{"title":"IoT malware detection using static and dynamic analysis techniques: A systematic literature review","authors":"Sumit Kumar, Prachi Ahlawat, Jyoti Sahni","doi":"10.1002/spy2.444","DOIUrl":"https://doi.org/10.1002/spy2.444","url":null,"abstract":"The Internet of Things (IoT) is reshaping the world with its potential to support new and evolving applications in areas, such as healthcare, automation, remote monitoring, and so on. This rapid popularity and growth of IoT‐based applications coincides with a significant surge in threats and malware attacks on IoT devices. Furthermore, the widespread usage of Linux‐based systems in IoT devices makes malware detection a challenging task. Researchers and practitioners have proposed a variety of techniques to address these threats in the IoT ecosystem. Both researchers and practitioners have proposed a range of techniques to counter these threats within the IoT ecosystem. However, despite the multitude of proposed techniques, there remains a notable absence of a comprehensive and systematic review assessing the efficacy of static and dynamic analysis methods in detecting IoT malware. This research work is a systematic literature review (SLR) that aims to offer a concise summary of the latest advancements in the field of IoT malware detection, specifically focusing on the utilization of static and dynamic analytic techniques. The SLR focuses on examining the present status of research, methodology, and trends in the area of IoT malware detection. It accomplishes this by synthesizing the findings from a wide range of scholarly works that have been published in well‐regarded academic journals and conferences. Additionally, the SLR highlights the significance of the empirical process that includes the role of selecting datasets, accurate feature selection and the utilization of machine learning algorithms in enhancing the detection accuracy. The study also evaluates the capability of different analysis techniques to detect malware and compares the performance of various models for IoT malware detection. Furthermore, the review concluded by addressing several open issues and challenges that the research community as a whole must address.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":null,"pages":null},"PeriodicalIF":1.5,"publicationDate":"2024-07-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141821959","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"An approach for mitigating cognitive load in password management by integrating QR codes and steganography","authors":"G. Balayogi, Kuppusamy K. S.","doi":"10.1002/spy2.447","DOIUrl":"https://doi.org/10.1002/spy2.447","url":null,"abstract":"The proliferation of digital services and the imperative for secure authentication have necessitated the management of an expanding array of passwords, imposing a significant cognitive burden on users. The predominant method for authentication remains the use of passwords. However, a critical issue with this approach is that individuals frequently forget their passwords, particularly when managing multiple accounts. This often results in users creating similar or easily guessable passwords for different accounts or writing them down, compromising security. This article investigates an innovative method to mitigate cognitive burden using steganography‐embedded quick response (QR) codes for streamlined password management. The proposed model, named MASTER (Multi‐device‐based Authentication using STEgged QR Codes), was evaluated for usability using the system usability scale (SUS) and the subjective mental effort scale. The security of the model is evaluated using attack analysis and comparative analysis with image visibility and robustness. The evaluation results indicate that the MASTER model achieved a SUS score of 75.94, with the majority of participants agreeing that the system reduces cognitive effort.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":null,"pages":null},"PeriodicalIF":1.5,"publicationDate":"2024-07-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141832386","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Adi El-Dalahmeh, Moawiah El-Dalahmeh, M. Razzaque, Jie Li
{"title":"Cryptographic methods for secured communication in SDN‐based VANETs: A performance analysis","authors":"Adi El-Dalahmeh, Moawiah El-Dalahmeh, M. Razzaque, Jie Li","doi":"10.1002/spy2.446","DOIUrl":"https://doi.org/10.1002/spy2.446","url":null,"abstract":"Vehicular ad‐hoc networks (VANETs) support features like comfort, safety, and infotainment, enhancing traffic efficiency. However, traditional VANETs struggle with dynamic and large‐scale networks due to fixed policies and complex architectures, such as constantly changing vehicle positions. Software‐defined networks (SDN) can address these challenges by offering centralized, logical control, making VANETs more flexible and programmable. While SDNs improve VANET efficiency and add security benefits, they also introduce new security risks by incorporating novel technologies and architectural elements. Since VANET services rely heavily on data communication, compromised data (e.g., modified, falsified) could significantly impact driver and vehicle safety, making secure communication vital. Security threats specific to SDNs, like vulnerabilities in centralized control or flow‐based threats exploiting dynamic routing, necessitate robust cryptographic solutions to secure vehicle communications and data exchange. Various cryptographic algorithms, differing in performance, speed, memory requirements, and key sizes, pose challenges in selecting the optimal one for SDN‐based VANETs. This study evaluated seven cryptographic algorithms, including Blowfish, data encryption standard, triple data encryption standard, Rivest–Shamir–Adleman, advanced encryption standard (AES), advanced encryption standard with elliptic curve cryptography (AES‐ECC), and advanced encryption standard with elliptic curve Diffie‐Hellman (AES‐ECDH), in a simulated SDN‐based VANET. The findings show AES‐ECDH as the most effective overall, though the best choice depends on specific deployment scenarios and application needs.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":null,"pages":null},"PeriodicalIF":1.5,"publicationDate":"2024-07-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141650556","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Exploring security and privacy enhancement technologies in the Internet of Things: A comprehensive review","authors":"Md. Ataullah, Naveen Chauhan","doi":"10.1002/spy2.448","DOIUrl":"https://doi.org/10.1002/spy2.448","url":null,"abstract":"In the era heavily influenced by Internet of Things (IoT), prioritizing strong security and the protection of user privacy is of utmost importance. This comprehensive review paper embarks on a meticulous examination of the multifaceted challenges and risks facing IoT security and privacy. It encompasses the hardware, software, and data‐in‐transit domains, shedding light on potential vulnerabilities and associated threats. In response to these concerns, this paper puts forth recommendations for effective strategies to mitigate these risks. Providing a road‐map for enhancing security and privacy in IoT environments. Furthermore, this review thoroughly assesses a multitude of solutions proposed by various authors, with the primary aim of enhancing security and privacy within the IoT landscape. The analysis provides insights into the strengths and limitations of these solutions. This is aiding in the development of a holistic comprehension of the existing status of IoT security and privacy. Moreover, the paper delves into the complexities surrounding integrating emerging technologies into the IoT framework. It explores the obstacles and challenges inherent in this process and proposes potential strategies to address these hurdles. By doing so, the review provides a holistic perspective on existing security and privacy enhancement technologies and offers guidance on navigating the dynamic landscape of emerging technologies within the IoT domain. Publications included in the review consist of journal articles, conference papers, and book chapters from reputable sources indexed in SCI (Science Citation Index), Scopus, and Web of Science.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":null,"pages":null},"PeriodicalIF":1.5,"publicationDate":"2024-07-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141653406","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Research on privacy leakage of celebrity's ID card number based on real‐name authentication","authors":"H. Yue, Zebin Song, Mengli Zhao, Lijia Yang","doi":"10.1002/spy2.442","DOIUrl":"https://doi.org/10.1002/spy2.442","url":null,"abstract":"The Internet real‐name system is widely implemented among Chinese Internet users, and many commonly used apps in China exist the functions of real‐name authentication. However, our study found that many apps do not have effective restrictions on user's operations of real‐name authentication, resulting in users being able to frequently perform unsuccessful real‐name authentication attempts. This vulnerability can help an attacker crack celebrity's ID card number by enumeration attacks, and a feasible cracking method was proposed in this paper. First, the information of birth date, birth place, and life experiences of a celebrity is collected from the platforms that display celebrities' personal information (e.g., Wikipedia, Baidu Baike, etc.). In this process, an information extraction method is used to infer permanent residences from life experiences. Then, the possible ID card numbers of a celebrity can be constructed by using the information of birth date, birth place, and permanent residences. Finally, these possible ID card numbers will be verified by sending requests to platforms that have vulnerabilities in the function of user real‐name authentication, until the real ID card number of a celebrity being cracked. This paper conducted cracking experiments on two groups of celebrities. The first group of celebrities is collected from the news events of privacy leakage that were publicly available online, and the second group of celebrities is randomly selected from two encyclopedia platforms. The experimental results showed that the success rate of cracking the ID card numbers of celebrities is 53.9%, which verified the effectiveness of the proposed cracking method. Besides, this paper proposed some security precaution suggestions to solve this security problem, and the implementation, feasibility, potential impact, expected effectiveness of these measures were also analyzed. To our knowledge, our paper is the first to point out the issue of privacy leakage of celebrity's ID card number caused by apps' real‐name authentication functions in China. We believe that our research will attract widespread attention from society regarding celebrity's privacy information protection.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":null,"pages":null},"PeriodicalIF":1.5,"publicationDate":"2024-07-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141656735","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"A differential privacy aided DeepFed intrusion detection system for IoT applications","authors":"Sayeda Suaiba Anwar, Asaduzzaman, Iqbal H. Sarker","doi":"10.1002/spy2.445","DOIUrl":"https://doi.org/10.1002/spy2.445","url":null,"abstract":"In the rapidly‐developing Internet of Things (IoT) ecosystem, safeguarding the privacy and accuracy of linked devices and networks is of utmost importance, with the challenge lying in effective implementation of intrusion detection systems on resource‐constrained IoT devices. This study introduces a differential privacy (DP)‐aided DeepFed architecture for intrusion detection in IoT contexts as a novel approach to addressing these difficulties. To build an intrusion detection model, we combined components of a convolutional neural network with bidirectional long short‐term memory. We apply this approach to the Bot‐IoT dataset, which was rigorously curated by the University of New South Wales (UNSW) and N‐BaIoT dataset. Our major goal is to create a model that delivers high accuracy while protecting privacy, an often‐overlooked aspect of IoT security. Intrusion detection tasks are distributed across multiple IoT devices using federated learning principles to protect data privacy, incorporating the DP framework to gauge and minimize information leakage, all while investigating the intricate relationship between privacy and accuracy in pursuit of an ideal compromise. The trade‐off between privacy preservation and model accuracy is investigated by adjusting the privacy loss and noise multiplier. Our research enhances IoT security by introducing a deep learning model for intrusion detection in IoT devices, explores the integration of DP in federated learning framework for IoT and offers guidance on minimizing the accuracy‐privacy trade‐off based on specific privacy and security needs. Our study explores the privacy‐accuracy trade‐off by examining the effects of varying epsilon values on accuracy for various delta values for a range of clients between 5 and 25. We also investigate the influence of several noise multipliers on accuracy and find a consistent accuracy curve, especially around a noise multiplier value of about 0.5. The findings of this study have the possibilities to enhance IoT ecosystem security and privacy, contributing to the IoT landscape's trustworthiness and sustainability.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":null,"pages":null},"PeriodicalIF":1.5,"publicationDate":"2024-07-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141662556","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Dark patterns: EU's regulatory efforts","authors":"Johanna Herman","doi":"10.1002/spy2.441","DOIUrl":"https://doi.org/10.1002/spy2.441","url":null,"abstract":"In a world where technology is rapidly advancing, regulation of dark pattern practices has become a topic of increasing importance. Society has become somewhat desensitized to these deceptive online practices that manipulate users into taking actions, which are not in their best interests, such as difficulty unsubscribing from a service, prominence of consent buttons, and countless other advanced tactics to obscure transparency. However, these ongoing practices harm both the individual user, and society in general, by impeding informed decision‐making. This Article addresses the European Union's leading efforts to tackle dark pattern practices, and in particular, addresses the numerous legislative acts which have been enacted to regulate and eliminate them. The acts explored in this Article include the General Data Protection Regulation, the Uniform Commercial Practices Directive, the Data Act, the Digital Markets Act, the Digital Services Act, the Amendment to the Directive on Financial Services Contracts Concluded at a Distance, and the Artificial Intelligence Act. This Article then discusses the interplay between the numerous acts, and the resulting ambiguities and overlap which have led to a level of regulatory redundancy. This Article examines not only the difficulty in interpretation of the various acts, but additionally, explores the issues which arise in implementation from a jurisdictional perspective. Further, this Article suggests potential solutions to address the fragmented legislation, including a hybrid form of harmonization, as well as methods for consolidation and centralization.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":null,"pages":null},"PeriodicalIF":1.5,"publicationDate":"2024-07-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141671228","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"An analytical survey of cyber‐physical systems in water treatment and distribution: Security challenges, intrusion detection, and future directions","authors":"Qawsar Gulzar, Khurram Mustafa","doi":"10.1002/spy2.440","DOIUrl":"https://doi.org/10.1002/spy2.440","url":null,"abstract":"Since the inception of the Industrial 4.0 revolution, industrial cyber‐physical systems (CPSs) have become integral to critical infrastructures and industrial sectors, including water treatment and distribution systems. Integrating physical and digital worlds has made communication systems within these plants—comprising actuators, sensors, and controllers—vulnerable to advanced cyber‐attacks. Safeguarding the nation's critical infrastructure has thus attracted significant interest from both academia and industry. This article thoroughly examines water treatment and distribution CPSs, detailing their architectural design, devices, applications, and security standards. It analyzes various cyber‐attacks and explores CPS security vulnerabilities and their detection and mitigation techniques. Additionally, it reviews the trends in machine learning (ML) and deep learning (DL) intrusion detection system (IDS) solutions, highlighting their advantages and disadvantages. The article evaluates current datasets and testbeds, identifying some of the best‐performing IDS algorithms tested on each dataset compared to previous research, which could serve as benchmarks in this field. Finally, it proposes data augmentation techniques to generate comprehensive datasets, identifies research gaps, and suggests potential improvements to enhance IDS performance.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":null,"pages":null},"PeriodicalIF":1.5,"publicationDate":"2024-07-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141678066","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Enhancing agricultural wireless sensor network security through integrated machine learning approaches","authors":"Ishu Sharma, Aditya Bhardwaj, Keshav Kaushik","doi":"10.1002/spy2.437","DOIUrl":"https://doi.org/10.1002/spy2.437","url":null,"abstract":"Wireless sensor network (WSN) works with a collection of multiple sensor nodes to fetch the data from the deployed environment to fulfill the application whether it is agricultural monitoring, industrial monitoring, etc. The agricultural region can be monitored by deploying sensor nodes to multiple verticals where continuous human presence is not feasible. These devices are equipped with limited resources and are easily vulnerable to various cyber‐attacks. The attacker can hack the sensor nodes to steal critical information from WSN devices. The cluster heads in the WSN play a vital role in the process of routing data packets and attackers launch malicious codes through sender nodes to hack or damage the cluster heads to shut down the entire deployed network of agricultural regions. This research paper proposes a framework to improve the security of WSNs by providing a shield to the cluster heads of the network using machine learning techniques. The experimental study of the paper includes the comparative analysis of three machine learning techniques decision tree classifier, Gaussian Naïve Bayes, and random forest classifier for predicting WSN attacks like flooding, gray hole, blackhole, and TDMA that are deployed to support the proposed WSN security framework on the attack dataset. The random forest classifier achieves an accuracy of 98%, Precision of 97.6%, Recall of 97.6%, and F1 score of 97.8% which is the maximum among the deployed machine learning techniques.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":null,"pages":null},"PeriodicalIF":1.5,"publicationDate":"2024-07-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141687499","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Jan Bieniek, Mohamed Rahouti, Kaiqi Xiong, Gabriel Ferreira Araujo
{"title":"SecureCare: A blockchain‐assisted wearable body area network for secure and scalable IoT healthcare services","authors":"Jan Bieniek, Mohamed Rahouti, Kaiqi Xiong, Gabriel Ferreira Araujo","doi":"10.1002/spy2.431","DOIUrl":"https://doi.org/10.1002/spy2.431","url":null,"abstract":"The utilization of Internet of Things (IoT)‐based networks in healthcare systems has witnessed a notable increase, particularly in services like remote patient monitoring. However, specific vulnerabilities have become apparent as more individuals connect to these networks. One pressing concern revolves around safeguarding the privacy of users' confidential information. Given the extensive reliance on sensitive data in such services, apprehensions arise regarding the security of this information within the system. Moreover, the substantial volume of real‐time data transmission poses scalability challenges for the network. This work introduces SecureCare, a novel solution for enhancing wearable IoT healthcare by proposing a blockchain‐empowered Wearable Body Area Network (WBAN) framework. Our aim to employ blockchain technology stems from its robust security capabilities, thanks to its tamperproof and decentralized structure that effectively safeguards network data. Finally, SecureCare was evaluated on a public blockchain network, where it demonstrated improvements in efficiency and reliability. This validation confirms its potential as a robust solution for enhancing security in wearable IoT healthcare systems.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":null,"pages":null},"PeriodicalIF":1.9,"publicationDate":"2024-06-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141367293","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}