Biblio

Recently, with the spread of Internet of Things (IoT) devices, embedded hardware devices have been used in a variety of everyday electrical items. Due to the increased demand for embedded hardware devices, some of the IC design and manufacturing steps have been outsourced to third-party vendors. Since malicious third-party vendors may insert malicious circuits, called hardware Trojans, into their products, developing an effective hardware Trojan detection method is strongly required. In this paper, we propose 25 hardware-Trojan features based on the structure of trigger circuits for machine-learning-based hardware Trojan detection. Combining the proposed features into 11 existing hardware-Trojan features, we totally utilize 36 hardware-Trojan features for classification. Then we classify the nets in an unknown netlist into a set of normal nets and Trojan nets based on the random-forest classifier. The experimental results demonstrate that the average true positive rate (TPR) becomes 63.6% and the average true negative rate (TNR) becomes 100.0%. They improve the average TPR by 14.7 points while keeping the average TNR compared to existing state-of-the-art methods. In particular, the proposed method successfully finds out Trojan nets in several benchmark circuits, which are not found by the existing method.

In recent years, with the rapid update of wireless communication technologies such as 5G and the Internet of Things, as well as the explosive growth of wireless intelligent devices, people's demand for radio spectrum resources is increasing, which leads spectrum scarcity is becoming more serious. To address the scarcity of spectrum, the Internet of Things based on cognitive radio (CR-IoT) has become an effective technique to enable IoT devices to reuse the spectrum that has been fully utilized. The frequency band information is transmitted through wireless communication in the CR-IoT network, so the node is easily to be eavesdropped or tampered with by attackers in the process of transmitting data, which leads to information leakage and wrong perception results. To deal with the security problem of channel data transmission, this paper proposes a chaotic compressed spectrum sensing algorithm. In this algorithm, the chaotic parameter package is utilized to generate the measurement matrix, which makes good use of the sensitivity of the initial value of chaotic system to improve the transmission security. And the introduction of the semi-tensor theory significantly reduces the dimension of the matrix that the secondary user needs to store. In addition, the semi-tensor compressed sensing is used in the fusion center for parallel reconstruction process, which effectively reduces the sensing time delay. The simulation results show that the chaotic compressed spectrum sensing algorithm can achieve faster, high-quality, and low-energy channel energy transmission.

Intrusion Detection System (IDS) is a system that could detect suspicious activity in a network. Two approaches are known for IDS, namely signature-based and anomaly-based. The anomaly-based detection method was chosen to detect suspicious and abnormal activity for the system that cannot be performed by the signature-based method. In this study, attack testing was carried out using three DoS tools, namely the LOIC, Torshammer, and Xerxes tools, with a test scenario using IDS and without IDS. From the test results that have been carried out, IDS has successfully detected the attacks that were sent, for the delivery of the most consecutive attack packages, namely Torshammer, Xerxes, and LOIC. In the detection of Torshammer attack tools on the target FTP Server, 9421 packages were obtained, for Xerxes tools as many as 10618 packages and LOIC tools as many as 6115 packages. Meanwhile, attacks on the target Web Server for Torshammer tools were 299 packages, for Xerxes tools as many as 530 packages, and for LOIC tools as many as 103 packages. The accuracy of the IDS performance results is 88.66%, the precision is 88.58% and the false positive rate is 63.17%.

The Internet of Vehicles (IoV) is a network that considers vehicles as intelligent machines. They interact and communicate with each other to improve the performance and safety of traffic. IoV solves certain problems, but it has some issues such as response time, which prompted researchers to propose the integration of Fog Computing into vehicular networks. In Vehicular Fog Computing (VFC), the services are provided at the edge of the network to increase data rate and reduce response time. However, in order to satisfy network users, the security and privacy of sensitive data should be guaranteed. Using pseudonyms instead of real identities is one of the techniques considered to preserve the privacy of users, however, this can push malicious vehicles to exploit such a process and launch the Sybil attack by creating several pseudonyms in order to perform various malicious activities. In this paper, we describe the Sybil attack effects on VFC networks and compare them to those in conventional networks, as well as identify the various existing methods for detecting this attack and determine if they are applicable to VFC networks.

In recent times, the world has seen a tremendous increase in the number of attacks on IoT devices. A majority of these attacks have been botnet attacks, where an army of compromised IoT devices is used to launch DDoS attacks on targeted systems. In this paper, we study how the choice of a dataset and the extracted features determine the performance of a Machine Learning model, given the task of classifying Linux Binaries (ELFs) as being benign or malicious. Our work focuses on Linux systems since embedded Linux is the more popular choice for building today’s IoT devices and systems. We propose using 4 different types of files as the dataset for any ML model. These include system files, IoT application files, IoT botnet files and general malware files. Further, we propose using static, dynamic as well as network features to do the classification task. We show that existing methods leave out one or the other features, or file types and hence, our model outperforms them in terms of accuracy in detecting these files. While enhancing the dataset adds to the robustness of a model, utilizing all 3 types of features decreases the false positive and false negative rates non-trivially. We employ an exhaustive scenario based method for evaluating a ML model and show the importance of including each of the proposed files in a dataset. We also analyze the features and try to explain their importance for a model, using observed trends in different benign and malicious files. We perform feature extraction using the open source Limon sandbox, which prior to this work has been tested only on Ubuntu 14. We installed and configured it for Ubuntu 18, the documentation of which has been shared on Github.

A kitchen underpinned by the Internet of Things (IoT) requires the management of complex procedural processes. This is due to the fact that when supporting an end-user in the preparation of even only one dish, various devices may need to coordinate with each other. Additionally, it is challenging— yet desirable—to enable an end-user to program their kitchen devices according to their preferred behaviour and to allow them to visualise and track their cooking workflows. In this paper, we compared two semantic representations, namely, Behaviour Trees and the DX-MAN model. We analysed these representations based on their suitability for a range of end-users (i.e., novice to experienced). The methodology required the analysis of smart kitchen user requirements, from which we inferred that the main architectural requirements for IoT cooking workflows are variability and compositionality. Guided by the user requirements, we examined various scenarios and analysed workflow complexity and feasibility for each representation. On the one hand, we found that execution complexity tends to be higher on Behaviour Trees. However, due to their fallback node, they provide more transparency on how to recover from unprecedented circumstances. On the other hand, parameter complexity tends to be somewhat higher for the DX-MAN model. Nevertheless, the DX-MAN model can be favourable due to its compositionality aspect and the ease of visualisation it can offer.

Internet of Things (IoT) devices are ubiquitous, with web cameras, smart refrigerators, and digital assistants appearing in homes, offices, and public spaces. However, these devices are lacking in security measures due to their low time to market and insufficient funding for security research and development. In order to improve the security of IoTs, we have defined novel security metrics based on generic IoT characteristics. Furthermore, we have developed automation for experimentation with IoT devices that results to repeatable and reproducible calculations of security metrics within a realistic IoT testbed. Our results demonstrate that repeatable IoT security measurements are feasible with automation. They prove quantitatively intuitive hypotheses. For example, an large number of inbound / outbound network connections contributes to higher probability of compromise or measuring password strength leads to a robust estimation of IoT security.

Verifying the integrity of IoT data in cloud-based IoT architectures is crucial for building reliable IoT applications. Traditional data integrity verification methods rely on a Trusted Third Party (TTP) that has issues of risk and operational cost by centralization. Distributed Ledger Technology (DLT) has a high potential to verify IoT data integrity and overcome the problems with TTPs. However, the existing DLTs have low transaction throughput, high computational and storage overhead, and are unsuitable for IoT environments, where a massive scale of data is generated. Recently, Directed Acyclic Graph (DAG) based DLTs have been proposed to address the low transaction throughput of linear DLTs. However, the integration of IoT Gateways (GWs) into the peer to peer (P2P) DLT network is challenging because of their low storage and computational capacity. This paper proposes Lightweight and Scalable DAG based distributed ledger for IoT (LSDI) that can work with resource-constrained IoT GWs to provide fast and scalable IoT data integrity verification. LSDI uses two key techniques: Pruning and Clustering, to reduce 1) storage overhead in IoT GWs by removing sufficiently old transactions, and 2) computational overhead of IoT GWs by partitioning a large P2P network into smaller P2P networks. The evaluation results of the proof of concept implementation showed that the proposed LSDI system achieves high transaction throughput and scalability while efficiently managing storage and computation overhead of the IoT GWs.

The emergence of the 5G network has boosted the advancements in the field of the internet of things (IoT) and edge/cloud computing. We present a novel architecture to detect fire in indoor and outdoor environments, dubbed as EAC-FD, an abbreviation of edge and cloud-based fire detection. Compared with existing frameworks, ours is lightweight, secure, cost-effective, and reliable. It utilizes a hybrid edge and cloud computing framework with Intel neural compute stick 2 (NCS2) accelerator is for inference in real-time with Raspberry Pi 3B as an edge device. Our fire detection model runs on the edge device while also capable of cloud computing for more robust analysis making it a secure system. We compare different versions of SSD-MobileNet architectures with ours suitable for low-end devices. The fire detection model shows a good balance between computational cost frames per second (FPS) and accuracy.

Internet of Things (IoT) revolutionizes cutting-edge technologies by enabling smart sensing, and actuation of the physical world. IoT enables cooperation between numerous heterogeneous smart devices to exchange and aggregate data from the surrounding environment through the internet. Recently, the range of IoT technology could be utilized in the real world by the rapid spread of sensor devices. These capabilities open the door for vital challenges. Security is the major challenge that faces the IoT networks. Traditional solutions cannot tackle smart and powerful attackers. Moving Target Defense (MTD) deploys mechanisms and strategies that increase attackers' uncertainty and frustrate their attempt to eavesdrop the target to be protected. In addition, Steganography is the practice of concealing a message within another message. For security proposes, Steganography is used to hide significant data within any transmitted messages, such as images, videos, and text files. This paper presents Stegano-MTD framework that enables combination between MTD mechanisms with steganography. This combination offers a lightweight solution that can be implemented on the IoT network. Stegano-MTD slices the message into small labeled chunks and sends them randomly through the network's nodes. Steganography is used for hide the key file that used to reconstruct the original data. Simulation results show the effectiveness of the presented solution.

This paper presents LIRA-V, a lightweight system for performing remote attestation between constrained devices using the RISC-V architecture. We propose using read-only memory and the RISC-V Physical Memory Protection (PMP) primitive to build a trust anchor for remote attestation and secure channel creation. Moreover, we show how LIRA-V can be used for trusted communication between two devices using mutual attestation. We present the design, implementation and evaluation of LIRA-V using an off-the-shelf RISC-V microcontroller and present performance results to demonstrate its suitability. To our knowledge, we present the first remote attestation mechanism suitable for constrained RISC-V devices, with applications to cyber-physical systems and Internet of Things (IoT) devices.

Magnetic soft robots are increasingly popular as they provide many advantages such as miniaturization and tetherless control that are ideal for applications inside the human body or in previously inaccessible locations.While non-magnetic elastomers have been extensively characterized and modelled for optimizing the fabrication of soft robots, a systematic material characterization of their magnetic counterparts is still missing. In this paper, commonly employed magnetic materials made out of Ecoflex™ 00-30 and Dragon Skin™ 10 with different concentrations of NdFeB microparticles were mechanically and magnetically characterized. The magnetic materials were evaluated under uniaxial tensile testing and their behavior analyzed through linear and hyperelastic model comparison. To determine the corresponding magnetic properties, we present a method to determine the magnetization vector, and magnetic remanence, by means of a force and torque load cell and large reference permanent magnet; demonstrating a high level of accuracy. Furthermore, we study the influence of varied magnitude impulse magnetizing fields on the resultant magnetizations. In combination, by applying improved, material-specific mechanical and magnetic properties to a 2-segment discrete magnetic robot, we show the potential to reduce simulation errors from 8.5% to 5.4%.

New technologies from day to day are submitted with many vulnerabilities that can make data exploitation. Nowadays, IoT is a target for Cybercrime attacks as it is one of the popular platforms in the century. This research address the IoT security problem by carried a medium-interaction honeypot. Honeypot is one of the solutions that can be done because it is a system feed for the introduction of attacks and fraudulent devices. This research has created a medium interaction honeypot using Cowrie, which is used to maintain the Internet of Things device from malware attacks or even attack patterns and collect information about the attacker's machine. From the result analysis, the honeypot can record all trials and attack activities, with CPU loads averagely below 6,3%.

The ecosystem of the Internet of Things (IoT) continues growing now and covers more and more fields. One of these areas is the Industrial Internet of Things (IIoT) which integrates sensors and actuators, business applications, open web applications, multimedia security systems, positioning, and tracking systems. Each of these components creates its own data stream and has its own parameters of the probability distribution when transmitting information packets. One such distribution, specific to the TrumpfTruPrint 1000 IIoT system, is the beta distribution. We described issues of the processing of such a data flow by an agent model of the \$5\textbackslashtextbackslashtimes5\$ NoC switch fabric. The concepts of modern telecommunication networks 5G/6G imply the processing of “small” data in the place of their origin, not excluding the centralized processing of big data. This process, which involves the transmission, distribution, and processing of data, involves a large number of devices: routers, multiprocessor systems, multi-core systems, etc. We assumed that the data stream is processed by a device with the network structure, such as NoC, and goes to its built-in router. We carried out a study how the average queues of the \$5\textbackslashtextbackslashtimes5\$ router change with changes in the parameters of a data stream that has a beta distribution.

The problem of authorship attribution has applications from literary studies (such as the great Shakespeare/Marlowe debates) to counter-intelligence. The field of stylometry aims to offer quantitative results for authorship attribution. In this paper, we present a combination of stylometric techniques using machine learning. An implementation of the system is used to analyse chat logs and attempts to construct a stylometric model for users within the presented chat system. This allows for the authorship attribution of other works they may write under different names or within different communication systems. This implementation demonstrates accuracy of up to 84 % across the dataset, a full 34 % increase against a random-choice control baseline.

Distributed Denial of Service (DDoS) attacks pose a considerable threat to Cloud Computing, Internet of Things (IoT) and other services offered on the Internet. The victim server receives terabytes of data per second during the DDoS attack. It may take hours to examine them to detect a potential threat, leading to denial of service to legitimate users. Processing vast volumes of traffic to mitigate the attack is a challenging task for network administrators. High-performance techniques are more suited for processing DDoS attack traffic compared to Sequential Processing Techniques. This paper proposes a Multi-Core Parallel Processing Technique to prepare the time series data for the early detection of DDoS flooding attacks. Different time series analysis methods are suggested to detect the attack early on. Producing time series data using parallel processing saves time and further speeds up the detection of the attack. The proposed method is applied to the benchmark data set CICDDoS2019 for generating four different time series to detect TCP-based flooding attacks, namely TCP-SYN, TCP-SYN-ACK, TCP-ACK, and TCP-RST. The implementation results show that the proposed method can give a speedup of 2.3 times for processing attack traffic compared to sequential processing.

Fog computing plays a critical role in the provisioning of computing tasks in the context of Internet of Things (IoT) services. However, the security of IoT services against breaches and attacks relies heavily on the security of fog resources, which must be properly implemented and managed. Increasing security investments and integrating the security aspect into the core processes and operations of fog computing including resource management will increase IoT service protection as well as the trustworthiness of fog service providers. However, this requires careful modeling of the security requirements of IoT services as well as theoretical and experimental evaluation of the tradeoff between security and performance in fog infrastructures. To this end, this paper explores a new model for fog resource allocation according to security and Quality of Service (QoS). The problem is modeled as a multi-objective linear optimization problem and solved using conventional, off-the-shelf optimizers by applying the preemptive method. Specifically, two objective functions were defined: one representing the satisfaction of the security design requirements of IoT services and another that models the communication delay among the different virtual machines belonging to the same service request, which might be deployed on different intermediary fog nodes. The simulation results show that the optimization is efficient and achieves the required level of scalability in fog computing. Moreover, a tradeoff needs to be pondered between the two criteria during the resource allocation process.

In Mobile Ad-hoc Network based Internet of things (MANET-IoT), nodes are mobile, infrastructure less, managed and organized by themselves that have important role in many areas such as Mobile Computing, Military Sector, Sensor Networks Commercial Sector, medical etc. One major problem in MANET based IoT is security because nodes are mobile, having not any central administrator and are also not reliable. So, MANET-IoT is more defenseless to denial-of-service attacks for-example Blackhole, Wormhole, Gray-hole etc. To compare the performance of network under different attacks for checking which attack is more affecting the performance of network, we implemented Blackhole and Wormhole attack by modifying AODV routing protocol in NS-3. After preprocessing of data that is obtained by using Flow-monitor module, we calculated performance parameters such as Average Throughput, Average Packet Delivery Ratio, Average End to End Delay, Average Jitter-Sum and compared it with no. of nodes in MANET-IoT network. Throughput and goodput performance of each node in the network is also calculated by using Trace metric module and compared with each node in the network. This approach is also very helpful for further research in MANET-IoT Security.

The Internet of Things (IoT) paradigm has been proposed in the last few years with the goal of addressing technical problems in fields such as home and industrial automation, smart lighting systems and traffic monitoring. However, due to the very nature of the IoT devices (generally low-powered and often lacking strong security functionalities), typical deployments pose a great risk in terms of security and privacy. In this respect, the utilization of both a Trusted Execution Environment (TEE) and a Trusted Platform Module (TPM) can serve as a countermeasure against typical attacks. Furthermore, these functional blocks can serve as safe key storage services and provide a robust secure boot implementation and a firmware update mechanism, thus ensuring run-time authentication and integrity. The Common Criteria for Information Technology Security Evaluation allows to determine the degree of attainment of precise security properties in a product. The main objective of this work is to identify, propose and compose bricks of protection profile (PP), as defined by Common Criteria, that are applicable to secure IoT architectures. Moreover, it aims at giving some guiding rules and facilitate future certifications of components and/or their composition. Finally, it also provides a structure for a future methodology of assessment for IoT devices.

Recently, it is predicted that interworking between heterogeneous devices will be accelerated due to the openness of the IoT (Internet of Things) platform, but various security threats are also expected to increase. However, most IoT open platforms remain at the level that utilizes existing security technologies. Therefore, a more secure security technology is required to prevent illegal copying and leakage of important data through stealing, theft, and hacking of IoT devices. In addition, a technique capable of ensuring interoperability with existing standard technologies is required. This paper proposes an IoT device authentication method based on PUF (Physical Unclonable Function) that operates on an IoT open platform. By utilizing PUF technology, the proposed method can effectively respond to the threat of exposure of the authentication key of the existing IoT open platform. Above all, the proposed method can contribute to compatibility and interoperability with existing technologies by providing a device authentication method that can be effectively applied to the OCF Iotivity standard specification, which is a representative IoT open platform.

Our proposal aims to help solving a trust problem between licensors and licensees that occurs during the active life of license agreements. We particularly focus on licensing of proprietary intellectual property (IP) that is embedded in Internet of Things (IoT) devices and services (e.g. patented technologies). To achieve this we propose to encode the logic of license agreements into smart licenses (SL). We define a SL as a `digital twin' of a licensing contract, i.e. one or more smart contracts that represent the full or relevant parts of a licensing agreement in machine readable and executable code. As SL are self enforcing, the royalty computation and execution of payments can be fully automated in a tamper free and trustworthy way. This of course, requires to employ a Distributed Ledger Technology (DLT). Such an Automated Licensing Payment System (ALPS) can thus automate an established business process and solve a longstanding trust issue in licensing markets. It renders traditional costly audits obsolete, lowers entry barriers for those who want to participate in licensing markets, and enables novel business models too complex with traditional approaches.

The prevalence of Internet of Things (IoT) allows heterogeneous and lightweight smart devices to collaboratively provide services with or without human intervention. With an ever-increasing presence of IoT-based smart applications and their ubiquitous visibility from the Internet, user data generated by highly connected smart IoT devices also incur more concerns on security and privacy. While a lot of efforts are reported to develop lightweight information assurance approaches that are affordable to resource-constrained IoT devices, there is not sufficient attention paid from the aspect of security solutions against hardware-oriented attacks, i.e. side channel attacks. In this paper, a COTS (commercial off-the-shelf) based Randomized Switched-Mode Voltage Regulation System (RSMVRS) is proposed to prevent power analysis based side channel attacks (P-SCA) on bare metal IoT edge device. The RSMVRS is implemented to direct power to IoT edge devices. The power is supplied to the target device by randomly activating power stages with random time delays. Therefore, the cryptography algorithm executing on the IoT device will not correlate to a predictable power profile, if an adversary performs a SCA by measuring the power traces. The RSMVRS leverages COTS components and experimental study has verified the correctness and effectiveness of the proposed solution.

Internet of Things (IoT) networks are often attacked to compromise the security and privacy of application data and disrupt the services offered by them. The attacks are being launched at different layers of IoT protocol stack by exploiting their inherent weaknesses. Forensic investigations need substantial artifacts and datasets to support the decisions taken during analysis and while attributing the attack to the adversary. Network provenance plays a crucial role in establishing the relationships between network entities. Hence IoT networks can be made forensic ready so that network provenance may be collected to help in constructing these artifacts. The paper proposes Ready-IoT, a novel forensic readiness model for IoT environment to collect provenance from the network which comprises of both network parameters and traffic. A link layer dataset, Link-IoT Dataset is also generated by querying provenance graphs. Finally, Link-IoT dataset is compared with other IoT datasets to draw a line of difference and applicability to IoT environments. We believe that the proposed features have the potential to detect the attacks performed on the IoT network.

Internet of Battlefield Things (IoBT) is the application of Internet of Things (IoT) to a battlefield environment. IoBT networks operate in difficult conditions due to high mobility and unpredictable nature of battle fields and securing them is a challenge. There is increasing interest to use deception techniques to enhance the security of IoBT networks. A honeypot is a system installed on a network as a trap to attract the attention of an attacker and it does not store any valuable data. In this work, we introduce IoBT dual sensor gateways. We propose a Reinforcement Learning (RL)-assisted scheme, in which the IoBT dual sensor gateways intelligently switch between honeypot and real function based on a threshold. The optimal threshold is determined using reinforcement learning approach that adapts to nodes reputation. To focus on the impact of the mobile and uncertain behavior of IoBT networks on the proposed scheme, we consider the nodes as moving vehicles. We statistically analyze the results of our RL-based scheme obtained using ns-3 network simulation, and optimize value of the threshold.

Magnetic shielding is an important part in atomic clock’s physical system. The demagnetization of the assembled magnetic shielding system plays an important role in improving atomic clock’s performance. In terms of the drawbacks in traditional attenuated alternating-current demagnetizing method, this paper proposes a novel method — automatically attenuated alternating-current demagnetizing method. Which is implemented by controlling the demagnetization current waveform thorough the signal source’s modulation, so that these parameters such as demagnetizing current frequency, amplitude, transformation mode and demagnetizing period are precisely adjustable. At the same time, this demagnetization proceeds automatically, operates easily, and works steadily. We have the pulsed optically pumped (POP) rubidium atomic clock’s magnetic shielding system for the demagnetization experiment, the magnetic field value reached 1nT/7cm. Experiments show that novel method can effectively realize the demagnetization of the magnetic shielding system, and well meets the atomic clock’s working requirements.