A Roadmap Towards Resilient Internet of Things for Cyber-Physical Systems

The Internet of Things (IoT) is a ubiquitous system connecting many different devices - the things - which can be accessed from the distance. The cyber-physical systems (CPS) monitor and control the things from the distance. As a result, the concepts of dependability and security get deeply intertwined. The increasing level of dynamicity, heterogeneity, and complexity adds to the system's vulnerability, and challenges its ability to react to faults. This paper summarizes state-of-the-art of existing work on anomaly detection, fault-tolerance and self-healing, and adds a number of other methods applicable to achieve resilience in an IoT. We particularly focus on non-intrusive methods ensuring data integrity in the network. Furthermore, this paper presents the main challenges in building a resilient IoT for CPS which is crucial in the era of smart CPS with enhanced connectivity (an excellent example of such a system is connected autonomous vehicles). It further summarizes our solutions, work-in-progress and future work to this topic to enable "Trustworthy IoT for CPS". Finally, this framework is illustrated on a selected use case: A smart sensor infrastructure in the transport domain.Comment: preprint (2018-10-29

Internet of Things: Survey on Security and Privacy

The Internet of Things (IoT) is intended for ubiquitous connectivity among different entities or "things". While its purpose is to provide effective and efficient solutions, security of the devices and network is a challenging issue. The number of devices connected along with the ad-hoc nature of the system further exacerbates the situation. Therefore, security and privacy has emerged as a significant challenge for the IoT. In this paper,we aim to provide a thorough survey related to the privacy and security challenges of the IoT. This document addresses these challenges from the perspective of technologies and architecture used. This work focuses also in IoT intrinsic vulnerabilities as well as the security challenges of various layers based on the security principles of data confidentiality, integrity and availability. This survey analyzes articles published for the IoT at the time and relates it to the security conjuncture of the field and its projection to the future.Comment: 16 pages, 3 figure

Internet of Cloud: Security and Privacy issues

The synergy between the cloud and the IoT has emerged largely due to the cloud having attributes which directly benefit the IoT and enable its continued growth. IoT adopting Cloud services has brought new security challenges. In this book chapter, we pursue two main goals: 1) to analyse the different components of Cloud computing and the IoT and 2) to present security and privacy problems that these systems face. We thoroughly investigate current security and privacy preservation solutions that exist in this area, with an eye on the Industrial Internet of Things, discuss open issues and propose future directionsComment: 27 pages, 4 figure

Survey of Security and Privacy Issues of Internet of Things

This paper is a general survey of all the security issues existing in the Internet of Things (IoT) along with an analysis of the privacy issues that an end-user may face as a consequence of the spread of IoT. The majority of the survey is focused on the security loopholes arising out of the information exchange technologies used in Internet of Things. No countermeasure to the security drawbacks has been analyzed in the paper.Comment: 7 pages, 3 figure

Digital Forensics for IoT and WSNs

In the last decade, wireless sensor networks (WSNs) and Internet-of-Things (IoT) devices are proliferated in many domains including critical infrastructures such as energy, transportation and manufacturing. Consequently, most of the daily operations now rely on the data coming from wireless sensors or IoT devices and their actions. In addition, personal IoT devices are heavily used for social media applications, which connect people as well as all critical infrastructures to each other under the cyber domain. However, this connectedness also comes with the risk of increasing number of cyber attacks through WSNs and/or IoT. While a significant research has been dedicated to secure WSN/IoT, this still indicates that there needs to be forensics mechanisms to be able to conduct investigations and analysis. In particular, understanding what has happened after a failure is crucial to many businesses, which rely on WSN/IoT applications. Therefore, there is a great interest and need for understanding digital forensics applications in WSN and IoT realms. This chapter fills this gap by providing an overview and classification of digital forensics research and applications in these emerging domains in a comprehensive manner. In addition to analyzing the technical challenges, the chapter provides a survey of the existing efforts from the device level to network level while also pointing out future research opportunities.Comment: 41 pages, 25 figure

Security for 4G and 5G Cellular Networks: A Survey of Existing Authentication and Privacy-preserving Schemes

This paper presents a comprehensive survey of existing authentication and privacy-preserving schemes for 4G and 5G cellular networks. We start by providing an overview of existing surveys that deal with 4G and 5G communications, applications, standardization, and security. Then, we give a classification of threat models in 4G and 5G cellular networks in four categories, including, attacks against privacy, attacks against integrity, attacks against availability, and attacks against authentication. We also provide a classification of countermeasures into three types of categories, including, cryptography methods, humans factors, and intrusion detection methods. The countermeasures and informal and formal security analysis techniques used by the authentication and privacy preserving schemes are summarized in form of tables. Based on the categorization of the authentication and privacy models, we classify these schemes in seven types, including, handover authentication with privacy, mutual authentication with privacy, RFID authentication with privacy, deniable authentication with privacy, authentication with mutual anonymity, authentication and key agreement with privacy, and three-factor authentication with privacy. In addition, we provide a taxonomy and comparison of authentication and privacy-preserving schemes for 4G and 5G cellular networks in form of tables. Based on the current survey, several recommendations for further research are discussed at the end of this paper.Comment: 24 pages, 14 figure

Understanding Security Requirements and Challenges in Internet of Things (IoTs): A Review

Internet of Things (IoT) is realized by the idea of free flow of information amongst various low power embedded devices that use Internet to communicate with one another. It is predicted that the IoT will be widely deployed and it will find applicability in various domains of life. Demands of IoT have lately attracted huge attention and organizations are excited about the business value of the data that will be generated by the IoT paradigm. On the other hand, IoT have various security and privacy concerns for the end users that limit its proliferation. In this paper we have identified, categorized and discussed various security challenges and state of the art efforts to resolve these challenges

IoTChain: A Three-Tier Blockchain-based IoT Security Architecture

There has been increasing interest in the potential of blockchain in enhancing the security of devices and systems, such as Internet of Things (IoT). In this paper, we present a blockchain-based IoT security architecture, IoTchain. The three-tier architecture comprises an authentication layer, a blockchain layer and an application layer, and is designed to achieve identity authentication, access control, privacy protection, lightweight feature, regional node fault tolerance, denial-of-service resilience, and storage integrity. We also evaluate the performance of IoTchain to demonstrate its utility in an IoT deployment.Comment: 23 pages,11 figure

Secure Information Sharing in an Industrial Internet of Things

This paper investigates how secure information sharing with external vendors can be achieved in an Industrial Internet of Things (IIoT). It also identifies necessary security requirements for secure information sharing based on identified security challenges stated by the industry. The paper then proposes a roadmap for improving security in IIoT which investigates both short-term and long-term solutions for protecting IIoT devices. The short-term solution is mainly based on integrating existing good practices. The paper also outlines a long term solution for protecting IIoT devices with fine-grained access control for sharing data between external entities that would support cloud-based data storage.Comment: 12 pages, 3 figure

A Survey on the Security of Pervasive Online Social Networks (POSNs)

Pervasive Online Social Networks (POSNs) are the extensions of Online Social Networks (OSNs) which facilitate connectivity irrespective of the domain and properties of users. POSNs have been accumulated with the convergence of a plethora of social networking platforms with a motivation of bridging their gap. Over the last decade, OSNs have visually perceived an altogether tremendous amount of advancement in terms of the number of users as well as technology enablers. A single OSN is the property of an organization, which ascertains smooth functioning of its accommodations for providing a quality experience to their users. However, with POSNs, multiple OSNs have coalesced through communities, circles, or only properties, which make service-provisioning tedious and arduous to sustain. Especially, challenges become rigorous when the focus is on the security perspective of cross-platform OSNs, which are an integral part of POSNs. Thus, it is of utmost paramountcy to highlight such a requirement and understand the current situation while discussing the available state-of-the-art. With the modernization of OSNs and convergence towards POSNs, it is compulsory to understand the impact and reach of current solutions for enhancing the security of users as well as associated services. This survey understands this requisite and fixates on different sets of studies presented over the last few years and surveys them for their applicability to POSNs...Comment: 39 Pages, 10 Figure