MARKET ANALYSIS FOR THE MICOZED TIMEKEEPING AND GEOLOCATION SENSOR (TGS)

Strigel, Brian R.

28 August 2019

No description available.

Patent Law

Physics

Marketing

Intellectual Property

Entrepreneurship

Blockchain-Based Security Framework for the Internet of Things and Home Networks

Diego Miguel Mendez Mena (10711719)

27 April 2021

During recent years, attacks on Internet of Things (IoT) devices have grown significantly. Cyber criminals have been using compromised IoT machines to attack others, which include critical internet infrastructure systems. Latest attacks increase the urgency for the information security research community to develop new strategies and tools to safeguard vulnerable devices at any level. Millions of intelligent things are now part of home-based networks that are usually disregarded by solutions platforms, but not by malicious entities.<br>Therefore, the following document presents a comprehensive framework that aims to secure home-based networks, but also corporate and service provider ones. The proposed solution utilizes first-hand information from different actors from different levels to create a decentralized privacy-aware Cyber Threat Information (CTI) sharing network, capable of automate network responses by relying on the secure properties of the blockchain powered by the Ethereum algorithms.

Computer System Security

Internet of Things security

blockchain algorithm

network security technologies

network security system

Ethereum blockchain

Testing IoT Security : A comparison of existing penetration testing frameworks and proposing a generic framework

Widerberg Palmfeldt, Alva, Mattsson, William

January 2023

The Internet of Things (IoT) refers to the billions of physical devices linked to the Internet worldwide, integrating into various systems like healthcare, finance, and transportation. However, the rapid market expansion has led to software and hardware security shortcomings, leaving IoT devices vulnerable to cybercriminals. The security can be maintained and evaluated in different ways, nonetheless, this thesis focuses on investigating the process of a penetration test to identify vulnerabilities present in IoT devices. This paper investigates and compares existing penetration testing frameworks and proposes a generic testing framework for IoT. The results show that there is no standardized penetration testing framework to target IoT devices, as there are for networks and the web. By defining IoT-specific testing methodologies, our research shows that common IoT vulnerabilities could be identified and exploited.

Internet of Things

penetration testing

standardization

framework

vulnerability exploitation

Computer Sciences

Datavetenskap (datalogi)

Semantics-Aware Understanding and Handling of Security and Privacy Problems in Smart Environments

Chi, Haotian, 0000-0002-0222-4660

January 2021

Internet of Things (IoT) platforms enable users to connect heterogeneous resource-constrained wireless devices and deploy semantics-rich home automation applications in smart homes. With the proliferation and fragmentation of IoT products, it even becomes a status quo that many smart IoT devices in a smart home are bounded or delegated to multiple IoT platforms, demonstrating the following characteristics. First, an IoT device may interact with more than one IoT platform. Second, a device can be accessed via multiple communication channels (e.g., Zigbee and Bluetooth). Third, automation applications or rules in a smart home may scatter on different platforms, mainly because each platform has its own strengths and restrictions on the supported IoT devices (e.g., many Google Nest devices are not compatible to work with the Amazon platform) and programming features. Despite the convenience brought by the modern platform-backed systems, a variety of attacks targeting the devices, applications and their interactions arise, which can put the smart home devices to insecure, unsafe, or unexpected states, or can breach users' private information in the daily life. In this dissertation, several semantics-aware security and privacy issues are discussed, analyzed and handled. In one way, we systematically categorized a family of cross-app interference threats and designed a Satisfiability modulo theories (SMT)-based solution to detect them. In another work, we revealed a family of delay-based automation interference attacks that cause cross-rule interference problems in multi-platform multi-path systems. We also studied privacy protection of IoT systems and proposed a semantics-aware customizable data flow control system to protect IoT data from being exploited by third parties and attackers. We also established a command sanitizer solution for detecting cross-app interference problems in multi-platform systems and enforce security and safety policies against various IoT threats. All the works were evaluated in real-world smart home testbeds. / Computer and Information Science

Computer science

Internet of Things

IoT platforms

Security and privacy

Smart home automation

The Viability of Using Trusted Execution Environments to Protect Data in Node-RED : A study on using AMD-SEV and Intel SGX to protect sensitive data when Node-RED is deployed on the cloud. / Möjligheten att använda Trusted Execution Environments för att skydda data i Node-RED : En studie om användandet av AMD-SEV och Intel SGX för att skydda känslig data när Node-RED körs på molnet.

Leijonberg, Carl

January 2021

The Internet of Things (IoT) consists of a network of physical devices that are connected over the internet for the purpose of exchanging data with other devices and systems. IoT platforms, such as Node-RED, have been introduced in recent times to facilitate communication between different IoT devices. Hosting Node-RED on a cloud service provider might result in the confidentiality of sensitive data on Node-RED being violated by malicious attackers, since users are forced to entrust their sensitive data with the cloud service providers. Using trusted execution environments, such as AMD-SEV and Intel SGX, can mitigate several potential attacks from exposing sensitive information in Node-RED. This thesis investigates if AMD-SEV and Intel SGX are viable options to protect sensitive data in Node-RED when hosted on a cloud service provider. The work in this thesis investigates difficulties encountered when deploying Node-RED on AMD-SEV and Intel SGX, from a usability perspective. Usability is measured by running Node-RED in AMDSEV and Intel SGX, and then recording the complexity of the process. Several performance tests are conducted to measure the performance overhead of Node-RED caused by AMD-SEV. A literature review is also conducted to investigate potential vulnerabilities in AMD-SEV and Intel SGX that could undermine the security of user’s data in Node-RED. The results from this thesis finds that AMD-SEV is a viable option to protect sensitive data in Node-RED when hosted on a cloud service provider. Deploying Node-RED on AMD-SEV is found to be a relatively simple process from a usability perspective. There are some noticeable performance overhead with regards to CPU utilization and TCP throughput, but all other metrics show marginal performance overhead. The potential vulnerabilities in AMD-SEV are not found to be significant enough to make AMD-SEV unviable. The thesis finds Intel SGX to be an unviable solution primarily due to usability. The process of running Node-RED in an Intel SGX enclave is extremely complex and the results show that for most users of Node-RED, this is not viable. The security vulnerabilities found from the literature review, are not significant enough to make Intel SGX an unviable option to protect sensitive user data inNode-RED. / Internet of Things (IoT) är en nätverk av fysiska enheter som är sammankopplade via internet för att kunna skicka data till andra fysiska enheter eller system. IoTplattformar, som Node-RED, har utvecklats för att förenkla kommunikationen mellan olika IoT- enheter. Att köra Node-RED på en molntjänst kan leda till att sekretessen av känslig data på Node-RED blir kränkt av en attack mot molntjänsten. Det är på grund av att användarna av Node-RED är tvungna att tillförlita deras känsliga data till molntjänsten, som deras data kan bli kränkt. Detta problem kan förminskas genom att användarna utnyttjar trusted execution environments som AMD-SEV och Intel SGX för att skydda sin känsliga data på molntjänsten. I denna avhandling, undersöks det om AMDSEV och Intel SGX kan användas för att skydda data i Node-RED när den körs på en molntjänst. Användarvänligheten av att köra Node-RED med AMD-SEV och Intel SGX undersöks genom att uppskatta hur komplicerad denna process är. Flera tester genomförs också för att mäta vilken påverkan AMD-SEV har på prestandan av Node-RED. En litteraturöversikt genomförs också för att undersöka potentiella sårbarheter i AMD-SEV och Intel SGX som skulle kunna utnyttjas för att komma åt känslig data i Node-RED. Resultaten från avhandlingen visar att AMD-SEV kan vara användbart för att skydda känslig data i Node-RED när den körs på en molntjänst. AMDSEV är väldigt användarvänlig när Node-RED ska köras. AMD-SEV har en märkbar påverkan på prestandan av processorn och TCP- genomströmning, men för de andra faktorerna som mäts har AMD-SEV ingen större påverkan. Litteraturöversikten finner inga sårbarheter som är tillräckligt farliga för att göra AMD-SEV oanvändbar för att skydda känslig data iNode-RED. Resultaten från avhandlingen visar dock att Intel SGX inte är särskilt användbar för att skydda känslig data i Node-RED när den körs på en molntjänst. Detta är främst för att det är väldigt komplicerat att köra Node-RED i en Intel SGX enklav från en användarvänlighet synpunkt. De flesta av Node-REDs användare skulle finna det för komplicerat att använda Intel SGX för att skydda sin känsliga data. Litteraturöversikten finner inga sårbarheter allvarliga nog för att göra Intel SGX oanvändbar.

Trusted execution environments

AMD-SEV

Intel SGX

Internet of Things

Node-RED

Computer and Information Sciences

Data- och informationsvetenskap

Strengthening Efficiency and Safety in Forklift Operations through Autobiographical Design

Khodr, Nino

January 2021

Forklift vehicles used for moving pallets and boxes in warehouses, have recently been integrated with Internet of Things (IoT) technology, in effect making forklifts networked and in parts controllable from afar. Human operators now carry out tasks according to instructions displayed on the screen of the IoT-forklift instead of just maneuvering around and executing tasks as they see fit. Through an autobiographical design process, hazardous situations arising because of limitations at the interface of the IoT-forklifts were revealed. To address these hazardous situations, we propose changing the interface of the forklift to better monitor the pick-up and dropping of packages. Changes to the digitally-enabled interface was done through the implementation of modalities. In short three modalities was considered, tactile, visual and auditive ones. While the tactile modality was not deemed to be feasible, the visual and auditive modalities was prototyped and evaluated through an Wizard of Oz method. Colored LED light strips showed to improve the handling, locating, selecting and moving the correct goods within the warehouse while keeping both operators and items safe. Further improvements to the digitally-enabled infrastructure in the warehouse that can optimize the routes to and from the pickup were devised. Cameras, sensors and lasers installed on advantageous places within the warehouse and on the forklift will help keeping track on both the forklift operators and the items during pick - and drop operations. As a result the system will have an awareness of its environment were both efficiency and safety will be further improved. / Gaffeltruckar som används for att flytta pallar och lådor i lager har nyligen integrerats med IoT-teknologin (Internet of Things), vilket gör gaffeltruckar i nätverk och i delar kontrollerbara långt ifrån. Mänskliga operatörer utför nu uppgifter enligt instruktionerna som visas på IoT-gaffeltruckens skärm istället för att bara manövrera runt och utföra uppgifter som de anser lämpligt. Genom en självbiografisk designprocess avslöjades farliga situationer som uppstod på grund av begränsningar vid gränssnittet mellan IoT-gaffeltruckarna. För att hantera dessa farliga situationer föreslår vi att man ändrar gaffeltruckens gränssnitt för att bättre övervaka hämtning och släppande av paket. Ändringar av det digitalt aktiverade gränssnittet gjordes genom implementering av modaliteter. Kort sagt övervägdes tre metoder, taktila, visuella och auditiva. Även om den taktila modaliteten inte ansågs vara genomförbar prototyperades och utvärderades de visuella och auditiva metoderna genom en Wizard of Oz-metod. Färgade LED-ljusremsor visade sig förbättra hanteringen, lokaliseringen, valet och flyttandet av de rätta varorna inom lagret och samtidigt hålla både operatörer och föremål säkra. Ytterligare förbättringar av den digitalt aktiverade infrastrukturen i lagret som kan optimera rutterna till och från upphämtningen planerades. Kameror, sensorer och lasrar installerade på fördelaktiga platser i lagret och på gaffeltrucken hjälper till att hålla koll på både gaffeltruckoperatörema och föremålen under plock - och släppoperationer. Som ett resultat kommer systemet att känna till sin miljö där både effektivitet och säkerhet kommer att förbättras ytterligare.

Computer and Information Sciences

Data- och informationsvetenskap

Algorithm-Hardware Co-design for Ultra-Low-Power Machine Learning and Neuromorphic Computing

Wang, Dewei

January 2023

The rapid proliferation of the Internet of Things (IoT) devices and the growing demand for intelligent systems have driven the development of low-power, compact, and efficient machine learning solutions. Deep neural networks (DNNs) have become state-of-the-art algorithms in various applications, such as face recognition, object detection, and speech recognition, due to their exceptional accuracy. In terms of edge devices, it is ideal to execute these algorithms locally on devices rather than on servers to mitigate data transfer latency and address privacy concerns. Reducing power consumption and enhancing energy efficiency becomes crucial, as mobile and wearable devices typically have limited battery capacity. Low-power consumption can extend battery life, reduce recharging cycles, and thus decrease maintenance costs. Ultra-Low-power AI hardware has increasingly garnered attention due to its potential to enable numerous compelling applications. This technology can serve as an always-on wake-up module, such as keyword spotting and visual wake-up, to facilitate hierarchical data processing. Addi-tionally, it can be employed in security and surveillance applications on battery-powered cameras and miniaturized drones. Various techniques to reduce power consumption have been proposed at individual levels, encompassing algorithms, architecture, and circuits. Application-oriented ultra-low-power AI hardware design incorporating full-stack optimization can exploit unique features in specific tasks and further minimize power consumption. This thesis presents my research on algorithm-hardware co-design for ultra-low-power hardware for AI applications. Chapter 2 to 5 list my past works. The first work implements a spiking neural network classifier that leverages fully event-driven architecture to reduce power consump-tion while the input activity is low. The second work presents an end-to-end keyword spotting system featuring divisive energy normalization for both internal and external noise robustness. The third work shows a digital in-memory-computing macro utilizing approximate arithmetic hardware for better area and energy efficiency. The last work demonstrates an automatic speech recognition chip featuring bio-inspired neuron model, digital in-memory-computing hardware with time-sharing arithmetic units, and fully pipelined architecture for low power consumption and real-time processing.

Electrical engineering

Machine learning

Neuromorphics

Artificial intelligence

Internet of things

Neural networks (Computer science)

Sustaining the Performance of Artificial Intelligence in Networking Analytics

Zhang, Jielun

07 August 2023

No description available.

Electrical Engineering

Computer Engineering

Networking analytics

Artificial Intelligence

network traffic classification

network security

Internet-of-Things

Att vara smart i det smarta hemmet

Haupt, Carl-Fredrik Eugen, Ankarstad, Erik

January 2023

Smart homes are becoming more popular and there are more and more different devices for smart homes being made. Discussions have increased about the low security level of these devices, how much data is shared with companies that provide these services and how that data is used. This study aims to find what methods are most common for securing smart homes and not sharing too much data, and why these methods are used. The question that the study is based on is: What safety precautions do users take to not spread their private information through devices in smart homes and why? To answer this question a survey has been conducted by letting people answer an online survey and interviews based on the online survey. The answers from the online survey were then subjected to statistical testing, and for the interviews a thematic analysis was made. The most common methods for being safe in smart homes were strong passwords, having different passwords for different services, updating software on devices for smart homes and using multi-factor authentication. During the following interviews the interviewees motivated the reason for using these methods with them being easy to use, convenient and that some services required them. The interviewees also frequently spoke about why they did not use certain methods, which was lack of knowledge about those methods and the associated risks, not having anything to hide and that some methods were too complicated to use.

Smart homes

security

privacy

Internet of Things

IoT

password

Computer Sciences

Datavetenskap (datalogi)

Distributed Artificial Intelligence Based on Edge Computing

Fagerström, Rebecca, Neüman, Simon

January 2023

The future Internet is expected to be driven by the prevalence of the Internet of Things (IoT), where it is envisioned that anything can be connected. In the last decade, there has been a paradigm shift in IoT from centralized cloud computing to so-called edge computing in order to compute tasks closer to the source of data generation. However, IoT still faces some major challenges when it comes to computational, storage and network. Therefore, this systematic literature review aims to investigate how edge computing can assist in accomplishing distributed intelligence in IoT systems and the known challenges and barriers. Using the PRISMA guidelines, a systematic database search and selection process was carried out to find relevant research on the topic. The data analysis method chosen for this study is content analysis, which aids in structuring and categorizing the data, allowing for the application of a coding process. By using content analysis and following the selection criteria, 15 out of 53 papers were chosen to be reviewed, published between 2017 and part of 2023. One of the main challenges mentioned by all published papers was the resource constraint of IoT devices together with the growing amounts of data that have become a bottleneck in the system. Limited processing capacity makes it difficult for the devices to independently complete complex data processing and AI analysis. The distributed nature of edge computing relies on heavy information exchange between edge devices, thus creating a huge communication load that limits its efficiency. However, edge computing opens up a more natural way of processing data at the edge of the network which aims to bring low latency, high reliability, distributed intelligence and network bandwidth for applications requiring real-time analysis.

Internet of Things

IoT

Edge Computing

Distributed Intelligence

Artificial Intelligence

AI

Computer Sciences

Datavetenskap (datalogi)