Special Issue "Sensors and Actuators: Security Threats and Countermeasures"

A special issue of Journal of Sensor and Actuator Networks (ISSN 2224-2708).

Deadline for manuscript submissions: closed (30 June 2019).

Special Issue Editors

Dr. Mohammad Hammoudeh

Guest Editor
School of Computing, Math and Digital Technology, Manchester Metropolitan University, Manchester M15 6BH, UK
Interests: wireless sensor networks; Internet of things; wireless ad hoc communications; mobile communications; network security; sensor/actuator networks; cyber–physical systems
Special Issues and Collections in MDPI journals
Dr. Gregory Epiphaniou
Website
Guest Editor
Associate Professor in Security Engineering, WMG, University of Warwick, Coventry CV4 7AL, UK
Interests: wireless sensor networks; cyber defense; crypto-key generation; exploiting the time-domain physical attributes of V-V channels
Special Issues and Collections in MDPI journals
Prof. Pedro Pinto
Website SciProfiles
Co-Guest Editor
Instituto Politécnico de Viana do Castelo, 4900-347 Viana do Castelo, ISMAI, and INESC TEC, 4200-465 Porto, Portugal
Interests: computer networks and systems security, wireless and mobile networks
Special Issues and Collections in MDPI journals

Special Issue Information

Dear Colleagues,

The recent proliferation of sensors and actuators, which go hand-in-hand with the Internet of Things (IoT), bring smart living to the general public in many data-critical areas, from homes and healthcare to power grids and transport. These sensors are moving gradually from sensing their surrounding environment only, to data processing and decision-making capabilities with significant implications on explicit e-trust and privacy. As pervasive sensing expands rapidly into new applications, its security also is not keeping up with this evolution. The sheer volume of personal and corporate sensor data makes it a more attractive target for cybercriminals and state-sponsored espionage with an exponential increase of both attack surfaces and threat actors.

The adversarial misuse and security threats in sensor-enabled environments, such as smart cities, are increasingly intertwined with national security and preferential privacy. Hence, governments and organizations are investigating how to mitigate such threats, whilst seeking to regulate the secure integration of Cyber-Physical Systems and IoT devices. For instance, in March 2018, the United Kingdom government announced new measures to boost cybersecurity in internet-connected devices. On the same day, a policy document was published to set out the government's strategy to ensure the consumer IoT is secure by design.

This Special Issue is dedicated to research on the latest developments in sensors and actuators security threats and countermeasures. It is aimed to explore the key security challenges, including the legal basis, facing consumers and technology vendors. The focus is on investigating cybersecurity threats and the solutions needed to respond to them.

  • Topics of interest include but not limited to:
  • Wireless and sensor network emerging threats and defenses
  • Cyber Resilience in wireless sensor networks
  • Secure by design principles in the IoT/SIoT paradigms
  • Secure wireless sensor network communication protocols
  • Novel authentication and access control, including attribute-based authentication and zero trust networks
  • Ransomware attacks on IoT and embedded sensory systems
  • Physical security of sensors and actuators
  • Base device platform analysis and forensic investigations
  • Threat Modelling and Threat Hunting in Sensors’ Hardware
  • Secure decentralized data storage and processing technologies in WSNs

Dr. Mohammad Hammoudeh
Dr. Gregory Epiphaniou
Dr. Pedro Pinto
Guest Editors

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All papers will be peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Journal of Sensor and Actuator Networks is an international peer-reviewed open access quarterly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 1000 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Published Papers (7 papers)

Order results
Result details
Select all
Export citation of selected articles as:

Research

Jump to: Review

Open AccessArticle
OSSEC IDS Extension to Improve Log Analysis and Override False Positive or Negative Detections
J. Sens. Actuator Netw. 2019, 8(3), 46; https://doi.org/10.3390/jsan8030046 - 13 Sep 2019
Abstract
Intrusion Detection Systems (IDS) are used to prevent attacks by detecting potential harmful intrusion attempts. Currently, there are a set of available Open Source IDS with different characteristics. The Open Source Host-based Intrusion Detection System (OSSEC) supports multiple features and its implementation consists [...] Read more.
Intrusion Detection Systems (IDS) are used to prevent attacks by detecting potential harmful intrusion attempts. Currently, there are a set of available Open Source IDS with different characteristics. The Open Source Host-based Intrusion Detection System (OSSEC) supports multiple features and its implementation consists of Agents that collect and send event logs to a Manager that analyzes and tests them against specific rules. In the Manager, if certain events match a specific rule, predefined actions are triggered in the Agents such as to block or unblock a particular IP address. However, once an action is triggered, the systems administrator is not able to centrally check and obtain detailed information of the past event logs. In addition, OSSEC may assume false positive or negative detections and their triggered actions: previously harmless but blocked IP addresses by OSSEC have to be unblocked in order to reestablish normal operation or potential harmful IP addresses not previously blocked by OSSEC should be blocked in order to increase protection levels. These operations to override OSSEC actions must be manually performed in every Agent, thus requiring time and human resources. Both these limitations have a higher impact on large scale OSSEC deployments assuming tens or hundreds of Agents. This paper proposes an extension to OSSEC that improves the administrator analysis capability by maintaining, organizing and presenting Agent logs in a central point, and it allows for blocking or unblocking IP addresses in order to override actions triggered by false detections. The proposed extension aims to increase efficiency of time and human resources management, mainly considering large scale OSSEC deployments. Full article
(This article belongs to the Special Issue Sensors and Actuators: Security Threats and Countermeasures)
Show Figures

Figure 1

Open AccessArticle
A Comprehensive Study of Security and Privacy Guidelines, Threats, and Countermeasures: An IoT Perspective
J. Sens. Actuator Netw. 2019, 8(2), 22; https://doi.org/10.3390/jsan8020022 - 22 Apr 2019
Cited by 8
Abstract
As Internet of Things (IoT) involvement increases in our daily lives, several security and privacy concerns like linkability, unauthorized conversations, and side-channel attacks are raised. If they are left untouched, such issues may threaten the existence of IoT. They derive from two main [...] Read more.
As Internet of Things (IoT) involvement increases in our daily lives, several security and privacy concerns like linkability, unauthorized conversations, and side-channel attacks are raised. If they are left untouched, such issues may threaten the existence of IoT. They derive from two main reasons. One is that IoT objects are equipped with limited capabilities in terms of computation power, memory, and bandwidth which hamper the direct implementation of traditional Internet security techniques. The other reason is the absence of widely-accepted IoT security and privacy guidelines and their appropriate implementation techniques. Such guidelines and techniques would greatly assist IoT stakeholders like developers and manufacturers, paving the road for building secure IoT systems from the start and, thus, reinforcing IoT security and privacy by design. In order to contribute to such objective, we first briefly discuss the primary IoT security goals and recognize IoT stakeholders. Second, we propose a comprehensive list of IoT security and privacy guidelines for the edge nodes and communication levels of IoT reference architecture. Furthermore, we point out the IoT stakeholders such as customers and manufacturers who will benefit most from these guidelines. Moreover, we identify a set of implementation techniques by which such guidelines can be accomplished, and possible attacks against previously-mentioned levels can be alleviated. Third, we discuss the challenges of IoT security and privacy guidelines, and we briefly discuss digital rights management in IoT. Finally, through this survey, we suggest several open issues that require further investigation in the future. To the best of the authors’ knowledge, this work is the first survey that covers the above-mentioned objectives. Full article
(This article belongs to the Special Issue Sensors and Actuators: Security Threats and Countermeasures)
Show Figures

Figure 1

Open AccessArticle
A Mechanism for Securing IoT-enabled Applications at the Fog Layer
J. Sens. Actuator Netw. 2019, 8(1), 16; https://doi.org/10.3390/jsan8010016 - 18 Feb 2019
Cited by 25
Abstract
The Internet of Things (IoT) is an emerging paradigm branded by heterogeneous technologies composed of smart ubiquitous objects that are seamlessly connected to the Internet. These objects are deployed as Low power and Lossy Networks (LLN) to provide innovative services in various application [...] Read more.
The Internet of Things (IoT) is an emerging paradigm branded by heterogeneous technologies composed of smart ubiquitous objects that are seamlessly connected to the Internet. These objects are deployed as Low power and Lossy Networks (LLN) to provide innovative services in various application domains such as smart cities, smart health, and smart communities. The LLN is a form of a network where the interconnected devices are highly resource-constrained (i.e., power, memory, and processing) and characterized by high loss rates, low data rates, and instability in the communication links. Additionally, IoT devices produce a massive amount of confidential and security-sensitive data. Various cryptographic-based techniques exist that can effectively cope with security attacks but are not suitable for IoT as they incur high consumption of resources (i.e., memory, storage and processing). One way to address this problem is by offloading the additional security-related operations to a more resourceful entity such as a fog-based node. Generally, fog computing enables security and analysis of latency-sensitive data directly at the network’s edge. This paper proposes a novel Fog Security Service (FSS) to provide end-to-end security at the fog layer for IoT devices using two well-established cryptographic schemes, identity-based encryption, and identity-based signature. The FSS provides security services such as authentication, confidentiality, and non-repudiation. The proposed architecture would be implemented and evaluated in an OPNET simulator using a single network topology with different traffic loads. The FSS performed better when compared with the APaaS and the legacy method. Full article
(This article belongs to the Special Issue Sensors and Actuators: Security Threats and Countermeasures)
Show Figures

Figure 1

Open AccessArticle
Secure and Reliable IoT Networks Using Fog Computing with Software-Defined Networking and Blockchain
J. Sens. Actuator Netw. 2019, 8(1), 15; https://doi.org/10.3390/jsan8010015 - 18 Feb 2019
Cited by 20
Abstract
Designing Internet of Things (IoT) applications faces many challenges including security, massive traffic, high availability, high reliability and energy constraints. Recent distributed computing paradigms, such as Fog and multi-access edge computing (MEC), software-defined networking (SDN), network virtualization and blockchain can be exploited in [...] Read more.
Designing Internet of Things (IoT) applications faces many challenges including security, massive traffic, high availability, high reliability and energy constraints. Recent distributed computing paradigms, such as Fog and multi-access edge computing (MEC), software-defined networking (SDN), network virtualization and blockchain can be exploited in IoT networks, either combined or individually, to overcome the aforementioned challenges while maintaining system performance. In this paper, we present a framework for IoT that employs an edge computing layer of Fog nodes controlled and managed by an SDN network to achieve high reliability and availability for latency-sensitive IoT applications. The SDN network is equipped with distributed controllers and distributed resource constrained OpenFlow switches. Blockchain is used to ensure decentralization in a trustful manner. Additionally, a data offloading algorithm is developed to allocate various processing and computing tasks to the OpenFlow switches based on their current workload. Moreover, a traffic model is proposed to model and analyze the traffic indifferent parts of the network. The proposed algorithm is evaluated in simulation and in a testbed. Experimental results show that the proposed framework achieves higher efficiency in terms of latency and resource utilization. Full article
(This article belongs to the Special Issue Sensors and Actuators: Security Threats and Countermeasures)
Show Figures

Figure 1

Open AccessArticle
Preliminaries of Orthogonal Layered Defence Using Functional and Assurance Controls in Industrial Control Systems
J. Sens. Actuator Netw. 2019, 8(1), 14; https://doi.org/10.3390/jsan8010014 - 14 Feb 2019
Cited by 3
Abstract
Industrial Control Systems (ICSs) are responsible for the automation of different processes and the overall control of systems that include highly sensitive potential targets such as nuclear facilities, energy-distribution, water-supply, and mass-transit systems. Given the increased complexity and rapid evolvement of their threat [...] Read more.
Industrial Control Systems (ICSs) are responsible for the automation of different processes and the overall control of systems that include highly sensitive potential targets such as nuclear facilities, energy-distribution, water-supply, and mass-transit systems. Given the increased complexity and rapid evolvement of their threat landscape, and the fact that these systems form part of the Critical National infrastructure (CNI), makes them an emerging domain of conflict, terrorist attacks, and a playground for cyberexploitation. Existing layered-defence approaches are increasingly criticised for their inability to adequately protect against resourceful and persistent adversaries. It is therefore essential that emerging techniques, such as orthogonality, be combined with existing security strategies to leverage defence advantages against adaptive and often asymmetrical attack vectors. The concept of orthogonality is relatively new and unexplored in an ICS environment and consists of having assurance control as well as functional control at each layer. Our work seeks to partially articulate a framework where multiple functional and assurance controls are introduced at each layer of ICS architectural design to further enhance security while maintaining critical real-time transfer of command and control traffic. Full article
(This article belongs to the Special Issue Sensors and Actuators: Security Threats and Countermeasures)
Show Figures

Figure 1

Review

Jump to: Research

Open AccessReview
Model Mediation to Overcome Light Limitations—Toward a Secure Tactile Internet System
J. Sens. Actuator Netw. 2019, 8(1), 6; https://doi.org/10.3390/jsan8010006 - 02 Jan 2019
Cited by 2
Abstract
Enabling haptic communication as well as voice and data over the future 5G cellular system has become a demand. Tactile Internet is one of the main use cases of the 5G system that will allow the transfer of haptic communications in real time. [...] Read more.
Enabling haptic communication as well as voice and data over the future 5G cellular system has become a demand. Tactile Internet is one of the main use cases of the 5G system that will allow the transfer of haptic communications in real time. Latency, availability, reliability, and security are the main design challenges of the tactile Internet system and haptic based bilateral teleoperation systems. An end-to-end latency of 1 ms remains the main challenge toward tactile Internet system realization, not only for the processing and coding delays but mainly for the limitations of light. In this work, we analyze the key solutions to overcome the light limitations and enable the tactile Internet over any distances with the required latency. Building a virtual model or model mediated for the remote environment at the edge cloud unit near to the end user is the main solution. By means of AI, the virtual model can predict the behavior of the remote environment and thus, the end user can interact with the virtual environment with a high system experience. This literature review covers the existing work of the model mediated bilateral teleoperated systems and discusses its availability for the tactile Internet system. Furthermore, the security issues of tactile Internet system and the effect of model mediated system on the required security level of tactile Internet applications are discussed. Finally, a structure for the tactile Internet system, with the deployment of model mediation, is suggested. Full article
(This article belongs to the Special Issue Sensors and Actuators: Security Threats and Countermeasures)
Show Figures

Figure 1

Open AccessReview
Security Vulnerabilities in Bluetooth Technology as Used in IoT
J. Sens. Actuator Netw. 2018, 7(3), 28; https://doi.org/10.3390/jsan7030028 - 19 Jul 2018
Cited by 12
Abstract
Bluetooth technology is a key component of wireless communications. It provides a low-energy and low-cost solution for short-range radio transmissions. Bluetooth, more specifically Bluetooth Low Energy (BLE) has become the predominant technology for connecting IoT (Internet of Things). It can be found in [...] Read more.
Bluetooth technology is a key component of wireless communications. It provides a low-energy and low-cost solution for short-range radio transmissions. Bluetooth, more specifically Bluetooth Low Energy (BLE) has become the predominant technology for connecting IoT (Internet of Things). It can be found in cell phones, headsets, speakers, printers, keyboards, automobiles, children’s toys, and medical devices, as well as many other devices. The technology can also be found in automated smart homes, to provide monitors and controls for lights, thermostats, door locks, appliances, security systems, and cameras. Bluetooth offers convenience and ease of use, but it lacks a centralized security infrastructure. As a result, it has serious security vulnerabilities, and the need for awareness of the security risks are increasing as the technology becomes more widespread. This paper presents an overview of Bluetooth technology in IoT including its security, vulnerabilities, threats, and risk mitigation solutions, as well as real-life examples of exploits. Our study highlights the importance of understanding attack risks and mitigation techniques involved with using Bluetooth technology on our devices. Real-life examples of recent Bluetooth exploits are presented. Several recommended security measures are discussed to secure Bluetooth communication. Full article
(This article belongs to the Special Issue Sensors and Actuators: Security Threats and Countermeasures)
Show Figures

Figure 1

Back to TopTop