An article dedicated to on topical issues related to Internet of Things security. ІоТ dаtа prоteсtіоn sоlutіоns must spаn edge tо сlоud, prоvіde sсаlаble enсryptіоn аnd key mаnаgement, аnd nоt іmpede dаtа аnаlysіs. Тhe аvаіlаble аpprоасhes tо testіng rаndоm оr pseudоrаndоm sequenсes shоw lоw flexіbіlіty аnd versаtіlіty іn the meаns оf fіndіng hіdden pаtterns іn the dаtа. Іt іs reveаled thаt fоr sequenсes оf length up tо 100 bіts there аre nоt enоugh exіstіng stаtіstісаl pасkets. The classification of the main problems of information security in Internet of Things is given. The complexity of using classical cryptographic algorithms for information security in Internet of Things is considered. The paper proposed a methodology for testing pseudorandom sequences, obtained an explicit form of the joint distribution of numbers of 2-chains and numbers of 3-chains of various options random bit sequence of a given small length. Examples, tables, diagrams that can be used to test for randomness of the location of zeros and ones in the bit section are presented. As a result of the implementation of this technique, an information system will be created that will allow analyzing the pseudorandom sequence of a small length and choosing a quality pseudorandom sequence for use in a particular subject area.
spаn edge tо сlоud, prоvіde sсаlаble enсryptіоn аnd key mаnаgement, аnd nоt іmpede dаtа аnаlysіs. Тhe аvаіlаble аpprоасhes tо testіng rаndоm оr pseudоrаndоm sequenсes shоw lоw flexіbіlіty аnd versаtіlіty іn the meаns оf fіndіng hіdden pаtterns іn the dаtа.
Random sequences have found the widest application from the gaming computer industry to mathematical modeling and cryptology.
We list some areas of their usage: 1. Modeling. In computer simulation of physical phenomena. In addition, mathematical modeling uses random numbers as one of the tools of numerical analysis. 2. Cryptography and information security. Random numbers can be used to test the correctness or effectiveness of algorithms and programs. Many algorithms use the generation of pseudo-random numbers to solve applied problems (for example, cryptographic encryption algorithms, the generation of unique identifiers, etc.). 3. Decision making in automated expert systems. The use of random numbers is part of decision-making strategies. For example, for the impartiality of the choice of examination paper by a student in an exam. Randomness is also used in the theory of matrix games. 4. Optimization of functional dependencies. Some mathematical optimization methods use stochastic methods to search for extremums of functions. 5. Fun and games. Accident in games has a significant role. In computer or board games, chance helps to diversify the gameplay.
There are various approaches to the formal definition of the term “randomness”
based on the concepts of computability and algorithmic complexity [
By implementing some algorithm, software generators produce numbers (although not obvious) depending on the set of previous values, so the received numerical sequences are not truly random and are called pseudo-random sequences (PRS). At the moment, more than a thousand software PRS generators are known, which differ in algorithms and values of parameters. Statistical properties are significantly different from the number sequences that are generated by them.
The presented and not presented results allow us to characterize the state of modern
technologies of designing the PRS (focusing on the most progressive of them by the
following basic provisions [
“Things” today are not only personal items of ordinary consumers, but also various equipment that is actively used in many fields of activity – trade, transport, medicine, construction, banking, sports, etc. It follows that the Internet of things is most often heterogeneous network, i.e. devices of various classes and types are combined and interact with each other.
Recommendations for protecting information in the Internet of things are aimed at improving the security of devices, networks and data.
First of all, IoT devices, as a rule, due to their portability and mobility, are physically accessible to cybercriminals, and can be stolen to gain access to confidential data and establish communication with other network devices. To prevent this threat, it is necessary to provide physical protection, for example, by using protective covers on devices or cases that provide for restrictions on direct access to devices. In addition to direct access, devices can provide remote access to update configuration data or software. To protect against this, it is necessary to provide that the software ports to be closed and apply strong passwords at the level of downloading and updating firmware, which will prevent access to the device if it is compromised.
At the same time, on the other hand, many IoT devices are becoming vulnerable to cyberattacks because their software is not updated in a timely manner. To minimize such risks, it is recommended to implement an automatic update by default, because, even if software updates are released on time, consumers do not always install them manually immediately after the release.
Attention should also be paid to the organization of data storage on the devices themselves, because often this information is related to the user's personal data, financial transaction data and data on critical objects of various fields of activity.
Safety must be ensured both throughout the entire period of the product’s functioning and after its decommissioning. Cryptographic keys must be stored in non-volatile memory of the device in not open form. In addition, disposal of decommissioned devices may be envisaged.
To protect networks, first of all, methods of "strong authentication" should be
provided, including, for example, two-factor authentication, assignment of "hard"
specified unique identification and authentication data, as well as the use of modern secure
protocols [
In order to minimize the risks of denial of service attacks against devices, it is recommended to provide bandwidth limits for the network of Internet of things devices, both at the software and hardware levels. In case of detection of suspicious traffic, devices should provide the ability to signal about that with the subsequent analysis of the identified threat.
Data protection is primarily ensured through the use of cryptographic methods adapted to the features of devices with limited opportunities. If the device is compromised, it should be possible to urgently erase key information used in cryptographic operations.
Devices of the Internet of things should transmit and process only the information that is necessary for the implementation of their main functions - as a rule, this is the collection of information about the state of their environment or about the user. It follows that it is necessary to pay attention to the information circulating in the network, minimizing the risk of leakage of confidential information.
In addition to the heterogeneity of networks, a feature of the Internet of things is also that the devices have different computing resources, bandwidth and support different technologies and protocols. The lack of common standards and protocols remains a serious problem in building a network of “things”. Also, many “things” have limited power capabilities and must support energy-saving modes.
The listed features of the Internet of things impose restrictions when building a security system in such a network. The usual methods of protecting information in wireless networks may not be enough, or they may not be applicable due to the restrictions imposed by the Internet of things.
The main methods for ensuring security, as in traditional networks, remain encryption, identification / authentication, and the implantation of physical security measures.
The security system should be designed to provide protection for devices and gateways, the transmission network, as well as applications that are deployed to ensure the functioning of the devices.
Encryption is a widely used, effective and quite flexible solution for ensuring in the confidentiality of information and for creating a security system. However, any encryption, and especially strong one, requires an increase in productivity and additional computing resources, which is not always possible in the conditions of the Internet of things.
As for authentication, the researchers proposed a fairly large number of approaches
that could be implemented to solve security problems [
Other studies suggest using the concept of “digital memories” for authentication, which would solve the problem of users remembering complex passwords. However, this method imposes resource limits on devices.
The proposed methods also include authentication using cryptography based on
elliptic curves. Despite the fact that in this case the necessary basic parameters of
elliptic curves are not calculated by the devices themselves, after the calculation, a
sufficiently large amount of data must be transferred, which may be limited by the
network bandwidth [
Thus, the various existing authentication methods are applicable to a single network and to a separate class of devices. The application of uniform methods and means is complicated by the lack of standardization and heterogeneity of such networks. 3
Before responsible using in mathematical modeling and cryptology, PRS should be
tested. Unfortunately, for many PRS tests, there are some limitations:
checked out only one of the probable ones properties that are characterize PRS;
not fix family alternatives;
do not have theoretical ones ratings power.
do not give a correct an estimate of chance sequences provided a little sample.
Problems small and large samples refer to the main problems that arise in practical
application methods analysis data. Let's be use the next classification samples by
number [
The minimum size of the sample limits not so much the algorithm of calculating the criterion, but the distribution of its statistics. For a row algorithms with too much small ones numbers sample normal approximation distribution of statistics criterion will be under question.
During the research, the localization of the local sections of the bit sequence was conducted to detect the dependencies in the location of its elements by using the exact distributions of the corresponding statistics. In the work an explicit form of the joint distribution of the numbers of 2-chains and numbers of 3-chains of various variants in a random sequence was obtained. This joint distribution allows more accurate comparison of the use of one-dimensional statistics, to analyze the bit sequence small length by chance. 4
where = {0, 1}, i= 1, 2, . . . , , > 0.
Subsequences , +1, . . . , + −1, 1, 2, . . . , − + 1, = 1, 2, . . . , .
1, 2, . . . , , (1) sequences (1) are called s-chains, = with 1 , 2, . . . , , where = {0, 1}, = 1, 2, . . . , .
Denote ( 1 , 2, . . . , ) the number of s-chains in the sequence (1) that coincide
Theorem. Let sequence (1) consist of n, > 0 independent identically distributed random variables; Ρ{ = 1} = , Ρ{ = 0} = , p + q = 1, i = 1, 2, . . . , n and ( , 1, 2) = ∑
∑ ∈{ 1, 1+1} ∗ −1 − +2 Ζ( − ; − − ) 1− ∗ ∗− +1, where is the symbol ∑ such that + ∗ = 2, denotes addition over all non-negative integers and ∗
−−11, if ≥ ≥ 1; Ζ( , ) ≝ { 1, if = = 0;
0, elsewhere. ( , 1, 2) = ∑ ∈{ 1, 1+1} − 2− Ζ( − , − − 2), Ρ{ ( 1∗ 1) = 1, ( ∗ ∗) = 2 } = ∑ − 1 1 0 ( , 1, 2)
1= 1 ( , 1, 2) = { 1,
= 1 = 2 = 0, ∑ ∈{ 1, 1−1} 2 Ζ( ; + 1) 1−∗−2, elsewhere .
(3) (4) 5
As a result of applying this technique for testing pseudo-random sequences for twodimensional statistics (relations (2) - (4)), you can build a bubble diagram with which you can get the probability of the distribution of zeros and ones in a given sequence.
Consider examples of bubble diagrams for a bit sequence of small length n, n = 16. 5.1
An approach to testing using n-dimensional statistics allows us to rely on a deeper justification of the randomness of generated sequences. 5.2
In Fig. 2 shows the use of the relation (3) for a small sample. , = 16 , and some values 1 and 2.
Fig. 2 gives a bubble chart in which the first parameter (horizontal axis) is the value 1, the second parameter ( vertical axis) is the value 2, and the third parameter ( bubble size) is the probability of the event occurring { ( 1∗ 1) = 1, ( ∗ ∗ ∗) = 2 }, which is represented as a percentage. In Fig. 3 shows the use of relation (4) for a small sample , = 16, and some values 1 and 2.
Fig. 3 gives a bubble chart in which the first parameter (horizontal axis) is the value 1, the second parameter (vertical axis) is the value 2, and the third parameter (bubble size) is the probability of the event occurring { ( 1∗ 1) = 1, ( ∗ ∗) = 2 }, which is represented as a percentage.
In this paper, the exact compatible distributions of some statistics (0, 1) -sequences of length 1 < < ∞ are given. For a bit sequence of small length n, n = 16, the tables containing the numerical values of the corresponding distribution are given. These tables, as well as the proposed graphic representations, can be used to test the hypothesis of the randomness of the arrangement of zeros and units.
and Test of PRS of Small Length using Multidimensional
Consider the well-known examples that are given in [
An analysis of the effectiveness of pseudorandom sequence generators is an urgent issue of cybersecurity in the use of more advanced methods of encryption and information security. The available techniques show low flexibility and versatility in the means of finding hidden patterns in the data. To solve this problem, it is suggested to use algorithms based on multidimensional statistics.
The approach to testing using multidimensional statistics allows you to rely on a deeper justification of the randomness of the generated sequences. This area is promising for scientific research.
The paper proposed a methodology for testing a sequence and obtained a correct view of the joint distribution of the numbers of 2-chains and the numbers of 3-chains of various variants in a random bit sequence of a given small length.
These algorithms and scheme of work for verification statistical tests of randomness sequences (proposed in chapter II) combine all the advantages of statistical methods and are the only alternative for the analysis of sequences of small and medium length.
To implement the proposed approach, a PRS software test package is being developed, which will include tests using multidimensional statistics, which are well recommended for testing a small length PRS. The complex is based on software products developed in C++, Python, for analyzing PRS. Currently, more than 20 PRS tests have been implemented, and the test database is being updated.
As a result of the implementation of this technique, an information system will be created that will allow analyzing the PRS of a small length and choosing a quality PRS for use in a particular subject area.