IoT, Volume 7, Issue 1 (March 2026) – 19 articles

Smart homes are becoming increasingly common, bringing convenience to users but also raising serious security concerns. As the number of connected devices grows, so does the research interest in securing smart homes. However, the literature is broad, making it difficult to understand the main research directions and how they are connected. Given the scope and diversity of existing research, a systematic mapping study was chosen to provide a high-level overview of smart home security research by mapping research communities, identifying dominant themes, and examining their evolution over time. We retrieved articles from the Scopus database published between 2000 and April 2025, resulting in approximately 13,600 articles. After filtering out unrelated domains such as smart vehicles, smart industry, and general IoT, a final set of 6313 publications specifically focused on smart home security was used for analysis. We applied a citation-based network analysis approach, constructed an author citation graph, and used the Louvain community detection algorithm to identify 12 main research communities. Each community was further analyzed based on its keywords, most-cited publications, leading authors, and institutions. Our results provide a structured overview of the field, highlighting its key themes and evolution over time. This work can help researchers better navigate the smart home security landscape and identify future research opportunities. Full article

Since the deployment of the Internet of Things (IoT), it has transformed everyday life by enabling intelligent environments that improve efficiency and automate services in domains such as agriculture, healthcare, smart cities, and industry. However, the rapid proliferation of IoT devices has introduced significant security challenges, largely driven by the heterogeneity of devices, resource constraints, and the increasing exposure of network communications. This work proposes a lightweight security protection mechanism for IoT networks based on trust modelling. The proposed approach integrates machine learning techniques to evaluate IoT node behavior using network-layer (Layer 3) traffic features under different labeling granularities, including binary, categorical, and subcategorical classifications. By focusing on network-layer observations, the model remains applicable across heterogeneous IoT devices while preserving a low computational footprint. In addition, the Common Vulnerability Scoring System (CVSS) is incorporated as a standardized vulnerability severity metric, enabling the integration of probabilistic security evidence with contextual information about potential impact. This combination allows the estimation of trust to reflect not only the likelihood of anomalous behavior but also its associated severity. Experimental evaluation was conducted using a representative IoT traffic dataset, multiple preprocessing strategies, and several classical machine learning models. The results demonstrate that aggregating traffic-based intrusion detection outputs with vulnerability severity metrics enables a more robust, flexible, and interpretable trust estimation process. This approach supports the early identification of potentially compromised nodes while maintaining scalability and efficiency, making it suitable for deployment in heterogeneous IoT environments. Full article

Migrating to Post-Quantum Cryptography (PQC) is critical for securing resource-constrained Internet of Things (IoT) devices against the “harvest-now, decrypt-later” threat. While ML-KEM (CRYSTALS-Kyber) has been standardized under FIPS 203 for general encryption, these devices often operate on unreliable networks suffering from high latency and packet loss. Our recent systematic review identified a critical gap that existing research overwhelmingly focuses on Transport Layer Security (TLS). This leaves the resilience of lightweight protocols like MQTT and CoAP under challenging network conditions largely unexplored. This paper introduces PQC-IoTNet, a novel Software-in-the-Loop (SITL) framework to address this gap. Our three-tier architecture integrates a Python-based IoT client with kernel-level emulation to test the full protocol stack. Validation results comparing Kyber and ECC demonstrate the framework’s ability to capture critical performance cliffs caused by TCP retransmissions. Notably, the framework revealed that while Kyber maintained an 18% speed advantage over ECC at 5% packet loss, both protocols experienced nonlinear latency spikes. This work provides a reproducible blueprint to identify operational boundaries and select resilient protocols for secure IoT systems. Full article

The rapid growth of the Internet of Things (IoT) has exposed billions of interconnected, heterogeneous, and resource-constrained devices to increasingly sophisticated threats. To evaluate the readiness of current intrusion detection systems (IDSs), this study reviews 32 recent IoT-IDS proposals spanning conventional, machine-learning, deep-learning, and hybrid approaches. Each system is assessed against 10 criteria that reflect practical IoT requirements, including real-time performance, latency, lightweight design, detection accuracy, mitigation capabilities, integrated detection-and-mitigation workflows, adaptability, resilience to advanced attacks, validation in realistic environments, and scalability. The results indicate that although many approaches achieve high detection accuracy, most do not meet real-time and lightweight thresholds commonly cited in IoT deployment literature. Mitigation features are often absent, adaptability is rarely implemented, and 29 out of 32 studies rely solely on offline datasets, thereby limiting confidence in their robustness to deployment. Scalability remains the most significant limitation, as none of the reviewed IDSs have tested their performance under realistic multi-node or high-traffic conditions, even though scalability is critical for large IoT ecosystems. Overall, the review suggests that future IoT IDS research should move beyond accuracy-focused models and toward lightweight, adaptive, and autonomous solutions that incorporate mitigation, support real-time inference, and undergo standardized evaluations under real-world operating conditions. Full article

Gun violence in U.S. schools not only causes loss of life and physical injury but also leaves enduring psychological trauma, damages property, and results in significant economic losses. One way to reduce this loss is to detect the gun early, notify the police as soon as possible, and implement lockdown procedures immediately. In this project, a novel gun detector Internet of Things (IoT) system is developed that automatically detects the presence of a gun either from images or from gunshot sounds, and sends notifications with exact location information to the first responder’s smartphones using the Internet within a second. The device also sends wireless commands using Message Queuing Telemetry Transport (MQTT) protocol to close the smart door locks in classrooms and announce to act using public address (PA) system automatically. The proposed system will remove the burden of manually calling the police and implementing the lockdown procedure during such traumatic situations. Police will arrive sooner, and thus it will help to stop the shooter early, the injured people can be taken to the hospital quickly, and more lives can be saved. Two custom deep learning AI models are used: (a) to detect guns from image data having an accuracy of 94.6%, and (b) the gunshot sounds from audio data having an accuracy of 99%. No single gun detector device is available in the literature that can detect guns from both image and audio data, implement lockdown and make PA announcement automatically. A prototype of the proposed gunshot detector IoT system, and a smartphone app is developed, and tested with gun replicas and blank guns in real-time. Full article

Healthcare 5.0 and the Internet of Medical Things (IoMT) is emerging as a scalable model for the delivery of customised healthcare and chronic disease management, through Remote Patient Monitoring (RPM) in patient smart home environments. Large-scale RPM initiatives are being rolled out by healthcare providers (HCPs); however, the constrained nature of IoMT devices and proximity to poorly administered smart home technologies create a cyber risk for highly personalised patient data. The recent Network and Information Systems (NIS 2) directive requires HCPs to improve their cyber risk management approaches, mandating heavy penalties for non-compliance. Current research into cyber risk management in smart home-based RPM does not address scalability. This research examines scalability through the lens of the Non-adoption, Abandonment, Scale-up, Spread and Sustainability (NASSS) framework and develops a novel Scalability Index (SI), informed by a PRISMA guided systematic literature review. Our search strategy identified 57 studies across major databases including ACM, IEEE, MDPI, Elsevier, and Springer, authored between January 2016 and March 2025 (final search 21 March 2025), which focussed on cyber security risk management in the RPM context. Studies focussing solely on healthcare institutional settings were excluded. To mitigate bias, a sample of the papers (30/57) were assessed by two other raters; the resulting Cohen’s Kappa inter-rater agreement statistic (0.8) indicating strong agreement on study selection. The results, presented in graphical and tabular format, provide evidence that most cyber risk approaches do not consider scalability from the HCP perspective. Applying the SI to the 57 studies in our review resulted in a low to medium scalability potential of most cyber risk management proposals, indicating that they would not support the requirements of NIS 2 in the RPM context. A limitation of our work is that it was not tested in a live large-scale setting. However, future research could validate the proposed SI, providing guidance for researchers and practitioners in enhancing cyber risk management of large-scale RPM initiatives. Full article

Intrusion detection in IoT networks is challenged by data heterogeneity, label scarcity, and privacy constraints. Traditional federated learning (FL) methods often assume IID data or require supervised labels, limiting their practicality. We propose G-PFL-ID, a graph-driven personalized federated learning framework for unsupervised intrusion detection in non-IID IoT systems. Our method trains a global graph encoder (GCN or GAE) with a DeepSVDD objective under a federated regularizer (FedReg) that combines proximal and variance penalties, then personalizes local models via a lightweight fine-tuning head. We evaluate G-PFL-ID on the IoT-23 (Mirai-based captures) and N-BaIoT (device-level dataset) under realistic heterogeneity (Dirichlet-based partitioning with concentration parameters $\alpha \in \{0.1,0.5,\infty \}$ and client counts $K\in \{10,15,20\}$ for IoT-23, and natural device-based partitioning for N-BaIoT). G-PFL-ID outperforms global FL baselines and recent graph-based federated anomaly detectors, achieving up to 99.46% AUROC on IoT-23 and 97.74% AUROC on N-BaIoT. Ablation studies confirm that the proximal and variance penalties reduce inter-round drift and representation collapse, and that lightweight personalization recovers local sensitivity—especially for clients with limited data. Our work bridges graph-based anomaly detection with personalized FL for scalable, privacy-preserving IoT security. Full article

The rapid expansion of Internet of Things (IoT)-enabled smart grids has intensified the need for reliable fault detection and autonomous self-healing under non-stationary operating conditions characterized by frequent concept drift. To address the limitations of static and single-strategy adaptive models, this paper proposes H-CLAS, a novel Hybrid Continual Learning for Adaptive Self-healing framework that unifies regularization-based, memory-based, architectural, and meta-learning strategies within a single adaptive pipeline. The framework integrates convolutional neural networks (CNNs) for fault detection, graph neural networks for topology-aware fault localization, reinforcement learning for self-healing control, and a hybrid drift detection mechanism combining ADWIN and Page–Hinkley tests. Continual adaptation is achieved through the synergistic use of Elastic Weight Consolidation, memory-augmented replay, progressive neural network expansion, and Model-Agnostic Meta-Learning for rapid adaptation to emerging drifts. Extensive experiments conducted on the Smart City Air Quality and Network Intrusion Detection Dataset (NSL-KDD) demonstrate that H-CLAS achieves accuracy improvements of 12–15% over baseline methods, reduces false positives by over 50%, and enables 2–3× faster recovery after drift events. By enhancing resilience, reliability, and autonomy in critical IoT-driven infrastructures, the proposed framework contributes to improved grid stability, reduced downtime, and safer, more sustainable energy and urban monitoring systems, thereby providing significant societal and environmental benefits. Full article

In Internet of Things (IoT) systems, data collected by geographically distributed sensors is often incomplete due to device failures, harsh deployment conditions, energy constraints, and unreliable communication. Such data gaps can significantly degrade downstream data processing and decision-making, particularly when failures result in the loss of all locally redundant sensors. Conventional imputation approaches typically rely on historical trends or multi-sensor fusion within the same target environment; however, historical methods struggle to capture emerging patterns, while same-location fusion remains vulnerable to single-point failures when local redundancy is unavailable. This article proposes a correlation-aware, cross-location data fusion framework for data imputation in IoT networks that explicitly addresses single-point failure scenarios. Instead of relying on co-located sensors, the framework selectively fuses semantically similar features from independent and geographically distributed gateways using summary statistics-based and correlation screening to minimize communication overhead. The resulting fused dataset is then processed using a lightweight KNN with an Iterative PCA imputation method, which combines local neighborhood similarity with global covariance structure to generate synthetic data for missing values. The proposed framework is evaluated using real-world weather station data collected from eight geographically diverse locations across the United States. The experimental results show that the proposed approach achieves improved or comparable imputation accuracy relative to conventional same-location fusion methods when sufficient cross-location feature correlation exists and degrades gracefully when correlation is weak. By enabling data recovery without requiring redundant local sensors, the proposed approach provides a resource-efficient and failure-resilient solution for handling missing data in IoT systems. Full article

The growing need to foster inclusive education in university environments has driven the development of technological solutions aimed at improving the academic experiences of students with disabilities. These individuals often face barriers to autonomy and participation, especially on large and complex campuses. This article presents the performance evaluation of a LoRaWAN network specifically designed for monitoring people with disabilities on a university campus. The system aims to provide equitable access to campus resources and real-time support to students with disabilities. Leveraging the advantages of Low-Power Wide-Area Networks (LPWAN), particularly LoRaWAN, the proposed system enables real-time tracking with broad coverage and minimal power consumption, without requiring any active user interaction. Each student receives a wearable LoRa-enabled device that wirelessly communicates with a network of gateways strategically installed throughout the campus. To evaluate the system’s performance, this work conducts link-level experiments focusing on the communication between the LoRa end devices (nodes) and the central gateway. The analysis focuses on the network coverage, signal strength (RSSI), signal-to-noise ratio (SNR), and packet reception rate (PRR). The experimental results confirmed that the proposed system is technically robust and operationally effective under real campus conditions. Beyond its technical contributions, the proposed solution represents a concrete step toward building safer and more accessible academic environments that reinforce the autonomy and inclusion of students with disabilities. Full article

The predominant approach in the realm of industrial process monitoring and control involves the utilization of HMI (Human–Machine Interface) interfaces and conventional SCADA (Supervisory Control and Data Acquisition) systems. This limitation restricts user mobility, interaction with industrial equipment, and process status assessment. In the context of Industry 4.0, the ability to monitor and control industrial processes in real time is paramount. The present paper designs and implements a system for monitoring and controlling an industrial assembly line based on mixed reality. The technology employed to facilitate communication between the system and the industrial line is S7.Net. These elements facilitate direct communication with the industrial process equipment. The system facilitates the visualization of operating parameters and the status of the equipment utilized in the industrial process and its control. All data is superimposed on the physical environment through virtual operational panels. The system functions independently, negating the necessity for intermediate servers or other complex structures. The system’s operation is predicted on a series of algorithms. These instruments facilitate the automated analysis of industrial process parameters. These devices are utilized to ascertain the operational dynamics of the industrial line. The experimental results were obtained using a real industrial line. These models are employed to demonstrate the performance of data transmission, the identification of the system’s operating states, and the system’s ability to shut down in the event of operating errors. The proposed system is designed to function in a variety of industrial environments within the paradigm of Industry 4.0, facilitating the utilization of multiple virtual interfaces that enable user interaction with various elements through which the assembly process is monitored and controlled. Full article

A low-power IPv6 mesh standard, Thread, is gaining traction in smart-home, building-automation, and industrial IoT deployments. It extends mesh connectivity with the help of Router-Eligible End Devices (REEDs), which can be promoted to, or demoted from, the router status. Promotion and demotion hinge on two tunable parameters, the router upgrade and the router downgrade thresholds. Yet the OpenThread reference stack ships with fixed values (16/23) for these thresholds. This paper presents a systematic study of how these thresholds shape router-election dynamics across diverse traffic loads and network topologies. Leveraging an extended OpenThread Network Simulator, a sweep through both router upgrade and router downgrade thresholds with different gaps was performed. Results reveal that the default settings may over-provision routing capacity and may result in increased frame retransmissions, wasting airtime and reducing energy efficiency. Full article

Narrowband Internet of Things (NB-IoT) is widely used for connecting low-power devices that must operate for years without maintenance. To design reliable systems, it is essential to understand how much energy these devices consume under different conditions and which power sources can support long lifetimes. This study presents a detailed experimental evaluation of NB-IoT power consumption using a commercial System-on-Module (LMT-SoM). We measured various transmissions across different payload sizes, signal strengths, and temperatures. The results show that sending larger packets is far more efficient: a 1280-byte message requires about 7 times less energy per bit than an 80-byte message. However, standby currents varied widely between devices, from 6.7 µA to 23 µA, which has a major impact on battery life. Alongside these experiments, we compared different power sources for a 5-year deployment. Alkaline and lithium-thionyl chloride batteries were the most cost-effective solutions for indoor use, while solar panels combined with supercapacitors provided a sustainable option for outdoor applications. These findings offer practical guidance for engineers and researchers to design NB-IoT devices that balance energy efficiency, cost, and sustainability. Full article

The proliferation of mobile devices has driven significant growth in adaptive mobile applications (AMAs) that dynamically adjust their behavior based on contextual changes. While existing research has extensively studied individual adaptive systems, limited attention has been given to cooperative adaptation—where multiple AMAs coordinate their adaptive behaviors within shared mobile ecosystems. This systematic literature review addresses this research gap by analyzing 95 peer-reviewed studies published between 2010 and 2025 to characterize the current state of cooperative adaptation in mobile applications. Following established systematic review protocols, we searched six academic databases and applied rigorous inclusion/exclusion criteria to identify relevant studies. Our analysis reveals eight critical dimensions of cooperative adaptation: Monitor–Analyze–Plan–Execute–Knowledge (MAPE-K) structure, application domain, adaptation goals, context management, adaptation triggers, aspect considerations, coordination mechanisms, and cooperation levels. The findings indicate that 63.2% of studies demonstrate some form of cooperative behavior, ranging from basic context sharing to sophisticated conflict resolution mechanisms. However, only 7.4% of studies explicitly address high-level cooperative adaptation involving global goal optimization or comprehensive conflict resolution. Energy efficiency (21.1%) and usability (33.7%) emerge as the most frequently addressed adaptation goals, with Android platforms dominating the research landscape (36.8%). The review identifies significant gaps in comprehensive lifecycle support, standardized evaluation methodologies, and theoretical frameworks for multi-application cooperation. These findings establish a foundation for advancing research in cooperative adaptive mobile systems and provide a classification framework to guide future investigations in this emerging domain. Full article

In the 21st century, Urbanization, population growth, and climate change have created significant problems in water resource management. Recent advancements in technologies such as Internet of Things (IoT), Edge Computing (EC), Artificial Intelligence (AI), and Big Data Analytics (BDA) are changing the operations of the water resource management systems. In this study, we present a systematic review, highlighting the contributions of these technologies in water management systems. More specifically, we highlight the IoT and EC water monitoring systems that enable real-time sensing of water quality and consumption. In addition, AI methods for anomaly detection and predictive maintenance are reviewed, focusing on water demand forecasting. BDA methods are also discussed, highlighting their ability to integrate data from different data sources, such as sensors and historical data. Additionally, a discussion is provided of how Water management systems could enhance sustainability, resilience, and efficiency by combining big data, IoT, EC, and AI. Lastly, future directions are outlined regarding how state-of-the-art technologies may further support efficient water resources management. Full article

The rapid expansion of Internet of Things (IoT) systems in critical infrastructures has raised significant concerns regarding network security and reliability. In particular, RPL (Routing Protocol for Low-Power and Lossy Networks), widely adopted in IoT communications, remains vulnerable to topological manipulation attacks such as Decreased Rank, Increased Rank, and the less-explored Worst Parent Selection (WPS). While several RPL security approaches address rank manipulation attacks, most assume static topologies and offer limited support for mobility. Moreover, trust-based routing and hybrid IDS (Intrusion Detection System) approaches are seldom integrated, which limits detection reliability under mobility. This study introduces a unified IDS framework that combines mobility awareness with trust-based decision-making to detect multiple rank-based attacks. We evaluate two lightweight, rule-based IDS architectures: a fully distributed model and a hybrid model supported by designated monitoring nodes. A trust-based mechanism is incorporated into both architectures, and their performance is assessed under static and mobile scenarios. Results show that while the distributed IDS provides rapid local responsiveness, the hybrid IDS maintains more stable latency and packet delivery under mobility. Additionally, incorporating trust metrics reduces false alerts and improves detection reliability while preserving low latency and energy usage, supporting time-sensitive applications such as healthcare monitoring. Full article

Zero-day intrusions on IoT endpoints demand defenses that curtail attacker impact and persistence after breach. This article presents Fine-Grained Runtime Containment Agent (FG-RCA), a lightweight post-exploitation containment system that learns least-privilege behavior from execution and enforces it in the kernel via eBPF with Linux Security Modules (LSM). In a learn phase, LSM/eBPF probes stream security-relevant events to a Rust agent that synthesizes policies per device role. In an enforce phase, policies are compiled into eBPF maps and evaluated at an extended hook set spanning process execution (bprm_check_security), file access (file_open), network egress and exfiltration (socket_connect, socket_sendmsg), privilege use (capable), process injection (ptrace_access_check), tamper/anti-forensics (inode_unlink). Policies bind to kernel-truth identities—inode, device, mount intrusion detection system (IDS), executable SHA-256, and cgroup/namespace identifiers—rather than paths, mitigating time-of-check to time-of-use (TOCTOU) and aliasing. Operational safeguards include Ed25519-signed policies, atomic rollback, and shadow mode logging events to enable policy evolution. Evaluation on embedded Linux demonstrates containment with low overhead. Full article

There is increasing interest in improving the reliability of short-range wireless links in dense IoT deployments, where BLE is widely used due to its low power consumption and robust GFSK modulation. For this purpose, this work presents a novel Orthogonal Space-Time (OST) scheme for transmission and detection of BLE signals while preserving the BLE GFSK waveform and modulation constraints. The proposed signal processing system integrates advanced OST coding techniques with nonlinear GFSK modulation to achieve high-quality communication while maintaining phase continuity. This implies that the standard BLE GFSK modulator and demodulator blocks can be reused, with additional processing introduced only in the multi-antenna encoder and combiner. A detailed theoretical analysis demonstrates the feasibility of employing the Rayleigh fading channel model in BLE communications and establishes the BER performance bounds for various MIMO configurations. Simulations confirm the advantages of the proposed OST-GFSK signal processing scheme, maintaining a consistent performance when compared with OST linear modulation approaches under Rayleigh fading channels. As a result, the proposed IoT-enabling technology integrates the advantages of widely used OST linear modulation with nonlinear GFSK modulation required for BLE. Full article

The integrity of certification processes in the agrifood and fishing industries is essential for combating fraud, ensuring food safety, and meeting rising consumer expectations for transparency and sustainability. Yet, current certification systems remain fragmented, and they are vulnerable to tampering and highly dependent on manual or centralized procedures. This study addresses these gaps by providing a comprehensive survey that systematically classifies blockchain-based certification technologies and methodologies applied to the fisheries sector. The survey examines how the blockchain enhances trust through immutable record-keeping, smart contracts, and decentralized verification mechanisms, ensuring authenticity and accountability across the supply chain. Special attention is given to case studies and implementations that focus on ensuring food safety, verifying sustainability claims, and fostering consumer trust through transparent labeling. Furthermore, the paper identifies technological barriers, such as scalability and interoperability, and puts forward a collection of functional and non-functional requirements for holistic blockchain implementation. By providing a detailed overview of current trends and gaps, this study aims to guide researchers, industry stakeholders, and policymakers in adopting and optimizing blockchain technologies for certification. The findings highlight the potential of blockchain to innovate certification systems, easing the way for more resilient, sustainable, and consumer-centric agrifood and fishing industries. Full article