Internet of Things and Cyber-Physical Systems最新文献

Advancements in technology, including the Internet of Things (IoT) revolution, have enabled individuals and businesses to use systems and devices that connect, exchange data, and provide real-time information from far and near. Despite that, this interconnectivity and data sharing between systems and devices over the internet poses security and privacy risks as threat actors can intercept, steal, and use owners’ data for nefarious purposes. This paper discusses ’MalAware’, a ‘Malware Awareness Education’ and incident response (IR) scenario-based tabletop exercise and card game for malware threat mitigation training. It introduces the importance of incident management, highlights the dangers posed by malware for connected systems, and outlines the role of tabletop games and exercises in helping businesses mature their malware incident response capabilities. The study discusses the design of MalAware and summarises the results of 2 pilots undertaken to assess the concept, maintaining that the results highlighted the value of ‘MalAware’ as an essential tool to help students and staff master how to mitigate security threats caused by malware. It argues that MalAware can assist businesses in their IR preparedness endeavors, enabling incident management teams to review plans and processes to ensure they are fit for purpose. It enables staff to leverage scenario-based and simulated security breach examples, including role-play, to establish appropriate malware defences. MalAware’s practical hands-on exercises can assist trainees in gaining essential malware and other threat mitigation skills, helping to protect the security and privacy of IoTs.

With the rapid advancement of Internet of Things (IoT) technology, its applications in road infrastructure have garnered attention. However, challenges persist when applying IoT to road infrastructure monitoring, including insufficient durability of front-end sensors, pavement damage due to sensor embedding, and the redundancy of a vast amount of real-time data, hindering the long-term real-time monitoring of pavements. To address these challenges, this study developed a self-powered distributed intelligent pavement monitoring system based on IoT, encompassing a sensor network, cloud platform, communication network, and power supply system. Considering the specific characteristics of slipform paving for cement concrete pavements, an integrated paving process was proposed, merging embedded sensors with pavement material structures. Through on-site engineering monitoring, the system actively collects and analyzes various data types such as system energy consumption, temperature and humidity, environmental noise, wind speed and direction, and pavement structural vibrations, providing data support for pavement design, maintenance, and vehicle-road synergy applications. Future efforts will continue to promote the application of IoT technology in digital road maintenance, traffic safety, and optimized pavement material structure design.

Ransomware attacks have emerged as one of the most significant cyberthreats faced by organizations worldwide. In recent years, ransomware has also started to target critical infrastructure and Cyber-Physical Systems (CPS) such as industrial control systems, smart grids, and healthcare networks. The unique attack surface and safety-critical nature of CPS introduce new challenges in defending against ransomware. This paper provides a comprehensive overview of ransomware threats to CPS. We propose a dual taxonomy to classify ransomware attacks on CPS based on infection vectors, targets, objectives, and technical attributes. Through an analysis of 10 real-world incidents, we highlight attack patterns, vulnerabilities, and impacts of ransomware campaigns against critical systems and facilities. Based on the insights gained, we identify open research problems and future directions to improve ransomware resilience in CPS environments.

Sharding technology can address the throughput and scalability limitations that arise when single-chain blockchain are applied in the Internet of Things (IoT). However, existing sharding solutions focus on addressing issues like malicious nodes clustering and cross-shard transactions. Existing sharding solutions cannot adapt to the performance disparities of edge nodes and the characteristic of three-dimensional data queries in building IoT. This leads to problems such as shard overheating and inefficient data query efficiency. This paper proposes a dual-layer architecture called S-DAG, which combines sharded blockchain and DAG blockchain. The sharded blockchain processes transactions within the building IoT, while the DAG blockchain stores block headers from the sharded network. By designing an Adaptive Balancing Load Algorithm (ABLA) for periodic network sharding, nodes are divided based on their load performance values to prevent the aggregation of low-load performance nodes and the resulting issue of shard overheating. By combining the characteristics of the KD tree and Merkle tree, a block structure known as 3D-Merkle tree is designed to support three-dimensional data queries, enhancing the efficiency of three-dimensional data queries in building IoT. By deploying and conducting simulation experiments on various physical devices, we have verified the effectiveness of the solution proposed in this paper. The results indicate that, compared to other solutions, the proposed solution is better suited for building IoT data management. ABLA is effective in preventing shard overheating issue, and the 3D-Merkle tree significantly enhances data query efficiency.

The significance of intrusion detection systems in networks has grown because of the digital revolution and increased operations. The intrusion detection method classifies the network traffic as threat or normal based on the data features. The Intrusion detection system faces a trade-off between various parameters such as detection accuracy, relevance, redundancy, false alarm rate, and other objectives. The paper presents a systematic review of intrusion detection in Internet of Things (IoT) networks using multi-objective optimization algorithms (MOA), to identify attempts at exploiting security vulnerabilities and reducing the chances of security attacks. MOAs provide a set of optimized solutions for the intrusion detection process in highly complex IoT networks. This paper presents the identification of multiple objectives of intrusion detection, comparative analysis of multi-objective algorithms for intrusion detection in IoT based on their approaches, and the datasets used for their evaluation. The multi-objective optimization algorithms show the encouraging potential in IoT networks to enhance multiple conflicting objectives for intrusion detection. Additionally, the current challenges and future research ideas are identified. In addition to demonstrating new advancements in intrusion detection techniques, this study attempts to identify research gaps that can be addressed while designing intrusion detection systems for IoT networks.

The banking sector is widely acknowledged for its intrinsic unpredictability and susceptibility to risk. Bank loans have emerged as one of the most recent services offered over the past several decades. Banks typically serve as intermediaries for loans, investments, short-term loans, and other types of credit. The usage of credit cards is experiencing a steady increase, thereby leading to a rise in the default rate that banks encounter. Although there has been much research investigating the efficacy of conventional Machine Learning (ML) models, there has been relatively less emphasis on Deep Learning (DL) techniques. The application of DL approaches to credit card default prediction has not been extensively researched despite their considerable potential in numerous fields. Moreover, the current literature frequently lacks particular information regarding the DL structures, hyperparameters, and optimization techniques employed. To predict credit card default, this study evaluates the efficacy of a DL model and compares it to other ML models, such as Decision Tree (DT) and Adaboost. The objective of this research is to identify the specific DL parameters that contribute to the observed enhancements in the accuracy of credit card default prediction. This research makes use of the UCI ML repository to access the credit card defaulted customer dataset. Subsequently, various techniques are employed to preprocess the unprocessed data and visually present the outcomes through the use of exploratory data analysis (EDA). Furthermore, the algorithms are hypertuned to evaluate the enhancement in prediction. We used standard evaluation metrics to evaluate all the models. The evaluation indicates that the AdaBoost and DT exhibit the highest accuracy rate of 82 ​% in predicting credit card default, surpassing the accuracy of the ANN model, which is 78 ​%.

Despite providing unparalleled connectivity and convenience, the exponential growth of the Internet of Things (IoT) ecosystem has triggered significant cybersecurity concerns. These concerns stem from various factors, including the heterogeneity of IoT devices, widespread deployment, and inherent computational limitations. Integrating emerging technologies to address these concerns becomes imperative as the dynamic IoT landscape evolves. Machine Learning (ML), a rapidly advancing technology, has shown considerable promise in addressing IoT security issues. It has significantly influenced and advanced research in cyber threat detection. This survey provides a comprehensive overview of current trends, methodologies, and challenges in applying machine learning for cyber threat detection in IoT environments. Specifically, we further perform a comparative analysis of state-of-the-art ML-based Intrusion Detection Systems (IDSs) in the landscape of IoT security. In addition, we shed light on the pressing unresolved issues and challenges within this dynamic field. We provide a future vision with Generative AI and large language models to enhance IoT security. The discussions present an in-depth understanding of different cyber threat detection methods, enhancing the knowledge base of researchers and practitioners alike. This paper is a valuable resource for those keen to delve into the evolving world of cyber threat detection leveraging ML and IoT security.