410 IEEE INTERNET OF THINGS JOURNAL, VOL. 6, NO.

1, FEBRUARY 2019

Secured Data Collection With Hardware-Based

Ciphers for IoT-Based Healthcare
Hai Tao, Md Zakirul Alam Bhuiyan , Senior Member, IEEE, Ahmed N. Abdalla,
Mohammad Mehedi Hassan , Member, IEEE, Jasni Mohamad Zain, and Thaier Hayajneh , Member, IEEE

Abstract—There are tremendous security concerns with patient I. I NTRODUCTION

health monitoring sensors in Internet of Things (IoT). The con-
NTERNET of Things (IoT) consists of automatically and
cerns are also realized by recent sophisticated security and
privacy attacks, including data breaching, data integrity, and data
collusion. Conventional solutions often offer security to patients’
I intelligently connected sensors and actuators that are inte-
grated in machines and physical objects. IoT technologies lead
health monitoring data during the communication. However, they our life to interact with the sensors/devices of the world and
often fail to deal with complicated attacks at the time of data leverages collected smart data from them to facilitates our
conversion into cipher and after the cipher transmission. In this
paper, we first study privacy and security concerns with health-
life so easy and convenience [1]–[5]. These technologies have
care data acquisition and then transmission. Then, we propose now been known as an example of a smart cyber-physical
a secure data collection scheme for IoT-based healthcare system systems, which also incorporate technologies of many related
named SecureData with the aim to tackle security concerns emerging systems, including smart energy and grids, smart
similar to the above. SecureData scheme is composed of four power plants, smart home monitoring, smart cities, and smart
layers: 1) IoT network sensors/devices; 2) Fog layers; 3) cloud
computing layer; and 4) healthcare provider layer. We mainly
healthcare system [6]–[8].
contribute to the first three layers. For the first two layers, In smart healthcare applications, IoT sensors/devices are
SecureData includes two techniques: 1) light-weight field pro- introduced to patients in aspects. The patients’ health infor-
grammable gate array (FPGA) hardware-based cipher algorithm mation (data) are collected from ECG, fetal monitors, temper-
and 2) secret cipher share algorithm. We study KATAN algorithm ature, or blood glucose levels and safety of this data is crucial
and we implement and optimize it on the FPGA hardware plat-
form, while we use the idea of secret cipher sharing technique to
regarding patients’ lives. Computer science and IoT commu-
protect patients’ data privacy. At the cloud computing layer, we nity, and healthcare providers have been struggling secure each
apply a distributed database technique that includes a number of and every sensor/device in the IoT network with the integrity
cloud data servers to guarantee patients’ personal data privacy of its data. Though the safety and comfort of patients’ every-
at the cloud computing layer. The performance of SecureData day health relies on this data collection, the safety of the data is
is validated through simulations with FPGA in terms of hard- greatly affected by cyber threats/attacks. In addition, patients’
ware frequency rate, energy cost, and computation time of all
the algorithms and the results show that SecureData can be privacy sensitive data can also be affected. Conventional solu-
efficient when applying for protecting security risks in IoT-based tions often offer security to patients’ health monitoring data
healthcare. during the communication. However, they often fail to deal
Index Terms—Data collection, hardware-based security, with complicated attacks at the time of data conversion into
healthcare, Internet of Things (IoT), privacy, secret cipher, cipher and after the cipher transmission. Ransomware, DDoS
threats. attacks, insider, e-mail compromise, and fraud scams are com-
mon types of attacks in healthcare [9]. Besides, there are types
of attacks that are very related to communication, including
Manuscript received March 7, 2018; revised May 28, 2018; accepted eavesdropping, impersonation, data integrity, data breach, col-
June 13, 2018. Date of publication July 10, 2018; date of current version lusion, and so on. Particularly, these threats/attacks bring new
February 25, 2019. This work was supported by the King Saud University
through the Vice Deanship of Research Chairs: Chair of Pervasive and Mobile challenges, for example, data can be compromised during the
Computing. (Corresponding author: Md Zakirul Alam Bhuiyan.) data communication [1], by which patients’ personal data can
H. Tao is with the School of Computer Science, Baoji University of Art be revealed.
and Science, Shaanxi 721007, China.
Md Z. A. Bhuiyan is with the Department of Computer and Information Circumstances similar to the above prevent the conscious-
Sciences, Fordham University, New York, NY 10458 USA, and also with ness of patients’ healthcare in IoT future, when these situations
the School of Computer Science and Educational Software, Guangzhou are not handled timely and properly. Though there exist vari-
University, Guangzhou 510006, China (e-mail: [email protected]).
A. N. Abdalla is with the Faculty of Electronic and Information ous security protocols to protect data from the threats/attacks,
Engineering, Huaiyin Institute of Technology, Huai’an 223002, China. including encryption and authentication algorithms, MAC
M. M. Hassan is with the Chair of Pervasive and Mobile Computing, algorithms, public-key cryptosystems, k-anonymity, and so
College of Computer and Information Sciences, King Saud University,
Riyadh 11543, Saudi Arabia. on [10]–[16]. They also have different limitations in terms
J. M. Zain is with the Faculty of Computer and Mathematical Sciences, of processor performance (frequency), energy cost, computa-
University Technology MARA, Shah Alam 40450, Malaysia. tion cost, etc., when applying them in IoT-based healthcare.
T. Hayajneh is with the Department of Computer and Information Sciences,
Fordham University, New York, NY 10458 USA. Though many existing work provide security to patients’ data
Digital Object Identifier 10.1109/JIOT.2018.2854714 privacy over communication, they may not protect the data
2327-4662 c 2018 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission.
See http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
TAO et al.: SECURED DATA COLLECTION WITH HARDWARE-BASED CIPHERS FOR IoT-BASED HEALTHCARE 411

efficient to the security and privacy of patients’ data in

IoT-based healthcare.
This paper is organized as follows. First, we describe
the security challenges and threat models. Then, we present
the design of the SecureData scheme. Next, we present
the KATAN secret cipher algorithm. Next, we propose the
SW-SCSS algorithm. Then, we give the implementation and
Fig. 1. SecureData scheme overview. evaluation. Finally, we offer the conclusion of this paper with
future work.

once a cloud server is negotiated, especially when a cloud II. S ECURITY C HALLENGES AND T HREAT M ODELS
server is under attacks by the insider or cloud provider. The FOR I OT-BASED H EALTHCARE
IoT paradigm still requires efficient solutions to protect patient
In this section, we discuss challenges to data security in
data against cyber threats/attacks throughout the way from the
IoT-based healthcare and security threat models.
IoT sensors toward the healthcare provider.
In this paper, we envisage to contribute to the protection of
IoT-based healthcare data. At first, we study the privacy and A. Security Challenges in IoT-Based Healthcare
security concerns with healthcare data acquisition and trans- Over past several years, sensor technologies and cloud com-
mission. Then, we present a secure data collection scheme puting technologies are speedily industrialized with numerous
for IoT-based healthcare system named SecureData with facilities, services, and applications incorporating the technolo-
the aim to tackle security concerns like the above. As shown gies into our daily life that has appeared as a healthcare IoT
in Fig. 1, SecureData scheme is composed of four layers: platform. Meanwhile, patients including seniors are increas-
1) IoT network sensors/devices layer; 2) Fog layer; 3) cloud ingly depending on the IoT services, including the elderly
computing layer; and 4) healthcare service provider. care services. In smart IoT-based healthcare applications, we
We mainly contribute to the first three layers. For the first now wear wireless sensing devices and the devices gather and
two layers, SecureData includes two techniques: 1) light- incorporate patients’ private physiological information (data)
weight field programmable gate array (FPGA) hardware-based and relay the data to a personal wireless IoT device. For
cipher algorithm and 2) secret cipher share algorithm. That example, patients’ health data includes ECG, fetal monitors,
is, for the first two layers, SecureData includes two tech- temperature, or blood glucose levels. Similarly, in Fig. 2, we
niques: 1) light-weight FPGA hardware-based KATAN ciphers provide a Fog layer node that can store the access logs data
for secured communication and 2) secret cipher share algo- each day of all the patients and staffs. Those logs’ data is
rithm. For the KATAN ciphers, we study KATAN algorithm as obviously privacy-sensitive data, which should be big data
one representative encryption algorithm of block ciphers [17] encompassing all the patients’ IDs, names, health data, and
and we optimize it on the FPGA hardware platform. In the health status. The Fog layer can utilize the Fog nodes to miti-
secret cipher sharing, a whole cipher is broken into a num- gate a tremendous amount of loads on the patients’ Web logs
ber of shares at the Fog computing layer. The shares are data storage, data management, and data communication while
sent through secure communication separately toward the being able to protect the privacy of the data.
cloud. We apply the Slepian–Wolf coding-based secret shar- The data is then transferred to data storage for patient health
ing (SW-SCSS) in SecureData. Share repairing is used in diagnostics. Nevertheless, a good amount of data transmit-
case of data loss or compromise for patients’ data privacy. At ted by IoT sensor system is sensitive data. As a result, the
the cloud computing layer, SecureData include a number sensitive data collection is subject to performance of the secu-
of cloud data servers [18], [19] to guarantee patients’ personal rity and privacy algorithms and protocols. Regarding a cloud
data privacy. computing environment for healthcare, there are many secure
Our contributions in this paper are fourfold. algorithms/protocols to safeguard patient private and health
1) We first investigate security challenges with data collec- information. Current schemes offer general security architec-
tion and then propose a secured data collection scheme tures and protocols, however, they still have various weakness
for IoT-based healthcare called SecureData. and are limited to ensure security and privacy to health data.
2) For data collection with security, we present KATAN Computer science and IoT community, and healthcare
secret cipher algorithm that is implemented and opti- providers have been struggling to provide protection to
mized on the FPGA hardware platform. each and every sensor/device in the IoT network with the
3) For data collection with privacy, we apply a new idea integrity. Though the safety and comfort of patients every-
of secret cipher share with share repairing and share day health relies on this data collection [20], the protec-
reconstruction at the cloud computing layer. tion of the data is greatly affected by cyber threats/attacks.
4) The performance of SecureData is validated through In addition, patients’ privacy sensitive data can also be
simulations of both KATAN secret cipher algorithm and affected. Ransomware, DDoS attacks, insider, e-mail com-
secret cipher share algorithm in terms of hardware fre- promise, and fraud scams are common types of attacks in
quency rate, energy cost, and computation time of all the healthcare [9], [21]. Besides, there are types of attacks that are
algorithms. The results show that SecureData can be very related to communication, including user untraceability
412 IEEE INTERNET OF THINGS JOURNAL, VOL. 6, NO. 1, FEBRUARY 2019

Fig. 2. SecureData scheme designed for patients’ data collection in a secure manner.

eavesdropping, impersonation, data integrity, data breaches, 3) Impersonation: An attacker plays the duty of somebody
collusion, and so on. Particularly, these threats/attacks bring that IoT sensor/device is possible to trust the attacker
new challenges, for example, data can be compromised dur- or the attacker makes you convince adequately in order
ing the data communication [1], by which patients’ personal to trick you into permitting access to the health data,
data can be revealed. database, and the IoT networked resources.
4) Patients’ Data Leakage and Destruction: Patient data
leakage is simply an unauthorized access or transmis-
B. Threat Models sion of health data from the healthcare system to an
We assume a few sophisticated threats in this paper. The external destination. Unintentional or inadvertent data
security and privacy threat models for IoT-based healthcare leakage is also unauthorized. The types of data leakage
applications with medical sensor devices are briefly discussed include confidential data, health record, and intellectual
as follows. property.
1) Collusion Attacks: There are a plenty of existing work on Based on the discussion above, secured data collection deals
security protocols [1], [14], [18], [19], [22]. In these pro- with both the outside attack and the inside attack. For these we
tocols, every IoT networked sensor/device or leader is consider two kinds of protections: 1) hardware-based KATAN
assumed to be honest. They use numerous security tech- secret cipher and 2) secret cipher sharing. The attackers may
niques such as authentication, hardware-based ciphers, not be able to compromise the KATAN cipher. However, they
and authorization for secure communications. But there may get the patients’ privacy data from other way such as com-
can be severe concerns with many of these protocols: promising the cloud server. In this case, secret cipher sharing
data leakage due to some complex cyber-attacks, includ- algorithm can be useful. Therefore, this may become difficult
ing collusion attack. It is a kind of attacks that may bring for attackers to compromise data after facing two types of
significant privacy risks when IoT medical sensor/device security in SecureData.
purposely maintains connections with an outsider. Such
an outsider may be negotiated by an attacker who can
earn required information from the healthcare system. III. D ESIGN OF S E C U R E D A T A
The most important issue is that it is tough to detect such In this section, we present the proposed SecureData for
the outsider as the negotiated IoT sensor/device looks data security and privacy in IoT-based healthcare.
working well, transmitting data, and making decision As shown in Fig. 2, SecureData scheme has four layers as
correctly [22]. follows.
2) Eavesdropping: It is a kind of threats that bring secu- 1) IoT Networked Sensors/Devices Layer: This layer is
rity risks to the patients’ health data privacy. It involves composed of numerous medical sensor devices and other
sniffing important health data transmitted by the IoT networked devices. To keep all the collected data from
sensor/device, which results in the privacy risks in com- these devices secure, especially when the data is being
munication. Suppose that an IoT sensor/device trans- exchanged with other sensors/devices and forwarded to
mit unencrypted health data toward the neighboring or the upper layer, we offer a lightweight KATAN secret
upstream nodes. An attacker might eavesdrop the health cipher algorithm in this layer for secure transmission of
data by sniffing it by means of a sniffing software tool. patients’ data.
Any eavesdropper might use a super receiver antenna 2) Fog Computing Layer: The medical sensors/devices then
like sniffers to capture the patients’ health data. transfer the acquired patients’ health data toward a cloud
TAO et al.: SECURED DATA COLLECTION WITH HARDWARE-BASED CIPHERS FOR IoT-BASED HEALTHCARE 413

data server, through this Fog computing layer. The cloud IV. H ARDWARE -BASED L IGHT-W EIGHT S ECRET C IPHERS
computing has limitation for applications requiring high In this section, we introduce the data ciphering, i.e., how to
privacy of data, particularly, in healthcare monitoring produce hardware-based light-weight ciphers.
settings. This limitation can be mitigated in the Fog
computing paradigm. Like the cloud computing, but Fog
A. Light-Weight KATAN Secret Ciphers
layer is in direct reach of edge network. Offering the
cloud service directly where the data is generated at the Lightweight ciphers are crucial for secure data communi-
IoT network edge, which is often viewed as a “descen- cation in resource-limited IoT sensors/devices. We attempt to
dent cloud.” Although a Fog computing node is at the implement lightweight ciphers in hardware in SecureData;
edge, this reduces latency and induces network effi- and optimize it with several design metrics. These design
ciency. It minimizes the cloud burden by minimizing metrics are estimated by FPGA hardware design flow. This
data exchange with the cloud thus utilizing the IoT net- involves ciphers implementation FPGA hardware and per-
work bandwidth. Being at the edge Fog network, we may form simulations. To obtain the lightweight ciphers, we study
also offer better data security and privacy. In this paper, KATAN algorithm as a representative cipher. We consider sev-
Fog is a crucial issue that requires to produce secret eral design metrics, e.g., block sizes, the number of rounds
cipher shares and distribute the secret cipher shares to implemented, and the key scheduling. We first measure the
different cloud servers. design metrics and then we model them.
3) A Cloud Computing Layer: This layer stores and sum- Before that, we detect what characteristics a representa-
marizes patients’ health data from the secret cipher tive lightweight cipher can have, which can make it the best
shares that are sent by the IoT sensors/devices through for implementation and optimization. Many technical defi-
the Fog computing layer. This layer also offers query nitions are given in existing papers for lightweight ciphers
services to various patients’ data users, including [23]–[25]. Fan et al. [24] explained a cryptographic algo-
healthcare service providers, and patients’ doctors. In rithm as a lightweight cipher as focused on low-cost resourced
SecureData, this layer particularly helps to perform sensors/devices, with enough security level and a minimum
the secret cipher share reconstruction. The Fog layer memory, and energy. In fact, it is tough to accurately define
breaks a cipher into multiple pieces cipher shares for the term “low-cost,” which is not easy [25].
privacy issue. Cloud computing layer helps to process
them and combine them. B. Quantitative Definition of Lightweight Ciphers
4) A Healthcare Provider: In the healthcare service
A numerical definition is technically the most practical for
provider layer, a provider gets patients’ information in
describing lightweight cipher and selecting the representative
a combined form and in a meaningful way, which was
cipher. Afterward, we characterize a lightweight cipher in a
sent in a form of cipher shares through the Fog comput-
quantitative manner as follows.
ing layer. A provider should have access to the patient
1) Tiny block size: 32, 48, or 64 bits.
privacy data to monitor health performance.
2) Tiny key size, e.g., 80 bits.
In this paper, we emphasize on the first three layers of
3) Simplified key scheduling.
SecureData, as shown in Fig. 2. We arrange a lightweight
4) Elementary operations by every algorithmic round.
KATAN secret cipher at IoT network layer to offer secure
5) A big number of algorithm rounds.
communication, and a secret cipher share at the Fog com-
In SecureData, we consider that a lightweight cipher
puting layer to offer privacy. In the cloud computing layer
needs to: 1) fulfill the quantitative definition and 2) offer
of SecureData, we put the patients’ transmitted data in a
choice for block sizes and key scheduling to discover their
distributed data storage environment that is composed of a
influence on the performance results and therefore appropri-
number of cloud servers. We supposed that a cloud server
ateness to utilize the results to as much low-cost ciphers
may be negotiated, especially when a cloud server is under
as possible. Investigating the lightweight ciphers [25], the
attack by the insider or the cloud provider, patients’ privacy
KATAN family of lightweight ciphers is good fit for the quan-
information can be revealed by attackers.
tified requirements of the lightweight cipher. The reason is as
While IoT networked medical devices/sensors function,
follows. It has: 1) a number of tiny block sizes; 2) two choices
other devices of IoT network or other networks may inter-
of scheduling (adjustable key and fixed key); 3) a minimum
rupt with the medical sensor devices [3], [4]. They can fetch
logic every round; and 4) a big number of algorithm rounds.
various security risks to the medical devices/sensors. Thus,
the data transferred by the medical devices/sensors may not
be secured. We attempt to apply hardware-based cipher gen- C. Hardware-Based Ciphers Through KATAN Algorithm
eration for the security. Without recognizing whether or not KATAN ciphers performs well in the FPGA hardware
the data was compromised, biased, or fake during the trans- design metrics compared to the software design metrics.
mission toward the upstream cloud servers over the Fog Particularly, KATAN gives good results in area, and power
layer, the collected data cannot be safe for patients’ health and energy. We verify the relationship between the opti-
diagnosis. Such collected data extremely influence the qual- mized lightweight cipher performance using KATAN family of
ity of patients’ health diagnosis, therefore, the quality of lightweight ciphers. We justify the KATAN algorithmic/design
lives. choices.
414 IEEE INTERNET OF THINGS JOURNAL, VOL. 6, NO. 1, FEBRUARY 2019

TABLE I
KATAN S ECRET C IPHER A LGORITHM D ESIGN PARAMETERS

Fig. 4. KATAN cipher registers and functions in the hardware.

Fig. 3. Modified KATAN secret cipher algorithm.

The optimized KATAN algorithm is illustrated in Fig. 3. It

comprises of 256 rounds. In the beginning, the health data as
plaintext is imported in two registers: R1 and R2 . The length
of both registers is listed in Table I. The master key is set to
80-bit and the key is taken as an input. Thus, in every round,
a number of bits coming from registers R1 and R2 are handled
by two nonlinear functions fa and fb , and then loaded to the
least important bits of R1 and R2 , as shown in Fig. 4. The
nonlinear functions are calculated as
        
fa (R1 ) = R1 p1 ⊕ R1 p2 ⊕ R1 p3 ∧ R1 p4
    Fig. 5. Design of KATAN secret cipher with FPGA.
⊕ R1 p5 ∧ IR ⊕ keya
        
fa (R2 ) = R2 y1 ⊕ R2 y2 ⊕ R2 y3 ∧ R2 y4
    
⊕ R2 y5 ∧ R2 y6 ⊕ keyb . (1)
D. KATAN Cipher Design With FPGA
Here, x and y bits indices are given in Table IV. IR In this section, we present a detailed implementation of
denotes precomputed irregular update rule. The IR vector KATAN secret cipher with FPGA.
denotes the output of the most important bit of the lin- As shown in Fig. 4, we have control logic that manages
ear feedback shift register which implements the polynomial: inside activities. This also manages communication with the
p8 + p7 + p5 + p3 + 1. keya and keyb denote two subkey outside system. This includes connection from one logic to
bits. For ith round, keya is key2i and keyb is key2i+1 . keyj another. Encryption operation can be initiated when the dec-
denotes the jth bit of the key that is produced as follows: laration of start signal made. Then, the message plaintext can
⎧ be loaded into registers R1 and R2 , and rnd_ctr can trigger
⎨ keyj , j = 0 . . . 79
keyj = keyj−80 ⊕ keyj−60 ⊕ keyj−50 (2) and put it at 0. When the rest of cycles continue, the con-
⎩ trol logic is the one to provider round logic. It uses on-going
⊕keyj−13 , Otherwise.
values of the IR_bit, R1 , R2 , and the key. Furthermore, this
The nonlinear functions fa and fb are applied once, twice, logic inspects if rnd_ctr gets a max bound of 254 to execute
or thrice for KATAN 32-bit (i.e., K32 ), KATAN 48-bit (K48 ), encryption operation. When the execution is concluded, the
or KATAN 64-bit (K64 ), respectively. control logic produces a finish signal.
TAO et al.: SECURED DATA COLLECTION WITH HARDWARE-BASED CIPHERS FOR IoT-BASED HEALTHCARE 415

TABLE II
VALUES OF D ESIGN PARAMETER E NERGY /B IT M ODEL

Fig. 6. KATAN secret cipher implementation.

of the block size; 3) the energy cost of the increasing number
of rounds; and 4) the modeling energy/bit.
IR_ROM be the search table for values of IR_bit to validate In a case of modeling energy per/bit, the cost of energy
fa and fb functions. The size of the search table can be 256×1 per bit for 2n-rounds implementation have three energy fac-
bits and can be indexed by the rnd_ctr. We implement the tors: 1) constant factor (EDC ); 2) growth factor (EG ); and
round logic in one round. This include functions fa and fb . 3) decay factor (ED ). We model the energy/bit for 2n-rounds
Then, the round logic calculates to bring up-to-date values of implementation in the following with an error of 9.0%:
registers R1 , R2 , and the key.
We think the round logic in KATAN could be small. Hence, E(2n) = EG(2n) + EDC = EG(n) × E + ED(n) × D + EDC . (4)
when developing an algorithm round in cycles, we think this
may not be effective. The reason could be like much of the
Here, G be the growth component and D be the decay com-
power, energy cost, and area are utilized by the serial circuits
ponent. The derived values of EDC , G, EG(1) , D, and ED(1) are
that are registers and connect wires. When we add a few more
shown in Table II.
logic, there is minor influence on the energy and area, espe-
cially, when we apply a few rounds. In order to discover this
optimization, we develop a few editions of the system design.
Here, the round logic has n times of instantiation. The values V. S ECRET C IPHER S HARE AND E XACT S HARE R EPAIR
for n are given as 1, 2, 4, 8, 16, 32, 64, 128, and 256. In our In the previous section, we have KATAN secret cipher for
KATAN secret cipher implementation, we apply all possible secure message transmission. In this section, we study the
block sizes (i.e., 32-, 48-, and 64-bit). secret cipher share generation algorithm to ensure the privacy
of the secured message during communication. We name it
E. Implementation Rational as “secret cipher share.” First, we overview the secret cipher
In this section, we present design parameter details in our share and then describe the algorithm.
FPGA implementation for the KATAN ciphers. It can have
many parameters, including frequency, resources, power, and
energy. However, we mainly focus on the frequency and A. Secret Cipher Share Overview
energy. While transferring the KATAN secret cipher to the cloud
Regarding a comprehensive study of the cipher algorithm, servers, to provide protection to patients’ sensitive data against
we implement 256 cipher design choices, as shown in Fig. 6, potential security risks at the cloud, we apply secret cipher
where in every implementation, we consider one block size sharing scheme at the Fog layer. Previously, secret data shar-
from the sizes of the block for KATAN cipher. We set three ing algorithms have been in distributed systems [26], [27]. We
available sizes: 1) 32-bit; 2) 48-bit; and 3) 64-bit. We realize n use the secret cipher sharing algorithm distributing a cipher
hardware rounds in the design without altering the algorithm secret into a group of cloud servers, which are transmitted
rounds, where n ∈ 1, 2, 4, 8, 16, 32, 64, 128, 254. from the Fog layer. A cipher is broken into a number of
To realize the frequency trend in the design implementation, secret ciphers. Each cloud server may have a share of the
the following frequency model is used: secret ciphers. All of the secret ciphers are required to be
reconstructed before a healthcare service provider can see it.
F(1) , for n ≥ 16
F(2n) = (3) When an adequate number of secret cipher shares are merged
F(n)−0.19 × F(1) , for n ≥ 32.
together, the whole original cipher can be reconstructed. Each
Here, F(1) = 61.3 MHz. We get the average of the errors in secret cipher share alone does not convey any meaningful
the fitted frequency model in (3), which is 10%. information.
In terms of energy cost, it can be more correlated to compute In the Fog layer, patients’ data collected from IoT sen-
energy cost per bit. The reason is that it offers the energy cost sor/devices increase dramatically. Managing this data at the
to encrypt a single bit, it is normalizes the performance of Fog node is tough when this is big data. As a result, we use
the energy cost of the different block sizes [17], [25]. For the a cloud storage to store patients’ data. To offer the protection
energy cost per bit, the following observations can be made: to the patients’ privacy-sensitive data, a cipher secret sharing
1) the energy cost of the key scheduling; 2) the energy cost scheme is interesting.
416 IEEE INTERNET OF THINGS JOURNAL, VOL. 6, NO. 1, FEBRUARY 2019

B. Main Concept and Protection to the Privacy of 1) Reconstructions of the secret cipher shares are made
Secret Cipher through the XOR network for achieving fast computation
The main concept of the secret cipher share algorithm is, cost.
one original (or whole) secret cipher can be broken down in a 2) The exact cipher share repair is managed, which is the
number of cipher shares and distributing them into a number of same as the original one.
cloud servers at the cloud computing layer, where each server This improved version utilizes another network coding scheme
is the recipient of one cipher share of the original secret cipher. called the SWC. SWC is usually applied in data compression
Such a system is called a (n, m)-threshold system of secret application. Moreover, the reduction on the size of the secret
cipher shares. In this system, any value of m or extra cipher cipher share may lead to a decreased cost of communication in
shares are utilized so as to combine all of broken shares of the Fog layer also in the cloud servers. Therefore, this secret
cipher. It was invented independently by Shamir and Blakley cipher share repair feature helps to recover whole/original
in 1979 [11], [26], [27]. However, according to the original secret cipher shares. It just makes the scheme consistent with
secret sharing system, the secret cipher share size should be the KATAN secret cipher state.
as identical as the secret cipher size. In solving this limitation,
cipher share sizes of Shamir and Blakley’s secret cipher share
VI. S ECURITY P ERFORMANCE A NALYSIS
scheme need to be improved. Later, the Ramp secret share
algorithm has been suggested in [11], [26], and [27] that offer In the previous sections, we provided how to pro-
a share size can be of 1/m of the original secret cipher size. duce hardware-based light-weight secret ciphers and secret
Here, m is the amount of secret block ciphers, which are parts cipher share generation. In this section, we provide per-
of the original secret cipher S. formance and security analysis with SecureData, though
Though the schemes gain average computation cost, they do the aim in this paper is to justify computation (fre-
not provide a share repair feature. This is highly possible that a quency), resources usage, and energy usage of the hardware-
share can be lost or compromised by the attacker or other rea- based light-weight secret ciphers and secret cipher share
sons, as modeled in Section II. If the lost share is not possible generation.
to recover, important patients’ data may be lost. To facili- We present SecureData for secure data collection in
tate share repair feature, XOR network coding is used to the IoT-based healthcare system, as healthcare devices are highly
secret cipher sharing schemes [28], [29]. However, when using vulnerable to security attacks. Particularly, in the IoT net-
XOR network coding, two problems appear in network coding- work sensors/devices layer of SecureData, attacks are
based secret cipher sharing scheme. The first problem is that made through communication, i.e., when data is transmitted
the secret cipher share size is greater than before, instead of from IoT network sensors/devices to the upstream location.
lesser than before. The second problem is that the new restored Attackers can compromise the devices or overhear the commu-
secret cipher shares are not as the identical as the initial com- nication and try to construct the original cipher using cipher
promised cipher shares. As a result, this scheme is still not generation algorithm. We think to integrate hardware-based
useful. secret ciphers, instead of directly using the cipher generation
algorithm. We used a modified KATAN secret cipher algo-
rithm which instruments registers and functions in the IoT
C. New Secret Cipher Share devices’ (sensors) hardware, as shown in Figs. 4 and 5. We
In the SecureData, we present a new secret cipher shar- have set control logic to coordinate the activities registers and
ing algorithm using the Slepian–Wolf coding (SWC) [30]. The functions. This also manages communication with the outside
algorithm can offer the secret share size that is optimal. It system. Encryption operation of a given message plaintext is
applies the idea of binning method for the coding. There exist initiated when the declaration of start signal made. Then, the
many schemes of the SWC [27], [31]. message plaintext can be loaded into registers and can trig-
Proposed algorithm offers the exact-share repair feature. ger. However, attackers want to compromise the data KATAN
Importantly, the share sizes stay constant no matter whether secret cipher. To compromise, they first need to learn infor-
or not they are compromised. Suppose that a secret share mation and configuration of the functions, registers, and the
gets lost otherwise compromised, then a fresh cipher share logic control configuration between them as well as the secret
can be produced, which can be precisely as identical as the key generation, including different parameters including, block
whole/original one. The efficiency of the proposed algorithm size and variable key. Thus, SecureData is designed to
may increase when decreasing the size of secret share, the stor- provide secure communication in between the first two layers.
age, and also the cost of communication for the secret cipher The main goal is to securely transfer the collected data from
share. Note that inspecting all compromised secrete cipher the IoT networked devices/sensors layer to the cloud com-
share is not the focus of this paper. Nevertheless, there are puting layer. As modeled in Section II, we still suppose that
other solutions including homomorphic signature that may be attackers may be able to learn and compromise data when
utilized to cover the focus [19], [27]. the data is on-the-fly using some sophisticated algorithms that
In SecureData, the cipher secret share size is decreased uses techniques like chosen-cipher-only information. The Fog
mostly in contrast to that of coding-based secret cipher share layer is used in between these two layers, which can do the
algorithm for the XOR network. Meanwhile, we are yet to secret cipher sharing task and distribute the secret shares into
preserve all the advantages. the distributed cloud server of the cloud computing layer.
TAO et al.: SECURED DATA COLLECTION WITH HARDWARE-BASED CIPHERS FOR IoT-BASED HEALTHCARE 417

TABLE III
I MPORTANT S YMBOL D ESCRIPTION

In SecureData, software-based cipher generation can optimize, we implement many editions of the design. Here, n
control to minimize IoT device memory footprint and amount times instantiation is made by the round logic. The values of
of execution cycles, while the hardware-based cipher genera- n can be of 1, 2, 4, 8, 16, 32, 64, 128, and 256. In the imple-
tion can optimize energy and computation speed. Energy and mentation of KATAN cipher, we apply all of supported block
computation speed of cipher regeneration is big issue to pre- sizes (32-, 48-, and 64-bit). We take one block size of the
pare the secure secret cipher. This is still a complex to reduce supported block sizes (32-, 48-, and 64-bit) for KATAN. We
the computation speed of cipher production and transmission. realize n hardware rounds in the design without altering the
We attempted to achieve this in this paper to some extent. We algorithm rounds, where n ∈ 1, 2, 4, 8, 16, 32, 64, 128, 254.
note that we do not verify the security performance in terms of Regarding the security at the Fog Layer, each secret cipher
the software part in this paper. For the software, we consider block, bi , is given as 2224 bits. This is a usual setting in
traditional symmetric algorithms, as the improved hardware- many distributed computing. The results are gathered from
based KATAN ciphers work as symmetric ciphers to provide the average of 50 simulation runs. A library called gmpy2
security features. (https://pypi.python.org/pypi/gmpy2), which is supported in
In order to verify the improved KATAN secret cipher algo- Python programming language, is used to compute the combi-
rithm, we have compared it to a state-of-the-art cipher algo- nation operations. which is sustained in Python language and
rithm, i.e., the HIGHT lightweight cipher [32]. The analysis to calculate the combination executions. We vary the amount
is given here. The objective is to observe the cipher opti- of Fog servers, which can be n = m + 1. Here m be the
mization. In the two algorithms, two sets primary parameters amount of secret cipher blocks. In the evaluation, we simu-
and constants as specific to each cipher. These are calculated late all the three algorithms: 1) KATAN secret cipher at the
by experimental execution. This is a 64-bit lightweight block IoT sensor/device; 2) share creation at the Fog node layer;
cipher having 32 rounds. Key and subkeys are variable (128-bit and 3) share reconstruction at the cloud computing layer. In a
master key). The modeling errors seen in HIGHT cipher [32] case of the share reconstruction at the cloud computing layer,
are frequency (9.32%) and energy (5.71%), while the errors are we exploit two dissimilar schemes: 1) Gaussian elimination
in frequency (11.53%) and energy (10.6%). Some are slightly and 2) matrix inversion. We set the size of other secret block
higher than HIGHT cipher. cipher bits to 1 MB, then change the amount of blocks (m)
according to various secret sizes.
We present KATAN secret cipher with FPGA implemen-
VII. I MPLEMENTATION AND E VALUATION tation results that include frequency, resources, power, and
In this section, we demonstrate the performance evaluation energy. For frequency and energy metrics, we thus perform the
of SecureData through simulations. We could partly eval- following: illustrating trend plots, examining impact of the key
uate the algorithms. We use a computer Intel Core i7 version, scheduling, the size of the block, and the amount of rounds on
8 GB of RAM, Win OS 10 with 64-bit and Python to write design metrics, and development of models. Notations related
programs. to these metrics are illustrated in Table III.
When a packet is ready to be transferred from an IoT We first observe the frequency trend of the design of
device/sensor, it first goes to the encryption algorithm, that KATAN secret cipher in FPGA. We can see that the results of
is the KATAN cipher. For the KATAN cipher, we imple- the frequency trend implementations with a number of rounds
ment KATAN secret cipher with FPGA. The control logic (n) as shown in Fig. 7(a). The results imply that the maximum
maintains all the inside system actions. It also maintains the frequency is not affected when n ≤ 16. One of the reasons for
communication to the outside system. Encryption operations why it is happening is because the tiny round logic that results
are activated by the affirmation of a start signal. In the first a little delay in contrast to the delay in dominating interconnect
cycle of encryption operations, plaintext is loaded in hard- and flip-flop [25]. Table III summarizes the implementation
ware registers. A round counter (rnd-ctr) is activated and set details of the KATAN secret cipher design in terms of energy
to 0. After the first cycle, the control logic provides the cur- cost. The least energy achieved when the number of rounds
rent values in round logic of the IR bit, encryption key, and equal to n = 32 and n = 64.
registers. Moreover, this logic examines if the values of the The influence of increasing the number of rounds begins to
rnd-ctr at max bound of 255 to close encryption. When the visibly take an influence on the frequency when n ≥ 16. In
procedure gets done, the control logic gets a completed signal. the frequency model, the frequency results were averaged as
The size of the IR ROM table is set to 251 × 1 bits and it is shown in Fig. 7(b). The average error in the fitted frequency
indexing of the rnd_ctr. We implement the round logic in one model in (3) is 12%.
round, including functions fa and fb . The round logic calcu- For the cost of energy, as discussed in Section III, we com-
lates the up-to-date values for key and registers. In order to pute energy per bit, as it gives the energy cost to encrypt
418 IEEE INTERNET OF THINGS JOURNAL, VOL. 6, NO. 1, FEBRUARY 2019

(a) (b)

Fig. 7. (a) Frequency trend. (b) Average frequency trend. Fig. 9. Computation time for KATAN ciphers, secret cipher share generation,
and reconstruction.

TABLE IV VIII. C ONCLUSION

D ESIGN I MPLEMENTATIONS W ITH M INIMUM C OST OF
THE E NERGY P ER B IT In this paper, we have investigated challenges with data col-
lection in IoT-based healthcare applications and proposed a
new data collection scheme called SecureData to provide
data security and preserve the privacy of the patients’ personal
data. For the secure communication, we present KATAN secret
cipher algorithm and implement and optimize it on the FPGA
hardware platform. For the privacy of the KATAN cipher, we
apply secret cipher sharing and share repairing. The perfor-
mance analysis shows that the SecureData scheme can be
efficient in terms of frequency, cost of energy, and overall com-
putation cost when to apply against attacks. Our future work
includes the detailed implementation of the algorithms with
various metrics and investigate the protection performance of
the algorithms under threats/attacks when to apply to particular
applications.
(a) R EFERENCES
[1] A. Karati et al., “Provably secure identity-based signcryption scheme for
crowdsourced industrial Internet of Things environments,” IEEE Internet
Things J., to be published, doi: 10.1109/JIOT.2017.2741580.
[2] E. Luo et al., “Privacyprotector: Privacy-protected patient data collection
in IoT-based healthcare systems,” IEEE Commun. Mag., vol. 56, no. 2,
pp. 163–168, Feb. 2018.
[3] X. Lai, W. Zou, D. Xie, X. Li, and L. Fan, “DF relaying networks with
randomly distributed interferers,” IEEE Access, vol. 5, pp. 18909–18917,
2017.
[4] L. Fan, X. Lei, N. Yang, T. Q. Duong, and G. K. Karagiannidis,
“Secure multiple amplify-and-forward relaying with cochannel interfer-
(b) ence,” IEEE J. Sel. Topics Signal Process., vol. 10, no. 8, pp. 1494–1505,
Dec. 2016.
Fig. 8. (a) Energy per bit. (b) Energy per bit (zoomed for n = 8, . . . , [5] M. Wazid et al., “Design of secure user authenticated key management
256 rounds). protocol for generic IoT network,” IEEE Internet Things J., vol. 5, no. 1,
pp. 269–282, Feb. 2018.
[6] M. Z. A. Bhuiyan et al., “Dependable structural health monitoring
using wireless sensor networks,” IEEE Trans. Depend. Secure Comput.,
vol. 14, no. 4, pp. 363–376, Jul./Aug. 2017.
a single bit and normalizes the energy results. The cost of [7] X. Xing, D. Xie, and G. Wang, “Energy-balanced data gathering and
energy per bit is as shown in Fig. 8(a). A more detailed plot aggregating in WSNs: A compressed sensing scheme,” Int. J. Distrib.
Sensor Netw., vol. 11, no. 10, pp. 1–12, 2015.
for n = 8, . . . , 255 is shown in Fig. 8(b). Evidently, we make [8] M. Wazid et al., “Secure authentication scheme for medicine anti-
the following observations: when increasing the block size by counterfeiting system in IoT environment,” IEEE Internet Things J.,
50%, the cost of energy decreases per bit by an average of vol. 4, no. 5, pp. 1634–1646, Oct. 2017.
[9] J. Li, Y. Zhang, X. Chen, and Y. Xiang, “Secure attribute-based
10%. From the cost of energy per bit, it is apparent that data sharing for resource-limited users in cloud computing,” Comput.
increasing number of rounds does not increase the cost of Security, vol. 72, pp. 1–12, Jan. 2018.
energy per bit. [10] X. Yi, A. Bouguettaya, D. Georgakopoulos, A. Song, and J. Willemson,
“Privacy protection for wireless medical sensor data,” IEEE Trans.
We calculate the computation time for the three algorithms, Depend. Secure Comput., vol. 13, no. 3, pp. 369–380, May/Jun. 2016.
that is, the time they take to execute the KATAN cipher, secret [11] J. Li et al., “Secure deduplication with efficient and reliable convergent
cipher share generation, and share reconstruction. As shown in key management,” IEEE Trans. Parallel Distrib. Syst., vol. 25, no. 6,
pp. 1615–1625, Jun. 2014.
Fig. 9, we can observe that the results that are linear. We can [12] Y. Wang, “Privacy-preserving data storage in cloud using array BP-
see that KATAN secret cipher algorithm takes slightly more XOR codes,” IEEE Trans. Cloud Comput., vol. 3, no. 4, pp. 425–435,
time than the time required in share generation at the Fog layer. Oct./Dec. 2015.
[13] M. Z. A. Bhuiyan, G. Wang, J. Cao, and J. Wu, “Deploying wireless
We are yet to evaluate security and privacy performance in this sensor networks with fault-tolerance for structural health monitoring,”
paper. IEEE Trans. Comput., vol. 64, no. 2, pp. 382–395, Feb. 2015.
TAO et al.: SECURED DATA COLLECTION WITH HARDWARE-BASED CIPHERS FOR IoT-BASED HEALTHCARE 419

[14] J. Shen et al., “Cloud-aided lightweight certificateless authen- Md Zakirul Alam Bhuiyan (M’09–SM’17)
tication protocol with anonymity for wireless body area net- received the Ph.D. degree.
works,” J. Netw. Comput. Appl., vol. 106, pp. 117–123, Mar. 2018, He is currently an Assistant Professor with
doi: 10.1016/j.jnca.2018.01.003. the Department of Computer and Information
[15] S. Roy et al., “Chaotic map-based anonymous user authentication Sciences, Fordham University, New York, NY,
scheme with user biometrics and fuzzy extractor for crowdsourc- USA. He is the Founding Director of the
ing Internet of Things,” IEEE Internet Things J., to be published, Fordham Dependable and Secure System Laboratory
doi: 10.1109/JIOT.2017.2714179. (DependSys). He is also a Visiting Professor with
[16] E. Luo, Q. Liu, and G. Wang, “Hierarchical multi-authority and attribute- Guangzhou University, Guangzhou, China. He was
based encryption friend discovery scheme in mobile social networks,” an Assistant Professor with Temple University,
IEEE Commun. Lett., vol. 20, no. 9, pp. 1772–1775, Sep. 2016. Philadelphia, PA, USA. His current research inter-
[17] C. Cannière, O. Dunkelman, and M. Knežević, “KATAN and ests include dependability, cybersecurity, big data, and cyber physical sys-
KTANTAN—A family of small and efficient hardware-oriented block tems. His research have been published in the IEEE T RANSACTIONS ON
ciphers,” in Cryptographic Hardware and Embedded Systems-CHES C OMPUTERS, the IEEE T RANSACTIONS ON PARALLEL AND D ISTRIBUTED
2009. Berlin, Germany: Springer, 2009, pp. 272–288. S YSTEMS, the IEEE T RANSACTIONS ON D EPENDABLE AND S ECURE
[18] J. Li et al., “L-EncDB: A lightweight framework for privacy-preserving C OMPUTING, the IEEE T RANSACTIONS ON I NDUSTRIAL I NFORMATICS,
data queries in cloud computing,” Knowl. Based Syst., vol. 79, the IEEE Communications Magazine, the IEEE I NTERNET OF T HINGS
pp. 18–26, May 2015. J OURNAL, ACM Transactions on Sensor Networks, ACM Transactions on
[19] Q. Lin, J. Li, Z. Huang, W. Chen, and J. Shen, “A short lin- Autonomous and Adaptive Systems, CS, INS, and the Journal of Network and
early homomorphic proxy signature scheme,” IEEE Access, vol. 6, Computer Applications in the above areas.
pp. 12966–12972, 2018. Prof. Bhuiyan has served as a Guest/Associate Editor for the IEEE
[20] T. Wang et al., “Sustainable and efficient data collection from T RANSACTIONS ON B IG DATA, ACM Transactions on Cyber-Physical
WSNs to cloud,” IEEE Trans. Sustain. Comput., to be published, Systems, the IEEE I NTERNET OF T HINGS J OURNAL, Information Sciences,
doi: 10.1109/TSUSC.2017.2690301. Future Generation Computing Systems, and the Journal of Network and
[21] Z. Huang, S. Liu, X. Mao, K. Chen, and J. Li, “Insight of the pro- Computer Applications. He has also served as an Organizer, the General
tection for data security under selective opening attacks,” Inf. Sci., Chair, the Program Chair, the Workshop Chair, and a TPC member of var-
vols. 412–413, pp. 223–241, Oct. 2017. ious international conferences, including IEEE INFOCOM. He is a member
[22] M. Z. A. Bhuiyan and J. Wu, “Collusion attack detection in networked of the ACM.
systems,” in Proc. IEEE DASC, 2016, pp. 286–293.
[23] B. J. Mohd, T. Hayajneh, and A. V. Vasilakos, “A survey on lightweight
block ciphers for low-resource devices: Comparative study and open
issues,” J. Netw. Comput. Appl., vol. 58, no. 2, pp. 73–93, 2015.
[24] X. Fan, K. Mandal, and G. Gong, “WG-8: A lightweight stream cipher
for resource-constrained smart devices,” in Quality, Reliability, Security
and Robustness in Heterogeneous Networks (QShine 2013). Berlin,
Germany: Springer, 2013, pp. 617–632.
Ahmed N. Abdalla received the bachelor of science
[25] B. Mohd, T. Hayajneh, K. Yousef, Z. Khalaf, and M. Bhuiyan,
degree in general electrical engineering and master
“Hardware design and modeling of lightweight block ciphers for secure
of science degree in electrical engineering from the
communications,” Future Gen. Comput. Syst., vol. 83, pp. 510–521,
University of Technology, Baghdad, Iraq, in 1997
Jun. 2018, doi: 10.1016/j.future.2017.03.025.
and 2002, respectively, and the Ph.D. degree in elec-
[26] A. Aragues et al., “Trends and challenges of the emerging technologies
trical engineering from the Huazhong University of
toward interoperability and standardization in e-health communications,”
Science and Technology, Wuhan, China, in 2007.
IEEE Commun. Mag., vol. 49, no. 11, pp. 182–188, Nov. 2011.
He is a Professor with the Huaiyin Institute of
[27] M.-H. Hsieh and S. Watanabe, “Channel simulation and coded source
Technology, Huai’an, China, and the former Dean
compression,” IEEE Trans. Inf. Theory, vol. 62, no. 11, pp. 6609–6619,
of the Workshop and Training Center, University of
Nov. 2016.
Technology. He has authored or co-authored numer-
[28] N. Cai and R. W. Raymond, “Secure network coding,” in Proc. IEEE
ous papers published in a number of SCI indexed journals with an impact
Int. Symp. Inf. Theory, 2002, pp. 1–8.
factor. His research outcomes have been exhibited and has been bestowed
[29] A. Kalantari, G. Zheng, Z. Gao, Z. Han, and B. Ottersten, “Secrecy
high recognitions internationally. His expertise areas include, but are not lim-
analysis on network coding in bidirectional multibeam satellite com-
ited to, system modeling and parameter identification, sensors design and its
munications,” IEEE Trans. Inf. Forensics Security, vol. 10, no. 9,
application, wireless communication, and application of intelligent techniques.
pp. 1862–1874, Sep. 2015.
[30] D. Slepian and J. Wolf, “Noiseless coding of correlated information
sources,” IEEE Trans. Inf. Theory, vol. IT-19, no. 4, pp. 471–480,
Jul. 1973.
[31] M. Hayashi and R. Matsumoto, “Secure multiplex coding with depen-
dent and non-uniform multiple messages,” IEEE Trans. Inf. Theory,
vol. 62, no. 5, pp. 2355–2409, May 2016.
[32] D. Hong et al., “HIGHT: A new block cipher suitable for low-resource
device,” in Proc. Int. Workshop Cryptograph. Hardw. Embedded Syst. Mohammad Mehedi Hassan (M’12) received the
(CHES), 2006, pp. 46–59. Ph.D. degree in computer engineering from Kyung
Hee University, Seoul, South Korea, in 2011.
He is currently an Associate Professor with
the Information Systems Department, College of
Hai Tao received the B.Sc. degree from the Computer and Information Sciences (CCIS), King
Department of Computer and Information Science, Saud University (KSU), Riyadh, Saudi Arabia. He
Northwest University of Nationalities, Lanzhou, has authored or co-authored over 100 research
China, in 2004, the M.S. degree from the School papers in ISI-indexed journals. His current research
of Mathematics and Statistics, Lanzhou University, interests include cloud federation, multimedia cloud,
Lanzhou, in 2009, and the Ph.D. degree from sensor-cloud, Internet of Things, big data, mobile
the Faculty of Computer System and Software cloud, sensor network, publish/subscribe systems, and recommender systems.
Engineering, University Malaysia Pahang, Pahang, Dr. Hassan was a recipient of the Best Paper Award of the CloudComp
Malaysia. Conference in 2014, and the Excellence in Research Award from CCIS,
He is currently an Associate Professor with the KSU, in 2015 and 2016, respectively. He has also been the Guest Editor
Baoji University of Arts and Sciences, Shaanxi, of several international ISI-indexed journals such as the IEEE I NTERNET OF
China. His current research interests include machine learning, Internet of T HINGS J OURNAL and Future Generation Computer Systems. He is currently
Things, and optimization computation. an Associate Editor for IEEE ACCESS.
420 IEEE INTERNET OF THINGS JOURNAL, VOL. 6, NO. 1, FEBRUARY 2019

Jasni Mohamad Zain received the bachelor’s Thaier Hayajneh (M’17) received the M.S. and
degree in computer science from the University of Ph.D. degrees from the University of Pittsburgh,
Liverpool, Liverpool, U.K., in 1989 and the Ph.D. Pittsburgh, PA, USA, in 2005 and 2009, respec-
degree from Brunel University, West London, U.K., tively.
in 2005. He is the Founding Director of the Fordham
She started her career as a Tutor in 1997 with Center of Cybersecurity, an Associate Professor
the University of Technology Malaysia, Johor Bahru, of computer science, and the Graduate Program
Malaysia. She is currently a Professor with the Director of Cybersecurity and Data Analytics with
Faculty of Computer and Mathematical Sciences, Fordham University, New York, NY, USA. He
Universiti Teknologi MARA, Shah Alam, Malaysia, was the Director of the Center of Excellence in
and was the Dean of the Faculty of Computer Cybersecurity, New York Institute of Technology,
Systems and Software Engineering, University Malaysia Pahang, Pahang, Old Westbury, NY, USA. His current research interests include cybersecu-
Malaysia, for eight years. She has graduated 15 Ph.D. students and 6 master’s rity and networking, applied cryptography, CPS, and WBAN security.
students by research under her supervision. She has authored or co-authored Dr. Hayajneh is the Editor-in-Chief for the EAI Transactions on Pervasive
over 100 refereed papers. She has a patent pending for digital watermarking. Health and Technology, an Editor for ACM/Springer Wireless Networks, and a
Her current research interests include digital watermarking and image pro- Guest Editor for Sensors and the International Journal of Distributed Sensor
cessing, as well as data and network security. Networks.
Dr. Zain has been actively presenting papers and keynote addresses at
national and international conferences.