Biblio

Internet of Things is attracting a lot of interest in the modern world and has become a part of daily life leading to a large scale of distribution of Low power and Lossy Networks (LLN). For such networks constrained by low power and storage, IETF has proposed RPL an open standard routing protocol. However RPL protocol is exposed to a number of attacks which may degrade the performance and resources of the network leading to incorrect output. In this paper, to address Wormhole and Grayhole attack we propose a light weight Trust based mechanism. The proposed method uses direct trust which is computed based on node properties and Indirect Trust which is based on opinion of the neighboring nodes. The proposed method is energy friendly and does not impose excessive overhead on network traffic.

Numerous IoT applications, like building automation or process control of industrial sites, exist today. These applications inherently have a strong connection to the physical world. Hence, IT security threats cannot only cause problems like data leaks but also safety issues which might harm people. Attacks on IT systems are not only performed by outside attackers but also insiders like administrators. For this reason, we present ongoing work on a Byzantine fault tolerant configuration management system (CMS) that provides control over administrators, restrains their rights, and enforces separation of concerns. We reach this goal by conducting a configuration management process that requires multi-party authorization for critical configurations to prevent individual malicious administrators from performing undesired actions. Only after a configuration has been authorized by multiple experts, it is applied to the targeted devices. For the whole configuration management process, our CMS guarantees accountability and traceability. Lastly, our system is tamper-resistant as we leverage Hyperledger Fabric, which provides a distributed execution environment for our CMS and a blockchain-based distributed ledger that we use to store the configurations. A beneficial side effect of this approach is that our CMS is also suitable to manage configurations for infrastructure shared across different organizations that do not need to trust each other.

Smart governments are known as extensions of e-governments both built on the Internet of Things (IoT). In this paper, we classify smart governments into two types (1) new generation and (2) extended smart-government. We then put forth a framework for smart governments implementation and discuss the major challenges in its implementation showing security as the most prominent challenge in USA, mindscaping in Kuwait and investment in India.

The use of Electric Vehicle (EV) is growing rapidly due to its environmental benefits. However, the major problem of these vehicles is their limited battery, the lack of charging stations and the re-charge time. Introducing Information and Communication Technologies, in the field of EV, will improve energy efficiency, energy consumption predictions, availability of charging stations, etc. The Internet of Vehicles based only on Electric Vehicles (IoEV) is a complex system. It is composed of vehicles, humans, sensors, road infrastructure and charging stations. All these entities communicate using several communication technologies (ZigBee, 802.11p, cellular networks, etc). IoEV is therefore vulnerable to significant attacks such as DoS, false data injection, modification. Hence, security is a crucial factor for the development and the wide deployment of Internet of Electric Vehicles (IoEV). In this paper, we present an overview of security issues of the IoEV architecture and we highlight open issues that make the IoEV security a challenging research area in the future.

In the past few years, Internet of Things (IoT) devices have emerged and spread everywhere. Many researchers have been motivated to study the security issues of IoT devices due to the sensitive information they carry about their owners. Privacy is not simply about encryption and access authorization, but also about what kind of information is transmitted, how it used and to whom it will be shared with. Thus, IoT manufacturers should be compelled to issue Privacy Policy Agreements for their respective devices as well as ensure that the actual behavior of the IoT device complies with the issued privacy policy. In this paper, we implement a test bed for ensuring compliance of Internet of Things data disclosure to the corresponding privacy policy. The fundamental approach used in the test bed is to capture the data traffic between the IoT device and the cloud, between the IoT device and its application on the smart-phone, and between the IoT application and the cloud and analyze those packets for various features. We test 11 IoT manufacturers and the results reveal that half of those IoT manufacturers do not have an adequate privacy policy specifically for their IoT devices. In addition, we prove that the action of two IoT devices does not comply with what they stated in their privacy policy agreement.

Today's emerging Industrial Internet of Things (IIoT) scenarios are characterized by the exchange of data between services across enterprises. Traditional access and usage control mechanisms are only able to determine if data may be used by a subject, but lack an understanding of how it may be used. The ability to control the way how data is processed is however crucial for enterprises to guarantee (and provide evidence of) compliant processing of critical data, as well as for users who need to control if their private data may be analyzed or linked with additional information - a major concern in IoT applications processing personal information. In this paper, we introduce LUCON, a data-centric security policy framework for distributed systems that considers data flows by controlling how messages may be routed across services and how they are combined and processed. LUCON policies prevent information leaks, bind data usage to obligations, and enforce data flows across services. Policy enforcement is based on a dynamic taint analysis at runtime and an upfront static verification of message routes against policies. We discuss the semantics of these two complementing enforcement models and illustrate how LUCON policies are compiled from a simple policy language into a first-order logic representation. We demonstrate the practical application of LUCON in a real-world IoT middleware and discuss its integration into Apache Camel. Finally, we evaluate the runtime impact of LUCON and discuss performance and scalability aspects.

Traditional firewalls, Intrusion Detection Systems(IDS) and network analytics tools extensively use the `flow' connection concept, consisting of five `tuples' of source and destination IP, ports and protocol type, for classification and management of network activities. By analysing flows, information can be obtained from TCP/IP fields and packet content to give an understanding of what is being transferred within a single connection. As networks have evolved to incorporate more connections and greater bandwidth, particularly from ``always on'' IoT devices and video and data streaming, so too have malicious network threats, whose communication methods have increased in sophistication. As a result, the concept of the 5 tuple flow in isolation is unable to detect such threats and malicious behaviours. This is due to factors such as the length of time and data required to understand the network traffic behaviour, which cannot be accomplished by observing a single connection. To alleviate this issue, this paper proposes the use of additional, two tuple and single tuple flow types to associate multiple 5 tuple communications, with generated metadata used to profile individual connnection behaviour. This proposed approach enables advanced linking of different connections and behaviours, developing a clearer picture as to what network activities have been taking place over a prolonged period of time. To demonstrate the capability of this approach, an expert system rule set has been developed to detect the presence of a multi-peered ZeuS botnet, which communicates by making multiple connections with multiple hosts, thus undetectable to standard IDS systems observing 5 tuple flow types in isolation. Finally, as the solution is rule based, this implementation operates in realtime and does not require post-processing and analytics of other research solutions. This paper aims to demonstrate possible applications for next generation firewalls and methods to acquire additional information from network traffic.

The Internet of Things (IoT) is the network where physical devices, sensors, appliances and other different objects can communicate with each other without the need for human intervention. Wireless Sensor Networks (WSNs) are main building blocks of the IoT. Both the IoT and WSNs have many critical and non-critical applications that touch almost every aspect of our modern life. Unfortunately, these networks are prone to various types of security threats. Therefore, the security of IoT and WSNs became crucial. Furthermore, the resource limitations of the devices used in these networks complicate the problem. One of the most recent and effective approaches to address such challenges is machine learning. Machine learning inspires many solutions to secure the IoT and WSNs. In this paper, we survey the different threats that can attack both IoT and WSNs and the machine learning techniques developed to counter them.

Recently, the armed forces want to bring the Internet of Things technology to improve the effectiveness of military operations in battlefield. So the Internet of Battlefield Things (IoBT) has entered our view. And due to the high processing latency and low reliability of the “combat cloud” network for IoBT in the battlefield environment, in this paper , a novel “combat cloud-fog” network architecture for IoBT is proposed. The novel architecture adds a fog computing layer which consists of edge network equipment close to the users in the “combat-cloud” network to reduce latency and enhance reliability. Meanwhile, since the computing capability of the fog equipment are weak, it is necessary to implement distributed computing in the “combat cloud-fog” architecture. Therefore, the distributed computing load balancing problem of the fog computing layer is researched. Moreover, a distributed generalized diffusion strategy is proposed to decrease latency and enhance the stability and survivability of the “combat cloud-fog” network system. The simulation result indicates that the load balancing strategy based on generalized diffusion algorithm could decrease the task response latency and support the efficient processing of battlefield information effectively, which is suitable for the “combat cloud- fog” network architecture.

Device-to-device communication is widely used for mobile devices and Internet of Things. Authentication and key agreement are critical to build a secure channel between two devices. However, existing approaches often rely on a pre-built fingerprint database and suffer from low key generation rate. We present GeneWave, a fast device authentication and key agreement protocol for commodity mobile devices. GeneWave first achieves bidirectional initial authentication based on the physical response interval between two devices. To keep the accuracy of interval estimation, we eliminate time uncertainty on commodity devices through fast signal detection and redundancy time cancellation. Then, we derive the initial acoustic channel response for device authentication. We design a novel coding scheme for efficient key agreement while ensuring security. Therefore, two devices can authenticate each other and securely agree on a symmetric key. GeneWave requires neither special hardware nor pre-built fingerprint database, and thus it is easyto-use on commercial mobile devices. We implement GeneWave on mobile devices (i.e., Nexus 5X and Nexus 6P) and evaluate its performance through extensive experiments. Experimental results show that GeneWave efficiently accomplish secure key agreement on commodity smartphones with a key generation rate 10× faster than the state-of-the-art approach.

It is a research hotspot that using blockchain technology to solve the security problems of the Internet of Things (IoT). Although many related ideas have been proposed, there are very few literatures with theoretical and data support. This paper focuses on the research of model construction and performance evaluation. First, an IoT security model is established based on blockchain and InterPlanetary File System (IPFS). In this model, many security risks of traditional IoT architectures can be avoided, and system performance is significantly improved in distributed large capacity storage, concurrency and query. Secondly, the performance of the proposed model is evaluated through the average latency and throughput, which are meaningful for further research and optimization of this direction. Analysis and test results demonstrate the effectiveness of the blockchain-based security model.

The extensive increase in the number of IoT devices and the massive data generated and sent to the cloud hinder the cloud abilities to handle it. Further, some IoT devices are latency-sensitive. Such sensitivity makes it harder for far clouds to handle the IoT needs in a timely manner. A new technology named "Fog computing" has emerged as a solution to such problems. Fog computing relies on close by computational devices to handle the conventional cloud load. However, Fog computing introduced additional problems related to the trustworthiness and safety of such devices. Unfortunately, the suggested architectures did not consider such problem. In this paper we present a novel self-configuring fog architecture to support IoT networks with security and trust in mind. We realize the concept of Moving-target defense by mobilizing the applications inside the fog using live migrations. Performance evaluations using a benchmark for mobilized applications showed that the added overhead of live migrations is very small making it deployable in real scenarios. Finally, we presented a mathematical model to estimate the survival probabilities of both static and mobile applications within the fog. Moreover, this work can be extended to other systems such as mobile ad-hoc networks (MANETS) or in vehicular cloud computing (VCC).

Active Noise Cancellation (ANC) is a classical area where noise in the environment is canceled by producing anti-noise signals near the human ears (e.g., in Bose's noise cancellation headphones). This paper brings IoT to active noise cancellation by combining wireless communication with acoustics. The core idea is to place an IoT device in the environment that listens to ambient sounds and forwards the sound over its wireless radio. Since wireless signals travel much faster than sound, our ear-device receives the sound in advance of its actual arrival. This serves as a glimpse into the future, that we call lookahead, and proves crucial for real-time noise cancellation, especially for unpredictable, wide-band sounds like music and speech. Using custom IoT hardware, as well as lookahead-aware cancellation algorithms, we demonstrate MUTE, a fully functional noise cancellation prototype that outperforms Bose's latest ANC headphone. Importantly, our design does not need to block the ear - the ear canal remains open, making it comfortable (and healthier) for continuous use.

Fog-Cloud framework is being regarded as a more promising technology to provide performance guarantee for IoT applications, which not only have higher requirements on computation resources, but also are delay and/or security sensitive. In this framework, a delay and security-sensitive computation task is usually divided into several sub-tasks, which could be offloaded to either fog or cloud computing servers, referred to as offloading destinations. Sub-tasks may exchange information during their processing and then have requirement on transmission bandwidth. Different destinations produce different completion delays of a sub-task, affecting the corresponding task delay. The existing offloading approaches either considered only a single type of offloading destinations or ignored delay and/or security constraint. This paper studies a computation offloading problem in the fog-cloud scenario where not only computation and security capabilities of offloading destinations may be different, but also bandwidth and delay of links may be different. We first propose a joint offloading approach by formulating the problem as a form of Mixed Integer Programming Multi-Commodity Flow to maximize the fog-cloud provider's revenue without sacrificing performance and security requirements of users. We also propose a greedy algorithm for the problem. Extensive simulation results under various network scales show that the proposed computation offloading mechanism achieves higher revenue than the conventional single-type computation offloading under delay and security constraints.

Low power and lossy network (LLN) comprising of constrained devices like sensors and RFIDs, is a major component in the Internet of Things (IoT) environment as these devices provide global connectivity to physical devices or “Things”. LLNs are tied to the Internet or any High Performance Computing environment via an adaptation layer called 6LoWPAN (IPv6 over Low power Personal Area Network). The routing protocol used by 6LoWPAN is RPL (IPv6 Routing Protocol over LLN). Like many other routing protocols, RPL is susceptible to blackhole attacks which cause topological isolation for a subset of nodes in the LLN. A malicious node instigating the blackhole attack drops received packets from nodes in its subtree which it is supposed to forward. Thus, the malicious node successfully isolates nodes in its subtree from the rest of the network. In this paper, we propose an algorithm based on the concept of exponential smoothing to detect the topological isolation of nodes due to blackhole attack. Exponential smoothing is a technique for smoothing time series data using the exponential window function and is used for short, medium and long term forecasting. In our proposed algorithm, exponential smoothing is used to estimate the next arrival time of packets at the sink node from every other node in the LLN. Using this estimation, the algorithm is designed to identify the malicious nodes instigating blackhole attack in real time.

Influence of remanent flux on hysteresis curve of the transformer core is addressed in this paper. In addition, its significant negative effect on transformer diagnostic tests is quantified based on experimental studies. Furthermore, a novel approach is proposed to efficiently and quickly eliminate the remanent flux. This approach is evaluated based on simulation studies on a 230/63-kV power transformer. Meanwhile, experimental studies are performed on both 0.2/0.2 and 20/0.4 kV transformers. These studies reveal that the approach not only is well able to eliminate the remanent flux, but also it has various advantages over the commonly used method. In addition, this approach is equally applicable for various power, distribution, and instrument transformer types.

The main objective of the Third Generation Partnership Project (3GPP) is to fulfill the increasing security demands of IoT-based applications with the evolution of Fifth Generation (5G) mobile telecommunication technology. In June 2018, the 3GPP has published the study report of the handover architecture and security functions of in 5G communication network. In this paper, we discuss the 5G handover key mechanism with its key hierarchy. In addition, the inter-gNB handover authentication mechanism in 5G communication network is analyzed and identify the security vulnerabilities such as false base-station attack, de-synchronization attack, key compromise, etc. In addition, the handover mechanism suffers from authentication complexity due to high signaling overhead. To overcome these problems, we recommend some countermeasures as pre-authentication of communication entities, delegation of authentication and predistribution of secret keys. This is first work in the 5G handover security analysis. We anticipate that the above security issues and key resilience problem can be avoided from the proposed solutions.

The subsystem of IoMT (Internet of Military of Things) called IoBT (Internet of Battle of Things) is the major resource of the military where the various stack holders of the battlefield and different categories of equipment are tightly integrated through the internet. The proposed architecture mentioned in this paper will be helpful to design IoBT effectively for warfare using irresistible technologies like information technology, embedded technology, and network technology. The role of Machine intelligence is essential in IoBT to create smart things and provide accurate solutions without human intervention. Non-Destructive Testing (NDT) is used in Industries to examine and analyze the invisible defects of equipment. Generally, the ultrasonic waves are used to examine and analyze the internal defects of materials. Hence the proposed architecture of IoBT is enhanced by ultrasonic based NDT to study the properties of the things of the battlefield without causing any damage.

The Internet of things (IoT) is a distributed, networked system composed of many embedded sensor devices. Unfortunately, these devices are resource constrained and susceptible to malicious data-integrity attacks and failures, leading to unreliability and sometimes to major failure of parts of the entire system. Intrusion detection and failure handling are essential requirements for IoT security. Nevertheless, as far as we know, the area of data-integrity detection for IoT has yet to receive much attention. Most previous intrusion-detection methods proposed for IoT, particularly for wireless sensor networks (WSNs), focus only on specific types of network attacks. Moreover, these approaches usually rely on using precise values to specify abnormality thresholds. However, sensor readings are often imprecise and crisp threshold values are inappropriate. To guarantee a lightweight, dependable monitoring system, we propose a novel hierarchical framework for detecting abnormal nodes in WSNs. The proposed approach uses fuzzy logic in event-condition-action (ECA) rule-based WSNs to detect malicious nodes, while also considering failed nodes. The spatiotemporal semantics of heterogeneous sensor readings are considered in the decision process to distinguish malicious data from other anomalies. Following our experiments with the proposed framework, we stress the significance of considering the sensor correlations to achieve detection accuracy, which has been neglected in previous studies. Our experiments using real-world sensor data demonstrate that our approach can provide high detection accuracy with low false-alarm rates. We also show that our approach performs well when compared to two well-known classification algorithms.

In this paper, the problem of misinformation propagation is studied for an Internet of Battlefield Things (IoBT) system in which an attacker seeks to inject false information in the IoBT nodes in order to compromise the IoBT operations. In the considered model, each IoBT node seeks to counter the misinformation attack by finding the optimal probability of accepting a given information that minimizes its cost at each time instant. The cost is expressed in terms of the quality of information received as well as the infection cost. The problem is formulated as a mean-field game with multiclass agents which is suitable to model a massive heterogeneous IoBT system. For this game, the mean-field equilibrium is characterized, and an algorithm based on the forward backward sweep method is proposed. Then, the finite IoBT case is considered, and the conditions of convergence of the equilibria in the finite case to the mean-field equilibrium are presented. Numerical results show that the proposed scheme can achieve a two-fold increase in the quality of information (QoI) compared to the baseline when the nodes are always transmitting.

In this paper, the problem of misinformation propagation is studied for an Internet of Battlefield Things (IoBT) system, in which an attacker seeks to inject false information in the IoBT nodes in order to compromise the IoBT operations. In the considered model, each IoBT node seeks to counter the misinformation attack by finding the optimal probability of accepting given information that minimizes its cost at each time instant. The cost is expressed in terms of the quality of information received as well as the infection cost. The problem is formulated as a mean-field game with multiclass agents, which is suitable to model a massive heterogeneous IoBT system. For this game, the mean-field equilibrium is characterized, and an algorithm based on the forward backward sweep method is proposed to find the mean-field equilibrium. Then, the finite-IoBT case is considered, and the conditions of convergence of the equilibria in the finite case to the mean-field equilibrium are presented. Numerical results show that the proposed scheme can achieve a 1.2-fold increase in the quality of information compared with a baseline scheme, in which the IoBT nodes are always transmitting. The results also show that the proposed scheme can reduce the proportion of infected nodes by 99% compared with the baseline.

A significant segment of the Internet of Things (IoT) is the resource constrained Low Power and Lossy Networks (LLNs). The communication protocol used in LLNs is 6LOWPAN (IPv6 over Low-power Wireless Personal Area Network) which makes use of RPL (IPv6 Routing Protocol over Low power and Lossy network) as its routing protocol. In recent times, several security breaches in IoT networks occurred by targeting routers to instigate various DDoS (Distributed Denial of Service) attacks. Hence, routing security has become an important problem in securing the IoT environment. Though RPL meets all the routing requirements of LLNs, it is important to perform a holistic security assessment of RPL as it is susceptible to many security attacks. An important attribute of RPL is its rank property. The rank property defines the placement of sensor nodes in the RPL DODAG (Destination Oriented Directed Acyclic Graphs) based on an Objective Function. Examples of Objective Functions include Expected Transmission Count, Packet Delivery Rate etc. Rank property assists in routing path optimization, reducing control overhead and maintaining a loop free topology through rank based data path validation. In this paper, we investigate the vulnerabilities of the rank property of RPL by constructing an Attack Graph. For the construction of the Attack Graph we analyzed all the possible threats associated with rank property. Through our investigation we found that violation of protocols related to rank property results in several RPL attacks causing topological sub-optimization, topological isolation, resource consumption and traffic disruption. Routing security essentially comprises mechanisms to ensure correct implementation of the routing protocol. In this paper, we also present some observations which can be used to devise mechanisms to prevent the exploitation of the vulnerabilities of the rank property.

Remote attestation is the process of measuring the integrity of a device over the network, by detecting modification of software or hardware from the original configuration. Several remote software-based attestation mechanisms have been introduced, that rely on strict time constraints and other impractical constraints that make them inconvenient for IoT systems. Although some research is done to address these issues, they integrated trusted hardware devices to the attested devices to accomplish their aim, which is costly and not convenient for many use cases. In this paper, we propose “Dual Attestation” that includes two stages: static and dynamic. The static attestation phase checks the memory of the attested device. The dynamic attestation technique checks the execution correctness of the application code and can detect the runtime attacks. The objectives are to minimize the overhead and detect these attacks, by developing an optimized dynamic technique that checks the application program flow. The optimization will be done in the prover and the verifier sides.

Internet of Vehicle (IoV) is an essential part of the Intelligent Transportation system (ITS) which is growing exponentially in the automotive industry domain. The term IoV is used in this paper for Internet of Vehicles. IoV is conceptualized for sharing traffic, safety and several other vehicle-related information between vehicles and end user. In recent years, the number of connected vehicles has increased allover the world. Having information sharing and connectivity as its advantage, IoV also faces the challenging task in the cybersecurity-related matters. The future consists of crowded places in an interconnected world through wearable's, sensors, smart phones etc. We are converging towards IoV technology and interactions with crowded space of connected peoples. However, this convergence demands high-security mechanism from the connected crowd as-well-as other connected vehicles to safeguard of proposed IoV system. In this paper, we coin the term of smart people crowd (SPC) and the smart vehicular crowd (SVC) for the Internet of Vehicles (IoV). These specific crowds of SPC and SVC are the potential cyber attackers of the smart IoV. People connected to the internet in the crowded place are known as a smart crowd. They have interfacing devices with sensors and the environment. A smart crowd would also consist of the random number of smart vehicles. With the future converging in to the smart connected framework for crowds, vehicles and connected vehicles, we present a novel cyber-physical surveillance system (CPSS) framework to tackle the security threats in the crowded environment for the smart automotive industry and provide the cyber security mechanism in the crowded places. We also describe an overview of use cases and their security challenges on the Internet of Vehicles.

Recently, as the age of the Internet of Things is approaching, there are more and more devices that communicate data with each other by incorporating sensors and communication functions in various objects. If the IoT is miniaturized, it can be regarded as a sensor having only the sensing ability and the low performance communication ability. Low-performance sensors are difficult to use high-quality communication, and wireless security used in expensive wireless communication devices cannot be applied. Therefore, this paper proposes authentication and key Agreement that can be applied in sensor networks using communication with speed less than 1 Kbps and has limited performances.