scholarly journals An Adaptive Communication-Efficient Federated Learning to Resist Gradient-Based Reconstruction Attacks

2021 ◽  
Vol 2021 ◽  
pp. 1-16
Author(s):  
Yanbin Li ◽  
Yue Li ◽  
Huanliang Xu ◽  
Shougang Ren
Keyword(s):  
Internet Of Things ◽  
Communication Strategy ◽  
Communication Overhead ◽  
Resource Constrained ◽  
User Privacy ◽  
Adaptive Communication ◽  
Gradient Based ◽  
Promising Solution ◽  
Defence Strategy ◽  
Iot Devices

The widely deployed devices in Internet of Things (IoT) have opened up a large amount of IoT data. Recently, federated learning emerges as a promising solution aiming to protect user privacy on IoT devices by training a globally shared model. However, the devices in the complex IoT environments pose great challenge to federate learning, which is vulnerable to gradient-based reconstruction attacks. In this paper, we discuss the relationships between the security of federated learning model and optimization technologies of decreasing communication overhead comprehensively. To promote the efficiency and security, we propose a defence strategy of federated learning which is suitable to resource-constrained IoT devices. The adaptive communication strategy is to adjust the frequency and parameter compression by analysing the training loss to ensure the security of the model. The experiments show the efficiency of our proposed method to decrease communication overhead, while preventing privacy data leakage.

scholarly journals State-of-the-Art Software-Based Remote Attestation: Opportunities and Open Issues for Internet of Things

Sensors ◽  
2021 ◽  
Vol 21 (5) ◽  
pp. 1598
Author(s):  
Sigurd Frej Joel Jørgensen Ankergård ◽  
Edlira Dushku ◽  
Nicola Dragoni
Keyword(s):  
Internet Of Things ◽  
Smart Cities ◽  
Cyber Attacks ◽  
Resource Constrained ◽  
Remote Attestation ◽  
Comprehensive Overview ◽  
Research Issues ◽  
Advantages And Disadvantages ◽  
Iot Devices ◽  
Specialized Hardware

The Internet of Things (IoT) ecosystem comprises billions of heterogeneous Internet-connected devices which are revolutionizing many domains, such as healthcare, transportation, smart cities, to mention only a few. Along with the unprecedented new opportunities, the IoT revolution is creating an enormous attack surface for potential sophisticated cyber attacks. In this context, Remote Attestation (RA) has gained wide interest as an important security technique to remotely detect adversarial presence and assure the legitimate state of an IoT device. While many RA approaches proposed in the literature make different assumptions regarding the architecture of IoT devices and adversary capabilities, most typical RA schemes rely on minimal Root of Trust by leveraging hardware that guarantees code and memory isolation. However, the presence of a specialized hardware is not always a realistic assumption, for instance, in the context of legacy IoT devices and resource-constrained IoT devices. In this paper, we survey and analyze existing software-based RA schemes (i.e., RA schemes not relying on specialized hardware components) through the lens of IoT. In particular, we provide a comprehensive overview of their design characteristics and security capabilities, analyzing their advantages and disadvantages. Finally, we discuss the opportunities that these RA schemes bring in attesting legacy and resource-constrained IoT devices, along with open research issues.

scholarly journals Device-Based Security to Improve User Privacy in the Internet of Things †

Sensors ◽  
2018 ◽  
Vol 18 (8) ◽  
pp. 2664 ◽  
Author(s):  
Luis Belem Pacheco ◽  
Eduardo Pelinson Alchieri ◽  
Priscila Mendez Barreto
Keyword(s):  
Cloud Computing ◽  
Internet Of Things ◽  
Single Point ◽  
Data Access ◽  
Cloud Services ◽  
Sensitive Information ◽  
User Privacy ◽  
Privacy And Security ◽  
Iot Devices ◽  
And Control

The use of Internet of Things (IoT) is rapidly growing and a huge amount of data is being generated by IoT devices. Cloud computing is a natural candidate to handle this data since it has enough power and capacity to process, store and control data access. Moreover, this approach brings several benefits to the IoT, such as the aggregation of all IoT data in a common place and the use of cloud services to consume this data and provide useful applications. However, enforcing user privacy when sending sensitive information to the cloud is a challenge. This work presents and evaluates an architecture to provide privacy in the integration of IoT and cloud computing. The proposed architecture, called PROTeCt—Privacy aRquitecture for integratiOn of internet of Things and Cloud computing, improves user privacy by implementing privacy enforcement at the IoT devices instead of at the gateway, as is usually done. Consequently, the proposed approach improves both system security and fault tolerance, since it removes the single point of failure (gateway). The proposed architecture is evaluated through an analytical analysis and simulations with severely constrained devices, where delay and energy consumption are evaluated and compared to other architectures. The obtained results show the practical feasibility of the proposed solutions and demonstrate that the overheads introduced in the IoT devices are worthwhile considering the increased level of privacy and security.

scholarly journals ABSAC: Attribute-Based Access Control Model Supporting Anonymous Access for Smart Cities

2021 ◽  
Vol 2021 ◽  
pp. 1-11
Author(s):  
Runnan Zhang ◽  
Gang Liu ◽  
Shancang Li ◽  
Yongheng Wei ◽  
Quan Wang
Keyword(s):  
Internet Of Things ◽  
Access Control ◽  
Private Information ◽  
Smart Cities ◽  
Control Model ◽  
User Privacy ◽  
Access Control Models ◽  
The Subject ◽  
Attribute Based Access Control ◽  
Iot Devices

Smart cities require new access control models for Internet of Things (IoT) devices that preserve user privacy while guaranteeing scalability and efficiency. Researchers believe that anonymous access can protect the private information even if the private information is not stored in authorization organization. Many attribute-based access control (ABAC) models that support anonymous access expose the attributes of the subject to the authorization organization during the authorization process, which allows the authorization organization to obtain the attributes of the subject and infer the identity of the subject. The ABAC with anonymous access proposed in this paper called ABSAC strengthens the identity-less of ABAC by combining homomorphic attribute-based signatures (HABSs) which does not send the subject attributes to the authorization organization, reducing the risk of subject identity re-identification. It is a secure anonymous access framework. Tests show that the performance of ABSAC implementation is similar to ABAC’s performance.

Fog Computing: A Primer

2017 ◽  
Vol 7 (7) ◽  
pp. 405
Author(s):  
Matthew N. O. Sadiku ◽  
Mahamadou Tembely ◽  
Sarhan M. Musa
Keyword(s):  
Internet Of Things ◽  
Real Time ◽  
Fog Computing ◽  
Resource Constrained ◽  
Computing Model ◽  
Computing Services ◽  
Iot Devices ◽  
Real Time Computing ◽  
And Storage ◽  
The Ideal

Fog computing (FC) was proposed in 2012 by Cisco as the ideal computing model for providing real-time computing services and storage to support the resource-constrained Internet of Things (IoT) devices. Thus, FC may be regarded as the convergence of the IoT and the Cloud, combining the data-centric IoT services and pay-as-you-go characteristics of clouds.  This paper provides a brief introduction of fog computing.

scholarly journals Privacy Preservation in Resource-Constrained IoT Devices Using Blockchain—A Survey

Electronics ◽  
2021 ◽  
Vol 10 (14) ◽  
pp. 1732
Author(s):  
Zainab Iftikhar ◽  
Yasir Javed ◽  
Syed Yawar Abbas Zaidi ◽  
Munam Ali Shah ◽  
Zafar Iqbal Khan ◽  
...  
Keyword(s):  
Internet Of Things ◽  
Privacy Preservation ◽  
Resource Constrained ◽  
Huge Number ◽  
Identity Disclosure ◽  
Iot Devices ◽  
Resource Constrained Devices ◽  
Constrained Devices

With opportunities brought by Internet of Things (IoT), it is quite a challenge to assure privacy preservation when a huge number of resource-constrained distributed devices is involved. Blockchain has become popular for its benefits, including decentralization, persistence, immutability, auditability and consensus. With the implementation of blockchain in IoT, the benefits provided by blockchain can be derived in order to make IoT more efficient and maintain trust. In this paper, we discuss some applications of IoT in different fields and privacy-related issues faced by IoT in resource-constrained devices. We discuss some applications of blockchain in vast majority of areas, and the opportunities it brings to resolve IoT privacy limitations. We, then, survey different researches based on the implementation of blockchain in IoT. The goal of this paper is to survey recent researches based on the implementation of blockchain in IoT for privacy preservation. After analyzing the recent solutions, we see that the blockchain is an optimal way for preventing identity disclosure, monitoring, and providing tracking in IoT.

scholarly journals Secure Communications for Resource-Constrained IoT Devices

Sensors ◽  
2020 ◽  
Vol 20 (13) ◽  
pp. 3637
Author(s):  
Abd-Elhamid M. Taha ◽  
Abdulmonem M. Rashwan ◽  
Hossam S. Hassanein
Keyword(s):  
Internet Of Things ◽  
Secure Communication ◽  
The Internet ◽  
Secure Communications ◽  
Message Authentication ◽  
Authentication Codes ◽  
Resource Constrained ◽  
Iot Devices ◽  
The Internet Of Things ◽  
Constrained Devices

The importance of securing communications on the Internet of Things (IoT) cannot be overstated. This is especially the case in light of the increasing proliferation of IoT devices and instances, as well as the growing dependence on their usage. Meanwhile, there have recently been mounting concerns over a wide array of vulnerabilities in IoT communications. The objective of this work is to address constraints in IoT devices that are “resource-constrained”, which are devices that are limited in terms of computing, energy, communication, or range capabilities, whether in terms of nominal or temporal limitations. Specifically, we propose a framework for resource-aiding constrained devices to facilitate secure communication. Without loss of generalization, the framework’s viability is illustrated by focusing on a group of security functions that utilize message authentication codes, which is a strongly representative example of resource-intensive security functions. Aspects of the framework are further demonstrated in processing cores commonly used in commercial IoT devices.

scholarly journals A Comparative Study of Post-Quantum Cryptosystems for Internet-of-Things Applications

Sensors ◽  
2022 ◽  
Vol 22 (2) ◽  
pp. 489
Author(s):  
Jose-Antonio Septien-Hernandez ◽  
Magali Arellano-Vazquez ◽  
Marco Antonio Contreras-Cruz ◽  
Juan-Pablo Ramirez-Paredes
Keyword(s):  
Internet Of Things ◽  
Quantum Algorithms ◽  
The Internet ◽  
Quantum Computers ◽  
Resource Constrained ◽  
Public Key Cryptosystems ◽  
Shor's Algorithm ◽  
Iot Devices ◽  
Imminent Threat ◽  
The Internet Of Things

The existence of quantum computers and Shor’s algorithm poses an imminent threat to classical public-key cryptosystems. These cryptosystems are currently used for the exchange of keys between servers and clients over the Internet. The Internet of Things (IoT) is the next step in the evolution of the Internet, and it involves the connection of millions of low-powered and resource-constrained devices to the network. Because quantum computers are becoming more capable, the creation of a new cryptographic standard that cannot be compromised by them is indispensable. There are several current proposals of quantum-resistant or post-quantum algorithms that are being considered for future standards. Given that the IoT is increasing in popularity, and given its resource-constrained nature, it is worth adapting those new standards to IoT devices. In this work, we study some post-quantum cryptosystems that could be suitable for IoT devices, adapting them to work with current cryptography and communication software, and conduct a performance measurement on them, obtaining guidelines for selecting the best for different applications in resource-constrained hardware. Our results show that many of these algorithms can be efficiently executed in current IoT hardware, providing adequate protection from the attacks that quantum computers will eventually be capable of.

scholarly journals PRISEC: Comparison of Symmetric Key Algorithms for IoT Devices

Sensors ◽  
2019 ◽  
Vol 19 (19) ◽  
pp. 4312 ◽  
Author(s):  
Daniel A. F. Saraiva ◽  
Valderi Reis Quietinho Leithardt ◽  
Diandre de Paula ◽  
André Sales Mendes ◽  
Gabriel Villarrubia González ◽  
...  
Keyword(s):  
Internet Of Things ◽  
Power Consumption ◽  
Advanced Encryption Standard ◽  
The Internet ◽  
Secure Communications ◽  
Resource Constrained ◽  
Symmetric Key ◽  
Iot Devices ◽  
Resource Constrained Devices ◽  
Constrained Devices

With the growing number of heterogeneous resource-constrained devices connected to the Internet, it becomes increasingly challenging to secure the privacy and protection of data. Strong but efficient cryptography solutions must be employed to deal with this problem, along with methods to standardize secure communications between these devices. The PRISEC module of the UbiPri middleware has this goal. In this work, we present the performance of the AES (Advanced Encryption Standard), RC6 (Rivest Cipher 6), Twofish, SPECK128, LEA, and ChaCha20-Poly1305 algorithms in Internet of Things (IoT) devices, measuring their execution times, throughput, and power consumption, with the main goal of determining which symmetric key ciphers are best to be applied in PRISEC. We verify that ChaCha20-Poly1305 is a very good option for resource constrained devices, along with the lightweight block ciphers SPECK128 and LEA.

Security Aspects of the Internet of Things

2021 ◽  
pp. 207-233
Author(s):  
Dominik Hromada ◽  
Rogério Luís de C. Costa ◽  
Leonel Santos ◽  
Carlos Rabadão
Keyword(s):  
Internet Of Things ◽  
New Technologies ◽  
Smart Cities ◽  
The Internet ◽  
Detection Systems ◽  
Private Data ◽  
Promising Solution ◽  
Iot Devices ◽  
Smart Industry ◽  
The Internet Of Things

The Internet of Things (IoT) comprises the interconnection of a wide range of different devices, from Smart Bluetooth speakers to humidity sensors. The great variety of devices enables applications in several contexts, including Smart Cities and Smart Industry. IoT devices collect and process a large amount of data on machines and the environment and even monitor people's activities. Due to their characteristics and architecture, IoT devices and networks are potential targets for cyberattacks. Indeed, cyberattacks can lead to malfunctions of the IoT environment and access and misuse of private data. This chapter addresses security concerns in the IoT ecosystem. It identifies common threats for each of IoT layers and presents advantages, challenges, and limitations of promising countermeasures based on new technologies and strategies, like Blockchain and Machine Learning. It also contains a more in-depth discussion on Intrusion Detection Systems (IDS) for IoT, a promising solution for cybersecurity in IoT ecosystems.

Sign in / Sign up

Export Citation Format

Share Document