Biblio

Found 560 results

Filters: Keyword is Internet of Things  [Clear All Filters]
2020-03-23
Choi, Jungyong, Shin, WoonSeob, Kim, Jonghyun, Kim, Ki-Hyung.  2020.  Random Seed Generation For IoT Key Generation and Key Management System Using Blockchain. 2020 International Conference on Information Networking (ICOIN). :663–665.
Recently, the Internet of Things (IoT) is growing rapidly. IoT sensors are attached to various devices, and information is detected, collected and utilized through various wired and wireless communication environments. As the IoT is used in various places, IoT devices face a variety of malicious attacks such as MITM and reverse engineering. To prevent these, encryption is required for device-to-device communication, and keys required for encryption must be properly managed. We propose a scheme to generate seed needed for key generation and a scheme to manage the public key using blockchain.
2020-05-08
Bolla, R., Carrega, A., Repetto, M..  2019.  An abstraction layer for cybersecurity context. 2019 International Conference on Computing, Networking and Communications (ICNC). :214—218.
The growing complexity and diversification of cyber-attacks are largely reflected in the increasing sophistication of security appliances, which are often too cumbersome to be run in virtual services and IoT devices. Hence, the design of cyber-security frameworks is today looking at more cooperative models, which collect security-related data from a large set of heterogeneous sources for centralized analysis and correlation.In this paper, we outline a flexible abstraction layer for access to security context. It is conceived to program and gather data from lightweight inspection and enforcement hooks deployed in cloud applications and IoT devices. We also provide a preliminary description of its implementation, by reviewing the main software components and their role.
2020-03-16
Radoglou-Grammatikis, Panagiotis, Sarigiannidis, Panagiotis, Giannoulakis, Ioannis, Kafetzakis, Emmanouil, Panaousis, Emmanouil.  2019.  Attacking IEC-60870-5-104 SCADA Systems. 2019 IEEE World Congress on Services (SERVICES). 2642-939X:41–46.
The rapid evolution of the Information and Communications Technology (ICT) services transforms the conventional electrical grid into a new paradigm called Smart Grid (SG). Even though SG brings significant improvements, such as increased reliability and better energy management, it also introduces multiple security challenges. One of the main reasons for this is that SG combines a wide range of heterogeneous technologies, including Internet of Things (IoT) devices as well as Supervisory Control and Data Acquisition (SCADA) systems. The latter are responsible for monitoring and controlling the automatic procedures of energy transmission and distribution. Nevertheless, the presence of these systems introduces multiple vulnerabilities because their protocols do not implement essential security mechanisms such as authentication and access control. In this paper, we focus our attention on the security issues of the IEC 60870-5-104 (IEC-104) protocol, which is widely utilized in the European energy sector. In particular, we provide a SCADA threat model based on a Coloured Petri Net (CPN) and emulate four different types of cyber attacks against IEC-104. Last, we used AlienVault's risk assessment model to evaluate the risk level that each of these cyber attacks introduces to our system to confirm our intuition about their severity.
2020-01-13
Yugha, R., Chithra, S..  2019.  Attribute Based Trust Evaluation for Secure RPL Protocol in IoT Environment. 2019 International Conference on Vision Towards Emerging Trends in Communication and Networking (ViTECoN). :1–7.
Internet of Things (IoT) is an advanced automation technology and analytics systems which connected physical objects that have access through the Internet and have their unique flexibility and an ability to be suitable for any environment. There are some critical applications like smart health care system, in which the data collection, sharing and routing through IoT has to be handled in sensitive way. The IPv6 Routing Protocol for LL(Low-power and Lossy) networks (RPL) is the routing protocols to ensure reliable data transfer in 6LOWPAN networks. However, RPL is vulnerable to number of security attacks which creates a major impact on energy consumption and memory requirements which is not suitable for energy constraint networks like IoT. This requires secured RPL protocol to be used for critical data transfer. This paper introduces a novel approach of combining a lightweight LBS (Location Based Service) authentication and Attribute Based Trust Evaluation (ABTE). The algorithm has been implemented for smart health care system and analyzed how its perform in the RPL protocol for IoT constrained environments.
2020-03-09
Nadir, Ibrahim, Ahmad, Zafeer, Mahmood, Haroon, Asadullah Shah, Ghalib, Shahzad, Farrukh, Umair, Muhammad, Khan, Hassam, Gulzar, Usman.  2019.  An Auditing Framework for Vulnerability Analysis of IoT System. 2019 IEEE European Symposium on Security and Privacy Workshops (EuroS PW). :39–47.
Introduction of IoT is a big step towards the convergence of physical and virtual world as everyday objects are connected to the internet nowadays. But due to its diversity and resource constraint nature, the security of these devices in the real world has become a major challenge. Although a number of security frameworks have been suggested to ensure the security of IoT devices, frameworks for auditing this security are rare. We propose an open-source framework to audit the security of IoT devices covering hardware, firmware and communication vulnerabilities. Using existing open-source tools, we formulate a modular approach towards the implementation of the proposed framework. Standout features in the suggested framework are its modular design, extensibility, scalability, tools integration and primarily autonomous nature. The principal focus of the framework is to automate the process of auditing. The paper further mentions some tools that can be incorporated in different modules of the framework. Finally, we validate the feasibility of our framework by auditing an IoT device using proposed toolchain.
2020-02-10
Bansal, Bhawana, Sharma, Monika.  2019.  Client-Side Verification Framework for Offline Architecture of IoT. 2019 3rd International conference on Electronics, Communication and Aerospace Technology (ICECA). :1044–1050.
Internet of things is a network formed between two or more devices through internet which helps in sharing data and resources. IoT is present everywhere and lot of applications in our day-to-day life such as smart homes, smart grid system which helps in reducing energy consumption, smart garbage collection to make cities clean, smart cities etc. It has some limitations too such as concerns of security of the network and the cost of installations of the devices. There have been many researches proposed various method in improving the IoT systems. In this paper, we have discussed about the scope and limitations of IoT in various fields and we have also proposed a technique to secure offline architecture of IoT.
2019-08-05
Ahmad, F., Adnane, A., KURUGOLLU, F., Hussain, R..  2019.  A Comparative Analysis of Trust Models for Safety Applications in IoT-Enabled Vehicular Networks. 2019 Wireless Days (WD). :1-8.
Vehicular Ad-hoc NETwork (VANET) is a vital transportation technology that facilitates the vehicles to share sensitive information (such as steep-curve warnings and black ice on the road) with each other and with the surrounding infrastructure in real-time to avoid accidents and enable comfortable driving experience.To achieve these goals, VANET requires a secure environment for authentic, reliable and trusted information dissemination among the network entities. However, VANET is prone to different attacks resulting in the dissemination of compromised/false information among network nodes. One way to manage a secure and trusted network is to introduce trust among the vehicular nodes. To this end, various Trust Models (TMs) are developed for VANET and can be broadly categorized into three classes, Entity-oriented Trust Models (ETM), Data oriented Trust Models (DTM) and Hybrid Trust Models (HTM). These TMs evaluate trust based on the received information (data), the vehicle (entity) or both through different mechanisms. In this paper, we present a comparative study of the three TMs. Furthermore, we evaluate these TMs against the different trust, security and quality-of-service related benchmarks. Simulation results revealed that all these TMs have deficiencies in terms of end-to-end delays, event detection probabilities and false positive rates. This study can be used as a guideline for researchers to design new efficient and effective TMs for VANET.
2020-01-13
Li, Nan, Varadharajan, Vijay, Nepal, Surya.  2019.  Context-Aware Trust Management System for IoT Applications with Multiple Domains. 2019 IEEE 39th International Conference on Distributed Computing Systems (ICDCS). :1138–1148.
The Internet of Things (IoT) provides connectivity between heterogeneous devices in different applications, such as smart wildlife, supply chain and traffic management. Trust management system (TMS) assesses the trustworthiness of service with respect to its quality. Under different context information, a service provider may be trusted in one context but not in another. The existing context-aware trust models usually store trust values under different contexts and search the closest (to a given context) record to evaluate the trustworthiness of a service. However, it is not suitable for distributed resource-constrained IoT devices which have small memory and low power. Reputation systems are applied in many trust models where trustor obtains recommendations from others. In context-based trust evaluation, it requires interactive queries to find relevant information from remote devices. The communication overhead and energy consumption are issues in low power networks like 6LoWPAN. In this paper, we propose a new context-aware trust model for lightweight IoT devices. The proposed model provides a trustworthiness overview of a service provider without storing past behavior records, that is, constant size storage. The proposed model allows a trustor to decide the significance of context items. This could result in distinctive decisions under the same trustworthiness record. We also show the performance of the proposed model under different attacks.
Seidel, Felix, Krentz, Konrad-Felix, Meinel, Christoph.  2019.  Deep En-Route Filtering of Constrained Application Protocol (CoAP) Messages on 6LoWPAN Border Routers. 2019 IEEE 5th World Forum on Internet of Things (WF-IoT). :201–206.
Devices on the Internet of Things (IoT) are usually battery-powered and have limited resources. Hence, energy-efficient and lightweight protocols were designed for IoT devices, such as the popular Constrained Application Protocol (CoAP). Yet, CoAP itself does not include any defenses against denial-of-sleep attacks, which are attacks that aim at depriving victim devices of entering low-power sleep modes. For example, a denial-of-sleep attack against an IoT device that runs a CoAP server is to send plenty of CoAP messages to it, thereby forcing the IoT device to expend energy for receiving and processing these CoAP messages. All current security solutions for CoAP, namely Datagram Transport Layer Security (DTLS), IPsec, and OSCORE, fail to prevent such attacks. To fill this gap, Seitz et al. proposed a method for filtering out inauthentic and replayed CoAP messages "en-route" on 6LoWPAN border routers. In this paper, we expand on Seitz et al.'s proposal in two ways. First, we revise Seitz et al.'s software architecture so that 6LoWPAN border routers can not only check the authenticity and freshness of CoAP messages, but can also perform a wide range of further checks. Second, we propose a couple of such further checks, which, as compared to Seitz et al.'s original checks, more reliably protect IoT devices that run CoAP servers from remote denial-of-sleep attacks, as well as from remote exploits. We prototyped our solution and successfully tested its compatibility with Contiki-NG's CoAP implementation.
2020-04-13
Wadsworth, Anthony, Thanoon, Mohammed I., McCurry, Charles, Sabatto, Saleh Zein.  2019.  Development of IIoT Monitoring and Control Security Scheme for Cyber Physical Systems. 2019 SoutheastCon. :1–5.
Industry 4.0 or the fourth industrial revolution encapsulates future industry development trends to achieve more intelligent manufacturing processes, including reliance on Cyber Physical Systems (CPS). The increase in online access and control given by the incorporation of CPSs introduces a new challenge securing the operations of the CPS in that they are not supported by standard security protocols. This paper describes a process used to effectively protect the operations of an IIoT system by implementing security protocols on the CPS within the IIoT. A series of predefined boundary conditions of the safety critical parameters for which a heating and cooling CPS can safely operate within were established. If the CPS is commended to operate outside of these boundaries, it will disconnect from all external communication network and default to some pre-defined safe-operation mode until the system has been evaluated locally by an administrator and released from the safe-mode. This method was tested and validated by establishing a sample IIoT and CPS testbed setup which monitor and control the temperature of a target environment. An attack was initiated to force the target environment outside of the determined safety-critical parameters. The system responded by disabling all network ports and defaulted to the safe-operation mode established previously.
2020-01-13
Vasilev, Rusen Vasilev, Haka, Aydan Mehmed.  2019.  Enhanced Simulation Framework for Realisation of Mobility in 6LoWPAN Wireless Sensor Networks. 2019 IEEE XXVIII International Scientific Conference Electronics (ET). :1–4.
The intense incursion of the Internet of Things (IoT) into all areas of modern life has led to a need for a more detailed study of these technologies and their mechanisms of work. It is necessary to study mechanisms in order to improve QoS, security, identifying shortest routes, mobility, etc. This paper proposes an enhanced simulation framework that implements an improved mechanism for prioritising traffic on 6LoWPAN networks and the realisation of micro-mobility.
2020-05-08
Kearney, Paul, Asal, Rasool.  2019.  ERAMIS: A Reference Architecture-Based Methodology for IoT Systems. 2019 IEEE World Congress on Services (SERVICES). 2642-939X:366—367.
Opportunities arising from IoT-enabled applications are significant, but market growth is inhibited by concerns over security and complexity. To address these issues, we propose the ERAMIS methodology, which is based on instantiation of a reference architecture that captures common design features, embodies best practice, incorporates good security properties by design, and makes explicit provision for operational security services and processes.
2020-02-24
Ahmadi-Assalemi, Gabriela, al-Khateeb, Haider M., Epiphaniou, Gregory, Cosson, Jon, Jahankhani, Hamid, Pillai, Prashant.  2019.  Federated Blockchain-Based Tracking and Liability Attribution Framework for Employees and Cyber-Physical Objects in a Smart Workplace. 2019 IEEE 12th International Conference on Global Security, Safety and Sustainability (ICGS3). :1–9.
The systematic integration of the Internet of Things (IoT) and Cyber-Physical Systems (CPS) into the supply chain to increase operational efficiency and quality has also introduced new complexities to the threat landscape. The myriad of sensors could increase data collection capabilities for businesses to facilitate process automation aided by Artificial Intelligence (AI) but without adopting an appropriate Security-by-Design framework, threat detection and response are destined to fail. The emerging concept of Smart Workplace incorporates many CPS (e.g. Robots and Drones) to execute tasks alongside Employees both of which can be exploited as Insider Threats. We introduce and discuss forensic-readiness, liability attribution and the ability to track moving Smart SPS Objects to support modern Digital Forensics and Incident Response (DFIR) within a defence-in-depth strategy. We present a framework to facilitate the tracking of object behaviour within Smart Controlled Business Environments (SCBE) to support resilience by enabling proactive insider threat detection. Several components of the framework were piloted in a company to discuss a real-life case study and demonstrate anomaly detection and the emerging of behavioural patterns according to objects' movement with relation to their job role, workspace position and nearest entry or exit. The empirical data was collected from a Bluetooth-based Proximity Monitoring Solution. Furthermore, a key strength of the framework is a federated Blockchain (BC) model to achieve forensic-readiness by establishing a digital Chain-of-Custody (CoC) and a collaborative environment for CPS to qualify as Digital Witnesses (DW) to support post-incident investigations.
De, Asmit, Basu, Aditya, Ghosh, Swaroop, Jaeger, Trent.  2019.  FIXER: Flow Integrity Extensions for Embedded RISC-V. 2019 Design, Automation Test in Europe Conference Exhibition (DATE). :348–353.
With the recent proliferation of Internet of Things (IoT) and embedded devices, there is a growing need to develop a security framework to protect such devices. RISC-V is a promising open source architecture that targets low-power embedded devices and SoCs. However, there is a dearth of practical and low-overhead security solutions in the RISC-V architecture. Programs compiled using RISC-V toolchains are still vulnerable to code injection and code reuse attacks such as buffer overflow and return-oriented programming (ROP). In this paper, we propose FIXER, a hardware implemented security extension to RISC-V that provides a defense mechanism against such attacks. FIXER enforces fine-grained control-flow integrity (CFI) of running programs on backward edges (returns) and forward edges (calls) without requiring any architectural modifications to the RISC-V processor core. We implement FIXER on RocketChip, a RISC-V SoC platform, by leveraging the integrated Rocket Custom Coprocessor (RoCC) to detect and prevent attacks. Compared to existing software based solutions, FIXER reduces energy overhead by 60% at minimal execution time (1.5%) and area (2.9%) overheads.
2020-01-13
Gopaluni, Jitendra, Unwala, Ishaq, Lu, Jiang, Yang, Xiaokun.  2019.  Graphical User Interface for OpenThread. 2019 IEEE 16th International Conference on Smart Cities: Improving Quality of Life Using ICT IoT and AI (HONET-ICT). :235–237.
This paper presents an implementation of a Graphical User Interface (GUI) for the OpenThread software. OpenThread is a software package for Thread. Thread is a networking protocol for Internet of Things (IoT) designed for home automation. OpenThread package was released by Nest Labs as an open source implementation of the Thread specification v1.1.1. The OpenThread includes IPv6, 6LoWPAN, IEEE 802.15.4 with MAC security, Mesh Link Establishment, and Mesh Routing. OpenThread includes all Thread supported device types and supports both SOC and NCP implementations. OpenThread runs on Linux and allows the users to use it as a simulator with a command line interface. This research is focused on adding a Graphical User Interface (GUI) to the OpenThread. The GUI package is implemented in TCL/Tk (Tool Control Language). OpenThread with a GUI makes working with OpenThread much easier for researchers and students. The GUI also makes it easier to visualize the Thread network and its operations.
2020-01-21
Saadeh, Huda, Almobaideen, Wesam, Sabri, Khair Eddin, Saadeh, Maha.  2019.  Hybrid SDN-ICN Architecture Design for the Internet of Things. 2019 Sixth International Conference on Software Defined Systems (SDS). :96–101.
Internet of Things (IoT) impacts the current network with many challenges due to the variation, heterogeneity of its devices and running technologies. For those reasons, monitoring and controlling network efficiently can rise the performance of the network and adapts network techniques according to environment measurements. This paper proposes a new privacy aware-IoT architecture that combines the benefits of both Information Centric Network (ICN) and Software Defined Network (SDN) paradigms. In this architecture controlling functionalities are distributed over multiple planes: operational plane which is considered as smart ICN data plane with Controllers that control local clusters, tactical plane which is an Edge environment to take controlling decisions based on small number of clusters, and strategic plane which is a cloud controlling environment to make long-term decision that affects the whole network. Deployment options of this architecture is discussed and SDN enhancement due to in-network caching is evaluated.
2020-03-16
Al Ghazo, Alaa T., Kumar, Ratnesh.  2019.  ICS/SCADA Device Recognition: A Hybrid Communication-Patterns and Passive-Fingerprinting Approach. 2019 IFIP/IEEE Symposium on Integrated Network and Service Management (IM). :19–24.
The Industrial Control System (ICS) and Supervisory Control and Data Acquisition (SCADA) systems are the backbones for monitoring and supervising factories, power grids, water distribution systems, nuclear plants, and other critical infrastructures. These systems are installed by third party contractors, maintained by site engineers, and operate for a long time. This makes tracing the documentation of the systems' changes and updates challenging since some of their components' information (type, manufacturer, model, etc.) may not be up-to-date, leading to possibly unaccounted security vulnerabilities in the systems. Device recognition is useful first step in vulnerability identification and defense augmentation, but due to the lack of full traceability in case of legacy ICS/SCADA systems, the typical device recognition based on document inspection is not applicable. In this paper, we propose a hybrid approach involving the mix of communication-patterns and passive-fingerprinting to identify the unknown devices' types, manufacturers, and models. The algorithm uses the ICS/SCADA devices's communication-patterns to recognize the control hierarchy levels of the devices. In conjunction, certain distinguishable features in the communication-packets are used to recognize the device manufacturer, and model. We have implemented this hybrid approach in Python, and tested on traffic data from a water treatment SCADA testbed in Singapore (iTrust).
2020-01-21
Pahl, Marc-Oliver, Liebald, Stefan.  2019.  Information-Centric IoT Middleware Overlay: VSL. 2019 International Conference on Networked Systems (NetSys). :1–8.
The heart of the Internet of Things (IoT) is data. IoT services processes data from sensors that interface their physical surroundings, and from other software such as Internet weather databases. They produce data to control physical environments via actuators, and offer data to other services. More recently, service-centric designs for managing the IoT have been proposed. Data-centric or name-based communication architectures complement these developments very well. Especially for edge-based or site-local installations, data-centric Internet architectures can be implemented already today, as they do not require any changes at the core. We present the Virtual State Layer (VSL), a site-local data-centric architecture for the IoT. Special features of our solution are full separation of logic and data in IoT services, offering the data-centric VSL interface directly to developers, which significantly reduces the overall system complexity, explicit data modeling, a semantically-rich data item lookup, stream connections between services, and security-by-design. We evaluate our solution regarding usability, performance, scalability, resilience, energy efficiency, and security.
2020-03-02
Zheng, Zhengfan, Zheng, Bo, Wu, Yuechao, Chen, Shangui.  2019.  An Integrated Safety Management System Based on Ubiquitous Internet of Things in Electricity for Smart Pumped-storage Power Stations. 2019 4th International Conference on Intelligent Green Building and Smart Grid (IGBSG). :548–551.
The safety management is an important and fundamental task in the construction and operation of pumped-storage power stations. However, because of the traditional technical framework, the relevant systems are separated from each other, leading to a lot of disadvantages in application and performance. In order to meet the requirements of smart pumped-storage power stations, an integrated safety management system (ISMS) based on ubiquitous internet of things in electricity is proposed in this paper. The ISMS is divided into five layers including data display layer, data manipulation layer, data processing layer, data transmission layer and data acquisition layer. It consists of six modules, i.e., central control module, cave access control and personnel location module, video and security monitoring module, emergency broadcasting and communication module, geological warning module, and fall protection module. All modules are integrated into a unified information platform.
2020-03-16
Karpenko, V.I., Vasilev, S.P., Boltunov, A.P., Voloshin, E.A., Voloshin, A. A..  2019.  Intelligent Consumers Device and Cybersecurity of Load Management in Microgrids. 2019 2nd International Youth Scientific and Technical Conference on Relay Protection and Automation (RPA). :1–10.
The digitalization of the electric power industry and the development of territories isolated from the unified energy system are priorities in the development of the energy sector. Thanks to innovative solutions and digital technologies, it becomes possible to make more effective managing and monitoring. Such solution is IoT platform with intelligent control system implemented by software.
2020-01-27
Qureshi, Ayyaz-Ul-Haq, Larijani, Hadi, Javed, Abbas, Mtetwa, Nhamoinesu, Ahmad, Jawad.  2019.  Intrusion Detection Using Swarm Intelligence. 2019 UK/ China Emerging Technologies (UCET). :1–5.
Recent advances in networking and communication technologies have enabled Internet-of-Things (IoT) devices to communicate more frequently and faster. An IoT device typically transmits data over the Internet which is an insecure channel. Cyber attacks such as denial-of-service (DoS), man-in-middle, and SQL injection are considered as big threats to IoT devices. In this paper, an anomaly-based intrusion detection scheme is proposed that can protect sensitive information and detect novel cyber-attacks. The Artificial Bee Colony (ABC) algorithm is used to train the Random Neural Network (RNN) based system (RNN-ABC). The proposed scheme is trained on NSL-KDD Train+ and tested for unseen data. The experimental results suggest that swarm intelligence and RNN successfully classify novel attacks with an accuracy of 91.65%. Additionally, the performance of the proposed scheme is also compared with a hybrid multilayer perceptron (MLP) based intrusion detection system using sensitivity, mean of mean squared error (MMSE), the standard deviation of MSE (SDMSE), best mean squared error (BMSE) and worst mean squared error (WMSE) parameters. All experimental tests confirm the robustness and high accuracy of the proposed scheme.
2020-02-10
Shahinzadeh, Hossein, Moradi, Jalal, Gharehpetian, Gevork B., Nafisi, Hamed, Abedi, Mehrdad.  2019.  IoT Architecture for Smart Grids. 2019 International Conference on Protection and Automation of Power System (IPAPS). :22–30.
The tremendous advances in information and communications technology (ICT), as well as the embedded systems, have been led to the emergence of the novel concept of the internet of things (IoT). Enjoying IoT-based technologies, many objects and components can be connected to each other through the internet or other modern communicational platforms. Embedded systems which are computing machines for special purposes like those utilized in high-tech devices, smart buildings, aircraft, and vehicles including advanced controllers, sensors, and meters with the ability of information exchange using IT infrastructures. The phrase "internet", in this context, does not exclusively refer to the World Wide Web rather than any type of server-based or peer-to-peer networks. In this study, the application of IoT in smart grids is addressed. Hence, at first, an introduction to the necessity of deployment of IoT in smart grids is presented. Afterwards, the applications of IoT in three levels of generation, transmission, and distribution is proposed. The generation level is composed of applications of IoT in renewable energy resources, wind and solar in particular, thermal generation, and energy storage facilities. The deployment of IoT in transmission level deals with congestion management in power system and guarantees the security of the system. In the distribution level, the implications of IoT in active distribution networks, smart cities, microgrids, smart buildings, and industrial sector are evaluated.
2019-11-25
Cui, Hongyan, Chen, Zunming, Xi, Yu, Chen, Hao, Hao, Jiawang.  2019.  IoT Data Management and Lineage Traceability: A Blockchain-based Solution. 2019 IEEE/CIC International Conference on Communications Workshops in China (ICCC Workshops). :239–244.
The Internet of Things is stepping out of its infancy into full maturity, requiring massive data processing and storage. Unfortunately, because of the unique characteristics of resource constraints, short-range communication, and self-organization in IoT, it always resorts to the cloud or fog nodes for outsourced computation and storage, which has brought about a series of novel challenging security and privacy threats. For this reason, one of the critical challenges of having numerous IoT devices is the capacity to manage them and their data. A specific concern is from which devices or Edge clouds to accept join requests or interaction requests. This paper discusses a design concept for developing the IoT data management platform, along with a data management and lineage traceability implementation of the platform based on blockchain and smart contracts, which approaches the two major challenges: how to implement effective data management and enrich rational interoperability for trusted groups of linked Things; And how to settle conflicts between untrusted IoT devices and its requests taking into account security and privacy preserving. Experimental results show that the system scales well with the loss of computing and communication performance maintaining within the acceptable range, works well to effectively defend against unauthorized access and empower data provenance and transparency, which verifies the feasibility and efficiency of the design concept to provide privacy, fine-grained, and integrity data management over the IoT devices by introducing the blockchain-based data management platform.
2020-02-17
Nouichi, Douae, Abdelsalam, Mohamed, Nasir, Qassim, Abbas, Sohail.  2019.  IoT Devices Security Using RF Fingerprinting. 2019 Advances in Science and Engineering Technology International Conferences (ASET). :1–7.
Internet of Things (IoT) devices industry is rapidly growing, with an accelerated increase in the list of manufacturers offering a wide range of smart devices selected to enhance end-users' standard of living. Security remains an after-thought in these devices resulting in vulnerabilities. While there exists a cryptographic protocol designed to solve such authentication problem, the computational complexity of cryptographic protocols and scalability problems make almost all cryptography-based authentication protocols impractical for IoT. Wireless RFF (Radio Frequency Fingerprinting) comes as a physical layer-based security authentication method that improves wireless security authentication, which is especially useful for the power and computing limited devices. As a proof-of-concept, this paper proposes a universal SDR (software defined Radio)-based inexpensive implementation intended to sense emitted wireless signals from IoT devices. Our approach is validated by extracting mobile phone signal bursts under different user-dedicated modes. The proposed setup is well adapted to accurately capture signals from different telecommunication standards. To ensure a unique identification of IoT devices, this paper also provides an optimum set of features useful to generate the device identity fingerprint.
2020-01-21
Pal, Shantanu.  2019.  Limitations and Approaches in Access Control and Identity Management for Constrained IoT Resources. 2019 IEEE International Conference on Pervasive Computing and Communications Workshops (PerCom Workshops). :431–432.
The Internet of Things (IoT), smart sensors and mobile wearable devices are helping to provide services that are more ubiquitous, smarter, faster and easily accessible to users. However, security is a significant concern for the IoT, with access control and identity management are being two major issues. With the growing size and presence of these systems and the resource constrained nature of the IoT devices, an important question is how to manage policies in a manner that is both scalable and flexible. In this research, we aim at proposing a fine-grained and flexible access control architecture, and to examine an identity model for constrained IoT resources. To achieve this, first, we outline some key limitations in the state of the art access control and identity management for IoT. Then we devise our approach to address those limitations in a systematic way.