Overview

Full Product Details

Author:   Ali Ismail Awad ,  Jemal Abawajy
Publisher:   John Wiley & Sons Inc
Imprint:   Wiley-IEEE Press
Dimensions:   Width: 1.00cm , Height: 1.00cm , Length: 1.00cm
Weight:   0.454kg
ISBN:  

9781119607748

ISBN 10:   1119607744
Pages:   336
Publication Date:   04 January 2022
Audience:   Professional and scholarly ,  College/higher education ,  Professional & Vocational ,  Postgraduate, Research & Scholarly
Format:   Hardback
Publisher's Status:   Active
Availability:   Out of stock  
The supplier is temporarily out of stock of this item. It will be ordered for you on backorder and shipped when it becomes available.

Table of Contents

About the Editors xiii List of Contributors xv Preface xix 1 Advanced Attacks and Protection Mechanisms in IoT Devices and Networks 1 Lejla Batina, Nele Mentens, Markus Miettinen, Naila Mukhtar, Thien Duc Nguyen, Md Masoom Rabbani, Phillip Rieger, and Ahmad-Reza Sadeghi 1.1 Introduction 2 1.2 Physical Security in IoT Devices 3 1.2.1 Physical Attacks 3 1.2.1.1 Side-channel Analysis Attacks 3 1.2.1.2 Fault Analysis Attacks 4 1.2.2 Profiling Attacks 4 1.2.3 Machine Learning and SCA 5 1.2.4 Real-world Attacks 7 1.2.5 Countermeasures 8 1.3 Remote Attestation in IoT Devices 9 1.3.1 Types of Remote Attestation 10 1.3.1.1 Software-based Remote Attestation 10 1.3.1.2 Hardware-based Remote Attestation 11 1.3.1.3 Hybrid Architecture-based Remote Attestation 12 1.3.2 Remote Attestation for Large IoT Networks 12 1.3.2.1 Classical Swarm Attestation Techniques 12 1.3.2.2 Swarm Attestation for IoT Services 14 1.3.3 Future Directions 14 1.3.3.1 Cloud-based RA Techniques 15 1.3.3.2 RA in Novel Internet Technologies 15 1.3.3.3 Blockchain Based RA 15 1.4 Intrusion Detection in IoT Networks 15 1.4.1 IoT Malware 15 1.4.2 Vulnerability Patching 16 1.4.3 Signature- and Anomaly Detection-based Network Intrusion Detection 17 1.4.4 Deep Learning-based Anomaly Detection 17 1.4.4.1 System Overview 18 1.4.4.2 Modeling Packet Sequence Patterns 18 1.4.4.3 Anomalous Packet Detection 19 1.4.5 Federated Deep Learning-based IoT Intrusion Detection System 20 1.4.5.1 Federated Learning 20 1.4.5.2 Federated Self-Learning Anomaly Detection 20 1.4.5.3 Challenges of Federated Learning-based Anomaly Detection System for IoT 22 References 23 2 Human Aspects of IoT Security and Privacy 31 Sune Von Solms and Steven Furnell 2.1 Introduction 31 2.2 An Overview of the Domestic IoT Environment 33 2.3 Security Issues and the IoT Landscape 39 2.4 Human Factors Challenges in IoT Security and Privacy 41 2.4.1 Security Trade-offs for Individuals in IoT 43 2.4.2 Data Ownership and Use 44 2.4.3 Device Management and Administration Responsibilities 46 2.4.4 The Age of Unwanted Intelligence 47 2.5 Toward Improved User-facing Security in the IoT 49 2.6 Conclusion 51 Acknowledgments 51 References 51 3 Applying Zero Trust Security Principles to Defence Mechanisms Against Data Exfiltration Attacks 57 Hugo Egerton, Mohammad Hammoudeh, Devrim Unal, and Bamidele Adebisi 3.1 Introduction 57 3.2 Data Exfiltration Types, Attack Mechanisms, and Defence Techniques 59 3.2.1 Types of Data Exfiltration 59 3.2.1.1 Physical 59 3.2.1.2 Remote 60 3.2.2 Data Exfiltration Attack Techniques 60 3.2.2.1 Physical-based 60 3.2.2.2 Remote-based 61 3.2.3 Insider Data Exfiltration Threats 63 3.2.3.1 Types of Insider Threats 63 3.2.4 Approaches to Counter Data Exfiltration 65 3.2.4.1 Preventative 65 3.2.4.2 Detective 66 3.2.4.3 Investigative 66 3.2.5 Mechanisms to Defend Against Physical Data Exfiltration 67 3.2.5.1 Network-based 67 3.2.5.2 Physical-based 67 3.3 A Defence Mechanism for Physical Data Exfiltration Mitigation 68 3.3.1 Confidential Data Identification 68 3.3.2 Endpoint Access Rules 70 3.3.3 Data Fingerprinting 72 3.3.4 Relevance to Physical-Layer Protection 73 3.3.5 Complementing Existing Firewall and Application-based Measures 73 3.4 Implementation and Analysis 75 3.4.1 Experimental Setup 75 3.4.2 Threat Scenario 77 3.4.3 Scenario Execution and Analysis 77 3.5 Evaluation 80 3.5.1 Scenarios 81 3.5.2 Scenario 1 82 3.5.3 Scenario 2 82 3.5.4 Scenario 3 83 3.5.5 Results Analysis and Discussion 84 3.6 Conclusion 86 References 86 4 eSIM-Based Authentication Protocol for UAV Remote Identification 91 Abdulhadi Shoufan, Chan Yeob Yeun, and Bilal Taha 4.1 Introduction 91 4.2 Drone Security 93 4.2.1 Drone Security in UTM 93 4.2.1.1 Physical Attacks 94 4.2.1.2 Cyber Attacks 94 4.2.1.3 Cyber-Physical Attacks 94 4.2.2 Security Attacks on Drones 95 4.2.3 Security Attacks from Drones 96 4.2.3.1 Spying and Surveillance 96 4.2.3.2 Smuggling 96 4.2.3.3 Physical Attacks 97 4.2.3.4 Cyber Attacks 97 4.3 Drone Safety 98 4.3.1 Drone Detection and Classification 98 4.3.2 Interdiction Technologies 98 4.4 UAV Remote Identification 100 4.5 Authentication Protocol for Remote Identification 103 4.5.1 Preliminaries 104 4.5.1.1 Assumptions and Notations 104 4.5.2 Registration 106 4.5.3 Secure Communication Protocol 107 4.5.3.1 M1: A Challenge from the Operator (A) to the Drone (B) 108 4.5.3.2 M2: A Response from the Drone (B) to the Operator (A) 109 4.5.3.3 M3: Control Message from the Operator to the Drone 109 4.5.3.4 M4: Drone’s Response to the Control Message 110 4.5.3.5 M5: Secure Broadcast of Remote Identification Message 110 4.5.4 Security Analysis 110 4.5.5 Formal Verification 112 4.5.5.1 Declaration of User-Defined Types and Terms 112 4.5.5.2 Declaration of Cryptographic Primitives 113 4.5.5.3 Examples 114 4.5.5.4 Reachability and Secrecy Checking 114 4.5.5.5 Verifying Mutual Authentication 115 4.6 Conclusion 117 References 117 5 Collaborative Intrusion Detection in the Era of IoT: Recent Advances and Challenges 123 Wenjuan Li and Weizhi Meng 5.1 Introduction 123 5.2 Background 124 5.2.1 Background on Intrusion Detection System 124 5.2.2 Collaborative Intrusion Detection Framework 126 5.3 Recent Development of Collaborative Intrusion Detection 128 5.4 Open Challenges and Future Trend 136 5.4.1 Advanced Insider Threats 136 5.4.1.1 Advanced Attacks 136 5.4.1.2 Solutions 137 5.4.2 Open Challenges and Limitations 138 5.4.3 Future Trend 139 5.5 Conclusion 141 References 141 6 Cyber-Securing IoT Infrastructure by Modeling Network Traffic 151 Hassan Habibi Gharakheili, Ayyoob Hamza, and Vijay Sivaraman 6.1 Introduction 151 6.2 Cyber-Attacks on IoT Infrastructure 153 6.2.1 Eavesdropping 154 6.2.1.1 Solutions 154 6.2.2 Network Activity Analysis 154 6.2.2.1 Solutions 154 6.2.3 Active Reconnaissance 155 6.2.3.1 Solutions 155 6.2.4 Volumetric Attack 156 6.2.4.1 Solutions 156 6.2.5 Masquerading Attack 157 6.2.5.1 Solutions 157 6.2.6 Access Attack 158 6.2.6.1 Solutions 158 6.2.7 Active Crypto Attack 158 6.2.7.1 Solutions 159 6.2.8 Data Exfiltration 159 6.2.8.1 Solutions 159 6.2.9 Blocking Attack 160 6.2.9.1 Solutions 160 6.2.10 Sleep Deprivation Attack 160 6.2.10.1 Solutions 161 6.2.11 Trigger Action Attack 161 6.2.11.1 Solutions 161 6.3 Network Behavioral Model of IoTs 162 6.3.1 Enforcing MUD Profile to Network 162 6.3.2 MUD Protection Against Attacks 164 6.3.2.1 To Internet 166 6.3.2.2 From Internet 166 6.3.2.3 From/To Local 168 6.3.3 Monitoring MUD Activity 169 6.4 Conclusion 170 References 170 7 Integrity of IoT Network Flow Records in Encrypted Traffic Analytics 177 Aswani Kumar Cherukuri, Ikram Sumaiya Thaseen, Gang Li, Xiao Liu, Vinamra Das, and Aditya Raj 7.1 Introduction 177 7.2 Background 180 7.2.1 Encrypted Traffic Analytics (ETA) 180 7.2.2 Techniques for ETA 181 7.2.3 Hashing for Flow Record Authentication 182 7.3 Flow Based Telemetry 183 7.3.1 Flow Metadata 183 7.3.2 Flow-Based Approaches 183 7.3.3 Threats on Flow Telemetry 185 7.4 Hashing-Based MAC for Telemetry Data 186 7.5 Experimental Analysis 189 7.5.1 Hashed Flow Records 189 7.5.2 Symmetric Encryption with Hashed Flow Records 192 7.5.3 Asymmetric Encryption with Hashed Flow Records 195 7.6 Conclusion 199 List of Abbreviations 200 Acknowledgment 200 References 200 8 Securing Contemporary eHealth Architectures: Techniques and Methods 207 Naeem F. Syed, Zubair Baig, and Adnan Anwar 8.1 Introduction 207 8.2 eHealth 208 8.2.1 Why IoT Is Important in eHealth? 209 8.2.2 Fog or Edge Computing for eHealth 210 8.2.3 Cloud Computing for eHealth 212 8.2.4 Applications of IoT in eHealth 212 8.2.4.1 Sleep Monitoring System 212 8.2.4.2 Real Time and Advanced Health Diagnoses 213 8.2.4.3 Emotion Detection 213 8.2.4.4 Nutrition Monitoring System 213 8.2.4.5 Detection of Dyslexia 213 8.2.5 eHealth Security 213 8.2.5.1 Implications of eHealth Security for Smart Cities 214 8.3 eHealth Threat Landscape 215 8.3.1 eHealth Threat Model 215 8.3.1.1 eHealth Assets 216 8.3.1.2 eHealth Attack Agents 216 8.3.2 eHealth IoT Vulnerabilities and Threats 218 8.3.2.1 Attacks in BAN 218 8.3.2.2 Attacks in Communication Layer 219 8.3.2.3 Attacks in Healthcare Provider Layer 219 8.3.3 Real-world Attacks 221 8.4 Countermeasures 221 8.4.1 Patient Data Protection 223 8.4.2 Device and Communication Security Measures 224 8.4.2.1 Securing Communication 225 8.4.3 Adaptive Security Framework 226 8.4.4 Use Cases 228 8.5 Conclusion 229 References 230 9 Security and Privacy of Smart Homes: Issues and Solutions 235 Martin Lundgren and Ali Padyab 9.1 Introduction 235 9.2 State-of-the-Art in Smart Homes’ Security and Privacy 236 9.2.1 Smart Home Technologies 236 9.2.2 User-Centric Privacy 237 9.2.3 Consequences of Data Breaches 238 9.2.4 Dimensions of Privacy Concerns 239 9.2.5 Consequences of Information Security 240 9.2.6 A Framework for Security and Privacy Concerns 242 9.3 Privacy Techniques and Mechanisms 244 9.3.1 Cryptography 244 9.3.2 Access Control 246 9.3.3 Privacy Policy 247 9.3.4 Anonymity 248 9.3.5 UI/UX, User Awareness, and Control 249 9.4 Toward Future Solutions 250 9.5 Conclusion 251 References 252 10 IoT Hardware-Based Security: A Generalized Review of Threats and Countermeasures 261 Catherine Higgins, Lucas McDonald, Muhammad Ijaz Ul Haq, and Saqib Hakak 10.1 Introduction 261 10.2 Hardware Attacks 262 10.2.1 IoT Devices 262 10.2.1.1 Node-Level Threats 264 10.2.1.2 RFID Technology 266 10.2.2 Hardware Design Threats 269 10.2.2.1 Fake Replica 269 10.2.2.2 Reverse Engineering 269 10.2.2.3 Intellectual Property Hijacking 270 10.2.2.4 Hardware Trojans 270 10.2.3 Side-Channel Attacks 270 10.2.3.1 Types of Side-Channel Attacks 271 10.3 Physical Security Attacks Countermeasures 274 10.3.1 Mitigation Techniques for IoT Hardware Attacks 275 10.3.2 Side-Channel Attacks 275 10.3.2.1 Hardware Trojans 275 10.3.2.2 Power Analysis Attack 279 10.3.2.3 Timing Attacks 283 10.3.2.4 Electromagnetic Analysis Attacks 284 10.3.2.5 Acoustic Crypto-Analysis Attack 285 10.3.3 Integrated Circuits Security 286 10.3.3.1 Countermeasures 286 10.3.4 Radio Frequency Identification 287 10.3.4.1 Physical Unclonable Function-based Authentication 287 10.3.4.2 Preventing Physical Tampering Attacks (Enhancing Physical Security) 287 10.3.4.3 Preventing Information Leakage 288 10.3.4.4 Preventing Relay Attack 288 10.4 Conclusion 289 Acknowledgment 291 References 291 Index 297

Reviews

Author Information

ALI ISMAIL AWAD, PhD, is currently an Associate Professor with the College of Information Technology (CIT), United Arab Emirates University (UAEU), Al Ain, United Arab Emirates. He is also an Associate Professor with the Department of Computer Science, Electrical and Space Engineering, Luleå University of Technology, Luleå, Sweden. He is an Associate Professor with the Electrical Engineering Department, Faculty of Engineering, Al-Azhar University at Qena, Qena, Egypt. He is also a Visiting Researcher at the University of Plymouth, United Kingdom. Dr. Awad is an Editorial Board Member of the Future Generation Computer Systems Journal, Computers & Security Journal, the Internet of Things, Engineering Cyber Physical Human Systems Journal, Health Information Science and Systems Journal, and IET Image Processing Journal. Dr. Awad is currently an IEEE senior member. JEMAL H. ABAWAJY, PhD, is a full professor at Faculty of Science, Engineering and Built Environment, Deakin University, Australia. He is a Senior Member of IEEE Society; IEEE Technical Committee on Scalable Computing (TCSC); IEEE Technical Committee on Dependable Computing and Fault Tolerance and IEEE Communication Society. His leadership is extensive spanning industrial, academic and professional areas (e.g., IEEE Technical Committee on Scalable Computing, Academic Board, Faculty Board and Research Integrity Advisory Group). Professor Abawajy is currently the Director of the Distributing System Security (DSS).

Tab Content 6

Author Website:  

Customer Reviews

Recent Reviews

No review item found!

Add your own review!

Countries Available

All regions