564 research outputs found

    Securing the Internet of Things: A Study on Machine Learning-Based Solutions for IoT Security and Privacy Challenges

    Get PDF
    The Internet of Things (IoT) is a rapidly growing technology that connects and integrates billions of smart devices, generating vast volumes of data and impacting various aspects of daily life and industrial systems. However, the inherent characteristics of IoT devices, including limited battery life, universal connectivity, resource-constrained design, and mobility, make them highly vulnerable to cybersecurity attacks, which are increasing at an alarming rate. As a result, IoT security and privacy have gained significant research attention, with a particular focus on developing anomaly detection systems. In recent years, machine learning (ML) has made remarkable progress, evolving from a lab novelty to a powerful tool in critical applications. ML has been proposed as a promising solution for addressing IoT security and privacy challenges. In this article, we conducted a study of the existing security and privacy challenges in the IoT environment. Subsequently, we present the latest ML-based models and solutions to address these challenges, summarizing them in a table that highlights the key parameters of each proposed model. Additionally, we thoroughly studied available datasets related to IoT technology. Through this article, readers will gain a detailed understanding of IoT architecture, security attacks, and countermeasures using ML techniques, utilizing available datasets. We also discuss future research directions for ML-based IoT security and privacy. Our aim is to provide valuable insights into the current state of research in this field and contribute to the advancement of IoT security and privacy

    Smart object-oriented access control: Distributed access control for the Internet of Things

    Get PDF
    Ensuring that data and devices are secure is of critical importance to information technology. While access control has held a key role in traditional computer security, its role in the evolving Internet of Things is less clear. In particular, the access control literature has suggested that new challenges, such as multi-user controls, fine-grained controls, and dynamic controls, prompt a foundational re-thinking of access control. We analyse these challenges, finding instead that the main foundational challenge posed by the Internet of Things involves decentralization: accurately describing access control in Internet of Things environments (e.g., the Smart Home) requires a new model of multiple, independent access control systems. To address this challenge, we propose a meta-model (i.e., a model of models): Smart Object-Oriented Access Control (SOOAC). This model is an extension of the XACML framework, built from principles relating to modularity adapted from object-oriented programming and design. SOOAC draws attention to a new class of problem involving the resolution of policy conflicts that emerge from the interaction of smart devices in the home. Contrary to traditional (local) policy conflicts, these global policy conflicts emerge when contradictory policies exist across multiple access control systems. We give a running example of a global policy conflict involving transitive access. To automatically avoid global policy conflicts before they arise, we extend SOOAC with a recursive algorithm through which devices communicate access requests before allowing or denying access themselves. This algorithm ensures that both individual devices and the collective smart home are secure. We implement SOOAC within a prototype smart home and assess its validity in terms of effectiveness and efficiency. Our analysis shows that SOOAC is successful at avoiding policy conflicts before they emerge, in real time. Finally, we explore improvements that can be made to SOOAC and suggest directions for future work

    Automatic Generation of Personalized Recommendations in eCoaching

    Get PDF
    Denne avhandlingen omhandler eCoaching for personlig livsstilsstøtte i sanntid ved bruk av informasjons- og kommunikasjonsteknologi. Utfordringen er å designe, utvikle og teknisk evaluere en prototyp av en intelligent eCoach som automatisk genererer personlige og evidensbaserte anbefalinger til en bedre livsstil. Den utviklede løsningen er fokusert på forbedring av fysisk aktivitet. Prototypen bruker bærbare medisinske aktivitetssensorer. De innsamlede data blir semantisk representert og kunstig intelligente algoritmer genererer automatisk meningsfulle, personlige og kontekstbaserte anbefalinger for mindre stillesittende tid. Oppgaven bruker den veletablerte designvitenskapelige forskningsmetodikken for å utvikle teoretiske grunnlag og praktiske implementeringer. Samlet sett fokuserer denne forskningen på teknologisk verifisering snarere enn klinisk evaluering.publishedVersio

    MECInOT: a multi-access edge computing and industrial internet of things emulator for the modelling and study of cybersecurity threats

    Get PDF
    In recent years, the Industrial Internet of Things (IIoT) has grown rapidly, a fact that has led to an increase in the number of cyberattacks that target this environment and the technologies that it brings together. Unfortunately, when it comes to using tools for stopping such attacks, it can be noticed that there are inherent weaknesses in this paradigm, such as limitations in computational capacity, memory and network bandwidth. Under these circumstances, the solutions used until now in conventional scenarios cannot be directly adopted by the IIoT, and so it is necessary to develop and design new ones that can effectively tackle this problem. Furthermore, these new solutions must be tested in order to verify their performance and viability, which requires testing architectures that are compatible with newly introduced IIoT topologies. With the aim of addressing these issues, this work proposes MECInOT, which is an architecture based on openLEON and capable of generating test scenarios for the IIoT environment. The performance of this architecture is validated by creating an intelligent threat detector based on tree-based algorithms, such as decision tree, random forest and other machine learning techniques. Which allows us to generate an intelligent and to demonstrate, we could generate an intelligent threat detector and demonstrate the suitability of our architecture for testing solutions in IIoT environments. In addition, by using MECInOT, we compare the performance of the different machine learning algorithms in an IIoT network. Firstly, we present the benefits of our proposal, and secondly, we describe the emulation of an IIoT environment while ensuring the repeatability of the experiments

    Efficient Security Protocols for Constrained Devices

    Get PDF
    During the last decades, more and more devices have been connected to the Internet.Today, there are more devices connected to the Internet than humans.An increasingly more common type of devices are cyber-physical devices.A device that interacts with its environment is called a cyber-physical device.Sensors that measure their environment and actuators that alter the physical environment are both cyber-physical devices.Devices connected to the Internet risk being compromised by threat actors such as hackers.Cyber-physical devices have become a preferred target for threat actors since the consequence of an intrusion disrupting or destroying a cyber-physical system can be severe.Cyber attacks against power and energy infrastructure have caused significant disruptions in recent years.Many cyber-physical devices are categorized as constrained devices.A constrained device is characterized by one or more of the following limitations: limited memory, a less powerful CPU, or a limited communication interface.Many constrained devices are also powered by a battery or energy harvesting, which limits the available energy budget.Devices must be efficient to make the most of the limited resources.Mitigating cyber attacks is a complex task, requiring technical and organizational measures.Constrained cyber-physical devices require efficient security mechanisms to avoid overloading the systems limited resources.In this thesis, we present research on efficient security protocols for constrained cyber-physical devices.We have implemented and evaluated two state-of-the-art protocols, OSCORE and Group OSCORE.These protocols allow end-to-end protection of CoAP messages in the presence of untrusted proxies.Next, we have performed a formal protocol verification of WirelessHART, a protocol for communications in an industrial control systems setting.In our work, we present a novel attack against the protocol.We have developed a novel architecture for industrial control systems utilizing the Digital Twin concept.Using a state synchronization protocol, we propagate state changes between the digital and physical twins.The Digital Twin can then monitor and manage devices.We have also designed a protocol for secure ownership transfer of constrained wireless devices. Our protocol allows the owner of a wireless sensor network to transfer control of the devices to a new owner.With a formal protocol verification, we can guarantee the security of both the old and new owners.Lastly, we have developed an efficient Private Stream Aggregation (PSA) protocol.PSA allows devices to send encrypted measurements to an aggregator.The aggregator can combine the encrypted measurements and calculate the decrypted sum of the measurements.No party will learn the measurement except the device that generated it

    Digital Twins and Blockchain for IoT Management

    Get PDF
    We live in a data-driven world powered by sensors getting data from anywhere at any time. This advancement is possible thanks to the Internet of Things (IoT). IoT embeds common physical objects with heterogeneous sensing, actuating, and communication capabilities to collect data from the environment and people. These objects are generally known as things and exchange data with other things, entities, computational processes, and systems over the internet. Consequently, a web of devices and computational processes emerges involving billions of entities collecting, processing, and sharing data. As a result, we now have an internet of entities/things that process and produce data, an ever-growing volume that can easily exceed petabytes. Therefore, there is a need for novel management approaches to handle the previously unheard number of IoT devices, processes, and data streams. This dissertation focuses on solutions for IoT management using decentralized technologies. A massive number of IoT devices interact with software and hardware components and are owned by different people. Therefore, there is a need for decentralized management. Blockchain is a capable and promising distributed ledger technology with features to support decentralized systems with large numbers of devices. People should not have to interact with these devices or data streams directly. Therefore, there is a need to abstract access to these components. Digital twins are software artifacts that can abstract an object, a process, or a system to enable communication between the physical and digital worlds. Fog/edge computing is the alternative to the cloud to provide services with less latency. This research uses blockchain technology, digital twins, and fog/edge computing for IoT management. The systems developed in this dissertation enable configuration, self-management, zero-trust management, and data streaming view provisioning from a fog/edge layer. In this way, this massive number of things and the data they produce are managed through services distributed across nodes close to them, providing access and configuration security and privacy protection

    Arquitetura IOT para pequenos produtores de frango de corte do Paraná : proposta multiplataforma para gestão de dados

    Get PDF
    Orientador: Prof. Dr. Egon Walter WildauerCoorientador: Prof. Dr. André Bellin MarianoTese (doutorado) - Universidade Federal do Paraná, Setor de Ciências Sociais Aplicadas, Programa de Pós-Graduação em Gestão da Informação. Defesa : Curitiba, 28/04/2023Inclui referênciasResumo: A conexão de dados entre máquinas e pessoas é um dos pilares da Indústria 4.0 e da geração da Internet das Coisas (IoT- Internet of Things), favorecendo a produtividade na saúde, manufatura, logística e cidades inteligentes. No caso do agronegócio brasileiro, as projeções indicam uma menor difusão dessas tecnologias, porque ainda existe a dificuldade na adesão massiva de produtores rurais a novas tecnologias, principalmente no setor primário. Além da dependência de tecnologias estrangeiras; estas questões acabam gerando um cenário de seletividade social e tecnológica no qual por vezes, apenas grandes produtores rurais aderem às tecnologias da indústria 4.0. Outro aspecto encontrado na literatura é a ausência de identificação dos usuários com aplicativos para IoT existentes, ou seja, os usuários do contexto rural encontram dificuldade na utilização destas interfaces gráficas e acabam por abandoná-las. Neste contexto, esta tese tem por objetivo propor uma arquitetura informacional baseada em Internet das Coisas que seja open source, baixo custo e multiplataforma para pequenos produtores do setor de avicultura de corte. Para atingir os objetivos propostos foi realizado o mapeamento de necessidades, prioridades e lacunas tecnológicas com os atores da cadeia produtiva. A partir dessas informações o sistema foi modelado e construído contemplando os requisitos da camada física com o registrador de dados e a partes lógicas do back-end e front-end. A proposta também foi avaliada na perspectiva da experiência do usuário e validada estatisticamente com relação a seu impacto na melhora real do desempenho financeiro dos avicultores. Os resultados mostraram que houve um maior faturamento do produtor no lote com a arquitetura implementada comparada aos lotes anteriores à pesquisa. Outros resultados indicaram que os dados coletados pela arquitetura IoT da pesquisa foram estatisticamente significativas quando comparados aos dados de um sistema comercial implementado em um produtor de frango de médio porte. Foi possível concluir que pequenos produtores que fizerem uso desta ferramenta poderão tomar melhores decisões, identificar um baixo desempenho e agir de forma rápida, de baixo custo, simples e ergonômica para atender às exigências de competitividade internacional, quando em comparação com outros produtores da mesma região.Abstract: The data connection between machines and people is one of the pillars of Industry 4.0 and the generation of the Internet of Things (IoT), favoring productivity in healthcare, manufacturing, logistics, and smart cities. In the case of agribusiness 4.0, projections indicate a lower diffusion of these technologies because there is still difficulty in the mass adoption of new technologies by rural producers, especially in the primary sector, and a dependence on foreign technologies. These issues generate a scenario of social and technological selectivity in which only large rural producers sometimes adhere to Industry 4.0 technologies. Another aspect found in the literature is the lack of identification of users with existing IoT applications, that is, users in rural contexts find it difficult to use these graphical interfaces and end up abandoning them. In this context, this thesis aims to propose an information architecture based on the Internet of Things that is open source, low-cost, and multi-platform for small producers in the broiler poultry sector. To achieve the proposed objectives, mapping of needs and priorities was carried out with actors in the production chain, including technological gaps. With this information, the system was modeled and built, including the physical layer with the data logger and the logical part of the back-end and front-end. The proposal was also evaluated from the perspective of user experience and statistically validated with regard to its impact on the real improvement of the financial performance of poultry farmers. The results showed that there was higher revenue for the producer in the lot with the implemented architecture compared to the lots prior to the research. Other results indicated that the data collected by the research IoT architecture was statistically significant when compared to the data from a commercial system implemented in a medium-sized chicken producer. It was possible to conclude that small producers who make use of this tool will be able to make better decisions, identify low performance, and act quickly, inexpensively, simply, and ergonomically to meet the demands of international competitiveness when compared to other producers in the same region

    The Role of ICT in transport and logistics processes management

    Get PDF
    The complexity of managing transport and logistics processes is a massive challenge in finding optimal management solutions that meet the requirements of green development. There are questions about management support for transport and logistics processes. In addition, the subtleties of developing solutions for maintaining existing transport and logistics activities highlight the complex nature of transport and logistics management processes. The article focuses on applying advanced solutions for the practical management of transport and logistics processes. In the transport and logistics sector, an increase in new suppliers of telemetry systems is observed every day, which has been going on for 4-5 years, and this is statistically visible in the IAA Transportation 2022 records of one of the largest biennial transport and logistics exhibitions. There is an evident growth in the number of participants of manufacturers and service providers of telemetry systems, which since the exhibition held in 2016 has more than doubled, while around the world, the number of new companies supplying telemetry systems has increased to more than 300 per year. The growth of competitiveness also impacts the development of functions that provide new opportunities for customers to make their business more efficient or to receive services that ensure a comfortable life. Digital information generated by vehicles, which, when systematized, is presented to the end driver, is gradually becoming the future of this area of business and leads to responsible resource utilization, monitoring, control, and utilization of user-friendly technologies, leading toward a more sustainable future. An analysis of scientific papers has proven that the theoretical link exists between telemetry systems and their application in the transport sector; however, the judge research gap is in applying different quantitative methods for solving transport problems with the help of telemetry solutions

    An IoT architecture for decision support system in precision livestock

    Get PDF
    Sustainable animal production is a primary goal of technological development in the livestock industry. However, it is crucial to master the livestock environment due to the susceptibility of animals to variables such as temperature and humidity, which can cause illness, production losses, and discomfort. Thus, livestock production systems require monitoring, reasoning, and mitigating unwanted conditions with automated actions. The principal contribution of this study is the introduction of a self-adaptive architecture named e-Livestock to handle animal production decisions. Two case studies were conducted involving a system derived from the e-Livestock architecture, encompassing a Compost Barn production system - an environment and technology where bovine milk production occurs. The outcomes demonstrate the effectiveness of e-Livestock in three key aspects: (i) abstraction of disruptive technologies based on the Internet of Things (IoT) and Artificial Intelligence and their incorporation into a single architecture specific to the livestock domain, (ii) support for the reuse and derivation of an adaptive self-architecture to support the engineering of a decision support system for the livestock subdomain, and (iii) support for empirical studies in a real smart farm to facilitate future technology transfer to the industry. Therefore, our research’s main contribution is developing an architecture combining machine learning techniques and ontology to support more complex decisions when considering a large volume of data generated on farms. The results revealed that the e-Livestock architecture could support monitoring, reasoning, forecasting, and automated actions in a milk production/Compost Barn environment.Na indústria pecuária, a produção animal sustentável é o principal objetivo do desenvolvimento tecnológico. Porém, é fundamental manter boas condições no ambiente devido à suscetibilidade dos animais a variáveis como temperatura e umidade, que podem causar doenças, perdas de produção e desconforto. Assim, os sistemas de produção pecuária requerem monitoramento, controle e mitigação das condições indesejadas através de ações automatizadas. A principal contribuição deste estudo é a introdução de uma arquitetura auto-adaptativa denominada e-Livestock para apoiar as decisões relacionadas à produção animal. Foram conduzidos dois estudos de caso, envolvendo a arquitetura e-Livestock, que foi utilizada no sistema de produção Compost Barn - ambiente e tecnologia onde ocorre a produção de gado leiteiro. Os resultados demonstraram a utilidade do e-Livestock para avaliar três aspectos principais: (i) abstração de tecnologias disruptivas baseadas em Internet das Coisas (IoT) e Inteligência Artificial, e sua incorporação em uma arquitetura única, específica para o domínio da pecuária, (ii) suporte para a reutilização e derivação de uma arquitetura auto-adaptativa para apoiar o desenvolvimento de uma aplicação de apoio à decisão para o subdomínio da pecuária e (iii) suporte para estudos empíricos em uma fazenda inteligente real para facilitar a transferência de tecnologia para a indústria. Portanto, a principal contribuição dessa pesquisa é o desenvolvimento de uma arquitetura combinando técnicas de machine learning e ontologia para apoiar decisões mais complexas ao considerar um grande volume de dados gerados nas fazendas. Os resultados revelaram que a arquitetura e-Livestock pode apoiar monitoramento, controle, previsão e ações automatizadas em um ambiente de produção de leite/Compost Barn.CAPES - Coordenação de Aperfeiçoamento de Pessoal de Nível Superio
    corecore