Security and PrIvacy foR the Internet of Things (SPIRIT)
Lead Research Organisation:
University of Essex
Department Name: Computer Sci and Electronic Engineering
Abstract
Abstracts are not currently available in GtR for all funded research. This is normally because the abstract was not required at the time of proposal submission, but may be because it included sensitive information such as personal details.
Organisations
People |
ORCID iD |
| Klaus D McDonald-Maier (Principal Investigator) |
Publications
Al-Zaidi R
(2017)
Next generation marine data networks in an IoT environment
Alheeti K
(2017)
Using discriminant analysis to detect intrusions in external communication for self-driving vehicles
in Digital Communications and Networks
Ali Alheeti K
(2018)
Intelligent intrusion detection in external communication systems for autonomous vehicles
in Systems Science & Control Engineering
Ali Alheeti K
(2017)
An enhanced AODV protocol for external communication in self-driving vehicles
Ali Alheeti K
(2019)
Spreading Code Identification of Legal Drones in IoT Environment
Ali Alheeti K
(2017)
An intelligent security system for autonomous cars based on infrared sensors
Alizai Z
(2019)
Key-Based Cookie-Less Session Management Framework for Application Layer Security
in IEEE Access
| Description | The SPIRIT project is investigating the Proof-of Concept of employing novel secure and privacy-ensuring techniques in services set-up in the Internet of Things (IoT) environment, aiming to increase the trust of users in IoT-based systems. The system will address distinct issues related to security and privacy, hence, overcoming the lack of user confidence, which inhibits utilisation of IoT technology. It has just completed its first year of investigaton. Its aim is to integrate three highly novel technology concepts developed independently by the consortium partners to form a highly integrated system able to address . Firstly, a technology, termed ICMetrics, for deriving encryption keys directly from the operating characteristics of digital devices comprising the Internet of Things (IoT) in being investigated in order to provide an authentication framework for their operation. This prevents spoofing of such devices compromising users' confidential data, and hence leading to increasing the trust and providence of such devices. This technology has been developed by the Universities of Kent and Essex in the UK. In this first period, the focus has been adapting existing technology to operate on IoT devices to enable trust and authenticty. The technology has previously been applied commercially to only mobile devices. IoT devices have limited processing ability and battery-life and hence present a greater challenge for the technology. Initially, a programmable embedded platform was developed to enable arbitrary sensors and modules that act as data sources to be analysed. Vatious sensors have been investigated It was used to analyse a range of embedded IoT sensors and as a tool to investigate further ideas derived from this work, and has proved invaluable for rapid prototyping and investigation. A Raspberry PI setup has been developed in conjunction and the likely board everything will integrate into later. Results to date are highly encouraging with several academic publications arising. A second technology, termed a Semantic firewall, is a highly flexible network security system, developed by the University of La Rochelle (ULR) in France. The semantic firewall is able to allow or deny the transmission of data derived from an IoT device according to the information contained within the data and the information gathered about the requester, hence ensuring that access to such data is governed by the access permissions commensurate with the requester. The work during the first period has focused on the design of a user-centric approach for user privacy protection based on two main blocks, namely (i) a habit-based approach for anomaly-based intrusion detection system, and (ii) a semantic-based firewall for access control and communication security. It introduces a generic algorithm for user habit learning as a pillar of the anomaly detection system, which is then instantiated by an intuitionistic fuzzy sets model (i.e. the rules for personal data protection are implemented using fuzzy sets) to illustrate how it operates in a real world use-case. Work to provide the knowledge that will be used by the Semantic Firewall in order to deny or allow access to the requested data has been undertaken at the University of Geneva. All the methods made for document classification (including pattern mining and matching) will also be used (with slight modification/adaptation) for knowledge extraction. The goal is to make the whole machinery (feature extraction and selection, and classification) to be as general as possible, applying it both to document classification and knowledge extraction. The goal is tohave just to give our system learning examples and then the system will learn by itself. Thirdly, a technology based on creating a content-based signature of user data /documents in being developed in order to ensure the integrity of sent data upon arrival. This technology has also been developed at the University of La Rochelle but not as yet employed in the IoT domain. It will produce a classifier that allows to take a document as input then says which type it belongs to. The first year of the project was more specifically focused on decomposing the layout of a document in order to separate the different content composing a page, and to propose a layout descriptor based on this decomposition. This layout extraction and description is the first step of our signature, and consists of the classification of content extracted is actually in progress and some delay has been registered in the work due to the lateness of the hiring process and changes in staff. The integration of these technologies will be demonstrated in use case scenario in an IoT based service. In the demonstrator, data extraction and analysis will also be carried out, in order to produce content and semantic information needed by both the content-based signature and the semantic firewall technologies. This part will be carried out jointly by the University of La Rochelle and the University of Geneva. |
| Exploitation Route | The end goal of the SPIRIT project is to address some security and privacy vulnerabilities in IoT applications by providing a trustworthy application environments in which people can trust the applications they are using, and the applications are forbidden to abuse the users by placing them under surveillance and to take non-legitimate benefits from there personal data. The project aims to exploit the results via several stakeholders although as it has just completed its first year, progress is necessarily limited at present. |
| Sectors | Digital/Communication/Information Technologies (including Software),Financial Services, and Management Consultancy,Healthcare,Security and Diplomacy |
| URL | http://cui.unige.ch/spirit |
| Description | The project has contributed to new cybsersecurity systems, that use machine specific identifiers to create security credentials on demand, and is being commercialised by University of Essex and Kent Spinout Metrarc. |
| First Year Of Impact | 2018 |
| Sector | Digital/Communication/Information Technologies (including Software) |
| Impact Types | Economic |
| Description | National Centre for Nuclear Robotics (NCNR) |
| Amount | £11,588,431 (GBP) |
| Funding ID | EP/R02572X/1 |
| Organisation | Engineering and Physical Sciences Research Council (EPSRC) |
| Sector | Public |
| Country | United Kingdom |
| Start | 10/2017 |
| End | 04/2021 |