Daniel Bastos

Topic: 
IoT Security, Privacy, and Malware Prevention and Detection
Research work: 

To develop new solutions to improve security in IoT devices and networks. To unfold new ways to improve privacy in IoT environments. To develop techniques that improve the prevention and detection of malware infection in IoT networks.

ESRs Publications

Description:

The multiple branches of Extended Reality (XR) are pioneering new ways to interact with digital content, both in real and virtual worlds. The Internet of Things (IoT) is also pioneering new real-world scenarios and use cases by taking advantage of sensed data and automation. These technologies are bridging the gap between the real world and the digital world.
In this paper we present XR and IoT technologies, explaining their concepts, popular devices and challenges. We then provide a study on the current applications of XR technologies in IoT scenarios. These include visualization of IoT data in Virtual Reality (VR), network management of IoT devices in Augmented Reality (AR) or 3D visualization of smart buildings and cities. In order to tackle the challenge of incorporating IoT data into XR applications, we propose a data communication model that allows translation of IoT data into XR objects, events or scenarios. We conclude by discussing future trends for XR and IoT.

Description:

All digital data that is produced nowadays is moving into the Cloud. Public Cloud providers offer unbeatable availability and redundancy of data in their servers, but the move to the Cloud is increasingly related to the associated services that it can provide. Internet of things devices are being deployed continuously with particular computing and storage constraints.
This makes them perfect candidates for always being connected to the Cloud. Given the increasing importance of collected data, assuring end-to-end security between IoT devices and the Cloud is of paramount importance, with secure device authentication and encrypted communications as must-have features.
This paper provides a comprehensive study of public Cloud IoT solutions in the Platform-as-a-Service (PaaS) market. The focus is mainly on the security features, given that security is a weak spot in many IoT implementations. A comparison table was produced and the results show that popular standards are being used across providers for secure authentication and communications, while authorization is managed using diverse methods.

Description:

Starting on May 25th of 2018 all EU countries begin to apply the General Data Protection Regulation (GDPR). This aims to protect and regulate data privacy and applies to any organization that holds or processes data on EU citi-zens, regardless of where it is headquartered. The penalties for non-compliance can be as high as 4% of global revenue for companies. As a result, compliance with GDPR is a must for companies who deal with users’ data. The hallmark for data collection nowadays is Internet of Things devices. With sensors capturing every piece of information from the surrounding environment, concerns about privacy and data breaches have never been so vital. This document introduces GDPR concepts and principles, analyses the challenges of data protection in IoT systems, discusses the privacy implications and potential issues, presents some mitigation approaches and draws conclusions and future steps.

Description:

With the introduction of the Amazon Echo family and Google devices like Chromecast and Home the adoption of IoT devices in the household is bound to increase exponentially this year. While usability is at the front and centre of the experience to facilitate the adoption and use of these new devices, security and privacy are often an afterthought. As a consequence, a dangerous environment of opportunity is available for malicious actors to exploit vulnerable devices sitting in domestic houses. Recent history shows that an attack on IoT devices can be both easy and have destructive consequences, with Internet services like Dyn suffering huge DDoS attacks that affected millions of Internet users. In addition, lots of cheap devices are being released in the market with little to zero security features. Therefore, it’s of paramount importance to address the security issues in the IoT space, especially in home and city environments. Privacy and individual safety are at risk given how personal these devices are and how they are going to shape the future of society. This paper presents a comprehensive survey of current IoT technologies and security issues with a focus on the Smart Home and City environments. We discuss possible solutions for improving IoT security that not only focus on today’s endpoint device security issues, but also the anticipated future attacks on data protocols and connectivity.