Publikationer från Malmö universitet
Ändra sökning
Avgränsa sökresultatet
1 - 24 av 24
RefereraExporteraLänk till träfflistan
Permanent länk
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
Träffar per sida
  • 5
  • 10
  • 20
  • 50
  • 100
  • 250
Sortering
  • Standard (Relevans)
  • Författare A-Ö
  • Författare Ö-A
  • Titel A-Ö
  • Titel Ö-A
  • Publikationstyp A-Ö
  • Publikationstyp Ö-A
  • Äldst först
  • Nyast först
  • Skapad (Äldst först)
  • Skapad (Nyast först)
  • Senast uppdaterad (Äldst först)
  • Senast uppdaterad (Nyast först)
  • Disputationsdatum (tidigaste först)
  • Disputationsdatum (senaste först)
  • Standard (Relevans)
  • Författare A-Ö
  • Författare Ö-A
  • Titel A-Ö
  • Titel Ö-A
  • Publikationstyp A-Ö
  • Publikationstyp Ö-A
  • Äldst först
  • Nyast först
  • Skapad (Äldst först)
  • Skapad (Nyast först)
  • Senast uppdaterad (Äldst först)
  • Senast uppdaterad (Nyast först)
  • Disputationsdatum (tidigaste först)
  • Disputationsdatum (senaste först)
Markera
Maxantalet träffar du kan exportera från sökgränssnittet är 250. Vid större uttag använd dig av utsökningar.
  • 1.
    Alawadi, Sadi
    et al.
    Uppsala University, Sweden.
    Kebande, Victor R.
    Umeå University, Sweden.
    Dong, Yuji
    School of Internet of ThingsXi’an Jiaotong-Liverpool UniversitySuzhouChina.
    Bugeja, Joseph
    Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    Persson, Jan A.
    Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    Olsson, Carl Magnus
    Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    A Federated Interactive Learning IoT-Based Health Monitoring Platform2021Ingår i: New Trends in Database and Information Systems, Springer, 2021, s. 235-246Konferensbidrag (Refereegranskat)
    Abstract [en]

    Remote health monitoring is a trend for better health management which necessitates the need for secure monitoring and privacy-preservation of patient data. Moreover, accurate and continuous monitoring of personal health status may require expert validation in an active learning strategy. As a result, this paper proposes a Federated Interactive Learning IoT-based Health Monitoring Platform (FIL-IoT-HMP) which incorporates multi-expert feedback as ‘Human-in-the-loop’ in an active learning strategy in order to improve the clients’ Machine Learning (ML) models. The authors have proposed an architecture and conducted an experiment as a proof of concept. Federated learning approach has been preferred in this context given that it strengthens privacy by allowing the global model to be trained while sensitive data is retained at the local edge nodes. Also, each model’s accuracy is improved while privacy and security of data has been upheld.

  • 2.
    Bugeja, Joseph
    Malmö universitet, Internet of Things and People (IOTAP). Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    On Privacy and Security in Smart Connected Homes2021Doktorsavhandling, sammanläggning (Övrigt vetenskapligt)
    Abstract [en]

    The growth and presence of heterogeneous sensor-equipped Internet-connected devices inside the home can increase efficiency and quality of life for the residents. Simultaneously, these devices continuously collect, process, and transmit data about the residents and their daily lifestyle activities to unknown parties outside the home. Such data can be sensitive and personal, leading to increasingly intimate insights into private lives. This data allows for the implementation of services, personalization support, and benefits offered by smart home technologies. Alas, there has been a surge of cyberattacks on connected home devices that essentially compromise privacy and security of the residents.

    Providing privacy and security is a critical issue in smart connected homes. Many residents are concerned about unauthorized access into their homes and about the privacy of their data. However, it is typically challenging to implement privacy and security in a smart connected home because of its heterogeneity of devices, the dynamic nature of the home network, and the fact that it is always connected to the Internet, amongst other things. As the numbers and types of smart home devices are increasing rapidly, so are the risks with these devices. Concurrently, it is also becoming increasingly challenging to gain a deeper understand- ing of the smart home. Such understanding is necessary to build a more privacy-preserving and secure smart connected home. Likewise, it is needed as a precursor to perform a comprehensive privacy and security analysis of the smart home.

    In this dissertation, we render a comprehensive description and account of the smart connected home that can be used for conducting risk analysis. In doing so, we organize the underlying smart home devices ac- cording to their functionality, identify their data-collecting capabilities, and survey the data types being collected by them. Such is done using the technical specification of commercial devices, including their privacy policies. This description is then leveraged for identifying threats and for analyzing risks present in smart connected homes. Such is done by analyzing both scholarly literature and examples from the industry, and leveraging formal modeling. Additionally, we identify malicious threat agents and mitigations that are relevant to smart connected homes. This is performed without limiting the research and results to a particular configuration and type of smart home.

    This research led to three main findings. First, the majority of the surveyed commercial devices are collecting instances of sensitive and personal data but are prone to critical vulnerabilities. Second, there is a shortage of scientific models that capture the complexity and heterogeneity of real-world smart home deployments, especially those intended for privacy risk analysis. Finally, despite the increasing regulations and attention to privacy and security, there is a lack of proactive and integrative approaches intended to safeguard privacy and security of the residents. We contributed to addressing these three findings by developing a framework and models that enable early identification of threats, better planning for risk management scenarios, and mitigation of potential impacts caused by attacks before they reach the homes and compromise the lives of the residents.

    Overall, the scientific contributions presented in this dissertation help deepen the understanding and reasoning about privacy and security concerns affecting smart connected homes, and contributes to advancing the research in the area of risk analysis as applied to such systems.

    Ladda ner fulltext (pdf)
    comprehensive summary
    Ladda ner (jpg)
    preview image
  • 3.
    Bugeja, Joseph
    Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    Smart connected homes: concepts, risks, and challenges2018Licentiatavhandling, sammanläggning (Övrigt vetenskapligt)
    Abstract [en]

    The growth and presence of heterogeneous connected devices inside the home have the potential to provide increased efficiency and quality of life to the residents. Simultaneously, these devices tend to be Internet-connected and continuously monitor, collect, and transmit data about the residents and their daily lifestyle activities. Such data can be of a sensitive nature, such as camera feeds, voice commands, physiological data, and more. This data allows for the implementation of services, personalization support, and benefits offered by smart home technologies. Alas, there has been a rift of security and privacy attacks on connected home devices that compromise the security, safety, and privacy of the occupants. In this thesis, we provide a comprehensive description of the smart connected home ecosystem in terms of its assets, architecture, functionality, and capabilities. Especially, we focus on the data being collected by smart home devices. Such description and organization are necessary as a precursor to perform a rigorous security and privacy analysis of the smart home. Additionally, we seek to identify threat agents, risks, challenges, and propose some mitigation approaches suitable for home environments. Identifying these is core to characterize what is at stake, and to gain insights into what is required to build more robust, resilient, secure, and privacy-preserving smart home systems. Overall, we propose new concepts, models, and methods serving as a foundation for conducting deeper research work in particular linked to smart connected homes. In particular, we propose a taxonomy of devices; classification of data collected by smart connected homes; threat agent model for the smart connected home; and identify challenges, risks, and propose some mitigation approaches.

    Ladda ner fulltext (pdf)
    Comprehensive summary
  • 4.
    Bugeja, Joseph
    et al.
    Malmö universitet, Internet of Things and People (IOTAP). Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    Davidsson, Paul
    Malmö universitet, Internet of Things and People (IOTAP). Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    Jacobsson, Andreas
    Malmö universitet, Internet of Things and People (IOTAP). Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    Functional Classification and Quantitative Analysis of Smart Connected Home Devices2018Ingår i: 2018 Global Internet of Things Summit (GIoTS), Institute of Electrical and Electronics Engineers (IEEE), 2018, s. 144-149Konferensbidrag (Refereegranskat)
    Abstract [en]

    The home environment is rapidly becoming more complex with the introduction of numerous and heterogeneous Internet of Things devices. This development into smart connected homes brings with it challenges when it comes to gaining a deeper understanding of the home environment as a socio-technical system. A better understanding of the home is essential to build robust, resilient, and secure smart home systems. In this regard, we developed a novel method for classifying smart home devices in a logical and coherent manner according to their functionality. Unlike other approaches, we build the categorization empirically by mining the technical specifications of 1,193 commercial devices. Moreover, we identify twelve capabilities that can be used to characterize home devices. Alongside the classification, we also quantitatively analyze the entire spectrum of commercial smart home devices in accordance to their functionality and capabilities. Overall, the categorization and analysis provide a foundation for identifying opportunities of generalizations and common solutions for the smart home.

    Ladda ner fulltext (pdf)
    FULLTEXT01
  • 5.
    Bugeja, Joseph
    et al.
    Malmö universitet, Internet of Things and People (IOTAP). Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    Jacobsson, Andreas
    Malmö universitet, Internet of Things and People (IOTAP). Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    Green Intelligent Homes: A Perspective on the Future of Smart Homes and Their Implications2023Ingår i: Proceedings of the 8th International Conference on Internet of Things, Big Data and Security (IoTBDS 2023). / [ed] Gary, Wills; Buttyán, Levante; Kacuk, Péter; Chang, Victor, Portugal, 2023, s. 186-193Konferensbidrag (Refereegranskat)
    Abstract [en]

    The smart home technology market is witnessing rapid growth due to the advent of more advanced, intuitive, and affordable solutions. As the adoption of these technologies becomes more prevalent, there is a need for research to explore potential avenues for pervasive smart living. This study aims to review the available literature and industry studies, along with our own experiences in the field, to identify and discuss potential future research in the smart home. We observe that the future of the smart home will likely be focused on improving the user experience, with a greater emphasis on personalization, automation, and Artificial intelligence (AI)-driven technologies, leading to what we call the "Green Intelligent Home". Through this analysis, this study aims to offer insights into how the development of smart homes could shape society in the future and the potential implications of such a development. This study concludes by suggesting a framework for knowledge development in the smart home domain.

    Ladda ner fulltext (pdf)
    fulltext
  • 6.
    Bugeja, Joseph
    et al.
    Malmö universitet, Internet of Things and People (IOTAP). Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    Jacobsson, Andreas
    Malmö universitet, Internet of Things and People (IOTAP). Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    On the Design of a Privacy-Centered Data Lifecycle for Smart Living Spaces2020Ingår i: Privacy and Identity Management. Data for Better Living: AI and Privacy: 14th IFIP WG 9.2, 9.6/11.7, 11.6/SIG 9.2.2 International Summer School, Windisch, Switzerland, August 19--23, 2019, Revised Selected Papers / [ed] Michael Friedewald, Melek Önen, Eva Lievens, Stephan Krenn, and Samuel Fricker, Springer, 2020, 576, s. 126-141Kapitel i bok, del av antologi (Refereegranskat)
    Abstract [en]

    Many living spaces, such as homes, are becoming smarter and connected by using Internet of Things (IoT) technologies. Such systems should ideally be privacy-centered by design given the sensitive and personal data they commonly deal with. Nonetheless, few systematic methodologies exist that deal with privacy threats affecting IoT-based systems. In this paper, we capture the generic function of an IoT system to model privacy so that threats affecting such contexts can be identified and categorized at system design stage. In effect, we integrate an extension to so called Data Flow Diagrams (DFD) in the model, which provides the means to handle the privacy-specific threats in IoT systems. To demonstrate the usefulness of the model, we apply it to the design of a realistic use-case involving Facebook Portal. We use that as a means to elicit the privacy threats and mitigations that can be adopted therein. Overall, we believe that the proposed extension and categorization of privacy threats provide a useful addition to IoT practitioners and researchers in support for the adoption of sound privacy-centered principles in the early stages of the smart living design process.

  • 7.
    Bugeja, Joseph
    et al.
    Malmö universitet, Internet of Things and People (IOTAP). Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    Jacobsson, Andreas
    Malmö universitet, Internet of Things and People (IOTAP). Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    Davidsson, Paul
    Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT). Malmö universitet, Internet of Things and People (IOTAP).
    A Privacy-Centered System Model for Smart Connected Homes2020Ingår i: 2020 IEEE International Conference on Pervasive Computing and Communications Workshops: PerCom Workshops, IEEE, 2020Konferensbidrag (Refereegranskat)
    Abstract [en]

    Smart connected homes are integrated with heterogeneous Internet-connected devices interacting with the physical environment and human users. While they have become an established research area, there is no common understanding of what composes such a pervasive environment making it challenging to perform a scientific analysis of the domain. This is especially evident when it comes to discourse about privacy threats. Recognizing this, we aim to describe a generic smart connected home, including the data it deals with in a novel privacy-centered system model. Such is done using concepts borrowed from the theory of Contextual Integrity. Furthermore, we represent privacy threats formally using the proposed model. To illustrate the usage of the model, we apply it to the design of an ambient-assisted living use-case and demonstrate how it can be used for identifying and analyzing the privacy threats directed to smart connected homes.

  • 8.
    Bugeja, Joseph
    et al.
    Malmö högskola, Fakulteten för teknik och samhälle (TS). Malmö högskola, Internet of Things and People (IOTAP).
    Jacobsson, Andreas
    Malmö högskola, Fakulteten för teknik och samhälle (TS). Malmö högskola, Internet of Things and People (IOTAP).
    Davidsson, Paul
    Malmö högskola, Fakulteten för teknik och samhälle (TS). Malmö högskola, Internet of Things and People (IOTAP).
    An Analysis of Malicious Threat Agents for the Smart Connected Home2017Ingår i: Proceeding of 2017 IEEE International Conference on Pervasive Computing and Communications Workshops (PerCom Workshops), IEEE, 2017Konferensbidrag (Refereegranskat)
    Abstract [en]

    Smart connected home systems aim to enhance the comfort, convenience, security, entertainment, and health of the householders and their guests. Despite their advantages, their interconnected characteristics make smart home devices and services prone to various cybersecurity and privacy threats. In this paper, we analyze six classes of malicious threat agents for smart connected homes. We also identify four different motives and three distinct capability levels that can be used to group the different intruders. Based on this, we propose a new threat model that can be used for threat profiling. Both hypothetical and real-life examples of attacks are used throughout the paper. In reflecting on this work, we also observe motivations and agents that are not covered in standard agent taxonomies.

    Ladda ner fulltext (pdf)
    FULLTEXT01
  • 9.
    Bugeja, Joseph
    et al.
    Malmö universitet, Internet of Things and People (IOTAP). Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    Jacobsson, Andreas
    Malmö universitet, Internet of Things and People (IOTAP). Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    Davidsson, Paul
    Malmö universitet, Internet of Things and People (IOTAP). Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    An Empirical Analysis of Smart Connected Home Data2018Ingår i: Internet of Things – ICIOT 2018, Springer, 2018, s. 134-149Konferensbidrag (Refereegranskat)
    Abstract [en]

    The increasing presence of heterogeneous Internet of Things devices inside the home brings with it added convenience and value to the householders. At the same time, these devices tend to be Internet-connected and continuously monitor and collect data about the residents and their daily lifestyle activities. Such data can be of a sensitive nature, given that the house is the place where privacy is naturally expected. To gain insight into this state of affairs, we empirically investigate the privacy policies of 87 different categories of commercial smart home devices in terms of data being collected. This is done using a combination of manual and data mining techniques. The overall contribution of this work is a model that identifies and categorizes smart connected home data in terms of its collection mode, collection method, and collection phase. Our findings bring up several implications for smart connected home privacy, which include the need for better security controls to safeguard the privacy of the householders.

  • 10.
    Bugeja, Joseph
    et al.
    Malmö universitet, Internet of Things and People (IOTAP). Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    Jacobsson, Andreas
    Malmö universitet, Internet of Things and People (IOTAP). Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    Davidsson, Paul
    Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT). Malmö universitet, Internet of Things and People (IOTAP).
    Is Your Home Becoming a Spy?: A Data-Centered Analysis and Classification of Smart Connected Home Systems2020Ingår i: IoT '20: Proceedings of the 10th International Conference on the Internet of Things, New York, United States: ACM Digital Library, 2020, artikel-id 17Konferensbidrag (Refereegranskat)
    Abstract [en]

    Smart connected home systems bring different privacy challenges to residents. The contribution of this paper is a novel privacy grounded classification of smart connected home systems that is focused on personal data exposure. This classification is built empirically through k-means cluster analysis from the technical specification of 81 commercial Internet of Things (IoT) systems as featured in PrivacyNotIncluded – an online database of consumer IoT systems. The attained classification helps us better understand the privacy implications and what is at stake with different smart connected home systems. Furthermore, we survey the entire spectrum of analyzed systems for their data collection capabilities. Systems were classified into four tiers: app-based accessors, watchers, location harvesters, and listeners, based on the sensing data the systems collect. Our findings indicate that being surveilled inside your home is a realistic threat, particularly, as the majority of the surveyed in-home IoT systems are installed with cameras, microphones, and location trackers. Finally, we identify research directions and suggest some best practices to mitigate the threat of in-house surveillance.

  • 11.
    Bugeja, Joseph
    et al.
    Malmö högskola, Fakulteten för teknik och samhälle (TS).
    Jacobsson, Andreas
    Malmö högskola, Fakulteten för teknik och samhälle (TS).
    Davidsson, Paul
    Malmö högskola, Fakulteten för teknik och samhälle (TS).
    On Privacy and Security Challenges in Smart Connected Homes2016Ingår i: Proceedings: 2016 European Intelligence and Security Informatics Conference, IEEE, 2016Konferensbidrag (Refereegranskat)
    Abstract [en]

    Smart homes have become increasingly popular for IoT products and services with a lot of promises for improving the quality of life of individuals. Nevertheless, the heterogeneous, dynamic, and Internet-connected nature of this environment adds new concerns as private data becomes accessible, often without the householders’ awareness. This accessibility alongside with the rising risks of data security and privacy breaches, makes smart home security a critical topic that deserves scrutiny. In this paper, we present an overview of the privacy and security challenges directed towards the smart home domain. We also identify constraints, evaluate solutions, and discuss a number of challenges and research issues where further investigation is required.

    Ladda ner fulltext (pdf)
    FULLTEXT01
  • 12.
    Bugeja, Joseph
    et al.
    Malmö universitet, Internet of Things and People (IOTAP). Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    Jacobsson, Andreas
    Malmö universitet, Internet of Things and People (IOTAP). Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    Davidsson, Paul
    Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT). Malmö universitet, Internet of Things and People (IOTAP).
    PRASH: A Framework for Privacy Risk Analysis of Smart Homes.2021Ingår i: Sensors, E-ISSN 1424-8220, Vol. 21, nr 19, artikel-id 6399Artikel i tidskrift (Refereegranskat)
    Abstract [en]

    Smart homes promise to improve the quality of life of residents. However, they collect vasts amounts of personal and sensitive data, making privacy protection critically important. We propose a framework, called PRASH, for modeling and analyzing the privacy risks of smart homes. It is composed of three modules: a system model, a threat model, and a set of privacy metrics, which together are used for calculating the privacy risk exposure of a smart home system. By representing a smart home through a formal specification, PRASH allows for early identification of threats, better planning for risk management scenarios, and mitigation of potential impacts caused by attacks before they compromise the lives of residents. To demonstrate the capabilities of PRASH, an executable version of the smart home system configuration was generated using the proposed formal specification, which was then analyzed to find potential attack paths while also mitigating the impacts of those attacks. Thereby, we add important contributions to the body of knowledge on the mitigations of threat agents violating the privacy of users in their homes. Overall, the use of PRASH will help residents to preserve their right to privacy in the face of the emerging challenges affecting smart homes.

    Ladda ner fulltext (pdf)
    fulltext
  • 13.
    Bugeja, Joseph
    et al.
    Malmö universitet, Internet of Things and People (IOTAP). Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    Jacobsson, Andreas
    Malmö universitet, Internet of Things and People (IOTAP). Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    Davidsson, Paul
    Malmö universitet, Internet of Things and People (IOTAP). Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    Smart Connected Homes2018Ingår i: Internet of Things A to Z: Technologies and Applications / [ed] Qusay F. Hassan, John Wiley & Sons, 2018, s. 359-384Kapitel i bok, del av antologi (Övrigt vetenskapligt)
  • 14.
    Bugeja, Joseph
    et al.
    Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT). Malmö universitet, Internet of Things and People (IOTAP).
    Jacobsson, Andreas
    Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT). Malmö universitet, Internet of Things and People (IOTAP).
    Davidsson, Paul
    Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT). Malmö universitet, Internet of Things and People (IOTAP).
    The Ethical Smart Home: Perspectives and Guidelines2022Ingår i: IEEE Security and Privacy, ISSN 1540-7993, E-ISSN 1558-4046, Vol. 20, nr 1, s. 72-80Artikel i tidskrift (Refereegranskat)
  • 15.
    Bugeja, Joseph
    et al.
    Malmö universitet, Internet of Things and People (IOTAP). Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    Jacobsson, Andreas
    Malmö universitet, Internet of Things and People (IOTAP). Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    Spalazzese, Romina
    Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT). Malmö universitet, Internet of Things and People (IOTAP).
    On the Analysis of Semantic Denial-of-Service Attacks Affecting Smart Living Devices2020Ingår i: Intelligent Computing: Proceedings of the 2020 Computing Conference / [ed] Kohei Arai, Supriya Kapoor, Rahul Bhatia, Springer, 2020, Vol. 2Konferensbidrag (Refereegranskat)
    Abstract [en]

    With the interconnectedness of heterogeneous IoT devices being deployed in smart living spaces, it is imperative to assure that connected devices are resilient against Denial-of-Service (DoS) attacks. DoS attacks may cause economic damage but may also jeopardize the life of individuals, e.g., in a smart home healthcare environment since there might be situations (e.g., heart attacks), when urgent and timely actions are crucial. To achieve a better understanding of the DoS attack scenario in the ever so private home environment, we conduct a vulnerability assessment of five commercial-off-the-shelf IoT devices: a gaming console, media player, lighting system, connected TV, and IP camera, that are typically found in a smart living space. This study was conducted using an automated vulnerability scanner – Open Vulnerability Assessment System (OpenVAS) – and focuses on semantic DoS attacks. The results of the conducted experiment indicate that the majority of the tested devices are prone to DoS attacks, in particular those caused by a failure to manage exceptional conditions, leading to a total compromise of their availability. To understand the root causes for successful attacks, we analyze the payload code, identify the weaknesses exploited, and propose some mitigations that can be adopted by smart living developers and consumers.

  • 16.
    Bugeja, Joseph
    et al.
    Malmö universitet, Internet of Things and People (IOTAP). Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    Jönsson, Désirée
    Malmö universitet, Internet of Things and People (IOTAP). Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    Jacobsson, Andreas
    Malmö universitet, Internet of Things and People (IOTAP). Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    An Investigation of Vulnerabilities in Smart Connected Cameras2018Ingår i: 2018 IEEE International Conference on Pervasive Computing and Communications Workshops (PerCom Workshops), IEEE, 2018, s. 656-661Konferensbidrag (Refereegranskat)
    Abstract [en]

    The Internet of Things is enabling innovative ser-vices promising added convenience and value in various domains such as the smart home. Increasingly, households, office envi-ronments and cities, are being fitted with smart camera systems aimed to enhance the security of citizens. At the same time, sev-eral systems being deployed suffer from weak security implemen-tations. Recognizing this, and to understand the extent of this situation, in this study we perform a global vulnerability assess-ment using the Shodan search engine and the Common Vulnera-bilities and Exposures database. This is done to detect smart con-nected cameras exposed on the Internet alongside their sensitive, potentially private, data being broadcasted. Furthermore, we discuss whether the discovered data can be used to compromise the safety and privacy of individuals, and identify some mitiga-tions that can be adopted. The results indicate that a significant number of smart cameras are indeed prone to diverse security and privacy vulnerabilities.

    Ladda ner fulltext (pdf)
    FULLTEXT01
  • 17.
    Bugeja, Joseph
    et al.
    Malmö universitet, Internet of Things and People (IOTAP). Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    Persson, Jan A.
    Malmö universitet, Internet of Things and People (IOTAP). Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    A Data-Centric Anomaly-Based Detection System for Interactive Machine Learning Setups2022Ingår i: Proceedings of the 18th International Conference on Web Information Systems and Technologies - WEBIST, SciTePress, 2022, s. 182-189Konferensbidrag (Refereegranskat)
    Abstract [en]

    A major concern in the use of Internet of Things (IoT) technologies in general is their reliability in the presence of security threats and cyberattacks. Particularly, there is a growing recognition that IoT environments featuring virtual sensing and interactive machine learning may be subject to additional vulnerabilities when compared to traditional networks and classical batch learning settings. Partly, this is as adversaries could more easily manipulate the user feedback channel with malicious content. To this end, we propose a data-centric anomaly-based detection system, based on machine learning, that facilitates the process of identifying anomalies, particularly those related to poisoning integrity attacks targeting the user feedback channel of interactive machine learning setups. We demonstrate the capabilities of the proposed system in a case study involving a smart campus setup consisting of different smart devices, namely, a smart camera, a climate sensmitter, smart lighting, a smart phone, and a user feedback channel over which users could furnish labels to improve detection of correct system states, namely, activity types happening inside a room. Our results indicate that anomalies targeting the user feedback channel can be accurately detected at 98% using the Random Forest classifier.

    Ladda ner fulltext (pdf)
    fulltext
  • 18.
    Bugeja, Joseph
    et al.
    Malmö universitet, Internet of Things and People (IOTAP). Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    Vogel, Bahtijar
    Malmö universitet, Internet of Things and People (IOTAP). Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    Jacobsson, Andreas
    Malmö universitet, Internet of Things and People (IOTAP). Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    Varshney, Rimpu
    Department of Security & Enterprise, Sony Mobile Communications, Lund, Sweden.
    IoTSM: An End-to-end Security Model for IoT Ecosystems2019Ingår i: 2019 IEEE International Conference on Pervasive Computing and Communications Workshops (PerCom Workshops), IEEE, 2019Konferensbidrag (Refereegranskat)
    Abstract [en]

    The Internet of Things (IoT) market is growing rapidly, allowing continuous evolution of new technologies. Alongside this development, most IoT devices are easy to compromise, as security is often not a prioritized characteristic. This paper proposes a novel IoT Security Model (IoTSM) that can be used by organizations to formulate and implement a strategy for developing end-to-end IoT security. IoTSM is grounded by the Software Assurance Maturity Model (SAMM) framework, however it expands it with new security practices and empirical data gathered from IoT practitioners. Moreover, we generalize the model into a conceptual framework. This approach allows the formal analysis for security in general and evaluates an organization’s security practices. Overall, our proposed approach can help researchers, practitioners, and IoT organizations, to discourse about IoT security from an end-to-end perspective.

  • 19.
    Flores, César
    et al.
    Adesso Sweden, Malmö, Sweden.
    Gonzalez, Jose
    Accelerated Growth, Malmö, Sweden.
    Kajtazi, Miranda
    Department of Informatics, Lund University, Lund, Sweden.
    Bugeja, Joseph
    Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT). Malmö universitet, Internet of Things and People (IOTAP).
    Vogel, Bahtijar
    Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT). Malmö universitet, Internet of Things and People (IOTAP).
    Human Factors for Cybersecurity Awareness in a Remote Work Environment2023Ingår i: Proceedings of the 9th International Conference on Information Systems Security and Privacy ICISSP, SciTePress, 2023, Vol. 1, s. 608-616Konferensbidrag (Refereegranskat)
    Abstract [en]

    The conveniences of remote work are various, but a surge in cyberthreats has heavily affected the optimal processes of organizations. As a result, employees’ cybersecurity awareness was jeopardized, prompting organizations to require improvement of cybersecurity processes at all levels. This paper explores which cybersecurity aspects are more relevant and/or relatable for remote working employees. A qualitative approach via interviews is used to collect experiences and perspectives from employees in different organizations. The results show that human factors, such as trust in cybersecurity infrastructure, previous practices, training, security fatigue, and improvements with gamification, are core to supporting the success of a cybersecurity program in a remote work environment.

     

     

     

    Ladda ner fulltext (pdf)
    fulltext
  • 20.
    Gabrielsson, Jonas
    et al.
    Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    Bugeja, Joseph
    Malmö universitet, Internet of Things and People (IOTAP). Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    Vogel, Bahtijar
    Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT). Malmö universitet, Internet of Things and People (IOTAP).
    Hacking a Commercial Drone with Open-Source Software: Exploring Data Privacy Violations2021Ingår i: 2021 10th Mediterranean Conference on Embedded Computing (MECO), IEEE, 2021, s. 1-5Konferensbidrag (Refereegranskat)
    Abstract [en]

    Drones have been discussed frequently in both governmental and commercial sectors for their normalization in the airspace. Nonetheless, drones bring diverse privacy concerns to users. In this paper, we explore the ramifications to data privacy from the perspective of drone owners. To investigate privacy in this context, four experiments targeting a commercial drone were conducted using open-source software. The experiments identified personal data (e.g., audio, video, and location) that are at risk of being compromised particularly through the execution of a basic deauthentication attack launched at a commercial drone. Our findings indicate the severity of risks affecting commercial drones. This makes the case for more effective privacy regulations and better guidelines suitable for securing drones.

  • 21.
    Kebande, Victor R.
    et al.
    Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    Alawadi, Sadi
    Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    Bugeja, Joseph
    Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    Persson, Jan A.
    Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    Olsson, Carl Magnus
    Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    Leveraging Federated Learning & Blockchain to counter Adversarial Attacks in Incremental Learning2020Ingår i: IoT '20 Companion: 10th International Conference on the Internet of Things Companion, ACM Digital Library, 2020, s. 1-5, artikel-id 2Konferensbidrag (Refereegranskat)
    Abstract [en]

    Whereas data labelling in IoT applications is costly, it is also time consuming to train a supervised Machine Learning (ML) algorithm. Hence, a human oracle is required to gradually annotate the data patterns at run-time to improve the models’ learning behavior, through an active learning strategy in form of User Feedback Process (UFP). Consequently, it is worth to note that during UFP there may exist malicious content that may subject the learning model to be vulnerable to adversarial attacks, more so, manipulative attacks. We argue in this position paper, that there are instances during incremental learning, where the local data model may present wrong output, if retraining is done using data that has already been subjected to adversarial attack. We propose a Distributed Interactive Secure Federated Learning (DISFL) framework that utilizes UFP in the edge and fog node, that subsequently increases the amount of labelled personal local data for the ML model during incremental training. Furthermore, the DISFL framework addresses data privacy by leveraging federated learning, where only the model's knowledge is moved to a global unit, herein referred to as Collective Intelligence Node (CIN). During incremental learning, this would then allow the creation of an immutable chain of data that has to be trained, which in its entirety is tamper-free while increasing trust between parties. With a degree of certainty, this approach counters adversarial manipulation during incremental learning in active learning context at the same time strengthens data privacy, while reducing the computation costs.

  • 22.
    Persson, Jan A.
    et al.
    Malmö universitet, Internet of Things and People (IOTAP). Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    Bugeja, Joseph
    Malmö universitet, Internet of Things and People (IOTAP). Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    Davidsson, Paul
    Malmö universitet, Internet of Things and People (IOTAP). Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    Holmberg, Johan
    Malmö universitet, Internet of Things and People (IOTAP). Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    Kebande, Victor R.
    Malmö universitet, Internet of Things and People (IOTAP). Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    Mihailescu, Radu-Casian
    Malmö universitet, Internet of Things and People (IOTAP). Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    Sarkheyli-Hägele, Arezoo
    Malmö universitet, Internet of Things and People (IOTAP). Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    Tegen, Agnes
    Malmö universitet, Internet of Things and People (IOTAP). Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).
    The Concept of Interactive Dynamic Intelligent Virtual Sensors (IDIVS): Bridging the Gap between Sensors, Services, and Users through Machine Learning2023Ingår i: Applied Sciences, E-ISSN 2076-3417, Vol. 13, nr 11, artikel-id 6516Artikel i tidskrift (Refereegranskat)
    Abstract [en]

    This paper concerns the novel concept of an Interactive Dynamic Intelligent Virtual Sensor (IDIVS), which extends virtual/soft sensors towards making use of user input through interactive learning (IML) and transfer learning. In research, many studies can be found on using machine learning in this domain, but not much on using IML. This paper contributes by highlighting how this can be done and the associated positive potential effects and challenges. An IDIVS provides a sensor-like output and achieves the output through the data fusion of sensor values or from the output values of other IDIVSs. We focus on settings where people are present in different roles: from basic service users in the environment being sensed to interactive service users supporting the learning of the IDIVS, as well as configurators of the IDIVS and explicit IDIVS teachers. The IDIVS aims at managing situations where sensors may disappear and reappear and be of heterogeneous types. We refer to and recap the major findings from related experiments and validation in complementing work. Further, we point at several application areas: smart building, smart mobility, smart learning, and smart health. The information properties and capabilities needed in the IDIVS, with extensions towards information security, are introduced and discussed.

    Ladda ner fulltext (pdf)
    fulltext
  • 23.
    Vogel, Bahtijar
    et al.
    Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT). Malmö universitet, Internet of Things and People (IOTAP).
    Kajtazi, Miranda
    Department of Informatics, Lund University.
    Bugeja, Joseph
    Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT). Malmö universitet, Internet of Things and People (IOTAP).
    Varshney, Rimpu
    Department of Security, Booking.com.
    Openness and Security Thinking Characteristics for IoT Ecosystems2020Ingår i: Information, E-ISSN 2078-2489, Vol. 11, nr 12Artikel i tidskrift (Refereegranskat)
    Abstract [en]

    While security is often recognized as a top priority for organizations and a push for competitive advantage, repeatedly, Internet of Things (IoT) products have become a target of diverse security attacks. Thus, orchestrating smart services and devices in a more open, standardized and secure way in IoT environments is yet a desire as much as it is a challenge. In this paper, we propose a model for IoT practitioners and researchers, who can adopt a sound security thinking in parallel with open IoT technological developments. We present the state-of-the-art and an empirical study with IoT practitioners. These efforts have resulted in identifying a set of openness and security thinking criteria that are important to consider from an IoT ecosystem point of view. Openness in terms of open standards, data, APIs, processes, open source and open architectures (flexibility, customizability and extensibility aspects), by presenting security thinking tackled from a three-dimensional point of view (awareness, assessment and challenges) that highlight the need to develop an IoT security mindset. A novel model is conceptualized with those characteristics followed by several key aspects important to design and secure future IoT systems.

    Ladda ner fulltext (pdf)
    fulltext
  • 24.
    Vogel, Bahtijar
    et al.
    Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT). Malmö universitet, Internet of Things and People (IOTAP).
    Kajtazi, Miranda
    Lund University.
    Bugeja, Joseph
    Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT). Malmö universitet, Internet of Things and People (IOTAP).
    Varshney, Rimpu
    Sony Mobile Communications AB.
    State-of-the-Art in Security Thinking for the Internet of Things (IoT)2018Ingår i: WISP 2018 Proceedings, San Francisco, California, US: Association for Information Systems, 2018Konferensbidrag (Övrigt vetenskapligt)
    Abstract [en]

    In this paper we propose a model for Internet of Things (IoT) practitioners and researchers on how to use security thinking in parallel with the IoT technological developments. While security is recognized as a top priority, repeatedly, IoT products have become a target by diverse security attacks. This raises the importance for an IoT security mindset that contributes to building more holistic security measures. In understanding this, we present the state-of-the-art in IoT security. This resulted in the identification of three dimensions (awareness, assessment and challenges) that are needed to develop an IoT security mindset. We then interviewed four security and IoT-related experts from three different organizations that formed the basis for our pilot study to test the model. Our results show that the identified three-dimensional model highlights continuous security thinking as a serious matter to sustain IoT development with positive outcomes for its users.

1 - 24 av 24
RefereraExporteraLänk till träfflistan
Permanent länk
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf