Special Issue "Symmetry and Asymmetry Applications for Internet of Things Security and Privacy"

A special issue of Symmetry (ISSN 2073-8994).

Deadline for manuscript submissions: 15 September 2019

Special Issue Editors

Guest Editor
Dr. Weizhi Meng

Technical University of Denmark, Denmark
Website | E-Mail
Interests: Cyber Security; Malware and Vulnerability Analysis; Intrusion Detection; Biometric Authentication and Security; Trust Computation
Guest Editor
Dr. Georgios Kambourakis

Department of Information and Communication Systems Engineering, University of the Aegean, Samos, Greece
Website | E-Mail
Fax: +30 22730 82009
Interests: mobile and wireless communication systems security and privacy; VoIP security and privacy; mobile medical systems security and privacy; e-learning and m-learning security; DNS Security

Special Issue Information

Dear Colleagues,

Nowadays, embedded systems have become an essential part of modern life. It is predicted that, in the near future, over 90% of computer applications will be embedded systems, and most of them will be small in size, with very low power consumption and high performance. Embedded systems is the keystone for the realization and deployment of a plethora of Internet of Things (IoT) products and applications for both consumer and industrial markets. In fact, the ability of “things” (along with sensors and actuators) to inter-operate within the existing Internet infrastructure paves the way toward the Internet of Everything (IoE), and gives momentum to modern technologies, including smart grids, smart homes, intelligent transportation, and smart cities.

However, IoT brings along major challenges regarding the security and privacy of the underlying systems and processes. For instance, certain IoT applications can be tightly linked to sensitive infrastructures and strategic services, such as the distribution of water and electricity. The array of challenges include ways to securing constrained objects, authenticate and authorize objects, manage object updates, secure communication, safeguard data privacy and integrity, detect and manage vulnerabilities, incidents, etc. These challenges are expected to worsen due to several reasons pertaining to a) the number of these “things”, which is expected to reach 30 billion objects by 2020, b) the unattended, complex, and often hostile environments in which these objects frequently operate, c) the complexity of the hardware/software IoT platforms and the communication processes involving both human-to-machine and machine-to-machine interactions, and d) the absence of standardization.

The goal of this special issue is to address the aforementioned challenges and foster the

dissemination of the latest technologies, solutions, case studies, and prototypes regarding IoT

security and privacy. Only high-quality articles describing previously unpublished, original, state-of-the-art research, and not currently under review by a conference or journal will be considered.

Dr. Weizhi Meng
Dr. Georgios Kambourakis
Guest Editors

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All papers will be peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Symmetry is an international peer-reviewed open access monthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 1400 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • Post-quantum security for IoT
  • Secure design for IoT
  • Efficient implementation of cryptographic algorithms; Side-channel analysis for IoT devices
  • Security analysis and audit for IoT
  • Privacy and anonymization techniques in IoT
  • Trust management architectures
  • Lightweight security solutions
  • Survivability and performance modelling for IoT Encryption, authentication, availability assurance for IoT
  • Authentication and access control in IoT Identification and biometrics in IoT
  • Formal methods Symmetry technologies for IoT
  • Asymmetry technologies for IoT Intrusion detection and prevention techniques for IoT

Published Papers (8 papers)

View options order results:
result details:
Displaying articles 1-8
Export citation of selected articles as:

Research

Open AccessArticle Quantum-Resistant Identity-Based Signature with Message Recovery and Proxy Delegation
Symmetry 2019, 11(2), 272; https://doi.org/10.3390/sym11020272
Received: 12 January 2019 / Revised: 16 February 2019 / Accepted: 17 February 2019 / Published: 20 February 2019
PDF Full-text (359 KB) | HTML Full-text | XML Full-text
Abstract
Digital signature with proxy delegation, which is a secure ownership enforcement tool, allows an original signer to delegate signature rights to a third party called proxy, so that the proxy can sign messages on behalf of the original signer. Many real-world applications make [...] Read more.
Digital signature with proxy delegation, which is a secure ownership enforcement tool, allows an original signer to delegate signature rights to a third party called proxy, so that the proxy can sign messages on behalf of the original signer. Many real-world applications make use of this secure mechanism, e.g., digital property transfer. A traditional digital signature mechanism is required to bind a message and its signature together for verification. This may yield extra cost in bandwidth while the sizes of message and signature are relatively huge. Message recovery signature, enabling to reduce the cost of bandwidth, embeds a message into the corresponding signature; therefore, only the signature will be transmitted to the verifier and the message can further be recovered from the signature. In this paper, we, for the first time, propose a novel digital signature scheme in the identity-based context with proxy delegation and message recovery features and, more importantly, our scheme is quantum resistant, in a particular lattice-based signature. Our scheme achieves delegation information and signature existential unforgeability against adaptive chosen warrant and identity. Compared with the seminal lattice-based message recovery signature, our scheme is independent from public key infrastructure, realizes delegation transfer of signature rights, and compresses signature length ulteriorly. To the best of our knowledge, this paper is the first of its type. Full article
Figures

Figure 1

Open AccessArticle MoSa: A Modeling and Sentiment Analysis System for Mobile Application Big Data
Symmetry 2019, 11(1), 115; https://doi.org/10.3390/sym11010115
Received: 7 December 2018 / Revised: 15 January 2019 / Accepted: 16 January 2019 / Published: 19 January 2019
PDF Full-text (3376 KB) | HTML Full-text | XML Full-text
Abstract
The development of mobile internet has led to a massive amount of data being generated from mobile devices daily, which has become a source for analyzing human behavior and trends in public sentiment. In this paper, we build a system called MoSa (Mobile [...] Read more.
The development of mobile internet has led to a massive amount of data being generated from mobile devices daily, which has become a source for analyzing human behavior and trends in public sentiment. In this paper, we build a system called MoSa (Mobile Sentiment analysis) to analyze this data. In this system, sentiment analysis is used to analyze news comments on the THAAD (Terminal High Altitude Area Defense) event from Toutiao by employing algorithms to calculate the sentiment value of the comment. This paper is based on HowNet; after the comparison of different sentiment dictionaries, we discover that the method proposed in this paper, which use a mixed sentiment dictionary, has a higher accuracy rate in its analysis of comment sentiment tendency. We then statistically analyze the relevant attributes of the comments and their sentiment values and discover that the standard deviation of the comments’ sentiment value can quickly reflect sentiment changes among the public. Besides that, we also derive some special models from the data that can reflect some specific characteristics. We find that the intrinsic characteristics of situational awareness have implicit symmetry. By using our system, people can obtain some practical results to guide interaction design in applications including mobile Internet, social networks, and blockchain based crowdsourcing. Full article
Figures

Figure 1

Open AccessArticle A DRDoS Detection and Defense Method Based on Deep Forest in the Big Data Environment
Symmetry 2019, 11(1), 78; https://doi.org/10.3390/sym11010078
Received: 23 November 2018 / Revised: 26 December 2018 / Accepted: 27 December 2018 / Published: 11 January 2019
PDF Full-text (5500 KB) | HTML Full-text | XML Full-text
Abstract
Distributed Denial of Service (DDoS) has developed multiple variants, one of which is Distributed Reflective Denial of Service (DRDoS). With the increasing number of Internet of Things (IoT) devices, the threat of DRDoS attack is growing, and the damage of a DRDoS attack [...] Read more.
Distributed Denial of Service (DDoS) has developed multiple variants, one of which is Distributed Reflective Denial of Service (DRDoS). With the increasing number of Internet of Things (IoT) devices, the threat of DRDoS attack is growing, and the damage of a DRDoS attack is more destructive than other types. The existing DDoS detection methods cannot be generalized in DRDoS early detection, which leads to heavy load or degradation of service when deployed at the final point. In this paper, we propose a DRDoS detection and defense method based on deep forest model (DDDF), and then we integrate differentiated service into defense model to filter out DRDoS attack flow. Firstly, from the statistics perspective on different stages of DRDoS attack flow in the big data environment, we extract a host-based DRDoS threat index (HDTI) from the network flows. Secondly, using the HDTI feature we build a DRDoS detection and defense model based on the deep forest, which consists of 1 extreme gradient boost (XGBoost) forest estimator, 2 random forest estimators, and 2 extra random forest estimators in each layer. Lastly, the differentiated service procedure applies the detection result from DDDF to drop the traffic identified in different stages and different detection points. Theoretical analysis and experiments show that the method we proposed can effectively identify DRDoS attack with higher detection rate and a lower false alarm rate, the defense model also shows distinguishing ability to effectively eliminate the DRDoS attack flows, and dramatically mitigate the damage of a DRDoS attack. Full article
Figures

Figure 1

Open AccessArticle Developing Secure IoT Services: A Security-Oriented Review of IoT Platforms
Symmetry 2018, 10(12), 669; https://doi.org/10.3390/sym10120669
Received: 11 October 2018 / Revised: 29 October 2018 / Accepted: 30 October 2018 / Published: 27 November 2018
Cited by 1 | PDF Full-text (779 KB) | HTML Full-text | XML Full-text
Abstract
Undoubtedly, the adoption of the Internet of Things (IoT) paradigm has impacted on our every-day life, surrounding us with smart objects. Thus, the potentialities of this new market attracted the industry, so that many enterprises developed their own IoT platforms aiming at helping [...] Read more.
Undoubtedly, the adoption of the Internet of Things (IoT) paradigm has impacted on our every-day life, surrounding us with smart objects. Thus, the potentialities of this new market attracted the industry, so that many enterprises developed their own IoT platforms aiming at helping IoT services’ developers. In the multitude of possible platforms, selecting the most suitable to implement a specific service is not straightforward, especially from a security perspective. This paper analyzes some of the most prominent proposals in the IoT platforms market-place, performing an in-depth security comparison using five common criteria. These criteria are detailed in sub-criteria, so that they can be used as a baseline for the development of a secure IoT service. Leveraging the knowledge gathered from our in-depth study, both researchers and developers may select the IoT platform which best fits their needs. Additionally, an IoT service for monitoring commercial flights is implemented in two previously analyzed IoT platforms, giving an adequate detail level to represent a solid guideline for future IoT developers. Full article
Figures

Figure 1

Open AccessFeature PaperArticle IoT Application-Layer Protocol Vulnerability Detection using Reverse Engineering
Symmetry 2018, 10(11), 561; https://doi.org/10.3390/sym10110561
Received: 25 September 2018 / Revised: 25 October 2018 / Accepted: 26 October 2018 / Published: 1 November 2018
Cited by 1 | PDF Full-text (331 KB) | HTML Full-text | XML Full-text
Abstract
Fuzzing is regarded as the most promising method for protocol vulnerabilities discovering in network security of Internet of Things (IoT). However, one fatal drawback of existing fuzzing methods is that a huge number of test files are required to maintain a high test [...] Read more.
Fuzzing is regarded as the most promising method for protocol vulnerabilities discovering in network security of Internet of Things (IoT). However, one fatal drawback of existing fuzzing methods is that a huge number of test files are required to maintain a high test coverage. In this paper, a novel method based on protocol reverse engineering is proposed to reduce the amount of test files for fuzzing. The proposed method uses techniques in the field of protocol reverse engineering to identify message formats of IoT application-layer protocol and create test files by generating messages with error fields according to message formats. The protocol message treated as a sequence of bytes is assumed to obey a statistic process with change-points indicating the boundaries of message fields. Then, a multi-change-point detection procedure is introduced to identify change-points of byte sequences according to their statistic properties and divide them into segments according to their change-points. The message segments are further processed via a position-based occurrence probability test analysis to identify keyword fields, data fields and uncertain fields. Finally, a message generation procedure with mutation operation on message fields is applied to construct test files for fuzzing test. The results show that the proposed method can effectively find out the message fields and significantly reduce the amount of test files for fuzzing test. Full article
Figures

Figure 1

Open AccessArticle Authentication with What You See and Remember in the Internet of Things
Symmetry 2018, 10(11), 537; https://doi.org/10.3390/sym10110537
Received: 7 August 2018 / Revised: 1 October 2018 / Accepted: 22 October 2018 / Published: 23 October 2018
Cited by 2 | PDF Full-text (2474 KB) | HTML Full-text | XML Full-text
Abstract
The Internet-of-Things (IoT) is an emerging paradigm seamlessly integrating a great number of smart objects ubiquitously connected to the Internet. With the rise in interest in the IoT, industry and academia have introduced a variety of authentication technologies to deal with security challenges. [...] Read more.
The Internet-of-Things (IoT) is an emerging paradigm seamlessly integrating a great number of smart objects ubiquitously connected to the Internet. With the rise in interest in the IoT, industry and academia have introduced a variety of authentication technologies to deal with security challenges. Authentication in IoT involves not only shifting intelligent access control down to the end smart objects, but also user identification and verification. In this paper, we build an authentication system based on brainwave reactions to a chain of events. Brainwaves, as external signals of a functioning brain, provide a glimpse into how we think and react. However, seen another way, we could reasonably expect that a given action or event could be linked back to its corresponding brainwave reaction. Recently, commercial products in the form of wearable brainwave headsets have appeared on the market, opening up the possibility of exploiting brainwaves for various purposes and making this more feasible. In the proposed system, we use a commercially available brainwave headset to collect brainwave data from participants for use in the proposed authentication system. After the brainwave data collection process, we apply a machine learning-based approach to extract features from brainwaves to serve as authentication tokens in the system and support the authentication system itself. Full article
Figures

Figure 1

Open AccessArticle Intersection Traffic Prediction Using Decision Tree Models
Symmetry 2018, 10(9), 386; https://doi.org/10.3390/sym10090386
Received: 19 August 2018 / Revised: 2 September 2018 / Accepted: 3 September 2018 / Published: 7 September 2018
Cited by 1 | PDF Full-text (1630 KB) | HTML Full-text | XML Full-text
Abstract
Traffic prediction is a critical task for intelligent transportation systems (ITS). Prediction at intersections is challenging as it involves various participants, such as vehicles, cyclists, and pedestrians. In this paper, we propose a novel approach for the accurate intersection traffic prediction by introducing [...] Read more.
Traffic prediction is a critical task for intelligent transportation systems (ITS). Prediction at intersections is challenging as it involves various participants, such as vehicles, cyclists, and pedestrians. In this paper, we propose a novel approach for the accurate intersection traffic prediction by introducing extra data sources other than road traffic volume data into the prediction model. In particular, we take advantage of the data collected from the reports of road accidents and roadworks happening near the intersections. In addition, we investigate two types of learning schemes, namely batch learning and online learning. Three popular ensemble decision tree models are used in the batch learning scheme, including Gradient Boosting Regression Trees (GBRT), Random Forest (RF) and Extreme Gradient Boosting Trees (XGBoost), while the Fast Incremental Model Trees with Drift Detection (FIMT-DD) model is adopted for the online learning scheme. The proposed approach is evaluated using public data sets released by the Victorian Government of Australia. The results indicate that the accuracy of intersection traffic prediction can be improved by incorporating nearby accidents and roadworks information. Full article
Figures

Figure 1

Open AccessArticle False Data Injection Attack Based on Hyperplane Migration of Support Vector Machine in Transmission Network of the Smart Grid
Symmetry 2018, 10(5), 165; https://doi.org/10.3390/sym10050165
Received: 8 April 2018 / Revised: 13 May 2018 / Accepted: 14 May 2018 / Published: 15 May 2018
PDF Full-text (3297 KB) | HTML Full-text | XML Full-text
Abstract
The smart grid is a key piece of infrastructure and its security has attracted widespread attention. The false data injection (FDI) attack is one of the important research issues in the field of smart grid security. Because this kind of attack has a [...] Read more.
The smart grid is a key piece of infrastructure and its security has attracted widespread attention. The false data injection (FDI) attack is one of the important research issues in the field of smart grid security. Because this kind of attack has a great impact on the safe and stable operation of the smart grid, many effective detection methods have been proposed, such as an FDI detector based on the support vector machine (SVM). In this paper, we first analyze the problem existing in the detector based on SVM. Then, we propose a new attack method to reduce the detection effect of the FDI detector based on SVM and give a proof. The core of the method is that the FDI detector based on SVM cannot detect the attack vectors which are specially constructed and can replace the attack vectors into the training set when it is updated. Therefore, the training set is changed and then the next training result will be affected. With the increase of the number of the attack vectors which are injected into the positive space, the hyperplane moves to the side of the negative space, and the detection effect of the FDI detector based on SVM is reduced. Finally, we analyze the impact of different data injection modes for training results. Simulation experiments show that this attack method can impact the effectiveness of the FDI detector based on SVM. Full article
Figures

Figure 1

Symmetry EISSN 2073-8994 Published by MDPI AG, Basel, Switzerland RSS E-Mail Table of Contents Alert
Back to Top