Internet of Things最新文献

{"title":"Measuring the impact of post quantum cryptography in Industrial IoT scenarios","authors":"Luis Cruz-Piris ,&nbsp;Andrés Marín-López ,&nbsp;Manuel Álvarez-Campana ,&nbsp;Mario Sanz ,&nbsp;José Ignacio Moreno ,&nbsp;David Arroyo","doi":"10.1016/j.iot.2025.101793","DOIUrl":"10.1016/j.iot.2025.101793","url":null,"abstract":"<div><div>The continuously evolving nature of cryptography is driven by the emergence of new threats and attack vectors. Quantum computers pose a paradigmatic security risk to cryptography, challenging its very core principles. This quantum threat can be appropriately addressed through quantum-safe cryptographic primitives, such as quantum key distribution and post-quantum cryptography (PQC). In the case of PQC, the paradigm shift involves using algorithms with significantly higher computational costs. This paper analyzes the possibilities and challenges of transitioning from current cryptographic systems to PQC alternatives, with a focus on the critical case of constrained-resource devices. We demonstrate the feasibility of such a transition in IoT and Industrial IoT (IIoT) scenarios with limited nodes, and we evaluate how new proposals can mitigate the impact of signature computations on securing IoT/IIoT devices. In this work, we design and implement a novel framework to conduct an extensive set of experiments measuring the performance of different families of PQC algorithms in terms of execution time and power consumption. Both the framework and the dataset have been published in the EU Open Research Repository Zenodo to facilitate the future selection of algorithms that best adapt to the specific characteristics of each system.</div></div>","PeriodicalId":29968,"journal":{"name":"Internet of Things","volume":"34 ","pages":"Article 101793"},"PeriodicalIF":7.6,"publicationDate":"2025-10-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145324439","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Exploiting edge features for transferable adversarial attacks in distributed machine learning","authors":"Giulio Rossolini ,&nbsp;Fabio Brau ,&nbsp;Alessandro Biondi ,&nbsp;Battista Biggio ,&nbsp;Giorgio Buttazzo","doi":"10.1016/j.iot.2025.101795","DOIUrl":"10.1016/j.iot.2025.101795","url":null,"abstract":"<div><div>As machine learning models become increasingly deployed across the edge of internet of things environments, a partitioned deep learning paradigm in which models are split across multiple computational nodes introduces a new dimension of security risk. Unlike traditional inference setups, these distributed pipelines span the model computation across heterogeneous nodes and communication layers, thereby exposing a broader attack surface to potential adversaries. Building on these motivations, this work explores a previously overlooked vulnerability: even when both the edge and cloud components of the model are inaccessible (i.e., black-box), an adversary who intercepts the intermediate features transmitted between them can still pose a serious threat. We demonstrate that, under these mild and realistic assumptions, an attacker can craft highly transferable proxy models, making the entire deep learning system significantly more vulnerable to evasion attacks. In particular, the intercepted features can be effectively analyzed and leveraged to distill surrogate models capable of crafting highly transferable adversarial examples against the target model. To this end, we propose an exploitation strategy specifically designed for distributed settings, which involves reconstructing the original tensor shape from vectorized transmitted features using simple statistical analysis, and adapting surrogate architectures accordingly to enable effective feature distillation.</div><div>A comprehensive and systematic experimental evaluation has been conducted to demonstrate that surrogate models trained with the proposed strategy, i.e., leveraging intermediate features, tremendously improve the transferability of adversarial attacks. These findings underscore the urgent need to account for intermediate feature leakage in the design of secure distributed deep learning systems, particularly in edge scenarios, where constrained devices are more exposed to communication vulnerabilities and offer limited protection mechanisms.</div></div>","PeriodicalId":29968,"journal":{"name":"Internet of Things","volume":"34 ","pages":"Article 101795"},"PeriodicalIF":7.6,"publicationDate":"2025-10-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145324437","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"WoTtrader: A trading service for the Web of Things","authors":"Juan Alberto Llopis,&nbsp;Luis Iribarne,&nbsp;Javier Criado,&nbsp;Rosa Ayala","doi":"10.1016/j.iot.2025.101784","DOIUrl":"10.1016/j.iot.2025.101784","url":null,"abstract":"<div><div>The increasing integration of Internet of Things (IoT) devices into various ecosystems necessitates an efficient trading service for discovering and managing these devices. The Web of Things (WoT) offers a model for representing and discovering IoT devices, facilitating their integration and search. However, the WoT discovery model lacks the capability for query delegation, the process of forwarding queries to other connected services in distributed discovery systems, particularly in multi-dependent ecosystems, such as smart cities. In response to this gap, this paper presents WoTtrader, a new trading service for the WoT that enhances the discovery model with expanded recommendation features. This service enables the discovery of devices in environments where it coexists with other WoT discovery services developed by third parties. Compared to existing WoT discovery systems, WoTtrader supports multi-level query delegation across syntactic, semantic, and natural language searches, enabling broader device coverage, higher accuracy, proactive device discovery, adaptation of IoT devices to the WoT framework, and the integration with third-party services. The proposed trading service has been deployed and evaluated against other WoT discovery implementations. The results indicate that WoTtrader provides moderate response times while maintaining the highest accuracy when searching for devices across different nodes. Finally, the paper discusses the findings, limitations, and future directions to improve WoTtrader and enhance its adaptability within diverse WoT environments.</div></div>","PeriodicalId":29968,"journal":{"name":"Internet of Things","volume":"34 ","pages":"Article 101784"},"PeriodicalIF":7.6,"publicationDate":"2025-10-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145266680","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Toward generating a large-scale IoT-Zwave intrusion detection dataset: Smart device profiling, intruders behavior, and traffic characterization","authors":"MohammadMoein Shafi ,&nbsp;Arash Habibi Lashkari","doi":"10.1016/j.iot.2025.101747","DOIUrl":"10.1016/j.iot.2025.101747","url":null,"abstract":"<div><div>The rapid expansion of the Internet of Things (IoT) has introduced critical security challenges, making IoT ecosystems a prime target for cyber threats. Traditional security measures, relying on predefined signatures and static rules, struggle to detect sophisticated attacks that evolve dynamically. While machine learning and deep learning have improved IoT security, their effectiveness is fundamentally limited by the quality and diversity of available datasets. Existing IoT security datasets suffer from numerous shortcomings, including limited device diversity, inadequate threat coverage, the absence of real-world user and environment interaction, a lack of IoT-specific attacks, insufficient data volume, outdated threat scenarios, a lack of multimodal data, and a lack of support for multi-protocol analysis. To bridge this gap, we conducted a comprehensive analysis of the top 30 publicly available IoT smart home datasets, identifying 22 critical shortcomings that hinder their applicability in security research. To address these limitations, we introduce BCCC-IoT-IDS-Zwave-2025, the most extensive and diverse IoT smart home dataset to date, developed over five months using a large-scale testbed comprising more than 50 IoT devices and encompassing over 80 distinct attack scenarios. Unlike prior datasets that focus primarily on IP network-layer traffic, our dataset integrates multi-source data, including IP-based network traffic, IoT-Zwave communication signals, device activity, and MQTT-based traffic and logs, with attack scenarios specifically designed for each data source, enabling a holistic view of IoT threats. To further enhance IoT threat analysis, we developed IoT-ZwaveNetLyzer, the first dedicated traffic analyzer for Z-Wave networks, addressing the gap left by traditional PC-focused tools. Extensive experimental evaluations demonstrate the dataset’s effectiveness, with state-of-the-art classifiers achieving an average detection accuracy exceeding 95% and a false positive rate as low as 2.2% on average, establishing BCCC-IoT-IDS-Zwave-2025 as a cornerstone for future IoT security research and the development of advanced detection methodologies.</div></div>","PeriodicalId":29968,"journal":{"name":"Internet of Things","volume":"34 ","pages":"Article 101747"},"PeriodicalIF":7.6,"publicationDate":"2025-10-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145324446","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Privacy-preserving energy analytics in smart offices via container-based Federated Learning","authors":"Roberto Morcillo-Jimenez ,&nbsp;Jose M. Rivas ,&nbsp;M. Dolores Ruiz ,&nbsp;Maria J. Martin-Bautista ,&nbsp;Carlos Fernandez-Basso","doi":"10.1016/j.iot.2025.101782","DOIUrl":"10.1016/j.iot.2025.101782","url":null,"abstract":"<div><div>Federated Learning (FL) has emerged as a promising paradigm to enable privacy-preserving machine learning across distributed IoT devices. This work relies on <em>SimulaFed</em>, a container-based in-simulation framework for FL that is readily applicable to IoT scenarios. It leverages real-world energy data from an office building in which environmental and occupancy parameters were monitored by an IoT system. Our framework performs distributed model training that preserves occupant privacy without incurring prohibitive communication overhead and benchmarks four aggregation rules–Federated Averaging (FedAvg), Federated Proximal (FedProx), FedAdam, and <span>SCAFFOLD</span>.</div><div>Using <span><math><mo>≈</mo></math></span><strong> <!-->262<!--> <!-->000</strong> hourly windows and a lightweight 1-D CNN (<span><math><mo>≈</mo></math></span> <!--> <!-->0.35<!--> <!-->M parameters; 354<!--> <!-->488 weights), we benchmarked four aggregation rules. <strong>FedProx</strong>, with a tuned proximity term (<span><math><mrow><mi>μ</mi><mo>=</mo><mn>0</mn><mo>.</mo><mn>05</mn></mrow></math></span>), achieved the lowest MAE: <strong>0.755 ± 0.000</strong>, marginally ahead of FedAvg <strong>(0.764 ± 0.084)</strong> by 1.2%. <span>SCAFFOLD</span> delivered accuracy comparable to FedAvg (MAE <span><math><mrow><mn>0</mn><mo>.</mo><mn>771</mn><mo>±</mo><mn>0</mn><mo>.</mo><mn>042</mn></mrow></math></span>) but with a higher runtime footprint; FedAdam increased computational cost without accuracy gains. Each update payload is about 1.4<!--> <!-->MB per client; across 17 clients and 10 rounds (upload + broadcast) this totals <span><math><mo>≈</mo></math></span><strong>480<!--> <!-->MB</strong>. Detailed CPU/memory telemetry is reported in Section 4 and Table 13.</div><div>These results confirm the viability of <em>SimulaFed</em> as a rapid-prototyping platform for energy-aware FL in smart offices, paving the way for deployments that balance data confidentiality, prediction accuracy and resource usage.</div></div>","PeriodicalId":29968,"journal":{"name":"Internet of Things","volume":"34 ","pages":"Article 101782"},"PeriodicalIF":7.6,"publicationDate":"2025-10-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145266679","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Intelligent IoT-enabled marketing systems: Enhancing consumer sustainability engagement through perceived usefulness","authors":"Shuqi Huang ,&nbsp;Yaying Zhou ,&nbsp;Haytham F. Isleem ,&nbsp;Ghanshyam G. Tejani ,&nbsp;Adham E Ragab","doi":"10.1016/j.iot.2025.101797","DOIUrl":"10.1016/j.iot.2025.101797","url":null,"abstract":"<div><div>This study examines how IoT-based marketing influences consumer engagement in sustainability. Using surveys from 847 people and 32 interviews, we found that these strategies significantly boost engagement (β = 0.724, <em>p</em> &lt; 0.001). Perceived usefulness partially mediated this relationship, accounting for 53.9 % of the total effect (β_total = 0.677; indirect β = 0.365, 95 % CI [0.298, 0.437]; <em>p</em> &lt; 0.001). The research reveals the existence of three consumers: Tech-Sustainability Enthusiasts (34.2 %), Cautious Adopters (41.7 %%), and Traditional Consumers (24.1 %). Each group has its own responsiveness pattern to the marketing of IoT-enabled sustainability. According to the research, they extend a well-established theoretical framework to the emerging IoT-sustainability domain. Similarly, and they also provide the first empirical evidence for perceived usefulness. It is critical mediating mechanism in the IoT-sustainability domain. The research gives useful hints to those who want to make use of IoT in sustainability. Importantly, the technology must demonstrate the usefulness to obtain maximum engagement.</div></div>","PeriodicalId":29968,"journal":{"name":"Internet of Things","volume":"34 ","pages":"Article 101797"},"PeriodicalIF":7.6,"publicationDate":"2025-10-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145324436","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"IoT-integrated deep learning for forecasting and decision support in reservoir water management under drought conditions","authors":"Raúl Parada ,&nbsp;Arnau Sanz","doi":"10.1016/j.iot.2025.101780","DOIUrl":"10.1016/j.iot.2025.101780","url":null,"abstract":"<div><div>This study presents an IoT-enabled forecasting and decision-support framework for proactive reservoir management under drought conditions. Using more than two decades of high-resolution hydrometeorological data, we develop and compare Long Short-Term Memory (LSTM) and extended LSTM (xLSTM) models. The xLSTM integrates exponential gating mechanisms to better capture long-range temporal dependencies. We evaluate predictive performance across multiple forecasting horizons (30, 90, 180, and 365 days) and benchmark the results against a classical statistical model (ARIMA). The xLSTM consistently outperforms baseline models in short-term forecasts but exhibits a decline in accuracy at longer horizons, highlighting the limitations of purely data-driven approaches for extended predictions. To operationalize model outputs, we integrate the forecasts into a real-time decision-support dashboard that aligns predictions with reservoir operation thresholds established in the Catalan Drought Management Plan. This research provides both a methodological contribution to deep learning for hydrological forecasting and a practical framework for data-driven drought preparedness in climate-sensitive regions.</div></div>","PeriodicalId":29968,"journal":{"name":"Internet of Things","volume":"34 ","pages":"Article 101780"},"PeriodicalIF":7.6,"publicationDate":"2025-10-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145266897","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A deep learning-based Adaptive Data Rate algorithm for LoRaWAN networks","authors":"Luca Leonardi ,&nbsp;Giancarlo Iannizzotto ,&nbsp;Mattia Pirri ,&nbsp;Gaetano Patti ,&nbsp;Alessio Pirri ,&nbsp;Lucia Lo Bello","doi":"10.1016/j.iot.2025.101786","DOIUrl":"10.1016/j.iot.2025.101786","url":null,"abstract":"<div><div>LoRaWAN is emerging as a key protocol for several Internet of Things (IoT) applications, as it enables long-range communication with low power consumption between a large number of end-devices. LoRaWAN end-devices are characterized by a number of configurable transmission parameters, whose values need to be carefully selected, as they significantly influence the network performance. The Adaptive Data Rate (ADR) algorithm recommended by Semtech dynamically adjusts the transmission parameters of LoRaWAN end-devices to improve the network reliability while keeping energy consumption low. However, ADR is a rule-based algorithm not suitable for dynamic IoT scenarios in which the network conditions can be highly variable and the end-devices move around in the sensing area. In contrast, deep learning techniques appear a promising solution to set the transmission parameters of LoRaWAN end-devices in such dynamic IoT environments, thanks to their ability to learn from data a non-linear, state-dependent model. For this reason, this paper proposes a deep learning-based mechanism, called Rel-ADR, that dynamically tunes the transmission parameters of LoRaWAN end-devices to improve the transmission reliability, while maintaining low power consumption in dynamic and dense networks. The paper presents the design of Rel-ADR and the results of an extensive comparative performance evaluation between Rel-ADR and existing approaches in the literature, obtained through OMNeT++ simulations in realistic scenarios.</div></div>","PeriodicalId":29968,"journal":{"name":"Internet of Things","volume":"34 ","pages":"Article 101786"},"PeriodicalIF":7.6,"publicationDate":"2025-10-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145324444","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"IRIS: Enhancing the security of IoT devices using internal IR-based sensors","authors":"Amit Kama,&nbsp;Yarin Kalfon,&nbsp;Yossi Oren","doi":"10.1016/j.iot.2025.101787","DOIUrl":"10.1016/j.iot.2025.101787","url":null,"abstract":"<div><div>Authentication in Internet of Things (IoT) environments faces significant challenges due to the devices’ limited security capabilities and operational constraints, such as reduced computational power and energy. The unsecured and diverse settings in which these devices operate further complicate the implementation of traditional authentication protocols. While some work has explored leveraging intrinsic variations in Static Random-Access Memory (SRAM) characteristics for authentication, relatively little attention has been given to authentication approaches based on other sensors. In this work, we survey sensors commonly found in IoT devices and assess their suitability for authentication purposes. We identify the infrared (IR) receiver as a promising candidate for authentication, and demonstrate a practical method for using the inherent physical variations in these sensors to authenticate IoT devices. Our results demonstrate that IR receivers can authenticate IoT devices with an average accuracy of 0.9855, with a standard deviation of 0.014, above a base rate of 0.05. Motivated by these findings, we developed <span>IRIS</span>, a novel IR-based Identification System, and made an open-source artifact repository available to support further research. We also demonstrate the robustness of our proposed method under various constraints, such as shorter trace lengths, reduced sampling frequencies, relying solely on the receiver’s data, and authenticating with a TV remote control. Our findings suggest that low-cost sensors like IR receivers can significantly enhance IoT devices security without increasing their cost.</div></div>","PeriodicalId":29968,"journal":{"name":"Internet of Things","volume":"34 ","pages":"Article 101787"},"PeriodicalIF":7.6,"publicationDate":"2025-10-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145266675","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"DIDAuth-IoTFW: Decentralized firmware authentication for smart home IoT devices using verifiable credentials","authors":"W.M.A.B. Wijesundara ,&nbsp;Joong-Sun Lee ,&nbsp;Eleni Aloupogianni ,&nbsp;Dara Tith ,&nbsp;Hiroyuki Suzuki ,&nbsp;Takashi Obi","doi":"10.1016/j.iot.2025.101788","DOIUrl":"10.1016/j.iot.2025.101788","url":null,"abstract":"<div><div>Rapid proliferation of smart home IoT devices has intensified the demand for secure, scalable, and autonomous firmware authentication mechanisms. Traditional centralized solutions face challenges related to privacy concerns, limited scalability, and vulnerability to single point of failure. In this paper, we propose DIDAuth-IoTFW, a novel decentralized identity and firmware authentication framework that uniquely integrates Ethereum Layer-2 Arbitrum, InterPlanetary File System (IPFS), and W3C-compliant Decentralized Identifiers (DIDs) and Verifiable Credentials (VCs). DIDAuth-IoTFW provides a complete firmware authentication life cycle, from decentralized identity registration to real-time, on-chain verifiable revocation. While enabling autonomous, cryptographic verification directly on resource-constrained IoT devices and ensuring reliable performance even when gateways are compromised or unavailable. Our proof-of-concept implementation on ESP32 and Raspberry Pi achieved complete resistance to replay, forgery, and revocation threats with verification consistently under 1.2 s. Compared to prior work, DIDAuth-IoTFW uniquely combines firmware–VC hash binding, contract binding that prevents cross-registry replay, and device-side enforcement resilient to gateway compromise. Experimental results indicate a robust, privacy-preserving, and scalable alternative to centralized firmware-update pipelines for smart-home IoT.</div></div>","PeriodicalId":29968,"journal":{"name":"Internet of Things","volume":"34 ","pages":"Article 101788"},"PeriodicalIF":7.6,"publicationDate":"2025-10-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145266682","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}