Cybersecurity of the internet of things: a development of security methods based-distributed sensors for industrial applications

Abstract

The nature of communicating in the heterogeneous Internet of Things (IoT) environment and the disparity in resource capabilities between IoT nodes make it difficult to establish the necessary security in connections. In contrast with conventional networks, most IoT components have limited energy and computational capacity and cannot support complicated security schemes. IoT has been utilised extensively in sensing, controlling, and computing for countless applications in numerous domains, including smart homes, cities, transportation, communication, healthcare, and smart grids. Integrating IoT technology for industrial applications requires security techniques for constructing progressively secure, efficient, and adaptable new systems. Even though there are numerous established methods for securing IoT applications, IoT networks face several obstacles in adopting effective security solutions due to their resource-constrained and limiting characteristics, such as limited memory, low cost, fewer computational capabilities, and low power consumption. The IoT necessitates effective authentication and detection mechanisms that protect security objectives and match its capabilities and features. This study addresses the new IoT security challenges for distributed wireless sensor networks (DWSNs). WSNs initiated this change by introducing unattended wireless topologies comprising resource-constrained nodes, in which the radio spectrum ceased to be the primary resource worthy of optimisation. Resource-constrained IoT nodes are exposed to many unanticipated security threats not faced by traditional network systems. Therefore, IoT cybersecurity is constrained by limited resources rather than an absence of advanced security solutions and developing solutions compatible with IoT device capabilities is imperative. This thesis attempted to fill the gap by addressing the theoretical and practical aspects of IoT/Industrial IoT (IoT) cybersecurity. A comprehensive evaluation of the literature in the second chapter shows that several authentications, encryption, and detection schemes have been developed to provide security and system integrity without efficiently optimising security complexity to meet the constraints of resource devices. A new mutual authentication scheme is proposed: a payload encryption-based optimisation scheme (PEOS) for lightweight authentication on the Constrained Application Protocol (CoAP). This incorporates the design of a scenario on the Contiki OS that is included in the Cooja simulator to provide a realistic hardware environment to analyse IoT applications. The test scenario was run several times under different data sizes to investigate the impact of authentication schemes on the performance of resource- constrained nodes. The results of the computational calculation are used to compare the performance of resource-constrained nodes under our proposed scheme, a basic DTLS, and schemes in previous work. The results show that our PEOS improves the DTLS handshaking and retransmission processes, significantly reducing overhead without impacting CoAP performance over distributed sensors. Furthermore, PEOS implemented the parallel execution of S-Boxes in SubBytes, delayed MixColumns in the Advanced Encryption Standard protocol, and successfully reduced the need for additional storage registers. From the results, with a large payload size, the throughput of the proposed scheme was improved by 8.7% compared to the existing PbMA by consuming 1550 microjoules under a 50-node random topology. Finally, a novel detection approach, called customised intrusion detection (CID), was proposed for heterogeneous IoT networks using federated transfer learning (FTL). The proposed FT-CID model uses an improved grey wolf optimiser (IGWO) technique to reduce noise and irrelevant features from a simulated IoT dataset. This incorporates the design of a scenario on the Contiki OS to provide a realistic hardware environment in which to analyse IoT applications. Advanced metering infrastructure datasets were collected from the Contiki OS experiment under different data sizes and attack conditions. Machine learning was used to validate the CID strategy computationally. Regarding distinguishing abnormal from normal traffic, the results confirm exceptionally high prediction accuracy compared with different ML algorithms. The proposed FT-CID model yields 10.63% higher intrusion detection accuracy than the centralised CNN model on the heterogeneous IoT network or the AMI applications.