-
Securing the Future: Proactive Threat Hunting for Sustainable IoT Ecosystems
Authors:
Saeid Ghasemshirazi,
Ghazaleh Shirvani
Abstract:
In the rapidly evolving landscape of the IoT, the security of connected devices has become a paramount concern. This paper explores the concept of proactive threat hunting as a pivotal strategy for enhancing the security and sustainability of IoT systems. Proactive threat hunting is an alternative to traditional reactive security measures that analyses IoT networks continuously and in advance to f…
▽ More
In the rapidly evolving landscape of the IoT, the security of connected devices has become a paramount concern. This paper explores the concept of proactive threat hunting as a pivotal strategy for enhancing the security and sustainability of IoT systems. Proactive threat hunting is an alternative to traditional reactive security measures that analyses IoT networks continuously and in advance to find and eliminate threats before they occure. By improving the security posture of IoT devices this approach significantly contributes to extending IoT operational lifespan and reduces environmental impact. By integrating security metrics similar to the Common Vulnerability Scoring System (CVSS) into consumer platforms, this paper argues that proactive threat hunting can elevate user awareness about the security of IoT devices. This has the potential to impact consumer choices and encourage a security-conscious mindset in both the manufacturing and user communities. Through a comprehensive analysis, this study demonstrates how proactive threat hunting can contribute to the development of a more secure, sustainable, and user-aware IoT ecosystem.
△ Less
Submitted 20 June, 2024;
originally announced June 2024.
-
Towards Sustainable IoT: Challenges, Solutions, and Future Directions for Device Longevity
Authors:
Ghazaleh Shirvani,
Saeid Ghasemshirazi
Abstract:
In an era dominated by the Internet of Things, ensuring the longevity and sustainability of IoT devices has emerged as a pressing concern. This study explores the various complex difficulties which contributed to the early decommissioning of IoT devices and suggests methods to improve their lifespan management. By examining factors such as security vulnerabilities, user awareness gaps, and the inf…
▽ More
In an era dominated by the Internet of Things, ensuring the longevity and sustainability of IoT devices has emerged as a pressing concern. This study explores the various complex difficulties which contributed to the early decommissioning of IoT devices and suggests methods to improve their lifespan management. By examining factors such as security vulnerabilities, user awareness gaps, and the influence of fashion-driven technology trends, the paper underscores the need for legislative interventions, consumer education, and industry accountability. Additionally, it explores innovative approaches to improving IoT longevity, including the integration of sustainability considerations into architectural design through requirements engineering methodologies. Furthermore, the paper discusses the potential of distributed ledger technology, or blockchain, to promote transparent and decentralized processes for device provisioning and tracking. This study promotes a sustainable IoT ecosystem by integrating technology innovation, legal change, and social awareness to reduce environmental impact and enhance resilience for the digital future
△ Less
Submitted 26 May, 2024;
originally announced May 2024.
-
Powering the Future of IoT: Federated Learning for Optimized Power Consumption and Enhanced Privacy
Authors:
Ghazaleh Shirvani,
Saeid Ghasemshirazi
Abstract:
The widespread use of the Internet of Things has led to the development of large amounts of perception data, making it necessary to develop effective and scalable data analysis tools. Federated Learning emerges as a promising paradigm to address the inherent challenges of power consumption and data privacy in IoT environments. This paper explores the transformative potential of FL in enhancing the…
▽ More
The widespread use of the Internet of Things has led to the development of large amounts of perception data, making it necessary to develop effective and scalable data analysis tools. Federated Learning emerges as a promising paradigm to address the inherent challenges of power consumption and data privacy in IoT environments. This paper explores the transformative potential of FL in enhancing the longevity of IoT devices by mitigating power consumption and enhancing privacy and security measures. We delve into the intricacies of FL, elucidating its components and applications within IoT ecosystems. Additionally, we discuss the critical characteristics and challenges of IoT, highlighting the need for such machine learning solutions in processing perception data. While FL introduces many benefits for IoT sustainability, it also has limitations. Through a comprehensive discussion and analysis, this paper elucidates the opportunities and constraints of FL in sha** the future of sustainable and secure IoT systems. Our findings highlight the importance of develo** new approaches and conducting additional research to maximise the benefits of FL in creating a secure and privacy-focused IoT environment.
△ Less
Submitted 5 May, 2024;
originally announced May 2024.
-
Enhancing IoT Security Against DDoS Attacks through Federated Learning
Authors:
Ghazaleh Shirvani,
Saeid Ghasemshirazi,
Mohammad Ali Alipour
Abstract:
The rapid proliferation of the Internet of Things (IoT) has ushered in transformative connectivity between physical devices and the digital realm. Nonetheless, the escalating threat of Distributed Denial of Service (DDoS) attacks jeopardizes the integrity and reliability of IoT networks. Conventional DDoS mitigation approaches are ill-equipped to handle the intricacies of IoT ecosystems, potential…
▽ More
The rapid proliferation of the Internet of Things (IoT) has ushered in transformative connectivity between physical devices and the digital realm. Nonetheless, the escalating threat of Distributed Denial of Service (DDoS) attacks jeopardizes the integrity and reliability of IoT networks. Conventional DDoS mitigation approaches are ill-equipped to handle the intricacies of IoT ecosystems, potentially compromising data privacy. This paper introduces an innovative strategy to bolster the security of IoT networks against DDoS attacks by harnessing the power of Federated Learning that allows multiple IoT devices or edge nodes to collaboratively build a global model while preserving data privacy and minimizing communication overhead. The research aims to investigate Federated Learning's effectiveness in detecting and mitigating DDoS attacks in IoT. Our proposed framework leverages IoT devices' collective intelligence for real-time attack detection without compromising sensitive data. This study proposes innovative deep autoencoder approaches for data dimensionality reduction, retraining, and partial selection to enhance the performance and stability of the proposed model. Additionally, two renowned aggregation algorithms, FedAvg and FedAvgM, are employed in this research. Various metrics, including true positive rate, false positive rate, and F1-score, are employed to evaluate the model. The dataset utilized in this research, N-BaIoT, exhibits non-IID data distribution, where data categories are distributed quite differently. The negative impact of these distribution disparities is managed by employing retraining and partial selection techniques, enhancing the final model's stability. Furthermore, evaluation results demonstrate that the FedAvgM aggregation algorithm outperforms FedAvg, indicating that in non-IID datasets, FedAvgM provides better stability and performance.
△ Less
Submitted 16 March, 2024;
originally announced March 2024.
-
Federated Learning: Attacks, Defenses, Opportunities, and Challenges
Authors:
Ghazaleh Shirvani,
Saeid Ghasemshirazi,
Behzad Beigzadeh
Abstract:
Using dispersed data and training, federated learning (FL) moves AI capabilities to edge devices or does tasks locally. Many consider FL the start of a new era in AI, yet it is still immature. FL has not garnered the community's trust since its security and privacy implications are controversial. FL's security and privacy concerns must be discovered, analyzed, and recorded before widespread usage…
▽ More
Using dispersed data and training, federated learning (FL) moves AI capabilities to edge devices or does tasks locally. Many consider FL the start of a new era in AI, yet it is still immature. FL has not garnered the community's trust since its security and privacy implications are controversial. FL's security and privacy concerns must be discovered, analyzed, and recorded before widespread usage and adoption. A solid comprehension of risk variables allows an FL practitioner to construct a secure environment and provide researchers with a clear perspective of potential study fields, making FL the best solution in situations where security and privacy are primary issues. This research aims to deliver a complete overview of FL's security and privacy features to help bridge the gap between current federated AI and broad adoption in the future. In this paper, we present a comprehensive overview of the attack surface to investigate FL's existing challenges and defense measures to evaluate its robustness and reliability. According to our study, security concerns regarding FL are more frequent than privacy issues. Communication bottlenecks, poisoning, and backdoor attacks represent FL's privacy's most significant security threats. In the final part, we detail future research that will assist FL in adapting to real-world settings.
△ Less
Submitted 9 March, 2024;
originally announced March 2024.
-
Zero Trust: Applications, Challenges, and Opportunities
Authors:
Saeid Ghasemshirazi,
Ghazaleh Shirvani,
Mohammad Ali Alipour
Abstract:
The escalating complexity of cybersecurity threats necessitates innovative approaches to safeguard digital assets and sensitive information. The Zero Trust paradigm offers a transformative solution by challenging conventional security models and emphasizing continuous verification and least privilege access. This survey comprehensively explores the theoretical foundations, practical implementation…
▽ More
The escalating complexity of cybersecurity threats necessitates innovative approaches to safeguard digital assets and sensitive information. The Zero Trust paradigm offers a transformative solution by challenging conventional security models and emphasizing continuous verification and least privilege access. This survey comprehensively explores the theoretical foundations, practical implementations, applications, challenges, and future trends of Zero Trust. Through meticulous analysis, we highlight the relevance of Zero Trust in securing cloud environments, facilitating remote work, and protecting the Internet of Things (IoT) ecosystem. While cultural barriers and technical complexities present challenges, their mitigation unlocks Zero Trust's potential. Integrating Zero Trust with emerging technologies like AI and machine learning augments its efficacy, promising a dynamic and responsive security landscape. Embracing Zero Trust empowers organizations to navigate the ever-evolving cybersecurity realm with resilience and adaptability, redefining trust in the digital age.
△ Less
Submitted 7 September, 2023;
originally announced September 2023.
-
Enabling a Zero Trust Architecture in a 5G-enabled Smart Grid
Authors:
Mohammad Ali Alipour,
Saeid Ghasemshirazi,
Ghazaleh Shirvani
Abstract:
One of the most promising applications of the IoT is the Smart Grid (SG). Integrating SG's data communications network into the power grid allows gathering and analyzing information from power lines, distribution power stations, and end users. A smart grid (SG) requires a prompt and dependable connection to provide real-time monitoring through the IoT. Hence 5G could be considered a catalyst for u…
▽ More
One of the most promising applications of the IoT is the Smart Grid (SG). Integrating SG's data communications network into the power grid allows gathering and analyzing information from power lines, distribution power stations, and end users. A smart grid (SG) requires a prompt and dependable connection to provide real-time monitoring through the IoT. Hence 5G could be considered a catalyst for upgrading the existing power grid systems. Nonetheless, the additional attack surface of information infrastructure has been brought about by the widespread adoption of ubiquitous connectivity in 5G, to which the typical information security system in the smart grid cannot respond promptly. Therefore, guaranteeing the Privacy and Security of a network in a threatening, ever-changing environment requires groundbreaking architectures that go well beyond the limitations of traditional, static security measures. With "Continuous Identity Authentication and Dynamic Access Control" as its foundation, this article analyzes the Zero Trust (ZT) architecture specific to the power system of IoT and uses that knowledge to develop a security protection architecture.
△ Less
Submitted 21 October, 2022; v1 submitted 4 October, 2022;
originally announced October 2022.