This paper focuses on the adoption of biometric and RFID security gadgets as innovative solutions for enhancing door lock systems. The traditional reliance on physical keys has proven vulnerable to security breaches, prompting the need for more robust measures. Biometric features such as Fingerprint, Voice and Bluetooth offer unparalleled security by leveraging unique biological characteristics for authentication. Additionally, integrating RFID technology enables convenient access control through assigned cards or tags, eliminating the need for physical keys or complex passwords. The combination of these cutting-edge solutions establishes a comprehensive security infrastructure, significantly reducing risks associated with conventional lock systems. This research highlights the benefits and applications of these technologies in various settings, emphasizing their role in creating a safer environment for individuals and organizations.

In today s world, security is a very important issue. People should always keep their belongings safe. To increase security, this research work proposes a IoT-based smart lockers with sensors and access keys with security, verification, and user-friendly tools. This model alerts the user when someone else tries to access their locker and quickly sends an alarm to the authorized user, and provides the option to either grant or reject access to the valid user. In this paper, smart locker is kept registered early to use a locker in the bank, office, home, etc. to ensure safety. The user demands to send an unlock direction with the help of microcontroller NUDE MCU ESP8266 and after accepting the command from the cloud (BLYNK APP), only the user can unlock the closet and access the valuables. This study has also introduced the encroachment detection in lockers with sensors and finally installed smart lockers with fire alarms for security and reliability.

Advances in sensor and communication technologies have transformed traditional homes into smart homes, equipped with sensors and actuators for various functionalities like smart lighting, temperature control, irrigation, solar monitoring, entertainment, and security. This transition is powered by the Internet of Things (IoT) architecture, enabling smart home hubs to integrate and control devices with different communication protocols. However, this shift has also introduced new security and privacy issues in the Smart Home IoT (SH-IoT) environment. To address these challenges, new communication protocols with cryptographic features have been developed, and a unified standard called Matter has been created to promote interoperability among different device manufacturers. This paper presents a comprehensive survey of recent trends and advances in the smart home IoT landscape, focusing on communication protocols, their security issues and protection features against vulnerabilities in the SH-IoT environment.

With the advancement in Internet of things smart homes are rapidly developing. Smart home is the major key component of Internet of thing. With the help of IOT technology we can stay connected to our home appliance. Internet of Things is the Associations of inserted advancements that. Contained physical protests and is utilized to convey and keenness or collaborate with the internal states or the outer surroundings. Rather than individuals to individuals’ correspondence, IoT accentuation on machine-to-machine correspondence. Smart home connects the physical components of our home with the help of software and sensors so that we can access them via internet from one place. Building home automation includes computerizing a home, likewise, mentioned to as a sensible home or smart home. Domestic machines are an urgent part of the Web of Things whenever they are associated with the web. Controlled devices are commonly connected to a focal center or entryway through a domestic automation framework. A smartphone application, tablet PC, personal computer, wall-mounted terminals, or even a web interface that can be gotten to from off-website over the Web are completely utilized by the program to work the framework. Since all the devices are interconnected and interlinked to one an-another they are lot of chances for security breach and data theft. If the security layer is easily breakable any third-party attacker can easily theft the private data of the user. Which leads us to pay more attention to protecting and securing private data. With the day-to-day development of Smart Home, the safety also got to be developed and updated day to day the safety challenges of the IoT for a wise home scenario are encountered, and a comprehensive IoT security management for smart homes has been proposed. This paper acquaints the status of IoT development, and furthermore contains security issues challenges. Finally, this paper surveys the Gamble factor, security issues and challenges in every point of view

In the last decade the rapid development of the communications and IoT systems have risen many challenges regarding the security of the devices that are handled wirelessly. Therefore, in this paper, we intend to test the possibility of spoofing the parameters for connection of the Bluetooth Low Energy (BLE) devices, to make several recommendations for increasing the security of the usage of those devices and to propose basic counter measurements regarding the possibility of hacking them.

Multiple smart operations, similar as smart technologies in homes, smart metropolises, smart husbandry, and smart health and fitness centres, use a new technology known as the Internet of effects. They correspond of an multifariousness of multiple networked bias that link to multiple detectors and the internet. Among the layers that comprise an IoT armature are the perception subcaste, network subcaste, and operation subcaste. Due to their wide use, these smart biases have fairly minimum protection and are vulnerable to attacks. Comprehensive explanations of operation subcaste security issues and protocols, similar as Advance Message Queuing Protocol(AMQP) in application layer protocol, Constrained operation protocol(CoAP), and REST(Emblematic State Transport).

The Internet of Things (IoT) connects the physical world to the digital world, and wireless sensor networks (WSNs) play a significant role. There are billions of IoT products in the market. We found that security was not the primary focus of software developers. The first step of designing a secure product is to analyze and note down the security requirements. This research paper proposes a modified approach, incorporating elements from the SREP (Software Requirements Engineering Process) and SQUARE (Security Quality Requirement Engineering), to define security requirements for IoT products. The revised process is applied to determine the security requirements of a Smart Lock system that utilizes the publish/subscribe protocol MQTT-SN (Message Queuing Telemetry Transport for Sensor Networks) communication protocol architecture.

This paper focuses on the adoption of biometric and RFID security gadgets as innovative solutions for enhancing door lock systems. The traditional reliance on physical keys has proven vulnerable to security breaches, prompting the need for more robust measures. Biometric features such as Fingerprint, Voice and Bluetooth offer unparalleled security by leveraging unique biological characteristics for authentication. Additionally, integrating RFID technology enables convenient access control through assigned cards or tags, eliminating the need for physical keys or complex passwords. The combination of these cutting-edge solutions establishes a comprehensive security infrastructure, significantly reducing risks associated with conventional lock systems. This research highlights the benefits and applications of these technologies in various settings, emphasizing their role in creating a safer environment for individuals and organizations.

The Internet of Things (IoT) is characterized by a myriad of communication protocols that enable seamless connectivity among devices. However, the open nature of the internet exposes these communication protocols to various flaws and vulnerabilities, resulting in the necessity for rigorous security verification. In response to this imperative, the literature abounds with research efforts aimed at assessing the security properties of IoT communication protocols using diverse techniques. In this paper, we present a comprehensive overview of these research endeavors, with a specific focus on the utilization of Formal Methods to verify the security of common communication protocols employed in the IoT.

Today the motorcycle theft cases in Indonesia are in a very high rate and it has been continuing to increase in every year. For this, there is a need for a security system for motorcycle to minimize the risk of motorcycle theft. This study aims to design and create an Internet of Things (IoT)-based security system for the motorcycle that can be controlled through smartphone purposely to reduce the rate of motorcycle thefts. The system was created using Arduino microcontroller. From the results of the implementation, it produced a device that has a number of features including turning on, turning off, and motorcycle starter using application. Another one is the function of tracking to trace the position of the motorcycle. The third feature is to turn off the function of motorcycle socket and the fourth feature is to control the switch engine of motorcycle. The results of the testing in the parameters of maximum distance of Bluetooth connection, delay proses, test of GPS connectivity and test of voice command, showed that it could create a system that can be used well as an anti-theft device for motorcycle.

There will be a billion smart devices with processing, sensing, and actuation capabilities that can be connected to the Internet under the IoT paradigm. The level of convenience, effectiveness, and automation for consumers is expected to rise owing to promising IoT applications. Privacy is a significant concern in IoT systems, and it is essential to provide users with full awareness and control over the data collected by these systems. The use of privacy-enhancing technologies can help to minimise the risks associated with data collection and processing and ensure that user privacy is protected. Lack of standards for devices with limited resources and heterogeneous technologies intensifies the security issue. There are various emerging and existing technologies that can help to address the security risks in the IoT sector and achieve a high degree of trust in IoT applications. By implementing these technologies and countermeasures, it is possible to improve the security and reliability of IoT systems, ensuring that they can be used safely and effectively in a wide range of applications. This article s intent is to provide a comprehensive investigation of the threats and risks in the IoT industry and to examine some potential countermeasures.

Blockchain, as an emerging distributed database, effectively addresses the issue of centralized storage in IoT data, where storage capacity cannot match the explosive growth in devices and data scale, as well as the contradictions arising from centralized data management concerning data privacy and security concerns. To alleviate the problem of excessive pressure on single-point storage and ensure data security, a blockchain data storage method based on erasure codes is proposed. This method involves constructing mathematical functions that describe the data to split the original block data into multiple fragments and add redundant slices. These fragments are then encoded and stored in different locations using a circular hash space with the addition of virtual nodes to ensure load balancing among nodes and reduce situations where a single node stores too many encoded data blocks, effectively enhancing the storage space utilization efficiency of the distributed storage database. The blockchain storage method stores encoded data digest information such as storage location, creation time, and hashes, allowing for the tracing of the origin of encoded data blocks. In case of accidental loss or malicious tampering, this enables effective recovery and ensures the integrity and availability of data in the network. Experimental results indicate that compared to traditional blockchain approaches, this method effectively reduces the storage pressure on nodes and exhibits a certain degree of disaster recovery capability.

In the realm of Internet of Things (IoT) devices, the trust management system (TMS) has been enhanced through the utilisation of diverse machine learning (ML) classifiers in recent times. The efficacy of training machine learning classifiers with pre-existing datasets for establishing trustworthiness in IoT devices is constrained by the inadequacy of selecting suitable features. The current study employes a subset of the UNSW-NB15 dataset to compute additional features such as throughput, goodput, packet loss. These features may be combined with the best discriminatory features to distinguish between trustworthy and non-trustworthy IoT networks. In addition, the transformed dataset undergoes filter-based and wrapper-based feature selection methods to mitigate the presence of irrelevant and redundant features. The evaluation of classifiers is performed utilising diverse metrics, including accuracy, precision, recall, F1-score, true positive rate (TPR), and false positive rate (FPR). The performance assessment is conducted both with and without the application of feature selection methodologies. Ultimately, a comparative analysis of the machine learning models is performed, and the findings of the analysis demonstrate that our model s efficacy surpasses that of the approaches utilised in the existing literature.

IoT scenarios face cybersecurity concerns due to unauthorized devices that can impersonate legitimate ones by using identical software and hardware configurations. This can lead to sensitive information leaks, data poisoning, or privilege escalation. Behavioral fingerprinting and ML/DL techniques have been used in the literature to identify devices based on performance differences caused by manufacturing imperfections. In addition, using Federated Learning to maintain data privacy is also a challenge for IoT scenarios. Federated Learning allows multiple devices to collaboratively train a machine learning model without sharing their data, but it requires addressing issues such as communication latency, heterogeneity of devices, and data security concerns. In this sense, Trustworthy Federated Learning has emerged as a potential solution, which combines privacy-preserving techniques and metrics to ensure data privacy, model integrity, and secure communication between devices. Therefore, this work proposes a trustworthy federated learning framework for individual device identification. It first analyzes the existing metrics for trustworthiness evaluation in FL and organizes them into six pillars (privacy, robustness, fairness, explainability, accountability, and federation) for computing the trustworthiness of FL models. The framework presents a modular setup where one component is in charge of the federated model generation and another one is in charge of trustworthiness evaluation. The framework is validated in a real scenario composed of 45 identical Raspberry Pi devices whose hardware components are monitored to generate individual behavior fingerprints. The solution achieves a 0.9724 average F1-Score in the identification on a centralized setup, while the average F1-Score in the federated setup is 0.8320. Besides, a 0.6 final trustworthiness score is achieved by the model on state-of-the-art metrics, indicating that further privacy and robustness techniques are required to improve this score.

Device recognition is the primary step toward a secure IoT system. However, the existing equipment recognition technology often faces the problems of unobvious data characteristics and insufficient training samples, resulting in low recognition rate. To address this problem, a convolutional neural network-based IoT device recognition method is proposed. We first extract the background icons of various IoT devices through the Internet, and then use the ResNet50 neural network to extract icon feature vectors to build an IoT icon library, and realize accurate identification of device types through image retrieval. The experimental results show that the accuracy rate of sampling retrieval in the icon library can reach 98.5\%, and the recognition accuracy rate outside the library can reach 83.3\%, which can effectively identify the type of IoT devices.

The principles of social networking and the Internet of Things were combined to create the Social Internet of Things (SIoT) paradigm. Therefore, this paradigm cannot become widely adopted to the point where it becomes a well-established technology without a security mechanism to assure reliable interactions between SIoT nodes. A Trust Management (TM) model becomes a major challenge in SIoT systems to create a trust score for the network nodes ranking. Regarding the defined TM models methodology, this score will persist for the subsequent transaction and will only be changed after some time has passed or after another transaction. However, a trust evaluation methodology must be able to consider the different constraints of the SIoT environments (dynamism and scalability) when building trust scores. Based on both event-driven and time-driven methods for trust update solutions, this model can identify which damaging nodes should be eliminated based on their changing problematic behaviors over time. The effectiveness of our proposed model has been validated by a number of simulation-based experiments that were conducted on various scenarios.

Malware detection constitutes a fundamental step in safe and secure computational systems, including industrial systems and the Internet of Things (IoT). Modern malware detection is based on machine learning methods that classify software samples as malware or benign, based on features that are extracted from the samples through static and/or dynamic analysis. State-of-the-art malware detection systems employ Deep Neural Networks (DNNs) whose accuracy increases as more data are analyzed and exploited. However, organizations also have significant privacy constraints and concerns which limit the data that they share with centralized security providers or other organizations, despite the malware detection accuracy improvements that can be achieved with the aggregated data. In this paper we investigate the effectiveness of federated learning (FL) methods for developing and distributing aggregated DNNs among autonomous interconnected organizations. We analyze a solution where multiple organizations use independent malware analysis platforms as part of their Security Operations Centers (SOCs) and train their own local DNN model on their own private data. Exploiting cross-silo FL, we combine these DNNs into a global one which is then distributed to all organizations, achieving the distribution of combined malware detection models using data from multiple sources without sample or feature sharing. We evaluate the approach using the EMBER benchmark dataset and demonstrate that our approach effectively reaches the same accuracy as the non-federated centralized DNN model, which is above 93\%.

Malwares have been being a major security threats to enterprises, government organizations and end-users. Beside traditional malwares, such as viruses, worms and trojans, new types of malwares, such as botnets, ransomwares, IoT malwares and crypto-jackings are released daily. To cope with malware threats, several measures for monitoring, detecting and preventing malwares have been developed and deployed in practice, such as signature-based detection, static and dynamic file analysis. This paper proposes 2 malware detection models based on statistics and machine learning using opcode n-grams. The proposed models aim at achieving high detection accuracy as well as reducing the amount of time for training and detection. Experimental results show that our proposed models give better performance measures than previous proposals. Specifically, the proposed statistics-based model is very fast and it achieves a high detection accuracy of 92.75\% and the random forest-based model produces the highest detection accuracy of 96.29\%.

The term Internet of Things(IoT) describes a network of real-world items, gadgets, structures, and other things that are equipped with communication and sensors for gathering and exchanging data online. The likelihood of Android malware attacks on IoT devices has risen due to their widespread use. Regular security precautions might not be practical for these devices because they frequently have limited resources. The detection of malware attacks on IoT environments has found hope in ML approaches. In this paper, some machine learning(ML) approaches have been utilized to detect IoT Android malware threats. This method uses a collection of Android malware samples and good apps to build an ML model. Using the Android Malware dataset, many ML techniques, including Naive Bayes (NB), K-Nearest Neighbour (KNN), Decision Tree (DT), and Random Forest (RF), are used to detect malware in IoT. The accuracy of the DT model is 95\%, which is the highest accuracy rate, while that of the NB, KNN, and RF models have accuracy rates of 84\%, 89\%, and 92\%, respectively.

The motive of this paper is to detect the malware from computer systems in order to protect the confidential data, information, documents etc. from being accessing. The detection of malware is necessary because it steals the data from that system which is affected by malware. There are different malware detection techniques (cloud-based, signature-based, Iot-based, heuristic based etc.) and different malware detection tools (static, dynamic) area used in this paper to detect new generation malware. It is necessary to detect malware because the attacks of malware badly affect our economy and no one sector is untouched by it. The detection of malware is compulsory because it exploits goal devices vulnerabilities, along with a Trojan horse in valid software e.g. browser that may be hijacked. There are also different tools used for detection of malware like static or dynamic that we see in this paper. We also see different methods of detection of malware in android.

One of the important characteristics envisioned for 6G is security function virtualization (SFV). Similar to network function virtualization (NFV) in 5G networks, SFV provides new opportunities for improving security while reducing the security overhead. In particular, it provides an attractive way of solving compatibility issues related to security. Malware in Internet of Things (IoT) systems is gaining popularity among cyber-criminals because of the expected number of IoT devices in 5G and 6G networks. To solve this issue, this article proposes a security framework that exploits softwarization of security functions via SFV to improve trust in IoT systems and contain the propagation of malware. IoT devices are categorized into trusted, vulnerable, and compromised levels using remote attestation. To isolate the devices in the three distinct categories, NFV is used to create separate networks for each category, and a distributed ledger is used to store the state of each device. Virtualized remote attestation routines are employed to avoid any compatibility issues among heterogeneous IoT devices and effectively contain malware propagation. The results show that the proposed framework can reduce the number of infected devices by 66 percent in only 10 seconds.

Advances in wireless networking, such as 5G, continue to enable the vision of the Internet of Things (IoT), where everything is connected, and much data is collected by IoT devices and made available to interested parties (i.e., application servers). However, events such as botnet attacks (e.g., [1]) demonstrate that there are important challenges in this evolution.

Embedded systems that make up the Internet of Things (IoT), Supervisory Control and Data Acquisition (SCADA) networks, and Smart Grid applications are coming under increasing scrutiny in the security field. Remote Attestation (RA) is a security mechanism that allows a trusted device, the verifier, to determine the trustworthiness of an untrusted device, the prover. RA has become an area of high interest in academia and industry and many research works on RA have been published in recent years. This paper reviewed the published RA research works from 2003-2020. Our contributions are fourfold. First, we have re-framed the problem of RA into 5 smaller problems: root of trust, evidence type, evidence gathering, packaging and verification, and scalability. We have provided a holistic review of RA by discussing the relationships between these problems and the various solutions that exist in modern RA research. Second, we have presented an enhanced threat model that allows for a greater understanding of the security benefits of a given RA scheme. Third, we have proposed a taxonomy to classify and analyze RA research works and use it to categorize 58 RA schemes reported in literature. Fourth, we have provided cost benefit analysis details of each RA scheme surveyed such that security professionals may perform a cost benefit analysis in the context of their own challenges. Our classification and analysis has revealed areas of future research that have not been addressed by researchers rigorously.

Trusted data transmission is the foundation of the Internet of Things (IoT) security, so in the process of data transmission, the trust of IoT nodes needs to be confirmed in real time, and the real-time tracking of node trust is also expected. Yet, modern IoT devices provide limited security capabilities, forming a new attack focus. Remote attestation is a kind of technology to detect network threats by remotely checking the internal situation of terminal devices by a trusted entity. Multidevice attestation is rarely studied although the ongoing single device attestation techniques lack scalability in the application of IoT. In this article, we present a lightweight attestation protocol based on an IoT system under an ideal physical unclonable functions environment. Our protocol can resilient against any strong adversary who physically accesses IoT devices. Simulation results show that our protocol is scalable and can be applied to dynamic networks.

One of the important characteristics envisioned for 6G is security function virtualization (SFV). Similar to network function virtualization (NFV) in 5G networks, SFV provides new opportunities for improving security while reducing the security overhead. In particular, it provides an attractive way of solving compatibility issues related to security. Malware in Internet of Things (IoT) systems is gaining popularity among cyber-criminals because of the expected number of IoT devices in 5G and 6G networks. To solve this issue, this article proposes a security framework that exploits softwarization of security functions via SFV to improve trust in IoT systems and contain the propagation of malware. IoT devices are categorized into trusted, vulnerable, and compromised levels using remote attestation. To isolate the devices in the three distinct categories, NFV is used to create separate networks for each category, and a distributed ledger is used to store the state of each device. Virtualized remote attestation routines are employed to avoid any compatibility issues among heterogeneous IoT devices and effectively contain malware propagation. The results show that the proposed framework can reduce the number of infected devices by 66 percent in only 10 seconds.