Vulnerabilities of Internet of Things, for Healthcare Devices and Applications Vulnerabilities of Internet of Things, for Healthcare Devices and Applications Kyriaki Tsantikidou SCYTALE Group, Compute[.]
Trang 1Vulnerabilities of Internet of Things, for Healthcare Devices and Applications Kyriaki Tsantikidou
SCYTALE Group, Computer Engineering and Informatics Department (CEID)
University of Patras, Hellas
k.tsantidikidou@upatras.gr
Nicolas Sklavos
SCYTALE Group Computer Engineering and Informatics Department (CEID)
University of Patras, Hellas
nsklavos@upatras.gr
Abstract—As the Internet of Things (IoT) is progressively
integrated into people's life, the security aspect of Healthcare
applications is drastically becoming a major concern for the
research community The IoT technology comes with many
vulnerabilities, which can threaten the personal and public
safety Many new technologies are being introduced as solutions
to IoT issues Three of the most promising are Machine learning,
Deep Learning and Blockchain However, these solutions are
not impeccable In this paper, various IoT-based hardware
implementations for security in Healthcare applications are
demonstrated Afterwards, the major vulnerabilities as well as
threats and few common attacks of the utilized IoT components
in Healthcare are discussed; that includes, the challenges and
usual attack methods of the mentioned three security techniques
(Machine learning, Deep Learning and Blockchain) Finally,
efficient and flexible solutions for Healthcare, are presented
Keywords—IoT, Vulnerabilities, Healthcare, Hardware
Implementations, Machine Learning (ML), Deep Learning (DL)
I INTRODUCTION
The Internet of Things (IoT) is a promising technology
that mainly consists of a plethora of computationally
constrained devices that are interconnected to each other and
further connected to the Internet IoT can have profound
effects in smart applications and thus in humans' daily routine
and well-being Specifically, it can integrate the Internet and
digital world with the physical one [1], hence offering new
services and possibilities Many domains, such as smart cities,
smart homes, agriculture, environmental monitoring, etc., are
adopting IoT-based technologies Healthcare is also one of the
main domains that employs the IoT technology, deeming it
easily accessible, user-friendly and expanding its capabilities
However, as more heterogeneous devices are introduced
into the interconnected network of IoT and the application
requirements are increasing, the scale of security problems is
expanding and the maintenance of the main security concepts,
namely confidentiality, availability and integrity, is becoming
a major concern The continuously evolving IoT technology
presents new vulnerabilities that can be exploited by attackers
and the existing security policies are inadequate to prevent [2]
These drawbacks can be devastating for e-healthcare
applications First, the collected data are private and must be
protected because of ethical and legal implications Moreover,
a malfunction, such as Denial of Service (DoS), caused by an
attack can negatively affect the users and possibly threaten
their lives Conclusively, the implementation of IoT in
Healthcare must be carefully examined
New security methods, with possibly fewer
vulnerabilities, are being investigated for IoT-based
healthcare applications Two of them are Machine Learning
(ML) and Deep Learning (DL), whose advances have increased the systems’ intelligent In recent years, ML/DL algorithms have also been applied in IoT security [3] The results have been positive and many ML/DL mechanisms have been proposed for securing one or multiple of the IoT layers Prime examples are physical-layer authentication [4], attack detection [5] and malware detection [6] Another security method, whose compatibility with IoT network is being tested, is Blockchain The anticipated results of the integration of Blockchain and IoT technologies are mechanisms for providing potential solutions to the limitations of both, as presented in [7] Furthermore, with the addition of 6G, the security as well as the bandwidth can be increased However, with new opportunities even more unexpected challenges constantly emerge providing attackers with additional vulnerabilities to explore
In the past years, many scientific papers have been concerned with the rapid utilization of IoT technology and its continuously increasing number of vulnerabilities and threats Most papers discuss the vulnerabilities, threats and attacks for each layer of IoT and for diverse IoT applications [2], [8-10] Moreover, they present solutions, guidelines and future challenges for IoT security Nevertheless, studies that present hardware implementations of existing or novel security methods, such as [11], are few
In this paper, a number of hardware implementations of IoT-based Healthcare security applications are discussed, including Machine learning- and Deep learning-based architectures and Blockchain integration designs After their further inspection, the primary security vulnerabilities of IoT technology in smart Healthcare are presented in detail Some efficient and flexible approaches for securing IoT systems are introduced Essentially, the contributions of this work are:
• This work presents a variety of IoT-based hardware implementations by related papers that are utilized for securing Healthcare systems or have great potential of being applied as secure mechanisms in this domain
• It assembles and analyses the most well-known, to the best of our knowledge, vulnerabilities of the major IoT components, viz hardware, software and network, and lists some of their succeeding attacks
• The research includes additional information about the main challenges of three promising techniques for IoT security (Machine learning, Deep learning and Blockchain technology)
• Finally, exemplary solutions for appropriately securing IoT-based Healthcare systems are displayed
Trang 2II HARDWARE IMPLEMENTATIONS
A IoT-based Healthcare security architectures
In this section, a variety of IoT-based hardware
implementations for security, which can be utilized in
Healthcare applications are presented First, exclusively smart
health architectures are analysed Afterwards, more general
implementations, such as Wireless Sensor Networks (WSNs)
security mechanisms, ML/DL and Blockchain designs, etc.,
are demonstrated These designs are employed for securing
various features and IoT components Nevertheless, all these
IoT elements are also being utilized in Healthcare systems,
hence the discussed ideas and techniques are beneficial
E-health implementations: E-health applications in IoT
technology improve quality of life, monitor and record vital
functionalities and contribute to the recognition and
prevention of serious medical emergencies A general
architecture for an IoT-based healthcare system is depicted in
Fig 1 In [12] a reliable healthcare IoT system for monitoring
diabetic patients, storing the appropriate data and controlling
an insulin pump is designed The implementation utilizes the
IoT-cloud, an Alaris 8100 infusion pump and the Keil
LPC-1768 board with embedded Ethernet port and Cortex-M3
micro-controller The experimental results prove that the
proposed implementation is reliable, secure, authentic and
achieves a 99.3% availability probability The authors propose
the development of a more generalized reliability model as a
future research for this design In [13] the SecureData scheme
is proposed This secure data collection scheme attends to
privacy and security concerns for IoT-based healthcare The
presented security algorithm is optimized on a FPGA, but an
evaluation of the design's security and privacy has not been
displayed [14] develops a real-time authentication and
random signatures generation system It utilizes three sources
of entropy, two of which are unique for each person, namely
Electroencephalogram (EEG) and heart rate variability
(HRV), and the last one is unique for each device, namely
SRAM-based physical unclonable function (PUF) The
developed system was fabricated in a 65-nm LP CMOS
technology and is efficient for real-time authentication and
production of random secret keys Finally, [15] presents a
design framework which can assist Internet of Medical Things
(IoMT) designers to achieve a more secure implementation
The framework can provide early evaluations and remarks of
a design under Side Channel Analysis (SCA) attacks
General implementations: In [16], an FPGA-based
implementation for monitoring the embedded operating
system is presented The developed hardware-based security
design can detect any attacks which alter the original
behaviour without utilizing a maximum amount of additional
hardware resources [17] proposes a System-level Mutual
Authentication (SMA) scheme securing both hardware and
firmware from various familiar attacks Specifically, the
proposed approach enables hardware and firmware to
authenticate each other with the utilization of a unique system
ID and a firmware obfuscation methodology In [18] a library
of emerging family of lightweight elliptic curves is designed
for IoT systems It is optimized resulting in a high-speed
version and a memory-efficient version, both resilient against
timing and simple power analysis (SPA) attacks The
implementation is evaluated in an 8-bit ATmega128 and a
MSP430 processor with 16-bit multiplier
Fig 1 IoT-based Healthcare architecture (Adapted from [19])
Security implementations for WSNs: Wireless Sensor
Network (WSN) is utilized by a wide range of application areas and is being integrated into IoT [20] Therefore, it is important to study WSNs in the interest of further securing Healthcare systems In [21], an enhanced lightweight version
of Advanced Encryption Standard (AES) is proposed This Lightweight AES (LAES) replaces the MixColumns function with a bitwise permutation The algorithm is implemented in
a Virtex-7 FPGA and is simulated with Xilinx ISE tools The resulted architecture utilizes fewer resources than previous implementations and achieves higher percentages on plaintext bit flip and key bit flip Hence, the LAES is deemed more secure in terms of avalanche effect
Implementations of ML and DL security algorithms: In
[22], an online learning approach for protecting a custom many-core architecture from unexpected attacks is proposed The authors present the training process of the Trojan detection model that can perceive even unexpected attacks The average Trojan detection accuracy is 93% and requires 5.6 uS to be executed Furthermore, the architecture is implemented on Xilinx Virtex-7 FPGA with a low area overhead and latency Another FPGA-based implementation
of a deep learning algorithm for anomaly detection is introduced in [23] The proposed model is a three-layer Deep Belief Network (DBN) which is trained with the MNIST dataset and tested with two different datasets while using the FPGA The purpose of the model is the improvement of anomaly detection in network attacks Overall, the resource-efficient design has a slight decrease in accuracy but an efficient increase in detection speed compared to a C/C++ implementation Finally, [24] implements a machine learning-based Trojan detection method in SAKURA-G circuit board with Xilinx SPARTAN-6 The primary machine learning method utilized is Support Vector Machine (SVM) and the developed design produces high accuracy detection of Trojan
in the circuit
Implementations of the Blockchain concept: In [25], an
FPGA-based implementation of SHA-256, which provides security and privacy in the Blockchain architecture, is proposed The presented parameterizable SHA-256 hardware design is simulated with ModelSim RTL Simulator and implemented with Xilinx Vivado 18.2 Design Suite The results are positive with the authors proposing more future utilizations of their architecture Lastly, [26] demonstrates a blockchain architecture called PUFChain which utilizes physical unclonable functions (PUFs) and can be integrated into the IoT technology The authors also propose a consensus algorithm named Proof of PUF-Enabled Authentication (PoP)
Trang 3which combines a PUF and hashing module, provides device
and data security and reduces the computational load and
transaction time For the experimental segment, the PoP
algorithm was implemented in the Altera DE2 FPGA module
and for its evaluation, supplementary Raspberry pis were
employed as the network nodes Overall, the developed
architecture achieves appropriate speedup, resource utilization
and scalability
B Security mechanisms in other domains
Smart Home: A Smart Home consists of various
IoT-based home automation devices which can be remotely
controlled by a user The design in [27] can be a significant
example for also securing smart health applications In the
reference paper, three different detection methods for home
IoT devices are displayed The system's architecture consists
of three components, the SPIDAR home Wi-Fi router, the
SPIDAR Raspberry Pi and the SPIDAR web application The
three methods' processing time, CPU utilization and detection
accuracy of primarily Brute force password attacks,
DoS/DDoS, SQL injection, Cross-site scripting (XSS) and
Evil twin attacks are calculated through various
implementation experiments
Smart Agriculture: Smart Agriculture consists of a smart
sensors network that can assist in managing and monitoring
fields and farms The architecture presented in [28] can also
be referenced as a fine example for securing remote health
systems Specifically, [28] proposes a method for securing a
WSN for remote farm monitoring The WSN is developed
using Atmega and MSP Microcontroller and Raspberry pi
These components were selected based on their ability to
execute the designed security scheme Finally, this security
efficiency is evaluated through the resistance to attacks and
the bit number used for the symmetrical and asymmetric keys
III SECURITY VULNERABILITIES, CHALLENGES AND
SOLUTIONS
In this section, the vulnerabilities and threats in every layer
of an IoT-based Healthcare system are presented and
analysed The Healthcare architecture depicting all IoT layers
is presented in Fig 2 Following the example of paper [2], the
vulnerabilities are categorized into two sections, the
embedded vulnerabilities, namely hardware and software, and
the network vulnerabilities, as illustrated in Fig 3 Moreover,
the three most common security methods of recent years are
investigated while their challenges and common attacks are
introduced
A Embedded vulnerabilities
First, the majority of IoT applications require their devices
to execute functions autonomously or remotely in an
unattended and questionable environment [29] Therefore, the
devices can be subjected to a variety of hardware attacks, such
as reverse-engineering, side-channel attack, etc An
undisturbed attacker can also inflict physical damage or even
remove completely the device, resulting in Denial of Service
[30] Furthermore, because the IoT devices mostly implement
weak or no security algorithms for prevention of physical
tampering and even have unnecessary open ports accessible
without authentication, the attackers can obtain unauthorized
access and control of the device by extracting hardware
credentials and thereafter corrupting the entire system [8]
Finally, natural disasters that are unpredictable can cause
some physical damage to poorly designed and exposed
devices
Fig 2 IoT layers for a Healthcare system (Adapted from [19], [31])
Second, the definition of IoT states the use of mostly computational and memory constrained devices with low energy efficiency The result is a device that is defenceless to attacks because of the inability to implement heavyweight security algorithms, which are more reliable than many of the proposed lightweight solutions [32] Moreover, the device cannot execute multiple security protocols offering protection from all possible attacks in a variety of user cases that threaten the IoT technology [10] Additional hardware may be needed for a more universal security, but in many cases, such as the design of e-health IoT devices, it is not ideal [15] The mentioned constraints can also affect the implementation of secure authentication mechanisms [2], [8], [29] Finally, the limited memory and insufficient energy consumption can be exploited leading to Denial of Service because the device has been corrupted or simply shut down [9]
In addition, most corporations focus on the functionality and the implementation cost of the commercial devices rather than the security and the hardware integrity [10] This can lead
to adoption of inept programming practices, inefficient access control, improper patch management capabilities and non-existent security patches/updates [8] In some cases, the inaccessibility of the devices, because of the deployment area, can hinder the timely installation of security patches/updates and even raise the cost [33]
Fig 3 Security Vulnerabilities of IoT-based Healthcare systems
Other vulnerabilities emerge from the IoT supply chain A supply chain is described as the required steps for a product or service to be completed and delivered to the final costumer The primarily threats are hardware counterfeiting attacks that vary from simple relabelling attacks to complete reverse engineering The result is loss of revenue and reliability and
Trang 4even more damage to the system by malware injections and
hardware trojan insertions [34] Current commercialised
products are vulnerable to these attacks because of the
advances in reverse engineering and the high cost required to
design and maintain an anti-counterfeiting technique
Lastly, the heterogeneous nature of IoT systems requires a
more generic approach which is not always feasible because
of the limitations in memory and power Moreover, the lack
of authentication and enforcement of the least privilege
principle [2] can lead to security breaches because of the
inclusion of computationally weak and easily corrupted
devices that can access primary control ones This can be
extended to user unawareness of security attacks and proper
protection methods For example, a user can bestow a
wearable device to an attacker without really realizing the
possible security damage which can be caused either through
malware injection, corruption and control of the entire system
or data exposure Furthermore, an attacker can execute many
easy attacks because the user has unintentionally revealed the
security credentials, granted access to an adversary, or
downloaded a malicious code [10-11]
B Network vulnerabilities
The majority of IoT applications consist of wearable or
mobile devices that constantly connect or disconnect from a
variety of familiar or unknown and public or private networks
Hence, the devices must implement dynamic algorithms
which can sustain their proper functionality and provide total
protection from this range of networks In addition, as more
devices are invented and introduced, more malicious
presences can easily pass undetected, and more vulnerabilities
of communication protocols can emerge and be exploited
[35] Also, because of the sheer number of interconnected IoT
devices, their management and servicing to the global network
requires more complex security schemes [9], [36] However,
as already mentioned, the IoT devices have memory, power
and computational constraints which render the
implementation difficult
Moreover, wireless communication already has a variety
of unsolved challenges The unique vulnerabilities of WSNs
will also be a concern in IoT networks Many papers, such as
[36] and [37], demonstrate the necessity of studying WSNs
and present their vulnerabilities and unresolved challenges
IoT applications, like WSNs, use wired and wireless
communications, such as Wi-Fi, Bluetooth, ZigBee, Radio
Frequency Identification (RFID), 6LoWPAN and LoRaWAN
technologies, which all have notorious vulnerabilities and
threats As revealed in [38], Wi-Fi, Bluetooth, ZigBee and
RFID technologies have a major vulnerability in their
authentication protocol that the attacker can exploit and then
compromise the system [11] also touches upon the existing
threats to ZigBee, Bluetooth, 6LoWPAN and LoPaWAN and
introduces their possible attack vectors Finally, large-scale
IoT applications can utilize Fifth Generation (5G)
communication systems that add more security requirements
and manners for potential attacks, as described in [39]
Another network vulnerability relates to routing and key
management First, in [40], the vulnerabilities and potential
attacks of the routing protocol RPL are presented
Furthermore, the authors emphases the need for more research
in that field because RPL-specific attacks can have a large
impact on the IoT networks Second, the implementation of
weak key management schemes, because of the IoT device
constraints, or the utilization of common keys, which originate
from the commercial devices due to bad security practises, cannot prevent attackers, from easily extracting the communication keys with methods, such as brute force [2] Lastly, the main threat that can exploit a variety of vulnerabilities from all IoT layers and in particular the network layer is the Denial-of-Service (DoS) attack and the Distributed Denial of Service (DDoS) attack Specifically, all the previously mentioned vulnerabilities, which result in partially or totally unauthorized control of devices, can be utilized by forcing the compromised devices to send huge number of requests or messages to another crucial device or even the server The result is the unavailability of the system's services for the simple user because the huge number of requests cannot be handled or the device has run out of battery Many studies [2], [8-11], [41] have outlined the vulnerabilities which lead to DoS and DDoS attacks and the importance of designing mitigation mechanisms
C Security challenges, Machine learning and Deep learning
First and foremost, as ML and DL techniques evolve, they can be applied for both securing and exposing a system Specifically, neural networks can be used for attacking security systems that were previously hard to break [42] For example, an attacker can use a neural network to copy the mathematical contains of security functions in various systems, e.g., Physical Unclonable Functions (PUFs)
In addition, due to IoT devices' hardware limitations and ML/DL algorithms' computational complexity, a completely secure hardware implementation of these mechanisms, especially for real-time applications, is becoming increasingly hard for future researchers [31] Microprocessors and circuits that may be befitting for executing ML/DL are difficult to design, expensive and have high-energy consumption ratio
As most IoT manufacturers utilize low-cost and low-power components for their application [1], such solutions are discarded Moreover, the lack of established methods that explain the execution of DL algorithms depending on their architecture, renders problematic their understanding Therefore, the design of lightweight DL mechanisms that can
be appropriate to resource-constrained devices is deemed challenging [31]
Another vulnerability in machine learning algorithms is associated with the training data set The massive amount of heterogeneous data received by a single device requires high efforts of pre-processing for their utilization as inputs to a specific model In many cases, ML-based networks do not implement data pre-processing or cleaning methods Instead, they assume the integrity and availability of the training data [43] Furthermore, an attacker can render useless a ML security algorithm by injecting false data and incorrect labels
to the training set or by modifying the features of their attack scheme to differentiate from the training samples The result
is the decreasing of ML's accuracy and performance [31] displays the various attacks that can exploit the training data vulnerability and even expose the classifier's training parameters Thus, the training phase of the ML/DL algorithms must first be protected and secured from incorrect data injection and information extraction to provide the security benefits such a mechanism can offer
D Security challenges with Blockchain technology
Blockchain and IoT integration is applied to various sections, as demonstrated in Fig 4, and offers many benefits
Trang 5However, many issues also arise The primary challenge is
related with the resource constraints in IoT devices
Specifically, for the implementation of Blockchain, all IoT
devices of the network must be capable of executing the
resource-intensive process of reaching consensus by voting
[7] Thus, even though a decentralized architecture can be
cost-efficient compared to other centralized methods, the
overall resource wasting can be deterrent for many IoT
designers Moreover, the Blockchain mechanism alone does
not provide total security Instead, supplementary
cryptography algorithms must be implemented which further
burdens the resource constrained IoT device
Fig 4 Sections of Blockchain integrated with IoT applications
A second challenge stems from the sheer number of
interconnected devices in an IoT network Specifically, as
more IoT devices are introduced into the network, the size of
the Blockchain is increasing because more transactions, which
need to be stored, arise This can cause problems for IoT's
massive number of interconnected devices and transmitted
data because some Blockchain architectures can only manage
a few transactions per second [7] Blockchain technology is
not constructed to keep up with the scalability of IoT
Lastly, for the integration to succeed, both Blockchain and
IoT security and functionality must be successfully certified
independently [7] For example, IoT's susceptibility to data
alteration attacks can cause problems when these corrupted
data remain in the Blockchain Furthermore, the probabilistic
nature of the transaction latency in Blockchain can hinder and
degrade the availability of the IoT system, which can be
dangerous in critical applications such as healthcare
E Efficient and Flexible Solutions
In recent years, many papers have attempted to present
encouraging approaches towards securing IoT-based systems
[44] and [45] describe an exemplary framework for
Healthcare applications with the intention to limit the
vulnerabilities and possible threats of Healthcare designs
Moreover, the authors demonstrate security characteristics
and future directions for efficient architectures The latter also
investigates various proposed solutions and models with their
advantages and drawbacks listed
Some appropriate architectures that can offer
implementational solutions to mentioned vulnerabilities of
IoT systems are presented In [46], a cryptographic system is
efficiently implemented in an IoT device while providing
flexible security schemes The architecture can be applied to
various scenarios, based on encryption/decryption needs and
available hardware resources, and effectively offer security,
authentication and confidentiality Lastly, [47] proposes an
interactive lightweight architecture for data streaming that is
implemented in a FPGA Even though it employs three
different stream ciphers for three modes, the design achieves
to allocate fewer resources than conventional means while maintaining the security level offered by the three ciphers
IV CONCLUSIONS AND OUTLOOK
The analysis of IoT systems exposes numerous vulnerabilities that can easily be exploited resulting in serious concerns Paradoxically, the newly integrated security methods come with additional threats that render the systems even more hazardous As the presented hardware implementations demonstrate, it is difficult to design a hardware-based lightweight security mechanism that is both resource/energy efficient and completely secure Nevertheless, the careful analysis of the mentioned approaches and the consideration of the topics discussed in this paper will direct future research aiming to develop solutions for IoT security in Healthcare applications
References
[1] H Fei, Security and Privacy in Internet of Things (IoTs): Models, Algorithms, and Implementations, CRC Press, 2016, pp 237-266, 355-380
[2] I Stellios, P Kotzanikolaou, M Psarakis, C Alcaraz and J Lopez, “A Survey of IoT-Enabled Cyberattacks: Assessing Attack Paths to
Critical Infrastructures and Services,” IEEE Communications Surveys
Tutorials, vol 20, no 4, pp 3453-3495, 2018
[3] Y E Sagduyu, Y Shi and T Erpek, “IoT Network Security from the
Perspective of Adversarial Deep Learning,” in 2019 16th Annual
IEEE International Conference on Sensing, Communication, and Networking (SECON), 2019, pp 1-9
[4] N Wang, T Jiang, S Lv and L Xiao, “Physical-Layer Authentication
Based on Extreme Learning Machine,” IEEE Communications
Letters, vol 21, no 7, pp 1557-1560, 2017
[5] S S Swarna Sugi and S R Ratna, “Investigation of Machine Learning Techniques in Intrusion Detection System for IoT Network,”
in 2020 3rd International Conference on Intelligent Sustainable
Systems (ICISS), 2020, pp 1164-1167
[6] Niall McLaughlin, Jesus Martinez del Rincon, BooJoong Kang, Suleiman Yerima, Paul Miller, Sakir Sezer, Yeganeh Safaei, Erik Trickel, Ziming Zhao, Adam Doupé, and Gail Joon Ahn, “Deep
Android Malware Detection,” in Proceedings of the Seventh ACM on
Conference on Data and Application Security and Privacy, New York,
NY, USA, Association for Computing Machinery, 2017, p 301–308 [7] Mohammad Maroufi, Reza Abdolee, Behzad Mozaffari Tazekand,
“On the Convergence of Blockchain and Internet of Things (IoT)
Technologies,” CoRR, vol abs/1904.01936, 2019
[8] N Neshenko, E Bou-Harb, J Crichigno, G Kaddoum and N Ghani,
“Demystifying IoT Security: An Exhaustive Survey on IoT Vulnerabilities and a First Empirical Look on Internet-Scale IoT
Exploitations,” IEEE Communications Surveys Tutorials, vol 21, no
3, pp 2702-2733, 2019
[9] S Khanam, I B Ahmedy, M Y Idna Idris, M H Jaward and A Q Bin Md Sabri, “A Survey of Security Challenges, Attacks Taxonomy
and Advanced Countermeasures in the Internet of Things,” IEEE
Access, vol 8, pp 219709-21974, 2020
[10] I Makhdoom, M Abolhasan, J Lipman, R P Liu and W Ni,
“Anatomy of Threats to the Internet of Things,” IEEE
Communications Surveys Tutorials, vol 21, no 2, pp 1636-1675,
2019
[11] F Meneghello, M Calore, D Zucchetto, M Polese and A Zanella,
“IoT: Internet of Threats? A Survey of Practical Security
Vulnerabilities in Real IoT Devices,” IEEE Internet of Things Journal,
vol 6, no 5, pp 8182-8201, 2019
[12] Zeyad A Al-Odat, Sudarshan K Srinivasan, Eman M Al-Qtiemat, Sana Shuja, “A Reliable IoT-Based Embedded Health Care System
for Diabetic Patients,” CoRR, vol abs/1908.06086, 2019
[13] H Tao, M Z A Bhuiyan, A N Abdalla, M M Hassan, J M Zain and T Hayajneh, “Secured Data Collection With Hardware-Based
Trang 6Ciphers for IoT-Based Healthcare,” IEEE Internet of Things Journal,
vol 6, no 1, pp 410-420, 2019
[14] S K Cherupally, S Yin, D Kadetotad, C Bae, S J Kim and J Seo,
“A Smart Hardware Security Engine Combining Entropy Sources of
ECG, HRV, and SRAM PUF for Authentication and Secret Key
Generation,” in 2019 IEEE Asian Solid-State Circuits Conference
(A-SSCC), 2019, pp 145-148
[15] K Nomikos, A Papadimitriou, G Stergiopoulos, D Koutras, M
Psarakis and P Kotzanikolaou, “On a Security-oriented Design
Framework for Medical IoT Devices: The Hardware Security
Perspective,” in 2020 23rd Euromicro Conference on Digital System
Design (DSD), 2020, pp 301-308
[16] A Pouraghily, T Wolf and R Tessier, “Hardware support for
embedded operating system security,” in 2017 IEEE 28th
International Conference on Application-specific Systems,
Architectures and Processors (ASAP), 2017, pp 61-66
[17] U Guin, S Bhunia, D Forte and M M Tehranipoor, “SMA: A
System-Level Mutual Authentication for Protecting Electronic
Hardware and Firmware,” IEEE Transactions on Dependable and
Secure Computing, vol 14, no 3, pp 265-278, 2017
[18] Z Liu, X Huang, Z Hu, M K Khan, H Seo and L Zhou, “On
Emerging Family of Elliptic Curves to Secure Internet of Things: ECC
Comes of Age,” IEEE Transactions on Dependable and Secure
Computing, vol 14, no 3, pp 237-248, 2017
[19] J J P C Rodrigues et al., “Enabling Technologies for the Internet of
Health Things,” IEEE Access, vol 6, pp 13129-13141, 2018
[20] M Kocakulak and I Butun, “An overview of Wireless Sensor
Networks towards internet of things,” in 2017 IEEE 7th Annual
Computing and Communication Workshop and Conference (CCWC),
2017, pp 1-6
[21] H B Acla and B D Gerardo, “Security Analysis of Lightweight
Encryption based on Advanced Encryption Standard for Wireless
Sensor Networks,” in 2019 IEEE 6th International Conference on
Engineering Technologies and Applied Sciences (ICETAS)}, 2019, pp
1-6
[22] A Kulkarni, Y Pino and T Mohsenin, “Adaptive real-time Trojan
detection framework through machine learning,” in 2016 IEEE
International Symposium on Hardware Oriented Security and Trust
(HOST), 2016, pp 120-123
[23] K Alrawashdeh and C Purdy, “Reducing calculation requirements in
FPGA implementation of deep learning algorithms for online anomaly
intrusion detection,” in 2017 IEEE National Aerospace and
Electronics Conference (NAECON), 2017, pp 57-62
[24] T Hu, L Wu, X Zhang, Y Yin and Y Yang, “Hardware Trojan
Detection Combine with Machine Learning: an SVM-based Detection
Approach,” in 2019 IEEE 13th International Conference on
Anti-counterfeiting, Security, and Identification (ASID), 2019, pp 202-206
[25] D K.N and R Bhakthavatchalu, “Parameterizable FPGA
Implementation of SHA-256 using Blockchain Concept,” in 2019
International Conference on Communication and Signal Processing
(ICCSP), 2019, pp 0370-0374
[26] S P Mohanty, V P Yanambaka, E Kougianos and D Puthal,
“PUFchain: A Hardware-Assisted Blockchain for Sustainable
Simultaneous Device and Data Security in the Internet of Everything
(IoE),” IEEE Consumer Electronics Magazine, vol 9, no 2, pp 8-16,
2020
[27] V Visoottiviseth, P Sakarin, J Thongwilai and T Choobanjong,
“Signature-based and Behavior-based Attack Detection with Machine
Learning for Home IoT Devices,” in 2020 IEEE REGION 10
CONFERENCE (TENCON), 2020, pp 829-834
[28] A F Ametepe, S A R M Ahouandjinou and E C Ezin, “Secure
Encryption by Combining Asymmetric and Symmetric Cryptographic
Method for Data Collection WSN in smart Agriculture,” in 2019 IEEE
International Smart Cities Conference (ISC2), 2019, pp 93-99
[29] W Zhou et al., “Reviewing IoT Security via Logic Bugs in IoT
Platforms and Systems,” IEEE Internet of Things Journal, vol 8, no
14, pp 11621-11639, 2021
[30] J Deogirikar and A Vidhate, “Security attacks in IoT: A survey,” in
2017 International Conference on I-SMAC (IoT in Social, Mobile,
Analytics and Cloud) (I-SMAC), 2017, pp 32-37
[31] M A Al-Garadi, A Mohamed, A K Al-Ali, X Du, I Ali and M Guizani, “A Survey of Machine and Deep Learning Methods for
Internet of Things (IoT) Security,” IEEE Communications Surveys
Tutorials, vol 22, no 3, pp 1646-1685, 2020
[32] Marcos A Simplicio Jr., Marcos V.M Silva, Renan C.A Alves, Tiago K.C Shibata, “Lightweight and escrow-less authenticated key
agreement for the internet of things,” Computer Communications, vol
98, no 0140-3664, pp 43-51, 2017
[33] Shancang Li, Theo Tryfonas, Honglei Li, “The Internet of Things: a
security point of view,” Internet Research, vol 26, no 2, pp 337-359,
2016
[34] M T Arafin, A Stanley and P Sharma, “Hardware-based anti-counterfeiting techniques for safeguarding supply chain integrity,” in
2017 IEEE International Symposium on Circuits and Systems (ISCAS), 2017, pp 1-4
[35] A Burg, A Chattopadhyay and K -Y Lam, “Wireless Communication and Security Issues for Cyber–Physical Systems and
the Internet-of-Things,” Proceedings of the IEEE, vol 106, no 1, pp
38-60, 2018
[36] I Butun, P Österberg and H Song, “Security of the Internet of
Things: Vulnerabilities, Attacks, and Countermeasures,” IEEE
Communications Surveys Tutorials, vol 22, no 1, pp 616-644, 2020
[37] J Yu, E Lee, S Oh, Y Seo and Y Kim, “A Survey on Security Requirements for WSNs: Focusing on the Characteristics Related to
Security,” IEEE Access, vol 8, pp 45304-45324, 2020
[38] K Lounis and M Zulkernine, “Attacks and Defenses in Short-Range
Wireless Technologies for IoT,” IEEE Access, vol 8, pp
88892-88932, 2020
[39] M Wazid, A K Das, S Shetty, P Gope and J J P C Rodrigues,
“Security in 5G-Enabled Internet of Things Communication: Issues,
Challenges, and Future Research Roadmap,” IEEE Access, vol 9, pp
4466-4489, 2021
[40] A Raoof, A Matrawy and C Lung, “Routing Attacks and Mitigation
Methods for RPL-Based Internet of Things,” IEEE Communications
Surveys Tutorials, vol 21, no 2, pp 1582-1606, 2019
[41] A Murzaeva, B Kepçeoğlu and S Demirci, “Survey of Network
Security Issues and Solutions for the IoT,” in 2019 3rd International
Symposium on Multidisciplinary Studies and Innovative Technologies (ISMSIT), 2019, pp 1-6
[42] M A Alamro, Y Zhuang, A O Aseeri and M S Alkatheiri,
“Examination of Double Arbiter PUFs on Security against Machine
Learning Attacks,” in 2019 IEEE International Conference on Big
Data (Big Data), 2019, pp 3165-3171
[43] F Hussain, R Hussain, S A Hassan and E Hossain, “Machine Learning in IoT Security: Current Solutions and Future Challenges,”
IEEE Communications Surveys Tutorials, vol 22, no 3, pp
1686-1721, 2020
[44] K Tsantikidou, N Sklavos, “Hardware Security for IoT-Based, Healthcare Applications”, New England Hardware Security Day 2021 Workshop, New England, USA, April 9, 2021
[45] A N Bikos, N Sklavos, “The Future of Privacy and Trust on the Internet of Things (IoT) for Healthcare: Concepts, Challenges, and Security Threat Mitigations”, Chapter in the Book: Recent Advances
in Security, Privacy, and Trust for Internet of Things (IoT) and Cyber-Physical Systems (CPS), editors Kuan-Ching Li, Brij B Gupta, Dharma P Agrawal, CRC Press, ISBN: 9780367220655, 2020 [46] P Panagiotou, N Sklavos, I D Zaharakis, “Design and Implementation of a Privacy Framework, for the Internet of Things (IoT)”, proceedings of 21th EUROMICRO Conference on Digital System Design, Architectures, Methods, Tools (DSD'18), Prague, Czech Republic, August 29–31, 2018
[47] M Tsavos, N Sklavos, G Ph Alexiou, “Lightweight Security Data Streaming, Based on Reconfigurable Logic, for FPGA Platform”, proceedings of 23th EUROMICRO Conference on Digital System Design, Architectures, Methods, Tools (DSD'20), Portoroz, Slovenia, August 26–28, 2020