Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
7.1
2.8
Journals
Future Internet
Special Issues
Cybersecurity in the IoT
share announcement

Cybersecurity in the IoT

A special issue of Future Internet (ISSN 1999-5903). This special issue belongs to the section "Internet of Things".

Deadline for manuscript submissions: 20 February 2025 | Viewed by 17531

Special Issue Editors

Prof. Dr. Christos Tryfonopoulos

E-Mail Website
Guest Editor
Department of Informatics & Telecommunications, University of the Peloponnese, GR-22131 Tripoli, Greece
Interests: information management; distributed systems; digital libraries; databases; big data systems; cybersecurity; IoT
Special Issues, Collections and Topics in MDPI journals
Prof. Dr. Nicholas Kolokotronis

E-Mail Website
Guest Editor
Department of Informatics and Telecommunications, University of the Peloponnese, 221 31 Tripoli, Greece
Interests: cyber-security; game-theoretic security; autonomous security; privacy; risk management; cryptography; blockchain; post-quantum cryptography; coding theory; IoT
Special Issues, Collections and Topics in MDPI journals

Special Issue Information

Dear Colleagues,

The Internet of things (IoT) comprises a vast number of massively connected devices that deliver intelligent services across many consumer, commercial, and industrial IoT (IIoT) ecosystems. The majority of IoT devices are highly resource-constrained while their security design is in many cases seriously flawed, e.g., by lacking authentication, using hardcoded passwords, or having numerous vulnerabilities, hence rendering the IoT as vulnerable by default. The integration with the cloud creates complex ecosystems that are difficult to analyze, thus contributing to the growing rate and sophistication of cyber-security incidents. The number of attacks utilizing or targeting the cloud has significantly increased, with the next generation of botnets weaponizing both IoT devices and virtual private servers to carry out high-performance attacks. The reduced control/visibility over cloud assets due to their distributed nature and dynamic architecture has led to a considerable increase in supply chain attacks. Such incidents are possible due to the assumption that systems inside the security perimeter are trusted; security approaches, like zero trust, have been proposed as a way to prevent attacks. Taking into consideration these issues, the use of intelligent methods and tools is required to allow for the efficient preparation, prevention, detection, and mitigation of cyber-attacks.

This Special Issue aims to promote the dissemination of the latest methodologies, solutions, and case studies pertaining to IoT cyber-security issues. Its objective is to publish high‐quality articles presenting security algorithms, protocols, frameworks, and solutions for IoT ecosystems. Technical papers describing previously unpublished, original, state‐of‐the‐art research, and not currently under review by a conference or journal, will be considered.

Possible topics of interest of this Special Issue include, but are not limited to:

  • Zero-trust architectures for IoT security;
  • AI-powered security techniques for IoT;
  • Supply-chain IoT security and countermeasures (e.g., device lifecycle management, integrity verification, compliance assessment);
  • Big data-driven IoT security methods, including analytics and visualization;
  • Disruptive approaches to IoT security (e.g., blockchain, cloud/edge computing, quantum computing);
  • Collaborative and distributed paradigms for IoT security;
  • Machine/deep learning methods for proactive IoT security (e.g., threat intelligence, behavioral analytics, threat modeling, attack surface reduction);
  • Cyber-security in IoT application domains (e.g., smart mobility/cities/agriculture/transporta­tion/grid/maritime).

Prof. Dr. Christos Tryfonopoulos
Prof. Dr. Nicholas Kolokotronis
Guest Editors

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Future Internet is an international peer-reviewed open access monthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 1600 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • Internet of Things
  • cyber-security
  • artificial intelligence
  • machine/deep learning
  • supply chain
  • big data

Benefits of Publishing in a Special Issue

  • Ease of navigation: Grouping papers by topic helps scholars navigate broad scope journals more efficiently.
  • Greater discoverability: Special Issues support the reach and impact of scientific research. Articles in Special Issues are more discoverable and cited more frequently.
  • Expansion of research network: Special Issues facilitate connections among authors, fostering scientific collaborations.
  • External promotion: Articles in Special Issues are often promoted through the journal's social media, increasing their visibility.
  • e-Book format: Special Issues with more than 10 articles can be published as dedicated e-books, ensuring wide and rapid dissemination.

Further information on MDPI's Special Issue polices can be found here.

Published Papers (9 papers)

Download All Papers
Order results
Result details
Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:

Research

Jump to: Review

23 pages, 15586 KiB  
Article
Conservative Interference Injection to Minimize Wi-Fi Sensing Privacy Risks and Bandwidth Loss
by Aryan Sharma, Haoming Wang, Deepak Mishra and Aruna Seneviratne
Future Internet 2025, 17(1), 20; https://doi.org/10.3390/fi17010020 - 6 Jan 2025
Viewed by 481
Abstract
With the impending integration of sensing capabilities into new wireless standards such as 6G and 802.11 bf, there is a growing threat to public privacy. Recent studies have revealed that even small-scale activities, like keyboard typing, can be sensed by attackers using Wi-Fi [...] Read more.
With the impending integration of sensing capabilities into new wireless standards such as 6G and 802.11 bf, there is a growing threat to public privacy. Recent studies have revealed that even small-scale activities, like keyboard typing, can be sensed by attackers using Wi-Fi Channel State Information (CSI) as these devices become more common in commercial spaces. This paper aims to model the minimum CSI data rate required to sense activities in the channel and quantifies the detection accuracy of WiFi-based keystroke recognition in relation to the CSI sensing data rate. Our experimental findings using commercial-off-the-shelf hardware suggest that interference can be used as a defence strategy to degrade the CSI data rate and prevent undesirable Wi-Fi sensing attacks. To achieve a reduced data rate, we propose an extension to Bianchi’s model of CSMA/CA systems and establish a new mathematical relationship between channel contention and the available CSI. This proposed relationship was empirically verified, and our contention-based defence strategy was experimentally validated. Experiments show that our contention-based defence strategy increases the chances of evading undesired WiFi-based keystroke recognition by around 70%. By leveraging prior work that shows a degradation in CSI quality with lower transmission rates, we show that conservative interference injection can sufficiently reduce sensing accuracy whilst maintaining channel bandwidth. Full article
(This article belongs to the Special Issue Cybersecurity in the IoT)
Show Figures

Figure 1

18 pages, 3552 KiB  
Article
A Secure Auditable Remote Registry Pattern for IoT Systems
by Antonio Maña, Francisco J. Jaime and Lucía Gutiérrez
Future Internet 2024, 16(11), 405; https://doi.org/10.3390/fi16110405 - 4 Nov 2024
Viewed by 753
Abstract
In software engineering, pattern papers serve the purpose of providing a description of a generalized, reusable solution to recurring design problems, based on practical experience and established best practices. This paper presents an architectural pattern for a Secure Auditable Registry service based on [...] Read more.
In software engineering, pattern papers serve the purpose of providing a description of a generalized, reusable solution to recurring design problems, based on practical experience and established best practices. This paper presents an architectural pattern for a Secure Auditable Registry service based on Message-Oriented Middleware to be used in large-scale IoT systems that must provide auditing capabilities to external entities. To prepare the pattern, the direct experience in applying the pattern solution in an industry-funded R&D project has been a key aspect because it has allowed us to gain a deep understanding of the problem and the solution, and it has contributed to the correctness and real-world applicability of the pattern as described. To further improve the quality of the paper, we have followed the commonly accepted practices in pattern development (including peer reviews) to ensure that the core aspects of the solution are correctly represented and that the description allows it to be applicable to similar problems in other domains, such as healthcare, autonomous devices, banking, food tracing or manufacturing to name a few. The work done in applying this pattern confirms that it solves a recurring problem for IoT systems, but also that it can be adopted in other domains, providing an effective solution in order to achieve enhancement of the auditability capabilities of the target systems. This pattern will be part of a pattern language (i.e., a family of related patterns) that we are developing for transitioning from legacy systems to IoT with an emphasis on security. Full article
(This article belongs to the Special Issue Cybersecurity in the IoT)
Show Figures

Figure 1

15 pages, 408 KiB  
Article
Intrusion Detection in IoT Using Deep Residual Networks with Attention Mechanisms
by Bo Cui, Yachao Chai, Zhen Yang and Keqin Li
Future Internet 2024, 16(7), 255; https://doi.org/10.3390/fi16070255 - 18 Jul 2024
Cited by 1 | Viewed by 1354
Abstract
Connected devices in IoT systems usually have low computing and storage capacity and lack uniform standards and protocols, making them easy targets for cyberattacks. Implementing security measures like cryptographic authentication, access control, and firewalls for IoT devices is insufficient to fully address the [...] Read more.
Connected devices in IoT systems usually have low computing and storage capacity and lack uniform standards and protocols, making them easy targets for cyberattacks. Implementing security measures like cryptographic authentication, access control, and firewalls for IoT devices is insufficient to fully address the inherent vulnerabilities and potential cyberattacks within the IoT environment. To improve the defensive capabilities of IoT systems, some research has focused on using deep learning techniques to provide new solutions for intrusion detection systems. However, some existing deep learning-based intrusion detection methods suffer from inadequate feature extraction and insufficient model generalization capability. To address the shortcomings of existing detection methods, we propose an intrusion detection model based on temporal convolutional residual modules. An attention mechanism is introduced to assess feature scores and enhance the model’s ability to concentrate on critical features, thereby boosting its detection performance. We conducted extensive experiments on the ToN_IoT dataset and the UNSW-NB15 dataset, and the proposed model achieves accuracies of 99.55% and 89.23% on the ToN_IoT and UNSW-NB15 datasets, respectively, with improvements of 0.14% and 15.3% compared with the current state-of-the-art models. These results demonstrate the superior detection performance of the proposed model. Full article
(This article belongs to the Special Issue Cybersecurity in the IoT)
Show Figures

Figure 1

29 pages, 8035 KiB  
Article
A Novel Hybrid Unsupervised Learning Approach for Enhanced Cybersecurity in the IoT
by Prabu Kaliyaperumal, Sudhakar Periyasamy, Manikandan Thirumalaisamy, Balamurugan Balusamy and Francesco Benedetto
Future Internet 2024, 16(7), 253; https://doi.org/10.3390/fi16070253 - 18 Jul 2024
Cited by 2 | Viewed by 5055
Abstract
The proliferation of IoT services has spurred a surge in network attacks, heightening cybersecurity concerns. Essential to network defense, intrusion detection and prevention systems (IDPSs) identify malicious activities, including denial of service (DoS), distributed denial of service (DDoS), botnet, brute force, infiltration, and [...] Read more.
The proliferation of IoT services has spurred a surge in network attacks, heightening cybersecurity concerns. Essential to network defense, intrusion detection and prevention systems (IDPSs) identify malicious activities, including denial of service (DoS), distributed denial of service (DDoS), botnet, brute force, infiltration, and Heartbleed. This study focuses on leveraging unsupervised learning for training detection models to counter these threats effectively. The proposed method utilizes basic autoencoders (bAEs) for dimensionality reduction and encompasses a three-stage detection model: one-class support vector machine (OCSVM) and deep autoencoder (dAE) attack detection, complemented by density-based spatial clustering of applications with noise (DBSCAN) for attack clustering. Accurately delineated clusters aid in mapping attack tactics. The MITRE ATT&CK framework establishes a “Cyber Threat Repository”, cataloging attacks and tactics, enabling immediate response based on priority. Leveraging preprocessed and unlabeled normal network traffic data, this approach enables the identification of novel attacks while mitigating the impact of imbalanced training data on model performance. The autoencoder method utilizes reconstruction error, OCSVM employs a kernel function to establish a hyperplane for anomaly detection, while DBSCAN employs a density-based approach to identify clusters, manage noise, accommodate diverse shapes, automatically determining cluster count, ensuring scalability, and minimizing false positives and false negatives. Evaluated on standard datasets such as CIC-IDS2017 and CSECIC-IDS2018, the proposed model outperforms existing state of art methods. Our approach achieves accuracies exceeding 98% for the two datasets, thus confirming its efficacy and effectiveness for application in efficient intrusion detection systems. Full article
(This article belongs to the Special Issue Cybersecurity in the IoT)
Show Figures

Figure 1

19 pages, 3381 KiB  
Article
Exploiting Autoencoder-Based Anomaly Detection to Enhance Cybersecurity in Power Grids
by Fouzi Harrou, Benamar Bouyeddou, Abdelkader Dairi and Ying Sun
Future Internet 2024, 16(6), 184; https://doi.org/10.3390/fi16060184 - 22 May 2024
Cited by 4 | Viewed by 1320
Abstract
The evolution of smart grids has led to technological advances and a demand for more efficient and sustainable energy systems. However, the deployment of communication systems in smart grids has increased the threat of cyberattacks, which can result in power outages and disruptions. [...] Read more.
The evolution of smart grids has led to technological advances and a demand for more efficient and sustainable energy systems. However, the deployment of communication systems in smart grids has increased the threat of cyberattacks, which can result in power outages and disruptions. This paper presents a semi-supervised hybrid deep learning model that combines a Gated Recurrent Unit (GRU)-based Stacked Autoencoder (AE-GRU) with anomaly detection algorithms, including Isolation Forest, Local Outlier Factor, One-Class SVM, and Elliptical Envelope. Using GRU units in both the encoder and decoder sides of the stacked autoencoder enables the effective capture of temporal patterns and dependencies, facilitating dimensionality reduction, feature extraction, and accurate reconstruction for enhanced anomaly detection in smart grids. The proposed approach utilizes unlabeled data to monitor network traffic and identify suspicious data flow. Specifically, the AE-GRU is performed for data reduction and extracting relevant features, and then the anomaly algorithms are applied to reveal potential cyberattacks. The proposed framework is evaluated using the widely adopted IEC 60870-5-104 traffic dataset. The experimental results demonstrate that the proposed approach outperforms standalone algorithms, with the AE-GRU-based LOF method achieving the highest detection rate. Thus, the proposed approach can potentially enhance the cybersecurity in smart grids by accurately detecting and preventing cyberattacks. Full article
(This article belongs to the Special Issue Cybersecurity in the IoT)
Show Figures

Figure 1

17 pages, 429 KiB  
Article
Realization of Authenticated One-Pass Key Establishment on RISC-V Micro-Controller for IoT Applications
by Tuan-Kiet Dang, Khai-Duy Nguyen, Binh Kieu-Do-Nguyen, Trong-Thuc Hoang and Cong-Kha Pham
Future Internet 2024, 16(5), 157; https://doi.org/10.3390/fi16050157 - 3 May 2024
Cited by 3 | Viewed by 1368
Abstract
Internet-of-things networks consist of multiple sensor devices spread over a wide area. In order to protect the data from unauthorized access and tampering, it is essential to ensure secure communication between the sensor devices and the central server. This security measure aims to [...] Read more.
Internet-of-things networks consist of multiple sensor devices spread over a wide area. In order to protect the data from unauthorized access and tampering, it is essential to ensure secure communication between the sensor devices and the central server. This security measure aims to guarantee authenticity, confidentiality, and data integrity. Unlike traditional computing systems, sensor node devices are often limited regarding memory and computing power. Lightweight communication protocols, such as LoRaWAN, were introduced to overcome these limitations. However, despite the lightweight feature, the protocol is vulnerable to different types of attacks. This proposal presents a highly secure key establishment protocol that combines two cryptography schemes: Elliptic Curve Qu–Vanstone and signcryption key encapsulation. The protocol provides a method to establish a secure channel that inherits the security properties of the two schemes. Also, it allows for fast rekeying with only one exchange message, significantly reducing the handshake complexity in low-bandwidth communication. In addition, the selected schemes complement each other and share the same mathematical operations in elliptic curve cryptography. Moreover, with the rise of a community-friendly platform like RISC-V, we implemented the protocol on a RISC-V system to evaluate its overheads regarding the cycle count and execution time. Full article
(This article belongs to the Special Issue Cybersecurity in the IoT)
Show Figures

Figure 1

Review

Jump to: Research

32 pages, 492 KiB  
Review
A Survey on Cybersecurity in IoT
by Elias Dritsas and Maria Trigka
Future Internet 2025, 17(1), 30; https://doi.org/10.3390/fi17010030 - 11 Jan 2025
Viewed by 645
Abstract
The proliferation of the Internet of Things (IoT) has transformed the digital landscape, enabling a vast array of interconnected devices to communicate and share data seamlessly. However, the rapid expansion of IoT networks has also introduced significant cybersecurity challenges. This paper presents a [...] Read more.
The proliferation of the Internet of Things (IoT) has transformed the digital landscape, enabling a vast array of interconnected devices to communicate and share data seamlessly. However, the rapid expansion of IoT networks has also introduced significant cybersecurity challenges. This paper presents a comprehensive survey of cybersecurity in the IoT ecosystem, examining the current state of research, identifying critical security vulnerabilities, and exploring advanced strategies for mitigating threats. The survey covers various facets of IoT security, including device authentication, data integrity, privacy, network security, and the emerging role of artificial intelligence (AI) in bolstering cybersecurity defenses. By synthesizing existing research and highlighting ongoing challenges, this survey aims to provide a holistic understanding of IoT cybersecurity and to guide future research endeavors. Full article
(This article belongs to the Special Issue Cybersecurity in the IoT)
Show Figures

Figure 1

33 pages, 1577 KiB  
Review
Health IoT Threats: Survey of Risks and Vulnerabilities
by Samaneh Madanian, Tserendorj Chinbat, Maduka Subasinghage, David Airehrour, Farkhondeh Hassandoust and Sira Yongchareon
Future Internet 2024, 16(11), 389; https://doi.org/10.3390/fi16110389 - 23 Oct 2024
Cited by 1 | Viewed by 3303
Abstract
The secure and efficient collection of patients’ vital information is a challenge faced by the healthcare industry. Through the adoption and application of Internet of Things (IoT), the healthcare industry has seen an improvement in the quality of delivered services and patient safety. [...] Read more.
The secure and efficient collection of patients’ vital information is a challenge faced by the healthcare industry. Through the adoption and application of Internet of Things (IoT), the healthcare industry has seen an improvement in the quality of delivered services and patient safety. However, IoT utilization in healthcare is challenging due to the sensitive nature of patients’ clinical information and communicating this across heterogeneous networks and among IoT devices. We conducted a semi-systematic literature review to provide an overview of IoT security and privacy challenges in the healthcare sector over time. We collected 279 studies from 5 scientific databases, of which 69 articles met the requirements for inclusion. We performed thematic and qualitative content analysis to extract trends and information. According to our analysis, the vulnerabilities in IoT in healthcare are classified into three main layers: perception, network, and application. We comprehensively reviewed IoT privacy and security threats on each layer. Different technological advancements were suggested to address the identified vulnerabilities in healthcare. This review has practical implications, emphasizing that healthcare organizations, software developers, and device manufacturers must prioritize healthcare IoT security and privacy. A comprehensive, multilayered security approach, security-by-design principles, and training for staff and end-users must be adopted. Regulators and policy makers must also establish and enforce standards and regulations that promote the security and privacy of healthcare IoT. Overall, this study underscores the importance of ensuring the security and privacy of healthcare IoT, with stakeholders’ coordinated efforts to address the complex and evolving security and privacy threats in this field. This can enhance healthcare IoT trust and reliability, reduce the risks of security and privacy issues and attacks, and ultimately improve healthcare delivery quality and safety. Full article
(This article belongs to the Special Issue Cybersecurity in the IoT)
Show Figures

Figure 1

23 pages, 841 KiB  
Review
Watch the Skies: A Study on Drone Attack Vectors, Forensic Approaches, and Persisting Security Challenges
by Amr Adel and Tony Jan
Future Internet 2024, 16(7), 250; https://doi.org/10.3390/fi16070250 - 13 Jul 2024
Viewed by 1692
Abstract
In the rapidly evolving landscape of drone technology, securing unmanned aerial vehicles (UAVs) presents critical challenges and demands unique solutions. This paper offers a thorough examination of the security requirements, threat models, and solutions pertinent to UAVs, emphasizing the importance of cybersecurity and [...] Read more.
In the rapidly evolving landscape of drone technology, securing unmanned aerial vehicles (UAVs) presents critical challenges and demands unique solutions. This paper offers a thorough examination of the security requirements, threat models, and solutions pertinent to UAVs, emphasizing the importance of cybersecurity and drone forensics. This research addresses the unique requirements of UAV security, outlines various threat models, and explores diverse solutions to ensure data integrity. Drone forensics, a field dedicated to the investigation of security incidents involving UAVs, has been extensively examined and demonstrates its relevance in identifying attack origins or establishing accident causes. This paper further surveys artifacts, tools, and benchmark datasets that are critical in the domain of drone forensics, providing a comprehensive view of current capabilities. Acknowledging the ongoing challenges in UAV security, particularly given the pace of technological advancement and complex operational environments, this study underscores the need for increased collaboration, updated security protocols, and comprehensive regulatory frameworks. Ultimately, this research contributes to a deeper understanding of UAV cybersecurity and aids in fostering future research into the secure and reliable operation of drones. Full article
(This article belongs to the Special Issue Cybersecurity in the IoT)
Show Figures

Figure 1

Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:
 
Displaying articles 1-9
Back to TopTop