Usman Ashraf , Mohammed Al-Naeem , Muhammad Nasir Mumtaz Bhutta , Chau Yuen
{"title":"ZFort: A scalable zero-trust approach for trust management and traffic engineering in SDN based IoTs","authors":"Usman Ashraf , Mohammed Al-Naeem , Muhammad Nasir Mumtaz Bhutta , Chau Yuen","doi":"10.1016/j.iot.2024.101419","DOIUrl":"10.1016/j.iot.2024.101419","url":null,"abstract":"<div><div>The Internet of Things (IoT), is a promising solution, but faces critical security challenges in the backdrop of evolving and sophisticated threats. Traditional security models are not well-adopted to protecting these diverse and resource-constrained devices against evolving threats like Advanced Persistent Threats (APTs). We introduce <em>ZFort</em>, a zero-trust framework that prioritizes the security of critical nodes in IoT networks. ZFort dynamically evaluates the risk status of nodes based on node’s criticality and vulnerability scores derived from Common Vulnerabilities and Exposures (CVE) data ZFort dynamically assesses node risk based on criticality and vulnerability scores derived from Common Vulnerabilities and Exposures (CVE) data, and Common Vulnerability Scoring System (CVSS). ZFort uses a stochastic differential equation model for dynamic and continuous trust evaluation between nodes. Based on this evaluation, it dynamically adjusts security measures and routing decisions in real-time. Additionally, ZFort quickly isolates nodes that are likely compromised and prevents routing across them. ZFort uses Mixed Integer Linear Programming (MILP) and efficient heuristics, guaranteeing scalability and resource efficiency even in large networks and enhances the resilience and trustworthiness of key IoT infrastructure.</div></div>","PeriodicalId":29968,"journal":{"name":"Internet of Things","volume":"28 ","pages":"Article 101419"},"PeriodicalIF":6.0,"publicationDate":"2024-10-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142654830","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Self-enhanced multi-task and split federated learning framework for RIS-aided cell-free systems","authors":"Taisei Urakami , Haohui Jia , Na Chen , Minoru Okada","doi":"10.1016/j.iot.2024.101406","DOIUrl":"10.1016/j.iot.2024.101406","url":null,"abstract":"<div><div>Collaborative learning-based beamforming schemes have been exploited to improve spectral efficiency (SE) with low privacy risks in reconfigurable intelligent surface (RIS)-aided cell-free (CF) systems. However, a single-task-driven federated learning (FL) scheme needs to run a large model on local devices with limited computing capacity due to its imbalanced computing resources. Although a single-task-driven split learning (SL) can split a large model into multiple smaller portions, it concerns the training time overhead due to its relay-based training. Meanwhile, annotation for well-labeled channel state information (CSI) still affects beamforming performance with high labeling costs. In this paper, we first propose a collaborative learning framework, named multi-task and split federated learning (M-SFL), for joint channel semantic reconstruction and beamforming for RIS-aided CF systems. The proposed M-SFL framework simultaneously tackles channel semantic reconstruction and beamforming with shared knowledge to distinguish the inherent information of user equipments (UEs). The proposed M-SFL splits large model into multiple lightweight parts friendly with the limited computing local devices and trains local and global models parallelly with the Federated server. Then, we expand the proposed M-SFL framework into a self-enhanced multi-task and split federated learning (SM-SFL) framework by integrating the contrastive learning technique. The SM-SFL framework pre-trains by predicting and distinguishing the target CSI and others without annotation, and then we fine-tune the local and global models with limited labeled CSI. Simulation results show that the proposed framework can jointly achieve better channel semantic reconstruction and higher SE with balanced computing resources, faster beamforming, and low labeling costs.</div></div>","PeriodicalId":29968,"journal":{"name":"Internet of Things","volume":"28 ","pages":"Article 101406"},"PeriodicalIF":6.0,"publicationDate":"2024-10-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142577838","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Comparative analysis of the standalone and Hybrid SDN solutions for early detection of network channel attacks in Industrial Control Systems: A WWTP case study","authors":"Valentine Machaka , Santiago Figueroa-Lorenzo , Saioa Arrizabalaga , Josune Hernantes","doi":"10.1016/j.iot.2024.101413","DOIUrl":"10.1016/j.iot.2024.101413","url":null,"abstract":"<div><div>Industrial Control Systems (ICS) are critical to operating various Critical infrastructures (CIs). However, ICS communication channels connecting sensors, actuators, and local and supervisory controllers are vulnerable to network attacks compromising the system’s availability and integrity. This study proposes and compares Standalone and Hybrid Software Defined Networking (SDN) solutions to mitigate (Detect and Respond) network channel attacks in ICS environments. The methodology utilised applies a testbed designed in GNS3 following the IEC 62264 Industrial Automation Pyramid. It incorporates ICS components such as PLCs and SCADA and a Simulink-based digital twin system for a wastewater treatment plant. This research establishes a proof of concept involving detection and response to network channel attacks evaluated through packet thresholds, packet analysis, and cryptographic hashing techniques in SDN. The Mitre attack framework is implemented to provide insight into the system’s vulnerabilities through adversary emulation. The research findings reveal that both SDN solutions effectively enhance ICS network security; the Standalone SDN solution is more suitable for time-sensitive networks, while the Hybrid SDN solution better serves non-time-sensitive industrial environments. While the Standalone SDN solution offers a 75% efficiency improvement, its’ status as a nascent technology introduces unresolved vulnerabilities and limited testing favouring the Hybrid SDN solution, which provides robust security and reliability due to the integration with the Snort IDS. Thus, selecting the appropriate solution requires carefully considering the trade-offs between enhanced performance and established security. In conclusion, this study underscores the potential of SDN solutions in strengthening ICS security and suggests areas for future research.</div></div>","PeriodicalId":29968,"journal":{"name":"Internet of Things","volume":"28 ","pages":"Article 101413"},"PeriodicalIF":6.0,"publicationDate":"2024-10-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142540366","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Mahdi Mnif , Salwa Sahnoun , Yasmine Ben Saad , Ahmed Fakhfakh , Olfa Kanoun
{"title":"Combinative model compression approach for enhancing 1D CNN efficiency for EIT-based Hand Gesture Recognition on IoT edge devices","authors":"Mahdi Mnif , Salwa Sahnoun , Yasmine Ben Saad , Ahmed Fakhfakh , Olfa Kanoun","doi":"10.1016/j.iot.2024.101403","DOIUrl":"10.1016/j.iot.2024.101403","url":null,"abstract":"<div><div>Tiny Machine Learning is rapidly evolving in edge computing and intelligent Internet of Things (IoT) devices. This paper investigates model compression techniques with the aim of determining their compatibility when combined, and identifying an effective approach to improve inference speed and energy efficiency within IoT edge devices. The study is carried out on the application scenario of Hand Gesture Recognition (HGR) based on Electrical Impedance Tomography (EIT), which involves complex signal processing and needs real-time processing and energy efficiency. Therefore, a customized 1-Dimensional Convolutional Neural Network (1D CNN) HGR classification model has been designed. An approach based on strategically combining model compression techniques was then implemented resulting in a model customized for faster inference and improved energy efficiency for IoT embedded devices. The model size became compact at 10.42 kB, resulting in a substantial size reduction of 98.8%, and an inference gain of 94.73% on a personal computer with approximately 8.56% decrease in accuracy. The approach of combinative model compression techniques was applied to a wide range of edge-computing IoT devices with limited processing power, resulting in a significant improvement in model execution speed and energy efficiency for these devices. Specifically, there was an average power consumption gain of 52% for Arduino Nano BLE and 34.05% for Raspberry Pi 4. Inference time was halved for Arduino Nano BLE Sense, Nicla Sense, and Raspberry Pi 4, with a remarkable gain of 94% for ESP32.</div></div>","PeriodicalId":29968,"journal":{"name":"Internet of Things","volume":"28 ","pages":"Article 101403"},"PeriodicalIF":6.0,"publicationDate":"2024-10-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142572178","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Nicolas Farabegoli, Danilo Pianini, Roberto Casadei, Mirko Viroli
{"title":"Dynamic IoT deployment reconfiguration: A global-level self-organisation approach","authors":"Nicolas Farabegoli, Danilo Pianini, Roberto Casadei, Mirko Viroli","doi":"10.1016/j.iot.2024.101412","DOIUrl":"10.1016/j.iot.2024.101412","url":null,"abstract":"<div><div>The edge–cloud continuum provides a heterogeneous, multi-scale, and dynamic infrastructure supporting complex deployment profiles and trade-offs for application scenarios like those found in the Internet of Things and large-scale cyber–physical systems domains. To exploit the continuum, applications should be designed in a way that promotes flexibility and reconfigurability, and proper management (sub-)systems should take care of reconfiguring them in response to changes in the environment or non-functional requirements. Approaches may leverage optimisation-based or heuristic-based policies, and decision making may be centralised or distributed: this work investigates decentralised heuristic-based approaches. In particular, we focus on the pulverisation approach, whereby a distributed software system is automatically partitioned (“pulverised”) into different deployment units. In this context, we address two main research problems: how to support the runtime reconfiguration of pulverised systems, and how to specify decentralised reconfiguring policies by a global perspective. To address the first problem, we design and implement a middleware for pulverised systems separating infrastructural and application concerns. To address the second problem, we leverage aggregate computing and exploit self-organisation patterns to devise self-stabilising reconfiguration strategies. By simulating deployments on different kinds of complex infrastructures, we assess the flexibility of the pulverisation middleware design as well as the effectiveness and resilience of the aggregate computing-based reconfiguration policies.</div></div>","PeriodicalId":29968,"journal":{"name":"Internet of Things","volume":"28 ","pages":"Article 101412"},"PeriodicalIF":6.0,"publicationDate":"2024-10-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142572262","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Tyson Baptist D Cunha , Kiran M. , Ritik Ranjan , Athanasios V. Vasilakos
{"title":"Physical unclonable functions and QKD-based authentication scheme for IoT devices using blockchain","authors":"Tyson Baptist D Cunha , Kiran M. , Ritik Ranjan , Athanasios V. Vasilakos","doi":"10.1016/j.iot.2024.101404","DOIUrl":"10.1016/j.iot.2024.101404","url":null,"abstract":"<div><div>As the number of Internet of Things (IoT) devices is increasing exponentially, strong security measures are needed to guard against different types of cyberattacks. This research offers a novel IoT device authentication technique to mitigate these challenges by integrating three cutting-edge technologies namely blockchain technology, Quantum Key Distribution (QKD), and Physically Unclonable Functions (PUFs). By utilizing the distinctive qualities of PUFs for device identification and the unrivaled security of QKD for key exchange, the proposed approach seeks to address the significant security issues present in IoT environments. Adopting blockchain technology ensures transparency and verifiability of the authentication process across distributed IoT networks by adding an unchangeable, decentralized layer of trust. An examination of the computing and communication costs reveals that the proposed protocol is effective, necessitating low computational resources that are critical for IoT devices with limited resources. The protocol’s resistance against a variety of attacks is demonstrated by formal proofs based on the Real-Or-Random (ROR) model and security evaluations using the Scyther tool, ensuring the integrity and secrecy of communications. Various threats are analyzed, and the protocol is proven to be secure and efficient from all forms of attacks.</div></div>","PeriodicalId":29968,"journal":{"name":"Internet of Things","volume":"28 ","pages":"Article 101404"},"PeriodicalIF":6.0,"publicationDate":"2024-10-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142586765","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Analyzing common lexical features of fake news using multi-head attention weights","authors":"Mamoru Mimura , Takayuki Ishimaru","doi":"10.1016/j.iot.2024.101409","DOIUrl":"10.1016/j.iot.2024.101409","url":null,"abstract":"<div><div>Numerous approaches have been developed to identify fake news through machine learning; however, these methods are predominantly assessed using singular datasets specific to certain fields, leading to a scarcity of research on versatile models adaptable to a range of domains. This study evaluates the adaptability of a fake news detection model across diverse fields, employing three distinct datasets. Furthermore, the study leverages the multi-head attention feature of bidirectional encoder representations from transformers (BERT) to scrutinize the feature extraction process in the model. In our analysis, we focused on words that are commonly emphasized by machine learning in fake news detection. The dataset comprised 27,442 instances of genuine news and 28,359 instances of fabricated news, each distinctly labeled. To examine the focal words, we utilized multi-head attention, a component of BERT. This mechanism assigns greater weight to words that receive more attention. Our investigation aimed to identify which words were assigned higher weights in each article. The findings indicate that while representing a minor percentage, a common characteristic of fake news is the heightened attention to words that influence the credibility of the article. To assess the versatility of the model, we applied the model trained on one dataset to classify other datasets. The results demonstrate a notable decline in accuracy, attributable to the distinctive characteristics of the training data. These observations suggest that common features among fake news, which could be extracted using the fine-tuned BERT model, are limited.</div></div>","PeriodicalId":29968,"journal":{"name":"Internet of Things","volume":"28 ","pages":"Article 101409"},"PeriodicalIF":6.0,"publicationDate":"2024-10-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142540364","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Mohammad Abrar Shakil Sejan , Md Habibur Rahman , Md Abdul Aziz , Rana Tabassum , Jung-In Baik , Hyoung-Kyu Song
{"title":"Powerful graph neural network for node classification of the IoT network","authors":"Mohammad Abrar Shakil Sejan , Md Habibur Rahman , Md Abdul Aziz , Rana Tabassum , Jung-In Baik , Hyoung-Kyu Song","doi":"10.1016/j.iot.2024.101410","DOIUrl":"10.1016/j.iot.2024.101410","url":null,"abstract":"<div><div>Internet of Things (IoT) devices are increasingly used in various applications in our daily lives. The network structure for IoT is heterogeneous and can create a complex architecture depending on the application and geographical structure. To efficiently process the information within this diverse and complex relationship, a robust data structure is needed for network operations. Graph neural network (GNN) technology is emerging as a capable tool for predicting complex data structures, such as graphs. Graphs can be employed to mimic the structure of IoT network and process information from IoT nodes using GNN techniques. In this paper, our goal is to explore the effectiveness of GNN in performing the node classification task for a given IoT network. We have generated three different IoT networks with varying network sizes, number of nodes, and feature sizes. We then test 12 different GNN algorithms to evaluate their performance in IoT node classification. Each method is examined in detail to observe its training behavior, testing behavior, and resilience against noise. In addition, time complexity and generalization ability of each model have also been studied. The experimental results show that some methods exhibit high resilience against noisy data for IoT node classification accuracy.</div></div>","PeriodicalId":29968,"journal":{"name":"Internet of Things","volume":"28 ","pages":"Article 101410"},"PeriodicalIF":6.0,"publicationDate":"2024-10-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142572179","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Fuzzy-based task offloading in Internet of Vehicles (IoV) edge computing for latency-sensitive applications","authors":"Zouheir Trabelsi , Muhammad Ali , Tariq Qayyum","doi":"10.1016/j.iot.2024.101392","DOIUrl":"10.1016/j.iot.2024.101392","url":null,"abstract":"<div><div>As vehicular applications continue to evolve, the computational capabilities of individual vehicles alone are no longer sufficient to meet the increasing demands. This has led to the integration of edge computing in the Internet of Vehicles (IoV) as an essential solution. Due to the limited resources within vehicles, there is often a need to offload tasks to edge nodes. However, task offloading in IoV environments presents several challenges, including high mobility, dynamic network topology, and varying node density. Traditional offloading methods fail to effectively address these challenges. Moreover, tasks differ in importance, necessitating a mechanism for edge nodes to prioritize tasks based on their urgency. To overcome these challenges, we propose a Vehicle-to-Vehicle (V2V) fuzzy-based task offloading scheme. In this scheme, fuzzy logic plays a critical role by enabling dynamic prioritization of tasks based on their urgency and the available computational resources at edge nodes, ensuring intelligent, context-aware decision-making. The user vehicle selects an appropriate edge node using an edge selection mechanism, which guarantees prolonged connection time and sufficient computational resources. Tasks at the edge are then organized based on their latency requirements and evaluated using a fuzzy rule-based inference system. Our simulation results demonstrate improved task execution rates, reduced overall system delay, and minimized queuing delays.</div></div>","PeriodicalId":29968,"journal":{"name":"Internet of Things","volume":"28 ","pages":"Article 101392"},"PeriodicalIF":6.0,"publicationDate":"2024-10-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142577837","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"A combination learning framework to uncover cyber attacks in IoT networks","authors":"Arati Behera , Kshira Sagar Sahoo , Tapas Kumar Mishra , Monowar Bhuyan","doi":"10.1016/j.iot.2024.101395","DOIUrl":"10.1016/j.iot.2024.101395","url":null,"abstract":"<div><div>The Internet of Things (IoT) is rapidly expanding, connecting an increasing number of devices daily. Having diverse and extensive networking and resource-constrained devices creates vulnerabilities to various cyber-attacks. The IoT with the supervision of Software Defined Network (SDN) enhances the network performance through its flexibility and adaptability. Different methods have been employed for detecting security attacks; however, they are often computationally efficient and unsuitable for such resource-constraint environments. Consequently, there is a significant requirement to develop efficient security measures against a range of attacks. Recent advancements in deep learning (DL) models have paved the way for designing effective attack detection methods. In this study, we leverage Genetic Algorithm (GA) with a correlation coefficient as a fitness function for feature selection. Additionally, mutual information (MI) is applied for feature ranking to measure their dependency on the target variable. The selected optimal features were used to train a hybrid DNN model to uncover attacks in IoT networks. The hybrid DNN integrates Convolutional Neural Network, Bi-Gated Recurrent Units (Bi-GRU), and Bidirectional Long Short-Term Memory (Bi-LSTM) for training the input data. The performance of our proposed model is evaluated against several other baseline DL models, and an ablation study is provided. Three key datasets InSDN, UNSW-NB15, and CICIoT 2023 datasets, containing various types of attacks, were used to assess the performance of the model. The proposed model demonstrates an impressive accuracy and detection time over the existing model with lower resource consumption.</div></div>","PeriodicalId":29968,"journal":{"name":"Internet of Things","volume":"28 ","pages":"Article 101395"},"PeriodicalIF":6.0,"publicationDate":"2024-10-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142553076","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}