sensors-logo

Journal Browser

Journal Browser

Security in IoT Environments

A special issue of Sensors (ISSN 1424-8220). This special issue belongs to the section "Internet of Things".

Deadline for manuscript submissions: closed (31 July 2023) | Viewed by 24607

Special Issue Editor

School of Communication and Information Engineering, Chongqing University of Posts and Telecommunications, Chongqing, China
Interests: Internet of Things; security and privacy algorithms; resource management

Special Issue Information

Dear Colleagues,

The Internet of Things (IoT) has already become a foundational platform to realize various promising applications, such as smart cities and intelligent transportations. With the development of communication and networking technologies, all kinds of IoT devices can be connected to the Internet. With the ubiquitous connections and information exchanges among different and anonymous entities, the security and privacy of IoT devices have become a serious challenge in IoT environments. The IoT threat is especially rather complex due to the evolving attack technology, and user information is vulnerable to exposure. Therefore, it is of great importance to design security-based solutions in IoT environments, with the purpose of keeping a secure and trusted environment for IoT devices.

Therefore, this Special Issue seeks high-quality papers from academics and researchers working in the fields of security technologies, systems, and methodologies in IoT environments. Research on the development of security and privacy models for IoT systems and the most recently advanced methods and applications is also of interest.

Prof. Dr. Xiaojie Wang
Guest Editor

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Sensors is an international peer-reviewed open access semimonthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 2600 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • security for intelligent IoT applications
  • identity and access authentication for wireless communications
  • AI-based security solutions for IoT devices
  • security-based AI solution in IoT environments
  • security protocols in IoT environments
  • privacy protection in IoT environments
  • attack detection and resistance in IoT environments
  • trust management in IoT environments

Published Papers (15 papers)

Order results
Result details
Select all
Export citation of selected articles as:

Research

28 pages, 2225 KiB  
Article
Enhancing IoT Security through a Green and Sustainable Federated Learning Platform: Leveraging Efficient Encryption and the Quondam Signature Algorithm
by Turki Aljrees, Ankit Kumar, Kamred Udham Singh and Teekam Singh
Sensors 2023, 23(19), 8090; https://doi.org/10.3390/s23198090 - 26 Sep 2023
Cited by 2 | Viewed by 1558
Abstract
This research paper introduces a novel paradigm that synergizes innovative algorithms, namely efficient data encryption, the Quondam Signature Algorithm (QSA), and federated learning, to effectively counteract random attacks targeting Internet of Things (IoT) systems. The incorporation of federated learning not only fosters continuous [...] Read more.
This research paper introduces a novel paradigm that synergizes innovative algorithms, namely efficient data encryption, the Quondam Signature Algorithm (QSA), and federated learning, to effectively counteract random attacks targeting Internet of Things (IoT) systems. The incorporation of federated learning not only fosters continuous learning but also upholds data privacy, bolsters security measures, and provides a robust defence mechanism against evolving threats. The Quondam Signature Algorithm (QSA) emerges as a formidable solution, adept at mitigating vulnerabilities linked to man-in-the-middle attacks. Remarkably, the QSA algorithm achieves noteworthy cost savings in IoT communication by optimizing communication bit requirements. By seamlessly integrating federated learning, IoT systems attain the ability to harmoniously aggregate and analyse data from an array of devices while zealously guarding data privacy. The decentralized approach of federated learning orchestrates local machine-learning model training on individual devices, subsequently amalgamating these models into a global one. Such a mechanism not only nurtures data privacy but also empowers the system to harness diverse data sources, enhancing its analytical capabilities. A thorough comparative analysis scrutinizes varied cost-in-communication schemes, meticulously weighing both encryption and federated learning facets. The proposed approach shines by virtue of its optimization of time complexity through the synergy of offline phase computations and online phase signature generation, hinged on an elliptic curve digital signature algorithm-based online/offline scheme. In contrast, the Slow Block Move (SBM) scheme lags behind, necessitating over 25 rounds, 1500 signature generations, and an equal number of verifications. The proposed scheme, fortified by its marriage of federated learning and efficient encryption techniques, emerges as an embodiment of improved efficiency and reduced communication costs. The culmination of this research underscores the intrinsic benefits of the proposed approach: marked reduction in communication costs, elevated analytical prowess, and heightened resilience against the spectrum of attacks that IoT systems confront. Full article
(This article belongs to the Special Issue Security in IoT Environments)
Show Figures

Figure 1

27 pages, 1254 KiB  
Article
Secure and Privacy-Preserving Intrusion Detection and Prevention in the Internet of Unmanned Aerial Vehicles
by Ernest Ntizikira, Wang Lei, Fahad Alblehai, Kiran Saleem and Muhammad Ali Lodhi
Sensors 2023, 23(19), 8077; https://doi.org/10.3390/s23198077 - 25 Sep 2023
Cited by 5 | Viewed by 1262
Abstract
In smart cities, unmanned aerial vehicles (UAVS) play a vital role in surveillance, monitoring, and data collection. However, the widespread integration of UAVs brings forth a pressing concern: security and privacy vulnerabilities. This study introduces the SP-IoUAV (Secure and Privacy Preserving Intrusion Detection [...] Read more.
In smart cities, unmanned aerial vehicles (UAVS) play a vital role in surveillance, monitoring, and data collection. However, the widespread integration of UAVs brings forth a pressing concern: security and privacy vulnerabilities. This study introduces the SP-IoUAV (Secure and Privacy Preserving Intrusion Detection and Prevention for UAVS) model, tailored specifically for the Internet of UAVs ecosystem. The challenge lies in safeguarding UAV operations and ensuring data confidentiality. Our model employs cutting-edge techniques, including federated learning, differential privacy, and secure multi-party computation. These fortify data confidentiality and enhance intrusion detection accuracy. Central to our approach is the integration of deep neural networks (DNNs) like the convolutional neural network-long short-term memory (CNN-LSTM) network, enabling real-time anomaly detection and precise threat identification. This empowers UAVs to make immediate decisions in dynamic environments. To proactively counteract security breaches, we have implemented a real-time decision mechanism triggering alerts and initiating automatic blacklisting. Furthermore, multi-factor authentication (MFA) strengthens access security for the intrusion detection system (IDS) database. The SP-IoUAV model not only establishes a comprehensive machine framework for safeguarding UAV operations but also advocates for secure and privacy-preserving machine learning in UAVS. Our model’s effectiveness is validated using the CIC-IDS2017 dataset, and the comparative analysis showcases its superiority over previous approaches like FCL-SBL, RF-RSCV, and RBFNNs, boasting exceptional levels of accuracy (99.98%), precision (99.93%), recall (99.92%), and F-Score (99.92%). Full article
(This article belongs to the Special Issue Security in IoT Environments)
Show Figures

Figure 1

19 pages, 4148 KiB  
Article
Enhancing Mitigation of Volumetric DDoS Attacks: A Hybrid FPGA/Software Filtering Datapath
by Denis Salopek and Miljenko Mikuc
Sensors 2023, 23(17), 7636; https://doi.org/10.3390/s23177636 - 03 Sep 2023
Viewed by 703
Abstract
The increasing network speeds of today’s Internet require high-performance, high-throughput network devices. However, the lack of affordable, flexible, and readily available devices poses a challenge for packet classification and filtering. This problem is exacerbated by the increase in volumetric Distributed Denial-of-Service (DDoS) attacks, [...] Read more.
The increasing network speeds of today’s Internet require high-performance, high-throughput network devices. However, the lack of affordable, flexible, and readily available devices poses a challenge for packet classification and filtering. This problem is exacerbated by the increase in volumetric Distributed Denial-of-Service (DDoS) attacks, which require efficient packet processing and filtering. To meet the demands of high-speed networks and configurable network processing devices, this paper investigates a hybrid hardware/software packet filter prototype that combines reconfigurable FPGA technology and high-speed software filtering on commodity hardware. It uses a novel approach that offloads filtering rules to the hardware and employs a Longest Prefix Matching (LPM) algorithm and allowlists/blocklists based on millions of IP prefixes. The hybrid filter demonstrates improvements over software-only filtering, achieving performance gains of nearly 30%, depending on the rulesets, offloading methods, and traffic types. The significance of this research lies in developing a cost-effective alternative to more-expensive or less-effective filters, providing high-speed DDoS packet filtering for IPv4 traffic, as it still dominates over IPv6. Deploying these filters on commodity hardware at the edge of the network can mitigate the impact of DDoS attacks on protected networks, enhancing the security of all devices on the network, including Internet of Things (IoT) devices. Full article
(This article belongs to the Special Issue Security in IoT Environments)
Show Figures

Figure 1

18 pages, 501 KiB  
Article
Fortifying Smart Home Security: A Robust and Efficient User-Authentication Scheme to Counter Node Capture Attacks
by Iqra Asghar, Muhammad Ayaz Khan, Tahir Ahmad, Subhan Ullah, Khwaja Mansoor ul Hassan and Attaullah Buriro
Sensors 2023, 23(16), 7268; https://doi.org/10.3390/s23167268 - 19 Aug 2023
Viewed by 923
Abstract
In smart home environments, the interaction between a remote user and devices commonly occurs through a gateway, necessitating the need for robust user authentication. Despite numerous state-of-the-art user-authentication schemes proposed over the years, these schemes still suffer from security vulnerabilities exploited by the [...] Read more.
In smart home environments, the interaction between a remote user and devices commonly occurs through a gateway, necessitating the need for robust user authentication. Despite numerous state-of-the-art user-authentication schemes proposed over the years, these schemes still suffer from security vulnerabilities exploited by the attackers. One severe physical attack is the node capture attack, which allows adversaries to compromise the security of the entire scheme. This research paper advances the state of the art by conducting a security analysis of user-authentication approaches regarding their vulnerability to node capture attacks resulting in revelations of several security weaknesses. To this end, we propose a secure user-authentication scheme to counter node capture attacks in smart home environments. To validate the effectiveness of our proposed scheme, we employ the BAN logic and ProVerif tool for verification. Lastly, we conduct performance analysis to validate the lightweight nature of our user-authentication scheme, making it suitable for IoT-based smart home environments. Full article
(This article belongs to the Special Issue Security in IoT Environments)
Show Figures

Figure 1

17 pages, 36847 KiB  
Article
A Novel Approach of a Low-Cost Voltage Fault Injection Method for Resource-Constrained IoT Devices: Design and Analysis
by Nicolás Ruminot, Claudio Estevez and Samuel Montejo-Sánchez
Sensors 2023, 23(16), 7180; https://doi.org/10.3390/s23167180 - 15 Aug 2023
Cited by 1 | Viewed by 1128
Abstract
The rapid development of the Internet of Things (IoT) has brought about the processing and storage of sensitive information on resource-constrained devices, which are susceptible to various hardware attacks. Fault injection attacks (FIAs) stand out as one of the most widespread. Particularly, voltage-based [...] Read more.
The rapid development of the Internet of Things (IoT) has brought about the processing and storage of sensitive information on resource-constrained devices, which are susceptible to various hardware attacks. Fault injection attacks (FIAs) stand out as one of the most widespread. Particularly, voltage-based FIAs (V-FIAs) have gained popularity due to their non-invasive nature and high effectiveness in inducing faults by pushing the IoT hardware to its operational limits. Improving the security of devices and gaining a comprehensive understanding of their vulnerabilities is of utmost importance. In this study, we present a novel fault injection method and employ it to target an 8-bit AVR microcontroller. We identify the optimal attack parameters by analyzing the detected failures and their trends. A case study is conducted to validate the efficacy of this new method in a more realistic scenario, focusing on a simple authentication method using the determined optimal parameters. This analysis not only demonstrates the feasibility of the V-FIA but also elucidates the primary characteristics of the resulting failures and their propagation in resource-constrained devices. Additionally, we devise a hardware/software countermeasure that can be integrated into any resource-constrained device to thwart such attacks in IoT scenarios. Full article
(This article belongs to the Special Issue Security in IoT Environments)
Show Figures

Figure 1

18 pages, 555 KiB  
Article
ReIPS: A Secure Cloud-Based Reputation Evaluation System for IoT-Enabled Pumped Storage Power Stations
by Yue Zong, Yuechao Wu, Yuanlin Luo, Han Xu, Wenjian Hu and Yao Yu
Sensors 2023, 23(12), 5620; https://doi.org/10.3390/s23125620 - 15 Jun 2023
Cited by 1 | Viewed by 698
Abstract
Reputation evaluation is an effective measure for maintaining secure Internet of Things (IoT) ecosystems, but there are still several challenges when applied in IoT-enabled pumped storage power stations (PSPSs), such as the limited resources of intelligent inspection devices and the threat of single-point [...] Read more.
Reputation evaluation is an effective measure for maintaining secure Internet of Things (IoT) ecosystems, but there are still several challenges when applied in IoT-enabled pumped storage power stations (PSPSs), such as the limited resources of intelligent inspection devices and the threat of single-point and collusion attacks. To address these challenges, in this paper we present ReIPS, a secure cloud-based reputation evaluation system designed to manage intelligent inspection devices’ reputations in IoT-enabled PSPSs. Our ReIPS incorporates a resource-rich cloud platform to collect various reputation evaluation indexes and perform complex evaluation operations. To resist single-point attacks, we present a novel reputation evaluation model that combines backpropagation neural networks (BPNNs) with a point reputation-weighted directed network model (PR-WDNM). The BPNNs objectively evaluate device point reputations, which are further integrated into PR-WDNM to detect malicious devices and obtain corrective global reputations. To resist collusion attacks, we introduce a knowledge graph-based collusion device identification method that calculates behavioral and semantic similarities to accurately identify collusion devices. Simulation results show that our ReIPS outperforms existing systems regarding reputation evaluation performance, particularly in single-point and collusion attack scenarios. Full article
(This article belongs to the Special Issue Security in IoT Environments)
Show Figures

Figure 1

15 pages, 381 KiB  
Article
Enhancing Security and Privacy in Healthcare Systems Using a Lightweight RFID Protocol
by Muhammad Ayaz Khan, Subhan Ullah, Tahir Ahmad, Khwaja Jawad and Attaullah Buriro
Sensors 2023, 23(12), 5518; https://doi.org/10.3390/s23125518 - 12 Jun 2023
Cited by 1 | Viewed by 1345
Abstract
Exploiting Radio Frequency Identification (RFID) technology in healthcare systems has become a common practice, as it ensures better patient care and safety. However, these systems are prone to security vulnerabilities that can jeopardize patient privacy and the secure management of patient credentials. This [...] Read more.
Exploiting Radio Frequency Identification (RFID) technology in healthcare systems has become a common practice, as it ensures better patient care and safety. However, these systems are prone to security vulnerabilities that can jeopardize patient privacy and the secure management of patient credentials. This paper aims to advance state-of-the-art approaches by developing more secure and private RFID-based healthcare systems. More specifically, we propose a lightweight RFID protocol that safeguards patients’ privacy in the Internet of Healthcare Things (IoHT) domain by utilizing pseudonyms instead of real IDs, thereby ensuring secure communication between tags and readers. The proposed protocol has undergone rigorous testing and has been proven to be secure against various security attacks. This article provides a comprehensive overview of how RFID technology is used in healthcare systems and benchmarks the challenges faced by these systems. Then, it reviews the existing RFID authentication protocols proposed for IoT-based healthcare systems in terms of their strengths, challenges, and limitations. To overcome the limitations of existing approaches, we proposed a protocol that addresses the anonymity and traceability issues in existing schemes. Furthermore, we demonstrated that our proposed protocol had a lower computational cost than existing protocols and ensured better security. Finally, our proposed lightweight RFID protocol ensured strong security against known attacks and protected patient privacy using pseudonyms instead of real IDs. Full article
(This article belongs to the Special Issue Security in IoT Environments)
Show Figures

Figure 1

24 pages, 2258 KiB  
Article
A Microservice and Serverless Architecture for Secure IoT System
by Ruiqi Ouyang, Jie Wang, Hefeng Xu, Shixiong Chen, Xuanrui Xiong, Amr Tolba and Xingguo Zhang
Sensors 2023, 23(10), 4868; https://doi.org/10.3390/s23104868 - 18 May 2023
Cited by 2 | Viewed by 2106
Abstract
In cross-border transactions, the transmission and processing of logistics information directly affect the trading experience and efficiency. The use of Internet of Things (IoT) technology can make this process more intelligent, efficient, and secure. However, most traditional IoT logistics systems are provided by [...] Read more.
In cross-border transactions, the transmission and processing of logistics information directly affect the trading experience and efficiency. The use of Internet of Things (IoT) technology can make this process more intelligent, efficient, and secure. However, most traditional IoT logistics systems are provided by a single logistics company. These independent systems need to withstand high computing loads and network bandwidth when processing large-scale data. Additionally, due to the complex network environment of cross-border transactions, the platform’s information security and system security are difficult to guarantee. To address these challenges, this paper designs and implements an intelligent cross-border logistics system platform that combines serverless architecture and microservice technology. This system can uniformly distribute the services of all logistics companies and divide microservices based on actual business needs. It also studies and designs corresponding Application Programming Interface (API) gateways to solve the interface exposure problem of microservices, thereby ensuring the system’s security. Furthermore, asymmetric encryption technology is used in the serverless architecture to ensure the security of cross-border logistics data. The experiments show that this research solution validates the advantages of combining serverless architecture and microservices, which can significantly reduce the operating costs and system complexity of the platform in cross-border logistics scenarios. It allows for resource expansion and billing based on application program requirements at runtime. The platform can effectively improve the security of cross-border logistics service processes and meet cross-border transaction needs in terms of data security, throughput, and latency. Full article
(This article belongs to the Special Issue Security in IoT Environments)
Show Figures

Figure 1

16 pages, 2410 KiB  
Article
SM2-Based Offline/Online Efficient Data Integrity Verification Scheme for Multiple Application Scenarios
by Xiuguang Li, Zhengge Yi, Ruifeng Li, Xu-An Wang, Hui Li and Xiaoyuan Yang
Sensors 2023, 23(9), 4307; https://doi.org/10.3390/s23094307 - 26 Apr 2023
Cited by 1 | Viewed by 1114
Abstract
With the rapid development of cloud storage and cloud computing technology, users tend to store data in the cloud for more convenient services. In order to ensure the integrity of cloud data, scholars have proposed cloud data integrity verification schemes to protect users’ [...] Read more.
With the rapid development of cloud storage and cloud computing technology, users tend to store data in the cloud for more convenient services. In order to ensure the integrity of cloud data, scholars have proposed cloud data integrity verification schemes to protect users’ data security. The storage environment of the Internet of Things, in terms of big data and medical big data, demonstrates a stronger demand for data integrity verification schemes, but at the same time, the comprehensive function of data integrity verification schemes is required to be higher. Existing data integrity verification schemes are mostly applied in the cloud storage environment but cannot successfully be applied to the environment of the Internet of Things in the context of big data storage and medical big data storage. To solve this problem when combined with the characteristics and requirements of Internet of Things data storage and medical data storage, we designed an SM2-based offline/online efficient data integrity verification scheme. The resulting scheme uses the SM4 block cryptography algorithm to protect the privacy of the data content and uses a dynamic hash table to realize the dynamic updating of data. Based on the SM2 signature algorithm, the scheme can also realize offline tag generation and batch audits, reducing the computational burden of users. In security proof and efficiency analysis, the scheme has proven to be safe and efficient and can be used in a variety of application scenarios. Full article
(This article belongs to the Special Issue Security in IoT Environments)
Show Figures

Figure 1

22 pages, 1450 KiB  
Article
Privacy-Preserving Indoor Trajectory Matching with IoT Devices
by Bingxian Lu, Di Wu, Zhenquan Qin and Lei Wang
Sensors 2023, 23(8), 4029; https://doi.org/10.3390/s23084029 - 16 Apr 2023
Viewed by 1372
Abstract
With the rapid development of the Internet of Things (IoT) technology, Wi-Fi signals have been widely used for trajectory signal acquisition. Indoor trajectory matching aims to achieve the monitoring of the encounters between people and trajectory analysis in indoor environments. Due to constraints [...] Read more.
With the rapid development of the Internet of Things (IoT) technology, Wi-Fi signals have been widely used for trajectory signal acquisition. Indoor trajectory matching aims to achieve the monitoring of the encounters between people and trajectory analysis in indoor environments. Due to constraints ofn the computation abilities IoT devices, the computation of indoor trajectory matching requires the assistance of a cloud platform, which brings up privacy concerns. Therefore, this paper proposes a trajectory-matching calculation method that supports ciphertext operations. Hash algorithms and homomorphic encryption are selected to ensure the security of different private data, and the actual trajectory similarity is determined based on correlation coefficients. However, due to obstacles and other interferences in indoor environments, the original data collected may be missing in certain stages. Therefore, this paper also complements the missing values on ciphertexts through mean, linear regression, and KNN algorithms. These algorithms can predict the missing parts of the ciphertext dataset, and the accuracy of the complemented dataset can reach over 97%. This paper provides original and complemented datasets for matching calculations, and demonstrates their high feasibility and effectiveness in practical applications from the perspective of calculation time and accuracy loss. Full article
(This article belongs to the Special Issue Security in IoT Environments)
Show Figures

Figure 1

17 pages, 3992 KiB  
Article
Applying Access Control Enabled Blockchain (ACE-BC) Framework to Manage Data Security in the CIS System
by Abdullah Alharbi
Sensors 2023, 23(6), 3020; https://doi.org/10.3390/s23063020 - 10 Mar 2023
Cited by 2 | Viewed by 2384
Abstract
Cybersecurity information sharing (CIS) is important in different business processes to secure data transmission, because it comprises Internet of Things (IoT) connectivity, workflow automation, collaboration, and communication. The shared information is influenced by intermediate users and alters the originality of the information. Although [...] Read more.
Cybersecurity information sharing (CIS) is important in different business processes to secure data transmission, because it comprises Internet of Things (IoT) connectivity, workflow automation, collaboration, and communication. The shared information is influenced by intermediate users and alters the originality of the information. Although risk factors such as confidentiality and privacy of the data are reduced when using a cyber defense system, existing techniques rely on a centralized system that may be damaged during an accident. In addition, private information sharing faces rights issues when accessing sensitive information. The research issues influence trust, privacy, and security in a third-party environment. Therefore, this work uses the Access Control Enabled Blockchain (ACE-BC) framework to enhance overall data security in CIS. The ACE-BC framework uses attribute encryption techniques to manage data security, while the access control mechanism limits unauthorized user access. The effective utilization of blockchain techniques ensures overall data privacy and security. The efficiency of the introduced framework was evaluated using experimental results, and the experimental outcome indicated that the recommended ACE-BC framework enhanced the data confidentiality ratio (98.9%), the throughput ratio (98.2%), the efficiency ratio (97.4%), and the latency rate (10.9%) when compared to other popular models. Full article
(This article belongs to the Special Issue Security in IoT Environments)
Show Figures

Figure 1

20 pages, 1697 KiB  
Article
A Financial Management Platform Based on the Integration of Blockchain and Supply Chain
by He Liu, Biao Yang, Xuanrui Xiong, Shuaiqi Zhu, Boyu Chen, Amr Tolba and Xingguo Zhang
Sensors 2023, 23(3), 1497; https://doi.org/10.3390/s23031497 - 29 Jan 2023
Cited by 6 | Viewed by 2589
Abstract
Internet of Things (IoT) finance extends financial services to the whole physical commodity society with the help of IoT technology to realize financial automation and intelligence. However, the security of IoT finance still needs to be improved. Blockchain has the characteristics of decentralization, [...] Read more.
Internet of Things (IoT) finance extends financial services to the whole physical commodity society with the help of IoT technology to realize financial automation and intelligence. However, the security of IoT finance still needs to be improved. Blockchain has the characteristics of decentralization, immutability, faster settlement, etc., and has been gradually applied to the field of IoT finance. Blockchain is also considered to be an effective way to resolve the problems of the traditional supply chain finance industry, such as the inability to transmit core enterprise credit, the failure of full-chain business information connections and the difficulty of clearing and settlement. Supply chain finance allows the strongest enterprise in the supply chain to apply for credit guarantee from the bank to obtain bank loans, and use the funds for circulation in the supply chain to ensure that each enterprise in the whole supply chain can obtain working capital to realize profits, so as to maximize common interests. In this paper, a financial management platform based on the integration of blockchain and supply chain has been designed and implemented. Blockchain is used to integrate supply chain finance to synchronize the bank account payment system, realize the automatic flow of funds, process supervision and automatically settle account periods based on smart contracts. The four functional modules of the system are designed using unified modeling language (UML), and the model view controller (MVC) architecture is selected as the main architecture of the system. The results of the system test show that the proposed platform can effectively improve the system security, and can use the information in the blockchain to provide multi-level financing services for enterprises in supply chain finance. Full article
(This article belongs to the Special Issue Security in IoT Environments)
Show Figures

Figure 1

26 pages, 1901 KiB  
Article
Blockchain-Driven Intelligent Scheme for IoT-Based Public Safety System beyond 5G Networks
by Tejal Rathod, Nilesh Kumar Jadav, Sudeep Tanwar, Ravi Sharma, Amr Tolba, Maria Simona Raboaca, Verdes Marina and Wael Said
Sensors 2023, 23(2), 969; https://doi.org/10.3390/s23020969 - 14 Jan 2023
Cited by 7 | Viewed by 2532
Abstract
Mobile applications have rapidly grown over the past few decades to offer futuristic applications, such as autonomous vehicles, smart farming, and smart city. Such applications require ubiquitous, real-time, and secure communications to deliver services quickly. Toward this aim, sixth-generation (6G) wireless technology offers [...] Read more.
Mobile applications have rapidly grown over the past few decades to offer futuristic applications, such as autonomous vehicles, smart farming, and smart city. Such applications require ubiquitous, real-time, and secure communications to deliver services quickly. Toward this aim, sixth-generation (6G) wireless technology offers superior performance with high reliability, enhanced transmission rate, and low latency. However, managing the resources of the aforementioned applications is highly complex in the precarious network. An adversary can perform various network-related attacks (i.e., data injection or modification) to jeopardize the regular operation of the smart applications. Therefore, incorporating blockchain technology in the smart application can be a prominent solution to tackle security, reliability, and data-sharing privacy concerns. Motivated by the same, we presented a case study on public safety applications that utilizes the essential characteristics of artificial intelligence (AI), blockchain, and a 6G network to handle data integrity attacks on the crime data. The case study is assessed using various performance parameters by considering blockchain scalability, packet drop ratio, and training accuracy. Lastly, we explored different research challenges of adopting blockchain in the 6G wireless network. Full article
(This article belongs to the Special Issue Security in IoT Environments)
Show Figures

Figure 1

20 pages, 3941 KiB  
Article
IoT Device Identification Using Directional Packet Length Sequences and 1D-CNN
by Xiangyu Liu, Yi Han and Yanhui Du
Sensors 2022, 22(21), 8337; https://doi.org/10.3390/s22218337 - 30 Oct 2022
Cited by 5 | Viewed by 2260
Abstract
With the large-scale application of the Internet of Things (IoT), security issues have become increasingly prominent. Device identification is an effective way to secure IoT environment by quickly identifying the category or model of devices in the network. Currently, the passive fingerprinting method [...] Read more.
With the large-scale application of the Internet of Things (IoT), security issues have become increasingly prominent. Device identification is an effective way to secure IoT environment by quickly identifying the category or model of devices in the network. Currently, the passive fingerprinting method used for IoT device identification based on network traffic flow mostly focuses on protocol features in packet headers but does not consider the direction and length of packet sequences. This paper proposes a device identification method for the IoT based on directional packet length sequences in network flows and a deep convolutional neural network. Each value in a packet length sequence represents the size and transmission direction of the corresponding packet. This method constructs device fingerprints from packet length sequences and uses convolutional layers to extract deep features from the device fingerprints. Experimental results show that this method can effectively recognize device identity with accuracy, recall, precision, and f1-score over 99%. Compared with methods using traditional machine learning and feature extraction techniques, our feature representation is more intuitive, and the classification model is effective. Full article
(This article belongs to the Special Issue Security in IoT Environments)
Show Figures

Figure 1

15 pages, 543 KiB  
Article
A Fusion Model Based on Dynamic Web Browsing Behavior Analysis for IoT Insider Threat Detection
by Jiarong Wang, Junyi Liu, Tian Yan, Mingshan Xia, Jianshu Hong and Caiqiu Zhou
Sensors 2022, 22(17), 6471; https://doi.org/10.3390/s22176471 - 28 Aug 2022
Viewed by 1158
Abstract
With the wide application of Internet of things (IoT) devices in enterprises, the traditional boundary defense mechanisms are difficult to satisfy the demands of the insider threats detection. IoT insider threat detection can be more challenging, since internal employees are born with the [...] Read more.
With the wide application of Internet of things (IoT) devices in enterprises, the traditional boundary defense mechanisms are difficult to satisfy the demands of the insider threats detection. IoT insider threat detection can be more challenging, since internal employees are born with the ability to escape the deployed information security mechanism, such as firewalls and endpoint protection. In order to detect internal attacks more accurately, we can analyze users’ web browsing behaviors to identify abnormal users. The existing web browsing behavior anomaly detection methods ignore the dynamic change of the web browsing behavior of the target user and the behavior consistency of the target user in its peer group, which results in a complex modeling process, low system efficiency and low detection accuracy. Therefore, the paper respectively proposes the individual user behavior model and the peer-group behavior model to characterize the abnormal dynamic change of user browsing behavior and compare the mutual behavioral inconsistency among one peer-group. Furthermore, the fusion model is presented for insider threat detection which simultaneously considers individual behavioral abnormal dynamic changes and mutual behavioral dynamic inconsistency from peers. The experimental results show that the proposed fusion model can accurately detect insider threat based on the abnormal user web browsing behaviors in the enterprise networks. Full article
(This article belongs to the Special Issue Security in IoT Environments)
Show Figures

Figure 1

Back to TopTop