Considerations on Visible Light Communication security by applying the Risk Matrix methodology for risk assessment

Visible Light Communications (VLC) is a cutting edge technology for data communication that is being considered to be implemented in a wide range of applications such as Inter-vehicle communication or Local Area Network (LAN) communication. As a novel technology, some aspects of the implementation of VLC have not been deeply considered or tested. Among these aspects, security and its implementation may become an obstacle for VLCs broad usage. In this article, we have used the well-known Risk Matrix methodology to determine the relative risk that several common attacks have in a VLC network. Four examples: a War Driving, a Queensland alike Denial of Service, a Preshared Key Cracking, and an Evil Twin attack, illustrate the utilization of the methodology over a VLC implementation. The used attacks also covered the different areas delimited by the attack taxonomy used in this work. By defining and determining which attacks present a greater risk, the results of this work provide a lead into which areas should be invested to increase the safety of VLC networks.

[1]  Chen Wang,et al.  Model Development for Risk Assessment of Driving on Freeway under Rainy Weather Conditions , 2016, PloS one.

[2]  Edward W. Knightly,et al.  The Spy Next Door: Eavesdropping on High Throughput Visible Light Communications , 2015, VLCS@MobiCom.

[3]  H. Ni,et al.  Some extensions on risk matrix approach , 2010 .

[4]  Joongheon Kim,et al.  Adaptive Suspicious Prevention for Defending DoS Attacks in SDN-Based Convergent Networks , 2016, PloS one.

[5]  Yilun Shang Impact of self-healing capability on network robustness. , 2015, Physical review. E, Statistical, nonlinear, and soft matter physics.

[6]  Harald Haas,et al.  Characterization and Modeling of Visible Light Communication Channels , 2016, 2016 IEEE 83rd Vehicular Technology Conference (VTC Spring).

[7]  P. S. Tan,et al.  An extended risk matrix approach for supply chain risk assessment , 2013, 2013 IEEE International Conference on Industrial Engineering and Engineering Management.

[8]  Harald Haas,et al.  What is LiFi? , 2015, 2015 European Conference on Optical Communication (ECOC).

[9]  Feng Songjiang,et al.  The Application of Risk Matrix to Software Project Risk Management , 2009, 2009 International Forum on Information Technology and Applications.

[10]  Harald Haas,et al.  Indoor optical wireless communication: potential and state-of-the-art , 2011, IEEE Communications Magazine.

[11]  Manchun Li,et al.  Quantitative risk analysis of urban natural gas pipeline networks using geographical information systems , 2013 .

[12]  E. Brynjolfsson,et al.  Beyond Computation: Information Technology, Organizational Transformation and Business Performance , 2000 .

[13]  Thomas Q. Wang,et al.  Position Accuracy of Time-of-Arrival Based Ranging Using Visible Light With Application in Indoor Localization Systems , 2013, Journal of Lightwave Technology.

[14]  Lutz Lampe,et al.  Enhancing the security of VLC links: Physical-layer approaches , 2015, 2015 IEEE Summer Topicals Meeting Series (SUM).

[15]  Murat Uysal,et al.  IEEE 802.15.7r1 Reference Channel Models for Visible Light Communications , 2017, IEEE Communications Magazine.

[16]  Sha Fu,et al.  The application of a risk matrix method on campus network system risk assessment , 2011, 2011 IEEE 3rd International Conference on Communication Software and Networks.

[17]  Barbara M. Masini,et al.  Visible light communications as a complementary technology for the internet of vehicles , 2016, Comput. Commun..

[18]  Rafael Rodríguez,et al.  Hybrid Visible Light and Ultrasound-Based Sensor for Distance Estimation , 2017, Sensors.

[19]  Jeffrey M. Stanton,et al.  Analysis of end user security behaviors , 2005, Comput. Secur..

[20]  Walid G. Aref,et al.  Security models for web-based applications , 2001, CACM.

[21]  Jun Hu,et al.  Security Issues in Online Social Networks , 2011, IEEE Internet Computing.

[22]  Lutz H.-J. Lampe,et al.  Physical-layer security for indoor visible light communications , 2014, 2014 IEEE International Conference on Communications (ICC).

[23]  Chang-Soo Park,et al.  TDOA-based optical wireless indoor localization using LED ceiling lamps , 2011, IEEE Transactions on Consumer Electronics.

[24]  Rafael Pérez Jiménez,et al.  Data sniffing over an open VLC channel , 2016, 2016 10th International Symposium on Communication Systems, Networks and Digital Signal Processing (CSNDSP).

[25]  Rafael Pérez Jiménez,et al.  Indoor location technique based on visible light communications and ultrasound emitters , 2015, 2015 IEEE International Conference on Consumer Electronics (ICCE).

[26]  Simon Luke Hansman,et al.  A Taxonomy of Network and Computer Attack Methodologies , 2003 .

[27]  Jitender S. Deogun,et al.  Wireless optical communications: a survey , 2004, 2004 IEEE Wireless Communications and Networking Conference (IEEE Cat. No.04TH8733).

[28]  Lennart Larsson,et al.  Rhinitis, Ocular, Throat and Dermal Symptoms, Headache and Tiredness among Students in Schools from Johor Bahru, Malaysia: Associations with Fungal DNA and Mycotoxins in Classroom Dust , 2016, PloS one.

[29]  Katia Obraczka,et al.  Network latency metrics for server proximity , 2000, Globecom '00 - IEEE. Global Telecommunications Conference. Conference Record (Cat. No.00CH37137).

[30]  Ramjee Prasad,et al.  Comparative overview of UWB and VLC for data-intensive and security-sensitive applications , 2012, 2012 IEEE International Conference on Ultra-Wideband.

[31]  Simin Nadjm-Tehrani,et al.  Time as a Metric for Defence in Survivable Networks , 2003 .

[32]  Grzegorz J. Blinowski Security issues in visible light communication systems , 2015 .

[33]  Stefan Videv,et al.  VLC: Beyond point-to-point communication , 2014, IEEE Communications Magazine.

[34]  Rose Qingyang Hu,et al.  Applying VLC in 5G Networks: Architectures and Key Technologies , 2016, IEEE Network.

[35]  Dimitris Gritzalis,et al.  A Risk Assessment Method for Smartphones , 2012, SEC.

[36]  Atul Sewaiwar,et al.  Smart LED allocation scheme for efficient multiuser visible light communication networks. , 2015, Optics express.

[37]  D. Van Den Brand Risk analysis, a tool for decision–making , 2014 .

[38]  Adi Shamir,et al.  IoT Goes Nuclear: Creating a ZigBee Chain Reaction , 2017, 2017 IEEE Symposium on Security and Privacy (SP).

[39]  Fuqiang Lu,et al.  Risk evaluation of IT outsourcing using Risk-matrix , 2014, Proceeding of the 11th World Congress on Intelligent Control and Automation.

[40]  Jaafar M. H. Elmirghani,et al.  20 Gb/s Mobile Indoor Visible Light Communication System Employing Beam Steering and Computer Generated Holograms , 2015, Journal of Lightwave Technology.

[41]  Drew Gislason,et al.  Zigbee Wireless Networking , 2008 .