Search Results (4,223)

With the increasing prevalence of Internet of Things (IoT) devices in areas like authentication, data protection, and access control, general purpose microcontrollers (MCUs) have become the primary platform for security-critical apps. However, the expense of these attacks has decreased significantly in recent years, making them a viable threat to MCU-based devices. We present a framework-driven perspective with a comparative survey of MCU fault injection resilience for IoT. The survey supports—and is organized around—the procedural evaluation framework we introduce. We discuss the basic requirements for security first, and then categorize the common types of hardware intrusion, including side-channel attacks, fault injection attacks, and invasive methods. We synthesize reported security technologies employed by MCU vendors, such as TrustZone/TEE, Physical Unclonable Functions (PUF), secure boot, flash encryption, secure debugging, and tamper detection, in the context of FIA scenarios. A comparison of representative MCUs—STM32U585, NXP LPC55S69, Nordic nRF54L15, Espressif ESP32-C6, and Renesas RA8M1—highlights cost–security trade-offs relevant to token-class deployments. We position this work as a framework/perspective: an evidence-first FI evaluation protocol for token-class MCUs, a portable checklist unifying PSA/SESIP/CC expectations, and a set of concrete case studies (e.g., ESP32-C6 secure boot hardening). We do not claim a formal systematic review. Full article

As electric vehicles (EVs) gain popularity, the existing public charging infrastructure is struggling to keep pace with the rapidly growing demand for the immediate charging needs of EVs. V2V power trading has gradually attracted widespread attention and development. EVs need to transmit sensitive information, such as transaction plans, through communication entities in the Internet of Vehicles (IoV). This could lead to leaks of sensitive information, thereby threatening the fairness of transactions. In addition, due to the differences in the cryptographic systems of entities, communication between entities faces challenges. Therefore, a privacy-preserving scheme for V2V double auction power trading based on heterogeneous signcryption and IoV is proposed. Firstly, a heterogeneous signcryption algorithm is designed to realize secure communication from certificateless cryptography to identity-based cryptography. Secondly, the scheme employs a pseudonym mechanism to protect the real identities of EVs. Furthermore, a verification algorithm is designed to verify the information sent by EVs and ensure the traceability and revocation of malicious EVs. The theoretical analysis shows that the proposed scheme could serve common security functions, and the experiment demonstrates that the proposed scheme reduces communication costs by about 14.56% and the computational cost of aggregate decryption by 80.51% compared with other schemes in recent years. Full article

The Domain Name System (DNS) is a fundamental component of the Internet, yet its distributed and caching nature makes it susceptible to various attacks, especially cache poisoning. Although the use of random port numbers and transaction IDs has reduced the probability of cache poisoning, recent developments such as DNS Forwarder fragmentation and side-channel attacks have increased the possibility of cache poisoning. To counteract these emerging cache poisoning techniques, this paper proposes the DNS Cache Sensor (DNS-Sensor) system, which operates as a distributed sensor network for DNS security. Like environmental sensors monitoring physical parameters, DNS-Sensor continuously scans DNS cache records, comparing them with authoritative data to detect anomalies with sensor-grade precision. It involves checking whether the DNS cache is consistent with authoritative query results by continuous observation to determine whether cache poisoning has occurred. In the event of cache poisoning, the system switches to a disaster recovery resolution system. To expedite comparison and DNS query speeds and isolate the impact of cache poisoning on the disaster recovery resolution system, this paper uses a local top-level domain authoritative mirror query system. Experimental results demonstrate the accuracy of the DNS-Sensor system in detecting cache poisoning, while the local authoritative mirror query system significantly improves the efficiency of DNS-Sensor. Compared to traditional DNS, the integrated DNS query and DNS-Sensor method and local top-level domain authoritative mirror query system is faster, thus improving DNS performance and security. Full article

The Internet of Vehicles (IoV) revolutionizes transportation by enabling real-time communication and data exchange among vehicles (V2V), infrastructure (V2I), and other entities (V2X). These capabilities are crucial for improving road safety and traffic efficiency. However, achieving reliable and secure consensus across network nodes remains a significant challenge. Consensus mechanisms are essential in IoV for ensuring agreement on the network’s state, enabling applications such as autonomous driving, traffic management, and emergency response. This paper presents a systematic review of IoV consensus mechanisms, examining 78 peer-reviewed publications from 2010 to June 2025 using the PRISMA framework. Our analysis highlights challenges, including scalability, latency, and energy efficiency and identifies trends such as the adoption of lightweight algorithms, edge computing, and AI-assisted techniques. Unlike previous reviews, this work introduces a structured comparative framework specifically designed for IoV environments, enabling a detailed evaluation of consensus mechanisms across key features such as latency, fault tolerance, communication overhead and scalability to identify their relative strengths and limitations. Full article

Today, vaccines play a crucial role in ensuring personal safety and are the most effective method for preventing related diseases. The ages over which vaccines are efficacious, from infancy to the old, is of utmost importance. With the recent outbreak of COVID-19 in 2019, the demand for vaccines and their usage has significantly increased. This surge in demand has led to issues such as vaccine counterfeiting and related problems, which have raised concerns among the public regarding vaccine administration. As a result, this has also resulted in a lack of trust in vaccine manufacturing companies and raised doubts about production processes. To address these concerns, this study proposed a vaccine production supervision system with Internet of Things (IoT) device based on blockchain. By utilizing IoT devices, vaccine-sensitive production data can be collected and encrypted and leaks that could lead to great benefit losses for vaccine manufacturing companies can also be prevented. This system adopts a digital signature technique to import immutable characteristics to the data, offering conclusive evidence in case any issues occur with the vaccine in the future. Finally, the system also integrates with the Inter Planetary File System (IPFS) with a blockchain solution, storing manufacturing plant vaccine production records in a secure, publicly accessible, and decentralized storage space, and also enabling public verification. Full article

The integration of federated learning into Industrial Internet of Things (IIoT) networks enables collaborative intelligence but also exposes systems to identity spoofing, model poisoning, and malicious update injection. This paper presents Leash-FL, a lightweight self-healing framework that combines certificateless elliptic curve cryptography with blockchain to enhance resilience in resource-constrained IoT environments. Certificateless ECC with pseudonym rotation enables efficient millisecond-scale authentication with minimal metadata, supporting secure and unlinkable participation. A similarity-governed screening mechanism filters poisoned and free-rider updates, while blockchain-backed checkpoint rollback ensures rapid recovery without service interruption. Experiments on intrusion detection, anomaly detection, and vision datasets show that Leash-FL sustains over 85 percent accuracy with 50 percent malicious clients, reduces backdoor success rates to under 5 percent within four recovery rounds, and restores accuracy up to three times faster than anomaly-screening baselines. The blockchain layer achieves low-latency consensus, high throughput, and modest ledger growth, significantly outperforming Ethereum-based systems. Membership changes are efficiently managed with sub-50 ms join and leave operations and re-admission within 60 ms, while guaranteeing forward and backward secrecy. Leash-FL delivers a cryptography-driven approach that unifies lightweight authentication, blockchain auditability, and self-healing recovery into a secure, resilient, and scalable federated learning solution for next-generation IIoT networks. Full article

The Internet of Things (IoT) continues to expand rapidly, with the Routing Protocol for Low-Power and Lossy Networks (RPL) serving as its core communication backbone. However, RPL remains vulnerable to a range of insider routing attacks such as the Version Number Attack (VNA) and Hello Flooding Attack (HFA), particularly in constrained IoT environments. In our previous work, IbiboRPLChain, we proposed a blockchain-based authentication mechanism to secure communication between routing and sensor nodes. This paper presents an evolved framework, IbiboRPLChain II, which integrates smart contracts, decentralised authentication nodes, and composite blockchain mechanisms to improve network resilience, scalability, and security. Our experiments, conducted using Cooja and Contiki OS, evaluate the system across multiple simulation seeds, demonstrating significant gains in Packet Delivery Ratio (PDR), energy efficiency, and delay mitigation. IbiboRPLChain II proves to be a robust solution for secure, lightweight, and scalable RPL-based IoT environments. Full article

The implementation of the Internet of Things (IoT) in logistics has the ability to transform the whole logistics industry by improving business models, operational efficiency, traceability, security, and customer experience. The manual logistics process causing a lot of late deliveries, wrong deliveries, and line stoppages in a multinational automotive company. That led to the pursuit of this research work to convert the manual call-off process to a fully system-controlled process. The main objective of this research was to implement system-controlled warehouse call-offs and scheduling processes to reduce line stoppages caused by late and incorrect delivery of parts to the line, as well as hot call-offs, and to improve the overall efficiency of line supply routes. The introduction of IoT in the warehouse comes with a takted process, meaning that each step of the line supply process is timed. The process introduces scanners to support process confirmation and link every process step to System Applications and Products in Data Processing (SAP) to allow for traceability. The interconnected devices and system in this study connect line-side reality (using Rapid Frequency Identification (RFID), optic sensors, and the Integrated Production System Logistics (IPSL) bill of material information) with the SAP demand and part requirements. The IoT implementation results show a great improvement in the overall logistics of line supply processes. A decrease in line stoppages is witnessed, with a reduction of 69%, and line-side confirmation makes tracing easier, thereby enhancing process transparency. The addition of scanners provides line supply employees transparency with respect to where parts are going, further reducing the probability of wrong deliveries. Waste reduction is also a result of this research, as the takted processes allow for time saving on the round-trip time, which is reduced by 32%. Conclusively, this research adds to the expanding corpus of research on the application of IoT in logistics and offers useful advice to policymakers and logistics managers who wish to integrate IoT technologies into their operations. Full article

The exponential growth of Internet of Things (IoT) devices introduces significant security challenges due to their resource constraints and diverse attack surfaces. To address these issues, this paper proposes the Centralized Two-Tiered Tree-Based Intrusion Detection System (C2T-IDS), a lightweight framework designed for efficient and scalable threat detection in IoT networks. The system employs a hybrid edge-centralized architecture, where the first tier, deployed on edge gateways, performs real-time binary classification to detect anomalous traffic using optimized tree-based models. The second tier, hosted on a centralized server, conducts detailed multi-class classification to diagnose specific attack types using advanced ensemble methods. Evaluated on the realistic CIC-IoT-2023 dataset, C2T-IDS achieves a Macro F1-Score of up to 0.94 in detection and 0.80 in diagnosis, outperforming direct multi-class classification by 5–15%. With inference times as low as 6 milliseconds on edge devices, the framework demonstrates a practical balance between accuracy, efficiency, and deployability, offering a robust solution for securing resource-constrained IoT environments. Full article

Federated Learning (FL) has emerged as a promising framework for multi-institutional medical artificial intelligence, enabling collaborative model development while preserving data privacy and security. Despite increasing research on federated approaches for cardiovascular disease prediction, previous reviews have largely focused on disease-specific perspectives without systematically comparing data modalities. This study comprehensively examines 28 representative investigations from the past five years, including 17 biosignal-based and 11 electronic health record (EHR)-based applications. Biosignal-based FL emphasizes personalized electrocardiogram (ECG) classification, mitigation of non-independent and identically distributed (Non-IID) data, and Internet of Things (IoT)-based monitoring using methods such as client clustering, asynchronous learning, and Bayesian inference. In contrast, EHR-based studies prioritize large-scale hospital collaboration, adaptive optimization, and secure aggregation through distributed frameworks. By systematically comparing methodological strategies, performance trade-offs, and clinical feasibility, this review highlights the complementary strengths of biosignal- and EHR-based approaches. Biosignal frameworks show strong potential for personalized, low-latency cardiac monitoring, whereas EHR frameworks excel in scalable and privacy-preserving decision support. Building upon the limitations of earlier reviews, this paper introduces data-type-centric design guidelines to enhance the reliability, interpretability, and clinical scalability of FL in cardiovascular diagnosis and prediction. Full article

Although it is a technology that can be pretty important for remote areas lacking internet or cellular data, the difficulties it presents in large data transmission prevent LoRa from developing sufficiently for image transmission. This challenge is particularly relevant for applications requiring the transfer of facial images, such as remote security or identification. It is possible to overcome these difficulties by reducing the data size through the application of various image processing methods. In the study, the face-focused enhanced super-resolution generative adversarial network (ESRGAN) is trained to address the significant quality loss in low-resolution face images transmitted to the receiver as a result of image processing techniques. Also, the trained ESRGAN model is evaluated comparatively with the Real-ESRGAN model and a standard bicubic interpolation baseline. In addition to Peak Signal-to-Noise Ratio (PSNR) and Structural Similarity Index Measure (SSIM) metrics, Learned Perceptual Image Patch Similarity (LPIPS) for perceptual quality and a facial identity preservation metric are used to calculate the similarities of the produced super-resolution (SR) images to the original images. The study was tested in practice, demonstrating that a facial image transmitted in 42 min via LoRa can be transmitted in 5 s using image processing techniques and that the images can be improved close to the real images at the receiver. Thus, with an integrated system that enhances the transmitted visual data, it becomes possible to transmit compressed, low-resolution image data using LoRa. The study aims to contribute to remote security or identification studies in regions with difficult internet and cellular data transmission by making significant improvements in image transmission with LoRa. Full article

The low-altitude economy (LAE), encompassing urban air mobility, drone logistics and sub 3000 m aerial surveillance, demands secure, intelligent infrastructures to manage increasingly complex, multi-stakeholder operations. This survey evaluates the integration of Internet of Things (IoT) networks, artificial intelligence (AI) decision-making and blockchain trust mechanisms as foundational enablers for next-generation LAE ecosystems. IoT sensor arrays deployed at ground stations, unmanned aerial vehicles (UAVs) and vertiports form a real-time data fabric that records variables from air traffic density to environmental parameters. These continuous data streams empower AI models ranging from predictive analytics and computer vision (CV) to multi-agent reinforcement learning (MARL) and large language model (LLM) reasoning to optimize flight paths, identify anomalies and coordinate swarm behaviors autonomously. In parallel, blockchain architectures furnish immutable audit trails for regulatory compliance, support secure device authentication via decentralized identifiers (DIDs) and automate contractual exchanges for services such as airspace leasing or payload delivery. By examining current research and practical deployments, this review demonstrates how the synergistic application of IoT, AI and blockchain can bolster operational efficiency, resilience and trustworthiness across the LAE landscape. Full article

Over the last decade, Software-Defined Networking (SDN) has garnered increasing research interest for networking and security. This interest stems from the programmability and dynamicity offered by SDN, as well as the growing importance of SDN as a foundational technology of future telecommunications networks and the greater Internet. However, research into SDN security has focused disproportionately on the security of the control plane, resulting in the relative trivialization of data plane security methods and a corresponding lack of appreciation of the data plane in SDN security discourse. To remedy this, this paper provides a comprehensive review of SDN data plane security research, classified into three primary research domains and several sub-domains. The three primary research domains are as follows: security capabilities within the data plane, security of the SDN infrastructure, and dynamic routing within the data plane. Our work resulted in the identification of specific strengths and weaknesses in existing research, as well as promising future directions, based on novelty and overlap with emerging technology domains. The most striking future directions are the use of hybrid SDN architectures leveraging a programmable data plane, SDN for heterogeneous network security, and the development of trust-based methods for SDN management and security, including trust-based routing. Full article

The increasing global demand for electricity has heightened the need for stable and reliable power distribution systems. Disruptions in power distribution can cause substantial economic losses and societal impact, underscoring the importance of accurate, timely, and scalable monitoring. The integration of Internet of Things (IoT) technologies into smart grids offers promising capabilities for real-time data collection and intelligent control. However, the application of IoT has created new challenges such as high communication overhead and insufficient user privacy protection due to the continuous exchange of sensitive data. In this paper, we propose a method for power distribution analytics in smart grids based on IoT called PSDA. PSDA collects real-time power usage data from IoT sensor nodes distributed across different grid regions. The collected data is spatially organized using Hilbert curves to preserve locality and enable efficient encoding for subsequent processing. Meanwhile, we adopt a dual-server architecture and distributed point functions (DPF) to ensure efficient data transmission and privacy protection for power usage data. Experimental results indicate that the proposed approach is capable of accurately analyzing power distribution, thereby facilitating prompt responses within smart grid management systems. Compared with traditional methods, our scheme offers significant advantages in privacy protection and real-time processing, providing an innovative IoT-integrated solution for the secure and efficient operation of smart grids. Full article

The deployment of deep learning models in Internet of Things (IoT) systems is increasingly threatened by adversarial attacks. To address the challenge of effectively detecting adversarial examples generated by Generative Adversarial Networks (AdvGANs), this paper proposes an unsupervised detection method that integrates spatial statistical features and multidimensional distribution characteristics. First, a collection of adversarial examples under four different attack intensities was constructed on the CIFAR-10 dataset. Then, based on the VGG16 and ResNet50 classification models, a dual-module collaborative architecture was designed: Module A extracted spatial statistics from convolutional layers and constructed category prototypes to calculate similarity, while Module B extracted multidimensional statistical features and characterized distribution anomalies using the Mahalanobis distance. Experimental results showed that the proposed method achieved a maximum AUROC of 0.9937 for detecting AdvGAN attacks on ResNet50 and 0.9753 on VGG16. Furthermore, it achieved AUROC scores exceeding 0.95 against traditional attacks such as FGSM and PGD, demonstrating its cross-attack generalization capability. Cross-dataset evaluation on Fashion-MNIST confirms its robust generalization across data domains. This study presents an effective solution for unsupervised adversarial example detection, without requiring adversarial samples for training, making it suitable for a wide range of attack scenarios. These findings highlight the potential of the proposed method for enhancing the robustness of IoT systems in security-critical applications. Full article