Internet of Things (IoT) devices are increasingly deployed nowadays in various security-sensitive contexts, e.g., inside homes or in critical infrastructures. The data they collect is of interest to attackers as it may reveal living habits, personal data, or the operational status of specific targets. This paper presents an approach to counter software manipulation attacks against running processes, data, or configuration files on an IoT device, by exploiting trusted computing techniques and remote attestation. We have used a Raspberry Pi 4 single-board computer device equipped with Infineon Trusted Platform Module (TPM) v2, acting as an attester. A verifier node continuously monitors the attester and checks its integrity through remote attestation protocol and TPM-enabled operations. We have exploited the Keylime framework from MIT Lincoln Laboratories as remote attestation software. Through tests, we show that remote attestation can be performed within short time (in order of seconds), allowing to restrict the window of exposure of such devices to attacks against the running software and/or hosted data.

With the development of Internet of Things (IoT) technology, the digital pill has been employed as an IoT system for emerging remote health monitoring to detect the impact of medicine intake on patients’ biological index. The medical data is then used for model training with federated learning. An adversary can launch poisoning attacks by tampering with patients’ medical data, which will lead to misdiagnosis of the patients’ conditions. Lots of studies have been conducted to defend against poisoning attacks based on blockchain or hardware. However, 1) Blockchain-based schemes can only exploit on-chain data to deal with poisoning attacks due to the lack of off-chain trusted entities. 2) Typical hardware-based schemes have the bottleneck of single point of failure. To overcome these defects, we propose a defense scheme via multiple Trusted Platform Modules (TPMs) and blockchain oracle. Benefitting from multiple TPMs verification results, a distributed blockchain oracle is proposed to obtain off-chain verification results for smart contracts. Then, the smart contracts could utilize the off-chain verification result to identify poisoning attacks and store the unique identifiers of the non-threatening IoT device immutably on the blockchain as a whitelist of federated learning participants. Finally, we analyze the security features and evaluate the performance of our scheme, which shows the robustness and efficiency of the proposed work.

The continuously growing importance of today’s technology paradigms such as the Internet of Things (IoT) and the new 5G/6G standard open up unique features and opportunities for smart systems and communication devices. Famous examples are edge computing and network slicing. Generational technology upgrades provide unprecedented data rates and processing power. At the same time, these new platforms must address the growing security and privacy requirements of future smart systems. This poses two main challenges concerning the digital processing hardware. First, we need to provide integrated trustworthiness covering hardware, runtime, and the operating system. Whereas integrated means that the hardware must be the basis to support secure runtime and operating system needs under very strict latency constraints. Second, applications of smart systems cover a wide range of requirements where "one- chip-fits-all" cannot be the cost and energy effective way forward. Therefore, we need to be able to provide a scalable hardware solution to cover differing needs in terms of processing resource requirements.In this paper, we discuss our research on an integrated design of a secure and scalable hardware platform including a runtime and an operating system. The architecture is built out of composable and preferably simple components that are isolated by default. This allows for the integration of third-party hardware/software without compromising the trusted computing base. The platform approach improves system security and provides a viable basis for trustworthy communication devices.

Fog computing moves computation from the cloud to edge devices to support IoT applications with faster response times and lower bandwidth utilization. IoT users and linked gadgets are at risk to security and privacy breaches because of the high volume of interactions that occur in IoT environments. These features make it very challenging to maintain and quickly share dynamic IoT data. In this method, cloud-fog offers dependable computing for data sharing in a constantly changing IoT system. The extended IoT cloud, which initially offers vertical and horizontal computing architectures, then combines IoT devices, edge, fog, and cloud into a layered infrastructure. The framework and supporting mechanisms are designed to handle trusted computing by utilising a vertical IoT cloud architecture to protect the IoT cloud after the issues have been taken into account. To protect data integrity and information flow for different computing models in the IoT cloud, an integrated data provenance and information management method is selected. The effectiveness of the dynamic scaling mechanism is then contrasted with that of static serving instances.

This paper first describes the security and privacy challenges for the Internet of Things IoT) systems and then discusses some of the solutions that have been proposed. It also describes aspects of Trustworthy Machine Learning (TML) and then discusses how TML may be applied to handle some of the security and privacy challenges for IoT systems.

The computation of data trustworthiness during double-sided two-way-ranging with ultra-wideband signals between IoT devices is proposed. It relies on machine learning based ranging error correction, in which the certainty of the correction value is used to quantify trustworthiness. In particular, the trustworthiness score and error correction value are calculated from channel impulse response measurements, either using a modified k-nearest neighbor (KNN) or a modified random forest (RF) algorithm. The proposed scheme is easily implemented using commercial ultra-wideband transceivers and it enables real time surveillance of malicious or unintended modification of the propagation channel. The results on experimental data show an improvement of 47\% RMSE on the test set when only trustworthy measurements are considered.

Distributed Ledger Technology (DLT), from the initial goal of moving digital assets, allows more advanced approaches as smart contracts executed on distributed computational enabling nodes such as Ethereum Virtual Machines (EVM) initially available only on the Ethereum ledger. Since the release of different EVM-based ledgers, the use cases to incentive the integration of smart contracts on other domains, such as IoT environments, increased. In this paper, we analyze the most IoT environment expedient quantitative metrics of various popular EVM-enabling ledgers to provide an overview of potential EVMenabling characteristics.

The 5G technology ensures reliable and affordable broadband access worldwide, increases user mobility, and assures reliable and affordable connectivity of a wide range of electronic devices such as the Internet of Things (IoT).SDN (Software Defined Networking), NFV ( Network Function Virtualization), and cloud computing are three technologies that every technology provider or technology enabler tries to incorporate into their products to capitalize on the useability of the 5th generation.The emergence of 5G networks and services expands the range of security threats and leads to many challenges in terms of user privacy and security. The purpose of this research paper is to define the security challenges and threats associated with implementing this technology, particularly those affecting user privacy. This research paper will discuss some solutions related to the challenges that occur when implementing 5G, and also will provide some guidance for further development and implementation of a secure 5G system.

Understanding dynamic human behavior based on online video has many applications in security control, crime surveillance, sports, and industrial IoT systems. This paper solves the problem of classifying video data recorded on surveillance cameras in order to identify fragments with instances of shoplifting. It is proposed to use a classifier that is a symbiosis of two neural networks: convolutional and recurrent. The convolutional neural network is used for extraction of features from each frame of the video fragment, and the recurrent network for processing the temporal sequence of processed frames and subsequent classification.

Wearables Security 2022 - In the twenty-first century, given the worldwide situation, the first concern of any female is her personal protection. Women Labor Day and night to sustain themselves and their families. These women are more susceptible to attacks and assaults, and their security and safety are paramount issues. This technique proposed several new goods to safeguard women. Among the products that may be employed is a smart jacket for women s safety. The proposed approach also includes features to send alert notification to family members with Geo location live tracking and live camera video streaming placed on the jacket for the emergency attention when women are not secure. This gadget is an appeal to all women to earn the right to a safe and secure planet.

Wearables Security 2022 - In aura and era of the Internet of Things (IoT) and the fourth industrial revolution, modern wearable electronic devices and their communication networks are marching into every corner of modern society and changing every aspect of our daily life. Thus, the progress of digitalization including miniaturization of sensor and wearable technology and its growing importance of physical and psychological wellbeing have a tremendous impact on almost all consumer goods from wearable to nonwearable industries. Different types of signals are used in communication between the devices for wireless transmission of data. such as Radio Frequency, Infrared, and Lightwave Transmissions. Wearable devices are becoming a hot topic in many fields such as medical, fashion, education, etc. Digital dependency of WIoT devices, introduced new security challenges, and vulnerabilities. This research is focused on Fitness Wearable Technology Devices Security and Privacy Vulnerability Analysis and highlights the importance of this topic by revealing the potential security concerns. Fog Computing, Sidera and Blockchain technologies were researched as Security Techniques to enhance security and efficiency while providing access to medical and personal records.

Wearables Security 2022 - Healthcare has become one of the most important aspects of people s lives, resulting in a surge in medical big data. Healthcare providers are increasingly using Internet of Things (IoT)-based wearable technologies to speed up diagnosis and treatment. In recent years, Through the Internet, billions of sensors, gadgets, and vehicles have been connected. One such example is for the treatment and care of patients, technology—remote patient monitoring—is already commonplace. However, these technologies also offer serious privacy and data security problems. Data transactions are transferred and logged. These medical data security and privacy issues might ensue from a pause in therapy, putting the patient s life in jeopardy. We planned a framework to manage and analyse healthcare large data in a safe manner based on blockchain. Our model s enhanced privacy and security characteristics are based on data sanitization and restoration techniques. The framework shown here make data and transactions more secure.

Wearables Security 2022 - One of the biggest new trends in artificial intelligence is the ability to recognise people s movements and take their actions into account. It can be used in a variety of ways, including for surveillance, security, human-computer interaction, and content-based video retrieval. There have been a number of researchers that have presented vision-based techniques to human activity recognition. Several challenges need to be addressed in the creation of a vision-based human activity recognition system, including illumination variations in human activity recognition, interclass similarity between scenes, the environment and recording setting, and temporal variation. To overcome the above mentioned problem, by capturing or sensing human actions with help of wearable sensors, wearable devices, or IoT devices. Sensor data, particularly one-dimensional time series data, are used in the work of human activity recognition. Using 1D-Convolutional Neural Network (CNN) models, this works aims to propose a new approach for identifying human activities. The Wireless Sensor Data Mining (WISDM) dataset is utilised to train and test the 1D-CNN model in this dissertation. The proposed HAR-CNN model has a 95.2\%of accuracy, which is far higher than that of conventional methods.

Wearables Security 2022 - As 5G is deployed and applied, a large number of mobile devices have been increasingly deployed on the network. Scenarios such as smartphones, smart car, smart transportation, smart wearable devices, and smart industry are increasingly demanding for networks. And the Internet of Things (IoT), as a new and high technology, will play an important role and generate huge economic benefits. However, IoT security also faces many challenges due to the inherent security vulnerabilities in multiple device interactions and the data also needs more accurate processing. Big data and deep learning have been gradually applied in various industries. Therefore, we have summarized and analyzed the use of big data and deep learning technology to solve the hidden dangers of the IoT security under the consideration of some suggestions and thinking for industry applications.

Science of Security 2022 - At present, production and daily life increasingly rely on the Internet of Things, and the network security problem of the Internet of Things is becoming increasingly prominent. Therefore, it is extremely important to ensure the network security of the Internet of Things through various technical means. The security of IoT terminal access behavior is an important part of IoT network security, so it is an important research object in the field of network security. In order to increase the security of IoT terminal access, a security evaluation model based on zero trust is proposed. After the simulation performance test of the model, it is found that the model shows excellent detection ability of malicious access behavior and system stability in different network environments. Under the premise that some network nodes are infected, the model proposed in the study still shows a significantly higher ratio of trusted nodes than other algorithms, The research results show that the model can improve the security level of the Internet of Things network to a certain extent.

Quantum Computing Security 2022 - With the continuous development of Internet of Things (IoT) technology, information and communication technology is also progressing rapidly, among which quantum computer secrecy communication scheme is a new type of cryptographic lock system. It uses both traditional security software encryption algorithms and classical cryptographic systems to achieve a series of operations such as secret storage, transmission and restoration of data. This paper introduces the principle of quantum key distribution and its applications from the physical level; then analyses its security problems and the corresponding research status and proposes improvement methods and measures; finally, with the goal of "bit-based computing information security", a new type of secure communication scheme is designed.

Privacy Policies and Measurement - Although the number of smart Internet of Things (IoT) devices has grown in recent years, the public s perception of how effectively these devices secure IoT data has been questioned. Many IoT users do not have a good level of confidence in the security or privacy procedures implemented within IoT smart devices for protecting personal IoT data. Moreover, determining the level of confidence end users have in their smart devices is becoming a major challenge. In this paper, we present a study that focuses on identifying privacy concerns IoT end users have when using IoT smart devices. We investigated multiple smart devices and conducted a survey to identify users privacy concerns. Furthermore, we identify five IoT privacy-preserving (IoTPP) control policies that we define and employ in comparing the privacy measures implemented by various popular smart devices. Results from our study show that the over 86\% of participants are very or extremely concerned about the security and privacy of their personal data when using smart IoT devices such as Google Nest Hub or Amazon Alexa. In addition, our study shows that a significant number of IoT users may not be aware that their personal data is collected, stored or shared by IoT devices.

Privacy Policies - In the era of the Internet of things (IoT), smart logistics is quietly rising, but user privacy security has become an important factor hindering its development. Because privacy policy plays a positive role in protecting user privacy and improving corporate reputation, it has become an important part of smart logistics and the focus of express companies. In this paper, through the construction of the privacy policy evaluation index system of express companies, aiming at qualitative indicators that are difficult to evaluate, we introduce the cloud model evaluation method that can combine the qualitative and quantitative together, and comprehensively evaluate the privacy policy of five express companies in China from four indicators: general situation, user informed consent, information security control and personal rights protection. The results show that: Overall, the privacy policies of the five express companies have not reached the "good" level, and there is a certain gap between the privacy policies of different express companies. From the comparison of indicators, the five express companies generally score relatively good; However, the overall score of information security control index is relatively poor, and the other two indexes are quite different. Cloud model evaluation method has strong applicability for the evaluation of express company privacy policy, which provides a reference for improving the privacy policy formulation and improving the privacy protection level of China’s express delivery industry in the era of IoT.

Privacy Policies - Privacy policies, despite the important information they provide about the collection and use of one’s data, tend to be skipped over by most Internet users. In this paper, we seek to make privacy policies more accessible by automatically classifying text samples into web privacy categories. We use natural language processing techniques and multiple machine learning models to determine the effectiveness of each method in the classification method. We also explore the effectiveness of these methods to classify privacy policies of Internet of Things (IoT) devices.

Predictive Security Metrics - Most IoT systems involve IoT devices, communication protocols, remote cloud, IoT applications, mobile apps, and the physical environment. However, existing IoT security analyses only focus on a subset of all the essential components, such as device firmware or communication protocols, and ignore IoT systems’ interactive nature, resulting in limited attack detection capabilities. In this work, we propose IOTA, a logic programmingbased framework to perform system-level security analysis for IoT systems. IOTA generates attack graphs for IoT systems, showing all of the system resources that can be compromised and enumerating potential attack traces. In building IOTA, we design novel techniques to scan IoT systems for individual vulnerabilities and further create generic exploit models for IoT vulnerabilities. We also identify and model physical dependencies between different devices as they are unique to IoT systems and are employed by adversaries to launch complicated attacks. In addition, we utilize NLP techniques to extract IoT app semantics based on app descriptions. IOTA automatically translates vulnerabilities, exploits, and device dependencies to Prolog clauses and invokes MulVAL to construct attack graphs. To evaluate vulnerabilities’ system-wide impact, we propose two metrics based on the attack graph, which provide guidance on fortifying IoT systems. Evaluation on 127 IoT CVEs (Common Vulnerabilities and Exposures) shows that IOTA’s exploit modeling module achieves over 80\% accuracy in predicting vulnerabilities’ preconditions and effects. We apply IOTA to 37 synthetic smart home IoT systems based on real-world IoT apps and devices. Experimental results show that our framework is effective and highly efficient. Among 27 shortest attack traces revealed by the attack graphs, 62.8\% are not anticipated by the system administrator. It only takes 1.2 seconds to generate and analyze the attack graph for an IoT system consisting of 50 devices.

Operating Systems Security - The spread of the Internet of Things (IoT) and the use of smart control systems in many mission-critical or safetycritical applications domains, like automotive or aeronautical, make devices attractive targets for attackers. Nowadays, several of these are mixed-criticality systems, i.e., they run both highcriticality tasks (e.g., a car control system) and low-criticality ones (e.g., infotainment). High-criticality routines often employ Real-Time Operating Systems (RTOS) to enforce hard real-time requirements, while the tasks with lower constraints can be delegated to more generic-purpose operating systems (GPOS).

Operating Systems Security - IoT technology is finding new applications every day and everywhere in our daily lives. With that, come new use cases with new challenges in terms of device and data security. One of such challenges arises from the fact that many IoT devices/nodes are no longer being deployed on owners’ premises, but rather on public or private property other than the owner’s. With potential physical access to the IoT node, adversaries can launch many attacks that circumvent conventional protection methods. In this paper, we propose Secure SoC (SecSoC), a secure system-on-chip architecture that mitigates such attacks. This include logical memory dump attacks, bus snooping attacks, and compromised operating systems. SecSoC relies on two main mechanisms, (1) providing security extensions to the compute engine that runs the user application without changing its instruction set, (2) adding a security management unit (SMU) that provide HW security primitives for encryption, hashing, random number generators, and secrets store (keys, certificates, etc.). SecSoC ensures that no secret or sensitive data can leave the SoC IC in plaintext. SecSoC is being implemented in Bluespec SystemVerilog. The experimental results will reveal the area, power, and cycle time overhead of these security extensions. Overall performance (total execution time) will also be evaluated using IoT benchmarks.

Object Oriented Security - The spread of the Internet of Things (IoT) and the use of smart control systems in many mission-critical or safetycritical applications domains, like automotive or aeronautical, make devices attractive targets for attackers. Nowadays, several of these are mixed-criticality systems, i.e., they run both highcriticality tasks (e.g., a car control system) and low-criticality ones (e.g., infotainment). High-criticality routines often employ Real-Time Operating Systems (RTOS) to enforce hard real-time requirements, while the tasks with lower constraints can be delegated to more generic-purpose operating systems (GPOS).

Network Security Resiliency - Distributed cyber-infrastructures and Artificial Intelligence (AI) are transformative technologies that will play a pivotal role in the future of society and the scientific community. Internet of Things (IoT) applications harbor vast quantities of connected devices that collect a massive amount of sensitive information (e.g., medical, financial), which is usually analyzed either at the edge or federated cloud systems via AI/Machine Learning (ML) algorithms to make critical decisions (e.g., diagnosis). It is of paramount importance to ensure the security, privacy, and trustworthiness of data collection, analysis, and decision-making processes. However, system complexity and increased attack surfaces make these applications vulnerable to system breaches, single-point of failures, and various cyber-attacks. Moreover, the advances in quantum computing exacerbate the security and privacy challenges. That is, emerging quantum computers can break conventional cryptographic systems that offer cyber-security services, public key infrastructures, and privacy-enhancing technologies. Therefore, there is a vital need for new cyber-security paradigms that can address the resiliency, long-term security, and efficiency requirements of distributed cyber infrastructures.

Network Reconnaissance - With increasing number of data thefts courtesy of new and complex attack mechanisms being used everyday, declaring the internet as unsafe would be the understatement of the century. For current security experts the scenario is equivalent to an endless cat-and-mouse game across a constantly changing landscape. Hence relying on firewalls and anti-virus softwares is like trying to fight a modern, well-equipped army using sticks and stones. All that an attacker needs to successfully breach our system is the right social networking or the right malware used like a packing or encoding technique that our tools won’t detect. Therefore it is the need of the hour to shift our focus beyond edge defense, which largely involves validating the tools, and move towards identification of a breach followed by an appropriate response. This is achieved by implementing an ethereal network which is an end-to-end host and network approach that can actually scale as well as provide true breach detection. The objective is not just blocking; it is significant time reduction. When mundane methods involving firewalls and antiviruses fail, we need to determine what happened and respond. Any industry report uses the term weeks, months, and even years to determine the time of response, which is not good enough. Our goal is to bring it down to hours. We are talking about dramatic time reduction to improve our response, hence an effective breach detection approach is mandatory. A MHN (Modern Honey Network) with a honeypot system has been used to make management and deployment easier and to secure the honeypots. We have used various honeypots such as Glastopf, Dionaea honeypots, Kippo. The dubious activity will be recorded and the attacks details detected in MHN server. The final part of our research is reconnaissance. Since it can be awfully complicated we simplify the process by having our main focus on reconnaissance. Because if a malware or an insider threat breaks into something, they don’t know what they now have access to. This makes them feel the need to do reconnaissance. So, focusing on that behaviour provides us a simple way to determine that we have some unusual activity - whether it is an IOT device that has been compromised or whatever it may be, that has breached our network. Finally we deploy MHN, deploy Dionaea, Kippo, Snort honeypots and Splunk integration for analyzing the captured attacks which reveals the service port under attack and the source IP address of the attacker.