Miraqa Safi, S. Dadkhah, Farzaneh Shoeleh, Hassan Mahdikhani, Heather Molyneaux, A. Ghorbani
The proliferation of heterogeneous Internet of things (IoT) devices connected to the Internet produces several operational and security challenges, such as monitoring, detecting, and recognizing millions of interconnected IoT devices. Network and system administrators must correctly identify which devices are functional, need security updates, or are vulnerable to specific attacks. IoT profiling is an emerging technique to identify and validate the connected devices’ specific behaviour and isolate the suspected and vulnerable devices within the network for further monitoring. This article provides a comprehensive review of various IoT device profiling methods and provides a clear taxonomy for IoT profiling techniques based on different security perspectives. We first investigate several current IoT device profiling techniques and their applications. Next, we analyzed various IoT device vulnerabilities, outlined multiple features, and provided detailed information to implement profiling algorithms’ risk assessment/mitigation stage. By reviewing approaches for profiling IoT devices, we identify various state-of-the-art methods that organizations of different domains can implement to satisfy profiling needs. Furthermore, this article also discusses several machine learning and deep learning algorithms utilized for IoT device profiling. Finally, we discuss challenges and future research possibilities in this domain.
{"title":"A Survey on IoT Profiling, Fingerprinting, and Identification","authors":"Miraqa Safi, S. Dadkhah, Farzaneh Shoeleh, Hassan Mahdikhani, Heather Molyneaux, A. Ghorbani","doi":"10.1145/3539736","DOIUrl":"https://doi.org/10.1145/3539736","url":null,"abstract":"The proliferation of heterogeneous Internet of things (IoT) devices connected to the Internet produces several operational and security challenges, such as monitoring, detecting, and recognizing millions of interconnected IoT devices. Network and system administrators must correctly identify which devices are functional, need security updates, or are vulnerable to specific attacks. IoT profiling is an emerging technique to identify and validate the connected devices’ specific behaviour and isolate the suspected and vulnerable devices within the network for further monitoring. This article provides a comprehensive review of various IoT device profiling methods and provides a clear taxonomy for IoT profiling techniques based on different security perspectives. We first investigate several current IoT device profiling techniques and their applications. Next, we analyzed various IoT device vulnerabilities, outlined multiple features, and provided detailed information to implement profiling algorithms’ risk assessment/mitigation stage. By reviewing approaches for profiling IoT devices, we identify various state-of-the-art methods that organizations of different domains can implement to satisfy profiling needs. Furthermore, this article also discusses several machine learning and deep learning algorithms utilized for IoT device profiling. Finally, we discuss challenges and future research possibilities in this domain.","PeriodicalId":29764,"journal":{"name":"ACM Transactions on Internet of Things","volume":null,"pages":null},"PeriodicalIF":2.7,"publicationDate":"2022-05-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"90803755","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The IPv6 over IEEE 802.15.4e TSCH mode (6TiSCH) network is intended to provide reliable and delay bounded communication in multi-hop and scalable Industrial Internet of Things (IIoT). The IEEE 802.15.4e Time Slotted Channel Hopping (TSCH) link layer protocol allows the nodes to change their physical channel after each transmission to eliminate interference and multi-path fading on the channels. However, due to this feature, new nodes (aka pledges) take more time to join the 6TiSCH network, resulting in significant energy consumption and inefficient data transmission, which makes the communication unreliable. Therefore, the formation of 6TiSCH network has gained immense interest among the researchers. To date, numerous solutions have been offered by various researchers in order to speed up the formation of 6TiSCH networks. This article briefly discusses about the 6TiSCH network and its formation process, followed by a detailed survey on the works that considered 6TiSCH network formation. We also perform theoretical analysis and real testbed experiments for a better understanding of the existing works related to 6TiSCH network formation. This article is concluded after summarizing the research challenges in 6TiSCH network formation and providing a few open issues in this domain of work.
IPv6 over IEEE 802.15.4e TSCH模式(6TiSCH)网络旨在为多跳和可扩展的工业物联网(IIoT)提供可靠和延迟有限的通信。IEEE 802.15.4e时隙信道跳频(TSCH)链路层协议允许节点在每次传输后改变其物理信道,以消除信道上的干扰和多径衰落。然而,由于这一特性,新节点(即承诺节点)加入6TiSCH网络需要更多的时间,从而导致大量的能量消耗和低效的数据传输,使得通信不可靠。因此,6TiSCH网络的形成引起了研究者的极大兴趣。迄今为止,为了加快6TiSCH网络的形成,各种研究人员已经提出了许多解决方案。本文简要讨论了6TiSCH网络及其形成过程,然后对考虑6TiSCH网络形成的工作进行了详细的综述。为了更好地理解现有的与6TiSCH网络形成相关的工作,我们还进行了理论分析和实际试验台实验。本文总结了6TiSCH网络形成的研究挑战,并提出了该工作领域的一些有待解决的问题。
{"title":"6TiSCH – IPv6 Enabled Open Stack IoT Network Formation: A Review","authors":"Alakesh Kalita, M. Khatua","doi":"10.1145/3536166","DOIUrl":"https://doi.org/10.1145/3536166","url":null,"abstract":"The IPv6 over IEEE 802.15.4e TSCH mode (6TiSCH) network is intended to provide reliable and delay bounded communication in multi-hop and scalable Industrial Internet of Things (IIoT). The IEEE 802.15.4e Time Slotted Channel Hopping (TSCH) link layer protocol allows the nodes to change their physical channel after each transmission to eliminate interference and multi-path fading on the channels. However, due to this feature, new nodes (aka pledges) take more time to join the 6TiSCH network, resulting in significant energy consumption and inefficient data transmission, which makes the communication unreliable. Therefore, the formation of 6TiSCH network has gained immense interest among the researchers. To date, numerous solutions have been offered by various researchers in order to speed up the formation of 6TiSCH networks. This article briefly discusses about the 6TiSCH network and its formation process, followed by a detailed survey on the works that considered 6TiSCH network formation. We also perform theoretical analysis and real testbed experiments for a better understanding of the existing works related to 6TiSCH network formation. This article is concluded after summarizing the research challenges in 6TiSCH network formation and providing a few open issues in this domain of work.","PeriodicalId":29764,"journal":{"name":"ACM Transactions on Internet of Things","volume":null,"pages":null},"PeriodicalIF":2.7,"publicationDate":"2022-05-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"83734341","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Michael Norris, Z. Berkay Celik, P. Venkatesh, Shulin Zhao, P. Mcdaniel, A. Sivasubramaniam, Gang Tan
IoT devices can be used to complete a wide array of physical tasks, but due to factors such as low computational resources and distributed physical deployment, they are susceptible to a wide array of faulty behaviors. Many devices deployed in homes, vehicles, industrial sites, and hospitals carry a great risk of damage to property, harm to a person, or breach of security if they behave faultily. We propose a general fault handling system named IoTRepair, which shows promising results for effectiveness with limited latency and power overhead in an IoT environment. IoTRepair dynamically organizes and customizes fault-handling techniques to address the unique problems associated with heterogeneous IoT deployments. We evaluate IoTRepair by creating a physical implementation mirroring a typical home environment to motivate the effectiveness of this system. Our evaluation showed that each of our fault-handling functions could be completed within 100 milliseconds after fault identification, which is a fraction of the time that state-of-the-art fault-identification methods take (measured in minutes). The power overhead is equally small, with the computation and device action consuming less than 30 milliwatts. This evaluation shows that IoTRepair not only can be deployed in a physical system, but offers significant benefits at a low overhead.
{"title":"IoTRepair: Flexible Fault Handling in Diverse IoT Deployments","authors":"Michael Norris, Z. Berkay Celik, P. Venkatesh, Shulin Zhao, P. Mcdaniel, A. Sivasubramaniam, Gang Tan","doi":"10.1145/3532194","DOIUrl":"https://doi.org/10.1145/3532194","url":null,"abstract":"IoT devices can be used to complete a wide array of physical tasks, but due to factors such as low computational resources and distributed physical deployment, they are susceptible to a wide array of faulty behaviors. Many devices deployed in homes, vehicles, industrial sites, and hospitals carry a great risk of damage to property, harm to a person, or breach of security if they behave faultily. We propose a general fault handling system named IoTRepair, which shows promising results for effectiveness with limited latency and power overhead in an IoT environment. IoTRepair dynamically organizes and customizes fault-handling techniques to address the unique problems associated with heterogeneous IoT deployments. We evaluate IoTRepair by creating a physical implementation mirroring a typical home environment to motivate the effectiveness of this system. Our evaluation showed that each of our fault-handling functions could be completed within 100 milliseconds after fault identification, which is a fraction of the time that state-of-the-art fault-identification methods take (measured in minutes). The power overhead is equally small, with the computation and device action consuming less than 30 milliwatts. This evaluation shows that IoTRepair not only can be deployed in a physical system, but offers significant benefits at a low overhead.","PeriodicalId":29764,"journal":{"name":"ACM Transactions on Internet of Things","volume":null,"pages":null},"PeriodicalIF":2.7,"publicationDate":"2022-05-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"86952542","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
This article proposes TSCLAS, a time series classification strategy for the Internet of Things (IoT) data, based on the class separability analysis of their temporal dynamics. Given the large number and incompleteness of IoT data, the use of traditional classification algorithms is not possible. Thus, we claim that solutions for IoT scenarios should avoid using raw data directly, preferring their transformation to a new domain. In the ordinal patterns domain, it is possible to capture the temporal dynamics of raw data to distinguish them. However, to be applied to this challenging scenario, TSCLAS follows a strategy for selecting the best parameters for the ordinal patterns transformation based on maximizing the class separability of the time series dynamics. We show that our method is competitive compared to other classification algorithms from the literature. Furthermore, TSCLAS is scalable concerning the length of time series and robust to the presence of missing data gaps on them. By simulating missing data gaps as long as 50% of the data, our method could beat the accuracy of the compared classification algorithms. Besides, even when losing in accuracy, TSCLAS presents lower computation times for both training and testing phases.
{"title":"A Classification Strategy for Internet of Things Data Based on the Class Separability Analysis of Time Series Dynamics","authors":"J. B. Borges, Heitor S. Ramos, A. Loureiro","doi":"10.1145/3533049","DOIUrl":"https://doi.org/10.1145/3533049","url":null,"abstract":"This article proposes TSCLAS, a time series classification strategy for the Internet of Things (IoT) data, based on the class separability analysis of their temporal dynamics. Given the large number and incompleteness of IoT data, the use of traditional classification algorithms is not possible. Thus, we claim that solutions for IoT scenarios should avoid using raw data directly, preferring their transformation to a new domain. In the ordinal patterns domain, it is possible to capture the temporal dynamics of raw data to distinguish them. However, to be applied to this challenging scenario, TSCLAS follows a strategy for selecting the best parameters for the ordinal patterns transformation based on maximizing the class separability of the time series dynamics. We show that our method is competitive compared to other classification algorithms from the literature. Furthermore, TSCLAS is scalable concerning the length of time series and robust to the presence of missing data gaps on them. By simulating missing data gaps as long as 50% of the data, our method could beat the accuracy of the compared classification algorithms. Besides, even when losing in accuracy, TSCLAS presents lower computation times for both training and testing phases.","PeriodicalId":29764,"journal":{"name":"ACM Transactions on Internet of Things","volume":null,"pages":null},"PeriodicalIF":2.7,"publicationDate":"2022-05-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"84637334","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
In recent years, big data produced by the Internet of Things has enabled new kinds of useful applications. One such application is monitoring a fleet of vehicles in real time to predict their remaining useful life. The consensus self-organized models (COSMO) approach is an example of a predictive maintenance system. The present work proposes a novel Internet of Things based architecture for predictive maintenance that consists of three primary nodes: the vehicle node, the server leader node, and the root node, which enable on-board vehicle data processing, heavy-duty data processing, and fleet administration, respectively. A minimally viable prototype of the proposed architecture was implemented and deployed to a local bus garage in Gatineau, Canada. The present work proposes improved consensus self-organized models (ICOSMO), a fleet-wide unsupervised dynamic sensor selection algorithm. To analyze the performance of ICOSMO, a fleet simulation was implemented. The J1939 data gathered from a hybrid bus was used to generate synthetic data in the simulations. Simulation results that compared the performance of the COSMO and ICOSMO approaches revealed that in general ICOSMO improves the average area under the curve of COSMO by approximately 1.5% when using the Cosine distance and 0.6% when using Hellinger distance.
{"title":"Unsupervised Dynamic Sensor Selection for IoT-Based Predictive Maintenance of a Fleet of Public Transport Buses","authors":"P. Killeen, I. Kiringa, T. Yeap","doi":"10.1145/3530991","DOIUrl":"https://doi.org/10.1145/3530991","url":null,"abstract":"In recent years, big data produced by the Internet of Things has enabled new kinds of useful applications. One such application is monitoring a fleet of vehicles in real time to predict their remaining useful life. The consensus self-organized models (COSMO) approach is an example of a predictive maintenance system. The present work proposes a novel Internet of Things based architecture for predictive maintenance that consists of three primary nodes: the vehicle node, the server leader node, and the root node, which enable on-board vehicle data processing, heavy-duty data processing, and fleet administration, respectively. A minimally viable prototype of the proposed architecture was implemented and deployed to a local bus garage in Gatineau, Canada. The present work proposes improved consensus self-organized models (ICOSMO), a fleet-wide unsupervised dynamic sensor selection algorithm. To analyze the performance of ICOSMO, a fleet simulation was implemented. The J1939 data gathered from a hybrid bus was used to generate synthetic data in the simulations. Simulation results that compared the performance of the COSMO and ICOSMO approaches revealed that in general ICOSMO improves the average area under the curve of COSMO by approximately 1.5% when using the Cosine distance and 0.6% when using Hellinger distance.","PeriodicalId":29764,"journal":{"name":"ACM Transactions on Internet of Things","volume":null,"pages":null},"PeriodicalIF":2.7,"publicationDate":"2022-04-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"85588113","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Federico Montori, Lorenzo Gigli, L. Sciullo, M. D. Felice
Nowadays, several Internet of Things (IoT) deployments use publish-subscribe paradigms to disseminate IoT data to a pool of interested consumers. At the moment, the most widespread standard for such scenarios is MQTT. We also register an increasing interest in IoT-enabled Location-Based Services, where data must be disseminated over a target area and its spatial relevance and the current positions of the consumers must be taken into account. Unfortunately, the MQTT protocol does not support location awareness, and hence it may result in notifying consumers that are geographically far from the data source, causing increased network overhead and poor Quality of Service (QoS). We address the issue by proposing LA-MQTT, an extension to standard MQTT supporting spatial-aware publish-subscribe communications on IoT scenarios. LA-MQTT is broker-agnostic and fully backward compatible with standard MQTT. As monitoring the position of subscribers over time may cause privacy concerns, LA-MQTT carefully supports location privacy preservation, for which the optimal tradeoff with the QoS of the spatial notifications is addressed via a learning-based algorithm. We demonstrate the effectiveness of LA-MQTT by experimentally evaluating its features via large-scale hybrid simulations, including real and virtual components. Finally, we provide a Proof of Concept real implementation of an LA-MQTT scenario.
{"title":"LA-MQTT: Location-aware Publish-subscribe Communications for the Internet of Things","authors":"Federico Montori, Lorenzo Gigli, L. Sciullo, M. D. Felice","doi":"10.1145/3529978","DOIUrl":"https://doi.org/10.1145/3529978","url":null,"abstract":"Nowadays, several Internet of Things (IoT) deployments use publish-subscribe paradigms to disseminate IoT data to a pool of interested consumers. At the moment, the most widespread standard for such scenarios is MQTT. We also register an increasing interest in IoT-enabled Location-Based Services, where data must be disseminated over a target area and its spatial relevance and the current positions of the consumers must be taken into account. Unfortunately, the MQTT protocol does not support location awareness, and hence it may result in notifying consumers that are geographically far from the data source, causing increased network overhead and poor Quality of Service (QoS). We address the issue by proposing LA-MQTT, an extension to standard MQTT supporting spatial-aware publish-subscribe communications on IoT scenarios. LA-MQTT is broker-agnostic and fully backward compatible with standard MQTT. As monitoring the position of subscribers over time may cause privacy concerns, LA-MQTT carefully supports location privacy preservation, for which the optimal tradeoff with the QoS of the spatial notifications is addressed via a learning-based algorithm. We demonstrate the effectiveness of LA-MQTT by experimentally evaluating its features via large-scale hybrid simulations, including real and virtual components. Finally, we provide a Proof of Concept real implementation of an LA-MQTT scenario.","PeriodicalId":29764,"journal":{"name":"ACM Transactions on Internet of Things","volume":null,"pages":null},"PeriodicalIF":2.7,"publicationDate":"2022-04-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"77596971","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
In this article, we verify physical events using data from an ensemble of smart home sensors. This approach both protects against event sensor faults and sophisticated attackers. To validate our system’s performance, we set up a “smart home” in an office environment. We recognize 22 event types using 48 sensors over the course of two weeks. Using data from the physical sensors, we verify the event stream supplied by the event sensors to detect both masking and spoofing attacks. We consider three threat models: a zero-effort attacker, an opportunistic attacker, and a sensor-compromise attacker who can arbitrarily modify live sensor data. For spoofed events, we achieve perfect classification for 9 out of 22 events and achieve a 0% false alarm rate at a detection rate exceeding 99.9% for 15 events. For 11 events the majority of masking attacks can be detected without causing any false alarms. We also show that even a strong opportunistic attacker is inherently limited to spoofing few select events and that doing so involves lengthy waiting periods. Finally, we demonstrate the vulnerability of a single-classifier system to compromised sensor data and introduce a more secure approach based on sensor fusion.
{"title":"Haunted House: Physical Smart Home Event Verification in the Presence of Compromised Sensors","authors":"S. Birnbach, Simon Eberz, I. Martinovic","doi":"10.1145/3506859","DOIUrl":"https://doi.org/10.1145/3506859","url":null,"abstract":"In this article, we verify physical events using data from an ensemble of smart home sensors. This approach both protects against event sensor faults and sophisticated attackers. To validate our system’s performance, we set up a “smart home” in an office environment. We recognize 22 event types using 48 sensors over the course of two weeks. Using data from the physical sensors, we verify the event stream supplied by the event sensors to detect both masking and spoofing attacks. We consider three threat models: a zero-effort attacker, an opportunistic attacker, and a sensor-compromise attacker who can arbitrarily modify live sensor data. For spoofed events, we achieve perfect classification for 9 out of 22 events and achieve a 0% false alarm rate at a detection rate exceeding 99.9% for 15 events. For 11 events the majority of masking attacks can be detected without causing any false alarms. We also show that even a strong opportunistic attacker is inherently limited to spoofing few select events and that doing so involves lengthy waiting periods. Finally, we demonstrate the vulnerability of a single-classifier system to compromised sensor data and introduce a more secure approach based on sensor fusion.","PeriodicalId":29764,"journal":{"name":"ACM Transactions on Internet of Things","volume":null,"pages":null},"PeriodicalIF":2.7,"publicationDate":"2022-04-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"74137814","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
A. Miele, Henry Zárate, Luca Cassano, C. Bolchini, Jorge E. Ortiz
The pervasiveness and growing processing capabilities of mobile and embedded systems have enabled the widespread diffusion of the Fog Computing paradigm in the Internet of Things scenario, where computing is directly performed at the edges of the networked infrastructure in distributed cyber-physical systems. This scenario is characterized by a highly dynamic workload and architecture in which applications enter and leave the system, as well as nodes and connections. This article proposes a runtime resource management and provisioning middleware for the dynamic distribution of the applications on the processing resources. The proposed middleware consists of a two-level hierarchy: (i) a global Fog Orchestrator monitoring the architecture status and (ii) a Local Agent on each node, performing a fine-grain tuning of its resources. The co-operation between these components allows one to dynamically adapt and exploit the fine-grain nodes view for fulfilling the defined system-level goals, for example, minimizing power consumption while meeting Quality of Service requirements such as application throughput. This hierarchical architecture and the adopted policies offer a unified optimization strategy that is unique with regard to existing approaches that typically focus on a single aspect of resource management at runtime. A middleware prototype is presented and experimentally evaluated in a Smart Building case study.
{"title":"A Runtime Resource Management and Provisioning Middleware for Fog Computing Infrastructures","authors":"A. Miele, Henry Zárate, Luca Cassano, C. Bolchini, Jorge E. Ortiz","doi":"10.1145/3506718","DOIUrl":"https://doi.org/10.1145/3506718","url":null,"abstract":"The pervasiveness and growing processing capabilities of mobile and embedded systems have enabled the widespread diffusion of the Fog Computing paradigm in the Internet of Things scenario, where computing is directly performed at the edges of the networked infrastructure in distributed cyber-physical systems. This scenario is characterized by a highly dynamic workload and architecture in which applications enter and leave the system, as well as nodes and connections. This article proposes a runtime resource management and provisioning middleware for the dynamic distribution of the applications on the processing resources. The proposed middleware consists of a two-level hierarchy: (i) a global Fog Orchestrator monitoring the architecture status and (ii) a Local Agent on each node, performing a fine-grain tuning of its resources. The co-operation between these components allows one to dynamically adapt and exploit the fine-grain nodes view for fulfilling the defined system-level goals, for example, minimizing power consumption while meeting Quality of Service requirements such as application throughput. This hierarchical architecture and the adopted policies offer a unified optimization strategy that is unique with regard to existing approaches that typically focus on a single aspect of resource management at runtime. A middleware prototype is presented and experimentally evaluated in a Smart Building case study.","PeriodicalId":29764,"journal":{"name":"ACM Transactions on Internet of Things","volume":null,"pages":null},"PeriodicalIF":2.7,"publicationDate":"2022-04-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"88500311","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
M. Gunnarsson, Krzysztof Mateusz Malarski, Rikard Höglund, Marco Tiloca
The Constrained Application Protocol (CoAP) is a major application-layer protocol for the Internet of Things (IoT). The recently standardized security protocol Object Security for Constrained RESTful Environments (OSCORE) efficiently provides end-to-end security of CoAP messages at the application layer, also in the presence of untrusted intermediaries. At the same time, CoAP supports one-to-many communication, targeting use cases such as smart lighting and building automation, firmware update, or emergency broadcast. Securing group communication for CoAP has additional challenges. It can be done using the novel Group Object Security for Constrained RESTful Environments (Group OSCORE) security protocol, which fulfills the same security requirements of OSCORE in group communication environments. While evaluations of OSCORE are available, no studies exist on the performance of Group OSCORE on resource-constrained IoT devices. This article presents the results of our extensive performance evaluation of Group OSCORE over two popular constrained IoT platforms, namely Zolertia Zoul and TI Simplelink. We have implemented Group OSCORE for the Contiki-NG operating system and made our implementation available as open source software. We compared Group OSCORE against unprotected CoAP as well as OSCORE. To the best of our knowledge, this is the first comprehensive and experimental evaluation of Group OSCORE over real constrained IoT devices.
{"title":"Performance Evaluation of Group OSCORE for Secure Group Communication in the Internet of Things","authors":"M. Gunnarsson, Krzysztof Mateusz Malarski, Rikard Höglund, Marco Tiloca","doi":"10.1145/3523064","DOIUrl":"https://doi.org/10.1145/3523064","url":null,"abstract":"The Constrained Application Protocol (CoAP) is a major application-layer protocol for the Internet of Things (IoT). The recently standardized security protocol Object Security for Constrained RESTful Environments (OSCORE) efficiently provides end-to-end security of CoAP messages at the application layer, also in the presence of untrusted intermediaries. At the same time, CoAP supports one-to-many communication, targeting use cases such as smart lighting and building automation, firmware update, or emergency broadcast. Securing group communication for CoAP has additional challenges. It can be done using the novel Group Object Security for Constrained RESTful Environments (Group OSCORE) security protocol, which fulfills the same security requirements of OSCORE in group communication environments. While evaluations of OSCORE are available, no studies exist on the performance of Group OSCORE on resource-constrained IoT devices. This article presents the results of our extensive performance evaluation of Group OSCORE over two popular constrained IoT platforms, namely Zolertia Zoul and TI Simplelink. We have implemented Group OSCORE for the Contiki-NG operating system and made our implementation available as open source software. We compared Group OSCORE against unprotected CoAP as well as OSCORE. To the best of our knowledge, this is the first comprehensive and experimental evaluation of Group OSCORE over real constrained IoT devices.","PeriodicalId":29764,"journal":{"name":"ACM Transactions on Internet of Things","volume":null,"pages":null},"PeriodicalIF":2.7,"publicationDate":"2022-03-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"85206956","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Deliang Yang, Guoliang Xing, Jun Huang, Xiangmao Chang, Xiaofan Jiang
Recent years have witnessed the increasing penetration of wireless charging base stations in the workplace and public areas, such as airports and cafeterias. Such an emerging wireless charging infrastructure has presented opportunities for new indoor localization and identification services for mobile users. In this paper, we present QID, the first system that can identify a Qi-compliant mobile device during wireless charging in real-time. QID extracts features from the clock oscillator and control scheme of the power receiver and employs light-weight algorithms to classify the device. QID adopts a 2-dimensional motion unit to emulate a variety of multi-coil designs of Qi, which allows for fine-grained device fingerprinting. Our results show that QID achieves high recognition accuracy. With the prevalence of public wireless charging stations, our results also have important implications for mobile user privacy.
{"title":"QID: Robust Mobile Device Recognition via a Multi-Coil Qi-Wireless Charging System","authors":"Deliang Yang, Guoliang Xing, Jun Huang, Xiangmao Chang, Xiaofan Jiang","doi":"10.1145/3498904","DOIUrl":"https://doi.org/10.1145/3498904","url":null,"abstract":"Recent years have witnessed the increasing penetration of wireless charging base stations in the workplace and public areas, such as airports and cafeterias. Such an emerging wireless charging infrastructure has presented opportunities for new indoor localization and identification services for mobile users. In this paper, we present QID, the first system that can identify a Qi-compliant mobile device during wireless charging in real-time. QID extracts features from the clock oscillator and control scheme of the power receiver and employs light-weight algorithms to classify the device. QID adopts a 2-dimensional motion unit to emulate a variety of multi-coil designs of Qi, which allows for fine-grained device fingerprinting. Our results show that QID achieves high recognition accuracy. With the prevalence of public wireless charging stations, our results also have important implications for mobile user privacy.","PeriodicalId":29764,"journal":{"name":"ACM Transactions on Internet of Things","volume":null,"pages":null},"PeriodicalIF":2.7,"publicationDate":"2022-03-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"90193759","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}