sensors-logo

Journal Browser

Journal Browser

Intelligent and Adaptive Security in Internet of Things

A special issue of Sensors (ISSN 1424-8220). This special issue belongs to the section "Internet of Things".

Deadline for manuscript submissions: closed (31 July 2022) | Viewed by 30691

Special Issue Editors

Department of Computer Science and Engineering, College of Computing, Sungkyunkwan University, Seoul 06351, Republic of Korea
Interests: usable security; blockchain; security vulnerability analysis; data-driven security
Special Issues, Collections and Topics in MDPI journals
Department of Computer Science and Software Engineering, University of Western Australia, Perth, Australia
Interests: moving target defense; security assessment; dynamic security metrics
Special Issues, Collections and Topics in MDPI journals

Special Issue Information

Dear Colleagues,

Advances in emerging networking technologies, artificial intelligence (AI), and machine learning (ML) have attracted an enormous amount of attention to the Internet of Things (IoT) in both academia and industry. Various smart services (e.g., smart city, connected car, smart healthcare, smart factory, smart home, smart wearable) have been introduced and discussed in the context of IoT with their endless potential to change our lives positively. However, they also introduce cybersecurity hazards and threats that had not previously been seen or anticipated. For example, a massive amount of data collected from IoT sensors could be an attractive target for attackers, such as adversarial ML. Moreover, DDoS attacks using IoT botnets, such as Mirai botnet, would become a serious issue in the IoT world. To address these issues, we need intelligent, adaptive, and more robust solutions to analyze and mitigate potential security threats in IoT.

This Special Issue aims to report high-quality research in recent advances in intelligent and adaptive security and privacy solutions for IoT. Topics of interest include but are not limited to those covered by the keyword list below.

  • AI and ML techniques for securing IoT;
  • Cyber threats and incident analysis in IoT;
  • Data-driven security for IoT;
  • Intrusion and anomaly detection in IoT;
  • Risk identification and assessment in IoT;
  • Adversarial machine learning in IoT;
  • Collaborative learning for IoT;
  • Malware and botnets in IoT.

Dr. Hyoungshick Kim
Dr. Jin B. Hong
Guest Editors

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Sensors is an international peer-reviewed open access semimonthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 2600 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • security
  • AI
  • IoT

Published Papers (7 papers)

Order results
Result details
Select all
Export citation of selected articles as:

Research

25 pages, 434 KiB  
Article
A Secure and Lightweight Three-Factor-Based Authentication Scheme for Smart Healthcare Systems
by Jihyeon Ryu, Dongwoo Kang, Hakjun Lee, Hyoungshick Kim and Dongho Won
Sensors 2020, 20(24), 7136; https://doi.org/10.3390/s20247136 - 12 Dec 2020
Cited by 12 | Viewed by 2463
Abstract
Internet of Things (IoT) technology has recently been integrated with various healthcare devices to monitor patients’ health status and share it with their healthcare practitioners. Since healthcare data often contain personal and sensitive information, healthcare systems must provide a secure user authentication scheme. [...] Read more.
Internet of Things (IoT) technology has recently been integrated with various healthcare devices to monitor patients’ health status and share it with their healthcare practitioners. Since healthcare data often contain personal and sensitive information, healthcare systems must provide a secure user authentication scheme. Recently, Adavoudi-Jolfaei et al. and Sharma and Kalra proposed a lightweight protocol using hash function encryption only for user authentication on wireless sensor systems. In this paper, we found some weaknesses in target schemes. We propose a novel three-factor lightweight user authentication scheme that addresses these weaknesses and verifies the security of the proposed scheme using a formal verification tool called ProVerif. In addition, our proposed scheme outperforms other proposed symmetric encryption-based schemes or elliptic curve-based schemes. Full article
(This article belongs to the Special Issue Intelligent and Adaptive Security in Internet of Things)
Show Figures

Figure 1

17 pages, 538 KiB  
Article
MQTTset, a New Dataset for Machine Learning Techniques on MQTT
by Ivan Vaccari, Giovanni Chiola, Maurizio Aiello, Maurizio Mongelli and Enrico Cambiaso
Sensors 2020, 20(22), 6578; https://doi.org/10.3390/s20226578 - 18 Nov 2020
Cited by 112 | Viewed by 10498
Abstract
IoT networks are increasingly popular nowadays to monitor critical environments of different nature, significantly increasing the amount of data exchanged. Due to the huge number of connected IoT devices, security of such networks and devices is therefore a critical issue. Detection systems assume [...] Read more.
IoT networks are increasingly popular nowadays to monitor critical environments of different nature, significantly increasing the amount of data exchanged. Due to the huge number of connected IoT devices, security of such networks and devices is therefore a critical issue. Detection systems assume a crucial role in the cyber-security field: based on innovative algorithms such as machine learning, they are able to identify or predict cyber-attacks, hence to protect the underlying system. Nevertheless, specific datasets are required to train detection models. In this work we present MQTTset, a dataset focused on the MQTT protocol, widely adopted in IoT networks. We present the creation of the dataset, also validating it through the definition of a hypothetical detection system, by combining the legitimate dataset with cyber-attacks against the MQTT network. Obtained results demonstrate how MQTTset can be used to train machine learning models to implement detection systems able to protect IoT contexts. Full article
(This article belongs to the Special Issue Intelligent and Adaptive Security in Internet of Things)
Show Figures

Figure 1

31 pages, 2643 KiB  
Article
Non-Invasive Challenge Response Authentication for Voice Transactions with Smart Home Behavior
by Victor Hayashi and Wilson Ruggiero
Sensors 2020, 20(22), 6563; https://doi.org/10.3390/s20226563 - 17 Nov 2020
Cited by 10 | Viewed by 3405
Abstract
Smart speakers, such as Alexa and Google Home, support daily activities in smart home environments. Even though voice commands enable friction-less interactions, existing financial transaction authorization mechanisms hinder usability. A non-invasive authorization by leveraging presence and light sensors’ data is proposed in order [...] Read more.
Smart speakers, such as Alexa and Google Home, support daily activities in smart home environments. Even though voice commands enable friction-less interactions, existing financial transaction authorization mechanisms hinder usability. A non-invasive authorization by leveraging presence and light sensors’ data is proposed in order to replace invasive procedure through smartphone notification. The Coloured Petri Net model was created for synthetic data generation, and one month data were collected in test bed with real users. Random Forest machine learning models were used for smart home behavior information retrieval. The LSTM prediction model was evaluated while using test bed data, and an open dataset from CASAS. The proposed authorization mechanism is based on Physical Unclonable Function usage as a random number generator seed in a Challenge Response protocol. The simulations indicate that the proposed scheme with specialized autonomous device could halve the total response time for low value financial transactions triggered by voice, from 7.3 to 3.5 s in a non-invasive manner, maintaining authorization security. Full article
(This article belongs to the Special Issue Intelligent and Adaptive Security in Internet of Things)
Show Figures

Figure 1

18 pages, 5125 KiB  
Article
A New Method of Secure Authentication Based on Electromagnetic Signatures of Chipless RFID Tags and Machine Learning Approaches
by Dragoș Nastasiu, Răzvan Scripcaru, Angela Digulescu, Cornel Ioana, Raymundo De Amorim, Jr., Nicolas Barbot, Romain Siragusa, Etienne Perret and Florin Popescu
Sensors 2020, 20(21), 6385; https://doi.org/10.3390/s20216385 - 09 Nov 2020
Cited by 8 | Viewed by 3038
Abstract
In this study, we present the implementation of a neural network model capable of classifying radio frequency identification (RFID) tags based on their electromagnetic (EM) signature for authentication applications. One important application of the chipless RFID addresses the counterfeiting threat for manufacturers. The [...] Read more.
In this study, we present the implementation of a neural network model capable of classifying radio frequency identification (RFID) tags based on their electromagnetic (EM) signature for authentication applications. One important application of the chipless RFID addresses the counterfeiting threat for manufacturers. The goal is to design and implement chipless RFID tags that possess a unique and unclonable fingerprint to authenticate objects. As EM characteristics are employed, these fingerprints cannot be easily spoofed. A set of 18 tags operating in V band (65–72 GHz) was designed and measured. V band is more sensitive to dimensional variations compared to other applications at lower frequencies, thus it is suitable to highlight the differences between the EM signatures. Machine learning (ML) approaches are used to characterize and classify the 18 EM responses in order to validate the authentication method. The proposed supervised method reached a maximum recognition rate of 100%, surpassing in terms of accuracy most of RFID fingerprinting related work. To determine the best network configuration, we used a random search algorithm. Further tuning was conducted by comparing the results of different learning algorithms in terms of accuracy and loss. Full article
(This article belongs to the Special Issue Intelligent and Adaptive Security in Internet of Things)
Show Figures

Figure 1

15 pages, 2174 KiB  
Article
Countering DDoS Attacks in SIP Based VoIP Networks Using Recurrent Neural Networks
by Waleed Nazih, Yasser Hifny, Wail S. Elkilani, Habib Dhahri and Tamer Abdelkader
Sensors 2020, 20(20), 5875; https://doi.org/10.3390/s20205875 - 17 Oct 2020
Cited by 18 | Viewed by 2957
Abstract
Many companies have transformed their telephone systems into Voice over IP (VoIP) systems. Although implementation is simple, VoIP is vulnerable to different types of attacks. The Session Initiation Protocol (SIP) is a widely used protocol for handling VoIP signaling functions. SIP is unprotected [...] Read more.
Many companies have transformed their telephone systems into Voice over IP (VoIP) systems. Although implementation is simple, VoIP is vulnerable to different types of attacks. The Session Initiation Protocol (SIP) is a widely used protocol for handling VoIP signaling functions. SIP is unprotected against attacks because it is a text-based protocol and lacks defense against the growing security threats. The Distributed Denial of Service (DDoS) attack is a harmful attack, because it drains resources, and prevents legitimate users from using the available services. In this paper, we formulate detection of DDoS attacks as a classification problem and propose an approach using token embedding to enhance extracted features from SIP messages. We discuss a deep learning model based on Recurrent Neural Networks (RNNs) developed to detect DDoS attacks with low and high-rate intensity. For validation, a balanced real traffic dataset was built containing three attack scenarios with different attack durations and intensities. Experiments show that the system has a high detection accuracy and low detection time. The detection accuracy was higher for low-rate attacks than that of traditional machine learning. Full article
(This article belongs to the Special Issue Intelligent and Adaptive Security in Internet of Things)
Show Figures

Figure 1

19 pages, 3598 KiB  
Article
A Lightweight Authentication and Key Agreement Schemes for IoT Environments
by Dae-Hwi Lee and Im-Yeong Lee
Sensors 2020, 20(18), 5350; https://doi.org/10.3390/s20185350 - 18 Sep 2020
Cited by 14 | Viewed by 3614
Abstract
In the Internet of Things (IoT) environment, more types of devices than ever before are connected to the internet to provide IoT services. Smart devices are becoming more intelligent and improving performance, but there are devices with little computing power and low storage [...] Read more.
In the Internet of Things (IoT) environment, more types of devices than ever before are connected to the internet to provide IoT services. Smart devices are becoming more intelligent and improving performance, but there are devices with little computing power and low storage capacity. Devices with limited resources will have difficulty applying existing public key cryptography systems to provide security. Therefore, communication protocols for various kinds of participating devices should be applicable in the IoT environment, and these protocols should be lightened for resources-restricted devices. Security is an essential element in the IoT environment, so for secure communication, it is necessary to perform authentication between the communication objects and to generate the session key. In this paper, we propose two kinds of lightweight authentication and key agreement schemes to enable fast and secure authentication among the objects participating in the IoT environment. The first scheme is an authentication and key agreement scheme with limited resource devices that can use the elliptic curve Qu–Vanstone (ECQV) implicit certificate to quickly agree on the session key. The second scheme is also an authentication and key agreement scheme that can be used more securely, but slower than first scheme using certificateless public key cryptography (CL-PKC). In addition, we compare and analyze existing schemes and propose new schemes to improve security requirements that were not satisfactory. Full article
(This article belongs to the Special Issue Intelligent and Adaptive Security in Internet of Things)
Show Figures

Figure 1

18 pages, 1183 KiB  
Article
Data Improvement Model Based on ECG Biometric for User Authentication and Identification
by Alex Barros, Paulo Resque, João Almeida, Renato Mota, Helder Oliveira, Denis Rosário and Eduardo Cerqueira
Sensors 2020, 20(10), 2920; https://doi.org/10.3390/s20102920 - 21 May 2020
Cited by 24 | Viewed by 3681
Abstract
The rapid spread of wearable technologies has motivated the collection of a variety of signals, such as pulse rate, electrocardiogram (ECG), electroencephalogram (EEG), and others. As those devices are used to do so many tasks and store a significant amount of personal data, [...] Read more.
The rapid spread of wearable technologies has motivated the collection of a variety of signals, such as pulse rate, electrocardiogram (ECG), electroencephalogram (EEG), and others. As those devices are used to do so many tasks and store a significant amount of personal data, the concern of how our data can be exposed starts to gain attention as the wearable devices can become an attack vector or a security breach. In this context, biometric also has expanded its use to meet new security requirements of authentication demanded by online applications, and it has been used in identification systems by a large number of people. Existing works on ECG for user authentication do not consider a population size close to a real application. Finding real data that has a big number of people ECG’s data is a challenge. This work investigates a set of steps that can improve the results when working with a higher number of target classes in a biometric identification scenario. These steps, such as increasing the number of examples, removing outliers, and including a few additional features, are proven to increase the performance in a large data set. We propose a data improvement model for ECG biometric identification (user identification based on electrocardiogram—DETECT), which improves the performance of the biometric system considering a greater number of subjects, which is closer to a security system in the real world. The DETECT model increases precision from 78% to 92% within 1500 subjects, and from 90% to 95% within 100 subjects. Moreover, good False Rejection Rate (i.e., 0.064003) and False Acceptance Rate (i.e., 0.000033) were demonstrated. We designed our proposed method over PhysioNet Computing in Cardiology 2018 database. Full article
(This article belongs to the Special Issue Intelligent and Adaptive Security in Internet of Things)
Show Figures

Figure 1

Back to TopTop