skip to main content
US FlagAn official website of the United States government
dot gov icon
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
https lock icon
Secure .gov websites use HTTPS
A lock ( lock ) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Explore Research Products in the PAR
It may take a few hours for recently added research products to appear in PAR search results.


Title: Model-Based Trust Assessment for Internet of Things Networks
Trust in data collected by and passing through Internt of Things (IoT) networks is paramount. The quality of decisions made based on this collected data is highly dependent upon the accuracy of the data. Currently, most trust assessment methodologies assume that collected data follows a stationary Gaussian distribution. Often, a trust score is estimated based upon the deviation from this distribution. However, the underlying state of a system monitored by an IoT network can change over time, and the data collected from the network may not consistently follow a Gaussian distribution. Further, faults that occur within the estimated Gaussian distribution may go undetected. In this study, we present a model-based trust estimation system that allows for concept drift or distributions that can change over time. The presented methodology uses data-driven models to estimate the value of the data produced by a sensor using the data produced by the other sensors in the network. We assume that an untrustworthy piece of data falls in the tails of the residual distribution, and we use this concept to assign a trust score. The method is evaluated on a smart home data set consisting of temperature, humidity, and energy sensors.  more » « less
Award ID(s):
1650512
PAR ID:
10086793
Author(s) / Creator(s):
; ; ; ;
Date Published:
Journal Name:
2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE)
Page Range / eLocation ID:
1838-1843
Format(s):
Medium: X
Sponsoring Org:
National Science Foundation
More Like this
  1. (, CODASPY '23: Proceedings of the Thirteenth ACM Conference on Data and Application Security and Privacy)
    The internet of Things (IoT) refers to a network of physical objects that are equipped with sensors, software, and other technologies in order to communicate with other devices and systems over the internet. IoT has emerged as one of the most important technologies of this century over the past few years. To ensure IoT systems' sustainability and security over the long term, several researchers lately motivated the need to incorporate the recently proposed zero trust (ZT) cybersecurity paradigm when designing and implementing access control models for IoT systems. This poster proposes a hybrid access control approach incorporating traditional and deep learning-based authorization techniques toward score-based ZT authorization for IoT systems. 
    more » « less
  2. ; ; ; ; (, 2019 International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData))
    Advancement in communication technologies and the Internet of Things (IoT) is driving adoption in smart cities that aims to increase operational efficiency and improve the quality of services and citizen welfare, among other potential benefits. The privacy, reliability, and integrity of communications must be ensured so that actions can be appropriate, safe, accurate, and implemented promptly after receiving actionable information. In this work, we present a multi-tier methodology consisting of an authentication and trust-building/distribution framework designed to ensure the safety and validity of the information exchanged in the system. Blockchain protocols and Radio Frequency-Distinct Native Attributes (RF-DNA) combine to provide a hardware-software codesigned system for enhanced device identity and overall system trustworthiness. Our threat model accounts for counterfeiting, breakout fraud, and bad mouthing of one entity by others. Entity trust (e.g., IoT devices) depends on quality and level of participation, quality of messages, lifetime of a given entity in the system, and the number of known "bad" (non-consensus) messages sent by that entity. Based on this approach to trust, we are able to adjust trust upward and downward as a function of real-time and past behavior, providing other participants with a trust value upon which to judge information from and interactions with the given entity. This approach thereby reduces the potential for manipulation of an IoT system by a bad or byzantine actor. 
    more » « less
  3. ; ; ; ; ; ; ; ; (, Smart Cities)
    Collecting, storing, and providing access to Internet of Things (IoT) data are fundamental tasks to many smart city projects. However, developing and integrating IoT systems is still a significant barrier to entry. In this work, we share insights on the development of cloud data storage and visualization tools for IoT smart city applications using flood warning as an example application. The developed system incorporates scalable, autonomous, and inexpensive features that allow users to monitor real-time environmental conditions, and to create threshold-based alert notifications. Built in Amazon Web Services (AWS), the system leverages serverless technology for sensor data backup, a relational database for data management, and a graphical user interface (GUI) for data visualizations and alerts. A RESTful API allows for easy integration with web-based development environments, such as Jupyter notebooks, for advanced data analysis. The system can ingest data from LoRaWAN sensors deployed using The Things Network (TTN). A cost analysis can support users’ planning and decision-making when deploying the system for different use cases. A proof-of-concept demonstration of the system was built with river and weather sensors deployed in a flood prone suburban watershed in the city of Charlottesville, Virginia. 
    more » « less
  4. ; ; ; (, SACMAT '22: Proceedings of the 27th ACM on Symposium on Access Control Models and Technologies)
    Zero trust (ZT) is the term for an evolving set of cybersecurity paradigms that move defenses from static, network-based perimeters to focus on users, assets, and resources. It assumes no implicit trust is granted to assets or user accounts based solely on their physical or network location. We have billions of devices in IoT ecosystems connected to enable smart environments, and these devices are scattered around different locations, sometimes multiple cities or even multiple countries. Moreover, the deployment of resource-constrained devices motivates the integration of IoT and cloud services. This adoption of a plethora of technologies expands the attack surface and positions the IoT ecosystem as a target for many potential security threats. This complexity has outstripped legacy perimeter-based security methods as there is no single, easily identified perimeter for different use cases in IoT. Hence, we believe that the need arises to incorporate ZT guiding principles in workflows, systems design, and operations that can be used to improve the security posture of IoT applications. This paper motivates the need to implement ZT principles when developing access control models for smart IoT systems. It first provides a structured mapping between the ZT basic tenets and the PEI framework when designing and implementing a ZT authorization system. It proposes the ZT authorization requirements framework (ZT-ARF), which provides a structured approach to authorization policy models in ZT systems. Moreover, it analyzes the requirements of access control models in IoT within the proposed ZT-ARF and presents the vision and need for a ZT score-based authorization framework (ZT-SAF) that is capable of maintaining the access control requirements for ZT IoT connected systems. 
    more » « less
  5. ; ; ; (, IEEE Asilomar Conference on Signals, Systems, and Computers)
    null (Ed.)
    Atrial Fibrillation (AF) is among one of the most common types of heart arrhythmia afflicting more than 3 million people in the U.S. alone. AF is estimated to be the cause of death of 1 in 4 individuals. Recent advancements in Artificial Intelligence (AI) algorithms have led to the capability of reliably detecting AF from ECG signals. While these algorithms can accurately detect AF with high precision, the discrete and deterministic classifications mean that these networks are likely to erroneously classify the given ECG signal. This paper proposes a variational autoencoder classifier network that provides an uncertainty estimation of the network's output in addition to reliable classification accuracy. This framework can increase physicians' trust in using AI-based AF detection algorithms by providing them with a confidence score which reflects how uncertain the algorithm is about a case and recommending them to put more attention to the cases with a lower confidence score. The uncertainty is estimated by conducting multiple passes of the input through the network to build a distribution; the mean of the standard deviations is reported as the network's uncertainty. Our proposed network obtains 97.64% accuracy in addition to reporting the uncertainty. 
    more » « less
  • Citation Formats
  • MLA
  • APA
  • Chicago
  • BibTeX
  • Save / Share this Record
  • Send to Email