Inappropriate or wrong operations causes energy loss and increased costs. In this paper, a security method to protect IoT system operation from memory heap penetration and address modification attack is proposed. The proposed method prevents directed attack by encrypting the object Garbage Collection at run time. To form a unique signature mechanism, the Cryptographic Hash Function (CHF) which employs a specific one-way hash algorithm. The proposed framework uses L-function based ECC and one-time Key (OTK) to secure the memory heap. Our method is used with open system where the effect on the operating system is not considered. The proposed method proved to be powerful and efficient which can help in achieving higher levels of security across several IoT applications, by enabling better detection of malicious attacks.