Visible to the public Biblio

Filters: Keyword is Internet of Things (IoT)  [Clear All Filters]
2021-07-07
Aski, Vidyadhar, Dhaka, Vijaypal Singh, Kumar, Sunil, Parashar, Anubha, Ladagi, Akshata.  2020.  A Multi-Factor Access Control and Ownership Transfer Framework for Future Generation Healthcare Systems. 2020 Sixth International Conference on Parallel, Distributed and Grid Computing (PDGC). :93–98.
The recent advancements in ubiquitous sensing powered by Wireless Computing Technologies (WCT) and Cloud Computing Services (CCS) have introduced a new thinking ability amongst researchers and healthcare professionals for building secure and connected healthcare systems. The integration of Internet of Things (IoT) in healthcare services further brings in several challenges with it, mainly including encrypted communication through vulnerable wireless medium, authentication and access control algorithms and ownership transfer schemes (important patient information). Major concern of such giant connected systems lies in creating the data handling strategies which is collected from the billions of heterogeneous devices distributed across the hospital network. Besides, the resource constrained nature of IoT would make these goals difficult to achieve. Motivated by aforementioned deliberations, this paper introduces a novel approach in designing a security framework for edge-computing based connected healthcare systems. An efficient, multi-factor access control and ownership transfer mechanism for edge-computing based futuristic healthcare applications is the core of proposed framework. Data scalability is achieved by employing distributed approach for clustering techniques that analyze and aggregate voluminous data acquired from heterogeneous devices individually before it transits the to the cloud. Moreover, data/device ownership transfer scheme is considered to be the first time in its kind. During ownership transfer phase, medical server facilitates user to transfer the patient information/ device ownership rights to the other registered users. In order to avoid the existing mistakes, we propose a formal and informal security analysis, that ensures the resistance towards most common IoT attacks such as insider attack, denial of distributed service (DDoS) attack and traceability attacks.
2021-06-30
Lahiri, Pralay Kumar, Das, Debashis, Mansoor, Wathiq, Banerjee, Sourav, Chatterjee, Pushpita.  2020.  A Trustworthy Blockchain based framework for Impregnable IoV in Edge Computing. 2020 IEEE 17th International Conference on Mobile Ad Hoc and Sensor Systems (MASS). :26—31.
The concept behind the Internet of Things (IoT) is taking everything and connecting to the internet so that all devices would be able to send and receive data online. Internet of Vehicles (IoV) is a key component of smart city which is an outcome of IoT. Nowadays the concept of IoT has plaid an important role in our daily life in different sectors like healthcare, agriculture, smart home, wearable, green computing, smart city applications, etc. The emerging IoV is facing a lack of rigor in data processing, limitation of anonymity, privacy, scalability, security challenges. Due to vulnerability IoV devices must face malicious hackers. Nowadays with the help of blockchain (BC) technology energy system become more intelligent, eco-friendly, transparent, energy efficient. This paper highlights two major challenges i.e. scalability and security issues. The flavor of edge computing (EC) considered here to deal with the scalability issue. A BC is a public, shared database that records transactions between two parties that confirms owners through cryptography. After a transaction is validated and cryptographically verified generates “block” on the BC and transactions are ordered chronologically and cannot be altered. Implementing BC and smart contracts technologies will bring security features for IoV. It plays a role to implement the rules and policies to govern the IoV information and transactions and keep them into the BC to secure the data and for future uses.
2021-06-28
Kaur, Jasleen, Agrawal, Alka, Khan, Raees Ahmad.  2020.  Security Assessment in Foggy Era through Analytical Hierarchy Process. 2020 11th International Conference on Computing, Communication and Networking Technologies (ICCCNT). :1–6.
Fog Computing provides users with the cloud facilities at the network edge. It may be assumed to be a virtual platform with adequate storage., computation and processing facilities for latency-sensitive applications. The basic difference lies with the fact that this platform is decentralized in nature. In addition., the fog systems or devices process data locally., are conveyable and are capable of being installed on heterogenous hardware. This versatility in its behavior and it being at the network edge turns the attention towards the security of the users sensitive data (in transition or at rest). In this paper., the authors have emphasized on the security of the fog level in typical Fog- IoT architecture. Various security factors (along with their subfactors) persisting at fog level are identified and discussed in detail. The authors have presented a hierarchy of fog computing security factors that is expected to help in considering security in a systematic and efficient manner. Further., the authors have also ranked the same through Analytical Hierarchy Process (AHP) and compared the results with Fuzzy-AHP (F-AHP). The results are found to be highly correlated.
2021-06-24
Satam, Shalaka, Satam, Pratik, Hariri, Salim.  2020.  Multi-level Bluetooth Intrusion Detection System. 2020 IEEE/ACS 17th International Conference on Computer Systems and Applications (AICCSA). :1—8.
Large scale deployment of IoT devices has made Bluetooth Protocol (IEEE 802.15.1) the wireless protocol of choice for close-range communications. Devices such as keyboards, smartwatches, headphones, computer mouse, and various wearable connecting devices use Bluetooth network for communication. Moreover, Bluetooth networks are widely used in medical devices like heart monitors, blood glucose monitors, asthma inhalers, and pulse oximeters. Also, Bluetooth has replaced cables for wire-free equipment in a surgical environment. In hospitals, devices communicate with one another, sharing sensitive and critical information over Bluetooth scatter-networks. Thus, it is imperative to secure the Bluetooth networks against attacks like Man in the Middle attack (MITM), eavesdropping attacks, and Denial of Service (DoS) attacks. This paper presents a Multi-Level Bluetooth Intrusion Detection System (ML-BIDS) to detect malicious attacks against Bluetooth devices. In the ML-IDS framework, we perform continuous device identification and authorization in Bluetooth networks following the zero-trust principle [ref]. The ML-BIDS framework includes an anomaly-based intrusion detection system (ABIDS) to detect attacks on the Bluetooth protocol. The ABIDS tracks the normal behavior of the Bluetooth protocol by comparing it with the Bluetooth protocol state machine. Bluetooth frame flows consisting of Bluetooth frames received over 10 seconds are split into n-grams to track the current state of the protocol in the state machine. We evaluated the performance of several machine learning algorithms like C4.5, Adaboost, SVM, Naive Bayes, Jrip, and Bagging to classify normal Bluetooth protocol flows from abnormal Bluetooth protocol flows. The ABIDS detects attacks on Bluetooth protocols with a precision of up to 99.6% and recall up to 99.6%. The ML-BIDS framework also performs whitelisting of the devices on the Bluetooth network to prevent unauthorized devices from connecting to the network. ML-BIDS uses a combination of the Bluetooth Address, mac address, and IP address to uniquely identify a Bluetooth device connecting to the network, and hence ensuring only authorized devices can connect to the Bluetooth network.
2021-06-01
Alfandi, Omar, Otoum, Safa, Jararweh, Yaser.  2020.  Blockchain Solution for IoT-based Critical Infrastructures: Byzantine Fault Tolerance. NOMS 2020 - 2020 IEEE/IFIP Network Operations and Management Symposium. :1—4.
Providing an acceptable level of security for Internet of Things (IoT)-based critical infrastructures, such as the connected vehicles, considers as an open research issue. Nowadays, blockchain overcomes a wide range of network limitations. In the context of IoT and blockchain, Byzantine Fault Tolerance (BFT)-based consensus protocol, that elects a set of authenticated devices/nodes within the network, considers as a solution for achieving the desired energy efficiency over the other consensus protocols. In BFT, the elected devices are responsible for ensuring the data blocks' integrity and preventing the concurrently appended blocks that might contain some malicious data. In this paper, we evaluate the fault-tolerance with different network settings, i.e., the number of connected vehicles. We verify and validate the proposed model with MATLAB/Simulink package simulations. The results show that our proposed hybrid scenario performed over the non-hybrid scenario taking throughput and latency in the consideration as the evaluated metrics.
Chinchawade, Amit Jaykumar, Lamba, Onkar Singh.  2020.  Authentication Schemes and Security Issues in Internet Of Everything (IOE) Systems. 2020 12th International Conference on Computational Intelligence and Communication Networks (CICN). :342–345.
Nowadays, Internet Of Everything (IOE) has demanded for a wide range of applications areas. IOE is started to replaces an Internet Of things (IOT). IOE is a combination of massive number of computing elements and sensors, people, processes and data through the Internet infrastructure. Device to Device communication and interfacing of Wireless Sensor network with IOE can makes any system as a Smart System. With the increased the use of Internet and Internet connected devices has opportunities for hackers to launch attacks on unprecedented scale and impact. The IOE can serve the varied security in the various sectors like manufacturing, agriculture, smart grid, payments, IoT gateways, healthcare and industrial ecosystems. To secure connections among people, process, data, and things, is a major challenge in Internet of Everything.. This paper focuses on various security Issues and Authentication Schemes in the IOE systems.
2021-05-13
Guan, Bo, Takbiri, Nazanin, Goeckel, Dennis L., Houmansadr, Amir, Pishro-Nik, Hossein.  2020.  Sequence Obfuscation to Thwart Pattern Matching Attacks. 2020 IEEE International Symposium on Information Theory (ISIT). :884—889.

Suppose we are given a large number of sequences on a given alphabet, and an adversary is interested in identifying (de-anonymizing) a specific target sequence based on its patterns. Our goal is to thwart such an adversary by obfuscating the target sequences by applying artificial (but small) distortions to its values. A key point here is that we would like to make no assumptions about the statistical model of such sequences. This is in contrast to existing literature where assumptions (e.g., Markov chains) are made regarding such sequences to obtain privacy guarantees. We relate this problem to a set of combinatorial questions on sequence construction based on which we are able to obtain provable guarantees. This problem is relevant to important privacy applications: from fingerprinting webpages visited by users through anonymous communication systems to linking communicating parties on messaging applications to inferring activities of users of IoT devices.

2021-04-27
Beckwith, E., Thamilarasu, G..  2020.  BA-TLS: Blockchain Authentication for Transport Layer Security in Internet of Things. 2020 7th International Conference on Internet of Things: Systems, Management and Security (IOTSMS). :1—8.

Traditional security solutions that rely on public key infrastructure present scalability and transparency challenges when deployed in Internet of Things (IoT). In this paper, we develop a blockchain based authentication mechanism for IoT that can be integrated into the traditional transport layer security protocols such as Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS). Our proposed mechanism is an alternative to the traditional Certificate Authority (CA)-based Public Key Infrastructure (PKI) that relies on x.509 certificates. Specifically, the proposed solution enables the modified TLS/DTLS a viable option for resource constrained IoT devices where minimizing memory utilization is critical. Experiments show that blockchain based authentication can reduce dynamic memory usage by up to 20%, while only minimally increasing application image size and time of execution of the TLS/DTLS handshake.

Vishwakarma, L., Das, D..  2020.  BSS: Blockchain Enabled Security System for Internet of Things Applications. 2020 IEEE 19th International Symposium on Network Computing and Applications (NCA). :1—4.

In the Internet of Things (IoT), devices can interconnect and communicate autonomously, which requires devices to authenticate each other to exchange meaningful information. Otherwise, these things become vulnerable to various attacks. The conventional security protocols are not suitable for IoT applications due to the high computation and storage demand. Therefore, we proposed a blockchain-enabled secure storage and communication scheme for IoT applications, called BSS. The scheme ensures identification, authentication, and data integrity. Our scheme uses the security advantages of blockchain and helps to create safe zones (trust batch) where authenticated objects interconnect securely and do communication. A secure and robust trust mechanism is employed to build these batches, where each device has to authenticate itself before joining the trust batch. The obtained results satisfy the IoT security requirements with 60% reduced computation, storage and communication cost compared with state-of-the-art schemes. BSS also withstands various cyberattacks such as impersonation, message replay, man-in-the-middle, and botnet attacks.

2021-03-29
Dorri, A., Jurdak, R..  2020.  Tree-Chain: A Fast Lightweight Consensus Algorithm for IoT Applications. 2020 IEEE 45th Conference on Local Computer Networks (LCN). :369–372.
Blockchain has received tremendous attention in non-monetary applications including the Internet of Things (IoT) due to its salient features including decentralization, security, auditability, and anonymity. Most conventional blockchains rely on computationally expensive validator selection and consensus algorithms, have limited throughput, and high transaction delays. In this paper, we propose tree-chain a scalable fast blockchain instantiation that introduces two levels of randomization among the validators: i) transaction level where the validator of each transaction is selected randomly based on the most significant characters of the hash function output (known as consensus code), and ii) blockchain level where validator is randomly allocated to a particular consensus code based on the hash of their public key. Tree-chain introduces parallel chain branches where each validator commits the corresponding transactions in a unique ledger.
Kazemi, Z., Fazeli, M., Hély, D., Beroulle, V..  2020.  Hardware Security Vulnerability Assessment to Identify the Potential Risks in A Critical Embedded Application. 2020 IEEE 26th International Symposium on On-Line Testing and Robust System Design (IOLTS). :1—6.

Internet of Things (IoT) is experiencing significant growth in the safety-critical applications which have caused new security challenges. These devices are becoming targets for different types of physical attacks, which are exacerbated by their diversity and accessibility. Therefore, there is a strict necessity to support embedded software developers to identify and remediate the vulnerabilities and create resilient applications against such attacks. In this paper, we propose a hardware security vulnerability assessment based on fault injection of an embedded application. In our security assessment, we apply a fault injection attack by using our clock glitch generator on a critical medical IoT device. Furthermore, we analyze the potential risks of ignoring these attacks in this embedded application. The results will inform the embedded software developers of various security risks and the required steps to improve the security of similar MCU-based applications. Our hardware security assessment approach is easy to apply and can lead to secure embedded IoT applications against fault attacks.

2021-02-03
Rehan, S., Singh, R..  2020.  Industrial and Home Automation, Control, Safety and Security System using Bolt IoT Platform. 2020 International Conference on Smart Electronics and Communication (ICOSEC). :787—793.
This paper describes a system that comprises of control, safety and security subsystem for industries and homes. The entire system is based on the Bolt IoT platform. Using this system, the user can control the devices such as LEDs, speed of the fan or DC motor, monitor the temperature of the premises with an alert sub-system for critical temperatures through SMS and call, monitor the presence of anyone inside the premises with an alert sub-system about any intrusion through SMS and call. If the system is used specifically in any industry then instead of monitoring the temperature any other physical quantity, which is critical for that industry, can be monitored using suitable sensors. In addition, the cloud connectivity is provided to the system using the Bolt IoT module and temperature data is sent to the cloud where using machine-learning algorithm the future temperature is predicted to avoid any accidents in the future.
2021-01-25
Ghazo, A. T. Al, Ibrahim, M., Ren, H., Kumar, R..  2020.  A2G2V: Automatic Attack Graph Generation and Visualization and Its Applications to Computer and SCADA Networks. IEEE Transactions on Systems, Man, and Cybernetics: Systems. 50:3488–3498.
Securing cyber-physical systems (CPS) and Internet of Things (IoT) systems requires the identification of how interdependence among existing atomic vulnerabilities may be exploited by an adversary to stitch together an attack that can compromise the system. Therefore, accurate attack graphs play a significant role in systems security. A manual construction of the attack graphs is tedious and error-prone, this paper proposes a model-checking-based automated attack graph generator and visualizer (A2G2V). The proposed A2G2V algorithm uses existing model-checking tools, an architecture description tool, and our own code to generate an attack graph that enumerates the set of all possible sequences in which atomic-level vulnerabilities can be exploited to compromise system security. The architecture description tool captures a formal representation of the networked system, its atomic vulnerabilities, their pre-and post-conditions, and security property of interest. A model-checker is employed to automatically identify an attack sequence in the form of a counterexample. Our own code integrated with the model-checker parses the counterexamples, encodes those for specification relaxation, and iterates until all attack sequences are revealed. Finally, a visualization tool has also been incorporated with A2G2V to generate a graphical representation of the generated attack graph. The results are illustrated through application to computer as well as control (SCADA) networks.
2021-01-11
Majhi, D., Rao, M., Sahoo, S., Dash, S. P., Mohapatra, D. P..  2020.  Modified Grey Wolf Optimization(GWO) based Accident Deterrence in Internet of Things (IoT) enabled Mining Industry. 2020 International Conference on Computer Science, Engineering and Applications (ICCSEA). :1–4.
The occurrences of accidents in mining industries owing to the fragile health conditions of mine workers are reportedly increasing. Health conditions measured as heart rate or pulse, glycemic index, and blood pressure are often crucial parameters that lead to failure in proper reasoning when not within acceptable ranges. These parameters, such as heartbeat rate can be measured continuously using sensors. The data can be monitored remotely and, when found to be of concern, can send necessary alarms to the mine manager. The early alarm notification enables the mine manager with better preparedness for managing the reach of first aid to the accident spot and thereby reduce mine fatalities drastically. This paper presents a framework for deterring accidents in mines with the help of the Grey Wolf Optimization approach.
2020-12-21
Kasah, N. b H., Aman, A. H. b M., Attarbashi, Z. S. M., Fazea, Y..  2020.  Investigation on 6LoWPAN Data Security for Internet of Things. 2020 2nd International Conference on Computer and Information Sciences (ICCIS). :1–5.
Low-power wireless network technology is one of the main key characteristics in communication systems that are needed by the Internet of Things (IoT). Nowadays, the 6LoWPAN standard is one of the communication protocols which has been identified as an important protocol in IoT applications. Networking technology in 6LoWPAN transfer IPv6 packets efficiently in link-layer framework that is well-defined by IEEE 802.14.5 protocol. 6Lo WPAN development is still having problems such as threats and entrust crises. The most important part when developing this new technology is the challenge to secure the network. Data security is viewed as a major consideration in this network communications. Many researchers are working to secure 6LoWPAN communication by analyzing the architecture and network features. 6LoWPAN security weakness or vulnerability is exposed to various forms of network attack. In this paper, the security solutions for 6LoWPAN have been investigated. The requirements of safety in 6LoWPAN are also presented.
2020-11-17
Russell, S., Abdelzaher, T., Suri, N..  2019.  Multi-Domain Effects and the Internet of Battlefield Things. MILCOM 2019 - 2019 IEEE Military Communications Conference (MILCOM). :724—730.

This paper reviews the definitions and characteristics of military effects, the Internet of Battlefield Things (IoBT), and their impact on decision processes in a Multi-Domain Operating environment (MDO). The aspects of contemporary military decision-processes are illustrated and an MDO Effect Loop decision process is introduced. We examine the concept of IoBT effects and their implications in MDO. These implications suggest that when considering the concept of MDO, as a doctrine, the technological advances of IoBTs empower enhancements in decision frameworks and increase the viability of novel operational approaches and options for military effects.

Hu, Y., Sanjab, A., Saad, W..  2019.  Dynamic Psychological Game Theory for Secure Internet of Battlefield Things (IoBT) Systems. IEEE Internet of Things Journal. 6:3712—3726.

In this paper, a novel anti-jamming mechanism is proposed to analyze and enhance the security of adversarial Internet of Battlefield Things (IoBT) systems. In particular, the problem is formulated as a dynamic psychological game between a soldier and an attacker. In this game, the soldier seeks to accomplish a time-critical mission by traversing a battlefield within a certain amount of time, while maintaining its connectivity with an IoBT network. The attacker, on the other hand, seeks to find the optimal opportunity to compromise the IoBT network and maximize the delay of the soldier's IoBT transmission link. The soldier and the attacker's psychological behavior are captured using tools from psychological game theory, with which the soldier's and attacker's intentions to harm one another are considered in their utilities. To solve this game, a novel learning algorithm based on Bayesian updating is proposed to find an ∈ -like psychological self-confirming equilibrium of the game.

2020-10-16
AlEnezi, Ali, AlMeraj, Zainab, Manuel, Paul.  2018.  Challenges of IoT Based Smart-Government Development. 2018 IEEE Green Technologies Conference (GreenTech). :155—160.

Smart governments are known as extensions of e-governments both built on the Internet of Things (IoT). In this paper, we classify smart governments into two types (1) new generation and (2) extended smart-government. We then put forth a framework for smart governments implementation and discuss the major challenges in its implementation showing security as the most prominent challenge in USA, mindscaping in Kuwait and investment in India.

2020-10-05
Chen, Jen-Jee, Tsai, Meng-Hsun, Zhao, Liqiang, Chang, Wei-Chiao, Lin, Yu-Hsiang, Zhou, Qianwen, Lu, Yu-Zhang, Tsai, Jia-Ling, Cai, Yun-Zhan.  2019.  Realizing Dynamic Network Slice Resource Management based on SDN networks. 2019 International Conference on Intelligent Computing and its Emerging Applications (ICEA). :120–125.
It is expected that the concept of Internet of everything will be realized in 2020 because of the coming of the 5G wireless communication technology. Internet of Things (IoT) services in various fields require different types of network service features, such as mobility, security, bandwidth, latency, reliability and control strategies. In order to solve the complex requirements and provide customized services, a new network architecture is needed. To change the traditional control mode used in the traditional network architecture, the Software Defined Network (SDN) is proposed. First, SDN divides the network into the Control Plane and Data Plane and then delegates the network management authority to the controller of the control layer. This allows centralized control of connections of a large number of devices. Second, SDN can help realizing the network slicing in the aspect of network layer. With the network slicing technology proposed by 5G, it can cut the 5G network out of multiple virtual networks and each virtual network is to support the needs of diverse users. In this work, we design and develop a network slicing framework. The contributions of this article are two folds. First, through SDN technology, we develop to provide the corresponding end-to-end (E2E) network slicing for IoT applications with different requirements. Second, we develop a dynamic network slice resource scheduling and management method based on SDN to meet the services' requirements with time-varying characteristics. This is usually observed in streaming and services with bursty traffic. A prototyping system is completed. The effectiveness of the system is demonstrated by using an electronic fence application as a use case.
2020-09-28
Evans, David, Calvo, Daniel, Arroyo, Adrian, Manilla, Alejandro, Gómez, David.  2019.  End-to-end security assessment framework for connected vehicles. 2019 22nd International Symposium on Wireless Personal Multimedia Communications (WPMC). :1–6.
To increase security and to offer user experiences according to the requirements of a hyper-connected world, modern vehicles are integrating complex electronic systems, being transformed into systems of Cyber-Physical Systems (CPS). While a great diversity of heterogeneous hardware and software components must work together and control in real-time crucial functionalities, cybersecurity for the automotive sector is still in its infancy. This paper provides an analysis of the most common vulnerabilities and risks of connected vehicles, using a real example based on industrial and market-ready technologies. Several components have been implemented to inject and simulate multiple attacks, which enable security services and mitigation actions to be developed and validated.
2020-09-21
Fang, Zheng, Fu, Hao, Gu, Tianbo, Qian, Zhiyun, Jaeger, Trent, Mohapatra, Prasant.  2019.  ForeSee: A Cross-Layer Vulnerability Detection Framework for the Internet of Things. 2019 IEEE 16th International Conference on Mobile Ad Hoc and Sensor Systems (MASS). :236–244.
The exponential growth of Internet-of-Things (IoT) devices not only brings convenience but also poses numerous challenging safety and security issues. IoT devices are distributed, highly heterogeneous, and more importantly, directly interact with the physical environment. In IoT systems, the bugs in device firmware, the defects in network protocols, and the design flaws in system configurations all may lead to catastrophic accidents, causing severe threats to people's lives and properties. The challenge gets even more escalated as the possible attacks may be chained together in a long sequence across multiple layers, rendering the current vulnerability analysis inapplicable. In this paper, we present ForeSee, a cross-layer formal framework to comprehensively unveil the vulnerabilities in IoT systems. ForeSee generates a novel attack graph that depicts all of the essential components in IoT, from low-level physical surroundings to high-level decision-making processes. The corresponding graph-based analysis then enables ForeSee to precisely capture potential attack paths. An optimization algorithm is further introduced to reduce the computational complexity of our analysis. The illustrative case studies show that our multilayer modeling can capture threats ignored by the previous approaches.
2020-09-11
Arvind, S, Narayanan, V Anantha.  2019.  An Overview of Security in CoAP: Attack and Analysis. 2019 5th International Conference on Advanced Computing Communication Systems (ICACCS). :655—660.
Over the last decade, a technology called Internet of Things (IoT) has been evolving at a rapid pace. It enables the development of endless applications in view of availability of affordable components which provide smart ecosystems. The IoT devices are constrained devices which are connected to the internet and perform sensing tasks. Each device is identified by their unique address and also makes use of the Constrained Application Protocol (CoAP) as one of the main web transfer protocols. It is an application layer protocol which does not maintain secure channels to transfer information. For authentication and end-to-end security, Datagram Transport Layer Security (DTLS) is one of the possible approaches to boost the security aspect of CoAP, in addition to which there are many suggested ways to protect the transmission of sensitive information. CoAP uses DTLS as a secure protocol and UDP as a transfer protocol. Therefore, the attacks on UDP or DTLS could be assigned as a CoAP attack. An attack on DTLS could possibly be launched in a single session and a strong authentication mechanism is needed. Man-In-The-Middle attack is one the peak security issues in CoAP as cited by Request For Comments(RFC) 7252, which encompasses attacks like Sniffing, Spoofing, Denial of Service (DoS), Hijacking, Cross-Protocol attacks and other attacks including Replay attacks and Relay attacks. In this work, a client-server architecture is setup, whose end devices communicate using CoAP. Also, a proxy system was installed across the client side to launch an active interception between the client and the server. The work will further be enhanced to provide solutions to mitigate these attacks.
2020-08-03
Ferraris, Davide, Fernandez-Gago, Carmen, Daniel, Joshua, Lopez, Javier.  2019.  A Segregated Architecture for a Trust-based Network of Internet of Things. 2019 16th IEEE Annual Consumer Communications Networking Conference (CCNC). :1–6.
With the ever-increasing number of smart home devices, the issues related to these environments are also growing. With an ever-growing attack surface, there is no standard way to protect homes and their inhabitants from new threats. The inhabitants are rarely aware of the increased security threats that they are exposed to and how to manage them. To tackle this problem, we propose a solution based on segmented architectures similar to the ones used in industrial systems. In this approach, the smart home is segmented into various levels, which can broadly be categorised into an inner level and external level. The external level is protected by a firewall that checks the communication from/to the Internet to/from the external devices. The internal level is protected by an additional firewall that filters the information and the communications between the external and the internal devices. This segmentation guarantees a trusted environment among the entities of the internal network. In this paper, we propose an adaptive trust model that checks the behaviour of the entities and in case the entities violate trust rules they can be put in quarantine or banned from the network.
2020-07-24
Tan, Syh-Yuan, Yeow, Kin-Woon, Hwang, Seong Oun.  2019.  Enhancement of a Lightweight Attribute-Based Encryption Scheme for the Internet of Things. IEEE Internet of Things Journal. 6:6384—6395.

In this paper, we present the enhancement of a lightweight key-policy attribute-based encryption (KP-ABE) scheme designed for the Internet of Things (IoT). The KP-ABE scheme was claimed to achieve ciphertext indistinguishability under chosen-plaintext attack in the selective-set model but we show that the KP-ABE scheme is insecure even in the weaker security notion, namely, one-way encryption under the same attack and model. In particular, we show that an attacker can decrypt a ciphertext which does not satisfy the policy imposed on his decryption key. Subsequently, we propose an efficient fix to the KP-ABE scheme as well as extending it to be a hierarchical KP-ABE (H-KP-ABE) scheme that can support role delegation in IoT applications. An example of applying our H-KP-ABE on an IoT-connected healthcare system is given to highlight the benefit of the delegation feature. Lastly, using the NIST curves secp192k1 and secp256k1, we benchmark the fixed (hierarchical) KP-ABE scheme on an Android phone and the result shows that the scheme is still the fastest in the literature.

2020-06-29
Wehbi, Khadijeh, Hong, Liang, Al-salah, Tulha, Bhutta, Adeel A.  2019.  A Survey on Machine Learning Based Detection on DDoS Attacks for IoT Systems. 2019 SoutheastCon. :1–6.
Internet of Things (IoT) is transforming the way we live today, improving the quality of living standard and growing the world economy by having smart devices around us making decisions and performing our daily tasks and chores. However, securing the IoT system from malicious attacks is a very challenging task. Some of the most common malicious attacks are Denial of service (DoS), and Distributed Denial of service (DDoS) attacks, which have been causing major security threats to all networks and specifically to limited resource IoT devices. As security will always be a primary factor for enabling most IoT applications, developing a comprehensive detection method that effectively defends against DDoS attacks and can provide 100% detection for DDoS attacks in IoT is a primary goal for the future of IoT. The development of such a method requires a deep understanding of the methods that have been used thus far in the detection of DDoS attacks in the IoT environment. In our survey, we try to emphasize some of the most recent Machine Learning (ML) approaches developed for the detection of DDoS attacks in IoT networks along with their advantage and disadvantages. Comparison between the performances of selected approaches is also provided.