IoTBDS 2018 Abstracts


Area 1 - Big Data Research

Short Papers
Paper Nr: 18
Title:

Data Analytics for Low Voltage Electrical Grids

Authors:

Maria Stefan, Jose G. Lopez, Morten H. Andreasen, Ruben Sanchez and Rasmus L. Olsen

Abstract: At the consumer level in the electrical grid, the increase in distributed power generation from renewable energy resources creates operational challenges for the DSOs. Nowadays, grid data is only used for billing purposes. Intelligent management tools can facilitate enhanced control of the power system, where the first step is the ability to monitor the grid state in near-real-time. Therefore, the concepts of smart grids and Internet of Things can enable future enhancements via the application of smart analytics. This paper introduces a use case for low voltage grid observability. The proposal involves a state estimation algorithm (DSSE) that aims to eliminate errors in the received meter data and provide an estimate of the actual grid state by replacing missing or insufficient data for the DSSE by pseudo-measurements acquired from historical data. A state of the art of historical and near-real-time analytics techniques is further presented. Based on the proposed study model and the survey, the team near-real-time is defined. The proposal concludes with an evaluation of the different analytical methods and a subsequent set of recommendations best suited for low voltage grid observability.

Paper Nr: 35
Title:

NoSQL Database Performance Tuning for IoT Data - Cassandra Case Study

Authors:

Lucas B. Dias, Maristela Holanda, Ruben C. Huacarpuma and Rafael T. de Sousa Jr

Abstract: Data provided by Internet of Things (IoT) are time series and have some specific characteristics that must be considered with regard to storage and management. IoT data is very likely to be stored in NoSQL system databases where there are some particular engine and compaction strategies to manage time series data. In this article, two of these strategies found in the open source Cassandra database system are described, analyzed and compared. The configuration of these strategies is not trivial and may be very time consuming. To provide indicators, the strategy with the best time performance had its main parameter tested along 14 different values and results are shown, related to both response time and storage space needed. The results may help users to configure their IoT NoSQL databases in an efficient setup, may help designers to improve database compaction strategies or encourage the community to set new default values for the compaction strategies.

Paper Nr: 38
Title:

Searchitect - A Developer Framework for Hybrid Searchable Encryption (Position Paper)

Authors:

Ulrich Haböck, Manuel Koschuch, Ines Kramer, Silvie Schmidt and Mathias Tausig

Abstract: In light of the trend towards cloud-based applications, privacy enhancing technologies are becoming increasingly important. Searchable encryption (SE) allows to outsource data to the cloud in a secure way, whilst permitting search functionality on that encrypted data: the host is able to perform search queries on behalf of the user, but without having access to the encryption keys. We propose Searchitect, a developer framework which allows to enhance existing cloud-based applications with searchable encryption. Searchitect provides a ready-to-use client-server infrastructure, which is expandable by custom SE schemes, the server being a configurable webservice offering searchable encryption as a service (SEaaS). Unlike other searchable encryption frameworks our approach is hybrid: Searchitect separates the index component from the data encryption scheme, leaving the application’s own specific encryption paradigm and access control untouched. In this way, we hope to ease the integration of searchable encryption into already existing cloud-based applications, requiring only the client code to be modified. Further, as searchable encryption is a very active field of research, we emphasize the experimental character of Searchitect’s framework. It aims at developers keeping track of recent SE developments, providing an easy deployable solution for testing in public and private clouds.

Paper Nr: 43
Title:

Rainfall Prediction Model based on Radar Image Analysis Processing

Authors:

Oudomseila Phok, Jiwan Lee and Bonghee Hong

Abstract: The radar image represents the intensity of the rainfall measured at the observatory by the image pixel color value. It is the goal of this paper to find that the radar image values at a given point calculate the rainfall at a given time. Correlation analysis between radar images and rainfall data provided by rainfall gauges installed at very rare intervals is performed first. Based on this correlation analysis, we find out how to calculate the rainfall in the area where AWS is not installed by radar image. The biggest challenge of this paper is to find a predictive model of rainfall that takes into accounts the movement patterns of radar images affected by wind direction, wind speed, temperature and humidity.

Area 2 - Emerging Services and Analytics

Full Papers
Paper Nr: 8
Title:

Detecting Anomalies in Device Event Data in the IoT

Authors:

Irene Cramer, Prakash Govindarajan, Minu Martin, Alexandr Savinov, Arun Shekhawat, Alexander Staerk and Appasamy Thirugnana

Abstract: This paper describes an approach to detecting anomalous behavior of devices by analyzing their event data. Devices from a fleet are supposed to be connected to the Internet by sending log data to the server. The task is to analyze this data by automatically detecting unusual behavioral patterns. Another goal is to provide analysis templates that are easy to customize and that can be applied to many different use cases as well as data sets. For anomaly detection, this log data passes through three stages of processing: feature generation, feature aggregation, and analysis. It has been implemented as a cloud service which exposes its functionality via REST API. The core functions are implemented in a workflow engine which makes it easy to describe these three stages of data processing. The developed cloud service also provides a user interface for visualizing anomalies. The system was tested on several real data sets, such as data generated by autonomous lawn mowers where it produced meaningful results by using the standard template and only little parameters.

Paper Nr: 13
Title:

Fault-Tolerant Scheduling for Scientific Workflow with Task Replication Method in Cloud

Authors:

Zhongjin Li, Jiacheng Yu, Haiyang Hu, Jie Chen, Hua Hu, Jidong Ge and Victor Chang

Abstract: Cloud computing has become a revolutionary paradigm by provisioning on-demand and low cost computing resources for customers. As a result, scientific workflow, which is the big data application, is increasingly prone to adopt cloud computing platforms. However, internal failure (host fault) is inevitable in such large distributed computing environment. It is also well studied that cloud data center will experience malicious attacks frequently. Hence, external failure (failure by malicious attack) should also be considered when scheduling scientific workflows. In this paper, a fault-tolerant scheduling (FTS) algorithm is proposed for scientific workflow in cloud computing environment, the aim of which is to minimize the workflow cost with the deadline constraint even in the presence of various failures. The FTS algorithm is based on tasks replication method which is one of the widely used fault tolerant mechanisms. The experimental results in terms of real-world scientific workflow applications demonstrate the effectiveness and practicality of our proposed algorithm.

Paper Nr: 30
Title:

Energy-Efficient Service Function Chain Provisioning in Multi-Domain Networks

Authors:

Gang Sun, Yayu Li, Guangyang Zhu, Dan Liao and Victor Chang

Abstract: Service Function Chain (SFC) is not only helpful for saving the capital expenditure (CAPEX) and operational expenditure (OPEX) of network provider, but also can reduce energy consumption in the substrate network. However, to best of our knowledge, few researches focus on the problem of energy consumption for provisioning SFC requests in multi-domain networks. In this paper, we firstly formulate the problem of energy-efficient online SFC request provisioning across multiple domains by using integer linear programming (ILP). Then we propose a heuristic algorithm called EE-SFCO-MD for efficiently solving this problem. We conduct simulation experiments for evaluating the performance of our algorithm. The simulation results show that EE-SFCO-MD performs better than existing approaches.

Short Papers
Paper Nr: 24
Title:

Discovery of Newsworthy Events in Twitter

Authors:

Fernando Fradique Duarte, Óscar Mortágua Pereira and Rui L. Aguiar

Abstract: The new communication paradigm established by Social Media, along with its growing popularity in recent years contributed to attract an increasing interest by several research fields. One such research field is the field of event detection in Social Media. The purpose of this work is to implement a system to detect newsworthy events in Twitter. A similar system proposed in the literature is used as the base of this implementation. For this purpose, a segmentation algorithm implemented using a dynamic programming approach is proposed in order to split the tweets into segments. Wikipedia is then leveraged as an additional factor in order to rank these segments. The top k segments in this ranking are then grouped together according to their similarity using a variant of the Jarvis-Patrick clustering algorithm. The resulting candidate events are filtered using an SVM model trained on annotated data, in order to retain only those related to real-world newsworthy events. The implemented system was tested with three months of data, representing a total of 4,770,636 tweets created in Portugal and mostly written in the Portuguese language. The precision obtained by the system was 76.9 % with a recall of 41.6%.

Posters
Paper Nr: 28
Title:

Towards Combining Reactive and Proactive Cloud Elasticity on Running HPC Applications

Authors:

Vinicius Facco Rodrigues, Rodrigo da Rosa Righi, Cristiano André da Costa, Dhananjay Singh, Víctor Mendez Munoz and Victor Chang

Abstract: The elasticity feature of cloud computing has been proved as pertinent for parallel applications, since users do not need to take care about the best choice for the number of processes/resources beforehand. To accomplish this, the most common approaches use threshold-based reactive elasticity or time-consuming proactive elasticity. However, both present at least one problem related to: the need of a previous user experience, lack on handling load peaks, completion of parameters or design for a specific infrastructure and workload setting. In this regard, we developed a hybrid elasticity service for parallel applications named SelfElastic. As parameterless model, SelfElastic presents a closed control loop elasticity architecture that adapts at runtime the values of lower and upper thresholds. Besides presenting SelfElastic, our purpose is to provide a comparison with our previous work on reactive elasticity called AutoElastic. The results present the SelfElastic’s lightweight feature, besides highlighting its performance competitiveness in terms of application time and cost metrics.

Area 3 - Internet of Things (IoT) Applications

Full Papers
Paper Nr: 15
Title:

A Decision Framework for Blockchain Platforms for IoT and Edge Computing

Authors:

Claus Pahl, Nabil EL Ioini and Sven Helmer

Abstract: Blockchains started as an enabling technology in the area of digital currencies with the introduction of Bitcoin. However, blockchains have emerged as a technology that goes beyond financial transactions by providing a platform supporting secure and robust distributed public ledgers. We think that the Internet of Things (IoT) can also benefit from blockchain technology, especially in the areas of security, privacy, fault tolerance, and autonomous behavior. Here we present a decision framework to help practitioners systematically evaluate the potential use of blockchains in an IoT context.

Short Papers
Paper Nr: 31
Title:

Exploring Big Data Clustering Algorithms for Internet of Things Applications

Authors:

Hind Bangui, Mouzhi Ge and Barbora Buhnova

Abstract: With the rapid development of the Big Data and Internet of Things (IoT), Big Data technologies have emerged as a key data analytics tool in IoT, in which, data clustering algorithms are considered as an essential component for data analysis. However, there has been limited research that addresses the challenges across Big Data and IoT and thus proposing a research agenda is important to clarify the research challenges for clustering Big Data in the context of IoT. By tackling this specific aspect - clustering algorithm in Big Data, this paper examines on Big Data technologies, related data clustering algorithms and possible usages in IoT. Based on our review, this paper identifies a set of research challenges that can be used as a research agenda for the Big Data clustering research. This research agenda aims at identifying and bridging the research gaps between Big Data clustering algorithms and IoT.

Paper Nr: 36
Title:

SPIRI: Low Power IoT Solution for Monitoring Indoor Air Quality

Authors:

John Esquiagola, Matheus Manini, Arthur Aikawa, Leopoldo Yoshioka and Marcelo Zuffo

Abstract: Annually, millions of people worldwide die prematurely as a consequence of air pollution. Many of these deaths occur in large cities, where exhaust from cars, factories, and power plants fills the air with hazardous particles. However, the issue is not only in outdoor areas of the cities because most people spend more than 90\% of their time in their houses, offices or cars. Indoor air pollution (IAP) affects human health, safety, productivity, and comfort. There are some reports about attacking the indoor air quality (IAQ) problem by utilizing IoT technology, but most solutions are driving the urban environmental problem. This paper presents the SPIRI platform which proposes to measure IAP using an IoT network of connected sensors that gather and send important information like temperature, relative humidity, volatile organic compounds (VOC), particulate matter (PM), among others. Using this data, indoor environments can be mapped, track changes over time, identify pollutions sources, and analyze potential interventions to reduce the IAP. Initial results of the current development of our IoT platform to perform the real\-time monitoring of the IAP is presented. Hardware and software are also presented because our solution needs to be aware of the current IoT challenges such as scalability, security and interoperability. Both 6LoWPAN and IEEE 802.15.4 standards were implemented to establish the communication between the devices

Paper Nr: 39
Title:

Towards a Platform for Urban Data Management, Integration and Processing

Authors:

Elarbi Badidi and Muthucumaru Maheswaran

Abstract: Smart city infrastructure includes deployment of a variety of sensors and provision of open data platforms and applications that can help improve the quality of life of the citizens. The large volumes of data generated by sensors and various Internet of Things (IoT) devices need to be harnessed to help smart city applications make informed decisions on the fly. Also, efficient management of smart city components relies on the ability to federate their data, locally process urban data streams, and utilize big data analytics to harness their governance. Data interoperability and integration is one of the most challenging problems facing smart cities today. Successful data integration is one of the keys to improved services and governance. This paper describes the architectural design of a framework that aims to deal with the integration of data across the various systems of the city, urban data analytics, and creation of value-added services. The framework relies on recent technologies for data processing including IoT, edge computing, cloud computing, data analytics, and semantic integration.

Paper Nr: 41
Title:

Towards a Fully Automated Bracelet for Health Emergency Solution

Authors:

Igor Matias, Nuno Pombo and Nuno Garcia

Abstract: Activity and health monitoring bracelets are currently a popular consumer electronic wearable, and several different manufacturers market several different versions, integrating a wide and diverse range of sensors. The several different types of bracelets often require the user to interact with the bracelet itself or with the help line attendant. However, this interaction is not suitable in many emergency scenarios. Thus, this paper presents a novel system to monitor, detect and communicate health critical situations, in a full automated manner. The system encompasses a bracelet capable for health abnormalities detection based on both vital signs, and accelerometer data collection from the user. This paper also describes the design and prototyping process of the bracelet, providing insight and solutions to observed problems. In spite of the early stage of this system, the observed results are promising and offer room for improvements on either complementary studies or different clinical emergence scenarios.

Area 4 - Internet of Things (IoT) Fundamentals

Full Papers
Paper Nr: 6
Title:

A Multi-Channel Software Decoder for the LoRa Modulation Scheme

Authors:

Pieter Robyns, Peter Quax, Wim Lamotte and William Thenaers

Abstract: LoRa is a recently introduced modulation scheme specifically designed for Low-Power Wide-Area Networks. In this paper, we provide the first detailed and complete description of the LoRa PHY layer, and present a novel methodology for detecting and decoding LoRa frames using Software Defined Radios. Our proposed decoding approach can efficiently decode multiple channels simultaneously in software due to an invariance towards the signal frequency. Hence, our approach also removes the need for correcting frequency offset errors imparted by the transmitter or receiver. We have evaluated our decoding technique in a lab setup using three Software Defined Radios (USRP B210, HackRF, and RTL-SDR) and three commercial off-the-shelf hardware LoRa transceivers (Microchip RN2483, HopeRF RFM96, and Semtech SX1272). We show that our decoder is fully compatible with all configurations of the RN2483 and SX1272, achieving an overall packet error rate of 0 for a signal-to-noise ratio of 20 dB. The source code of the decoder and datasets used in the evaluation are made available publicly.

Paper Nr: 9
Title:

How Little is Enough? Implementation and Evaluation of a Lightweight Secure Firmware Update Process for the Internet of Things

Authors:

Silvie Schmidt, Mathias Tausig, Manuel Koschuch, Matthias Hudler, Georg Simhandl, Patrick Puddu and Zoran Stojkovic

Abstract: With an ever growing number of devices connecting to each other and to the Internet (usually subsumed under the ”Internet-of-Things” moniker), new challenges arise in terms of keeping these devices safe, secure and usable. Against better judegment, a large number of such devices never gets updated after being deployed, be it from negligence, inconvenience or sheer technical challenges. And all that while a plethora of valid approaches already exists for secure wireless remote update processes for such devices. In this work, we present another approach to solve this problem, with a special focus on the ease of integration into existing systems: we try to provide the absolute bare minimum to enable a secure over-the-air update process, analyze the security of this approach, and evaluate the performance impact of the implementation. We show that our solution can deal with nearly 80% of the identified threats, with a negligible impact on practical performance in terms of processing power and energy consumption.

Paper Nr: 10
Title:

A Performance Exploration of Architectural Options for a Middleware for Decentralised Lightweight Edge Cloud Architectures

Authors:

David von Leon, Lorenzo Miori, Julian Sanin, Nabil El Ioini, Sven Helmer and Claus Pahl

Abstract: The integration of Cloud and IoT (Internet-of-Things) resulting in so-called edge clouds has started. This requires the combination of data centre management technologies with much more constrained devices. Lightweight virtualisation solutions such as containerisation can be used to distribute, deploy and manage edge cloud applications on clusters. Leightweightness also applies to the devices, where we focus here on small-board devices such as Raspberry Pis in our concrete case. These small-board devices are particularly useful in situations where a mix of robustness due to environmental conditions and low costs is required. We discuss different architectural solutions for the distribution of computation to edge cloud devices based on containers and other management approaches and evaluate these in terms of cost, power consumption and performance.

Short Papers
Paper Nr: 3
Title:

A Reference Architecture for the IoT Services’ Adaptability - Using Agents to Make IoT Services Dynamically Reconfigurable

Authors:

Ademir José Barba and Fernando Antonio de Castro Giorno

Abstract: Internet of Things (IoT) is a concept that illustrates the technological revolution that allows the interaction between physical things (devices) and virtual things (software) thanks to the Internet and to the evolution of the sensing and acting devices. This interaction promotes the creation of advanced services that contribute to society. The evolutionary maintenance of IoT services and the inclusion of new services demand a software architecture that adapts to these changes without causing damage to the rest of the system. In this work this requirement is called ”IoT Services Adaptability” and to propose an architecture that contributes with this requirement is the objective of this work.

Paper Nr: 17
Title:

Misalignment between Business and IT Strategic Objectives in Saudi Arabia Public Sector Organisations

Authors:

Abdulaziz AlGhazi, Mengxiang Li, Tingru Cui, Fosso Wamba Samuel and Jun Shen

Abstract: Business-IT strategy misalignment is increasingly an important area of concern and interest in organisations around the world including Saudi Arabia (SA). Indeed, the SA government has launched the National Digital Transformation Strategy for 2030 to support all public-sector organisations to improve efficiency and performance. This research aimed to identify and analyse the factors that contribute to business/IT strategy misalignment in Saudi public-sector organisations. This research focused emerged from the need to better understand the business and IT models incorporated in the organisations Saudi Arabia to achieve high performance, quality of service (QoS) and return of investment (ROI). Using a qualitative study design that included semi-structured interviews with eight executive and managerial staff from five public-sector organisations in Saudi Arabia, this study found human, operational and IT system factors all have the potential to contribute to business-IT strategy misalignment. It also found the approaches to misalignment avoidance in Saudi public-sector organisations sometimes lack structure and consistency.

Paper Nr: 44
Title:

The Impact of Clustering for Learning Semantic Categories

Authors:

Mário Antunes, Diogo Gomes and Rui L. Aguiar

Abstract: The evergrowing number of small devices with sensing capabilities produce massive amounts of diverse data. However, it becomes increasingly difficult to manage all these new data sources. Currently there is no single way to represent, share, and understand IoT data, leading to information silos that hinder the realization of complex IoT/M2M scenarios. IoT/M2M scenarios can only achieve their full potential when the devices become intelligent: work and learn together with minimal human intervention. We developed methods to estimate semantic similarity based on distributional profiles, cluster algorithm were used to learn semantic categories and improve the model accuracy. In this paper we discuss the impact of the cluster algorithm and respective heuristic to estimate inital parameters in the task of learning semantic categories. Our evaluation has shown that k-means combined with silhouette method achieved the higher result.

Posters
Paper Nr: 19
Title:

Internet of Things Middleware: How Suitable are Service-oriented Architecture and Resource-oriented Architecture

Authors:

Janick Kubela, Matthias Pohl, Sascha Bosse and Klaus Turowski

Abstract: Over the last years, the Internet of Things was researched widely. Thus, various IoT applications are developed based upon different use-cases. Numerous middleware solutions for the IoT are based on the Service oriented Architecture and Resource oriented Architecture. Both approaches do support the connection of distributed objects but no research is done to check the suitability of SoA and RoA in the context of common IoT requirements in an adequate scope. In the context of this paper the fundamental mechanisms of SoA and RoA are compared regarding to connectivity, compatibility, scalability, robustness and security. Resulting out of this comparison, both approaches are suitable as the base of an IoT middleware. Nevertheless, RoA has a lack of supporting bi-directional communication and real-time analysis while SoA rapidly become a heavy middleware solution. Therefore, the use of a mixed-up middleware is recommended.

Area 5 - Security, Privacy and Trust

Full Papers
Paper Nr: 4
Title:

Micro-Segmenting 5G

Authors:

Olli Mämmelä, Jani Suomalainen, Kimmo Ahola, Pekka Ruuska, Mikko Majanen and Mikko Uitto

Abstract: The forthcoming 5G mobile networks shall be heterogeneous in nature and embody a large number and variety of devices. Moreover, Internet of Things applications – like surveillance and maintenance – will use 5G extensively due to its high availability and quality of connectivity. However, the heterogeneous services, applications, users, devices, and the large amount of network traffic will bring challenges for the security of the mobile network. It will be important to provide isolated segments from the network for applications that require a high level of security. This paper presents the potential of micro-segmenting 5G networks. Micro-segmentation is a concept that has been considered in data center networking to enforce the security of a data center by monitoring the flows inside the data center. In this paper we describe how the micro-segmentation concept could fit into the 5G security architecture and provide scenarios of how software mobile networks can facilitate securing IoT.

Paper Nr: 5
Title:

Unbalanced Data Classification in Fraud Detection by Introducing a Multidimensional Space Analysis

Authors:

Roberto Saia

Abstract: The problem of frauds is becoming increasingly important in this E-commerce age, where an enormous number of financial transactions are carried out by using electronic instruments of payment such as credit cards. In this scenario it is not possible to adopt human-driven solutions due to the huge number of involved operations. The only approach is therefore to adopt automatic solutions able to discern the legitimate transactions from the fraudulent ones. For this reason, today the development of techniques capable of carrying out this task efficiently represents a very active research field that involves a large number of researchers around the world. Unfortunately, this is not an easy task, since the definition of effective fraud detection approaches is made difficult by a series of well-known problems, the most important of them being the non-balanced class distribution of data that leads towards a significant reduction of the machine learning approaches performance. Such limitation is addressed by the approach proposed in this paper, which exploits three different metrics of similarity in order to define a three-dimensional space of evaluation. Its main objective is a better characterization of the financial transactions in terms of the two possible target classes (legitimate or fraudulent), facing the information asymmetry that gives rise to the problem previously exposed. A series of experiments conducted by using real-world data with different size and imbalance level, demonstrate the effectiveness of the proposed approach with regard to the state-of-the-art solutions.

Paper Nr: 11
Title:

Hidden within a Group of People - Mental Models of Privacy Protection

Authors:

Eva-Maria Schomakers, Chantal Lidynia and Martina Ziefle

Abstract: Mental models are simplified representations of the reality that help users to interact with complex systems. In our digitized world in which data is collected everywhere, most users feel overtaxed by the demands for privacy protection. Designing systems along the language of the users and their mental models, is a key heuristic for understandable design. In an explorative approach, focus groups and interviews with 18 participants were conducted to elicit mental models of internet users for privacy protection. Privacy protection is perceived as complex and exhausting. The protection of one’s identity and, correspondingly, anonymity are central aspects. One research question is how scalable privacy protection can be visualized. Physical concepts, like walls and locks, are not applicable to the idea of adjustable privacy protection. The concept of kanonymity – visualized by a group of people from which the user is not distinguishable – can be related to by most of the participants and seems to work well as symbolization, but it is not yet internalized as mental model. Initially, users see privacy protection as binary – either one is protected or not. Thus, the concept of adjustable privacy protection is new to lay-people and no mental models exist, yet.

Paper Nr: 16
Title:

An Evaluation Framework for Fastest Oblivious RAM

Authors:

Seira Hidano, Yuto Nakano and Shinsaku Kiyomoto

Abstract: Oblivious RAM (ORAM) is security provable approach for memory access pattern hiding. However, since ORAM incurs high computational overheads due to repeated shuffles of data blocks in a memory, numerous constructions have been proposed to reduce it. While the computational cost has been improved by these constructions as compared to early ones, it is still expensive from the practical point of view. Specifically, in its application to IoT devices, less computational cost is expected for avoiding high energy consumption. We thus focus on an ORAM construction proposed by Nakano et al. in 2012, which we call the fastest ORAM. The computational cost of this construction is much less than any other conventional ORAM constructions. However, the security has not been analyzed sufficiently, due to the lack of practical security definitions. Therefore, we formulate a new security definition for the fastest ORAM on the basis of the average min-entropy, and propose a framework for evaluating the security.

Paper Nr: 23
Title:

IoT Privacy in 5G Networks

Authors:

Emanuele Catania and Aurelio La Corte

Abstract: In the Internet of Things (IoT), objects, equipped with sensing, processing, storage and decision-making capabilities, actively interact with one another and with humans. Even if they have been conceived and programmed to make all their activities in security, several factors, such as weak implementations of communication protocols, metadata information exchange, and architectural flaws, could jeopardize security and privacy. Moreover, due to its complexity and attitude to change rapidly, and to the ultra-densification trend of the current communication infrastructure, new threats to the privacy might arise. After a brief introduction to IoT privacy issues, we describe how the evolution of the current wireless communication infrastructure toward the 5G generation network might undermine the privacy in the IoT. Then we propose a methodology of analysis, which looks at privacy threats from different perspectives and at various levels of abstraction.

Paper Nr: 29
Title:

Trustworthy Privacy Policy Translation in Untrusted IoT Environments

Authors:

Mamadou H. Diallo, Nisha Panwar, Roberto Yus and Sharad Mehrotra

Abstract: Internet of Thing (IoT) systems, such as smart buildings and smart cities, provide services to users (individuals and organizations) in various aspect of our lives. To provide such services, IoT systems need to handle data captured from multiple devices/sensors, and translation of data processing policies agreed by users (high-level) into commands for devices (device-level). The underlying assumption is that users trust IoT systems in honoring their policies. However, this trust assumption is incorrectly positioned since IoT systems may not be honest or may fall victim to cyberattacks. We address such concerns by providing mechanisms to help in ensuring trust and accountability at the time of translating a contract (agreed and signed policies). The objective of the proposed scheme is two fold, (1) translation of contracts from a high-level to device-level, (2) attestation of the translation. We have implemented the proposed scheme for contract translation and attestation of translation as a module and integrated it with the TIPPERS system (our IoT testbed under development). The results of our experiments highlight the feasibility of our proposed schemes.

Paper Nr: 32
Title:

Of Guardians, Cynics, and Pragmatists - A Typology of Privacy Concerns and Behavior

Authors:

Eva-Maria Schomakers, Chantal Lidynia, Luisa Vervier and Martina Ziefle

Abstract: Online privacy is one of the most discussed topics in the digital era. User concerns about online privacy can be a barrier to the use of digital services. Different approaches, mostly from a social science perspective, try to understand user concerns, attitudes, and behaviors in the online context. Especially the so-called privacy paradox, the discrepancy between high privacy concerns and contradicting low privacy protection behavior, has been of interest. This phenomenon has been explained in different ways: users performing a privacy calculus, making affective decisions, or being overwhelmed, resigned by the complexity of online threats and protective measures. Complementing these theories, we hypothesize that different user types approach privacy differently. A survey (N=337) investigates the privacy attitudes, behaviors, and experiences of German internet users. With a cluster analysis, three distinct types of users were identified: the “Privacy Guardians,” highly concerned and taking much privacy protective actions, the “Privacy Cynics,” concerned but feeling powerless and unable to protect their privacy, and the “Privacy Pragmatists,” showing the least concerns which they weigh against benefits. These user groups need different tools and guidelines for protecting their privacy.

Paper Nr: 34
Title:

Intrusion Detection and Prevention with Internet-integrated CoAP Sensing Applications

Authors:

Jorge Granjal and Artur Pedroso

Abstract: End-to-end communications between Internet devices and Internet-integrated constrained wireless sensing platforms promise to contribute to the enabling of many of the envisioned IoT applications. In this context, communication technologies such as 6LoWPAN and CoAP are currently materializing this vision, and we may fairly observe that security in the presence of such devices, and particularly in the context of end-to-end communications with Internet-integrated WSN, will be of prime importance. Considering the constraints of sensing devices in terms of critical resources such as energy, memory and computational capability, it is clear that Internet-integrated WSN will need security against various types of attacks, particularly those originated at devices without the constraints of WSN sensors (e.g. Internet hosts). Existing encryption strategies for communications in IoT environments are unable to protect the WSN for Denial of Service (DoS) and other intrusion attacks, particularly in what regards the usage of CoAP to enable application-layer communications. Therefore, anomaly and intrusion detection will play a major role in the enabling of IoT applications in various areas. In this article, we approach a framework to cope with intrusion detection and reaction in CoAP Internet-integrated WSN, and in the context of this framework we implement and evaluate various complementary detection and prevention mechanisms. Our proposal is evaluated experimentally and ours is, as far as our knowledge goes, the first proposal with the above-mentioned goals.

Paper Nr: 42
Title:

Applicability and Resilience of a Linear Encoding Scheme for Computing Consensus

Authors:

Michel Toulouse and Bùi Quang Minh

Abstract: Consensus algorithms have a set of network nodes converge asymptotically to a same state which depends on some function of their initial states. At the core of these algorithms is a linear iterative scheme where each node updates its current state based on its previous state and the state of its neighbors in the network. In this paper we review a proposal from control theory which uses linear iterative schemes of asymptotic consensus and observability theory to compute consensus states in a finite number of iterations. This proposal has low communication requirements which makes it attractive to address consensus problems in a limited resource environment such as edge computing. However it assumes static networks contrary to wireless edge computing networks which are often dynamic and prone to attacks. The main purpose of this paper is to assess the network conditions and attack scenarios where this algorithm can still be considered useful in practice to address consensus problems in IoT applications. We introduce some new lower and exact bounds which further improve the communication performance of the algorithm. We also have some technical contributions on how to speed up mitigation of malicious activities and handling network instabilities. Numerical results confirm the communication performance of the algorithm and the existence of scenarios where the system can be considered cost effective resilient to errors injected intentionally or unintentionally.

Short Papers
Paper Nr: 12
Title:

Parallel Privacy-preserving Record Linkage using LSH-based Blocking

Authors:

Martin Franke, Ziad Sehili and Erhard Rahm

Abstract: Privacy-preserving record linkage (PPRL) aims at integrating person-related data without revealing sensitive information. For this purpose, PPRL schemes typically use encoded attribute values and a trusted party for conducting the linkage. To achieve high scalability of PPRL to large datasets with millions of records, we propose parallel PPRL (P3RL) approaches that build on current distributed dataflow frameworks such as Apache Flink or Spark. The proposed P3RL approaches also include blocking for further performance improvements, in particular the use of LSH (locality sensitive hashing) that supports a flexible configuration and can be applied on encoded records. An extensive evaluation for different datasets and cluster sizes shows that the proposed LSH-based P3RL approaches achieve both high quality and high scalability. Furthermore, they clearly outperform approaches using phonetic blocking.

Paper Nr: 14
Title:

Access Rules Enhanced by Dynamic IIoT Context

Authors:

Kevin Wallis, Marc Hüffmeyer, Ayhan Soner Koca and Christoph Reich

Abstract: The Industrial Internet of Things is a fast-growing business with many opportunities but also security risks. For instance, a crucial risk is an attack on customer’s or company’s internal data to violate the integrity, like order information or machine configurations. In addition, an attacker could inject packets which contain harmful manufacturing machine tool commands. This work introduces a novel rule-based approach which uses subcontexts of the Industrial Internet of Things (IIoT) context for deep packet inspection to protect the privacy of data and to increase the resilience of the system against attacks. Furthermore, formal definitions for the Industrial Internet of Things context, subcontexts and context rules have been investigated and developed. The subcontexts are used in combination with a new protocol called context enhancement protocol, to add context information to packets.

Paper Nr: 22
Title:

System Protection Agent Against Unauthorized Activities via USB Devices

Authors:

José Oliveira, Miguel Frade and Pedro Pinto

Abstract: Security attacks using USB interfaces and devices are becoming more advanced, which boost efforts to develop counter measures in order to protect systems and data. One of the most recent attacks using USB devices is the BadUSB attack, performed by spoofing the device’s firmware and allowing the attackers to execute a set of malicious actions, e.g. an USB storage device could be mounted as USB keyboard in order to inject malicious scripts into the system. This paper proposes a protection agent against BadUSB attack developed for Windows operative systems. It allows a user to check the class of an USB device ready to be mounted, though enabling the detection of a potential attack if the expected functionality of the device does not match with its class type. The results show that the proposed protection agent is capable of detecting potential intrusions by blocking the installation of the device, scanning the device for something that identifies it, searching for a description locally and finally warning the user about the device meaning that all devices must be approved by the user when plugged in if the system protection agent is running.

Posters
Paper Nr: 25
Title:

XACML for Building Access Control Policies in Internet of Things

Authors:

Hany F. Atlam, Madini O. Alassafi, Ahmed Alenezi, Robert J. Walters and Gary B. Wills

Abstract: Although the Internet of things (IoT) brought unlimited benefits, it also brought many security issues. The access control is one of the main elements to address these issues. It provides the access to system resources only to authorized users and ensures that they behave in an authorized manner during their access sessions. One of the significant components of any access control model is access policies. They are used to build the criteria to permit or deny any access request. Building an efficient access control model for the IoT require selecting an appropriate access policy language to implement access policies. Therefore, this paper presents an overview of most common access policy languages. It starts with discussing different access control models and features of the access policy. After reviewing different access policy languages, we proposed XACML as the most efficient and appropriate policy language for the IoT as it compatible with different platforms, provides a distributed and flexible approach to work with different access control scenarios of the IoT system. In addition, we proposed an XACML model for an Adaptive Risk-Based Access Control (AdRBAC) for the IoT and showed how the access decision will be made using XACML.