Securing Internet of Things (IoT) with machine learning

Advances in hardware, software, communication, embedding computing technologies along with their decreasing costs and increasing performance have led to the emergence of the Internet of Things (IoT) paradigm. Today, several billions of Internet‐connected devices are part of the IoT ecosystem. IoT devices have become an integral part of the information and communication technology (ICT) infrastructure that supports many of our daily activities. The security of these IoT devices has been receiving a lot of attention in recent years. Another major recent trend is the amount of data that is being produced every day which has reignited interest in technologies such as machine learning and artificial intelligence. We investigate the potential of machine learning techniques in enhancing the security of IoT devices. We focus on the deployment of supervised, unsupervised learning techniques, and reinforcement learning for both host‐based and network‐based security solutions in the IoT environment. Finally, we discuss some of the challenges of machine learning techniques that need to be addressed in order to effectively implement and deploy them so that they can better protect IoT devices.     

IoT–Cloud collaboration to establish a secure connection for lightweight devices

Internet of Things (IoT) technologies allow everyday objects including small devices in sensor networks to be capable of connecting to the Internet. Such an innovative technology can lead to positive changes in human life. However, if there is no proper security mechanism, private and sensitive data around humans can be revealed to the public Internet. In this aspect, this paper considers security issues of the IoT. In particular, we focus on various challenges in deploying Datagram Transport Layer Security (DTLS) protocol into a resource constrained environment. DTLS provides secure communication with UDP-based applications the same as TLS does for TCP-based applications. Several standard organizations such as IETF, oneM2M and OMA recommend using the DTLS as a default secure scheme for CoAP which is a new standard specified for resource-constrained environments. To find a practical way to deploy the DTLS in such a constrained IoT environments, we propose an IoT–Cloud collaboration system, where DTLS handshake delegation is the main component. We also implement and evaluate the proposed system in our real IoT testbed, where constrained devices are interconnected with each other in a multi-hop fashion. Evaluation results show that the proposed scheme dramatically reduces DTLS handshake latency, implementation code size and energy consumption.     

A secure multifactor remote user authentication scheme for Internet of Multimedia Things environment

To attain ubiquitous connectivity of everything, Internet of Things (IoT) systems must include “multimedia things.” Internet of Multimedia Things (IoMT) is a heterogeneous network of smart multimedia things connected together and with other physical devices to the Internet so as to achieve globally available multimedia services and applications. Due to the ever increasing amount of multimedia data in IoT environments, securing these systems becomes crucial. This is because these systems are easily susceptible to attacks when information or any service is accessed by the users. In this paper, we propose a secure three‐factor remote user authentication scheme for IoMT systems using ECC. The formal security proof performed using ROR model and BAN logic confirms that an attacker will not be able to extract sensitive user information. Through informal security analysis, we justify the resistance of the scheme against several security attacks. The performance comparison shows that the scheme is efficient in terms of computational cost, security features, and attack resistance. Furthermore, simulation of the scheme using AVISPA and Proverif proves that the scheme is secure against all active and passive attacks.     

Machine learning-based clustering protocols for Internet of Things networks: An overview

The Internet of Things (IoT) continues to expand the current Internet, opening the door to a wide range of novel applications. The increasing volume of the IoT requires effective strategies to overcome its challenges. Machine Learning (ML) has led to a growing technology that enables computers to solve problems without the need for knowledge of their intricate details. Over the past years, various ML techniques have been used to efficiently manage IoT networks. Clustering is a technique that has proven its performance in the networking domain. Many works in the literature have studied ML-based clustering methods for IoT networks, including their main properties, characteristics, underlying technologies, and open issues. In this paper, we focus on topology-centered ML-based clustering protocols for IoT networks. Specifically, we investigate the potential benefits of adopting the clustering approach to address several IoT challenges. Moreover, we provide a comprehensive taxonomy of ML-based clustering algorithms for IoT networks. Finally, we statistically analyze the incorporation of ML techniques for clustering in various IoT systems and highlight the related open issues.     

基于物联网的网络信息安全体系

物联网是计算机、互联网与移动通信网等相关技术的演进和延伸,其核心共性技术、网络与信息安全技术以及关键应用是物联网的主要研究内容。物联网感知节点大都部署在无人监控环境,并且由于物联网是在现有的网络基础上扩展了感知网络和应用平台,传统网络安全措施不足以提供可靠的安全保障。物联网安全研究将主要集中在物联网安全体系、物联网个体隐私保护模式、终端安全功能、物联网安全相关法律的制订等方面。     

物联网发展中的安全风险及对策研究

分析了国内外物联网安全政策、技术、标准、产业等形势,重点强调了当前我国物联网发展中存在的安全风险,包括大连接环境下的设备风险、物联网网络本身安全风险以及物联网上承载的各类应用安全风险,提出了打造以密码为核心的物联网安全体系,加速新技术在物联网安全的应用,以新基建为契机建立物联网领域安全设备泛在化部署新体系,以多层次立体式理念确保物联网安全,呼吁供给侧需求侧建立安全协同新机制,共同促进物联网产业安全可持续发展。     

LaSa: Location Aware Wireless Security Access Control for IoT Systems

Mobile Networks and Applications - IoT (Internet of Things) security has become a severe yet not well solved problem attracting increasing research attention as well as industrial concerns....     

A roadmap for security challenges in the Internet of Things

Unquestionably, communicating entities (object, or things) in the Internet of Things (IoT) context are playing an active role in human activities, systems and processes. The high connectivity of intelligent objects and their severe constraints lead to many security challenges, which are not included in the classical formulation of security problems and solutions. The Security Shield for IoT has been identified by DARPA (Defense Advanced Research Projects Agency) as one of the four projects with a potential impact broader than the Internet itself. To help interested researchers contribute to this research area, an overview of the IoT security roadmap overview is presented in this paper based on a novel cognitive and systemic approach. The role of each component of the approach is explained, we also study its interactions with the other main components, and their impact on the overall. A case study is presented to highlight the components and interactions of the systemic and cognitive approach. Then, security questions about privacy, trust, identification, and access control are discussed. According to the novel taxonomy of the IoT framework, different research challenges are highlighted, important solutions and research activities are revealed, and interesting research directions are proposed. In addition, current standardization activities are surveyed and discussed to the ensure the security of IoT components and applications.     

Secure communication in CloudIoT through design of a lightweight authentication and session key agreement scheme

Internet of Things (IoT) is a newly emerged paradigm where multiple embedded devices, known as things, are connected via the Internet to collect, share, and analyze data from the environment. In order to overcome the limited storage and processing capacity constraint of IoT devices, it is now possible to integrate them with cloud servers as large resource pools. Such integration, though bringing applicability of IoT in many domains, raises concerns regarding the authentication of these devices while establishing secure communications to cloud servers. Recently, Kumari et al proposed an authentication scheme based on elliptic curve cryptography (ECC) for IoT and cloud servers and claimed that it satisfies all security requirements and is secure against various attacks. In this paper, we first prove that the scheme of Kumari et al is susceptible to various attacks, including the replay attack and stolen-verifier attack. We then propose a lightweight authentication protocol for secure communication of IoT embedded devices and cloud servers. The proposed scheme is proved to provide essential security requirements such as mutual authentication, device anonymity, and perfect forward secrecy and is robust against security attacks. We also formally verify the security of the proposed protocol using BAN logic and also the Scyther tool. We also evaluate the computation and communication costs of the proposed scheme and demonstrate that the proposed scheme incurs minimum computation and communication overhead, compared to related schemes, making it suitable for IoT environments with low processing and storage capacity.     

基于商密SM9算法的物联网安全平台设计与应用

物联网普遍存在遭受网络攻击类型多样化、没有安全保护标准、数据极易被截获或破解等安全风险,核心问题在于缺乏设备、服务提供者、应用、数据、交易等物的安全认证机制。因此,有必要建立一种提供认证鉴权和数据保护的方案体系,建立物与物、物与人之间的信任。密码技术是解决核心安全问题的基础理论和技术,而传统的证书体系并不适应于物联网环境,基于商密SM9的算法才是目前物联网安全认证的最佳选择。物联网安全平台依赖商密SM9算法的优势,有效克服了传统算法中密钥分发安全性弱等问题,深入物联网行业终端与应用层面,建立了面向物联网业务的端到端安全。     

Fog-Sec: Secure end-to-end communication in fog-enabled IoT network using permissioned blockchain system

The technological integration of the Internet of Things (IoT)-Cloud paradigm has enabled intelligent linkages of things, data, processes, and people for efficient decision making without human intervention. However, it poses various challenges for IoT networks that cannot handle large amounts of operation technology (OT) data due to physical storage shortages, excessive latency, higher transfer costs, a lack of context awareness, impractical resiliency, and so on. As a result, the fog network emerged as a new computing model for providing computing capacity closer to IoT edge devices. The IoT-Fog-Cloud network, on the other hand, is more vulnerable to multiple security flaws, such as missing key management problems, inappropriate access control, inadequate software update mechanism, insecure configuration files and default passwords, missing communication security, and secure key exchange algorithms over unsecured channels. Therefore, these networks cannot make good security decisions, which are significantly easier to hack than to defend the fog-enabled IoT environment. This paper proposes the cooperative flow for securing edge devices in fog-enabled IoT networks using a permissioned blockchain system (pBCS). The proposed fog-enabled IoT network provides efficient security solutions for key management issues, communication security, and secure key exchange mechanism using a blockchain system. To secure the fog-based IoT network, we proposed a mechanism for identification and authentication among fog, gateway, and edge nodes that should register with the blockchain network. The fog nodes maintain the blockchain system and hold a shared smart contract for validating edge devices. The participating fog nodes serve as validators and maintain a distributed ledger/blockchain to authenticate and validate the request of the edge nodes. The network services can only be accessed by nodes that have been authenticated against the blockchain system. We implemented the proposed pBCS network using the private Ethereum 2.0 that enables secure device-to-device communication and demonstrated performance metrics such as throughput, transaction delay, block creation response time, communication, and computation overhead using state-of-the-art techniques. Finally, we conducted a security analysis of the communication network to protect the IoT edge devices from unauthorized malicious nodes without data loss.     

A blockchain future for internet of things security: a position paper

Internet of Things (IoT) devices are increasingly being found in civilian and military contexts, ranging from smart cities and smart grids to Internet-of-Medical-Things, Internet-of-Vehicles, Internet-of-Military-Things, Internet-of-Battlefield-Things, etc. In this paper, we survey articles presenting IoT security solutions published in English since January 2016. We make a number of observations, including the lack of publicly available IoT datasets that can be used by the research and practitioner communities. Given the potentially sensitive nature of IoT datasets, there is a need to develop a standard for sharing IoT datasets among the research and practitioner communities and other relevant stakeholders. Thus, we posit the potential for blockchain technology in facilitating secure sharing of IoT datasets (e.g., using blockchain to ensure the integrity of shared datasets) and securing IoT systems, before presenting two conceptual blockchain-based approaches. We then conclude this paper with nine potential research questions.     

A systematic literature review of machine learning applications in IoT

The Internet of Things (IoT) is a network of interconnected smart objects having capabilities that collectively form an ecosystem and enable the delivery of smart services to users. The IoT is providing several benefits into people's lives through the environment. The various applications that are run in the IoT environment offer facilities and services. The most crucial services provided by IoT applications are quick decision for efficient management. Recently, machine learning (ML) techniques have been successfully used to maximize the potential of IoT systems. This paper presents a systematic review of the literature on the integration of ML methods in the IoT. The challenges of IoT systems are split into two categories: fundamental operation and performance. We also look at how ML is assisting in the resolution of fundamental system operation challenges such as security, big data, clustering, routing, and data aggregation.     

物联网搜索技术综述

随着物联网的普及和发展,物联网搜索是摆在学术界和工业界面前迫切需要解决的问题,物联网搜索因此成为当前的一个研究热点。面对越来越多的传感器以及它们所产生的数据,只有结合智能的物联网搜索,才能体现这些数据的生命力。与传统的Baidu、Google、Bing、Yahoo等搜索引擎不同,物联网搜索从搜索对象、物理网数据的特点（大规模的、实时变化的、高度动态的、异构的、复杂的安全环境等）到物联网搜索的架构均与传统互联网不同,这导致了物联网搜所面临的挑战将更大。由此,阐述了物联网搜索的概念、特点、相关技术,对现有的典型系统和算法进行了比较性总结,分析了目前研究中存在的问题和挑战,并展望了其未来的发展方向。     

基于关注人员动态感知技术的警务物联网构架研究

在当前全球范围内不断增加的恐怖袭击威胁下,公安机关和相关执法机构试图找到更有效的方法来实现对重点关注人员的监测和预警。物联网技术手段的出现为实现这个目标提供了可能,但采用什么体系架构更加有利于实现这个目标是一个挑战。本文通过现有架构和实际需求的具体分析,基于分层模式提出了一个分布式的、可互操作的、适应于警务工作的物联网体系结构,来解决我们传统物联网架构中遇到的问题,为解决实际工作需求提供了一种全新思路。     

Interoperability of Security-Enabled Internet of Things

The future Internet will embrace the intelligence of Web 3.0 and the omnipresence of every day connected objects. The later was envisioned as the Internet of Things. Security and interoperability concerns are hindering the service innovations using the Internet of Things. This paper addresses secure access provision to Internet of Things-enabled services and interoperability of security attributes between different administrative domains. In this paper we proposed a layered architecture of Internet of Things framework where a semantically enhanced overlay interlink the other layers and facilitate secure access provision to Internet of Things-enabled services. The main element of semantic overlay is security reasoning through ontologies and semantic rules. Finally the interoperability of security aspect is addressed through ontology and a machine-to-machine platform. This paper provides implementation details of security reasoning and the interoperability aspects and discusses crucial challenges in these areas.     

Security and privacy issues of physical objects in the IoT: Challenges and opportunities

In the Internet of Things (IoT), security and privacy issues of physical objects are crucial to the related applications. In order to clarify the complicated security and privacy issues, the life cycle of a physical object is divided into three stages of pre-working, in-working, and post-working. On this basis, a physical object-based security architecture for the IoT is put forward. According to the security architecture, security and privacy requirements and related protecting technologies for physical objects in different working stages are analyzed in detail. Considering the development of IoT technologies, potential security and privacy challenges that IoT objects may face in the pervasive computing environment are summarized. At the same time, possible directions for dealing with these challenges are also pointed out.     

Secure IoT solution for wearable health care applications,case study Electric Imp development platform

Internet expansion affects currently diverse entities on the physical world and daily life. The democratization of the technology called Internet of Things (IoT) brings back many problems associated with the security of the transmitted data, autonomy, and ease of use, with the central constraint of gathering momentum. The use of an embedded development platform for IoT operating through Wi‐Fi and cloud technology is in our case the solution that fits the internet model objects for wearable health care application. This work involves the study and implementation of wearable IoT secure solution dedicated to health care devoted to old and dependent people. The proposed hardware, powered by solar cells, operate through smart sleep and wake up events. The relevant part of the developed IoT operating software exploits the multiagent behavior. Case study, based on the exploitation of the Electric Imp platform, is proposed.     

物联网中一种抗大规模天线阵列窃听者的噪声注入方案

物联网中无线传输的安全难题是制约其发展的重要瓶颈,物联网终端受限的计算能力与硬件配置以及配备大规模天线阵列的窃听者给物理层安全技术带来了新的挑战。针对该问题,该文提出一种可对抗大规模天线阵列窃听者的轻量级噪声注入策略。首先,对所提出的噪声注入策略进行介绍,并分析了该策略的安全性;然后,基于该策略得到了系统吞吐量的闭式表达式,并对时隙分配系数和功率分配系数进行优化设计。理论和仿真结果表明,通过对物联网系统参数进行设计,所提出的噪声注入策略能够实现私密信息的安全传输。     

HIoTPOT: Surveillance on IoT Devices against Recent Threats

Honeypot Internet of Things (IoT) (HIoTPOT) keep a secret eye on IoT devices and analyzes the various recent threats which are dangerous to IoT devices. In this paper, implementation of a research honeypot is presented which is used to learn the recent tactics and ethics used by black hat community to attack on IoT devices. As IoT is open and easy for accessing, all the intruders are highly attracted towards IoT. Recently Telnet based attacks are very famous on IoT devices to get easy access and attack on other devices. To reduce these kinds of threats, it is necessary to know in details about intruder, therefore the aim of this research work is to implement novel based secret eye server known as HIoTPOT which will make the IoT environment more safe and secure.