Search Results (1,437)

The rapid digital transformation of healthcare has improved clinical efficiency, patient engagement, and data accessibility, but it has also introduced significant cyber security and data privacy challenges. Healthcare IT systems increasingly rely on interconnected networks, electronic health records (EHRs), tele-medicine platforms, cloud infrastructures, and Internet of Medical Things (IoMT) devices, which collectively expand the attack surface for cyber threats. This scoping review maps and synthesizes recent evidence on cyber security risks in healthcare, including ransomware, data breaches, insider threats, and vulnerabilities in legacy systems, and examines key data privacy concerns related to patient confidentiality, regulatory compliance, and secure data governance. We also review contemporary security strategies, including encryption, multi-factor authentication, zero-trust architecture, blockchain-based approaches, AI-enabled threat detection, and compliance frameworks such as HIPAA and GDPR. Persistent challenges include integrating robust security with clinical usability, protecting resource-limited hospital environments, and managing human factors such as staff awareness and policy adherence. Overall, the findings suggest that effective healthcare cyber security requires a multi-layered defense combining technical controls, continuous monitoring, governance and regulatory alignment, and sustained organizational commitment to security culture. Future research should prioritize adaptive security models, improved standardization, and privacy-preserving analytics to protect patient data in increasingly complex healthcare ecosystems. Full article

Unmanned Aerial Vehicles (UAVs) are increasingly integrated into Internet of Things (IoT) ecosystems for applications such as surveillance, disaster response, environmental monitoring, and logistics. These missions demand reliable and secure communication between UAVs and cloud platforms for command, control, and data storage. However, UAV communication channels are highly vulnerable to eavesdropping, spoofing, and man-in-the-middle attacks due to their wireless and often long-range nature. Traditional cryptographic schemes either impose excessive computational overhead on resource-constrained UAVs or lack sufficient robustness for cloud-level security. To address this challenge, we propose a dual-layer encryption architecture that balances lightweight efficiency with strong cryptographic guarantees. Unlike prior dual-layer approaches, the proposed framework introduces a context-aware adaptive lightweight layer for UAV-to-gateway communication and a hybrid post-quantum layer for gateway-to-cloud security, enabling dynamic cipher selection, energy-aware key scheduling, and quantum-resilient key establishment. In the first layer, UAV-to-gateway communication employs a lightweight symmetric encryption scheme optimized for low latency and minimal energy consumption. In the second layer, gateway-to-cloud communication uses post-quantum asymmetric encryption to ensure resilience against emerging quantum threats. The architecture is further reinforced with optional multi-path hardening and blockchain-assisted key lifecycle management to enhance scalability and tamper-proof auditability. Experimental evaluation using a UAV testbed and cloud integration shows that the proposed framework achieves 99.85% confidentiality preservation, reduces computational overhead on UAVs by 42%, and improves end-to-end latency by 35% compared to conventional single-layer encryption schemes. These results confirm that the proposed adaptive and hybridized dual-layer design provides a scalable, secure, and resource-aware solution for UAV-to-cloud communication, offering both present-day practicality and future-proof cryptographic resilience. Full article

This study presents an edge-based intrusion detection methodology designed to enhance cybersecurity in Internet of Things environments, which remain highly vulnerable to complex attacks. The approach employs an Auxiliary Classifier Generative Adversarial Network capable of classifying network traffic in real-time while simultaneously generating high-fidelity synthetic data within a unified framework. The model is implemented in TensorFlow and deployed on the energy-efficient NVIDIA Jetson Orin Nano, demonstrating the feasibility of executing advanced deep learning models at the edge. Training is conducted on network traffic collected from diverse IoT devices, with preprocessing focused on TCP-based threats. The integration of an auxiliary classifier enables the generation of labeled synthetic samples that mitigate data scarcity and improve supervised learning under imbalanced conditions. Experimental results demonstrate strong detection performance, achieving a precision of 0.89 and a recall of 0.97 using the standard 0.5 decision threshold inherent to the sigmoid-based binary classifier, indicating an effective balance between intrusion detection capability and false-positive reduction, which is critical for reliable operation in IoT scenarios. The generative component enhances data augmentation, robustness, and generalization. These results show that combining generative adversarial learning with edge computing provides a scalable and effective approach for IoT security. Future work will focus on stabilizing training procedures and refining hyperparameters to improve detection performance while maintaining high precision. Full article

In the information age, Internet of Things (IoT) devices are more susceptible to intrusion due to today’s complex network attack methods. Therefore, accurately detecting evolving network attacks from complex and ever-changing IoT environments has become a key research goal in the current intrusion detection field. Due to the spatial and temporal characteristics of IoT data, this paper proposes a Spatiotemporal Feature Weighted Fusion Approach Combining Gating Attention Transformation (STWGA). STWGA consists of three parts, namely spatial feature learning, the gated attention transformer, and the temporal feature learning module. It integrates improved convolutional neural networks (CNN), batch normalization, and Bidirectional Long Short-Term Memory Network (Bi-LSTM) to fully learn the deep spatial and temporal features of the data, achieving the goal of global deep spatiotemporal feature extraction. The gated attention transformer introduces an attention mechanism. In addition, an additional control mechanism is introduced in the self-attention module to more effectively improve detection accuracy. Finally, the experimental results show that STWGA has better spatiotemporal feature extraction ability and can effectively improve the intrusion detection effect of anomalies. Full article

Modern healthcare systems increasingly depend on wearable Internet of Medical Things (IoMT) devices for the continuous monitoring of patients’ physiological parameters. It remains challenging to differentiate between genuine physiological anomalies, sensor faults, and malicious cyber interference. In this work, we propose a hybrid fusion framework designed to attribute the most plausible source of an anomaly, thereby supporting more reliable clinical decisions. The proposed framework is developed and evaluated using two complementary datasets: CICIoMT2024 for modelling security threats and a large-scale intensive care cohort from MIMIC-IV for analysing key vital signs and bedside interventions. The core of the system combines a supervised XGBoost classifier for attack detection with an unsupervised LSTM autoencoder for identifying physiological and technical deviations. To improve clinical realism and avoid artefacts introduced by quantised or placeholder measurements, the physiological module incorporates quality-aware preprocessing and missingness indicators. The fusion decision policy is calibrated under prudent, safety-oriented constraints to limit false escalation. Rather than relying on fixed fusion weights, we train a lightweight fusion classifier that combines complementary evidence from the security and clinical modules, and we select class-specific probability thresholds on a dedicated calibration split. The security module achieves high cross-validated performance, while the clinical model captures abnormal physiological patterns at scale, including deviations consistent with both acute deterioration and data-quality faults. Explainability is provided through SHAP analysis for the security module and reconstruction-error attribution for physiological anomalies. The integrated fusion framework achieves a final accuracy of 99.76% under prudent calibration and a Matthews Correlation Coefficient (MCC) of 0.995, with an average end-to-end inference latency of 84.69 ms (p95 upper bound of 107.30 ms), supporting near real-time execution in edge-oriented settings. While performance is strong, clinical severity labels are operationalised through rule-based proxies, and cross-domain fusion relies on harmonised alignment assumptions. These aspects should be further evaluated using realistic fault traces and prospective IoMT data. Despite these limitations, the proposed framework offers a practical and explainable approach for IoMT-based patient monitoring. Full article

The Internet of Things (IoT) is increasingly deployed at the edge under resource and environmental constraints, which limits the practicality of traditional intrusion detection systems (IDSs) on IoT hardware. This paper presents two IDS configurations. First, we develop a baseline IDS with fixed hyperparameters, achieving 99.20% accuracy and ~0.002 ms/sample inference latency on a desktop machine; this configuration is suitable for high-performance platforms but is not intended for constrained IoT deployment. Second, we propose a lightweight, edge-oriented IDS that applies ANOVA-based filter feature selection and uses a genetic algorithm (GA) for the bounded hyperparameter tuning of the classifier under stratified cross-validation, enabling efficient execution on Raspberry Pi-class devices. The lightweight IDS achieves 98.95% accuracy with ~4.3 ms/sample end-to-end inference latency on Raspberry Pi while detecting both low-volume and high-volume (DoS/DDoS) attacks. Experiments are conducted in a Raspberry Pi-based real lab using an up-to-date mixed-modal dataset combining system/network telemetry and heterogeneous physical sensors. Overall, the proposed framework demonstrates a practical, hardware-aware, and reproducible way to balance detection performance and edge-level latency using established techniques for real-world IoT IDS deployment. Full article

With the rapid development of Internet of Things (IoT) and Artificial Intelligence (AI) technologies, information security has become a critical issue. To develop a highly secure image encryption transmission system, this study proposes a novel key generation mechanism based on the combination of fractional-order chaotic system synchronization control and the SHA-256 algorithm. This proposed method dynamically generates high-quality synchronous random number sequences and is combined with the Advanced Encryption Standard (AES) algorithm. To quantitatively evaluate the mechanism, the generated sequences are tested using NIST SP 800-22, ENT, and DIEHARD suites. The comparative results show that the key generation mechanism produces sequences with higher randomness and unpredictability. In the evaluation of image encryption, histogram distribution, information entropy, adjacent pixel correlation, NPCR, and UACI are used as performance metrics. Experimental results show that the histogram distributions are uniform, the values of information entropy, NPCR, and UACI are close to their ideal levels, and the pixel correlation is significantly reduced. Compared to recent studies, the proposed method demonstrates higher encryption performance and stronger resistance to statistical attacks. Furthermore, the system effectively addresses key distribution and management problems inherent in traditional symmetric encryption schemes. These results validate the reliability and practical feasibility of the proposed approach. Full article

The proliferation of Internet of Things (IoT) devices has created unprecedented security challenges characterized by resource constraints, heterogeneous network architectures, and severe class imbalance in attack detection datasets. This paper presents a comprehensive benchmark evaluation of five Generative Adversarial Network (GAN) architectures for energy-aware intrusion detection: Standard GAN, Progressive GAN (PGAN), Conditional GAN (cGAN), Graph-based GAN (GraphGAN), and Wasserstein GAN with Gradient Penalty (WGAN-GP). Our evaluation framework introduces novel energy-normalized performance metrics, including Accuracy-per-Joule (APJ) and F1-per-Joule (F1PJ), that enable principled architecture selection for energy-constrained deployments. We propose an optimized WGAN-GP architecture incorporating diversity loss, feature matching, and noise injection mechanisms specifically designed for classification-oriented data augmentation. Experimental results on a stratified subset of the BoT-IoT dataset (approximately 1.83 million records) demonstrate that our optimized WGAN-GP achieves state-of-the-art performance, with 99.99% classification accuracy, a 0.99 macro-F1 score, and superior generation quality (MSE 0.01). While traditional classifiers augmented with SMOTE (i.e., Logistic Regression and CNN1D-TCN) also achieve 99.99% accuracy, they suffer from poor minority class detection (77.78–80.00%); our WGAN-GP improves minority class detection to 100.00% on the reported test split (45 of 45 attack instances correctly identified). Furthermore, WGAN-GP provides substantial efficiency advantages under our energy-normalized metrics, achieving superior accuracy-per-joule performance compared to Standard GAN. Also, a cross-dataset validation across five benchmarks (BoT-IoT, CICIoT2023, ToN-IoT, UNSW-NB15, CIC-IDS2017) was implemented using 250 pooled test attacks to confirm generalizability, with WGAN-GP achieving 98.40% minority class accuracy (246/250 attacks detected) compared to 76.80% for Classical + SMOTE methods, a statistically significant 21.60 percentage point improvement ($p<0.0001$). Finally, our analysis reveals that incorporating diversity-promoting mechanisms in GAN training simultaneously achieves best generation quality AND best classification performance, demonstrating that these objectives are complementary rather than competing. Full article

Cybersecurity in radio frequency (RF) technologies has become a critical concern, driven by the expansion of connected systems in urban and industrial environments. Although research on wireless networks and the Internet of Things (IoT) has advanced, comprehensive studies that provide a global and integrated view of cybersecurity development in this field remain limited. This work presents a scientometric and systematic review of international publications from 2009 to 2025, integrating the PRISMA protocol with semantic screening supported by a Large Language Model to enhance classification accuracy and reproducibility. The analysis identified two interdependent axes: one focusing on signal integrity and authentication in GNSS systems and cellular networks; the other addressing the resilience of IoT networks, both strongly associated with spoofing and jamming, as well as replay, relay, eavesdropping, and man-in-the-middle (MitM) attacks. The results highlight the relevance of RF cybersecurity in securing communication infrastructures and expose gaps in widely adopted technologies such as RFID, NFC, BLE, ZigBee, LoRa, Wi-Fi, and unlicensed ISM bands, as well as in emerging areas like terahertz and 6G. These gaps directly affect the reliability and availability of IoT and wireless communication systems, increasing security risks in large-scale deployments such as smart cities and cyber–physical infrastructures. Full article

The expansion of Internet of Things (IoT) devices in domestic smart homes has created new conveniences but also significant security risks. Insecure firmware, weak authentication and weak encryption leave households exposed to privacy breaches, data leakage and systemic attacks. Although research has addressed several challenges, contributions remain fragmented and difficult for non-technical users to apply. This work addresses the following research question: How can a theoretical framework be developed to enable automated vulnerability scanning and prioritisation for non-technical users in domestic IoT environments? A Systematic Literature Review of 40 peer-reviewed studies, conducted under PRISMA 2020 guidelines, identified four structural gaps: dispersed vulnerability knowledge, fragmented scanning approaches, over-reliance on technical severity in prioritisation and weak protocol standardisation. The paper introduces a four-module framework: a Vulnerability Knowledge Base, an Automated Scanning Engine, a Context-Aware Prioritisation Module and a Standardisation and Interoperability Layer. The framework advances knowledge by integrating previously siloed approaches into a layered and iterative artefact tailored to households. While limited to conceptual evaluation, the framework establishes a foundation for future work in prototype development, household usability studies and empirical validation. By addressing fragmented evidence with a coherent and adaptive design, the study contributes to both academic understanding and practical resilience, offering a pathway toward more secure and trustworthy domestic IoT ecosystems. Full article

As the digitalization and intelligent transformation of power systems accelerates, the Power Internet of Things (PIoT) plays a pivotal role in ensuring efficient energy transmission and real-time regulation. However, this openness and interconnectivity also expose the system to diverse cyber threats, where attackers can disrupt stable power communication and dispatch operations through means such as data tampering, denial-of-service attacks, and control intrusion. To characterize the dynamic adversarial process between attackers and defenders in the PIoT, this paper constructs a zero-sum differential game model for cyber attack–defense strategy selection. To achieve equilibrium in the formulated differential game, optimal control theory is employed to solve the optimization problems of the game participants, thereby deriving the optimal strategies for both attackers and defenders. Finally, simulation results illustrate the evolution of network resource competition between attackers and defenders in the PIoT. The results also demonstrate that our proposed model can effectively and accurately describe the evolution of the system security state and the impact of strategic interactions between attackers and defenders. Full article

With the rapid development of the Internet of Things (IoT) and Industrial IoT (IIoT), Network Intrusion Detection Systems (NIDSs) play a critical role in securing modern networked environments. Despite advances in multi-class intrusion detection, existing approaches face challenges from high-dimensional heterogeneous traffic data, severe class imbalance, and limited interpretability of high-performance “black-box” models. To address these issues, this study presents an XGBoost-based NIDSs integrating optimized strategies for feature dimensionality reduction and class balancing, alongside SHAP-based interpretability analysis. Feature reduction is investigated by comparing selection methods that preserve original features with generation methods that create transformed features, aiming to balance detection performance and computational efficiency. Class balancing techniques are evaluated to improve minority-class detection, particularly reducing false negatives for rare attack types. SHAP analysis reveals the model’s decision process and key feature contributions. The experimental results demonstrate that the method enhances multi-class detection performance while providing interpretability and computational efficiency, highlighting its potential for practical deployment in IoT security scenarios. Full article

Resource-constrained Internet of Things (IoT) devices are increasingly deployed in critical domains but remain vulnerable to stealthy attacks that can bypass conventional defenses. At the same time, privacy constraints limit centralized data collection and processing, complicating anomaly detection. This systematic review surveys methods for privacy-preserving anomaly detection in resource-constrained IoT and introduces a five-dimension taxonomy covering deployment paradigms, resource constraints, real-time requirements, protection techniques, and communication constraints. We review how the literature measures and reports resource and privacy costs and identify three major gaps: (1) a shortage of co-designed detector-plus-privacy solutions tailored to constrained hardware, (2) inconsistent reporting of resource and privacy trade-offs, and (3) limited robustness against adaptive attackers and realistic deployment noise. We conclude with actionable recommendations and a prioritized research roadmap. Furthermore, the multi-dimensional taxonomy we introduce provides a structured framework to guide design choices and systematically improve the comparability, deployability, and overall trustworthiness of anomaly detection systems for constrained IoT. Full article

With the widespread diffusion of personal Internet of Things (IoT) devices, Electromagnetic Side-Channel Attacks (EM-SCAs), which exploit electromagnetic emissions to uncover critical data such as cryptographic keys, are becoming extremely common. Existing shielding approaches typically rely on bulky or opaque materials, which limit integration in modern IoT environments; this motivates the need for a transparent, lightweight, and easily integrable solution. Thus, to address this threat, we propose the use of electromagnetic metasurfaces with shielding capabilities, fabricated with an optically transparent conductive film. This film can be easily integrated into glass substrates, offering a novel and discrete shielding solution to traditional methods, which are typically based on opaque dielectric media. The paper presents two proof-of-concept case studies for shielding against EM-SCAs. The first one investigates the design and fabrication of a passive metasurface aimed at shielding emissions from chip processors in IoT devices. The metasurface is conceived to attenuate a specific frequency range, characteristic of the considered IoT processor, with a target attenuation of 30 dB. At the same time, the metasurface ensures that signals from 4G and 5G services are not affected, thus preserving normal wireless communication functioning. Conversely, the second case study introduces an active metasurface for dynamic shielding/transmission behavior, which can be modulated through diodes according to user requirements. This active metasurface is designed to block undesired electromagnetic emissions within the 150–465 MHz frequency range, which is a common band for screen gleaning security threats. The experimental results demonstrate an attenuation of approximately 10 dB across the frequency band when the shielding mode is activated, indicating a substantial reduction in signal transmission. Both the case studies highlight the potential of transparent metasurfaces for secure and dynamic electromagnetic shielding, suggesting their discrete integration in building windows or other environmental structural elements. Full article

The Internet of Things (IoT) has transformed global connectivity by linking people, smart devices, and data. However, as the number of connected devices continues to grow, ensuring secure data transmission and communication has become increasingly challenging. IoT security threats arise at the device level due to limited computing resources, mobility, and the large diversity of devices, as well as at the network level, where the use of varied protocols by different vendors introduces further vulnerabilities. Physical Unclonable Functions (PUFs) provide a lightweight, hardware-based security primitive that exploits inherent device-specific variations to ensure uniqueness, unpredictability, and enhanced protection of data and user privacy. Additionally, modeling attacks against PUF architectures is challenging due to the random and unpredictable physical variations inherent in their design, making it nearly impossible for attackers to accurately replicate their unique responses. This study collected approximately 80,000 Challenge Response Pairs (CRPs) from a Ring Oscillator (RO) PUF design to evaluate its resilience against modeling attacks. The predictive performance of five machine learning algorithms, i.e., Support Vector Machines, Logistic Regression, Artificial Neural Networks with a Multilayer Perceptron, K-Nearest Neighbors, and Gradient Boosting, was analyzed, and the results showed an average accuracy of approximately 60%, demonstrating the strong resistance of the RO PUF to these attacks. The NIST statistical test suite was applied to the CRP data of the RO PUF to evaluate its randomness quality. The p-values from the 15 statistical tests confirm that the CRP data exhibit true randomness, with most values exceeding the 0.01 threshold and supporting the null hypothesis of randomness. Full article