Computer Communications 162 (2020) 102–117 Contents lists available at ScienceDirect Computer Communications journal homepage: www.elsevier.com/locate/comcom A smart lightweight privacy preservation scheme for IoT-based UAV communication systems B.D. Deebak a,∗ , Fadi Al-Turjman b a School of Computer Science and Engineering, Vellore Institute of Technology, Vellore 632014, India b Artificial Intelligence Department, Research Center for AI and IoT, Near East University, Nicosia, Mersin 10, Turkey ARTICLE INFO Keywords: Unmanned aerial vehicle Internet of drone Authentication Session-key agreement Privacy-preserving ABSTRACT Unmanned Aerial Vehicle (UAV) has extensively been practiced in the military and civilian surveillance systems that access sensitive data over the cellular networks. However, channel insecurity and battery limitation may not protect the aerial coverage area. Thus, sensitive information gathered through aerial vehicles causes security threats. To manage the security issues, Smart Internet of Drone (S-IoD) have been evolved to use Intelligent Personal Assistant (IPA) as a software agent while monitoring and observing areas of interest. The current state-of-the-art technologies provide ubiquitous communication to enable several Internet of Things (IoT) paradigms. It achieves a feature of a decision support system that allows the smart interaction and communication between real-time entities. IPA offers smart interaction with other smart real-time entities to gain the user’s knowledge and awareness. This paper presents an S-IoD framework for a UAV environment that independently collects sensible information. In order to reduce the computation cost of the authentication protocol, a lightweight privacy-preserving scheme (L-PPS) is introduced. The proposed L-PPS is constructive to provide the robustness between the IoT devices with a valid authentication period. To demonstrate the security and performance efficiencies, the formal verification was performed using a verification tool, Scyther, and a random oracle model. In addition, the proposed L-PPS introduces a secret token and dynamic user authentication to speed up the authentication process between the communication entities. Importantly, the authentication session of L-PPS does not use any complex cryptographic operations, whereby it has less computation and communication costs to meet the standard constraints of surveillance systems. Moreover, the obtained simulation analysis proves that the proposed L-PPS achieves better quality metrics than other authentication schemes in the literature. 1. Introduction Autonomous unmanned aerial vehicles (UAVs) also known as drones have attracted the researches attention for environmental challenges in- cluding relay communication, disaster monitoring, border surveillance, etc. [1,2]. A small multirotor or multicopter is particularly in practice to ease the device deployment, data acquisition, and device mainte- nance [3]. In research, device development has addressed several con- trolling issues of the multicopter for the design of autonomous vehicles such as aerial stability, robustness, and maneuverability. The techno- logical advancements and the commercial demands have brought the existence of collaborative UAV-systems for the deployment of multiple aerial vehicles. Due to small operation costs, less maintenance, easy configuration, and user-friendliness, the operational use of UAV has drastically expanded. Most of the environments utilize the UAV system to exploit the essential qualities of the environment such as uncertainty, complexity, and dynamic nature. To function the UAV system, effi- cient resources including communication and networking are adopted. ∗ Corresponding author. E-mail addresses: deebak.bd@vit.ac.in (B.D. Deebak), fadi.alturjman@neu.edu.tr (F. Al-Turjman). It enables multiple UAVs to cooperate with each other in ad hoc networks to achieve autonomous operations. With the integration of power management, sensor coordination, artificial intelligence, and additional emerging technologies, innovative product so-called UAV has lately been commercialized. The commercialized UAV has incredi- ble development in different network fields and communication tasks, which have boundless adaptability in several application domains. It has some additional features such as in-flight photography, business entertainment, and commercial enterprises to monitor real-time activ- ities, such as disaster relief, infrastructure inspection, and surveillance applications [4]. Nader et al. [5] discussed the use of a smart city and its related application services in terms of quality, efficiency, suitability, consistency, and performance. They have complex security inferences to give a summary of a single-threat whereby UAV cannot launch or violate the data privacy and security services. However, the commercialized UAV addresses several security measures to prevent the passive/active attacks. The different assessments are as follows. https://doi.org/10.1016/j.comcom.2020.08.016 Received 28 April 2020; Received in revised form 24 June 2020; Accepted 25 August 2020 Available online 27 August 2020 0140-3664/© 2020 Elsevier B.V. All rights reserved.