Biblio

The Internet of Things (IoT) provides connectivity between heterogeneous devices in different applications, such as smart wildlife, supply chain and traffic management. Trust management system (TMS) assesses the trustworthiness of service with respect to its quality. Under different context information, a service provider may be trusted in one context but not in another. The existing context-aware trust models usually store trust values under different contexts and search the closest (to a given context) record to evaluate the trustworthiness of a service. However, it is not suitable for distributed resource-constrained IoT devices which have small memory and low power. Reputation systems are applied in many trust models where trustor obtains recommendations from others. In context-based trust evaluation, it requires interactive queries to find relevant information from remote devices. The communication overhead and energy consumption are issues in low power networks like 6LoWPAN. In this paper, we propose a new context-aware trust model for lightweight IoT devices. The proposed model provides a trustworthiness overview of a service provider without storing past behavior records, that is, constant size storage. The proposed model allows a trustor to decide the significance of context items. This could result in distinctive decisions under the same trustworthiness record. We also show the performance of the proposed model under different attacks.

The intense incursion of the Internet of Things (IoT) into all areas of modern life has led to a need for a more detailed study of these technologies and their mechanisms of work. It is necessary to study mechanisms in order to improve QoS, security, identifying shortest routes, mobility, etc. This paper proposes an enhanced simulation framework that implements an improved mechanism for prioritising traffic on 6LoWPAN networks and the realisation of micro-mobility.

It is a research hotspot that using blockchain technology to solve the security problems of the Internet of Things (IoT). Although many related ideas have been proposed, there are very few literatures with theoretical and data support. This paper focuses on the research of model construction and performance evaluation. First, an IoT security model is established based on blockchain and InterPlanetary File System (IPFS). In this model, many security risks of traditional IoT architectures can be avoided, and system performance is significantly improved in distributed large capacity storage, concurrency and query. Secondly, the performance of the proposed model is evaluated through the average latency and throughput, which are meaningful for further research and optimization of this direction. Analysis and test results demonstrate the effectiveness of the blockchain-based security model.

Cognitive radio technology addresses the spectrum scarcity challenges by allowing unlicensed cognitive devices to opportunistically utilize spectrum band allocated to licensed devices. However, the openness of the technology has introduced several attacks to cognitive radios, one which is the spectrum sensing data falsification attack. In spectrum sensing data falsification attack, malicious devices share incorrect spectrum observations to other cognitive radios. This paper investigates the spectrum sensing data falsification attack in cognitive radio networks. We use the modified Z-test to isolate extreme outliers in the network. The q-out-of-m rule scheme is implemented to mitigate the spectrum sensing data falsification attack, where a random number m is selected from the sensing results and q is the final decision from m. The scheme does not require the services of a fusion Centre for decision making. This paper presents the theoretical analysis of the proposed scheme.

The rapid development of the Internet of Things (IoT) results in generating massive amounts of data. Significant portions of these data are sensitive since they reflect (directly or indirectly) peoples' behaviors, interests, lifestyles, etc. Protecting sensitive IoT data from privacy violations is a challenge since these data need to be communicated, processed, analyzed, and stored by public networks, servers, and clouds; most of them are untrusted parties for data owners. We propose a solution for protecting sensitive IoT data called Policy Enforcement Fog Module (PEFM). The major task of the PEFM solution is mandatory enforcement of privacy policies for sensitive IoT data-wherever these data are accessed throughout their entire lifecycle. The key feature of PEFM is its placement within the fog computing infrastructure, which assures that PEFM operates as closely as possible to data sources within the edge. PEFM enforces policies directly for local IoT applications. In contrast, for remote applications, PEFM provides a self-protecting mechanism based on creating and disseminating Active Data Bundles (ADBs). ADBs are software constructs bundling inseparably sensitive data, their privacy policies, and an execution engine able to enforce privacy policies. To prove effectiveness and efficiency of the proposed module, we developed a smart home proof-of-concept scenario. We investigate privacy threats for sensitive IoT data. We run simulation experiments, based on network calculus, for testing performance of the PEFM controls for different network configurations. The results of the simulation show that-even with using from 1 to 5 additional privacy policies for improved data privacy-penalties in terms of execution time and delay are reasonable (approx. 12-15% and 13-19%, respectively). The results also show that PEFM is scalable regarding the number of the real-time constraints for real-time IoT applications.

The confidentiality of data stored in embedded and handheld devices has become an urgent necessity more than ever before. Encryption of sensitive data is a well-known technique to preserve their confidentiality, however it comes with certain costs that can heavily impact the device processing resources. Utilizing multicore processors, which are equipped with current embedded devices, has brought a new era to enhance data confidentiality while maintaining suitable device performance. Encrypting the complete storage area, also known as Full Disk Encryption (FDE) can still be challenging, especially with newly emerging massive storage systems. Alternatively, since the most user sensitive data are residing inside persisting databases, it will be more efficient to focus on securing SQLite databases, through encryption, where SQLite is the most common RDBMS in handheld and embedded systems. This paper addresses the problem of ensuring data protection in embedded and mobile devices while maintaining suitable device performance by mitigating the impact of encryption. We presented here a proposed design for a parallel database encryption system, called SQLite-XTS. The proposed system encrypts data stored in databases transparently on-the-fly without the need for any user intervention. To maintain a proper device performance, the system takes advantage of the commodity multicore processors available with most embedded and mobile devices.

In this paper, we address the fundamental problem of securely bootstrapping a group of wireless devices to a hub, when none of the devices share prior associations (secrets) with the hub or between them. This scenario aligns with the secure deployment of body area networks, IoT, medical devices, industrial automation sensors, autonomous vehicles, and others. We develop VERSE, a physical-layer group message integrity verification primitive that effectively detects advanced wireless signal manipulations that can be used to launch man-in-the-middle (MitM) attacks over wireless. Without using shared secrets to establish authenticated channels, such attacks are notoriously difficult to thwart and can undermine the authentication and key establishment processes. VERSE exploits the existence of multiple devices to verify the integrity of the messages exchanged within the group. We then use VERSE to build a bootstrapping protocol, which securely introduces new devices to the network. Compared to the state-of-the-art, VERSE achieves in-band message integrity verification during secure pairing using only the RF modality without relying on out-of-band channels or extensive human involvement. It guarantees security even when the adversary is capable of fully controlling the wireless channel by annihilating and injecting wireless signals. We study the limits of such advanced wireless attacks and prove that the introduction of multiple legitimate devices can be leveraged to increase the security of the pairing process. We validate our claims via theoretical analysis and extensive experimentations on the USRP platform. We further discuss various implementation aspects such as the effect of time synchronization between devices and the effects of multipath and interference. Note that the elimination of shared secrets, default passwords, and public key infrastructures effectively addresses the related key management challenges when these are considered at scale.

This paper presents Checked C, an extension to C designed to support spatial safety, implemented in Clang and LLVM. Checked C's design is distinguished by its focus on backward-compatibility, incremental conversion, developer control, and enabling highly performant code. Like past approaches to a safer C, Checked C employs a form of checked pointer whose accesses can be statically or dynamically verified. Performance evaluation on a set of standard benchmark programs shows overheads to be relatively low. More interestingly, Checked C introduces the notions of a checked region and bounds-safe interfaces.

The main security problems, typical for the Internet of Things (IoT), as well as the purpose of gaining unauthorized access to the IoT, are considered in this paper. Common characteristics of the most widespread botnets are provided. A method to detect compromised IoT devices included into a botnet is proposed. The method is based on a model of logistic regression. The article describes a developed model of logistic regression which allows to estimate the probability that a device initiating a connection is running a bot. A list of network protocols, used to gain unauthorized access to a device and to receive instructions from common and control (C&C) server, is provided too.

Security is a key concern in Internet of Things (IoT) designs. In a heterogeneous and complex environment, service providers and service requesters must trust each other. On-off attack is a sophisticated trust threat in which a malicious device can perform good and bad services randomly to avoid being rated as a low trust node. Some countermeasures demands prior level of trust knowing and time to classify a node behavior. In this paper, we introduce a Smart Middleware that automatically assesses the IoT resources trust, evaluating service providers attributes to protect against On-off attacks.

This paper presents existing cryptographic technologies used by the IoT industry. Authors review security capabilities of existing IoT protocols such as LoRaWAN, IEE802.15.4, BLE and RF based. Authors also experiment with the cryptographic efficiency and energy consumption of existing cryptography algorithms, implemented on embedded systems. Authors evaluate the performance of 32bit single ARM cortex microprocessor, Atmel ATmega32u4 8-bit micro-controller and Parallella Xillix Zynq FPGA parallel co-processors. From the experimental results, authors signify the requirements of the next generation IoT security protocols and from their experimental results provide useful guidelines.

Embedded systems that communicate with each other over the internet and build up a larger, loosely coupled (hardware) system with an unknown configuration at runtime is often referred to as a cyberphysical system. Many of these systems can become, due to its associated risks during their operation, safety critical. With increased complexity of such systems, the number of configurations can either be infinite or even unknown at design time. Hence, a certification at design time for such systems that documents a safe interaction for all possible configurations of all participants at runtime can become unfeasible. If such systems come together in a new configuration, a mechanism is required that can decide whether or not it is safe for them to interact. Such a mechanism can generally not be part of such systems for the sake of trust. Therefore, we present in the following sections the SEnSE device, short for Secure and Safe Embedded, that tackles these challenges and provides a secure and safe integration of safety-critical embedded systems.

The paper deals with the implementation aspects of the bilinear pairing operation over an elliptic curve on constrained devices, such as smart cards, embedded devices, smart meters and similar devices. Although cryptographic constructions, such as group signatures, anonymous credentials or identity-based encryption schemes, often rely on the pairing operation, the implementation of such schemes into practical applications is not straightforward, in fact, it may become very difficult. In this paper, we show that the implementation is difficult not only due to the high computational complexity, but also due to the lack of cryptographic libraries and programming interfaces. In particular, we show how difficult it is to implement pairing-based schemes on constrained devices and show the performance of various libraries on different platforms. Furthermore, we show the performance estimates of fundamental cryptographic constructions, the group signatures. The purpose of this paper is to reduce the gap between the cryptographic designers and developers and give performance results that can be used for the estimation of the implementability and performance of novel, upcoming schemes.

Recently, as the age of the Internet of Things is approaching, there are more and more devices that communicate data with each other by incorporating sensors and communication functions in various objects. If the IoT is miniaturized, it can be regarded as a sensor having only the sensing ability and the low performance communication ability. Low-performance sensors are difficult to use high-quality communication, and wireless security used in expensive wireless communication devices cannot be applied. Therefore, this paper proposes authentication and key Agreement that can be applied in sensor networks using communication with speed less than 1 Kbps and has limited performances.

The existing Disaster Recovery(DR) system has a technique for integrity of the duplicated file to be used for recovery, but it could not be used if the file was changed. In this study, a duplicate file is generated as a block and managed as a block-chain. If the duplicate file is corrupted, the DR system will check the integrity of the duplicated file by referring to the block-chain and proceed with the recovery. The proposed technology is verified through recovery performance evaluation and scenarios.

The growing pervasiveness of Internet of Things (IoT) expands the attack surface by connecting more and more attractive attack targets, i.e. embedded devices, to the Internet. One key component in securing these devices is software integrity checking, which typically attained with Remote Attestation (RA). RA is realized as an interactive protocol, whereby a trusted party, verifier, verifies the software integrity of a potentially compromised remote device, prover. In the vast majority of IoT applications, smart devices operate in swarms, thus triggering the need for efficient swarm attestation schemes.In this paper, we present WISE, the first intelligent swarm attestation protocol that aims to minimize the communication overhead while preserving an adequate level of security. WISE depends on a resource-efficient smart broadcast authentication scheme where devices are organized in fine-grained multi-clusters, and whenever needed, the most likely compromised devices are attested. The candidate devices are selected intelligently taking into account the attestation history and the diverse characteristics (and constraints) of each device in the swarm. We show that WISE is very suitable for resource-constrained embedded devices, highly efficient and scalable in heterogenous IoT networks, and offers an adjustable level of security.

The development of a robust strategy for network security is reliant upon a combination of in-house expertise and for completeness attack vectors used by attackers. A honeypot is one of the most popular mechanisms used to gather information about attacks and attackers. However, low-interaction honeypots only emulate an operating system and services, and are more prone to a fingerprinting attack, resulting in severe consequences such as revealing the identity of the honeypot and thus ending the usefulness of the honeypot forever, or worse, enabling it to be converted into a bot used to attack others. A number of tools and techniques are available both to fingerprint low-interaction honeypots and to defend against such fingerprinting; however, there is an absence of fingerprinting techniques to identify the characteristics and behaviours that indicate fingerprinting is occurring. Therefore, this paper proposes a fuzzy technique to correlate the attack actions and predict the probability that an attack is a fingerprinting attack on the honeypot. Initially, an experimental assessment of the fingerprinting attack on the low- interaction honeypot is performed, and a fingerprinting detection mechanism is proposed that includes the underlying principles of popular fingerprinting attack tools. This implementation is based on a popular and commercially available low-interaction honeypot for Windows - KFSensor. However, the proposed fuzzy technique is a general technique and can be used with any low-interaction honeypot to aid in the identification of the fingerprinting attack whilst it is occurring; thus protecting the honeypot from the fingerprinting attack and extending its life.

The data transmitted from the wearable device commonly includes sensitive data. So, application service using the data collected from the unauthorized wearable devices can cause serious problems. Also, it is important to authenticate any wearable device and then, protect the transmitted data between the wearable devices and the application server. In this paper, we propose an authentication protocol, which is designed by using the Transport Layer Security (TLS) handshake protocol combined with a mobile authentication proxy. By using the proposed authentication protocol, we can authenticate the wearable device. And we can secure data transmission since session key is shared between the wearable device and the application server. In addition, the proposed authentication protocol is secure even when the mobile authentication proxy is unreliable.

The ability to transmit high volumes of data over a long distance makes WiFi mesh networks an ideal transmission solution for remote video surveillance. Instead of independently manipulating the node deployment, channel and interface assignment, and routing to improve the network performance, we propose a joint network design using multi-objective genetic algorithm to take into account the interplay of them. Moreover, we found a performance evaluation method based on the transmission capability of the WiFi mesh networks for the first time. The good agreement of our obtained multiple optimized solutions to the extensive simulation results by NS-3 demonstrates the effectiveness of our design.

In this paper, a novel game-theoretic framework is introduced to analyze and enhance the security of adversarial Internet of Battlefield Things (IoBT) systems. In particular, a dynamic, psychological network interdiction game is formulated between a soldier and an attacker. In this game, the soldier seeks to find the optimal path to minimize the time needed to reach a destination, while maintaining a desired bit error rate (BER) performance by selectively communicating with certain IoBT devices. The attacker, on the other hand, seeks to find the optimal IoBT devices to attack, so as to maximize the BER of the soldier and hinder the soldier's progress. In this game, the soldier and attacker's first- order and second-order beliefs on each others' behavior are formulated to capture their psychological behavior. Using tools from psychological game theory, the soldier and attacker's intention to harm one another is captured in their utilities, based on their beliefs. A psychological forward induction-based solution is proposed to solve the dynamic game. This approach can find a psychological sequential equilibrium of the game, upon convergence. Simulation results show that, whenever the soldier explicitly intends to frustrate the attacker, the soldier's material payoff is increased by up to 15.6% compared to a traditional dynamic Bayesian game.

The performance evaluation of distribution network operators is essential for the electrical utilities to know how prepared the operators are to execute their operation standards and rules, searching for minimizing the time of power outage, after some contingency. The performance of operators can be evaluated by the impact of their actions on several technical and economic indicators of the distribution system. This issue is a complex problem, whose solution involves necessarily some expertise and a multi-criteria evaluation. This paper presents a Tutorial Expert System (TES) for performance evaluation of electrical distribution network operators after a given contingency in the electrical network. The proposed TES guides the evaluation process, taking into account technical, economic and personal criteria, aiding the quantification of these criteria. A case study based on real data demonstrates the applicability of the performance evaluation procedure of distribution network operators.

Modern vehicles may contain a considerable number of ECUs (Electronic Control Units) which are connected through various means of communication, with the CAN (Controller Area Network) protocol being the most widely used. However, several vulnerabilities such as the lack of authentication and the lack of data encryption have been pointed out by several authors, which ultimately render vehicles unsafe to their users and surroundings. Moreover, the lack of security in modern automobiles has been studied and analyzed by other researchers as well as several reports about modern car hacking have (already) been published. The contribution of this work aimed to analyze and test the level of security and how resilient is the CAN protocol by taking a BMW E90 (3-series) instrument cluster as a sample for a proof of concept study. This investigation was carried out by building and developing a rogue device using cheap commercially available components while being connected to the same CAN-Bus as a man in the middle device in order to send spoofed messages to the instrument cluster.

False data injection attacks (FDIA) on state estimators are a kind of imminent cyber-physical security issue. Fortunately, it has been proved that if a set of measurements is strategically selected and protected, no FDIA will remain undetectable. In this paper, the metric Return on Investment (ROI) is introduced to evaluate the overall returns of the alternative measurement protection schemes (MPS). By setting maximum total ROI as the optimization objective, the previously ignored cost-benefit issue is taken into account to derive a realistic MPS for power utilities. The optimization problem is transformed into the Steiner tree problem in graph theory, where a tree pruning based algorithm is used to reduce the computational complexity and find a quasi-optimal solution with acceptable approximations. The correctness and efficiency of the algorithm are verified by case studies.

Blockchain has been applied to study data privacy and network security recently. In this paper, we propose a punishment scheme based on the action record on the blockchain to suppress the attack motivation of the edge servers and the mobile devices in the edge network. The interactions between a mobile device and an edge server are formulated as a blockchain security game, in which the mobile device sends a request to the server to obtain real-time service or launches attacks against the server for illegal security gains, and the server chooses to perform the request from the device or attack it. The Nash equilibria (NEs) of the game are derived and the conditions that each NE exists are provided to disclose how the punishment scheme impacts the adversary behaviors of the mobile device and the edge server.

We present an approach to tracking the behaviour of an attacker on a decoy system, where the decoy communicates with the real system only through low energy bluetooth. The result is a low-cost solution that does not interrupt the live system, while limiting potential damage. The attacker has no way to detect that they are being monitored, while their actions are being logged for further investigation. The system has been physically implemented using Raspberry PI and Arduino boards to replicate practical performance.