Biblio

In recent years, with the rapid update of wireless communication technologies such as 5G and the Internet of Things, as well as the explosive growth of wireless intelligent devices, people's demand for radio spectrum resources is increasing, which leads spectrum scarcity is becoming more serious. To address the scarcity of spectrum, the Internet of Things based on cognitive radio (CR-IoT) has become an effective technique to enable IoT devices to reuse the spectrum that has been fully utilized. The frequency band information is transmitted through wireless communication in the CR-IoT network, so the node is easily to be eavesdropped or tampered with by attackers in the process of transmitting data, which leads to information leakage and wrong perception results. To deal with the security problem of channel data transmission, this paper proposes a chaotic compressed spectrum sensing algorithm. In this algorithm, the chaotic parameter package is utilized to generate the measurement matrix, which makes good use of the sensitivity of the initial value of chaotic system to improve the transmission security. And the introduction of the semi-tensor theory significantly reduces the dimension of the matrix that the secondary user needs to store. In addition, the semi-tensor compressed sensing is used in the fusion center for parallel reconstruction process, which effectively reduces the sensing time delay. The simulation results show that the chaotic compressed spectrum sensing algorithm can achieve faster, high-quality, and low-energy channel energy transmission.

Stress-related disorders are increasing because of work load, forces in teamwork, surroundings pressures and health related conditions. Thus, to avoid people living under heavy stress and develop more severe stress-related disorders, different internet and applications of stress management interventions are offered. Mobile applications with self-assessed health, burnout-scores and well-being are commonly used as outcome measures. Few studies have used sickleave to compare effects of stress interventions. A new approach is to use nature and garden in a multimodal stress management context. This study aimed to explore the effects of immersive and non-immersive games application by using nature theme virtual stress therapy in reducing stress level. Two weeks’ of experiments had involved 18 participants. Nine (9) of them were invited to join the first experiment which focused on immersive virtual reality (VR) experience. Their Blood Volume Pulse with Heart Rate (BVP+HR) and Skin Conductance (SC) were recorded using BioGraph Infiniti Biofeedback System that comes with three (3) sensors attached to the fingers. The second experiment were joined by another nine (9) participants. This experiment was testing on non-immersive desktop control experience. The same protocol measurements were taken which are BVP+HR and SC. Participants were given the experience to feel and get carried into the virtual nature as a therapy so that they will reduce stress. The result of this study points to whether immersive or non-immersive VR display using nature theme virtual therapy would reduce individuals stress level. After conducted series of experiments, results showed that both immersive and non-immersive VR display reduced stress level. However, participants were satisfied of using the immersive version as it provided a 360 degree of viewing, immersed experiences and feeling engaged. Thus, this showed and proved that applications developed with nature theme affect successfully reduce stress level no matter it is put in immersive or non-immersive display.

As more and more visible light communication (VLC) and visible light sensing (VLS) systems are mounted on today’s light fixtures, how to guarantee the authenticity of the visible light (VL) signal in these systems becomes an urgent problem. This is because almost all of today’s light fixtures are unprotected and can be openly accessed by almost anyone, and hence are subject to tampering and substitution attacks. In this paper, by exploiting the intrinsic linear superposition characteristics of visible light, we propose VL-Watchdog, a scalable and always-on signal-level spoofing detection framework that is applicable to both VLC and VLS systems. VL-Watchdog is based on redundant orthogonal encoding of the transmitted visible light, and can be implemented as a small hardware add-on to an existing VL system. The effectiveness of the proposed framework was validated through extensive numerical evaluations against a comprehensive set of factors.

In recent years, the underwater sensor network has emerged as a promising solution for a wide range of marine applications. The underwater wireless sensors are usually designed to operate in open water, where eavesdropping can be a serious issue. Existing work either utilizes cryptography that is computationally intensive or requires expensive hardware. In this paper, we present a coordinated multi-point transmission based protocol to improve network security. The proposed protocol dynamically pairs sensors for coordinated communications to undermine the eavesdroppers’ capability. Our preliminary results indicate that the underwater sensor network security can be enhanced using the proposed method, especially in applications where cryptography or special hardware are not suitable.

This paper proposes the modular power conversion systems based on an Universal Smart Power Module (USPM). In this concept, the Power Electronics Building Block (PEBB) is improved the flexibility and the expandability by integrating a high-speed power electronics controller, input/output filters among each USPM to realize the simplification of the power electronics design. The original point of USPM is that each power module operates independently because a high-speed power electronics controller is implemented on each power module. The power modules of PEBB are typically configured by the main power circuits and the gate driver. Therefore, the controller has to be designed specifically according to various applications although the advantages of PEBB are high flexibility and user-friendly. The contribution of USPM is the simplification of the system design including power electronics controller. On the other hand, autonomous distributed systems require the control method to suppress the interference in each module. In this paper, the configuration of USPM, example of the USPM system, and detail of the control method are introduced.

The papers in this special section focus on resilient control in large-scae networked cyber-physical systems. These papers deal with the opportunities offered by these emerging technologies to mitigate undesired phenomena arising when intentional jamming and false data injections, categorized as cyber-attacks, infer communication channels. Recent advances in sensing, communication and computing have open the door to the deployment of largescale networks of sensors and actuators that allow fine-grain monitoring and control of a multitude of physical processes and infrastructures. The appellation used by field experts for these paradigms is Cyber-Physical Systems (CPS) because the dynamics among computers, networking media/resources and physical systems interact in a way that multi-disciplinary technologies (embedded systems, computers, communications and controls) are required to accomplish prescribed missions. Moreover, they are expected to play a significant role in the design and development of future engineering applications such as smart grids, transportation systems, nuclear plants and smart factories.

This paper is about the estimation of the cyber-resilience of CPS. We define two new resilience estimation metrics: k-steerability and l-monitorability. They aim at assisting designers to evaluate and increase the cyber-resilience of CPS when facing stealthy attacks. The k-steerability metric reflects the ability of a controller to act on individual plant state variables when, at least, k different groups of functionally diverse input signals may be processed. The l-monitorability metric indicates the ability of a controller to monitor individual plant state variables with l different groups of functionally diverse outputs. Paired together, the metrics lead to CPS reaching (k,l)-resilience. When k and l are both greater than one, a CPS can absorb and adapt to control-theoretic attacks manipulating input and output signals. We also relate the parameters k and l to the recoverability of a system. We define recoverability strategies to mitigate the impact of perpetrated attacks. We show that the values of k and l can be augmented by combining redundancy and diversity in hardware and software, in order to apply the moving target paradigm. We validate the approach via simulation and numeric results.

Modern vehicles equipped with a large number of electronic components, sensors, actuators, and extensive connectivity, are the classical example of cyber-physical systems (CPS). Communication as an integral part of the CPS has enabled and offered many value-added services for vehicular networks. The communication mechanism helps to share contents with all vehicular network nodes and the surrounding environment, e.g., vehicles, traffic lights, and smart road signs, to efficiently take informed and smart decisions. Thus, it opens the doors to many security threats and vulnerabilities. Traditional TCP/IP-based communication paradigm focuses on securing the communication channel instead of the contents that travel through the network. Nevertheless, for content-centered application, content security is more important than communication channel security. To this end, named data networking (NDN) is one of the future Internet architectures that puts the contents at the center of communication and offers embedded content security. In this paper, we first identify the cyberattacks and security challenges faced by the vehicular CPS (VCPS). Next, we propose the NDN-based cyber-resilient, the layered and modular architecture for VCPS. The architecture includes the NDN's forwarding daemon, threat aversion, detection, and resilience components. A detailed discussion about the functionality of each component is also presented. Furthermore, we discuss the future challenges faced by the integration of NDN with VCPS to realize NDN-based VCPS.

Cyber-Physical Systems (CPS) underpin global critical infrastructure, including power, water, gas systems and smart grids. CPS, as a technology platform, is unique as a target for Advanced Persistent Threats (APTs), given the potentially high impact of a successful breach. Additionally, CPSs are targets as they produce significant amounts of heterogeneous data from the multitude of devices and networks included in their architecture. It is, therefore, essential to develop efficient privacy-preserving techniques for safeguarding system data from cyber attacks. This paper introduces a comprehensive review of the current privacy-preserving techniques for protecting CPS systems and their data from cyber attacks. Concepts of Privacy preservation and CPSs are discussed, demonstrating CPSs' components and the way these systems could be exploited by either cyber and physical hacking scenarios. Then, classification of privacy preservation according to the way they would be protected, including perturbation, authentication, machine learning (ML), cryptography and blockchain, are explained to illustrate how they would be employed for data privacy preservation. Finally, we show existing challenges, solutions and future research directions of privacy preservation in CPSs.

Distributed acoustic sensing (DAS) systems based on fiber brag grating (FBG) have been widely used for distributed temperature and strain sensing over the past years, and function well in perimeter security monitoring and structural health monitoring. However, with relevant algorithms functioning with low accuracy, the DAS system presently has trouble in signal recognition, which puts forward a higher requirement on a high-precision identification method. In this paper, we propose an improved recognition method based on relative fundamental signal processing methods and convolutional neural network (CNN) to construct a mathematical model of disturbance FBG signal recognition. Firstly, we apply short-time energy (STE) to extract original disturbance signals. Secondly, we adopt short-time Fourier transform (STFT) to divide a longer time signal into short segments. Finally, we employ a CNN model, which has already been trained to recognize disturbance signals. Experimental results conducted in the real environments show that our proposed algorithm can obtain accuracy over 96.5%.

The last couple of years have seen IoT-enabled sensors continuing to experience massive growth. Sensors have enhanced the possibility of large-scale IoT deployments in grid systems, vehicles, homes, and so forth. A network that incorporates different embedded systems has the underlying capability of transmitting information and receiving instructions through distributed sensor networks. Sensors are especially essential in gathering different pieces of information that relate to different IoT devices. However, security has become a critical concern for sensor networks that are enabled by the IoT. This is partly because of their design limitations like limited memory, weak processing capability, weak processing ability, and exposure to entities that are malicious. Even more, some ad hoc wireless sensor networks that are enabled by IoT are to some extent also prone to frequent changes in topology. This dynamic aspect tends to aggravate the security issues that are associated with sensors, thus enhancing the need to find a lasting solution. This paper sheds light on the IoT security requirements with special attention to issues related to sensors.

Smart grid (SG) network is one of the recently improved networks of tangled entities, objects, and smart metering infrastructure (SMI). It plays a vital part in sensing, acquiring, observing, aggregating, controlling, and dealing with various kinds of fields in SG. The SMI or advanced metering infrastructure (AMI) is proposed to make available a real-time transmissions connection among users and services are Time of use (TOU), Real time pricing (RTP), Critical Peak Pricing (CPP). In adding to, additional benefit of SMs is which are capable to report back to the service control center in near real time nontechnical losses (for instance, tampering with meters, bypassing meters, and illicit tapping into distribution systems). SMI supports two-way transmission meters reading electrical utilization at superior frequency. This data is treated in real time and signals send to manage demand. This paper expresses a transitory impression of cyberattack instances in customary energy networks and SMI. This paper presents cyber security attacks and countermeasures in Smart Grid Metering Network (SGMN). Based on the existing survey threat models, a number of proposed ways have been planned to deal with all threats in the formulation of the secrecy and privacy necessities of SG measurement network.

The emergence of the Internet of Things (IoT) is not only a global revolution in the information industry, but also brought tremendous changes to our lives. With the development of the technology and means of the IoT, information security issues have gradually emerged, and intrusion attacks have become one of the main problems of the IoT network security. The network layer of the IoT is the key connecting the platform and sensors or controllers of the IoT, and it is also the most standardized, the strongest and the most mature part of the whole physical network architecture. Its large-scale development has led to the network layer's security issues will receive more attention and face more challenges. This paper proposes an intrusion detection algorithm deployed on the network layer of the IoT, which uses the BPSO algorithm to extract features from the NSL-KDD dataset, and applies support vector machines (SVM) as the core model of the algorithm to detect and identify abnormal data, especially DoS attacks. Experimental results show that the model's detection rate of abnormal data and DoS attacks are significantly improved.

Fog Computing was envisioned to solve problems like high latency, mobility, bandwidth, etc. that were introduced by Cloud Computing. Fog Computing has enabled remotely connected IoT devices and sensors to be managed efficiently. Nonetheless, the Fog-Cloud paradigm suffers from various security and privacy related problems. Blockchain ensures security in a trustless way and therefore its applications in various fields are increasing rapidly. In this work, we propose a Fog-Cloud architecture that enables Blockchain to ensure security, scalability, and privacy of remotely connected IoT devices. Furthermore, our proposed architecture also efficiently manages common problems like ever-increasing latency and energy consumption that comes with the integration of Blockchain in Fog-Cloud architecture.

Internet of Things (IoT) devices use different types of media and protocols to communicate to Internet, but security is compromised since the devices are not using encryption, authentication and integrity. Virtual Private Network of Things (VPNoT) is a new technology designed to create end to end encrypted tunnels for IoT devices, in this case, the VPNoT device is based on OpenVPN that provides confidentiality and integrity, also based on Raspberry Pi as the hardware and Linux as the operating system, both provide connectivity using different types of media to access Internet and network management. IoT devices and sensors can be connected to the VPNoT device so an encrypted tunnel is created to an IoT Server. VPNoT device uses a profile generated by the server, then all devices form a virtual private network (VPN). VPNoT device can act like a router when necessary and this environment works for IPv6 and IPv4 with a great advantage that OpenVPN traverses NAT permitting private IoT servers be accessible to the VPN. The annual cost of the improvement is about \$455 USD per year for 10 VPNoT devices.

Supervisory Control and Data Acquisition (SCADA) and Distributed Control Systems (DCS) use advanced computing, sensors, control systems, and communication networks to monitor and control industrial processes and distributed assets. The increased connectivity of these systems to corporate networks has exposed them to new security threats and made them a prime target for cyber-attacks with the potential of causing catastrophic economic, social, and environmental damage. Recent intensified sophisticated attacks on these systems have stressed the importance of methodologies and tools to assess the security risks of Industrial Control Systems (ICS). In this paper, we propose a novel game theory model and Monte Carlo simulations to assess the cybersecurity risks of an exemplary industrial control system under realistic assumptions. We present five game enrollments where attacker and defender agents make different preferences and we analyze the final outcome of the game. Results show that a balanced defense with uniform budget spending is the best strategy against a look-ahead attacker.

Internet of Things (IoT) revolutionizes cutting-edge technologies by enabling smart sensing, and actuation of the physical world. IoT enables cooperation between numerous heterogeneous smart devices to exchange and aggregate data from the surrounding environment through the internet. Recently, the range of IoT technology could be utilized in the real world by the rapid spread of sensor devices. These capabilities open the door for vital challenges. Security is the major challenge that faces the IoT networks. Traditional solutions cannot tackle smart and powerful attackers. Moving Target Defense (MTD) deploys mechanisms and strategies that increase attackers' uncertainty and frustrate their attempt to eavesdrop the target to be protected. In addition, Steganography is the practice of concealing a message within another message. For security proposes, Steganography is used to hide significant data within any transmitted messages, such as images, videos, and text files. This paper presents Stegano-MTD framework that enables combination between MTD mechanisms with steganography. This combination offers a lightweight solution that can be implemented on the IoT network. Stegano-MTD slices the message into small labeled chunks and sends them randomly through the network's nodes. Steganography is used for hide the key file that used to reconstruct the original data. Simulation results show the effectiveness of the presented solution.

Due to the computing capability limitation of the Internet of things devices in the perception layer, the traditional security solutions are difficult to be used directly. How to design a new lightweight, secure and reliable protocol suitable for the Internet of Things application environment, and realize the secure transmission of information among many sensing checkpoints is an urgent problem to be solved. In this paper, we propose a decentralized lightweight authentication key protocol based on the combination of public key and trusted computing technology, which is used to establish secure communication between nodes in the perception layer. The various attacks that the protocol may suffer are analyzed, and the formal analysis method is used to verify the security of the protocol. To verify the validity of the protocol, the computation and communication cost of the protocol are compared with the existing key protocols. And the results show that the protocol achieved the promised performance.

Mobile Ad-hoc Networks (MANET) is an autonomous network consisting of movable devices that can form a network using wireless media. MANET routing protocols can be used for selecting an efficient and shortest path for data transmission between nodes in a smart environment formed by the Internet of Things (IoT). Networking in such MANET-enabled IoT system is based on the routing protocols of MANET, data sensing from things, and data handling and processing using IoT. This paper studies proactive approach-based secure routing protocols for MANET-enabled IoT and analyses these protocols to identify security issues in it. Since this fusion network is resource-constrained in nature, each of the studied protocol is evaluated to check if it is lightweight or not. Also, the solution to defend against active attacks in this network is discussed.

Resilience has been defined as a priority for the US critical infrastructure. This paper presents a process for incorporating resiliency-derived metrics into security system evaluations. To support this analysis, we used a multi-layer network model (MLN) reflecting the defined security system of a hypothetical nuclear power plant to define what metrics would be useful in understanding a system’s ability to absorb perturbation (i.e., system resilience). We defined measures focusing on the system’s criticality, rapidity, diversity, and confidence at each network layer, simulated adversary path, and the system as a basis for understanding the system’s resilience. For this hypothetical system, our metrics indicated the importance of physical infrastructure to overall system criticality, the relative confidence of physical sensors, and the lack of diversity in assessment activities (i.e., dependence on human evaluations). Refined model design and data outputs will enable more nuanced evaluations into temporal, geospatial, and human behavior considerations. Future studies can also extend these methodologies to capture respond and recover aspects of resilience, further supporting the protection of critical infrastructure.

In recent years, the Internet-of-Things (IoT)-based traffic management system (ITMS) has attracted the attention of researchers from different fields, such as the automotive industry, academia and traffic management, due to its ability to enhance road safety and improve traffic efficiency. ITMS uses the Vehicle Ad-hoc Network (VANET) to communicate messages about traffic conditions or the event on the route to ensure the safety of the commuter. ITMS uses wireless communication technology for communication between different devices. Wireless communication has challenges to privacy and security. Challenges such as confidentiality, authentication, integrity, non-repudiation, identity, trust are major concerns of either security or privacy or both. This paper discusses the features of the traffic system, the features of the traffic management system (TMS) and the features of IoT that can be used in TMS with its challenges. Further, this paper analyses the work done in the last few years with the future scope of IoT in the TMS.

Drone based applications have progressed significantly in recent years across many industries, including agriculture. This paper proposes a sporadically connected cyber-physical system for assisting winemakers and minimizing the travel time to remote and poorly connected infrastructures. A set of representative diseases and conditions, which will be monitored by land-bound sensors in combination with multispectral images, is identified. To collect accurate data, a trustworthy and secured communication of the drone with the sensors and the base station should be established. We propose to use an Internet of Things framework for establishing a chain of trust by securely onboarding drones, sensors and base station, and providing self-adaptation support for the use case. Furthermore, we perform a security analysis of the use case for identifying potential threats and security controls that should be in place for mitigating them.

This note studies self-triggered tracking control of underactuated surface vessels considering both unknown model dynamics and stochastic noise, where the measured states in the sensors are intermittently transmitted to the controller decided by the triggering condition. While the multi-layer neural network (NN) serves to approximate the unknown model dynamics, a self-triggered adaptive neural model is fabricated to direct the design of control laws. This setup successfully solves the ``jumps of virtual control laws'' problem, which occurs when combining the event-triggered control (ETC) with the backstepping method, seeing [1]–[4]. Moreover, the adaptive model can act as the filter of states, such that the complicated analysis and control design to eliminate the detrimental influence of stochastic noise is no longer needed. Released from the continuous monitoring of the controller, the devised triggering condition is located in the sensors and designed to meet the requirement of stability. All the estimation errors and the tracking errors are proved to be exponentially mean-square (EMS) bounded. Finally, a numerical experiment is conducted to corroborate the proposed strategy.

Due to the low power of electromagnetic radiation (EMR), EM convert channel has been widely considered as a short-range attack that can be easily mitigated by shielding. This paper overturns this common belief by demonstrating how covert EM signals leaked from typical laptops, desktops and servers are decoded from hundreds of meters away, or penetrate aggressive shield previously considered as sufficient to ensure emission security. We achieve this by designing EMLoRa – a super resilient EM covert channel that exploits memory as a LoRa-like radio. EMLoRa represents the first attempt of designing an EM covert channel using state-of-the-art spread spectrum technology. It tackles a set of unique challenges, such as handling complex spectral characteristics of EMR, tolerating signal distortions caused by CPU contention, and preventing adversarial detectors from demodulating covert signals. Experiment results show that EMLoRa boosts communication range by 20x and improves attenuation resilience by up to 53 dB when compared with prior EM covert channels at the same bit rate. By achieving this, EMLoRa allows an attacker to circumvent security perimeter, breach Faraday cage, and localize air-gapped devices in a wide area using just a small number of inexpensive sensors. To countermeasure EMLoRa, we further explore the feasibility of uncovering EMLoRa's signal using energy- and CNN-based detectors. Experiments show that both detectors suffer limited range, allowing EMLoRa to gain a significant range advantage. Our results call for further research on the countermeasure against spread spectrum-based EM covert channels.

The maturity of intelligent transportation system, cloud computing and Internet of Things (IoT) technology has encouraged the rapid growth of vehicular ad-hoc networks (VANETs). Currently, vehicles are supposed to carry relatively more storage, on board computing facilities, increased sensing power and communication systems. In order to cope with real world demands such as low latency, low storage cost, mobility, etc., for the deployment of VANETs, numerous attempts have been taken to integrate fog-computing with VANETs. In the recent past, Ma et al. (IEEE Internet of Things, pp 2327-4662, 10. 1109/JIOT.2019.2902840) designed “An Efficient and Provably Secure Authenticated Key Agreement Protocol for Fog-Based Vehicular Ad-Hoc Networks”. Ma et al. claimed that their protocol offers secure communication in fog-based VANETs and is resilient against several security attacks. However, this comment demonstrates that their scheme is defenseless against vehicle-user impersonation attack and reveals secret keys of vehicle-user and fog-node. Moreover, it fails to offer vehicle-user anonymity and has inefficient login phase. This paper also gives some essential suggestions on strengthening resilience of the scheme, which are overlooked by Ma et al.