[go: up one dir, main page]
 
 
Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
7.3
3.4
Journals
Sensors
Special Issues
Advances in IoT Privacy, Security and Applications
sensors-logo
Submit to Sensors Review for Sensors Propose a Special Issue

Journal Menu

Journal Menu

Journal Browser

Journal Browser
share announcement

Advances in IoT Privacy, Security and Applications

A special issue of Sensors (ISSN 1424-8220). This special issue belongs to the section "Internet of Things".

Deadline for manuscript submissions: closed (31 August 2023) | Viewed by 17010

Special Issue Editor

Prof. Dr. Henrique Santos

E-Mail Website
Guest Editor
Information Systems Department, University of Minho, 4800-058 Guimarães, Portugal
Interests: information security and privacy; computer architecture
Special Issues, Collections and Topics in MDPI journals

Special Issue Information

Dear Colleagues,

IoT is widely recognized as a new paradigm of interconnecting everything that can be connected to a shared data network. The natural evolution of the Internet and its fundamental protocol (IPv4 to IPv6) allows several billion devices/sensors to communicate and participate in data service networks increasingly automatically. Along with the development of machine learning techniques, this ecosystem promises to revolutionize the world as we know it in an unimaginable way. However, all these attractive business models come with a limitation that can compromise the benefits: cybersecurity and privacy. Indeed, we can expect many exciting services dealing with critical data, which will demand the continuous study and development of security and privacy techniques. Traditional security and privacy techniques have limitations, not only due to the processing capability of several used devices/sensors but also to the application requirements and the nature of the communications primarily based on the machine-to-machine paradigm. Furthermore, since operations rely heavily on automatic processes, security efficiency becomes essential, raising the need to investigate new management contexts and proper metrics, which are unique in the cybersecurity and privacy requirements for sensor networks and related storage and processing fabrics.

Prof. Dr. Henrique Santos
Guest Editor

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Sensors is an international peer-reviewed open access semimonthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 2600 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • IoT security and privacy (S&P) models
  • S&P by design and by default
  • IoT metrics
  • security management in IoT
  • information privacy
  • wireless sensor networks
  • identity management
  • smart applications
  • IoT safety
  • supply chains in IoT

Benefits of Publishing in a Special Issue

  • Ease of navigation: Grouping papers by topic helps scholars navigate broad scope journals more efficiently.
  • Greater discoverability: Special Issues support the reach and impact of scientific research. Articles in Special Issues are more discoverable and cited more frequently.
  • Expansion of research network: Special Issues facilitate connections among authors, fostering scientific collaborations.
  • External promotion: Articles in Special Issues are often promoted through the journal's social media, increasing their visibility.
  • e-Book format: Special Issues with more than 10 articles can be published as dedicated e-books, ensuring wide and rapid dissemination.

Further information on MDPI's Special Issue polices can be found here.

Published Papers (7 papers)

Download All Papers
Order results
Result details
Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:

Research

25 pages, 5480 KiB  
Article
Lightweight Multi-Class Support Vector Machine-Based Medical Diagnosis System with Privacy Preservation
by Sherif Abdelfattah, Mohamed Baza, Mohamed Mahmoud, Mostafa M. Fouda, Khalid Abualsaud, Elias Yaacoub, Maazen Alsabaan and Mohsen Guizani
Sensors 2023, 23(22), 9033; https://doi.org/10.3390/s23229033 - 8 Nov 2023
Cited by 2 | Viewed by 1807
Abstract
Machine learning, powered by cloud servers, has found application in medical diagnosis, enhancing the capabilities of smart healthcare services. Research literature demonstrates that the support vector machine (SVM) consistently demonstrates remarkable accuracy in medical diagnosis. Nonetheless, safeguarding patients’ health data privacy and preserving [...] Read more.
Machine learning, powered by cloud servers, has found application in medical diagnosis, enhancing the capabilities of smart healthcare services. Research literature demonstrates that the support vector machine (SVM) consistently demonstrates remarkable accuracy in medical diagnosis. Nonetheless, safeguarding patients’ health data privacy and preserving the intellectual property of diagnosis models is of paramount importance. This concern arises from the common practice of outsourcing these models to third-party cloud servers that may not be entirely trustworthy. Few studies in the literature have delved into addressing these issues within SVM-based diagnosis systems. These studies, however, typically demand substantial communication and computational resources and may fail to conceal classification results and protect model intellectual property. This paper aims to tackle these limitations within a multi-class SVM medical diagnosis system. To achieve this, we have introduced modifications to an inner product encryption cryptosystem and incorporated it into our medical diagnosis framework. Notably, our cryptosystem proves to be more efficient than the Paillier and multi-party computation cryptography methods employed in previous research. Although we focus on a medical application in this paper, our approach can also be used for other applications that need the evaluation of machine learning models in a privacy-preserving way such as electricity theft detection in the smart grid, electric vehicle charging coordination, and vehicular social networks. To assess the performance and security of our approach, we conducted comprehensive analyses and experiments. Our findings demonstrate that our proposed method successfully fulfills our security and privacy objectives while maintaining high classification accuracy and minimizing communication and computational overhead. Full article
(This article belongs to the Special Issue Advances in IoT Privacy, Security and Applications)
Show Figures

Figure 1

Figure 1
<p>The network model considered in this paper.</p> Full article ">Figure 2
<p>An illustration for linear support vector machine.</p> Full article ">Figure 3
<p>Multi-class support vector machine. (<b>a</b>) One versus one (1V1) multi-class support vector machine. (<b>b</b>) One-versus-all (1VA) multi-class support vector machine.</p> Full article ">Figure 4
<p>Medical diagnosis.</p> Full article ">Figure 5
<p>An illustration of the vectors utilized to compute the classification result is provided below. (<b>a</b>) Model vector: <math display="inline"><semantics> <mrow> <mi>m</mi> <mo>+</mo> <mn>1</mn> </mrow> </semantics></math> elements for the model parameters and the <math display="inline"><semantics> <mrow> <mo>(</mo> <mi>m</mi> <mo>+</mo> <mn>2</mn> <mo>)</mo> </mrow> </semantics></math>-th element contains one. (<b>b</b>) Data vector: <span class="html-italic">m</span> elements for the patient’s medical data, one in the <math display="inline"><semantics> <mrow> <mo>(</mo> <mi>m</mi> <mo>+</mo> <mn>1</mn> <mo>)</mo> </mrow> </semantics></math>-th element, and the <math display="inline"><semantics> <mrow> <mo>(</mo> <mi>m</mi> <mo>+</mo> <mn>2</mn> <mo>)</mo> </mrow> </semantics></math>-th element comprises a random number <math display="inline"><semantics> <msub> <mi>b</mi> <mi>P</mi> </msub> </semantics></math> utilized for masking the classification result. (<b>c</b>) The masked classification: calculated by the cloud server.</p> Full article ">Figure 6
<p>The required computation time by our approach and the most relevant ones varying the number of classes and the number of features. (<b>a</b>) Time on model owner vs. number of classes. (<b>b</b>) Time on model users vs. number of classes. (<b>c</b>) Time on cloud server vs. number of classes. (<b>d</b>) Time on model owner vs. number of features. (<b>e</b>) Time on model users vs. number of features. (<b>f</b>) Time on cloud server vs. number of features.</p> Full article ">Figure 7
<p>The computation time required by the model owner in the case of the original inner product cryptosystem proposed in [<a href="#B15-sensors-23-09033" class="html-bibr">15</a>] and our modified cryptosystem in this paper.</p> Full article ">Figure 8
<p>The communication costs of our proposal and the relevant works in [<a href="#B12-sensors-23-09033" class="html-bibr">12</a>,<a href="#B13-sensors-23-09033" class="html-bibr">13</a>]. (<b>a</b>) The communication cost on the model owner. (<b>b</b>) The communication cost on the model users. (<b>c</b>) The communication cost on the cloud server.</p> Full article ">
38 pages, 786 KiB  
Article
A Formal Verification of a Reputation Multi-Factor Authentication Mechanism for Constrained Devices and Low-Power Wide-Area Network Using Temporal Logic
by Wesley R. Bezerra, Jean E. Martina and Carlos B. Westphall
Sensors 2023, 23(15), 6933; https://doi.org/10.3390/s23156933 - 3 Aug 2023
Cited by 1 | Viewed by 1382
Abstract
There are many security challenges in IoT, especially related to the authentication of restricted devices in long-distance and low-throughput networks. Problems such as impersonation, privacy issues, and excessive battery usage are some of the existing problems evaluated through the threat modeling of this [...] Read more.
There are many security challenges in IoT, especially related to the authentication of restricted devices in long-distance and low-throughput networks. Problems such as impersonation, privacy issues, and excessive battery usage are some of the existing problems evaluated through the threat modeling of this work. A formal assessment of security solutions for their compliance in addressing such threats is desirable. Although several works address the verification of security protocols, verifying the security of components and their non-locking has been little explored. This work proposes to analyze the design-time security of the components of a multi-factor authentication mechanism with a reputation regarding security requirements that go beyond encryption or secrecy in data transmission. As a result, it was observed through temporal logic that the mechanism is deadlock-free and meets the requirements established in this work. Although it is not a work aimed at modeling the security mechanism, this document provides the necessary details for a better understanding of the mechanism and, consequently, the process of formal verification of its security properties. Full article
(This article belongs to the Special Issue Advances in IoT Privacy, Security and Applications)
Show Figures

Figure 1

Figure 1
<p>MFA_R Threat-modeling steps—in green, the macro steps are detailed; in purple, the three threat analysis (TM) steps are detailed. The workflow was divided into three macro-steps, with the second step being detailed in three other sub-steps.</p> Full article ">Figure 2
<p>Steps to develop the study for formal verification of the proposal—existing artifacts are shown in red; steps developed and reported in this study are shown in green; artifacts produced as a result of these steps are shown in blue; and the final result of the work is shown in purple.</p> Full article ">Figure 3
<p>Component diagram with main components of the multi-factor authentication mechanism with reputation—on the left is the node representing the IoT restricted device, and on the right is the LPWAN gateway with the authentication mechanism components.</p> Full article ">Figure 4
<p>Process of registering a device in the proposed mechanism. The diagram is composed of three states and four transitions, and its function is to model the evolution of device states against RegServ.</p> Full article ">Figure 5
<p>State machine for three-factor authentication, enforcement, and data publishing. The diagram is made up of 13 states and more than 25 transitions. It is the most complex state diagram of this work and the heart of the MFA_R operation. It represents the main processes and points for exploiting the listed vulnerabilities.</p> Full article ">Figure 6
<p>Sensor lifecycle state machine. It consists of eight states and 12 transitions. The diagram represents the sensor’s view of its internal state concerning the system and authentication mechanism.</p> Full article ">Figure 7
<p>The evolution of the authentication levels’ state machine diagram for the proposed mechanism. It features seven states and 12 transitions. It is responsible for modeling the behavior, evolution, and constraints of MFA_R authentication levels.</p> Full article ">Figure 8
<p>TA of the sensor registration process. Composed of three states and four transitions, it has two committed states, two transitions that generate events, and two transitions that wait for events.</p> Full article ">Figure 9
<p>TA of the sensor authentication process. It features 13 states and 23 transitions, including two final states, 15 event generations, and eight event queries. It controls and communicates with the other models (templates) to coordinate the operation of MFA_R.</p> Full article ">Figure 10
<p>Sensor lifecycle TA. It has eight states and 14 transitions, three final states, four event generations, and ten event queries. As a need for simulation, this diagram incorporates aspects of registration, authentication, and publication of—data, always from the sensor’s point of view.</p> Full article ">Figure 11
<p>TA of the evolution of authentication levels within the proposed mechanism. It contains seven states and 13 transitions, two of which are final states and all-event query transitions. It serves as a panel for better understanding and priority queries of the other templates.</p> Full article ">Figure 12
<p>Simulation of models through instances within Uppaal—in this simulation, we can see an instance of a sensor (sensor), one of the authentication mechanism processes (authentication), and one of the authentication levels (alevel).</p> Full article ">Figure 13
<p>Related works—quantitative data.</p> Full article ">Figure 14
<p>Threat modeling—quantitative data.</p> Full article ">Figure 15
<p>Quantitative overview of state diagrams and modeling in timed automata.</p> Full article ">
36 pages, 8585 KiB  
Article
The Cryptographic Key Distribution System for IoT Systems in the MQTT Environment
by Janusz Furtak
Sensors 2023, 23(11), 5102; https://doi.org/10.3390/s23115102 - 26 May 2023
Cited by 1 | Viewed by 1784
Abstract
The Internet of Things (IoT) is a very abundant source of data, as well as a source of many vulnerabilities. A significant challenge is preparing security solutions to protect IoT nodes’ resources and the data exchanged. The difficulty usually stems from the insufficient [...] Read more.
The Internet of Things (IoT) is a very abundant source of data, as well as a source of many vulnerabilities. A significant challenge is preparing security solutions to protect IoT nodes’ resources and the data exchanged. The difficulty usually stems from the insufficient resources of these nodes in terms of computing power, memory size, range energy resource, and wireless link performance. The paper presents the design and demonstrator of a system for symmetric cryptographic Key Generating, Renewing, and Distributing (KGRD). The system uses the TPM 2.0 hardware module to support cryptographic procedures, including creating trust structures, key generation, and securing the node’s exchange of data and resources. Clusters of sensor nodes and traditional systems can use the KGRD system to secure data exchange in the federated cooperation of systems with IoT-derived data sources. The transmission medium for exchanging data between KGRD system nodes is the Message Queuing Telemetry Transport (MQTT) service, which is commonly used in IoT networks. Full article
(This article belongs to the Special Issue Advances in IoT Privacy, Security and Applications)
Show Figures

Figure 1

Figure 1
<p>Illustration of IoT clusters and traditional information systems’ collaboration with the KGRD system (adapted from [<a href="#B21-sensors-23-05102" class="html-bibr">21</a>], taken from [<a href="#B23-sensors-23-05102" class="html-bibr">23</a>]).</p> Full article ">Figure 2
<p>The structure of the KGRD system (taken from [<a href="#B23-sensors-23-05102" class="html-bibr">23</a>]).</p> Full article ">Figure 3
<p>The structure of communication links in the KGRD system (taken from [<a href="#B23-sensors-23-05102" class="html-bibr">23</a>]).</p> Full article ">Figure 4
<p>The key generation and distribution process for N1 and N2 nodes (taken from [<a href="#B21-sensors-23-05102" class="html-bibr">21</a>,<a href="#B23-sensors-23-05102" class="html-bibr">23</a>]).</p> Full article ">Figure 5
<p>Communication channels in the KGRD system (taken from [<a href="#B21-sensors-23-05102" class="html-bibr">21</a>]).</p> Full article ">Figure 6
<p>The data of the KS node stored in its resources (adapted from [<a href="#B21-sensors-23-05102" class="html-bibr">21</a>]).</p> Full article ">Figure 7
<p>The data of the N node stored in its resources (adapted from [<a href="#B21-sensors-23-05102" class="html-bibr">21</a>]).</p> Full article ">Figure 8
<p>The key hierarchy in a software TPM after importing an NK key from a hardware TPM.</p> Full article ">Figure 9
<p>System node states and state change procedures.</p> Full article ">Figure 10
<p>Sequence diagram: (<b>a</b>) the KS node’s resource contents in the hardware TPM (<b>b</b>) and software TPM (<b>c</b>) after the KS node initialization procedure (adapted from [<a href="#B21-sensors-23-05102" class="html-bibr">21</a>]).</p> Full article ">Figure 11
<p>Transfer file “node_desc_export” (adapted from [<a href="#B21-sensors-23-05102" class="html-bibr">21</a>]).</p> Full article ">Figure 12
<p>KS node data resources after the credentials preparation procedure is completed (adapted from [<a href="#B21-sensors-23-05102" class="html-bibr">21</a>]).</p> Full article ">Figure 13
<p>Sequence diagram: (<b>a</b>) the N node’s resources contents in the hardware TPM (<b>b</b>) and software TPM (<b>c</b>) after the N node initialization procedure (adapted from [<a href="#B21-sensors-23-05102" class="html-bibr">21</a>]).</p> Full article ">Figure 14
<p>Data transfer from the “node_descr_export” file during the N<span class="html-italic"><sub>k</sub></span> node initialization procedure (adapted from [<a href="#B21-sensors-23-05102" class="html-bibr">21</a>]).</p> Full article ">Figure 15
<p>N node data resources after setting the list of cooperators procedure is completed (adapted from [<a href="#B21-sensors-23-05102" class="html-bibr">21</a>]).</p> Full article ">Figure 16
<p>The way N-type nodes interact with KS nodes during the procedure. N-type nodes’ registration procedure (adapted from [<a href="#B21-sensors-23-05102" class="html-bibr">21</a>]).</p> Full article ">Figure 17
<p>The sequence diagram for the registration procedure of N-type nodes (taken from [<a href="#B21-sensors-23-05102" class="html-bibr">21</a>]).</p> Full article ">Figure 18
<p>The KS node’s data resources after registering the first N-type node (<b>a</b>) and the N-type node data resources after registering it (<b>b</b>) (adapted from [<a href="#B21-sensors-23-05102" class="html-bibr">21</a>]).</p> Full article ">Figure 19
<p>The node registration request frame (adapted from [<a href="#B21-sensors-23-05102" class="html-bibr">21</a>]).</p> Full article ">Figure 20
<p>Node registration confirmation frame (adapted from [<a href="#B21-sensors-23-05102" class="html-bibr">21</a>]).</p> Full article ">Figure 21
<p>MQTT service data exchange diagram for the N node registration procedure (taken from [<a href="#B21-sensors-23-05102" class="html-bibr">21</a>]).</p> Full article ">Figure 22
<p>The interaction of N nodes with the KS node when generating and distributing keys (adapted from [<a href="#B21-sensors-23-05102" class="html-bibr">21</a>]).</p> Full article ">Figure 23
<p>The sequence diagram for the symmetric key generating and distributing procedure (taken from [<a href="#B21-sensors-23-05102" class="html-bibr">21</a>,<a href="#B23-sensors-23-05102" class="html-bibr">23</a>]).</p> Full article ">Figure 24
<p>The contents of the resources of node N after step (3) (<b>a</b>) and after step (6) (<b>b</b>) of the procedure for generating cryptographic material for the first cooperator of node N (adapted from [<a href="#B21-sensors-23-05102" class="html-bibr">21</a>]).</p> Full article ">Figure 25
<p>The interaction of the N1 node with the N2 node during data exchange (adapted from [<a href="#B21-sensors-23-05102" class="html-bibr">21</a>]).</p> Full article ">Figure 26
<p>Diagram of the sequence of sending a data packet from node N1 to node N2 (taken from [<a href="#B21-sensors-23-05102" class="html-bibr">21</a>]).</p> Full article ">Figure 27
<p>The data frame N2 (taken from [<a href="#B21-sensors-23-05102" class="html-bibr">21</a>]).</p> Full article ">Figure 28
<p>Confirmation frame for receiving data N2 (taken from [<a href="#B21-sensors-23-05102" class="html-bibr">21</a>]).</p> Full article ">Figure 29
<p>MQTT service data exchange diagram for data transfer from N_ID1 to the N_ID2 node (adapted from [<a href="#B21-sensors-23-05102" class="html-bibr">21</a>]).</p> Full article ">Figure 30
<p>Sequence diagram (<b>a</b>) and TPM’s software resources (<b>b</b>) after the procedure for restarting the KS and N nodes after powering on again.</p> Full article ">Figure 31
<p>View of the Infineon Optiga™ SLB 9670 TPM 2.0 module (<b>a</b>) and how the TPM module was installed on the Raspberry Pi board (<b>b</b>).</p> Full article ">Figure 32
<p>A view of the KGRD system demonstrator (taken from [<a href="#B23-sensors-23-05102" class="html-bibr">23</a>]).</p> Full article ">Figure 33
<p>Node console view of N1 (<b>a</b>), KS (<b>b</b>), and N2 (<b>c</b>) during key generation and distribution for N1 and N2 nodes.</p> Full article ">Figure 34
<p>The transfer of messages on the MQTT server during the generation and distribution of keys for nodes N1 and N2.</p> Full article ">
16 pages, 455 KiB  
Article
Provably Secure Receiver-Unrestricted Group Key Management Scheme for Mobile Ad Hoc Networks
by Rui Zhang, Wendie Han, Lei Zhang, Lulu Wang and Xinyu Meng
Sensors 2023, 23(9), 4198; https://doi.org/10.3390/s23094198 - 22 Apr 2023
Cited by 3 | Viewed by 1324
Abstract
Mobile ad hoc networks (MANETs) are self-configuring networks of wireless nodes, i.e., mobile devices. Since communications in MANETs occur via wireless channels, it is of significance to secure communications among wireless and mobile nodes. Group key management, as a widely used method for [...] Read more.
Mobile ad hoc networks (MANETs) are self-configuring networks of wireless nodes, i.e., mobile devices. Since communications in MANETs occur via wireless channels, it is of significance to secure communications among wireless and mobile nodes. Group key management, as a widely used method for securing group communications, has potentially been used in MANETs for years. Most recently, a secure receiver-unrestricted group key management scheme for MANETs has been proposed, which is used to establish a secure channel among a group of wireless nodes without a trusted dealer, which has some advantages such as eliminating the certificate management problem and receiver restriction. However, a formal security analysis of this scheme is still lacking. Therefore, in this paper, we propose the complete security proof to demonstrate that the scheme satisfies the essential security properties including authentication, message confidentiality, known-key security and dynamic secrecy. We also give a brief discussion about the efficiency of the scheme. Full article
(This article belongs to the Special Issue Advances in IoT Privacy, Security and Applications)
Show Figures

Figure 1

Figure 1
<p>System architecture.</p> Full article ">Figure 2
<p>Average time costs.</p> Full article ">
15 pages, 11888 KiB  
Article
Steganography in IoT: Information Hiding with Joystick and Touch Sensors
by Katarzyna Koptyra and Marek R. Ogiela
Sensors 2023, 23(6), 3288; https://doi.org/10.3390/s23063288 - 20 Mar 2023
Cited by 4 | Viewed by 2288
Abstract
This paper describes a multi-secret steganographic system for the Internet-of-Things. It uses two user-friendly sensors for data input: thumb joystick and touch sensor. These devices are not only easy to use, but also allow hidden data entry. The system conceals multiple messages into [...] Read more.
This paper describes a multi-secret steganographic system for the Internet-of-Things. It uses two user-friendly sensors for data input: thumb joystick and touch sensor. These devices are not only easy to use, but also allow hidden data entry. The system conceals multiple messages into the same container, but with different algorithms. The embedding is realized with two methods of video steganography that work on mp4 files, namely, videostego and metastego. These methods were chosen because of their low complexity so that they may operate smoothly in environments with limited resources. It is possible to replace the suggested sensors with others that offer similar functionality. Full article
(This article belongs to the Special Issue Advances in IoT Privacy, Security and Applications)
Show Figures

Figure 1

Figure 1
<p>Relationship between steganography requirements.</p> Full article ">Figure 2
<p>Possible platforms for multi-secret steganography system: (<b>a</b>) Raspberry Pi 4 Model B (Laserlicht/Wikimedia Commons/<span class="html-fig-inline" id="sensors-23-03288-i001"><img alt="Sensors 23 03288 i001" src="/sensors/sensors-23-03288/article_deploy/html/images/sensors-23-03288-i001.png"/></span>); (<b>b</b>) Arduino Uno (R.hampl/Wikimedia Commons/<span class="html-fig-inline" id="sensors-23-03288-i001"><img alt="Sensors 23 03288 i001" src="/sensors/sensors-23-03288/article_deploy/html/images/sensors-23-03288-i001.png"/></span>).</p> Full article ">Figure 3
<p>Thumb joystick with button.</p> Full article ">Figure 4
<p>Capacitive touch sensor.</p> Full article ">Figure 5
<p>Example of videostego embedding. The hidden message is “Hello world!” (white boxes). Yellow boxes show message bits, red boxes indicate required bit flipping, and green boxes depict resulting bytes.</p> Full article ">Figure 6
<p>Example of metastego embedding.</p> Full article ">Figure 7
<p>Embedding order.</p> Full article ">Figure 8
<p>Extracting the hidden messages.</p> Full article ">Figure 9
<p>Hiding data with a joystick: (<b>a</b>) Keypad of an old telephone; (<b>b</b>) Mapping from joystick positions to letters.</p> Full article ">Figure 10
<p>Videostego method: (<b>a</b>) carrier before embedding; (<b>b</b>) carrier after embedding, two orange bytes encode the length, green bytes contain secret data in their least significant bits.</p> Full article ">Figure 11
<p>Result of embedding secret in metadata.</p> Full article ">Figure 12
<p>Graphical summary of lengths of most frequent words in English.</p> Full article ">Figure 13
<p>Graphical summary of number of gestures needed for telephone-encoded words (<b>top</b>) and morse-encoded words (<b>bottom</b>).</p> Full article ">Figure 14
<p>Other tested sensors: (<b>a</b>) another touch sensor; (<b>b</b>) button; (<b>c</b>) reed switch; (<b>d</b>) photo interrupt sensor; (<b>e</b>) rotary encoder.</p> Full article ">
23 pages, 290 KiB  
Article
Security Evaluation of Arduino Projects Developed by Hobbyist IoT Programmers
by Fulvio Corno and Luca Mannella
Sensors 2023, 23(5), 2740; https://doi.org/10.3390/s23052740 - 2 Mar 2023
Cited by 7 | Viewed by 3296
Abstract
Arduino is an open-source electronics platform based on cheap hardware and the easy-to-use software Integrated Development Environment (IDE). Nowadays, because of its open-source nature and its simple and accessible user experience, Arduino is ubiquitous and used among hobbyist and novice programmers for Do [...] Read more.
Arduino is an open-source electronics platform based on cheap hardware and the easy-to-use software Integrated Development Environment (IDE). Nowadays, because of its open-source nature and its simple and accessible user experience, Arduino is ubiquitous and used among hobbyist and novice programmers for Do It Yourself (DIY) projects, especially in the Internet of Things (IoT) domain. Unfortunately, such diffusion comes with a price. Many developers start working on this platform without having a deep knowledge of the leading security concepts in Information and Communication Technologies (ICT). Their applications, often publicly available on GitHub (or other code-sharing platforms), can be taken as examples by other developers or downloaded and used by non-expert users, spreading these issues in other projects. For these reasons, this paper aims at understanding the current landscape by analyzing a set of open-source DIY IoT projects and looking for potential security issues. Furthermore, the paper classifies those issues according to the proper security category. This study’s results offer a deeper understanding of the security concerns in Arduino projects created by hobbyist programmers and the dangers that may be faced by those who use these projects. Full article
(This article belongs to the Special Issue Advances in IoT Privacy, Security and Applications)
17 pages, 2024 KiB  
Article
Rank and Wormhole Attack Detection Model for RPL-Based Internet of Things Using Machine Learning
by F. Zahra, NZ Jhanjhi, Sarfraz Nawaz Brohi, Navid Ali Khan, Mehedi Masud and Mohammed A. AlZain
Sensors 2022, 22(18), 6765; https://doi.org/10.3390/s22186765 - 7 Sep 2022
Cited by 29 | Viewed by 3987
Abstract
The proliferation of the internet of things (IoT) technology has led to numerous challenges in various life domains, such as healthcare, smart systems, and mission-critical applications. The most critical issue is the security of IoT nodes, networks, and infrastructures. IoT uses the routing [...] Read more.
The proliferation of the internet of things (IoT) technology has led to numerous challenges in various life domains, such as healthcare, smart systems, and mission-critical applications. The most critical issue is the security of IoT nodes, networks, and infrastructures. IoT uses the routing protocol for low-power and lossy networks (RPL) for data communication among the devices. RPL comprises a lightweight core and thus does not support high computation and resource-consuming methods for security implementation. Therefore, both IoT and RPL are vulnerable to security attacks, which are broadly categorized into RPL-specific and sensor-network-inherited attacks. Among the most concerning protocol-specific attacks are rank attacks and wormhole attacks in sensor-network-inherited attack types. They target the RPL resources and components including control messages, repair mechanisms, routing topologies, and sensor network resources by consuming. This leads to the collapse of IoT infrastructure. In this paper, a lightweight multiclass classification-based RPL-specific and sensor-network-inherited attack detection model called MC-MLGBM is proposed. A novel dataset was generated through the construction of various network models to address the unavailability of the required dataset, optimal feature selection to improve model performance, and a light gradient boosting machine-based algorithm optimized for a multiclass classification-based attack detection. The results of extensive experiments are demonstrated through several metrics including confusion matrix, accuracy, precision, and recall. For further performance evaluation and to remove any bias, the multiclass-specific metrics were also used to evaluate the model, including cross-entropy, Cohn’s kappa, and Matthews correlation coefficient, and then compared with benchmark research. Full article
(This article belongs to the Special Issue Advances in IoT Privacy, Security and Applications)
Show Figures

Figure 1

Figure 1
<p>Conceptual design and architecture of the proposed model.</p> Full article ">Figure 2
<p>Protocol-specific attack simulation in RPL-based IoT networks simulated in Cooja. The attacker is located at position 10 in the left-hand side network, while two attackers are located at positions 19 and 20 in the right-hand side network.</p> Full article ">Figure 3
<p>SN-inherited attack simulation in RPL-based IoT network simulated in Cooja.</p> Full article ">Figure 4
<p>Workflow of data collection module.</p> Full article ">Figure 5
<p>Training and testing accuracy of the proposed model.</p> Full article ">Figure 6
<p>Training and testing precision of the proposed model.</p> Full article ">Figure 7
<p>Training and testing recall of the proposed model.</p> Full article ">
Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:
 
Displaying articles 1-7
Back to TopTop