sensors-logo

Journal Browser

Journal Browser

Special Issue "Sensors Cybersecurity"

A special issue of Sensors (ISSN 1424-8220). This special issue belongs to the section "Sensor Networks".

Deadline for manuscript submissions: closed (30 November 2020) | Viewed by 17976

Special Issue Editors

Prof. Dimitris A. Gritzalis
E-Mail Website
Guest Editor
ICT Security, Department of Informatics, Athens University of Economics & Business, Athens, Greece
Interests: cybersecurity; critical infrastructure protection (avia-tion, maritime, oil & gas); malware; risk assessment; security management and culture; security in socio-technical systems
Special Issues, Collections and Topics in MDPI journals
Prof. Dr. Grammati Pantziou
E-Mail Website
Guest Editor
Department of Informatics & Computer Engineering, University of West Attica, 122 43 Egaleo, Athens, Greece
Interests: mobile ad-hoc and wireless sensor networks; distributed computing; Internet of Things applications; security and privacy in pervasive environments
Prof. Dr. Rodrigo Román-Castro
E-Mail Website
Guest Editor
ETSI Informatica y Telecomunicaciones, Boulevard Louis Pasteur, 35 Teatinos Campus, 29071 Málaga, Spain
Interests: Internet of Things; security; edge computing; Industry 4.0; security architectures
Special Issues, Collections and Topics in MDPI journals

Special Issue Information

Dear Colleagues,

At present, sensors are being used more and more in all sorts of platforms, manned or unmanned, in particular in view of the emerging IoT. The quality and possibilities of drones, wearables, driverless cars, sensor-aided shipping and aviation, robots, and any other sensor-based platform or applications mainly depend on the sensing technology they use. No single type of sensor can give solutions to all problems, and most of them are vulnerable to cyberattacks. For example, host-based sensors provide more extensive and accurate information, but this is only true for the phenomena that they are manufactured to describe. From their side, network-based sensors provide extensive coverage, but they can be deceived by traffic engineering; Further, they cannot describe encrypted traffic and often can hardly estimate the activity at a host. In addition, because of the wireless and resource-constraint nature of sensor networks and their possible deployment in harsh environments or unattended areas, they are susceptible to many security threats. Therefore, sensor-based platforms and applications are highly vulnerable to cyberattacks, and many valuable assets are exposed and vulnerable to sensor and sensor network-based cyber threats. As a result, the need for adequate sensor and sensor network infrastructure protection and for secure information monitoring systems development is increasing.

However, because of communication, computation, and delay constraints of sensor networks and applications, achieving an acceptable level of security has been a difficult issue. Therefore, we need to develop new theories, technologies, and practical solutions so as to protect the network infrastructure and the sensors that are integrated in platforms of drones, mobile phones, cars, vessels, airplanes, robots, critical infrastructures, etc. From their side, secure information monitoring systems developers should take into account that these systems are based on data collected from multiple and often heterogeneous sensors that generate various kinds of data. Developing a secure sensor system requires balancing its completeness and redundancy, while adequately ensuring its protection from cyberattacks.

This Special Issue invites contributions describing original ideas, ground-breaking results, and/or real-world experiences involving sensors and cybersecurity. Successful submissions will explain why the topic is relevant to a vision of the future of sensors, sensor systems and applications. Submissions will be judged on originality, significance, clarity, relevance, and correctness. In addition to citing relevant, published work, authors must cite and relate their submissions to relevant prior publications of the their own. Ethical approval for experiments with human subjects, if applicable, should be demonstrated as part of the submission.

Prof. Dimitris A. Gritzalis
Prof. Grammati Pantziou
Assist. Prof. Rodrigo Román-Castro
Guest Editors

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Sensors is an international peer-reviewed open access semimonthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 2400 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • Autonomous vehicles and autonomous vehicular clouds security
  • Big data in sensory systems and cyberthreats
  • Body area sensor networks and cyberattacks
  • Civil infrastructure sensor-aided control (bridges, tunnels, roads, etc.) and cybersecurity
  • Cybersecurity and sensor-enabled computer systems
  • Cybersecurity and sensor-aided Industry 4.0 systems
  • Cybersecurity and sensor networks in the IoT
  • Cybersecurity and sensor-aided airport systems
  • Cybersecurity and sensor-aided navigation systems
  • Cybersecurity in heterogeneous sensor platforms
  • Cybersecurity in VANET and Internet-of-Vehicles (IoV)
  • Experiences of real-world secure sensor networks applications
  • Health monitoring sensors and cyberthreats
  • Implantable sensing technologies and cyberthreats
  • Security framework development (monitoring systems, anomaly detection systems, simulation test beds) for UAV applications
  • Secure integration of sensor networks in Cloud and Edge infrastructures
  • Sensor-aided social networks and cyberthreats
  • Wearable sensing technologies (smart textile, wearable electronics, etc.) and cyberthreats
  • Surveys and state of the art reports in the above areas

Published Papers (8 papers)

Order results
Result details
Select all
Export citation of selected articles as:

Editorial

Jump to: Research, Review

Editorial
Sensors Cybersecurity
Sensors 2021, 21(5), 1762; https://doi.org/10.3390/s21051762 - 04 Mar 2021
Cited by 1 | Viewed by 785
Abstract
At present, sensors are increasingly used in all kinds of platforms, manned or unmanned, particularly in view of the emerging Internet of Things (IoT) [...] Full article
(This article belongs to the Special Issue Sensors Cybersecurity)

Research

Jump to: Editorial, Review

Article
Building Trust for Smart Connected Devices: The Challenges and Pitfalls of TrustZone
Sensors 2021, 21(2), 520; https://doi.org/10.3390/s21020520 - 13 Jan 2021
Cited by 9 | Viewed by 1690
Abstract
TrustZone-based Trusted Execution Environments (TEEs) have been utilized extensively for the implementation of security-oriented solutions for several smart intra and inter-connected devices. Although TEEs have been promoted as the starting point for establishing a device root of trust, a number of published attacks [...] Read more.
TrustZone-based Trusted Execution Environments (TEEs) have been utilized extensively for the implementation of security-oriented solutions for several smart intra and inter-connected devices. Although TEEs have been promoted as the starting point for establishing a device root of trust, a number of published attacks against the most broadly utilized TEE implementations request a second view on their security. The aim of this research is to provide an analytical and educational exploration of TrustZone-based TEE vulnerabilities with the goal of pinpointing design and implementation flaws. To this end, we provide a taxonomy of TrustZone attacks, analyze them, and more importantly derive a set of critical observations regarding their nature. We perform a critical appraisal of the vulnerabilities to shed light on their underlying causes and we deduce that their manifestation is the joint effect of several parameters that lead to this situation. The most important ones are the closed implementations, the lack of security mechanisms, the shared resource architecture, and the absence of tools to audit trusted applications. Finally, given the severity of the identified issues, we propose possible improvements that could be adopted by TEE implementers to remedy and improve the security posture of TrustZone and future research directions. Full article
(This article belongs to the Special Issue Sensors Cybersecurity)
Show Figures

Figure 1

Article
Two-Hop Monitoring Mechanism Based on Relaxed Flow Conservation Constraints against Selective Routing Attacks in Wireless Sensor Networks
Sensors 2020, 20(21), 6106; https://doi.org/10.3390/s20216106 - 27 Oct 2020
Cited by 4 | Viewed by 861
Abstract
In this paper, we investigate the problem of selective routing attack in wireless sensor networks by considering a novel threat, named the upstream-node effect, which limits the accuracy of the monitoring functions in deciding whether a monitored node is legitimate or malicious. To [...] Read more.
In this paper, we investigate the problem of selective routing attack in wireless sensor networks by considering a novel threat, named the upstream-node effect, which limits the accuracy of the monitoring functions in deciding whether a monitored node is legitimate or malicious. To address this limitation, we propose a one-dimensional one-class classifier, named relaxed flow conservation constraint, as an intrusion detection scheme to counter the upstream node attack. Each node uses four types of relaxed flow conservation constraints to monitor all of its neighbors. Three constraints are applied by using one-hop knowledge, and the fourth one is calculated by monitoring two-hop information. The latter is obtained by proposing two-hop energy-efficient and secure reporting scheme. We theoretically analyze the security and performance of the proposed intrusion detection method. We also show the superiority of relaxed flow conservation constraint in defending against upstream node attack compared to other schemes. The simulation results show that the proposed intrusion detection system achieves good results in terms of detection effectiveness. Full article
(This article belongs to the Special Issue Sensors Cybersecurity)
Show Figures

Figure 1

Article
Addressing the Security Gap in IoT: Towards an IoT Cyber Range
Sensors 2020, 20(18), 5439; https://doi.org/10.3390/s20185439 - 22 Sep 2020
Cited by 5 | Viewed by 1669
Abstract
The paradigm of Internet of Things has now reached a maturity level where the pertinent research goal is the successful application of IoT technologies in systems of high technological readiness level. However, while basic aspects of IoT connectivity and networking have been well [...] Read more.
The paradigm of Internet of Things has now reached a maturity level where the pertinent research goal is the successful application of IoT technologies in systems of high technological readiness level. However, while basic aspects of IoT connectivity and networking have been well studied and adequately addressed, this has not been the case for cyber security aspects of IoT. This is nicely demonstrated by the number of IoT testbeds focusing on networking aspects and the lack of IoT testbeds focusing on security aspects. Towards addressing the existing and growing skills-shortage in IoT cyber security, we present an IoT Cyber Range (IoT-CR); an IoT testbed designed for research and training in IoT security. The IoT-CR allows the user to specify and work on customisable IoT networks, both virtual and physical, and supports the concurrent execution of multiple scenarios in a scalable way following a modular architecture. We first provide an overview of existing, state of the art IoT testbeds and cyber security related initiatives. We then present the design and architecture of the IoT Cyber Range, also detailing the corresponding RESTful APIs that help de-associate the IoT-CR tiers and obfuscate underlying complexities. The design is focused around the end-user and is based on the four design principles for Cyber Range development discussed in the introduction. Finally, we demonstrate the use of the facility via a red/blue team scenario involving a variant of man-in-the-middle attack using IoT devices. Future work includes the use of the IoT-CR by cohorts of trainees in order to evaluate the effectiveness of specific scenarios in acquiring IoT-related cyber-security knowledge and skills, as well as the IoT-CR integration with a pan-European cyber-security competence network. Full article
(This article belongs to the Special Issue Sensors Cybersecurity)
Show Figures

Figure 1

Article
ARES: Automated Risk Estimation in Smart Sensor Environments
Sensors 2020, 20(16), 4617; https://doi.org/10.3390/s20164617 - 17 Aug 2020
Cited by 4 | Viewed by 1524
Abstract
Industry 4.0 adoption demands integrability, interoperability, composability, and security. Currently, integrability, interoperability and composability are addressed by next-generation approaches for enterprise systems integration such as model-based standards, ontology, business process model life cycle management and the context of business processes. Security is addressed [...] Read more.
Industry 4.0 adoption demands integrability, interoperability, composability, and security. Currently, integrability, interoperability and composability are addressed by next-generation approaches for enterprise systems integration such as model-based standards, ontology, business process model life cycle management and the context of business processes. Security is addressed by conducting risk management as a first step. Nevertheless, security risks are very much influenced by the assets that the business processes are supported. To this end, this paper proposes an approach for automated risk estimation in smart sensor environments, called ARES, which integrates with the business process model life cycle management. To do so, ARES utilizes standards for platform, vulnerability, weakness, and attack pattern enumeration in conjunction with a well-known vulnerability scoring system. The applicability of ARES is demonstrated with an application example that concerns a typical case of a microSCADA controller and a prototype tool called Business Process Cataloging and Classification System. Moreover, a computer-aided procedure for mapping attack patterns-to-platforms is proposed, and evaluation results are discussed revealing few limitations. Full article
(This article belongs to the Special Issue Sensors Cybersecurity)
Show Figures

Figure 1

Article
Towards a Multi-Layered Phishing Detection
Sensors 2020, 20(16), 4540; https://doi.org/10.3390/s20164540 - 13 Aug 2020
Cited by 7 | Viewed by 1620
Abstract
Phishing is one of the most common threats that users face while browsing the web. In the current threat landscape, a targeted phishing attack (i.e., spear phishing) often constitutes the first action of a threat actor during an intrusion campaign. To tackle this [...] Read more.
Phishing is one of the most common threats that users face while browsing the web. In the current threat landscape, a targeted phishing attack (i.e., spear phishing) often constitutes the first action of a threat actor during an intrusion campaign. To tackle this threat, many data-driven approaches have been proposed, which mostly rely on the use of supervised machine learning under a single-layer approach. However, such approaches are resource-demanding and, thus, their deployment in production environments is infeasible. Moreover, most previous works utilise a feature set that can be easily tampered with by adversaries. In this paper, we investigate the use of a multi-layered detection framework in which a potential phishing domain is classified multiple times by models using different feature sets. In our work, an additional classification takes place only when the initial one scores below a predefined confidence level, which is set by the system owner. We demonstrate our approach by implementing a two-layered detection system, which uses supervised machine learning to identify phishing attacks. We evaluate our system with a dataset consisting of active phishing attacks and find that its performance is comparable to the state of the art. Full article
(This article belongs to the Special Issue Sensors Cybersecurity)
Show Figures

Figure 1

Review

Jump to: Editorial, Research

Review
Security in IoMT Communications: A Survey
Sensors 2020, 20(17), 4828; https://doi.org/10.3390/s20174828 - 26 Aug 2020
Cited by 31 | Viewed by 3355
Abstract
The Internet of Medical Things (IoMT) couples IoT technologies with healthcare services in order to support real-time, remote patient monitoring and treatment. However, the interconnectivity of critical medical devices with other systems in various network layers creates new opportunities for remote adversaries. Since [...] Read more.
The Internet of Medical Things (IoMT) couples IoT technologies with healthcare services in order to support real-time, remote patient monitoring and treatment. However, the interconnectivity of critical medical devices with other systems in various network layers creates new opportunities for remote adversaries. Since most of the communication protocols have not been specifically designed for the needs of connected medical devices, there is a need to classify the available IoT communication technologies in terms of security. In this paper we classify IoT communication protocols, with respect to their application in IoMT. Then we describe the main characteristics of IoT communication protocols used at the perception, network and application layer of medical devices. We examine the inherent security characteristics and limitations of IoMT-specific communication protocols. Based on realistic attacks we identify available mitigation controls that may be applied to secure IoMT communications, as well as existing research and implementation gaps. Full article
(This article belongs to the Special Issue Sensors Cybersecurity)
Show Figures

Figure 1

Review
Defending Airports from UAS: A Survey on Cyber-Attacks and Counter-Drone Sensing Technologies
Sensors 2020, 20(12), 3537; https://doi.org/10.3390/s20123537 - 22 Jun 2020
Cited by 52 | Viewed by 5052
Abstract
As the fastest growing segment of aviation, unmanned aerial systems (UAS) continue to increase in number, technical complexity and capabilities. Numerous civilian and commercial uses are drastically transforming civil protection, asset delivery, commercial and entertaining activities. However, UAS pose significant challenges in terms [...] Read more.
As the fastest growing segment of aviation, unmanned aerial systems (UAS) continue to increase in number, technical complexity and capabilities. Numerous civilian and commercial uses are drastically transforming civil protection, asset delivery, commercial and entertaining activities. However, UAS pose significant challenges in terms of safety, security and privacy within society. An increasing phenomenon, nowadays, is drone-related incidents near airport facilities, which are expected to proliferate in frequency, complexity and severity, as drones become larger and more powerful. Critical infrastructures need to be protected from such aerial attacks, through effective counteracting technologies, risk management and resilience plans. In this paper, we present a survey of drone incidents near airports and a literature review of sensor technologies, able to prevent, detect, identify and mitigate rogue drones. We exhibit the benefits and limitations of available counter-drone technologies (C-UAS); however, defending airports against misused drone activity is a hard problem. Therefore, we analyze three realistic attack scenarios from malicious drones and propose an effective C-UAS protection plan for each case. We discuss applicability limitations of C-UAS in the aviation context and propose a resilience action plan for airport stakeholders for defending against airborne threats from misused drones. Full article
(This article belongs to the Special Issue Sensors Cybersecurity)
Show Figures

Figure 1

Back to TopTop