E-Mail Alert

Add your e-mail address to receive forthcoming issues of this journal:

Journal Browser

Journal Browser

Special Issue "Threat Identification and Defence for Internet-of-Things"

A special issue of Sensors (ISSN 1424-8220). This special issue belongs to the section "Internet of Things".

Deadline for manuscript submissions: 31 August 2019

Special Issue Editors

Guest Editor
Dr. Weizhi Meng

Technical University of Denmark, Denmark
Website | E-Mail
Interests: Cyber Security; Malware and Vulnerability Analysis; Intrusion Detection; Biometric Authentication and Security; Trust Computation
Guest Editor
Dr. Man Ho Au

Hong Kong Polytechnic University, Hong Kong, China
Website | E-Mail
Interests: Information security; Applied Cryptography; Accountable Anonymity and Blockchain
Guest Editor
Dr. Chunhua Su

Division of Computer Science, University of Aizu, Aizu-Wakamatsu, Fukushima Pref. 965-8580, Japan
Website | E-Mail
Interests: cryptography; IoT security and privacy; privacy-preserving technologies
Guest Editor
Prof. Kouichi Sakurai

Kyushu University, Japan
Website | E-Mail
Interests: Internet-of-Things; Threat identification; Sensor networks; Security mechanism design; Privacy issues; Trust management

Special Issue Information

Dear Colleagues,

The Internet of Things (IoT) is the network of physical devices and various kinds of embedded software, which enable different Internet-connected objects to exchange data. However, the Internet-enabled devices also bring many new challenges. For example, the fundamental security weakness of IoT is that it increases the number of devices behind a network firewall. In addition, many companies may not update their devices very often, which means that an IoT device that was safe at first will become unsafe if hackers discover new threats and vulnerabilities. As a result, how to protect IoT from various threats is a challenging task.

This Special Issue focuses on all IoT security issues, especially threat detection and defense, and aims to publish recent research studies for IoT development that discuss novel ways in securing IoT security, privacy and trust.

In particular, the topics of interest include, but are not limited to:

  • Secure network architecture for IoT
  • Trust management of IoT
  • Secure data storage and segregation
  • Secure cloud storage and computation for IoT
  • Availability, recovery and auditing for IoT
  • Secure and energy efficient management for IoT
  • IoT cyber crime
  • Denial-of-service attacks for IoT
  • IoT security and privacy- IoT forensic techniques
  • Usable security and privacy for IoT
  • Intrusion detection and prevention for IoT
  • Cyber intelligence techniques for IoT

Dr. Weizhi Meng
Dr. Man Ho Au
Dr. Chunhua Su
Prof. Kouichi Sakurai
Guest Editors

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All papers will be peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Sensors is an international peer-reviewed open access semimonthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 1800 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Published Papers (8 papers)

View options order results:
result details:
Displaying articles 1-8
Export citation of selected articles as:

Research

Open AccessArticle Improving IoT Botnet Investigation Using an Adaptive Network Layer
Sensors 2019, 19(3), 727; https://doi.org/10.3390/s19030727
Received: 25 December 2018 / Revised: 28 January 2019 / Accepted: 29 January 2019 / Published: 11 February 2019
PDF Full-text (685 KB) | HTML Full-text | XML Full-text
Abstract
IoT botnets have been used to launch Distributed Denial-of-Service (DDoS) attacks affecting the Internet infrastructure. To protect the Internet from such threats and improve security mechanisms, it is critical to understand the botnets’ intents and characterize their behavior. Current malware analysis solutions, when [...] Read more.
IoT botnets have been used to launch Distributed Denial-of-Service (DDoS) attacks affecting the Internet infrastructure. To protect the Internet from such threats and improve security mechanisms, it is critical to understand the botnets’ intents and characterize their behavior. Current malware analysis solutions, when faced with IoT, present limitations in regard to the network access containment and network traffic manipulation. In this paper, we present an approach for handling the network traffic generated by the IoT malware in an analysis environment. The proposed solution can modify the traffic at the network layer based on the actions performed by the malware. In our study case, we investigated the Mirai and Bashlite botnet families, where it was possible to block attacks to other systems, identify attacks targets, and rewrite botnets commands sent by the botnet controller to the infected devices. Full article
(This article belongs to the Special Issue Threat Identification and Defence for Internet-of-Things)
Figures

Figure 1

Open AccessArticle Tell the Device Password: Smart Device Wi-Fi Connection Based on Audio Waves
Sensors 2019, 19(3), 618; https://doi.org/10.3390/s19030618
Received: 22 December 2018 / Revised: 20 January 2019 / Accepted: 29 January 2019 / Published: 1 February 2019
PDF Full-text (1069 KB) | HTML Full-text | XML Full-text
Abstract
IoT devices are now enriching people’s life. However, the security of IoT devices seldom attracts manufacturers’ attention. There are already some solutions to the problem of connecting a smart device to a user’s wireless network based on the 802.11 transmission such as Smart [...] Read more.
IoT devices are now enriching people’s life. However, the security of IoT devices seldom attracts manufacturers’ attention. There are already some solutions to the problem of connecting a smart device to a user’s wireless network based on the 802.11 transmission such as Smart Config from TI. However, it is insecure in many situations, and it does not have a satisfactory transmission speed, which does not mean that it has a low bit rate. It usually takes a long time for the device to recognize the data it receives and decode them. In this paper, we propose a new Wi-Fi connection method based on audio waves. This method is based on MFSK (Multiple frequency-shift keying) and works well in short distance, which enables the correctness and efficiency. In addition, audio waves can hardly be eavesdropped, which provides higher security than other methods. We also put forward an encryption solution by using jamming signal, which can greatly improve the security of the transmission. Full article
(This article belongs to the Special Issue Threat Identification and Defence for Internet-of-Things)
Figures

Figure 1

Open AccessArticle An Adversarial-Risk-Analysis Approach to Counterterrorist Online Surveillance
Sensors 2019, 19(3), 480; https://doi.org/10.3390/s19030480
Received: 30 December 2018 / Revised: 21 January 2019 / Accepted: 22 January 2019 / Published: 24 January 2019
PDF Full-text (1651 KB) | HTML Full-text | XML Full-text
Abstract
The Internet, with the rise of the IoT, is one of the most powerful means of propagating a terrorist threat, and at the same time the perfect environment for deploying ubiquitous online surveillance systems. This paper tackles the problem of online surveillance, which [...] Read more.
The Internet, with the rise of the IoT, is one of the most powerful means of propagating a terrorist threat, and at the same time the perfect environment for deploying ubiquitous online surveillance systems. This paper tackles the problem of online surveillance, which we define as the monitoring by a security agency of a set of websites through tracking and classification of profiles that are potentially suspected of carrying out terrorist attacks. We conduct a theoretical analysis in this scenario that investigates the introduction of automatic classification technology compared to the status quo involving manual investigation of the collected profiles. Our analysis starts examining the suitability of game-theoretic-based models for decision-making in the introduction of this technology. We propose an adversarial-risk-analysis (ARA) model as a novel way of approaching the online surveillance problem that has the advantage of discarding the hypothesis of common knowledge. The proposed model allows us to study the rationality conditions of the automatic suspect detection technology, determining under which circumstances it is better than the traditional human-based approach. Our experimental results show the benefits of the proposed model. Compared to standard game theory, our ARA-based model indicates in general greater prudence in the deployment of the automatic technology and exhibits satisfactory performance without having to relax crucial hypotheses such as common knowledge and therefore subtracting realism from the problem, although at the expense of higher computational complexity. Full article
(This article belongs to the Special Issue Threat Identification and Defence for Internet-of-Things)
Figures

Figure 1

Open AccessArticle Stackelberg Dynamic Game-Based Resource Allocation in Threat Defense for Internet of Things
Sensors 2018, 18(11), 4074; https://doi.org/10.3390/s18114074
Received: 9 November 2018 / Revised: 18 November 2018 / Accepted: 19 November 2018 / Published: 21 November 2018
PDF Full-text (1953 KB) | HTML Full-text | XML Full-text
Abstract
With the rapid development of the Internet of Things, there are a series of security problems faced by the IoT devices. As the IoT devices are generally devices with limited resources, how to effectively allocate the restricted resources facing the security problems is [...] Read more.
With the rapid development of the Internet of Things, there are a series of security problems faced by the IoT devices. As the IoT devices are generally devices with limited resources, how to effectively allocate the restricted resources facing the security problems is the key issue at present. In this paper, we study the resource allocation problem in threat defense for the resource-constrained IoT system, and propose a Stackelberg dynamic game model to get the optimal allocated resources for both the defender and attackers. The proposed Stackelberg dynamic game model is composed by one defender and many attackers. Given the objective functions of the defender and attackers, we analyze both the open-loop Nash equilibrium and feedback Nash equilibrium for the defender and attackers. Then both the defender and attackers can control their available resources based on the Nash equilibrium solutions of the dynamic game. Numerical simulation results show that correctness and effeteness of the proposed model. Full article
(This article belongs to the Special Issue Threat Identification and Defence for Internet-of-Things)
Figures

Figure 1

Open AccessArticle Message Integration Authentication in the Internet-of-Things via Lattice-Based Batch Signatures
Sensors 2018, 18(11), 4056; https://doi.org/10.3390/s18114056
Received: 23 October 2018 / Revised: 12 November 2018 / Accepted: 13 November 2018 / Published: 20 November 2018
PDF Full-text (464 KB) | HTML Full-text | XML Full-text
Abstract
The internet-of-things (also known as IoT) connects a large number of information-sensing devices to the Internet to collect all kinds of information needed in real time. The reliability of the source of a large number of accessed information tests the processing speed of [...] Read more.
The internet-of-things (also known as IoT) connects a large number of information-sensing devices to the Internet to collect all kinds of information needed in real time. The reliability of the source of a large number of accessed information tests the processing speed of signatures. Batch signature allows a signer to sign a group of messages at one time, and signatures’ verification can be completed individually and independently. Therefore, batch signature is suitable for data integration authentication in IoT. An outstanding advantage of batch signature is that a signer is able to sign as many messages as possible at one time without worrying about the size of signed messages. To reduce complexity yielded by multiple message signing, a binary tree is usually leveraged in the construction of batch signature. However, this structure requires a batch residue, making the size of a batch signature (for a group of messages) even longer than the sum of single signatures. In this paper, we make use of the intersection method from lattice to propose a novel generic method for batch signature. We further combine our method with hash-and-sign paradigm and Fiat–Shamir transformation to propose new batch signature schemes. In our constructions, a batch signature does not need a batch residue, so that the size of the signature is relatively smaller. Our schemes are securely proved to be existential unforgeability against adaptive chosen message attacks under the small integer solution problem, which shows great potential resisting quantum computer attacks. Full article
(This article belongs to the Special Issue Threat Identification and Defence for Internet-of-Things)
Figures

Figure 1

Open AccessArticle Privacy-Preserving Data Aggregation against False Data Injection Attacks in Fog Computing
Sensors 2018, 18(8), 2659; https://doi.org/10.3390/s18082659
Received: 21 June 2018 / Revised: 26 July 2018 / Accepted: 7 August 2018 / Published: 13 August 2018
PDF Full-text (1230 KB) | HTML Full-text | XML Full-text
Abstract
As an extension of cloud computing, fog computing has received more attention in recent years. It can solve problems such as high latency, lack of support for mobility and location awareness in cloud computing. In the Internet of Things (IoT), a series of [...] Read more.
As an extension of cloud computing, fog computing has received more attention in recent years. It can solve problems such as high latency, lack of support for mobility and location awareness in cloud computing. In the Internet of Things (IoT), a series of IoT devices can be connected to the fog nodes that assist a cloud service center to store and process a part of data in advance. Not only can it reduce the pressure of processing data, but also improve the real-time and service quality. However, data processing at fog nodes suffers from many challenging issues, such as false data injection attacks, data modification attacks, and IoT devices’ privacy violation. In this paper, based on the Paillier homomorphic encryption scheme, we use blinding factors to design a privacy-preserving data aggregation scheme in fog computing. No matter whether the fog node and the cloud control center are honest or not, the proposed scheme ensures that the injection data is from legal IoT devices and is not modified and leaked. The proposed scheme also has fault tolerance, which means that the collection of data from other devices will not be affected even if certain fog devices fail to work. In addition, security analysis and performance evaluation indicate the proposed scheme is secure and efficient. Full article
(This article belongs to the Special Issue Threat Identification and Defence for Internet-of-Things)
Figures

Figure 1

Open AccessArticle Centralized Duplicate Removal Video Storage System with Privacy Preservation in IoT
Sensors 2018, 18(6), 1814; https://doi.org/10.3390/s18061814
Received: 30 April 2018 / Revised: 28 May 2018 / Accepted: 1 June 2018 / Published: 4 June 2018
Cited by 7 | PDF Full-text (1308 KB) | HTML Full-text | XML Full-text
Abstract
In recent years, the Internet of Things (IoT) has found wide application and attracted much attention. Since most of the end-terminals in IoT have limited capabilities for storage and computing, it has become a trend to outsource the data from local to cloud [...] Read more.
In recent years, the Internet of Things (IoT) has found wide application and attracted much attention. Since most of the end-terminals in IoT have limited capabilities for storage and computing, it has become a trend to outsource the data from local to cloud computing. To further reduce the communication bandwidth and storage space, data deduplication has been widely adopted to eliminate the redundant data. However, since data collected in IoT are sensitive and closely related to users’ personal information, the privacy protection of users’ information becomes a challenge. As the channels, like the wireless channels between the terminals and the cloud servers in IoT, are public and the cloud servers are not fully trusted, data have to be encrypted before being uploaded to the cloud. However, encryption makes the performance of deduplication by the cloud server difficult because the ciphertext will be different even if the underlying plaintext is identical. In this paper, we build a centralized privacy-preserving duplicate removal storage system, which supports both file-level and block-level deduplication. In order to avoid the leakage of statistical information of data, Intel Software Guard Extensions (SGX) technology is utilized to protect the deduplication process on the cloud server. The results of the experimental analysis demonstrate that the new scheme can significantly improve the deduplication efficiency and enhance the security. It is envisioned that the duplicated removal system with privacy preservation will be of great use in the centralized storage environment of IoT. Full article
(This article belongs to the Special Issue Threat Identification and Defence for Internet-of-Things)
Figures

Figure 1

Open AccessArticle An Identity-Based Anti-Quantum Privacy-Preserving Blind Authentication in Wireless Sensor Networks
Sensors 2018, 18(5), 1663; https://doi.org/10.3390/s18051663
Received: 15 April 2018 / Revised: 18 May 2018 / Accepted: 19 May 2018 / Published: 22 May 2018
Cited by 6 | PDF Full-text (788 KB) | HTML Full-text | XML Full-text
Abstract
With the development of wireless sensor networks, IoT devices are crucial for the Smart City; these devices change people’s lives such as e-payment and e-voting systems. However, in these two systems, the state-of-art authentication protocols based on traditional number theory cannot defeat a [...] Read more.
With the development of wireless sensor networks, IoT devices are crucial for the Smart City; these devices change people’s lives such as e-payment and e-voting systems. However, in these two systems, the state-of-art authentication protocols based on traditional number theory cannot defeat a quantum computer attack. In order to protect user privacy and guarantee trustworthy of big data, we propose a new identity-based blind signature scheme based on number theorem research unit lattice, this scheme mainly uses a rejection sampling theorem instead of constructing a trapdoor. Meanwhile, this scheme does not depend on complex public key infrastructure and can resist quantum computer attack. Then we design an e-payment protocol using the proposed scheme. Furthermore, we prove our scheme is secure in the random oracle, and satisfies confidentiality, integrity, and non-repudiation. Finally, we demonstrate that the proposed scheme outperforms the other traditional existing identity-based blind signature schemes in signing speed and verification speed, outperforms the other lattice-based blind signature in signing speed, verification speed, and signing secret key size. Full article
(This article belongs to the Special Issue Threat Identification and Defence for Internet-of-Things)
Figures

Figure 1

Sensors EISSN 1424-8220 Published by MDPI AG, Basel, Switzerland RSS E-Mail Table of Contents Alert
Back to Top