Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
4.7
2.9
Journals
Electronics
Special Issues
Security Issues in the IoT
share announcement

Security Issues in the IoT

A special issue of Electronics (ISSN 2079-9292). This special issue belongs to the section "Computer Science & Engineering".

Deadline for manuscript submissions: closed (31 August 2023) | Viewed by 13048

Special Issue Editor

Dr. Elif Bilge Kavun

E-Mail Website
Guest Editor
Secure Intelligent Systems Research Group, Faculty of Computer Science and Mathematics, University of Passau, 94032 Passau, Germany
Interests: cryptography; hardware security; digital circuits; IoT security
Special Issues, Collections and Topics in MDPI journals

Special Issue Information

Dear Colleagues,

With the increased inclusion of the Internet of Things (IoT) in our daily lives, the security of IoT devices as well as the processed sensitive information has become a concern as such systems may allow both small- and large-scale attacks. Adversaries may make use of simple security problems or even have access to special tools for mounting more sophisticated physical attacks on IoT systems. In response to these attacks, many mitigation techniques and countermeasures have been published, especially in the last decade. However, there are still many open security problems and potential attack vectors. Due to the bandwidth, energy, and computational constraints in IoT systems, efficient novel methods are required to reach the required security level.

The purpose of this Special Issue is to advance this effort by inviting contributions addressing security problems, mitigations, and tools in IoT. Topics of interest include but are not limited to the following areas:

  • IoT security and trust;
  • IoT system and network security;
  • Cryptography, key management, authentication, and authorization for IoT;
  • Security of resource-constrained hardware;
  • Lightweight cryptography;
  • Lightweight security protocols;
  • Security and privacy enhancing tools for IoT;
  • Intrusion and anomaly detection in IoT systems;
  • Artificial Intelligence (AI)-based security and data protection for IoT;
  • Standardization activities for IoT security.

We look forward to receiving your contributions. Submissions should be of high quality, suitable for an international journal, and should not have been submitted or published elsewhere.

Dr. Elif Bilge Kavun
Guest Editor

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Electronics is an international peer-reviewed open access semimonthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 2400 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • IoT
  • security
  • lightweight
  • resource-constrained
  • cryptography
  • security protocol

Published Papers (5 papers)

Download All Papers
Order results
Result details
Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:

Research

Jump to: Review

23 pages, 4053 KiB  
Article
IoTFuzzBench: A Pragmatic Benchmarking Framework for Evaluating IoT Black-Box Protocol Fuzzers
by Yixuan Cheng, Wenxin Chen, Wenqing Fan, Wei Huang, Gaoqing Yu and Wen Liu
Electronics 2023, 12(14), 3010; https://0-doi-org.brum.beds.ac.uk/10.3390/electronics12143010 - 09 Jul 2023
Cited by 1 | Viewed by 1466
Abstract
High scalability and low operating cost make black-box protocol fuzzing a vital tool for discovering vulnerabilities in the firmware of IoT smart devices. However, it is still challenging to compare black-box protocol fuzzers due to the lack of unified benchmark firmware images, complete [...] Read more.
High scalability and low operating cost make black-box protocol fuzzing a vital tool for discovering vulnerabilities in the firmware of IoT smart devices. However, it is still challenging to compare black-box protocol fuzzers due to the lack of unified benchmark firmware images, complete fuzzing mutation seeds, comprehensive performance metrics, and a standardized evaluation framework. In this paper, we design and implement IoTFuzzBench, a scalable, modular, metric-driven automation framework for evaluating black-box protocol fuzzers for IoT smart devices comprehensively and quantitatively. Specifically, IoTFuzzBench has so far included 14 real-world benchmark firmware images, 30 verified real-world benchmark vulnerabilities, complete fuzzing seeds for each vulnerability, 7 popular fuzzers, and 5 categories of complementary performance metrics. We deployed IoTFuzzBench and evaluated 7 popular black-box protocol fuzzers on all benchmark firmware images and benchmark vulnerabilities. The experimental results show that IoTFuzzBench can not only provide fast, reliable, and reproducible experiments, but also effectively evaluate the ability of each fuzzer to find vulnerabilities and the differential performance on different performance metrics. The fuzzers found a total of 13 vulnerabilities out of 30. None of these fuzzers can outperform the others on all metrics. This result demonstrates the importance of comprehensive metrics. We hope our findings ease the burden of fuzzing evaluation in IoT scenarios, advancing more pragmatic and reproducible fuzzer benchmarking efforts. Full article
(This article belongs to the Special Issue Security Issues in the IoT)
Show Figures

Figure 1

15 pages, 840 KiB  
Article
Harris-Hawk-Optimization-Based Deep Recurrent Neural Network for Securing the Internet of Medical Things
by Sidra Abbas, Gabriel Avelino Sampedro, Mideth Abisado, Ahmad Almadhor, Iqra Yousaf and Seng-Phil Hong
Electronics 2023, 12(12), 2612; https://0-doi-org.brum.beds.ac.uk/10.3390/electronics12122612 - 09 Jun 2023
Cited by 5 | Viewed by 1676
Abstract
The healthcare industry has recently shown much interest in the Internet of Things (IoT). The Internet of Medical Things (IoMT) is a component of the IoTs in which medical appliances transmit information to communicate critical information. The growth of the IoMT has been [...] Read more.
The healthcare industry has recently shown much interest in the Internet of Things (IoT). The Internet of Medical Things (IoMT) is a component of the IoTs in which medical appliances transmit information to communicate critical information. The growth of the IoMT has been facilitated by the inclusion of medical equipment in the IoT. These developments enable the healthcare sector to interact with and care for its patients effectively. Every technology that relies on the IoT can have a serious security challenge. Critical IoT connectivity data may be exposed, changed, or even made unavailable to authenticated users in the case of such attacks. Consequently, protecting IoT/IoMT systems from cyber-attacks has become essential. Thus, this paper proposes a machine-learning- and a deep-learning-based approach to creating an effective model in the IoMT system to classify and predict unforeseen cyber-attacks/threats. First, the dataset is preprocessed efficiently, and the Harris Hawk Optimization (HHO) algorithm is employed to select the optimized feature. Finally, machine learning and deep learning algorithms are applied to detect cyber-attack in IoMT. Results reveal that the proposed approach achieved an accuracy of 99.85%, outperforming other techniques and existing studies. Full article
(This article belongs to the Special Issue Security Issues in the IoT)
Show Figures

Figure 1

12 pages, 648 KiB  
Article
Towards Effective Feature Selection for IoT Botnet Attack Detection Using a Genetic Algorithm
by Xiangyu Liu and Yanhui Du
Electronics 2023, 12(5), 1260; https://0-doi-org.brum.beds.ac.uk/10.3390/electronics12051260 - 06 Mar 2023
Cited by 9 | Viewed by 1958
Abstract
With the large-scale use of the Internet of Things, security issues have become increasingly prominent. The accurate detection of network attacks in the IoT environment with limited resources is a key problem that urgently needs to be solved. The intrusion detection system based [...] Read more.
With the large-scale use of the Internet of Things, security issues have become increasingly prominent. The accurate detection of network attacks in the IoT environment with limited resources is a key problem that urgently needs to be solved. The intrusion detection system based on network traffic characteristics is one of the solutions for IoT security. However, the intrusion detection system has the problem of a large number of traffic features, which makes training and detection slow. Aiming at this problem, this work proposes a feature selection method based on a genetic algorithm. The experiments performed on the Bot-IoT botnet detection dataset show that this method successfully selects 6 features from the original 40 features, with a detection accuracy of 99.98% and an F1-score of 99.63%. Compared with other methods and without feature selection, this method has advantages in training time and detection accuracy. Full article
(This article belongs to the Special Issue Security Issues in the IoT)
Show Figures

Figure 1

16 pages, 696 KiB  
Article
GFRX: A New Lightweight Block Cipher for Resource-Constrained IoT Nodes
by Xing Zhang, Shaoyu Tang, Tianning Li, Xiaowei Li and Changda Wang
Electronics 2023, 12(2), 405; https://0-doi-org.brum.beds.ac.uk/10.3390/electronics12020405 - 12 Jan 2023
Cited by 7 | Viewed by 2872
Abstract
The study of lightweight block ciphers has been a “hot topic”. As one of the main structures of block ciphers, the Feistel structure has attracted much attention. However, the traditional Feistel structure cipher changes only half of the plaintext in an iterative round, [...] Read more.
The study of lightweight block ciphers has been a “hot topic”. As one of the main structures of block ciphers, the Feistel structure has attracted much attention. However, the traditional Feistel structure cipher changes only half of the plaintext in an iterative round, resulting in slow diffusion. Therefore, more encryption rounds are required to ensure security. To address this issue, a new algorithm, GFRX, is proposed, which combines a generalized Feistel structure and ARX (Addition or AND, Rotation, XOR). The GFRX algorithm uses an ARX structure with different non-linear components to deal with all the branches of a generalized Feistel structure so that it can achieve a better diffusion effect in fewer rounds. The results of a security analysis of the GFRX algorithm show that the effective differential attacks do not exceed 19 rounds and that the effective linear attacks do not exceed 13 rounds. Therefore, the GFRX algorithm has an adequate security level for differential and linear analysis. Avalanche test results obtained for the GFRX algorithm show that the GFRX algorithm has strong diffusion and only takes six rounds to meet the avalanche effect. In addition, the GFRX algorithm can achieve different serialization levels depending on different hardware resource requirements and can achieve full serialization, which ensures operational flexibility in resource-constrained environments. Full article
(This article belongs to the Special Issue Security Issues in the IoT)
Show Figures

Figure 1

Review

Jump to: Research

20 pages, 439 KiB  
Review
A Survey on Zero-Knowledge Authentication for Internet of Things
by Zhigang Chen, Yuting Jiang, Xinxia Song and Liqun Chen
Electronics 2023, 12(5), 1145; https://0-doi-org.brum.beds.ac.uk/10.3390/electronics12051145 - 27 Feb 2023
Cited by 4 | Viewed by 3669
Abstract
The Internet of Things (IoT) is ubiquitous in our lives. However, the inherent vulnerability of IoT smart devices can lead to the destruction of networks in untrustworthy environments. Therefore, authentication is a necessary tool to ensure the legitimacy of nodes and protect data [...] Read more.
The Internet of Things (IoT) is ubiquitous in our lives. However, the inherent vulnerability of IoT smart devices can lead to the destruction of networks in untrustworthy environments. Therefore, authentication is a necessary tool to ensure the legitimacy of nodes and protect data security. Naturally, the authentication factors always include various sensitive users’ information, such as passwords, ID cards, even biological information, etc. How to prevent privacy leakage has always been a problem faced by the IoT. Zero-knowledge authentication is a crucial cryptographic technology that uses authenticates nodes on the networks without revealing identity or any other data entered by users. However, zero-knowledge proof (ZKP) requires more complex data exchange protocols and more data transmission compared to traditional cryptography technologies. To understand how zero-knowledge authentication works in IoT, we produce a survey on zero-knowledge authentication in privacy-preserving IoT in the paper. First, we overview the IoT architecture and privacy, including security challenges and open question in different IoT layers. Next, we overview zero-knowledge authentication and provide a comprehensive analysis of designing zero-knowledge authentication protocols in various IoT networks. We summarize the advantages of ZKP-based authentication in IoT. Finally, it summarizes the potential problems and future directions of ZKP in IoT. Full article
(This article belongs to the Special Issue Security Issues in the IoT)
Show Figures

Figure 1

Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:
 
Displaying articles 1-5
Back to TopTop