Special Issue "Symmetry and Asymmetry Applications for Internet of Things Security and Privacy"

A special issue of Symmetry (ISSN 2073-8994).

Deadline for manuscript submissions: 15 March 2019

Special Issue Editors

Guest Editor
Dr. Weizhi Meng

Technical University of Denmark, Denmark
Website | E-Mail
Interests: Cyber Security; Malware and Vulnerability Analysis; Intrusion Detection; Biometric Authentication and Security; Trust Computation
Guest Editor
Dr. Georgios Kambourakis

Department of Information and Communication Systems Engineering, University of the Aegean, Samos, Greece
Website | E-Mail
Fax: +30 22730 82009
Interests: mobile and wireless communication systems security and privacy; VoIP security and privacy; mobile medical systems security and privacy; e-learning and m-learning security; DNS Security

Special Issue Information

Dear Colleagues,

Nowadays, embedded systems have become an essential part of modern life. It is predicted that, in the near future, over 90% of computer applications will be embedded systems, and most of them will be small in size, with very low power consumption and high performance. Embedded systems is the keystone for the realization and deployment of a plethora of Internet of Things (IoT) products and applications for both consumer and industrial markets. In fact, the ability of “things” (along with sensors and actuators) to inter-operate within the existing Internet infrastructure paves the way toward the Internet of Everything (IoE), and gives momentum to modern technologies, including smart grids, smart homes, intelligent transportation, and smart cities.

However, IoT brings along major challenges regarding the security and privacy of the underlying systems and processes. For instance, certain IoT applications can be tightly linked to sensitive infrastructures and strategic services, such as the distribution of water and electricity. The array of challenges include ways to securing constrained objects, authenticate and authorize objects, manage object updates, secure communication, safeguard data privacy and integrity, detect and manage vulnerabilities, incidents, etc. These challenges are expected to worsen due to several reasons pertaining to a) the number of these “things”, which is expected to reach 30 billion objects by 2020, b) the unattended, complex, and often hostile environments in which these objects frequently operate, c) the complexity of the hardware/software IoT platforms and the communication processes involving both human-to-machine and machine-to-machine interactions, and d) the absence of standardization.

The goal of this special issue is to address the aforementioned challenges and foster the

dissemination of the latest technologies, solutions, case studies, and prototypes regarding IoT

security and privacy. Only high-quality articles describing previously unpublished, original, state-of-the-art research, and not currently under review by a conference or journal will be considered.

Dr. Weizhi Meng
Dr. Georgios Kambourakis
Guest Editors

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All papers will be peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Symmetry is an international peer-reviewed open access monthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 1200 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • Post-quantum security for IoT
  • Secure design for IoT
  • Efficient implementation of cryptographic algorithms; Side-channel analysis for IoT devices
  • Security analysis and audit for IoT
  • Privacy and anonymization techniques in IoT
  • Trust management architectures
  • Lightweight security solutions
  • Survivability and performance modelling for IoT Encryption, authentication, availability assurance for IoT
  • Authentication and access control in IoT Identification and biometrics in IoT
  • Formal methods Symmetry technologies for IoT
  • Asymmetry technologies for IoT Intrusion detection and prevention techniques for IoT

Published Papers (4 papers)

View options order results:
result details:
Displaying articles 1-4
Export citation of selected articles as:

Research

Open AccessFeature PaperArticle IoT Application-Layer Protocol Vulnerability Detection using Reverse Engineering
Symmetry 2018, 10(11), 561; https://doi.org/10.3390/sym10110561
Received: 25 September 2018 / Revised: 25 October 2018 / Accepted: 26 October 2018 / Published: 1 November 2018
PDF Full-text (331 KB) | HTML Full-text | XML Full-text
Abstract
Fuzzing is regarded as the most promising method for protocol vulnerabilities discovering in network security of Internet of Things (IoT). However, one fatal drawback of existing fuzzing methods is that a huge number of test files are required to maintain a high test
[...] Read more.
Fuzzing is regarded as the most promising method for protocol vulnerabilities discovering in network security of Internet of Things (IoT). However, one fatal drawback of existing fuzzing methods is that a huge number of test files are required to maintain a high test coverage. In this paper, a novel method based on protocol reverse engineering is proposed to reduce the amount of test files for fuzzing. The proposed method uses techniques in the field of protocol reverse engineering to identify message formats of IoT application-layer protocol and create test files by generating messages with error fields according to message formats. The protocol message treated as a sequence of bytes is assumed to obey a statistic process with change-points indicating the boundaries of message fields. Then, a multi-change-point detection procedure is introduced to identify change-points of byte sequences according to their statistic properties and divide them into segments according to their change-points. The message segments are further processed via a position-based occurrence probability test analysis to identify keyword fields, data fields and uncertain fields. Finally, a message generation procedure with mutation operation on message fields is applied to construct test files for fuzzing test. The results show that the proposed method can effectively find out the message fields and significantly reduce the amount of test files for fuzzing test. Full article
Figures

Figure 1

Open AccessArticle Authentication with What You See and Remember in the Internet of Things
Symmetry 2018, 10(11), 537; https://doi.org/10.3390/sym10110537
Received: 7 August 2018 / Revised: 1 October 2018 / Accepted: 22 October 2018 / Published: 23 October 2018
PDF Full-text (2474 KB) | HTML Full-text | XML Full-text
Abstract
The Internet-of-Things (IoT) is an emerging paradigm seamlessly integrating a great number of smart objects ubiquitously connected to the Internet. With the rise in interest in the IoT, industry and academia have introduced a variety of authentication technologies to deal with security challenges.
[...] Read more.
The Internet-of-Things (IoT) is an emerging paradigm seamlessly integrating a great number of smart objects ubiquitously connected to the Internet. With the rise in interest in the IoT, industry and academia have introduced a variety of authentication technologies to deal with security challenges. Authentication in IoT involves not only shifting intelligent access control down to the end smart objects, but also user identification and verification. In this paper, we build an authentication system based on brainwave reactions to a chain of events. Brainwaves, as external signals of a functioning brain, provide a glimpse into how we think and react. However, seen another way, we could reasonably expect that a given action or event could be linked back to its corresponding brainwave reaction. Recently, commercial products in the form of wearable brainwave headsets have appeared on the market, opening up the possibility of exploiting brainwaves for various purposes and making this more feasible. In the proposed system, we use a commercially available brainwave headset to collect brainwave data from participants for use in the proposed authentication system. After the brainwave data collection process, we apply a machine learning-based approach to extract features from brainwaves to serve as authentication tokens in the system and support the authentication system itself. Full article
Figures

Figure 1

Open AccessArticle Intersection Traffic Prediction Using Decision Tree Models
Symmetry 2018, 10(9), 386; https://doi.org/10.3390/sym10090386
Received: 19 August 2018 / Revised: 2 September 2018 / Accepted: 3 September 2018 / Published: 7 September 2018
PDF Full-text (1630 KB) | HTML Full-text | XML Full-text
Abstract
Traffic prediction is a critical task for intelligent transportation systems (ITS). Prediction at intersections is challenging as it involves various participants, such as vehicles, cyclists, and pedestrians. In this paper, we propose a novel approach for the accurate intersection traffic prediction by introducing
[...] Read more.
Traffic prediction is a critical task for intelligent transportation systems (ITS). Prediction at intersections is challenging as it involves various participants, such as vehicles, cyclists, and pedestrians. In this paper, we propose a novel approach for the accurate intersection traffic prediction by introducing extra data sources other than road traffic volume data into the prediction model. In particular, we take advantage of the data collected from the reports of road accidents and roadworks happening near the intersections. In addition, we investigate two types of learning schemes, namely batch learning and online learning. Three popular ensemble decision tree models are used in the batch learning scheme, including Gradient Boosting Regression Trees (GBRT), Random Forest (RF) and Extreme Gradient Boosting Trees (XGBoost), while the Fast Incremental Model Trees with Drift Detection (FIMT-DD) model is adopted for the online learning scheme. The proposed approach is evaluated using public data sets released by the Victorian Government of Australia. The results indicate that the accuracy of intersection traffic prediction can be improved by incorporating nearby accidents and roadworks information. Full article
Figures

Figure 1

Open AccessArticle False Data Injection Attack Based on Hyperplane Migration of Support Vector Machine in Transmission Network of the Smart Grid
Symmetry 2018, 10(5), 165; https://doi.org/10.3390/sym10050165
Received: 8 April 2018 / Revised: 13 May 2018 / Accepted: 14 May 2018 / Published: 15 May 2018
PDF Full-text (3297 KB) | HTML Full-text | XML Full-text
Abstract
The smart grid is a key piece of infrastructure and its security has attracted widespread attention. The false data injection (FDI) attack is one of the important research issues in the field of smart grid security. Because this kind of attack has a
[...] Read more.
The smart grid is a key piece of infrastructure and its security has attracted widespread attention. The false data injection (FDI) attack is one of the important research issues in the field of smart grid security. Because this kind of attack has a great impact on the safe and stable operation of the smart grid, many effective detection methods have been proposed, such as an FDI detector based on the support vector machine (SVM). In this paper, we first analyze the problem existing in the detector based on SVM. Then, we propose a new attack method to reduce the detection effect of the FDI detector based on SVM and give a proof. The core of the method is that the FDI detector based on SVM cannot detect the attack vectors which are specially constructed and can replace the attack vectors into the training set when it is updated. Therefore, the training set is changed and then the next training result will be affected. With the increase of the number of the attack vectors which are injected into the positive space, the hyperplane moves to the side of the negative space, and the detection effect of the FDI detector based on SVM is reduced. Finally, we analyze the impact of different data injection modes for training results. Simulation experiments show that this attack method can impact the effectiveness of the FDI detector based on SVM. Full article
Figures

Figure 1

Back to Top