sensors-logo

Journal Browser

Journal Browser

Special Issue "Security and Privacy in Internet of Things"

A special issue of Sensors (ISSN 1424-8220). This special issue belongs to the section "Sensor Networks".

Deadline for manuscript submissions: closed (15 August 2019).

Special Issue Editors

Dr. Alexandros Fragkiadakis
Website
Guest Editor
Institute of Computer Science, FORTH, Heraklion GR-700 13, Greece
Interests: Internet of Things; security and privacy; wireless communications; blockchain; wireless sensor networks
Dr. Elias Tragos
Website
Guest Editor
Insight Centre for Data Analytics, University College Dublin, Ireland
Interests: Internet of Things, Security, Privacy and Trust, Distributed Artificial Intelligence, Recommender Systems, Wireless and Mobile Communications

Special Issue Information

Dear Colleagues,

Internet-of-Things (IoT) technologies and applications are increasingly contributing to the improvement of people’s lives, providing novel solutions to a number of areas (smart cities, precision agriculture, healthcare, etc.). Moreover, IoT technologies (for monitoring purposes) are used in critical infrastructures including smart electricity grids, hospitals, etc. Several forecasts predict a $427B of the global IoT market with over 30 billion of connected devices.

This rapid proliferation of the IoT has attracted numerous cyber-criminals with various motives (industrial espionage, ransom, etc.) who continuously attempt to exploit IoT devices and communication protocols’ vulnerabilities. If successful, IoT attacks can be devastating, causing significant financial loss and creating barriers to the further adoption of IoT by the general public.

IoT security, as a general concept, is of paramount importance, not only for the protection of the IoT infrastructures in terms of data integrity, confidentiality and non-repudiation, but also for protecting users’ privacy. Traditional wireless sensor networks have evolved towards the IoT offering new opportunities for smart applications for citizens and industries. The IoT market has been flooded with "smart products" in every domain: home, automotive, agriculture, water, environment, etc. Most of these products are quite innovative but they lack security and privacy mechanisms to protect the communication and the user data.

It is evident that the IoT raises new challenges regarding security and privacy. Our everyday life is nowadays governed by large numbers of connected devices deployed everywhere around us, e.g. in homes, offices, on the street, monitoring the everyday activities of citizens. Current centralized IoT frameworks are not capable of fully protecting user privacy, mainly because user data are all gathered in one central point, which can become a single point of failure/attack. To address this, there is a need to focus on decentralized or distributed security frameworks for the IoT, i.e. using blockchain.

This Special Issue focuses on the following topics (but not limited to):

  • Lightweight key management and distribution for the IoT
  • Secure and lightweight hash functions for the IoT
  • Micro-certificates for the IoT
  • Secure cryptographic key storage for the IoT
  • Digital signatures for the IoT
  • Identity management for the IoT
  • Secure recommender systems for the IoT
  • Authorization and access control for the IoT
  • Embedded security for the IoT
  • Trusted execution environment for the IoT
  • Distributed ledger technology for secure IoT applications
  • Physical unclonable functions for device authentication
  • Secure routing for the IoT
  • Intrusion detection and mitigation techniques for the IoT
  • Privacy enhancing techniques for the IoT

Dr. Alexandros Fragkiadakis
Dr. Elias Z. Tragos
Guest Editors

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All papers will be peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Sensors is an international peer-reviewed open access semimonthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 2000 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Published Papers (8 papers)

Order results
Result details
Select all
Export citation of selected articles as:

Research

Open AccessArticle
Privacy Engineering for Domestic IoT: Enabling Due Diligence
Sensors 2019, 19(20), 4380; https://doi.org/10.3390/s19204380 - 10 Oct 2019
Abstract
The EU’s General Data Protection Regulation (GDPR) has recently come into effect and insofar as Internet of Things (IoT) applications touch EU citizens or their data, developers are obliged to exercise due diligence and ensure they undertake Data Protection by Design and Default [...] Read more.
The EU’s General Data Protection Regulation (GDPR) has recently come into effect and insofar as Internet of Things (IoT) applications touch EU citizens or their data, developers are obliged to exercise due diligence and ensure they undertake Data Protection by Design and Default (DPbD). GDPR mandates the use of Data Protection Impact Assessments (DPIAs) as a key heuristic enabling DPbD. However, research has shown that developers generally lack the competence needed to deal effectively with legal aspects of privacy management and that the difficulties of complying with regulation are likely to grow considerably. Privacy engineering seeks to shift the focus from interpreting texts and guidelines or consulting legal experts to embedding data protection within the development process itself. There are, however, few examples in practice. We present a privacy-oriented, flow-based integrated development environment (IDE) for building domestic IoT applications. The IDE enables due diligence in (a) helping developers reason about personal data during the actual in vivo construction of IoT applications; (b) advising developers as to whether or not the design choices they are making occasion the need for a DPIA; and (c) attaching and making available to others (including data processors, data controllers, data protection officers, users and supervisory authorities) specific privacy-related information that has arisen during an application’s development. Full article
(This article belongs to the Special Issue Security and Privacy in Internet of Things)
Show Figures

Figure 1

Open AccessArticle
An Aggregate Signature Scheme Based on a Trapdoor Hash Function for the Internet of Things
Sensors 2019, 19(19), 4239; https://doi.org/10.3390/s19194239 - 29 Sep 2019
Cited by 1
Abstract
With the rapid development of the Internet of Things (IoT), it becomes challenging to ensure its security. Identity authentication and integrity verification can be achieved by secure hash functions and digital signature algorithms for IoT applications. In order to solve the issues of [...] Read more.
With the rapid development of the Internet of Things (IoT), it becomes challenging to ensure its security. Identity authentication and integrity verification can be achieved by secure hash functions and digital signature algorithms for IoT applications. In order to solve the issues of bandwidth limitation and computational efficiency of secure communication in IoT applications, an aggregate signature scheme based on multi- trapdoor hash function is proposed in this paper. Firstly, to prevent key exposition, based on the elliptic curve discrete logarithm problem (ECDLP), we constructed a double trapdoor hash function (DTH) and proved its reliability. Secondly, the multi-trapdoor hash function (MTH) based on DTH is presented. Finally, an MTH-based aggregate signature scheme (MTH-AS) with constant signature length is proposed. Based on the assumption of ECDLP, the proposed scheme is proven unforgeable against adaptive chosen message attacks with the Forking Lemma. Different from the most signature schemes with bilinear mapping, the proposed scheme has higher computational efficiency and shorter aggregate signature length. Moreover, it is independent of the number of signers. Security analysis and performance evaluation has revealed that the proposed scheme is an ideal solution for secure IoT applications with limited computing power, storage capacity, or limited bandwidth, such as wireless sensor networks, vehicular ad hoc networks, or healthcare sensor networks. Full article
(This article belongs to the Special Issue Security and Privacy in Internet of Things)
Show Figures

Graphical abstract

Open AccessArticle
Identity-Based Encryption with Filtered Equality Test for Smart City Applications
Sensors 2019, 19(14), 3046; https://doi.org/10.3390/s19143046 - 10 Jul 2019
Abstract
With the growth of the urban population, the rapid development of smart cities has become the focus of urban regional development. Smart medical care is an indispensable part of smart city construction, which promotes the development of the medical industry. However, the security [...] Read more.
With the growth of the urban population, the rapid development of smart cities has become the focus of urban regional development. Smart medical care is an indispensable part of smart city construction, which promotes the development of the medical industry. However, the security of data and timely service are the current problems faced by intelligent medical systems. Based on the public key encryption with filtered equality test and identity-based cryptography, an identity-based encryption with the filtered equality test (IBE-FET) is proposed for smart healthcare, in which a data receiver can use the private key and the message set to generate a warrant and send it to the cloud server. A cloud server can verify the equality between ciphertexts without decryption and check whether the encrypted message belongs to the same message set. Furthermore, the security analysis shows that the proposed scheme satisfies one-way security against the chosen identity and ciphertext attack in the random oracle model under the computational bilinear Diffie-Hellman assumption. The performance comparison shows that the scheme is feasible and practical in real life. Full article
(This article belongs to the Special Issue Security and Privacy in Internet of Things)
Show Figures

Figure 1

Open AccessArticle
Real-Time Secure/Unsecure Video Latency Measurement/Analysis with FPGA-Based Bump-in-the-Wire Security
Sensors 2019, 19(13), 2984; https://doi.org/10.3390/s19132984 - 06 Jul 2019
Cited by 1
Abstract
With the growth of the internet of things (IoT), many challenges like information security and privacy, interoperability/standard, and regulatory and legal issues are arising. This work focused on the information security issue, which is one of the primary challenges faced by connected systems [...] Read more.
With the growth of the internet of things (IoT), many challenges like information security and privacy, interoperability/standard, and regulatory and legal issues are arising. This work focused on the information security issue, which is one of the primary challenges faced by connected systems that needs to be resolved without impairing system behaviour. Information, which is made available on the Internet by the things, varies from insensitive information (e.g., readings from outdoor temperature sensors) to extremely sensitive information (e.g., video stream from a camera) and needs to be secured over the Internet. Things which utilise cameras as a source of information pertain to a subclass of the IoT called IoVT (internet of video things). This paper presents secured and unsecured video latency measurement results over the Internet for a marine ROV (remotely operated vehicle). A LabVIEW field programmable gate arrays (FPGAs)-based bump-in-the-wire (BITW) secure core is used to provide an AES (advanced encryption standard)-enabled security feature on the video stream of an IoVT node (ROV equipped with a live-feed camera). The designed LabVIEW-based software architecture provides an option to enable/disable the AES encryption for the video transmission. The latency effects of embedding encryption on the stream with real-time constraints are measured and presented. It is found that the encryption mechanism used does not greatly influence the video feedback performance of the observed IoVT node, which is critical for real-time secure video communication for ROV remote control and piloting. The video latency measurement results are taken using 128, 256 and 512 bytes block lengths of AES for both H.264 and MJPEG encoding schemes transmitted over both TCP and UDP transmission protocols. The latency measurement is performed in two scenarios (i.e., with matching equipment and different equipment on either end of the transmission). Full article
(This article belongs to the Special Issue Security and Privacy in Internet of Things)
Show Figures

Figure 1

Open AccessArticle
A Lightweight RFID Mutual Authentication Protocol with PUF
Sensors 2019, 19(13), 2957; https://doi.org/10.3390/s19132957 - 04 Jul 2019
Cited by 2
Abstract
Radio frequency identification is one of the key techniques for Internet of Things, which has been widely adopted in many applications for identification. However, there exist various security and privacy issues in radio frequency identification (RFID) systems. Particularly, one of the most serious [...] Read more.
Radio frequency identification is one of the key techniques for Internet of Things, which has been widely adopted in many applications for identification. However, there exist various security and privacy issues in radio frequency identification (RFID) systems. Particularly, one of the most serious threats is to clone tags for the goal of counterfeiting goods, which causes great loss and danger to customers. To solve these issues, lots of authentication protocols are proposed based on physical unclonable functions that can ensure an anti-counterfeiting feature. However, most of the existing schemes require secret parameters to be stored in tags, which are vulnerable to physical attacks that can further lead to the breach of forward secrecy. Furthermore, as far as we know, none of the existing schemes are able to solve the security and privacy problems with good scalability. Since many existing schemes rely on exhaustive searches of the backend server to validate a tag and they are not scalable for applications with a large scale database. Hence, in this paper, we propose a lightweight RFID mutual authentication protocol with physically unclonable functions (PUFs). The performance analysis shows that our proposed scheme can ensure security and privacy efficiently in a scalable way. Full article
(This article belongs to the Special Issue Security and Privacy in Internet of Things)
Show Figures

Figure 1

Open AccessArticle
Wildcard Fields-Based Partitioning for Fast and Scalable Packet Classification in Vehicle-to-Everything
Sensors 2019, 19(11), 2563; https://doi.org/10.3390/s19112563 - 05 Jun 2019
Cited by 3
Abstract
Vehicle-to-Everything (V2X) requires high-speed communication and high-level security. However, as the number of connected devices increases exponentially, communication networks are suffering from huge traffic and various security issues. It is well known that performance and security of network equipment significantly depends on the [...] Read more.
Vehicle-to-Everything (V2X) requires high-speed communication and high-level security. However, as the number of connected devices increases exponentially, communication networks are suffering from huge traffic and various security issues. It is well known that performance and security of network equipment significantly depends on the packet classification algorithm because it is one of the most fundamental packet processing functions. Thus, the algorithm should run fast even with the huge set of packet processing rules. Unfortunately, previous packet classification algorithms have focused on the processing speed only, failing to be scalable with the rule-set size. In this paper, we propose a new packet classification approach balancing classification speed and scalability. It can be applied to most decision tree-based packet classification algorithms such as HyperCuts and EffiCuts. It determines partitioning fields considering the rule duplication explicitly, which makes the algorithm memory-effective. In addition, the proposed approach reduces the decision tree size substantially with the minimal sacrifice of classification performance. As a result, we can attain high-speed packet classification and scalability simultaneously, which is very essential for latest services such as V2X and Internet-of-Things (IoT). Full article
(This article belongs to the Special Issue Security and Privacy in Internet of Things)
Show Figures

Figure 1

Open AccessArticle
A Trajectory Privacy Preserving Scheme in the CANNQ Service for IoT
Sensors 2019, 19(9), 2190; https://doi.org/10.3390/s19092190 - 12 May 2019
Cited by 2
Abstract
Nowadays, anyone carrying a mobile device can enjoy the various location-based services provided by the Internet of Things (IoT). ‘Aggregate nearest neighbor query’ is a new type of location-based query which asks the question, ‘what is the best location for a given group [...] Read more.
Nowadays, anyone carrying a mobile device can enjoy the various location-based services provided by the Internet of Things (IoT). ‘Aggregate nearest neighbor query’ is a new type of location-based query which asks the question, ‘what is the best location for a given group of people to gather?’ There are numerous, promising applications for this type of query, but it needs to be done in a secure and private way. Therefore, a trajectory privacy-preserving scheme, based on a trusted anonymous server (TAS) is proposed. Specifically, in the snapshot queries, the TAS generates a group request that satisfies the spatial K-anonymity for the group of users—to prevent the location-based service provider (LSP) from an inference attack—and in continuous queries, the TAS determines whether the group request needs to be resent by detecting whether the users will leave their secure areas, so as to reduce the probability that the LSP reconstructs the users’ real trajectories. Furthermore, an aggregate nearest neighbor query algorithm based on strategy optimization, is adopted, to minimize the overhead of the LSP. The response speed of the results is improved by narrowing the search scope of the points of interest (POIs) and speeding up the prune of the non-nearest neighbors. The security analysis and simulation results demonstrated that our proposed scheme could protect the users’ location and trajectory privacy, and the response speed and communication overhead of the service, were superior to other peer algorithms, both in the snapshot and continuous queries. Full article
(This article belongs to the Special Issue Security and Privacy in Internet of Things)
Show Figures

Figure 1

Open AccessArticle
Towards Deep-Learning-Driven Intrusion Detection for the Internet of Things
Sensors 2019, 19(9), 1977; https://doi.org/10.3390/s19091977 - 27 Apr 2019
Cited by 14
Abstract
Cyber-attacks on the Internet of Things (IoT) are growing at an alarming rate as devices, applications, and communication networks are becoming increasingly connected and integrated. When attacks on IoT networks go undetected for longer periods, it affects availability of critical systems for end [...] Read more.
Cyber-attacks on the Internet of Things (IoT) are growing at an alarming rate as devices, applications, and communication networks are becoming increasingly connected and integrated. When attacks on IoT networks go undetected for longer periods, it affects availability of critical systems for end users, increases the number of data breaches and identity theft, drives up the costs and impacts the revenue. It is imperative to detect attacks on IoT systems in near real time to provide effective security and defense. In this paper, we develop an intelligent intrusion-detection system tailored to the IoT environment. Specifically, we use a deep-learning algorithm to detect malicious traffic in IoT networks. The detection solution provides security as a service and facilitates interoperability between various network communication protocols used in IoT. We evaluate our proposed detection framework using both real-network traces for providing a proof of concept, and using simulation for providing evidence of its scalability. Our experimental results confirm that the proposed intrusion-detection system can detect real-world intrusions effectively. Full article
(This article belongs to the Special Issue Security and Privacy in Internet of Things)
Show Figures

Figure 1

Back to TopTop