Jichao Bi,Shibo He,Fengji Luo,Wenchao Meng,Luyue Ji,Da-Wen Huang

DOI: https://doi.org/10.1109/TII.2022.3231406

IF: 12.3

2023-01-01

IEEE Transactions on Industrial Informatics

Abstract:Industrial Internet of Things (IIoT) is vulnerable to advanced persistent threat (APT). In this article, we study a scenario in which APT is launched to attack IIoT devices. Considering the APTs lateral movement, a node-level state evolution model is established to calculate the probability of every device in an IIoT system to be compromised by APT. Based on this, a Stackelberg game model is proposed for the APT attacker and defender, which can accurately describe the gaming process. An effective computational approach is developed to obtain the potential Stackelberg equilibrium strategy pair of the game. Extensive case studies and comparison studies are conducted to validate the effectiveness of the proposed method.

Sabah Suhail,Mohammad Abdellatif,Shashi Raj Pandey,Abid Khan,Choong Seon Hong

DOI: https://doi.org/10.1016/j.comnet.2020.107189

2018-12-10

Abstract:The interconnection of resource-constrained and globally accessible things with untrusted and unreliable Internet make them vulnerable to attacks including data forging, false data injection, and packet drop that affects applications with critical decision-making processes. For data trustworthiness, reliance on provenance is considered to be an effective mechanism that tracks both data acquisition and data transmission. However, provenance management for sensor networks introduces several challenges, such as low energy, bandwidth consumption, and efficient storage. This paper attempts to identify packet drop (either maliciously or due to network disruptions) and detect faulty or misbehaving nodes in the Routing Protocol for Low-Power and Lossy Networks (RPL) by following a bi-fold provenance-enabled packed path tracing (PPPT) approach. Firstly, a system-level ordered-provenance information encapsulates the data generating nodes and the forwarding nodes in the data packet. Secondly, to closely monitor the dropped packets, a node-level provenance in the form of the packet sequence number is enclosed as a routing entry in the routing table of each participating node. Lossless in nature, both approaches conserve the provenance size satisfying processing and storage requirements of IoT devices. Finally, we evaluate the efficacy of the proposed scheme with respect to provenance size, provenance generation time, and energy consumption.

Cryptography and Security

Han Liu,Yuntao Wang,Zhou Su,Zixuan Wang,Yanghe Pan,Ruidong Li

DOI: https://doi.org/10.1109/icc51166.2024.10623080

2024-01-01

Abstract:Provenance graph-based auditing offers a promising direction for APT (Advanced Persistent Threat) detection with traceability guarantees. However, most of the existing methods are based on host-level causality analysis, which is ineffective in practical APT scenarios when well-organized adversaries exploit lateral movement attacks (e.g., multi-level proxies) across multiple compromised hosts. To bridge the research gap, this paper proposes a collaborative APT detection and tracing frame-work (TRACEGADGET) based on federal provenance graphs. TRACEGADGET can efficiently reveal the whole trace of APT lateral movements through the interactions between hosts in Intranet. Specifically, the proposed framework 1) characterizes the relevance weights of all events in the given provenance graph in comparison to the POI (Point of Interest) events, 2) identifies the network entries rankings of the POI events through backward trace analysis, 3) reveals the evolution of the alarm events and confirms the network exit of penetration chain through forward propagation, and 4) aligns the network entries and network exits to derive the complete path of the lateral movement attack. Finally, we construct a dataset consisting of 280,000 edges and more than 90,000 entities through ten sets of real APT attacks. We demonstrate the feasibility and effectiveness of the proposed framework in recovering APT attack links at the network level. Particularly, TRACEGADGET achieves 100% APT path reconstruction with high robustness in all the experiments.

Sonam Bhardwaj,Mayank Dave

DOI: https://doi.org/10.1007/s11235-024-01105-w

2024-02-17

Telecommunication Systems

Abstract:This article focuses on the urgent cybersecurity concerns in the Internet of Things (IoT) environment, highlighting the crucial importance of protecting these networks in the face of increasing amounts of IoT data. The paper explores the intricacies of deploying security mechanisms for Internet of Things (IoT) devices, specifically those that are restricted by limited resources. This study examines the inherent weaknesses in IoT systems and analyses the strategies used by malicious individuals to gain control and privileges. In order to tackle these difficulties, the study suggests a sophisticated security system that combines artificial intelligence and an intelligent attack graph. An outstanding characteristic of the model incorporates a method devised to restrain virus spread and accelerate network restoration by introducing virtual nodes. The research showcases the results of the vulnerable attack path predictor (VAPP) module of the proposed model, emphasising its exceptional accuracy in distinguishing between black (0) and red (1) attack paths compared to alternative Machine Learning techniques. Moreover, a thorough evaluation of the module's performance is carried out, with a specific emphasis on security concerns and predictive capacities. Proverif is utilised to validate the security settings and evaluate the resilience of the secret keys. The findings demonstrate a detection rate of 98.48% and an authentication rate of 85%, outperforming the achievements of earlier studies. The contributions greatly enhance the ability of IoT networks to withstand challenges, and the use of cryptographic verification confirms its dependability in the ever-changing digital environment.

telecommunications

Harsh Sanjay Pacherkar,Guanhua Yan

DOI: https://doi.org/10.1145/3643833.3656129

2024-05-27

Abstract:As 5G networks become part of the critical infrastructures whose dysfunctions can cause severe damages to society, their security has been increasingly scrutinized. Recent works have revealed multiple specification-level flaws in 5G core networks but there are no easy solutions to patch the vulnerabilities in practice. Against this backdrop, this work proposes a unified framework called PROV5GC to detect and attribute various attacks that exploit these vulnerabilities in real-world 5G networks. PROV5GC tackles three technical challenges faced when deploying existing intrusion detection system (IDS) frameworks to protect 5G core networks, namely, message encryption, partial observability, and identity ephemerality. The key idea of PROV5GC is to use provenance graphs, which are constructed from the communication messages logged by various 5G core network functions. Based on these graphs, PROV5GC infers the original call flows to identify those with malicious intentions. We demonstrate how PROV5GC can be used to detect three different kinds of attacks, which aim to compromise the confidentiality, integrity, and/or availability of 5G core networks. We build a prototype of PROV5GC and evaluate its execution performance on commodity cluster servers. We observe that due to stateless instrumentation, the logging overhead incurred to each network function is low. We also show that PROV5GC can be used to detect the three 5G-specific attacks with high accuracy.

Computer Science,Engineering

Yuntao Wang,Han Liu,Zhendong Li,Zhou Su,Jiliang Li

DOI: https://doi.org/10.1109/MNET.2024.3389734

2024-04-12

Abstract:The rise of advanced persistent threats (APTs) has marked a significant cybersecurity challenge, characterized by sophisticated orchestration, stealthy execution, extended persistence, and targeting valuable assets across diverse sectors. Provenance graph-based kernel-level auditing has emerged as a promising approach to enhance visibility and traceability within intricate network environments. However, it still faces challenges including reconstructing complex lateral attack chains, detecting dynamic evasion behaviors, and defending smart adversarial subgraphs. To bridge the research gap, this paper proposes an efficient and robust APT defense scheme leveraging provenance graphs, including a network-level distributed audit model for cost-effective lateral attack reconstruction, a trust-oriented APT evasion behavior detection strategy, and a hidden Markov model based adversarial subgraph defense approach. Through prototype implementation and extensive experiments, we validate the effectiveness of our system. Lastly, crucial open research directions are outlined in this emerging field.

Cryptography and Security

Joseph Rose,Matthew Swann,Gueltoum Bendiab,Stavros Shiaeles,Nicholas Kolokotronis

DOI: https://doi.org/10.1109/NetSoft51509.2021.9492685

2021-09-06

Abstract:The rapid increase in the use of IoT devices brings many benefits to the digital society, ranging from improved efficiency to higher productivity. However, the limited resources and the open nature of these devices make them vulnerable to various cyber threats. A single compromised device can have an impact on the whole network and lead to major security and physical damages. This paper explores the potential of using network profiling and machine learning to secure IoT against cyber-attacks. The proposed anomaly-based intrusion detection solution dynamically and actively profiles and monitors all networked devices for the detection of IoT device tampering attempts as well as suspicious network transactions. Any deviation from the defined profile is considered to be an attack and is subject to further analysis. Raw traffic is also passed on to the machine learning classifier for examination and identification of potential attacks. Performance assessment of the proposed methodology is conducted on the Cyber-Trust testbed using normal and malicious network traffic. The experimental results show that the proposed anomaly detection system delivers promising results with an overall accuracy of 98.35% and 0.98% of false-positive alarms.

Cryptography and Security,Artificial Intelligence

Vishal Gotarane,Satheesh Abimannan,Shahid Hussain,Reyazur Rashid Irshad

DOI: https://doi.org/10.1109/access.2024.3374691

IF: 3.9

2024-03-15

IEEE Access

Abstract:The rise of smart cities, smart homes, and smart health powered by the Internet of Things (IoT) presents significant challenges in design, deployment, and security. The seamless data processing across a complex network of interconnected devices in unprotected conditions makes it vulnerable to potential breaches, underscoring the need for robust security at various levels of the network. Traditional security methods based on statistics often struggle to comprehend data patterns and provide the desired level of security. This work proposes a novel hybrid framework that combines Whale Optimization and Deep Learning with a trust-index to identify malicious nodes engaging in various attacks such as DoS, DDoS, Drop attack, and Tamper Attacks, thus enhancing IoT node security. The developed framework first calculates a trust-index score for IoT nodes based on drop attack, tamper attack, replay attack, and multiple-max attack. Subsequently, it utilizes the trust index score in the Optimized Neural Network model to effectively identify the malicious IoT node. The neural network optimization is achieved through a fitness function that determines optimal weights using the Whale Optimization Algorithm. The proposed framework has been tested across varying network sizes, comprising 100, 500, and 1000 nodes. The resulting outcomes were evaluated against benchmark security methods such as Logical regression, Random Forest, Support Vector Machine, Bayesian models, ANN, Elephant herding optimization, and Lion algorithm using metrics like specificity, sensitivity, accuracy, precision, False Positive Rate, False Negative Rate, False Discovery Rate, Error, F1 score, Matthews Correlation Coefficient, and Negative Predictive Value. The results reveal a notable enhancement in accuracy (26.63%, 13.04%, 17.78%, 30.52%, 22.45%, 4.26%, and 2.24%) for a 100-node network when compared to the benchmark security methods. Furthermore, the proposed framework consistently demonstrates strong performance even when applied to larger IoT networks with a higher node count.

computer science, information systems,telecommunications,engineering, electrical & electronic

Chunpeng Ge,Lu Zhou,Gerhard P. Hancke,Chunhua Su

DOI: https://doi.org/10.1109/jiot.2020.3014947

IF: 10.6

2021-08-15

IEEE Internet of Things Journal

Abstract:An unmanned aerial vehicle (UAV) network is an emerging industrial IoT network for collaborative UAV communication and management. The open architecture and dynamic topology, which provide functional benefits, unfortunately make UAVNs more vulnerable to a variety of attacks. In UAVNs, malicious nodes not only eavesdrop the communications between UAV nodes but also attempt to attack the entire network by injecting or modifying messages. This work proposes a provenance-aware distributed trust model, named UAV-pro, for UAVNs that aim to achieve accurate peer-to-peer trust assessment and maximize the delivery of correct messages received by destination nodes while minimizing the message delay and communication cost under resource-constrained network environments. Provenance refers to the history of ownership of messages transmitted on the network. The behavior of message creators and operators can be effectively evaluated based on message integrity, then generate the observational evidence. We collect the observational evidence for distributed trust evaluation, then identify malicious nodes in the network and isolate them from the network. UAVN-pro takes a data-driven approach to reduce resource consumption in the presence of selfish or malicious nodes while ensuring the safe transmission of data by digital signature technology. The experimental results show that UAVN-pro works are compatible with the existing UAV network routing protocols, and can effectively identify attacks, such as the black hole, gray hole, message modification, fake recommendation, and fake identity in UAV networks. UAVN-pro is superior to the existing security model in terms of detection rate, delivery rate, and system energy consumption in most cases.

computer science, information systems,telecommunications,engineering, electrical & electronic

Neeraj Kumar,Sanjeev Sharma

DOI: https://doi.org/10.1007/s11277-024-11289-8

IF: 2.017

2024-06-21

Wireless Personal Communications

Abstract:With the rise in technology especially the integration of internet of Things (IoT) with Wireless Sensor Networks (WSNs) an extensive network of interconnected devices and sensors is formed to frequently collect and transmit sensitive data. However, this data may get accessed by unauthorized persons during transmission leading to erroneous decisions and potentially disastrous consequences in domains like healthcare and industrial automation.Considering the importance of protecting data, a security-based route selection model for IoT-WSN is proposed. It involves pre-identification of malicious nodes and calculation of trust using the proposed ITrust mechanism. The IGWO (Improved Grey Wolf Optimization) model weighs nodes according to their trust, energy, and connection request factors. This judgment determines the node's next hop, guaranteeing secure communication. Using MATLAB software, the suggested trust-based approach's effectiveness is assessed through Energy consumption, Packet Delivery ratio (PDR) and delay factors. Experimental results show that our approach accurately identifies malicious nodes, ensuring integrity of data transmission. The efficient routing scheme significantly reduces delays and maximizes the PDR, resulting in improved communication efficiency and reliability.

telecommunications

K. Janani,S. Ramamoorthy

DOI: https://doi.org/10.1080/09540091.2022.2149698

2022-12-12

Connection Science

Abstract:Most of the recent research has focused on the Internet of Things (IoT) and its applications. The open interface and network connectivity of the interconnected systems under the IoT network make them vulnerable to hackers. A model has been proposed to identify and classify IoT routing attacks. To generate IoT routing datasets, the Cooja simulator is used at first. The IoT routing dataset is then augmented into larger volumes using ADASYN, which is also used to solve the class imbalance problems. A deep learning hybrid model based on a Long-Short-Term Memory (LSTM) network and adaptive Mayfly Optimization Algorithm (LAMOA) was presented for the classification of IoT attacks. The adaptive MOA adjusts the weights in the various layers of the LSTM network and the Fully Connected Layer with SoftMax Classification. As part of the validation process, the proposed model was also compared with benchmark datasets NSL-KDD, BoT-IoT, and IoT-23. Using benchmark datasets, LAMOA achieved 99.94% accuracy for multiclassifications, 99.92% accuracy for binary classifications, and 98.42% accuracy for real-time datasets. Compared to other models, our proposed model significantly improves the accuracy of each attack's classification by 5–10%. GRAPHICAL

computer science, artificial intelligence, theory & methods

Aviram Zilberman,Amit Dvir,Ariel Stulman

DOI: https://doi.org/10.1109/tmc.2024.3370894

IF: 6.075

2024-01-01

IEEE Transactions on Mobile Computing

Abstract:Cyber-threat protection is one of the most challenging research branches of Internet-of-Things (iot). With the exponential increase of tiny connected devices, the battle between friend and foe intensifies. Unfortunately, iot devices offer very limited security features, laying themselves wide open to new attacks, inhibiting the expected global adoption of iot technologies. Moreover, existing prevention and mitigation techniques and intrusion detection systems handle attack anomalies rather than the attack itself while using a significant amount of the network resources. rpl, the de-facto routing protocol for iot, proposes minimal security features that cannot handle internal attacks. Hence, in this paper, we propose sprinkler, which identifies the specific thing that is under attack by an adversarial Man-in-The-Middle. sprinkler uses the multi-instance feature of rpl to identify the adversary. The proposed solution adheres to two basic principles: it only uses pre-existing standard routing protocols and does not rely on a centralized or trusted third-party node such as a certificate authority. All information must be gleaned by each node using only primitives that already exist in the underlying communication protocol, which excludes any training dataset. Simulations show that sprinkler adds minimal maintenance and energy expenditure while pinpointing deterministically the attacker in the network. In particular, sprinkler has a message delivery rate and detection rate of 100%.

computer science, information systems,telecommunications

Ashish Koirala,Rabindra Bista,Joao C. Ferreira

DOI: https://doi.org/10.3390/fi15060210

2023-06-09

Future Internet

Abstract:The Internet of Things (IoT) shares the idea of an autonomous system responsible for transforming physical computational devices into smart ones. Contrarily, storing and operating information and maintaining its confidentiality and security is a concerning issue in the IoT. Throughout the whole operational process, considering transparency in its privacy, data protection, and disaster recovery, it needs state-of-the-art systems and methods to tackle the evolving environment. This research aims to improve the security of IoT devices by investigating the likelihood of network attacks utilizing ordinary device network data and attack network data acquired from similar statistics. To achieve this, IoT devices dedicated to smart healthcare systems were utilized, and botnet attacks were conducted on them for data generation. The collected data were then analyzed using statistical measures, such as the Pearson coefficient and entropy, to extract relevant features. Machine learning algorithms were implemented to categorize normal and attack traffic with data preprocessing techniques to increase accuracy. One of the most popular datasets, known as BoT-IoT, was cross-evaluated with the generated dataset for authentication of the generated dataset. The research provides insight into the architecture of IoT devices, the behavior of normal and attack networks on these devices, and the prospects of machine learning approaches to improve IoT device security. Overall, the study adds to the growing body of knowledge on IoT device security and emphasizes the significance of adopting sophisticated strategies for detecting and mitigating network attacks.

English Else

Su Wang,Zhiliang Wang,Tao Zhou,Xia Yin,Dongqi Han,Han Zhang,Hongbin Sun,Xingang Shi,Jiahai Yang

DOI: https://doi.org/10.48550/arXiv.2111.04333

2021-11-08

Abstract:Host-based threats such as Program Attack, Malware Implantation, and Advanced Persistent Threats (APT), are commonly adopted by modern attackers. Recent studies propose leveraging the rich contextual information in data provenance to detect threats in a host. Data provenance is a directed acyclic graph constructed from system audit data. Nodes in a provenance graph represent system entities (e.g., $processes$ and $files$) and edges represent system calls in the direction of information flow. However, previous studies, which extract features of the whole provenance graph, are not sensitive to the small number of threat-related entities and thus result in low performance when hunting stealthy threats. We present threaTrace, an anomaly-based detector that detects host-based threats at system entity level without prior knowledge of attack patterns. We tailor GraphSAGE, an inductive graph neural network, to learn every benign entity's role in a provenance graph. threaTrace is a real-time system, which is scalable of monitoring a long-term running host and capable of detecting host-based intrusion in their early phase. We evaluate threaTrace on three public datasets. The results show that threaTrace outperforms three state-of-the-art host intrusion detection systems.

Cryptography and Security,Machine Learning

Carlotta Tagliaro,Martina Komsic,Andrea Continella,Kevin Borgolte,Martina Lindorfer

DOI: https://doi.org/10.1145/3678890.3678899

2024-10-01

Abstract:Internet-of-Things (IoT) devices, ranging from smart home assistants to health devices, are pervasive: Forecasts estimate their number to reach 29 billion by 2030. Understanding the security of their machine-to-machine communication is crucial. Prior work focused on identifying devices' vulnerabilities or proposed protocol-specific solutions. Instead, we investigate the security of backends speaking IoT protocols, that is, the backbone of the IoT ecosystem. We focus on three real-world protocols for our large-scale analysis: MQTT, CoAP, and XMPP. We gather a dataset of over 337,000 backends, augment it with geographical and provider data, and perform non-invasive active measurements to investigate three major security threats: information leakage, weak authentication, and denial of service. Our results provide quantitative evidence of a problematic immaturity in the IoT ecosystem. Among other issues, we find that 9.44% backends expose information, 30.38% CoAP-speaking backends are vulnerable to denial of service attacks, and 99.84% of MQTT- and XMPP-speaking backends use insecure transport protocols (only 0.16% adopt TLS, of which 70.93% adopt a vulnerable version).

Cryptography and Security,Networking and Internet Architecture

Omair Faraj,David Megias,Joaquin Garcia-Alfaro

2024-07-04

Abstract:The Internet of Things (IoT) relies on resource-constrained devices deployed in unprotected environments. Different types of risks may be faced during data transmission in single-hop and multi-hop scenarios. Addressing these vulnerabilities is crucial. A systematic literature review of data provenance in IoT is presented, exploring existing techniques, practical implementations, security requirements, and performance metrics. Respective contributions and shortcomings are compared. A taxonomy related to the development of data provenance in IoT is proposed. Open issues are identified, and future research directions are presented, providing useful insights for the evolution of data provenance research in the context of the IoT.

Cryptography and Security

Xinyin Xiang,Jin Cao,Weiguo Fan

DOI: https://doi.org/10.1109/jsyst.2020.3040739

IF: 4.802

2021-09-01

IEEE Systems Journal

Abstract:Trusted data transmission is the foundation of the Internet of Things (IoT) security, so in the process of data transmission, the trust of IoT nodes needs to be confirmed in real time, and the real-time tracking of node trust is also expected. Yet, modern IoT devices provide limited security capabilities, forming a new attack focus. Remote attestation is a kind of technology to detect network threats by remotely checking the internal situation of terminal devices by a trusted entity. Multidevice attestation is rarely studied although the ongoing single device attestation techniques lack scalability in the application of IoT. In this article, we present a lightweight attestation protocol based on an IoT system under an ideal physical unclonable functions environment. Our protocol can resilient against any strong adversary who physically accesses IoT devices. Simulation results show that our protocol is scalable and can be applied to dynamic networks.

computer science, information systems,telecommunications,engineering, electrical & electronic,operations research & management science

Savindu Wannigama,Arunan Sivanathan,Ayyoob Hamza,Hassan Habibi Gharakheili

2024-04-11

Abstract:Behavioral transparency for Internet-of-Things (IoT) networked assets involves two distinct yet interconnected tasks: (a) characterizing device types by discerning the patterns exhibited in their network traffic, and (b) assessing vulnerabilities they introduce to the network. While identifying communication protocols, particularly at the application layer, plays a vital role in effective network management, current methods are, at best, ad-hoc. Accurate protocol identification and attribute extraction from packet payloads are crucial for distinguishing devices and discovering vulnerabilities. This paper makes three contributions: (1) We process a public dataset to construct specific packet traces pertinent to six standard protocols (TLS, HTTP, DNS, NTP, DHCP, and SSDP) of ten commercial IoT devices. We manually analyze TLS and HTTP flows, highlighting their characteristics, parameters, and adherence to best practices-we make our data publicly available; (2) We develop a common model to describe protocol signatures that help with the systematic analysis of protocols even when communicated through non-standard port numbers; and, (3) We evaluate the efficacy of our data models for the six protocols, which constitute approximately 97% of our dataset. Our data models, except for SSDP in 0.3% of Amazon Echo's flows, produce no false positives for protocol detection. We draw insights into how various IoT devices behave across those protocols by applying these models to our IoT traces.

Networking and Internet Architecture

Su Wang,Keyang Yu,Qi Li,Dong Chen

2024-06-15

Abstract:The Internet traffic data produced by the Internet of Things (IoT) devices are collected by Internet Service Providers (ISPs) and device manufacturers, and often shared with their third parties to maintain and enhance user services. Unfortunately, on-path adversaries could infer and fingerprint users' sensitive privacy information such as occupancy and user activities by analyzing these network traffic traces. While there's a growing body of literature on defending against this side-channel attack-malicious IoT traffic analytics (TA), there's currently no systematic method to compare and evaluate the comprehensiveness of these existing studies. To address this problem, we design a new low-cost, open-source system framework-IoT Traffic Exposure Monitoring Toolkit (ITEMTK) that enables people to comprehensively examine and validate prior attack models and their defending approaches. In particular, we also design a novel image-based attack capable of inferring sensitive user information, even when users employ the most robust preventative measures in their smart homes. Researchers could leverage our new image-based attack to systematize and understand the existing literature on IoT traffic analysis attacks and preventing studies. Our results show that current defending approaches are not sufficient to protect IoT device user privacy. IoT devices are significantly vulnerable to our new image-based user privacy inference attacks, posing a grave threat to IoT device user privacy. We also highlight potential future improvements to enhance the defending approaches. ITEMTK's flexibility allows other researchers for easy expansion by integrating new TA attack models and prevention methods to benchmark their future work.

Cryptography and Security,Systems and Control

Geetanjali Rathee,Chaker Abdelaziz Kerrache,Carlos T. Calafate,Houbing Song

DOI: https://doi.org/10.1002/ett.5011

IF: 3.6

2024-06-16

Transactions on Emerging Telecommunications Technologies

Abstract:Abstract The Web‐of‐Things (WoT) seeks to simplify IoT management by providing an interface for controlling and monitoring the devices. To this end, it can provide several web‐based applications focused on home automation, smart cities, smart agriculture and so forth. In particular, preventing device reputation attacks, which is one of the most significant threats to the WoT, is critical when considering the huge amount of information that is generated, processed and analyzed by the network. There may be situations where intruders deploy fake devices to introduce false information, downgrading the information from valid devices for their own benefits. Different authors have proposed various security methods and algorithms using machine learning, cryptographic or semantics‐based methods. However, the existing mechanisms have various limitations in terms of accuracy, storage overhead, and computational/communication overheads, that still need to be addressed. The trusted mechanism can be considered as another way of ensuring security while transmitting the information through the Internet by identifying their legitimacy. Hence, the aim of this article is to propose a secure and trusted WoT framework using similarity index and community of interest similarity score schemes. The proposed mechanism is evaluated against existing schemes that consider both cryptographic and semantic parameters to ensure the security in the network by using metrics such as recommendations, decay time factor, and packet loss recovery rate.

telecommunications