sensors-logo

Journal Browser

Journal Browser

Security and Privacy in IoT-Enabled Smart Environments

A special issue of Sensors (ISSN 1424-8220). This special issue belongs to the section "Sensor Networks".

Deadline for manuscript submissions: closed (25 May 2023) | Viewed by 13213

Special Issue Editors

1. Department of Computer Science, Electrical and Space Engineering, Luleå University of Technology, 971 87 Luleå, Sweden
2. College of Information Technology, United Arab Emirates University, Al Ain P.O. Box 17551, United Arab Emirates
Interests: cybersecurity; biometrics; network security; Internet-of-Things security; image analysis
Special Issues, Collections and Topics in MDPI journals
School of Engineering, Information Technology, and Physical Sciences, Federation University, Brisbane, QLD 4000, Australia
Interests: mobile and wireless networks; IoT; big data analytics; cyber security cloud/edge computing
Special Issues, Collections and Topics in MDPI journals
Seneca College, North York, Toronto, ON M2J 2X5, Canada
Interests: cybersecurity; network security; IoT security; cryptography and applications of machine-learning in cybersecurity
Special Issues, Collections and Topics in MDPI journals

Special Issue Information

Dear Colleagues,

Due to the rapid progression in the IoT paradigm, several domains, such as healthcare, autonomous driving, industrial systems, smart cities, and smart homes, have emerged as smart environments. Smart environments aim to provide intelligent services toward creating a comfortable life for individuals. This widespread use of IoT applications has created numerous security and privacy challenges that can be exploited by cyber-attackers, adversaries, and untrusted third parties. This practice causes substantial economic losses to the abovementioned domains and puts in danger the lives of individuals or users.

Driven by rapidly evolving security and privacy challenges, everyone from IoT device manufacturers to information technology (IT) staff and from hardware engineers to cloud management entities need to provide innovative security, and privacy solutions to address the ever-increasing attack surface. In addition, security specialists need to present clear and meaningful insights about the important and valid arguments for risk assessment, threat management, and attack rectification in present IoT-empowered applications. 

This Special Issue on “Security and Privacy in IoT-Enabled Smart Environments” addresses IoT-enabled smart environments' security and privacy challenges. Special emphasis is on the IoT system's infrastructure, including networking, protocols, applications, and data manipulations. In addition, the Special Issue provides up-to-date research findings that cover both security and privacy challenges and mitigation approaches for protecting individuals’ information and privacy. The topics of interest include but are not limited to:

  • Security, privacy, ethics, and legal frameworks;
  • Risk assessment and mitigation in the IoT domain;
  • Innovative security solutions for IoT infrastructures;
  • Privacy-preserving in IoT-based applications;
  • Blockchain-driven green and decentralized domains;
  • Secure and private frameworks and protocols for the IoT;
  • Machine-learning-based security and privacy solutions;
  • Blockchain technologies for reliable and trustworthy computing;
  • Biometric modalities for individuals’ authentication in the IoT;
  • Security perimeters for resource-constrained IoT devices;
  • Device authentication and device identity management.

Dr. Ali Ismail Awad
Dr. Muhammad Imran
Dr. Mohammed M. Alani
Guest Editors

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Sensors is an international peer-reviewed open access semimonthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 2600 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • Internet of Things (IoT)
  • security and privacy
  • risk assessment and treatment
  • privacy-preserving techniques
  • secure routing protocols
  • biometric modalities for IoT
  • resource-constrained IoT
  • intrusion detection systems
  • user authentication and access control

Published Papers (5 papers)

Order results
Result details
Select all
Export citation of selected articles as:

Research

26 pages, 1013 KiB  
Article
XRecon: An Explainbale IoT Reconnaissance Attack Detection System Based on Ensemble Learning
by Mohammed M. Alani and Ernesto Damiani
Sensors 2023, 23(11), 5298; https://doi.org/10.3390/s23115298 - 02 Jun 2023
Cited by 3 | Viewed by 1695
Abstract
IoT devices have grown in popularity in recent years. Statistics show that the number of online IoT devices exceeded 35 billion in 2022. This rapid growth in adoption made these devices an obvious target for malicious actors. Attacks such as botnets and malware [...] Read more.
IoT devices have grown in popularity in recent years. Statistics show that the number of online IoT devices exceeded 35 billion in 2022. This rapid growth in adoption made these devices an obvious target for malicious actors. Attacks such as botnets and malware injection usually start with a phase of reconnaissance to gather information about the target IoT device before exploitation. In this paper, we introduce a machine-learning-based detection system for reconnaissance attacks based on an explainable ensemble model. Our proposed system aims to detect scanning and reconnaissance activity of IoT devices and counter these attacks at an early stage of the attack campaign. The proposed system is designed to be efficient and lightweight to operate in severely resource-constrained environments. When tested, the implementation of the proposed system delivered an accuracy of 99%. Furthermore, the proposed system showed low false positive and false negative rates at 0.6% and 0.05%, respectively, while maintaining high efficiency and low resource consumption. Full article
(This article belongs to the Special Issue Security and Privacy in IoT-Enabled Smart Environments)
Show Figures

Figure 1

21 pages, 4339 KiB  
Article
Automatic Hybrid Access Control in SCADA-Enabled IIoT Networks Using Machine Learning
by Muhammad Usman, Muhammad Shahzad Sarfraz, Usman Habib, Muhammad Umar Aftab and Saleha Javed
Sensors 2023, 23(8), 3931; https://doi.org/10.3390/s23083931 - 12 Apr 2023
Cited by 2 | Viewed by 2000
Abstract
The recent advancements in the Internet of Things have made it converge towards critical infrastructure automation, opening a new paradigm referred to as the Industrial Internet of Things (IIoT). In the IIoT, different connected devices can send huge amounts of data to other [...] Read more.
The recent advancements in the Internet of Things have made it converge towards critical infrastructure automation, opening a new paradigm referred to as the Industrial Internet of Things (IIoT). In the IIoT, different connected devices can send huge amounts of data to other devices back and forth for a better decision-making process. In such use cases, the role of supervisory control and data acquisition (SCADA) has been studied by many researchers in recent years for robust supervisory control management. Nevertheless, for better sustainability of these applications, reliable data exchange is crucial in this domain. To ensure the privacy and integrity of the data shared between the connected devices, access control can be used as the front-line security mechanism for these systems. However, the role engineering and assignment propagation in access control is still a tedious process as its manually performed by network administrators. In this study, we explored the potential of supervised machine learning to automate role engineering for fine-grained access control in Industrial Internet of Things (IIoT) settings. We propose a mapping framework to employ a fine-tuned multilayer feedforward artificial neural network (ANN) and extreme learning machine (ELM) for role engineering in the SCADA-enabled IIoT environment to ensure privacy and user access rights to resources. For the application of machine learning, a thorough comparison between these two algorithms is also presented in terms of their effectiveness and performance. Extensive experiments demonstrated the significant performance of the proposed scheme, which is promising for future research to automate the role assignment in the IIoT domain. Full article
(This article belongs to the Special Issue Security and Privacy in IoT-Enabled Smart Environments)
Show Figures

Figure 1

22 pages, 6956 KiB  
Article
Composition of Hybrid Deep Learning Model and Feature Optimization for Intrusion Detection System
by Azriel Henry, Sunil Gautam, Samrat Khanna, Khaled Rabie, Thokozani Shongwe, Pronaya Bhattacharya, Bhisham Sharma and Subrata Chowdhury
Sensors 2023, 23(2), 890; https://doi.org/10.3390/s23020890 - 12 Jan 2023
Cited by 21 | Viewed by 3095
Abstract
Recently, with the massive growth of IoT devices, the attack surfaces have also intensified. Thus, cybersecurity has become a critical component to protect organizational boundaries. In networks, Intrusion Detection Systems (IDSs) are employed to raise critical flags during network management. One aspect is [...] Read more.
Recently, with the massive growth of IoT devices, the attack surfaces have also intensified. Thus, cybersecurity has become a critical component to protect organizational boundaries. In networks, Intrusion Detection Systems (IDSs) are employed to raise critical flags during network management. One aspect is malicious traffic identification, where zero-day attack detection is a critical problem of study. Current approaches are aligned towards deep learning (DL) methods for IDSs, but the success of the DL mechanism depends on the feature learning process, which is an open challenge. Thus, in this paper, the authors propose a technique which combines both CNN, and GRU, where different CNN–GRU combination sequences are presented to optimize the network parameters. In the simulation, the authors used the CICIDS-2017 benchmark dataset and used metrics such as precision, recall, False Positive Rate (FPR), True Positive Rate (TRP), and other aligned metrics. The results suggest a significant improvement, where many network attacks are detected with an accuracy of 98.73%, and an FPR rate of 0.075. We also performed a comparative analysis with other existing techniques, and the obtained results indicate the efficacy of the proposed IDS scheme in real cybersecurity setups. Full article
(This article belongs to the Special Issue Security and Privacy in IoT-Enabled Smart Environments)
Show Figures

Figure 1

24 pages, 1317 KiB  
Article
Efficient Approach for Anomaly Detection in IoT Using System Calls
by Nouman Shamim, Muhammad Asim, Thar Baker and Ali Ismail Awad
Sensors 2023, 23(2), 652; https://doi.org/10.3390/s23020652 - 06 Jan 2023
Cited by 5 | Viewed by 2580
Abstract
The Internet of Things (IoT) has shown rapid growth and wide adoption in recent years. However, IoT devices are not designed to address modern security challenges. The weak security of these devices has been exploited by malicious actors and has led to several [...] Read more.
The Internet of Things (IoT) has shown rapid growth and wide adoption in recent years. However, IoT devices are not designed to address modern security challenges. The weak security of these devices has been exploited by malicious actors and has led to several serious cyber-attacks. In this context, anomaly detection approaches are considered very effective owing to their ability to detect existing and novel attacks while requiring data only from normal execution. Because of the limited resources of IoT devices, conventional security solutions are not feasible. This emphasizes the need to develop new approaches that are specifically tailored to IoT devices. In this study, we propose a host-based anomaly detection approach that uses system call data and a Markov chain to represent normal behavior. This approach addresses the challenges that existing approaches face in this area, mainly the segmentation of the syscall trace into suitable smaller units and the use of a fixed threshold to differentiate between normal and malicious syscall sequences. Our proposed approach provides a mechanism for segmenting syscall traces into the program’s execution paths and dynamically determines the threshold for anomaly detection. The proposed approach was evaluated against various attacks using two well-known public datasets provided by the University of New South Mexico (UNM) and one custom dataset (PiData) developed in the laboratory. We also compared the performance and characteristics of our proposed approach with those of recently published related work. The proposed approach has a very low false positive rate (0.86%), high accuracy (100%), and a high F1 score (100%) that is, a combined performance measure of precision and recall. Full article
(This article belongs to the Special Issue Security and Privacy in IoT-Enabled Smart Environments)
Show Figures

Figure 1

18 pages, 570 KiB  
Article
Towards an Explainable Universal Feature Set for IoT Intrusion Detection
by Mohammed M. Alani and Ali Miri
Sensors 2022, 22(15), 5690; https://doi.org/10.3390/s22155690 - 29 Jul 2022
Cited by 13 | Viewed by 2243
Abstract
As IoT devices’ adoption grows rapidly, security plays an important role in our daily lives. As part of the effort to counter these security threats in recent years, many IoT intrusion detection datasets were presented, such as TON_IoT, BoT-IoT, and Aposemat IoT-23. These [...] Read more.
As IoT devices’ adoption grows rapidly, security plays an important role in our daily lives. As part of the effort to counter these security threats in recent years, many IoT intrusion detection datasets were presented, such as TON_IoT, BoT-IoT, and Aposemat IoT-23. These datasets were used to build many machine learning-based IoT intrusion detection models. In this research, we present an explainable and efficient method for selecting the most effective universal features from IoT intrusion detection datasets that can help in producing highly-accurate and efficient machine learning-based intrusion detection systems. The proposed method was applied to TON_IoT, Aposemat IoT-23, and IoT-ID datasets and resulted in the selection of six universal network-flow features. The proposed method was tested and produced a high accuracy of 99.62% with a prediction time reduced by up to 70%. To provide better insight into the operation of the classifier, a Shapley additive explanation was used to explain the selected features and to prove the alignment of the explanation with current attack techniques. Full article
(This article belongs to the Special Issue Security and Privacy in IoT-Enabled Smart Environments)
Show Figures

Back to TopTop