sensors-logo

Journal Browser

Journal Browser

Security in IoT Enabled Sensors

A special issue of Sensors (ISSN 1424-8220). This special issue belongs to the section "Internet of Things".

Deadline for manuscript submissions: closed (31 August 2018) | Viewed by 73888

Special Issue Editors


E-Mail Website
Guest Editor
Department of Computing, Macquarie University, Sydney, NSW 2109, Australia
Interests: wireless and mobile networks security; sensor networks security; QoS and energy-aware routing; cognitive radio networks; security in mobile ad hoc networks; denial of service attacks in Internet of Things; trust management in ad hoc/sensor networks; key management in ad hoc/sensor networks
Special Issues, Collections and Topics in MDPI journals

E-Mail Website
Guest Editor
School of Engineering, Macquarie University, Sydney, NSW 2109, Australia
Interests: sensors and sensing technology; instrumentation; wireless sensor networks; Internet of Things; mechatronics and robotics
Special Issues, Collections and Topics in MDPI journals

Special Issue Information

Dear Colleagues,

Internet of Things (IoT)-enabled sensors have experienced explosive growth during the last few years. Through the use of sensors, IOT deployment makes it possible for large-scale and vast physical infrastructure consisting of homes, vehicles, grid systems, and other varied devices to be tightly integrated with information and communication technologies. A network of embedded systems can transmit information and receive instructions via distributed sensor networks. The sensors play a vital role in collecting a wide variety of information pertaining to, for instance, vehicles, environment, stress, and pressure levels in mechanical devices and surveillance of critical infrastructure.

Security becomes a major concern in IoT-enabled sensor networks, not only due to the underlying limitations of sensor nodes such as limited energy, weak processing capability, and limited memory, but also due to their physical exposure to malicious entities. Furthermore, IoT-enabled ad hoc wireless sensor networks may consist of some sensor-based mobile nodes that can provide as well as relay data. Such networks are prone to frequent topological changes, with the topology being multi-hop in nature. This dynamic feature further aggravates the security challenges that need to be urgently addressed.

This Special Issue aims to publish original, significant, and visionary papers addressing security challenges in IoT-enabled sensor-based networks describing specific methods and technologies to safeguard such networks from novel attacks. This special issue will provide a broad platform to showcase novel research on all aspects of security in IoT-enabled sensor networks and tradeoff between security and performance. Submissions of scientific results from experts in academia and industry worldwide are strongly encouraged.

This Special Issue is envisioned to present the recent outcomes of the high-quality research steered by the researchers in the domain of security and privacy. Authors are invited to submit original papers in the following areas (but not limited to):

  1. Security in the Internet of Things
  2. Sensor network security
  3. Secure sensors and actuators for homes, buildings, and infrastructures
  4. Anomaly detection
  5. Authentication, auditing, and accountability in IoT-enabled sensors
  6. Access control mechanisms in IOT-enabled sensor networks
  7. Security model for IOT-based sensor networks
  8. Security architecture for IoT-based sensor networks
  9. Key management IoT-based sensor networks
  • Lightweight and energy-aware privacy-enhancing cryptographic techniques and algorithms
  • Prevention of DoS and DDoS attacks in IoT-enabled sensor networks
  •  Practical deployment and case studies
Dr. Rajan Shankaran
Prof. Dr. Subhas Chandra Mukhopadhyay
Guest Editors

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Sensors is an international peer-reviewed open access semimonthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 2600 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • Wireless sensor networks
  • Internet of Things
  • Security and privacy
  • Secure and resilient sensors

Published Papers (8 papers)

Order results
Result details
Select all
Export citation of selected articles as:

Research

20 pages, 3304 KiB  
Article
An Ontology-Based Cybersecurity Framework for the Internet of Things
by Bruno Augusti Mozzaquatro, Carlos Agostinho, Diogo Goncalves, João Martins and Ricardo Jardim-Goncalves
Sensors 2018, 18(9), 3053; https://doi.org/10.3390/s18093053 - 12 Sep 2018
Cited by 81 | Viewed by 8908
Abstract
The use of sensors and actuators as a form of controlling cyber-physical systems in resource networks has been integrated and referred to as the Internet of Things (IoT). However, the connectivity of many stand-alone IoT systems through the Internet introduces numerous cybersecurity challenges [...] Read more.
The use of sensors and actuators as a form of controlling cyber-physical systems in resource networks has been integrated and referred to as the Internet of Things (IoT). However, the connectivity of many stand-alone IoT systems through the Internet introduces numerous cybersecurity challenges as sensitive information is prone to be exposed to malicious users. This paper focuses on the improvement of IoT cybersecurity from an ontological analysis, proposing appropriate security services adapted to the threats. The authors propose an ontology-based cybersecurity framework using knowledge reasoning for IoT, composed of two approaches: (1) design time, which provides a dynamic method to build security services through the application of a model-driven methodology considering the existing enterprise processes; and (2) run time, which involves monitoring the IoT environment, classifying threats and vulnerabilities, and actuating in the environment ensuring the correct adaptation of the existing services. Two validation approaches demonstrate the feasibility of our concept. This entails an ontology assessment and a case study with an industrial implementation. Full article
(This article belongs to the Special Issue Security in IoT Enabled Sensors)
Show Figures

Figure 1

20 pages, 3904 KiB  
Article
Depletion-of-Battery Attack: Specificity, Modelling and Analysis
by Vladimir Shakhov and Insoo Koo
Sensors 2018, 18(6), 1849; https://doi.org/10.3390/s18061849 - 6 Jun 2018
Cited by 29 | Viewed by 4795
Abstract
The emerging Internet of Things (IoT) has great potential; however, the societal costs of the IoT can outweigh its benefits. To unlock IoT potential, there needs to be improvement in the security of IoT applications. There are several standardization initiatives for sensor networks, [...] Read more.
The emerging Internet of Things (IoT) has great potential; however, the societal costs of the IoT can outweigh its benefits. To unlock IoT potential, there needs to be improvement in the security of IoT applications. There are several standardization initiatives for sensor networks, which eventually converge with the Internet of Things. As sensor-based applications are deployed, security emerges as an essential requirement. One of the critical issues of wireless sensor technology is limited sensor resources, including sensor batteries. This creates a vulnerability to battery-exhausting attacks. Rapid exhaustion of sensor battery power is not only explained by intrusions, but can also be due to random failure of embedded sensor protocols. Thus, most wireless sensor applications, without tools to defend against rash battery exhausting, would be unable to function during prescribed times. In this paper, we consider a special type of threat, in which the harm is malicious depletion of sensor battery power. In contrast to the traditional denial-of-service attack, quality of service under the considered attack is not necessarily degraded. Moreover, the quality of service can increase up to the moment of the sensor set crashes. We argue that this is a distinguishing type of attack. Hence, the application of a traditional defense mechanism against this threat is not always possible. Therefore, effective methods should be developed to counter the threat. We first discuss the feasibility of rash depletion of battery power. Next, we propose a model for evaluation of energy consumption when under attack. Finally, a technique to counter the attack is discussed. Full article
(This article belongs to the Special Issue Security in IoT Enabled Sensors)
Show Figures

Figure 1

22 pages, 1345 KiB  
Article
Influence of Different Coupling Modes on the Robustness of Smart Grid under Targeted Attack
by WenJie Kang, Gang Hu, PeiDong Zhu, Qiang Liu, Zhi Hang and Xin Liu
Sensors 2018, 18(6), 1699; https://doi.org/10.3390/s18061699 - 24 May 2018
Cited by 6 | Viewed by 3034
Abstract
Many previous works only focused on the cascading failure of global coupling of one-to-one structures in interdependent networks, but the local coupling of dual coupling structures has rarely been studied due to its complex structure. This will result in a serious consequence that [...] Read more.
Many previous works only focused on the cascading failure of global coupling of one-to-one structures in interdependent networks, but the local coupling of dual coupling structures has rarely been studied due to its complex structure. This will result in a serious consequence that many conclusions of the one-to-one structure may be incorrect in the dual coupling network and do not apply to the smart grid. Therefore, it is very necessary to subdivide the dual coupling link into a top-down coupling link and a bottom-up coupling link in order to study their influence on network robustness by combining with different coupling modes. Additionally, the power flow of the power grid can cause the load of a failed node to be allocated to its neighboring nodes and trigger a new round of load distribution when the load of these nodes exceeds their capacity. This means that the robustness of smart grids may be affected by four factors, i.e., load redistribution, local coupling, dual coupling link and coupling mode; however, the research on the influence of those factors on the network robustness is missing. In this paper, firstly, we construct the smart grid as a two-layer network with a dual coupling link and divide the power grid and communication network into many subnets based on the geographical location of their nodes. Secondly, we define node importance ( N I ) as an evaluation index to access the impact of nodes on the cyber or physical network and propose three types of coupling modes based on N I of nodes in the cyber and physical subnets, i.e., Assortative Coupling in Subnets (ACIS), Disassortative Coupling in Subnets (DCIS), and Random Coupling in Subnets (RCIS). Thirdly, a cascading failure model is proposed for studying the effect of local coupling of dual coupling link in combination with ACIS, DCIS, and RCIS on the robustness of the smart grid against a targeted attack, and the survival rate of functional nodes is used to assess the robustness of the smart grid. Finally, we use the IEEE 118-Bus System and the Italian High-Voltage Electrical Transmission Network to verify our model and obtain the same conclusions: (I) DCIS applied to the top-down coupling link is better able to enhance the robustness of the smart grid against a targeted attack than RCIS or ACIS, (II) ACIS applied to a bottom-up coupling link is better able to enhance the robustness of the smart grid against a targeted attack than RCIS or DCIS, and (III) the robustness of the smart grid can be improved by increasing the tolerance α . This paper provides some guidelines for slowing down the speed of the cascading failures in the design of architecture and optimization of interdependent networks, such as a top-down link with DCIS, a bottom-up link with ACIS, and an increased tolerance α . Full article
(This article belongs to the Special Issue Security in IoT Enabled Sensors)
Show Figures

Figure 1

38 pages, 4672 KiB  
Article
Secure Data Access Control for Fog Computing Based on Multi-Authority Attribute-Based Signcryption with Computation Outsourcing and Attribute Revocation
by Qian Xu, Chengxiang Tan, Zhijie Fan, Wenye Zhu, Ya Xiao and Fujia Cheng
Sensors 2018, 18(5), 1609; https://doi.org/10.3390/s18051609 - 17 May 2018
Cited by 34 | Viewed by 4768
Abstract
Nowadays, fog computing provides computation, storage, and application services to end users in the Internet of Things. One of the major concerns in fog computing systems is how fine-grained access control can be imposed. As a logical combination of attribute-based encryption and attribute-based [...] Read more.
Nowadays, fog computing provides computation, storage, and application services to end users in the Internet of Things. One of the major concerns in fog computing systems is how fine-grained access control can be imposed. As a logical combination of attribute-based encryption and attribute-based signature, Attribute-based Signcryption (ABSC) can provide confidentiality and anonymous authentication for sensitive data and is more efficient than traditional “encrypt-then-sign” or “sign-then-encrypt” strategy. Thus, ABSC is suitable for fine-grained access control in a semi-trusted cloud environment and is gaining more and more attention recently. However, in many existing ABSC systems, the computation cost required for the end users in signcryption and designcryption is linear with the complexity of signing and encryption access policy. Moreover, only a single authority that is responsible for attribute management and key generation exists in the previous proposed ABSC schemes, whereas in reality, mostly, different authorities monitor different attributes of the user. In this paper, we propose OMDAC-ABSC, a novel data access control scheme based on Ciphertext-Policy ABSC, to provide data confidentiality, fine-grained control, and anonymous authentication in a multi-authority fog computing system. The signcryption and designcryption overhead for the user is significantly reduced by outsourcing the undesirable computation operations to fog nodes. The proposed scheme is proven to be secure in the standard model and can provide attribute revocation and public verifiability. The security analysis, asymptotic complexity comparison, and implementation results indicate that our construction can balance the security goals with practical efficiency in computation. Full article
(This article belongs to the Special Issue Security in IoT Enabled Sensors)
Show Figures

Figure 1

21 pages, 405 KiB  
Article
Trusted Operations on Sensor Data
by Hassaan Janjua, Wouter Joosen, Sam Michiels and Danny Hughes
Sensors 2018, 18(5), 1364; https://doi.org/10.3390/s18051364 - 27 Apr 2018
Cited by 8 | Viewed by 4352
Abstract
The widespread use of mobile devices has allowed the development of participatory sensing systems that capture various types of data using the existing or external sensors attached to mobile devices. Gathering data from such anonymous sources requires a mechanism to establish the integrity [...] Read more.
The widespread use of mobile devices has allowed the development of participatory sensing systems that capture various types of data using the existing or external sensors attached to mobile devices. Gathering data from such anonymous sources requires a mechanism to establish the integrity of sensor readings. In many cases, sensor data need to be preprocessed on the device itself before being uploaded to the target server while ensuring the chain of trust from capture to the delivery of the data. This can be achieved by a framework that provides a means to implement arbitrary operations to be performed on trusted sensor data, while guaranteeing the security and integrity of the data. This paper presents the design and implementation of a framework that allows the capture of trusted sensor data from both external and internal sensors on a mobile phone along with the development of trusted operations on sensor data while providing a mechanism for performing predefined operations on the data such that the chain of trust is maintained. The evaluation shows that the proposed system ensures the security and integrity of sensor data with minimal performance overhead. Full article
(This article belongs to the Special Issue Security in IoT Enabled Sensors)
Show Figures

Figure 1

20 pages, 3326 KiB  
Article
How to Improve Fault Tolerance in Disaster Predictions: A Case Study about Flash Floods Using IoT, ML and Real Data
by Gustavo Furquim, Geraldo P. R. Filho, Roozbeh Jalali, Gustavo Pessin, Richard W. Pazzi and Jó Ueyama
Sensors 2018, 18(3), 907; https://doi.org/10.3390/s18030907 - 19 Mar 2018
Cited by 39 | Viewed by 7339
Abstract
The rise in the number and intensity of natural disasters is a serious problem that affects the whole world. The consequences of these disasters are significantly worse when they occur in urban districts because of the casualties and extent of the damage to [...] Read more.
The rise in the number and intensity of natural disasters is a serious problem that affects the whole world. The consequences of these disasters are significantly worse when they occur in urban districts because of the casualties and extent of the damage to goods and property that is caused. Until now feasible methods of dealing with this have included the use of wireless sensor networks (WSNs) for data collection and machine-learning (ML) techniques for forecasting natural disasters. However, there have recently been some promising new innovations in technology which have supplemented the task of monitoring the environment and carrying out the forecasting. One of these schemes involves adopting IP-based (Internet Protocol) sensor networks, by using emerging patterns for IoT. In light of this, in this study, an attempt has been made to set out and describe the results achieved by SENDI (System for dEtecting and forecasting Natural Disasters based on IoT). SENDI is a fault-tolerant system based on IoT, ML and WSN for the detection and forecasting of natural disasters and the issuing of alerts. The system was modeled by means of ns-3 and data collected by a real-world WSN installed in the town of São Carlos - Brazil, which carries out the data collection from rivers in the region. The fault-tolerance is embedded in the system by anticipating the risk of communication breakdowns and the destruction of the nodes during disasters. It operates by adding intelligence to the nodes to carry out the data distribution and forecasting, even in extreme situations. A case study is also included for flash flood forecasting and this makes use of the ns-3 SENDI model and data collected by WSN. Full article
(This article belongs to the Special Issue Security in IoT Enabled Sensors)
Show Figures

Figure 1

17 pages, 11386 KiB  
Article
Cyber and Physical Security Vulnerability Assessment for IoT-Based Smart Homes
by Bako Ali and Ali Ismail Awad
Sensors 2018, 18(3), 817; https://doi.org/10.3390/s18030817 - 8 Mar 2018
Cited by 228 | Viewed by 34366
Abstract
The Internet of Things (IoT) is an emerging paradigm focusing on the connection of devices, objects, or “things” to each other, to the Internet, and to users. IoT technology is anticipated to become an essential requirement in the development of smart homes, as [...] Read more.
The Internet of Things (IoT) is an emerging paradigm focusing on the connection of devices, objects, or “things” to each other, to the Internet, and to users. IoT technology is anticipated to become an essential requirement in the development of smart homes, as it offers convenience and efficiency to home residents so that they can achieve better quality of life. Application of the IoT model to smart homes, by connecting objects to the Internet, poses new security and privacy challenges in terms of the confidentiality, authenticity, and integrity of the data sensed, collected, and exchanged by the IoT objects. These challenges make smart homes extremely vulnerable to different types of security attacks, resulting in IoT-based smart homes being insecure. Therefore, it is necessary to identify the possible security risks to develop a complete picture of the security status of smart homes. This article applies the operationally critical threat, asset, and vulnerability evaluation (OCTAVE) methodology, known as OCTAVE Allegro, to assess the security risks of smart homes. The OCTAVE Allegro method focuses on information assets and considers different information containers such as databases, physical papers, and humans. The key goals of this study are to highlight the various security vulnerabilities of IoT-based smart homes, to present the risks on home inhabitants, and to propose approaches to mitigating the identified risks. The research findings can be used as a foundation for improving the security requirements of IoT-based smart homes. Full article
(This article belongs to the Special Issue Security in IoT Enabled Sensors)
Show Figures

Figure 1

14 pages, 268 KiB  
Article
Analysis of an ABE Scheme with Verifiable Outsourced Decryption
by Yongjian Liao, Yichuan He, Fagen Li, Shaoquan Jiang and Shijie Zhou
Sensors 2018, 18(1), 176; https://doi.org/10.3390/s18010176 - 10 Jan 2018
Cited by 11 | Viewed by 3774
Abstract
Attribute-based encryption (ABE) is a popular cryptographic technology to protect the security of users’ data in cloud computing. In order to reduce its decryption cost, outsourcing the decryption of ciphertexts is an available method, which enables users to outsource a large number of [...] Read more.
Attribute-based encryption (ABE) is a popular cryptographic technology to protect the security of users’ data in cloud computing. In order to reduce its decryption cost, outsourcing the decryption of ciphertexts is an available method, which enables users to outsource a large number of decryption operations to the cloud service provider. To guarantee the correctness of transformed ciphertexts computed by the cloud server via the outsourced decryption, it is necessary to check the correctness of the outsourced decryption to ensure security for the data of users. Recently, Li et al. proposed a full verifiability of the outsourced decryption of ABE scheme (ABE-VOD) for the authorized users and unauthorized users, which can simultaneously check the correctness of the transformed ciphertext for both them. However, in this paper we show that their ABE-VOD scheme cannot obtain the results which they had shown, such as finding out all invalid ciphertexts, and checking the correctness of the transformed ciphertext for the authorized user via checking it for the unauthorized user. We first construct some invalid ciphertexts which can pass the validity checking in the decryption algorithm. That means their “verify-then-decrypt” skill is unavailable. Next, we show that the method to check the validity of the outsourced decryption for the authorized users via checking it for the unauthorized users is not always correct. That is to say, there exist some invalid ciphertexts which can pass the validity checking for the unauthorized user, but cannot pass the validity checking for the authorized user. Full article
(This article belongs to the Special Issue Security in IoT Enabled Sensors)
Back to TopTop