Biblio

The Internet of Things (IoT) relies on sensor devices to measure real-world phenomena in order to provide IoT services. The sensor readings are shared with multiple entities, such as IoT services, other IoT devices or other third parties. The collected data may be sensitive and include personal information. To protect the privacy of the users, the data needs to be protected through an encryption algorithm. For sharing cryptographic cipher-texts with a group of users Attribute-Based Encryption (ABE) is well suited, as it does not require to create group keys. However, the creation of ABE cipher-texts is slow when executed on resource constraint devices, such as IoT sensors. In this paper, we present a modification of an ABE scheme, which not only allows to encrypt data efficiently using ABE but also reduces the size of the cipher-text, that must be transmitted by the sensor. We also show how our modification can be used to realise an instantaneous key revocation mechanism.

One of the biggest problems in the current society is people's safety. Safety measures and mechanisms are especially important in the case of vulnerable social groups, such as migrants, homeless, and victims of domestic and/or sexual violence. In order to cope with this problem, we witness an increasing number of personal alarm systems in the market, most of them based on panic buttons. Nevertheless, none of them has got widespread acceptance mainly because of limited Human-Computer Interaction. In the context of this work, we developed an innovative mobile application that recognizes an attack through speech and gesture recognition. This paper describes such a system and presents its features, some of them based on the emerging concept of Human-in-the-Loop Cyber-physical Systems and new concepts of Human-Computer Interaction.

Wireless Sensor Networks (WSNs) are important and becoming more important as we integrate wireless sensor networks and the internet with different things, which has changed our life, and it is affected everywhere in our life like shopping, storage, live monitoring, smart home etc., called Internet of Things (IoT), as any use of the network physical devices that included in electronics, software, sensors, actuators, and connectivity which makes available these things to connect, collect and exchange data, and the most importantly thing is the accuracy of the data that has been collected in the Internet of Things, detecting sensor data with faulty readings is an important issue of secure communication and power consumption. So, requirement of energy-efficiency and integrity of information is mandatory.

The burgeoning Internet of Things (IoT) has offered unprecedented opportunities for innovations and applications that are continuously changing our life. At the same time, the large amount of pervasive IoT applications have posed paramount threats to the user's security and privacy. While a lot of efforts have been dedicated to deal with such threats from the hardware, the software, and the applications, in this paper, we argue and envision that more effective and comprehensive protection for IoT systems can only be achieved via a cross-layer approach. As such, we present our initial design of XLF, a cross-layer framework towards this goal. XLF can secure the IoT systems not only from each individual layer of device, network, and service, but also through the information aggregation and correlation of different layers.

The growing complexity and diversification of cyber-attacks are largely reflected in the increasing sophistication of security appliances, which are often too cumbersome to be run in virtual services and IoT devices. Hence, the design of cyber-security frameworks is today looking at more cooperative models, which collect security-related data from a large set of heterogeneous sources for centralized analysis and correlation.In this paper, we outline a flexible abstraction layer for access to security context. It is conceived to program and gather data from lightweight inspection and enforcement hooks deployed in cloud applications and IoT devices. We also provide a preliminary description of its implementation, by reviewing the main software components and their role.

Nowadays, IoT has crossed all borders and become ubiquitous in everyday life. This emerging technology has a huge success in closing the gap between the digital and the real world. However, security and privacy become huge concerns especially in the medical field which prevent the healthcare industry from adopting it despite its benefits and potentials. This paper focuses on identifying potential security threats to the IoMT and presents the security mechanisms to remove any possible impediment from immune information security of IoMT. A summarized framework of the layered-security model is proposed followed by a specific assessment review of each layer.

Cyber Physical Systems (CPS)-Internet of Things (IoT) enabled healthcare services and infrastructures improve human life, but are vulnerable to a variety of emerging cyber-attacks. Cybersecurity specialists are finding it hard to keep pace of the increasingly sophisticated attack methods. There is a critical need for innovative cognitive cybersecurity for CPS-IoT enabled healthcare ecosystem. This paper presents a cognitive cybersecurity framework for simulating the human cognitive behaviour to anticipate and respond to new and emerging cybersecurity and privacy threats to CPS-IoT and critical infrastructure systems. It includes the conceptualisation and description of a layered architecture which combines Artificial Intelligence, cognitive methods and innovative security mechanisms.

With the rapid technological growth in the present context, Internet of Things (IoT) has attracted the worldwide attention and has become pivotal technology in the smart computing environment of 21st century. IoT provides a virtual view of real-life things in resource-constrained environment where security and privacy are of prime concern. Lightweight cryptography provides security solutions in resource-constrained environment of IoT. Several software and hardware implementation of lightweight ciphers have been presented by different researchers in this area. This paper presents a comparative analysis of several lightweight cryptographic solutions along with their pros and cons, and their future scope. The comparative analysis may further help in proposing a 32-bit ultra-lightweight block cipher security model for IoT enabled applications in the smart environment.

This work takes a novel approach to classifying the behavior of devices by exploiting the single-purpose nature of IoT devices and analyzing the complexity and variance of their network traffic. We develop a formalized measurement of complexity for IoT devices, and use this measurement to precisely tune an anomaly detection algorithm for each device. We postulate that IoT devices with low complexity lead to a high confidence in their behavioral model and have a correspondingly more precise decision boundary on their predicted behavior. Conversely, complex general purpose devices have lower confidence and a more generalized decision boundary. We show that there is a positive correlation to our complexity measure and the number of outliers found by an anomaly detection algorithm. By tuning this decision boundary based on device complexity we are able to build a behavioral framework for each device that reduces false positive outliers. Finally, we propose an architecture that can use this tuned behavioral model to rank each flow on the network and calculate a trust score ranking of all traffic to and from a device which allows the network to autonomously make access control decisions on a per-flow basis.

In industrial internet of things, various devices are connected to external internet. For the connected devices, the authentication is very important in the viewpoint of security; therefore, physical unclonable functions (PUFs) have attracted attention as authentication techniques. On the other hand, the risk of modeling attacks on PUFs, which clone the function of PUFs mathematically, is pointed out. Therefore, a resistant-PUF such as a lightweight PUF has been proposed. However, new analytical methods (side-channel attacks: SCAs), which use side-channel information such as power or electromagnetic waves, have been proposed. The countermeasure method has also been proposed; however, an evaluation using actual devices has not been studied. Since PUFs use small production variations, the implementation evaluation is very important. Therefore, this study proposes a SCA countermeasure of the lightweight PUF. The proposed method is based on the previous studies, and maintains power consumption consistency during the generation of response. In experiments using a field programmable gate array, the measured power consumption was constant regardless of output values of the PUF could be confirmed. Then, experimental results showed that the predicted rate of the response was about 50 %, and the proposed method had a tamper resistance against SCAs.

In this paper, a novel anti-jamming mechanism is proposed to analyze and enhance the security of adversarial Internet of Battlefield Things (IoBT) systems. In particular, the problem is formulated as a dynamic psychological game between a soldier and an attacker. In this game, the soldier seeks to accomplish a time-critical mission by traversing a battlefield within a certain amount of time, while maintaining its connectivity with an IoBT network. The attacker, on the other hand, seeks to find the optimal opportunity to compromise the IoBT network and maximize the delay of the soldier's IoBT transmission link. The soldier and the attacker's psychological behavior are captured using tools from psychological game theory, with which the soldier's and attacker's intentions to harm one another are considered in their utilities. To solve this game, a novel learning algorithm based on Bayesian updating is proposed to find an ∈ -like psychological self-confirming equilibrium of the game.

The paper introduces a method of efficient partial firmware update with several advantages compared to common methods. The amount of data to transfer for an update is reduced, the energetic efficiency is increased and as the method is designed for over the air update, the radio spectrum occupancy is decreased. Herein described approach uses Lua scripting interface to introduce updatable fragments of invokable native code. This requires a dedicated memory layout, which is herein introduced. This method allows not only to distribute patches for deployed systems, but also on demand add-ons. At the end, the security aspects of proposed firmware update system is discussed and its limitations are presented.

The data collected by IoT devices is of great value, which makes people urgently need a secure device key management strategy to protect their data. Existing works introduce the blockchain technology to transfer the responsibility of key management from the trusted center in the traditional key management strategy to the devices, thus eliminating the trust crisis caused by excessive dependence on third parties. However, the lightweight implementation of IoT devices limits the ability to resist side channel attacks, causing the private key to be exposed and subject to masquerading attacks. Accordingly, we strengthen the original blockchain based key management scheme to defend against key exposure attack. On the one hand, we introduce two hash functions to bind transactions in the blockchain to legitimate users. On the other hand, we design a secure key exchange protocol for identifying and exchanging access keys between legitimate users. Security analysis and performance show that the proposed scheme improves the robustness of the network with small storage and communication overhead increments.

Opportunities arising from IoT-enabled applications are significant, but market growth is inhibited by concerns over security and complexity. To address these issues, we propose the ERAMIS methodology, which is based on instantiation of a reference architecture that captures common design features, embodies best practice, incorporates good security properties by design, and makes explicit provision for operational security services and processes.

Internet of Things (IoT) stack models differ in their architecture, applications and needs. Hence, there are different approaches to apply IoT; for instance, it can be based on traditional data center or based on cloud computing. In fact, Cloud-based IoT is gaining more popularity due to its high scalability and cost effectiveness; hence, it is becoming the norm. However, Cloud is usually located far from the IoT devices and some recent research suggests using Fog-Based IoT by using a nearby light-weight middleware to bridge the gap and to provide the essential support and communication between devices, sensors, receptors and the servers. Therefore, Fog reduces centrality and provides local processing for faster analysis, especially for the time-sensitive applications. Thus, processing is done faster, giving the system flexibility for faster response time. Fog-Based Internet of Things security architecture should be suitable to the environment and provide the necessary measures to improve all security aspects with respect to the available resources and within performance constraints. In this work, we discuss some of these challenges, analyze performance of Fog based IoT and propose a security scheme based on MQTT protocol. Moreover, we present a discussion on security-performance tradeoffs.

In the era of mass agriculture to keep up with the increasing demand for food production, advanced monitoring systems are required in order to handle several challenges such as perishable products, food waste, unpredictable supply variations and stringent food safety and sustainability requirements. The evolution of Internet of Things have provided means for collecting, processing, and communicating data associated with agricultural processes. This have opened several opportunities to sustain, improve productivity and reduce waste in every step in the food supply chain system. On the hand, this resulted in several new challenges, such as, the security of the data, recording and representation of data, providing real time control, reliability of the system, and dealing with big data. This paper proposes an architecture for security of big data in the agricultural supply chain management system. This can help in reducing food waste, increasing the reliability of the supply chain, and enhance the performance of the food supply chain system.

The understanding of measured jitter is improved in three ways. First, it is shown that the measured jitter is not only governed by written-in jitter and the reader resolution along the cross-track direction but by remanence noise in the vicinity of transitions and the down-track reader resolution as well. Second, a novel data analysis scheme is introduced that allows for an unambiguous separation of these two contributions. Third, based on data analyses involving the first two learnings and micro-magnetic simulations, we identify and explain the root causes for variations of jitter with write current (WC) (write field), WC overshoot amplitude (write-field rise time), and linear disk velocity measured for heat-assisted magnetic recording.

The Internet of Things is stepping out of its infancy into full maturity, requiring massive data processing and storage. Unfortunately, because of the unique characteristics of resource constraints, short-range communication, and self-organization in IoT, it always resorts to the cloud or fog nodes for outsourced computation and storage, which has brought about a series of novel challenging security and privacy threats. For this reason, one of the critical challenges of having numerous IoT devices is the capacity to manage them and their data. A specific concern is from which devices or Edge clouds to accept join requests or interaction requests. This paper discusses a design concept for developing the IoT data management platform, along with a data management and lineage traceability implementation of the platform based on blockchain and smart contracts, which approaches the two major challenges: how to implement effective data management and enrich rational interoperability for trusted groups of linked Things; And how to settle conflicts between untrusted IoT devices and its requests taking into account security and privacy preserving. Experimental results show that the system scales well with the loss of computing and communication performance maintaining within the acceptable range, works well to effectively defend against unauthorized access and empower data provenance and transparency, which verifies the feasibility and efficiency of the design concept to provide privacy, fine-grained, and integrity data management over the IoT devices by introducing the blockchain-based data management platform.

the more (IoT) scales up with promises, the more security issues raise to the surface and must be tackled down. IoT is very vulnerable against DoS attacks. In this paper, we propose a hybrid design of signature-based IDS and anomaly-based IDS. The proposed hybrid design intends to enhance the intrusion detection and prevention systems (IDPS) to detect any DoS attack at early stages by classifying the network packets based on user behavior. Simulation results prove successful detection of DoS attack at earlier stages.

Security attacks against Internet of Things (IoT) are on the rise and they lead to drastic consequences. Data confidentiality is typically based on a strong symmetric-key algorithm to guard against confidentiality attacks. However, there is a need to design an efficient lightweight cipher scheme for a number of applications for IoT systems. Recently, a set of lightweight cryptographic algorithms have been presented and they are based on the dynamic key approach, requiring a small number of rounds to minimize the computation and resource overhead, without degrading the security level. This paper follows this logic and provides a new flexible lightweight cipher, with or without chaining operation mode, with a simple round function and a dynamic key for each input message. Consequently, the proposed cipher scheme can be utilized for real-time applications and/or devices with limited resources such as Multimedia Internet of Things (MIoT) systems. The importance of the proposed solution is that it produces dynamic cryptographic primitives and it performs the mixing of selected blocks in a dynamic pseudo-random manner. Accordingly, different plaintext messages are encrypted differently, and the avalanche effect is also preserved. Finally, security and performance analysis are presented to validate the efficiency and robustness of the proposed cipher variants.

The ubiquitous internetworking of devices in all areas of life is boosted by various trends for instance the Internet of Things. Promising technologies that can be used for such future environments come from Wireless Sensor Networks. It ensures connectivity between distributed, tiny and simple sensor nodes as well as sensor nodes and base stations in order to monitor physical or environmental conditions such as vibrations, temperature or motion. Security plays an increasingly important role in the coming decades in which attacking strategies are becoming more and more sophisticated. Contemporary cryptographic mechanisms face a great threat from quantum computers in the near future and together with Intrusion Detection Systems are hardly applicable on sensors due to strict resource constraints. Thus, in this work a future-proof lightweight and resource-aware security concept for sensor networks with a processing stage permeated filtering mechanism is proposed. A special focus in the concepts evaluation lies on the novel Magic Number filter to mitigate a special kind of Denial-of-Service attack performed on CC1350 LaunchPad ARM Cortex-M3 microcontroller boards.

With the rapidly increasing number of Internet of Things (IoT) devices and their extensive integration into peoples' daily lives, the security of those devices is of primary importance. Nonetheless, many IoT devices suffer from the absence, or the bad application, of security concepts, which leads to severe vulnerabilities in those devices. To achieve early detection of potential vulnerabilities, network scanner tools are frequently used. However, most of those tools are highly specialized; thus, multiple tools and a meaningful correlation of their results are required to obtain an adequate listing of identified network vulnerabilities. To simplify this process, we propose a modular framework for automated network reconnaissance and vulnerability indication in IP-based networks. It allows integrating a diverse set of tools as either, scanning tools or analysis tools. Moreover, the framework enables result aggregation of different modules and allows information sharing between modules facilitating the development of advanced analysis modules. Additionally, intermediate scanning and analysis data is stored, enabling a historical view of derived information and also allowing users to retrace decision-making processes. We show the framework's modular capabilities by implementing one scanner module and three analysis modules. The automated process is then evaluated using an exemplary scenario with common IP-based IoT components.

In this research paper author surveys the need of data protection from intelligent systems in the private and public sectors. For this, she identifies that the Smart Information Security Intel processes needs to be the suggestive key policy for both sectors of governance either public or private. The information is very sensitive for any organization. When the government offices are concerned, information needs to be abstracted and encapsulated so that there is no information stealing. For this purposes, the art of skill set and new optimized technology needs to be stationed. Author identifies that digital bar-coded air port like security using conveyor belts and digital bar-coded conveyor boxes to scan switched ON articles like internet of things needs to be placed. As otherwise, there can potentially be data, articles or information stealing from the operational sites where access is unauthorized. Such activities shall need to be scrutinized, minutely. The biometric such as fingerprints, iris, voice and face recognition pattern updates in the virtual data tables must be taken to keep data entry-exit log up to-date. The information technicians of the sentinel systems must help catch the anomalies in the professional working time in private and public sectors if there is red flag as indicator. The author in this research paper shall discuss in detail what we shall station, how we shall station and what all measures we might need to undertake to safeguard the stealing of sensitive information from the organizations like administration buildings, government buildings, educational schools, hospitals, courts, private buildings, banks and all other offices nation-wide. The TO-BE new processes shall make the AS-IS office system more information secured, data protected and personnel security stronger.

Micromagnetic simulations of coercivity as a function of external magnetic field direction were performed for a hexagonal array of hemispherical Permalloy nanocaps. The analysis was based on hysteresis loops for arrangements of nanocaps of variable thickness (5 nm and 10 nm). The angular dependence of coercivity had a maximum at about 80° with respect to the arrangement plane. An increase in coercivity with nanocap thickness is related to the magnetization reversal mechanism, where the dipole energy of individual caps generates an effective intermediate axis, locking the magnetic moments. The coercivity has maximum values of 109 Oe for 5 nm and 156 Oe for 10 nm thickness. The remanence decreases monotonically with angle. This is associated with the influence of shape anisotropy, where the demagnetizing field in the plane of the array is much smaller than the demagnetizing field perpendicular to the plane.

The trending technological research platform is Internet of Things (IoT)and most probably it will stay that way for a while. One of the main application areas of IoT is Cyber-Physical Systems (CPSs), in which IoT devices can be leveraged as actuators and sensors in accordance with the system needs. The public acceptance and adoption of CPS services and applications will create a huge amount of privacy issues related to the processing, storage and disclosure of the user location information. As a remedy, our paper proposes a methodology to provide location privacy for the users of CPSs. Our proposal takes advantage of concepts such as mix-zone, context-awareness, and location-obfuscation. According to our best knowledge, the proposed methodology is the first privacy-preserving location service for CPSs that offers adaptable privacy levels related to the current context of the user.