1,435 research outputs found
Improving home automation security : integrating device fingerprinting into smart home
This paper explains the importance of accessing modern smart homes over the Internet, and highlights various security issues associated with it. This paper explains the evolution of device ļ¬ngerprinting concept over time, and discusses various pitfalls in existing device ļ¬ngerprinting approaches. In this paper, we propose a two-stage veriļ¬cation process for smart homes, using device ļ¬ngerprints and login credentials, which veriļ¬es the user device as well as the user accessing the home over the Internet. Unlike any other previous approaches, our Device Fingerprinting algorithm considers a deviceās geographical location while computing its ļ¬ngerprint. In our device identiļ¬cation experiment, we were able to successfully identify 97.93% of the devices that visited our Webpage using JavaScript, Flash, and Geolocation.This work was supported in part by the National Research Foundation, South Africa, under Grant IFR160118156967, in part by the University of Pretoriaās Post Graduate Research Support Bursary, in part by the National Natural Science Foundation, China, under Grant 61572260, Grant 61373017, Grant 61572261, and Grant 61672296, and in part by the Scientiļ¬c & Technological Support Project of Jiangsu Province under Grant BE2015702, Grant BE2016185, and Grant BE2016777.http://ieeexplore.ieee.org/xpl/RecentIssue.jsp?punumber=6287639hj2017Electrical, Electronic and Computer Engineerin
A critical review of cyber-physical security for building automation systems
Modern Building Automation Systems (BASs), as the brain that enables the
smartness of a smart building, often require increased connectivity both among
system components as well as with outside entities, such as optimized
automation via outsourced cloud analytics and increased building-grid
integrations. However, increased connectivity and accessibility come with
increased cyber security threats. BASs were historically developed as closed
environments with limited cyber-security considerations. As a result, BASs in
many buildings are vulnerable to cyber-attacks that may cause adverse
consequences, such as occupant discomfort, excessive energy usage, and
unexpected equipment downtime. Therefore, there is a strong need to advance the
state-of-the-art in cyber-physical security for BASs and provide practical
solutions for attack mitigation in buildings. However, an inclusive and
systematic review of BAS vulnerabilities, potential cyber-attacks with impact
assessment, detection & defense approaches, and cyber-secure resilient control
strategies is currently lacking in the literature. This review paper fills the
gap by providing a comprehensive up-to-date review of cyber-physical security
for BASs at three levels in commercial buildings: management level, automation
level, and field level. The general BASs vulnerabilities and protocol-specific
vulnerabilities for the four dominant BAS protocols are reviewed, followed by a
discussion on four attack targets and seven potential attack scenarios. The
impact of cyber-attacks on BASs is summarized as signal corruption, signal
delaying, and signal blocking. The typical cyber-attack detection and defense
approaches are identified at the three levels. Cyber-secure resilient control
strategies for BASs under attack are categorized into passive and active
resilient control schemes. Open challenges and future opportunities are finally
discussed.Comment: 38 pages, 7 figures, 6 tables, submitted to Annual Reviews in Contro
Intelligent home automation security system based on novel logical sensing and behaviour prediction
The thesis, Intelligent Home Automation Security System Based on Novel Logical Sensing and Behavior Prediction, was designed to enhance authentication, authorization and security in smart home devices and services. The work proposes a three prong defensive strategy each of which are analyzed and evaluated separately to drastically improve security. The Device Fingerprinting techniques proposed, not only improves the existing approaches but also identifies the physical device accessing the home cybernetic and mechatronic systems using device specific and browser specific parameters. The Logical Sensing process analyses home inhabitant actions from a logical stand point and develops sophisticated and novel sensing techniques to identify intrusion attempts to a homeās physical and cyber space. Novel Behavior prediction methodology utilizes Bayesian networks to learn normal user behavior which is later compared to distinguish and identify suspicious user behaviors in the home in a timely manner. The logical sensing, behavior prediction and device fingerprinting techniques proposed were successfully tested, evaluated and verified in an actual home cyber physical system. The algorithms and techniques proposed in the thesis can be easily modified and adapted into many practical applications in Industrial Internet of Things, Industry 4.0 and cyber-physical systems.Thesis (PhD)--University of Pretoria, 2017.Electrical, Electronic and Computer EngineeringPhDUnrestricte
Advanced IoT Technology and Protocols: Review and Future Perspectives
The Internet of Things (IoT) has emerged as a disruptive paradigm, altering how we interact with our surroundings and enabling a plethora of novel applications across multiple sectors. This literature review provides a complete overview of the Internet of Things, including applications, technology, protocols, modeling tools, and future directions. The assessment begins by looking at a wide range of IoT applications, such as smart cities, healthcare, industrial automation, smart homes, and more. It then looks into the underlying technologies that enable IoT deployments, including low-power wireless communication protocols, edge computing, and sensor networks. Protocols and routing methods designed expressly for IoT networks are also described, as well as simulation tools used to simulate and evaluate IoT systems. The discussion focuses on critical insights and consequences for the future of IoT, including challenges and potential in security, interoperability, edge intelligence, and sustainability. By tackling these obstacles and using emerging technologies, IoT can create disruptive change across businesses while also improving quality of life. This review seeks to give scholars, practitioners, and stakeholders a thorough grasp of IoT and its implications for the future
A Review of Performance, Energy and Privacy of Intrusion Detection Systems for IoT
Internet of Things (IoT) forms the foundation of next generation infrastructures, enabling development of future cities that are inherently sustainable. Intrusion detection for such paradigms is a non-trivial challenge which has attracted further significance due to extraordinary growth in the volume and variety of security threats for such systems. However, due to unique characteristics of such systems i.e., battery power, bandwidth and processor overheads and network dynamics, intrusion detection for IoT is a challenge, which requires taking into account the trade-off between detection accuracy and performance overheads. In~this context, we are focused at highlighting this trade-off and its significance to achieve effective intrusion detection for IoT. Specifically, this paper presents a comprehensive study of existing intrusion detection systems for IoT systems in three aspects: computational overhead, energy consumption and privacy implications. Through extensive study of existing intrusion detection approaches, we have identified open challenges to achieve effective intrusion detection for IoT infrastructures. These include resource constraints, attack complexity, experimentation rigor and unavailability of relevant security data. Further, this paper is envisaged to highlight contributions and limitations of the state-of-the-art within intrusion detection for IoT, and~aid the research community to advance it by identifying significant research directions
Multivariate Stochastic Approximation to Tune Neural Network Hyperparameters for Criticial Infrastructure Communication Device Identification
The e-government includes Wireless Personal Area Network (WPAN) enabled internet-to-government pathways. Of interest herein is Z-Wave, an insecure, low-power/cost WPAN technology increasingly used in critical infrastructure. Radio Frequency (RF) Fingerprinting can augment WPAN security by a biometric-like process that computes statistical features from signal responses to 1) develop an authorized device library, 2) develop classifier models and 3) vet claimed identities. For classification, the neural network-based Generalized Relevance Learning Vector Quantization-Improved (GRLVQI) classifier is employed. GRLVQI has shown high fidelity in classifying Z-Wave RF Fingerprints; however, GRLVQI has multiple hyperparameters. Prior work optimized GRLVQI via a full factorial experimental design. Herein, optimizing GRLVQI via stochastic approximation, which operates by iterative searching for optimality, is of interest to provide an unconstrained optimization approach to avoid limitations found in full factorial experimental designs. The results provide an improvement in GRLVQI operation and accuracy. The methodology is further generalizable to other problems and algorithms
Information exposure from consumer IoT devices: a multidimensional, network-informed measurement approach
Internet of Things (IoT) devices are increasingly found in everyday homes, providing useful functionality for devices such as TVs, smart speakers, and video doorbells. Along with their benefits come potential privacy risks, since these devices can communicate information about their users to other parties over the Internet. However, understanding these risks in depth and at scale is difficult due to heterogeneity in devices' user interfaces, protocols, and functionality. In this work, we conduct a multidimensional analysis of information exposure from 81 devices located in labs in the US and UK. Through a total of 34,586 rigorous automated and manual controlled experiments, we characterize information exposure in terms of destinations of Internet traffic, whether the contents of communication are protected by encryption, what are the IoT-device interactions that can be inferred from such content, and whether there are unexpected exposures of private and/or sensitive information (e.g., video surreptitiously transmitted by a recording device). We highlight regional differences between these results, potentially due to different privacy regulations in the US and UK. Last, we compare our controlled experiments with data gathered from an in situ user study comprising 36 participants
- ā¦