Biblio

Over the last few years, the deployment of Internet of Things (IoT) is attaining much more concern on smart computing devices. With the exponential growth of small devices and at the same time cheap prices of these sensing devices, there raises an important question for the security of the stored information as these devices generate a large amount of private data for observing and controlling purposes. Distributed Denial of Service (DDoS) attacks are current examples of major security threats to IoT devices. As yet, no standard protocol can fully ensure the security of IoT devices. But adaptive decision making along with elasticity and incessant monitoring is required. These difficulties can be resolved with the assistance of Software Defined Networking (SDN) which can viably deal with the security dangers to the IoT devices in a powerful and versatile way without hampering the lightweightness of the IoT devices. Although SDN performs quite well for managing and controlling IoT devices, security is still an open concern. Nonetheless, there are a few challenges relating to the mitigation of DDoS attacks in IoT systems implemented with SDN architecture. In this paper, a brief overview of some of the popular DDoS attack mitigation techniques and their limitations are described. Also, the challenges of implementing these techniques in SDN-based architecture to IoT devices have been presented.

Internet of things as a technology that connect internet and physical world has been implemented in many diverse fields and has been proven very useful and flexible. In every implementation of technology that involve internet, security must be a great concern, including the implementation of IoT technology. A lot of alternatives can be used to achieve security of IoT. Ming et al. has proposed novel signcryption scheme to secure IoT of monitoring health data. In this work, proposed signcryption scheme from Ming et al. has been successfully implemented using Raspberry Pi and ESP32 and has proven work in securing IoT data.

Internet of Things (IoT) based applications face an increasing number of potential security risks, which need to be systematically assessed and addressed. Expert-based manual assessment of IoT security is a predominant approach, which is usually inefficient. To address this problem, we propose an automated security assessment framework for IoT networks. Our framework first leverages machine learning and natural language processing to analyze vulnerability descriptions for predicting vulnerability metrics. The predicted metrics are then input into a two-layered graphical security model, which consists of an attack graph at the upper layer to present the network connectivity and an attack tree for each node in the network at the bottom layer to depict the vulnerability information. This security model automatically assesses the security of the IoT network by capturing potential attack paths. We evaluate the viability of our approach using a proof-of-concept smart building system model which contains a variety of real-world IoT devices and poten-tial vulnerabilities. Our evaluation of the proposed framework demonstrates its effectiveness in terms of automatically predicting the vulnerability metrics of new vulnerabilities with more than 90% accuracy, on average, and identifying the most vulnerable attack paths within an IoT network. The produced assessment results can serve as a guideline for cybersecurity professionals to take further actions and mitigate risks in a timely manner.

As it is easy to ensure the confidentiality of users on the Dark Web, malware and exploit kits are sold on the market, and attack methods are discussed in forums. Some services provide IoT Botnet to perform distributed denial-of-service (DDoS as a Service: DaaS), and it is speculated that the purchase of these services is made on the Dark Web. By crawling such information and storing it in a database, threat intelligence can be obtained that cannot otherwise be obtained from information on the Surface Web. However, crawling sites on the Dark Web present technical challenges. For this paper, we implemented a crawler that can solve these challenges. We also collected information on markets and forums on the Dark Web by operating the implemented crawler. Results confirmed that the dataset collected by crawling contains threat intelligence that is useful for analyzing cyber attacks, particularly those related to IoT Botnet and DaaS. Moreover, by uncovering the relationship with security reports, we demonstrated that the use of data collected from the Dark Web can provide more extensive threat intelligence than using information collected only on the Surface Web.

Vehicles play an integral part in the life of a human being by facilitating in everyday tasks. The major concern that arises with this fact is that the rate of vehicle thefts have increased exponentially and retrieving them becomes almost impossible as the responsible party completely alters the stolen vehicles, leaving them untraceable. Ultimately, tracking and monitoring of vehicles using on-vehicle sensors is a promising and an efficient solution. The Internet of Things (IoT) is expected to play a vital role in revolutionizing the Security and Safety industry through a system of sensor networks by periodically sending the data from the sensors to the cloud for storage, from where it can be accessed to view or take any necessary actions (if required). The main contributions of this paper are the implementation and results of the prototype of a vehicle tracking and monitoring system. The system comprises of an Arduino UNO board connected to the Global Positioning System (GPS) module, Neo-6M, which senses the exact location of the vehicle in the form of latitude and longitude, and the ESP8266 Wi-Fi module, which sends the data to the Application Programming Interface (API) Cloud service, ThingSpeak, for storage and analyzing. An Android based mobile application is developed that utilizes the stored data from the Cloud and presents the user with the findings. Results show that the prototype is not only simple and cost effective, but also efficient and can be readily used by everyone from all walks of life to protect their vehicles.

The exponential increase in the use of Internet of Things (IoT) devices has been accompanied by a spike in cyberattacks on IoT networks. In this research, we investigate the Bot-IoT dataset with a focus on classifying IoT reconnaissance attacks. Reconnaissance attacks are a foundational step in the cyberattack lifecycle. Our contribution is centered on the building of predictive models with the aid of Random Undersampling (RUS) and ensemble Feature Selection Techniques (FSTs). As far as we are aware, this type of experimentation has never been performed for the Reconnaissance attack category of Bot-IoT. Our work uses the Area Under the Receiver Operating Characteristic Curve (AUC) metric to quantify the performance of a diverse range of classifiers: Light GBM, CatBoost, XGBoost, Random Forest (RF), Logistic Regression (LR), Naive Bayes (NB), Decision Tree (DT), and a Multilayer Perceptron (MLP). For this study, we determined that the best learners are DT and DT-based ensemble classifiers, the best RUS ratio is 1:1 or 1:3, and the best ensemble FST is our ``6 Agree'' technique.

Internet of things (IoT) healthcare devices, like other IoT devices, typically use proprietary protocol communications. Usually, these proprietary protocols are not audited and may present security flaws. Further, new proprietary protocols are desgined in the field of IoT devices, like data-over-sound communications. Data-over-sound is a new method of communication based on audio with increasing popularity due to its low hardware requirements. Only a speaker and a microphone are needed instead of the specific antennas required by Bluetooth or Wi-Fi protocols. In this paper, we analyze, audit and reverse engineer a modern IoT healthcare device used for performing electrocardiograms (ECG). The audited device is currently used in multiple hospitals and allows remote health monitoring of a patient with heart disease. For this auditing, we follow a black-box reverse-engineering approach and used STRIDE threat analysis methodology to assess all possible attacks. Following this methodology, we successfully reverse the proprietary data-over-sound protocol used by the IoT healthcare device and subsequently identified several vulnerabilities associated with the device. These vulnerabilities were analyzed through several experiments to classify and test them. We were able to successfully manipulate ECG results and fake heart illnesses. Furthermore, all attacks identified do not need any patient interaction, being this a transparent process which is difficult to detect. Finally, we suggest several short-term solutions, centred in the device isolation, as well as long-term solutions, centred in involved encryption capabilities.

Software Defined Network (SDN) is a new paradigm in network architecture. The basic concept of SDN itself is to separate the control plane and forwarding plane explicitly. In the last few years, SDN technology has become one of the exciting topics for researchers, the development of SDN which was carried out, one of which was implementing the Internet of Things (IoT) devices in the SDN network architecture model. Mininet-IoT is developing the Mininet network emulator by adding virtualized IoT devices, 6LoWPAN based on wireless Linux standards, and 802.15.4 wireless simulation drivers. Mininet-IoT expands the Mininet code class by adding or modifying functions in it. This research will discuss the performance of the 6LoWPAN device on the internet of things (IoT) network by applying the SDN paradigm. We use the Mininet-IoT emulator and the Open Network Operating System (ONOS) controller using the internet of things (IoT) IPv6 forwarding. Performance testing by comparing some of the topologies of the addition of host, switch, and cluster. The test results of the two scenarios tested can be concluded; the throughput value obtained has decreased compared to the value of back-traffic traffic. While the packet loss value obtained is on average above 15%. Jitter value, delay, throughput, and packet loss are still in the category of enough, good, and very good based on TIPHON and ITU-T standards.

Edge nodes are crucial for detection against multitudes of cyber attacks on Internet-of-Things endpoints and is set to become part of a multi-billion industry. The resource constraints in this novel network infrastructure tier constricts the deployment of existing Network Intrusion Detection System with Deep Learning models (DLM). We address this issue by developing a novel light, fast and accurate `Edge-Detect' model, which detects Distributed Denial of Service attack on edge nodes using DLM techniques. Our model can work within resource restrictions i.e. low power, memory and processing capabilities, to produce accurate results at a meaningful pace. It is built by creating layers of Long Short-Term Memory or Gated Recurrent Unit based cells, which are known for their excellent representation of sequential data. We designed a practical data science pipeline with Recurring Neural Network to learn from the network packet behavior in order to identify whether it is normal or attack-oriented. The model evaluation is from deployment on actual edge node represented by Raspberry Pi using current cybersecurity dataset (UNSW2015). Our results demonstrate that in comparison to conventional DLM techniques, our model maintains a high testing accuracy of 99% even with lower resource utilization in terms of cpu and memory. In addition, it is nearly 3 times smaller in size than the state-of-art model and yet requires a much lower testing time.

In line with the rapid development of the Internet of Things (IoT) network, the challenges faced are ensuring the network performance is capable to support the communication of these IoT devices. As a result, the routing protocols can provide fast route discovery and network maintenance by considering the IoT network's resource constraints. This paper's main contributions are to identify compatible IoT routing protocol using qualitative method and factor that affect network performance. Routing Protocol for Low Power and Lossy Networks (RPL) is a proactive distance- vector routing protocol designed as a proposed standard to meet the requirements of the Low Power and Lossy Networks (LLN). In this project, four influential factors on the performance of RPL in Contiki OS are examined using the Cooja simulator and then RPL performance is assessed in terms of Packet Delivery Ratio (PDR), Energy consumption and Overhead control message for the network. The project provides an insight into the implications of traffic patterns, transmission ranges, network size and node mobility for different scenarios. The results of the simulation show that the PDR and overhead ratio increases proportional to transmission distances increases but decreases while radio interference is increased. From the mobility aspect, PDR decreases by an average of 19.5% when the mobility nodes expand. On the other hand, energy consumption increases by an average of 63.7% and control message size increased up to 213% when the network consists of 40 percent of mobility nodes.

With rapid advancement of Smart Grid as well as Internet of Things (IoT), current power distribution communication network faces the challenges of satisfying the emerging data transmission requirements of ubiquitous secure coverage for distributed power services. This paper focuses on secure ubiquitous wireless communication solution for power distribution Internet of Things (PDİoT) in Smart Grid. Detailed secure ubiquitous wireless communication networking topology is presented, and integrated encryption and communication device is developed. The proposed solution supports several State Secret cryptographic algorithm including SM1/SM2/SM3/SM4 as well as forward and reverse isolation functions, thus achieving secure wireless communication for PDİoT services.

Recently, several Internet of Things Tools have been created, contributing to growing network loads. To refrain from IoT should use the idea of cognitive radio networks because of the lack of bandwidth. This article presents much of the research discusses the distribution of channels and preparation of packets when combining cognitive radio networks with IoT technology and we are further discussing the spectrum-based Features and heterogeneity in cognitive IoT Security. Surveying the research performed in this field reveals that the work performed is still developing. A variety of inventions and experiments are part of its initial phases.

Recently, information leakage accidents have been continuously occurring due to cyberattacks, and internal information leakage has also been occurring additionally. In this situation, many hacking accidents and DDoS attacks related to IoT are reported, and cyber threat detection field is expanding. Therefore, in this study, the trend related to the commercialization and generalization of IoT technology and the degree of standardization of IoT have been analyzed. Based on the reality of IoT analyzed through this process, research and analysis on what points are required in IoT security control was conducted, and then IoT security control strategy was presented. In this strategy, the IoT environment was divided into IoT device, IoT network/communication, and IoT service/platform in line with the basic strategic framework of 'Pre-response-accident response-post-response', and the strategic direction of security control was established suitable for each of them.

The Internet of Things (IoT) provides significant benefits for industry due to connect the devices together through the internet. Attribute-Based Encryption (ABE) is a technique can enforce an access control over data to guarantee the data security. In this paper, we propose an ABE scheme for data in industrial IoT. The scheme achieves both security and high performance. When there is a shared subpolicy among the access policies of a sensor, the scheme optimizes the encryption of the messages. Through analysis and simulation, we show that our solution is security and efficient.

Anonymity is an essential asset for a variety of communication systems, like humans' communication, the internet of things, and sensor networks. Establishing and maintaining such communication systems requires the exchange of information about their participants (called subjects). However, protecting anonymity reduces the availability of subject information, as these can be leveraged to break anonymity. Additionally, established techniques for providing anonymity often reduce the efficiency of communication networks. In this paper, we model four mechanisms to share routing information and discuss them with respect to their influence on anonymity and efficiency. While there is no ``one fits all'' solution, there are suitable trade-offs to establish routing information complying with the technical capabilities of the subjects. Distributed solutions like decentralized lookup tables reduce routing information in messages at the cost of local memory consumption; other mechanisms like multi-layer encrypted path information come with higher communication overhead but reduce memory consumption for each subject.

Internet of Things (IoT) and its applications are becoming commonplace with more devices, but always at risk of network security. It is therefore crucial for an IoT network design to identify attackers accurately, quickly and promptly. Many solutions have been proposed, mainly concerning secure IoT architectures and classification algorithms, but none of them have paid enough attention to reducing the complexity. Our proposal in this paper is an edge-cloud architecture that fulfills the detection task right at the edge layer, near the source of the attacks for quick response, versatility, as well as reducing the cloud's workload. We also propose a multi-attack detection mechanism called LCHA (Low-Complexity detection solution with High Accuracy) , which has low complexity for deployment at the edge zone while still maintaining high accuracy. The performance of our proposed mechanism is compared with that of other machine learning and deep learning methods using the most updated BoT-IoT data set. The results show that LCHA outperforms other algorithms such as NN, CNN, RNN, KNN, SVM, KNN, RF and Decision Tree in terms of accuracy and NN in terms of complexity.

With the rapid development of 5G, the Internet of Things (IoT) and edge computing technologies dramatically improve smart industries' efficiency, such as healthcare, smart agriculture, and smart city. IoT is a data-driven system in which many smart devices generate and collect a massive amount of user privacy data, which may be used to improve users' efficiency. However, these data tend to leak personal privacy when people send it to the Internet. Differential privacy (DP) provides a method for measuring privacy protection and a more flexible privacy protection algorithm. In this paper, we study an estimation problem and propose a new frequency estimation algorithm named MFEA that redesigns the publish process. The algorithm maps a finite data set to an integer range through a hash function, then initializes the data vector according to the mapped value and adds noise through the randomized response. The frequency of all interference data is estimated with maximum likelihood. Compared with the current traditional frequency estimation, our approach achieves better algorithm complexity and error control while satisfying differential privacy protection (LDP).

The Internet of Things (IoT) has been growing rapidly in recent years. With the appearance of 5G, it is expected to become even more indispensable to people's lives. In accordance with the increase of Distributed Denial-of-Service (DDoS) attacks from IoT devices, DDoS defense has become a hot research topic. DDoS detection mechanisms executed on routers and SDN environments have been intensely studied. However, these methods have the disadvantage of requiring the cost and performance of the devices. In addition, there is no existing DDoS mitigation algorithm on the network edge that can be performed with the low-cost and low-performance equipment. Therefore, this paper proposes a light-weight DDoS mitigation scheme at the network edge using limited resources of inexpensive devices such as home gateways. The goal of the proposed scheme is to detect and mitigate flooding attacks. It utilizes unused queue resources to detect malicious flows by random shuffling of queue allocation and discard the packets of the detected flows. The performance of the proposed scheme was confirmed via theoretical analysis and computer simulation. The simulation results match the theoretical results and the proposed algorithm can efficiently detect malicious flows using limited resources.

The construction of the power Internet of Things has led various terminals to access the corporate network on a large scale. The internal and external business interaction and data exchange are more extensive. The current security protection system is based on border isolation protection. This is difficult to meet the needs of the power Internet of Things connection and open shared services. This paper studies the application scheme of the ``zero trust'' typical business scenario of the power Internet of Things with ``Continuous Identity Authentication and Dynamic Access Control'' as the core, and designs the power internet security protection architecture based on zero trust.

Controller Area Network is the bus standard that works as a central system inside the vehicles for communicating in-vehicle messages. Despite having many advantages, attackers may hack into a car system through CAN bus, take control of it and cause serious damage. For, CAN bus lacks security services like authentication, encryption etc. Therefore, an anomaly detection system must be integrated with CAN bus in vehicles. In this paper, we proposed an Artificial Neural Network based anomaly detection method to identify illicit messages in CAN bus. We trained our model with two types of attacks so that it can efficiently identify the attacks. When tested, the proposed algorithm showed high performance in detecting Denial of Service attacks (with accuracy 100%) and Fuzzy attacks (with accuracy 99.98%).

Modern embedded IoT devices are an attractive target for cyber attacks. For example, they can be used to disable entire factories and ask for ransom. Recovery of compromised devices is not an easy task, because malware can subvert the original software and make itself persistent. In addition, many embedded devices do not implement remote recovery procedures and, therefore, require manual intervention.Recent proposals from NIST and TCG define concepts and building blocks for cyber resilience: protection, detection and recovery. In this paper, we describe a system which allows implementing cyber resilient IoT devices that can be recovered remotely and timely. The proposed architecture consists of trusted data monitoring, local and remote attack detection, and enforced connections to remote services as building blocks for attack detection and recovery. Further, hardware- and software-based implementations of such a system are presented.

With the gradually popular high-speed wireless networks and 5G environments, the quality and reliability of network services will be suited for mobile vehicles. In addition to communicating information between vehicles, they can also communicate information with surrounding roadside equipment, pedestrians or traffic signs, and thus improve the road safety of passers-by.Recently, various countries have continuously invested in research on autonomous driving and unmanned vehicles. The open communication environment of the Internet of Vehicles in 5G will expose all personal information in the field of wireless networks. This research is based on the consideration of information security and personal data protection. We will focus on how to protect the real-time transmission of information between mobile vehicles to prevent from imbedding or altering important transmission information by unauthorized vehicles, drivers or passers-by participating in communications. Moreover, this research proposes a multi-level security key management agreement based on a dynamic M-tree structure for Internet of Vehicles to achieve flexible and scalable key management on large-scale Internet of Vehicles.

This paper considers a multivariate quickest detection problem with false data injection (FDI) attacks in internet of things (IoT) systems. We derive a sequential generalized likelihood ratio test (GLRT) for zero-mean Gaussian FDI attacks. Exploiting the fact that covariance matrices are positive, we propose strategies to detect positive semi-definite matrix additions rather than arbitrary changes in the covariance matrix. The distribution of the GLRT is only known asymptotically whereas quickest detectors deal with short sequences, thereby leading to loss of performance. Therefore, we use a finite-sample correction to reduce the false alarm rate. Further, we provide a numerical approach to estimate the threshold sequences, which are analytically intractable to compute. We also compare the average detection delay of the proposed detector for constant and varying threshold sequences. Simulations showed that the proposed detector outperforms the standard sequential GLRT detector.

With the spread of the Internet, various devices are now connected to it and the number of IoT devices is increasing. Data generated by IoT devices has traditionally been aggregated in the cloud and processed over time. However, there are two issues with using the cloud. The first is the response delay caused by the long distance between the IoT device and the cloud, and the second is the difficulty of implementing sufficient security measures on the IoT device side due to the limited resources of the IoT device at the end. To address these issues, fog computing, which is located in the middle between IoT devices and the cloud, has been attracting attention as a new network component. However, the risks associated with the introduction of fog computing have not yet been fully investigated. In this study, we conducted a risk assessment of fog computing, which is newly established to promote the use of IoT devices, and identified 24 risk factors. The main countermeasures include the gradual introduction of connected IoT connection protocols and security policy matching. We also demonstrated the effectiveness of the proposed risk measures by evaluating the risk values. The proposed risk countermeasures for fog computing should help us to utilize IoT devices in a safe and secure manner.

This paper proposes an anonymity based mechanism for providing privacy in IoT environment. Proposed scheme allows IoT entities to anonymously interacting and authenticating with each other, or even proving that they have trustworthy relationship without disclosing their identities. Authentication is based on an anonymous certificates mechanism where interacting IoT entities could unlinkably prove possession of a valid certificate without revealing any incorporated identity-related information, thereby preserving their privacy and thwarting tracking and profiling attacks. Through a security analysis, we demonstrate the reliability of our solution.