Biblio

Nowadays, the emerging Internet-of-Things (IoT) emphasize the need for the security of network-connected devices. Additionally, there are two types of services in IoT devices that are easily exploited by attackers, weak authentication services (e.g., SSH/Telnet) and exploited services using command injection. Based on this observation, we propose IoTCMal, a hybrid IoT honeypot framework for capturing more comprehensive malicious samples aiming at IoT devices. The key novelty of IoTC-MAL is three-fold: (i) it provides a high-interactive component with common vulnerable service in real IoT device by utilizing traffic forwarding technique; (ii) it also contains a low-interactive component with Telnet/SSH service by running in virtual environment. (iii) Distinct from traditional low-interactive IoT honeypots[1], which only analyze family categories of malicious samples, IoTCMal primarily focuses on homology analysis of malicious samples. We deployed IoTCMal on 36 VPS1 instances distributed in 13 cities of 6 countries. By analyzing the malware binaries captured from IoTCMal, we discover 8 malware families controlled by at least 11 groups of attackers, which mainly launched DDoS attacks and digital currency mining. Among them, about 60% of the captured malicious samples ran in ARM or MIPs architectures, which are widely used in IoT devices.

The Internet of Things technology has been used in a wide range of fields, ranging from industrial applications to individual lives. As a result, a massive amount of sensitive data is generated and transmitted by IoT devices. Those data may be accessed by a large number of complex users. Therefore, it is necessary to adopt an encryption scheme with access control to achieve more flexible and secure access to sensitive data. The Ciphertext Policy Attribute-Based Encryption (CP-ABE) can achieve access control while encrypting data can match the requirements mentioned above. However, the long ciphertext and the slow decryption operation makes it difficult to be used in most IoT devices which have limited memory size and computing capability. This paper proposes a modified CP-ABE scheme, which can implement the full security (adaptive security) under the access structure of AND gate. Moreover, the decryption overhead and the length of ciphertext are constant. Finally, the analysis and experiments prove the feasibility of our scheme.

Despite the latest initiatives and research efforts to increase user privacy in digital scenarios, identity-related cybercrimes such as identity theft, wrong identity or user transactions surveillance are growing. In particular, blanket surveillance that might be potentially accomplished by Identity Providers (IdPs) contradicts the data minimization principle laid out in GDPR. Hence, user movements across Service Providers (SPs) might be tracked by malicious IdPs that become a central dominant entity, as well as a single point of failure in terms of privacy and security, putting users at risk when compromised. To cope with this issue, the OLYMPUS H2020 EU project is devising a truly privacy-preserving, yet user-friendly, and distributed identity management system that addresses the data minimization challenge in both online and offline scenarios. Thus, OLYMPUS divides the role of the IdP among various authorities by relying on threshold cryptography, thereby preventing user impersonation and surveillance from malicious or nosy IdPs. This paper overviews the OLYMPUS framework, including requirements considered, the proposed architecture, a series of use cases as well as the privacy analysis from the legal point of view.

There are various Lightweight Block Ciphers (LBC) nowadays that exist to meet the demand on security requirements of the current trend in computing world, the application in the resource-constrained devices, and the Internet of Things (IoT) technologies. One way to evaluate these LBCs is to conduct a performance analysis. Performance evaluation parameters seek appropriate value such as encryption time, security level, scalability, and flexibility. Like SIMECK block cipher whose algorithm design was anchored with the SIMON and SPECK block ciphers were efficient in security and performance, there is a need to revisit its design. This paper aims to present a comparative study on the performance analysis of the enhanced round function of the SIMECK Family block cipher. The enhanced ARX structure of the round function on the three variants shows an efficient performance over the original algorithm in different simulations using the following methods of measurement; avalanche effect, runtime performance, and brute-force attack. Its recommended that the enhanced round function of the SIMECK family be evaluated by different security measurements and attacks.

With increasing improvements in different areas, Internet control has been making prominent impacts in almost all areas of technology that has resulted in reasonable advances in every discrete field and therefore the industries too are proceeding to the field of IoT (Internet of Things), in which the communication among heterogeneous equipments is via Internet broadly. So imparting these advances of technology in the Power Station Plant sectors i.e. the power plants will be remotely controlled additional to remote monitoring, with no corporal place as a factor for controlling or monitoring. But imparting this technology the security factor needs to be considered as a basic and such methods need to be put into practice that the communication in such networks or control systems is defended against any third party interventions while the data is being transferred from one device to the other device through the internet (Unrestricted Channel). The paper puts forward exercising RSA,DES and AES encrypting schemes for the purpose of data encryption at the Data Link Layer i.e. before it is transmitted to the other device through Internet and as a result of this the security constraints are maintained. The records put to use have been supplied by NTPC, Dadri, India plus simulation part was executed employing MATLAB.

Internet of Things (IoT) have offered great opportunities for the growth of smart objects in the last decade. Smart devices are deployed in many fields such as smart cities, healthcare and agriculture. One of the applications of IoT is Wireless Sensor Networks (WSN) that require inexpensive and space-economic design for remote sensing and communication capabilities. This, unfortunately, lead to their inherent security vulnerabilities. Lightweight cryptography schemes are designed to counter many attacks in low-powered devices such as the IoT and WSN. These schemes can provide support for data encryption and key management while maintaining some level of efficiency. Most of these block ciphers provide good security. However, due to the complex cryptographic scheme's efficiency and optimisation is an issue. In this work, we focus on a new lightweight encryption scheme called the Klein block cipher. The algorithms of Klein block cipher are analysed for performance and security optimisations. A new algorithm which consists of 3-layer substitute box is proposed to reduce the need for resource consumption but maintain the security.

Compressive sensing (CS) is regarded as one of the promising solutions for IoT data encryption as it achieves simultaneous sampling, compression, and encryption. Theoretical work in the literature has proved that CS provides computational secrecy. It also provides asymptotic perfect secrecy for Gaussian sensing matrix with constraints on input signal. In this paper, we design an attack decoding algorithm based on block compressed sensing decoding algorithm to perform ciphertext-only attack on real-life time series IoT data. It shows that it is possible to retrieve vital information in the plaintext under some conditions. Furthermore, it is also applied to a State-of-the Art CS-based encryption scheme for smart grid, and the power profile is reconstructed using ciphertext-only attack. Additionally, the statistical analysis of Gaussian and Binomial measurements is conducted to investigate the randomness provided by them.

We propose a novel attestation architecture for the Internet of Things (IoT). Our distributed attestation network (DAN) utilizes blockchain technology to store and share device information. We present the design of this new attestation architecture as well as a prototype system chosen to emulate an IoT deployment with a network of Raspberry Pi, Infineon TPMs, and a Hyperledger Fabric blockchain.

IoT data marketplaces are being developed to help cities and communities create large scale IoT applications. Such data marketplaces let the IoT device owners sell their data to the application developers. Following this application development model, the application developers need not deploy their own IoT devices when developing IoT applications; instead, they can buy data from a data marketplace. In a marketplace-based IoT application, the application developers are making critical business and operation decisions using the data produced by seller's IoT devices. Under these circumstances, it is crucial to verify and validate the security of IoT devices.In this paper, we assess the security of IoT data marketplaces. In particular, we discuss what kind of vulnerabilities exist in IoT data marketplaces using the well-known STRIDE model, and present a security assessment and certification framework for IoT data marketplaces to help the device owners to examine the security vulnerabilities of their devices. Most importantly, our solution certifies the IoT devices when they connect to the data marketplace, which helps the application developers to make an informed decision when buying and consuming data from a data marketplace. To demonstrate the effectiveness of the proposed approach, we have developed a proof-of-concept using I3 (Intelligent IoT Integrator), which is an open-source IoT data marketplace developed at the University of Southern California, and IoTcube, which is a vulnerability detection toolkit developed by researchers at Korea University. Through this work, we show that it is possible to increase the reliability of a IoT data marketplace while not damaging the convenience of the users.

IoT and big data are energetic technology of the world for quite a time, and both of these have become a necessity. On the one side where IoT is used to connect different objectives via the internet, the big data means having a large number of the set of structured, unstructured, and semi-structured data. The device used for processing based on the tools used. These tools help provide meaningful information used for effective management in different domains. Some of the commonly faced issues with the inadequate about the technologies are related to data privacy, insufficient analytical capabilities, and this issue is faced by in different domains related to the big data. Data analytics tools help discover the pattern of data and consumer preferences which is resulting in better decision making for the organizations. The major part of this work is to review different types of data analytics techniques for the effective management of big data using IoT. For the effective management of the ABD solution collection, analysis and control are used as the components. Each of the ingredients is described to find an effective way to manage big data. These components are considered and used in the validation criteria. The solution of effective data management is a stage towards the management of big data in IoT devices which will help the user to understand different types of elements of data management.

The growth of IoT devices during the last decade has led to the development of smart ecosystems, such as smart homes, prone to cyberattacks. Traditional security methodologies support to some extend the requirement for preserving privacy and security of such deployments, but their centralized nature in conjunction with low computational capabilities of smart home gateways make such approaches not efficient. Last achievements on blockchain technologies allowed the use of such decentralized architectures to support cybersecurity defence mechanisms. In this work, a blockchain framework is presented to support the cybersecurity mechanisms of smart homes installations, focusing on the immutability of users and devices that constitute such environments. The proposed methodology provides also the appropriate smart contracts support for ensuring the integrity of the smart home gateway and IoT devices, as well as the dynamic and immutable management of blocked malicious IPs. The framework has been deployed on a real smart home environment demonstrating its applicability and efficiency.

This paper proposes a deep learning-based white-hat worm launcher in Botnet Defense System (BDS). BDS uses white-hat botnets to defend an IoT system against malicious botnets. White-hat worm launcher literally launches white-hat worms to create white-hat botnets according to the strategy decided by BDS. The proposed launcher learns with deep learning where is the white-hat worms' right place to successfully drive out malicious botnets. Given a system situation invaded by malicious botnets, it predicts a worms' placement by the learning result and launches them. We confirmed the effect of the proposed launcher through simulating evaluation.

In today's world privacy is paramount in everyone's life. Alongside the growth of IoT (Internet of things), wearable devices are becoming widely popular for real-time user monitoring and wise service support. However, in contrast with the traditional short-range communications, these resource-scanty devices face various vulnerabilities and security threats during the course of interactions. Hence, designing a security solution for these devices while dealing with the limited communication and computation capabilities is a challenging task. In this work, PUF (Physical Unclonable Function) and lightweight cryptographic parameters are used together for performing two-way authentication between wearable devices and smartphone, while the simultaneous verification is performed by providing yoking-proofs to the Cloud Server. At the end, it is shown that the proposed scheme satisfies many security aspects and is flexible as well as lightweight.

The developments made in IoT applications have made wearable devices a popular choice for collecting user data to monitor this information and provide intelligent service support. Since wearable devices are continuously collecting and transporting a user's sensitive data over the network, there exist increased security challenges. Moreover, wearable devices lack the computation capabilities in comparison to traditional short-range communication devices. In this paper, authors propounded a Yoking Proof based remote Authentication scheme for Cloud-aided Wearable devices (YPACW) which takes PUF and cryptographic functions and joins them to achieve mutual authentication between the wearable devices and smartphone via a cloud server, by performing the simultaneous verification of these devices, using the established yoking-proofs. Relative to Liu et al.'s scheme, YPACW provides better results with the reduction of communication and processing cost significantly.

Blockchain will increase supply chains' productivity and accountability, and have a positive effect on anything from warehousing to distribution to payment. To bridge the supply chain visibility gap, blockchain is being deployed because of its security features like immutability, tamper-resistant and hash proof. Blockchain integration with IoT increases the traceability and verifiability of the supply chain management and drastically eradicates the fraudulent activities including bribery, money laundering, forged checks, sanction violations, misrepresentation of goods and services. Blockchain can help to cross-check the verification, identification and authenticity of IoT devices to reduce the frequency and ramifications of fraud in supply chain management. The epidemic outbreak of SARS-CoV-2 has disrupted many global supply chains. The Geneva-based World Economic Forum declared that SARS-CoV-2 exposed supply chain failures can be tackled by blockchain technology. This paper explores the modern methodologies of supply chain management with integration of blockchain and IoT.

Convergence of critical infrastructure and data, including government and enterprise, to the dynamic Internet of Things (IoT) environment and future digital ecosystems exhibit significant challenges for privacy and identity in these interconnected domains. There are an increasing variety of devices and technologies being introduced, rendering existing security tools inadequate to deal with the dynamic scale and varying actors. The IoT is increasingly data driven with user sovereignty being essential - and actors in varying scenarios including user/customer, device, manufacturer, third party processor, etc. Therefore, flexible frameworks and diverse security requirements for such sensitive environments are needed to secure identities and authenticate IoT devices and their data, protecting privacy and integrity. In this paper we present a review of the principles, techniques and algorithms that can be adapted from other distributed computing paradigms. Said review will be used in application to the development of a collaborative decision-making framework for heterogeneous entities in a distributed domain, whilst simultaneously highlighting privacy preserving issues in the IoT. In addition, we present our trust-based privacy preserving schema using Dempster-Shafer theory of evidence. While still in its infancy, this application could help maintain a level of privacy and nonrepudiation in collaborative environments such as the IoT.

Internet of Things (IoT) is a revolutionary expandable network which has brought many advantages, improving the Quality of Life (QoL) of individuals. However, IoT carries dangers, due to the fact that hackers have the ability to find security gaps in users' IoT devices, which are not still secure enough and hence, intrude into them for malicious activities. As a result, they can control many connected devices in an IoT network, turning IoT into Botnet of Things (BoT). In a botnet, hackers can launch several types of attacks, such as the well known attacks of Distributed Denial of Service (DDoS) and Man in the Middle (MitM), and/or spread various types of malicious software (malware) to the compromised devices of the IoT network. In this paper, we propose a novel hybrid Artificial Intelligence (AI)-powered honeynet for enhanced IoT botnet detection rate with the use of Cloud Computing (CC). This upcoming security mechanism makes use of Machine Learning (ML) techniques like the Logistic Regression (LR) in order to predict potential botnet existence. It can also be adopted by other conventional security architectures in order to intercept hackers the creation of large botnets for malicious actions.

Penetration testing, also known as Pen testing is usually performed by a testing professional in order to detect security threats involved in a system. Penetration testing can also be viewed as a fake cyber Security attack, done in order to see whether the system is secure and free of vulnerabilities. Penetration testing is widely used for testing both Network and Software, but somewhere it fails to make IoT more secure. In IoT the security risk is growing day-by-day, due to which the IoT networks need more penetration testers to test the security. In the proposed work an effort has been made to compile and aggregate the information regarding VAPT(Vulnerability Assessment and Penetrating Testing) in the area of IoT.

This paper investigates a secure data exchange between many small distributed consumers/prosumers and the aggregator in the process of energy balancing. It addresses the challenges of ensuring data exchange in a simple, scalable, and affordable way. The communication platform for data exchange is using Ethereum Blockchain technology. It provides a distributed ledger database across a distributed network, supports simple connectivity for new stakeholders, and enables many small entities to contribute with their flexible energy to the system balancing. The architecture of a simulation/emulation environment provides a direct connection of a relational database to the Ethereum network, thus enabling dynamic data management. In addition, it extends security of the environment with security mechanisms of relational databases. Proof-of-concept setup with the simulation of system balancing processes, confirms the suitability of the solution for secure data exchange in the market, operation, and measurement area. For the most intensive and space-consuming measurement data exchange, we have investigated data aggregation to ensure performance optimisation of required computation and space usage.

Existing methods for home security monitoring depend on expensive custom battery-powered solutions. In this article, we present a battery-free solution that leverages any off-the-shelf passive radio frequency identification (RFID) tag for real-time entry detection. Sensor consists of a printed RFID antenna on paper, coupled to a magnetic reed switch and is affixed on the door. Opening of the door triggers the reed switch causing RFID signal transmission detected by any off-the-shelf passive RFID reader. This paper shows simulation and experimental results for such magnetically-actuated RFID (or magRFID) opening sensor.

The massive boom of Internet of Things (IoT) has led to the explosion of smart IoT devices and the emergence of various applications such as smart cities, smart grids, smart mining, connected health, and more. While the proliferation of IoT systems promises many benefits for different sectors, it also exposes a large attack surface, raising an imperative need to put security in the first place. It is impractical to heavily rely on manual operations to deal with security of massive IoT devices and applications. Hence, there is a strong need for securing IoT systems with minimum human intervention. In light of this situation, in this paper, we envision security automation and orchestration for IoT systems. After conducting a comprehensive evaluation of the literature and having conversations with industry partners, we envision a framework integrating key elements towards this goal. For each element, we investigate the existing landscapes, discuss the current challenges, and identify future directions. We hope that this paper will bring the attention of the academic and industrial community towards solving challenges related to security automation and orchestration for IoT systems.

This paper describe most popular IoT protocols used for IoT embedded systems and research their advantage and disadvantage. Hardware stage used in this experiment is described in this article - it is used Esp32 and programming language C. It is very important to use corrected IoT protocol that is determines of purpose, hardware and software of system. There are so different IoT protocols, because they are cover vary requirements for vary cases.

Physical unclonable functions(PUFs) are widely used as hardware root-of-trust to secure IoT devices, data and services. A PUF exploits inherent randomness introduced during manufacturing to give a unique digital fingerprint. Static Random-Access Memory (SRAM) based PUFs can be used as a mature technology for authentication. An SRAM with a number of SRAM cells gives an unrepeatable and random pattern of 0's and 1's during power on. As it is a unique pattern, it can be called as SRAM fingerprint and can be used as a PUF. The chance of producing more number of same values (either zero or one) is higher during power on. If a particular value present at almost all the cell during power on, it will lead to the dominance of either zero or one in the cryptographic key sequence. As the cryptographic key is generated by randomly taking address location of SRAM cells, (the subset of power on values of all the SRAM cells)the probability of occurring the same sequence most of the time is higher. In order to avoid that situation, SRAM should have to produce an equal number of zeros and ones during power on. SRAM PUF is implemented in Cadence Virtuoso tool. To generate equal zeros and ones during power on, variations can be done in the physical dimensions and to increase the stability body biasing can be effectively done.

Internet of Things devices have spread to near ubiquity this decade. All around us now lies an invisible mesh of communication from devices embedded in seemingly everything. Inevitably some of that communication flying around our heads will contain data that must be protected or otherwise shielded from tampering. The responsibility to protect this sensitive information from malicious actors as it travels through the air then falls upon the standards used to communicate this data. Bluetooth Low Energy (BLE) is one of these standards, the aim of this paper is to put its security standards to test. By attempting to exploit its vulnerabilities we can see how secure this standard really is. In this paper, we present steps for analyzing the security of BLE devices using open-source hardware and software.

Artificial Intelligence (AI) can and does use individual's data to make predictions about their wants, their needs, their influences on them and predict what they could do. The use of individual's data naturally raises privacy concerns. This article focuses on AI, the privacy issue against the backdrop of the endless growth of the Digital Universe where Big Data, AI, Data Analytics and 5G Technology live and grow in The Internet of Things (IoT).