Faisal Hussain, Syed Ghazanfar Abbas, Ghalib A. Shah, Ivan Miguel Pires, Farrukh Shahzad, Ubaid U. Fayyaz, Nuno M. Garcia, Eftim Zdravevski, MDPI Sensors Journal, 2021.
The Internet of things (IoT) has emerged as a topic of intense interest among the research and industrial community as it has had a revolutionary impact on human life. The rapid growth of IoT technology has revolutionized human life by inaugurating the concept of smart devices, smart healthcare, smart industry, smart city, smart grid, among others. IoT devices’ security has become a serious concern nowadays, especially for the healthcare domain, where recent attacks exposed damaging IoT security vulnerabilities. Traditional network security solutions are well established. However, due to the resource constraint property of IoT devices and the distinct behavior of IoT protocols, the existing security mechanisms cannot be deployed directly for securing the IoT devices and network from the cyber-attacks. To enhance the level of security for IoT, researchers need IoT-specific tools, methods, and datasets. To address the mentioned problem, we provide a framework for developing IoT context-aware security solutions to detect malicious traffic in IoT use cases. The proposed framework consists of a newly created, open-source IoT data generator tool named IoT-Flock. The IoT-Flock tool allows researchers to develop an IoT use-case comprised of both normal and malicious IoT devices and generate traffic. Additionally, the proposed framework provides an open-source utility for converting the captured traffic generated by IoT-Flock into an IoT dataset. Using the proposed framework in this research, we first generated an IoT healthcare dataset that comprises both normal and IoT attack traffic. Afterward, we applied different machine learning techniques to the generated dataset to detect the cyber-attacks and protect the healthcare system from cyber-attacks. The proposed framework will help in developing context-aware IoT security solutions, especially for a sensitive use case like the IoT healthcare environment.
Bilal Imran, M. Ahsan, Bilal Afzal, Ali Hammad, Ghalib A. Shah, MISA: Minimalist Implementation of oneM2M Security Architecture for Constrained IoT Devices, to appear in IEEE Globecom, 2019.
Devices in the Internet of Things (IoT) applications are mostly heterogeneous in nature with constrained resources. There is an ominous need to develop an inter-operable yet secure solution for such devices which, however, cannot be achieved without following a global standard. This paper provides a minimalist implementation of oneM2M standard’s security architecture for IoT devices while considering their constrained nature. We implement our solution in an open-source operating system, i.e. Mbed OS. Specifically, a DTLS over UDP protocol model is implemented for the very first time to develop the oneM2M security association establishment framework. We exploited OS features inasmuch to address few issues pertinent to DTLS implementation which resulted from device constraints while providing in situ improvisations for lacking support in OS. Performance analysis of the DTLS protocol model is carried out on Nucleo L476RG and Raspberry Pi-2 boards. Mbed OS is integrable on ARM Cortex micro-controllers which can allow easier adoption of our work in many constrained IoT platforms.
M. Ahsan, B. Afzal, B. Imran, A. Tanwir, Ali H. Akbar and Ghalib A. Shah, "Architecture Based Secure MQTT Binding in Mbed OS", in proc. of IEEE Euro Security & Privacy Workshop on Software Security for Internet of Things, 2019.
One of the vital research challenge in cyber physical systems is to provide secure communication among multi-vendor devices. OneM2M is a standardization initiative for Internet of Things (IoT) and machine-to-machine communication that offers the specifications to ensure interoperability among currently incompatible devices developed by different vendors. This paper presents the implementation of secure MQTT binding following oneM2M standard architecture to provide interoperability and secure message communication among heterogeneous IoT
devices. It also embeds various architectural functionalities of oneM2M standard within an open source operating system for IoT, namely Mbed OS, to provide secure services to various kinds of IoT applications. To test the implementation of our system architecture, a real-world application scenario of smart home is considered to secure the communication among home appliances.