Communication Of Internet Of Things Devices Research Articles

Distributed Ledger-Based Authentication and Authorization of IoT Devices in Federated Environments

One of the main security challenges when federating separate Internet of Things (IoT) administrative domains is effective Identity and Access Management, which is required to establish trust and secure communication between federated IoT devices. The primary goal of the work is to develop a “lightweight” protocol to enable authentication and authorization of IoT devices in federated environments and ensure the secure communication of IoT devices. We propose a novel Lightweight Authentication and Authorization Framework for Federated IoT (LAAFFI) which takes advantage of the unique fingerprint of IoT devices based on their configuration and additional hardware modules, such as Physical Unclonable Function, to provide flexible authentication and authorization based on Distributed Ledger technology. Moreover, LAAFFI supports IoT devices with limited computing resources and devices not equipped with secure storage space. We implemented a prototype of LAAFFI and evaluated its performance in the Hyperledger Fabric-based IoT framework. Three main metrics were evaluated: latency, throughput (number of operations or transactions per second), and network resource utilization rate (transmission overhead introduced by the LAAFFI protocol). The performance tests conducted confirmed the high efficiency and suitability of the protocol for federated IoT environments. Also, all LAAFFI components are scalable as confirmed by tests. We formally evaluated LAAFFI security using Verifpal as a formal verification tool. Based on the models developed for Verifpal, we validated their security properties, such as message secrecy, authenticity, and freshness. Our results show that the proposed solution can improve the security of federated IoT environments while providing zero-day interoperability and high scalability. Compared to existing solutions, LAAFFI is more efficient due to the use of symmetric cryptography and algorithms adapted for operations involving IoT devices. LAAFFI supports multiple authorization mechanisms, and since it also offers authentication and accountability, it meets the requirements of Authentication, Authorization and Accounting (AAA). It uses Distributed Ledger (DL) and smart contracts to ensure that the request complies with the policies agreed between the organizations. LAAFFI offers authentication of devices belonging to a single organization and different organizations, with the assurance that the encryption key will be shared with another device only if the appropriate security policy is met. The proposed protocol is particularly useful for ensuring the security of federated IoT environments created ad hoc for special missions, e.g., operations conducted by NATO countries and disaster relief operations Humanitarian Assistance and Disaster Relief (HADR) involving military forces and civilian services, where immediate interoperability is required.

B-ERAC: Blockchain-Enabled Role-Based Access Control for Secure IoT Device Communication

Security risks are increasingly concerning as the Internet of Things (IoT) expands. Authentication, access control, and authorization present significant challenges for resource-constrained IoT devices. Traditional authentication methods often require enhancements for these devices, but Blockchain technology presents a potential solution. Decentralized and distributed, Blockchain eliminates a single point of failure and relies on Elliptic Curve Cryptography (ECC) for robust security. We have introduced a cutting-edge solution to fortify communication security within IoT devices across supply chain ecosystems. By harnessing the power of Blockchain technology, our framework incorporates smart contracts, adheres to ES256 encryption standards, and seamlessly integrates with Infura API. These components establish stringent access controls, ensure data integrity, and enhance transparency throughout supply chain processes. The framework’s robust architecture facilitates swift and secure transactions, bolsters traceability efforts, and effectively mitigates potential security risks. With its scalable design and reliable functionality, this framework emerges as a pivotal asset for optimizing IoT device communication within dynamic supply chain environments. The use of ProVerif in our analysis provides a formal guarantee of the correctness of our access control mechanisms.

Network Attack Classification with a Shallow Neural Network for Internet and Internet of Things (IoT) Traffic

In recent years, there has been a tremendous increase in the use of connected devices as part of the so-called Internet of Things (IoT), both in private spaces and the industry. Integrated distributed systems have shown many benefits compared to isolated devices. However, exposing industrial infrastructure to the global Internet also generates security challenges that need to be addressed to benefit from tighter systems integration and reduced reaction times. Machine learning algorithms have demonstrated their capacity to detect sophisticated cyber attack patterns. However, they often consume significant amounts of memory, computing resources, and scarce energy. Furthermore, their training relies on the availability of datasets that accurately represent real-world data traffic subject to cyber attacks. Network attacks are relatively rare events, as is reflected in the distribution of typical training datasets. Such imbalanced datasets can bias the training of a neural network and prevent it from successfully detecting underrepresented attack samples, generally known as the problem of imbalanced learning. This paper presents a shallow neural network comprising only 110 ReLU-activated artificial neurons capable of detecting representative attacks observed on a communication network. To enable the training of such small neural networks, we propose an improved attack-sharing loss function to cope with imbalanced learning. We demonstrate that our proposed solution can detect network attacks with an F1 score above 99% for various attacks found in current intrusion detection system datasets, focusing on IoT device communication. We further show that our solution can reduce the false negative detection rate of our proposed shallow network and thus further improve network security while enabling processing at line rate in low-complexity network intrusion systems.

PIoT-blockchain-enabled security framework for strengthening IoT device identity and data access

The Internet of Things (IoT) connects billions of devices, but concerns about data security and device identification have grown. This study introduces Proof of IoT (PIoT), a novel consensus method using blockchain-based smart contracts to ensure secure data transfer and device authentication in IoT networks. PIoT employs NuCypher-based security computations for authentication and data updating, ensuring only authorized parties access blockchain-recorded information. A reward-based filtering mechanism identifies malicious nodes, bolstering consensus integrity. Simulations demonstrate PIoT's superior performance compared to conventional methods, showing a 74.7% and 96.8% improvement over LPBFT and DAC4SH Consensus, respectively. PIoT enhances blockchain security under IoT by 15% compared to DAC4SH. Beyond facilitating secure IoT device communication, this approach mitigates various IoT attacks, offering a comprehensive solution to emerging IoT security challenges. ABBREVIATION: DAC4SH, Data access control scheme for smart home; DDoS, Distributed denial of service; DoS, Denial of Service; DTLS, Datagram Transport Layer Security; IoT, Internet of Things; LPBFT, Lightweight Particle Byzantine fault tolerance; MAC, Message authentication code; MITM, Man in the Middle; PBFT, Practical Byzantine Fault Tolerance; PIoT, Proof of IoT; TLS, Transport Layer Security

Exploring the application and performance of extended hamming code in IoT devices

This study primarily focuses on the implementation of extended Hamming code within Internet of Things (IoT) devices and examines its impact on device performance, particularly in relation to communication protocols. The research begins by introducing and explaining the essential principles surrounding the extended Hamming code and its system. This introduction is followed by a detailed analysis of its practical application in IoT device communication and the subsequent influence on performance. Additionally, the study explores the potential role of extended Hamming code in strengthening the security measures of IoT devices. Experimental findings indicate that incorporating extended Hamming code can effectively enhance the communication efficiency of IoT devices, ensuring accurate data transmission. It also improves the overall operational efficiency of the devices and fortifies their security framework. Yet, despite these promising outcomes, the real-world application of extended Hamming code presents significant challenges. These hurdles highlight the need for continued research and exploration to maximize the potential of the extended Hamming code in the IoT domain. The study concludes with an optimistic outlook, encouraging ongoing investigation and innovation to further optimize the benefits of this code and drive advancements in IoT technology.

An Approach for Ensuring Communication Security in IoT

The Internet of Things (IoT) describes the connection of bodily objects “things” that are embedded with sensors, software, and other components for the purpose of connecting and exchanging statistics(data/information) with other devices and systems over the Internet. The exchanging of data between IoT devices occurs over the network. As a result of that, the kind of data that will be transmitted over the internet needs to be secured and protected from unauthorized users. To achieve this, IoT device communication needs to be achieved securely. The main objective of this paper is to present an overview and compare various communication protocols in the context of IoT (Internet of Things) environments, with a focus on recommending a data exchange mechanism that will provide secure communication after a comparative study.

Quantum Cat Swarm Optimization Based Clustering with Intrusion Detection Technique for Future Internet of Things Environment

The Internet of Things (IoT) is one of the emergent technologies with advanced developments in several applications like creating smart environments, enabling Industry 4.0, etc. As IoT devices operate via an inbuilt and limited power supply, the effective utilization of available energy plays a vital role in designing the IoT environment. At the same time, the communication of IoT devices in wireless mediums poses security as a challenging issue. Recently, intrusion detection systems (IDS) have paved the way to detect the presence of intrusions in the IoT environment. With this motivation, this article introduces a novel Quantum Cat Swarm Optimization based Clustering with Intrusion Detection Technique (QCSOBC-IDT) for IoT environment. The QCSOBC-IDT model aims to achieve energy efficiency by clustering the nodes and security by intrusion detection. Primarily, the QCSOBC-IDT model presents a new QCSO algorithm for effectively choosing cluster heads (CHs) and organizing a set of clusters in the IoT environment. Besides, the QCSO algorithm computes a fitness function involving four parameters, namely energy efficiency, inter-cluster distance, intra-cluster distance, and node density. A harmony search algorithm (HSA) with a cascaded recurrent neural network (CRNN) model can be used for an effective intrusion detection process. The design of HSA assists in the optimal selection of hyperparameters related to the CRNN model. A detailed experimental analysis of the QCSOBC-IDT model ensured its promising efficiency compared to existing models.

Dynamic Reduced-Round TLS Extension for Secure and Energy-Saving Communication of IoT Devices

The security of wireless Internet of Things (IoT) communication is a complex challenge due to not only growing attack surfaces and threats but also the limitations of energy consumption. As a significant portion of the IoT market is composed of both security- and energy-critical sectors, e.g., smart homes and e-health, there is a pressing demand for solutions to secure billions of IoT devices while minimizing energy footprint. To this end, this article proposes a transport layer security (TLS) extension to integrate a lightweight and self-monitored mechanism that dynamically balances communication security and power consumption according to the IoT device’s current battery level. Integrated within the TLSv1.3 protocol, the secure extension automatically adjusts the encryption round number of the negotiated cipher according to an operator-defined policy while ensuring the minimum required security level. A Proof-of-Concept (PoC) has been implemented on the wolfSSL library and a real-world IoT platform, on which the performance of the proposed mechanism has been reported for various lightweight ciphers. The results showed an energy reduction of encryptions by 57.1% and a battery saving of 9.4% when encrypting at 4 kBps with reduced-round encryption, demonstrating the potential of the proposed extension into the TLS protocol.

UWPEE: Using UAV and wavelet packet energy entropy to predict traffic-based attacks under limited communication, computing and caching for 6G wireless systems

The development of 6G has enhanced the communication capabilities of Internet of Things (IoT) devices. However, in wireless system, due to cost constraints, only a few devices have the communication capability of 6G, and the rest can only communicate with the Internet through self-organized networks. Due to simple hardware, these IoT devices have low capacities of communication, computing and caching. And they are vulnerable to all kinds of attacks. One of harmful attacks is traffic-based attack such as on–off attack, Denial of Service (DoS) attack which consumes the limited energy of IoT devices and wreaks havoc on data-based applications. However, there is no effective way to obtain the truth traffic of IoT devices, which makes it difficult for the cloud to secure the communication of IoT devices and manage the state of network. To ensure reliable communication, a novel approach to detect traffic-based attack by Unmanned Aerial Vehicle (UAV) and Wavelet Packet Energy Entropy (UWPEE) is proposed. In UWPEE scheme, UAV is sent to collect the truth traffic from IoT devices. Then wavelet packet energy entropy is innovatively adopted to detect attacks. Finally, the trust of IoT devices is determined according to their entropy. The experimental results show that UWPEE scheme can effectively identify traffic-based attacks with an accuracy rate of 84.47% and an average recognition efficiency of 4.89 for malicious nodes. Meanwhile, compared with the greedy algorithm, the flight path of the UAVs is reduced by 15.44%.

Practical Blockchain-Based Steganographic Communication Via Adversarial AI: A Case Study In Bitcoin

Abstract With the development of 5G, the wireless Internet of Things (IoT) has become possible; how to provide privacy protections for the communication of IoT devices in a more vulnerable wireless transmission environment is a huge challenge. Thus, steganography is introduced as a safe and effective technology. Blockchain systems have been widely used in the area of steganography. Several works attempted to embed covert data into transactions in public blockchain systems such as Bitcoin, Ethereum and Monero. However, most of them merely focus on putting covert data into certain fields in transactions based on cryptographic algorithms. In this paper, a Covert Transaction Recognition (CTR) model is proposed by the Text Convolutional Neural Networks and Back Propagation Neural Networks. When utilizing the covert data-embedded field for recognizing, our CTR model can attain 0.79 precision and 0.83 recall on average for seven covert transaction construction schemes. The precision and recall can increase by at most 43 and 47%, respectively, if other unembedded fields were additionally exploited for recognition. We further propose a Practical Covert Transaction Construction (PCTC) model. This model fixes the contents in the embedded fields of the constructed transactions, and generates the contents in other fields using Generative Adversarial Networks. Experimental results demonstrated that the precision and recall are greatly decreased when identifying the covert transactions generated by our PCTC model. The data underlying this article are available in ‘covert-transaction-model’, at https://github.com/1997mint/covert-transaction-model.

A distributed identity‐based authentication scheme for internet of things devices using permissioned blockchain system

AbstractThe Internet of Things (IoT) has become a significant technology on the internet with its widespread adoption in almost every place we could think of, like homes, hospitals, industries, companies, and so on. This adoption in virtually every device had made them smart, thereby reducing the human intervention to handle them. These devices become smart by gathering the sensed information and communicating with other devices or servers to take the appropriate decisions based on acquired data. However, these devices are deployed in batches with default usernames and passwords, making them vulnerable to attacks as seen in recent pasts like the Mirai botnet attack. Most of the attacks could have been avoided if these devices were equipped with a decent lightweight secure authentication scheme. One of the most common authentication procedures is using traditional public key infrastructure (PKI), which suffers from a single point of failure. Moreover, the complex procedures of PKI make them unfit for low‐powered IoT devices. Identity‐based cryptography (IBC), a lightweight cryptosystem, could be a good fit for these devices. But, even IBC suffers from a single point of failure and key escrow problem because of the private key generator (PKG). Blockchain has proved its mettle in eliminating a single point of failure with its robust distributed ledger technology. This article presents a novel authentication scheme for IoT devices based on identity‐based cryptography using a blockchain network. Blockchain is used as a distributed PKG, eliminating a single point of failure and key escrow problem of PKGs. Further, the proposed work is implemented in Hyperledger Fabric, which is an open‐source blockchain platform that efficiently performs the addition, updating, and deletions operation for effective authentication and communication of IoT devices.

A Comparison of Various IoT Application Layer Protocol

Data communication over the internet is highly swayed by protocols. So, the protocols have a very crucial role in data communication. Similarly, for the Internet of things (IoT) enabled devices the protocols have also an important role. In the Application-layer of IoT-enabled devices, the protocols have a significant role in the transfer of data from server to IoT devices and vice versa. There are different protocols are there, some are taken from web based internet protocols like Hyper Text Transfer Protocol (HTTP), Transmission Control Protocol (TCP), User Datagram Protocol (UDP), etc. And some are exclusively developed for IoT devices like Message Queue Telemetry Transport (MQTT), Constraint Application Protocol (CoAP), etc. IoT-enabled devices need a lightweight, secure and fast protocols for the transfer of data. When IoT enabled devices are developed there are limited number of protocols developed for communication of IoT devices. Various protocols are developed to fulfil the need of users but they have some advantages as well as disadvantages. In this paper, analysis of the performance and comparision of these protocols through different scenarios are given.

Multi-UAV Assisted IoT NOMA Uplink Communication System for Disaster Scenario

Unmanned aerial vehicle (UAV) communication has become a prominent technology that can effectively assist in IoT systems. The inherent features of UAV such as mobility, flexibility, and fast deployment make it preferable for emergency Internet of Things (IoT) applications. In this paper, we consider a multi-UAV assisted wireless network to support uplink communication for IoT devices distributed over a disaster area. The network involves two types of UAVs: sector UAV (SU) and anchor UAV (AU). The SU hovers at a fixed height over the sector around the temporary base station (TBS), collects the information from the respective IoT devices and relays them to the TBS via AU. The AU revolves continuously around the TBS and relays the information between the SUs and TBS periodically. We aim to improve the uplink capacity of the system. To achieve this, we employ non-orthogonal multiple access (NOMA), where we jointly optimize the positions of SUs and the power control of IoT devices. We propose a two-step approach to solve this. First, we optimize the position of SU in each sector by minimizing the sum distances of SU from the respective IoT devices. Then, by considering the optimal SU location, we optimize the transmit power of IoT devices using Lagrange dual method. Finally, the experimental results show that the proposed scheme improves the system capacity by 22% compared to the state-of-the-art schemes.

Proposal for a Localization System for an IoT Ecosystem

In the last decade, positioning using wireless signals has gained a lot of attention since it could open new opportunities for service providers. Localization is important, especially in indoor environments, where the widely used global navigation satellite systems (GNSS) signals suffer from high signal attenuation and multipath propagation, resulting in poor accuracy or a loss of positioning service. Moreover, in an Internet of things (IoT) environment, the implementation of GNSS receivers into devices may result in higher demands on battery capacity, as well as increased cost of the hardware itself. Therefore, alternative localization systems that are based on wireless signals for the communication of IoT devices are gaining a lot of attention. In this paper, we provide a design of an IoT localization system, which consists of multiple localization modules that can be utilized for the positioning of IoT devices that are connected thru various wireless technologies. The proposed system can currently perform localization based on received signals from LoRaWAN, ZigBee, Wi-Fi, UWB and cellular technologies. The implemented pedestrian dead reckoning algorithm can process the data measured by a mobile device that is equipped with inertial sensors to construct a radio map and thus help with the deployment of the positioning services based on a fingerprinting approach.

A novel dynamic clustering approach for energy hole mitigation in Internet of Things‐based wireless sensor network

SummaryWith the advancements in the technology, Internet of Things (IoT)‐based wireless sensor networks (WSNs) have shown a tremendous growth in rendering a huge number of applications across the globe. However, it is observed that IoT‐based sensor nodes suffer from energy limitations. To resolve this, cluster‐based topology is adapted by the various researchers for rendering green energy‐efficient solution for communication of IoT devices. In this paper, the dynamic and energy‐efficient clustering for energy hole mitigation (DECEM) is proposed. The proposed framework is composed of the following proposed attributes; network is divided in two halves of regions, in each half, a gateway node (GN) is selected that collects data from their corresponding half region. Further, in each cluster, two cluster heads (CHs) are selected among whom one is made active at a moment (remains active until 60% of its energy is consumed) and other stays in sleep mode. First, the GN is selected in each side of the network (divided into two halves), and later, clustering is done, and selection of two CHs in each cluster is performed. The parameters for the selection of GN and CHs include residual energy, separation between the node and the sink, the number of neighbour nodes and network's residual energy. The simulation experiments reveal that DECEM has enhanced stability period by 5% and 31% as compared to the MEEC and IDHR protocols, respectively. The network lifetime is gigantically improved by 56% as compared to MEEC protocol.

WITHDRAWN: A novel RSS based light weight digital certificate and key generation scheme for coherent communication of IoT devices

The Internet-of-Things (IoT) will connect different types of cyber physical systems that are supported by different wireless transmission technologies, e.g., Wi-Fi, ZigBee, etc. However, the security protocols of those wireless technologies cannot be implemented to support seamless and secure IoT communications. Moreover, security protocols need to be light-weighted since some IoT devices have limited computation resources. In this research work, we propose a light weight physical-layer security-based authentication and key generation scheme The Internet-of-Things (IoT) will connect different types of cyber physical systems that are supported by different wireless transmission technologies, e.g., Wi-Fi, ZigBee, etc. However, the security protocols of those wireless technologies cannot be implemented to support seamless and secure IoT communications. Moreover, security protocols need to be light-weighted since some IoT devices have limited computation resources. In this research work, we propose a light weight physical-layer security-based authentication and key generation scheme to bridge different transmission technologies in IoT communications. In the studied scenario, a group certificate is generated based on physical-layer information, i.e., Received Signal Strength (RSS) for all legitimate IoT devices in a network. The group certificate is to support mutual authentication between any pair of IoT devices within the network. Furthermore, the proposed scheme also generates a session key for the authenticated pair of IoT devices for other purposes of security features. The proposed scheme also addresses the issue of access control for new IoT devices with a short-term session key generation process. Security analysis is provided to show the efficacy of the proposed scheme against eavesdropping and replay attacks. A tested based experiment is conducted to further demonstrate the RSS based value generation and distribution.

Ensemble machine learning approach for classification of IoT devices in smart home

The emergence of the Internet of Things (IoT) concept as a new direction of technological development raises new problems such as valid and timely identification of such devices, security vulnerabilities that can be exploited for malicious activities, and management of such devices. The communication of IoT devices generates traffic that has specific features and differences with respect to conventional devices. This research seeks to analyze the possibilities of applying such features for classifying devices, regardless of their functionality or purpose. This kind of classification is necessary for a dynamic and heterogeneous environment, such as a smart home where the number and types of devices grow daily. This research uses a total of 41 IoT devices. The logistic regression method enhanced by the concept of supervised machine learning (logitboost) was used for developing a classification model. Multiclass classification model was developed using 13 network traffic features generated by IoT devices. Research has shown that it is possible to classify devices into four previously defined classes with high performances and accuracy (99.79%) based on the traffic flow features of such devices. Model performance measures such as precision, F-measure, True Positive Ratio, False Positive Ratio and Kappa coefficient all show high results (0.997–0.999, 0.997–0.999, 0.997–0.999, 0–0.001 and 0.9973, respectively). Such a developed model can have its application as a foundation for monitoring and managing solutions of large and heterogeneous IoT environments such as Industrial IoT, smart home, and similar.

Regulating data sharing across MQTT environments

Nowadays, due to the personal nature of the managed data, numerous Internet of Things (IoT) applications represent a potential threat to user privacy. In order to address this issue, several access control models have been specifically designed for IoT. The great majority of these proposals adopt centralized enforcement mechanisms designed to control the communication of IoT devices operating in the same environment. However, these approaches cannot regulate data exchange operated by devices connected to different environments. To the best of our knowledge, effective approaches capable of controlling these forms of communications are still missing. Therefore, in this paper, we do a step to fill this void, by focusing on applications built on top of MQTT, a widely used protocol for IoT. We propose an access control framework to regulate data sharing across bridged MQTT environments, on the basis of both access control policies and user preferences. The proposed approach regulates data exchange among IoT devices belonging to interconnected environments by means of a decentralized enforcement mechanism. Experimental analyses show the efficiency of the proposed approach.

SoftSystem: Smart Edge Computing Device Selection Method for IoT Based on Soft Set Technique

The Internet of Things (IoT) is growing day by day, and new IoT devices are introduced and interconnected. Due to this rapid growth, IoT faces several issues related to communication in the edge computing network. The critical issue in these networks is the effective edge computing IoT device selection whenever there are several edge nodes to carry information. To overcome this problem, in this paper, we proposed a new framework model named SoftSystem based on the soft set technique that recommends useful IIoT devices. Then, we proposed an algorithm named Softsystemalgo. For the proposed system, three different parameters are selected: IoT Device Security (IDSC), IoT Device Storage (IDST), and IoT Device Communication Speed (IDCS). We also find out the most significant parameters from the given set of parameters. It is evident that our proposed system is effective for the selection of edge computing devices in the IoT network.

Securing IoT device communication against network flow attacks with Recursive Internetworking Architecture (RINA)

Abstract The Advent of Internet of Things (IoT) crowded the internet like never before. Ever-increasing connectivity brought many network vulnerabilities and caused many Cyber-attacks. The existing network stack is unable to avoid these casualties even though there are several security protocols. The present work aims to provide a secure network architecture that addresses almost all the network flaws in the existing network stack. It is based on Recursive Internetworking architecture (RINA) which is a promising solution being developed by researchers from a couple of decades. The features and capabilities of RINA architecture can replace existing communication technology with better security. The proposed method is developed with RINA architecture in closed environment like LAN. It verifies RINA features that prevent network flow attacks effectively.