sensors-logo

Journal Browser

Journal Browser

Cybersecurity and Privacy in Smart Cities

A special issue of Sensors (ISSN 1424-8220). This special issue belongs to the section "Internet of Things".

Deadline for manuscript submissions: closed (31 August 2021) | Viewed by 39115

Special Issue Editors


E-Mail Website
Guest Editor
Department of Information and Communication Engineering, University of Murcia, 30100 Murcia, Spain
Interests: IoT; privacy preservation; cybersecurity; threat/risk analysis; trust management; distributed systems

E-Mail Website
Guest Editor
University of Trento, Italy, and Vrije Universiteit of Amsterdam, The Netherlands
Interests: cybersecurity; IoT; risk analysis; empirical security research; security testbeds; malware analysis

E-Mail Website
Guest Editor
imec-DistriNet, KU Leuven, Belgium
Interests: federated identity and access management; data mining and machine learning for security and privacy; scalable distributed systems; event-based middleware

Special Issue Information

Dear Colleagues,

As the IoT expands, security and privacy issues associated to IoT networks, smart systems, and applications are increasing accordingly. IoT ecosystems are getting more and more complex, leading to an increasing number of cyberthreats and attacks. This situation is being exploited by cybercriminals, who are continuously evolving their attacks targeting not only smart systems, organizations, and critical infrastructures, but also citizens’ privacy. Security and privacy concerns are aggravated in the next-generation smart infrastructures and beyond 5G–IoT networks adopted by smart cities, which inherit most of the issues from IoT along with additional concerns derived by large-scale and distributed deployments, including, but not limited to, big data security issues, distributed attacks, availability concerns, interoperability, privacy, trust, and scalability aspects.

This landscape requires novel smart cybersecurity and privacy solutions, specially tailored to smart city infrastructures, applications and beyond 5G–IoT networks, which can strengthen security, scalability, resiliency, and availability in smart city systems and networks, while ensuring citizens’ privacy and trust.

This Special Issue aims to bring together researchers from academia, industry, and individuals working on relevant cybersecurity and privacy topics, smart cities, IoT, and research areas to share their latest accomplishments and research findings within the research community in these research fields.

Submissions can contemplate original research with novel ideas and solutions to address the advanced security challenges in Smart Cities. Critical surveys will also be welcome.

Topics of interest:

  • Data privacy solutions for smart cities
  • Smart data security, interoperability, availability, and scalability
  • Privacy and security issues for smart city applications
  • Cybersecurity frameworks
  • Intrusion detection and malware analysis in smart cities and applications
  • Network issues beyond 5G–IoT connected cities
  • Security and privacy in next generation infrastructures in smart cities
  • Risk assessment and management in smart cities
  • AI-based countermeasures
  • Machine learning for cybersecurity
  • Privacy preservation in smart cities and applications
  • Cybersecurity and critical infrastructures
  • Cyberthreat intelligence analysis, management, and sharing
  • Reliability, AAA, and trust in 5G–IoT and beyond
  • Cryptography solutions
  • Human-centric cybersecurity solutions
  • Security protocols beyond 5G–IoT
  • Cybersecurity and big data
  • Cybersecurity and privacy aspects of distributed ledgers
  • Testbeds for IoT cybersecurity
  • Cybersecurity standardization and certification

Dr. Jorge Bernal Bernabe
Prof. Dr. Antonio Skarmeta
Prof. Dr. Fabio Massacci
Dr. Davy Preuveneers
Guest Editors

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Sensors is an international peer-reviewed open access semimonthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 2600 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • Cybersecurity
  • Privacy preservation
  • Smart cities
  • IoT network security
  • Information security
  • IoT security
  • Cybersecurity analytics

Published Papers (9 papers)

Order results
Result details
Select all
Export citation of selected articles as:

Research

21 pages, 4446 KiB  
Article
Data Protection by Design in the Context of Smart Cities: A Consent and Access Control Proposal
by Said Daoudagh, Eda Marchetti, Vincenzo Savarino, Jorge Bernal Bernabe, Jesús García-Rodríguez, Rafael Torres Moreno, Juan Antonio Martinez and Antonio F. Skarmeta
Sensors 2021, 21(21), 7154; https://doi.org/10.3390/s21217154 - 28 Oct 2021
Cited by 9 | Viewed by 3009
Abstract
The growing availability of mobile devices has lead to an arising development of smart cities services that share a huge amount of (personal) information and data. Without accurate and verified management, they could become severe back-doors for security and privacy. In this paper, [...] Read more.
The growing availability of mobile devices has lead to an arising development of smart cities services that share a huge amount of (personal) information and data. Without accurate and verified management, they could become severe back-doors for security and privacy. In this paper, we propose a smart city infrastructure able to integrate a distributed privacy-preserving identity management solution based on attribute-based credentials (p-ABC), a user-centric Consent Manager, and a GDPR-based Access Control mechanism so as to guarantee the enforcement of the GDPR’s provisions. Thus, the infrastructure supports the definition of specific purpose, collection of data, regulation of access to personal data, and users’ consents, while ensuring selective and minimal disclosure of personal information as well as user’s unlinkability across service and identity providers. The proposal has been implemented, integrated, and evaluated in a fully-fledged environment consisting of MiMurcia, the Smart City project for the city of Murcia, CaPe, an industrial consent management system, and GENERAL_D, an academic GDPR-based access control system, showing the feasibility. Full article
(This article belongs to the Special Issue Cybersecurity and Privacy in Smart Cities)
Show Figures

Figure 1

16 pages, 13716 KiB  
Article
Authorizing Third-Party Applications Served through Messaging Platforms
by Jorge Sancho, José García and Álvaro Alesanco
Sensors 2021, 21(17), 5716; https://doi.org/10.3390/s21175716 - 25 Aug 2021
Viewed by 1621
Abstract
The widespread adoption of smartphones and the new-generation wireless networks have changed the way that people interact among themselves and with their environment. The use of messaging platforms, such as WhatsApp, has become deeply ingrained in peoples’ lives, and many digital services have [...] Read more.
The widespread adoption of smartphones and the new-generation wireless networks have changed the way that people interact among themselves and with their environment. The use of messaging platforms, such as WhatsApp, has become deeply ingrained in peoples’ lives, and many digital services have started to be delivered using these communication channels. In this work, we propose a new OAuth grant type to be used when the interaction between the resource owner and the client takes place through a messaging platform. This new grant type firstly allows the authorization server to be sure that no Man-in-the-Middle risk exists between the resource owner and the client before issuing an access token. Secondly, it allows the authorization server to interact with the resource owner through the same user-agent already being used to interact with the client, i.e., the messaging platform, which is expected to improve the overall user experience of the authorization process. To verify this assumption, we conducted a usability study in which subjects were required to perform the full authorization process using both the standard authorization code grant type (through a web-browser) and the new grant type defined in this work. They have also been required to fill in a small questionnaire including some demographic information and their impressions about both authorization flows. The results suggest that the proposed grant type eases the authorization process in most cases. Full article
(This article belongs to the Special Issue Cybersecurity and Privacy in Smart Cities)
Show Figures

Figure 1

21 pages, 1615 KiB  
Article
Secure Content Distribution with Access Control Enforcement in Named Data Networking
by Htet Htet Hlaing, Yuki Funamoto and Masahiro Mambo
Sensors 2021, 21(13), 4477; https://doi.org/10.3390/s21134477 - 30 Jun 2021
Cited by 4 | Viewed by 2730
Abstract
NDN is one of the new emerging future internet architectures which brings up new solutions over today’s internet architecture, facilitating content distribution, in-network caching, mobility support, and multicast forwarding. NDNs ubiquitous in-network caching allows consumers to access data directly from the intermediate router’s [...] Read more.
NDN is one of the new emerging future internet architectures which brings up new solutions over today’s internet architecture, facilitating content distribution, in-network caching, mobility support, and multicast forwarding. NDNs ubiquitous in-network caching allows consumers to access data directly from the intermediate router’s cache. However, it opens content privacy problems since data packets replicated in the router are always accessible by every consumer. Sensitive contents in the routers should be protected and accessed only by authorized consumers. Although the content protection problem can be solved by applying an encryption-based access control policy, it still needs an efficient content distribution scheme with lower computational overhead and content retrieval time. We propose an efficient and secure content distribution (ES_CD), by combining symmetric encryption and identity-based proxy re-encryption. The analysis shows that our proposed scheme achieves content retrieval time reduction up to 20% for the cached contents in our network simulation environment and a slight computational overhead of less than 19 ms at the content producer and 9 ms at the consumer for 2 KB content. ES_CD provides content confidentiality and ensures only legitimate consumers can access the contents during a predefined time without requiring a trusted third party and keeping the content producer always online. Full article
(This article belongs to the Special Issue Cybersecurity and Privacy in Smart Cities)
Show Figures

Figure 1

16 pages, 8287 KiB  
Article
Secure Video Surveillance Framework in Smart City
by Hao Li, Tianhao Xiezhang, Cheng Yang, Lianbing Deng and Peng Yi
Sensors 2021, 21(13), 4419; https://doi.org/10.3390/s21134419 - 28 Jun 2021
Cited by 18 | Viewed by 3551
Abstract
In the construction process of smart cities, more and more video surveillance systems have been deployed for traffic, office buildings, shopping malls, and families. Thus, the security of video surveillance systems has attracted more attention. At present, many researchers focus on how to [...] Read more.
In the construction process of smart cities, more and more video surveillance systems have been deployed for traffic, office buildings, shopping malls, and families. Thus, the security of video surveillance systems has attracted more attention. At present, many researchers focus on how to select the region of interest (RoI) accurately and then realize privacy protection in videos by selective encryption. However, relatively few researchers focus on building a security framework by analyzing the security of a video surveillance system from the system and data life cycle. By analyzing the surveillance video protection and the attack surface of a video surveillance system in a smart city, we constructed a secure surveillance framework in this manuscript. In the secure framework, a secure video surveillance model is proposed, and a secure authentication protocol that can resist man-in-the-middle attacks (MITM) and replay attacks is implemented. For the management of the video encryption key, we introduced the Chinese remainder theorem (CRT) on the basis of group key management to provide an efficient and secure key update. In addition, we built a decryption suite based on transparent encryption to ensure the security of the decryption environment. The security analysis proved that our system can guarantee the forward and backward security of the key update. In the experiment environment, the average decryption speed of our system can reach 91.47 Mb/s, which can meet the real-time requirement of practical applications. Full article
(This article belongs to the Special Issue Cybersecurity and Privacy in Smart Cities)
Show Figures

Figure 1

20 pages, 5088 KiB  
Article
Agent-Based Semantic Role Mining for Intelligent Access Control in Multi-Domain Collaborative Applications of Smart Cities
by Rubina Ghazal, Ahmad Kamran Malik, Basit Raza, Nauman Qadeer, Nafees Qamar and Sajal Bhatia
Sensors 2021, 21(13), 4253; https://doi.org/10.3390/s21134253 - 22 Jun 2021
Cited by 4 | Viewed by 2995
Abstract
Significance and popularity of Role-Based Access Control (RBAC) is inevitable; however, its application is highly challenging in multi-domain collaborative smart city environments. The reason is its limitations in adapting the dynamically changing information of users, tasks, access policies and resources in such applications. [...] Read more.
Significance and popularity of Role-Based Access Control (RBAC) is inevitable; however, its application is highly challenging in multi-domain collaborative smart city environments. The reason is its limitations in adapting the dynamically changing information of users, tasks, access policies and resources in such applications. It also does not incorporate semantically meaningful business roles, which could have a diverse impact upon access decisions in such multi-domain collaborative business environments. We propose an Intelligent Role-based Access Control (I-RBAC) model that uses intelligent software agents for achieving intelligent access control in such highly dynamic multi-domain environments. The novelty of this model lies in using a core I-RBAC ontology that is developed using real-world semantic business roles as occupational roles provided by Standard Occupational Classification (SOC), USA. It contains around 1400 business roles, from nearly all domains, along with their detailed task descriptions as well as hierarchical relationships among them. The semantic role mining process is performed through intelligent agents that use word embedding and a bidirectional LSTM deep neural network for automated population of organizational ontology from its unstructured text policy and, subsequently, matching this ontology with core I-RBAC ontology to extract unified business roles. The experimentation was performed on a large number of collaboration case scenarios of five multi-domain organizations and promising results were obtained regarding the accuracy of automatically derived RDF triples (Subject, Predicate, Object) from organizational text policies as well as the accuracy of extracted semantically meaningful roles. Full article
(This article belongs to the Special Issue Cybersecurity and Privacy in Smart Cities)
Show Figures

Figure 1

43 pages, 7227 KiB  
Article
Follow the Trail: Machine Learning for Fraud Detection in Fintech Applications
by Branka Stojanović, Josip Božić, Katharina Hofer-Schmitz, Kai Nahrgang, Andreas Weber, Atta Badii, Maheshkumar Sundaram, Elliot Jordan and Joel Runevic
Sensors 2021, 21(5), 1594; https://doi.org/10.3390/s21051594 - 25 Feb 2021
Cited by 23 | Viewed by 10284
Abstract
Financial technology, or Fintech, represents an emerging industry on the global market. With online transactions on the rise, the use of IT for automation of financial services is of increasing importance. Fintech enables institutions to deliver services to customers worldwide on a 24/7 [...] Read more.
Financial technology, or Fintech, represents an emerging industry on the global market. With online transactions on the rise, the use of IT for automation of financial services is of increasing importance. Fintech enables institutions to deliver services to customers worldwide on a 24/7 basis. Its services are often easy to access and enable customers to perform transactions in real-time. In fact, advantages such as these make Fintech increasingly popular among clients. However, since Fintech transactions are made up of information, ensuring security becomes a critical issue. Vulnerabilities in such systems leave them exposed to fraudulent acts, which cause severe damage to clients and providers alike. For this reason, techniques from the area of Machine Learning (ML) are applied to identify anomalies in Fintech applications. They target suspicious activity in financial datasets and generate models in order to anticipate future frauds. We contribute to this important issue and provide an evaluation on anomaly detection methods for this matter. Experiments were conducted on several fraudulent datasets from real-world and synthetic databases, respectively. The obtained results confirm that ML methods contribute to fraud detection with varying success. Therefore, we discuss the effectiveness of the individual methods with regard to the detection rate. In addition, we provide an analysis on the influence of selected features on their performance. Finally, we discuss the impact of the observed results for the security of Fintech applications in the future. Full article
(This article belongs to the Special Issue Cybersecurity and Privacy in Smart Cities)
Show Figures

Figure 1

15 pages, 904 KiB  
Article
An IoT-Focused Intrusion Detection System Approach Based on Preprocessing Characterization for Cybersecurity Datasets
by Xavier Larriva-Novo, Víctor A. Villagrá, Mario Vega-Barbas, Diego Rivera and Mario Sanz Rodrigo
Sensors 2021, 21(2), 656; https://doi.org/10.3390/s21020656 - 19 Jan 2021
Cited by 52 | Viewed by 5169
Abstract
Security in IoT networks is currently mandatory, due to the high amount of data that has to be handled. These systems are vulnerable to several cybersecurity attacks, which are increasing in number and sophistication. Due to this reason, new intrusion detection techniques have [...] Read more.
Security in IoT networks is currently mandatory, due to the high amount of data that has to be handled. These systems are vulnerable to several cybersecurity attacks, which are increasing in number and sophistication. Due to this reason, new intrusion detection techniques have to be developed, being as accurate as possible for these scenarios. Intrusion detection systems based on machine learning algorithms have already shown a high performance in terms of accuracy. This research proposes the study and evaluation of several preprocessing techniques based on traffic categorization for a machine learning neural network algorithm. This research uses for its evaluation two benchmark datasets, namely UGR16 and the UNSW-NB15, and one of the most used datasets, KDD99. The preprocessing techniques were evaluated in accordance with scalar and normalization functions. All of these preprocessing models were applied through different sets of characteristics based on a categorization composed by four groups of features: basic connection features, content characteristics, statistical characteristics and finally, a group which is composed by traffic-based features and connection direction-based traffic characteristics. The objective of this research is to evaluate this categorization by using various data preprocessing techniques to obtain the most accurate model. Our proposal shows that, by applying the categorization of network traffic and several preprocessing techniques, the accuracy can be enhanced by up to 45%. The preprocessing of a specific group of characteristics allows for greater accuracy, allowing the machine learning algorithm to correctly classify these parameters related to possible attacks. Full article
(This article belongs to the Special Issue Cybersecurity and Privacy in Smart Cities)
Show Figures

Figure 1

22 pages, 592 KiB  
Article
Assessing the Security of Campus Networks: The Case of Seven Universities
by Rui Zheng, Hao Ma, Qiuyun Wang, Jianming Fu and Zhengwei Jiang
Sensors 2021, 21(1), 306; https://doi.org/10.3390/s21010306 - 5 Jan 2021
Cited by 11 | Viewed by 3682
Abstract
The network security situation of campus networks on CERNET (China Education and Research Network) has received great concern. However, most network managers have no complete picture of the network security because of its special management and the rapid growth of network assets. In [...] Read more.
The network security situation of campus networks on CERNET (China Education and Research Network) has received great concern. However, most network managers have no complete picture of the network security because of its special management and the rapid growth of network assets. In this investigation, the security of campus networks belonging to seven universities in Wuhan was investigated. A tool called “WebHunt” was designed for campus networks, and with its help, the network security risks were found. Differently from existing tools for network probing, WebHunt can adopt the network scale and special rules of the campus network. According to the characteristics of campus websites, a series of functions were integrated into WebHunt, including reverse resolution of domain names, active network detection and fingerprint identification for software assets. Besides, WebHunt builds its vulnerability intelligence database with a knowledge graph structure and locates the vulnerabilities through matching knowledge graph information. Security assessments of seven universities presents WebHunt’s applicability for campus networks. Besides, it also shows that many security risks are concealed in campus networks, such as non-compliance IP addresses and domain names, system vulnerabilities and so on. The security reports containing risks have been sent to the relevant universities, and positive feedback was received. Full article
(This article belongs to the Special Issue Cybersecurity and Privacy in Smart Cities)
Show Figures

Figure 1

25 pages, 2616 KiB  
Article
Continuous Quantitative Risk Management in Smart Grids Using Attack Defense Trees
by Erkuden Rios, Angel Rego, Eider Iturbe, Marivi Higuero and Xabier Larrucea
Sensors 2020, 20(16), 4404; https://doi.org/10.3390/s20164404 - 7 Aug 2020
Cited by 19 | Viewed by 4257
Abstract
Although the risk assessment discipline has been studied from long ago as a means to support security investment decision-making, no holistic approach exists to continuously and quantitatively analyze cyber risks in scenarios where attacks and defenses may target different parts of Internet of [...] Read more.
Although the risk assessment discipline has been studied from long ago as a means to support security investment decision-making, no holistic approach exists to continuously and quantitatively analyze cyber risks in scenarios where attacks and defenses may target different parts of Internet of Things (IoT)-based smart grid systems. In this paper, we propose a comprehensive methodology that enables informed decisions on security protection for smart grid systems by the continuous assessment of cyber risks. The solution is based on the use of attack defense trees modelled on the system and computation of the proposed risk attributes that enables an assessment of the system risks by propagating the risk attributes in the tree nodes. The method allows system risk sensitivity analyses to be performed with respect to different attack and defense scenarios, and optimizes security strategies with respect to risk minimization. The methodology proposes the use of standard security and privacy defense taxonomies from internationally recognized security control families, such as the NIST SP 800-53, which facilitates security certifications. Finally, the paper describes the validation of the methodology carried out in a real smart building energy efficiency application that combines multiple components deployed in cloud and IoT resources. The scenario demonstrates the feasibility of the method to not only perform initial quantitative estimations of system risks but also to continuously keep the risk assessment up to date according to the system conditions during operation. Full article
(This article belongs to the Special Issue Cybersecurity and Privacy in Smart Cities)
Show Figures

Figure 1

Back to TopTop