The Seventh International Conference on Safety and Security with IoT: SaSeIoT 2023 (EAI/Springer Innovations in Communication and Computing) 3031530276, 9783031530272

Table of contents :
Conference Organization
Preface
Contents
Part I Safety and Security in Internet of Things
Secure and Lightweight Communication Protocol for Wake-Up Radio-Enabled Internet of Things
1 Introduction
2 Network Scenario and Assumptions
3 Proposed WuR Protocol
3.1 Preliminaries
3.2 Lightweight RI-WuR Protocol
First WuC Token Creation
WuC with First Token
ith WuC Token Creation
WuC with the ith Token
3.3 Lightweight TI-WuR Protocol
4 Performance Metric
4.1 Energy Consumption
5 Numerical Results and Security Analysis
5.1 Parameter Configuration
5.2 Performance Evaluation
5.3 Security Analysis
Resistance to Type-I Adversaries
Resistance to Type-II Adversaries
6 Conclusion
References
RPL Protocol Using Contiki Operating Systems: A Review
1 Introduction
2 RPL Protocol Background
2.1 Objective Functions and Hierarchical Structure
2.2 Modes of Operation
2.3 Rank and Parent Selection
2.4 Benefits and Challenges
3 Key Features of RPL
4 Contiki Operating System
4.1 Historical Background of Contiki-NG (Next Generation)
4.2 Contiki-NG Project
4.3 Design Philosophy
4.4 Preemptive Multitasking
4.5 Energy-Efficient Communication Protocols
4.6 Modular Architecture
4.7 Support for Low-Power Hardware
4.8 Simulation and Experimentation
5 RPL Implementation in Contiki
5.1 RPL Implementation Overview
5.2 Objective Functions and Metrics
5.3 DODAG Formation and Maintenance
5.4 Integration with ContikiMAC and Rime
5.5 Interaction with Contiki's Modules
5.6 Experimentation and Simulation
5.7 Research and Customization
6 Benefits and Advantages
6.1 Energy Efficiency
6.2 Scalability and Adaptability
6.3 Real-World Applicability
6.4 Efficient Utilization of Resources
6.5 Interoperability and Collaboration
6.6 Seamless Development Workflow
7 Recent Developments
7.1 Enhanced Energy Awareness
7.2 Integration with Emerging IoT Standards
7.3 Novel Objective Functions
7.4 Security Enhancements
7.5 Machine Learning and AI Integration
7.6 Edge and Fog Computing Integration
7.7 Machine Learning and AI Integration
8 Conclusion
References
Analysis of LoRaWAN and NB-IoT for Critical and Massive Communication
1 Introduction
2 Related Work
3 LoRaWAN
3.1 Practicality
3.2 Security
4 NB-IoT
4.1 Practicality
4.2 Security
5 Discussion
6 Conclusion
References
A Bibliometric Analysis and Comprehensive Overview of Security Attacks Against RPL in IoT Networks
1 Introduction
2 Background and Related Work
2.1 IoT Networks and RPL Protocol
2.2 IoT Security Challenges
2.3 Security Attacks Against RPL
2.4 Existing Research on RPL Security
2.5 Research Gap and Motivation
3 Methodology
3.1 Data Sources and Collection
3.2 Selection Criteria
3.3 Data Extraction and Categorization
3.4 Metrics for Bibliometric Analysis
3.5 Review and Validation
4 Bibliometric Analysis of RPL Security Research
4.1 Publication Trends
4.2 Prolific Authors and Institutions
4.3 Distribution Performance by Type
4.4 Collaboration Networks
4.5 Influential Works and Citations
5 Categorization of Security Attacks Against RPL
5.1 Introduction to Attack Categorization
5.2 Sinkhole Attacks
5.3 Selective Forwarding Attacks
5.4 Blackhole Attacks
5.5 Sybil Attacks
5.6 Other Attack Vectors
5.7 Implications and Mitigation Strategies
6 Mitigation Techniques and Countermeasures
6.1 Cryptographic Protocols and Secure Communication
6.2 Intrusion Detection and Prevention Systems (IDPSs)
6.3 Holistic Security Framework
6.4 Enhanced Authentication Mechanisms
7 Discussion and Future Directions
7.1 Synthesis of Key Findings
7.2 Implications and Research Avenues
7.3 Emerging Research Areas
7.4 Ethical and Privacy Considerations
7.5 Call to Action
8 Conclusion
References
Part II Artificial Intelligence in the Internet of Things Applications
Overview of Security Challenges in Wireless IoT Infrastructures for Autonomous Vehicles
1 Introduction
1.1 Autonomous Vehicle (AV) Challenges for Inner City Deployment
1.2 Many Openings for Hackers
1.3 Outdated Law and Regulations
1.4 Moral and Ethical Dilemma
1.5 Data Ownership and Data Theft
1.6 Liability and Risk Model
2 Autonomous Vehicles and Wireless IoT Infrastructure
2.1 Vehicle-to-Everything (V2X) Communication
3 Security Challenges and Threats
3.1 Cyberattacks and Vulnerabilities
3.2 AV Communication Security
3.3 In-Vehicle Security Threats
4 5G as IoT Infrastructure
4.1 5G Security Challenges
4.2 Threats to AVs in 5G Perspective
4.3 Initiatives to Improve Protection
5 Conclusions and Future Work
References
Explainable Transformer-Based Anomaly Detection for Internet of Things Security
1 Introduction
2 Related Work
3 IoT and Security Challenges
4 Explainable Anomaly Detection for IoT Security
4.1 Transformer-Based Autoencoder Model for AD
4.2 Deployment of XAI Module
5 Experimental Analysis
5.1 Non-tabular Models
5.2 Tabular Models
6 Perspectives for AI Systems in IoT Security
7 Conclusion
References
A Novel Transformer-Based Anomaly Detection Approach for ECG Monitoring Healthcare System
1 Introduction
2 Related Works and Background
2.1 Transformers
2.2 Variational Autoencoders
2.3 Multivariate Exponentially Weighted Moving Average (MEWMA) and Support Vector Data Description (SVDD)
3 Proposed Framework
3.1 Transformer-Based Variational Autoencoder Architecture
3.2 MEWMA-SVDD Module
4 Experiment and Results
4.1 Data Description
4.2 Experiment Setting
4.3 Results
5 Perspective
6 Conclusion
References
UAV-aided uplink NOMA based on MEC in IoT networks: Secrecy offloading and Optimization
1 Introduction
2 System Model and Communication Protocol
2.1 System and channel model
2.2 Communication protocol
2.3 Time offloading and secrecy capacity
3 Performance Analysis
3.1 Secrecy successful computation probability (SSCP)
3.2 Optimization: problem formulation and solution
4 Numerical result
5 Conclusion
A Proof of Theorem 1
References
Author Index
Subject Index

Citation preview

EAI/Springer Innovations in Communication and Computing

Kim Phuc Tran Shujun Li Cédric Heuchenne Thu Huong Truong   Editors

The Seventh International Conference on Safety and Security with IoT SaSeIoT 2023

EAI/Springer Innovations in Communication and Computing Series Editor Imrich Chlamtac, European Alliance for Innovation, Ghent, Belgium

The impact of information technologies is creating a new world yet not fully understood. The extent and speed of economic, life style and social changes already perceived in everyday life is hard to estimate without understanding the technological driving forces behind it. This series presents contributed volumes featuring the latest research and development in the various information engineering technologies that play a key role in this process. The range of topics, focusing primarily on communications and computing engineering include, but are not limited to, wireless networks; mobile communication; design and learning; gaming; interaction; e-health and pervasive healthcare; energy management; smart grids; internet of things; cognitive radio networks; computation; cloud computing; ubiquitous connectivity, and in mode general smart living, smart cities, Internet of Things and more. The series publishes a combination of expanded papers selected from hosted and sponsored European Alliance for Innovation (EAI) conferences that present cutting edge, global research as well as provide new perspectives on traditional related engineering fields. This content, complemented with open calls for contribution of book titles and individual chapters, together maintain Springer’s and EAI’s high standards of academic excellence. The audience for the books consists of researchers, industry professionals, advanced level students as well as practitioners in related fields of activity include information and communication specialists, security experts, economists, urban planners, doctors, and in general representatives in all those walks of life affected ad contributing to the information revolution. Indexing: This series is indexed in Scopus, Ei Compendex, and zbMATH. About EAI - EAI is a grassroots member organization initiated through cooperation between businesses, public, private and government organizations to address the global challenges of Europe’s future competitiveness and link the European Research community with its counterparts around the globe. EAI reaches out to hundreds of thousands of individual subscribers on all continents and collaborates with an institutional member base including Fortune 500 companies, government organizations, and educational institutions, provide a free research and innovation platform. Through its open free membership model EAI promotes a new research and innovation culture based on collaboration, connectivity and recognition of excellence by community.

Kim Phuc Tran • Shujun Li • Cédric Heuchenne • Thu Huong Truong Editors

The Seventh International Conference on Safety and Security with IoT SaSeIoT 2023

Editors Kim Phuc Tran GEMTEX & ENSAIT Graduate School MADIS-631 University of Lille ROUBAIX CEDEX 1, France Cédric Heuchenne University of Liège Liège, Belgium

Shujun Li University of Kent Canterbury, UK Thu Huong Truong Hanoi University of Science and Technology Hanoi, Vietnam

ISSN 2522-8595 ISSN 2522-8609 (electronic) EAI/Springer Innovations in Communication and Computing ISBN 978-3-031-53027-2 ISBN 978-3-031-53028-9 (eBook) https://doi.org/10.1007/978-3-031-53028-9 © European Alliance for Innovation 2024 This work is subject to copyright. All rights are solely and exclusively licensed by the Publisher, whether the whole or part of the material is concerned, specifically the rights of translation, reprinting, reuse of illustrations, recitation, broadcasting, reproduction on microfilms or in any other physical way, and transmission or information storage and retrieval, electronic adaptation, computer software, or by similar or dissimilar methodology now known or hereafter developed. The use of general descriptive names, registered names, trademarks, service marks, etc. in this publication does not imply, even in the absence of a specific statement, that such names are exempt from the relevant protective laws and regulations and therefore free for general use. The publisher, the authors, and the editors are safe to assume that the advice and information in this book are believed to be true and accurate at the date of publication. Neither the publisher nor the authors or the editors give a warranty, expressed or implied, with respect to the material contained herein or for any errors or omissions that may have been made. The publisher remains neutral with regard to jurisdictional claims in published maps and institutional affiliations. This Springer imprint is published by the registered company Springer Nature Switzerland AG The registered company address is: Gewerbestrasse 11, 6330 Cham, Switzerland Paper in this product is recyclable.

Conference Organization

Steering Committee Imrich Chlamtac University of Trento, Italy Organizing Committee General Chair University of Lille, ENSAIT & GEMTEX, France Kim Phuc Tran General Co-Chairs Institute of Cyber Security for Society (iCSS), University of Kent, UK Shujun Li TPC Chair and Co-Chair Cédric Heuchenne University of Liège, HEC Liège, Belgium Thu Huong Truong Hanoi University of Science and Technology, Vietnam Sponsorship and Exhibit Chair Paneuropean University, Faculty of Media, Slovakia Richard Keklák Zhiwen Yu Northwestern Polytechnical University, China Local Chair Kim Duc Tran IAD, Dong A, University, Vietnam Publications Chair Xianyi Zeng University of Lille, ENSAIT & GEMTEX, Lille, France Web Chair IAD, Dong A, University, Vietnam Tho Nguyen Posters and PhD Track Chair Aamir Saghir Mirpur University of Science and Technology (MUST), Pakistan Panels Chair Ludovic Koehl University of Lille, ENSAIT & GEMTEX, Lille, France Demos Chair Huu Du Nguyen Hanoi University of Science and Technology, Vietnam Tutorials Chairs Tibor Benˇciˇc Paneuropean University, Faculty of Media, Slovakia

v

vi

Conference Organization

Technical Program Committee Université Gustave Eiffel, France Virginie Deniau IMT Nord Europe, France Anthony Fleury Northeastern University, China Guenevere Chen Slovak University of Technology in Bratislava, Slovakia Ivan Kotuliak Slovak University of Technology in Bratislava, Slovakia Ladislav Hudec Katarína Jelemenská Slovak University of Technology in Bratislava, Slovakia Slovak University of Technology in Bratislava, Slovakia Jan Laštinec Ostfalia University of Applied Sciences, Germany Imad Ahmed Ostfalia University of Applied Sciences, Germany Ina Schiering Ostfalia University of Applied Sciences, German Diederich Wermser School of Computer Science, University of Birmingham, UK Rami Bahsoon Ian Batten School of Computer Science, University of Birmingham, UK IMT Atlantique, France Marc-Oliver Pahl Télécom Paris, France Rida Khatoun Télécom Paris, France Patrick Bellot Télécom Paris, France Etienne Borde Florian Brandner Télécom Paris, France Xufeng Zhao Nanjing University of Aeronautics and Astronautics, China South China University of Technology, China Zhenglei He City University of Hong Kong, Hong Kong Min Xie Sébastien Thomassey University of Lille, France KU Leuven, Belgium Bart Preneel Université Paul Sabatier, France Pierre Marechal Nhu-Ngoc Dao Sejong University, Republic of Korea Muhammad Ali Nasir University of Leeds, UK Ton Duc Thang University, Vietnam Bui Thanh Hung University of Liège, Belgium Phuong Hanh Tran Dong A University, Vietnam Kim Duc Tran

Preface

We are delighted to introduce the proceedings of the 7th European Alliance for Innovation (EAI) International Conference on Safety and Security in the Internet of Things (EAI SaSeIoT 2023). This conference has brought researchers, developers, and practitioners around the world who are leveraging and developing state-of-theart technology in IoT Safety and Security. The technical program of the 7th EAI SaSeIoT 2023 consisted of 19 accepted full papers, including 8 articles selected for publication in the proceedings of the 7th EAI SaSeIoT 2023. We strongly believe that the 7th EAI SaSeIoT 2023 conference provided a good forum for all researchers, developers, and practitioners to discuss all science and technology aspects that are relevant to IoT Safety and Security. ROUBAIX CEDEX 1, France Canterbury, UK Liège, Belgium Hanoi, Vietnam

Kim Phuc Tran Shujun Li Cédric Heuchenne Thu Huong Truong

vii

Contents

Part I Safety and Security in Internet of Things Secure and Lightweight Communication Protocol for Wake-Up Radio-Enabled Internet of Things . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Debasish Ghose, Harsha S. Gardiyawasam Pussewalage, Indika A. M. Balapuwaduge, and Soumya P. Dash RPL Protocol Using Contiki Operating Systems: A Review . . . . . . . . . . . . . . . . Joshua Teddy Ibibo and Bunakye Richard Japheth

3

17

Analysis of LoRaWAN and NB-IoT for Critical and Massive Communication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Mateo Campoverde-Fordon and Birger Andersen

35

A Bibliometric Analysis and Comprehensive Overview of Security Attacks Against RPL in IoT Networks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Joshua Teddy Ibibo

45

Part II Artificial Intelligence in the Internet of Things Applications Overview of Security Challenges in Wireless IoT Infrastructures for Autonomous Vehicles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Neeli R. Prasad, Birger Andersen, and Daniel K. Rubin-Grøn Explainable Transformer-Based Anomaly Detection for Internet of Things Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A. Saghir, H. Beniwal, K. D. Tran, A. Raza, L. Koehl, X. Zeng, and K. P. Tran

63

83

A Novel Transformer-Based Anomaly Detection Approach for ECG Monitoring Healthcare System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 111 Thi Thuy Van Nguyen, Cédric Heuchenne, Kim Duc Tran, and Kim Phuc Tran ix

x

Contents

UAV-aided uplink NOMA based on MEC in IoT networks: Secrecy offloading and Optimization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131 Anh-Nhat Nguyen, Tung-Son Ngo, Ngoc-Anh Bui, Phuong-Chi Le, and Gia-Huy Nguyen Author Index. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 147 Subject Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 149

Part I

Safety and Security in Internet of Things

Secure and Lightweight Communication Protocol for Wake-Up Radio-Enabled Internet of Things Debasish Ghose , Harsha S. Gardiyawasam Pussewalage Indika A. M. Balapuwaduge , and Soumya P. Dash

,

1 Introduction The technology of wake-up radio (WuR) has evolved as a promising one for use in Internet of Things (IoT) devices owing to its advantages of ultra-low energy consumption and on-demand communication [1–3]. In a WuR-enabled IoT node, a wake-up receiver (WuRx) is connected to the main radio (MR). The WuRx operates at the order of .μW or .nW in terms of power consumption, while the MR operates at the milliwatt (mW ) level [1, 2]. Figure 1 illustrates the operating principle of a WuR-enabled IoT system, where the WuRx continuously monitors the communication channel for wake-up calls (WuC). The WuRx has limited capabilities and is responsible for decoding and validating WuCs and activating the micro-controller unit (MCU) to turn on the MR of the system. The MR remains in a dormant state for most of its lifetime and operates in an on-demand manner. It becomes active only when the WuRx detects a WuC, decodes and validates it against its address, and triggers the MCU to power on the MR. Once the MRs of the sender

D. Ghose School of Economics, Innovation, and Technology, Kristiania University College, Bergen, Norway e-mail: [email protected] H. S. Gardiyawasam Pussewalage () · I. A. M. Balapuwaduge Department of Information and Communication Technology, University of Agder (UiA), Grimstad, Norway e-mail: [email protected]; [email protected] S. P. Dash School of Electrical Sciences, Indian Institute of Technology Bhubaneswar, Khordha, Odisha, India e-mail: [email protected] © The Author(s), under exclusive license to Springer Nature Switzerland AG 2024 K. P. Tran et al. (eds.), The Seventh International Conference on Safety and Security with IoT, EAI/Springer Innovations in Communication and Computing, https://doi.org/10.1007/978-3-031-53028-9_1

3

4 Fig. 1 Operations of WuR

D. Ghose et al.

IoT node A

Data

IoT node B

ACK MR on-demand

uC W

MR on-demand

W WuR

W WuR

always active

always active

and receiver nodes are turned on, data communication takes place in a traditional manner. Several techniques have been proposed to enhance the performance of WuR systems. One widely adopted design is subcarrier-modulated inband WuR [1, 4], which utilizes on-off keying (OOK) modulation to transmit WuC signals, achieving a range of up to 100 meters. With a sensitivity level of .−53 dBm, it ensures efficient reception of WuCs. Another notable implementation is the nanowatt (nW ) WuR [5], focusing on ultra-low power consumption for WuRx. The nW WuR consumes only 1 .μW in idle listening mode while detecting WuCs, operates in various frequencies within the industrial, scientific, and medical (ISM) band, and offers excellent performance with a sensitivity of .−35 dBm and a rapid 100 .μs interrupt response time. In the realm of WuR implementations, an IEEE 802.11-based design is presented in [6], leveraging off-the-shelf components for WuRx, achieving a data rate of 250 kb/s with OOK modulation for WuC transmission. Additionally, a significant achievement is the development of an RF energy-harvesting wireless transceiver integrating both WuRx and WuTx on a single CMOS chip [7], enabling WuRx operation with voltage levels as low as 300 mV, fully powered by RF energy at .−26 dBm. The classical time-division multiple access scheme has been appropriately modified to accommodate the capabilities of WuR technology in Low-Power Wide Area Network (LPWAN) applications [8]. To address the challenge of collisions between multiple WuCs transmitted concurrently by different WuTxs (Wake-up Transmitters), various studies have suggested collision avoidance mechanisms to enhance the efficiency of WuRs. One such mechanism is BoWuR [9], which aims to reduce collision occurrences in transmitter-initiated (TI) schemes. Through analysis, the authors have demonstrated its superior performance compared to traditional WuR schemes. For receiver-initiated (RI) data collection, a multicast-triggered synchronous transmission protocol is proposed in [10]. This protocol facilitates both contention-based and coordinated data exchanges among distributed devices, with the primary objective of minimizing transmission latency and reducing energy consumption. Communication protocols commonly used in IoT devices, such as IEEE 802.15.4, Bluetooth Low Energy, and LoRaWAN, employ strong encryption algorithms like AES to ensure data integrity and confidentiality. However, the security of WuC exchange in WuR-enabled IoT devices is a concern. Typically,

Secure and Lightweight Communication Protocol for WuR-Enabled IoT

5

WuCs are transmitted without additional protection, leaving them vulnerable to security threats. Several studies have addressed the security aspects of WuR systems, particularly focusing on denial-of-service (DoS) attacks. For instance, Park et al. in [11] propose an anti-malicious attack algorithm to detect and mitigate such attacks. SWARD [12], introduced by Montoya et al., is designed to address DoS vulnerabilities. While these approaches enhance security, they lack information on overall energy consumption and have not been extensively evaluated in error-prone networks with collisions. Additionally, some approaches may require additional mechanisms such as ACK for WuC transmission, which deviates from the original WuR design. These observations have triggered our motivation to embark on a comprehensive study on secure WuR protocols. Our main objective is to develop a lightweight WuR protocol that effectively tackles DoS attacks and significantly enhances the security of WuC in WuR-enabled IoT systems. We aim to achieve this while introducing minimal additional energy overhead compared to the original WuR (SCM-WuR) protocol. The key contributions of this chapter are summarized below: • We develop a WuR protocol to address the vulnerability of eavesdropping attacks and prevent unauthorized interception of WuC communication. • We define and derive the expression for calculating energy consumption in a WuR-enabled IoT network. • We present numerical results to demonstrate the effectiveness of our proposed protocol. Additionally, we thoroughly discuss the security aspects of the protocol, with particular emphasis on addressing the concerns related to secure WuC communication. The rest of this chapter is organized as follows. Section 2 presents the considered network scenario. In Sect. 3, we provide details of the proposed WuR protocol. Section 4 presents the performance metrics used to evaluate the protocol. Section 5 discusses the obtained numerical results along with the security perspectives of the proposed protocol. Finally, Sect. 6 concludes this chapter, summarizing the key findings.

2 Network Scenario and Assumptions Consider a WuR-enabled IoT system consisting of N nodes, as shown in Fig. 2, where each device is equipped with a WuR module. The communication among these devices takes place in a single-hop connection within a full mesh topology, enabling direct and seamless communication. In the figure, the symbols S and R represent the sender and receiver, respectively. For the purpose of simplifying the numerical analysis, similar to the approach in [9] and [10], we make the following assumptions in this system: an error-free channel and no packet losses due to buffer overflow. However, it is important to

6

D. Ghose et al.

Fig. 2 WuR-enabled IoT network with N contending nodes

note that WuC packet loss can still occur in this system, primarily due to collisions when multiple devices initiate WuC transmissions simultaneously.

3 Proposed WuR Protocol We start the section by providing the necessary background information related to the proposed WuR protocol. Then, we present the proposed protocol in detail, by considering a receiver-initiated WuR (RI-WuR) instance. Thereafter, we show that the proposed protocol can easily be adapted to a transmitter-initiated WuR (TIWuR).

3.1 Preliminaries Let us consider that the receiver has initiated a communication instance between two IoT nodes, denoted as .NA and .NB . In this case, .NA functions as the receiver, while .NB acts as the transmitter, respectively. Node .NA is equipped with a MR (.RA ) and a WuRx (.W RA ), whereas node .NB is equipped with a MR (.RB ) and a WuRx (.W RB ). When the two devices communicate for the first time, a secure channel is established between the MRs—.RA and .RB . Note that the link layer protocols such as BLE and ZigBee support the establishment of such a secure channel that facilitates the authentication of the devices. In addition, during this initial handshake, we assume that the nodes agree on three symmetric keys—.KI , .KC , .KW as well as a nonce .R1 . Note that .KI and .KC are used for integrity protection and encryption for the MR communication, while .KW and the nonce .R1 are used for the establishment of the first WuC between the nodes.

Secure and Lightweight Communication Protocol for WuR-Enabled IoT

7

3.2 Lightweight RI-WuR Protocol Before .NA and .NB terminate their initial MR communication, the node .NB must first compute a WuC token and hand it over to its .W RB . Thus, it is possible for the .RB to return to the sleep mode (at the end of the MR communication). In the following, we have described the protocol by dividing it into four phases—creation of the first token, WuC with the first token, creation of the ith token, and waking up with the ith token.

First WuC Token Creation To construct the first WuC token .W T1 , .NB uses the wake-up key .KW and the nonce R1 . Thereby, .NB computes .W T1 such that

.

  W T1 = B16 H (IB ||KW ||R1 ) ,

.

(1)

where .IB denotes the address of node .NB and H denotes a cryptographic hash function. .B16 refers to the selection of the most significant 16 bits from the hash output as the token. Then, .NB passes the token .W T1 to its .W RB and lets its main radio .RB activate the sleep mode. In the meantime, .NA also computes the token .W T1 using .KW and .R1 , so that .NA is ready to wake up .NB when required.

WuC with First Token Suppose .NA wants to initiate a new communication session with .NB . Then, .NA sends the WuC token .W T1 as illustrated in Fig. 3. When the token is received by .W RB , it checks whether the received token is the same as the token computed at the node .NB , and if so, .W RB sends the wake-up trigger signal W uS to switch on the .RB . Afterward, .RB sends the reply message .m1 in the form of the ciphertext .C1 ,   C1 = E m1 ||ACK1 ||R2 , KC ,

.

(2)

in which .ACK1 is the acknowledgement of the reception of .W T1 and .R2 refers to the nonce shared with .NA to construct the next WuC token. Note that the notation .E(M, K) refers to the symmetric key encryption of the plaintext M using the key K. The ciphertext .C1 is sent along with a message authentication code .MAC1 constructed using the shared key .KI . This helps to detect any tampering of the message after it is received by the node .NA . Note that .NA also sends an ACK to .NB to notify the reception of the message .m1 .

8

D. Ghose et al.

Fig. 3 The operating procedure with the first token in the proposed lightweight RI-WuR protocol

ith WuC Token Creation The creation of the second token and the succeeding tokens use the same mechanism. Hence, we explain the process with the help of the ith token. At the end of the .(i − 1)th MR communication, the .RB computes the next WuC token .W Ti such that   W Ti = B16 H (W Ti−1 ||Ri )

.

(3)

and forwards .W Ti to .W RB before returning to the sleep mode. Note that the nonce Ri is shared with .NA by the node .NB during the .(i − 1)th communication session. Similarly, .NA also computes .W Ti , which is necessary for waking up .NB in the next communication session.

.

WuC with the ith Token This process is identical to the process of waking up with the first token.

3.3 Lightweight TI-WuR Protocol Although we have described the proposed wake-up protocol with respect to a RI communication instance, it can be utilized for TI communication as well. In this case, the only difference will be that after waking up .NB , .NA will send the data to .NB . Note that in a RI instance, it is the node .NB that sends the data to .NA . Thus, the token generation and wake-up procedure will be identical to the RI instance.

Secure and Lightweight Communication Protocol for WuR-Enabled IoT

9

4 Performance Metric In this section, our focus is on evaluating the energy consumption of our proposed RI-WuR protocol and deriving its expressions. It is worth noting that the expressions presented can be easily modified for the TI-WuR protocol.

4.1 Energy Consumption Consider the energy consumption, denoted as E, for the entire network consisting of N nodes. This network comprises one transmitting node, one designated destination node, and .(N − 2) unintended nodes. Thus, E can be expressed as E = Etx + Erx ,

.

(4)

where .Etx represents the energy consumption of the WuC transmitting node for a successful/unsuccessful transmission and .Erx denotes the cumulative energy used by all the WuC receiving nodes in the network. .Etx is given by Etx = Ps EsT + Pc EcT .

.

(5)

In this expression, .Pc denotes the likelihood of a collision occurring during transmission, while .Ps stands for the probability of a successful transmission, and T .Pc + Ps = 1. .Es represents the energy consumed by the sender for a successful T packet, and .Ec represents the energy consumed by the sender for an unsuccessful packet. Further, .EcT and .EsT are given as T idle idle tout EcT = EW uC + EW uS + Edata + 2ESI F S + EN T + EACK ,

.

T R idle T EsT = EW uC + EW uS + Edata + 2ESI F S + EN T + EACK + EN T ,

.

(6) (7)

T where .EW uC is the energy consumption for WuC transmission, .EW uS represents the idle accounts energy consumption to activate the MCU for switching on the MR, .Edata for the energy consumed during the idle state while waiting for data packet recepR tion, .Edata corresponds to the energy consumption during data packet reception, idle .2ESI F S captures the energy consumption during the SIFS, .E N T represents the energy consumption during the idle state while waiting for next token generation, idle .E N T represents the energy consumption during the idle state while waiting for next token generation, .EN T indicates the energy consumption during next token tout signifies the energy consumption during an ACK timeout, and generation, .EACK T .E ACK denotes the energy consumption during ACK transmission.

10

D. Ghose et al.

Similarly, .Erx is given as Erx = Pc EcR + Ps EsR ,

.

(8)

where .EcR represents the total reception energy consumed by the network during an unsuccessful WuC transmission. Assuming that collisions occur due to simultaneous transmissions from two or more nodes, we simplify the calculation by assuming that collisions happen when two nodes transmit simultaneously. Based on this assumption, we can estimate the energy consumption of collisions, .EcR , as idle EcR ≈ (N − 2)EW uC ,

.

(9)

idle represents the energy consumed by a node when it actively monitors where .EW uC the channel using WuRx. In the event of a collision where multiple WuC packets overlap and interfere with each other, both the intended receiver and unintended receivers consume the same amount of energy as required for idle listening since they are unable to detect and decode the packet. .EsR is the total reception energy consumed by the network for a successful packet, expressed as node EsR = EInode N + EU N ,

.

(10)

node where .EInode N represents the energy consumption of the intended node and .EU N represents the energy consumption of the unintended nodes. Furthermore, R T R EInode N = EW uC + 2ESI F S + EW uS + EN T + Edata + EACK ,

.

(11)

and R EUnode N = (N − 2)EW uC ,

.

(12)

R where .EW uC represents the energy consumption for receiving WuC packet and T .E corresponds to the energy consumption for transmitting data packets. Finally, data R .E denotes the energy consumption for receiving acknowledgments. ACK

5 Numerical Results and Security Analysis In this section, our focus is on evaluating the proposed WuR protocol’s energy consumption performance. We aim to assess its efficiency and compare it to other existing approaches or protocols. Additionally, we analyze the security of the proposed protocol, specifically considering DoS attacks.

Secure and Lightweight Communication Protocol for WuR-Enabled IoT

11

5.1 Parameter Configuration Consider a WuR-enabled IoT network, as illustrated in Fig. 1. With the help of the parameter configuration presented in Table 1, we have computed the network parameters given in Table 2. The parameters in the network are configured according to the values specified in Table 2, unless stated otherwise. Table 1 Parameter configuration [1, 13]

Radio type Common Main radio

Wake-up radio

Parameter Supply voltage Data rate Transmission current Reception current Idle current SIFS duration Payload size ACK frame size WuC duration WuC transmission current Reception current (WuRx) Sleep current MCU switching current Time to switch on MCU WuC packet size

Value 3 250 17.4 18.8 20 192 35 11 12.2 152 8 3.5 2.7 1.79 2

Unit V kbps mA mA .μA .μs bytes bytes ms mA .μA .μA .μA ms bytes

Table 2 Values of major parameters (in mJ ) Parameter Description T Energy consumption during WuC transmission .EWuC R

Value 5.5632

.EWuC

Energy consumption during WuC reception

0.0003

R .EACK tout .EACK

Energy consumption during acknowledgement reception

0.0198

Energy consumption during ACK timeout

.2.11

× 10−5

R

Energy consumption during idle state while waiting for data packet .6.72 × 10−5 reception Energy consumption during data packet reception 0.0584

.EACK

T

Energy consumption during ACK transmission

0.0183

idle .ENT

0.0008

.ENT

Energy consumption during idle state while waiting for next token calculation Energy consumption during next token calculation

.EWuS

Energy consumption during MCU activation

.1.4499

.ESIFS

Energy consumption during Short Interframe Space (SIFS)

0.0086

T .Edata

Energy consumption during data packet transmission

0.0584

idle

.Edata .Edata

0.0584 × 10−5

12

D. Ghose et al.

Fig. 4 Energy consumption vs. the number of nodes (N ) for different .Pc values

5.2 Performance Evaluation Figure 4 presents the energy consumption resulting from different combinations of collision probability (.Pc ) and the number of nodes (N). Figure 4 clearly shows that as the collision probability increases, there is a noticeable decrease in the average energy consumption for each N value. For instance, comparing the energy consumption at .Pc = 0.01 with that at .Pc = 0.07, we can see a reduction from 5.882 mJ to 5.86 mJ, indicating a decrease in energy consumption as .Pc increases. This is due to the fact that as the collision probability increases, the likelihood of successful transmission decreases. Consequently, collided packets, which require less energy compared to successfully transmitted packets, contribute more to the overall energy consumption. This leads to a decrease in the average energy consumption as the collision probability increases. Additionally, it is worth noting that energy consumption tends to increase with the number of nodes in the network. This is expected, as larger networks typically require more energy for communication and coordination among the nodes. Figure 5 illustrates the relationship between collision probability (.Pc ), the number of nodes (N), and average energy consumption. As the collision probability increases, there is a noticeable downward trend in energy consumption across different node counts. For example, with .N = 10, the energy consumption decreases from 5.825 mJ (.Pc = 0.2) to 5.80 mJ (.Pc = 0.3). This trend is consistent for .N = 20, 30, and 40 as well. The decrease in energy consumption can be attributed to the decrease in the successful transmission probability (.Ps ) as collision probability increases. In general, collided packets consume less energy compared to successfully transmitted packets due to the lower energy expenditure during unsuccessful transmission. The overall energy consumption calculation considers

Secure and Lightweight Communication Protocol for WuR-Enabled IoT

13

Fig. 5 Energy consumption vs. collision probability (.Pc ) for different N

Fig. 6 Energy consumption comparison of existing approaches with .Pc = 0

both .Pc and .Ps , which leads to the observed downward trend as collision probability increases. Furthermore, we have conducted a performance comparison between our proposed protocol and two state-of-the-art WuR schemes, namely SCM-WuR [4] and SWARD [12], as shown in Fig. 6. SCM-WuR represents a legacy WuR protocol, while SWARD is specifically designed to address DoS attacks in WuR-enabled networks. From the figure, it is evident that our proposed protocol requires more energy compared to the legacy SCM-WuR. This is expected as our protocol incorporates dynamic WuC token generation for enhanced security in WuC communication. The additional energy consumption can be attributed to the increased computational and cryptographic operations involved in our protocol. However, when compared

14

D. Ghose et al.

to SWARD, our protocol outperforms it in terms of energy consumption. This can be attributed to the fact that SWARD introduces an additional ACK mechanism for WuC communication, which adds extra energy consumption compared to our protocol. In summary, the comparison demonstrates that our proposed protocol strikes a balance between security and energy consumption.

5.3 Security Analysis WuR systems aim to extend the lifespan of sensor networks. However, on the contrary, the illegitimate waking-up of main radios will cause shortening of lifespan of the sensor network while leading to DoSs. Thus, in this subsection, we show that the proposed communication protocol can withstand such attacks by considering two adversary types—Type-I adversary and Type-II adversary. Type-I Adversary We define a Type-I adversary as an attacker who is capable of forging valid WuC tokens and aims to wake up the main radio illegitimately. Type-II Adversary We define a Type-II adversary as an attacker who intends to wake up the main radio illegitimately via replaying valid WuC tokens.

Resistance to Type-I Adversaries Suppose, a Type-I adversary (.T I ) has intercepted the ith WuC token .W Ti related to the communication between .NA and .NB . Note that .W Ti is given by   W Ti = B16 H (W Ti−1 ||Ri ) ,

.

in which .Ri refers to the nonce shared between .NA and .NB during the .(i − 1)th communication session. Furthermore, according to (2), we know that Ci−1 = E(m1 ||ACKi−1 ||Ri , KC ).

.

(13)

Thus, to compute the next valid WuC token, the adversary .T I requires .Ri , and according to (13), it is practically infeasible considering that we can use a secure symmetric key encryption scheme such as AES with the standard key sizes.

Resistance to Type-II Adversaries Let us assume that a Type-II adversary has intercepted the .i th WuC token .W Ti and attempts to replay this token at a later time. In this instance, it is possible for the receiving node to learn that this token is a replayed token given that after serving a

Secure and Lightweight Communication Protocol for WuR-Enabled IoT

15

token, the serving node discards the served token and constructs the next token to prepare itself for the next impending communication session. From the above analysis, it is evident that the proposed communication protocol is secure against illegitimate wake-up attacks that may lead to DoS.

6 Conclusion In conclusion, this chapter presents a lightweight secure communication protocol specifically designed for WuR-enabled IoT networks. The protocol effectively addresses security vulnerabilities during the WuC exchange phase, focusing on preventing denial-of-service attacks. The key contributions of this research include the development of the protocol, analysis of energy consumption, and performance evaluation. Numerical results demonstrate that while our proposed protocol may require slightly more energy compared to the legacy WuR due to the inclusion of dynamic WuC token generation for enhanced security in WuC communication, it outperforms the existing SWARD protocol in terms of energy consumption. Furthermore, a qualitative security analysis affirms that the protocol ensures security in WuR-enabled IoT networks, providing reliable and secure communication in IoT environments.

References 1. J. Oller, I. Demirkol, J. Casademont, J. Paradells, G.U. Gamm, L. Reindl, Has time come to switch from duty-cycled MAC protocols to wake-up radio for wireless sensor networks? IEEE/ACM Trans. Netw. 24(2), 674–687 (2016) 2. D. Spenza, M. Magno, S. Basagni, L. Benini, M. Paoli, C. Petrioli, Beyond duty cycling: wakeup radio with selective awakenings for long-lived wireless sensing systems, in Proceedings of the IEEE INFOCOM, 2015, pp. 522–530 3. S. Shellhammer, A. Asterjadhi, Y. Sun, Wake-up radio medium access control, in IEEE 802.11ba: Ultra-Low Power Wake-up Radio Standard (IEEE, Piscataway, 2023), pp. 97–130 4. J. Oller, I. Demirkol, J. Casademont, J. Paradells, G.U. Gamm, L. Reindl, Performance evaluation and comparative analysis of subcarrier modulation wake-up radio systems for energy-efficient wireless sensor networks. Sensors 14(1), 22–51 (2013) 5. M. Magno, V. Jelicic, B. Srbinovski, V. Bilas, E. Popovici, L. Benini, Design, implementation, and performance evaluation of a flexible low-latency nanowatt wake-up radio receiver. IEEE Trans. Ind. Inform. 12(2), 633–644 (2016) 6. E. Lopez-Aguilera, M. Hussein, M. Cervia, J. Paradells, A. Calveras, Design and implementation of a wake-up radio receiver for fast 250 kb/s bit rate. IEEE Wireless Commun. Lett. 8(6), 1537–1540 (2019) 7. M.A. Karami, K. Moez, An integrated RF-powered wake-up wireless transceiver with -26 dBm sensitivity. IEEE Internet Things J. Early Access Articles, https://doi.org/10.1109/JIOT.2021. 3116208 (2021) 8. G.A. Beletsioti, K.F. Kantelis, A. Valkanis, P. Nicopolitidis, G.I. Papadimitriou, A multilevel TDMA approach for IoT applications with WuR support. IEEE Internet Things J. 9(22), 22785–22795 (2022)

16

D. Ghose et al.

9. D. Ghose, F.Y. Li, Enabling backoff for SCM wake-up radio: protocol and modeling. IEEE Commun. Lett. 21(5), 1031–1034 (2017) 10. D. Ghose, L. Tello-Oquendo, V. Pla, F.Y. Li, On the behavior of synchronous data transmission in WuR enabled IoT networks: protocol and absorbing Markov Chain based modeling. IEEE Trans. Wireless Commun. 21(10), 8565–8580 (2022) 11. H. Park, Anti-malicious attack algorithm for low-power wake-up radio protocol. IEEE Access 8, 127581–127592 (2020) 12. M. Montoya, S. Bacles-Min, A. Molnos, J.J.A. Fournier, SWARD: a secure wake-up radio against denial-of-service on IoT devices, in Proceedings of the ACM WiSec (2018), pp. 190– 195 13. D. Ghose, F.Y. Li, V. Pla, MAC protocols for wake-up radio: principles, modeling and performance analysis. IEEE Trans. Ind. Inform. 14(5), 2294–2306 (2018)

RPL Protocol Using Contiki Operating Systems: A Review Joshua Teddy Ibibo

and Bunakye Richard Japheth

1 Introduction The rapid proliferation of Internet of Things (IoT) devices has ignited a transformative wave in various industries, from smart cities to healthcare and industrial automation [1, 2]. The distinct characteristics of IoT networks, characterized by constrained resources, dynamic topologies, and high loss rates, necessitate specialized routing protocols that can efficiently navigate these challenges. The Routing Protocol for Low-Power and Lossy Networks (RPL) has emerged as a beacon in this landscape, providing an adaptive and energy-efficient routing solution [3]. In parallel with the evolution of routing protocols, operating systems tailored to the constraints of IoT devices have also gained prominence. Contiki, a lightweight and open-source operating system, stands as a testament to this development, offering an ideal platform for experimenting with and implementing protocols such as RPL. The synergy between RPL and Contiki holds the promise of revolutionizing IoT network efficiency, making it imperative to comprehensively review the integration of RPL within the Contiki operating system [4–9]. This review paper delves into the intricate interplay between the RPL protocol and the Contiki operating system. It provides an in-depth analysis of RPL’s design

Edinburgh Napier University J. T. Ibibo () School of Computing, Edinburgh Napier University, Edinburgh, UK e-mail: [email protected] B. R. Japheth Department of Computing Science, Niger Delta University, Bayelsa State, Nigeria e-mail: [email protected] © The Author(s), under exclusive license to Springer Nature Switzerland AG 2024 K. P. Tran et al. (eds.), The Seventh International Conference on Safety and Security with IoT, EAI/Springer Innovations in Communication and Computing, https://doi.org/10.1007/978-3-031-53028-9_2

17

18

J. T. Ibibo and B. R. Japheth

principles, functionalities, and modes of operation and explores how its symbiotic relationship with Contiki can pave the way for highly optimized IoT networks. By offering an overview of RPL’s core features and an exploration of its implementation within the Contiki ecosystem, this chapter seeks to elucidate the advantages, challenges, and future prospects of utilizing RPL in conjunction with Contiki. The subsequent sections of this chapter will systematically dissect the various facets of RPL and Contiki, including their individual strengths, their mutual reinforcement, and the novel possibilities they collectively unlock for IoT applications. Through a comprehensive review of existing research, this chapter aims to contribute to the understanding of how the marriage of RPL and Contiki can reshape the landscape of low-power and lossy IoT networking.

2 RPL Protocol Background The Routing Protocol for Low-Power and Lossy Networks (RPL) was conceived to address the unique challenges posed by IoT environments [10], where devices often operate on limited resources and within dynamically changing network topologies. Standardized by the Internet Engineering Task Force (IETF) in RFC 6550, RPL provides a solution that adapts to the specific requirements of these networks, ensuring reliable and energy-efficient communication [10–15] (Fig. 1).

2.1 Objective Functions and Hierarchical Structure RPL operates within a Destination-Oriented Directed Acyclic Graph (DODAG) structure as shown in Fig. 2, which reflects the hierarchical relationships among

Fig. 1 RPL Routing Protocol Overview

RPL Protocol Using Contiki Operating Systems: A Review

19

Fig. 2 Hierarchical structure of DAG overview

network nodes [15]. In this structure, each node has one or more parents and forwards data toward a root node, typically representing a sink or a gateway to an external network. The DODAG formation optimizes energy efficiency and allows for efficient routing in highly dynamic scenarios [15–20]. Central to RPL’s functionality are objective functions, which define the metrics used to evaluate and select paths within the DODAG. Objective functions encapsulate parameters such as link quality, delay, energy consumption, and others, tailored to the specific requirements of different applications. This flexibility allows RPL to cater to a wide range of IoT use cases, where energy conservation, latency minimization, or other performance metrics take precedence.

2.2 Modes of Operation RPL operates in different modes to adapt to various network characteristics [20]. These modes include: 1. Storing Mode: In this mode, intermediate nodes store routing entries for forwarding data. While it can be memory efficient, storing mode may not be suitable for networks with severe resource constraints. 2. Non-storing Mode: In this mode, intermediate nodes do not store routing entries, resulting in lower memory overhead. However, it requires more frequent communication and is generally suitable for networks with moderate to low resource constraints. 3. Mixed mode: This hybrid mode combines the advantages of both storing and non-storing modes. It adapts to dynamic changes in network conditions and resources, making it a versatile option for a variety of IoT scenarios.

20

J. T. Ibibo and B. R. Japheth

2.3 Rank and Parent Selection RPL employs a ranking mechanism to determine the position of a node within the DODAG hierarchy. Each node calculates its rank based on the objective function values and the ranks of its parents. The rank calculation facilitates efficient parent selection, ensuring that nodes select parents that optimize energy consumption while providing reliable routing paths [20–25].

2.4 Benefits and Challenges RPL offers several advantages for IoT networks [26]: 1. Energy Efficiency: The hierarchical structure, coupled with objective functions, helps conserve energy by selecting energy-efficient paths. 2. Scalability: The hierarchical approach allows RPL to scale effectively even in large IoT deployments. 3. Adaptability: The use of multiple objective functions and modes of operation accommodate diverse application needs. However, RPL also faces challenges such as managing network dynamics, dealing with link quality variations, and ensuring timely adaptation to changing conditions. These challenges underscore the need for effective implementation and evaluation platforms, and Contiki provides an apt environment for addressing them. In the following sections, this review paper delves into the integration of RPL within the Contiki operating system, elucidating how Contiki’s lightweight nature and energy-efficient features complement and enhance the capabilities of the RPL protocol.

3 Key Features of RPL The Routing Protocol for Low-Power and Lossy Networks presents a range of key features that collectively contribute to its effectiveness in addressing the unique challenges posed by IoT environments. These features enable RPL to create efficient and reliable routing paths while optimizing energy consumption and adaptability [27–29]: 1. Objective Functions and Metrics: At the core of RPL’s flexibility is the concept of objective functions. Objective functions encapsulate various metrics, such as energy consumption, latency, link quality, and path reliability. These metrics guide the selection of optimal paths within the network’s hierarchical structure, allowing RPL to be tailored to the specific needs of different IoT applications. The ability to adapt the routing metrics empowers RPL to optimize performance based on the network’s goals.

RPL Protocol Using Contiki Operating Systems: A Review

21

2. Rank and DODAG Hierarchy: RPL establishes a hierarchical structure known as a Destination-Oriented Directed Acyclic Graph (DODAG). In this structure, nodes are organized in tiers, with each node having one or more parents closer to the root of the DODAG. The hierarchical organization conserves energy by minimizing communication overhead and creating energy-efficient routing paths. Each node calculates its rank based on the objective function and the ranks of its parents. This ranking mechanism aids in selecting optimal parents and thereby efficient routes. 3. Parent Selection and Path Optimization: Nodes in an RPL network determine their parents based on factors such as rank, objective function values, and link quality. This parent selection mechanism aims to minimize energy consumption and create stable routing paths. The selection process considers both short-term and long-term benefits, resulting in routes that balance energy efficiency and network stability. 4. Adaptation to Network Dynamics: IoT networks are characterized by frequent topology changes due to device mobility, failures, and environmental variations. RPL’s hierarchical structure and adaptive mechanisms allow it to swiftly respond to such dynamics. Nodes can recompute their ranks and adjust their parent selections to maintain efficient routing paths, making RPL well-suited for the often-volatile nature of IoT environments. 5. Scalability and Applicability: RPL’s hierarchical structure and adaptable nature contribute to its scalability across diverse IoT applications. Whether for smart home automation, industrial monitoring, or environmental sensing, RPL can cater to a wide range of use cases. Its ability to manage networks of varying sizes and complexities makes it a versatile choice for IoT deployments. In the subsequent sections of this review paper, we explore the integration of RPL within the Contiki operating system, highlighting how these key features of RPL align with Contiki’s design philosophy and energy-efficient capabilities.

4 Contiki Operating System The Contiki operating system stands as a pivotal platform in the landscape of IoT device development and experimentation. Engineered to cater to resourceconstrained devices, Contiki’s lightweight and modular architecture make it an ideal environment for implementing and evaluating protocols such as the RPL [9–13].

4.1 Historical Background of Contiki-NG (Next Generation) Contiki-NG is an open-source operating system specifically designed for the IoT and embedded systems. It is built upon the legacy of the original Contiki OS and aims to provide a modernized and optimized platform for resource-constrained devices. Here’s a historical overview of Contiki-NG’s development:

22

J. T. Ibibo and B. R. Japheth

1. 2013: Contiki-NG was initiated as a fork of the original Contiki OS. The project’s primary objective was to revitalize and modernize the Contiki ecosystem to accommodate new hardware platforms, emerging IoT technologies, and evolving development practices. 2. 2016: The first official release of Contiki-NG, version 2.6, marked a significant milestone in the project’s development. This release showcased substantial improvements, refinements, and enhancements over the original Contiki OS. 3. 2017–2018: The Contiki-NG community grew, attracting developers, researchers, and IoT enthusiasts who recognized the importance of having an operating system tailored to low-power wireless communication and constrained devices. Collaborative efforts led to the integration of various features and protocols. 4. 2019: Contiki-NG version 4.0 was released, demonstrating the project’s ongoing commitment to advancing IoT operating systems. This version introduced better support for IPv6, 6LoWPAN (IPv6 over Low-Power Wireless Personal Area Networks) and other modern IoT communication standards. 5. 2020s: Throughout the early 2020s, Contiki-NG continued to evolve. It gained prominence in both academia and industry, serving as a foundation for research, development, and practical IoT applications. This era saw increased efforts to optimize energy consumption, enhance security features, and provide seamless integration with emerging IoT technologies. 6. Present Day (2023): Contiki-NG remains an active and influential project in the IoT ecosystem. Its focus on energy-efficient communication, adaptability, and support for diverse hardware platforms positions it as a critical tool for building and deploying IoT applications on devices with limited resources. Contiki-NG’s historical trajectory showcases its transformation from a fork of the original Contiki OS to a standalone IoT operating system that addresses the specific challenges of the IoT landscape. Its journey reflects the ongoing evolution of IoT technologies and the dedication of the open-source community to meet the demands of the connected world.

4.2 Contiki-NG Project The Contiki-NG (Next Generation) project represents a significant milestone in the evolution of IoT operating systems. It emerged in the early 2010s as a fork of the original Contiki OS, a pioneering platform developed by Adam Dunkels in 2002 to address the challenges of networking small devices in constrained environments. Contiki-NG was born out of the need to modernize the original Contiki codebase, accommodating the latest hardware advancements, communication protocols, and development practices that had emerged since its inception [20]. The project’s core objectives included retaining the energy-efficient and lightweight attributes that made Contiki OS a success while incorporating contemporary features and optimizations. The release of Contiki-NG version 2.6 in

RPL Protocol Using Contiki Operating Systems: A Review

23

2016 marked a significant milestone, providing a stable foundation for the project’s growth. This version showcased improvements and enhancements over the original Contiki, setting the tone for future developments. Contiki-NG’s focus on energy efficiency made it a natural fit for IoT applications, especially those involving resource-constrained devices and low-power wireless communication. Its modular architecture empowered developers to tailor the operating system to their specific requirements, optimizing memory usage and performance [20]. The operating system supported modern IoT communication standards, such as IPv6 and 6LoWPAN, enabling efficient and scalable networking among IoT devices. Contiki-NG’s compatibility with a diverse range of hardware platforms, from microcontrollers to more capable embedded systems, made it a versatile choice for various IoT applications. The project thrived on the collaboration of an active community of developers, researchers, and enthusiasts [25]. Their collective efforts ensured the continuous evolution, refinement, and relevance of Contiki-NG in the rapidly evolving IoT landscape. Through the 2020s, Contiki-NG continued to receive updates, enhancements, and optimizations that aligned with emerging IoT technologies and best practices. The project’s open-source nature encouraged innovation, research, and experimentation within the IoT domain [15]. This dynamic approach ensured that Contiki-NG remained adaptable and effective in addressing the challenges posed by the everchanging IoT ecosystem. In summary, the Contiki-NG project’s historical trajectory showcases its transformation from a fork of the original Contiki OS to a modern IoT operating system as shown in Table 1 that combines energy efficiency, adaptability, and community collaboration. Its journey exemplifies the continuous evolution and refinement necessary to meet the demands of the expanding IoT landscape while remaining true to the principles that have guided its development.

4.3 Design Philosophy Contiki’s design principles revolve around minimizing resource usage while maximizing functionality. This is particularly relevant for IoT devices, which often possess limited memory, processing power, and energy reserves [18]. Contiki achieves this through its minimal kernel, preemptive multitasking, and energyefficient communication protocols.

4.4 Preemptive Multitasking Contiki employs preemptive multitasking, allowing multiple tasks to run concurrently. This is crucial for IoT applications where devices must perform multiple

Attributes Open source Programming model Reliability Event driven Energy efficient Development terminology Real-point sustain RAM ROM Kernel Scheduling

Arm Mbed Yes Multi-thread Nil Nil Yes C, C.++ Definitely Less than 8 kb Less than 37 kb Layered Priority-based

LiteOS Yes Multi-thread

Yes Yes Yes

C, LiteC.++

Unfair

4 kb 128 kb Modular Priority-based RR

Contiki-NG Yes Protothreads

Yes Yes Yes

C

Partial

Less than 2 kb Less than 30 kb Modular Preemptive

64 kb Less than 10 kb Micro-kernel Priority-based

Definitely

C

Yes Yes Yes

FreeRTOS Yes Multi-thread

Table 1 Comparative analysis Contiki OS and other modern IoT operating system

8 kb 18 kb Micro-kernel Priority-based

Partial

C

Yes Yes Yes

Zephyr Yes Multi-thread

4 kb 128 kb Micro-kernel Priority-based

Unfair

C, LiteC.++

Yes Yes Yes

RIOT Yes Multi-thread

Less than 1 kb Less than 4 kb Monolithic EDF

Nil

NesC

Yes Yes Yes

TINY Yes Thread

32 kb 128 kb Micro-kernel Fair

Nil

C, C.++

Nil Nil Nil

BRILLO Yes Multi-thread

24 J. T. Ibibo and B. R. Japheth

RPL Protocol Using Contiki Operating Systems: A Review

25

tasks while efficiently managing power consumption. Contiki’s multitasking ensures that tasks can be executed in a timely manner, thereby reducing latency and enhancing responsiveness.

4.5 Energy-Efficient Communication Protocols Contiki includes a suite of communication protocols designed to minimize energy consumption. These protocols, such as ContikiMAC and Rime, ensure that devices can communicate with each other while consuming minimal power. The energyefficient communication mechanisms align well with the energy-conscious nature of RPL, making Contiki a natural fit for implementing RPL in IoT networks.

4.6 Modular Architecture Contiki’s modular architecture enables the integration of diverse protocols, allowing developers to select and include only the components they require. This modular approach is well-suited for IoT applications, where memory and processing constraints necessitate fine-tuned customization. Integration of RPL into Contiki benefits from this modular structure, as developers can select the RPL components that best suit their application’s needs.

4.7 Support for Low-Power Hardware Contiki is engineered to work seamlessly on a wide array of low-power hardware platforms. This flexibility enables developers to implement RPL and other IoT protocols on a variety of devices, from microcontrollers to more powerful edge devices. The ability to target a range of hardware ensures that Contiki-based solutions are not bound to a specific device type.

4.8 Simulation and Experimentation Contiki offers simulation capabilities that facilitate testing and experimentation before deploying code on physical devices. The Cooja simulator, integrated with Contiki, allows developers to assess the performance of RPL in various scenarios, optimizing parameters and configurations before real-world deployment. This simulation environment is invaluable for iterative development and performance evaluation.

26

J. T. Ibibo and B. R. Japheth

In the following sections of this review paper, we delve into the specifics of implementing the RPL protocol within the Contiki operating system. By harnessing Contiki’s lightweight design and energy-efficient communication protocols, RPL can be seamlessly integrated into IoT networks, unleashing the potential for energyefficient and reliable routing.

5 RPL Implementation in Contiki The integration of the Routing Protocol for Low-Power and Lossy Networks (RPL) within the Contiki operating system extends the capabilities of both RPL and Contiki, creating a powerful synergy that caters to the unique requirements of IoT networks. Contiki provides a conducive environment for implementing RPL, offering a lightweight and energy-efficient platform for experimentation, development, and deployment.

5.1 RPL Implementation Overview Contiki’s RPL implementation adheres to the RPL specification defined by the Internet Engineering Task Force (IETF). This implementation includes features such as the DODAG hierarchy, objective functions, and mode of operation support, allowing developers to create RPL-enabled networks that align with their application needs.

5.2 Objective Functions and Metrics Contiki’s RPL implementation supports multiple objective functions, enabling developers to customize routing metrics based on their application requirements. By choosing appropriate metrics such as energy consumption, latency, or link quality, RPL can be optimized for diverse IoT scenarios.

5.3 DODAG Formation and Maintenance Contiki facilitates the formation and maintenance of the DODAG structure through efficient parent selection mechanisms. Nodes calculate their ranks based on objective function values, enabling them to select energy-efficient parents and form optimized routing paths.

RPL Protocol Using Contiki Operating Systems: A Review

27

5.4 Integration with ContikiMAC and Rime Contiki’s communication protocols, such as ContikiMAC and Rime, align seamlessly with RPL’s energy-efficient routing goals. These protocols ensure that communication between nodes is conducted with minimal energy consumption, complementing RPL’s energy-conscious design.

5.5 Interaction with Contiki’s Modules Contiki’s modular architecture enables easy integration of RPL with other Contiki modules. This modularity allows developers to leverage Contiki’s built-in functionalities while seamlessly incorporating RPL’s routing capabilities. For example, developers can combine RPL with Contiki’s sensor and actuator interfaces, enabling end-to-end IoT applications.

5.6 Experimentation and Simulation Contiki’s Cooja simulator provides a platform for evaluating RPL’s performance in diverse scenarios. Researchers and developers can assess the behavior of RPLenabled networks under various conditions, allowing for parameter tuning and optimization before deployment on physical devices (Fig. 3). Fig. 3 DODAG graph visualization in Cooja

28

J. T. Ibibo and B. R. Japheth

5.7 Research and Customization Contiki’s RPL implementation offers a foundation for research and customization. Researchers can experiment with novel objective functions, adaptive strategies, and novel use cases within the Contiki-RPL framework. This empowers the IoT community to contribute to the evolution of RPL and Contiki’s capabilities. In the subsequent sections of this review paper, we explore the benefits and advantages of integrating RPL with the Contiki operating system. By leveraging Contiki’s energy-efficient design and RPL’s adaptive routing mechanisms, developers and researchers can usher in a new era of efficient, reliable, and scalable IoT networking solutions.

6 Benefits and Advantages The integration of the Routing Protocol for Low-Power and Lossy Networks (RPL) within the Contiki operating system offers a multitude of benefits and advantages that collectively contribute to the optimization of IoT networking. This symbiotic relationship capitalizes on the strengths of both RPL and Contiki, leading to enhanced energy efficiency, scalability, and real-world applicability.

6.1 Energy Efficiency Both RPL and Contiki are designed with energy efficiency as a primary consideration. RPL’s hierarchical structure and adaptive routing, combined with Contiki’s energy-efficient communication protocols, ensure that IoT devices can operate while minimizing energy consumption. This synergy results in extended device lifetimes and improved network sustainability, crucial factors for battery-powered devices in IoT deployments.

6.2 Scalability and Adaptability The hierarchical nature of RPL aligns well with Contiki’s modular architecture, enabling scalable and adaptable IoT networks. The combination of RPL’s DODAG structure and Contiki’s lightweight design allows for the creation of networks that can gracefully handle a growing number of devices without compromising performance or energy efficiency.

RPL Protocol Using Contiki Operating Systems: A Review

29

6.3 Real-World Applicability The integration of RPL and Contiki opens doors to a wide range of real-world IoT applications. Whether in smart homes, industrial automation, or environmental monitoring, RPL’s adaptability and Contiki’s platform support ensure that IoT networks can be tailored to the unique requirements of each application domain. This versatility enables developers to build robust and efficient solutions that cater to diverse use cases.

6.4 Efficient Utilization of Resources Contiki’s lightweight kernel and memory-efficient protocols make it an ideal platform for implementing RPL in resource-constrained devices. The minimal footprint of Contiki allows RPL-enabled devices to conserve memory, ensuring that more resources can be allocated to application-specific tasks while maintaining efficient routing capabilities.

6.5 Interoperability and Collaboration Contiki’s open-source nature fosters interoperability and collaboration within the IoT community. Developers and researchers can collectively contribute to the enhancement of RPL and Contiki, sharing insights, solutions, and optimizations that benefit the entire ecosystem. This collaborative approach accelerates the advancement of IoT networking technologies.

6.6 Seamless Development Workflow The unified development environment provided by Contiki simplifies the implementation of RPL-enabled applications. Developers can leverage Contiki’s tools, libraries, and simulators to streamline the design, development, testing, and deployment phases. This streamlined workflow accelerates the time to market for IoT solutions. In the forthcoming sections of this review paper, we delve into the challenges and research opportunities associated with the integration of RPL within the Contiki operating system. While the benefits are evident, it is crucial to acknowledge the ongoing efforts required to address the evolving demands of IoT networks (Table 2).

30

J. T. Ibibo and B. R. Japheth

Table 2 Research projects using Contiki-NG Ref [29] [27] [30] [31]

Projects F-Interop 5G-CORAL Sphere EurValve Vessedia [HTML]0563C1 https://E-care@home Synergia Assist

Organization H2020 H2020 UK EPSRC H2020 H2020 Swedish Knowledge Foundation Innovate UK Swedish Foundation for Strategic Research

7 Recent Developments The dynamic landscape of IoT networking continues to witness advancements in the integration of the RPL within the Contiki operating system. Recent developments in this domain have yielded innovations that further enhance the capabilities and performance of RPL-Contiki networks.

7.1 Enhanced Energy Awareness Recent research has focused on refining the energy awareness of RPL within the Contiki environment. This includes the development of novel objective functions that prioritize energy efficiency while maintaining reliable communication. These advancements ensure that RPL-Contiki networks can adapt intelligently to energy constraints, prolonging device lifetimes, and overall network sustainability.

7.2 Integration with Emerging IoT Standards RPL-Contiki networks have been aligned with emerging IoT standards and protocols, ensuring seamless interoperability with other IoT devices and networks. This development supports broader IoT ecosystem integration.

7.3 Novel Objective Functions The exploration of new objective functions continues to be a thriving research area. Objective functions tailored for specific application domains or optimized for specific performance metrics enable RPL to cater to a wider range of IoT use

RPL Protocol Using Contiki Operating Systems: A Review

31

cases. These functions have the potential to fine-tune routing decisions, yielding substantial improvements in network efficiency and application performance.

7.4 Security Enhancements With the growing concern about IoT security, recent efforts have been directed toward enhancing the security of RPL-Contiki networks. Implementing robust authentication and encryption mechanisms within the RPL framework ensures that communication remains secure and resilient against potential threats. These developments reinforce the viability of RPL for critical and sensitive IoT applications.

7.5 Machine Learning and AI Integration The incorporation of machine learning and artificial intelligence (AI) techniques into RPL-Contiki networks has been investigated. These technologies enable networks to adapt routing strategies based on real-time data, improving network efficiency and performance.

7.6 Edge and Fog Computing Integration As edge and fog computing gain traction, research has explored the integration of RPL-Contiki networks within these paradigms. Leveraging Contiki’s compatibility with edge and fog environments, developers are exploring the deployment of RPLenabled devices closer to data sources, optimizing latency and response times for critical applications.

7.7 Machine Learning and AI Integration Emerging trends in machine learning and artificial intelligence have prompted investigations into how these technologies can enhance RPL-Contiki networks. By leveraging AI-driven insights, RPL-Contiki networks can dynamically adapt their routing strategies based on real-time data, improving efficiency and performance in complex and evolving IoT scenarios. In the ensuing sections of this review paper, we address the challenges and research opportunities that lie ahead in the integration of RPL with the Contiki operating system. These advancements aim to make RPL-Contiki networks more efficient, adaptable, secure, and interoperable in the ever-evolving landscape of

32

J. T. Ibibo and B. R. Japheth

IoT networking. Also it exemplifies the evolution of RPL-Contiki networks and highlights the potential for future innovations in the realm of IoT networking.

8 Conclusion The marriage of the Routing Protocol for Low-Power and Lossy Networks (RPL) with the Contiki operating system presents a compelling synergy that addresses the intricate challenges of IoT networking. This review paper has explored the convergence of RPL and Contiki, shedding light on their individual strengths, their collaborative advantages, and the implications they hold for the future of low-power and lossy IoT networks. The versatility of RPL, with its hierarchical structure, adaptive routing, and customizable objective functions, seamlessly aligns with Contiki’s lightweight design, energy-efficient communication protocols, and modular architecture. This synergy empowers developers and researchers to create IoT networks that are not only energy efficient and scalable but also adaptable to the diverse demands of applications across domains. Contiki’s role as a platform for RPL implementation and experimentation cannot be overstated. Its preemptive multitasking, memory-efficient communication, and simulation capabilities enable the seamless integration and evaluation of RPL within diverse hardware configurations and network scenarios. Researchers can harness Contiki’s tools and resources to test novel strategies, optimize performance, and explore the boundaries of RPL’s capabilities. As IoT continues to permeate various industries, the significance of energy-efficient networking becomes increasingly evident. The collaboration between RPL and Contiki embodies this necessity, offering a framework that can revolutionize how IoT devices communicate, while conserving precious energy resources. From smart homes to industrial automation and beyond, RPL-Contiki networks promise to reshape the landscape of IoT applications, ushering in a new era of efficient, reliable, and scalable connectivity. However, as with any technology, challenges persist. The interoperability of RPL-Contiki networks with other IoT platforms, the ongoing quest for enhanced security mechanisms, and the need to fine-tune RPL’s performance in complex scenarios remain areas of exploration and refinement. In the ever-evolving world of IoT, the integration of RPL with the Contiki operating system is a beacon of innovation. By harnessing the capabilities of both RPL and Contiki, we stand on the brink of a transformative era where IoT networks are not just interconnected, but intelligently optimized for efficiency, scalability, and real-world impact. As we conclude this review, we invite researchers, developers, and enthusiasts to continue pushing the boundaries of RPL-Contiki networks, unlocking the full potential of IoT and paving the way for a connected future that truly conserves resources while enhancing connectivity.

RPL Protocol Using Contiki Operating Systems: A Review

33

References 1. D. Gadde, M.S. Chaudhari, Survey on routing protocol for low-power and lossy networks, in Proceedings of the 2015 IEEE International Conference on Computational Intelligence and Computing Research (ICCIC) (2015), pp. 1–5 2. L. Li, Z. Xi, Y. Zhu, S. Wang, Improvement and implementation of RPL routing protocol in wireless sensor networks, in Proceedings of the 11th International Conference on Wireless Communications, Networking and Mobile Computing (WiCOM 2015) (2015), pp. 1–4. Location (2010) 3. K. Heurtefeux, H. Menouar, Experimental evaluation of a routing protocol for wireless sensor networks: RPL under study, in Proceedings of the 6th Joint IFIP Wireless and Mobile Networking Conference (WMNC) (2013), pp. 1–4 4. Y. Pant, H.S. Bhadauria, Performance study of routing protocols in wireless sensor network, in Proceedings of the 2016 8th International Conference on Computational Intelligence and Communication Networks (CICN) (2016), pp. 134–138 5. A. Hassan, S. Alshomrani, A. Altalhi, S. Ahsan, Improved routing metrics for energy constrained interconnected devices in low-power and lossy networks. J. Commun. Netw. 18(3), 327–332 (2016) 6. M.S. Aman, K. Yelamarthi, A. Abdelgawad, A comparative analysis of simulation and experimental results on RPL performance, in Proceedings of the 2017 IEEE 8th Annual Ubiquitous Computing, Electronics and Mobile Communication Conference (UEMCON) (2017), pp. 483– 487 7. L. Gao, Z. Zheng, M. Huo, Improvement of RPL protocol algorithm for smart grid, in Proceedings of the 2018 IEEE 18th International Conference on Communication Technology (ICCT) (2018), pp. 927–930 8. W. Alayed, L. Mackenzie, D. Pezaros, Analytical hierarchy process multi-metric objective function for RPL, in Proceedings of the 2018 IEEE 17th International Symposium on Network Computing and Applications (NCA) (2018), pp. 1–5 9. H. Tran, M.T. Vo, L. Mai, A comparative performance study of RPL with different topologies and MAC protocols, in Proceedings of the 2018 International Conference on Advanced Technologies for Communications (ATC) (2018), pp. 242–247 10. H.S. Kim, J. Ko, D.E. Culler, J. Paek, Challenging the IPv6 routing protocol for low-power and lossy networks (RPL): a survey. IEEE Commun. Surv. Tutorials 19(4), 2502–2525 (2017) 11. E. Ancillotti, R. Bruno, M. Conti, Reliable data delivery with the IETF routing protocol for low-power and lossy networks. IEEE Trans. Ind. Inform. 10(3), 1864–1877 (2014) 12. P. Janani, V.C. Diniesh, M.J.A. Jude, Impact of path metrics on RPL’s performance in low power and lossy networks, in Proceedings of the 2018 International Conference on Communication and Signal Processing (ICCSP) (2018), pp. 0835–0839 13. D. Airehrour, J. Gutierrez, S.K. Ray, A testbed implementation of a trust-aware RPL routing protocol, in Proceedings of the 2017 27th International Telecommunication Networks and Applications Conference (ITNAC) (2017), pp. 1–6 14. S. Goyal, T. Chand, Improved trickle algorithm for routing protocol for low power and lossy networks. IEEE Sens. J. 18(5), 2178–2183 (2017) 15. I. Kechiche, I. Bousnina, A. Samet, A comparative study of RPL objective functions, in Proceedings of the 2017 Sixth International Conference on Communications and Networking (ComNet) (2017), pp. 1–6 16. P.T.V. Bhuvaneswari, V. Gokilapriya, J. Mahalakshmi, Ambient light monitoring system for low power and lossy networks using RPL routing protocol, in Proceedings of the 2018 8th International Conference on Communication Systems and Network Technologies (CSNT) (2018), pp. 84–88 17. M. Banh et al., Performance evaluation of multiple RPL routing tree instances for Internet of Things applications, in Proceedings of the 2015 International Conference on Advanced Technologies for Communications (ATC) (2015), pp. 206–211

34

J. T. Ibibo and B. R. Japheth

18. M.O. Farooq, C.J. Sreenan, K.N. Brown, T. Kunz, RPL-based routing protocols for multi-sink wireless sensor networks, in Proceedings of the 2015 IEEE 11th International Conference on Wireless and Mobile (2015) 19. M. Keertikumar, M. Shubham, R.M. Banakar, Evolution of IoT in smart vehicles: an overview, in Proceedings of the 2015 International Conference on Green Computing and Internet of Things, ICGCIoT 2015 (2016), pp. 804–809 20. L. Atzori, A. Iera, G. Morabito, The internet of things: A survey. Comput. Netw. 54(15), 2787– 2805 (2010) 21. A.Y. Barnawi, G.A. Mohsen, E.Q. Shahra, Performance analysis of RPL protocol for data gathering applications in wireless sensor networks, in Procedia Computer Science (2019), pp. 185–193 22. H.S. Kim, J. Ko, D.E. Culler, J. Paek, Challenging the IPv6 routing protocol for low-power and lossy networks (RPL): a survey. IEEE Commun. Surv. Tutorials 19(4), 2502–2525 (2017) 23. M. Qasem, H. Altawssi, M.B. Yassien, A. Al-Dubai, Performance evaluation of RPL Objective functions, in Proceedings of the 15th IEEE International Conference Computer and Information Technology CIT 2015, 14th IEEE International Conference on Ubiquitous Computing and Communication IUCC 2015, 13th IEEE International Conference on Dependablem Autonomic and Secure Computing (2015), pp. 1606–1613 24. H. Lamaazi, N. Benamar, A novel approach for RPL assessment based on the objective function and trickle optimizations. Wireless Communications and Mobile Computing, 2019. 25. A. Bisen, J. Matthew, Performance evaluation of RPL routing protocol for low power lossy networks for IoT environment, in 2018 International Conference on Circuits and Systems in Digital Enterprise Technology, ICCSDET 2018 (2018), pp. 1–8 26. H. Kharrufa, H.A.A. Al-Kashoash, A.H. Kemp, RPL-based routing protocols in IoT applications: A review. IEEE Sens. J. 19(15), 5952–5967 (2019) 27. A. Elsts, J. Pope, X. Fafoutis, R. Piechocki, G. Oikonomou, Instant: a TSCH schedule for data collection from mobile nodes, in Proceedings of the 2019 International Conference on Embedded Wireless Systems and Networks. EWSN (2019) 28. T. Watteyne, X. Vilajosana, B. Kerkez, F. Chraim, K. Weekly, Q. Wang et al. OpenWSN: a standards-based low-power wireless development environment. Trans. Emerg. Telecommun. Technol. 23(5), 480–493 (2012) 29. C.-Y. Li, H.-T. Chien (eds.) Communication, dissemination, standardisation and exploitation achievements of Y1 and plans for Y2 (2018). 5G-CORAL Deliverable D5.1 30. A. Peyrard, N. Kosmatov, S. Duquennoy, S. Raza, Towards formal verification of Contiki: analysis of the AES-CCM* modules with Frama-C, in Proceedings of the Workshop on Recent Advances in Secure Management of Data and Resources in the IoT. RED-IOT, Madrid (2018) 31. M. Alirezaie, J. Renoux, U. Köckemann, A. Kristoffersson, L. Karlsson, E. Blomqvist et al., An ontology-based context-aware system for smart homes: E-care@home. Sensors 17(7), 1586 (2017)

Analysis of LoRaWAN and NB-IoT for Critical and Massive Communication Mateo Campoverde-Fordon

and Birger Andersen

1 Introduction As wireless devices are becoming more compact, powerful, and low-cost, new ways of collecting data are available for large systems. LoRaWAN, NB-IoT, LTE-M, and Sigfox are LPWANs that enable easy monitoring of systems with many parts. This analysis will cover pervasive threats for LoRaWAN and NB-IoT devices, as well as proposed use cases for both. We will focus at LoRaWAN and NB-IoT because of their growing popularity compared to other LPWANS. It is projected that LPWANS will have a 50% growth rate by 2034 in applications such as transportation, healthcare, and manufacturing [1]. Ericsson [2] loosely categorizes IoT devices as either being used in massive or critical applications. In critical applications such as traffic control and healthcare, wireless devices should provide quick and reliable data. In massive applications such as agriculture, smart buildings, and metering, larger amounts of smaller data should be collected through many IoT devices, whereas quick and reliable data delivery does not have quite the same role. In this analysis, we will consider LoRaWAN and NB-IoT for use in massive and critical IoT. We will categorize the technologies by their practicality and list their security concerns by severity.

M. Campoverde-Fordon () University of Illinois Urbana-Champaign, Champaign, IL, USA e-mail: [email protected] B. Andersen Technical University of Denmark, Copenhagen, Denmark e-mail: [email protected] © The Author(s), under exclusive license to Springer Nature Switzerland AG 2024 K. P. Tran et al. (eds.), The Seventh International Conference on Safety and Security with IoT, EAI/Springer Innovations in Communication and Computing, https://doi.org/10.1007/978-3-031-53028-9_3

35

36

M. Campoverde-Fordon and B. Andersen

2 Related Work There are several articles that cover both the security features and flaws of LoRaWAN, NB-IoT, and other WPLAN technologies. Yang et al. [3], Oliveira [4] describe security threats to LoRaWAN from the device itself to possible flaws in the user facing application. These articles have been used for researching current vulnerabilities in LoRaWAN such as replay attacks. Articles such as [5, 6] are more specific in the type of attacks regarding LoRaWAN. These articles discuss jamming and bitflipping techniques and provide remedies that could be implemented in the future. Likewise, there are articles [7, 8] that can be found for specific NB-IoT attacks such as IMSI catching and jamming. There are also articles that cover vulnerabilities for LPWANS that include NB-IoT and LoRaWAN such as [9, 10]. These articles help for general overviews of the WPLAN landscape, and which LPWANs would fit the application at hand. This chapter provides the theory and practicality toward NB-IoT and LoRaWAN v1.1 attacks. In our analysis, we have compiled and ranked critical vulnerabilities and security concerns for both technologies. We also express our concerns and recommendations for both LPWANS in the monitoring of massive and critical IoT systems.

3 LoRaWAN LoRaWAN is an open protocol to create long-range networks through the use of LoRa, a proprietary radio communication scheme. Maintained by The LoRa Alliance, LoRaWAN can be used in many data collection applications. As LoRa devices are deployed in a star topology, LoRaWAN is used to communicate between end devices and LoRa gateways before data are relayed to application servers [11].

3.1 Practicality LoRa devices are low-cost, battery-operated, and compact, which allow for large network deployments. As LoRa devices are not dependent on any preexisting network infrastructure, relatively inexpensive LoRaWAN gateways must be purchased to capture LoRa packets. Up to 10,000 devices can be managed by a single gateway [12], and a signal sent to many gateways will be received by the network server. Here duplicates are removed, and a single message is forwarded to application server. The range of a single LoRa device roughly is 10km, although data can be relayed through gateways. Device mobility is supported as long as gateways connected to same network server are within range. Radio bands are unlicensed, and therefore, anyone can set up an own network with gateways and servers, although it is more

Analysis of LoRaWAN and NB-IoT for Critical and Massive Communication

37

simple to connect gateways to existing servers such as The Things Network (TTN). However, this also means that radio interference can be expected.

3.2 Security There are two ways to deploy a LoRa v1.1 device to a network: over-the-airactivation (OTAA) and activation-by-personalization (ABP). Devices using OTAA join a network through a key generation handshake, creating unique keys for each session. Before joining, each device must store a unique device identifier (DevEUI), join server identifier (JoinEUI), application root key (Appkey), and a network root key (NwkKey). As seen in Fig. 1, LoRa devices send a Join-Request with a message integrity code (MIC, calculated with NwkKey) that is then relayed by the gateway to the Join-Server. After the Join-Server verifies the request, it generates session keys for the network server (NwkSKey), application server (AppSKey), and device (FNwkSIntKey, SNwkSIntKey, NwkSEncKey). Then the network session key (NwkSKey) and app session key (AppSKey) are distributed to the network server and app session, respectively. Lastly, an Advanced Encryption Standard (AES, Fig. 3) encrypted Join-Accept message is sent to the device [13]. The end device is able to produce AppSKey, FNwkSIntKey (forwarding network session integrity key), SNwkSIntKey (serving network session integrity key), and NwkSEncKey (network session encryption key) independently as the handshake shares nonces that are used to calculate said keys. The key hierarchy is displayed in Fig. 2. End devices using ABP will have the FNwkSIntKey, SNwkSIntKey, NwkSEncKey, and AppSKey stored directly to the device, circumventing any key

Fig. 1 OTAA for LoRaWAN v1.1 [13]

38

M. Campoverde-Fordon and B. Andersen

AppSKey = aes128encrypt (AppKey, 0x02|JoinN once|JoinEU I|DeviceN once|pad16) F N wkSIntKey = aes128encrypt (N wkKey, 0x01|JoinN once|JoinEU I|DeviceN once|pad16) SN wkSIntKey = aes128encrypt (N wkKey, 0x03|JoinN once|JoinEU I|DeviceN once|pad16) N wkSEncKey = aes128encrypt (N wkKey, 0x04|JoinN once|JoinEU I|DeviceN once|pad16)

Fig. 2 LoRaWAN key hierarchy [11] Nonce — Counter 0

Key

Nonce — Counter 1

Key AES

Plaintext

Key AES

AES

Plaintext

Ciphertext

Nonce — Counter 2

Plaintext

Ciphertext

Ciphertext

Fig. 3 AES CTR mode

generation handshake. In the event of manufacturers or end users using the same keys and identifiers for multiple devices, LoRaWAN gateways will be unable to distinguish incoming packets from different devices. For end devices sending messages to the application server, all packet data are encrypted using AppSKey. This ensures end-to-end encryption from the device to the end-user application. Additionally, LoRa packets include a counter value that is checked by the LoRa gateway used to ensure packets are not lost in transmission. If a packet’s counter is less than (or greater than a configurable margin of error) the LoRa gateway’s stored counter, it will be dropped. 1. Eavesdropping This attack is applicable to devices using ABP v1.1, as encryption keys do not change. To eavesdrop on LoRa packets, two packets must be captured with the same counter value. As AES Counter mode (CTR, Fig. 3) is used for encryption, XORing two encrypted payloads (.C1 , C2 ) using private key K would yield the XOR of the plaintext data (.P1 , P2 ). This is shown in Fig. 4. From here, crib dragging techniques can be used to retrieve each plaintext. As LoRaWAN devices are expected to transmit data sparingly, this attack will likely take years to capture packets with the same counter value. However, if multiple LoRa devices using ABP have identical session keys, then more packets could

Analysis of LoRaWAN and NB-IoT for Critical and Massive Communication Fig. 4 Plaintext retrieval

39

C1 ⊕ C2 = (P1 ⊕ K) ⊕ (P2 ⊕ K)

 (K ⊕ K) = (P1 ⊕ P2 ) ⊕  = P1 ⊕ P2

be captured, which could lead to a faster counter matching. This is the most severe vulnerability for devices using ABP as it can exploit remotely and retrieve any sensitive data in transit. The confidentiality of a LoRaWAN device could be compromised with this exploit [3, 4]. 2. Jamming It is easy and inexpensive to jam LoRa gateways with Gaussian noise. It has been shown using a low-cost ESP32 with a LoRa attachment that LoRa gateways fail to receive any packets from LoRa devices. More intelligent jammers can selectively choose when to release noise, increasing their power efficiency and making them harder to detect. Utilizing LoRa’s Adaptive Data Rate feature can help defend against these attacks, although it requires more power, shortening the lifespan of the device. Jamming is common across all radio communication technologies as it is easy to achieve. While not as nosy as eavesdropping, jamming is an attack on availability as all valuable data are lost to noise [5]. A LoRaWAN device only re-transmits its data if the device software application includes such feature. Jamming will be difficult to detect since radio band is unlicensed and interference from other traffic is normal. 3. DevEUI Catching As mentioned earlier, DevEUIs are used for identifying individual LoRaWAN devices. DevEUIs are exposed during OTAA Join-Request and Rejoin-Request packets within the frame header. If an attacker were to capture LoRa packets with DevEUI information, the attacker could track the rough location of the LoRa device [14]. If an attacker jams a LoRa device to force a Rejoin-Request, then the DevEUI could be captured again. When joining, a device is assigned a 32-bit device address which it uses until a rejoin. This address may be caught as well. DevEUI catching (or address catching) is a breach of privacy as the location of a LoRaWAN device could be disclosed and used for physical attacks. However, DevEUI catching is not very practical as LoRaWAN devices are physically small and this vulnerability gives an approximation of a device’s location. Although if a device is captured, then ABP keys may be extracted allowing for more serious LoRaWAN attacks. If device is carried by a person, it will allow for tracking of the person. 4. Replay Attack In addition to jamming LoRa devices, packets from LoRa devices using ABP can be captured and released on command. This works as packets are not timestamped and ABP is not dependent on dynamic session keys [15]. However, an attacker must wait until the counter value FCnt overflows to the first captured counter value, so that captured messages can be repeated. It should be noted that a configurable margin of error can exist for counter values, such that FCnt values can skip ahead causing packets with lower counter values to be discarded. By releasing

40

M. Campoverde-Fordon and B. Andersen

increased counter packets within this gap, any legitimate packets of a lower counter value will be discarded by the LoRa gateway. This attack could be a greater breach of integrity if LoRaWAN packets were not sent as infrequently. Because of the delay between packets being sent, it may take years for a replay attack to be viable. At that point, the LoRaWAN device may have reached the end of its lifecycle. 5. Bitflipping Bitflipping is a concern for LoRaWAN as the integrity of packets can be compromised, but still appear authentic. Although LoRaWAN uses AES CTR mode to encrypt packet payloads, the positions of the data bits are not shuffled (Fig. 3). This means if the structure of the plaintext data is known, specific bits could be targeted. To falsify authenticity after modifying the data, all MIC combinations can be brute-forced within 1516.5 milliseconds using a quad-core processor [6]. Due to the amount of forged MIC possibilities, it is unlikely that a forged LoRaWAN packet would be accepted. Considering on average 2,147,483,648 attempts are needed before a valid MIC is forged, an authentic packet may be transmitted before the modified packet. This means the new authentic packet would carry an incremented frame counter, and the modified packet would be invalid regardless of MIC value [4]. 6. Backward Compatibility Vulnerabilities In the event a LoRaWAN v1.1 device and a v1.0.2 backend are communicating or vice versa, there are attacks vulnerabilities that could be exploited. Although LoRaWAN v1.1 addresses issues such as replay, eavesdropping, ACK spoofing, and DoS attacks, these attacks are reinstated when a LoRaWAN network is configured with mismatching software versions [16]. This is due to the sacrifice of keys and message types when a LoRaWAN device or backend has v1.0.2.

4 NB-IoT Narrow-Band Internet of Things (NB-IoT) is a LPWAN technology standardized by the 3rd Generation Partnership Project (3GPP). Using long-term evolution (LTE) technology, NB-IoT utilizes preexisting cellular infrastructure to transmit data. Because of this, NB-IoT requires subscriber identity module (SIM) cards to function on mobile carriers.

4.1 Practicality As NB-IoT utilizes preexisting cellular infrastructures as 4G and 5G maintained by mobile carriers to transmit data, no gateways need to be purchased. This greatly increases the operating range of NB-IoT devices as mobile carriers have high global coverage. Device mobility is therefore supported. Mobile carriers operate in licensed bands and have thus full control of traffic, so no interference from unknown traffic is expected.

Analysis of LoRaWAN and NB-IoT for Critical and Massive Communication

41

4.2 Security NB-IoT is based on LTE security and uses SIM cards for secure communication. Because of this, NB-IoT devices have security features that are used in more popular and expensive devices, such as smartphones. Additionally, many cellular optimizations can be used to transfer data securely such as Non-IP Data Delivery (NIDD) and Data Over Network Attached Storage (DoNAS) [17]. 1. SIM Swapping If an attacker were to locate a NB-IoT device and retrieve its SIM card, a SIM swapping attack could take place. By swapping the SIM card to a malicious device, the attacker may be able to connect to the Packet Data Network Gateway (PGW) that hosts the private LAN for the legitimate NB-IoT devices. As NB-IoT devices are capable to send IP data, the malicious device may detect open ports and perform common IP attacks. By gaining access to the private LAN, a malicious device could also deplete resources of legitimate devices. By flooding any devices with open ports with spoofed traffic on the network, devices expend their batteries resulting in a denial of service (DoS). SIM swapping can almost be prevented with the use of embedded SIM cards (eSIMs). As eSIMs are soldered directly to the NB-IoT device, it would be difficult to remove the eSIM without damaging it. This is the biggest threat to NB-IoT devices as an attacker can gain direct access to the PGW for other NB-IoT devices. If additional IP vulnerabilities are found on open ports of NB-IoT devices, then not only integrity, but confidentiality and availability may be compromised [9]. 2. Soft Downgrade While NB-IoT was designed with 4G in mind, manufacturers are still producing NB-IoT chipsets with 2G fallback. This means if an attacker is able to spoof TAU reject messages and force the device to connect using a malicious 2G base station, a man-in-the-middle attack could take place. In the event of new vulnerabilities regarding cellular communication, NB-IoT devices will be affected as they are dependent on cellular infrastructure and protocols. Because of how this attack would intercept any packets in transit, their contents could be observed or even modified. If successful, this attack could be very powerful at gathering data from NB-IoT devices and would compromise confidentiality and integrity. However, NB-IoT devices may be physically or digitally configured to prevent fallback, meaning this attack would not work [18]. 3. IMSI Catching All SIM cards are assigned an international mobile subscriber identity (IMSI), which means NB-IoT devices can be uniquely identified and tracked by an attacker. IMSI Catchers can be used to impersonate a LTE network in order for NB-IoT and other cellular devices to expose their IMSI. This is because Tracking Area Update (TAU) reject messages can be spoofed, resulting in a cellular device to give up their IMSI through a reactive Attach Request message. Autonomous IMSI catchers have been made through the use of software-defined radios (SDRs), Low-Noise Amplifiers (LNAs), Raspberry Pis, and open-source software. Although IMSI catchers are relatively small and easy to hide, SDRs are expensive and can limit the practicality of this attack. From gathering a device’s

42

M. Campoverde-Fordon and B. Andersen

IMSI, an attacker can locate the NB-IoT device and perform physical attacks on the device. This is an attack on privacy of owner carrying device and availability as a NB-IoT device can be located and possibility destroyed on discovery [7, 10]. 4. Jamming NB-IoT operates within licensed, regulated spectrum bands meaning interference from other radio technologies is kept to a minimum. However, as with other radio communication technologies, NB-IoT devices are still susceptible to jamming attacks. Jammers that produce noise at the operating frequency channel of NB-IoT devices can cause packet loss. However, as cellular infrastructure is maintained by the network operators, it is likely that jamming attacks would alert authorities. Likewise, network operators likely have more frequency channels available for NB-IoT devices to be assigned and reconnected to. Successful jamming affects the availability of NB-IoT devices as it disrupts communication from the device.

5 Discussion As listed by order of severity earlier, there are many vulnerabilities that affect both LoRaWAN and NB-IoT. One can see that both technologies have a comparable amount of security concerns. In Table 1 are the discussed security concerns for NB-IoT and LoRaWAN. Each security concern is categorized under confidentiality, integrity, availability, and privacy for comparison purposes. Our findings are consistent with other articles, such that both LoRaWAN and NBIoT have vulnerabilities that exist in their most recent updates. However, NB-IoT’s concerns are considerably more difficult to perform. At the same time, LoRaWAN has more serious issues regarding confidentiality and integrity. This is due to several factors, as LoRaWAN is a newer technology and does not have the same scope of expertise as 3GPP does when developing NB-IoT. IoT device applications can be broadly categorized as either critical or massive. Massive IoT is used to gather smaller amounts of data at a large scale, while critical IoT must communicate data quickly and reliably. Table 1 Overview of major threats

Threat Confidentiality

LoRaWAN Eavesdropping

Availability

Jamming

Privacy Integrity

DevEUI catching Bitflipping Replay attack

NB-IoT SIM swapping Soft downgrade Jamming Soft downgrade IMSI catching SIM swapping Soft downgrade

Analysis of LoRaWAN and NB-IoT for Critical and Massive Communication

43

From our investigation on how NB-IoT utilizes LTE security and consequentially has fewer security concerns, NB-IoT is a better candidate for healthcare, traffic control, and other critical IoT applications. SIM Swapping and Soft Downgrade attacks require great effort that can largely be prevented by eSIMs and strict 4G usage. On the other hand, we have shown how LoRaWAN may be more practical for monitoring massive static systems that have little cellular reception. The severity of ABP attacks makes LoRaWAN an easy target for attackers which is why LoRaWAN should be used for less critical applications. ABP should thus be avoided and OTAA used instead.

6 Conclusion In this analysis, we have covered various security concerns and features regarding LoRaWAN and NB-IoT. We have also shown the practicality for implementing these theoretical attacks as different hardware are needed for both LPWANs. Both technologies have a comparable amount of security flaws, although the flaws in LoRaWAN are considerably more severe. LoRaWAN flaws can be exploited cheaply and remotely. On the other hand, to exploit NB-IoT devices, expensive equipment (SDRs) is needed and in some cases physical access to a device (SIM Swapping). However, LoRaWAN could excel in localized applications where large amounts of less sensitive data are being transmitted. As NB-IoT is supported by 3GPP and mobile service providers, more maintenance and reliability can be ensured. For these reasons, NB-IoT should be considered for critical IoT applications such as healthcare, traffic control, etc. Likewise, LoRaWAN should be considered for massive IoT applications such as agriculture and metering. Still ABP should be avoided and OTAA used instead.

References 1. Preeti Wadhwani: Low Power Wide Area Network (LPWAN) Market, 2023–2032. https:// www.gminsights.com/industry-analysis/low-power-wide-area-network-lpwan-market. Last accessed 14 Aug 2023 2. Ericsson White Paper: Cellular networks for massive IoT. Uen 284 23–3278 (2016) 3. X. Yang, E. Karampatzakis, C. Doerr, F. Kuipers, Security vulnerabilities in LoRaWAN, in IEEE/ACM Third International Conference on Internet-of-Things Design and Implementation (IoTDI) (2018), pp. 129–140. https://doi.org/10.1109/IoTDI.2018.00022 4. R. Oliveira, LoRaWAN v1.1 security survey (2020) 5. J. Stenholt, M. Jensen, B. Alexander, W. Patterson, T. Blaszczyk, B. Andersen, Jamming LoRa and evaluation of ease of implementation, in EAI IoECon 2023 - The Second EAI International Conference on the Internet of Everything (2023) 6. J.W. Lee, D.Y. Hwang, J.H. Park, K.-H. Kim, Risk analysis and countermeasure for bit-flipping attack in LoRaWAN, in Da Nang, 2017 International Conference on Information Networking (ICOIN) (2017), pp. 549–551. https://doi.org/10.1109/ICOIN.2017.7899554

44

M. Campoverde-Fordon and B. Andersen

7. I. Palamà, F. Gringoli, G. Bianchi, N. Blefari-Melazzi, IMSI Catchers in the wild: a real world 4G/5G assessment. Comput. Netw. 194, 108137 (2021). ISSN 1389-1286. https://doi.org/10. 1016/j.comnet.2021.108137 8. K.F. Muteba, K. Djouani, T. Olwal, 5G NB-IoT: design, considerations, solutions and challenges. Procedia Comput. Sci. 198, 86–93 (2022). https://doi.org/10.1016/j.procs.2021.12. 214 9. F.L. Coman, K.M. Malarski, M.N. Petersen, S. Ruepp, Security issues in Internet of Things: vulnerability analysis of LoRaWAN, Sigfox and NB-IoT (2019) 10. O.S. Campillo, Security Issues in Internet of Things. Universitat Politècnica de Catalunya, Enginyeria de Telecomunicació (2017) 11. LoRaWAN™1.1 Specification, https://resources.lora-alliance.org/technical-specifications/ lorawan-specification-v1-1. Last accessed 10 Aug 2023 12. What are LoRa® and LoRaWAN®?, https://lora-developers.semtech.com/documentation/ tech-papers-and-guides/lora-and-lorawan/. Last accessed 13 Aug 2023 13. End Device Activation, https://www.thethingsnetwork.org/docs/lorawan/end-deviceactivation/. Last accessed 13 Aug 2023 14. K. Budykho, I.C. Boureanu, S. Wesemeyer, D. Romero, M. Lewis, Y. Rahulan, F. Rajaona, Fine-grained trackability in protocol executions. 30th Annual Network and Distributed System Security (NDSS) Symposium (2023) 15. T. Perkovi´c, J. Šabi´c, K. Zovko, P. Šoli´c, An investigation of a replay attack on LoRaWAN wearable devices, in 2023 IEEE International Mediterranean Conference on Communications and Networking (MeditCom), Dubrovnik (2023) 16. T.C.M. Dönmez, E. Nigussie, Security of LoRaWAN v1.1 in backward compatibility scenarios. Procedia Comput. Sci. 134, 51–58 (2018). https://doi.org/10.1016/j.procs.2018.07.143 17. Security Features of LTE-M and NB-IoT Networks, https://www.gsma.com/iot/wp-content/ uploads/2019/09/Security-Features-of-LTE-M-and-NB-IoT-Networks.pdf. Last accessed 15 Aug 2023 18. ALT1255: NB-IoT with 2G Fallback, https://altair.sony-semicon.com/products/alt1255/. Last accessed 17 Aug 2023

A Bibliometric Analysis and Comprehensive Overview of Security Attacks Against RPL in IoT Networks Joshua Teddy Ibibo

1 Introduction The proliferation of Internet of Things (IoT) devices has brought about a paradigm shift in how we interact with and perceive our environment. From smart homes to industrial automation, IoT networks have become an integral part of modern society, which Fig. 1 has highlighted further. At the heart of these networks lies the Routing Protocol for Low-Power and Lossy Networks (RPL), a vital communication protocol designed to cater to the unique constraints of resource-constrained IoT environments. However, the widespread adoption of RPL introduces a significant challenge—the susceptibility of these networks to security attacks that can compromise the integrity, availability, and confidentiality of the data they transmit [1, 2]. The promise of RPL lies in its ability to provide efficient routing in IoT networks characterized by low power consumption, high scalability, and adaptability to dynamic network topologies. These attributes make RPL an ideal choice for ensuring seamless communication between devices with limited resources. However, the very features that make RPL attractive also expose it to various vulnerabilities, which, if exploited, can lead to severe security breaches. These vulnerabilities stem from the unique characteristics of IoT environments, including limited computational power, memory constraints, and wireless communication mediums prone to interference and eavesdropping. The security of IoT networks, particularly those employing RPL, has emerged as a critical concern. As the number of connected

Edinburgh Napier University J. T. Ibibo () School of Computing, Edinburgh Napier University, Edinburgh, UK e-mail: [email protected]; www.napier.ac.uk © The Author(s), under exclusive license to Springer Nature Switzerland AG 2024 K. P. Tran et al. (eds.), The Seventh International Conference on Safety and Security with IoT, EAI/Springer Innovations in Communication and Computing, https://doi.org/10.1007/978-3-031-53028-9_4

45

46

J. T. Ibibo

Fig. 1 Outline of classified domains

devices grows exponentially, so does the potential attack surface. Malicious actors exploit vulnerabilities in RPL to launch a variety of security attacks that can disrupt normal operations, compromise data integrity, and compromise the overall stability of the network. These attacks, ranging from sinkhole attacks that divert network traffic to unauthorized nodes to Sybil attacks that introduce fake nodes into the network, pose a substantial threat to the reliability, effectiveness of IoT deployments, and also blackhole attack [2, 3]. This chapter seeks to address the pressing need for a deeper understanding of the security challenges posed by attacks against RPL in IoT networks. By employing a bibliometric analysis approach coupled with a comprehensive overview of security attacks, this chapter aims to shed light on the evolving landscape of RPL security research. The chapter categorizes and explains various security attack classes against RPL, highlights their underlying mechanisms, and provides realworld instances to underscore their potential impact. Additionally, the chapter explores the vulnerabilities inherent in RPL and discusses mitigation techniques proposed in the literature to counteract these vulnerabilities. In conclusion, this chapter stands as an essential endeavor in comprehensively examining the security challenges associated with the RPL protocol in IoT networks. By synthesizing a wide array of research findings, the chapter aims to contribute to a better understanding of the security threats and mitigation strategies that are paramount in safeguarding the integrity and functionality of RPL-based IoT ecosystems.

2 Background and Related Work 2.1

IoT Networks and RPL Protocol

The proliferation of IoT devices has led to the creation of interconnected ecosystems that span various domains, including healthcare, smart cities, agriculture, and industrial automation. IoT networks are characterized by a multitude of heterogeneous

A Bibliometric Analysis and Comprehensive Overview of Security Attacks. . .

47

devices that communicate and collaborate to collect, process, and transmit data. The efficient routing of data within such networks is paramount to ensuring seamless communication and effective decision-making. The Routing Protocol for LowPower and Lossy Networks (RPL) has emerged as a cornerstone in IoT network design due to its ability to address the unique challenges posed by resourceconstrained devices. RPL’s lightweight and energy-efficient routing mechanisms make it well suited for networks where power consumption and memory constraints are paramount [4, 5].

2.2 IoT Security Challenges While IoT networks offer unprecedented convenience and efficiency, they also introduce a myriad of security challenges. The distributed nature of IoT, coupled with the diversity of devices, communication protocols, and applications, creates a complex attack surface. IoT devices are often deployed in uncontrolled environments, making them susceptible to physical attacks, unauthorized access, and eavesdropping. Moreover, the resource limitations of IoT devices can hinder the implementation of robust security mechanisms, leaving vulnerabilities that attackers can exploit [6–12].

2.3 Security Attacks Against RPL The security of IoT networks heavily relies on the integrity of communication protocols such as RPL. However, the open and dynamic nature of IoT environments renders RPL susceptible to various security attacks. These attacks exploit the protocol’s characteristics and design choices, aiming to disrupt communication, compromise data, or compromise network stability. Common attack classes include sinkhole attacks, where malicious nodes attract and divert network traffic, selective forwarding attacks, which involve selectively dropping or forwarding packets, blackhole attacks, where nodes intentionally discard all received packets, and Sybil attacks, which involve forging multiple identities to gain unauthorized access [13–16].

2.4 Existing Research on RPL Security Numerous researchers have recognized the importance of securing RPL-based IoT networks and have delved into the exploration of security vulnerabilities and mitigation strategies. The existing body of work encompasses various aspects, including attack detection, prevention techniques, secure key management, cryptographic

48

J. T. Ibibo

protocols, and behavioral analysis. Prior studies have shed light on individual attack classes and proposed countermeasures to mitigate their impact [3, 6–16].

2.5 Research Gap and Motivation While previous research has contributed significantly to the understanding of security challenges in IoT networks, there remains a need for a consolidated and comprehensive overview of the security attacks specifically targeting the RPL protocol. This chapter aims to bridge this gap by conducting a thorough bibliometric analysis and overview of security attacks against RPL in IoT networks. By systematically reviewing the existing literature, categorizing attack vectors, and evaluating mitigation techniques, this chapter aims to provide a holistic perspective on the evolving landscape of RPL security research and its implications for the broader IoT ecosystem.

3 Methodology This Bibliometric Analysis was conducted following the PRISMA guidelines without prior registration in a systematic review database.

3.1 Data Sources and Collection To conduct a comprehensive bibliometric analysis and overview of security attacks against the RPL protocol in IoT networks, a systematic approach was employed to gather relevant scholarly literature. The research primarily relied on established academic databases, including IEEE Xplore, ACM Digital Library, Scopus, and Web of Science. Keywords such as “RPL security,” “IoT network attacks,” “routing protocol vulnerabilities,” and related terms were used in various combinations to retrieve relevant studies.

3.2 Selection Criteria The selection of literature was guided by predefined criteria to ensure the inclusion of high-quality and relevant studies. Only peer-reviewed journal articles, conference papers, and reputable technical reports published between [1996] and [2023] were considered. The studies needed to explicitly focus on RPL protocol security, security attacks within IoT networks, or vulnerabilities inherent in RPL. To capture the most current research trends, only publications from the last 13 years were included.

A Bibliometric Analysis and Comprehensive Overview of Security Attacks. . .

3.3

49

Data Extraction and Categorization

Upon gathering the initial set of literature, a rigorous data extraction process was undertaken. Each selected study was analyzed to extract key information, including the publication year, authors’ affiliations, research focus, methodologies employed, and key findings. The extracted data were then organized into a structured database for subsequent analysis.

3.4 Metrics for Bibliometric Analysis The bibliometric analysis encompassed various metrics to reveal trends, insights, and collaboration patterns within the field. Publication trends over time were visualized using line graphs to illustrate the evolution of research. Network diagrams were constructed to map collaboration networks among authors, institutions, and regions. Citation patterns were analyzed to identify influential works and to ascertain the impact of certain publications on the field.

3.5 Review and Validation The methodology and data extraction processes were subjected to continuous review and validation by a team of experts in the field of IoT security and protocol analysis. Any discrepancies or uncertainties were resolved through discussions and consensus within the research team to ensure the accuracy and reliability of the collected data and subsequent analyses. By employing this rigorous methodology, this chapter aims to provide an unbiased and comprehensive analysis of the existing literature on security attacks against the RPL protocol in IoT networks. The combination of bibliometric analysis and attack categorization offers a multifaceted perspective on the evolution of research trends, key contributors, and critical insights into the security challenges facing RPL-based IoT ecosystems.

4 Bibliometric Analysis of RPL Security Research The bibliometric analysis of RPL security research provides a comprehensive overview of the field’s development, key contributors, and collaborative networks. The analysis underscores the growing significance of securing RPL-based IoT networks, as evidenced by the increasing number of publications, diverse collaborations, and impactful research contributions. This quantitative analysis serves as a foundation for the subsequent comprehensive overview of security attacks against

50

J. T. Ibibo

RPL in IoT networks, shedding light on the challenges and avenues for enhancing the security of RPL deployments.

4.1 Publication Trends The analysis of publication trends offers valuable insights into the evolution of RPL security research within the context of IoT networks. Figure 2 depicts a graphical representation of the number of publications related to RPL security over the last 27 years. The graph demonstrates a steady increase in research output, reflecting the growing recognition of the significance of securing RPL-based IoT networks.

4.2 Prolific Authors and Institutions To identify key contributors in the field, the analysis includes an examination of prolific authors and institutions. Figure 3 provides a list of the top authors and their respective affiliations based on the number of publications related to RPL security. Notably, researchers from diverse institutions have made significant contributions to the field, fostering collaboration across geographical boundaries.

100

75

50

25

00 0 20 1 02 20 03 20 04 20 05 20 06 20 07 20 08 20 09 20 10 20 11 20 12 20 13 20 14 20 15 20 16 20 17 20 18 20 19 20 20 20 21 20 22 20 23

99

20

98

20

97

19

19

19

19

96

0 Year Computing (Vienna/New York) Wireless Personal Communications

Fig. 2 Publication trends over time Fig. 3 Prolific authors and their affiliations

ACM International Conference Proceeding Series Electronics (Switzerland)

Ad Hoc Networks

A Bibliometric Analysis and Comprehensive Overview of Security Attacks. . .

51

4.3 Distribution Performance by Type According to the distribution performance space, the articles chosen for review are categorized in this section. Figure 2 shows how the papers are distributed according to their broad type: 48.5% come from conferences papers, 9.1% come from literature reviews, 3.0% come from book chapter, and 48.5% come from conference reviews (Fig. 4).

4.4 Collaboration Networks Collaboration networks among authors and institutions reveal the interconnectedness of researchers in the field. Network diagrams in Fig. 5 highlight influential collaborations, illustrating the flow of knowledge and ideas. These collaborations have led to the emergence of research clusters, fostering interdisciplinary approaches to tackling RPL security challenges. For each of the three organizations, the total strength of the bibliographic links with other organizations will be calculated. The organizations with the greatest total link strength will be selected. Fig. 4 Distribution performance by type

Book Chapter (3.0%) Review (9.1%)

Conference Pape... (48.5%)

Article (39.4%)

40

30

20

10

98 99 20 00 20 01 20 02 20 03 20 04 20 05 20 06 20 07 20 08 20 09 20 10 20 11 20 12 20 13 20 14 20 15 20 16 20 17 20 18 20 19 20 20 20 21 20 22 20 23

97

19

19

19

96

0 19

Fig. 5 Collaboration network diagrams for review papers

Year Computing (Vienna/New York)

ACM International Conference Proceeding Series

Wireless Personal Communications

Electronics (Switzerland)

Ad Hoc Networks

52

J. T. Ibibo

Fig. 6 Most cited and non-cited publications

4.5 Influential Works and Citations Identifying influential works is crucial for understanding the impact of research in the field. Figure 6 showcases the most cited and non-cited publications related to RPL security, emphasizing their contributions to shaping the discourse. The analysis of citation patterns provides insights into the key milestones and foundational research that have informed subsequent studies.

5 Categorization of Security Attacks Against RPL 5.1 Introduction to Attack Categorization In order to comprehensively understand the landscape of security attacks against the Routing Protocol for Low-Power and Lossy Networks (RPL) in IoT networks, a systematic categorization framework has been established. This framework classifies security attacks into distinct categories based on their attack vectors, techniques, and potential impacts. The classification aims to provide a structured overview of the diverse threats that exploit vulnerabilities within the RPL protocol [17–23].

5.2 Sinkhole Attacks Sinkhole attacks involve the creation of malicious nodes that falsely advertise themselves as highly desirable sinks for network traffic [24, 25]. This deception results in the diversion of legitimate traffic toward these compromised nodes. Sinkhole attacks disrupt the intended routing paths, leading to data interception, unauthorized access, and potential data manipulation [20]. Notable instances of sinkhole attacks include [the intruder or the malicious node tries to attract the network traffic toward itself, and that sensor nodes will pass data packets through this compromised node, thereby manipulating messages which sensor nodes are transferring to the base station.] and [Sinkhole attacks occur when a compromised node attracts network traffic by advertising fake routing updates.], both of which demonstrated the critical implications of these attacks on IoT networks.

A Bibliometric Analysis and Comprehensive Overview of Security Attacks. . .

53

5.3 Selective Forwarding Attacks Selective forwarding attacks revolve around malicious nodes selectively dropping or forwarding packets to achieve specific objectives [26, 27]. This tactic can lead to data loss, degraded network performance, and the potential manipulation of information flow within the network. An illustrative case is [a malicious node in the network selectively forwards some data packets to the base station while dropping others, with the goal of compromising the integrity and availability of the network], which highlighted the vulnerability of RPL to selective forwarding attacks and their potential to compromise network reliability.

5.4 Blackhole Attacks Blackhole attacks involve nodes falsely claiming to have optimal paths to a destination, leading traffic to be routed through them. These malicious nodes then drop the received packets, causing data loss and disruption in the network’s operation [28, 29]. Blackhole attacks pose a significant threat to data integrity and network functionality [6]. [It can occur when a router deletes all messages it is supposed to forward] demonstrated the impact of blackhole attacks in compromising the end-to-end communication within RPL networks.

5.5 Sybil Attacks Sybil attacks entail the creation of multiple fake identities by a single malicious node, effectively enabling it to occupy multiple network positions [30–32]. This manipulation undermines the trust mechanisms of the network, potentially leading to unauthorized access, data manipulation, and disruption of communication paths. [It can occur when a malicious attack that involves forging multiple identities to gain an undue advantage within a network] serves as an exemplar of the threat posed by Sybil attacks in exploiting RPL’s design vulnerabilities.

5.6 Other Attack Vectors Beyond the mentioned attack categories, other vectors such as wormhole attacks, hello flood attacks, reply attacks, worst parent, DAO inconsistency, decreased rank attack, traffic analysis, version number attack, DAG inconsistency, routing table attack, flooding, and routing table falsification also target RPL’s vulnerabilities. Each of these attack classes carries distinct techniques and implications for RPLbased IoT networks [14, 21] (Fig. 7).

54

J. T. Ibibo

Fig. 7 Visualization of the categorization of security attacks

5.7 Implications and Mitigation Strategies The classification of security attacks against RPL highlights the multifaceted nature of threats faced by IoT networks. Understanding these attack categories is pivotal for developing effective mitigation strategies. Subsequent sections of this chapter delve into the vulnerabilities inherent in RPL, exploring the mechanisms behind these attacks and the proposed countermeasures aimed at bolstering the security of RPL-based IoT networks [33–38].

6 Mitigation Techniques and Countermeasures By embracing these mitigation techniques and countermeasures, RPL-based IoT networks can significantly enhance their security posture [2, 3, 6–8]. The combination of cryptographic protocols, intrusion detection, key management, and collaborative strategies contributes to fortifying RPL’s vulnerabilities, minimizing the impact of security attacks, and ensuring the reliable and secure operation of IoT ecosystems [5, 23, 35–37, 39].

6.1 Cryptographic Protocols and Secure Communication Cryptographic techniques play a pivotal role in securing RPL-based IoT networks. Implementing protocols like IPsec and DTLS can ensure encrypted communication between nodes, preventing eavesdropping and data tampering. Cryptographic mechanisms can also be used for secure key exchange, establishing a foundation for trusted communication.

A Bibliometric Analysis and Comprehensive Overview of Security Attacks. . .

55

6.2 Intrusion Detection and Prevention Systems (IDPSs) Intrusion detection and prevention systems serve as vigilant guardians, identifying anomalous behavior and malicious activities within the network. By analyzing patterns in data traffic and node interactions, IDPS can promptly detect and respond to security breaches, mitigating the impact of attacks like selective forwarding and blackhole attacks.

6.3 Holistic Security Framework To comprehensively address security challenges in RPL-based IoT networks, a holistic security framework is needed. This framework should combine multiple mitigation techniques, customized to the unique characteristics of IoT environments, ensuring defense against a wide spectrum of attacks while preserving the efficiency of RPL’s routing mechanisms.

6.4 Enhanced Authentication Mechanisms Strengthening authentication mechanisms helps ensure that only legitimate nodes can participate in the network. Techniques such as public key infrastructure (PKI) and certificate-based authentication provide robust ways to verify the identity of nodes and thwart identity-based attacks.

7 Discussion and Future Directions 7.1 Synthesis of Key Findings This chapter has provided a comprehensive analysis of the security landscape surrounding the Routing Protocol for Low-Power and Lossy Networks (RPL) within Internet of Things (IoT) networks. Through bibliometric analysis and attack categorization, the chapter has illuminated the trajectory of RPL security research and revealed the spectrum of threats that exploit RPL’s vulnerabilities. By categorizing attacks such as sinkhole, selective forwarding, blackhole, and Sybil attacks, the chapter has highlighted the complex interplay between RPL’s design and the challenges posed by malicious actors.

56

J. T. Ibibo

7.2 Implications and Research Avenues The insights from this analysis hold significant implications for the future of IoT ecosystems. As IoT technologies proliferate across industries, securing RPLbased networks becomes paramount to ensuring data integrity, user privacy, and system reliability. Moving forward, research efforts should concentrate on refining mitigation techniques, exploring the integration of advanced technologies such as AI and machine learning, and fostering collaboration among academia, industry, and policymakers. The evolving nature of security threats calls for a proactive stance, with the development of standardized security practices and ethical considerations at the forefront of research endeavors.

7.3 Emerging Research Areas The research presented here identifies several promising directions for future research in the domain of RPL security. Exploring the integration of artificial intelligence and machine learning techniques for dynamic attack detection and response holds the potential to enhance the adaptability of security mechanisms. Furthermore, investigating the trade-offs between security and energy efficiency in RPL-based IoT networks can lead to optimized solutions that balance resource constraints and protection against attacks.

7.4 Ethical and Privacy Considerations As IoT devices increasingly become embedded in our daily lives, ethical considerations surrounding data privacy and user consent gain prominence. Ensuring that security measures are balanced with ethical practices is imperative. Future research should explore approaches that mitigate security threats while safeguarding user privacy and complying with relevant regulations.

7.5 Call to Action In conclusion, this chapter serves as a foundation for continued exploration of RPL security challenges in the evolving IoT landscape. As technology advancements accelerate, so do the tactics employed by adversaries. The onus is on the research community, IoT practitioners, and policymakers to collaborate in addressing these challenges. By proactively enhancing RPL’s security mechanisms, establishing ethical guidelines, and nurturing a culture of interdisciplinary collaboration, we

A Bibliometric Analysis and Comprehensive Overview of Security Attacks. . .

57

can shape a more secure and resilient future for IoT networks. Through these concerted efforts, we can harness the potential of IoT to revolutionize industries while safeguarding the foundations of trust, privacy, and security.

8 Conclusion In this research endeavor, we embarked on a comprehensive exploration of the security landscape surrounding the Routing Protocol for Low-Power and Lossy Networks (RPL) within the context of Internet of Things (IoT) networks. Through the meticulous bibliometric analysis, attack categorization, and vulnerability examination, we have illuminated the multifaceted challenges and opportunities associated with RPL security. Our findings have underscored the increasing significance of RPL security research, evident in the rising publication trends, collaborative networks, and influential contributors. The categorization of security attacks against RPL has unveiled the diversity of threats that exploit vulnerabilities in the protocol’s design. Furthermore, our analysis of RPL’s inherent vulnerabilities revealed the intricate interplay between protocol architecture and the potential avenues for exploitation. As the IoT landscape continues to evolve, the implications of this research are significant. A secure IoT ecosystem depends on robust protocols like RPL that form the foundation of communication networks. The vulnerabilities exposed by our analysis highlight the urgency of implementing proactive mitigation strategies. Looking ahead, collaborative efforts encompassing academia, industry, and policy are crucial to not only address existing challenges but also anticipate and counteract future threats. This chapter serves as an invitation for continued exploration, innovation, and collaboration in the field of RPL security. By synthesizing research insights, implementing effective countermeasures, and fostering ethical practices, we can pave the way for an IoT future that thrives on a foundation of trust, reliability, and security. Through collective action, we can ensure that the potential of IoT networks is harnessed responsibly, transforming industries and societies while safeguarding their digital space.

References 1. R. Sahay, G. Geethakumari, B. Mitra, IB-RPL: embedding isolation and blacklisting of malicious nodes in RPL for securing IoT-LLNs, in 2021 IEEE International Conference on Advanced Networks and Telecommunications Systems (ANTS) (2021), pp. 1–6 2. F.-t. Zahra, N.Z. Jhanjhi, S.N. Brohi, N.A. Malik, Proposing a rank and wormhole attack detection framework using machine learning, in 2019 13th International Conference on Mathematics, Actuarial Science, Computer Science and Statistics (MACS) (2019). Art. no. 9024821

58

J. T. Ibibo

3. R. Sahay, G. Geethakumari, B. Mitra, A holistic framework for prediction of routing attacks in IoT-LLNs. J. Supercomput. 78(1), 1409–1433 (2022) 4. F. Semedo, N. Moradpoor, M. Rafiq, Vulnerability assessment of objective function of RPL protocol for Internet of Things, in Proceedings of the 11th International Conference on Security of Information and Networks (2018), pp. 1–6 5. W. Yang, Y. Wang, Z. Lai, Y. Wan, Z. Cheng, Security vulnerabilities and countermeasures in the RPL-based Internet of Things, in 2018 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery (CyberC), pp. 49–495 (IEEE, 2018) 6. A. Patel, D. Jinwala, A trust-integrated RPL protocol to detect blackhole attack in Internet of Things. Int. J. Inform. Secur. Privacy 15(4), 1–17 (2021) 7. E. Refaee, S. Parveen, K.M.J. Begum, F. Parveen, M.C. Raja, S.K. Gupta, S. Krishnan, Secure and scalable healthcare data transmission in IoT based on optimized routing protocols for mobile computing applications. Wireless Commun. Mobile Comput. 2022, Art. no. 5665408 (2022) 8. S. Karmakar, J. Sengupta, S.D. Bit, LEADER: low overhead rank attack detection for securing RPL based IoT, in 2021 International Conference on COMmunication Systems & NETworkS (COMSNETS) (2021), pp. 429–437. Art. no. 9352937 9. R. Kumar, A. Malik, V. Ranga, Security concerns over IoT routing using emerging technologies: a review. Emerging Telecommun. Technol. 34(7), Art. no. e4798 (2023) 10. R. Fotohi, H. Pakdel, A lightweight and scalable physical layer attack detection mechanism for the Internet of Things (IoT) using hybrid security schema. Wireless Pers. Commun. 119(4), 3089–3106 (2021) 11. V. Kiran, A. Sardana, P. Kaur, Defending against DDoS attacks in RPL using subjective logic based trust approach for IOT, in 2022 2nd International Conference on Advance Computing and Innovative Technologies in Engineering (ICACITE) (2022), pp. 1656–1660 12. U. Kiran, IDS to detect worst parent selection attack in RPL-based IoT network, in 14th International Conference on COMmunication Systems & NETworkS, COMSNETS 2022, Bangalore (2022), pp. 769–773 13. A.M. Pasikhani, J.A. Clark, P. Gope, A. Alshahrani, Intrusion detection systems in RPL-based 6LoWPAN: a systematic literature review. IEEE Sens. J. 21(11), 12940–12968 (2021), Art. no. 9383263 14. M.A. Boudouaia, A. Ali-Pacha, A. Abouaissa, P. Lorenz, Security against rank attack in RPL protocol. IEEE Netw. 34(4), 133–139 (2020). Art. no. 9146423 15. U. Rahamathullah, E. Karthikeyan, A lightweight trust-based system to ensure security on the Internet of Battlefield Things (IoBT) environment. Int. J. Syst. Assur. Eng. Manag., 1–13 (2021). 16. R. Sahay, G. Geethakumari, B. Mitra, A novel network partitioning attack against routing protocol in Internet of Things. Ad Hoc Netw. 121, Art. no. 102583 (2021) 17. S. Ibrahimy, H. Lamaazi, N. Benamar, RPL Assessment using the rank attack in static and mobile environments, in 2020 International Conference on Innovation and Intelligence for Informatics, Computing and Technologies (3ICT) (2020), Art. no. 9311951 18. A.U. Gawade, N.M. Shekokar, Lightweight secure RPL: a need in IoT, in 2017 International Conference on Information Technology (ICIT), pp. 214–219 (IEEE, 2017) 19. V. Kumar, G. Oikonomou, T. Tryfonas, Traffic forensics for IPv6-based Wireless Sensor Networks and the Internet of Things, in 2016 IEEE 3rd World Forum on Internet of Things (WF-IoT 2016) (2017). Art. no. 7845515, pp. 633–638 20. J. Rani, A. Dhingra, V. Sindhu, A detailed review of the IoT with detection of sinkhole attacks in RPL based network, in 2022 International Conference on Communication, Computing and Internet of Things (IC3IoT) (2022) 21. G. Sharma, J. Grover, A. Verma, QSec-RPL: detection of version number attacks in RPL based mobile IoT using Q-learning. Ad Hoc Netw. 142, Art. no. 103118 (2023) 22. M. Conti, P. Kaliyar, M.M. Rabbani, S. Ranise, SPLIT: a secure and scalable RPL routing protocol for Internet of Things (2018), in 2018 14th International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob) (2018). Art. no. 8589115

A Bibliometric Analysis and Comprehensive Overview of Security Attacks. . .

59

23. N.Z. Jhanjhi, S.N. Brohi, N.A. Malik, M. Humayun, Proposing a hybrid RPL protocol for rank and wormhole attack mitigation using machine learning (2020), in 2020 2nd International Conference on Computer and Information Sciences (ICCIS). Art. no. 9257607 24. B.H. Patel, P. Shah, RPL routing protocol performance under sinkhole and selective forwarding attack: experimental and simulated evaluation. TELKOMNIKA (Telecommu. Comput. Electron. Control) 18(4), 1849–1856 (2020) 25. K. Prathapchandran, T. Janani, A trust aware security mechanism to detect sinkhole attack in RPL-based IoT environment using random forest–RFTRUST. Comput. Netw. 198, 108413 (2021) 26. F. Ahmed, Y.B. Ko, Mitigation of black hole attacks in routing protocol for low power and lossy networks. Secur. Commun. Netw. 9(18), 5143–5154 (2016) 27. D. Airehrour, J. Gutierrez, S.K. Ray, A trust-aware RPL routing protocol to detect blackhole and selective forwarding attacks. J. Telecommun. Digit. Econ. 5(1), 50–69 (2017) 28. S. Murali, A. Jamalipour, A lightweight intrusion detection for sybil attack under mobile RPL in the internet of things. IEEE Internet Things J. 7(1), 379–388 (2019) 29. D. Airehrour, J. Gutierrez, S.K. Ray, Securing RPL routing protocol from blackhole attacks using a trust-based mechanism, in 2016 26th International Telecommunication Networks and Applications Conference (ITNAC) (IEEE, Piscataway, 2016), pp. 115–120 30. J. Foley, N. Moradpoor, H. Ochenyi, Employing a machine learning approach to detect combined internet of things attacks against two objective functions using a novel dataset. Secur. Commun. Netw. 2020, Art. no. 2804291 (2020) 31. C. Pu, Sybil attack in RPL-based internet of things: analysis and defenses. IEEE Internet Things J. 7(6), 4937–4949 (2020) 32. A.O. Bang, U.P. Rao, A novel decentralized security architecture against sybil attack in RPLbased IoT networks: a focus on smart home use case. J. Supercomput. 77(12), 13703–13738 (2021) 33. F. Medjek, D. Tandjaoui, I. Romdhani, N. Djedjig, Security threats in the internet of things: RPL’s attacks and countermeasures, in Security and Privacy in Smart Sensor Networks (2018), pp. 147–178 34. A. Alazab, A. Khraisat, S. Singh, S. Bevinakoppa, O.A. Mahdi, Routing attacks detection in 6LoWPAN-based Internet of Things. Electronics 12(6), Art. no. 1320 (2023) 35. S.M. Muzammal, R.K. Murugesan, N.Z. Jhanjhi, A comprehensive review on secure routing in Internet of Things: mitigation methods and trust-based approaches. IEEE Internet Things J. 8(6), Art. no. 9223748, 4186–4210 (2021) 36. K. Ahmadi, R. Javidan, Trust based IOT routing attacks detection using recurrent neural networks, in 2022 Sixth International Conference on Smart Cities, Internet of Things and Applications (SCIoT), pp. 1–7 (IEEE. 2022) 37. M. Nikravan, A. Movaghar, M. Hosseinzadeh, A lightweight defense approach to mitigate version number and rank attacks in low-power and Lossy Networks. Wireless Pers. Commun. 99(2), 1035–1059 (2018) 38. A.D. Seth, S. Biswas, A.K. Dhar, Mitigation technique against network isolation attack on RPL in 6LoWPAN network (2021), in TENCON 2021 – 2021 IEEE Region 10 Conference (TENCON), pp. 68–73 39. S. Rabhi, T. Abbes, F. Zarai, IoT routing attacks detection using machine learning algorithms. Wireless Pers. Commun. 128(3), 1839–1857 (2023)

Part II

Artificial Intelligence in the Internet of Things Applications

Overview of Security Challenges in Wireless IoT Infrastructures for Autonomous Vehicles Neeli R. Prasad

, Birger Andersen

, and Daniel K. Rubin-Grøn

1 Introduction The development and testing of self-driving vehicles, also known as autonomous vehicles (AVs), have been ongoing for over a decade, with companies like Waymo, a subsidiary of Alphabet Inc., leading the charge. Despite the progress made, there are still several challenges that need to be addressed, particularly in regard to safety, security, and regulation. One of the main concerns surrounding AVs is the lack of standards and local/global regulations. This absence of clarity and consistency makes it difficult to ensure the safety and security of these vehicles, as well as the data they collect and transmit. Additionally, the use of wireless Internet of Things (IoT) connectivity in AVs raises a number of security concerns, as it provides a potential entry point for cyberattacks. To address these challenges, it is essential to establish a comprehensive framework for the security and privacy of AVs. This framework should include robust policies and governance structures to ensure that the technology is developed and deployed in a responsible and secure manner. Moreover, it is crucial to address

Work was supported by grant from Center for Cybersikkerhed, part of Danish Defense. N. R. Prasad () SmartAvatar B.V., Delft, The Netherlands e-mail: [email protected] B. Andersen () · D. K. Rubin-Grøn DTU Engineering Technology, Technical University of Denmark, Copenhagen, Denmark e-mail: [email protected]; [email protected] © The Author(s), under exclusive license to Springer Nature Switzerland AG 2024 K. P. Tran et al. (eds.), The Seventh International Conference on Safety and Security with IoT, EAI/Springer Innovations in Communication and Computing, https://doi.org/10.1007/978-3-031-53028-9_5

63

64

N. R. Prasad et al.

the issue of wireless connectivity and ensure that the data transmitted via wireless networks is protected from unauthorized access and manipulation. In this chapter, we will explore the challenges surrounding the security and privacy of AVs and discuss potential solutions for addressing them. We will also examine the importance of establishing clear standards and regulations for the development and deployment of AVs, as well as the need for ongoing research and development to ensure that these vehicles remain safe and secure as they become increasingly integrated into our transportation systems.

1.1 Autonomous Vehicle (AV) Challenges for Inner City Deployment Autonomous vehicles (AVs) are being tested in San Francisco since 2016, and while they have shown promise in providing a safer and more convenient transportation option, they also face significant security challenges. The complexity of navigating tight spaces and interacting with pedestrians, cyclists, and other vehicles in hightraffic areas is a major concern, as is the potential for hacking and cyberattacks. As AVs become more widespread, they present a potentially attractive target for hackers and cybercriminals. The consequences of a successful attack could be severe, ranging from theft of personal data to compromise of public safety. It is crucial that AV companies continue to prioritize security and safety as they develop and deploy their technology to ensure the trust and confidence of the public. Waymo has reported that its AVs have driven over 100,000 miles in San Francisco without being involved in any accidents. While this is a significant achievement, it is important to note that the safety and security of AVs is not a one-time goal, but rather an ongoing process that requires continuous attention and improvement. As AVs continue to evolve and become more integrated into our transportation systems, it is essential that security remains a top priority.

1.2 Many Openings for Hackers The evolution of vehicles has transformed them into sophisticated software-defined systems, with millions of lines of code governing their operations. This shift has enabled advanced autonomous features and enhanced passenger experience, but it has also introduced new vulnerabilities that can be exploited by hackers. Modern vehicles can no longer be perceived as just mechanical systems, now with million lines of code in the overall architecture, higher than a modern operating system or a Boeing 757, as they are shown in Fig. 1 [1]. The connectivity and computerization of vehicles have created opportunities for cyberattacks, which can compromise both passenger safety and road safety.

Overview of Security Challenges in Wireless IoT Infrastructures for. . .

65

Fig. 1 Comparison of smart devices and line of codes [3]

In 2015, security researchers demonstrated the potential for remote hijacking of a Chrysler Jeep Cherokee, exploiting vulnerabilities in the UConnect system. Security researchers Charlie Miller and Chris Valasek took control of a Chrysler Jeep Cherokee traveling at high speeds on the interstate and forced it to come to a stop in the middle of traffic [2]. Similarly, flaws in Volkswagen’s Remote Keyless Entry system were discovered, allowing attackers to unlock vehicles [3]. The Keen Security Lab also demonstrated the ability to remotely hijack the brakes of a Tesla Model S and identified vulnerabilities in BMW vehicles that could allow attackers to access the Controller Area Network (CAN) bus and send illegitimate messages [4, 5] These incidents highlight the potential for cyberattacks on vehicles, which can have serious consequences for safety. Other types of attacks, such as blinding cameras, relaying light pulses against LiDAR (Light Detection and Ranging), and relaying radio pulses against radar, can also compromise safety and are worth further investigation [6]. In light of these risks, it’s essential for manufacturers to prioritize cybersecurity in the design, development, and deployment of software-defined vehicles. This includes implementing robust security protocols, regularly updating software, and addressing vulnerabilities promptly. By taking a proactive approach to cybersecurity, manufacturers can help protect passengers, pedestrians, and the surrounding infrastructure from potential cyber threats. The sensors on a vehicle’s exterior are vulnerable to various types of attacks that can compromise their accuracy from a distance. Examples of such attacks include blinding cameras, disrupting LiDAR (Light Detection and Ranging) with light pulses, and interfering with radar using radio pulses [7]. These attacks have the potential to significantly impact safety, but they fall outside the scope of this chapter.

66

N. R. Prasad et al.

1.3 Outdated Law and Regulations The legal landscape for autonomous driving has not yet been fully updated globally, with many countries still grappling with outdated regulations that were written before the advent of autonomous technology. For example, in Germany, the Vienna Convention, which dates back to 1968, requires drivers to maintain control over their vehicles at all times. This poses a challenge for the deployment of autonomous vehicles, which rely on software and sensors to make decisions about steering, acceleration, and braking. In the United States, the National Highway Traffic Safety Administration (NHTSA) has issued guidelines for the development and deployment of autonomous vehicles, but these guidelines are not binding and do not provide a clear legal framework for the technology. Additionally, many states have their own laws and regulations regarding autonomous vehicles, which can create confusion and uncertainty for manufacturers and users. In recent years, there have been efforts to update laws and regulations to accommodate autonomous vehicles. For example, in 2020, the European Union adopted a new directive on the approval of vehicles with automated driving systems, which sets out safety and security requirements for autonomous vehicles. Similarly, in the United States, the NHTSA has proposed new rules for the development and deployment of autonomous vehicles, which would require manufacturers to submit their vehicles for testing and certification before they can be sold to the public. However, despite these efforts, many experts argue that the legal framework for autonomous vehicles is still inadequate. For example, there are still questions about who is liable in the event of an accident involving an autonomous vehicle – the manufacturer, the owner, or the driver? There are also concerns about the potential for hacking and cyberattacks on autonomous vehicles, which could have serious safety and security implications. Overall, while there have been some efforts to update laws and regulations for autonomous vehicles, there is still much work to be done to create a clear and comprehensive legal framework that can accommodate the rapidly evolving technology of autonomous driving.

1.4 Moral and Ethical Dilemma The development of AVs has raised complex moral and ethical dilemmas, particularly in situations where accidents are unavoidable. For instance, should an AV prioritize the safety of a child over that of a senior citizen? This difficult decisionmaking process has sparked intense debate among experts, policymakers, and the general public. The software-defined vehicle architecture for AVs represents a fusion of autonomous systems and smart IoT technologies. This integration of

Overview of Security Challenges in Wireless IoT Infrastructures for. . .

67

robotics, artificial intelligence (AI), autonomous systems, and information and communication technologies (ICT) has the potential to revolutionize the transportation industry. However, it also introduces novel ethical challenges that must be addressed. Unlike connected vehicles, which are primarily concerned with communication and data exchange between vehicles and infrastructure, AVs must grapple with the moral and ethical implications of their decision-making processes. The ethical requirements for AVs, also known as “ethical machines,” will add to the already lengthy list of cybersecurity challenges and concerns. The potential for hackers to manipulate the logic of these ethical machines poses a significant threat to national security and societal well-being. If hackers were to compromise the ethical decision-making processes of AVs, the consequences could be catastrophic, leading to a loss of public trust and potentially devastating societal and economic impacts. Therefore, it is crucial to develop robust cybersecurity measures that can protect the ethical decision-making processes of AVs from tampering and manipulation. This requires a comprehensive approach that addresses the ethical, legal, and technical aspects of AV development, ensuring that these vehicles are not only safe and efficient but also ethical and responsible.

1.5 Data Ownership and Data Theft The increasing connectivity of autonomous and connected vehicles will result in an explosion of data volumes, presenting new challenges for the automotive industry. In accordance with the European General Data Privacy Regulations (GDPR), drivers and users of autonomous vehicles (AVs) must be able to decide who receives their data and have the ability to easily withdraw consent. However, this introduces additional layers of security challenges to protect against data theft. The automotive industry recognizes the value of data, with the phrase “data is the new oil” highlighting its importance. To ensure the security of software-defined vehicles, potential vulnerabilities in the communications and data systems must be identified. There are two primary areas of concern: • Personal data theft from the on-board infotainment system • Physical car theft and losing control of the driving system Theft target data types might include the following motives: (1) ransom and extortion, (2) denial-of-service, (3) impersonation and cloning, (4) cyber warfare and cyber terrorism to cause mistrust in AVs (hackers/rogue nations), (5) exposure to personal data, such as contact details, home address, and calendar, (6) unauthorized access to Intellectual Property Rights (IPR), (7) damage to brand reputation of a company, and (8) unauthorized remote manipulation of system safety.

68

N. R. Prasad et al.

The automotive industry must take steps to protect against these threats and risks, ensuring the security and privacy of data in software-defined vehicles. This requires a comprehensive approach that addresses the ethical, legal, and technical aspects of data collection and management in AVs. By prioritizing data security and privacy, the industry can build trust in AVs and ensure their safe and efficient operation.

1.6 Liability and Risk Model The development and implementation of autonomous vehicles (AVs) is expected to bring about a significant reduction in the risk of vehicle accidents. However, the question of liability and responsibility in the event of an accident remains a concern. NHTSA has reported that while AVs will likely reduce the risk of accidents, they will not entirely eliminate them. This raises questions about who will be held responsible in the event of an accident, and how liability will be distributed among the various stakeholders. One potential scenario is that the personal auto insurance industry will evolve to accommodate the changes brought about by AVs. The role of the personal auto insurer may shift, with the financial protection provided by these insurers potentially shifting to original equipment manufacturers (OEMs), infrastructure providers, and/or a government solution that facilitates cooperation among all stakeholders. Another possibility is that the personal lines auto insurance industry may become obsolete, as NHTSA predicts a dramatic drop in costs related to vehicle accidents. In the context of AVs, liability and responsibility become increasingly complex, with multiple parties potentially involved in the event of an accident. For example, when a vehicle is in autopilot mode on the road, the car-maker may be held liable. However, there are still many open questions regarding liability and responsibility, such as who is responsible for errors, and how costs will be distributed among the various parties involved. This chapter is organized into several sections, beginning with Sect. 2, which discusses the work related to AVs and wireless IoT infrastructure. Section 3 presents security challenges and threats, while Sect. 4 focuses on 5G as IoT infrastructure for AVs. Finally, Sect. 5 concludes with future scope.

2 Autonomous Vehicles and Wireless IoT Infrastructure While autonomous vehicles (AVs) may still be years away from widespread adoption, connected cars are already a reality. Modern automobiles are increasingly equipped with a range of sensors and onboard computing systems, which are focused on three main areas: vehicle location, driver behavior, and engine diagnostics; vehicle-to-everything (V2X) communication; and the vehicle’s occupants

Overview of Security Challenges in Wireless IoT Infrastructures for. . .

69

such as infotainment systems. These systems utilize cellular technology, including 5G, to enable seamless communication. As with any emerging technology, there are competing standards for V2X communication, which pose a challenge for the industry. However, the adoption of 5G technology is expected to play a critical role in the development of autonomous vehicles, as it offers high-speed data transfer, low latency, and a high number of connected devices. This will enable vehicles to communicate with each other and their surroundings in real time, enhancing safety and efficiency on the roads. The integration of wireless IoT infrastructure in vehicles is also becoming more prevalent, with systems such as vehicle-to-vehicle (V2V) and vehicle-toinfrastructure (V2I) communication being developed. These systems use wireless networks to share data between vehicles and infrastructure, such as traffic lights, enabling a more efficient and safe flow of traffic.

2.1 Vehicle-to-Everything (V2X) Communication Emerging technologies such as vehicle-to-everything (V2X) communication via IEEE 802.11p (also known as dedicated short-range communications (DSRC)) and Cellular 4G/5G V2X (C-V2X) are poised to significantly enhance vehicle safety, reduce accidents and fatalities, decrease CO2 emissions for non-electric vehicles, and improve overall vehicle efficiency (see Fig. 2). V2X communications offer a notable advantage over traditional sensor-based systems by extending beyond line of sight (LoS) limitations. This enables vehicles to communicate with each other and their surroundings in a wider range of scenarios, including vehicle collision warnings, speed limit alerts for speed-breakers and pedestrians, electronic parking, toll payments, and more, even when they are not directly within each other’s line of sight. While the benefits of V2X communications to humans, the environment, industry, and society will be substantial, it is crucial to address the potential vulnerabilities to cyber intrusion attacks. Hackers could exploit vulnerabilities in the spectrum and vehicles, manipulating or deleting incoming and outgoing data, including critical warnings. The consequences of such an attack could be devastating, particularly during peak hours or other high-traffic times. Crashes can cause significant traffic delays and potential injuries and deaths, and a coordinated attack could amplify these negative effects exponentially. Therefore, it is essential to ensure the security and integrity of V2X communications to prevent such scenarios and ensure the safety of road users. There are several open challenges and threats that need to be addressed in the context of autonomous vehicles (AVs): 1. New threats in AVs: What are the differences between these threats and those that have occurred in other areas of cyberspace?

70

N. R. Prasad et al.

V2I - Vehicle-to-Infrastructure. Alerts vehicles to traffic lights, traffic congestion, road conditions, etc.

V2D - Vehicle-to-Device. Vehicles communicate with cyclists’ V2D device and vice versa.

V2H - Vehicle-to-Home. Vehicles will act as supplement power supplies to the home.

V2I

V2P

V2V

V2D V2G

V2H

V2G - Vehicle-to-Grid. Smart grid controls vehicle charging and return electricity to the grid.

V2V - Vehicle-to-Vehicle. Alerts one vehicle to the presence of another. Cars “talk” using 5G C-V2X or DSRC technology. V2P - Vehicle-to-Pedestrian. Car communication with pedestrian with approaching alerts and vice versa.

Fig. 2 V2X Communications. (https://medium.com/datadriveninvestor/is-5g-friend-or-foe-forautonomous-vehicle-72ee70800031)

2. Attack vectors on AVs: How can AVs be attacked, and what are the potential vulnerabilities that need to be addressed? 3. Security and privacy mechanisms for AVs: What mechanisms can be put in place to ensure the security and privacy of AVs and their passengers? 4. Risk management in AVs: How can the risks associated with AVs be defined, controlled, and mitigated? 5. Remote hijacking of AVs: Is it possible to remotely hijack an autonomous car’s electronics with the intention of causing a crash? 6. Data privacy in AVs: Can the data stored on-board AVs be unlocked or compromised, and what are the privacy implications? 7. Trust and privacy in AVs: How can the trust and privacy of passengers in AVs be ensured? 8. Secure channels in V2V connections for AVs: Are there any secure channels in V2V connections for AVs, and how can they be utilized to ensure secure communication between vehicles?

3 Security Challenges and Threats To create a comprehensive attacker model and identify potential vulnerabilities, it’s essential to recognize various threats that can compromise the security of autonomous vehicles. These threats include: • Radio Channel Attacks: Attackers can exploit vulnerabilities in the radio channel used for vehicle-to-vehicle (V2V) communication, potentially disrupting or manipulating the transmission of critical information. • In-Vehicle Attacks: Attackers can target vulnerabilities in telematics control units (TCUs), electronic control units (ECUs), and other internal control systems,

Overview of Security Challenges in Wireless IoT Infrastructures for. . .

71

potentially allowing them to manipulate the vehicle’s behavior or steal sensitive information. • Message Tampering: Attackers can intercept and alter messages transmitted between vehicles, leading to incorrect or misleading information being received by the vehicle’s control system. This can cause the vehicle to react in unintended ways, leading to accidents or near-misses. • Spoofing: Attackers can create fake messages that appear to come from legitimate sources, causing confusion and instability in the autonomous vehicle system. This can lead to accidents or other negative consequences. • Radio Jamming: Attackers can disrupt V2V communication by jamming the radio signals, leading to a denial-of-service (DoS) attack and potentially causing instability or inefficiency in the autonomous vehicle system. Addressing these security challenges and threats is crucial to ensuring the safe and reliable operation of autonomous vehicles.

3.1 Cyberattacks and Vulnerabilities The integration of autonomous vehicles (AVs) with other vehicles and infrastructure in cyber-physical systems increases the attack surface, elevating the risk of exploitation. AVs’ cyber-physical systems have vulnerabilities that can be exploited through three primary entry points [8]: 1. In-vehicle systems, including sensors, software, and in-vehicle networks 2. V2X communication networks 3. Supporting digital infrastructure Vulnerabilities in vehicular communications can be categorized into four challenges: 1. Connectivity: Vehicles’ external connectivity is increasing, but it’s still limited, and software updates are not yet feasible through over-the-air (OTA). With the possibility of OTA becoming standard, vehicles will still be vulnerable to malfunctions and cyberattacks due to incomplete updates. 2. Computational performance: Vehicles’ computational performance is limited compared to computers, due to their long lifetime and exposure to harsh environmental conditions. This makes them more susceptible to hacking. Moreover, few vehicular cybersecurity solutions will be feasible due to the high overhead. 3. Attack scenarios and threats: Vehicular architecture is vulnerable to various attack entry points, including vehicular databases and remote communication technologies. The constant development of new attacks means that it’s difficult to predict where hackers will strike next. Unsecured products manufactured by OEMs provide hackers with additional access to vehicles. 4. Risk to human life: A single misinformed sensor or a small number of illegitimate messages can create a critical risk for drivers, passengers, and pedestrians.

72

N. R. Prasad et al.

Vehicle malfunctions can endanger human lives, making it crucial to address these vulnerabilities. To mitigate these risks, it’s essential to implement robust cybersecurity measures, such as encryption, secure communication protocols, and intrusion detection systems. Regular software updates and security patches can also help to address vulnerabilities. Additionally, manufacturers should prioritize security when designing vehicles and ensure that their products are secure by design. By taking a proactive approach to cybersecurity, we can minimize the risks associated with autonomous vehicles and ensure the safety of drivers, passengers, and pedestrians.

3.2 AV Communication Security The communication layer of autonomous vehicles (AVs) consists of both internal and external communication, which are crucial for the vehicle’s operations and safety. Internal communication occurs within the in-vehicle network, also known as the automotive network or intra-vehicle network. However, this network is vulnerable to cyberattacks, as illustrated in Fig. 3. To address these threats, the communication layer must meet specific security requirements, including confidentiality, integrity, availability, non-repudiation, digital privacy, real-time constraints, and flexibility. • Confidentiality: Confidentiality is a critical aspect of privacy that ensures that sensitive information is not disclosed to unauthorized parties. In the context of autonomous vehicles, confidentiality is essential to protect the personal information of passengers, such as their location, destination, and travel history.

Internet/ PSTN

Vehicle to Vehicle Communication

Airbag Control Unit Engine Control Unit Telematics Transmission Control Unit Body Controller Locks/Lights/Etc Radio

TPMS Antilock Braking System

OBD-II

AntiTheft

Keyless Entry HVAC

Fig. 3 Potential targets for in-vehicle cyberattack. (https://medium.com/self-driving-cars/ autonomous-security-564571bf6373)

Overview of Security Challenges in Wireless IoT Infrastructures for. . .

73

– For example, imagine a scenario where an autonomous vehicle is transporting a passenger to a confidential business meeting. The passenger’s location and destination data must be kept confidential to prevent unauthorized access or exploitation. If the vehicle’s systems are not designed with confidentiality in mind, an attacker could potentially intercept and access this sensitive information, compromising the passenger’s privacy and potentially putting them in harm’s way. • Integrity: Integrity is another important aspect of privacy that ensures that personal information is not tampered with or modified without authorization. In the context of autonomous vehicles, integrity is crucial to ensure that the vehicle’s systems and data are not compromised by malicious actors. – For example, imagine a scenario where an autonomous vehicle’s software is updated with a malicious patch that modifies the vehicle’s behavior. The patch could potentially cause the vehicle to misbehave or compromise the safety of its occupants. If the vehicle’s systems are not designed with integrity in mind, it could be difficult to detect and mitigate such attacks. • Availability: Availability is a critical aspect of privacy that ensures that personal information and systems are accessible and usable when needed. In the context of autonomous vehicles, availability is essential to ensure that the vehicle is always available and accessible to its occupants. – For example, imagine a scenario where an autonomous vehicle’s systems are compromised by a cyberattack, rendering the vehicle inoperable. If the vehicle’s systems are not designed with availability in mind, the occupants may be stranded or unable to access the vehicle when needed. • Non-repudiation: Non-repudiation is a critical aspect of privacy that ensures that individuals cannot deny their actions or involvement in a particular activity. In the context of autonomous vehicles, non-repudiation is essential to ensure that the vehicle’s occupants cannot deny their involvement in a particular trip or journey. – For example, imagine a scenario where an autonomous vehicle is involved in a traffic accident. If the vehicle’s systems are not designed with non-repudiation in mind, the occupants may be able to deny their involvement in the accident, potentially leading to legal and insurance complications. • Digital privacy: Digital privacy is a critical concern in the context of autonomous vehicles, as they collect and process vast amounts of personal data, including location information, travel history, and biometric data. To address this concern, a security architecture for autonomous vehicles must incorporate measures to protect the privacy of passengers and their personal information. – For example, imagine a scenario where an autonomous vehicle manufacturer is designing a new vehicle model. If the manufacturer incorporates privacy by design principles into the design process, they can ensure that the vehicle’s

74

N. R. Prasad et al.

systems and data are designed with privacy in mind, potentially reducing the risk of privacy breaches and other issues. • Real-time communication constraints: Real-time communication constraints are another important consideration in the context of autonomous vehicles, as they must be able to communicate with other vehicles and infrastructure in real time in order to operate safely and efficiently. • Communication flexibility: a security architecture for autonomous vehicles must provide flexible means of communication to accommodate the diverse range of communication protocols and systems used by different vehicles and infrastructure.

3.3 In-Vehicle Security Threats In-vehicle communication is a critical aspect of modern automotive systems, enabling the exchange of messages between Electronic control units (ECUs), infotainment systems, and telematics systems. This communication takes place through various bus systems, such as the controller area network (CAN) bus, which is widely used in vehicles. However, this communication environment also presents potential threats, such as message spoofing, response collision, eavesdropping, jamming, traffic confidentiality, and integrity issues. • Masquerading attack: One type of threat is masquerading, where an attacker poses as a legitimate node to gain unauthorized access to the in-vehicle network. This can be achieved by exploiting vulnerabilities in the CAN bus system, as identified by Liu et al. [9] and Choi et al. [10]. • Eavesdropping attack: Another type of threat is eavesdropping, where an attacker intercepts and listens to vehicular messages. This can be done by connecting a device to the OBD-II port, which allows access to the in-vehicle network. • Injection attack: Injection attacks are also a concern, where an attacker injects fake messages into the automotive bus system through the OBD-II port. This can compromise the integrity of the in-vehicle network, including ECUs, infotainment systems, and telematics systems. Traditional CAN bus systems do not authenticate messages, making it difficult to distinguish between legitimate and illegitimate frames. • Replay attack: Replay attacks are another type of threat, where an attacker repeatedly sends valid frames to disrupt the vehicle’s real-time functioning. This can be accomplished by using a device that can capture and replay messages. • Bus-off attack: Bus-off attacks are also possible, where an attacker continually sends bits in both the identifier field and other fields, causing the ECU’s transmit error counter to increment. This can lead to the failure of the in-vehicle network. • Denial of Service (DoS) attack: DoS attacks are another concern, where an attacker continuously sends high-priority messages that can block legitimate lowpriority messages. This can be achieved by assigning the identifier segment a low

Overview of Security Challenges in Wireless IoT Infrastructures for. . .

75

value, which gives the attacker’s messages high priority status. DoS attacks can be used as a means to conduct control override attacks, allowing attackers to take control of the vehicle. Other types of cyberattacks that can affect in-vehicle communication include application-layer attacks, message falsification, network layer attacks, system layer attacks, radio jamming, eavesdropping, and more. These attacks can compromise the safety and security of the vehicle and its occupants, highlighting the need for robust security measures to protect in-vehicle communication systems.

4 5G as IoT Infrastructure 5G is considered a crucial component in the development and deployment of AVs. 5G offers several advantages that make it an ideal choice for AVs, including high bandwidth, low latency, and high reliability [11]. These features enable AVs to access edge computing services, which support V2X information exchange, local and global services, and assist in autonomous safe driving. Additionally, 5G provides the necessary infrastructure for entertainment and news services [12]. However, as with any emerging technology, 5G is not immune to security threats. Several attacks against 5G have been identified and analyzed in the literature [13]. For instance, researchers have identified potential vulnerabilities in the 5G Radio Access Network (RAN) that could be exploited by attackers to disrupt communication between vehicles and infrastructure. Other attacks, such as those targeting the 5G core network, could allow malicious actors to intercept and manipulate data transmitted between vehicles and the edge computing platform. To address these security concerns, it is essential to implement robust security measures that can protect 5G networks and the data transmitted over them. This includes deploying advanced encryption techniques, such as quantum-resistant algorithms, to safeguard data privacy and integrity. Moreover, intrusion detection and prevention systems should be integrated into 5G networks to detect and mitigate potential attacks in real time. In addition to securing the 5G network itself, it is equally important to ensure that the data transmitted between vehicles and the edge computing platform is secure. This can be achieved by implementing secure communication protocols, such as mutual authentication and secure key exchange, to protect against eavesdropping and data tampering. Furthermore, data transmitted between vehicles and the edge computing platform should be encrypted to prevent unauthorized access. In conclusion, 5G is a critical component in the development and deployment of autonomous vehicles. While it offers many advantages, it is essential to address the security concerns surrounding 5G networks to ensure the safe and reliable operation of AVs.

76

N. R. Prasad et al.

4.1 5G Security Challenges Is 5G secure and resistant to all the attacks on 2G, 3G, 4G reported in the past? Unfortunately, this is not the case, at least not for the current 5G phase 1 architecture (the non-standalone architecture) where several vulnerabilities have been identified, among these: • GUTI disclosure – Global Unique Temporary Identifier is a temporary identifier replacing International Mobile Subscriber Identity (IMSI) and is supposed to solve the IMSI disclosure problem known from generations before 5G which allows for device tracking and traffic analysis. However, GUTI is not changed frequently and therefore still allows for tracking and traffic analysis [14]. • Weak authentication – While 5G-AKA is an improvement over previous generations’ AKA protocols, there are still issues if roaming from older generations happens, the worst case being if authentication takes place in 2G network and device roams upward. No new authentication is enforced, and the device becomes vulnerable to fake base stations, which means that tracking and traffic analysis become possible if identity was disclosed to 2G fake base station [14]. • Fingerprinting – 5G and previous generations are all vulnerable to traffic analysis which can fingerprint the device’s network consumption patterns simply by monitoring channels, and this way track devices from one monitoring device to the next. Even if a device escapes attack area, it can be tracked again when returning to an attack area. Also, traffic analysis will be possible [15]. • Jamming of control channel – Primary synchronization signal (PSS) and secondary synchronization signal (SSS) may easily be jammed by synchronizing jammer to cell in time. Even more efficient is to transmit fake signals on the control channel since it allows for low signal-to-noise ratio (SNR). In this case, a jammer/transmitter will in many cases need much less power to bring SNR below acceptable level. This may cause DoS. Also jamming of the Physical Broadcast Channel (PBCH) may cause DoS [16]. We see that 5G fronthaul in phase 1 architecture allows for severe attacks against privacy and availability. When being out of coverage by 5G, the threats will just become more. Solutions could be frequent change of GUTI, authentication enforcement when roaming to 5G, randomization not allowing fingerprinting; and for jamming, to investigate mitigation and detection strategies. A mitigation could be jumping to 4G, reinitiate data connection, or switch to other mobile operator which has other set of radio channels. The distributed 5G IP core is based on Software Defined Networks (SDN) and Network Function Virtualization (NFV) where functions are cloud deployed. The main challenge is that whole network could become compromised in case the hypervisor could be hijacked [17]. Also, Virtualized Infrastructure Manager (VIM) is an attack target, even if zones are deployed [18], all together leading to the threats listed in Table 1. If attacks are effectuated, most will lead to DoS, reduced bandwidth, or malfunctioning services. They could also lead to access to

Overview of Security Challenges in Wireless IoT Infrastructures for. . .

77

Table 1 NFV/SDN security threats [19] Security threat DoS attack Hijacking attacks Signaling storms Resource (slice) theft Saturation attacks Penetration attacks TCP level attacks Man-in-the-middle attack

Target point/network element Centralized control elements SDN controller, hypervisor 5G core network elements Hypervisor, shared cloud resources SDN controller and switches Virtual resources, clouds SDN controller-switch communication SDN controller-communication

Table 2 Potential solutions Security technology DoS, DDoS detection [20, 21] Configuration verification [22, 23] Access control [24–26] Traffic isolation [27] Link security [28–30]

Primary focus Security of centralized control points Flow rules verification in SDN switches Control access to SDN and core network elements Ensures isolation for VNFs and virtual slices Provide security to control channels

confidential data or injection of data if not carefully protected at application layer by, e.g., TLS or DTLS. To address these challenges, it is important to implement robust security measures, such as encryption and secure authentication protocols, and to regularly update and upgrade the network infrastructure. Additionally, network operators should monitor their networks for suspicious activity and implement mitigation strategies to protect against known vulnerabilities. Table 2 lists potential solutions, which have, however, not yet been added to the standards. We conclude that also 5G backhaul in phase 1 architecture allows for severe attacks and that there is a lot to be done. Some potential solutions have been proposed and will hopefully be implemented by coming standards – or by initiatives of 5G operators and industry.

4.2 Threats to AVs in 5G Perspective AVs depend on services, in most cases, delivered over cellular networks like 5G. Most important edge computing and cloud services potentially delivered to AVs are [31]: • V2X communication/services which may be anything of importance to safe driving and route planning

78

N. R. Prasad et al.

• High-definition maps for accurate driving and routing are cached but will need updates and downloads from local repository while driving. They will include charging points. • Actual traffic information, such as jam, accidents, road maintenance, road controls, temporary speed limits, parking lots, charge station vacancy, from local repository affecting driving and routing. • Actual weather information such as rainfall, snowfall, slippery roads, which may be critical for adjustment of speed and distance to other vehicles and pedestrians. • Distribution of software updates which may be critical for driving safety and software security. • Direct driving assistance for complex situations needing access to additional data and computing power, perhaps manual assistance. AV will in general stop driving and wait, perhaps creating traffic jam. • Distribution of knowledge for the AV AI engine to improve local decision power and safety of driving – and reduce the need of direct driving assistance. • Upload of observations such as traffic jam, accidents, etc., to repository to assist driving and route planning of other AVs. • Upload of AV sensor data for predictive maintenance of the AV. Essentially the risk is that services can become unavailable or get much increased response time. We assume communication will be protected by, e.g., TLS or DTLS, at application layer and that leaves us with tracking of the AV as additional risk. Will the AV still be driving safely? That depends on the design and how frequently the AV will need assistance by edge computing and cloud services. In [32] are presented arguments for AV edge computing for optimal safety. Major challenges are computing power and storage needs. However, there can be current local information the AV cannot get if 5G infrastructure will be compromised, such as weather and traffic information, possibly leading to traffic jam and increased travel time and perhaps accidents in case of, e.g., snowfall and slippery roads.

4.3 Initiatives to Improve Protection A recent project, the EU funded 5G-CARMEN [33], addresses security issues of connected vehicles. It is agreed on the need of standardization and regulation, a process initiated by the General Safety Regulation,1 which includes protection against cybersecurity attacks related to vehicles. Regulation requires vehicles to be approved from July 2022 to become registered in EU countries. However, the specific requirements are being developed in UNECE of the World Forum for the Harmonization of Vehicle Regulations (WP.29). Also, ETSI plays an important role in standardization of security services related to V2X communication [34].

1 Regulation

(EU) 2019/2144 of the European Parliament and of the Council.

Overview of Security Challenges in Wireless IoT Infrastructures for. . .

79

5G-CARMEN proposes strong authentication of vehicle driver by means of an authentication device carried by driver communicating via Bluetooth with vehicle security system. A central communication gateway with secure boot is another component suggested by 5G-CARMEN to ensure access, and firmware updates will be allowed by only authorized sources and that malware will be detected. Threats to 5G infrastructure are however not addressed. Another project is Celtic-Next 5G-SAFE-Plus [35], which proposes sensor fusion and cybersecurity technologies to combat attacks. The main approach is multiple sensors and hybrid connectivity not to rely on a single sensor or a single wireless channel which may be attacked. Attacking multiple sensors or channels is more difficult and requires more tools and skills. We concur that the aforementioned initiatives are crucial for enhancing the safety of AVs. However, we must acknowledge that the issues surrounding 5G will persist in the coming years until the advent of 6G, which will supposedly offer improved security mechanisms. Even then, the risk of DoS attacks will still be present. Therefore, a combination of various mechanisms and technologies will be necessary to ensure the safety of AVs. One potential approach is to employ hybrid connectivity, which allows for the mitigation of DoS attacks against communication. By switching between channels and technologies with high frequency, it becomes increasingly difficult for attackers to disrupt communication. Moreover, safe offline driving capabilities must be supported, although this may lead to increased travel time. It is essential to recognize that a multi-faceted approach is necessary to address the complex challenges associated with ensuring the safety and security of AVs. By combining various mechanisms and technologies, we can create a comprehensive safety net that minimizes the risks associated with these advanced vehicles

5 Conclusions and Future Work In conclusion, this chapter has provided a comprehensive overview of the security challenges facing autonomous vehicles (AVs) and wireless IoT infrastructures. The analysis has revealed a wide range of threats and attacks that can compromise the safety and security of AVs, from the software-defined vehicle to the entire supply chain. To address these challenges, proactive management of vehicle software, security, and data protection will be crucial for successful automotive companies. Looking ahead, the future of safe vehicles will depend on the ability to keep car security technology current and adapt to evolving threats. This requires a multifaceted approach, including: 1. Defining how OEMs engage with their suppliers and broader ecosystem, and enforcing software security practices throughout the supply chain. 2. Allowing vehicle features to change and evolve as OEMs improve their technology and third-party developers extend it.

80

N. R. Prasad et al.

3. Ensuring safe driving even when V2X and 5G services are unavailable or response time is increased. To achieve these goals, cybersecurity for AVs will need to be updated more frequently than smartphones are today. Moreover, creating secure and reliable communication channels between AVs and V2X, edge computing, and cloud services and mitigating DoS attacks against communication infrastructures and services are critical challenges that must be addressed. Solutions to avoid tracking are also essential. Hybrid connectivity, which combines multiple mechanisms and technologies, is an important concept that offers numerous benefits. However, it also presents new security challenges that must be addressed. In conclusion, this chapter has demonstrated that a combination of mechanisms and technologies will be necessary to ensure the safety and security of AVs against the diverse range of threats and attacks. No single solution is sufficient, and a comprehensive approach that addresses the complex and evolving nature of cybersecurity threats is required.

References 1. M. Wolf, A. Weimerskirch, P. Christof, Security in automotive bus systems, in Proceedings of the Workshop on Embedded Security in Cars (ESCAR)’04, (2004), pp. 1–13 2. D. McCandless, Million lines of code—information is beautiful. Information is Beautiful (2015) 3. A. Greenberg, Hackers remotely kill a jeep on the highway—with me in it. WIRED (2015) 4. A. Greenberg, A new wireless hack can unlock millions of Volkswagens. WIRED (2016) 5. A. Greenberg, Tesla responds to Chinese hack with a major security up-grade. WIRED (2016) 6. KEEN Security Lab, Experimental Security Assessment of BMW Cars: A Summary Report. Technical Report, 2018, https://keenlab.tencent.com/en/whitepapers/ Experimental_Security_Assessment_of_BMW_Cars_by_KeenLab.pdf. Accessed 26 Feb 2021 7. S.B. Jakobsen, K.S. Knudsen, B. Andersen, Analysis of sensor attacks against autonomous vehicles, in Proceedings of the 8th International Conference on Internet of Things, Big Data and Security – IoTBDS, SCITEPRESS, (2023) 8. Z. El-Rewini, K. Sadatsharan, D.F.S.S.J. Plathottam, P. Ranganathan, Cybersecurity challenges in vehicular communications. Vehicular Commun. 23 (2020) 9. J. Liu, W. Sun, Y. Shi, In-vehicle network attacks and countermeasures: challenges and future directions. IEEE Netw. 31, 50–58 (2017) 10. W. Choi, K. Joo, H.J. Jo, M.C. Park, D.H. Lee, VoltageIDS: low-level communication characteristics for automotive intrusion detection system. IEEE Trans. Inf. Forensics Secur. 13, 2114–2129 (2018) 11. E. Coronado, G. Cebrian-Marquez, R. Riggio, Enabling autonomous and connected vehicles at the 5G network edge, in Proceedings of the 2020 IEEE Conference on Network Softwarization: Bridging the Gap Between AI and Network Softwarization, NetSoft 2020, (IEEE, 2020) 12. H. Wang, T. Liu, B. Kim, C.-W. Lin, S. Shiraishi, J. Xie, Z. Han, Architectural design alternatives based on Cloud/Edge/Fog computing for connected vehicles. IEEE Comm. Surv. Tutor. 22(4) (2020)

Overview of Security Challenges in Wireless IoT Infrastructures for. . .

81

13. S.A. Bjerre, M.W.K. Blomsterberg, B. Andersen, 5G attacks and countermeasures, in 2022 25th International Symposium on Wireless Personal Multimedia Communications (WPMC), (IEEE, 2023) 14. S. Behrad, E. Bertin, N. Crispi, Securing authentication for mobile networks, a survey on 4G issues and 5G answers, in 21st Conference on Innovation in Clouds, Internet and Networks and Workshops (ICIN), (IEEE, 2018) 15. R. Borgaonkar, L. Hirschi, S. Park, A. Shaik, New privacy threats on 3G, 4G, and upcoming 5G AKA protocols, in Proceedings on Privacy and Enhancing Technologies, Sciendo, (2019) 16. M. Lichtman, R. Rao, V. Marojevic, J. Reed, R.P. Jover, 5G NR jamming, spoofing, and sniffing: threat assessment and mitigation, in 2018 IEEE International Conference on Communications Workshops (ICC Workshops), (IEEE, 2018) 17. A. van Cleeff, W. Pieters, R.J. Wieringa, Security implications of virtualization: a literature study, in 2009 International Conference on Computational Science and Engineering, vol. 3, (2009), pp. 353–358 18. B. Han, S. Wong, C. Mannweiler, M. Dohler, H.D. Schotten, Security trust zone in 5G networks, in Proceedings of the 24th International Conference on Telecommunications: Intelligence in Every Form, ICT 2017, (2017) 19. I. Ahmad, T. Kumar, M. Liyanage, J. Okwuibe, M. Ylianttila, A. Gurtov, 5G security: analysis of threats and solutions, in 2017 IEEE Conference on Standards for Communications and Networking, CSCN, (2017), pp. 193–199 20. R. Braga, E. Mota, A. Passito, Lightweight DDoS flooding attack detection using NOX/OpenFlow, in 2010 IEEE 35th Conference on Local Computer Networks (LCN), (2010), pp. 408–415 21. E. Maccherani, M. Femminella, J.W. Lee, R. Francescangeli, J. Janak, G. Reali, H. Schulzrinne, Extending the NetServ autonomic management capabilities using OpenFlow, in 2012 IEEE Network Operations and Management Symposium, (2012), pp. 582–585 22. E. Al-Shaer, S. Al-Haj, FlowChecker: configuration analysis and verification of federated openflow infrastructures, in Proceedings of the 3rd ACM Workshop on Assurable and Usable Security Configuration, ser. Safe-Config ’10, (ACM, 2010), pp. 37–44 23. A. Khurshid, W. Zhou, M. Caesar, P.B. Godfrey, Veriflow: verifying network-wide invariants in real time. SIGCOMM Comput. Commun. Rev. 42(4), 467–472 (2012) 24. S. Shin, P. Porras, V. Yegneswaran, M. Fong, G. Gu, M. Tyson, FRESCO: modular composable security services for software-defined networks, in Proceedings of 20th Annual Network and Distributed Security Symposium, NDSS, (2013) 25. A.K. Nayak, A. Reimers, N. Feamster, R. Clark, Resonance: dynamic access control for enterprise networks, in Proceedings of the 1st ACM workshop on Research on enterprise networking, (ACM, 2009), pp. 11–18 26. S. Namal, I. Ahmad, A. Gurtov, M. Ylianttila, SDN based inter-technology load balancing leveraged by flow admission control, in 2013 IEEE SDN for Future Networks and Services (SDN4FNS), (2013), pp. 1–5 27. C. Schlesinger, A. Story, S. Gutz, N. Foster, D. Walker, Splendid isolation: language-based security for software-defined networks, in Proceedings of Workshop on Hot Topics in Software Defined Networking, (2012) 28. T. Dierks, The transport layer security (TLS) protocol version 1.2 (2008) 29. M. Liyanage, A. Braeken, A.D. Jurcut, M. Ylianttila, A. Gurtov, Secure communication channel architecture for Software Defined Mobile Networks. Comput. Netw. 114, 32–50., Elsevier (2017) 30. J.-H. Lam, S.-G. Lee, H.-J. Lee, Y.E. Oktian, Securing distributed SDN with IBC, in 2015 Seventh International Conference on Ubiquitous and Future Networks, (2015), pp. 921–925 31. E.-K. Lee, M. Gerla, G. Pau, U. Lee, J.-H. Lim, Internet of vehicles: from intelligent grid to autonomous cars and vehicular fogs. Int. J. Distrib. Sens. Netw. 12(9) SAGE (2016) 32. S. Liu, L. Liu, J. Tang, B. Yu, Y. Wang, W. Shi, Edge computing for autonomous driving: opportunities and challenges. Proc. IEEE 107(8) (2019)

82

N. R. Prasad et al.

33. M. Centenaro, S. Berlato, R. Carbone, G. Burzio, G.F. Cordella, S. Ranise, R. Riggio, Security considerations on 5G-enabled back-situation awareness for CCAM, in 3rd 5G World Forum (5GWF), (IEEE, 2020) 34. ETSI, Cooperative ITS (C-ITS); Release 1. TC ITS, Tech. Rep. 101 607 V1.2.1 (2020) 35. T. Ojanperä, J. Scholliers, T. Sukuvaara, I. Salkari, H. Zhang, P. Eloran-ta, 5G-enabled road safety and cybersecurity services for connected and automated vehicles, in 93rd Vehicular Technology Conference (VTC2021-Spring), (IEEE, 2021)

Explainable Transformer-Based Anomaly Detection for Internet of Things Security A. Saghir, H. Beniwal, K. D. Tran, A. Raza, L. Koehl, X. Zeng, and K. P. Tran

1 Introduction The IoT finds extensive applications across various domains, including healthcare, transportation systems, energy management, and manufacturing, as evidenced by prior research [1–4]. This technology facilitates seamless communication and data exchange among numerous interconnected devices, often requiring minimal human intervention. This connectivity offers innumerable advantages for service providers and end-users, as highlighted in the literature [3]. IoT applications have ushered in a transformative era, rendering buildings, vehicles, healthcare systems, and even entire urban environments ‘smart’ and interconnected.

A. Saghir Department of Statistics, Mirpur University of Science and Technology (MUST), Mirpur, Pakistan International Chair in DS & XAI, International Research Institute for Artificial Intelligence and Data Science, Dong A University, Danang, Vietnam H. Beniwal Indian Institute of Technology Gandhinagar, Gandhinagar, Gujarat, India International Chair in DS & XAI, International Research Institute for Artificial Intelligence and Data Science, Dong A University, Danang, Vietnam K. D. Tran () International Chair in DS & XAI, International Research Institute for Artificial Intelligence and Data Science, Dong A University, Danang, Vietnam e-mail: [email protected] A. Raza · L. Koehl · X. Zeng · K. P. Tran University of Lille, ENSAIT, ULR 2461 - GEMTEX - Génie et Matériaux Textiles, Lille, France International Chair in DS & XAI, International Research Institute for Artificial Intelligence and Data Science, Dong A University, Danang, Vietnam © The Author(s), under exclusive license to Springer Nature Switzerland AG 2024 K. P. Tran et al. (eds.), The Seventh International Conference on Safety and Security with IoT, EAI/Springer Innovations in Communication and Computing, https://doi.org/10.1007/978-3-031-53028-9_6

83

84

A. Saghir et al.

However, the increasing complexity of IoT infrastructures has given rise to unwelcome vulnerabilities within these systems. Security breaches and anomalies have become commonplace in IoT devices, necessitating innovative approaches to data analytics within the constraints of limited computational resources. One such approach is anomaly detection (AD), also known as outlier or event detection, which solely focuses on identifying unusual states within the system. AD algorithms play a vital role in monitoring incoming data traffic at various stages, from the IoT network to data centers, as established by the existing literature [5]. AD is a method employed to identify irregularities within IoT data, occurrences that are infrequent but possess the potential to yield crucial insights across various sectors, including manufacturing, energy, and traffic management. In IoT, AD serves diverse purposes, such as detecting insider trading within the betting and gambling sector by analyzing trade activity patterns [6] or ensuring production safety in industrial machinery applications [7]. Most AD techniques in the IoT domain entail substantial human involvement and customization to cater to localized requirements. In theory, anomalies are conceptually straightforward, and domain experts can identify anomalous data with adequate time and scrutiny. However, developing automated AD models within an IoT environment poses several challenges. Accurately defining and categorizing all forms of anomalous data can be arduous, mainly when labeled training data is partially available or completely absent. Furthermore, various domains witness the constant evolution of the concept of normal behavior. An illustrative example is the change in household occupancy, which leads to fluctuations in electricity demand [6]. Additionally, data often contains inherent noise or irregularity, and when the signal-to-noise ratio is significantly low, the noise magnitude can closely resemble simple genuine anomalies. The complexity of the AD task escalates as the number of interconnected systems proliferates and the diversity of input data types expands. Several methods exist to address the aforementioned challenges. The signaturebased approach involves the pre-storage of known attacks and anomalies within a database, which is then periodically compared against the system. However, this methodology introduces processing overhead and remains susceptible to unidentified threats. In contrast, the data analysis-based technique offers the advantage of enhanced processing speed and the capability to address issues arising from unknown threats. AD within time-series data has gained prominence with the advancement of deep learning. Recurrent Neural Networks (RNNs) [8, 9] and Long Short-Term Memory Networks (LSTMs) [8, 9] have become widely adopted, as they can assimilate insights from historical data and apply this knowledge to novel scenarios. However, it remains debatable whether data should undergo preprocessing for effective AD, a factor that can increase the cost associated with deploying such models. Furthermore, training these models demands a substantial volume of data, often necessitating preprocessing as a prerequisite. Additionally, these models are susceptible to vanishing and exploding gradient problems. Recent progress has observed the incorporation of transformer models into various domains, encompassing Natural Language Processing (NLP), sequence modeling,

Explainable Transformer-Based Anomaly Detection for Internet of Things Security

85

computer vision, and voice/speech recognition applications [10, 11]. This adoption is attributed to the transformer models’ inherent capability to capture intricate, longterm relationships within data and effectively manage extensive sequences without necessitating preprocessing. In the context of AD, while neural network algorithms generally offer more advantages than signature-based methods, they suffer from a drawback regarding the interpretability of the model decision-making. This means understanding why a particular instance is predicted as abnormal is not easily discernible. This poses a challenge in sensitive applications, i.e., model decisions cannot be trusted easily as they might have biased results, ultimately leading to a decrease in the reliability of AD models. A widely accepted approach known as Explainable Artificial Intelligence (XAI) can be employed to address this limitation. XAI’s goal is to aid humans in comprehending the models’ outcomes. For example, SHAP-based explanations can achieve interoperability of model decision-making by evaluating feature attributions and demonstrating the extent to which each feature contributed to the decision for each data point in the model. In the case of simpler machine learning models like logistic and linear regression, the importance of features can be assessed by examining the coefficients associated with each feature in the dataset. However, for complex models, quantifying or computing the level of influence of each feature on an output decision is challenging due to the large number of parameters involved in such models. Fortunately, the emergence of some cuttingedge XAI frameworks has addressed this issue. In this chapter, we propose XAI-based AD in the context of IoT security. More specifically, a hybrid model, which combines the transformer-based autoencoder to evaluate and detect anomalies in the domain of IoT security. The performance of the proposed method is evaluated using baseline dataset the traffic flow dataset. Also, an XAI module for a transformer-based autoencoder is deployed to overcome the interpretability of the results. The existing literature has not been explored utilizing this specific XAI algorithm for AD within IoT security. Adopting this approach for AD empowers security experts to meticulously analyze the features that exert the most significant influence on the predicted anomaly through visual explanations. Furthermore, it facilitates the identification of the root cause by suggesting physical components (e.g., sensors) that are more likely to be implicated in the predicted anomaly. By inspecting these designated devices, security specialists can ascertain whether the anomaly results from an actual cyberattack, enabling them to respond promptly and effectively. Consequently, this approach has the potential to yield time and cost savings in terms of maintenance while concurrently augmenting the reliability of our proposed method. The remaining chapter is organized as follows: Sects. 2 and 3 present the related work and security challenges in deploying IoT systems, respectively. Section 4 presents the proposed method for AD that meets both conditions, providing high performance and transparency. Section 5 demonstrates the applicability and performance analysis. Perspectives for AI systems in IoT security are discussed in Sect. 6. Finally, Sect. 7 concludes the article.

86

A. Saghir et al.

2 Related Work Numerous studies have explored AD within the realm of IoT, encompassing a range of approaches, including expert insights into time-series methods, as demonstrated by Cook et al. [12]. Most contemporary AD techniques, regarded as state of the art, heavily rely on deep neural networks. Notably, transformers, as introduced by Vaswani et al. [13], have exhibited robust modeling capabilities in diverse domains such as computer vision [14], NLP [15, 16], and speech processing [17]. Regarding time-series analysis, applying transformers to time-series modeling has received increasing attention from researchers because of the attention mechanisms in the encoder–decoder [18, 19]. The transformer can achieve remarkable long-term results in long-term predictions [20–22]. Regarding time-series AD, Chen et al. [23] proposed a multivariate time-series AD model, named GTA, which can represent the intersection of different sensors and autonomously learn and fuse topological graph structures. Zhang et al. [24] fused the VAE and transformers and proposed TransAnomaly for multivariate time-series AD. Tuli et al. [25] developed TranAD, which comprises a deep transformer and diagnosis model that learns the inherent data distribution of non-irregular data, aka regular data, and uses reconstruction errors to highlight anomalies. However, TranAD does not effectively encode the relationships between different data dimensions, resulting in its drawback. Zeng et al. [26] combined GANs and transformers into a higher dimensional time-series AD domain and endowed the transformer with an adversarial technique. Yadav et al. [27] designed a hybrid transformer architecture that shows effective performance in multivariate time-series modeling data by utilizing its ability to reconstruct input in AD. Alamr et al. [28] evaluate and detect anomalies in electrocardiogram (ECG) signals using an unsupervised transformer-based method. Lastly, Kumar et al. [29] utilized a transformer with a spatiotemporal attention mechanism and proposed a dynamic context-capturing model for sensory data.

3 IoT and Security Challenges IoT comprises an assemblage of intelligent devices communicating data over the Internet. These smart devices are strategically deployed in diverse geographical locations and hold the capability to sense and collect data. Applications of IoT span a broad spectrum, encompassing domains such as transportation systems, smart homes, earthquake detection, and grid systems. Despite its status as one of the most emergent technologies of the past decade, with widespread applications across various domains, security remains a constraining factor in numerous IoT application areas. Over the past decade, extensive research efforts have been dedicated to enhancing the security and protection of IoT applications and devices. Fernandes et al. [30] categorized the prevailing security challenges in devices and

Explainable Transformer-Based Anomaly Detection for Internet of Things Security

87

the conventional software security vulnerabilities. This distinction is grounded in the hardware, software, and protocols employed within IoT. The authors contended that traditional security measures, effective in conventional IT, may not yield equivalent benefits in the context of IoT. As an illustration, majorly encryptionbased methods are commonly integrated into IoT designs across various protocols and layers, necessitating numerous encryption, decryption, and re-encryption stages over the overall architecture [31, 32]. This design complexity exposes IoT systems to potential vulnerabilities. To mitigate security breaches, consecutive encryption becomes imperative, albeit at the cost of heightened computational, storage, and energy resource requirements. The predominant challenge within the realm of IoT is the constraint imposed by limited resources, rendering the implementation of complex and advanced security measures in IoT networks unfeasible [33]. To effectively address security concerns, IoT necessitates establishing a cross-layer framework and enhancing existing protocols. The intricacies inherent in IoT designs demand advancements in cryptography and methodologies tailored to address security issues [34]. However, the proliferation of IoT designs amplifies the complexity of security system challenges. Numerous security issues are characterized by their intricacy, often lacking singular, definitive remedies. For instance, in specific security scenarios, such as DDoS attacks or intrusion attempts, false positives can lead to the ineffectiveness of proposed solutions. This erodes user confidence and diminishes the overall efficiency of the security measures. Furthermore, the vast volume of collected data and its heterogeneity pose additional challenges to the functionality and precision of many security solutions. The substantial and diverse dataset encompasses behaviors, patterns, assessments, and predictions [35]. The diversity of information generated by IoT necessitates the development of enhanced methodologies to manage the large and crucial volume of data generated by IoT devices. In light of the preceding discussion, ML emerges as the most suitable mathematical framework for embedding intelligence within IoT systems [32, 34]. ML enables IoT devices to gather essential information from the system, environment, or human sources, facilitating adaptive decision-making and positioning adjustments—a critical approach to solving IoT challenges. ML methods find application in diverse areas, including classification, regression, and density estimation [36]. They are extensively employed in various domains, such as IoT, computer vision, intrusion and malware detection, speech recognition, and authentication. ML represents a computational and intelligent technique capable of autonomous operation. Its deployment necessitates meticulous design and testing through various means. Specific scenarios mandate preemptive and predictive decision-making, requiring actions to be taken before an event occurs, such as predicting and mitigating fires in advance. Achieving such capabilities necessitates the fusion of IoT with ML-integrated security measures. Additionally, a comprehensive examination of security challenges within IoT systems is imperative to fortify their resistance against tampering. The effective operation of ML hinges on efficient data processing and storage, especially when dealing with massive datasets [37]. For instance, reference [38] scrutinized specific security issues arising

88

A. Saghir et al.

in integrating ML techniques within innovative grid systems. Additionally, intrusion detection techniques and their different aspects have been explored in works by Fernandes et al. [30] and Farooq et al. [32].

4 Explainable Anomaly Detection for IoT Security This section describes a transformer-based autoencoder model for AD in IoT security and the XAI-based module for interpreting the tabular models.

4.1 Transformer-Based Autoencoder Model for AD Transformers have revolutionized the tasks in NLP and CV [39]. Inspired by the excellent performance of the self-attention mechanism in various fields, applying transformers to time-series modeling has received increasing attention from researchers. The transformer can mine long-term dependencies in time-series data and achieve remarkable results in the scenario of long-term prediction [14, 18, 19]. In this chapter, we systematically refactored the transformer architecture for AD in the context of IoT security time-series data. Like other encoder–decoder models, the transformer architecture involves a sequence of attention-based transformations applied to the input data. Transformer autoencoder is a network mechanism that applies a transformer at the encoder and decoder stage. Autoencoder uses encoding and decoding methodology to learn an input-compressed representation. In short, the input is compressed by the encoder part into the feature vector and then reconstructed by decompressing the feature vector in the decoder phase. The transformer autoencoder outperforms the standard autoencoder in dealing with different lengths of input sequences. It is significantly more memory-efficient, enabling the model to generate sequences over a long memory. More detail regarding the self-attention mechanism and transformers can be read in [13] and [40]. Along with the Light Gradient Boosting Model (LGBM), XGBoost, and CatBoost classifiers, we have experimented with tabular models as shown in Table 1. Table 1 Different classifiers with their estimated parameters (in thousands) and size (in MB)

Architecture Category embedding model Gated additive tree ensemble FT transformer Tab transformer Auto Int Tab net

Total params (K) 3.1 3.1 272 271 17 6.4

Size (MB) 0.013 0.013 1.089 1.086 0.068 0.026

Explainable Transformer-Based Anomaly Detection for Internet of Things Security

89

4.2 Deployment of XAI Module XAI encompasses algorithms designed to facilitate human understanding of AI models, fostering trust in their outputs and effectively utilizing their benefits. XAI serves the purpose of elucidating an AI model’s functionality, anticipated impact, and potential biases. This entails meeting expectations regarding the model’s proper functioning, providing transparent explanations, and rendering its inner workings visible. Numerous techniques for XAI have been proposed within the academic literature, with one prominent approach being SHapley Additive exPlanations (SHAP). SHAP is a game theory-based method introduced in Lundberg and Lee [41] and [42], intended for the global or local interpretation of outputs generated by ML or DL models. SHAP operates by disentangling single instance predictions, aiming to compute each feature’s impact on the prediction. This serves to identify the impact of each input to the model. The SHAP explanation technique employs game theory to compute the Shapley values. Game theory initially sought to elucidate the contributions of various player groups (coalitions) to the overall gains of the coalition; a similar methodology is applied in ML to ascertain how features contribute to the model’s overall outcome. This approach estimates the degree of contribution of each feature to predicted results using Shapley values, representing the expected contribution or impact of a feature across all possible combination sets or coalitions. The central concept behind SHAP is to clarify the operation of a complex model by approximating it with a more understandable model. Similar to LIME, proposed by Ribeiro et al. [43], explanation models intend to ' utilize simplified input instances, represented as .x , relating to the original samples ' (x) with a function referred to as .hx , that satisfies .x = hx (x ), and local explanation ' ' ' methods make sure .f (hx (z )) ≈ g(z) whenever .z ≈ x . The model .g(z) can be constructed as follows: '

g(z ) = φ0 +

M 

.

'

(1)

φ k zk ,

k=1 '

where the number of simplified features is represented by M, .z ∈ {1, 0}M is a set of simplified values .zk of input features, and .φk ∈ R informs about the Shapley values ' of kth feature input. Furthermore, .zk = 1 tends to illustrate the presence of the ' feature in the coalition and vice versa .zk = 0. The .φk is computed as the equation below: φk =

.

 |S|!(|N | − |S| − 1)! ( υ(S ∪ {k}) − υ(S)), |N|!

(2)

S⊆N/k

where a set of features is represented as N, a subset of N excluding the kth feature as S, and the prediction value for features in the subset S as .υ(S). Shapely values .φk

90

A. Saghir et al.

are calculated for every instance, and features’ impacts are derived based on these values for each sliding window. The SHAP framework employs various computational methods tailored to the model’s architecture. These methods can be categorized into two groups: (1) modelagnostic approximation methods (e.g., Linear SHAP [44] and Kernel SHAP [41]) and (2) and model-specific approximation methods (e.g., Tree SHAP [45], Deep SHAP [41], and Gradient SHAP). Among the available SHAP methods, Deep SHAP and Gradient SHAP are configured for deep learning models, particularly those that operate on threedimensional data inputs. Deep SHAP employs an algorithm for estimating SHAP values, while Gradient SHAP computes the SHAP values by approximating the gradients through random sampling. Since Deep SHAP is more time-intensive in its processing, this study opts for using the Gradient SHAP method. When employing the Gradient SHAP method, it is expected that the output of the AI model will be in the form of either a vector or a single value.

5 Experimental Analysis This section provides a case study using the proposed method and a baseline proposed dataset provided by Hasan et al. [46]. In the dataset, there are 357,952 samples and 13 features. The dataset has 347,935 normal data and 10,017 anomalous data and contains eight classes that were classified. Features “Accessed Node Type” and “Value” have 148 and 2050 missing data, respectively. In addition, we also demonstrate the interpretation achieved using XAI on (1) non-tabular and (2) tabular models.

5.1 Non-tabular Models Tables 2, 3, and 4 present the classification performance achieved using the LGBM, XGBoost, and CatBoost classifiers, respectively. The performance for LGBM is the same as XGBoost, but the CatBoost is not converging at all. Similarly, the classification reports for LGBM and XGBoost in Figs. 1 and 2 look the same, but the classification report for CatBoost in Fig. 3 is biased toward label 4. Figures 4, 5, and 6 show the feature importance for the LGBM, XGBoost, and CatBoost classifiers. It is seen that the features’ importance is given to features #11, #1, and #5, respectively. The interpretable tree plots for the three classifiers (in the same order) are shown in Figs. 7, 8, and 9. (1) Considering the explainability for LGBM, as illustrated in Fig. 10, feature #4 has the highest mean SHAP values, whereas class #5 has the highest magnitude. Figure 11 shows the plot where the

Explainable Transformer-Based Anomaly Detection for Internet of Things Security Table 2 Classification report for LGBM classifier

Table 3 Classification report for XGB classifier

Table 4 Classification report for CatBoost classifier

91

Class 0

P 1

R 0.68

F1 0.81

1

1

1

1

2

1

1

1

3

1

1

1

4

1

1

1

5

1

1

1

6

1

1

1

7

0.99

1

1

macro_avg

1

0.96

0.98

weighted_avg

0.99

0.99

0.99

Accuracy

0.99

Class 0

P 1

R 0.68

F1 0.81

1

1

1

1

2

1

1

1

3

1

1

1

4

1

1

1

5

1

1

1

6

1

1

1

7

0.99

1

1

macro_avg

1

0.96

0.98

weighted_avg

0.99

0.99

0.99

Accuracy

0.99

Class 0

P 0.27

R 0.67

F1 0.39

1

0

0

0

2

0

0

0

3

0

0

0

4

0

0.97

0.1

5

0

0

0

6

0

0

0

7

0

0

0

macro_avg

0.03

0.21

0.05

weighted_avg

0

0.02

0.01

Accuracy

0.02

92

Fig. 1 Confusion matrix for the LGBM classifier

Fig. 2 Confusion matrix for the XGB classifier

A. Saghir et al.

Explainable Transformer-Based Anomaly Detection for Internet of Things Security

Fig. 3 Confusion matrix for the CatBoost classifier

Fig. 4 Feature importance plot for all input features to LGBM classifier

93

94

A. Saghir et al.

Fig. 5 Feature importance plot for all input features to XGB classifier

Fig. 6 Feature importance plot for all input features to CatBoost classifier

feature explainability is shown for an instance. As the SHAP values increase for features #11, #5, and #6, the feature values are higher, meaning more impact is seen on the model output. (2) Contrarily, the SHAP values in Fig. 12 for the features in XGBoost show that feature #1 has the maximum mean for all eight class labels,

Explainable Transformer-Based Anomaly Detection for Internet of Things Security

Fig. 7 Tree plot from the LGBM classifier

Fig. 8 Tree plot from the XGB classifier

Fig. 9 Tree plot from the CatBoost classifier

95

96

A. Saghir et al.

Fig. 10 Summary plot from SHAP for the LGBM classifier

Fig. 11 Summary plot from SHAP for the CatBoost classifier for one instance (Index “0”)

with class #4 and class #0 having the maximum magnitude of average SHAP values. Considering the plot in Fig. 13 for the zeroth index, features #1, #7, #11, and #6 have the maximum impact on the model output. (3) Lastly, Fig. 14 shows the SHAP values for CatBoost classifier, where feature #5 shows the maximum SHAP value, which is also shown in Fig. 11, while considering one instance.

Explainable Transformer-Based Anomaly Detection for Internet of Things Security

97

Fig. 12 Summary plot from SHAP for the XGB classifier

Fig. 13 Summary plot from SHAP for the XGB classifier for one instance (Index “0”)

5.2 Tabular Models We considered six configurations for the tabular models as implemented in PyTorch tabular.1 Tables 5, 6, 7, 8, 9 and 10 show similar results for classification report;

1 https://github.com/manujosephv/pytorch_tabular.

98

A. Saghir et al.

Fig. 14 Summary plot from SHAP for the CatBoost classifier

Table 5 Classification report for Category Embedding Model classifier

Class 0 1 2 3 4 5 6 7 macro_avg weighted_avg Accuracy

P 0.98 1 1 1 1 1 1 0.99 1 0.99 0.99

R 0.68 1 1 1 1 1 1 1 0.96 0.99

F1 0.80 1 1 0 1 1 1 1 0.97 0.99

Table 6 Classification report for Gated Additive Tree Ensemble classifier

Class 0 1 2 3 4 5 6 7 macro_avg weighted_avg Accuracy

P 0.98 1 1 1 1 1 1 0.99 1 0.99 0.99

R 0.68 1 1 1 1 1 1 1 0.96 0.99

F1 0.80 1 1 0 1 1 1 1 0.97 0.99

Explainable Transformer-Based Anomaly Detection for Internet of Things Security

99

Table 7 Classification report for FT Transformer classifier

Class 0 1 2 3 4 5 6 7 macro_avg weighted_avg Accuracy

P 0.98 1 0.99 1 0.99 1 1 0.99 1 0.99 0.99

R 0.68 1 1 1 1 1 1 1 0.96 0.99

F1 0.80 1 1 0 1 1 1 1 0.97 0.99

Table 8 Classification report for Tab Transformer classifier

Class 0 1 2 3 4 5 6 7 macro_avg weighted_avg Accuracy

P 0.98 1 1 1 1 1 1 0.99 1 0.99 0.99

R 0.68 1 1 1 1 1 1 1 0.96 0.99

F1 0.80 1 1 0 1 1 1 1 0.97 0.99

Table 9 Classification report for Auto Int classifier

Class 0 1 2 3 4 5 6 7 macro_avg weighted_avg Accuracy

P 0.98 1 1 1 0.99 1 1 0.99 1 0.99 0.99

R 0.68 1 1 1 0.99 1 1 1 0.96 0.99

F1 0.80 1 1 1 0.99 1 1 1 0.97 0.99

this is because of the similar architectures. Similarly, for Figs. 15, 16, 17, 18, 19, and 20 for SHAP values and explainability, and Figs. 21, 22, 23, 24, 25, and 26 for the confusion matrices, an interesting observation is a similarity between the zeroth and seventh classes for all models (Fig. 27).

100 Table 10 Classification report for Tab Net classifier

Fig. 15 SHAP summary plot for the Category Embedding Model classifier for one instance

Fig. 16 SHAP summary plot for the Gated Additive Tree Ensemble classifier for one instance

A. Saghir et al. Class 0 1 2 3 4 5 6 7 macro_avg weighted_avg Accuracy

P 0.98 1 1 1 0.99 1 1 0.99 1 0.99 0.99

R 0.68 1 1 1 0.99 1 1 1 0.96 0.99

F1 0.80 1 1 1 0.99 1 1 1 0.97 0.99

Explainable Transformer-Based Anomaly Detection for Internet of Things Security

Fig. 17 SHAP summary plot for the FT Transformer classifier for one instance

Fig. 18 SHAP summary plot for the Tab Net classifier for one instance

101

102

A. Saghir et al.

Fig. 19 SHAP summary plot for the Tab Transformer classifier for one instance

Fig. 20 SHAP summary plot for the Auto Int classifier for one instance

Explainable Transformer-Based Anomaly Detection for Internet of Things Security

103

Fig. 21 Confusion matrix for the Category Embedding Model classifier

Fig. 22 Confusion matrix for the FT Transformer classifier

6 Perspectives for AI Systems in IoT Security The utilization of AI systems is widespread, yet many challenges of robustness and explainability accompany it. One prominent issue arises during the training phase, wherein these models tend to memorize data, rendering them vulnerable to various adversarial attacks, including membership inference [47] and reconstruction attacks [48]. These attacks pose a severe threat to the privacy of data

104

A. Saghir et al.

Fig. 23 Confusion matrix for the Auto Int classifier Fig. 24 Confusion matrix for the Gated Additive Tree Ensemble classifier

owners and serve as a substantial barrier to the seamless deployment of realtime deep learning applications. Techniques such as differentially private stochastic gradient descent [49] offer a promising avenue for enhancing the privacy of AI systems. Nonetheless, further research is imperative to strike an optimal balance between implementing such privacy-enhancing technologies and preserving the utility of AI systems. In the IoT domain, where devices often operate within resource-constrained environments, developing AI systems that prioritize security

Explainable Transformer-Based Anomaly Detection for Internet of Things Security

105

Fig. 25 Confusion matrix for the Tab Net classifier

Fig. 26 Confusion matrix for the Tab Transformer classifier

and privacy and exhibit computational efficiency becomes essential. To effectively address these critical concerns, collaborative endeavors among researchers become of paramount importance. For example, experts specializing in network architecture

106

A. Saghir et al.

Fig. 27 Summary plot from SHAP for the LGBM classifier for one instance (Index “0”)

can collaborate with researchers in the application layer to formulate efficacious solutions for real-time application challenges. Additionally, there is a pressing need for research on security and privacy concerns associated with Embedded AI in intelligent healthcare systems, which inherently handle a significant volume of sensitive data.

7 Conclusion In the contemporary era, the world is characterized by the prevalence of AI and ubiquitous computing. IoT sensors have become integral to various facets of human life, such as intelligent manufacturing, smart agriculture, innovative healthcare, and smart urban infrastructure. Consequently, these sensors have emerged as prime targets for network security breaches and system attacks, which can have profound and far-reaching consequences. Hence, implementing AD mechanisms is imperative within diverse intelligent production systems. This chapter presents the deployment of a transformer-based autoencoder model to identify anomalies within IoT security systems. The model’s performance is rigorously evaluated, demonstrating remarkable results with a recall metric of 96.28% when applied to the Traffic Flow dataset. Moreover, we offer a visual and comprehensive explanation of the detected anomalies. This not only enhances the transparency of the black-box model but also provides domain experts with deeper insights into the system, thereby augmenting the reliability of the AD model.

Explainable Transformer-Based Anomaly Detection for Internet of Things Security

107

In conclusion, our work underscores the importance of continued research efforts to explore alternative XAI methods for AD in IoT systems.

References 1. A. Khanna, S. Kaur, Internet of Things (IoT), applications and challenges: a comprehensive review. Wirel. Personal Commun. 114, 1687–1762 (2020) 2. S. Chen, X. Hui, D. Liu, H. Bo, H. Wang, A vision of IoT: applications, challenges, and opportunities with China perspective. IEEE Int. Things J. 1(4), 349–359 (2014) 3. D. Kyriazis, T. Varvarigou, D. White, A. Rossi, J. Cooper, Sustainable smart city IoT applications: Heat and electricity management & eco-conscious cruise control for public transportation, in 2013 IEEE 14th International Symposium on “A World of Wireless, Mobile and Multimedia Networks” (WoWMoM) (IEEE, Piscataway, 2013), pp. 1–5 4. T. Malche, P. Maheshwarym Internet of things (IoT) for building smart home system, in 2017 International Conference on I-SMAC (IoT in Social, Mobile, Analytics and Cloud)(I-SMAC) (IEEE, Piscataway, 2017), pp. 65–70 5. I. Arif, N. Ackovska, IoT aided smart home architecture for anomaly detection, in Data Science and Internet of Things: Research and Applications at the Intersection of DS and IoT (2021), pp. 1–19 6. M. Min, J.J. Lee, H. Park, K. Lee, Detecting anomalous transactions via an IoT based application: a machine learning approach for horse racing betting. Sensors 21(6), 2039 (2021) 7. C. Li, L. Mo, H. Tang, R. Yan, Lifelong condition monitoring based on NB-IoT for anomaly detection of machinery equipment. Procedia Manufact. 49, 144–149 (2020) 8. M. Canizo, I. Triguero, A. Conde, E. Onieva, Multi-head CNN-RNN for multi-time series anomaly detection: an industrial case study. Neurocomputing 363, 246–260 (2019) 9. W. Di, Z. Jiang, X. Xie, X. Wei, Y. Weiren, R. Li, LSTM learning with Bayesian and gaussian processing for anomaly detection in industrial IoT. IEEE Trans. Ind. Inform. 16(8), 5244–5253 (2019) 10. I.V. Tetko, P. Karpov, R. Van Deursen, G. Godin, State-of-the-art augmented NLP transformer models for direct and single-step retrosynthesis. Nat. Commun. 11(1), 5575 (2020) 11. L. Sun, C. Xia, W. Yin, T. Liang, P.S. Yu, L. He, Mixup-transformer: dynamic data augmentation for NLP tasks (2020). arXiv preprint arXiv:2010.02394 12. A.A. Cook, G. Mısırlı, Z. Fan, Anomaly detection for IoT time-series data: a survey. IEEE Int. J. 7(7), 6481–6494 (2019) 13. A. Vaswani, N. Shazeer, N. Parmar, J. Uszkoreit, L. Jones, A.N. Gomez, Ł. Kaiser, I. Polosukhin, Attention is all you need, in Advances in Neural Information Processing Systems, vol. 30 (2017) 14. D. Liu, G. Liu, A transformer-based variational autoencoder for sentence generation, in 2019 International Joint Conference on Neural Networks (IJCNN) (IEEE, Piscataway, 2019), pp 1–7 15. X. Qiu, T. Sun, X. Yige, Y. Shao, N. Dai, X. Huang, Pre-trained models for natural language processing: a survey. Sci. China Technol. Sci. 63(10), 1872–1897 (2020) 16. J. Devlin, M.-W. Chang, K. Lee, K. Toutanova, Bert: Pre-training of deep bidirectional transformers for language understanding (2018). arXiv preprint arXiv:1810.04805 17. S. Karita, N. Chen, T. Hayashi, T. Hori, H. Inaguma, Z. Jiang, M. Someki, N.E.Y. Soplin, R. Yamamoto, X. Wang, et al., A comparative study on transformer vs RNN in speech applications, in 2019 IEEE Automatic Speech Recognition and Understanding Workshop (ASRU) (IEEE, Piscataway, 2019), pp. 449–456 18. H. Zhou, S. Zhang, J. Peng, S. Zhang, J. Li, H. Xiong, W. Zhang, Informer: Beyond efficient transformer for long sequence time-series forecasting, in Proceedings of the AAAI Conference on Artificial Intelligence, vol. 35 (2021), pp. 11106–11115

108

A. Saghir et al.

19. W. Haixu, X. Jiehui, J. Wang, M. Long, Autoformer: decomposition transformers with auto-correlation for long-term series forecasting. Adv. Neur. Inform. Process. Syst. 34, 22419– 22430 (2021) 20. S. Liu, H. Yu, C. Liao, J. Li, W. Lin, A.X. Liu, S. Dustdar, Pyraformer: Low-complexity pyramidal attention for long-range time series modeling and forecasting, in International Conference on Learning Representations (2021) 21. A. Raza, K.P. Tran, L. Koehl, S. Li, AnoFed: adaptive anomaly detection for digital health using transformer-based federated learning and support vector data description. Eng. Appl. Artif. Intell. 121, 106051 (2023) 22. A. Raza, K.P. Tran, L. Koehl, S. Li, X. Zeng, K. Benzaidi, Lightweight transformer in federated setting for human activity recognition. arXiv preprint arXiv:2110.00244 (2021) 23. Z. Chen, D. Chen, X. Zhang, Z. Yuan, X. Cheng, Learning graph structures with transformer for multivariate time-series anomaly detection in IoT. IEEE Int. Things J. 9(12), 9179–9189 (2021) 24. H. Zhang, Y. Xia, T. Yan, G. Liu, Unsupervised anomaly detection in multivariate time series through transformer-based variational autoencoder, in 2021 33rd Chinese Control and Decision Conference (CCDC) (IEEE, Piscataway, 2021), pp. 281–286 25. S. Tuli, G. Casale, N.R. Jennings, Tranad: Deep transformer networks for anomaly detection in multivariate time series data (2022). arXiv preprint arXiv:2201.07284 26. F. Zeng, M. Chen, C. Qian, Y. Wang, Y. Zhou, W. Tang, Multivariate time series anomaly detection with adversarial transformer architecture in the internet of things. Future Gener. Comput. Syst. 144, 244–255 (2023) 27. D. Yadav, X. Zhang, B.T. Jin, Transformer based anomaly detection on multivariate time series subledger data, in KDD 2023 Workshop on Machine Learning in Finance (MLF) (ACM, New York, NY, USA, 2023). https://www.amazon.science/publications/transformerbased-anomaly-detection-on-multivariate-time-series-subledger-data 28. A. Alamr, A. Artoli, Unsupervised transformer-based anomaly detection in ECG signals. Algorithms 16(3), 152 (2023) 29. A. Siva Kumar, S. Raja, N. Pritha, H. Raviraj, R. Babitha Lincy, J. Jency Rubia, An adaptive transformer model for anomaly detection in wireless sensor networks in real-time. Measur. Sensors 25, 100625 (2023) 30. E. Fernandes, A. Rahmati, K. Eykholt, A. Prakash, Internet of things security research: a rehash of old ideas or new intellectual challenges? IEEE Secur. Privacy 15(4), 79–84 (2017) 31. S.S. Dhanda, B. Singh, P. Jindal, Lightweight cryptography: a solution to secure IoT. Wirel. Personal Commun. 112(3), 1947–1980 (2020) 32. U. Farooq, N. Tariq, M. Asim, T. Baker, A. Al-Shamma’a, Machine learning and the internet of things security: solutions and open challenges. J. Parall. Distrib. Comput. 162, 89–104 (2022) 33. N. Tariq, M. Asim, Z. Maamar, M.Z. Farooqi, N. Faci, T. Baker, A mobile code-driven trust mechanism for detecting internal attacks in sensor node-powered IoT. J. Parall. Distrib. Comput. 134, 198–206 (2019) 34. F. Hussain, R. Hussain, S.A. Hassan, E. Hossain, Machine learning in IoT security: current solutions and future challenges. IEEE Commun. Surv. Tutor. 22(3), 1686–1721 (2020) 35. B.K. Mohanta, D. Jena, U. Satapathy, S. Patnaik, Survey on IoT security: challenges and solution using machine learning, artificial intelligence and blockchain technology. Int. Things 11, 100227 (2020) 36. M.S. Mahdavinejad, M. Rezvan, M. Barekatain, P. Adibi, P. Barnaghi, A.P. Sheth, Machine learning for internet of things data analysis: a survey. Digital Commun. Netw. 4(3), 161–175 (2018) 37. I. Kotenko, I. Saenko, A. Branitskiy, Framework for mobile internet of things security monitoring based on big data processing and machine learning. IEEE Access 6, 72714–72723 (2018) 38. E. Hossain, I. Khan, F. Un-Noor, S.S. Sikander, M.S.H. Sunny, Application of big data and machine learning in smart grid, and associated security concerns: a review. IEEE Access 7, 13960–13988 (2019)

Explainable Transformer-Based Anomaly Detection for Internet of Things Security

109

39. T. Lin, Y. Wang, X. Liu, X. Qiu, A survey of transformers. AI Open (2022) 40. K. Choi, C. Hawthorne, I. Simon, M. Dinculescu, J. Engel, Encoding musical style with transformer autoencoders, in International Conference on Machine Learning (PMLR, London, 2020), pp. 1899–1908 41. S.M. Lundberg, S.-I. Lee, A unified approach to interpreting model predictions, in Advances in Neural Information Processing Systems, vol. 30 (2017) 42. N.X. Hoang, N.V. Hoang, N.H. Du, T.T. Huong, K.P. Tran, et al., Explainable anomaly detection for industrial control system cybersecurity. IFAC-PapersOnLine 55(10), 1183–1188 (2022) 43. M.T. Ribeiro, S. Singh, C. Guestrin, ”Why should i trust you?” explaining the predictions of any classifier, in Proceedings of the 22nd ACM SIGKDD International Conference on Knowledge Discovery and Data Mining (2016), pp. 1135–1144 44. E. Štrumbelj, I. Kononenko, Explaining prediction models and individual predictions with feature contributions. Knowl. Inform. Syst. 41, 647–665 (2014) 45. S.M. Lundberg, G. Erion, H. Chen, A. DeGrave, J.M. Prutkin, B. Nair, R. Katz, J. Himmelfarb, N. Bansal, S.-I. Lee, From local explanations to global understanding with explainable AI for trees. Nat. Mach. Intell. 2(1), 56–67 (2020) 46. M. Hasan, M.M. Islam, M.I.I. Zarif, M.M.A. Hashem, Attack and anomaly detection in IoT sensors in IoT sites using machine learning approaches. Int. Things 7, 100059 (2019). ISSN 2542-6605. https://doi.org/10.1016/j.iot.2019.100059. https://www.sciencedirect.com/science/ article/pii/S2542660519300241 47. H. Hongsheng, Z. Salcic, L. Sun, G. Dobbie, P.S. Yu, X. Zhang, Membership inference attacks on machine learning: a survey. ACM Comput. Surv. 54(11s), 235 (2022). https://doi.org/10. 1145/3523273 48. N. Rodríguez-Barroso, D. Jiménez-López, M.V. Luzón, F. Herrera, E. Martínez-Cámara, Survey on federated learning threats: concepts, taxonomy on attacks and defences, experimental study and challenges. Inform. Fusion 90, 148–173 (2023). https://doi.org/10.1016/j.inffus. 2022.09.011 49. M. Abadi, A. Chu, I. Goodfellow, H.B. McMahan, I. Mironov, K. Talwar, L. Zhang, Deep learning with differential privacy, in Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security (ACM, New York, 2016), pp. 308–318. https://doi. org/10.1145/2976749.2978318

A Novel Transformer-Based Anomaly Detection Approach for ECG Monitoring Healthcare System Thi Thuy Van Nguyen, Cédric Heuchenne, Kim Duc Tran, and Kim Phuc Tran

1 Introduction Detecting anomalies is critically important in all aspects of life, as it enables us to identify and address unexpected deviations from typical or expected behavior, ensuring safety, efficiency, and overall well-being. For instance, in healthcare, timely identification of anomalous patterns in medical data like ECG signals can lead to early intervention for potentially life-threatening conditions. In finance, detecting unusual transactions can help prevent fraud and financial risks. In cybersecurity, identifying abnormal behaviors can thwart attacks and intrusions. These examples highlight the substantial contribution of anomaly detection in enhancing and ensuring effectiveness across diverse domains. The identification of anomalies or outliers has received much attention from both the statistics and machine learning (ML) research sectors. Many studies have

T. T. V. Nguyen () HEC Liège - Management School of the University of Liège, Liège, Belgium University of Lille, ENSAIT, GEMTEX, Lille, France e-mail: [email protected] C. Heuchenne HEC Liège - Management School of the University of Liège, Liège, Belgium e-mail: [email protected] K. D. Tran International Research Institute for Artificial Intelligence and Data Science, Dong A University, Danang, Vietnam e-mail: [email protected] K. P. Tran University of Lille, ENSAIT, GEMTEX, Lille, France e-mail: [email protected] © The Author(s), under exclusive license to Springer Nature Switzerland AG 2024 K. P. Tran et al. (eds.), The Seventh International Conference on Safety and Security with IoT, EAI/Springer Innovations in Communication and Computing, https://doi.org/10.1007/978-3-031-53028-9_7

111

112

T. T. V. Nguyen et al.

been carried out to provide efficient solutions for dealing with this task in the literature. In statistics, many works have been carried out to develop anomaly detection methods. For example, in Suman and Prajapati [21], the authors explored the application of Statistical Process Control (SPC) and control charts in healthcare, tracing their evolution from industrial manufacturing to patient care and identifying a need for broader deployment across different departments and countries in the healthcare sector. An innovative, lightweight, and model-free method for online detection of cardiac anomalies, such as ectopic beats in electrocardiography (ECG) or PPG signals, was introduced in the work of Lang [13]. This approach utilizes Singular Spectrum Analysis (SSA) and nonparametric rank-based cumulative sum (CUSUM) control charts for efficient anomaly detection without the need for identifying fiducial points, making it computationally less intensive than previous SSA-based methods. In [10] the authors employed control charts to quickly and effectively monitor complex frequency signals, facilitating rapid response and anomaly detection in critical processes and testing the model in both simulation and ECG datasets. In the work of Zhou and Kan [30], a novel sensor-based unsupervised framework combining Gramian Angular Difference Field (GADF), multi-linear principal component analysis (MPCA), and control charts (Hotelling T2) for ECG anomaly detection was proposed. These are just a few examples of the applications of statistics and SPC in healthcare, and there are numerous other instances of SPC application across diverse domains, from healthcare to manufacturing and beyond. Recently, there has been a growing trend toward developing machine learning techniques for anomaly detection, driven by the increased availability of large and diverse datasets, advancements in machine learning algorithms, and the desire to achieve higher accuracy in identifying anomalies in various domains, such as cybersecurity [6, 18], manufacturing [11], industry [4] and healthcare [8]. In the work of Nassif et al. [14], the authors presented a systematic literature review (SLR) on ML models for anomaly detection from 2000–2020, identifying 290 research articles covering 43 different applications, 29 distinct ML models, and 22 datasets used in anomaly detection experiments. The study highlights a preference for unsupervised anomaly detection, with intrusion detection, network anomaly detection, general anomaly detection, and data applications being the most frequently studied areas in anomaly detection. While numerous state-of-the-art ML models have demonstrated their high accuracy in anomaly detection, the critical aspect of controlling false alarm rates remains relatively unaddressed, posing potential adverse consequences; for example, in healthcare, a false alarm can disrupt patient care, lead to resource overload, and erode trust in the anomaly detection system, ultimately compromising patient safety. In this work, we propose to integrate a transformer-based autoencoder network proposed by Raza et al. [17] together with MEWMA-SVDD control chart to detect anomalies. According to this proposal, a transformer-based variational autoencoder (VAE) network will be used to extract important information from the data while the task of detecting the abnormal objects from the input is left to the MEWMASVDD. The idea of applying MEWMA techniques makes the model more sensitive to small shifts or changes in the time series while employing the concept of a

A Novel Transformer-Based Anomaly Detection Approach for ECG. . .

113

control chart can help in effectively managing the false alarm rate. Besides, there has been a growing trend in incorporating artificial intelligence (AI) capabilities, into embedded systems and devices. Our objective is also to develop a lightweight framework that is suitable for implementation in embedded devices with the aim of the development of embedded artificial intelligence in the future. The rest of this paper is organized as follows: In Sect. 2, the main concepts used in this study, including transformer, VAEs, and MEWMA-SVDD algorithm, are introduced; the detail of the proposed transformer-based VAE-MEWMA-SVDD framework for anomaly detection in multivariate time series data is presented in Sect. 3; in Sect. 4, the details of the experiment used to test the performance of the proposed framework, and the results obtained are presented; the perspective to improve the proposed framework in terms of data privacy concern is presented in Sect. 5; and finally, the conclusions are given in Sect. 6.

2 Related Works and Background In this section, we discuss the main concepts used in this study.

2.1 Transformers The transformer is a neural network architecture that was introduced in the paper “Attention is All You Need” by Vaswani et al. [27] in 2017 and since then, it has become a cornerstone in natural language processing (NLP) and has been used in various other fields due to its ability to handle sequential data efficiently. Similar to recurrent neural networks (RNNs), another neural network designed for handling sequential data, transformers utilize an encoder and a decoder architecture. However, transformers distinguish themselves by utilizing self-attention mechanisms, allowing them to capture dependencies across the entire sequence without considering distance, while RNNs rely on recurrent connections to sequentially pass information through time steps. Both the encoder and decoder in the transformer architecture consist of stacked layers that include multi-head selfattention, additive connections, layer normalization, and position-wise feedforward layers. Additionally, positional encoding is applied to the input embeddings in a pre-processing step, ensuring that the model can retain the positions of elements within the sequence, as the transformer architecture does not inherently incorporate any information about sequence order. The core innovation of the transformer is the self-attention mechanism, which enables the model to assess the significance of different parts within the input sequence while processing each element. The formula for computing the attention scores for each element in the input sequence is as follows:

114

T. T. V. Nguyen et al.

 QKT  Attention(Q, K, V) = Softmax √ V dk

.

(1)

where .Q, K, V represent query, key, and value matrices derived from the input sequence, and .dk is the dimension of the key vectors. Instead of executing a single attention function with .dmodel -dimensional keys, the attention mechanism is employed multiple times through the use of parallel attention heads, each equipped with different projections of query Q, key K, and value V matrices. This design enables the model to learn diverse representations of the input sequence, thereby enhancing its ability to capture complex patterns and relationships. The outputs of the multiple attention heads are concatenated and linearly transformed by multiplying query Q, key K, and value V matrices with the weight matrices W which are computed during the training process to produce the final output of the multi-head attention layer Multihead(Q, K, V) = concat(Attention1 , Attention2 , . . . , Attentionh ) · WO .

.

(2) K V Attentioni = Attention(QWQ i , KWi , VWi )   Q T QWi (KWK i ) = Softmax (VWVi ) √ dk

(3)

K V where h represents the number of attention heads, and .WQ i , KWi , Wi are learnable weight matrices for query, key, and value projections specific to the .i th head, respectively, and .WO is a learnable weight matrix used for the final linear transformation. Figure 1 illustrates the multi-head attention mechanism proposed by Vaswani et al. [27]. Multi-head attention is used in both the encoder and decoder to capture different aspects of the input sequence simultaneously, enabling the model to understand complex relationships between words. Additionally, feedforward neural network layers and other components, such as layer normalization and residual connections, enhance the model’s ability to learn and process sequential data efficiently. Transformer architecture has been the foundation for many subsequent models, including BERT, GPT, and many others, which have achieved state-of-theart results in various NLP tasks and beyond, see Chen et al. [5], Singh and Mahmood [19], Wolf et al. [28], and Acheampong et al. [1], among many others.

2.2 Variational Autoencoders Variational Autoencoders (VAEs) are a type of generative model used in unsupervised machine learning and they represent a powerful paradigm in the field of deep

A Novel Transformer-Based Anomaly Detection Approach for ECG. . .

115

Fig. 1 (Right) Multi-head attention with h attention layers running in parallel proposed by Vaswani et al. [27]

learning. VAEs were first introduced by Kingma et al. [12] and since then, it has been widely used for various applications, including data generation, data denoising, representation learning, and anomaly detection. Unlike traditional autoencoders that learn deterministic mappings to fixed points in the latent space, VAEs shift their focus to learning a probability distribution of data in the latent space, often explicitly regularizing it to resemble a normal distribution, which is the most common choice, in order to capture the underlying data structure. Let X denote the given input data and assume that X originates from a latent variable Z, which is not directly observable. In VAEs, the authors consider the probabilistic encoder and decoder instead of deterministic ones. More precisely, assume that encoded representations Z in the latent space follow the prior distribution .pθ (Z) with .θ as the network parameters. According to Bayes theorem, the relationship between prior .pθ (Z), the likelihood .pθ (X|Z), and the posterior .pθ (Z|X) is given by pθ (Z|X) =

.

pθ (X|Z) · pθ (Z) pθ (X|Z) · pθ (Z) = pθ (X) pθ (X|Z) · pθ (Z) dz

(4)

In practice, it is common to model both the prior distribution .pθ (Z) and the likelihood function .pθ (X|Z) as normal distributions. This assumption simplifies the computations and allows us to apply Bayes’ theorem to compute the posterior distribution .pθ (Z|X). However, the computation of .pθ (Z|X) is intractable in most cases due to the integral at the denominator of Eq. (4). To solve this problem, Kingma et al. [12] suggested using the variational inference technique. More precisely, the authors tried to approximate .pθ (Z|X) by another tractable distribution .qφ (Z|X), i.e., .pθ (Z|X) ≈ qφ (Z|X), where .φ represents the parameters of the approximate distribution, and minimize a metric describing the difference between two probability distributions named Kullback-Leibler divergence, denoted as .KL(qφ (Z|X)||pθ (Z|X))

116

T. T. V. Nguyen et al.

 KL(qφ (Z|X)||pθ (Z|X)) = Eqφ (Z|X)

.

qφ (Z|X) log pθ (Z|X)

 (5)

to ensure the similarity of these two distributions. After the input data is mapped to a probabilistic distribution in the latent space in the encoder, the decoder takes samples Z from the latent space and uses these samples to generate data that resembles the original input. These samples Z are often assumed to follow a normal distribution with a mean vector .μ and a covariance matrix .Σ = σ σ T , i.e., Z =μ+σ ⊙ϵ

.

(6)

where .ϵ ∼ N (0, I), .⊙ is the element-wise product. Introducing .ϵ as an independent random variable ensures the differentiability of the sampling process, allowing gradients to flow through the sampling operation during backpropagation. This technique is commonly referred to as the re-parameterization trick, and it is a key component of VAEs that enables the model to facilitate gradient-based optimization and training, making VAEs effective for various generative and representation learning tasks. Figure 2 illustrates the structure of a VAE. Let .X' denote the reconstructed data. The objective function of VAEs comprises two loss terms: the reconstruction loss .L(X, X' ), which assesses the decoder’s ability to reconstruct input data, and the Kullback-Leibler divergence, which quantifies the divergence between the learned distribution .qφ (Z|X) in the latent space and the true distribution .pφ (Z), which is often assumed to be a standard Gaussian distribution. Hence, the loss for VAEs is defined as ' .Loss (VAEs) = L(X, X ) + KL(qφ,i (Z|X)‖pφ (Z)) (7) i

The choice for the reconstruction loss depends on the type of data we are working with. VAEs training aims to minimize this objective function, often achieved through gradient descent optimization, to enhance both reconstruction accuracy and the adherence of the latent space to the desired distribution. In machine learning and artificial intelligence, VAEs have proven to be a powerful tool due to their ability to learn probabilistic representations of data. VAEs find utility across diverse domains,

Fig. 2 The general structure of a VAE

A Novel Transformer-Based Anomaly Detection Approach for ECG. . .

117

including generative modeling, data compression, and anomaly detection see, for example, Anstine and Isayev [2], Duan et al. [7], and Raza et al. [17].

2.3 Multivariate Exponentially Weighted Moving Average (MEWMA) and Support Vector Data Description (SVDD) In ML, SVDD is a well-established algorithm primarily utilized for anomaly detection, effectively identifying outliers within datasets. Initially proposed by Tax and Duin [23], SVDD has garnered extensive recognition and adoption within the field of anomaly detection. One of its key advantages lies in its ability to operate without making restrictive assumptions about the underlying data distribution, as evidenced by its utilization in various studies, including those by Banerjee et al. [3], Pauwels and Ambekar [16], and Zhang and Deng [29], among numerous others. In this section, we will briefly present the main idea of the SVDD algorithm based on the MEWMA technique. Specifically, since we are focusing on detecting anomalies in a time series dataset, we will first apply the MEWMA technique by calculating the weighted average of the components within each individual time series, employing a memory-based approach, and then use this transformed dataset to train the SVDD model. Recall SVDD is a one-class classification algorithm that allows us to detect abnormal observations by modeling the normal ones. This algorithm obtains a spherical-shaped boundary around the dataset, specified by its center .a and radius R. The objective is to minimize the radius R, thereby minimizing the volume of the sphere while ensuring that it contains the majority of training objects. Suppose we have an unlabeled time series training set of size N, .S = {x1 , x2 , . . . , xN } where p .xi ∈ R , p is the number of time steps, and we want to obtain a description of this dataset. The MEWMA vector .wi = (wi,1 , . . . , wi,t , . . . , wi,p ) can be calculated by wi,t = rxi,t + (1 − r)wi,t−1 , t = 1, 2, . . . , p

.

(8)

where .w0 = 0, .r ∈ (0, 1] is a fixed smoothing parameter, .wi,t is the MEWMA statistic for the time step t, and .xi,t is the measurement at time step t of the .ith observation. The SVDD optimization problem to obtain a description of the dataset using MEWMA-based vectors can be described by

.

min R,a

subject to

.

R2 + C

N

ξi

(9)

i=1

‖wi − a‖2 ≤ R 2 + ξi ,

i = 1, . . . , N ; ξi ≥ 0

where C is the trade-off parameter which is introduced to control the balance between the volume of the sphere and the errors. Introducing two Lagrange

118

T. T. V. Nguyen et al.

multipliers .αi , γi , the dual problem of problem (9) will be

.

max α

N

αi 〈wi , wi 〉 −

αi αj 〈wi , wj 〉

(10)

i,j =1

i=1

subject to

N

N

.

αi = 1

i=1

0 ≤ αi ≤ C

i = 1, . . . , N

for

This dual problem is convex quadratic and much easier to solve compared with the original problem (9). Solving this problem and noting that the parameters .γi are omitted during the solving process, we obtain the center .a and the radius R of the sphere as follows: a=



.

αs ws.

(11)

SV

R 2 = 〈wk , wk 〉 − 2

N

αi 〈wi , wi 〉 +

N

αi αj 〈wi , wj 〉

(12)

i,j =1

i=1

where SV denotes the index set of the support vectors and .wk in formula (12) of .R 2 is any object that satisfies .wk ∈ SV ρB ∗ , ρA∗ + ρB ∗ = 1; .nU ∼ CN (0, N0 ) is AWGN. Here, U assumes that .xB is interference and decodes .xA . Subsequently, in order to decode .xB , U applies SIC to eliminate the previously decoded .xA [3]. Accordingly, the expressions to represent the received signal-to-interference-plus-noise ratios (SINRs) for .xA and .xB detection at U are written as: γAU∗ =

.

γA∗ U |gA∗ U |2 ,. γB ∗ U |gB ∗ U |2 + 1

γBU∗ = γB ∗ U |gB ∗ U |2 , where .γ0 = NP0 , .γA∗ U = ρLA∗∗γ0 , and .γB ∗ U = A U signal received at E is as follows:  yE =

.

ρA∗ P gA∗ E xA + dAσ ∗ E



ρB ∗ γ0 LB ∗ U .

(10) (11)

Similarly, the expression of

ρB ∗ P gB ∗ E xB + nE , dBσ ∗ E

(12)

where .nE ∼ CN (0, NE ) is AWGN at E. We suppose E also applies SIC, similarly, the SINR to detect .xA and .xB at E is given by

136

A.-N. Nguyen et al.

γAE∗ =

.

γA∗ E |gA∗ E |2 ,. γB ∗ E |gB ∗ E |2 + 1

γBE∗ = γB ∗ E |gB ∗ E |2 ,

(13) (14)

PE , .γA∗ E = ρdAσ∗ γE and .γB ∗ E = ρdBσ∗ γE . where .γE = N E A∗ E B∗E • In the third phase, the offloaded tasks is calculated by MEC located at U during comp .t . The duration required to accomplish the computing processes for the U number of task bits at U is as follows:   off off CA∗ + CB ∗ ς comp .t = , (15) U fUMEC

where .ς is the number of CPU cycles needed to complete the calculation for a single input bit and .fUMEC is the MEC operating frequency at U . • In the fourth phase, U return the processed results to .ψ ∗ during .t res . Following off comp [6], .t para and .t res , are assumed very small compared to .tψ ∗ , and .tU , thus they are neglected.

2.3 Time offloading and secrecy capacity The instantaneous channel capacity of legitimate .ψ ∗ → U links is as the following:   CψU∗ = W log2 1 + γψU∗ ,

.

(16)

where W is the bandwidth. Thus, the offloading duration from .ψ ∗ to U is formulated by: off

off

tψ ∗ =

.

Cψ ∗

Cψ ∗

.

(17)

The instantaneous secrecy capacity of wireless communication from .ψ ∗ to U in the presence of a passive eavesdropper is defined as follows [16]:  + CψS ∗ = CψU∗ − CψE∗  ⎧ U ⎨W log 1+γψ ∗ , γ U > γ E 2 1+γ E ψ∗ ψ∗ = , ψ∗ ⎩ 0, γψU∗ ≤ γψE∗

.

  where .CψE∗ = W log2 1 + γψE∗ is the illegal channel capacity.

(18)

UAV NOMA-MEC in IoT: Security offloading and Optimization

137

3 Performance Analysis 3.1 Secrecy successful computation probability (SSCP) In this subsection, we presents the secrecy and offloading performance of the system under consideration in terms of SSCP [17], denoted by .S. The .S is defined as the probability that all offloading tasks are completed within the maximum permissible system latency .Tth and the corresponding secrecy capacity is greater than a predefined data rate threshold .Rth . Thus, the .S of the entire system is calculated as follows:   off off s s .S = Pr t ∗ ≤ Tth , t ∗ ≤ Tth , CA∗ ≥ RA∗ , CB ∗ ≥ RB ∗ , (19) A B comp

where .Tth = T − tU

off

, .Rψ ∗ =

Cψ ∗ Tth

[1].

Theorem 1 The closed-form expression for the SSCP of the entire system for UAVaided NOMA-MEC under quasi-static Rayleich fading is as follows: S=

.

M  N    N (−1)u+1 (−1)k+1 u M

u

u=1 k=1

−

k



(k,u)

e−Ξ1

(k,u)

λB ∗ U

(k,u)

(k)

Δ1 −Ξ2

Ξ1

−

e−Ξ3

(k)

Δ1 −Ξ4

(k,u)

Ξ3

Q  O

 k u    π 2 ke−Δ1 −1 −1 1 − ζq 2 1 − ζo 2 ωo λA∗ U ωq λB ∗ U 4OQλA∗ U λB ∗ E q=1 o=1

(δq )

×

e−Δ2

(δo ,δq ) −Δ5

(δo ,δq )

 1−e

(δq ) (δo ,δq ) −Δ3 Δ4



⎤ ⎦,

Δ4

(20) off C ∗ A Tth W

off C ∗ B Tth W

RA∗

RB ∗

− 1, .φB ∗ = 2 − 1, .θA∗ = 2 W , .θB ∗ = 2 W , .Δ1 = γφB∗∗ B U (δ ) (δ ) (δ ,δ ) (δ ,δ ) (k,u) (k) (k,u) (k) and .Ξ1 , .Ξ2 , .Ξ3 , .Ξ4 , .Δ2 q , .Δ3 q , .Δ4 o q , and .Δ5 o q are defined as follows:

where .φA∗ = 2

(k,u)

=

(k)

=

Ξ1

.

Ξ2

(k,u)

Ξ3

(k)

Ξ4

kφA∗ γB ∗ U u + ,. λA∗ U γA∗ U λB ∗ U

kφA∗ ,. λA∗ U γA∗ U γB ∗ U (k,u) = + Ξ1 , . λB ∗ E θB ∗ γA∗ E =

1 − θB ∗ (k) + Ξ2 , λB ∗ E θB ∗ γA∗ E

(21) (22) (23) (24)

138

A.-N. Nguyen et al.

(δq )

Δ2

.

  φA∗ γB ∗ U δq + 1 = ,. γA∗ U

(25)

γB ∗ U δq + 1 − θB ∗ (δ ) ,. Δ3 q = θB ∗ γB ∗ E  γA∗ U δo 1 γB ∗ E (δ ,δ ) Δ4 o q = + ,. + 1 − θA∗ γ B ∗ U δq + 1 λA∗ E θA∗ γA∗ E λB ∗ E  γA∗ U δo 1 (δ ,δ ) , + 1 − θA∗ Δ5 o q = γ B ∗ U δq + 1 λA∗ E ϕA∗ γA∗ E

(26) (27) (28)

(δq )     −Δ π(2q−1) (ζo +1)e 2 where .ζo = cos π(2o−1) , .ωo = , .ζq = cos , .ωq = 2O 2 2Q −Δ (ζq +1)e 1 with O and Q are the complexity versus accuracy trade-off coefficient, 2   .δq = − ln ωq , .δo = − ln (ωo ).

Proof See Appendix A.

3.2 Optimization: problem formulation and solution To enhance system performance, we focus on enhancing the secrecy and successful computation performance of the entire  system by determining the optimal location and altitude of UAV, denoted by . xU∗ , yU∗ , h∗U . In order to accomplish this, we formulate the SSCP maximization problem and solve it using a PSO-based algorithm. SSCP maximization problem: (P1):

.

maximize xU ,yU ,hU

S

subject to 0 ≤ xU ≤ xUmax.

(29a)

0 ≤ yU ≤ yUmax.

(29b)

30 ≤ hU ≤

(29c)

hmax U ,

where constraints (29a) and (29b) represent conditions on the UAV’s projected location on the ground, constraint (29c) imposes conditions on the altitude of the UAV. To solve the problem (29) with multiple constraints, we propose the PSO algorithm [2], a stochastic, population-based algorithm modeled on SI that can tackle complex optimization problems. Algorithm 1 presents the overall SSCP maximization based on PSO (SSCPMax-PSO) algorithm used for our proposed system model. The algorithm begins by randomly initializing particles .i = [1, N ]. Each particle i has a current position .Xi = (xU , yU , hU ), a current velocity .Vi , a

UAV NOMA-MEC in IoT: Security offloading and Optimization

139

personal best position .Xi∗ that corresponds to the position where the particle had the highest value of the SSCP objective function (for the maximization problem), and a global best position .Gb that corresponds to the best position among all personal best positions. SSCPMax-PSO’s main loop is iterated .I times to find the particle with the best .Xi∗ and .Gb . Each particle’s velocity .Vi , position .Xi , and optimal values .Xi∗ and .Gb are updated during each iteration. Algorithm 1 SSCPMax-PSO Require: N , I , S , 𝜛 , χ, ϵ1 , ϵ2 , and constraint conditions Ensure: xU∗ , yU∗ , h∗U 1: function SSCP_MAX 2: Set parameters of PSO: N ; I ; 𝜛 ; χ; ϵ1 ; ϵ2 ; 3: Initialize global best: Gb = ∞; Initialize population members: 4: for i = 1 : N do 5: Generate random solution: Xi (xU , yU , hU ); 6: Initialize velocity: Vi = 0; 7: Evaluation of particle i: Ci = 1 − S (Xi ); 8: Update the personal best: Xi∗ = Xi ; Ci∗ = Ci ; Update global best: 9: if Ci∗ < Gb then Gb = Ci∗ ; 10: 11: end if 12: end for Main loop of SSCP-PSO algorithm Array to hold best cost value in each iteration: B =zeros(I , 1); 13: 14: for j = 1 : I do 15: for i = 1 : N do  ∗  − Xi−1 16: Update velocity: Vi = χ Vi−1 + ϵ1 r1 Xi−1   .+ϵ2 r2 XGb ,i−1 − Xi−1 ; 17: Update position: Xi = Xi−1 + Vi ; 18: Evaluation of particle i: Ci = 1 − S (Xi ); Update personal best: 19: if Ci < Ci∗ then Xi∗ = Xi ; 20: Ci∗ = Ci ; 21: Update global best (find xU∗ , yU∗ and h∗U of UAV): 22: if Ci∗ < Gb then Gb = Ci∗ ; 23: 24: end if 25: end if 26: end for 27: Store the best cost value: B(j ) = Gb 28: end for 29: return B; 30: end function

140

A.-N. Nguyen et al.

4 Numerical result This section provided the numerical results that were utilized to verify the analytical expression of the SSCP described in Section 3 for the UAV-aided NOMA-MEC in IoT network. Specifically, we consider the following system parameters in all simulations, shown in Table 1 [2, 14]. The impact of the average SNR .γ0 and the number of ED clusters on the SSCP of the entire system is depicted in Fig. 3. We can observe that the Monte Carlo simulation and our analysis have a powerful match, confirming the accuracy of our proposed model. Moreover, when the number of devices in the two clusters is increased, SSCP also increases. This is due to the fact that as the number of devices grows, the UAV has more options to select the best ED in two clusters. Furthermore, increasing the transmit power of the device improves the system’s security offload performance. Because, as the transmit power increases, the device has more power to communicate with the UAV. Fig. 4 depicts of the altitude of UAV, .hU and the number of ED clusters, .N, M on the SSCP of the entire system. we can also see that there will be an altitude of the UAV to maximize performance; this can explain why, when the altitude of the Table 1 Simulation parameter. Parameter

Value

Parameter

Value

.(xA , yA )

.(40, 0)

.A

.0.1581

.B

.9.6177

.OLoS

1 20 8 .3.10 7 .10 8 .10

.(xB , yB ) .(xE , yE ) .xU .yU .hU

L .O

=Q

(m) .(0, 40) (m) .(75, 75) (m) .(0, 50) (m) .(0, 50) (m) .(20, 100) (m) 4 .10 2

.10

.ON LoS

c .fc

MEC

.fU

2

.10

.ς

Fig. 3 Impact of average transmit SNR, .(γ0 ) on SSCP of the entire system with different number of ED in two clusters.

Parameter P T .ρ .σ W .βA = βB

Value .(0, 20)

.I

(s) .0.75 2 8 .10 0.5 2 .10

.N

100

(dB)

.0.5

SSCP

0.9

0.8

0.7

0.6 0

5

10

15

20

UAV NOMA-MEC in IoT: Security offloading and Optimization Fig. 4 Impact of altitude of UAV, .(hU ) on SSCP of the entire system with different number of ED in two clusters.

141

0.9

SSCP

Optimal point 0.8

0.7

0.6 20

30

40

50

60

70

80

90

100

Fig. 5 Impact of the location of UAV, .(xU , yU ) on SSCP of the entire system.

UAV is low, the probability of encountering NLoS is greater than the probability of encountering LoS due to urban obstacles. The increased UAV altitude improves performance because the probability of confronting an LoS between the UAV and the ED is greater than the probability of encountering an NLoS. Nonetheless, the greater the altitude, the greater the communication distance between the UAV and the ED, which increases the pass loss of the UAV-ED links and consequently decreases the performance. So there will be an altitude that maximizes the efficacy of secrecy offloading. In addition to the problem of the UAV’s altitude, we must also consider the UAV’s location so that the communication between it and the ED is better. As shown in Fig. 5, this is the 3D result depicting the SSCP value domain as a result of the simultaneous effects of .xU and .yU . We have observed that there exists an .xU∗ and ∗ .y U position that optimizes the performance of the system. This is understandable; the UAV will select the optimal location to communicate with the ED of the two clusters. This is regarded as an outstanding characteristic of UAV

142

A.-N. Nguyen et al.

Fig. 6 Impact of the location and altitude of UAV, ∗ ∗ ∗ .(xU , yU , hU ) on SSCP of the entire system.

1

SSCP

0.9

0.8

0.7

0.6 0

5

10

15

20

Fig. 6 depicts the impact of the location and altitude of UAV, .(xU∗ , yU∗ , h∗U ) on SSCP of the entire system. In this result, we replace the optimal values found from solving the proposed optimization problem above (Algorithm 1). We compare SSCP.(xU∗ , yU∗ , h∗U ) with SSCPs with fixed .(xU , yU , hU ) values. The results show that with the application of SSCPMax-PSO algorithm to give the optimal values, the secret offload performance is the best compared to our self-fixing for the UAV.

5 Conclusion In this paper, we investigated the secrecy offloading performance of an UAV-aided NOMA-MEC in IoT over Rayleigh fading channel. We propose a fourth-phase system operating protocol based on UAV-ED selection, focusing NOMA-MEC techniques to increase the secrecy offloading performance. To assess the system performance, we obtain closed-form expressions of SSCP of the entire system. In addition, we proposed an PSO based algorithm to determine the location and altitude of a UAV to maximize the SSCP. Numerical results are presented to validate the proposed system’s secrecy offloading performance.

A Proof of Theorem 1 By substituting (3), (10), (11), (13), (14), (15), (16), (17), (18) into (19), we can rewrite the .S of system as  (Y ) (Y ) S = Pr X > Δ2 , Y > Δ1 , P < Δ3 ,   γB ∗ E P + 1 γA∗ U X + 1 − θA∗ , Z< γB ∗ U Y + 1 θA∗ γA∗ E

.

UAV NOMA-MEC in IoT: Security offloading and Optimization (Y )



∞ ∞ Δ 3 =

FZ Δ1 Δ(Y ) 2

0

γA∗ U X + 1 − θA∗ γB ∗ U Y + 1



143

γB ∗ E P + 1 θA∗ γA∗ E



× fP (P ) fX (X) fY (Y ) dP dXdY, (30)

where .X = |gA∗ U |2 , .Y = |gB ∗ U |2 , .Z = |gA∗ E |2 , .P = |gB ∗ E |2 , .Δ1 = γφB∗∗ , B U φA∗ (γB ∗ U Y +1) γB ∗ U Y +1−θB ∗ (Y ) (Y ) .Δ = , .Δ = . There are three integrals here, so we 2 3 γA∗ U θB ∗ γB ∗ E do the integration one by one. First, we solve the 1st integral, denoted by .I1 . By combining the CDF in (4) and the PDF in (5) into .I1 , we can rewrite as follow: (Y )  

Δ3

I1 =

1−e

.

⎛

0

=

1 λB ∗ E

⎜ ⎜ ⎝



−



γA∗ U X γB ∗ U Y +1 +1−θA∗



(

(X,Y )

γA∗ U X γB ∗ U Y +1

the Eq.

=

+ 1 − θA∗

(.3.351.18 )

 

(Y )

Δ3

e

1



(Y )

Δ3

− λP

(X,Y )

Q

dP − e−Δ5

(X,Y )

e−Δ4

P

e

P B∗E

−λ

dP

⎞

⎟ dP ⎟ ⎠,

(31)

0

γA∗ U X γB ∗ U Y +1

+ 1 − θA∗

1 λA∗ E θA∗ γA∗ E .



γB ∗ E λA∗ E θA∗ γA∗ E

+

1 λB ∗ E

(X,Y )

and .Δ5

=

The integrals in (31) are solved by applying

in [18] shown in (32).

I1 = 1 − e

.



λB ∗ E

0

where .Δ4 

)

γB ∗ E P +1 λA∗ E θA∗ γA∗ E

(Y ) Δ3 B∗E

−λ

(X,Y )

−

e−Δ5

(X,Y )

λ B ∗ E Δ4



(Y )

1 − e−Δ3

(X,Y )

Δ4

 (32)

.

Next, we substitute .I1 in (32) and the PDF in (8) into the 2nd integral, denoted by .I2 , which can be expressed as follows: ⎡ ⎢ ⎢ ∞ (Y ) ∞ N  Δ k+1 ⎢   − λ kX − λ 3∗ − λ kX N (−1) k ⎢ ∗ A U B E A∗ U dX .I2 = e dX − e ⎢ k λA∗ U ⎢ k=1 ⎢ (Y ) (Y ) Δ2 ⎣Δ2 &' ( % I21

∞ −

(X,Y )

e

−Δ5

− λ kX ∗

A U

(X,Y )

(Y ) Δ2

%

λ B ∗ E Δ4

⎤

⎥ ⎥ ⎥   (Y ) (X,Y ) ⎥ −Δ3 Δ4 1−e dX ⎥ , ⎥ ⎥ ⎦ &' ( I22

(33)

144

A.-N. Nguyen et al.

From (33), for .I21 , we solve the integrals by Eq. (.3.351.111 ) in [18], shown in (34). For .I22 , let .v = e−X and .X = − ln (v), then .I22 solved by applying the Gaussian-Chebyshev quadrature method [19], shown in (34). ∞ I21 =

e

.

∞

− λ kX ∗

A U

dX −

(Y )

e

(Y ) Δ3 B∗E

−λ

− λ kX ∗

A U

dX

(Y )

Δ2

Δ2

(Y )

(Y )

(Y )

2 2 λA∗ U − λΔ3∗ − kΔ λA∗ U − kΔ e λA∗ U − e B E λA∗ U , . = k k (Y ) −Δ2

e

I22 =

−1 −Δ(− ln(v),Y ) 5

e

(− ln(v),Y )

0

=

k

v λX

λ B ∗ E Δ4

(34)

  (Y ) (− ln(v),Y ) 1 − e−Δ3 Δ4 dv

k (δo ,Y ) (Y ) O

−1   (Y ) (δ ,Y ) ωo λX e−Δ5 π e−Δ2  −Δ3 Δ4 o 1 − ζo 2 1 − e , (δ ,Y ) 2O λB ∗ E Δ o

o=1

(35)

4

(Y )   −Δ (ζo +1)e 2 , .ωo = , .δo = − ln (ωo ), and O is the where .ζo = cos π (2o−1) 2O 2 complexity versus accuracy trade-off coefficient. Combining (34) and (35), .I2 is rewritten as

I2 =

.

N   N k=1

k

 (−1)

k+1

e

(Y ) kΔ2 A∗ U

−λ

−e

(Y ) Δ3 B∗E

−λ

(Y ) kΔ2 A∗ U

−λ

⎤ k (δo ,Y ) (Y ) O

  λA∗ U −1 −Δ5  (Y ) (δo ,Y ) ω e π ke−Δ2 o ⎦. − 1 − ζo 2 1 − e−Δ3 Δ4 (δ ,Y ) 2OλA∗ U λB ∗ E Δ o o=1

(36)

4

Finally, we combine .I2 in (36) and the PDF in (8) into the last integral in (30), then .S is expressed as: S=

.

N  M   M (−1)u+1 u  N u=1

⎡

u

λB ∗ U

k=1

k

(−1)k+1

⎢ ⎢ ∞ ∞ ⎢ −Ξ (k) (k,u) (k) (k,u) πk −Ξ1 Y −Ξ4 ⎢ 2 × ⎢e e dY − e e−Ξ3 Y dY − 2OλA∗ U λB ∗ E ⎢ Δ1 Δ1 ⎣ % &' ( I31

UAV NOMA-MEC in IoT: Security offloading and Optimization

145

⎤

×

O



∞ 1 − ζo 2

o=1

k

e

(Y ) −Δ2

ωo λA∗ U

(δ ,Y )

−1 −Δ5 o

e

− λ uY∗

B U

(δ ,Y )

Δ4 o

Δ1

%



1−e

(Y ) (δ ,Y ) −Δ3 Δ4 o

&'



⎥ ⎥ ⎥ dY ⎥ ⎥, ⎥ ⎦ (

I32

(37) (k,u)

where .Ξ1 (k)

kφA∗ γB ∗ U γ ∗ (k) (k,u) (k,u) kφA∗ u = λ ∗ θB ∗Uγ ∗ +Ξ1 , λA∗ U γA∗ U + λB ∗ U , .Ξ2 = λA∗ U γA∗ U , .Ξ3 B E B A E (k) 1−θB ∗ λB ∗ E θB ∗ γA∗ E + Ξ2 . Similar to the integral solution of .I2 . .I31 and .I32

=

and .Ξ4 = are expressed as follows: I31 =

.

I32

e−Ξ1 Δ1 −Ξ2 e−Ξ3 Δ1 −Ξ4 − ,. Ξ1 Ξ3

(38)

Q  O

 π 2 ke−Δ1 2 = 1 − ζq 1 − ζo 2 4OQλA∗ U λB ∗ E q=1 o=1

× ωo

k λA∗ U

−1

ωq

u λB ∗ U

(δq ) (δo ,δq ) −Δ3 Δ4 −1 −Δ(δq ) −Δ(δo ,δq ) 1 − e 5 e 2 , (δ ,δ ) Δ4 o q

(39)

    ζ +1 e−Δ1 where .ζq = cos π(2q−1) , .ωq = ( q 2) , and .δq = − ln ωq with Q is the 2Q complexity versus accuracy trade-off coefficient. By substituting (38) and (39) into (37), the closed-form expression for the SSCP of the entire system is obtained as given in Theorem 1.

References 1. B. Li, W. Wu, W. Zhao, and H. Zhang, “Security enhancement with a hybrid cooperative NOMA scheme for MEC system,” IEEE Trans. Veh. Technol., vol. 70, no. 3, pp. 2635–2648, Mar. 2021. 2. A.-N. Nguyen, D.-B. Ha, V. N. Vo, V.-T. Truong, D.-T. Do, and C. So-In, “Performance analysis and optimization for iot mobile edge computing networks with RF energy harvesting and UAV relaying,” IEEE Access, vol. 10, pp. 21 526–21 540, Feb. 2022. 3. A.-N. Nguyen, V. N. Vo, C. So-In, and D.-B. Ha, “System performance analysis for an energy harvesting iot system using a DF/AF UAV-enabled relay with downlink NOMA under nakagami-m fading,” Sensors, vol. 21, no. 1, Jan. 2021. 4. Y. Xu, T. Zhang, J. Loo, D. Yang, and L. Xiao, “Completion time minimization for UAVassisted mobile-edge computing systems,” IEEE Trans. Veh. Technol., vol. 70, no. 11, pp. 12 253–12 259, Nov. 2021. 5. Z. Ding, P. Fan, and H. V. Poor, “Impact of non-orthogonal multiple access on the offloading of mobile edge computing,” IEEE Trans. Commun., vol. 67, no. 1, pp. 375–390, Jan. 2019.

146

A.-N. Nguyen et al.

6. V.-T. Truong, V. N. Vo, D.-B. Ha, and C. So-In, “On the system performance of mobile edge computing in an uplink NOMA WSN with a multiantenna access point over nakagami-m fading,” IEEE/CAA J. Autom. Sinica, vol. 9, no. 4, pp. 668–685, Apr. 2022. 7. Y. Guo, C. You, C. Yin, and R. Zhang, “UAV trajectory and communication co-design: Flexible path discretization and path compression,” IEEE J. Sel. Areas Commun., vol. 39, no. 11, pp. 3506–3523, Nov. 2021. 8. D. Liu, Y. Xu, J. Wang, J. Chen, K. Yao, Q. Wu, and A. Anpalagan, “Opportunistic UAV utilization in wireless networks: Motivations, applications, and challenges,” IEEE Commun. Mag., vol. 58, no. 5, pp. 62–68, May 2020. 9. H. Peng and X. Shen, “Multi-agent reinforcement learning based resource management in MEC- and UAV-assisted vehicular networks,” IEEE J. Sel. Areas Commun., vol. 39, no. 1, pp. 131–141, Jan. 2021. 10. A.-N. Nguyen, V. N. Vo, C. So-In, D.-B. Ha, and V.-T. Truong, “Performance analysis in UAVenabled relay with NOMA under nakagami-m fading considering adaptive power splitting,” in Proc. Int. Joint Conf. Comput Sci. Software Eng., Jul. 2021, pp. 1–6. 11. X. Zhou, M. R. McKay, B. Maham, and A. Hjørungnes, “Rethinking the secrecy outage formulation: A secure transmission design perspective,” IEEE Commun. Lett., vol. 15, no. 3, pp. 302–304, Mar. 2011. 12. S. Han, X. Xu, S. Fang, Y. Sun, Y. Cao, X. Tao, and P. Zhang, “Energy efficient secure computation offloading in noma-based mmtc networks for iot,” IEEE Internet Things J., vol. 6, no. 3, pp. 5674–5690, Jun. 2019. 13. W. Wu, F. Zhou, R. Q. Hu, and B. Wang, “Energy-efficient resource allocation for secure nomaenabled mobile edge computing networks,” IEEE Trans. Commun., vol. 68, no. 1, pp. 493–505, Jan. 2020. 14. A.-N. Nguyen, D.-B. Ha, V.-T. Truong, C. So-In, P. Aimtongkham, C. Sakunrasrisuay, and C. Punriboon, “On secrecy analysis of uav-enabled relaying noma systems with rf energy harvesting,” in Proc. Industrial Networks and Intelligent Systems, Jun. 2022, pp. 267–281. 15. M. Monemi, H. Tabassum, and R. Zahedi, “On the performance of non-orthogonal multiple access (noma): Terrestrial vs. aerial networks,” in Proc. IEEE Eighth Int. Conf. Communi. Netw. (ComNet), Oct. 2020, pp. 1–8. 16. A.-N. Nguyen, V. Nhan Vo, C. So-In, D.-B. Ha, S. Sanguanpong, and Z. A. Baig, “On secure wireless sensor networks with cooperative energy harvesting relaying,” IEEE Access, vol. 7, pp. 139 212–139 225, Sep. 2019. 17. V.-T. Truong and D.-B. Ha, “A novel secrecy offloading in NOMA heterogeneous mobile edge computing network,” in Proc. Advanced Engineering – Theory and Applications, Dec. 2022, pp. 468–477. 18. I. Gradshteyn and I. Ryzhik, Table of Integrals, Series, and Products, A. Jeffrey and D. Zwillinger, Eds. USA: Academic Press, 2014. 19. K. L. Judd, “Quadrature methods presented at university of chicago’s initiative for computational economics,” 2012.

Author Index

A Acheampong, F.A, 114 Alamr, A., 86 Ambekar, O., 117 Andersen, B., 35–43, 63–80 Anstine, D.M., 117

B Balapuwaduge, I.A.M., 3–15 Banerjee, A., 117 Beniwal, H., 83–107 Bui, N.-A., 131–145

C Campoverde-Fordon, M., 35–43 Chen, H., 114 Chen, Z., 86 Choi, W., 74 Cook, A.A., 86

D Dash, S.P., 3–15 Deng, X., 117 Duan, Z., 117 Duin, R.P.W., 117, 118, 120 Dunkels, A., 22

F Farooq, U., 88 Fernandes, E., 86, 88

G Gardiyawasam Pussewalage, H.S., 3–15 Ghose, D., 3–15 Goldberger, A.L., 122

H Hasan, M., 90 Heuchenne, C., 111–128

I Ibibo, J.T., 17–32, 45–57 Isayev, O., 117

J Japheth, B.R., 17–32

K Kan, C., 112 Kingma, D., 115 Koehl, L., 83–107

L Lang, M., 112 Lee, S.-I., 89 Le, P.-C., 131–145 Liu, J., 74 Lundberg, S.M., 89

© European Alliance for Innovation 2024 K. P. Tran et al. (eds.), The Seventh International Conference on Safety and Security with IoT, EAI/Springer Innovations in Communication and Computing, https://doi.org/10.1007/978-3-031-53028-9

147

148

Author Index

M Mahmood, A., 114 Montoya, M., 5

Siva Kumar, A., 86 Smola, A., 118 Suman, G., 112

N Nassif, A.B., 112 Ngo, T.-S., 131–145 Nguyen, A.-N., 131–145 Nguyen, G.-H., 131–145 Nguyen, T.T.V., 111–128

T Tax, D.M.J., 117, 118, 120 Tran, K.D., 83–107, 111–128 Tran, K.P., 83–107, 111–128 Truong, H.T., 125 Tuli, S., 86

O Oliveira, R., 36

P Park, H., 5 Pauwels, E.J., 117 Prajapati, D., 112 Prasad, N.R., 63–80

R Raza, A., 83–107, 112, 117, 119, 120, 122, 124, 125, 127 Ribeiro, M.T., 89 Rubin-Grøn, D.K., 63–80

S Saghir, A., 83–107 Singh, S., 114

V Vapnik, V.N., 118 Vaswani, A., 86, 113–115

W Wolf, T., 114

Y Yadav, D., 86 Yang, X., 36

Z Zeng, F., 86 Zeng, X., 83–107 Zhang, H., 86 Zhang, Z., 117 Zhou, H., 112

Subject Index

A Anomaly detection (AD), 83–107, 111–128 Autoencoder, 85, 88, 106, 112, 115, 125 Autonomous vehicles (AVs), 63–80 B Bibliometric analysis, 45–57 Bitflipping, 36, 40, 42 C Connected cars, 68 Contiki OS, 17–32 Control chart, 112, 113, 119–121, 126, 127 Critical IoT, 22, 31, 35–43, 87 Cybersecurity, 65, 67, 71, 72, 78–80, 112 D DevEUI catching, 39, 42

E Eavesdropping, 5, 38–40, 42, 45, 47, 54, 74, 75, 132, 133, 136 Embedded artificial intelligence, 106, 113, 127 Energy efficiency, 19–21, 23, 28, 30, 56, 132 Explainable Artificial Intelligence (XAI), 85, 88–90, 107, 127

F Federated learning, 125–128 5G, 40, 68, 69, 75–80

G Gradient SHAP, 90

H Hierarchical routing, 18–21, 28, 32

I IMSI catching, 36, 41–42 Internet of Things (IoTs), 3–15, 17–32, 35–43, 45–57, 63–80, 83–107, 125, 131–145 IoT networking, 18, 23, 28–30, 32 IoT security, 31, 47, 49, 85, 86, 88–90, 103–106

J Jamming, 36, 39, 42, 71, 74–76

L Lightweight secure communication, 15 LoRaWAN, 4, 35–43 Low-Power Wide Area Network (LPWAN), 4, 35, 36, 40, 43

M Massive IoT, 35–43 Mobile-edge computing (MEC), 131–145 Multivariate exponentially weighted moving average (MEWMA), 112, 117–118, 121, 123

© European Alliance for Innovation 2024 K. P. Tran et al. (eds.), The Seventh International Conference on Safety and Security with IoT, EAI/Springer Innovations in Communication and Computing, https://doi.org/10.1007/978-3-031-53028-9

149

150 N Narrow-Band Internet of Things (NB-IoT), 35–43 Network vulnerabilities, 47, 48, 71–72 Nonorthogonal multiple access (NOMA), 131–145

P Physical layer security (PLS), 132

R Replay attack, 36, 39–40, 42, 74 RPL protocol, 17–32, 45–57

S Security analysis, 10–15 Security attacks, 45–57 Sensor networks, 14 SIM swapping, 41–43

Subject Index Soft Downgrade attack, 41–43 Support vector data description (SVDD), 117–118, 120, 121

T Transformer, 83–107, 111–128

U Unmanned aerial vehicles (UAV), 131–145

V Variational autoencoder (VAE), 86, 112–117, 119, 121, 123, 126, 127 Vehicle-to-everything (V2X), 68–71, 75, 77, 78, 80

W Wake-up radios (WuR), 3–15 Wireless infrastructure, 63–80