Biblio

With a massive amount of wireless sensor nodes in Internet of Things (IoT), it is difficult to establish key distribution and management mechanism for traditional encryption technology. Alternatively, the physical layer key generation technology is promising to implement in IoT, since it is based on the principle of information-theoretical security and has the advantage of low complexity. Most existing key generation schemes assume that eavesdropping channels are independent of legitimate channels, which may not be practical especially when eavesdropper nodes are near to legitimate nodes. However, this paper investigates key generation problems for a multi-relay wireless network in IoT, where the correlation between eavesdropping and legitimate channels are considered. Key generation schemes are proposed for both non-colluding and partially colluding eavesdroppers situations. The main idea is to divide the key agreement process into three phases: 1) we first generate a secret key by exploiting the difference between the random channels associated with each relay node and the eavesdropping channels; 2) another key is generated by integrating the residual common randomness associated with each relay pair; 3) the two keys generated in the first two phases are concatenated into the final key. The secrecy key performance of the proposed key generation schemes is also derived with closed-forms.

This paper proposes a deep learning-based white-hat worm launcher in Botnet Defense System (BDS). BDS uses white-hat botnets to defend an IoT system against malicious botnets. White-hat worm launcher literally launches white-hat worms to create white-hat botnets according to the strategy decided by BDS. The proposed launcher learns with deep learning where is the white-hat worms' right place to successfully drive out malicious botnets. Given a system situation invaded by malicious botnets, it predicts a worms' placement by the learning result and launches them. We confirmed the effect of the proposed launcher through simulating evaluation.

Today our world benefits from Internet of Things (IoT) technology; however, new security problems arise when these IoT devices are introduced into our homes. Because many of these IoT devices have access to the Internet and they have little to no security, they make our smart homes highly vulnerable to compromise. Some of the threats include IoT botnets and generic confidentiality, integrity, and availability (CIA) attacks. Our research explores botnet detection by experimenting with supervised machine learning and deep-learning classifiers. Further, our approach assesses classifier performance on unbalanced datasets that contain benign data, mixed in with small amounts of malicious data. We demonstrate that the classifiers can separate malicious activity from benign activity within a small IoT network dataset. The classifiers can also separate malicious activity from benign activity in increasingly larger datasets. Our experiments have demonstrated incremental improvement in results for (1) accuracy, (2) probability of detection, and (3) probability of false alarm. The best performance results include 99.9% accuracy, 99.8% probability of detection, and 0% probability of false alarm. This paper also demonstrates how the performance of these classifiers increases, as IoT training datasets become larger and larger.

Current programming models for developing Internet of Things (IoT) applications are logically centralized and ill-suited for most IoT applications. We contribute Protocols over Things, a decentralized programming model that represents an IoT application via a protocol between the parties involved and provides improved performance over network-level delivery guarantees.

Securing cyber-physical systems (CPS) and Internet of Things (IoT) systems requires the identification of how interdependence among existing atomic vulnerabilities may be exploited by an adversary to stitch together an attack that can compromise the system. Therefore, accurate attack graphs play a significant role in systems security. A manual construction of the attack graphs is tedious and error-prone, this paper proposes a model-checking-based automated attack graph generator and visualizer (A2G2V). The proposed A2G2V algorithm uses existing model-checking tools, an architecture description tool, and our own code to generate an attack graph that enumerates the set of all possible sequences in which atomic-level vulnerabilities can be exploited to compromise system security. The architecture description tool captures a formal representation of the networked system, its atomic vulnerabilities, their pre-and post-conditions, and security property of interest. A model-checker is employed to automatically identify an attack sequence in the form of a counterexample. Our own code integrated with the model-checker parses the counterexamples, encodes those for specification relaxation, and iterates until all attack sequences are revealed. Finally, a visualization tool has also been incorporated with A2G2V to generate a graphical representation of the generated attack graph. The results are illustrated through application to computer as well as control (SCADA) networks.

The Extended Triple Diffie-Hellman (X3DH) protocol has been used for years as the basis of secure communication establishment among parties (i.e, humans and devices) over the Internet. However, such a protocol has several limits. It is typically based on a single trust third-party server that represents a single point of failure (SPoF) being consequently exposed to well- known Distributed Denial of Service (DDOS) attacks. In order to address such a limit, several solutions have been proposed so far that are often cost expensive and difficult to be maintained. The objective of this paper is to propose a BlockChain-Based X3DH (BCB-X3DH) protocol that allows eliminating such a SPoF, also simplifying its maintenance. Specifically, it combines the well- known X3DH security mechanisms with the intrinsic features of data non-repudiation and immutability that are typical of Smart Contracts. Furthermore, different implementation approaches are discussed to suits both human-to-human and device-to-device scenarios. Experiments compared the performance of both X3DH and BCB-X3DH.

As the unmanned aerial vehicle (UAV) can play a vital role to collect information remotely in a military battlefield, researchers have shown great interest to reveal the domain of internet of battlefield Things (IoBT). In a rescue mission on a battlefield, UAV can collect data from different regions to identify the casualty of a soldier. One of the major challenges in IoBT is to identify the soldier in a complex environment. Image processing algorithm can be helpful if proper methodology can be applied to identify the victims. However, due to the limited hardware resources of a UAV, processing task can be handover to the nearby edge computing server for offloading the task as every second is very crucial in a battlefield. Furthermore, to avoid any third-party interaction in the network and to store the data securely, blockchain can help to create a trusted network as it forms a distributed ledger among the participants. This paper proposes a UAV assisted casualty detection scheme based on image processing algorithm where data is protected using blockchain technology. Result analysis has been conducted to identify the victims on the battlefield successfully using image processing algorithm and network issues like throughput and delay has been analyzed in details using public-key cryptography.

The determination of the damper cage health is a matter of great importance in those industries that use large synchronous motors in their processes. In the past, unexpected damages of that element implied economic losses amounting up to several million \$. The problem is that, in the technical literature, there is a lack of non-invasive techniques enabling the reliable condition monitoring of this element. This explains the fact that, in industry, rudimentary methods are still employed to determine its condition. This paper proposes the analysis of the stray flux as a way to determine the condition of the damper cage. The paper shows that the analysis of the stray flux under starting yields characteristic time-frequency signatures of the fault components that can be used to reliably determine the condition of the damper. Moreover, the analysis of the stray flux at steady-state operation under asynchronous mode could give useful information to this end. The paper also analyses the influence of the remanent magnetism in the rotor of some synchronous motors, which can make the damper cage diagnosis more difficult; some solutions to this problem are also suggested in the paper.

A novel efficiency-shifting radial-axial hybrid permanent magnet synchronous motor that can realize two high-efficiency regions at low and high speeds is developed to extend the maximum driving distance and track the reference speed more accurately for electric vehicle application. The motor has two stators, which are radial and axial, to rotate one shared rotor. The rotor employs two combined topologies, i.e., inner surface-inset-mounted and outer V-shaped interior-mounted. For both outer and inner permanent magnets, Nd-Fe-B, having the remanent flux density of 1.23 T and coercivity of 890 kA/m, is used. The simulation result shows that the designed motor exhibits not only high maximum torque of 400 Nm and the maximum speed of 18,000 rpm but also two high-efficiency regions of 97.6 % and 92.0 % at low and high speed, respectively. Lastly, the developed motor shows better performance than corresponding separated radial and axial permanent magnet motor.

Convergence of critical infrastructure and data, including government and enterprise, to the dynamic Internet of Things (IoT) environment and future digital ecosystems exhibit significant challenges for privacy and identity in these interconnected domains. There are an increasing variety of devices and technologies being introduced, rendering existing security tools inadequate to deal with the dynamic scale and varying actors. The IoT is increasingly data driven with user sovereignty being essential - and actors in varying scenarios including user/customer, device, manufacturer, third party processor, etc. Therefore, flexible frameworks and diverse security requirements for such sensitive environments are needed to secure identities and authenticate IoT devices and their data, protecting privacy and integrity. In this paper we present a review of the principles, techniques and algorithms that can be adapted from other distributed computing paradigms. Said review will be used in application to the development of a collaborative decision-making framework for heterogeneous entities in a distributed domain, whilst simultaneously highlighting privacy preserving issues in the IoT. In addition, we present our trust-based privacy preserving schema using Dempster-Shafer theory of evidence. While still in its infancy, this application could help maintain a level of privacy and nonrepudiation in collaborative environments such as the IoT.

The Internet of things is an extremely enormous space and still, IoT is spreading over a wide range of zones of development with very fast speed. The IoT is going to create a new world of efficient services. IoT is a collective system consisting of hardware like sensors, Radio Frequency Identification RFID, Bluetooth devices, Near Field Communication (NFC) devices, etc. and software that provides data queries, exchange, repository and exchanges, etc. Security of the IoT network is also a big and important issue of concern. This paper reviews the DDoS attack impact on IoT network and its mitigation methods for IoT in network, also discusses CoAP protocol, RPL protocol and 6LoWPAN network. This paper also represents the security framework to detect and monitor the DDoS attack for low power devices based IoT network.

Ubiquitous Electric Internet of Things (UEIoT) is the next generation electrical energy networks. The distributed and open structure of UEIoT is weak and vulnerable to security threats. To solve the security problem of UEIoT terminal, in this paper, the interaction between smart terminals and the malicious attackers in UEIoT as a differential game is investigated. A complex decision-making process and interactions between the smart terminal and attackers are analyzed. Through derivation and analysis of the model, an algorithm for the optimal defense strategy of UEIoT is designed. The results lay a theoretical foundation, which can support UEIoT make a dynamic strategy to improve the defensive ability.

This paper presents a study and analysis of flux linkage performance on 12/8 pole doubly salient permanent magnet machine in square envelope conventional. Analyzed model was using a finite element method. The investigated model was constructed by changing the size of the structure as the main parameters of the speed 500 rpm, PM coercivity 910 kA/m, PM remanence 1.2 T, copper loss 30 W, turns per coil 45, and stator side length 100 mm. The study and analysis of flux linkage, induced voltage, and torque are also included in this paper.

In order to develop safety-reliable standards for IoT (Internet of Things) networks, appropriate tools for their verification are needed. Among them there is a group of tools based on automated symbolic analysis. Such a tool is Tamarin software. Its usage for creating formal proofs of security protocols correctness has been presented in this paper using the simple example of an exchange of messages with asynchronous encryption between two agents. This model can be used in sensor networks or IoT e.g. in TLS protocol to provide a mechanism for secure cryptographic key exchange.

As the world is moving towards industry 4.0, it is estimated that in the near future billions of IoT devices will be interconnected over the Internet. The open and heterogeneous nature of IoT environment makes it vulnerable to adversarial attacks. To maintain sustainability in IoT ecosystem, this paper evaluates some of the recent IoT schemes based on key security features i.e. authentication, confidentiality, trust etc. These schemes are classified according to three-layer IoT architecture. Based on our findings, some of these solutions are applicable at physical layer while others are at network, and application layers. However, none of these schemes can provide end-to-end solution for IoT environment. Therefore, our work provides a roadmap for future research directions in IoT domain to design robust security schemes for IoT environment, thus can achieve sustainability in IoT ecosystem.

Internet of Things (IoT) is a revolutionary expandable network which has brought many advantages, improving the Quality of Life (QoL) of individuals. However, IoT carries dangers, due to the fact that hackers have the ability to find security gaps in users' IoT devices, which are not still secure enough and hence, intrude into them for malicious activities. As a result, they can control many connected devices in an IoT network, turning IoT into Botnet of Things (BoT). In a botnet, hackers can launch several types of attacks, such as the well known attacks of Distributed Denial of Service (DDoS) and Man in the Middle (MitM), and/or spread various types of malicious software (malware) to the compromised devices of the IoT network. In this paper, we propose a novel hybrid Artificial Intelligence (AI)-powered honeynet for enhanced IoT botnet detection rate with the use of Cloud Computing (CC). This upcoming security mechanism makes use of Machine Learning (ML) techniques like the Logistic Regression (LR) in order to predict potential botnet existence. It can also be adopted by other conventional security architectures in order to intercept hackers the creation of large botnets for malicious actions.

Achieving efficient and secure accesses to real-time information from the designated IoT node is the fundamental key requirement for the applications of the Internet of Things. However, IoT nodes are prone to physical attacks, public channels reveal the sensitive information, and gateways that manage the IoT nodes suffer from the single-point failure, thereby causing the security and privacy problems. In this paper, a blockchain-based user remote authentication scheme using physical unclonable functions (PUFs) is proposed to overcome these problems. The PUFs provide physically secure identities for the IoT nodes and the blockchain acts as a distributed database to manage the key materials reliably for gateways. The security analysis is conducted and shows that our scheme realizes reliable security features and resists various attacks. Furthermore, a prototype was implemented to prove our scheme is efficient, scalable, and suitable for IoT scenarios.

Internet of Things (IoT) systems are becoming widely used, which makes them to be a high-value target for both hackers and crackers. From gaining access to sensitive information to using them as bots for complex attacks, the variety of advantages after exploiting different security vulnerabilities makes the security of IoT devices to be one of the most challenging desideratum for cyber security experts. In this paper, we will propose a new IoT system, designed to ensure five data principles: confidentiality, integrity, availability, authentication and authorization. The innovative aspects are both the usage of a web-based communication and a custom dynamic data request structure.

Botnet is one of the threats to internet network security-Botmaster in carrying out attacks on the network by relying on communication on network traffic. Internet of Things (IoT) network infrastructure consists of devices that are inexpensive, low-power, always-on, always connected to the network, and are inconspicuous and have ubiquity and inconspicuousness characteristics so that these characteristics make IoT devices an attractive target for botnet malware attacks. In identifying whether packet traffic is a malware attack or not, one can use machine learning classification methods. By using Weka and Scikit-learn analysis tools machine learning, this paper implements four machine learning algorithms, i.e.: AdaBoost, Decision Tree, Random Forest, and Naïve Bayes. Then experiments are conducted to measure the performance of the four algorithms in terms of accuracy, execution time, and false positive rate (FPR). Experiment results show that the Weka tool provides more accurate and efficient classification methods. However, in false positive rate, the use of Scikit-learn provides better results.

Penetration testing, also known as Pen testing is usually performed by a testing professional in order to detect security threats involved in a system. Penetration testing can also be viewed as a fake cyber Security attack, done in order to see whether the system is secure and free of vulnerabilities. Penetration testing is widely used for testing both Network and Software, but somewhere it fails to make IoT more secure. In IoT the security risk is growing day-by-day, due to which the IoT networks need more penetration testers to test the security. In the proposed work an effort has been made to compile and aggregate the information regarding VAPT(Vulnerability Assessment and Penetrating Testing) in the area of IoT.

The massive boom of Internet of Things (IoT) has led to the explosion of smart IoT devices and the emergence of various applications such as smart cities, smart grids, smart mining, connected health, and more. While the proliferation of IoT systems promises many benefits for different sectors, it also exposes a large attack surface, raising an imperative need to put security in the first place. It is impractical to heavily rely on manual operations to deal with security of massive IoT devices and applications. Hence, there is a strong need for securing IoT systems with minimum human intervention. In light of this situation, in this paper, we envision security automation and orchestration for IoT systems. After conducting a comprehensive evaluation of the literature and having conversations with industry partners, we envision a framework integrating key elements towards this goal. For each element, we investigate the existing landscapes, discuss the current challenges, and identify future directions. We hope that this paper will bring the attention of the academic and industrial community towards solving challenges related to security automation and orchestration for IoT systems.

Differentially private location trace synthesis (DPLTS) has recently emerged as a solution to protect mobile users' privacy while enabling the analysis and sharing of their location traces. A key challenge in DPLTS is to best preserve the utility in location trace datasets, which is non-trivial considering the high dimensionality, complexity and heterogeneity of datasets, as well as the diverse types and notions of utility. In this paper, we present OptaTrace: a utility-optimized and targeted approach to DPLTS. Given a real trace dataset D, the differential privacy parameter ε controlling the strength of privacy protection, and the utility/error metric Err of interest; OptaTrace uses Bayesian optimization to optimize DPLTS such that the output error (measured in terms of given metric Err) is minimized while ε-differential privacy is satisfied. In addition, OptaTrace introduces a utility module that contains several built-in error metrics for utility benchmarking and for choosing Err, as well as a front-end web interface for accessible and interactive DPLTS service. Experiments show that OptaTrace's optimized output can yield substantial utility improvement and error reduction compared to previous work.

This paper describes a system that comprises of control, safety and security subsystem for industries and homes. The entire system is based on the Bolt IoT platform. Using this system, the user can control the devices such as LEDs, speed of the fan or DC motor, monitor the temperature of the premises with an alert sub-system for critical temperatures through SMS and call, monitor the presence of anyone inside the premises with an alert sub-system about any intrusion through SMS and call. If the system is used specifically in any industry then instead of monitoring the temperature any other physical quantity, which is critical for that industry, can be monitored using suitable sensors. In addition, the cloud connectivity is provided to the system using the Bolt IoT module and temperature data is sent to the cloud where using machine-learning algorithm the future temperature is predicted to avoid any accidents in the future.

Wireless network is an alternative communication to cable, where radio wave is used as transmission media instead of copper medium. However, wireless network more vulnerable to risk in security compared to cable network. Wireless network mostly used by Internet of Things node as communication media between nodes. Hence, these nodes exposed to risk of flooding attack from third party person. Hence, a system which capability to detect flooding attack at IoT node is required. Many researches have been done before, but most of the research only focus to IPv4 and signature-based detection. IPv6-based attacks undetectable by the current research, due to different datagram structure. This paper proposed a conceptual detection method with reinforcement learning algorithm to detect IPv6-based attack targeting IoT nodes. This reward will decide whether the detection system is good or not. The assessment calculation equation is used to turn reward-based score into detection accuracy.

The Internet of Things (IoT) as a demanding technology require the best features of information security for effective development of the IoT based smart city and technological activity. There are huge number of recent security threats searching for some loopholes which are ready to exploit any network. Against the back-drop of recent rapidly growing technological advancement of IoT, security-threats have become a critical challenge which demand responsive and continuous action. As privacy and security exhibit an ever-present flourishing issue, so loopholes detection and analysis are indispensable process in the network. This paper presents Block chain based security analysis of data generated from IoT devices to prevent malicious attacks and intrusion in the IoT network.