EasyChair Preprint № 1421 Data Security Collection With LEA Cipher For IoT-Based Monitoring Xuelan Yang and Tao Hai EasyChair preprints are intended for rapid dissemination of research results and are integrated with the rest of EasyChair. August 25, 2019 Data Security Collection With LEA Cipher For IoT- Based Monitoring 1 2 Xuelan Yang , Tao Hai 1 Baoji University of Art and Science, Shaanxi, China 2 Baoji University of Art and Science, Shaanxi, China Abstract. There are tremendous security concerns with patient health monitoring sensors in Internet of Things (IoT). The concerns are also realized by recent sophisticated security and privacy attacks, including data breaching, data integrity, and data collusion. Conventional solutions often offer security to patients health monitoring data during the communication. However, they often fail to deal with complicated attacks at the time of data conversion into cipher and after the cipher transmission. In this paper, we first study privacy and security concerns with health-care data acquisition and then transmission. Then, we propose a secure data collection scheme for IoT-based healthcare system named SecureData with the aim to tackle security concerns similar to the above. SecureData scheme is composed of four layers: 1) IoT network sensors/devices; 2) Fog layers; 3) cloud computing layer; and 4) healthcare provider layer. We mainly contribute to the first three layers. For the first two layers, SecureData includes two techniques: 1) light-weight field programmable gate array (FPGA) hardware-based cipher algorithm and 2) secret cipher share algorithm. We study KATAN algorithm and we implement and optimize it on the FPGA hardware platform, while we use the idea of secret cipher sharing technique to protect patients’ data privacy. At the cloud computing layer, we apply a distributed database technique that includes a number of cloud data servers to guarantee patients’ personal data privacy at the cloud computing layer. The performance of SecureData is validated through simulations with FPGA in terms of hard-ware frequency rate, energy cost, and computation time of all the algorithms and the results show that SecureData can be efficent when applying for protecting security risks in IoT-based healthcare. Keywords: Data collection, hardware-based security, healthcare, Internet of Things (IoT), privacy, secret cipher, threats. 1 Introduction INTERNET of Things (IoT) consists of automatically and grated in machines and physical objects. IoT technologies lead our life to interact with the sensors/devices 2 of the world and leverages collected smart data from them to facilitates our life so easy and convenience [1]–[5]. These technologies have now been known as an example of a smart cyber-physical systems, which also incorporate technologies of many related emerging systems, including smart energy and grids, smart power plants, smart home monitoring, smart cities, and smart healthcare system [6]–[8]. In smart healthcare applications, IoT sensors/devices are introduced to patients in aspects. The patients’ health infor-mation (data) are collected from ECG, fetal monitors, temperature, or blood glucose levels and safety of this data is crucial regarding patients’ lives. Computer science and IoT community, and healthcare providers have been struggling secure each and every sensor/device in the IoT network with the integrity of its data. Though the safety and comfort of patients’ everyday health relies on this data collection, the safety of the data is greatly affected by cyber threats/attacks. In addition, patients’ privacy sensitive data can also be affected. Conventional solutions often offer security to patients’ health monitoring data during the communication. However, they often fail to deal with complicated attacks at the time of data conversion into cipher and after the cipher transmission. Ransomware, DDoS attacks, insider, e-mail compromise, and fraud scams are com-mon types of attacks in healthcare [9]. Besides, there are types of attacks that are very related to communication, including eavesdropping, impersonation, data integrity, data breach, collusion, and so on. Particularly, these threats/attacks bring new challenges, for example, data can be compromised during the data communication [1], by which patients ’ personal data can be revealed. Circumstances similar to the above prevent the conscious-ness of patients ’ healthcare in IoT future, when these situations are not handled timely and properly. Though there exist various security protocols to protect data from the threats/attacks, including encryption and authentication algorithms, MAC algorithms, public-key cryptosystems, k-anonymity, and so on [10]–[16]. They also have different limitations in terms of processor performance (frequency), energy cost, computation cost, etc., when applying them in IoT-based healthcare. Though many existing work provide security to patients ’ data privacy over communication, they may not protect the dataonce a cloud server is negotiated, especially when a cloud 81 server is under attacks by the insider or cloud provider. The IoT paradigm still requires efficient solutions to protect patient data against cyber threats/attacks throughout the way from the IoT sensors toward the healthcare provider. In this paper, we envisage to contribute to the protection of IoT-based healthcare data. At fi rst, we study the privacy and security concerns with healthcare data acquisition and transmission. Then, we present a secure data collection scheme for IoT-based healthcare system named SecureData with the aim to tackle security concerns like the above. As shown in Fig. 1, SecureData 3 scheme is composed of four layers: 1) IoT network sensors/devices layer; 2) Fog layer; 3) cloud computing layer; and 4) healthcare service provider. We mainly contribute to the first three layers. For the first two layers, SecureData includes two techniques: 1) lightweight fi eld programmable gate array (FPGA) hardware-based cipher algorithm and 2) secret cipher share algorithm. That is, for the fi rst two layers, SecureData includes two techniques: 1) light-weight FPGA hardware-based KATAN ciphers for secured communication and 2) secret cipher share algorithm. For the KATAN ciphers, we study KATAN algorithm as one representative encryption algorithm of block ciphers [17]and we optimize it on the FPGA hardware platform. In the secret cipher sharing, a whole cipher is broken into a number of shares at the Fog computing layer. The shares are 106 sent through secure communication separately toward the cloud. We apply the Slepian – Wolf coding-based secret sharing (SW-SCSS) in SecureData. Share repairing is used in case of data loss or compromise for patients ’ data privacy. At the cloud computing layer, SecureData include a number of cloud data servers [18], [19] to guarantee patients’ personal data privacy. Our contributions in this paper are fourfold. 1) We first investigate security challenges with data collection and then propose a secured data collection scheme for IoT-based healthcare called SecureData. 2) For data collection with security, we present KATAN secret cipher algorithm that is implemented and optimized on the FPGA hardware platform. 3) For data collection with privacy, we apply a new idea of secret cipher share with share repairing and share reconstruction at the cloud computing layer. 4) The performance of SecureData is validated through simulations of both KATAN secret cipher algorithm and 125 secret cipher share algorithm in terms of hardware frequency rate, energy cost, and computation time of all the 127 algorithms. The results show that SecureData can beefficient to the security and privacy of patients’ data in 128 IoT-based healthcare. This paper is organized as follows. First, we describe the security challenges and threat models. Then, we present the design of the SecureData scheme. Next, we present the KATAN secret cipher algorithm. Next, we propose the SW-SCSS algorithm. Then, we give the implementation and evaluation. Finally, we offer the conclusion of this paper with future work. 4 2 Security Challenges and Threat Models For IoT-based Water Quality Monitoring In this section, we discuss challenges to data security in IoT-based Water Quality Monitoring and security threat models. 2.1 Security Challenges in IoT-based Water Quality Monitoring Over these years, sensor technologies and cloud computing technologies are rapidly industrialized with many facilities, services, and applications incorporating the technologies into our daily life such as water quality monitoring system. In smart IoT-based water quality monitoring system applications, the wireless sensing devices collect and incorporate data on water quality and relay the data to a personal wireless IoT device. For instance, water quality data includes pH, tubidity, dissolved oxygen or active microorganism levels. Similarly, in Fig. 2, we provide a Fog layer node to store the access logs data each day of the water. Those logs` data is clearly privacy-sensitive data. The Fog layer can utilize the Fog nodes to mitigate a tremendous amount of loads on the water quality monitoring`s Web logs data storage, data management, and data communication while being able to protect the privacy of the data. The data is then transferred to data storage for the judgement of water quality. Nonetheless, a good amount of data transmitted by IoT sensor system is sensitive data. As a result, the sensitive data collection is subject to performance of the security and