Biblio

To understand the future trend of network security, the field of network security began to introduce the concept of NSSA(Network Security Situation Awareness). This paper implements the situation assessment model by using game theory algorithms to calculate the situation value of attack and defense behavior. After analyzing the ant colony algorithm and the RBF neural network, the defects of the RBF neural network are improved through the advantages of the ant colony algorithm, and the situation prediction model based on the ant colony-RBF neural network is realized. Finally, the model was verified experimentally.

The Internet of Things (IoT) is a technology that allows connection between devices using the internet to collect and exchange data with each other. Privacy and security have become the most pressing issues in the IoT network, especially in the smart home. Nevertheless, there are still many smart home devices that have not implemented security and privacy policies. This study proposes a remote sensor control system built on ESP32 to implement a smart home through the Message Queuing Telemetry Transport(MQTT) protocol by applying the Advanced Encryption Standard (AES) algorithm with a 256-bit key. It addresses security issues in the smart home by encrypting messages sent from users to sensors. Besides ESP32, the system implementation also uses Raspberry Pi and smartphone with Android applications. The network was analyzed using Wireshark, and it showed that the message sent was encrypted. This implementation could prevent brute force attacks, with the result that it could guarantee the confidentiality of a message. Meanwhile, from several experiments conducted in this study, the difference in the average time of sending encrypted and unencrypted messages was not too significant, i.e., 20 ms.

The construction of the power Internet of Things has led various terminals to access the corporate network on a large scale. The internal and external business interaction and data exchange are more extensive. The current security protection system is based on border isolation protection. This is difficult to meet the needs of the power Internet of Things connection and open shared services. This paper studies the application scheme of the ``zero trust'' typical business scenario of the power Internet of Things with ``Continuous Identity Authentication and Dynamic Access Control'' as the core, and designs the power internet security protection architecture based on zero trust.

Anonymity is an essential asset for a variety of communication systems, like humans' communication, the internet of things, and sensor networks. Establishing and maintaining such communication systems requires the exchange of information about their participants (called subjects). However, protecting anonymity reduces the availability of subject information, as these can be leveraged to break anonymity. Additionally, established techniques for providing anonymity often reduce the efficiency of communication networks. In this paper, we model four mechanisms to share routing information and discuss them with respect to their influence on anonymity and efficiency. While there is no ``one fits all'' solution, there are suitable trade-offs to establish routing information complying with the technical capabilities of the subjects. Distributed solutions like decentralized lookup tables reduce routing information in messages at the cost of local memory consumption; other mechanisms like multi-layer encrypted path information come with higher communication overhead but reduce memory consumption for each subject.

This paper proposes an anonymity based mechanism for providing privacy in IoT environment. Proposed scheme allows IoT entities to anonymously interacting and authenticating with each other, or even proving that they have trustworthy relationship without disclosing their identities. Authentication is based on an anonymous certificates mechanism where interacting IoT entities could unlinkably prove possession of a valid certificate without revealing any incorporated identity-related information, thereby preserving their privacy and thwarting tracking and profiling attacks. Through a security analysis, we demonstrate the reliability of our solution.

Internet of things as a technology that connect internet and physical world has been implemented in many diverse fields and has been proven very useful and flexible. In every implementation of technology that involve internet, security must be a great concern, including the implementation of IoT technology. A lot of alternatives can be used to achieve security of IoT. Ming et al. has proposed novel signcryption scheme to secure IoT of monitoring health data. In this work, proposed signcryption scheme from Ming et al. has been successfully implemented using Raspberry Pi and ESP32 and has proven work in securing IoT data.

The maturity of intelligent transportation system, cloud computing and Internet of Things (IoT) technology has encouraged the rapid growth of vehicular ad-hoc networks (VANETs). Currently, vehicles are supposed to carry relatively more storage, on board computing facilities, increased sensing power and communication systems. In order to cope with real world demands such as low latency, low storage cost, mobility, etc., for the deployment of VANETs, numerous attempts have been taken to integrate fog-computing with VANETs. In the recent past, Ma et al. (IEEE Internet of Things, pp 2327-4662, 10. 1109/JIOT.2019.2902840) designed “An Efficient and Provably Secure Authenticated Key Agreement Protocol for Fog-Based Vehicular Ad-Hoc Networks”. Ma et al. claimed that their protocol offers secure communication in fog-based VANETs and is resilient against several security attacks. However, this comment demonstrates that their scheme is defenseless against vehicle-user impersonation attack and reveals secret keys of vehicle-user and fog-node. Moreover, it fails to offer vehicle-user anonymity and has inefficient login phase. This paper also gives some essential suggestions on strengthening resilience of the scheme, which are overlooked by Ma et al.

In this research we have explained to set up an Infrared Array Sensor system that is IOT based in order to provide security at remote location. We have tried to Establishment of cloud environment to host IOT application & Development of IOT Application using Asp.net with C\# programming platform. We have Integrated IOT with Infrared Array sensors in order to implement proposed work. In this research camera captures the external event and sent signal to Infrared grid array sensor. Internet of Things (IoT) would enable applications of utmost societal value including smart cities, smart grids & smart healthcare. For majority of such applications, strict dependability requirements are placed on IOT performance, & sensor data as well as actuator commands must be delivered reliably & timely.

This research work consists in to design a system of occupancy simulation in smart homes based on IoT, in order to create configurations within a home that make look like the daily behavior of home inhabitants. Due to the high rate of burglary in uninhabited places, reaching an 9% in average in 2019 in the Chilean case, technologies have been involved with greater emphasis on improving security systems, where the implementation of the Internet of Things will allow rapid action against the intruder detection in those places. The proposed IoT system is based on a motion sensor, actuators as relays and lights, Arduino platform to control system, and a Amazon Echo virtual assistant to interface with inhabitants. The main contribution of this prototype security system is the integration of different IoT (Adafruit, IFTTT) and control platforms (Arduino uno and NodeMCU), virtual assistant (Alexa) and actuators, which has features that can be replicated in larger processes and with a larger number of devices. The results demonstrate that security system create an environment occupied by owners without to be inside home, through sensors and actuators.

The evolution of power system as a smart grid (SG) not only has enhanced the monitoring and control capabilities of the power grid, but also raised its security concerns and vulnerabilities. With a boom in Internet of Things (IoT), a lot a sensors are being deployed across the grid. This has resulted in huge amount of data available for processing and analysis. Machine learning (ML) and deep learning (DL) algorithms are being widely used to extract useful information from this data. In this context, this paper presents a comprehensive literature survey of different ML and DL techniques that have been used in the smart grid cyber security area. The survey summarizes different type of cyber threats which today's SGs are prone to, followed by various ML and DL-assisted defense strategies. The effectiveness of the ML based methods in enhancing the cyber security of SGs is also demonstrated with the help of a case study.

Authentication and access control techniques are fundamental security elements to restrict access to critical resources in IoT environment. In the current state-of-the-art approaches in the literature, the architectures do not address the security features of authentication and access control together. Besides, they don't completely fulfill the key Internet-of-Things (IoT) features such as usability, scalability, interoperability and security. In this paper, we introduce a novel blockchain-based architecture for authentication and capability-based access control for IoT environment. A capability is a token which contains the access rights authorized to the device holding it. The architecture uses blockchain technology to carry out all the operations in the scheme. It does not embed blockchain technology into the resource-constrained IoT devices for the purpose of authentication and access control of the devices. However, the IoT devices and blockchain are connected by means of interfaces through which the essential communications are established. The authenticity of such interfaces are verified before any communication is made. Consequently, the architecture satisfies usability, scalability, interoperability and security features. We carried out security evaluation for the scheme. It exhibits strong resistance to threats like spoofing, tampering, repudiation, information disclosure, and Denial-of-Service (DoS). We also developed a proof of concept implementation where cost and storage overhead of blockchain transactions are studied.

Nowadays, the Internet of Things (IoT) is playing an important role in our life. This inevitably generates mass data and requires a more secure transmission. As blockchain technology can build trust in a distributed environment and ensure the data traceability and tamper resistance, it is a promising way to support IoT data transmission and sharing. In this paper, edge computing is considered to provide adequate resources for end users to offload computing tasks in the blockchain enabled IoT system, and the node pairing problem between end users and edge computing servers is researched with the consideration of wireless channel quality and the service quality. From the perspective of the end users, the objective optimization is designed to maximize the profits and minimize the payments for completing the tasks and ensuring the resource limits of the edge servers at the same time. The deep reinforcement learning (DRL) method is utilized to train an intelligent strategy, and the policy gradient based node pairing (PG-NP) algorithm is proposed. Through a deep neural network, the well-trained policy matched the system states to the optimal actions. The REINFORCE algorithm with baseline is applied to train the policy network. According to the training results, as the comparison strategies are max-credit, max-SINR, random and max-resource, the PG-NP algorithm performs about 57% better than the second-best method. And testing results show that PGNP also has a good generalization ability which is negatively correlated with the training performance to a certain extend.

The reliable distributed data storage system based on the Redundant Residue Number System (RRNS) is developed. The structure of the system, data splitting and recovery algorithms based on RRNS are developed. A study of the total time and time spent on converting ASCII-encoded data into a RRNS for files of various sizes is conducted. The research of data recovery time is conducted for the inverse transformation from RRNS to ASCII codes.

As the application of Internet of Things technology becomes more common, the security problems derived from it became more and more serious. Different from the traditional Internet, the security of the Internet of Things presented new features. This paper introduced the current situation of Internet of Things security, generalized the definitions of situation awareness and network security situation awareness, and finally discussed the methods of establishing security situational awareness of Internet of Things which provided some tentative solutions to the new DDoS attack caused by Internet of Things terminals.

The Internet of Things (IoT) has enabled the rapid pace of the use of communication technology and infiltration of technical systems in a digital world. In terms of power systems generation and operation, a reliable solution for substation automation and smart grid communication is the IEC 61850 standard. It has a robust modelling structure for monitoring, protection, and control and management systems in substations and across the grid. Modern communication technologies are destined for internet use for remote monitoring, settings, and data recovery. However, the communication network is exposed to cyber threats and evident risks in security defense of automated power systems. To tackle these vulnerabilities, the IEC 62351 standard aims to improve security in handling the communication and data transfers in power system automation. This paper discusses the different security measures in communication, information and cyber security solutions in power systems. To further illustrate the novel communication and security schemes of digital substations, a case study using the Victoria University Zone Substation (VUZS) simulator for cybersecurity assessment has been instigated.

IoT applications are quickly evolving in scope and objectives while their focus is being shifted toward supporting dynamic users’ requirements. IoT users initiate applications and expect quick and reliable deployment without worrying about the underlying complexities of the required sensing and routing resources. On the other hand, IoT sensing nodes, sinks, and gateways are heterogeneous, have limited resources, and require significant cost and installation time. Sensing network-level virtualization through virtual Sensing Networks (VSNs) could play an important role in enabling the formation of virtual groups that link the needed IoT sensing and routing resources. These VSNs can be initiated on-demand with the goal to satisfy different IoT applications’ requirements. In this context, we present a joint algorithm for IoT Sensing Resource Allocation with Dynamic Resource-Based Routing (SRADRR). The SRADRR algorithm builds on the current distinguished empowerment of sensing networks using recent standards like RPL and 6LowPAN. The proposed algorithm suggests employing the RPL standard concepts to create DODAG routing trees that dynamically adapt according to the available sensing resources and the requirements of the running and arriving applications. Our results and implementation of the SRADRR reveal promising enhancements in the overall applications deployment rate.

Software Defined Network (SDN) is a new paradigm in network architecture. The basic concept of SDN itself is to separate the control plane and forwarding plane explicitly. In the last few years, SDN technology has become one of the exciting topics for researchers, the development of SDN which was carried out, one of which was implementing the Internet of Things (IoT) devices in the SDN network architecture model. Mininet-IoT is developing the Mininet network emulator by adding virtualized IoT devices, 6LoWPAN based on wireless Linux standards, and 802.15.4 wireless simulation drivers. Mininet-IoT expands the Mininet code class by adding or modifying functions in it. This research will discuss the performance of the 6LoWPAN device on the internet of things (IoT) network by applying the SDN paradigm. We use the Mininet-IoT emulator and the Open Network Operating System (ONOS) controller using the internet of things (IoT) IPv6 forwarding. Performance testing by comparing some of the topologies of the addition of host, switch, and cluster. The test results of the two scenarios tested can be concluded; the throughput value obtained has decreased compared to the value of back-traffic traffic. While the packet loss value obtained is on average above 15%. Jitter value, delay, throughput, and packet loss are still in the category of enough, good, and very good based on TIPHON and ITU-T standards.

The standard routing technique that was developed for satisfying low power IoT application needs is RPL which is a protocol in compliance with 6LoWPAN specification. RPL was created for addressing the issues and challenges of constrained and lossy network routing. However, RPL does not accomplish efficiency with respect to power and reliability altogether which are definitely needed in IoT applications. RPL runs on routing metrics and objective function which determines the optimal path in routing. This paper focuses on contributing a comprehensive survey on the improved objective functions proposed by several researchers for RPL. In addition, the paper concentrates on highlighting the strengths and shortcomings of the different approaches in designing the objective function. The approaches built on Fuzzy logic are found to be more efficient and the relevant works related to these are compared. Furthermore, we present the insights drawn from the survey and summarize the challenges which can be effectively utilized for future works.

In line with the rapid development of the Internet of Things (IoT) network, the challenges faced are ensuring the network performance is capable to support the communication of these IoT devices. As a result, the routing protocols can provide fast route discovery and network maintenance by considering the IoT network's resource constraints. This paper's main contributions are to identify compatible IoT routing protocol using qualitative method and factor that affect network performance. Routing Protocol for Low Power and Lossy Networks (RPL) is a proactive distance- vector routing protocol designed as a proposed standard to meet the requirements of the Low Power and Lossy Networks (LLN). In this project, four influential factors on the performance of RPL in Contiki OS are examined using the Cooja simulator and then RPL performance is assessed in terms of Packet Delivery Ratio (PDR), Energy consumption and Overhead control message for the network. The project provides an insight into the implications of traffic patterns, transmission ranges, network size and node mobility for different scenarios. The results of the simulation show that the PDR and overhead ratio increases proportional to transmission distances increases but decreases while radio interference is increased. From the mobility aspect, PDR decreases by an average of 19.5% when the mobility nodes expand. On the other hand, energy consumption increases by an average of 63.7% and control message size increased up to 213% when the network consists of 40 percent of mobility nodes.

One of the attacks in the RPL protocol is the Clone ID attack, that the attacker clones the node's ID in the network. In this research, a Clone ID detection system is designed for the Internet of Things (IoT), implemented in Contiki operating system, and evaluated using the Cooja emulator. Our evaluation shows that the proposed method has desirable performance in terms of energy consumption overhead, true positive rate, and detection speed. The overhead cost of the proposed method is low enough that it can be deployed in limited-resource nodes. The proposed method in each node has two phases, which are the steps of gathering information and attack detection. In the proposed scheme, each node detects this type of attack using control packets received from its neighbors and their information such as IP, rank, Path ETX, and RSSI, as well as the use of a routing table. The design of this system will contribute to the security of the IoT network.

Wireless Sensor Network (WSN) is considered as the backbone of Internet of Things (IoT) networks. Authentication is the most important phase that guarantees secure access to such networks but it is more critical than that in traditional Internet because the communications are established between constrained devices that could not compute heavy cryptographic primitives. In this paper, we are studying with real experimentation the efficiency of HIP Diet EXchange header (HIP DEX) protocol over IPv6 over Low Power Wireless Personal Area Networks (6LoWPAN) in IoT. The adopted application layer protocol is Constrained Application Protocol (CoAP) and as a routing protocol, the Routing Protocol for Low power and lossy networks (RPL). The evaluation concerns the total End-to-End transmission delays during the authentication process between the communicating peers regarding the processing, propagation, and queuing times' overheads results. Most importantly, we propose an efficient handshake packets' compression header, and we detailed a comparison of the above evaluation's criteria before and after the proposed compression. Obtained results are very encouraging and reinforce the efficiency of HIP DEX in IoT networks during the handshake process of constrained nodes.

The Internet of Things (IoT) is an evolving network of billions of interconnected physical objects, such as, numerous sensors, smartphones, wearables, and embedded devices. These physical objects, generally referred to as the smart objects, when deployed in real-world aggregates useful information from their surrounding environment. As-of-late, this notion of IoT has been extended to incorporate the social networking facets which have led to the promising paradigm of the `Social Internet of Things' (SIoT). In SIoT, the devices operate as an autonomous agent and provide an exchange of information and services discovery in an intelligent manner by establishing social relationships among them with respect to their owners. Trust plays an important role in establishing trustworthy relationships among the physical objects and reduces probable risks in the decision making process. In this paper, a trust computational model is proposed to extract individual trust features in a SIoT environment. Furthermore, a machine learning-based heuristic is used to aggregate all the trust features in order to ascertain an aggregate trust score. Simulation results illustrate that the proposed trust-based model isolates the trustworthy and untrustworthy nodes within the network in an efficient manner.

With large scale generation and exchange of data between IoT devices and constrained IoT security to protect data communication, it becomes easy for attackers to compromise data routes. In IoT networks, IPv6 Routing Protocol is the de facto routing protocol for Low Power and Lossy Networks (RPL). RPL offers limited security against several RPL-specific and WSN-inherited attacks in IoT applications. Additionally, IoT devices are limited in memory, processing, and power to operate properly using the traditional Internet and routing security solutions. Several mitigation schemes for the security of IoT networks and routing, have been proposed including Machine Learning-based, IDS-based, and Trust-based approaches. In existing trust-based methods, mobility of nodes is not considered at all or its insufficient for mobile sink nodes, specifically for security against RPL attacks. This research work proposes a conceptual design, named SMTrust, for security of routing protocol in IoT, considering the mobility-based trust metrics. The proposed solution intends to provide defense against popular RPL attacks, for example, Blackhole, Greyhole, Rank, Version Number attacks, etc. We believe that SMTrust shall provide better network performance for attacks detection accuracy, mobility and scalability as compared to existing trust models, such as, DCTM-RPL and SecTrust-RPL. The novelty of our solution is that it considers the mobility metrics of the sensor nodes as well as the sink nodes, which has not been addressed by the existing models. This consideration makes it suitable for mobile IoT environment. The proposed design of SMTrust, as secure routing protocol, when embedded in RPL, shall ensure confidentiality, integrity, and availability among the sensor nodes during routing process in IoT communication and networks.

The article is devoted to the choice of personal means of the 5G defense in dependence of hard- and software available to the user. The universal module MS 127.04 and its software compatible unit can be universally configured for use. An intelligent hardware and software platform is proposed for multi-core setting of policies for the automatic encryption of confidential data and selective blocking related to the implementation of computing security and confidentiality of data transfer, using such additional specially. A platform that resists the external influences is described. The platform is based on a universal module MS 127.05 (produced in Russia), that is a heterogeneous multiprocessor system on a chip), the system features 16 processor cores (NeuroMatrix Core 4) and five ARM Cortex-A5 units (ULSI 1879VM8Ya.

In order to develop safety-reliable standards for IoT (Internet of Things) networks, appropriate tools for their verification are needed. Among them there is a group of tools based on automated symbolic analysis. Such a tool is Tamarin software. Its usage for creating formal proofs of security protocols correctness has been presented in this paper using the simple example of an exchange of messages with asynchronous encryption between two agents. This model can be used in sensor networks or IoT e.g. in TLS protocol to provide a mechanism for secure cryptographic key exchange.