Faisal Hussain, Syed Ghazanfar Abbas, Ghalib A. Shah, Ivan Miguel Pires, Farrukh Shahzad, Ubaid U. Fayyaz, Nuno M. Garcia, Eftim Zdravevski, MDPI Sensors Journal, 2021.

The Internet of things (IoT) has emerged as a topic of intense interest among the research and industrial community as it has had a revolutionary impact on human life. The rapid growth of IoT technology has revolutionized human life by inaugurating the concept of smart devices, smart healthcare, smart industry, smart city, smart grid, among others. IoT devices’ security has become a serious concern nowadays, especially for the healthcare domain, where recent attacks exposed damaging IoT security vulnerabilities. Traditional network security solutions are well established. However, due to the resource constraint property of IoT devices and the distinct behavior of IoT protocols, the existing security mechanisms cannot be deployed directly for securing the IoT devices and network from the cyber-attacks. To enhance the level of security for IoT, researchers need IoT-specific tools, methods, and datasets. To address the mentioned problem, we provide a framework for developing IoT context-aware security solutions to detect malicious traffic in IoT use cases. The proposed framework consists of a newly created, open-source IoT data generator tool named IoT-Flock. The IoT-Flock tool allows researchers to develop an IoT use-case comprised of both normal and malicious IoT devices and generate traffic. Additionally, the proposed framework provides an open-source utility for converting the captured traffic generated by IoT-Flock into an IoT dataset. Using the proposed framework in this research, we first generated an IoT healthcare dataset that comprises both normal and IoT attack traffic. Afterward, we applied different machine learning techniques to the generated dataset to detect the cyber-attacks and protect the healthcare system from cyber-attacks. The proposed framework will help in developing context-aware IoT security solutions, especially for a sensitive use case like the IoT healthcare environment.

read more….

Bilal Imran, M. Ahsan, Bilal Afzal, Ali Hammad, Ghalib A. Shah, MISA: Minimalist Implementation of oneM2M Security Architecture for Constrained IoT Devices, to appear in IEEE Globecom, 2019.

Devices in the Internet of Things (IoT) applications are mostly heterogeneous in nature with constrained resources. There is an ominous need to develop an inter-operable yet secure solution for such devices which, however, cannot be achieved without following a global standard. This paper provides a minimalist implementation of oneM2M standard’s security architecture for IoT devices while considering their constrained nature. We implement our solution in an open-source operating system, i.e. Mbed OS. Specifically, a DTLS over UDP protocol model is implemented for the very first time to develop the oneM2M security association establishment framework. We exploited OS features inasmuch to address few issues pertinent to DTLS implementation which resulted from device constraints while providing in situ improvisations for lacking support in OS. Performance analysis of the DTLS protocol model is carried out on Nucleo L476RG and Raspberry Pi-2 boards. Mbed OS is integrable on ARM Cortex micro-controllers which can allow easier adoption of our work in many constrained IoT platforms. 

read more….

M. Ahsan, B. Afzal, B. Imran, A. Tanwir, Ali H. Akbar and Ghalib A. Shah, "Architecture Based Secure MQTT Binding in Mbed OS", in proc. of IEEE Euro Security & Privacy Workshop on Software Security for Internet of Things, 2019.

One of the vital research challenge in cyber physical systems is to provide secure communication among multi-vendor devices. OneM2M is a standardization initiative for Internet of Things (IoT) and machine-to-machine communication that offers the specifications to ensure interoperability among currently incompatible devices developed by different vendors. This paper presents the implementation of secure MQTT binding following oneM2M standard architecture to provide interoperability and secure message communication among heterogeneous IoT
devices. It also embeds various architectural functionalities of oneM2M standard within an open source operating system for IoT, namely Mbed OS, to provide secure services to various kinds of IoT applications. To test the implementation of our system architecture, a real-world application scenario of smart home is considered to secure the communication among home appliances.

 read more….

I. Nadir, H. Mahmood, Ghalib A. Shah, Zafeer Ahmed, "An Auditing Framework For Vulnerability Analysis of IoT System", in proc. of IEEE Euro Security & Privacy Workshop on Software Security for Internet of Things, 2019.

Introduction of IoT is a big step towards the convergence of physical and virtual world as everyday objects are connected to the internet nowadays. But due to its diversity and resource constraint nature, the security of these devices in the real world has become a major challenge. Although a number of security frameworks have been suggested to ensure the security of IoT devices, frameworks for auditing this security are rare. We propose an open-source framework to audit the security of IoT devices covering hardware, firmware and communication vulnerabilities. Using existing open-source tools, we formulate a modular approach towards the implementation of the proposed framework. Standout features in the suggested framework are its modular design, extensibility, scalability, tools integration and primarily autonomous nature. The principal focus of the framework is to automate the process of auditing. The paper further mentions some tools that can be incorporated in different modules of the framework. Finally, we validate the feasibility of our framework by auditing an IoT device using proposed toolchain.

Bilal Afzal, Muhammad Umair, Ghalib Asadullah Shah, Ejaz Ahmed, “Enabling IoT platforms for social IoT applications: Vision, feature mapping, and challenges,” Future Generation Computer Systems, Volume 92, 2019, Pages 718-731

Social IoT (SIoT) is an emerging paradigm of IoT in which different IoT devices interact and establish relationships with each other to achieve a common goal. In essence, SIoT adapts a service-oriented architecture where heterogeneous IoT devices can offer or request autonomous services and collaborate on behalf of their owners. Operating Systems (OSs) are employed in IoT devices as they offer portability, threading support and access to development libraries; thus allowing easiness in IoT application development. Several OSs are available for IoT devices, but selecting an OS and hardware befitting for a particular IoT application is a critical task. In case of SIoT, the specific OS selection for hardware devices in various applications is even more challenging because of their collaborative nature. Existing surveys on OSs are mostly domain oriented and lack the discussion on hardware architectural features. As a consequence, it is infeasible for developers to choose best-suited OS for various hardware platforms which results in their underperformance in many application scenarios. This paper considers standard features of OS as well as hardware IoT platforms and provides an OS-to-hardware architectures features-mapping while exploring the unique requirements of SIoT applications. In doing so, resource-constrained IoT devices are particularly emphasized due to their memory constraints and power limitations. Further, a model OS architecture is proposed for devices in SIoT applications and associated open research challenges are identified. This research will benefit developers to best utilize IoT platform resources and to envisage an efficient OS for futuristic SIoT applications.

Bilal Imran, Muhammad Ahsan, Ali Hammad Akbar, Ghalib A. Shah, “SecGW: Security for MQTT-SN Gateway Application”, Submitted: ACM Conference on Embedded Networked Sensor Systems (SenSys 2020)

Bilal Imran, Muhammad Ahsan, Ali H. Akbar, Ubaid U. Fayyaz and Ghalib A. Shah, “LaSeR: Lightweight and Secure Registration Mechanism for Constrained IoT Devices”, IEEE Internet of Things Journal.