Wearables Security 2022 - In the twenty-first century, given the worldwide situation, the first concern of any female is her personal protection. Women Labor Day and night to sustain themselves and their families. These women are more susceptible to attacks and assaults, and their security and safety are paramount issues. This technique proposed several new goods to safeguard women. Among the products that may be employed is a smart jacket for women s safety. The proposed approach also includes features to send alert notification to family members with Geo location live tracking and live camera video streaming placed on the jacket for the emergency attention when women are not secure. This gadget is an appeal to all women to earn the right to a safe and secure planet.

Wearables Security 2022 - In aura and era of the Internet of Things (IoT) and the fourth industrial revolution, modern wearable electronic devices and their communication networks are marching into every corner of modern society and changing every aspect of our daily life. Thus, the progress of digitalization including miniaturization of sensor and wearable technology and its growing importance of physical and psychological wellbeing have a tremendous impact on almost all consumer goods from wearable to nonwearable industries. Different types of signals are used in communication between the devices for wireless transmission of data. such as Radio Frequency, Infrared, and Lightwave Transmissions. Wearable devices are becoming a hot topic in many fields such as medical, fashion, education, etc. Digital dependency of WIoT devices, introduced new security challenges, and vulnerabilities. This research is focused on Fitness Wearable Technology Devices Security and Privacy Vulnerability Analysis and highlights the importance of this topic by revealing the potential security concerns. Fog Computing, Sidera and Blockchain technologies were researched as Security Techniques to enhance security and efficiency while providing access to medical and personal records.

Wearables Security 2022 - Healthcare has become one of the most important aspects of people s lives, resulting in a surge in medical big data. Healthcare providers are increasingly using Internet of Things (IoT)-based wearable technologies to speed up diagnosis and treatment. In recent years, Through the Internet, billions of sensors, gadgets, and vehicles have been connected. One such example is for the treatment and care of patients, technology—remote patient monitoring—is already commonplace. However, these technologies also offer serious privacy and data security problems. Data transactions are transferred and logged. These medical data security and privacy issues might ensue from a pause in therapy, putting the patient s life in jeopardy. We planned a framework to manage and analyse healthcare large data in a safe manner based on blockchain. Our model s enhanced privacy and security characteristics are based on data sanitization and restoration techniques. The framework shown here make data and transactions more secure.

Wearables Security 2022 - One of the biggest new trends in artificial intelligence is the ability to recognise people s movements and take their actions into account. It can be used in a variety of ways, including for surveillance, security, human-computer interaction, and content-based video retrieval. There have been a number of researchers that have presented vision-based techniques to human activity recognition. Several challenges need to be addressed in the creation of a vision-based human activity recognition system, including illumination variations in human activity recognition, interclass similarity between scenes, the environment and recording setting, and temporal variation. To overcome the above mentioned problem, by capturing or sensing human actions with help of wearable sensors, wearable devices, or IoT devices. Sensor data, particularly one-dimensional time series data, are used in the work of human activity recognition. Using 1D-Convolutional Neural Network (CNN) models, this works aims to propose a new approach for identifying human activities. The Wireless Sensor Data Mining (WISDM) dataset is utilised to train and test the 1D-CNN model in this dissertation. The proposed HAR-CNN model has a 95.2\%of accuracy, which is far higher than that of conventional methods.

Wearables Security 2022 - As 5G is deployed and applied, a large number of mobile devices have been increasingly deployed on the network. Scenarios such as smartphones, smart car, smart transportation, smart wearable devices, and smart industry are increasingly demanding for networks. And the Internet of Things (IoT), as a new and high technology, will play an important role and generate huge economic benefits. However, IoT security also faces many challenges due to the inherent security vulnerabilities in multiple device interactions and the data also needs more accurate processing. Big data and deep learning have been gradually applied in various industries. Therefore, we have summarized and analyzed the use of big data and deep learning technology to solve the hidden dangers of the IoT security under the consideration of some suggestions and thinking for industry applications.

Science of Security 2022 - At present, production and daily life increasingly rely on the Internet of Things, and the network security problem of the Internet of Things is becoming increasingly prominent. Therefore, it is extremely important to ensure the network security of the Internet of Things through various technical means. The security of IoT terminal access behavior is an important part of IoT network security, so it is an important research object in the field of network security. In order to increase the security of IoT terminal access, a security evaluation model based on zero trust is proposed. After the simulation performance test of the model, it is found that the model shows excellent detection ability of malicious access behavior and system stability in different network environments. Under the premise that some network nodes are infected, the model proposed in the study still shows a significantly higher ratio of trusted nodes than other algorithms, The research results show that the model can improve the security level of the Internet of Things network to a certain extent.

Quantum Computing Security 2022 - With the continuous development of Internet of Things (IoT) technology, information and communication technology is also progressing rapidly, among which quantum computer secrecy communication scheme is a new type of cryptographic lock system. It uses both traditional security software encryption algorithms and classical cryptographic systems to achieve a series of operations such as secret storage, transmission and restoration of data. This paper introduces the principle of quantum key distribution and its applications from the physical level; then analyses its security problems and the corresponding research status and proposes improvement methods and measures; finally, with the goal of "bit-based computing information security", a new type of secure communication scheme is designed.

Privacy Policies and Measurement - Although the number of smart Internet of Things (IoT) devices has grown in recent years, the public s perception of how effectively these devices secure IoT data has been questioned. Many IoT users do not have a good level of confidence in the security or privacy procedures implemented within IoT smart devices for protecting personal IoT data. Moreover, determining the level of confidence end users have in their smart devices is becoming a major challenge. In this paper, we present a study that focuses on identifying privacy concerns IoT end users have when using IoT smart devices. We investigated multiple smart devices and conducted a survey to identify users privacy concerns. Furthermore, we identify five IoT privacy-preserving (IoTPP) control policies that we define and employ in comparing the privacy measures implemented by various popular smart devices. Results from our study show that the over 86\% of participants are very or extremely concerned about the security and privacy of their personal data when using smart IoT devices such as Google Nest Hub or Amazon Alexa. In addition, our study shows that a significant number of IoT users may not be aware that their personal data is collected, stored or shared by IoT devices.

Privacy Policies - In the era of the Internet of things (IoT), smart logistics is quietly rising, but user privacy security has become an important factor hindering its development. Because privacy policy plays a positive role in protecting user privacy and improving corporate reputation, it has become an important part of smart logistics and the focus of express companies. In this paper, through the construction of the privacy policy evaluation index system of express companies, aiming at qualitative indicators that are difficult to evaluate, we introduce the cloud model evaluation method that can combine the qualitative and quantitative together, and comprehensively evaluate the privacy policy of five express companies in China from four indicators: general situation, user informed consent, information security control and personal rights protection. The results show that: Overall, the privacy policies of the five express companies have not reached the "good" level, and there is a certain gap between the privacy policies of different express companies. From the comparison of indicators, the five express companies generally score relatively good; However, the overall score of information security control index is relatively poor, and the other two indexes are quite different. Cloud model evaluation method has strong applicability for the evaluation of express company privacy policy, which provides a reference for improving the privacy policy formulation and improving the privacy protection level of China’s express delivery industry in the era of IoT.

Privacy Policies - Privacy policies, despite the important information they provide about the collection and use of one’s data, tend to be skipped over by most Internet users. In this paper, we seek to make privacy policies more accessible by automatically classifying text samples into web privacy categories. We use natural language processing techniques and multiple machine learning models to determine the effectiveness of each method in the classification method. We also explore the effectiveness of these methods to classify privacy policies of Internet of Things (IoT) devices.

Predictive Security Metrics - Most IoT systems involve IoT devices, communication protocols, remote cloud, IoT applications, mobile apps, and the physical environment. However, existing IoT security analyses only focus on a subset of all the essential components, such as device firmware or communication protocols, and ignore IoT systems’ interactive nature, resulting in limited attack detection capabilities. In this work, we propose IOTA, a logic programmingbased framework to perform system-level security analysis for IoT systems. IOTA generates attack graphs for IoT systems, showing all of the system resources that can be compromised and enumerating potential attack traces. In building IOTA, we design novel techniques to scan IoT systems for individual vulnerabilities and further create generic exploit models for IoT vulnerabilities. We also identify and model physical dependencies between different devices as they are unique to IoT systems and are employed by adversaries to launch complicated attacks. In addition, we utilize NLP techniques to extract IoT app semantics based on app descriptions. IOTA automatically translates vulnerabilities, exploits, and device dependencies to Prolog clauses and invokes MulVAL to construct attack graphs. To evaluate vulnerabilities’ system-wide impact, we propose two metrics based on the attack graph, which provide guidance on fortifying IoT systems. Evaluation on 127 IoT CVEs (Common Vulnerabilities and Exposures) shows that IOTA’s exploit modeling module achieves over 80\% accuracy in predicting vulnerabilities’ preconditions and effects. We apply IOTA to 37 synthetic smart home IoT systems based on real-world IoT apps and devices. Experimental results show that our framework is effective and highly efficient. Among 27 shortest attack traces revealed by the attack graphs, 62.8\% are not anticipated by the system administrator. It only takes 1.2 seconds to generate and analyze the attack graph for an IoT system consisting of 50 devices.

Operating Systems Security - The spread of the Internet of Things (IoT) and the use of smart control systems in many mission-critical or safetycritical applications domains, like automotive or aeronautical, make devices attractive targets for attackers. Nowadays, several of these are mixed-criticality systems, i.e., they run both highcriticality tasks (e.g., a car control system) and low-criticality ones (e.g., infotainment). High-criticality routines often employ Real-Time Operating Systems (RTOS) to enforce hard real-time requirements, while the tasks with lower constraints can be delegated to more generic-purpose operating systems (GPOS).

Operating Systems Security - IoT technology is finding new applications every day and everywhere in our daily lives. With that, come new use cases with new challenges in terms of device and data security. One of such challenges arises from the fact that many IoT devices/nodes are no longer being deployed on owners’ premises, but rather on public or private property other than the owner’s. With potential physical access to the IoT node, adversaries can launch many attacks that circumvent conventional protection methods. In this paper, we propose Secure SoC (SecSoC), a secure system-on-chip architecture that mitigates such attacks. This include logical memory dump attacks, bus snooping attacks, and compromised operating systems. SecSoC relies on two main mechanisms, (1) providing security extensions to the compute engine that runs the user application without changing its instruction set, (2) adding a security management unit (SMU) that provide HW security primitives for encryption, hashing, random number generators, and secrets store (keys, certificates, etc.). SecSoC ensures that no secret or sensitive data can leave the SoC IC in plaintext. SecSoC is being implemented in Bluespec SystemVerilog. The experimental results will reveal the area, power, and cycle time overhead of these security extensions. Overall performance (total execution time) will also be evaluated using IoT benchmarks.

Object Oriented Security - The spread of the Internet of Things (IoT) and the use of smart control systems in many mission-critical or safetycritical applications domains, like automotive or aeronautical, make devices attractive targets for attackers. Nowadays, several of these are mixed-criticality systems, i.e., they run both highcriticality tasks (e.g., a car control system) and low-criticality ones (e.g., infotainment). High-criticality routines often employ Real-Time Operating Systems (RTOS) to enforce hard real-time requirements, while the tasks with lower constraints can be delegated to more generic-purpose operating systems (GPOS).

Network Security Resiliency - Distributed cyber-infrastructures and Artificial Intelligence (AI) are transformative technologies that will play a pivotal role in the future of society and the scientific community. Internet of Things (IoT) applications harbor vast quantities of connected devices that collect a massive amount of sensitive information (e.g., medical, financial), which is usually analyzed either at the edge or federated cloud systems via AI/Machine Learning (ML) algorithms to make critical decisions (e.g., diagnosis). It is of paramount importance to ensure the security, privacy, and trustworthiness of data collection, analysis, and decision-making processes. However, system complexity and increased attack surfaces make these applications vulnerable to system breaches, single-point of failures, and various cyber-attacks. Moreover, the advances in quantum computing exacerbate the security and privacy challenges. That is, emerging quantum computers can break conventional cryptographic systems that offer cyber-security services, public key infrastructures, and privacy-enhancing technologies. Therefore, there is a vital need for new cyber-security paradigms that can address the resiliency, long-term security, and efficiency requirements of distributed cyber infrastructures.

Network Reconnaissance - With increasing number of data thefts courtesy of new and complex attack mechanisms being used everyday, declaring the internet as unsafe would be the understatement of the century. For current security experts the scenario is equivalent to an endless cat-and-mouse game across a constantly changing landscape. Hence relying on firewalls and anti-virus softwares is like trying to fight a modern, well-equipped army using sticks and stones. All that an attacker needs to successfully breach our system is the right social networking or the right malware used like a packing or encoding technique that our tools won’t detect. Therefore it is the need of the hour to shift our focus beyond edge defense, which largely involves validating the tools, and move towards identification of a breach followed by an appropriate response. This is achieved by implementing an ethereal network which is an end-to-end host and network approach that can actually scale as well as provide true breach detection. The objective is not just blocking; it is significant time reduction. When mundane methods involving firewalls and antiviruses fail, we need to determine what happened and respond. Any industry report uses the term weeks, months, and even years to determine the time of response, which is not good enough. Our goal is to bring it down to hours. We are talking about dramatic time reduction to improve our response, hence an effective breach detection approach is mandatory. A MHN (Modern Honey Network) with a honeypot system has been used to make management and deployment easier and to secure the honeypots. We have used various honeypots such as Glastopf, Dionaea honeypots, Kippo. The dubious activity will be recorded and the attacks details detected in MHN server. The final part of our research is reconnaissance. Since it can be awfully complicated we simplify the process by having our main focus on reconnaissance. Because if a malware or an insider threat breaks into something, they don’t know what they now have access to. This makes them feel the need to do reconnaissance. So, focusing on that behaviour provides us a simple way to determine that we have some unusual activity - whether it is an IOT device that has been compromised or whatever it may be, that has breached our network. Finally we deploy MHN, deploy Dionaea, Kippo, Snort honeypots and Splunk integration for analyzing the captured attacks which reveals the service port under attack and the source IP address of the attacker.

Network Reconnaissance - Network reconnaissance is a core security functionality, which can be used to detect hidden unauthorized devices or to identify missing devices. Currently, there is a lack of network reconnaissance tools capable of discovering Internet of Things (IoT) devices across multiple protocols. To bridge this gap, we introduce IoT-Scan, an extensible IoT network reconnaissance tool. IoT-Scan is based on softwaredefined radio (SDR) technology, which allows for a flexible implementation of radio protocols. We propose passive, active, multi-channel, and multi-protocol scanning algorithms to speed up the discovery of devices with IoT-Scan. We implement the scanning algorithms and compare their performance with four popular IoT protocols: Zigbee, Bluetooth LE, Z-Wave, and LoRa. Through experiments with dozens of IoT devices, we demonstrate that our implementation experiences minimal packet losses, and achieves performance near a theoretical benchmark.

Network Control Systems Security - The analysis shows how important Power Network Measuring and Characterization (PSMC) is to the plan. Networks planning and oversight for the transmission of electrical energy is becoming increasingly frequent. In reaction to the current contest of assimilating trying to cut charging in the crate, estimation, information sharing, but rather govern into PSMC reasonable quantities, Electrical Transmit Monitoring and Management provides a thorough outline of founding principles together with smart sensors for domestic spying, security precautions, and control of developed broadening power systems.

Network on Chip Security - IoT technology is finding new applications every day and everywhere in our daily lives. With that, come new use cases with new challenges in terms of device and data security. One of such challenges arises from the fact that many IoT devices/nodes are no longer being deployed on owners’ premises, but rather on public or private property other than the owner’s. With potential physical access to the IoT node, adversaries can launch many attacks that circumvent conventional protection methods. In this paper, we propose Secure SoC (SecSoC), a secure system-on-chip architecture that mitigates such attacks. This include logical memory dump attacks, bus snooping attacks, and compromised operating systems. SecSoC relies on two main mechanisms, (1) providing security extensions to the compute engine that runs the user application without changing its instruction set, (2) adding a security management unit (SMU) that provide HW security primitives for encryption, hashing, random number generators, and secrets store (keys, certificates, etc.). SecSoC ensures that no secret or sensitive data can leave the SoC IC in plaintext. SecSoC is being implemented in Bluespec SystemVerilog. The experimental results will reveal the area, power, and cycle time overhead of these security extensions. Overall performance (total execution time) will also be evaluated using IoT benchmarks.

Nearest Neighbor Search - The data of large-scale distributed demand-side iot devices are gradually migrated to the cloud. This cloud deployment mode makes it convenient for IoT devices to participate in the interaction between supply and demand, and at the same time exposes various vulnerabilities of IoT devices to the Internet, which can be easily accessed and manipulated by hackers to launch large-scale DDoS attacks. As an easy-to-understand supervised learning classification algorithm, KNN can obtain more accurate classification results without too many adjustment parameters, and has achieved many research achievements in the field of DDoS detection. However, in the face of high-dimensional data, this method has high operation cost, high cost and not practical. Aiming at this disadvantage, this chapter explores the potential of classical KNN algorithm in data storage structure, Knearest neighbor search and hyperparameter optimization, and proposes an improved KNN algorithm for DDoS attack detection of demand-side IoT devices.

Natural Language Processing - The Internet of Thigs is mainly considered as the key technology tools which enables in connecting many devices through the use of internet, this has enabled in overall exchange of data and information, support in receiving the instruction and enable in acting upon it in an effective manner. With the advent of IoT, many devices are connected to the internet which enable in assisting the individuals to operate the devise virtually, share data and program required actions. This study is focused in understanding the key determinants of creating smart homes by applying natural language processing (NLP) through IoT. The major determinants considered are Integrating voice understanding into devices; Ability to control the devices remotely and support in reducing the energy bills.

Named Data Network Security - Internet of Things (IoT) is becoming an important approach to accomplish healthcare monitoring where critical medical data retrieval is essential in a secure and private manner. Nevertheless, IoT devices have constrained resources. Therefore, acquisition of efficient, secure and private data is very challenging. The current research on applying architecture of Named Data Networking (NDN) to IoT design reveals very promising results. Therefore, we are motivated to combine NDN and IoT, which we call NDN-IoT architecture, for a healthcare application. Inspired by the idea, we propose a healthcare monitoring groundwork integrating NDN concepts into IoT in Contiki NG OS at the network layer that we call µNDN as it is a micro and light-weight implementation. We quantitatively explore the usage of the NDN-IoT approach to understand its efficiency for medical data retrieval. Reliability and delay performances were evaluated and analyzed for a remote health application. Our results, in this study, show that the µNDN architecture performs better than IP architecture when retrieving medical data. Thus, it is worth exploring the µNDN architecture further.

Multifactor Authentication - Internet connected Children s toys are a type of IoT devices that the security community should pay particular attention. A cyber-predator may interact with or gather confidential data about children without being physically present if IoT toys are hacked. Authentication to verify user identity is essential for all internetconnected applications, where relying on single authentication is not considered safe, especially in children s applications. Children often use easy-to-guess passwords in smart applications associated with the Internet of Things (IoT) for children s toys. In this paper, we propose to activate multi-factor authentication on the IoTs for children s toys connected to the internet using companion applications. When changing the user s behaviour (by IP address, GPS, OS version, and browser), the child s identity must be verified by two-factor authentication to prevent unauthorized access to preserve the child s safety and privacy. This paper introduces multi-authentication mechanisms: a password and another authentication type, either mobile phone SMS, security token, digital certificate, or biometric authentication.

Multifactor Authentication - Dhillon and Kalra proposed a multi-factor user authentication scheme for IoT. The authors claim their scheme to have practical utility for the IoT environment. However, we find that their scheme has numerous flaws such as insider attack and inefficient authentication. An adversary can work as a middle-man between the sensor node and the user, and the user can set-up a session key with the sensor node. Besides, the scheme does not establish the mutual authentication between every pair of entities. Thus, the scheme is inconvenient for practical use. We conclude this article by providing some suggestions for the improvement of the analysed scheme to remove the weaknesses identified in it.

Multifactor Authentication - With the growth of the number in smart devices based on IoT, keeping a secure data processing among them has become even more significant in cloud computing. However, a high security is needed to protect the huge amount of data privacy. In this regard, many authentication approaches are presented in IoT-Cloud-based Architecture. However, computation, latency, and security strength are major issues to provide authentication for users. We propose the Multifactor Scalable Lightweight Cryptography for IoTCloud to enhance security to protect the user or organization s information. The non-sensitive and sensitive data are generated from IoT devices and stored in our proposed hybrid public and private cloud after the encryptions. Hence, encryptions for public cloud and private cloud data are done by Digital Signature Algorithm and Policy based Attribute encryption algorithm with Moth fly optimization. This optimization is chosen as the key parameter efficiently. The three multifactors are then used to perform the three levels of authentication by Trust based Authentication Scheme. Following this, the proposed multifactor authentication is simulated and compared with existing approaches to analyze the performance in terms of computational and execution time and security strength. As a result, the proposed method is shown 97\% of security strength and minimum computation and execution time than other conventional approaches.