447 research outputs found
Challenges and Limitation Analysis of an IoT-Dependent System for Deployment in Smart Healthcare Using Communication Standards Features
The use of IoT technology is rapidly increasing in healthcare development and smart
healthcare system for fitness programs, monitoring, data analysis, etc. To improve the efficiency
of monitoring, various studies have been conducted in this field to achieve improved precision.
The architecture proposed herein is based on IoT integrated with a cloud system in which power
absorption and accuracy are major concerns. We discuss and analyze development in this domain
to improve the performance of IoT systems related to health care. Standards of communication for
IoT data transmission and reception can help to understand the exact power absorption in different
devices to achieve improved performance for healthcare development. We also systematically analyze
the use of IoT in healthcare systems using cloud features, as well as the performance and limitations
of IoT in this field. Furthermore, we discuss the design of an IoT system for efficient monitoring of
various healthcare issues in elderly people and limitations of an existing system in terms of resources,
power absorption and security when implemented in different devices as per requirements. Blood
pressure and heartbeat monitoring in pregnant women are examples of high-intensity applications
of NB-IoT (narrowband IoT), technology that supports widespread communication with a very
low data cost and minimum processing complexity and battery lifespan. This article also focuses
on analysis of the performance of narrowband IoT in terms of delay and throughput using singleand
multinode approaches. We performed analysis using the message queuing telemetry transport
protocol (MQTTP), which was found to be efficient compared to the limited application protocol
(LAP) in sending information from sensors.Ministerio Español de Ciencia e Innovación under project
number PID2020-115570GB-C22 (DemocratAI::UGR)Cátedra de Empresa Tecnología para
las Personas (UGR-Fujitsu
A systematic literature review of communications standards in discrete manufacturing
Industry 4.0 has a particular emphasis on the data landscape of production facilities. Data is needed to gain essential insights from the production machinery to support operations management in better decision-making or indirectly by feeding decision support systems. Such data is encapsulated in an industrial communication standard to organize in a higher-level ontology. It is challenging for operation technology specialists to have an overview of all those standards because they are numerous. This work contributes a solution to this problem by systematically approaching the literature to give an overview of the industrial communication standards landscape. The method used is a systematic literature review with a backward and forward search consisting of three main phases: 1. keyword-based search on different platforms, 2. abstract screening, and 3. full-text screening. Over 2,100 article abstracts have been parsed systematically to condense it to the most relevant 309 full-text articles. This work presents an overview of the most significant industrial communication standards mentioned in these articles. Several use cases and some brief IT-security-relevant aspects are presented as well
Context-aware and user bahavior-based continuous authentication for zero trust access control in smart homes
Orientador: Aldri Luiz dos SantosDissertação (mestrado) - Universidade Federal do Paraná, Setor de Ciências Exatas, Programa de Pós-Graduação em Informática. Defesa : Curitiba, 24/02/2023Inclui referências: p. 96-106Área de concentração: Ciência da ComputaçãoResumo: Embora as casas inteligentes tenham se tornado populares recentemente, as pessoas ainda estão muito preocupadas com questões de segurança, proteção e privacidade. Estudos revelaram que questões de privacidade das pessoas geram prejuízos fisiológicos e financeiros porque as casas inteligentes são ambientes de convivência íntima. Além disso, nossa pesquisa revelou que os ataques de impersonificação são uma das ameaças mais graves contra casas inteligentes porque comprometem a confidencialidade, autenticidade, integridade e não repúdio. Normalmente, abordagens para construir segurança para Sistemas de Casas Inteligentes (SHS) requerem dados históricos para implementar controle de acesso e Sistemas de Detecção de Intrusão (IDS), uma vulnerabilidade à privacidade dos habitantes. Além disso, a maioria dos trabalhos depende de computação em nuvem ou recursos na nuvem para executar tarefas de segurança, que os invasores podem atacar para atingir a confidencialidade, integridade e disponibilidade. Além disso, os pesquisadores não consideram o uso indevido de SHS ao forçar os usuários a interagir com os dispositivos por meio de seus smartphones ou tablets, pois eles costumam interagir por qualquer meio, como assistentes virtuais e os próprios dispositivos. Portanto, os requisitos do sistema de segurança para residências inteligentes devem compreender percepção de privacidade, resposta de baixa latência, localidade espacial e temporal, extensibilidade de dispositivo, proteção contra impersonificação, isolamento de dispositivo, garantia de controle de acesso e levar em consideração a verificação atualizada com um sistema confiável. Para atender a esses requisitos, propomos o sistema ZASH (Zero-Aware Smart Home) para fornecer controle de acesso para as ações do usuário em dispositivos em casas inteligentes. Em contraste com os trabalhos atuais, ele aproveita a autenticação contínua com o paradigma de Confiança Zero suportado por ontologias configuradas, contexto em tempo real e atividade do usuário. A computação de borda e a Cadeia de Markov permitem que o ZASH evite e mitigue ataques de impersonificação que visam comprometer a segurança dos usuários. O sistema depende apenas de recursos dentro de casa, é autossuficiente e está menos exposto à exploração externa. Além disso, funciona desde o dia zero sem a exigência de dados históricos, embora conte com o passar do tempo para monitorar o comportamento dos usuários. O ZASH exige prova de identidade para que os usuários confirmem sua autenticidade por meio de características fortes da classe Something You Are. O sistema executa o controle de acesso nos dispositivos inteligentes, portanto, não depende de intermediários e considera qualquer interação usuário-dispositivo. A princípio, um teste inicial de algoritmos com um conjunto de dados sintético demonstrou a capacidade do sistema de se adaptar dinamicamente aos comportamentos de novos usuários, bloqueando ataques de impersonificação. Por fim, implementamos o ZASH no simulador de rede ns-3 e analisamos sua robustez, eficiência, extensibilidade e desempenho. De acordo com nossa análise, ele protege a privacidade dos usuários, responde rapidamente (cerca de 4,16 ms), lida com a adição e remoção de dispositivos, bloqueia a maioria dos ataques de impersonificação (até 99% com uma configuração adequada), isola dispositivos inteligentes e garante o controle de acesso para todas as interações.Abstract: Although smart homes have become popular recently, people are still highly concerned about security, safety, and privacy issues. Studies revealed that issues in people's privacy generate physiological and financial harm because smart homes are intimate living environments. Further, our research disclosed that impersonation attacks are one of the most severe threats against smart homes because they compromise confidentiality, authenticity, integrity, and non-repudiation. Typically, approaches to build security for Smart Home Systems (SHS) require historical data to implement access control and Intrusion Detection Systems (IDS), a vulnerability to the inhabitant's privacy. Additionally, most works rely on cloud computing or resources in the cloud to perform security tasks, which attackers can exploit to target confidentiality, integrity, and availability. Moreover, researchers do not regard the misuse of SHS by forcing users to interact with devices through their smartphones or tablets, as they usually interact by any means, like virtual assistants and devices themselves. Therefore, the security system requirements for smart homes should comprehend privacy perception, low latency in response, spatial and temporal locality, device extensibility, protection against impersonation, device isolation, access control enforcement, and taking into account the refresh verification with a trustworthy system. To attend to those requirements, we propose the ZASH (Zero-Aware Smart Home) system to provide access control for the user's actions on smart devices in smart homes. In contrast to current works, it leverages continuous authentication with the Zero Trust paradigm supported by configured ontologies, real-time context, and user activity. Edge computing and Markov Chain enable ZASH to prevent and mitigate impersonation attacks that aim to compromise users' security. The system relies only on resources inside the house, is self-sufficient, and is less exposed to outside exploitation. Furthermore, it works from day zero without the requirement of historical data, though it counts on that as time passes to monitor the users' behavior. ZASH requires proof of identity for users to confirm their authenticity through strong features of the Something You Are class. The system enforces access control in smart devices, so it does not depend on intermediaries and considers any user-device interaction. At first, an initial test of algorithms with a synthetic dataset demonstrated the system's capability to dynamically adapt to new users' behaviors withal blocking impersonation attacks. Finally, we implemented ZASH in the ns-3 network simulator and analyzed its robustness, efficiency, extensibility, and performance. According to our analysis, it protects users' privacy, responds quickly (around 4.16 ms), copes with adding and removing devices, blocks most impersonation attacks (up to 99% with a proper configuration), isolates smart devices, and enforces access control for all interactions
IoT: Communication protocols and security threats
In this study, we review the fundamentals of IoT architecture and we thoroughly present the communication protocols that have been invented especially for IoT technology. Moreover, we analyze security threats, and general implementation problems, presenting several sectors that can benefit the most from IoT development. Discussion over the findings of this review reveals open issues and challenges and specifies the next steps required to expand and support IoT systems in a secure framework
Applications
Volume 3 describes how resource-aware machine learning methods and techniques are used to successfully solve real-world problems. The book provides numerous specific application examples: in health and medicine for risk modelling, diagnosis, and treatment selection for diseases in electronics, steel production and milling for quality control during manufacturing processes in traffic, logistics for smart cities and for mobile communications
Jornadas Nacionales de Investigación en Ciberseguridad: actas de las VIII Jornadas Nacionales de Investigación en ciberseguridad: Vigo, 21 a 23 de junio de 2023
Jornadas Nacionales de Investigación en Ciberseguridad (8ª. 2023. Vigo)atlanTTicAMTEGA: Axencia para a modernización tecnolóxica de GaliciaINCIBE: Instituto Nacional de Cibersegurida
Edge Learning for 6G-enabled Internet of Things: A Comprehensive Survey of Vulnerabilities, Datasets, and Defenses
The ongoing deployment of the fifth generation (5G) wireless networks
constantly reveals limitations concerning its original concept as a key driver
of Internet of Everything (IoE) applications. These 5G challenges are behind
worldwide efforts to enable future networks, such as sixth generation (6G)
networks, to efficiently support sophisticated applications ranging from
autonomous driving capabilities to the Metaverse. Edge learning is a new and
powerful approach to training models across distributed clients while
protecting the privacy of their data. This approach is expected to be embedded
within future network infrastructures, including 6G, to solve challenging
problems such as resource management and behavior prediction. This survey
article provides a holistic review of the most recent research focused on edge
learning vulnerabilities and defenses for 6G-enabled IoT. We summarize the
existing surveys on machine learning for 6G IoT security and machine
learning-associated threats in three different learning modes: centralized,
federated, and distributed. Then, we provide an overview of enabling emerging
technologies for 6G IoT intelligence. Moreover, we provide a holistic survey of
existing research on attacks against machine learning and classify threat
models into eight categories, including backdoor attacks, adversarial examples,
combined attacks, poisoning attacks, Sybil attacks, byzantine attacks,
inference attacks, and dropping attacks. In addition, we provide a
comprehensive and detailed taxonomy and a side-by-side comparison of the
state-of-the-art defense methods against edge learning vulnerabilities.
Finally, as new attacks and defense technologies are realized, new research and
future overall prospects for 6G-enabled IoT are discussed
Recommended from our members
Addressing Resource Variability Through Resource-Driven Adaptation
Software systems execute tasks that depend on different types of resources. However, the variability of resources may interfere with the ability of software systems to execute important tasks. Resource variability can occur due to several reasons including unexpected hardware failures, excess workloads, or lack of materials. For example, in automated warehouses, malfunctioning robots could delay product deliveries causing customer dissatisfaction and, therefore, reducing an enterprise’s sales. Moreover, the unavailability of medical materials hinders the ability of hospitals to perform medically-critical operations causing loss of life. In this thesis, we propose to address the problem of resource variability through resource-driven adaptation, using task models as input for adaptation decisions. The thesis presents the following contributions:
• SPARK: a framework for performing proactive and reactive resource-driven adaptation based on multiple task-related criteria. The framework supports different types of depletable and reusable resources that could face variability. SPARK assists with four types of adaptation, namely: (i) execution of a similar task that requires fewer resources, (ii) substitution of resources by alternative ones, (iii) execution of tasks in a different order, and (iv) cancellation of the execution of tasks.
• SERIES: a task modelling notation and editor tool that enables software practitioners to create task models that serve as input for SPARK. SERIES supports the representation of task priorities, task variants, task execution types, resource types, and properties representing users’ feedback.
SPARK was evaluated in terms of the percentage of executed critical task requests, the average criticality of the executed task requests in comparison to the non-executed ones, overhead, and scalability through two case studies concerned with a medicine consumption system and a manufacturing system. The results of the evaluation showed that SPARK increased the number of executed critical task requests during resource variability. Additionally, the results showed that the time it takes to prepare and apply adaptation plans does not add significant overhead that hinders the ability of software systems to execute tasks in a tolerable waiting time. Furthermore, SPARK was shown to be scalable since the abovementioned time increases polynomially relative to the input size (number of tasks and task variants).
SERIES was evaluated through a user study with twenty software practitioners. The results showed that software practitioners performed very well when explaining and creating task models using SERIES. These results were reflected in the task modelling activities that the participants performed as well as in their positive feedback regarding the usability of SERIES and the clarity of its semantic constructs.
Overall, we conclude that the research presented in the thesis contributes to addressing resource variability through resource-driven adaptation. We also provide suggestions for future work that can extend this research
- …