Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
7.1
2.8
Journals
Future Internet
Special Issues
Privacy and Security Issues in IoT Systems
share announcement

Privacy and Security Issues in IoT Systems

A special issue of Future Internet (ISSN 1999-5903). This special issue belongs to the section "Cybersecurity".

Deadline for manuscript submissions: 31 July 2025 | Viewed by 24128

Special Issue Editors

Dr. Kuo-Yu Tsai

E-Mail Website
Guest Editor
Department of Information Engineering and Computer Science, Feng Chia University, Taichung 401723, Taiwan
Interests: cryptography; IoT application and security; m-commerce application and security
Dr. Chung-Wei Kuo

E-Mail Website
Guest Editor
Department of Information Engineering and Computer Science, Feng Chia University, Taichung 401723, Taiwan
Interests: information security and wireless communications

Special Issue Information

Dear Colleagues,

Edge learning represents a frontier in artificial intelligence innovation, decomposing centralized storage and computing into distributed solutions. It is an emerging approach for training models across distributed clients. However, the susceptibility of edge learning, including decentralized deep learning, to tampering and manipulation underscores the need for addressing vulnerabilities in Internet of Things (IoT) systems to uphold data privacy and security.

This Special Issue presents an exceptional opportunity for sharing scientific insights and disseminating research findings across various communities. It will delve into emerging trends and methodologies for edge learning in the IoT, showcasing innovative solutions that underscore the significance of discoveries for researchers.

Dr. Kuo-Yu Tsai
Dr. Chung-Wei Kuo
Guest Editors

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Future Internet is an international peer-reviewed open access monthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 1600 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • edge learning
  • data privacy
  • security threats
  • defense mechanism
  • side-channel attack
  • threat model
  • Internet of Things application

Benefits of Publishing in a Special Issue

  • Ease of navigation: Grouping papers by topic helps scholars navigate broad scope journals more efficiently.
  • Greater discoverability: Special Issues support the reach and impact of scientific research. Articles in Special Issues are more discoverable and cited more frequently.
  • Expansion of research network: Special Issues facilitate connections among authors, fostering scientific collaborations.
  • External promotion: Articles in Special Issues are often promoted through the journal's social media, increasing their visibility.
  • e-Book format: Special Issues with more than 10 articles can be published as dedicated e-books, ensuring wide and rapid dissemination.

Further information on MDPI's Special Issue policies can be found here.

Published Papers (5 papers)

Download All Papers
Order results
Result details
Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:

Research

Jump to: Other

24 pages, 11547 KiB  
Article
Dynamic Key Replacement Mechanism for Lightweight Internet of Things Microcontrollers to Resist Side-Channel Attacks
by Chung-Wei Kuo, Wei Wei, Chun-Chang Lin, Yu-Yi Hong, Jia-Ruei Liu and Kuo-Yu Tsai
Future Internet 2025, 17(1), 43; https://doi.org/10.3390/fi17010043 - 18 Jan 2025
Viewed by 839
Abstract
5G technology and IoT devices are improving efficiency and quality of life across many sectors. IoT devices are often used in open environments where they handle sensitive data. This makes them vulnerable to side-channel attacks (SCAs), where attackers can intercept and analyze the [...] Read more.
5G technology and IoT devices are improving efficiency and quality of life across many sectors. IoT devices are often used in open environments where they handle sensitive data. This makes them vulnerable to side-channel attacks (SCAs), where attackers can intercept and analyze the electromagnetic signals emitted by microcontroller units (MCUs) to expose encryption keys and compromise sensitive data. To address this critical vulnerability, this study proposes a novel dynamic key replacement mechanism specifically designed for lightweight IoT microcontrollers. The mechanism integrates Moving Target Defense (MTD) with a lightweight Diffie–Hellman (D-H) key exchange protocol and AES-128 encryption to provide robust protection against SCAs. Unlike traditional approaches, the proposed mechanism dynamically updates encryption keys during each cryptographic cycle, effectively mitigating the risk of key reuse—a primary vulnerability exploited in SCAs. The lightweight D-H key exchange ensures that even resource-constrained IoT devices can securely perform key exchanges without significant computational overhead. Experimental results demonstrate the practicality and security of the proposed mechanism, achieving key updates with minimal time overhead, ranging from 12 to 50 milliseconds per encryption transmission. Moreover, the approach shows strong resilience against template attacks, with only two out of sixteen AES-128 subkeys compromised after 20,000 attack attempts—a notable improvement over existing countermeasures. The key innovation of this study lies in the seamless integration of MTD with lightweight cryptographic protocols, striking a balance between security and performance. This dynamic key replacement mechanism offers an effective, scalable, and resource-efficient solution for IoT applications, particularly in scenarios that demand robust protection against SCAs and low-latency performance. Full article
(This article belongs to the Special Issue Privacy and Security Issues in IoT Systems)
Show Figures

Figure 1

18 pages, 3287 KiB  
Article
Characterising Payload Entropy in Packet Flows—Baseline Entropy Analysis for Network Anomaly Detection
by Anthony Kenyon, Lipika Deka and David Elizondo
Future Internet 2024, 16(12), 470; https://doi.org/10.3390/fi16120470 - 16 Dec 2024
Viewed by 848
Abstract
The accurate and timely detection of cyber threats is critical to keeping our online economy and data safe. A key technique in early detection is the classification of unusual patterns of network behaviour, often hidden as low-frequency events within complex time-series packet flows. [...] Read more.
The accurate and timely detection of cyber threats is critical to keeping our online economy and data safe. A key technique in early detection is the classification of unusual patterns of network behaviour, often hidden as low-frequency events within complex time-series packet flows. One of the ways in which such anomalies can be detected is to analyse the information entropy of the payload within individual packets, since changes in entropy can often indicate suspicious activity—such as whether session encryption has been compromised, or whether a plaintext channel has been co-opted as a covert channel. To decide whether activity is anomalous, we need to compare real-time entropy values with baseline values, and while the analysis of entropy in packet data is not particularly new, to the best of our knowledge, there are no published baselines for payload entropy across commonly used network services. We offer two contributions: (1) we analyse several large packet datasets to establish baseline payload information entropy values for standard network services, and (2) we present an efficient method for engineering entropy metrics from packet flows from real-time and offline packet data. Such entropy metrics can be included within feature subsets, thus making the feature set richer for subsequent analysis and machine learning applications. Full article
(This article belongs to the Special Issue Privacy and Security Issues in IoT Systems)
Show Figures

Figure 1

30 pages, 3027 KiB  
Article
Privacy-Preserving Data Analytics in Internet of Medical Things
by Bakhtawar Mudassar, Shahzaib Tahir, Fawad Khan, Syed Aziz Shah, Syed Ikram Shah and Qammer Hussain Abbasi
Future Internet 2024, 16(11), 407; https://doi.org/10.3390/fi16110407 - 5 Nov 2024
Cited by 1 | Viewed by 2604
Abstract
The healthcare sector has changed dramatically in recent years due to depending more and more on big data to improve patient care, enhance or improve operational effectiveness, and forward medical research. Protecting patient privacy in the era of digital health records is a [...] Read more.
The healthcare sector has changed dramatically in recent years due to depending more and more on big data to improve patient care, enhance or improve operational effectiveness, and forward medical research. Protecting patient privacy in the era of digital health records is a major challenge, as there could be a chance of privacy leakage during the process of collecting patient data. To overcome this issue, we propose a secure, privacy-preserving scheme for healthcare data to ensure maximum privacy of an individual while also maintaining their utility and allowing for the performance of queries based on sensitive attributes under differential privacy. We implemented differential privacy on two publicly available healthcare datasets, the Breast Cancer Prediction Dataset and the Nursing Home COVID-19 Dataset. Moreover, we examined the impact of varying privacy parameter (ε) values on both the privacy and utility of the data. A significant part of this study involved the selection of ε, which determines the degree of privacy protection. We also conducted a computational time comparison by performing multiple complex queries on these datasets to analyse the computational overhead introduced by differential privacy. The outcomes demonstrate that, despite a slight increase in query processing time, it remains within reasonable bounds, ensuring the practicality of differential privacy for real-time applications. Full article
(This article belongs to the Special Issue Privacy and Security Issues in IoT Systems)
Show Figures

Figure 1

37 pages, 2626 KiB  
Article
A Survey of Security Strategies in Federated Learning: Defending Models, Data, and Privacy
by Habib Ullah Manzoor, Attia Shabbir, Ao Chen, David Flynn and Ahmed Zoha
Future Internet 2024, 16(10), 374; https://doi.org/10.3390/fi16100374 - 15 Oct 2024
Cited by 11 | Viewed by 6593
Abstract
Federated Learning (FL) has emerged as a transformative paradigm in machine learning, enabling decentralized model training across multiple devices while preserving data privacy. However, the decentralized nature of FL introduces significant security challenges, making it vulnerable to various attacks targeting models, data, and [...] Read more.
Federated Learning (FL) has emerged as a transformative paradigm in machine learning, enabling decentralized model training across multiple devices while preserving data privacy. However, the decentralized nature of FL introduces significant security challenges, making it vulnerable to various attacks targeting models, data, and privacy. This survey provides a comprehensive overview of the defense strategies against these attacks, categorizing them into data and model defenses and privacy attacks. We explore pre-aggregation, in-aggregation, and post-aggregation defenses, highlighting their methodologies and effectiveness. Additionally, the survey delves into advanced techniques such as homomorphic encryption and differential privacy to safeguard sensitive information. The integration of blockchain technology for enhancing security in FL environments is also discussed, along with incentive mechanisms to promote active participation among clients. Through this detailed examination, the survey aims to inform and guide future research in developing robust defense frameworks for FL systems. Full article
(This article belongs to the Special Issue Privacy and Security Issues in IoT Systems)
Show Figures

Figure 1

Other

Jump to: Research

28 pages, 3973 KiB  
Systematic Review
Edge Computing in Healthcare: Innovations, Opportunities, and Challenges
by Alexandru Rancea, Ionut Anghel and Tudor Cioara
Future Internet 2024, 16(9), 329; https://doi.org/10.3390/fi16090329 - 10 Sep 2024
Cited by 12 | Viewed by 11825
Abstract
Edge computing promising a vision of processing data close to its generation point, reducing latency and bandwidth usage compared with traditional cloud computing architectures, has attracted significant attention lately. The integration of edge computing in modern systems takes advantage of Internet of Things [...] Read more.
Edge computing promising a vision of processing data close to its generation point, reducing latency and bandwidth usage compared with traditional cloud computing architectures, has attracted significant attention lately. The integration of edge computing in modern systems takes advantage of Internet of Things (IoT) devices and can potentially improve the systems’ performance, scalability, privacy, and security with applications in different domains. In the healthcare domain, modern IoT devices can nowadays be used to gather vital parameters and information that can be fed to edge Artificial Intelligence (AI) techniques able to offer precious insights and support to healthcare professionals. However, issues regarding data privacy and security, AI optimization, and computational offloading at the edge pose challenges to the adoption of edge AI. This paper aims to explore the current state of the art of edge AI in healthcare by using the Preferred Reporting Items for Systematic Reviews and Meta-Analyses (PRISMA) methodology and analyzing more than 70 Web of Science articles. We have defined the relevant research questions, clear inclusion and exclusion criteria, and classified the research works in three main directions: privacy and security, AI-based optimization methods, and edge offloading techniques. The findings highlight the many advantages of integrating edge computing in a wide range of healthcare use cases requiring data privacy and security, near real-time decision-making, and efficient communication links, with the potential to transform future healthcare services and eHealth applications. However, further research is needed to enforce new security-preserving methods and for better orchestrating and coordinating the load in distributed and decentralized scenarios. Full article
(This article belongs to the Special Issue Privacy and Security Issues in IoT Systems)
Show Figures

Figure 1

Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:
 
Displaying articles 1-5
Back to TopTop