Spelling suggestions: "subject:"ehe internet off things"" "subject:"ehe internet oof things""
91 |
Exploring Vulnerabilities and Security Schemes of Service-Oriented Internet 0f Things (IoT) ProtocolsKayas, Golam, 0000-0001-7186-3442 08 1900 (has links)
The Internet of Things (IoT) is spearheading a significant revolution in the realm of computing systems for the next generation. IoT has swiftly permeated various domains, including healthcare, manufacturing, military, and transportation, becoming an essential component of numerous smart devices and applications. However, as the number of IoT devices proliferates, security concerns have surged, resulting in severe attacks in recent years. Consequently, it is imperative to conduct a comprehensive investigation into IoT networks to identify and address vulnerabilities in order to preempt potential adversarial activities.
The aim of this research is to examine different IoT-based systems and comprehend their security weaknesses. Additionally, the objective is to develop effective strategies to mitigate vulnerabilities and explore the security loopholes inherent in IoT-based systems, along with a plan to rectify them.
IoT-based systems present unique challenges due to the expanding adoption of IoT technology across diverse applications, accompanied by a wide array of IoT devices. Each IoT network has its own limitations, further compounding the challenge. For instance, IoT devices used in sensor networks often face constraints in terms of resources, possessing limited power and computational capabilities. Moreover, integration of IoT with existing systems introduces security issues. A prime example of this integration is found in connected cars, where traditional in-vehicle networks, designed to connect internal car components, must be highly robust to meet stringent requirements. However, modern cars are now connected to a wide range of IoT nodes through various interfaces, thus creating new security challenges for professionals to address. This work offers a comprehensive investigation plan for different types of IoT-based systems with varying constraints to identify security vulnerabilities. We also propose security measures to mitigate the vulnerabilities identified in our investigation, thereby preventing adversarial activities. To facilitate the exploration and investigation of vulnerabilities, our work is divided into two parts: resource-constrained IoT-based systems (sensor networks, smart homes) and robustness-constrained IoT-based systems (connected cars).
In our investigation of resource-constrained IoT networks, we focus on two widely used service-oriented IoT protocols, namely Universal Plug and Play (UPnP) and Message Queue Telemetry Transport (MQTT). Through a structured phase-by-phase analysis of these protocols, we establish a comprehensive threat model that explains the existing security gaps in communications. The threat models present security vulnerabilities of service-oriented resource-constrained IoT networks and the corresponding security attacks that exploit these vulnerabilities. We propose security solutions to mitigate the identified vulnerabilities and defend against potential security breaches. Our security analysis demonstrates that the proposed measures successfully thwart adversarial activities, and our experimental data supports the feasibility of the proposed models.
For robustness-constrained IoT-based systems, we investigate the in-vehicle networks of modern cars, specifically focusing on the Controller Area Network (CAN) bus system, which is widely adopted for connecting Electronic Control Units (ECUs) in vehicles. To uncover vulnerabilities in these in-vehicle networks, we leverage fuzz testing, a method that involves testing with random data. Fuzz testing over the CAN bus is a well-established technique for detecting security vulnerabilities in in-vehicle networks. Furthermore, the automatic execution of test cases and assessment of robustness make CAN bus fuzzing a popular choice in the automotive testing community. However, a major drawback of fuzz testing is the generation of a large volume of execution reports, often containing false positives. Consequently, all execution reports must be manually reviewed, which is time-consuming and prone to human errors. To address this issue, we propose an automatic investigation mechanism to identify security vulnerabilities from fuzzing logs, considering the class, relative severity, and robustness of failures. Our proposed schema utilizes artificial intelligence (AI) to identify genuine security-critical vulnerabilities from fuzz testing execution logs. Additionally, we provide mechanisms to gauge the relative severity and robustness of a failure, thereby determining the criticality of a vulnerability. Moreover, we propose an AI-assisted vulnerability scoring system that indicates the criticality of a vulnerability, offering invaluable assistance in prioritizing the mitigation of critical issues in in-vehicle networks. / Computer and Information Science
|
92 |
Informationshantering i fastighetsbranschenAlbrektsson, Elof, Helsingen, Per January 2017 (has links)
No description available.
|
93 |
EFFICIENT ROUTING AND OFFLOADING DESIGN IN INTERNET-OF-THINGS SYSTEMSWang, Ning January 2018 (has links)
One of the fundamental challenges in Internet-of-Things systems is that network environment is always changing. Conventional networking approaches do not consider the dynamic evaluation of the networks or consider the network dynamic as a mirror thing, which may not be able to work or has a low efficiency in the Internet-of-Things systems. This dissertation is uniquely built by considering the dynamic network environment and even taking advantage of the network dynamic to improve the network performances, with a focus on the routing and offloading issues. The first part is related to the routing design in the opportunistic mobile networks. The opportunistic mobile network is expected to be an intrinsic part of the Internet of Things. Devices communicate with each other autonomously without any centralized control and collaborate to gather, share, and forward information in a multi-hop manner. The main challenge in opportunistic mobile networks is due to intermittent connection and thus data is delivered through store-carry-forwarding paradigm. In this dissertation, We found an observation regarding the contact duration and proposed efficient data partitioning routing algorithms in the opportunistic mobile networks. The second part is related to the offloading issues in the Internet-of-things systems. With the surging demand on high-quality mobile services at any time, from anywhere, how to accommodate the explosive growth of traffics with/without existing network infrastructures is a fundamental issue. Specifically, We consider three different offloading problems, i.e., cellular data offloading, cloud task offloading, and mobile worker task offloading problems in vehicular networks, cloud, and crowdsourcing platforms. The common issue behind them is how to efficiently utilize the network resources in different scenarios by design efficient scheduling mechanisms. For the cellular data offloading, We explored the trade-off of cellular offloading in the vehicular network. For the cloud task offloading, We conducted the research to adjust the offloading strategies wisely so that the total offloading cost is minimized. For the worker task offloading in the smart cities, We optimized the cost-efficiency of the crowdsourcing platforms. / Computer and Information Science
|
94 |
Designing Effective Security and Privacy Schemes for Wireless Mobile DevicesWu, Longfei January 2017 (has links)
The growing ubiquity of modern wireless and mobile electronic devices has brought our daily lives with more convenience and fun. Today's smartphones are equipped with a variety of sensors and wireless communication technologies, which can support not only the basic functions like phone call and web browsing, but also advanced functions like mobile pay, biometric security, fitness monitoring, etc. Internet-of-Things (IoT) is another category of popular wireless devices that are networked to collect and exchange data. For example, the smart appliances are increasingly deployed to serve in home and office environments, such as smart thermostat, smart bulb, and smart meter. Additionally, implantable medical devices (IMD) is the typical type of modern wireless devices that are implanted within human body for diagnostic, monitoring, and therapeutic purposes. However, these modern wireless and mobile devices are not well protected compared with traditional personal computers (PCs), due to the intrinsic limitations in computation power, battery capacity, etc. In this dissertation, we first present the security and privacy vulnerabilities we discovered. Then, we present our designs to address these issues and enhance the security of smartphones, IoT devices, and IMDs. For smartphone security, we investigate the mobile phishing attacks, mobile clickjacking attacks and mobile camera-based attacks. Phishing attacks aim to steal private information such as credentials. We propose a novel anti-phishing scheme MobiFish, which can detect both phishing webpages and phishing applications (apps). The key idea is to check the consistency between the claimed identity and the actual identity of a webpage/app. The claimed identity can be extracted from the screenshot of login user interface (UI) using the optical character recognition (OCR) technique, while the actual identity is indicated by the secondary-level domain name of the Uniform Resource Locator (URL) to which the credentials are submitted. Clickjacking attacks intend to hijack user inputs and re-route them to other UIs that are not supposed to receive them. To defend such attacks, a lightweight and independent detection service is integrated into the Android operating system. Our solution requires no user or app developer effort, and is compatible with existing commercial apps. Camera-based attacks on smartphone can secretly capture photos or videos without the phone user's knowledge. One advanced attack we discovered records the user's eye movements when entering passwords. We found that it is possible to recover simple passwords from the video containing user eye movements. Next, we propose an out-of-band two-factor authentication scheme for indoor IoT devices (e.g., smart appliances) based on the Blockchain infrastructure. Since smart home environment consists of multiple IoT devices that may share their sensed data to better serve the user, when one IoT device is being accessed, our design utilizes another device to conduct a secondary authentication over an out-of-band channel (light, acoustic, etc.), to detect if the access requestor is a malicious external device. Unlike smartphones and IoT devices, IMDs have the most limited computation and battery resources. We devise a novel smartphone-assisted access control scheme in which the patient's smartphone is used to delegate the heavy computations for authentication and authorization. The communications between the smartphone and the IMD programmer are conducted through an audio cable, which can resist the wireless eavesdropping and other active attacks. / Computer and Information Science
|
95 |
The security of big data in fog-enabled IoT applications including blockchain: a surveyTariq, N., Asim, M., Al-Obeidat, F., Farooqi, M.Z., Baker, T., Hammoudeh, M., Ghafir, Ibrahim 24 January 2020 (has links)
Yes / The proliferation of inter-connected devices in critical industries, such as healthcare and power
grid, is changing the perception of what constitutes critical infrastructure. The rising interconnectedness
of new critical industries is driven by the growing demand for seamless access to information as the
world becomes more mobile and connected and as the Internet of Things (IoT) grows. Critical industries
are essential to the foundation of today’s society, and interruption of service in any of these sectors can
reverberate through other sectors and even around the globe. In today’s hyper-connected world, the
critical infrastructure is more vulnerable than ever to cyber threats, whether state sponsored, criminal
groups or individuals. As the number of interconnected devices increases, the number of potential
access points for hackers to disrupt critical infrastructure grows. This new attack surface emerges from
fundamental changes in the critical infrastructure of organizations technology systems. This paper aims
to improve understanding the challenges to secure future digital infrastructure while it is still evolving.
After introducing the infrastructure generating big data, the functionality-based fog architecture is
defined. In addition, a comprehensive review of security requirements in fog-enabled IoT systems is
presented. Then, an in-depth analysis of the fog computing security challenges and big data privacy and
trust concerns in relation to fog-enabled IoT are given. We also discuss blockchain as a key enabler to
address many security related issues in IoT and consider closely the complementary interrelationships
between blockchain and fog computing. In this context, this work formalizes the task of securing big
data and its scope, provides a taxonomy to categories threats to fog-based IoT systems, presents a
comprehensive comparison of state-of-the-art contributions in the field according to their security service
and recommends promising research directions for future investigations.
|
96 |
Recent advances in antenna design for 5G heterogeneous networksElfergani, Issa T., Hussaini, A.S., Rodriguez, J., Abd-Alhameed, Raed 14 January 2022 (has links)
Yes
|
97 |
Security and Privacy for Internet of Things: Authentication and BlockchainSharaf Dabbagh, Yaman 21 May 2020 (has links)
Reaping the benefits of the Internet of Things (IoT) system is contingent upon developing IoT-specific security and privacy solutions. Conventional security and authentication solutions often fail to meet IoT requirements due to the computationally limited and portable nature of IoT objects. Privacy in IoT is a major issue especially in the light of current attacks on Facebook and Uber. Research efforts in both the academic and the industrial fields have been focused on providing security and privacy solutions that are specific to IoT systems. These solutions include systems to manage keys, systems to handle routing protocols, systems that handle data transmission, access control for devices, and authentication of devices.
One of these solutions is Blockchain, a trust-less peer-to-peer network of devices with an immutable data storage that does not require a trusted party to maintain and validate data entries in it. This emerging technology solves the problem of centralization in systems and has the potential to end the corporations control over our personal information. This unique characteristic makes blockchain an excellent candidate to handle data communication and storage between IoT devices without the need of oracle nodes to monitor and validate each data transaction. The peer-to-peer network of IoT devices validates data entries before being added to the blockchain database. However, accurate authentication of each IoT device using simple methods is another challenging problem.
In this dissertation, a complete novel system is proposed to authenticate, verify, and secure devices in IoT systems. The proposed system consists of a blockchain framework to collect, monitor, and analyze data in IoT systems. The blockchain based system exploits a method, called Sharding, in which devices are grouped into smaller subsets to provide a scalable system. In addition to solving the scalability problem in blockchain, the proposed system is secured against the 51% attack in which a malicious node tries to gain control over the majority of devices in a single shard in order to disrupt the validation process of data entries. The proposed system dynamically changes the assignment of devices to shards to significantly decrease the possibility of performing 51% attacks. The second part of the novel system presented in this work handles IoT device authentication. The authentication framework uses device-specific information, called fingerprints, along with a transfer learning tool to authenticate objects in the IoT. The framework tracks the effect of changes in the physical environment on fingerprints and uses unique IoT environmental effects features to detect both cyber and cyber-physical emulation attacks. The proposed environmental effects estimation framework showed an improvement in the detection rate of attackers without increasing the false positives rate. The proposed framework is also shown to be able to detect cyber-physical attackers that are capable of replicating the fingerprints of target objects which conventional methods are unable to detect. In addition, a transfer learning approach is proposed to allow the use of objects with different types and features in the environmental effects estimation process. The transfer learning approach was also implemented in cognitive radio networks to prevent primary users emulation attacks that exist in these networks. Lastly, this dissertation investigated the challenge of preserving privacy of data stored in the proposed blockchain-IoT system. The approach presented continuously analyzes the data collected anonymously from IoT devices to insure that a malicious entity will not be able to use these anonymous datasets to uniquely identify individual users.
The dissertation led to the following key results. First, the proposed blockchain based framework that uses sharding was able to provide a decentralized, scalable, and secured platform to handle data exchange between IoT devices. The security of the system against 51% attacks was simulated and showed significant improvements compared to typical blockchain implementations. Second, the authentication framework of IoT devices is shown to yield to a 40% improvement in the detection of cyber emulation attacks and is able to detect cyber-physical emulation attacks that conventional methods cannot detect. The key results also show that the proposed framework improves the authentication accuracy while the transfer learning approach yields up to 70% additional performance gains. Third, the transfer learning approach to combine knowledge about features from multiple device types was also implemented in cognitive radio networks and showed performance gains with an average of 3.4% for only 10% relevant information between the past knowledge and the current environment signals. / Doctor of Philosophy / The Internet of things (IoT) system is anticipated to reach billions of devices by the year 2020. With this massive increase in the number of devices, conventional security and authentication solutions will face many challenges from computational limits to privacy and security challenges. Research on solving the challenges of IoT systems is focused on providing lightweight solutions to be implemented on these low energy IoT devices. However these solutions are often prone to different types of attacks.
The goal of this dissertation is to present a complete custom solution to secure IoT devices and systems. The system presented to solve IoT challenges consists of three main components. The first component focuses on solving scalability and centralization challenges that current IoT systems suffer from. To accomplish this a combination of distributed system, called blocchain, and a method to increase scalability, called Sharding, were used to provide both scalability and decentralization while maintaining high levels of security. The second component of the proposed solution consists of a novel framework to authenticate the identity of each IoT device. To provide an authentication solution that is both simple and effective, the framework proposed used a combination of features that are easy to collect, called fingerprints. These features were used to model the environment surrounding each IoT device to validate its identity. The solution uses a method called transfer learning to allow the framework to run on different types of devices.
The proposed frameworks were able to provide a solution that is scalable, simple, and secured to handle data exchange between IoT devices. The simulation presented showed significant improvements compared to typical blockchain implementations. In addition, the frameworks proposed were able to detect attackers that have the resources to replicate all the device specific features. The proposed authentication framework is the first framework to be able to detect such an advanced attacker. The transfer learning tool added to the authentication framework showed performance gains of up to 70%.
|
98 |
Giving Smart Agents a Voice: How a Smart Agent's Voice Influences Its Relationships with ConsumersHan, Yegyu 04 June 2020 (has links)
Advances in speech recognition and voice synthesis software now allow "smart agents" (e.g., voice-controlled devices like Amazon's Alexa and Google Home) to interact naturally with humans. The machines have a skills repertoire with which they can "communicate" and form relationships with consumers – managing aspects of their daily lives and providing advice on various issues including purchases. This dissertation develops three essays that examine the role played by the smart agent's voice (rational vs. emotional) in such relationships. The social cognition and persuasion literature on interpersonal communication serves as a comparison backdrop.
In Essay 1, I investigate how identical purchase recommendations delivered in a rational or an emotional voice elicit different consumer responses, when the voice is ascribed to a human versus a smart agent. I argue that consumers distinctively categorize smart agents and humans, which, in turn, leads them to have different expectations when interacting with them. In Essay 2, I focus on how a smart agent's vocal tone (rational vs. emotional) influences consumer compliance with the agent's recommendation as well as the role of trust as a mediator of the underlying process. I find that the level of intimacy in the relationship between the smart agent and the human user moderates whether the voice effect on persuasion operates through trust that is cognitively or affectively rooted.
In Essay 3, I examine the proposition that consumers may anthropomorphize a smart agent both mindfully (consciously) and mindlessly (non-consciously), depending on the agent's voice. In addition to using extant measures of the degree to which anthropomorphism is explicit (conscious), I develop an auditory analog of the implicit association test (IAT) that assesses implicit (non-conscious) anthropomorphism. In additional experiments, I further assess the robustness of the auditory IAT test and demonstrated a dissociation between the measures of the explicit and implicit subconstructs of anthropomorphism. Taken together, these essays contribute to our understanding of the factors driving consumer relationships with smart agents in the rapidly evolving IoT world. / Doctor of Philosophy / Advances in artificial intelligence technologies are creating "smart devices," i.e., machines that can "understand" how people talk and respond meaningfully to such communication in their own voices. Thus, familiar voice-controlled devices like Amazon's Alexa and Google Home are now increasingly able to "communicate" and form relationships with consumers – managing aspects of their daily lives and providing advice on various issues including purchases. However, little is known about how a smart agent's vocal tones (rational vs. emotional) may influence how consumers perceive and relate to the smart agent. My primary goal in this research is to contribute to our understanding of the role played by the smart agent's voice (rational vs. emotional) in such relationships.
Specifically, in Essay 1, I investigate how identical purchase recommendations delivered in a rational or an emotional voice elicit different consumer responses, when the voice is ascribed to a human versus a smart agent. I argue that consumers perceive smart agents and humans as belonging to distinct categories, which leads them to have different expectations when interacting with them. In Essay 2, I focus on how a smart agent's vocal tone (rational vs. emotional) influences consumer compliance with the agent's recommendation as well as the role of trust as a mediator of the underlying process. The level of intimacy in the relationship between the smart agent and the human user influences whether the voice effect on persuasion is driven by trust that is rooted in cognition (knowledge, competence) or affect (caring, warmth).
In Essay 3, I examine whether consumers imbue humanlike qualities (anthropomorphize) a smart agent both mindfully (consciously) and mindlessly (non-consciously) based on the agent's voice. In addition to using available measures of conscious anthropomorphism, I develop an auditory analog of the implicit association test (IAT) to assesses implicit (non-conscious) anthropomorphism. In additional experiments, I assess the robustness of the auditory IAT test and the relationship between measures of mindful and mindless anthropomorphism. Taken together, the research reported in these three essays contributes to our understanding of the factors driving consumer relationships with smart agents in the rapidly evolving IoT (Internet of Things) world.
|
99 |
Distributed Architectures for Enhancing Artificial Intelligence of Things Systems. A Cloud Collaborative ModelElouali, Aya 23 November 2023 (has links)
In today’s world, IoT systems are more and more overwhelming. All electronic devices are becoming connected. From lamps and refrigerators in smart homes, smoke detectors and cameras in monitoring systems, to scales and thermometers in healthcare systems, until phones, cars and watches in smart cities. All these connected devices generate a huge amount of data collected from the environment. To take advantage of these data, a processing phase is needed in order to extract useful information, allowing the best management of the system. Since most objects in IoT systems are resource limited, the processing step, usually performed by an artificial intelligence model, is offloaded to a more powerful machine such as the cloud server in order to benefit from its high storage and processing capacities. However, the cloud server is geographically remote from the connected device, which leads to a long communication delay and harms the effectiveness of the system. Moreover, due to the incredibly increasing number of IoT devices and therefore offloading operations, the load on the network has increased significantly. In order to benefit from the advantages of cloud based AIoT systems, we seek to minimize its shortcomings. In this thesis, we design a distributed architecture that allows combining these three domains while reducing latency and bandwidth consumption as well as the IoT device’s energy and resource consumption. Experiments conducted on different cloud based AIoT systems showed that the designed architecture is capable of reducing up to 80% of the transmitted data. / En el mundo actual, los sistemas de IoT (Internet de las cosas) son cada vez más abrumadores. Todos los dispositivos electrónicos se están conectando entre sí. Desde lámparas y refrigeradores en hogares inteligentes, detectores de humo y cámaras para sistemas de monitoreo, hasta básculas y termómetros para sistemas de atención médica, pasando por teléfonos, automóviles y relojes en ciudades inteligentes. Todos estos dispositivos conectados generan una enorme cantidad de datos recopilados del entorno. Para aprovechar estos datos, es necesario un proceso de análisis para extraer información útil que permita una gestión óptima del sistema. Dado que la mayoría de los objetos en los sistemas de IoT tienen recursos limitados, la etapa de procesamiento, generalmente realizada por un modelo de inteligencia artificial, se traslada a una máquina más potente, como el servidor en la nube, para beneficiarse de su alta capacidad de almacenamiento y procesamiento. Sin embargo, el servidor en la nube está geográficamente alejado del dispositivo conectado, lo que conduce a una larga demora en la comunicación y perjudica la eficacia del sistema. Además, debido al increíble aumento en el número de dispositivos de IoT y, por lo tanto, de las operaciones de transferencia de datos, la carga en la red ha aumentado significativamente. Con el fin de aprovechar las ventajas de los sistemas de AIoT (Inteligencia Artificial en el IoT) basados en la nube, buscamos minimizar sus desventajas. En esta tesis, hemos diseñado una arquitectura distribuida que permite combinar estos tres dominios al tiempo que reduce la latencia y el consumo de ancho de banda, así como el consumo de energía y recursos del dispositivo IoT. Los experimentos realizados en diferentes sistemas de AIoT basados en la nube mostraron que la arquitectura diseñada es capaz de reducir hasta un 80% de los datos transmitidos.
|
100 |
Empirical Evaluation of Edge Computing for Smart Building Streaming IoT ApplicationsGhaffar, Talha 13 March 2019 (has links)
Smart buildings are one of the most important emerging applications of Internet of Things (IoT). The astronomical growth in IoT devices, data generated from these devices and ubiquitous connectivity have given rise to a new computing paradigm, referred to as "Edge computing", which argues for data analysis to be performed at the "edge" of the IoT infrastructure, near the data source. The development of efficient Edge computing systems must be based on advanced understanding of performance benefits that Edge computing can offer. The goal of this work is to develop this understanding by examining the end-to-end latency and throughput performance characteristics of Smart building streaming IoT applications when deployed at the resource-constrained infrastructure Edge and to compare it against the performance that can be achieved by utilizing Cloud's data-center resources. This work also presents a real-time streaming application to detect and localize the footstep impacts generated by a building's occupant while walking. We characterize this application's performance for Edge and Cloud computing and utilize a hybrid scheme that (1) offers maximum of around 60% and 65% reduced latency compared to Edge and Cloud respectively for similar throughput performance and (2) enables processing of higher ingestion rates by eliminating network bottleneck. / Master of Science / Among the various emerging applications of Internet of Things (IoT) are Smart buildings, that allow us to monitor and manipulate various operating parameters of a building by instrumenting it with sensor and actuator devices (Things). These devices operate continuously and generate unbounded streams of data that needs to be processed at low latency. This data, until recently, has been processed by the IoT applications deployed in the Cloud at the cost of high network latency of accessing Cloud’s resources. However, the increasing availability of IoT devices, ubiquitous connectivity, and exponential growth in the volume of IoT data has given rise to a new computing paradigm, referred to as “Edge computing”. Edge computing argues that IoT data should be analyzed near its source (at the network’s Edge) in order to eliminate high latency of accessing Cloud for data processing. In order to develop efficient Edge computing systems, an in-depth understanding of the trade-offs involved in Edge and Cloud computing paradigms is required. In this work, we seek to understand these trade-offs and the potential benefits of Edge computing. We examine end to-end latency and throughput performance characteristics of Smart building streaming IoT applications by deploying them at the resource-constrained Edge and compare it against the performance that can be achieved by Cloud deployment. We also present a real-time streaming application to detect and localize the footstep impacts generated by a building’s occupant while walking. We characterize this application’s performance for Edge and Cloud computing and utilize a hybrid scheme that (1) offers maximum of around 60% and 65% reduced latency compared to Edge and Cloud respectively for similar throughput performance and (2) enables processing of higher ingestion rates by eliminating network bottleneck.
|
Page generated in 0.1165 seconds