Malware Classification Based on Multilayer Perception and Word2Vec for IoT Security

With the construction of smart cities, the number of Internet of Things (IoT) devices is growing rapidly, leading to an explosive growth of malware designed for IoT devices. These malware pose a serious threat to the security of IoT devices. The traditional malware classification methods mainly rely on feature engineering. To improve accuracy, a large number of different types of features will be extracted from malware files in these methods. That brings a high complexity to the classification. To solve these issues, a malware classification method based on Word2Vec and Multilayer Perception (MLP) is proposed in this article. First, for one malware sample, Word2Vec is used to calculate a word vector for all bytes of the binary file and all instructions in the assembly file. Second, we combine these vectors into a 256x256x2-dimensional matrix. Finally, we designed a deep learning network structure based on MLP to train the model. Then the model is used to classify the testing samples. The experimental results prove that the method has a high accuracy of 99.54%.

Blockchain Technology - Based Solutions for IOT Security

Blockchain innovation has picked up expanding consideration from investigating and industry over the later a long time. It permits actualizing in its environment the smart-contracts innovation which is utilized to robotize and execute deals between clients. Blockchain is proposed nowadays as the unused specialized foundation for a few sorts of IT applications. Blockchain would aid avoid the duplication of information because it right now does with Bitcoin and other cryptocurrencies. Since of the numerous hundreds of thousands of servers putting away the Bitcoin record, it’s impossible to assault and alter. An aggressor would need to change the record of 51 percent of all the servers, at the precise same time. The budgetary fetched of such an assault would distantly exceed the potential picks up. The same cannot be said for our private data that lives on single servers possessed by Google and Amazon. In this paper, we outline major Blockchain technology that based as solutions for IOT security. We survey and categorize prevalent security issues with respect to IoT data privacy, in expansion to conventions utilized for organizing, communication, and administration. We diagram security necessities for IoT together with the existing scenarios for using blockchain in IoT applications.

Preventing MQTT Vulnerabilities Using IoT-Enabled Intrusion Detection System

The advancement in the domain of IoT accelerated the development of new communication technologies such as the Message Queuing Telemetry Transport (MQTT) protocol. Although MQTT servers/brokers are considered the main component of all MQTT-based IoT applications, their openness makes them vulnerable to potential cyber-attacks such as DoS, DDoS, or buffer overflow. As a result of this, an efficient intrusion detection system for MQTT-based applications is still a missing piece of the IoT security context. Unfortunately, existing IDSs do not provide IoT communication protocol support such as MQTT or CoAP to validate crafted or malformed packets for protecting the protocol implementation vulnerabilities of IoT devices. In this paper, we have designed and developed an MQTT parsing engine that can be integrated with network-based IDS as an initial layer for extensive checking against IoT protocol vulnerabilities and improper usage through a rigorous validation of packet fields during the packet-parsing stage. In addition, we evaluate the performance of the proposed solution across different reported vulnerabilities. The experimental results demonstrate the effectiveness of the proposed solution for detecting and preventing the exploitation of vulnerabilities on IoT protocols.

A decade of research on patterns and architectures for IoT security

Security of the Internet of Things (IoT)-based Smart Systems involving sensors, actuators and distributed control loop is of paramount importance but very difficult to address. Security patterns consist of domain-independent time-proven security knowledge and expertise. How are they useful for developing secure IoT-based smart systems? Are there architectures that support IoT security? We aim to systematically review the research work published on patterns and architectures for IoT security (and privacy). Then, we want to provide an analysis on that research landscape to answer our research questions. We follow the well-known guidelines for conducting systematic literature reviews. From thousands of candidate papers initially found in our search process, we have systematically distinguished and analyzed thirty-six (36) papers that have been peer-reviewed and published around patterns and architectures for IoT security and privacy in the last decade (January 2010–December 2020). Our analysis shows that there is a rise in the number of publications tending to patterns and architectures for IoT security in the last three years. We have not seen any approach of applying systematically architectures and patterns together that can address security (and privacy) concerns not only at the architectural level, but also at the network or IoT devices level. We also explored how the research contributions in the primary studies handle the different issues from the OWASP Internet of Things (IoT) top ten vulnerabilities list. Finally, we discuss the current gaps in this research area and how to fill in the gaps for promoting the utilization of patterns for IoT security and privacy by design.

Automatic Key Update Mechanism for Lightweight M2M Communication and Enhancement of IoT Security: A Case Study of CoAP Using Libcoap Library

The ecosystem for an Internet of Things (IoT) generally comprises endpoint clients, network devices, and cloud servers. Thus, data transfers within the network present multiple security concerns. The recent boom in IoT applications has accelerated the need for a network infrastructure that provides timely and safe information exchange services. A shortcoming of many existing networks is the use of static key authentication. To enable the use of automatic key update mechanisms in IoT devices and enhance security in lightweight machine-to-machine (M2M) communications, we propose a key update mechanism, namely, double OTP (D-OTP), which combines both one-time password (OTP) and one-time pad to achieve an IoT ecosystem with theoretically unbreakable security. The proposed D-OTP was implemented into the Constrained Application Protocol (CoAP) through the commonly used libcoap library. The experimental results revealed that an additional 8.93% latency overhead was required to obtain an unbreakable guarantee of data transfers in 100 CoAP communication sessions.

IoT Security and Privacy Concern A systematic Mapping Study

The extend of clever gadgets has accelerated touchy statistics trade on the Internet the usage of most of the time unsecured channels. Since a large use of RFID (Radio-frequency Identification) tags in the transportation and development industries from 1980 to 1990, with the multiplied use of the Internet with 2G/3G or 4G when you consider that 2000, we are witnessing a new generation of related objects. . This paper aims to understand and additionally grant continuing doe’s research topic, challenge, and Future Direction related to Iot security. A systematic mapping finds out about (SMS) is thus utilized on the way to organize the chosen Articles into the following classification: contribution type, Type of Research, Iot Security, and their approach. We take out an overall of twenty-four Articles in support of this systematic discover out about also they categorize the following described criterion. The findings of this SMS are mentioned and the researcher was once given hints on the possible route for future research

Internet of Things in Cyber Security Scope

IoT represents a technologically bright future where heterogeneously connected devices will be connected to the internet and make intelligent collaborations with other objects to extend the borders of the world with physical entities and virtual components. Despite rapid evolution, this environment is still facing new challenges and security issues that need to be addressed. This chapter will give a comprehensive view of IoT technologies. It will discuss the IoT security scope in detail. Furthermore, a deep analysis of the most recent proposed mechanisms is classified. This study will be a guide for future studies, which direct to three primary leading technologies—machine learning (ML), blockchain, and artificial intelligence (AI)—as intelligent solutions and future directions for IoT security issues.