Biblio

Advances in technology have enabled tremendous progress in the development of a highly connected ecosystem of ubiquitous computing devices collectively called the Internet of Things (IoT). Ensuring the security of IoT devices is a high priority due to the sensitive nature of the collected data. Physically Unclonable Functions (PUFs) have emerged as critical hardware primitive for ensuring the security of IoT nodes. Malicious modeling of PUF architectures has proven to be difficult due to the inherently stochastic nature of PUF architectures. Extant approaches to malicious PUF modeling assume that a priori knowledge and physical access to the PUF architecture is available for malicious attack on the IoT node. However, many IoT networks make the underlying assumption that the PUF architecture is sufficiently tamper-proof, both physically and mathematically. In this work, we show that knowledge of the underlying PUF structure is not necessary to clone a PUF. We present a novel non-invasive, architecture independent, machine learning attack for strong PUF designs with a cloning accuracy of 93.5% and improvements of up to 48.31% over an alternative, two-stage brute force attack model. We also propose a machine-learning based countermeasure, discriminator, which can distinguish cloned PUF devices and authentic PUFs with an average accuracy of 96.01%. The proposed discriminator can be used for rapidly authenticating millions of IoT nodes remotely from the cloud server.

The heart of research pumps for analyzing risks in today's competitive business environment where big, massive computations are performed on interconnected devices pervasively. Advanced computing environments i.e. Cloud, big data and Internet of things are taken under consideration for finding and analyzing business risks developed from evolutionary, interoperable and digital devices communications with massive volume of data generated. Various risks in advanced computational environment have been identified in this research and are provided with risks mitigation strategies. We have also focused on how risk management affects these environments and how that effect can be mitigated for software and business quality improvement.

The evolution of smart automobiles and vehicles within the Internet of Things (IoT) - particularly as that evolution leads toward a proliferation of completely autonomous vehicles - has sparked considerable interest in the subject of vehicle/automotive security. While the attack surface is wide, there are patterns of exploitable vulnerabilities. In this study we reviewed, classified according to their attack surface and evaluated some of the common vehicle and infrastructure attack vectors identified in the literature. To remediate these attack vectors, specific technical recommendations have been provided as a way towards secure deployments of smart automobiles and transportation infrastructures.

Nowadays, a massive number of data, referred as big data, are being collected from social networks and Internet of Things (IoT), which are of tremendous value. Many deep learning-based methods made great progress in the extraction of knowledge of those data. However, the knowledge extraction of the law data poses vast challenges on the deep learning, since the law data usually contain the privacy information. In addition, the amount of law data of an institution is not large enough to well train a deep model. To solve these challenges, some privacy-preserving deep learning are proposed to capture knowledge of privacy data. In this paper, we review the emerging topics of deep learning for the feature learning of the privacy data. Then, we discuss the problems and the future trend in deep learning for privacy-preserving feature learning on law data.

This paper mainly focuses on presenting a novel attack detection system to thread out the risk issues in IoT. The presented attack detection system links the interconnection of DevOps as it creates the correlation between development and IT operations. Further, the presented attack detection model ensures the operational security of different applications. In view of this, the implemented system incorporates two main stages named Proposed Feature Extraction process and Classification. The data from every application is processed with the initial stage of feature extraction, which concatenates the statistical and higher-order statistical features. After that, these extracted features are supplied to classification process, where determines the presence of attacks. For this classification purpose, this paper aims to deploy the optimized Deep Belief Network (DBN), where the activation function is tuned optimally. Furthermore, the optimal tuning is done by a renowned meta-heuristic algorithm called Lion Algorithm (LA). Finally, the performance of proposed work is compared and proved over other conventional methods.

IoT middleware is an additional layer between IoT devices and the cloud applications that reduces computation and data handling on the cloud. In a typical IoT system model, middleware primarily connects to different IoT devices via IoT gateway. Device data stored on middleware is sensitive and private to a user. Middleware must have built-in mechanisms to address these issues, as well as the implementation of user authentication and access control. This paper presents the current methods used for access control on middleware and introduces Attribute-based encryption (ABE) on middleware for access control. ABE combines access control with data encryption for ensuring the integrity of data. In this paper, we propose Ciphertext-policy attribute-based encryption, abbreviated CP-ABE scheme on the middleware layer in the IoT system architecture for user access control. The proposed scheme is aimed to provide security and efficiency while reducing complexity on middleware. We have used the AVISPA tool to strengthen the proposed scheme.

Multi-authority attribute-based encryption (MA-ABE) is a promising technique to protect data privacy and achieve fine-grained access control in edge computing for Internet of Things (IoT). However, most of the existing MA-ABE schemes suffer from expensive computational cost in the encryption and decryption phases, which are not practical for resource constrained users in IoT. We propose a large-universe MA-CP-ABE scheme with online/offline encryption and outsourced decryption. In our scheme, most expensive encryption operations have been executed in the user's initialization phase by adding reusable ciphertext pool besides splitting the encryption algorithm to online encryption and offline encryption. Moreover, massive decryption operation are outsourced to the near edge server for reducing the computation overhead of decryption. The proposed scheme is proven statically secure under the q-DPBDHE2 assumption. The performance analysis results indicate that the proposed scheme is efficient and suitable for resource-constrained users in edge computing for IoT.

With the development of cloud computing technology in the Internet of Things (IoT), the trajectory privacy in location-based services (LBSs) has attracted much attention. Most of the existing work adopts point-to-point and centralized models, which will bring a heavy burden to the user and cause performance bottlenecks. Moreover, previous schemes did not consider both online and offline trajectory protection and ignored some hidden background information. Therefore, in this paper, we design a trajectory protection scheme based on fog computing and k-anonymity for real-time trajectory privacy protection in continuous queries and offline trajectory data protection in trajectory publication. Fog computing provides the user with local storage and mobility to ensure physical control, and k-anonymity constructs the cloaking region for each snapshot in terms of time-dependent query probability and transition probability. In this way, two k-anonymity-based dummy generation algorithms are proposed, which achieve the maximum entropy of online and offline trajectory protection. Security analysis and simulation results indicate that our scheme can realize trajectory protection effectively and efficiently.

With the current significant penetration of mobile devices (i.e. smartphones and tablets) and the tremendous increase in the number of the corresponding mobile applications, they have become an indispensable part of our lives. Nowadays, there is a significant growth in the number of sensitive applications such as personal health applications, personal financial applications, home monitoring applications, etc. In addition, with the significant growth of Internet-of-Things (IoT) devices, smartphones and the corresponding applications are widely considered as the Internet gateways for these devices. Mobile devices mostly use wireless LANs (WLANs) (i.e., WiFi networks) as the prominent network interface to the Internet. However, due to the broadcast nature of WiFi links, wireless traffics are exposed to any eavesdropping adversary within the WLAN. Despite WiFi encryption, studies show that application usage information could be inferred from the encrypted wireless traffic. The leakage of this sensitive information is very serious issue that will significantly impact users' privacy and security. In addressing this privacy concern, we design and develop a lightweight programmable privacy framework, called PrivacyGuard. PrivacyGuard is inspired by the vision of pushing the Software Defined Network (SDN)-like paradigm all the way to wireless network edge, is designed to support of adopting privacy preserving policies to protect the wireless communication of the sensitive applications. In this paper, we demonstrate and evaluate a prototype of PrivacyGuard framework on Android devices showing the flexibility and efficiency of the framework.

Artificial Intelligence (AI) can and does use individual's data to make predictions about their wants, their needs, their influences on them and predict what they could do. The use of individual's data naturally raises privacy concerns. This article focuses on AI, the privacy issue against the backdrop of the endless growth of the Digital Universe where Big Data, AI, Data Analytics and 5G Technology live and grow in The Internet of Things (IoT).

We aim at creating a society where we can resolve various social challenges by incorporating the innovations of the fourth industrial revolution (e.g. IoT, big data, AI, robot, and the sharing economy) into every industry and social life. By doing so the society of the future will be one in which new values and services are created continuously, making people's lives more conformable and sustainable. This is Society 5.0, a super-smart society. Security and privacy are key issues to be addressed to realize Society 5.0. Privacy-preserving data analytics will play an important role. In this talk we show our recent works on privacy-preserving data analytics such as privacy-preserving logistic regression and privacy-preserving deep learning. Finally, we show our ongoing research project under JST CREST “AI”. In this project we are developing privacy-preserving financial data analytics systems that can detect fraud with high security and accuracy. To validate the systems, we will perform demonstration tests with several financial institutions and solve the problems necessary for their implementation in the real world.

The edge and fog computing paradigms enable more responsive and smarter systems without relying on cloud servers for data processing and storage. This reduces network load as well as latency. Nonetheless, the addition of new layers in the network architecture increases the number of security vulnerabilities. In privacy-critical systems, the appearance of new vulnerabilities is more significant. To cope with this issue, we propose and implement an Ethereum Blockchain based architecture with edge artificial intelligence to analyze data at the edge of the network and keep track of the parties that access the results of the analysis, which are stored in distributed databases.

IoT devices introduce unprecedented threats into home and professional networks. As they fail to adhere to security best practices, they are broadly exploited by malicious actors to build botnets or steal sensitive information. Their adoption challenges established security standard as classic security measures are often inappropriate to secure them. This is even more problematic in sensitive environments where the presence of insecure IoTs can be exploited to bypass strict security policies. In this paper, we demonstrate an attack against a highly secured network using a Bluetooth smart bulb. This attack allows a malicious actor to take advantage of a smart bulb to exfiltrate data from an air gapped network.

IoT is evolving as a combination of interconnected devices over a particular network. In the proposed paper, we discuss about the security of IoT system in the wireless devices. IoT security is the platform in which the connected devices over the network are safeguarded over internet of things framework. Wireless devices play an eminent role in this kind of networks since most of the time they are connected to the internet. Accompanied by major users cannot ensure their end to end security in the IoT environment. However, connecting these devices over the internet via using IoT increases the chance of being prone to the serious issues that may affect the system and its data if they are not protected efficiently. In the proposed paper, the security of IoT in wireless devices will be enhanced by using ECC. Since the issues related to security are becoming common these days, an attempt has been made in this proposed paper to enhance the security of IoT networks by using ECC for wireless devices.

In Internet of Things (IoT) each object is addressable, trackable and accessible on the Internet. To be useful, objects in IoT co-operate and exchange information. IoT networks are open, anonymous, dynamic in nature so, a malicious object may enter into the network and disrupt the network. Trust models have been proposed to identify malicious objects and to improve the reliability of the network. Recommendations in trust computation are the basis of trust models. Due to this, trust models are vulnerable to bad mouthing and collusion attacks. In this paper, we propose a similarity model to mitigate badmouthing and collusion attacks and show that proposed method efficiently removes the impact of malicious recommendations in trust computation.

Internet of Things (IoT) is a fairly disruptive technology with inconceivable growth, impact, and capability. We present the role of REST API in the IoT Systems and some initial concepts of IoT, whose technology is able to record and count everything. We as well highlight the concept of middleware that connects these devices and cloud. The appearance of new IoT applications in the cloud has brought new threats to security and privacy of data. Therefore it is required to introduce a secure IoT system which doesn't allow attackers infiltration in the network through IoT devices and also to secure data in transit from IoT devices to cloud. We provide the details on how Representational State Transfer (REST) API allows to securely expose connected devices to applications on cloud and users. In the proposed model, middleware is primarily used to expose device data through REST and to hide details and act as an interface to the user to interact with sensor data.

Users can directly access and share information from portable devices such as a smartphone or an Internet of Things (IoT) device. However, to prevent them from becoming victims to launch cyber attacks, they must allow selective sharing based on roles of the users such as with the Ciphertext-Policy Attribute Encryption (CP-ABE) scheme. However, to match the resource constraints, the scheme must be efficient for storage. It must also protect the device from malicious users as well as allow uninterrupted access to valid users. This paper presents the CCA secure PROxy-based Scalable Revocation for Constant Cipher-text (C-PROSRCC) scheme, which provides scalable revocation for a constant ciphertext length CP-ABE scheme. The scheme has a constant number of pairings and computations. It can also revoke any number of users and does not require re-encryption or redistribution of keys. We have successfully implemented the C-PROSRCC scheme. The qualitative and quantitative comparison with related schemes indicates that C-PROSRCC performs better with acceptable overheads. C-PROSRCC is Chosen Ciphertext Attack (CCA) secure. We also present a case study to demonstrate the use of C-PROSRCC for mobile-based selective sharing of a family car.

Automotive systems are currently undergoing a rapid evolution through the integration of the Internet of Things (IoT) and Software Defined Networking (SDN) technologies. The main focus of this evolution is to improve the driving experience, including automated controls, intelligent navigation and safety systems. Moreover, the extremely rapid pace that such technologies are brought into the vehicles, necessitates the presence of adequate testing of new features to avoid operational errors. Apart from testing though, IoT and SDN technologies also widen the threat landscape of cyber-security risks due to the amount of connectivity interfaces that are nowadays exposed in vehicles. In this paper we present a new method, based on OMNET++, for testing new in-vehicle features and assessing security risks through network simulation. The method is demonstrated through a case-study on a Toyota Prius, whose network data are analyzed for the detection of anomalies caused from security threats or operational errors.

As the Internet of Things (IoT) continues to expand into every facet of our daily lives, security researchers have warned of its myriad security risks. While denial-of-service attacks and privacy violations have been at the forefront of research, covert channel communications remain an important concern. Utilizing a Bluetooth controlled light bulb, we demonstrate three separate covert channels, consisting of current utilization, luminosity and hue. To study the effectiveness of these channels, we implement exfiltration attacks using standard off-the-shelf smart bulbs and RGB LEDs at ranges of up to 160 feet. We analyze the identified channels for throughput, generality and stealthiness, and report transmission speeds of up to 832 bps.

The clear, social, and dark web have lately been identified as rich sources of valuable cyber-security information that -given the appropriate tools and methods-may be identified, crawled and subsequently leveraged to actionable cyber-threat intelligence. In this work, we focus on the information gathering task, and present a novel crawling architecture for transparently harvesting data from security websites in the clear web, security forums in the social web, and hacker forums/marketplaces in the dark web. The proposed architecture adopts a two-phase approach to data harvesting. Initially a machine learning-based crawler is used to direct the harvesting towards websites of interest, while in the second phase state-of-the-art statistical language modelling techniques are used to represent the harvested information in a latent low-dimensional feature space and rank it based on its potential relevance to the task at hand. The proposed architecture is realised using exclusively open-source tools, and a preliminary evaluation with crowdsourced results demonstrates its effectiveness.

In this paper, we design a model for resource allocation in IoT system considering the cyber security, to achieve optimal resource allocation when defend the attack and threat. The resource allocation problem is constructed as a dynamic game, where the threat level is the state and the defend cost is the objective function. Open loop solution and feedback solutions are both given to the defender as the optimal control variables under different solutions situations. The optimal allocated resource and the optimal threat level for the defender is simulated through the numerical simulations.

It is important to provide strong security for IoT devices with limited security related resources. We introduce a new dynamic security agent management framework, which dynamically chooses the best security agent to support security functions depending on the applications' security requirements of IoT devices in the system. This framework is designed to overcome the challenges including high computation costs, multiple security protocol compatibility, and efficient energy management in IoT system.

This paper presents an overview of the H2020 project VESSEDIA [9] aimed at verifying the security and safety of modern connected systems also called IoT. The originality relies in using Formal Methods inherited from high-criticality applications domains to analyze the source code at different levels of intensity, to gather possible faults and weaknesses. The analysis methods are mostly exhaustive an guarantee that, after analysis, the source code of the application is error-free. This paper is structured as follows: after an introductory section 1 giving some factual data, section 2 presents the aims and the problems addressed; section 3 describes the project's use-cases and section 4 describes the proposed approach for solving these problems and the results achieved until now; finally, section 5 discusses some remaining future work.

The progressed computational abilities of numerous asset compelled gadgets mobile phones have empowered different research zones including picture recovery from enormous information stores for various IoT applications. The real difficulties for picture recovery utilizing cell phones in an IoT situation are the computational intricacy and capacity. To manage enormous information in IoT condition for picture recovery a light-weighted profound learning base framework for vitality obliged gadgets. The framework initially recognizes and crop face areas from a picture utilizing Viola-Jones calculation with extra face classifier to take out the identification issue. Besides, the utilizes convolutional framework layers of a financially savvy pre-prepared CNN demonstrate with characterized highlights to speak to faces. Next, highlights of the huge information vault are listed to accomplish a quicker coordinating procedure for constant recovery. At long last, Euclidean separation is utilized to discover comparability among question and archive pictures. For exploratory assessment, we made a nearby facial pictures dataset it including equally single and gathering face pictures. In the dataset can be utilized by different specialists as a scale for examination with other ongoing facial picture recovery frameworks. The trial results demonstrate that our planned framework beats other cutting edge highlight extraction strategies as far as proficiency and recovery for IoT-helped vitality obliged stages.

The paper introduces a method of efficient partial firmware update with several advantages compared to common methods. The amount of data to transfer for an update is reduced, the energetic efficiency is increased and as the method is designed for over the air update, the radio spectrum occupancy is decreased. Herein described approach uses Lua scripting interface to introduce updatable fragments of invokable native code. This requires a dedicated memory layout, which is herein introduced. This method allows not only to distribute patches for deployed systems, but also on demand add-ons. At the end, the security aspects of proposed firmware update system is discussed and its limitations are presented.