Security and Privacy in the Internet of Things

A special issue of Information (ISSN 2078-2489). This special issue belongs to the section "Information Systems".

Deadline for manuscript submissions: closed (31 December 2020) | Viewed by 11799

Special Issue Editors


E-Mail Website
Guest Editor
College of Computer Science and Technology, Nanjing University of Aeronautics and Astronautics, Nanjing, China
Interests: information security; applied cryptography; IoT security; AI security; blockchain

E-Mail Website
Guest Editor

Special Issue Information

Dear Colleagues,

In recent decades, great progress has been made in the Internet of Things (IoT), leading to its usage in many new fields such as smart cities, healthcare, intelligent transportation, electronics, and environmental monitoring. This is an important change because smart devices are beginning to rely heavily on a range of sensing and network communication systems. However, this dependence also makes IoT platforms vulnerable to a large number of network security threats. Some security issues can only be prevented or mitigated by targeted resistance programs. Moreover, the application of technologies, including artificial intelligence (AI), blockchain, and cryptography, has brought about an all-round security improvement in IoT platforms.

Therefore, the purpose of this Special Issue is to provide a forum for researchers in academia and industry to introduce their research on the design, implementation, and evaluation of IoT safety-related programs through the design of different safety systems, improvement of the existing schemes, and discussion of the problems. Investigators in the field are invited to contribute with their original, unpublished works. Both research and review papers are welcome.

Topics of interest include but are not limited to:

  • Privacy protocol for IoT systems;
  • Scheme and architecture design to improve security in IoT systems;
  • AI for IoT security;
  • Blockchain for IoT security;
  • Cryptography for IoT security;
  • Edge computing for IoT security;
  • Network virtualization for IoT security;
  • Theories and models for detection and analysis of persistent threats;
  • Existing attacks and damages in IoT systems;
  • Emerging trends for IoT security;
  • Intelligent security system architecture for IoT;
  • Secure network intelligence for IoT;
  • Mobile security in IoT.
Prof. Liming Fang
Prof. Weizhi Meng
Prof. Chunhua Su
Guest Editors

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Information is an international peer-reviewed open access monthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 1600 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • Internet of Things security
  • Artificial intelligence
  • Cryptography
  • Blockchain
  • Cyberphysical system
  • IoT security
  • Reliable communication

Published Papers (3 papers)

Order results
Result details
Select all
Export citation of selected articles as:

Research

15 pages, 600 KiB  
Article
A Study of Factors Affecting Intention to Adopt a Cloud-Based Digital Signature Service
by Kyung Won Chong, Yong Seok Kim and Jeongil Choi
Information 2021, 12(2), 60; https://doi.org/10.3390/info12020060 - 31 Jan 2021
Cited by 17 | Viewed by 2927
Abstract
The electronic signature service has been causing various problems due to the rapid growth of e-commerce services. Therefore, in order to create an authentication service suitable for the era of the 4th Industrial Revolution, new security authentication technologies such as the cloud must [...] Read more.
The electronic signature service has been causing various problems due to the rapid growth of e-commerce services. Therefore, in order to create an authentication service suitable for the era of the 4th Industrial Revolution, new security authentication technologies such as the cloud must be utilized. However, there is a lack of prior management studies on the intention to accept digital signatures. Therefore, this study conducted an empirical study to identify factors affecting the intention to adopt cloud-based digital signature services. This research proposed a model based on the technology–organization–environment framework and empirically analyzed the degree of mutual causality and influence between variables using the partial least squares structural equation model. The results show that technical characteristics, organizational characteristics, and environmental characteristics significantly affected the intention to adopt. However, there are still many concerns about the security of cloud-based services. It has been confirmed that solving this problem is the key to the activation of the electronic signature service. Full article
(This article belongs to the Special Issue Security and Privacy in the Internet of Things)
Show Figures

Figure 1

15 pages, 585 KiB  
Article
Botnet Defense System: Concept, Design, and Basic Strategy
by Shingo Yamaguchi
Information 2020, 11(11), 516; https://doi.org/10.3390/info11110516 - 4 Nov 2020
Cited by 19 | Viewed by 3903
Abstract
This paper proposes a new kind of cyber-security system, named Botnet Defense System (BDS), which defends an Internet of Things (IoT) system against malicious botnets. The concept of BDS is “Fight fire with fire”. The distinguishing feature is that it uses white-hat botnets [...] Read more.
This paper proposes a new kind of cyber-security system, named Botnet Defense System (BDS), which defends an Internet of Things (IoT) system against malicious botnets. The concept of BDS is “Fight fire with fire”. The distinguishing feature is that it uses white-hat botnets to fight malicious botnets. A BDS consists of four components: Monitor, Strategy Planner, Launcher, and Command and Control (C&C) server. The Monitor component watches over a target IoT system. If the component detects a malicious botnet, the Strategy Planner component makes a strategy against the botnet. Based on the planned strategy, the Launcher component sends white-hat worms into the IoT system and constructs a white-hat botnet. The C&C server component commands and controls the white-hat botnet to exterminate the malicious botnet. Strategy studies are essential to produce intended results. We proposed three basic strategies to launch white-hat worms: All-Out, Few-Elite, and Environment-Adaptive. We evaluated BDS and the proposed strategies through the simulation of agent-oriented Petri net model representing the battle between Mirai botnets and the white-hat botnets. This result shows that the Environment-Adaptive strategy is the best and reduced the number of needed white-hat worms to 38.5% almost without changing the extermination rate for Mirai bots. Full article
(This article belongs to the Special Issue Security and Privacy in the Internet of Things)
Show Figures

Figure 1

18 pages, 854 KiB  
Article
SlowTT: A Slow Denial of Service against IoT Networks
by Ivan Vaccari, Maurizio Aiello and Enrico Cambiaso
Information 2020, 11(9), 452; https://doi.org/10.3390/info11090452 - 18 Sep 2020
Cited by 19 | Viewed by 3888
Abstract
The security of Internet of Things environments is a critical and trending topic, due to the nature of the networks and the sensitivity of the exchanged information. In this paper, we investigate the security of the Message Queue Telemetry Transport (MQTT) protocol, widely [...] Read more.
The security of Internet of Things environments is a critical and trending topic, due to the nature of the networks and the sensitivity of the exchanged information. In this paper, we investigate the security of the Message Queue Telemetry Transport (MQTT) protocol, widely adopted in IoT infrastructures. We exploit two specific weaknesses of MQTT, identified during our research activities, allowing the client to configure the KeepAlive parameter and MQTT packets to execute an innovative cyber threat against the MQTT broker. In order to validate the exploitation of such vulnerabilities, we propose SlowTT, a novel “Slow” denial of service attack aimed at targeting MQTT through low-rate techniques, characterized by minimum attack bandwidth and computational power requirements. We validate SlowTT against real MQTT services, by considering both plaintext and encrypted communications and by comparing the effects of the attack when targeting different application daemons and protocol versions. Results show that SlowTT is extremely successful, and it can exploit the identified vulnerability to execute a denial of service against the IoT network by keeping the connection alive for a long time. Full article
(This article belongs to the Special Issue Security and Privacy in the Internet of Things)
Show Figures

Figure 1

Back to TopTop