1,814 research outputs found

    Radio frequency fingerprint identification for Internet of Things: A survey

    Get PDF
    Radio frequency fingerprint (RFF) identification is a promising technique for identifying Internet of Things (IoT) devices. This paper presents a comprehensive survey on RFF identification, which covers various aspects ranging from related definitions to details of each stage in the identification process, namely signal preprocessing, RFF feature extraction, further processing, and RFF identification. Specifically, three main steps of preprocessing are summarized, including carrier frequency offset estimation, noise elimination, and channel cancellation. Besides, three kinds of RFFs are categorized, comprising I/Q signal-based, parameter-based, and transformation-based features. Meanwhile, feature fusion and feature dimension reduction are elaborated as two main further processing methods. Furthermore, a novel framework is established from the perspective of closed set and open set problems, and the related state-of-the-art methodologies are investigated, including approaches based on traditional machine learning, deep learning, and generative models. Additionally, we highlight the challenges faced by RFF identification and point out future research trends in this field

    Risk and threat mitigation techniques in internet of things (IoT) environments: a survey

    Get PDF
    Security in the Internet of Things (IoT) remains a predominant area of concern. Although several other surveys have been published on this topic in recent years, the broad spectrum that this area aims to cover, the rapid developments and the variety of concerns make it impossible to cover the topic adequately. This survey updates the state of the art covered in previous surveys and focuses on defences and mitigations against threats rather than on the threats alone, an area that is less extensively covered by other surveys. This survey has collated current research considering the dynamicity of the IoT environment, a topic missed in other surveys and warrants particular attention. To consider the IoT mobility, a life-cycle approach is adopted to the study of dynamic and mobile IoT environments and means of deploying defences against malicious actors aiming to compromise an IoT network and to evolve their attack laterally within it and from it. This survey takes a more comprehensive and detailed step by analysing a broad variety of methods for accomplishing each of the mitigation steps, presenting these uniquely by introducing a “defence-in-depth” approach that could significantly slow down the progress of an attack in the dynamic IoT environment. This survey sheds a light on leveraging redundancy as an inherent nature of multi-sensor IoT applications, to improve integrity and recovery. This study highlights the challenges of each mitigation step, emphasises novel perspectives, and reconnects the discussed mitigation steps to the ground principles they seek to implement

    Secrets Revealed in Container Images: An Internet-wide Study on Occurrence and Impact

    Full text link
    Containerization allows bundling applications and their dependencies into a single image. The containerization framework Docker eases the use of this concept and enables sharing images publicly, gaining high momentum. However, it can lead to users creating and sharing images that include private keys or API secrets-either by mistake or out of negligence. This leakage impairs the creator's security and that of everyone using the image. Yet, the extent of this practice and how to counteract it remains unclear. In this paper, we analyze 337,171 images from Docker Hub and 8,076 other private registries unveiling that 8.5% of images indeed include secrets. Specifically, we find 52,107 private keys and 3,158 leaked API secrets, both opening a large attack surface, i.e., putting authentication and confidentiality of privacy-sensitive data at stake and even allow active attacks. We further document that those leaked keys are used in the wild: While we discovered 1,060 certificates relying on compromised keys being issued by public certificate authorities, based on further active Internet measurements, we find 275,269 TLS and SSH hosts using leaked private keys for authentication. To counteract this issue, we discuss how our methodology can be used to prevent secret leakage and reuse.Comment: 15 pages, 7 figure

    Implementation of ISO Frameworks to Risk Management in IPv6 Security

    Get PDF
    The Internet of Things is a technology wave sweeping across various industries and sectors. It promises to improve productivity and efficiency by providing new services and data to users. However, the full potential of this technology is still not realized due to the transition to IPv6 as a backbone. Despite the security assurances that IPv6 provides, privacy and concerns about the Internet of Things remain. This is why it is important that organizations thoroughly understand the protocol and its migration to ensure that they are equipped to take advantage of its many benefits. Due to the lack of available IPv4 addresses, organizations are in an uncertain situation when it comes to implementing IoT technologies. The other aim is to fill in the gaps left by the ISO to identify and classify the risks that are not yet apparent. The thesis seeks to establish and implement the use of ISO to manage risks. It will also help to align security efforts with organizational goals. The proposed solution is evaluated through a survey that is designed to gather feedback from various levels of security and risk management professionals. The suggested modifications are also included in the study. A survey on the implementation of ISO frameworks to risk management in IPv6 was conducted and with results as shown in the random sampling technique that was used for conducting the research a total of 75 questionnaires were shared online, 50 respondents returned responses online through emails and social media platforms. The result of the analysis shows that system admin has the highest pooling 26% of all the overall participants, followed by network admin with 20%, then cybersecurity specialists with 16%. 14% of the respondents were network architects while senior management and risk management professionals were 4% and 2% respectively. The majority of the respondents agreed that risk treatment enhances the risk management performance of the IPv6 network resulting from the proper selection and implementation of correct risk prevention strategies

    Dynamic Distributed Monitoring for 6LoWPAN-based IoT Networks

    Get PDF
    Mission-criticalal Internet of Things (IoT)-based networks are increasingly employed in daily and industrial infrastructures. The resilience of such networks is crucial. Given IoT networks’ constantly changing nature, it is necessary to provide dependability and sustainability. A robust network monitoring can reinforce reliability, such that the monitoring mechanism adapts itself to real-time network instabilities. This work proposes a proactive, dynamic, and distributed network monitoring mechanism with monitor placement and scheduling for 6LoWPAN-based IoT networks intended for mission-critical applications. The proposed mechanism aims to ensure real-time monitoring coverage while respecting the limited and changing power resources of devices to prolong the network lifetime

    A systematic literature review of communications standards in discrete manufacturing

    Get PDF
    Industry 4.0 has a particular emphasis on the data landscape of production facilities. Data is needed to gain essential insights from the production machinery to support operations management in better decision-making or indirectly by feeding decision support systems. Such data is encapsulated in an industrial communication standard to organize in a higher-level ontology. It is challenging for operation technology specialists to have an overview of all those standards because they are numerous. This work contributes a solution to this problem by systematically approaching the literature to give an overview of the industrial communication standards landscape. The method used is a systematic literature review with a backward and forward search consisting of three main phases: 1. keyword-based search on different platforms, 2. abstract screening, and 3. full-text screening. Over 2,100 article abstracts have been parsed systematically to condense it to the most relevant 309 full-text articles. This work presents an overview of the most significant industrial communication standards mentioned in these articles. Several use cases and some brief IT-security-relevant aspects are presented as well

    Digital agriculture: research, development and innovation in production chains.

    Get PDF
    Digital transformation in the field towards sustainable and smart agriculture. Digital agriculture: definitions and technologies. Agroenvironmental modeling and the digital transformation of agriculture. Geotechnologies in digital agriculture. Scientific computing in agriculture. Computer vision applied to agriculture. Technologies developed in precision agriculture. Information engineering: contributions to digital agriculture. DIPN: a dictionary of the internal proteins nanoenvironments and their potential for transformation into agricultural assets. Applications of bioinformatics in agriculture. Genomics applied to climate change: biotechnology for digital agriculture. Innovation ecosystem in agriculture: Embrapa?s evolution and contributions. The law related to the digitization of agriculture. Innovating communication in the age of digital agriculture. Driving forces for Brazilian agriculture in the next decade: implications for digital agriculture. Challenges, trends and opportunities in digital agriculture in Brazil

    Integrating Edge Computing and Software Defined Networking in Internet of Things: A Systematic Review

    Get PDF
    The Internet of Things (IoT) has transformed our interaction with the world by connecting devices, sensors, and systems to the Internet, enabling real-time monitoring, control, and automation in various applications such as smart cities, healthcare, transportation, homes, and grids. However, challenges related to latency, privacy, and bandwidth have arisen due to the massive influx of data generated by IoT devices and the limitations of traditional cloud-based architectures. Moreover, network management, interoperability, security, and scalability issues have emerged due to the rapid growth and heterogeneous nature of IoT devices. To overcome such problems, researchers proposed a new architecture called Software Defined Networking for Edge Computing in the Internet of Things (SDN-EC-IoT), which combines Edge Computing for the Internet of Things (EC-IoT) and Software Defined Internet of Things (SDIoT). Although researchers have studied EC-IoT and SDIoT as individual architectures, they have not yet addressed the combination of both, creating a significant gap in our understanding of SDN-EC-IoT. This paper aims to fill this gap by presenting a comprehensive review of how the SDN-EC-IoT paradigm can solve IoT challenges. To achieve this goal, this study conducted a literature review covering 74 articles published between 2019 and 2023. Finally, this paper identifies future research directions for SDN-EC-IoT, including the development of interoperability platforms, scalable architectures, low latency and Quality of Service (QoS) guarantees, efficient handling of big data, enhanced security and privacy, optimized energy consumption, resource-aware task offloading, and incorporation of machine learnin
    corecore