There will be a billion smart devices with processing, sensing, and actuation capabilities that can be connected to the Internet under the IoT paradigm. The level of convenience, effectiveness, and automation for consumers is expected to rise owing to promising IoT applications. Privacy is a significant concern in IoT systems, and it is essential to provide users with full awareness and control over the data collected by these systems. The use of privacy-enhancing technologies can help to minimise the risks associated with data collection and processing and ensure that user privacy is protected. Lack of standards for devices with limited resources and heterogeneous technologies intensifies the security issue. There are various emerging and existing technologies that can help to address the security risks in the IoT sector and achieve a high degree of trust in IoT applications. By implementing these technologies and countermeasures, it is possible to improve the security and reliability of IoT systems, ensuring that they can be used safely and effectively in a wide range of applications. This article’s intent is to provide a comprehensive investigation of the threats and risks in the IoT industry and to examine some potential countermeasures.

Past Advanced Persistent Threat (APT) attacks on Industrial Internet-of-Things (IIoT), such as the 2016 Ukrainian power grid attack and the 2017 Saudi petrochemical plant attack, have shown the disruptive effects of APT campaigns while new IIoT malware continue to be developed by APT groups. Existing APT detection systems have been designed using cyberattack TTPs modelled for enterprise IT networks and leverage specific data sources (e.g., Linux audit logs, Windows event logs) which are not found on ICS devices. In this work, we propose RAPTOR, a system to detect APT campaigns in IIoT. Using cyberattack TTPs modelled for ICS/OT environments and focusing on ‘invariant’ attack phases, RAPTOR detects and correlates various APT attack stages in IIoT leveraging data which can be readily collected from ICS devices/networks (packet traffic traces, IDS alerts). Subsequently, it constructs a high-level APT campaign graph which can be used by cybersecurity analysts towards attack analysis and mitigation. A performance evaluation of RAPTOR’s APT attack-stage detection modules shows high precision and low false positive/negative rates. We also show that RAPTOR is able to construct the APT campaign graph for APT attacks (modelled after real-world attacks on ICS/OT infrastructure) executed on our IIoT testbed.

Federated edge learning can be essential in supporting privacy-preserving, artificial intelligence (AI)-enabled activities in digital twin 6G-enabled Internet of Things (IoT) environments. However, we need to also consider the potential of attacks targeting the underlying AI systems (e.g., adversaries seek to corrupt data on the IoT devices during local updates or corrupt the model updates); hence, in this article, we propose an anticipatory study for poisoning attacks in federated edge learning for digital twin 6G-enabled IoT environments. Specifically, we study the influence of adversaries on the training and development of federated learning models in digital twin 6G-enabled IoT environments. We demonstrate that attackers can carry out poisoning attacks in two different learning settings, namely: centralized learning and federated learning, and successful attacks can severely reduce the model s accuracy. We comprehensively evaluate the attacks on a new cyber security dataset designed for IoT applications with three deep neural networks under the non-independent and identically distributed (Non-IID) data and the independent and identically distributed (IID) data. The poisoning attacks, on an attack classification problem, can lead to a decrease in accuracy from 94.93\% to 85.98\% with IID data and from 94.18\% to 30.04\% with Non-IID.

This paper presents a pioneering blockchain-based framework for enhancing traceability and transparency within the global agrifood supply chain. By seamlessly integrating blockchain technology and the Ethereum Virtual Machine (EVM), the framework offers a robust solution to the industry s challenges. It weaves a narrative where each product s journey is securely documented in an unalterable digital ledger, accessible to all stakeholders. Real-time Internet of Things (IoT) sensors stand sentinel, monitoring variables crucial to product quality. With millions afflicted by foodborne diseases, substantial food wastage, and a strong consumer desire for transparency, this framework responds to a clarion call for change. Moreover, the framework s data-driven approach not only rejuvenates consumer confidence and product authenticity but also lays the groundwork for robust sustainability and toxicity assessments. In this narrative of technological innovation, the paper embarks on an architectural odyssey, intertwining the threads of blockchain and EVM to reimagine a sustainable, transparent, and trustworthy agrifood landscape.

The adoption of IoT in a multitude of critical infrastructures revolutionizes several sectors, ranging from smart healthcare systems to financial organizations and thermal and nuclear power plants. Yet, the progressive growth of IoT devices in critical infrastructure without considering security risks can damage the user’s privacy, confidentiality, and integrity of both individuals and organizations. To overcome the aforementioned security threats, we proposed an AI and onion routing-based secure architecture for IoT-enabled critical infrastructure. Here, we first employ AI classifiers that classify the attack and non-attack IoT data, where attack data is discarded from further communication. In addition, the AI classifiers are secure from data poisoning attacks by incorporating an isolation forest algorithm that efficiently detects the poisoned data and eradicates it from the dataset’s feature space. Only non-attack data is forwarded to the onion routing network, which offers triple encryption to encrypt IoT data. As the onion routing only processes non-attack data, it is less computationally expensive than other baseline works. Moreover, each onion router is associated with blockchain nodes that store the verifying tokens of IoT data. The proposed architecture is evaluated using performance parameters, such as accuracy, precision, recall, training time, and compromisation rate. In this proposed work, SVM outperforms by achieving 97.7\% accuracy.

The term "Internet of things (IoT) security" refers to the software industry concerned with protecting the IoT and connected devices. Internet of Things (IoT) is a network of devices connected with computers, sensors, actuators, or users. In IoT, each device has a distinct identity and is required to automatically transmit data over the network. Allowing computers to connect to the Internet exposes them to a number of major vulnerabilities if they are not properly secured. IoT security concerns must be monitored and analyzed to ensure the proper working of IoT models. Protecting personal safety while ensuring accessibility is the main objective of IoT security. This article has surveyed some of the methods and techniques used to secure data. Accuracy, precision, recall, f1 score, and area under the Receiver Operating Characteristic Curve are the assessment metrics utilized to compare the performance of the existing techniques. Further the utilization of machine learning algorithms like Decision Tree, Random Forest, and ANN tests have resulted in an accuracy of 99.4\%. Despite the results, Random Forest (RF) performs significantly better. This study will help to gain more knowledge on the smart home automation and its security challenges.

Recently, the manufacturing industry is changing into a smart manufacturing era with the development of 5G, artificial intelligence, and cloud computing technologies. As a result, Operational Technology (OT), which controls and operates factories, has been digitized and used together with Information Technology (IT). Security is indispensable in the smart manu-facturing industry as a problem with equipment, facilities, and operations in charge of manufacturing can cause factory shutdown or damage. In particular, security is required in smart factories because they implement automation in the manufacturing industry by monitoring the surrounding environment and collecting meaningful information through Industrial IoT (IIoT). Therefore, in this paper, IIoT security proposed in 2022 and recent technology trends are analyzed and explained in order to understand the current status of IIoT security technology in a smart factory environment.

The Internet of Things, or IoT, is a paradigm in which devices interact with the physical world through sensors and actuators, while still communicating with other computers over various types of networks. IoT devices can be found in many environments, often in the hands of non-technical users. This presents unique security concerns, since compromised devices can be used not only for typical objectives like network footholds, but also to cause harm in the real world (for instance, by unlocking the door to a house or changing safety configurations in an industrial control system). This work in progress paper presents a series of laboratory exercises under development at a large Midwestern university that introduces undergraduate cyber security engineering students to the Internet of Things and its (in)security considerations. The labs will be part of a 400-level technical elective course offered to cyber security engineering majors. The design of the labs has been grounded in the experiential learning process. The concepts in each lab module are couched in hands-on activities and integrate real world problems into the laboratory environment. The laboratory exercises are conducted using an Internet testbed and a combination of actual IoT devices and virtualized devices to showcase various IoT environments, vulnerabilities, and attacks.

While the introduction of cyber physical systems (CPS) into society is progressing toward the realization of Society 5.0, the threat of cyberattacks on IoT devices(IoT actuators) that have actuator functions to bring about physical changes in the real world among the IoT devices that constitute the CPS is increasing. In order to prepare for unauthorized control of IoT actuators caused by cyberattacks that are evolving daily, such as zero-day attacks that exploit unknown vulnerabilities in programs, it is an urgent issue to strengthen the CPS, which will become the social infrastructure of the future. In this paper, I explain, in particular, the security requirements for IoT actuators that exert physical action as feedback from cyberspace to the physical space, and a security framework for control that changes the real world, based on changes in cyberspace, where attackers are persistently present. And, I propose a security scheme for IoT actuators that integrates a new concept of security known as Zero Trust, as the Zero Trust IoT Security Framework (ZeTiots-FW).

The practical Internet of Things at the current stage still persists in handling an energy minimized network. For a proper network communication an energy consumption of 80\% is indulged only on the communication setup. 6LoWSD (6LoWPAN Software Defined) is an SDN based IoT network protocol developed to minimized the IoT constraints. The SDN’s feature of decoupling the controller plane from the data plane enhances the network efficiency. These target conducts towards data rate, traffic, throughput and duty cycling management. Besides these it also provides a sense of flexibility towards program-ability for the current IoT networks. Efficient power system is a highly Important domain which needed for handling the stability for the whole SDN-IoT system. An effort towards enveloping state transition schedulers for energy optimization has been experimented in this paper.

The Routing Protocol for Low power and Lossy networks (RPL) has been developed by the Internet Engineering Task Force (IETF) standardization body to serve as a part of the 6LoWPAN (IPv6 over Low-Power Wireless Personal Area Networks) standard, a core communication technology for the Internet of Things (IoT) networks. RPL organizes its network in the form of a tree-like structure where a node is configured as the root of the tree while others integrate themselves into that structure based on their relative distance. A value called the Rank is used to define each node’s relative position and it is used by other nodes to take their routing decisions. A malicious node can illegitimately claim a closer position to the root by advertising a lower rank value trapping other nodes to forward their traffic through that malicious node. In this study, we show how this behavior can have a detrimental side effect on the network via extensive simulations and propose a new secure objective function to prevent such an attack.

IoT will be capable to openly provide entry to selected data groups to enable the building of diverse digitized programs while also clearly and fluidly integrating a large range of different and unsuitable end devices. It is a highly challenging task to develop a common design for IoT due to the large variety of devices, connection layer technologies, and applications that could be incorporated in such a system. Urban Iot applications, while still a sizable segment, are the focus of this investigation. The target application domain of these algorithms sets them apart. Urban IoTs are actually created to support the idea of the "Urban Development," which aims to use the most modern networking technology to allow additional offerings for both the municipal government and the citizens. Thus, this article provides a full survey of technology options, rules and regulations, and building design for simply an urban IoT. This Padova initiative, that serves as a convincing example of an IoT offshore rollout conducted out in cooperation with the municipal administration inside the Italian province of Padova, will be covered in detail along with the methodological techniques and finest standards employed there.

Autonomous and Supported Lifestyle (AAL) has been highlighted as a requirement in today s environment in a number of theories, techniques, and different uses for the Internet of Things. (IoT). Technologies standardization initiatives like Wireless V4.x (Wireless smart), for example, have sparked a meteoric rise in creative relatively brief wireless devices that can provide a variety of services to AAL. Additionally, new potential for major carrier is created by enabling equipment (Sq.m) connectivity between all of these technologies. To support M2M exchanges, telecommunications companies, especially telecom companies, might have to build new infrastructure and rethink their corporate objectives. Simple Square meters or IoT products often need another suitable tool, like a telephone, to serve as a doorway to the World wide web in order to function to their fullest capacity. The unique Concept of Iot examined in this study enables any nearby Innertubes device to serve as an M2M entry point for Internet of things. As a result, the user of a Sensor node no longer has to own a smartphone or other Innertubes equipment in order to access capabilities like internet - based. In this research, an unique IoT architectural prototype system for short-range signal repeaters is described. The test bed s installation, benefits and drawbacks, and sampling analysis using data acquired from a real-world event are discussed, and the findings are positive.

In this research, a power consumption analysis of wireless devices for Internet of Things applications is described. The research analyzes and contrasts a variety of tiny wireless communication techniques and their modules, including ZigBee, Energy Saver Wi-Fi, Six-Low-PAN, and LPWA, all of which aim to conserve energy and lengthen the lifespan of the devices that make up an IoT network. This focuses on the significance of employing small wireless techniques and components in IoT applications. The study s methodology is defined by the individual module used to implement the protocol. According to the degree of communication between sensor nodes, the proposed protocols are categorized. ZigBee, 6LoWPAN, and low power Wi-Fi are the candidate protocols for connectivity over short distances. The LoRaWAN protocol is a possibility for long-distance connectivity. Given the wide variation in power consumption between modules and protocols, the results of this study demonstrate how carefully selecting units for every protocol can greatly affect the duration of its use. Accordingly, protocols are compared with one another in various ways based on the module in question.

Proposed system, pollution monitoring, the automobile industry, and sports are just a few of the application areas that have grown as a result of ubiquitous sensing and the distinctive features (Sensor systems). As the underlying significantly expanded the number of linked things with realtime communication and data computation, WSNs have grown in importance in recent years. However, owing to the scale and accessibility of IoT, building a complex challenge, and past methodologies established for Iot technologies cannot be implemented directly. In this paper, pairwise clusters models for Iot networks in the Iot paradigm are proposed: I a resource grouping model and (ii) a business clusters model where responsibilities are allocated to individual sensor nodes depending on how well they provide services. The end-to-end latency, and communication bandwidth balancing.

The resource-constrained IPV6-based low power and lossy network (6LowPAN) is connected through the routing protocol for low power and lossy networks (RPL). This protocol is subject to a routing protocol attack called a rank attack (RA). This paper presents a performance evaluation where leveraging model-free reinforcement-learning (RL) algorithms helps the software-defined network (SDN) controller achieve a cost-efficient solution to prevent the harmful effects of RA. Experimental results demonstrate that the state action reward state action (SARSA) algorithm is more effective than the Q-learning (QL) algorithm, facilitating the implementation of intrusion prevention systems (IPSs) in software-defined 6LowPANs.

Scientific and technological advancements, particularly in IoT, have greatly enhanced the quality of life in society. Nevertheless, resource constrained IoT devices are now connected to the Internet through IPv6 and 6LoWPAN networks, which are often unreliable and untrusted. Securing these devices with robust security measures poses a significant challenge. Despite implementing encryption and authentication, these devices remain vulnerable to wireless attacks from within the 6LoWPAN network and from the Internet. Researchers have developed various methods to prevent attacks on the RPL protocol within the 6LoWPAN network. However, each method can only detect a limited number of attack types, and there are still several drawbacks that require improvement. This study aims to implement several attack prevention methods, such as Lightweight Heartbeat Protocol, SVELTE, and Contiki IDS. The study will provide an overview of these methods theories and simulate them on Contiki OS using Cooja software to assess their performance. The study s results demonstrate a correlation between the simulated data and the proposed theories. Furthermore, the study identifies and evaluates the strengths and weaknesses of these methods, highlighting areas that can be improved upon.

IoT technology establishes a platform for automating services by connecting diverse objects through the Internet backbone. However, the integration of IoT networks also introduces security challenges, rendering IoT infrastructure susceptible to cyber-attacks. Notably, Distributed Denial of Service (DDoS) attacks breach the authorization conditions and these attacks have the potential to disrupt the physical functioning of the IoT infrastructure, leading to significant financial losses and even endangering human lives. Yet, maintaining availability even when networking elements malfunction has not received much attention. This research paper introduces a novel Twin eye Architecture, which includes dual gateway connecting every IoT access network to provide reliability even with the failure or inaccessibility of connected gateway. It includes the module called DDoS Manager that is molded into the gateway to recognize the dangling of the gateway. The effectiveness of the proposed model is evaluated using dataset simulated in NS3 environment. The results highlight the outstanding performance of the proposed model, achieving high accuracy rates. These findings demonstrate the proposed network architecture continues to provide critical authentication services even upon the failure of assigned gateway.

The growing Internet of Things (IoT) has led to an increasing number of interconnected devices across diverse locations. To enable efficient data transmission in resourceconstrained IoT networks, selecting the right communication protocols is crucial. This study compares the performance of 6LoWPAN-CoAP and RPL-CoAP in LoRaWAN networks under limited settings, focusing on Packet Delivery Ratio (PDR) and latency. Tests with simulated LoRaWAN settings were conducted at various scales to evaluate both protocols’ scalability and dependability. The findings demonstrate that RPL-CoAP outperforms 6LoWPAN-CoAP in constrained LoRaWAN scenarios, consistently showing higher PDR and reduced latency. The RPL routing algorithm’s inherent characteristics contribute to this improved performance, effectively constructing routes while considering energy usage and link quality. Additionally, the study highlights LoRaWAN networks’ inherent PDR benefits over conventional networks, making the RPL-CoAP and LoRaWAN combination a powerful option for IoT applications in limited settings. These insights can guide the design of reliable and effective IoT applications in resource-limited environments, maximizing the IoT ecosystem’s potential.

Along with the recent growth of IOT applications, related security issues have also received a great attention. Various IOT vulnerabilities have been investigated so far, among which, internal attacks are the most important challenge that are mostly aimed at destroying IOT standard routing protocol (RPL). Recent studies have introduced trust concept as a practical tool for timely diagnosis and prevention of such attacks. In this paper trust evaluation is performed based on investigating the traffic flow of devices and detecting their behavior deviations in case of RPL attack scenarios, which is formulated as a sequence prediction problem and a new Trust-based RPL Attacks Detection (TRAD) algorithm is proposed using Recurrent Neural Networks (RNNs). Traffic behavior prediction based on historical behavior and deviation analysis, provides the possibility of anomaly detection, which has an enormous effect on the accuracy and predictability of attack detection algorithms. According to the results, the proposed model is capable of detecting compromised IOT nodes in different black-hole and selective-forwarding attack scenarios, just at the beginning time of the first attack, which provides the possibility of early detection and isolation of malicious nodes from the routing process.

Internet of Things (IoT) has become extremely prominent for industrial applications and stealthy modification deliberately done by insertion of Hardware Trojans has increased widely due to globalization of Integrated Circuit (IC) production. In the proposed work, Hardware Trojan is detected at the gate level by considering netlist of the desired circuits. To mitigate with golden model dependencies, proposed work is based on unsupervised detection of Hardware Trojans which automatically extracts useful features without providing clear desired outcomes. The relevant features from feature dataset are selected using eXtreme Gradient Boosting (XGBoost) algorithm. Average True Positive Rate (TPR) is improved about 30\% by using Clustering-based local outlier factor (CBLOF) algorithm when compared to local outlier factor algorithm. The simulation is employed on Trust-HUB circuits and achieves an average of 99.83\% True Negative Rate (TNR) and 99.72\% accuracy which shows the efficiency of the detection method even without labelling data.

The number of Internet of Things (IoT) devices being deployed into networks is growing at a phenomenal pace, which makes IoT networks more vulnerable in the wireless medium. Advanced Persistent Threat (APT) is malicious to most of the network facilities and the available attack data for training the machine learning-based Intrusion Detection System (IDS) is limited when compared to the normal traffic. Therefore, it is quite challenging to enhance the detection performance in order to mitigate the influence of APT. Therefore, Prior Knowledge Input (PKI) models are proposed and tested using the SCVIC-APT2021 dataset. To obtain prior knowledge, the proposed PKI model pre-classifies the original dataset with unsupervised clustering method. Then, the obtained prior knowledge is incorporated into the supervised model to decrease training complexity and assist the supervised model in determining the optimal mapping between the raw data and true labels. The experimental findings indicate that the PKI model outperforms the supervised baseline, with the best macro average F1-score of 81.37\%, which is 10.47\% higher than the baseline.

Providing security to the IoT system is very essential to protect them from various attacks. Such security features include credential management to avoid hard-coding of credentials in web applications, key management for secure inter-device communication and assignment of trust score to the devices based on various parameters. This work contains the design and implementation details of an open source simulation environment with credential management, key management and trust score calculation features. In credential management, credentials are sent to the target device which is then stored in a JSON file. Web application in the device makes use of these credentials for authentication. In key management, X.509 certificate and private key file are generated. They are used for secure message communication using a session key that is secretly exchanged between the devices. For trust score calculation, parameters are collected from the device. Feedback parameters given by other devices are also sent to the centralised server. The dynamic weighted average model is applied to the trust values derived from these parameters to get the trust score of the device. In addition to the design, the source code of our simulation environment is also made publicly available so that researchers can alter and extend its capabilities.

Two-factor authentication (2FA) is commonly used in Internet of Things (IoT) authentication to provide multi-layer protection. Tokens, often known as One-Time Passwords (OTP), are used to offer additional information. While this technique provides flexible verification and an additional layer of security, it still has a number of security issues. This is because it relies on third-party services to produce tokens or OTPs, which leads to serious information leakage issues. Additionally, relying on a third party to provide authentication tokens significantly increases the risk of exposure and attacks, as tokens can be stolen via Man-In-The-Middle (MITM) attacks. In trying to rectify this issue, in this paper, we propose and develop a blockchain-based two-factor authentication method for web-based access to sensor data. The proposed method provides a lightweight and usercentric authentication that makes use of Ethereum blockchain and smart contracts technologies. Then we provided performance and security analysis of our system. Based on the evaluation results, our method has proven to be effective and has the ability to facilitate reliable authentication.

The development of IoT has penetrated various sectors. The development of IoT devices continues to increase and is predicted to reach 75 billion by 2025. However, the development of IoT devices is not followed by security developments. Therefore, IoT devices can become gateways for cyber attacks, including brute force and sniffing attacks. Authentication mechanisms can be used to ward off attacks. However, the implementation of authentication mechanisms on IoT devices is challenging. IoT devices are dominated by constraint devices that have limited computing. Thus, conventional authentication mechanisms are not suitable for use. Two-factor authentication using RFID and fingerprint can be a solution in providing an authentication mechanism. Previous studies have proposed a twofactor authentication mechanism using RFID and fingerprint. However, previous research did not pay attention to message exchange security issues and did not provide mutual authentication. This research proposes a secure mutual authentication protocol using two-factor RFID and fingerprint using MQTT protocol. Two processes support the authentication process: the registration process and authentication. The proposed protocol is tested based on biometric security by measuring the false acceptance rate (FAR) and false rejection rate (FRR) on the fingerprint, measuring brute force attacks, and measuring sniffing attacks. The test results obtained the most optimal FAR and FRR at the 80\% threshold. Then the equal error rate (ERR) on FAR and FRR is around 59.5\%. Then, testing brute force and sniffing attacks found that the proposed protocol is resistant to both attacks.