The Internet of Healthcare Things(IoHT)marks a significant breakthrough in modern medicine by enabling a new era of healthcare services.IoHT supports real-time,continuous,and personalized monitoring of patients’healt...The Internet of Healthcare Things(IoHT)marks a significant breakthrough in modern medicine by enabling a new era of healthcare services.IoHT supports real-time,continuous,and personalized monitoring of patients’health conditions.However,the security of sensitive data exchanged within IoHT remains a major concern,as the widespread connectivity and wireless nature of these systems expose them to various vulnerabilities.Potential threats include unauthorized access,device compromise,data breaches,and data alteration,all of which may compromise the confidentiality and integrity of patient information.In this paper,we provide an in-depth security analysis of LAP-IoHT,an authentication scheme designed to ensure secure communication in Internet of Healthcare Things environments.This analysis reveals several vulnerabilities in the LAP-IoHT protocol,namely its inability to resist various attacks,including user impersonation and privileged insider threats.To address these issues,we introduce LSAP-IoHT,a secure and lightweight authentication protocol for the Internet of Healthcare Things(IoHT).This protocol leverages Elliptic Curve Cryptography(ECC),Physical Unclonable Functions(PUFs),and Three-Factor Authentication(3FA).Its security is validated through both informal analysis and formal verification using the Scyther tool and the Real-Or-Random(ROR)model.The results demonstrate strong resistance against man-in-the-middle(MITM)attacks,replay attacks,identity spoofing,stolen smart device attacks,and insider threats,while maintaining low computational and communication costs.展开更多
Internet of Vehicles(IoV)is an evolution of the Internet of Things(IoT)to improve the capabilities of vehicular ad-hoc networks(VANETs)in intelligence transport systems.The network topology in IoV paradigm is highly d...Internet of Vehicles(IoV)is an evolution of the Internet of Things(IoT)to improve the capabilities of vehicular ad-hoc networks(VANETs)in intelligence transport systems.The network topology in IoV paradigm is highly dynamic.Clustering is one of the promising solutions to maintain the route stability in the dynamic network.However,existing algorithms consume a considerable amount of time in the cluster head(CH)selection process.Thus,this study proposes a mobility aware dynamic clustering-based routing(MADCR)protocol in IoV to maximize the lifespan of networks and reduce the end-to-end delay of vehicles.The MADCR protocol consists of cluster formation and CH selection processes.A cluster is formed on the basis of Euclidean distance.The CH is then chosen using the mayfly optimization algorithm(MOA).The CH subsequently receives vehicle data and forwards such data to the Road Side Unit(RSU).The performance of the MADCR protocol is compared with that ofAnt Colony Optimization(ACO),Comprehensive Learning Particle Swarm Optimization(CLPSO),and Clustering Algorithm for Internet of Vehicles based on Dragonfly Optimizer(CAVDO).The proposed MADCR protocol decreases the end-toend delay by 5–80 ms and increases the packet delivery ratio by 5%–15%.展开更多
This paper evaluates the performance of Internet Protocol Security (IPSec) based Multiprotocol Label Switching (MPLS) virtual private network (VPN) in a small to medium sized organization. The demand for security in d...This paper evaluates the performance of Internet Protocol Security (IPSec) based Multiprotocol Label Switching (MPLS) virtual private network (VPN) in a small to medium sized organization. The demand for security in data networks has been increasing owing to the high cyber attacks and potential risks associated with networks spread over distant geographical locations. The MPLS networks ride on the public network backbone that is porous and highly susceptible to attacks and so the need for reliable security mechanisms to be part of the deployment plan. The evaluation criteria concentrated on Voice over Internet Protocol (VoIP) and Video conferencing with keen interest in jitter, end to end delivery and general data flow. This study used both structured questionnaire and observation methods. The structured questionnaire was administered to a group of 70 VPN users in a company. This provided the study with precise responses. The observation method was used in data simulations using OPNET Version 14.5 Simulation software. The results show that the IPSec features increase the size of data packets by approximately 9.98% translating into approximately 90.02% effectiveness. The tests showed that the performance metrics are all well within the recommended standards. The IPSec Based MPLS Virtual private network is more stable and secure than one without IPSec.展开更多
In order to incorporate smart elements into distribution networks at ITELCA laboratories in Bogotá-Colombia, a Machine-to-Machine-based solution has been developed. This solution aids in the process of low-cost e...In order to incorporate smart elements into distribution networks at ITELCA laboratories in Bogotá-Colombia, a Machine-to-Machine-based solution has been developed. This solution aids in the process of low-cost electrical fault location, which contributes to improving quality of service, particularly by shortening interruption time spans in mid-voltage grids. The implementation makes use of MQTT protocol with an intensive use of Internet of things (IoT) environment which guarantees the following properties within the automation process: Advanced reports and statistics, remote command execution on one or more units (groups of units), detailed monitoring of remote units and custom alarm mechanism and firmware upgrade on one or more units (groups of units). This kind of implementation is the first one in Colombia and it is able to automatically recover from an N-1 fault.展开更多
The Internet of Things (IoT) is a large-scale network of devices capable of sensing, data processing, and communicating with each other through different communication protocols. In today's technology ecosystem, I...The Internet of Things (IoT) is a large-scale network of devices capable of sensing, data processing, and communicating with each other through different communication protocols. In today's technology ecosystem, IoT interacts with many application areas such as smart city, smart building, security, traffic, remote monitoring, health, energy, disaster, agriculture, industry. The IoT network in these scenarios comprises tiny devices, gateways, and cloud platforms. An IoT network is able to keep these fundamental components in transmission under many conditions with lightweight communication protocols taking into account the limited hardware features (memory, processor, energy, etc.) of tiny devices. These lightweight communication protocols affect the network traffic, reliability, bandwidth, and energy consumption of the IoT application. Therefore, determining the most proper communication protocol for application developers emerges as an important engineering problem. This paper presents a straightforward overview of the lightweight communication protocols, technological advancements in application layer for the IoT ecosystem. The survey then analyzes various recent lightweight communication protocols and reviews their strengths and limitations. In addition, the paper explains the experimental comparison of Constrained Applications Protocol (CoAP), Message Queuing Telemetry (MQTT), and WebSocket protocols, more convenient for tiny IoT devices. Finally, we discuss future research directions of communication protocols for IoT.展开更多
Based on the analysis of the covert channel's working mechanism of the internet control message protocol (ICMP) in internet protocol version 4 (IPv4) and Internet Protocol version 6 (IPv6), the ICMP covert cha...Based on the analysis of the covert channel's working mechanism of the internet control message protocol (ICMP) in internet protocol version 4 (IPv4) and Internet Protocol version 6 (IPv6), the ICMP covert channd's algorithms of the IPv4 and IPv6 are presented, which enable automatic channeling upon IPv4/v6 nodes with non-IPv4-compatible address, and the key transmission is achieved by using this channel in the embedded Internet terminal. The result shows that the covert channel's algorithm, which we implemented if, set correct, the messages of this covert channel might go through the gateway and enter the local area network.展开更多
This study focuses on testing and quality measurement and analysis of VoIPv6 performance. A client, server codes were developed using FreeBSD. This is a step before analyzing the Architectures of VoIPv6 in the current...This study focuses on testing and quality measurement and analysis of VoIPv6 performance. A client, server codes were developed using FreeBSD. This is a step before analyzing the Architectures of VoIPv6 in the current internet in order for it to cope with IPv6 traffic transmission requirements in general and specifically voice traffic, which is being attracting the efforts of research, bodes currently. These tests were conducted in the application level without looking into the network level of the network. VoIPv6 performance tests were conducted in the current tunneled and native IPv6 aiming for better end-to-end VoIPv6 performance. The results obtained in this study were shown in deferent codec's for different bit rates in Kilo bits per second, which act as an indicator for the better performance of G.711 compared with the rest of the tested codes.展开更多
Energy conservation is a significant task in the Internet of Things(IoT)because IoT involves highly resource-constrained devices.Clustering is an effective technique for saving energy by reducing duplicate data.In a c...Energy conservation is a significant task in the Internet of Things(IoT)because IoT involves highly resource-constrained devices.Clustering is an effective technique for saving energy by reducing duplicate data.In a clustering protocol,the selection of a cluster head(CH)plays a key role in prolonging the lifetime of a network.However,most cluster-based protocols,including routing protocols for low-power and lossy networks(RPLs),have used fuzzy logic and probabilistic approaches to select the CH node.Consequently,early battery depletion is produced near the sink.To overcome this issue,a lion optimization algorithm(LOA)for selecting CH in RPL is proposed in this study.LOA-RPL comprises three processes:cluster formation,CH selection,and route establishment.A cluster is formed using the Euclidean distance.CH selection is performed using LOA.Route establishment is implemented using residual energy information.An extensive simulation is conducted in the network simulator ns-3 on various parameters,such as network lifetime,power consumption,packet delivery ratio(PDR),and throughput.The performance of LOA-RPL is also compared with those of RPL,fuzzy rule-based energyefficient clustering and immune-inspired routing(FEEC-IIR),and the routing scheme for IoT that uses shuffled frog-leaping optimization algorithm(RISARPL).The performance evaluation metrics used in this study are network lifetime,power consumption,PDR,and throughput.The proposed LOARPL increases network lifetime by 20%and PDR by 5%–10%compared with RPL,FEEC-IIR,and RISA-RPL.LOA-RPL is also highly energy-efficient compared with other similar routing protocols.展开更多
The Internet Control Message Protocol(ICMP)covert tunnel refers to a network attack that encapsulates malicious data in the data part of the ICMP protocol for transmission.Its concealment is stronger and it is not eas...The Internet Control Message Protocol(ICMP)covert tunnel refers to a network attack that encapsulates malicious data in the data part of the ICMP protocol for transmission.Its concealment is stronger and it is not easy to be discovered.Most detection methods are detecting the existence of channels instead of clarifying specific attack intentions.In this paper,we propose an ICMP covert tunnel attack intent detection framework ICMPTend,which includes five steps:data collection,feature dictionary construction,data preprocessing,model construction,and attack intent prediction.ICMPTend can detect a variety of attack intentions,such as shell attacks,sensitive directory access,communication protocol traffic theft,filling tunnel reserved words,and other common network attacks.We extract features from five types of attack intent found in ICMP channels.We build a multi-dimensional dictionary of malicious features,including shell attacks,sensitive directory access,communication protocol traffic theft,filling tunnel reserved words,and other common network attack keywords.For the high-dimensional and independent characteristics of ICMP traffic,we use a support vector machine(SVM)as a multi-class classifier.The experimental results show that the average accuracy of ICMPTend is 92%,training ICMPTend only takes 55 s,and the prediction time is only 2 s,which can effectively identify the attack intention of ICMP.展开更多
Accurate time synchronization is fundamental to the correct and efficient operation of Wireless Sensor Networks(WSNs),especially in security-critical,time-sensitive applications.However,most existing protocols degrade...Accurate time synchronization is fundamental to the correct and efficient operation of Wireless Sensor Networks(WSNs),especially in security-critical,time-sensitive applications.However,most existing protocols degrade substantially under malicious interference.We introduce iSTSP,an Intelligent and Secure Time Synchronization Protocol that implements a four-stage defense pipeline to ensure robust,precise synchronization even in hostile environments:(1)trust preprocessing that filters node participation using behavioral trust scoring;(2)anomaly isolation employing a lightweight autoencoder to detect and excise malicious nodes in real time;(3)reliability-weighted consensus that prioritizes high-trust nodes during time aggregation;and(4)convergence-optimized synchronization that dynamically adjusts parameters using theoretical stability bounds.We provide rigorous convergence analysis including a closed-form expression for convergence time,and validate the protocol through both simulations and realworld experiments on a controlled 16-node testbed.Under Sybil attacks with five malicious nodes within this testbed,iSTSP maintains synchronization error increases under 12%and achieves a rapid convergence.Compared to state-ofthe-art protocols like TPSN,SE-FTSP,and MMAR-CTS,iSTSP offers 60%faster detection,broader threat coverage,and more than 7 times lower synchronization error,with a modest 9.3%energy overhead over 8 h.We argue this is an acceptable trade-off for mission-critical deployments requiring guaranteed security.These findings demonstrate iSTSP’s potential as a reliable solution for secure WSN synchronization and motivate future work on large-scale IoT deployments and integration with energy-efficient communication protocols.展开更多
文摘The Internet of Healthcare Things(IoHT)marks a significant breakthrough in modern medicine by enabling a new era of healthcare services.IoHT supports real-time,continuous,and personalized monitoring of patients’health conditions.However,the security of sensitive data exchanged within IoHT remains a major concern,as the widespread connectivity and wireless nature of these systems expose them to various vulnerabilities.Potential threats include unauthorized access,device compromise,data breaches,and data alteration,all of which may compromise the confidentiality and integrity of patient information.In this paper,we provide an in-depth security analysis of LAP-IoHT,an authentication scheme designed to ensure secure communication in Internet of Healthcare Things environments.This analysis reveals several vulnerabilities in the LAP-IoHT protocol,namely its inability to resist various attacks,including user impersonation and privileged insider threats.To address these issues,we introduce LSAP-IoHT,a secure and lightweight authentication protocol for the Internet of Healthcare Things(IoHT).This protocol leverages Elliptic Curve Cryptography(ECC),Physical Unclonable Functions(PUFs),and Three-Factor Authentication(3FA).Its security is validated through both informal analysis and formal verification using the Scyther tool and the Real-Or-Random(ROR)model.The results demonstrate strong resistance against man-in-the-middle(MITM)attacks,replay attacks,identity spoofing,stolen smart device attacks,and insider threats,while maintaining low computational and communication costs.
基金This work was supported by National Natural Science Foundation of China(No.61821001)Science and Tech-nology Key Project of Guangdong Province,China(2019B010157001).
文摘Internet of Vehicles(IoV)is an evolution of the Internet of Things(IoT)to improve the capabilities of vehicular ad-hoc networks(VANETs)in intelligence transport systems.The network topology in IoV paradigm is highly dynamic.Clustering is one of the promising solutions to maintain the route stability in the dynamic network.However,existing algorithms consume a considerable amount of time in the cluster head(CH)selection process.Thus,this study proposes a mobility aware dynamic clustering-based routing(MADCR)protocol in IoV to maximize the lifespan of networks and reduce the end-to-end delay of vehicles.The MADCR protocol consists of cluster formation and CH selection processes.A cluster is formed on the basis of Euclidean distance.The CH is then chosen using the mayfly optimization algorithm(MOA).The CH subsequently receives vehicle data and forwards such data to the Road Side Unit(RSU).The performance of the MADCR protocol is compared with that ofAnt Colony Optimization(ACO),Comprehensive Learning Particle Swarm Optimization(CLPSO),and Clustering Algorithm for Internet of Vehicles based on Dragonfly Optimizer(CAVDO).The proposed MADCR protocol decreases the end-toend delay by 5–80 ms and increases the packet delivery ratio by 5%–15%.
文摘This paper evaluates the performance of Internet Protocol Security (IPSec) based Multiprotocol Label Switching (MPLS) virtual private network (VPN) in a small to medium sized organization. The demand for security in data networks has been increasing owing to the high cyber attacks and potential risks associated with networks spread over distant geographical locations. The MPLS networks ride on the public network backbone that is porous and highly susceptible to attacks and so the need for reliable security mechanisms to be part of the deployment plan. The evaluation criteria concentrated on Voice over Internet Protocol (VoIP) and Video conferencing with keen interest in jitter, end to end delivery and general data flow. This study used both structured questionnaire and observation methods. The structured questionnaire was administered to a group of 70 VPN users in a company. This provided the study with precise responses. The observation method was used in data simulations using OPNET Version 14.5 Simulation software. The results show that the IPSec features increase the size of data packets by approximately 9.98% translating into approximately 90.02% effectiveness. The tests showed that the performance metrics are all well within the recommended standards. The IPSec Based MPLS Virtual private network is more stable and secure than one without IPSec.
文摘In order to incorporate smart elements into distribution networks at ITELCA laboratories in Bogotá-Colombia, a Machine-to-Machine-based solution has been developed. This solution aids in the process of low-cost electrical fault location, which contributes to improving quality of service, particularly by shortening interruption time spans in mid-voltage grids. The implementation makes use of MQTT protocol with an intensive use of Internet of things (IoT) environment which guarantees the following properties within the automation process: Advanced reports and statistics, remote command execution on one or more units (groups of units), detailed monitoring of remote units and custom alarm mechanism and firmware upgrade on one or more units (groups of units). This kind of implementation is the first one in Colombia and it is able to automatically recover from an N-1 fault.
文摘The Internet of Things (IoT) is a large-scale network of devices capable of sensing, data processing, and communicating with each other through different communication protocols. In today's technology ecosystem, IoT interacts with many application areas such as smart city, smart building, security, traffic, remote monitoring, health, energy, disaster, agriculture, industry. The IoT network in these scenarios comprises tiny devices, gateways, and cloud platforms. An IoT network is able to keep these fundamental components in transmission under many conditions with lightweight communication protocols taking into account the limited hardware features (memory, processor, energy, etc.) of tiny devices. These lightweight communication protocols affect the network traffic, reliability, bandwidth, and energy consumption of the IoT application. Therefore, determining the most proper communication protocol for application developers emerges as an important engineering problem. This paper presents a straightforward overview of the lightweight communication protocols, technological advancements in application layer for the IoT ecosystem. The survey then analyzes various recent lightweight communication protocols and reviews their strengths and limitations. In addition, the paper explains the experimental comparison of Constrained Applications Protocol (CoAP), Message Queuing Telemetry (MQTT), and WebSocket protocols, more convenient for tiny IoT devices. Finally, we discuss future research directions of communication protocols for IoT.
基金Supported by the National Natural Science Foun-dation of China (90104005 ,66973034)
文摘Based on the analysis of the covert channel's working mechanism of the internet control message protocol (ICMP) in internet protocol version 4 (IPv4) and Internet Protocol version 6 (IPv6), the ICMP covert channd's algorithms of the IPv4 and IPv6 are presented, which enable automatic channeling upon IPv4/v6 nodes with non-IPv4-compatible address, and the key transmission is achieved by using this channel in the embedded Internet terminal. The result shows that the covert channel's algorithm, which we implemented if, set correct, the messages of this covert channel might go through the gateway and enter the local area network.
文摘This study focuses on testing and quality measurement and analysis of VoIPv6 performance. A client, server codes were developed using FreeBSD. This is a step before analyzing the Architectures of VoIPv6 in the current internet in order for it to cope with IPv6 traffic transmission requirements in general and specifically voice traffic, which is being attracting the efforts of research, bodes currently. These tests were conducted in the application level without looking into the network level of the network. VoIPv6 performance tests were conducted in the current tunneled and native IPv6 aiming for better end-to-end VoIPv6 performance. The results obtained in this study were shown in deferent codec's for different bit rates in Kilo bits per second, which act as an indicator for the better performance of G.711 compared with the rest of the tested codes.
基金This research was supported by X-mind Corps program of National Research Foundation of Korea(NRF)funded by the Ministry of Science,ICT(No.2019H1D8A1105622)the Soonchunhyang University Research Fund.
文摘Energy conservation is a significant task in the Internet of Things(IoT)because IoT involves highly resource-constrained devices.Clustering is an effective technique for saving energy by reducing duplicate data.In a clustering protocol,the selection of a cluster head(CH)plays a key role in prolonging the lifetime of a network.However,most cluster-based protocols,including routing protocols for low-power and lossy networks(RPLs),have used fuzzy logic and probabilistic approaches to select the CH node.Consequently,early battery depletion is produced near the sink.To overcome this issue,a lion optimization algorithm(LOA)for selecting CH in RPL is proposed in this study.LOA-RPL comprises three processes:cluster formation,CH selection,and route establishment.A cluster is formed using the Euclidean distance.CH selection is performed using LOA.Route establishment is implemented using residual energy information.An extensive simulation is conducted in the network simulator ns-3 on various parameters,such as network lifetime,power consumption,packet delivery ratio(PDR),and throughput.The performance of LOA-RPL is also compared with those of RPL,fuzzy rule-based energyefficient clustering and immune-inspired routing(FEEC-IIR),and the routing scheme for IoT that uses shuffled frog-leaping optimization algorithm(RISARPL).The performance evaluation metrics used in this study are network lifetime,power consumption,PDR,and throughput.The proposed LOARPL increases network lifetime by 20%and PDR by 5%–10%compared with RPL,FEEC-IIR,and RISA-RPL.LOA-RPL is also highly energy-efficient compared with other similar routing protocols.
基金This research was supported by National Natural Science Foundation of China(Grant Nos.61972048,62072051).
文摘The Internet Control Message Protocol(ICMP)covert tunnel refers to a network attack that encapsulates malicious data in the data part of the ICMP protocol for transmission.Its concealment is stronger and it is not easy to be discovered.Most detection methods are detecting the existence of channels instead of clarifying specific attack intentions.In this paper,we propose an ICMP covert tunnel attack intent detection framework ICMPTend,which includes five steps:data collection,feature dictionary construction,data preprocessing,model construction,and attack intent prediction.ICMPTend can detect a variety of attack intentions,such as shell attacks,sensitive directory access,communication protocol traffic theft,filling tunnel reserved words,and other common network attacks.We extract features from five types of attack intent found in ICMP channels.We build a multi-dimensional dictionary of malicious features,including shell attacks,sensitive directory access,communication protocol traffic theft,filling tunnel reserved words,and other common network attack keywords.For the high-dimensional and independent characteristics of ICMP traffic,we use a support vector machine(SVM)as a multi-class classifier.The experimental results show that the average accuracy of ICMPTend is 92%,training ICMPTend only takes 55 s,and the prediction time is only 2 s,which can effectively identify the attack intention of ICMP.
基金this project under Geran Putra Inisiatif(GPI)with reference of GP-GPI/2023/976210。
文摘Accurate time synchronization is fundamental to the correct and efficient operation of Wireless Sensor Networks(WSNs),especially in security-critical,time-sensitive applications.However,most existing protocols degrade substantially under malicious interference.We introduce iSTSP,an Intelligent and Secure Time Synchronization Protocol that implements a four-stage defense pipeline to ensure robust,precise synchronization even in hostile environments:(1)trust preprocessing that filters node participation using behavioral trust scoring;(2)anomaly isolation employing a lightweight autoencoder to detect and excise malicious nodes in real time;(3)reliability-weighted consensus that prioritizes high-trust nodes during time aggregation;and(4)convergence-optimized synchronization that dynamically adjusts parameters using theoretical stability bounds.We provide rigorous convergence analysis including a closed-form expression for convergence time,and validate the protocol through both simulations and realworld experiments on a controlled 16-node testbed.Under Sybil attacks with five malicious nodes within this testbed,iSTSP maintains synchronization error increases under 12%and achieves a rapid convergence.Compared to state-ofthe-art protocols like TPSN,SE-FTSP,and MMAR-CTS,iSTSP offers 60%faster detection,broader threat coverage,and more than 7 times lower synchronization error,with a modest 9.3%energy overhead over 8 h.We argue this is an acceptable trade-off for mission-critical deployments requiring guaranteed security.These findings demonstrate iSTSP’s potential as a reliable solution for secure WSN synchronization and motivate future work on large-scale IoT deployments and integration with energy-efficient communication protocols.
