sensors-logo

Journal Browser

Journal Browser

Security, Trust and Privacy in New Computing Environments

A topical collection in Sensors (ISSN 1424-8220). This collection belongs to the section "Internet of Things".

Viewed by 76476

Editors

Department of Computing, Hong Kong Polytechnic University, Hong Kong 100871, China
Interests: network management and security; intrusion detection; spam detection; trust management; web technology; blockchain and E-commerce security
Special Issues, Collections and Topics in MDPI journals
School of Cyberspace Science and Technology, Beijing Institute of Technology, Beijing 100081, China
Interests: information security; cryptography; blockchain
Special Issues, Collections and Topics in MDPI journals

Topical Collection Information

Dear Colleagues,

The dynamics of existing computing models and computing environments change frequently, with the rapid development of mobile computing, big data, and artificial intelligence, Internet-of-Things (IoT), blockchain technology, and many other large-scale computing environments. For example, in IoT and big data environments, many traditional solutions and tools are not suitable. Migrating conventional systems to the new computing environment may cause many unexpected mistakes and errors, resulting in an increasing number of security, trust, and privacy issues. With the popularity of blockchain technology, decentralized solutions are also leading to big changes in current computing environments. Many blockchain-based systems like PKI, audit systems, and insurance systems are under construction. The adoption of blockchain has the potential to help solve the issue of data integrity and transparency.

This Topical Collection focuses on all security, trust, and privacy issues, and all efforts to investigate and address these challenges in current new computing environments.

In particular, the topics of interest include but are not limited to the following:

  • User authentication in new computing environments
  • Risk analysis and intrusion response
  • Identity and access management in IoT
  • AI security
  • Measurement of IoT privacy leakage
  • Mobile cloud security
  • New cryptographic techniques
  • Cloud security
  • Security and privacy in big data
  • Blockchain in new computing environments
  • Software security
  • Cybercrime
  • IoT security and privacy
  • Forensic techniques
  • Usable security in new computing environments
  • Cyber intelligence techniques
Dr. Wenjuan Li
Dr. Weizhi Meng
Prof. Dr. Sokratis Katsikas
Dr. Peng Jiang
Collection Editors

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the collection website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Sensors is an international peer-reviewed open access semimonthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 2600 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Published Papers (18 papers)

2023

Jump to: 2022, 2021, 2020

15 pages, 747 KiB  
Article
A Distributed and Secure Self-Sovereign-Based Framework for Systems of Systems
by Dhiah el Diehn I. Abou-Tair, Raad Haddad, Ala’ Khalifeh, Sahel Alouneh and Roman Obermaisser
Sensors 2023, 23(17), 7617; https://doi.org/10.3390/s23177617 - 02 Sep 2023
Viewed by 957
Abstract
Security and privacy are among the main challenges in the systems of systems. The distributed ledger technology and self-sovereign identity pave the way to empower systems and users’ security and privacy. By utilizing both technologies, this paper proposes a distributed and self-sovereign-based framework [...] Read more.
Security and privacy are among the main challenges in the systems of systems. The distributed ledger technology and self-sovereign identity pave the way to empower systems and users’ security and privacy. By utilizing both technologies, this paper proposes a distributed and self-sovereign-based framework for systems of systems to increase the security of such a system and maintain users’ privacy. We conducted an extensive security analysis of the proposed framework using a threat model based on the STRIDE framework, highlighting the mitigation provided by the proposed framework compared to the traditional SoS security. The analysis shows the feasibility of the proposed framework, affirming its capability to establish a secure and privacy-preserving identity management system for systems of systems. Full article
Show Figures

Figure 1

2022

Jump to: 2023, 2021, 2020

21 pages, 1628 KiB  
Article
DDoS Attack Prevention for Internet of Thing Devices Using Ethereum Blockchain Technology
by Rahmeh Fawaz Ibrahim, Qasem Abu Al-Haija and Ashraf Ahmad
Sensors 2022, 22(18), 6806; https://doi.org/10.3390/s22186806 - 08 Sep 2022
Cited by 29 | Viewed by 4818
Abstract
The Internet of Things (IoT) has widely expanded due to its advantages in enhancing the business, industrial, and social ecosystems. Nevertheless, IoT infrastructure is susceptible to several cyber-attacks due to the endpoint devices’ restrictions in computation, storage, and communication capacity. As such, distributed [...] Read more.
The Internet of Things (IoT) has widely expanded due to its advantages in enhancing the business, industrial, and social ecosystems. Nevertheless, IoT infrastructure is susceptible to several cyber-attacks due to the endpoint devices’ restrictions in computation, storage, and communication capacity. As such, distributed denial-of-service (DDoS) attacks pose a serious threat to the security of the IoT. Attackers can easily utilize IoT devices as part of botnets to launch DDoS attacks by taking advantage of their flaws. This paper proposes an Ethereum blockchain model to detect and prevent DDoS attacks against IoT systems. Additionally, the proposed system can be used to resolve the single points of failure (dependencies on third parties) and privacy and security in IoT systems. First, we propose implementing a decentralized platform in place of current centralized system solutions to prevent DDoS attacks on IoT devices at the application layer by authenticating and verifying these devices. Second, we suggest tracing and recording the IP address of malicious devices inside the blockchain to prevent them from connecting and communicating with the IoT networks. The system performance has been evaluated by performing 100 experiments to evaluate the time taken by the authentication process. The proposed system highlights two messages with a time of 0.012 ms: the first is the request transmitted from the IoT follower device to join the blockchain, and the second is the blockchain response. The experimental evaluation demonstrated the superiority of our system because there are fewer I/O operations in the proposed system than in other related works, and thus it runs substantially faster. Full article
Show Figures

Figure 1

25 pages, 2866 KiB  
Article
Trust and Mobility-Based Protocol for Secure Routing in Internet of Things
by Syeda Mariam Muzammal, Raja Kumar Murugesan, NZ Jhanjhi, M. Shamim Hossain and Abdulsalam Yassine
Sensors 2022, 22(16), 6215; https://doi.org/10.3390/s22166215 - 18 Aug 2022
Cited by 12 | Viewed by 2201
Abstract
In the Internet of Things (IoT), the de facto Routing Protocol for Low Power and Lossy Networks (RPL) is susceptible to several disruptive attacks based on its functionalities and features. Among various RPL security solutions, a trust-based security is easy to adapt for [...] Read more.
In the Internet of Things (IoT), the de facto Routing Protocol for Low Power and Lossy Networks (RPL) is susceptible to several disruptive attacks based on its functionalities and features. Among various RPL security solutions, a trust-based security is easy to adapt for resource-constrained IoT environments. In the existing trust-based security for RPL routing attacks, nodes’ mobility is not considered or limited to only the sender nodes. Similarly, these trust-based protocols are not evaluated for mobile IoT environments, particularly regarding RPL attacks. Hence, a trust and mobility-based secure routing protocol is proposed, termed as SMTrust, by critically analysing the trust metrics involving the mobility-based metrics in IoT. SMTrust intends to provide security against RPL Rank and Blackhole attacks. The proposed protocol is evaluated in three different scenarios, including static and mobile nodes in an IoT network. SMTrust is compared with the default RPL objective function, Minimum Rank with Hysteresis Objective Function (MRHOF), SecTrust, DCTM, and MRTS. The evaluation results indicate that the proposed protocol outperforms with respect to packet loss rate, throughput, and topology stability. Moreover, SMTrust is validated using routing protocol requirements analysis to ensure that it fulfils the consistency, optimality, and loop-freeness. Full article
Show Figures

Figure 1

2021

Jump to: 2023, 2022, 2020

21 pages, 458 KiB  
Article
rTLS: Secure and Efficient TLS Session Resumption for the Internet of Things
by Koen Tange, Sebastian Mödersheim, Apostolos Lalos, Xenofon Fafoutis and Nicola Dragoni
Sensors 2021, 21(19), 6524; https://doi.org/10.3390/s21196524 - 29 Sep 2021
Cited by 2 | Viewed by 2247
Abstract
In recent years, the Transport Layer Security (TLS) protocol has enjoyed rapid growth as a security protocol for the Internet of Things (IoT). In its newest iteration, TLS 1.3, the Internet Engineering Task Force (IETF) has standardized a zero round-trip time (0-RTT) session [...] Read more.
In recent years, the Transport Layer Security (TLS) protocol has enjoyed rapid growth as a security protocol for the Internet of Things (IoT). In its newest iteration, TLS 1.3, the Internet Engineering Task Force (IETF) has standardized a zero round-trip time (0-RTT) session resumption sub-protocol, allowing clients to already transmit application data in their first message to the server, provided they have shared session resumption details in a previous handshake. Since it is common for IoT devices to transmit periodic messages to a server, this 0-RTT protocol can help in reducing bandwidth overhead. Unfortunately, the sub-protocol has been designed for the Web and is susceptible to replay attacks. In our previous work, we adapted the 0-RTT protocol to strengthen it against replay attacks, while also reducing bandwidth overhead, thus making it more suitable for IoT applications. However, we did not include a formal security analysis of the protocol. In this work, we address this and provide a formal security analysis using OFMC. Further, we have included more accurate estimates on its performance, as well as making minor adjustments to the protocol itself to reduce implementation ambiguity and improve resilience. Full article
Show Figures

Figure 1

38 pages, 654 KiB  
Article
A Formal Analysis of the Mimblewimble Cryptocurrency Protocol
by Adrián Silveira, Gustavo Betarte, Maximiliano Cristiá and Carlos Luna
Sensors 2021, 21(17), 5951; https://doi.org/10.3390/s21175951 - 04 Sep 2021
Cited by 7 | Viewed by 2906
Abstract
Mimblewimble (MW) is a privacy-oriented cryptocurrency technology that provides security and scalability properties that distinguish it from other protocols of its kind. We present and discuss those properties and outline the basis of a model-driven verification approach to address the certification of the [...] Read more.
Mimblewimble (MW) is a privacy-oriented cryptocurrency technology that provides security and scalability properties that distinguish it from other protocols of its kind. We present and discuss those properties and outline the basis of a model-driven verification approach to address the certification of the correctness of the protocol implementations. In particular, we propose an idealized model that is key in the described verification process, and identify and precisely state the conditions for our model to ensure the verification of the relevant security properties of MW. Since MW is built on top of a consensus protocol, we develop a Z specification of one such protocol and present an excerpt of the {log} prototype after its Z specification. This {log} prototype can be used as an executable model. This allows us to analyze the behavior of the protocol without having to implement it in a low level programming language. Finally, we analyze the Grin and Beam implementations of MW in their current state of development. Full article
Show Figures

Figure 1

22 pages, 676 KiB  
Article
Steganographic Analysis of Blockchains
by Alexandre Augusto Giron, Jean Everson Martina and Ricardo Custódio
Sensors 2021, 21(12), 4078; https://doi.org/10.3390/s21124078 - 13 Jun 2021
Cited by 7 | Viewed by 3343
Abstract
Steganography is one of the ways to hide data between parties. Its use can be worrisome, e.g., to hide illegal communications. Researchers found that public blockchains can be an attractive place to hide communications; however, there is not much evidence of actual use [...] Read more.
Steganography is one of the ways to hide data between parties. Its use can be worrisome, e.g., to hide illegal communications. Researchers found that public blockchains can be an attractive place to hide communications; however, there is not much evidence of actual use in blockchains. Besides, previous work showed a lack of steganalysis methods for blockchains. In this context, we present a steganalysis approach for blockchains, evaluating it in Bitcoin and Ethereum, both popular cryptocurrencies. The main objective is to answer if one can find steganography in real case scenarios, focusing on LSB of addresses and nonces. Our sequential analysis included 253 GiB and 107 GiB of bitcoin and ethereum, respectively. We also analyzed up to 98 million bitcoin clusters. We found that bitcoin clusters could carry up to 360 KiB of hidden data if used for such a purpose. We have not found any concrete evidence of hidden data in the blockchains. The sequential analysis may not capture the perspective of the users of the blockchain network. In this case, we recommend clustering analysis, but it depends on the clustering method’s accuracy. Steganalysis is an essential aspect of blockchain security. Full article
Show Figures

Figure 1

14 pages, 477 KiB  
Communication
Assessing MITRE ATT&CK Risk Using a Cyber-Security Culture Framework
by Anna Georgiadou, Spiros Mouzakitis and Dimitris Askounis
Sensors 2021, 21(9), 3267; https://doi.org/10.3390/s21093267 - 09 May 2021
Cited by 39 | Viewed by 10593
Abstract
The MITRE ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) Framework provides a rich and actionable repository of adversarial tactics, techniques, and procedures. Its innovative approach has been broadly welcomed by both vendors and enterprise customers in the industry. Its usage extends from adversary [...] Read more.
The MITRE ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) Framework provides a rich and actionable repository of adversarial tactics, techniques, and procedures. Its innovative approach has been broadly welcomed by both vendors and enterprise customers in the industry. Its usage extends from adversary emulation, red teaming, behavioral analytics development to a defensive gap and SOC (Security Operations Center) maturity assessment. While extensive research has been done on analyzing specific attacks or specific organizational culture and human behavior factors leading to such attacks, a holistic view on the association of both is currently missing. In this paper, we present our research results on associating a comprehensive set of organizational and individual culture factors (as described on our developed cyber-security culture framework) with security vulnerabilities mapped to specific adversary behavior and patterns utilizing the MITRE ATT&CK framework. Thus, exploiting MITRE ATT&CK’s possibilities towards a scientific direction that has not yet been explored: security assessment and defensive design, a step prior to its current application domain. The suggested cyber-security culture framework was originally designed to aim at critical infrastructures and, more specifically, the energy sector. Organizations of these domains exhibit a co-existence and strong interaction of the IT (Information Technology) and OT (Operational Technology) networks. As a result, we emphasize our scientific effort on the hybrid MITRE ATT&CK for Enterprise and ICS (Industrial Control Systems) model as a broader and more holistic approach. The results of our research can be utilized in an extensive set of applications, including the efficient organization of security procedures as well as enhancing security readiness evaluation results by providing more insights into imminent threats and security risks. Full article
Show Figures

Figure 1

23 pages, 5007 KiB  
Article
Secure Combination of IoT and Blockchain by Physically Binding IoT Devices to Smart Non-Fungible Tokens Using PUFs
by Javier Arcenegui, Rosario Arjona, Roberto Román and Iluminada Baturone
Sensors 2021, 21(9), 3119; https://doi.org/10.3390/s21093119 - 30 Apr 2021
Cited by 43 | Viewed by 8499
Abstract
Non-fungible tokens (NFTs) are widely used in blockchain to represent unique and non-interchangeable assets. Current NFTs allow representing assets by a unique identifier, as a possession of an owner. The novelty introduced in this paper is the proposal of smart NFTs to represent [...] Read more.
Non-fungible tokens (NFTs) are widely used in blockchain to represent unique and non-interchangeable assets. Current NFTs allow representing assets by a unique identifier, as a possession of an owner. The novelty introduced in this paper is the proposal of smart NFTs to represent IoT devices, which are physical smart assets. Hence, they are also identified as the utility of a user, they have a blockchain account (BCA) address to participate actively in the blockchain transactions, they can establish secure communication channels with owners and users, and they operate dynamically with several modes associated with their token states. A smart NFT is physically bound to its IoT device thanks to the use of a physical unclonable function (PUF) that allows recovering its private key and, then, its BCA address. The link between tokens and devices is difficult to break and can be traced during their lifetime, because devices execute a secure boot and carry out mutual authentication processes with new owners and users that could add new software. Hence, devices prove their trusted hardware and software. A whole demonstration of the proposal developed with ESP32-based IoT devices and Ethereum blockchain is presented, using the SRAM of the ESP32 microcontroller as the PUF. Full article
Show Figures

Figure 1

19 pages, 1604 KiB  
Article
Ensuring Purpose Limitation in Large-Scale Infrastructures with Provenance-Enabled Access Control
by Shizra Sultan and Christian D. Jensen
Sensors 2021, 21(9), 3041; https://doi.org/10.3390/s21093041 - 26 Apr 2021
Cited by 2 | Viewed by 1721
Abstract
The amount of data generated in today’s world has a fair share of personal information about individuals that helps data owners and data processors in providing them with personalized services. Different legal and regulatory obligations apply to all data owners collecting personal information, [...] Read more.
The amount of data generated in today’s world has a fair share of personal information about individuals that helps data owners and data processors in providing them with personalized services. Different legal and regulatory obligations apply to all data owners collecting personal information, specifying they use it only for the agreed-upon purposes and in a transparent way to preserve privacy. However, it is difficult to achieve this in large-scale and distributed infrastructures as data is continuously changing its form, such as through aggregation with other sources or the generation of new transformed resources, resulting often in the loss or misinterpretation of the collection purpose. In order to preserve the authorized collection purposes, we propose data is added as a part of immutable and append-only resource metadata (provenance), to be retrieved by an access control mechanism when required for data-usage verification. This not only ensures purpose limitation in large-scale infrastructures but also provides transparency for individuals and auditing authorities to track how personal information is used. Full article
Show Figures

Figure 1

19 pages, 755 KiB  
Article
Privacy-Preserving Task-Matching and Multiple-Submissions Detection in Crowdsourcing
by Jie Xu, Zhaowen Lin and Jun Wu
Sensors 2021, 21(9), 3036; https://doi.org/10.3390/s21093036 - 26 Apr 2021
Cited by 2 | Viewed by 1900
Abstract
Crowdsourcing enables requesters to publish tasks to a platform and workers are rewarded for performing tasks of interest. It provides an efficient and low-cost way to aggregate data and solve problems that are difficult for computers but simple for humans. However, the privacy [...] Read more.
Crowdsourcing enables requesters to publish tasks to a platform and workers are rewarded for performing tasks of interest. It provides an efficient and low-cost way to aggregate data and solve problems that are difficult for computers but simple for humans. However, the privacy risks and challenges are still widespread. In the real world, the task content may be sensitive and only workers who meet specific requirements or possess certain skills are allowed to acquire and perform it. When these distributed workers submit their task answers, their identity or attribute privacy may also be exposed. If workers are allowed to submit anonymously, they may have the chance to repeat their answers so as to get more rewards. To address these issues, we develop a privacy-preserving task-matching and multiple-submissions detection scheme based on inner-product cryptography and proof of knowledge (PoK) protocol in crowdsourcing. In such a construction, multi-authority inner-product encryption is introduced to protect task confidentiality and achieve fine-grained task-matching based on the attributes of workers. The PoK protocol helps to restrict multiple submissions. For one task, a suitable worker could only submit once without revealing his/her identity. Moreover, different tasks for one worker are unlinkable. Furthermore, the implementation analysis shows that the scheme is effective and feasible. Full article
Show Figures

Figure 1

22 pages, 6902 KiB  
Article
A Smartcard-Based User-Controlled Single Sign-On for Privacy Preservation in 5G-IoT Telemedicine Systems
by Tzu-Wei Lin, Chien-Lung Hsu, Tuan-Vinh Le, Chung-Fu Lu and Bo-Yu Huang
Sensors 2021, 21(8), 2880; https://doi.org/10.3390/s21082880 - 20 Apr 2021
Cited by 15 | Viewed by 3211
Abstract
Healthcare is now an important part of daily life because of rising consciousness of health management. Medical professionals can know users’ health condition if they are able to access information immediately. Telemedicine systems, which provides long distance medical communication and services, is a [...] Read more.
Healthcare is now an important part of daily life because of rising consciousness of health management. Medical professionals can know users’ health condition if they are able to access information immediately. Telemedicine systems, which provides long distance medical communication and services, is a multi-functional remote medical service that can help patients in bed in long-distance communication environments. As telemedicine systems work in public networks, privacy preservation issue of sensitive and private transmitted information is important. One of the means of proving a user’s identity are user-controlled single sign-on (UCSSO) authentication scheme, which can establish a secure communication channel using authenticated session keys between the users and servers of telemedicine systems, without threats of eavesdropping, impersonation, etc., and allow patients access to multiple telemedicine services with a pair of identity and password. In this paper, we proposed a smartcard-based user-controlled single sign-on (SC-UCSSO) for telemedicine systems that not only remains above merits but achieves privacy preservation and enhances security and performance compared to previous schemes that were proved with BAN logic and automated validation of internet security protocols and applications (AVISPA). Full article
Show Figures

Figure 1

17 pages, 1357 KiB  
Article
TruthTrust: Truth Inference-Based Trust Management Mechanism on a Crowdsourcing Platform
by Jiyuan Zhou, Xing Jin, Lanping Yu, Limin Xue and Yizhi Ren
Sensors 2021, 21(8), 2578; https://doi.org/10.3390/s21082578 - 07 Apr 2021
Cited by 4 | Viewed by 2139
Abstract
On a crowdsourcing platform, in order to cheat for rewards or sabotage the crowdsourcing processes, spam workers may submit numerous erroneous answers to the tasks published by requesters. This type of behavior extremely reduces the completion rate of tasks and the enthusiasm of [...] Read more.
On a crowdsourcing platform, in order to cheat for rewards or sabotage the crowdsourcing processes, spam workers may submit numerous erroneous answers to the tasks published by requesters. This type of behavior extremely reduces the completion rate of tasks and the enthusiasm of honest users, which may lead a crowdsourcing platform to a failure. Defending against malicious attacks is an important issue in crowdsourcing, which has been extensively addressed by existing methods, e.g., verification-based defense mechanisms, data analysis solutions, trust-based defense models, and workers’ properties matching mechanisms. However, verification-based defense mechanisms will consume a lot of resources, and data analysis solutions cannot motivate workers to provide high-quality services. Trust-based defense models and workers’ properties matching mechanisms cannot guarantee the authenticity of information when collusion requesters publish shadow tasks to help malicious workers get more participation opportunities. To defend such collusion attacks in crowdsourcing platforms, we propose a new defense model named TruthTrust. Firstly, we define a complete life cycle system that from users’ interaction to workers’ recommendation, and separately define the trust value of each worker and the credence of each requester. Secondly, in order to ensure the authenticity of the information, we establish a trust model based on the CRH framework. The calculated truth value and weight are used to define the global properties of workers and requesters. Moreover, we propose a reverse mechanism to improve the resistance under attacks. Finally, extensive experiments demonstrate that TruthTrust significantly outperforms the state-of-the-art approaches in terms of effective task completion rate. Full article
Show Figures

Figure 1

21 pages, 752 KiB  
Article
Cyber Risk Propagation and Optimal Selection of Cybersecurity Controls for Complex Cyberphysical Systems
by Georgios Kavallieratos, Georgios Spathoulas and Sokratis Katsikas
Sensors 2021, 21(5), 1691; https://doi.org/10.3390/s21051691 - 01 Mar 2021
Cited by 15 | Viewed by 4246
Abstract
The increasingly witnessed integration of information technology with operational technology leads to the formation of Cyber-Physical Systems (CPSs) that intertwine physical and cyber components and connect to each other to form systems-of-systems. This interconnection enables the offering of functionality beyond the combined offering [...] Read more.
The increasingly witnessed integration of information technology with operational technology leads to the formation of Cyber-Physical Systems (CPSs) that intertwine physical and cyber components and connect to each other to form systems-of-systems. This interconnection enables the offering of functionality beyond the combined offering of each individual component, but at the same time increases the cyber risk of the overall system, as such risk propagates between and aggregates at component systems. The complexity of the resulting systems-of-systems in many cases leads to difficulty in analyzing cyber risk. Additionally, the selection of cybersecurity controls that will effectively and efficiently treat the cyber risk is commonly performed manually, or at best with limited automated decision support. In this work, we propose a method for analyzing risk propagation and aggregation in complex CPSs utilizing the results of risk assessments of their individual constituents. Additionally, we propose a method employing evolutionary programming for automating the selection of an optimal set of cybersecurity controls out of a list of available controls, that will minimize the residual risk and the cost associated with the implementation of these measures. We illustrate the workings of the proposed methods by applying them to the navigational systems of two variants of the Cyber-Enabled Ship (C-ES), namely the autonomous ship and the remotely controlled ship. The results are sets of cybersecurity controls applied to those components of the overall system that have been identified in previous studies as the most vulnerable ones; such controls minimize the residual risk, while also minimizing the cost of implementation. Full article
Show Figures

Figure 1

19 pages, 437 KiB  
Article
Anonymous Asynchronous Ratchet Tree Protocol for Group Messaging
by Kaiming Chen, Jiageng Chen and Jixin Zhang
Sensors 2021, 21(4), 1058; https://doi.org/10.3390/s21041058 - 04 Feb 2021
Cited by 1 | Viewed by 2198
Abstract
Signal is the first application that applies the double ratchet for its end-to-end encryption protocol. The core of the double ratchet protocol is then applied in WhatsApp, the most popular messaging application around the world. Asynchronous Ratchet Tree (ART) is extended from ratchet [...] Read more.
Signal is the first application that applies the double ratchet for its end-to-end encryption protocol. The core of the double ratchet protocol is then applied in WhatsApp, the most popular messaging application around the world. Asynchronous Ratchet Tree (ART) is extended from ratchet and Diffie-Hellman tree. It is the first group protocol that applies Forward Secrecy (FS) with Post-Compromised Security (PCS). However, it does not consider protecting the privacy of user identity. Therefore, it makes sense to provide anonymous features in the conditions of FS and PCS. In this paper, the concepts of Internal Group Anonymity (IGA) and External Group Anonymity (EGA) are formalized. On the basis of IGA and EGA, we develop the “Anonymous Asynchronous Ratchet Tree (AART)” to realize anonymity while preserving FS and PCS. Then, we prove that our AART meets the requirements of IGA and EGA as well as FS and PCS. Finally, the performance and related issues of AART are discussed. Full article
Show Figures

Figure 1

2020

Jump to: 2023, 2022, 2021

21 pages, 13038 KiB  
Article
GAN-Based Differential Private Image Privacy Protection Framework for the Internet of Multimedia Things
by Jinao Yu, Hanyu Xue, Bo Liu, Yu Wang, Shibing Zhu and Ming Ding
Sensors 2021, 21(1), 58; https://doi.org/10.3390/s21010058 - 24 Dec 2020
Cited by 23 | Viewed by 4562
Abstract
With the development of the Internet of Multimedia Things (IoMT), an increasing amount of image data is collected by various multimedia devices, such as smartphones, cameras, and drones. This massive number of images are widely used in each field of IoMT, which presents [...] Read more.
With the development of the Internet of Multimedia Things (IoMT), an increasing amount of image data is collected by various multimedia devices, such as smartphones, cameras, and drones. This massive number of images are widely used in each field of IoMT, which presents substantial challenges for privacy preservation. In this paper, we propose a new image privacy protection framework in an effort to protect the sensitive personal information contained in images collected by IoMT devices. We aim to use deep neural network techniques to identify the privacy-sensitive content in images, and then protect it with the synthetic content generated by generative adversarial networks (GANs) with differential privacy (DP). Our experiment results show that the proposed framework can effectively protect users’ privacy while maintaining image utility. Full article
Show Figures

Figure 1

15 pages, 583 KiB  
Article
A Critical Evaluation of Privacy and Security Threats in Federated Learning
by Muhammad Asad, Ahmed Moustafa and Chao Yu
Sensors 2020, 20(24), 7182; https://doi.org/10.3390/s20247182 - 15 Dec 2020
Cited by 22 | Viewed by 3806
Abstract
With the advent of smart devices, smartphones, and smart everything, the Internet of Things (IoT) has emerged with an incredible impact on the industries and human life. The IoT consists of millions of clients that exchange massive amounts of critical data, which results [...] Read more.
With the advent of smart devices, smartphones, and smart everything, the Internet of Things (IoT) has emerged with an incredible impact on the industries and human life. The IoT consists of millions of clients that exchange massive amounts of critical data, which results in high privacy risks when processed by a centralized cloud server. Motivated by this privacy concern, a new machine learning paradigm has emerged, namely Federated Learning (FL). Specifically, FL allows for each client to train a learning model locally and performs global model aggregation at the centralized cloud server in order to avoid the direct data leakage from clients. However, despite this efficient distributed training technique, an individual’s private information can still be compromised. To this end, in this paper, we investigate the privacy and security threats that can harm the whole execution process of FL. Additionally, we provide practical solutions to overcome those attacks and protect the individual’s privacy. We also present experimental results in order to highlight the discussed issues and possible solutions. We expect that this work will open exciting perspectives for future research in FL. Full article
Show Figures

Figure 1

28 pages, 5477 KiB  
Article
Tracing Your Smart-Home Devices Conversations: A Real World IoT Traffic Data-Set
by Marios Anagnostopoulos, Georgios Spathoulas, Brais Viaño and Javier Augusto-Gonzalez
Sensors 2020, 20(22), 6600; https://doi.org/10.3390/s20226600 - 18 Nov 2020
Cited by 16 | Viewed by 4582
Abstract
Smart-home installations exponential growth has raised major security concerns. To this direction, the GHOST project, a European Union Horizon 2020 Research and Innovation funded project, aims to develop a reference architecture for securing smart-homes IoT ecosystem. It is required to have automated and [...] Read more.
Smart-home installations exponential growth has raised major security concerns. To this direction, the GHOST project, a European Union Horizon 2020 Research and Innovation funded project, aims to develop a reference architecture for securing smart-homes IoT ecosystem. It is required to have automated and user friendly security mechanisms embedded into smart-home environments, to protect the users’ digital well being. GHOST project aims to fulfill this requirement and one of its main functionalities is the traffic monitoring for all IoT related network protocols. In this paper, the traffic capturing and monitoring mechanism of the GHOST system, called NDFA, is presented, as the first mechanism that is able to monitor smart-home activity in a holistic way. With the help of the NDFA, we compile the GHOST-IoT-data-set, an IoT network traffic data-set, captured in a real world smart-home installation. This data-set contains traffic from multiple network interfaces with both normal real life activity and simulated abnormal functioning of the devices. The GHOST-IoT-data-set is offered to the research community as a proof of concept to demonstrate the ability of the NDFA module to process the raw network traffic from a real world smart-home installation with multiple network interfaces and IoT devices. Full article
Show Figures

Figure 1

14 pages, 719 KiB  
Article
A Privacy-Preserving Healthcare Framework Using Hyperledger Fabric
by Charalampos Stamatellis, Pavlos Papadopoulos, Nikolaos Pitropakis, Sokratis Katsikas and William J. Buchanan
Sensors 2020, 20(22), 6587; https://doi.org/10.3390/s20226587 - 18 Nov 2020
Cited by 79 | Viewed by 8028
Abstract
Electronic health record (EHR) management systems require the adoption of effective technologies when health information is being exchanged. Current management approaches often face risks that may expose medical record storage solutions to common security attack vectors. However, healthcare-oriented blockchain solutions can provide a [...] Read more.
Electronic health record (EHR) management systems require the adoption of effective technologies when health information is being exchanged. Current management approaches often face risks that may expose medical record storage solutions to common security attack vectors. However, healthcare-oriented blockchain solutions can provide a decentralized, anonymous and secure EHR handling approach. This paper presents PREHEALTH, a privacy-preserving EHR management solution that uses distributed ledger technology and an Identity Mixer (Idemix). The paper describes a proof-of-concept implementation that uses the Hyperledger Fabric’s permissioned blockchain framework. The proposed solution is able to store patient records effectively whilst providing anonymity and unlinkability. Experimental performance evaluation results demonstrate the scheme’s efficiency and feasibility for real-world scale deployment. Full article
Show Figures

Figure 1

Back to TopTop