Internet of Things (IoT) is an increasingly popular technology that enables physical devices, vehicles, home appliances, etc., to communicate and even inter operate with one another. It has been widely used in industrial production and social applications including smart home, healthcare, and industrial automation. While bringing unprecedented convenience, accessibility, and efficiency, IoT has caused acute security and privacy threats in recent years. There are increasing research works to ease these threats, but many problems remain open. To better understand the essential reasons of new IoT threats and the challenges in current research, this survey first proposes the concept of “IoT features.” Then, we discuss the security and privacy effects of eight IoT features including the threats they cause, existing solutions to threats and research challenges yet to be solved. To help researchers follow the up-to-date works in this field, this paper finally illustrates the developing trend of IoT security research and reveals how IoT features affect existing security research by investigating most existing research works related to IoT security from 2013 to 2017.
The use of the Internet is growing in this day and age, so another area has developed to use the Internet, called Internet of Things (IoT). It facilitates the machines and objects to communicate, compute and coordinate with each other. It is an enabler for the intelligence affixed to several essential features of the modern world, such as homes, hospitals, buildings, transports and cities. The security and privacy are some of the critical issues related to the wide application of IoT. Therefore, these issues prevent the wide adoption of the IoT. In this paper, we are presenting an overview about different layered architectures of IoT and attacks regarding security from the perspective of layers. In addition, a review of mechanisms that provide solutions to these issues is presented with their limitations. Furthermore, we have suggested a new secure layered architecture of IoT to overcome these issues.
Smart home Internet of Things (IoT) devices are rapidly increasing in popularity, with more households including Internet-connected devices that continuously monitor user activities. In this study, we conduct eleven semi-structured interviews with smart home owners, investigating their reasons for purchasing IoT devices, perceptions of smart home privacy risks, and actions taken to protect their privacy from those external to the home who create, manage, track, or regulate IoT devices and/or their data. We note several recurring themes. First, users' desires for convenience and connectedness dictate their privacy-related behaviors for dealing with external entities, such as device manufacturers, Internet Service Providers, governments, and advertisers. Second, user opinions about external entities collecting smart home data depend on perceived benefit from these entities. Third, users trust IoT device manufacturers to protect their privacy but do not verify that these protections are in place. Fourth, users are unaware of privacy risks from inference algorithms operating on data from non-audio/visual devices. These findings motivate several recommendations for device designers, researchers, and industry standards to better match device privacy features to the expectations and preferences of smart home owners.
Abstract Recent developments in the Internet of Things (IoT) technology provide an unprecedented opportunity for personalized services. To take advantage of this great potential, consumers are willing to provide their personal information at the risk of privacy breach. This paper examines factors affecting the willingness to provide privacy information based on the privacy calculus theory in several IoT services; healthcare, smart home and smart transportation. The proposed model is estimated using survey data collected from 154 people who know the concept of IoT. The results indicate that people do not pay much attention to perceived privacy risk when providing privacy information for a better personalized service. However, in healthcare service, where perceived privacy risk is high, people are not willing to provide their personal information despite the lower expected value from incomplete personalization. Analysis of privacy behavior in the context of IoT services provides implications for and insight into the tradeoff decision between perceived privacy risk and willingness to provide personal information.
In recent years, the wide adoption of the modern Internet of Things (IoT) paradigm has led to the invention of smart cities. Smart cities operate in real-world time to promote ease and quality of life in urban cities. The network traffic of a smart city via IoT systems is growing exponentially and introducing new cybersecurity challenges since these IoT devices are being connected to sensors that are directly connected to massive cloud servers. In order to mitigate these cyberattacks, the developers need to enhance new techniques for detecting infected IoT devices. In this paper, to address the IoT cybersecurity threats in a smart city, we propose an Anomaly Detection-IoT (AD-IoT) system, which is an intelligent anomaly detection based on Random Forest machine learning algorithm. The proposed solution can effectively detect compromised IoT devices at distributed fog nodes. To evaluate our model, we utilized modern dataset to illustrate the model’s accuracy. Our findings show that the AD-IoT can effectively achieve highest classification accuracy of 99.34% with lowest false positive rate.
Abstract The Internet of things (IoT) is the network of objects/things that contain electronics, software, sensors, and actuators, which allows these things to connect, interact, and exchange data. The users, sensors, and networks generate huge amounts of data from which governments can develop applications and gain knowledge using Artificial Intelligence (AI) techniques. Thus, IoT and AI can enable the development of valuable services for citizens, businesses, and public agencies, in multiple domains, such as transportation, energy, healthcare, education, and public safety. This guest editorial for the special issue on IoT and AI for Smart Government, identifies the challenges involved in implementing and adopting these technologies in the public sector, and proposes a comprehensive research framework, which includes both IoT and AI elements for smart government transformation. Subsequently, the editorial provides a brief introduction of the six papers in this special issue. Finally, an agenda for future research on IoT and AI for smart government is presented, based on the proposed framework and gaps in existing literature, supported by the papers that were submitted to this special issue. The agenda comprises four directions i.e., conducting domain-specific studies, going beyond adoption studies to examine implementation and evaluation of these technologies, focusing on specific challenges and thus quick wins, and expanding the existing set of research methods and theoretical foundations used.
Hadiseh Rezaei, Rahim Taheri, Ehsan Nowroozi
et al.
The rapid growth of Internet of Things (IoT) devices and the introduction of 5G networks have created new opportunities for enhancing network services, while also introducing significant security concerns. Intrusion Detection Systems (IDS) are crucial for identifying malicious activities and unauthorized access in these environments. However, current IDS solutions face challenges such as sharing sensitive data and managing large-scale networks. Federated Learning (FL) presents a promising solution by enabling models to be trained on decentralized devices without sharing private data. This paper examines how FL can enhance IDS for IoT and 5G networks, with an emphasis on privacy and security concerns. We analyze various privacy, homomorphic encryption, and security mechanisms in FL, including Differential Privacy (DP) and secure aggregation, and their potential applications in strengthening IDS solutions. Additionally, we explore how FL contributes to the development of more secure and efficient IDS systems while addressing challenges such as data heterogeneity and security risks. Finally, we identify gaps in the existing research and propose directions for future work to enhance the robustness and practicality of FL-based IDS for IoT and 5G environments.
Telecommunication, Transportation and communications
—Federated Learning (FL) is an appealing method for applying machine learning to large scale systems due to the privacy and efficiency advantages that its training mechanism provides. One important field for FL deployment is emerging IoT applications. In particular, FL has been recently used for IoT intrusion detection systems where clients, e.g., a home security gateway, monitors traffic data generated by IoT devices in its network, trains a local intrusion detection model, and send this model to a central entity, the aggregator, who then computes a global model (using the models of all gateways) that is distributed back to clients. This approach protects the privacy of users as it does not require local clients to share their potentially private IoT data with any other parties, and it is in general more efficient than a centralized system. However, FL schemes have been subject to poising attacks, in particular to backdoor attacks. In this paper, we show that FL-based IoT intrusion detection systems are vulnerable to backdoor attacks. We present a novel data poisoning attack that allows an adversary to implant a backdoor into the aggregated detection model to incorrectly classify malicious traffic as benign. We show that the adversary can gradually poison the detection model by only using compromised IoT devices (and not gateways/clients) to inject small amounts of malicious data into the training process and remain undetected. Our extensive evaluation on three real-world IoT datasets generated from 46 IoT devices shows the effectiveness of our attack in injecting backdoors and circumventing state of the art defenses against FL poisoning. Finally, we discuss shortly possible mitigation approaches.
Internet of Things (IoT) is an integration of the Sensor, Embedded, Computing, and Communication technologies. The purpose of the IoT is to provide seamless services to anything, anytime at any place. IoT technologies play a crucial role everywhere, which brings the fourth revolution of disruptive technologies after the internet and Information and Communication Technology (ICT). The Research & Development community has predicted that the impact of IoT will be more than the internet and ICT on society, which improves the well-being of society and industries. Addressing the predominant system-level design aspects like energy efficiency, robustness, scalability, interoperability, and security issues result in the use of a potential IoT system. This paper presents the current state of art of the functional pillars of IoT and its emerging applications to motivate academicians and researches to develop real-time, energy-efficient, scalable, reliable, and secure IoT applications. This paper summarizes the architecture of IoT, with the contemporary status of IoT architectures. Highlights of the IoT system-level issues to develop more advanced real-time IoT applications have been discussed. Millions of devices exchange information using different communication standards, and interoperability between them is a significant issue. This paper provides the current status of the communication standards and application layer protocols used in IoT with the detailed analysis. The computing paradigms like Cloud, Cloudlet, Fog, and Edge computing facilitate IoT with various services like data offloading, resource and device management, etc. In this paper, an exhaustive analysis of Edge Computing in IoT with different edge computing architectures and existing status are deliberated. The widespread adoption of IoT in society has resulted in privacy and security issues. This paper emphasizes on analyzing the security challenges, privacy and security threats, conventional mitigation techniques, and further scope for IoT security. The features like fewer memory footprints, scheduling, real-time task execution, fewer interrupt, and thread switching latency of Real-Time Operating Systems (RTOS) enables the development of time critical IoT applications. Also, this review offers the analysis of the RTOS’s suitable for IoT with the current status and networking stack. Finally, open research issues in IoT system development are discussed.
Localization techniques are becoming key to add location context to the Internet-of-Things (IoT) data without human perception and intervention. Meanwhile, the newly emerged low-power wide-area network (LPWAN) and 5G technologies have become strong candidates for mass-market localization applications. However, various error sources have limited localization performance by using such IoT signals. This article reviews the IoT localization system through the following sequence: IoT localization system review, localization data sources, localization algorithms, localization error sources and mitigation, and localization performance evaluation. Compared to the related surveys, this article has a more comprehensive and state-of-the-art review on IoT localization methods, an original review on IoT localization error sources and mitigation, an original review on IoT localization performance evaluation, and a more comprehensive review of IoT localization applications, opportunities, and challenges. Thus, this survey provides comprehensive guidance for peers who are interested in enabling localization ability in the existing IoT systems, using IoT systems for localization, or integrating IoT signals with the existing localization sensors.
As latency is the key performance metric for IoT applications, fog nodes co-located with cellular base stations can move the computing resources close to IoT devices. Therefore, data flows of IoT devices can be offloaded to fog nodes in their proximity, instead of the remote cloud, for processing. However, the latency of data flows in IoT devices consist of both the communications latency and computing latency. Owing to the spatial and temporal dynamics of IoT device distributions, some BSs and fog nodes are lightly loaded, while others, which may be overloaded, may incur congestion. Thus, the traffic load allocation among base stations (BSs) and computing load allocation among fog nodes affect the communications latency and computing latency of data flows, respectively. To solve this problem, we propose a workload balancing scheme in a fog network to minimize the latency of data flows in the communications and processing procedures by associating IoT devices to suitable BSs. We further prove the convergence and the optimality of the proposed workload balancing scheme. Through extensive simulations, we have compared the performance of the proposed load balancing scheme with other schemes and verified its advantages for fog networking.
M. Humayun, Noor Zaman Jhanjhi, Bushra Hamid
et al.
Transportation and logistics management play a vital role in the development of a country. With the advancement of the Internet of Things (IoT) devices, smart transportation is becoming a reality. However, these abundant connected IoT devices are vulnerable to security attacks. Recently, Blockchain has emerged as one of the most widely accepted technologies for trusted, secure and decentralized intelligent transportation systems. This research study aims to contribute to the field of logistics and transportation by exploring the potential of IoT and Blockchain technology in smart logistics and transportation. We propose a layered framework, namely BCTLF, for smart logistics and transportation that integrates IoT and Blockchain to provide an intelligent logistics and transportation system. Finally, we present two real-life IoT and Blockchain-based case studies to highlight the contribution of IoT and Blockchain in logistics and transportation.
PurposeThe Internet of Things (IoT) provides exciting opportunities for the construction industry to solve its time and resource constraints and frequent defaults. This study seeks to identify and rank the perceived importance level of principal research areas associated with the IoT and the construction industry by utilising a scientific mapping tool (i.e. VOSviewer). Such knowledge would enable key drivers for successful adoption of the IoT and digitisation technologies to be outlined. An analysis of key drivers and research trends that facilitates the development of a roadmap for applying the IoT and digital technologies in the construction sector is therefore much needed.Design/methodology/approachAn interpretivist philosophical lens was adopted to analyse published work as secondary data, where each publication represented a unit of analysis. A total of 417 peer-reviewed journal review articles covering the IoT within the construction domain were systematically reviewed using a mixed-methods approach, utilising qualitative-scientometric analyses techniques.FindingsThe results revealed a field of study in a fledgling stage, with a limited number of experts operating somewhat in isolation and offering single-point solutions instead of taking an integrated “holistic” approach. Key publication outlets were identified and the main focus of research undertaken being in the technical areas of smart buildings, smart construction objects and environmental sustainability. The major effects of adopting the IoT within the construction industry were identified as high-speed reporting, complete process control, data explosion leading to deep data analytics, strict ethical and legal expectations. Key drivers of the IoT adoption were outlined: interoperability; data privacy and security; flexible governance structures; proper business planning and models.Practical implicationsThe study benefits researchers and industry practitioners alike. For researchers, the identified gaps reveal areas of high priority in future research. For construction companies, particularly small to medium-sized businesses, the study raises awareness of the latest developments and potential applicability of the IoT in the industry. For government agencies and policymakers, this study offers a point of reference in directing the adoption of the IoT smoothly in the construction sector and provides guidelines and standards for maximising the potential benefits.Originality/valueThe study is the first scientometric review of the existing body of knowledge in the context of application of the IoT in the construction industry. Findings expose knowledge gaps in contemporary research, specifically, a broader consideration of organisational adjustments needed to accommodate the IoT usage, economic analyses and impediments to wider acceptance.
Yuvanshankar Azhagumurugan, Jawahar Sundaram, Zenith Dewamuni
et al.
The use of Internet of Things (IoT) for sports innovation has transformed the way athletes train, compete, and recover in any sports activity. This study performs a bibliometric analysis to examine research trends, collaborations, and publications in the realm of IoT and Sports. Our analysis included 780 Scopus articles and 150 WoS articles published during 2012–2025, and duplicates were removed. We analyzed and visualized the bibliometric data using R version 3.6.1, VOSviewer version 1.6.20, and the bibliometrix library. The study provides insights from a bibliometric analysis, showcasing the allocation of topics, scientific contributions, patterns of co-authorship, prominent authors and their productivity over time, notable terms, key sources, publications with citations, analysis of citations, source-specific citation analysis, yearly publication patterns, and the distribution of research papers. The results indicate that China and India have the leading scientific production in the development of IoT and Sports research, with prominent authors like Anton Umek, Anton Kos, and Emiliano Schena making significant contributions. Wearable technology and wearable sensors are the most trending topics in IoT and Sports, followed by medical sciences and artificial intelligence paradigms. The analysis also emphasizes the importance of open-access journals like ‘Journal of Physics: Conference Series’ and ‘IEEE Access’ for their contributions to IoT and Sports research. Future research directions focus on enhancing effective, lightweight, and efficient wearable devices while implementing technologies like edge computing and lightweight AI in wearable technologies.
Aerial object detection suffers from scale and spatial imbalance, significantly reducing detection accuracy in drone-based datasets. We propose progressively enhanced YOLOv8s-based models AeroYOLO-Fusion, AeroYOLO-Attn, and AeroYOLO-Lite addressing imbalance problems and efficiency challenges through multiscale fusion, attention mechanism, and lightweight architecture. To improve multiscale feature fusion, AeroYOLO-Fusion integrates bidirectional feature pyramid networks with multiscale depth-wise convolution. To enhance adaptive spatial attention, AeroYOLO-Attn introduces the receptive field attention convolution within the standard C2f module. AeroYOLO-Lite further reduces computational complexity with a lightweight shared group convolutional detection head. Extensive experiments on VisDrone, UAVDT, CARPK, and DIOR datasets demonstrate significant performance improvements over the baseline YOLOv8s, with AeroYOLO-Lite achieving AP increases of 2.80% on VisDrone, 4.3% on UAVDT, 4.1% on CARPK, and 1.0% on DIOR. The inference latency of 13.7ms demonstrates the model’s capability to meet real time detection requirements. Comparative analyses confirm AeroYOLO-Lite’s superior accuracy relative to state-of-the-art methods, while ablation studies validate the contributions of each proposed module, balancing computational efficiency and detection performance.
Secure authentication in smart device ecosystems remains a critical challenge, particularly due to the irrevocability of compromised biometric templates in server-based systems. This paper presents a post-quantum secure multi-factor authentication protocol that combines templateless 2D and 3D facial biometrics, liveness detection, and Physical Unclonable Functions (PUFs) to achieve robust identity assurance. The protocol exhibits zero-knowledge properties, preventing adversaries from identifying whether authentication failure is due to the biometric, password, PUF, or liveness factor. The proposed protocol utilizes advanced facial landmark detection via dlib or mediapipe, capturing multi-angle facial data and mapping it. By applying a double-masking technique and measuring distances between randomized points, stabilized facial landmarks are selected through multiple images captured during enrollment to ensure template stability. The protocol creates high-entropy cryptographic keys, securely erasing all raw biometric data and sensitive keys immediately after processing. All key cryptographic operations and challenge-response exchanges employ post-quantum algorithms, providing resistance to both classical and quantum adversaries. To further enhance reliability, advanced error-correction methods mitigate noise in biometric and PUF responses, resulting in minimal FAR and FRR that meets industrial standards and resilience against spoofing. Our experimental results demonstrate this protocol’s suitability for smart devices and IoT deployments requiring high-assurance, scalable, and quantum-resistant authentication.