Subhash Sagar,Adnan Mahmood,Quan Z. Sheng,Munazza Zaib,Wei Emma Zhang

DOI: https://doi.org/10.48550/arXiv.2102.10998

2021-02-03

Cryptography and Security

Abstract:The emerging paradigm of the Social Internet of Things (SIoT) has transformed the traditional notion of the Internet of Things (IoT) into a social network of billions of interconnected smart objects by integrating social networking facets into the same. In SIoT, objects can establish social relationships in an autonomous manner and interact with the other objects in the network based on their social behaviour. A fundamental problem that needs attention is establishing of these relationships in a reliable and trusted way, i.e., establishing trustworthy relationships and building trust amongst objects. In addition, it is also indispensable to ascertain and predict an object's behaviour in the SIoT network over a period of time. Accordingly, in this paper, we have proposed an efficient time-aware machine learning-driven trust evaluation model to address this particular issue. The envisaged model deliberates social relationships in terms of friendship and community-interest, and further takes into consideration the working relationships and cooperativeness (object-object interactions) as trust parameters to quantify the trustworthiness of an object. Subsequently, in contrast to the traditional weighted sum heuristics, a machine learning-driven aggregation scheme is delineated to synthesize these trust parameters to ascertain a single trust score. The experimental results demonstrate that the proposed model can efficiently segregates the trustworthy and untrustworthy objects within a network, and further provides the insight on how the trust of an object varies with time along with depicting the effect of each trust parameter on a trust score.

Subhash Sagar,Adnan Mahmood,Quan Z. Sheng,Wei Emma Zhang

DOI: https://doi.org/10.48550/arXiv.2102.10997

2021-02-03

Abstract:The Internet of Things (IoT) is an evolving network of billions of interconnected physical objects, such as numerous sensors, smartphones, wearables, and embedded devices. These physical objects, generally referred to as the smart objects, when deployed in the real-world aggregates useful information from their surrounding environment. As-of-late, this notion of IoT has been extended to incorporate the social networking facets which have led to the promising paradigm of the `Social Internet of Things' (SIoT). In SIoT, the devices operate as an autonomous agent and provide an exchange of information and service discovery in an intelligent manner by establishing social relationships among them with respect to their owners. Trust plays an important role in establishing trustworthy relationships among the physical objects and reduces probable risks in the decision-making process. In this paper, a trust computational model is proposed to extract individual trust features in a SIoT environment. Furthermore, a machine learning-based heuristic is used to aggregate all the trust features in order to ascertain an aggregate trust score. Simulation results illustrate that the proposed trust-based model isolates the trustworthy and untrustworthy nodes within the network in an efficient manner.

Cryptography and Security,Performance

Lijun Wei,Jing Wu,Chengnian Long,Bo Li

DOI: https://doi.org/10.1109/jiot.2020.3028380

IF: 10.6

2021-03-15

IEEE Internet of Things Journal

Abstract:Social Internet of Things (SIoT) an emerging Internet-of-Things (IoT) service infrastructure, which integrates the social concept into IoT systems for enhancing service efficiency. By establishing a social relationship among objects, IoT devices can autonomously interact with each other free from human intervention. One critical issue in the development of SIoT is the trust issue, which is essential in fostering cooperation among objects. The existing approaches largely fall short in trust quantification, and also suffer from the bias of trustworthiness evaluation without properly considering inherently dynamic context changes and potential malicious behaviors. In this work, we combine social trust theory and incorporate the unique characteristics of IoT devices to address the trust issue in SIoT. We establish a general trust model which comprehensively captures the competence, willingness, and social relationship in SIoT. Specifically, we define two functions in terms of the Degree of Importance (DoI) and the Degree of Contribution (DoC) to compute the competence and willingness, and we present a formal quantitative trust model that is robust in the dynamic environment and against common malicious attacks. The effectiveness of our proposed trust model is verified through the security analysis and a series of simulation experiments. The results demonstrate that the proposed trust model is reliable and efficient in promoting the success rate of services, as well as improving the efficiency and security of services in SIoT.

computer science, information systems,telecommunications,engineering, electrical & electronic

Subhash Sagar,Adnan Mahmood,Kai Wang,Quan Z. Sheng,Wei Emma Zhang

DOI: https://doi.org/10.48550/arXiv.2205.03226

2022-05-04

Abstract:The recent emergence of the promising paradigm of the Social Internet of Things (SIoT) is a result of an intelligent amalgamation of the social networking concepts with the Internet of Things (IoT) objects (also referred to as "things") in an attempt to unravel the challenges of network discovery, navigability, and service composition. This is realized by facilitating the IoT objects to socialize with one another, i.e., similar to the social interactions amongst the human beings. A fundamental issue that mandates careful attention is to thus establish, and over time, maintain trustworthy relationships amongst these IoT objects. Therefore, a trust framework for SIoT must include object-object interactions, the aspects of social relationships, credible recommendations, etc., however, the existing literature has only focused on some aspects of trust by primarily relying on the conventional approaches that govern linear relationships between input and output. In this paper, an artificial neural network-based trust framework, Trust-SIoT, has been envisaged for identifying the complex non-linear relationships between input and output in a bid to classify the trustworthy objects. Moreover, Trust-SIoT has been designed for capturing a number of key trust metrics as input, i.e., direct trust by integrating both current and past interactions, reliability, and benevolence of an object, credible recommendations, and the degree of relationship by employing a knowledge graph embedding. Finally, we have performed extensive experiments to evaluate the performance of Trust-SIoT vis-a-vis state-of-the-art heuristics on two real-world datasets. The results demonstrate that Trust-SIoT achieves a higher F1 and lower MAE and MSE scores.

Social and Information Networks

Zhiting Lin,Liang Dong

DOI: https://doi.org/10.1109/TKDE.2017.2762678

2017-04-12

Abstract:A social approach can be exploited for the Internet of Things (IoT) to manage a large number of connected objects. These objects operate as autonomous agents to request and provide information and services to users. Establishing trustworthy relationships among the objects greatly improves the effectiveness of node interaction in the social IoT and helps nodes overcome perceptions of uncertainty and risk. However, there are limitations in the existing trust models. In this paper, a comprehensive model of trust is proposed that is tailored to the social IoT. The model includes ingredients such as trustor, trustee, goal, trustworthiness evaluation, decision, action, result, and context. Building on this trust model, we clarify the concept of trust in the social IoT in five aspects such as (1) mutuality of trustor and trustee, (2) inferential transfer of trust, (3) transitivity of trust, (4) trustworthiness update, and (5) trustworthiness affected by dynamic environment. With network connectivities that are from real-world social networks, a series of simulations are conducted to evaluate the performance of the social IoT operated with the proposed trust model. An experimental IoT network is used to further validate the proposed trust model.

Social and Information Networks,Multiagent Systems

Dong Chen,Guiran Chang,Dawei Sun,Jiajia Li,Jie Jia,Xingwei Wang

DOI: https://doi.org/10.2298/csis110303056c

2011-01-01

Computer Science and Information Systems

Abstract:Since a large scale Wireless Sensor Network (WSN) is to be completely integrated into Internet as a core part of Internet of Things (IoT) or Cyber Physical System (CPS), it is necessary to consider various security challenges that come with IoT/CPS, such as the detection of malicious attacks. Sensors or sensor embedded things may establish direct communication between each other using 6LoWPAN protocol. A trust and reputation model is recognized as an important approach to defend a large distributed sensor networks in IoT/CPS against malicious node attacks, since trust establishment mechanisms can stimulate collaboration among distributed computing and communication entities, facilitate the detection of untrustworthy entities, and assist decision-making process of various protocols. In this paper, based on in-depth understanding of trust establishment process and quantitative comparison among trust establishment methods, we present a trust and reputation model TRM-IoT to enforce the cooperation between things in a network of IoT/CPS based on their behaviors. The accuracy, robustness and lightness of the proposed model is validated through a wide set of simulations.

computer science, information systems, software engineering

Masoud Narimani Zamanabadi,Amir Jalali Bidgoli,Yaghoub Farjami,Ibrahim Hossein Khani,Masoud Narimani Zaman Abadi,Amir Jalaly Bidgoly,Ebrahim Hossein Khani

DOI: https://doi.org/10.1016/j.iot.2023.100858

IF: 5.711

2023-10-01

Internet of Things

Abstract:The Cognitive Internet of Things (CIoT) is a rapidly evolving field that combines artificial intelligence (AI) with the Internet of Things (IoT) ecosystem. By augmenting IoT with AI, objects can sense, perceive, think, and make decisions independently with minimal initial knowledge. These cognitive objects form a society and work toward achieving their goals through cooperation. However, trust is a significant security challenge in such a society. To address this challenge, this paper proposes a soft security approach to model trust in CIoT using Collaborative Multi-Agent Systems (CMAS). Our model introduces an interactive, autonomous, and self-taught agent that can move toward a secure situation without needing a supervisor. We use a state machine to model an insecure ecosystem where agents can behave honestly, adversarially, neutrally, or hypocritically. We define inner trust as a combination of direct and indirect experiences and observations and global trust as the weighted average of inner trust and recommendations. Additionally, we employ the reinforcement learning algorithm to train agents. To evaluate our model, we developed a proprietary tool called ASSOCIATE and assessed our model using data from the Santander Smart City dataset and simulator-generated data. Our evaluations encompass three aspects: the success rate in achieving the goal, the recognition of agents’ behavior, and the quality of the diagnosis.

Marius Becherer,Omar Khadeer Hussain,Yu Zhang,Frank den Hartog,Elizabeth Chang

DOI: https://doi.org/10.1145/3645100

IF: 16.6

2024-03-14

ACM Computing Surveys

Abstract:The novel paradigm Social Internet of Things (SIoT) improves the network navigability, identifies suitable service providers, and addresses scalability concerns. Ensuring trustworthy collaborations among devices is a key aspect in SIoT and can be realized through trust recommendations. However, the outcome of trust recommendations depends on multiple factors related to the context-dependent nature of SIoT and practical constraints brought by the devices and networks embedded in the SIoT. While the existing literature has proposed numerous trust recommendation models to assess the trustworthiness of devices in various scenarios, researchers have not sufficiently examined the required features for trust recommendations in the SIoT. Consequently, trust recommendation models may inaccurately assess the true risk of device interactions. In this literature survey, we investigate the context-dependent features and recommendation methods used for the SIoT using the Preferred Reporting Items for Systematic Reviews and Meta-Analyses (PRISMA) methodology. We propose a novel taxonomy to categorize trust recommendation models according to their input features and design. Our findings reveal limited attention is given to the context-dependent features, constraints of the information environment, and limited inference capabilities that impede more precise trust recommendations. Finally, we present the research gaps and outline future directions to enable trustworthy inter-domain operations within the SIoT.

computer science, theory & methods

Naznin Hossain Esha,Mst. Rubayat Tasmim,Silvia Huq,Mufti Mahmud,M. Shamim Kaiser

DOI: https://doi.org/10.1007/978-981-15-7561-7_3

2020-10-30

Abstract:Internet of healthcare things (IoHT) creates a network where healthcare sensors, smart healthcare objects and services linked independently. This raises a concern of security and integrity of the interconnected devices and services in IoHT. This paper presents a trust management model for IoHT using fuzzy logic. The fuzzy inference system will consider packet loss rate, aggregated transmission rate, end to end delay, received signal strength indicator, drained battery power and packet integrity of node as input parameters and identify trustworthiness (trusted/maliciousness) of a node. In addition, Chi-squared test is also employed to detect the fault node in the IoHT. The performance evaluation reveals that more than 92% accuracy has been achieved for the proposed model.

Subhash Sagar,Adnan Mahmood,Quan Z. Sheng,Munazza Zaib,Farhan Sufyan

2023-05-12

Abstract:The emerging yet promising paradigm of the Social Internet of Things (SIoT) integrates the notion of the Internet of Things with human social networks. In SIoT, objects, i.e., things, have the capability to socialize with the other objects in the SIoT network and can establish their social network autonomously by modeling human behaviour. The notion of trust is imperative in realizing these characteristics of socialization in order to assess the reliability of autonomous collaboration. The perception of trust is evolving in the era of SIoT as an extension to traditional security triads in an attempt to offer secure and reliable services, and is considered as an imperative aspect of any SIoT system for minimizing the probable risk of autonomous decision-making. This research investigates the idea of trust quantification by employing trust measurement in terms of direct trust, indirect trust as a recommendation, and the degree of SIoT relationships in terms of social similarities (community-of-interest, friendship, and co-work relationships). A weighted sum approach is subsequently employed to synthesize all the trust features in order to ascertain a single trust score. The experimental evaluation demonstrates the effectiveness of the proposed model in segregating trustworthy and untrustworthy objects and via identifying the dynamic behaviour (i.e., trust-related attacks) of the SIoT objects.

Cryptography and Security,Social and Information Networks

Yara Alghofaili,Murad A Rassam

DOI: https://doi.org/10.3390/s23083814

2023-04-07

Abstract:The integration of the cloud and Internet of Things (IoT) technology has resulted in a significant rise in futuristic technology that ensures the long-term development of IoT applications, such as intelligent transportation, smart cities, smart healthcare, and other applications. The explosive growth of these technologies has contributed to a significant rise in threats with catastrophic and severe consequences. These consequences affect IoT adoption for both users and industry owners. Trust-based attacks are the primary selected weapon for malicious purposes in the IoT context, either through leveraging established vulnerabilities to act as trusted devices or by utilizing specific features of emerging technologies (i.e., heterogeneity, dynamic nature, and a large number of linked objects). Consequently, developing more efficient trust management techniques for IoT services has become urgent in this community. Trust management is regarded as a viable solution for IoT trust problems. Such a solution has been used in the last few years to improve security, aid decision-making processes, detect suspicious behavior, isolate suspicious objects, and redirect functionality to trusted zones. However, these solutions remain ineffective when dealing with large amounts of data and constantly changing behaviors. As a result, this paper proposes a dynamic trust-related attack detection model for IoT devices and services based on the deep long short-term memory (LSTM) technique. The proposed model aims to identify the untrusted entities in IoT services and isolate untrusted devices. The effectiveness of the proposed model is evaluated using different data samples with different sizes. The experimental results showed that the proposed model obtained a 99.87% and 99.76% accuracy and F-measure, respectively, in the normal situation, without considering trust-related attacks. Furthermore, the model effectively detected trust-related attacks, achieving a 99.28% and 99.28% accuracy and F-measure, respectively.

Geetanjali Rathee,Sahil Garg,Georges Kaddoum,Bong Jun Choi,Mohammad Mehedi Hassan,Salman A. AlQahtani

DOI: https://doi.org/10.1109/tii.2022.3173006

IF: 12.3

2022-11-13

IEEE Transactions on Industrial Informatics

Abstract:Many IoT-based applications have inherited the artificial intelligence of things (AIoT) techniques to explore new services and benefits of smart recording and monitoring generated information. However, hundreds of hacking incidents caused by highly sophisticated attackers have generated serious risks, where they compromised various IoT sensors for their benefits, impeding the growth of AIoT. Various security schemes have been proposed in the literature; however, it is critical to determine the legitimacy of AIoT devices in real-time scenarios during the initial deployment of the network. Therefore, this article aims to provide a secure, reliable, and trusted decision-making scheme using multiattribute methods in collaborative AIoT. The proposed system uses backpropagation and Bayesian's rule to ensure a fast and accurate decision. In addition, agent-based modeling and population-based modeling trust schemes are used to compute the legitimacy of the communicating model. Further, the proposed system is validated over various security measures against the various decision-based conventional methods such as Fuzzy c-means, REPTree, and random tree in terms of time, accuracy, replay attack, data falsification attack, recall, region of convergence, and F-Measure. The proposed mechanism achieves 93% improvement over accuracy and attack identification against existing mechanisms.

automation & control systems,computer science, interdisciplinary applications,engineering, industrial

Mufti Mahmud,M. Shamim Kaiser,M. Mostafizur Rahman,M. Arifur Rahman,Antesar Shabut,Shamim Al-Mamun,Amir Hussain

DOI: https://doi.org/10.1007/s12559-018-9543-3

IF: 4.89

2018-04-02

Cognitive Computation

Abstract:AbstractRapid advancement of Internet of Things (IoT) and cloud computing enables neuroscientists to collect multilevel and multichannel brain data to better understand brain functions, diagnose diseases, and devise treatments. To ensure secure and reliable data communication between end-to-end (E2E) devices supported by current IoT and cloud infrastructures, trust management is needed at the IoT and user ends. This paper introduces an adaptive neuro-fuzzy inference system (ANFIS) brain-inspired trust management model (TMM) to secure IoT devices and relay nodes, and to ensure data reliability. The proposed TMM utilizes both node behavioral trust and data trust, which are estimated using ANFIS, and weighted additive methods respectively, to assess the nodes trustworthiness. In contrast to existing fuzzy based TMMs, simulation results confirm the robustness and accuracy of our proposed TMM in identifying malicious nodes in the communication network. With growing usage of cloud based IoT frameworks in Neuroscience research, integrating the proposed TMM into existing infrastructure will assure secure and reliable data communication among E2E devices.

computer science, artificial intelligence,neurosciences

Christos-Minas Mathas,Costas Vassilakis,Nicholas Kolokotronis

DOI: https://doi.org/10.1109/SERVICES48979.2020.00047

2021-09-04

Abstract:In modern internet-scale computing, interaction between a large number of parties that are not known a-priori is predominant, with each party functioning both as a provider and consumer of services and information. In such an environment, traditional access control mechanisms face considerable limitations, since granting appropriate authorizations to each distinct party is infeasible both due to the high number of grantees and the dynamic nature of interactions. Trust management has emerged as a solution to this issue, offering aids towards the automated verification of actions against security policies. In this paper, we present a trust- and risk-based approach to security, which considers status, behavior and associated risk aspects in the trust computation process, while additionally it captures user-to-user trust relationships which are propagated to the device level, through user-to-device ownership links.

Cryptography and Security

Behshid Shayesteh,Vesal Hakami,Ahmad Akbari

DOI: https://doi.org/10.48550/arXiv.1811.07028

2018-11-17

Abstract:One rapidly growing application of Internet of Things (IoT) is the protection of public health and well-being through enabling environmental monitoring services. In particular, an IoT-enabled health/accessibility monitoring service (HAMS) can be consulted by its users to query about the status of different areas so as to optimize their trip throughout a geographic region. Given the high cost associated with a vast deployment of totally trusted information sources, the IoT-enabled monitoring services also subsist on citizen engagement and on (possibly untrusted) users' sensing apparatus for data collection. However, trust management becomes a key factor in the success of such services because they might be misled by malicious users through altered or fake sensor data. In this paper, we consider a monitoring service, and propose a hybrid entity/data trust computation scheme which relies on Bayesian learning to score the users (as data reporters), and on Dempster-Shafer theory (DST) for data fusion and for the computation of the trustworthiness of the data itself. In order to provide resiliency against behavioral changes, the probability masses used in DST are dynamically updated using the freshly estimated user scores as well as the contextual properties associated with the reported data. We conduct simulation experiments to evaluate the performance of our scheme. Compared to prior work, the results demonstrate superior performance in terms of accuracy and resilience against malicious behavior.

Cryptography and Security

Sondes Ksibi,Faouzi Jaidi,Adel Bouhoula

DOI: https://doi.org/10.1007/s10207-024-00923-y

2024-11-10

International Journal of Information Security

Abstract:Internet of Medical Things (IoMT) applications, called also Medical Internet of Things (MIoT) or IoT for e-health, allow integrating smart technologies to medical devices for a better monitoring of disease progression and patients tracking. While it offers extensive benefits and despite of its expansion, IoMT brings round additional security concerns. Connected Medical Devices (CMD) raise up several security and privacy problems. The complexity and heterogeneity of data and technology in IoMT communications create additional security risks and threats. Malicious users may exploit crucial vulnerabilities in a wide range of IoMT applications, networks and devices. Hence, thinking about smart and efficient security solutions is an urgent need to understand and assess IoMT-related threats. Existing traditional models are no longer convenient and remain unsuitable to address the various born risks. We present in the current manuscript an in depth study of security concerns within IoMT. We review popular risk assessment and management approaches and discuss their suitability to the IoMT context. The main shortcomings are inherent to the complex architecture, the lack of automation and the numerous stakeholders with different security needs and skills.With reference to the conducted study, we introduce our solution as a framework to enhance trustworthiness and support decision making within IoMT environments. The proposal relies on a fine-grained approach for managing associated risks with regard to different areas of focus and common risk factors. To do so, a Machine Learning (ML)-based anomaly detection model and a hybrid Risk Assessment (RA) model are defined to evaluate cumulative IoMT risk. Experiments show obtained competitive results compared to state of the art ML models to detect intrusions in IoT/IoMT systems and we obtained an accuracy rate of 100% with some algorithms. A use case of application is presented to highlight the efficiency of the proposal.

computer science, information systems, theory & methods, software engineering

Burak Kantarci,Hussein T. Mouftah

DOI: https://doi.org/10.1109/jiot.2014.2337886

IF: 10.6

2014-08-01

IEEE Internet of Things Journal

Abstract:The Internet of Things (IoT) paradigm stands for virtually interconnected objects that are identifiable and equipped with sensing, computing, and communication capabilities. Implementation of services and applications over the IoT architecture can take benefit of the cloud computing concept. Sensing-as-a-Service (S2 aaS) is a cloud-inspired service model which enables access to the IoT. In this paper, we present a framework where IoT can enhance public safety by crowd management via sensing services that are provided by smart phones equipped with various types of sensors. In order to ensure trustworthiness in the presented framework, we propose a reputation-based (S2 aaS) scheme, namely, Trustworthy Sensing for Crowd Management (TSCM) for front-end access to the IoT. TSCM collects sensing data based on a cloud model and an auction procedure which selects mobile devices for particular sensing tasks and determines the payments to the users of the mobile devices that provide data. Performance evaluation of TSCM shows that the impact of malicious users in the crowdsourced data can be degraded by 75% while trustworthiness of a malicious user converges to a value below 40% following few auctions. Moreover, we show that TSCM can enhance the utility of the public safety authority up to 85%.

computer science, information systems,telecommunications,engineering, electrical & electronic

Daojing He,Chun Chen,Sammy Chan,Jiajun Bu,Athanasios V Vasilakos

DOI: https://doi.org/10.1109/TITB.2012.2199996

2012-01-01

IEEE Transactions on Information Technology in Biomedicine

Abstract:The development of medical sensor networks (MSNs) is imperative for e-healthcare, but security remains a formidable challenge yet to be resolved. Traditional cryptographic mechanisms do not suffice given the unique characteristics of MSNs, and the fact that MSNs are susceptible to a variety of node misbehaviors. In such situations, the security and performance of MSNs depend on the cooperative and trust nature of the distributed nodes, and it is important for each node to evaluate the trustworthiness of other nodes. In this paper, we identify the unique features of MSNs and introduce relevant node behaviors, such as transmission rate and leaving time, into trust evaluation to detect malicious nodes. We then propose an applicationindependent and distributed trust evaluation model for MSNs. The trust management is carried out through the use of simple cryptographic techniques. Simulation results demonstrate that the proposed model can be used to effectively identify malicious behaviors and thereby exclude malicious nodes. This paper also reports the experimental results of the Collection Tree Protocol with the addition of our proposed model in a network of TelosB motes, which show that the network performance can be significantly improved in practice. Further, some suggestions are given on how to employ such a trust evaluation model in some application scenarios.

Lijun Wei,Yuhan Yang,Jing Wu,Chengnian Long,Bo Li

DOI: https://doi.org/10.1109/jiot.2021.3139989

IF: 10.6

2022-01-01

IEEE Internet of Things Journal

Abstract:Driven by the rapid development of the Internet of Things (IoT) technology, the issue of trust has become increasingly apparent and received considerable scholarly attention in recent years. With the occurrence of various security incidents, data leakage accidents, and service fraud, which seriously affects the quality of service and system efficiency of IoT, trust is fast becoming a key issue in IoT system. In addition to the security and efficiency, trust further contains the reliability, attack resistance, fairness, flexibility, and incentive, resulting in a wide range of new researches from the trust management framework to the quantification method. In this work, various dimensions of trust, including definition, composition, aggregation, and computation are introduced and analyzed. We focus on comprehensive comparison of the state-of-the-art trust management researches and the related applications. Besides, we explore and discuss the important challenges, including performance bottleneck, bidirectional trust, dynamic changes of context, privacy preserving, and cross-domain issue. Some potential enabling technologies for trust management are further analyzed. The objective of this article is to comprehend the trust issue and the composition of trust management in IoT, and illustrate the difference of existing work, thereby motivating further research interest in this field.

computer science, information systems,telecommunications,engineering, electrical & electronic