sensors-logo

Journal Browser

Journal Browser

Security and Privacy Techniques in IoT Environment

A special issue of Sensors (ISSN 1424-8220). This special issue belongs to the section "Internet of Things".

Deadline for manuscript submissions: closed (30 April 2020) | Viewed by 71083

Special Issue Editors


E-Mail Website
Guest Editor
Department of Computer Science, Electrical Engineering and Mathematical Sciences, Western Norway University of Applied Sciences, Bergen, Norway
Interests: AI and machine learning; data analytics; optimization; soft computing
Special Issues, Collections and Topics in MDPI journals

Special Issue Information

Dear Colleagues,

Due to rapid technical advancements, many devices in the Internet of Things (IoT) environment, such as embedded systems, mobile devices, actuators and sensors (all of which can be referred to as smart things) can receive huge amounts of information through data exchanging and interconnection. In this context, it is important to preserve individual privacy and secure the shared data. Thus, privacy and security has attracted a great deal of attention and research issues in recent decades. Hundreds of security solutions have recently been discussed for the IoT environment. Since many criteria and parameters must be considered with regard to privacy and security issues, it is critical to discuss and develop new methodologies and techniques by adopting evolutionary computations. The objective of this Special Issue on “Security and Privacy Techniques in IoT Environments” is to compile recent research efforts dedicated to studying and developing security and privacy issues related to IoT devices and the IoT environment. The Special Issue solicits high quality and unpublished work on recent advances in new methodologies for security and privacy solutions, and theories and technologies proposed to defend IOT-oriented applications against adversarial or malicious attacks.

Dr. Jerry Chun-Wei Lin
Prof. Kuo-Hui Yeh
Guest Editors

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Sensors is an international peer-reviewed open access semimonthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 2600 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • IoT
  • privacy and security
  • data sharing
  • preservation

Published Papers (16 papers)

Order results
Result details
Select all
Export citation of selected articles as:

Editorial

Jump to: Research, Review

5 pages, 156 KiB  
Editorial
Security and Privacy Techniques in IoT Environment
by Jerry Chun-Wei Lin and Kuo-Hui Yeh
Sensors 2021, 21(1), 1; https://doi.org/10.3390/s21010001 - 22 Dec 2020
Cited by 18 | Viewed by 3537
Abstract
Due to rapid technical advancements, many devices in the Internet of Things (IoT) environment, such as embedded systems, mobile devices, actuators, and sensors (all of which can be referred to as smart things), can receive huge amounts of information through data exchanging and [...] Read more.
Due to rapid technical advancements, many devices in the Internet of Things (IoT) environment, such as embedded systems, mobile devices, actuators, and sensors (all of which can be referred to as smart things), can receive huge amounts of information through data exchanging and interconnection [...] Full article
(This article belongs to the Special Issue Security and Privacy Techniques in IoT Environment)

Research

Jump to: Editorial, Review

26 pages, 740 KiB  
Article
Towards a Safer Internet of Things—A Survey of IoT Vulnerability Data Sources
by Marcin Rytel, Anna Felkner and Marek Janiszewski
Sensors 2020, 20(21), 5969; https://doi.org/10.3390/s20215969 - 22 Oct 2020
Cited by 19 | Viewed by 4041
Abstract
The security of the Internet of Things (IoT) is an important yet often overlooked subject. Specifically, the publicly available information sources about vulnerabilities affecting the connected devices are unsatisfactory. Our research shows that, while the information is available on the Internet, there is [...] Read more.
The security of the Internet of Things (IoT) is an important yet often overlooked subject. Specifically, the publicly available information sources about vulnerabilities affecting the connected devices are unsatisfactory. Our research shows that, while the information is available on the Internet, there is no single service offering data focused on the IoT in existence. The national vulnerability databases contain some IoT related entries, but they lack mechanisms to distinguish them from the remaining vulnerabilities. Moreover, information about many vulnerabilities affecting the IoT world never reaches these databases but can still be found scattered over the Internet. This review summarizes our effort at identifying and evaluating publicly available sources of information about vulnerabilities, focusing on their usefulness in the scope of IoT. The results of our search show that there is not yet a single satisfactory source covering vulnerabilities affecting IoT devices and software available. Full article
(This article belongs to the Special Issue Security and Privacy Techniques in IoT Environment)
Show Figures

Figure 1

21 pages, 2218 KiB  
Article
Physical Unclonable Function and Hashing Are All You Need to Mutually Authenticate IoT Devices
by Ahmed Mostafa, Suk Jin Lee and Yesem Kurt Peker
Sensors 2020, 20(16), 4361; https://doi.org/10.3390/s20164361 - 5 Aug 2020
Cited by 21 | Viewed by 3033
Abstract
Internet of Things (IoT) has become the driving force in modern day technology with an increasing and rapid urge to create an intelligent, efficient, and connected world. IoT is used in manufacturing, agriculture, transportation, education, healthcare and many other business environments as well [...] Read more.
Internet of Things (IoT) has become the driving force in modern day technology with an increasing and rapid urge to create an intelligent, efficient, and connected world. IoT is used in manufacturing, agriculture, transportation, education, healthcare and many other business environments as well as home automation. Authentication for IoT devices is essential because many of these devices establish communication with servers through public networks. A rigorous lightweight device authentication scheme is needed to secure its physical hardware from cloning or side-channel attacks and accommodate the limited storage and computational power of IoT devices in an efficient manner. In this paper, we introduce a lightweight mutual two-factor authentication mechanism where an IoT device and the server authenticate each other. The proposed mechanism exploits Physical Unclonable Functions (PUFs) and a hashing algorithm with the purpose of achieving a secure authentication and session key agreement between the IoT device and the server. We conduct a type of formal analysis to validate the protocol’s security. We also validate that the proposed authentication mechanism is secure against different types of attack scenarios and highly efficient in terms of memory storage, server capacity, and energy consumption with its low complexity cost and low communication overhead. In this sense, the proposed authentication mechanism is very appealing and suitable for resource-constrained and security-critical environments. Full article
(This article belongs to the Special Issue Security and Privacy Techniques in IoT Environment)
Show Figures

Figure 1

18 pages, 1500 KiB  
Article
A Novel Location Privacy-Preserving Approach Based on Blockchain
by Ying Qiu, Yi Liu, Xuan Li and Jiahui Chen
Sensors 2020, 20(12), 3519; https://doi.org/10.3390/s20123519 - 21 Jun 2020
Cited by 34 | Viewed by 7238
Abstract
Location-based services (LBS) bring convenience to people’s lives but are also accompanied with privacy leakages. To protect the privacy of LBS users, many location privacy protection algorithms were proposed. However, these algorithms often have difficulty to maintain a balance between service quality and [...] Read more.
Location-based services (LBS) bring convenience to people’s lives but are also accompanied with privacy leakages. To protect the privacy of LBS users, many location privacy protection algorithms were proposed. However, these algorithms often have difficulty to maintain a balance between service quality and user privacy. In this paper, we first overview the shortcomings of the existing two privacy protection architectures and privacy protection technologies, then we propose a location privacy protection method based on blockchain. Our method satisfies the principle of k-anonymity privacy protection and does not need the help of trusted third-party anonymizing servers. The combination of multiple private blockchains can disperse the user’s transaction records, which can provide users with stronger location privacy protection and will not reduce the quality of service. We also propose a reward mechanism to encourage user participation. Finally, we implement our approach in the Remix blockchain to show the efficiency, which further indicates the potential application prospect for the distributed network environment. Full article
(This article belongs to the Special Issue Security and Privacy Techniques in IoT Environment)
Show Figures

Figure 1

26 pages, 613 KiB  
Article
Combinatorial Subset Difference—IoT-Friendly Subset Representation and Broadcast Encryption
by Jiwon Lee, Seunghwa Lee, Jihye Kim and Hyunok Oh
Sensors 2020, 20(11), 3140; https://doi.org/10.3390/s20113140 - 2 Jun 2020
Cited by 5 | Viewed by 2662
Abstract
In the Internet of Things (IoT) systems, it is often required to deliver a secure message to a group of devices. The public key broadcast encryption is an efficient primitive to handle IoT broadcasts, by allowing a user (or a device) to broadcast [...] Read more.
In the Internet of Things (IoT) systems, it is often required to deliver a secure message to a group of devices. The public key broadcast encryption is an efficient primitive to handle IoT broadcasts, by allowing a user (or a device) to broadcast encrypted messages to a group of legitimate devices. This paper proposes an IoT-friendly subset representation called Combinatorial Subset Difference (CSD), which generalizes the existing subset difference (SD) method by allowing wildcards (*) in any position of the bitstring. Based on the CSD representation, we first propose an algorithm to construct the CSD subset, and a CSD-based public key broadcast encryption scheme. By providing the most general subset representation, the proposed CSD-based construction achieves a minimal header size among the existing broadcast encryption. The experimental result shows that our CSD saves the header size by 17% on average and more than 1000 times when assuming a specific IoT example of IP address with 20 wildcards and 2 20 total users, compared to the SD-based broadcast encryption. We prove the semantic security of CSD-based broadcast encryption under the standard l-BDHE assumption, and extend the construction to a chosen-ciphertext-attack (CCA)-secure version. Full article
(This article belongs to the Special Issue Security and Privacy Techniques in IoT Environment)
Show Figures

Figure 1

24 pages, 763 KiB  
Article
Realizing Efficient Security and Privacy in IoT Networks
by Joseph Henry Anajemba, Yue Tang, Celestine Iwendi, Akpesiri Ohwoekevwo, Gautam Srivastava and Ohyun Jo
Sensors 2020, 20(9), 2609; https://doi.org/10.3390/s20092609 - 3 May 2020
Cited by 38 | Viewed by 4054
Abstract
In recent times, security and privacy at the physical (PHY) layer has been a major issue of several communication technologies which comprise the internet of things (IoT) and mostly, the emerging fifth-generation (5G) cellular network. The most real-world PHY security challenge stems from [...] Read more.
In recent times, security and privacy at the physical (PHY) layer has been a major issue of several communication technologies which comprise the internet of things (IoT) and mostly, the emerging fifth-generation (5G) cellular network. The most real-world PHY security challenge stems from the fact that the passive eavesdropper’s information is unavailable to the genuine source and destination (transmitter/receiver) nodes in the network. Without this information, it is difficult to optimize the broadcasting parameters. Therefore, in this research, we propose an efficient sequential convex estimation optimization (SCEO) algorithm to mitigate this challenge and improve the security of physical layer (PHY) in a three-node wireless communication network. The results of our experiments indicate that by using the SCEO algorithm, an optimal performance and enhanced convergence is achieved in the transmission. However, considering possible security challenges envisaged when a multiple eavesdropper is active in a network, we expanded our research to develop a swift privacy rate optimization algorithm for a multiple-input, multiple-output, multiple-eavesdropper (MIMOME) scenario as it is applicable to security in IoT and 5G technologies. The result of the investigation show that the algorithm executes significantly with minimal complexity when compared with nonoptimal parameters. We further employed the use of rate constraint together with self-interference of the full-duplex transmission at the receiving node, which makes the performance of our technique outstanding when compared with previous studies. Full article
(This article belongs to the Special Issue Security and Privacy Techniques in IoT Environment)
Show Figures

Figure 1

14 pages, 380 KiB  
Article
Obfuscation of Malicious Behaviors for Thwarting Masquerade Detection Systems Based on Locality Features
by Jorge Maestre Vidal and Marco Antonio Sotelo Monge
Sensors 2020, 20(7), 2084; https://doi.org/10.3390/s20072084 - 7 Apr 2020
Cited by 15 | Viewed by 2797
Abstract
In recent years, dynamic user verification has become one of the basic pillars for insider threat detection. From these threats, the research presented in this paper focuses on masquerader attacks, a category of insiders characterized by being intentionally conducted by persons outside the [...] Read more.
In recent years, dynamic user verification has become one of the basic pillars for insider threat detection. From these threats, the research presented in this paper focuses on masquerader attacks, a category of insiders characterized by being intentionally conducted by persons outside the organization that somehow were able to impersonate legitimate users. Consequently, it is assumed that masqueraders are unaware of the protected environment within the targeted organization, so it is expected that they move in a more erratic manner than legitimate users along the compromised systems. This feature makes them susceptible to being discovered by dynamic user verification methods based on user profiling and anomaly-based intrusion detection. However, these approaches are susceptible to evasion through the imitation of the normal legitimate usage of the protected system (mimicry), which is being widely exploited by intruders. In order to contribute to their understanding, as well as anticipating their evolution, the conducted research focuses on the study of mimicry from the standpoint of an uncharted terrain: the masquerade detection based on analyzing locality traits. With this purpose, the problem is widely stated, and a pair of novel obfuscation methods are introduced: locality-based mimicry by action pruning and locality-based mimicry by noise generation. Their modus operandi, effectiveness, and impact are evaluated by a collection of well-known classifiers typically implemented for masquerade detection. The simplicity and effectiveness demonstrated suggest that they entail attack vectors that should be taken into consideration for the proper hardening of real organizations. Full article
(This article belongs to the Special Issue Security and Privacy Techniques in IoT Environment)
Show Figures

Figure 1

24 pages, 3281 KiB  
Article
An Efficient Key Management Technique for the Internet of Things
by Tamanna Tabassum, SK Alamgir Hossain, Md. Anisur Rahman, Mohammed F. Alhamid and M. Anwar Hossain
Sensors 2020, 20(7), 2049; https://doi.org/10.3390/s20072049 - 6 Apr 2020
Cited by 5 | Viewed by 4122
Abstract
The Internet of Things (IoT) has changed our lives drastically. Customers, regulatory bodies, and industrial partners are driving us to use IoT. Although IoT provides new opportunities, security remains a key concern while providing various services. It is especially challenging how the data [...] Read more.
The Internet of Things (IoT) has changed our lives drastically. Customers, regulatory bodies, and industrial partners are driving us to use IoT. Although IoT provides new opportunities, security remains a key concern while providing various services. It is especially challenging how the data generated from IoT devices can be protected from potential security attacks and how to safeguard the exchange of these data while transiting through different nodes and gateways. In this research, we aim to ensure a safe IoT environment by proposing an efficient key management technique that uses a combination of symmetric and asymmetric cryptosystem to obtain the speed of the former as well as the security benefits of the latter. Our proposal considers a set of Smart Objects (SO) capable of key registration, generation and distribution for IoT data transmission. We used the open-source Message Queuing Telemetry Transport (MQTT) protocol to facilitate communications between the source and the destination nodes. The suitability of the proposed approach is measured experimentally and the results are comparable to existing works with respect to key conversion time, algorithm execution time, number of reuse connections, and bandwidth utilization. Full article
(This article belongs to the Special Issue Security and Privacy Techniques in IoT Environment)
Show Figures

Figure 1

17 pages, 5080 KiB  
Article
Efficient Algorithm for Mining Non-Redundant High-Utility Association Rules
by Thang Mai, Loan T.T. Nguyen, Bay Vo, Unil Yun and Tzung-Pei Hong
Sensors 2020, 20(4), 1078; https://doi.org/10.3390/s20041078 - 17 Feb 2020
Cited by 27 | Viewed by 3427
Abstract
In business, managers may use the association information among products to define promotion and competitive strategies. The mining of high-utility association rules (HARs) from high-utility itemsets enables users to select their own weights for rules, based either on the utility or confidence values. [...] Read more.
In business, managers may use the association information among products to define promotion and competitive strategies. The mining of high-utility association rules (HARs) from high-utility itemsets enables users to select their own weights for rules, based either on the utility or confidence values. This approach also provides more information, which can help managers to make better decisions. Some efficient methods for mining HARs have been developed in recent years. However, in some decision-support systems, users only need to mine a smallest set of HARs for efficient use. Therefore, this paper proposes a method for the efficient mining of non-redundant high-utility association rules (NR-HARs). We first build a semi-lattice of mined high-utility itemsets, and then identify closed and generator itemsets within this. Following this, an efficient algorithm is developed for generating rules from the built lattice. This new approach was verified on different types of datasets to demonstrate that it has a faster runtime and does not require more memory than existing methods. The proposed algorithm can be integrated with a variety of applications and would combine well with external systems, such as the Internet of Things (IoT) and distributed computer systems. Many companies have been applying IoT and such computing systems into their business activities, monitoring data or decision-making. The data can be sent into the system continuously through the IoT or any other information system. Selecting an appropriate and fast approach helps management to visualize customer needs as well as make more timely decisions on business strategy. Full article
(This article belongs to the Special Issue Security and Privacy Techniques in IoT Environment)
Show Figures

Figure 1

14 pages, 466 KiB  
Article
Integrated Management of Network Address Translation, Mobility and Security on the Blockchain Control Plane
by Younchan Jung and Ronnel Agulto
Sensors 2020, 20(1), 69; https://doi.org/10.3390/s20010069 - 21 Dec 2019
Cited by 4 | Viewed by 3162
Abstract
Currently, the dual use of IPv4 and IPv6 is becoming a problem. In particular, Network Address Translation (NAT) is an important issue to be solved because of traversal problems in end-to-end applications for lots of mobile IoT devices connected to different private networks. [...] Read more.
Currently, the dual use of IPv4 and IPv6 is becoming a problem. In particular, Network Address Translation (NAT) is an important issue to be solved because of traversal problems in end-to-end applications for lots of mobile IoT devices connected to different private networks. The vertical model is typically used to solve NAT, mobility and security issues for them. However, the existing vertical model has limitations because it handles NAT, mobility and security management one by one. This paper proposes a Blockchain-based Integrated Network Function Management (BINFM) scheme where the NAT, mobility, and security management are handled at once. The proposed scheme is advantageous in that by using blockchain and the Query/Reply mechanism, each peer can easily obtain the necessary parameters required to handle the NAT, mobility, and security management in a batch. In addition, this paper explains how our proposed scheme guarantees secure end-to-end data transfers with the use of one time session key. Finally, it is proved that the proposed scheme improves performance on latency from the viewpoints of mobility and security compared to the existing vertical model. Full article
(This article belongs to the Special Issue Security and Privacy Techniques in IoT Environment)
Show Figures

Figure 1

14 pages, 2034 KiB  
Article
Intrusion Detection of UAVs Based on the Deep Belief Network Optimized by PSO
by Xiaopeng Tan, Shaojing Su, Zhen Zuo, Xiaojun Guo and Xiaoyong Sun
Sensors 2019, 19(24), 5529; https://doi.org/10.3390/s19245529 - 14 Dec 2019
Cited by 39 | Viewed by 3839
Abstract
With the rapid development of information technology, the problem of the network security of unmanned aerial vehicles (UAVs) has become increasingly prominent. In order to solve the intrusion detection problem of massive, high-dimensional, and nonlinear data, this paper proposes an intrusion detection method [...] Read more.
With the rapid development of information technology, the problem of the network security of unmanned aerial vehicles (UAVs) has become increasingly prominent. In order to solve the intrusion detection problem of massive, high-dimensional, and nonlinear data, this paper proposes an intrusion detection method based on the deep belief network (DBN) optimized by particle swarm optimization (PSO). First, a classification model based on the DBN is constructed, and the PSO algorithm is then used to optimize the number of hidden layer nodes of the DBN, to obtain the optimal DBN structure. The simulations are conducted on a benchmark intrusion dataset, and the results show that the accuracy of the DBN-PSO algorithm reaches 92.44%, which is higher than those of the support vector machine (SVM), artificial neural network (ANN), deep neural network (DNN), and Adaboost. It can be seen from comparative experiments that the optimization effect of PSO is better than those of the genetic algorithm, simulated annealing algorithm, and Bayesian optimization algorithm. The method of PSO-DBN provides an effective solution to the problem of intrusion detection of UAV networks. Full article
(This article belongs to the Special Issue Security and Privacy Techniques in IoT Environment)
Show Figures

Figure 1

27 pages, 1204 KiB  
Article
Privacy-Preserving Broker-ABE Scheme for Multiple Cloud-Assisted Cyber Physical Systems
by Po-Wen Chi and Ming-Hung Wang
Sensors 2019, 19(24), 5463; https://doi.org/10.3390/s19245463 - 11 Dec 2019
Cited by 3 | Viewed by 2886
Abstract
Cloud-assisted cyber–physical systems (CCPSs) integrate the physical space with cloud computing. To do so, sensors on the field collect real-life data and forward it to clouds for further data analysis and decision-making. Since multiple services may be accessed at the same time, sensor [...] Read more.
Cloud-assisted cyber–physical systems (CCPSs) integrate the physical space with cloud computing. To do so, sensors on the field collect real-life data and forward it to clouds for further data analysis and decision-making. Since multiple services may be accessed at the same time, sensor data should be forwarded to different cloud service providers (CSPs). In this scenario, attribute-based encryption (ABE) is an appropriate technique for securing data communication between sensors and clouds. Each cloud has its own attributes and a broker can determine which cloud is authorized to access data by the requirements set at the time of encryption. In this paper, we propose a privacy-preserving broker-ABE scheme for multiple CCPSs (MCCPS). The ABE separates the policy embedding job from the ABE task. To ease the computational burden of the sensors, this scheme leaves the policy embedding task to the broker, which is generally more powerful than the sensors. Moreover, the proposed scheme provides a way for CSPs to protect data privacy from outside coercion. Full article
(This article belongs to the Special Issue Security and Privacy Techniques in IoT Environment)
Show Figures

Figure 1

15 pages, 252 KiB  
Article
Cryptanalysis and Improvement of a Privacy-Preserving Three-Factor Authentication Protocol for Wireless Sensor Networks
by Km Renuka, Sachin Kumar, Saru Kumari and Chien-Ming Chen
Sensors 2019, 19(21), 4625; https://doi.org/10.3390/s19214625 - 24 Oct 2019
Cited by 31 | Viewed by 2965
Abstract
Wireless sensor networks (WSNs) are of prominent use in unmanned surveillance applications. This peculiar trait of WSNs is actually the underlying technology of various applications of the Internet of Things (IoT) such as smart homes, smart cities, smart shopping complexes, smart traffic, smart [...] Read more.
Wireless sensor networks (WSNs) are of prominent use in unmanned surveillance applications. This peculiar trait of WSNs is actually the underlying technology of various applications of the Internet of Things (IoT) such as smart homes, smart cities, smart shopping complexes, smart traffic, smart health, and much more. Over time, WSNs have evolved as a strong base for laying the foundations of IoT infrastructure. In order to address the scenario in which a user wants to access the real-time data directly from the sensor node in wireless sensor networks (WSNs), Das recently proposed an anonymity-preserving three-factor authentication protocol. Das’s protocol is suitable for resource-constrained sensor nodes because it only uses lightweight cryptographic primitives such as hash functions and symmetric encryption schemes as building blocks. Das’s protocol is claimed to be secure against different known attacks by providing formal security proof and security verification using the Automated Validation of Internet Security Protocols and Applications tool. However, we find that Das’s protocol has the following security loopholes: (1) By using a captured sensor node, an adversary can impersonate a legal user to the gateway node, impersonate other sensor nodes to deceive the user, and the adversary can also decrypt all the cipher-texts of the user; (2) the gateway node has a heavy computational cost due to user anonymity and thus the protocol is vulnerable to denial of service (DoS) attacks. We overcome the shortcomings of Das’s protocol and propose an improved protocol. We also prove the security of the proposed protocol in the random oracle model. Compared with the other related protocols, the improved protocol enjoys better functionality without much enhancement in the computation and communication costs. Consequently, it is more suitable for applications in WSNs Full article
(This article belongs to the Special Issue Security and Privacy Techniques in IoT Environment)
21 pages, 528 KiB  
Article
CATSWoTS: Context Aware Trustworthy Social Web of Things System
by Sabeen Javaid, Hammad Afzal, Fahim Arif, Naima Iltaf, Haider Abbas and Waseem Iqbal
Sensors 2019, 19(14), 3076; https://doi.org/10.3390/s19143076 - 12 Jul 2019
Cited by 14 | Viewed by 3365
Abstract
The inevitable revolution of the Internet of Things (IoT) and its benefits can be witnessed everywhere. Two major issues related to IoT are the interoperability and the identification of trustworthy things. The proposed Context-Aware Trustworthy Social Web of Things System (CATSWoTS) addresses the [...] Read more.
The inevitable revolution of the Internet of Things (IoT) and its benefits can be witnessed everywhere. Two major issues related to IoT are the interoperability and the identification of trustworthy things. The proposed Context-Aware Trustworthy Social Web of Things System (CATSWoTS) addresses the interoperability issue by incorporating web technologies including Service Oriented Architecture where each thing plays the role of a service provider as well as a role of service consumer. The aspect of social web helps in getting recommendations from social relations. It was identified that the context dependency of trust along with Quality of Service (QoS) criteria, for identifying and recommending trustworthy Web of Things (WoT), require more attention. For this purpose, the parameters of context awareness and the constraints of QoS are considered. The research focuses on the idea of a user-centric system where the profiles of each thing (level of trustworthiness) are being maintained at a centralized level and at a distributed level as well. The CATSWoTS evaluates service providers based on the mentioned parameters and the constraints and then identifies a suitable service provider. For this, a rule-based collaborative filtering approach is used. The efficacy of CATSWoTS is evaluated with a specifically designed environment using a real QoS data set. The results showed that the proposed novel technique fills the gap present in the state of the art. It performed well by dynamically identifying and recommending trustworthy services as per the requirements of a service seeker. Full article
(This article belongs to the Special Issue Security and Privacy Techniques in IoT Environment)
Show Figures

Figure 1

20 pages, 2603 KiB  
Article
Improving the Classification Effectiveness of Intrusion Detection by Using Improved Conditional Variational AutoEncoder and Deep Neural Network
by Yanqing Yang, Kangfeng Zheng, Chunhua Wu and Yixian Yang
Sensors 2019, 19(11), 2528; https://doi.org/10.3390/s19112528 - 2 Jun 2019
Cited by 187 | Viewed by 10356
Abstract
Intrusion detection systems play an important role in preventing security threats and protecting networks from attacks. However, with the emergence of unknown attacks and imbalanced samples, traditional machine learning methods suffer from lower detection rates and higher false positive rates. We propose a [...] Read more.
Intrusion detection systems play an important role in preventing security threats and protecting networks from attacks. However, with the emergence of unknown attacks and imbalanced samples, traditional machine learning methods suffer from lower detection rates and higher false positive rates. We propose a novel intrusion detection model that combines an improved conditional variational AutoEncoder (ICVAE) with a deep neural network (DNN), namely ICVAE-DNN. ICVAE is used to learn and explore potential sparse representations between network data features and classes. The trained ICVAE decoder generates new attack samples according to the specified intrusion categories to balance the training data and increase the diversity of training samples, thereby improving the detection rate of the imbalanced attacks. The trained ICVAE encoder is not only used to automatically reduce data dimension, but also to initialize the weight of DNN hidden layers, so that DNN can easily achieve global optimization through back propagation and fine tuning. The NSL-KDD and UNSW-NB15 datasets are used to evaluate the performance of the ICVAE-DNN. The ICVAE-DNN is superior to the three well-known oversampling methods in data augmentation. Moreover, the ICVAE-DNN outperforms six well-known models in detection performance, and is more effective in detecting minority attacks and unknown attacks. In addition, the ICVAE-DNN also shows better overall accuracy, detection rate and false positive rate than the nine state-of-the-art intrusion detection methods. Full article
(This article belongs to the Special Issue Security and Privacy Techniques in IoT Environment)
Show Figures

Figure 1

Review

Jump to: Editorial, Research

28 pages, 582 KiB  
Review
A Taxonomy of DDoS Attack Mitigation Approaches Featured by SDN Technologies in IoT Scenarios
by Felipe S. Dantas Silva, Esau Silva, Emidio P. Neto, Marcilio Lemos, Augusto J. Venancio Neto and Flavio Esposito
Sensors 2020, 20(11), 3078; https://doi.org/10.3390/s20113078 - 29 May 2020
Cited by 68 | Viewed by 7304
Abstract
The Internet of Things (IoT) has attracted much attention from the Information and Communication Technology (ICT) community in recent years. One of the main reasons for this is the availability of techniques provided by this paradigm, such as environmental monitoring employing user data [...] Read more.
The Internet of Things (IoT) has attracted much attention from the Information and Communication Technology (ICT) community in recent years. One of the main reasons for this is the availability of techniques provided by this paradigm, such as environmental monitoring employing user data and everyday objects. The facilities provided by the IoT infrastructure allow the development of a wide range of new business models and applications (e.g., smart homes, smart cities, or e-health). However, there are still concerns over the security measures which need to be addressed to ensure a suitable deployment. Distributed Denial of Service (DDoS) attacks are among the most severe virtual threats at present and occur prominently in this scenario, which can be mainly owed to their ease of execution. In light of this, several research studies have been conducted to find new strategies as well as improve existing techniques and solutions. The use of emerging technologies such as those based on the Software-Defined Networking (SDN) paradigm has proved to be a promising alternative as a means of mitigating DDoS attacks. However, the high granularity that characterizes the IoT scenarios and the wide range of techniques explored during the DDoS attacks make the task of finding and implementing new solutions quite challenging. This problem is exacerbated by the lack of benchmarks that can assist developers when designing new solutions for mitigating DDoS attacks for increasingly complex IoT scenarios. To fill this knowledge gap, in this study we carry out an in-depth investigation of the state-of-the-art and create a taxonomy that describes and characterizes existing solutions and highlights their main limitations. Our taxonomy provides a comprehensive view of the reasons for the deployment of the solutions, and the scenario in which they operate. The results of this study demonstrate the main benefits and drawbacks of each solution set when applied to specific scenarios by examining current trends and future perspectives, for example, the adoption of emerging technologies based on Cloud and Edge (or Fog) Computing. Full article
(This article belongs to the Special Issue Security and Privacy Techniques in IoT Environment)
Show Figures

Figure 1

Back to TopTop