| 1. |
- Mohamed, Ali, et al.
(författare)
-
Enhancing Cyber Security of LoRaWAN Gateways under Adversarial Attacks
- 2022
-
Ingår i: Sensors. - : MDPI AG. - 1424-8220. ; 22:9
-
Tidskriftsartikel (refereegranskat)abstract
- The Internet of Things (IoT) has disrupted the IT landscape drastically, and Long Range Wide Area Network (LoRaWAN) is one specification that enables these IoT devices to have access to the Internet. Former security analyses have suggested that the gateways in LoRaWAN in their current state are susceptible to a wide variety of malicious attacks, which can be notoriously difficult to mitigate since gateways are seen as obedient relays by design. These attacks, if not addressed, can cause malfunctions and loss of efficiency in the network traffic. As a solution to this unique problem, this paper presents a novel certificate authentication technique that enhances the cyber security of gateways in the LoRaWAN network. The proposed technique considers a public key infrastructure (PKI) solution that considers a two-tier certificate authority (CA) setup, such as a root-CA and intermediate-CA. This solution is promising, as the simulation results validate that about 66.67% of the packets that are arriving from an illegitimate gateway (GW) are discarded in our implemented secure and reliable solution.
|
|
| 2. |
- Aydin, Mustafa, et al.
(författare)
-
Using Attribute-based Feature Selection Approaches and Machine Learning Algorithms for Detecting Fraudulent Website URLs
- 2020
-
Ingår i: 2020 10th Annual Computing and Communication Workshop and Conference, CCWC 2020. ; , s. 774-779
-
Konferensbidrag (refereegranskat)abstract
- Phishing is a malicious form of online theft and needs to be prevented in order to increase the overall trust of the public on the Internet. In this study, for that purpose, the authors present their findings on the methods of detecting phishing websites. Data mining algorithms along with classifier algorithms are used in order to achieve a satisfactory result. In terms of classifiers, the Naïve Bayes, SMO, and J48 algorithms are used. As for the feature selection algorithm; Gain Ratio Attribute and ReliefF Attribute are selected. The results are provided in a comparative way. Accordingly; SMO and J48 algorithms provided satisfactory results in the detection of phishing websites, however, Naïve Bayes performed poor and is the least recommended method among all.
|
|
| 3. |
- Butun, Ismail, 1981, et al.
(författare)
-
A Review of Distributed Access Control for Blockchain Systems towards Securing the Internet of Things
- 2021
-
Ingår i: IEEE Access. - 2169-3536 .- 2169-3536. ; 9, s. 5428-5441
-
Forskningsöversikt (refereegranskat)abstract
- As the Internet of Things (IoT) paradigm gets more attention from academia and industry, implementation tools of IoT will be explored more and more. One example is the applicability of blockchain systems to provide security and privacy of IoT networks, which is the topic of this article. Blockchain systems are on the rise, as crypto-currency payment systems (such as Bitcoin, Litecoin, etc.) boomed in the last few years due to their attractive de-centralized and anonymous features. As in every transaction, access of the users to IoT systems needs to be controlled. However, these systems are peer-to-peer systems and do not have centralized control, which means that traditional access control techniques will not be optimal. As a result, distributed access control schemes are needed and this paper aims at providing the state of the art in the literature. Thereby, we introduce and discuss the details and applicability of centralized (rolebased) and distributed (threshold-signature, reputation, trusted-computing, identity, capability, ACL, groupsignature, and hybrid) access control schemes to blockchain systems under the IoT ecosystems. Moreover, permissioned vs. permissionless blockchain systems are also discussed. Finally, challenges and research directions related to the application of all those presented blockchain systems to IoT are discussed.
|
|
| 4. |
- Butun, Ismail, 1981, et al.
(författare)
-
Hardware security of fog end-devices for the internet of things
- 2020
-
Ingår i: Sensors. - : MDPI AG. - 1424-8220. ; 20:20, s. 1-28
-
Forskningsöversikt (refereegranskat)abstract
- The proliferation of the Internet of Things (IoT) caused new application needs to emerge as rapid response ability is missing in the current IoT end-devices. Therefore, Fog Computing has been proposed to be an edge component for the IoT networks as a remedy to this problem. In recent times, cyber-attacks are on the rise, especially towards infrastructure-less networks, such as IoT. Many botnet attack variants (Mirai, Torii, etc.) have shown that the tiny microdevices at the lower spectrum of the network are becoming a valued participant of a botnet, for further executing more sophisticated attacks against infrastructural networks. As such, the fog devices also need to be secured against cyber-attacks, not only software-wise, but also from hardware alterations and manipulations. Hence, this article first highlights the importance and benefits of fog computing for IoT networks, then investigates the means of providing hardware security to these devices with an enriched literature review, including but not limited to Hardware Security Module, Physically Unclonable Function, System on a Chip, and Tamper Resistant Memory.
|
|
| 5. |
- Butun, Ismail, 1981, et al.
(författare)
-
Intrusion Detection in Industrial Networks via Data Streaming
- 2020
-
Ingår i: Industrial IoT: Challenges, Design Principles, Applications, and Security. - Cham : Springer International Publishing. ; , s. 213-238
-
Bokkapitel (övrigt vetenskapligt/konstnärligt)abstract
- Given the increasing threat surface of industrial networks due to distributed, Internet-of-Things (IoT) based system architectures, detecting intrusions in Industrial IoT (IIoT) systems is all the more important, due to the safety implications of potential threats. The continuously generated data in such systems form both a challenge but also a possibility: data volumes/rates are high and require processing and communication capacity but they contain information useful for system operation and for detection of unwanted situations. In this chapter we explain that stream processing (a.k.a. data streaming) is an emerging useful approach both for general applications and for intrusion detection in particular, especially since it can enable data analysis to be carried out in the continuum of edge-fog-cloud distributed architectures of industrial networks, thus reducing communication latency and gradually filtering and aggregating data volumes. We argue that usefulness stems also due to facilitating provisioning of agile responses, i.e. due to potentially smaller latency for intrusion detection and hence also improved possibilities for intrusion mitigation. In the chapter we outline architectural features of IIoT networks, potential threats and examples of state-of-the art intrusion detection methodologies. Moreover, we give an overview of how leveraging distributed and parallel execution of streaming applications in industrial setups can influence the possibilities of protecting these systems. In these contexts, we give examples using electricity networks (a.k.a. Smart Grid systems). We conclude that future industrial networks, especially their Intrusion Detection Systems (IDSs), should take advantage of data streaming concept by decoupling semantics from the deployment.
|
|
| 6. |
- Butun, Ismail, 1981
(författare)
-
Preface
- 2021
-
Ingår i: Decision Support Systems and Industrial IoT in Smart Grid, Factories, and Cities. ; , s. xvii-xxi
-
Bokkapitel (övrigt vetenskapligt/konstnärligt)
|
|
| 7. |
- Butun, Ismail, 1981
(författare)
-
Preface to Industrial IoT
- 2020
-
Ingår i: Industrial IoT: Challenges, Design Principles, Applications, and Security. ; , s. IX-X
-
Bokkapitel (övrigt vetenskapligt/konstnärligt)
|
|
| 8. |
- Butun, Ismail, 1981, et al.
(författare)
-
Security and privacy in smart grids: Challenges, current solutions and future opportunities
- 2020
-
Ingår i: ICISSP 2020 - Proceedings of the 6th International Conference on Information Systems Security and Privacy. - : SCITEPRESS - Science and Technology Publications. ; , s. 733-741
-
Konferensbidrag (refereegranskat)abstract
- Smart grids are a promising upgrade to legacy power grids due to enhanced cooperation of involved parties, such as consumers and utility providers. These newer grids improve the efficiency of electricity generation and distribution by leveraging communication networks to exchange information between those different parties. However, the increased connection and communication also expose the control networks of the power grid to the possibility of cyber-attacks. Therefore, research on cybersecurity for smart grids is crucial to ensure the safe operation of the power grid and to protect the privacy of consumers. In this paper, we investigate the security and privacy challenges of the smart grid; present current solutions to these challenges, especially in the light of intrusion detection systems; and discuss how future grids will create new opportunities for cybersecurity.
|
|
| 9. |
-
Decision Support Systems and Industrial IoT in Smart Grid, Factories, and Cities
- 2021
-
Samlingsverk (redaktörskap) (refereegranskat)abstract
- Internet of things (IoT) is an emerging research field that is rapidly becoming an important part of our everyday lives including home automation, smart buildings, smart things, and more. This is due to cheap, efficient, and wirelessly-enabled circuit boards that are enabling the functions of remote sensing/actuating, decentralization, autonomy, and other essential functions. Moreover, with the advancements in embedded artificial intelligence, these devices are becoming more self-aware and autonomous, hence making decisions themselves. Current research is devoted to the understanding of how decision support systems are integrated into industrial IoT. Decision Support Systems and Industrial IoT in Smart Grid, Factories, and Cities presents the internet of things and its place during the technological revolution, which is taking place now to bring us a better, sustainable, automated, and safer world. This book also covers the challenges being faced such as relations and implications of IoT with existing communication and networking technologies; applications like practical use-case scenarios from the real world including smart cities, buildings, and grids; and topics such as cyber security, user privacy, data ownership, and information handling related to IoT networks. Additionally, this book focuses on the future applications, trends, and potential benefits of this new discipline. This book is essential for electrical engineers, computer engineers, researchers in IoT, security, and smart cities, along with practitioners, researchers, academicians, and students interested in all aspects of industrial IoT and its applications.
|
|
| 10. |
- Gaba, Gurjot Singh, et al.
(författare)
-
MAKE-IT—A Lightweight Mutual Authentication and Key Exchange Protocol for Industrial Internet of Things
- 2020
-
Ingår i: Sensors. - : MDPI AG. - 1424-8220. ; 20:18, s. 1-21
-
Tidskriftsartikel (refereegranskat)abstract
- Continuous development of the Industrial Internet of Things (IIoT) has opened up enormous opportunities for the engineers to enhance the efficiency of the machines. Despite the development, many industry administrators still fear to use Internet for operating their machines due to untrusted nature of the communication channel. The utilization of internet for managing industrial operations can be widespread adopted if the authentication of the entities are performed and trust is ensured. The traditional schemes with their inherent security issues and other complexities, cannot be directly deployed to resource constrained network devices. Therefore, we have proposed a strong mutual authentication and secret key exchange protocol to address the vulnerabilities of the existing schemes. We have used various cryptography operations such as hashing, ciphering, and so forth, for providing secure mutual authentication and secret key exchange between different entities to restrict unauthorized access. Performance and security analysis clearly demonstrates that the proposed work is energy efficient (computation and communication inexpensive) and more robust against the attacks in comparison to the traditional schemes
|
|
