[AISWorld] Inaugural Issue Launch: International Journal of Internet of Things and Cyber-Assurance (IJITCA)

[Tyson Brooks]

Hello Colleagues –



The inaugural issue of the *International Journal of Internet of Things and
Cyber-Assurance (IJITCA)*, published by Inderscience Publishers, has
officially launched! The objective of the IJITCA is to increase the
visibility of current research in cyber-assurance and emergent trends in
information assurance theory, cyber-security application, architecture and
information security pertaining to the Internet of Things (IoT) based on
theoretical aspects and studies of practical applications.


The inaugural 2018 Vol.1 No. 1 issue, is *free of charge* and can be
accessed at the following location: http://www.inderscience.com/in
fo/inarticletoc.php?jcode=ijitca&year=2018&vol=1&issue=1. The IJITCA
editorial board members and I are excited to publish this new journal venue
as the inaugural issue includes the following articles:



**Semantically Enabling IoT Trust to Ensure and Secure Deployment of IoT
Entities**Authors*: Konstantinos Kotis, Iraklis Athanasakis, George A.
Vouros
*Abstract*: Semantics for the IoT domain have been already introduced for
the (semi-)automated deployment of heterogeneous entities. Depending on the
level of interoperability and the ability of dynamic expansion of the IoT
environment, an application may have to 'decide' (and then select) which
devices in that environment are trustworthy for ensuring and securing
effective deployment. In the open and distributed IoT, where a large number
of heterogeneous entities will be registered, the need to ensure and secure
their selection and deployment tasks is highly important. In this paper, an
effective modelling approach towards supporting the selection and
deployment of IoT entities is presented, based on the notion of trust
semantics. Using fuzzy ontologies as an enabler of trust semantics in IoT,
this work demonstrates that such semantics, when seamlessly integrated in
IoT ontologies, serve as a secure selection key to an IoT application (or
service) for selecting, among the available entities, the one(s) that the
application should trust for its effective deployment in the specific
environment/context.

**Main Factors and Good Practices for Managing BYOD and IoT Risks in a K-12
Environment*
*Authors*: Oluwaseun Akeju, Sergey Butakov, Shaun Aghili
* Abstract: *The presented research looks into information security and
privacy risk related to using mobile and embedded devices for learning in
the K-12 environment. Bring Your Own Device (BYOD) program and Internet of
Things (IoT) for learning are the two focus areas discussed in this paper.
The NIST privacy risk management framework (NIST-8062) template was used to
illustrate the privacy impact factors K-12 ecosystem participants should
consider while developing BYOD/IoT programs. The key factors involved in
the decisions include reputation costs, direct business costs and
non-compliance costs. Key security issues and risks such as network access,
server and end-user device malware, application risks, and privacy risks
were identified. The analysis of the risks suggested to recommend some good
practices derived from various documents suggested by ISACA, IIA, SANS, and
NIST. The proposed good practices were subsequently incorporated into BYOD
guide for the K-12 system in two Canadian provinces (Alberta and Manitoba)
in an attempt to increase its effectiveness in terms of addressing relevant
risks. Although the good practices compiled in this research are proposed
to be incorporated into the Alberta and Manitoba's BYOD guide for K-12
schools, the same process is applicable to any similar K-12 environment.

**Internet of Things: A Survey of Challenges and Issues*
*Author*: Qusay Idrees Sarhan
*Abstract*: Internet of things (IoT) is the promising and future internet.
The IoT is a network of connected sensors, actuators, and everyday objects
that are used in various domains, such as healthcare, airports, and
military. As it connects everything around us to the internet, the IoT
poses a number of severe challenges and issues as compared to the
conventional internet. Currently, there are massive studies on the IoT,
these studies mostly cover IoT vision, enabling technologies, applications,
or services. So far, a limited number of surveys point out comprehensively
the challenges and issues of the IoT which considered unique to this future
internet and which must be faced and tackled by different research
communities. In this paper, well-known IoT challenges and issues (e.g.,
reliable cooperation, standards, protocols, operational, data, and
software) have been surveyed alongside many directions. Furthermore, the
paper also raises awareness of work being achieved across a number of
research communities to help whoever decided to approach this hot
discipline in order to contribute to its development.

**Towards Trusted Mobile Payment Services: A Security Analysis on Apple Pay*
*Authors*: Ashay Jawale, Joon Park
* Abstract:* Today, many stores and users adopt mobile payment services due
to the various benefits that the technology can provide. Users can make
transactions with their mobile devices such as smart phones instead of
physically handing over cash or swiping credit cards. Stores can implement
the payment service in a relatively simple and inexpensive way. For both
users and stores, the technology increases speed of the checkout process
thus reducing the waiting time. The time savings may give more profits to
stores. Although the new mobile payment service can provide users and
stores with various benefits, it also introduces new security concerns and
vulnerabilities. In this paper, we analyze the security features in Apple
Pay and discuss possible ways to make it more reliable. Furthermore, once
we delve into security vulnerabilities in Apple Pay, we propose the
possible solutions along with their implementation to overcome the security
concerns in the service.

**A Study of Security and Privacy Issues Associated with the Amazon Echo*
*Authors*: Catherine Jackson, Angela Orebaugh
*Abstract*: More than 11 million US consumers have an Amazon Echo installed
in their homes (Gonzales, 2017). While many consumers view the Amazon Echo
as a useful helper in the home to provide information, play music, and
order items online, consumers underestimate the device's security and
privacy impacts. Additionally, law enforcement officials are beginning to
see how consumer internet of things (IoT) devices can provide crucial
evidence in cases. This paper presents security and privacy issues with the
Amazon Echo and recent cases in which law enforcement officials have
employed the Amazon Echo in an investigation. Due to the Amazon Echo's
privacy issues and potential uses in court, this paper analyses the fourth
amendment in regards to the Amazon Echo. This paper concludes with
suggested recommendations that Amazon Echo owners should employ for greater
security and privacy.



Furthermore, the IJITCA has a forthcoming *Special Issue on ‘Machine
Learning and the Internet of Things’* with guest editors *Professor Vijay
Bhaskar Semwal*, Indian Institute of Information Technology, Dharwad, *Dr.
Rubén González Crespo*, Universidad Internacional de La Rioja (UNIR),
and *Professor
Vijender Kumar Solanki, *CMR Institute of Technology (Autonomous), India,
addressing original research on the theory, design and implementation of
machine learning and IoT. The articles from this forthcoming special issue
include the following:



**Employing an Efficient Tamper Detection Mechanism for IoT-based
Healthcare Systems*

*Author**: *Ahmed Elngar

*Abstract*: Security of large-scale networks of Internet of Things (IoT) is
the most significant challenge that needs a smarter security mechanism.
Therefore, a tamper detection (TD) is an efficient security mechanism for
IoT-based healthcare system, which used to deal with security violations.
Since there are many security threats affect the originality of medical
information. In this paper, a new tamper detection mechanism for IoT-based
Healthcare Systems called (IOT-TD) model has been proposed. This paper
effectively proposed (ANN-GA) tamper detection mechanism. Where, Genetic
Algorithm (GA) is used to optimize weight and bias values of Artificial
Neural Networks (ANN), which lead to maximize the detection accuracy,
minimize the timing detection speed and the efficiency energy saving of
IoT-network modules. The experimental results showed that the tamper
detection performance of (ANN-GA) is 98.51%. In addition, the proposed
model showed that the (ANN-GA) enhances the timing detection to 0.03 sec,
which is important for real time (IOT-TD) model healthcare system, and the
efficiency energy saving transmission is 1980 times better than full
transmission. In addition, the proposed model relies on the
certificate-based Datagram Transport Layer.



**Dictionary Based Intra Prediction Framework for Image Compression via
Sparse Representation*

*Authors: *Arabinda Sahoo, Pranati Das

*Abstract*: Nowadays, image compression is very important for efficient
data storage and transmission. This paper presents a dictionary based intra
prediction framework for image compression using sparse representation,
with the construction of trained over-complete dictionaries. The
intra-prediction residuals selected from different images and K-SVD
algorithm are used to train over-complete dictionaries. The trained
dictionaries are integrated into the intra-prediction framework for
efficient image compression. In this proposed method, first
intra-prediction is applied over an image and then prediction residuals of
the image are encoded using sparse representation. Sparse approximation
algorithm and trained dictionaries are employed for encoding of prediction
residuals of the image. The coefficients obtained from sparse
representation are used for encoding. For efficient sparse representation
with fewer dictionary coefficients, an adaptive sparse image partitioning
method is introduced. Simulation result demonstrates that the proposed
image compression method yields improved encoding efficiency as compared to
existing schemes.

**Design and Study of Dual Band Slotted Patch Radiator Using Bio-Inspired
Optimization Approach for Wireless Communication*

*Authors**: *Swarnaprava Sahoo, Mihir Narayan Mohanty

*Abstract*: A new dual band slotted patch radiator is proposed for Wi- MAX
and satellite applications purpose. The two wide appropriate rectangular
slots in opposite faces of the non- radiating edge of the patch and an I-
shaped slot in between the two wide slots are embedded in the radiating
element for good impedance matching. Particle Swarm Optimization (PSO) and
Firefly Algorithm (FA) are used for optimum dual band performance. The
optimization achieves dual band at 3.5 GHz and 4.3 GHz respectively ranging
from 3.4371 to 3.5780 GHz of bandwidth 140.9 MHz and from 4.2311 to 4.3622
GHz of bandwidth 132.1 MHz along with VSWR < 2. The proposed antenna is
capable of covering Wi-MAX and C-band, S-band satellite applications. The
optimized proposed radiator is demonstrated, fabricated and experimentally
verified. The simulated and experimental results give good agreement. The
maximum gain of 2.4 dBi has also been observed.

**Use of Adaptive Algorithm for Impulsive Noise Cancellation*

*Authors*: Sarthak Panda, Mihi Narayan Mohanty

*Abstract*: Desire of clean signal at user end is a great demand. Adaptive
algorithms are most suitable for such task. In this paper authors have
taken an attempt for synthetic signal contaminated with impulsive noise.
Further its application has been extended to noisy biomedical signal as
ECG. It is very important to separate from the signal, as its occurrence is
sudden and often similar to the signal. The popular adaptive algorithms
have been used for cancellation of impulsive noise. Again most used
Wilcoxon LMS is verified for impulsive noise case. Finally WLMS algorithm
has been modified for the same purpose. The result found excellent in terms
of less MSE, SNR improvement and faster convergence.

**An Architecture for HESTIA: High-level and Extensible System for Training
and Infrastructure Risk Assessment **(additional paper)*

*Authors*: Ananth A. Jillepalli, Daniel Conte De Leon, Yacine Chakhchoukh,
Mohammad Ashrafuzzaman, Brian K. Johnson, Frederick T. Sheldon, Jim
Alves-Foss, Predrag T. Tosic, Michael A. Haney

*Abstract*: Currently, cyber-attacks on Cyber-Physical Control Systems
(CPCS) are difficult to prevent given the characteristics and
vulnerabilities of today's critical infrastructures. Effective
vulnerability identification and risk assessment in CPCS can be challenging
without a high-level and complete model of the system. Furthermore, knowing
the system is not enough; knowledge of possible attacks and applicable
defenses is also needed. Hence, what is necessary is a complete, rigorous,
and consistent process that can subject a CPCS' model to possible attack or
defense scenarios. In this article, we present the architecture of HESTIA:
High-level and Extensible System for Training and Infrastructure risk
Assessment. HESTIA is a modeling and risk assessment process and tool-set.
HESTIA can assist in formulating the best infrastructure hardening strategy
for a given CPCS. We also describe the non-trivial design and
implementation hurdles involved in the development of HESTIA and strategies
for addressing these hurdles. Once fully developed, HESTIA will be able to:
1) check an existing CPCS infrastructure's specification for completeness
and consistency, 2) identify the types of attacks or defenses, from a
pre-defined library, which can be applied on that CPCS infrastructure, and
3) enable the guided execution of attack-defense scenarios for training and
infrastructure risk assessment. HESTIA's implementation leverages previous
work on high granularity system specification and configuration.

I hope that the IJITCA will represent the IoT security community by
becoming the international leader in IoT and cyber-assurance research so
please consider the IJITCA for your future research. This effort has become
possible because of the diligent support of the IJITCA editorial board for
their dedication, commitment, and contributions. I am very confident that
the IJITCA will make an impact to the IoT/cyber-assurance field and become
a success under the guidance of such distinguished professionals. The
journal looks forward to receiving your submissions, suggestions, and
volunteer services. For additional details and paper submissions, please
visit: http://www.inderscience.com/jhome.php?jcode=ijitca.



Thank you all,



Dr. Tyson Brooks

Adjunct Professor, Syracuse University

IEEE Senior Member



EiC- International Journal of the Internet of Things and Cyber-Assurance

ijitcaeditor at gmail.com

<ijitcaeditor at gmail.com>



*Executive Editors*

Dr. B.B. Gupta, National Institute of Technology Kurukshetra, India

Dr. Konstantinos Kotis, University of Piraeus, Greece

Dr. Angela Orebaugh, University of Virginia, USA



*Editorial Board Members*

Dr. Dharma Agrawal, University of Cincinnati, USA

Dr. Esraa Alomari, University of Wasit, Iraq

Dr. Eduard Babulak, Fort Hays State University, USA

Dr. Sergey Butakov, Concordia University of Edmonton, Canada

Dr. Ersin Dincelli, State University of New York, Albany, USA

Dr. Yousef Farhaoui, Moulay Ismail University, Morocco

Dr. Utku Köse, Usak University, Turkey

Dr. M. Bala Krishna, GGS Indraprastha University, India

Dr. Christopher Leberknight, Montclair State University, USA

Dr. Martin Murillo, University of Notre Dame, USA

Dr. Joon Park, Syracuse University, USA

Dr. Rasmus Ulslev Pedersen, Copenhagen Business School, Denmark

Dr. Rajasekaran Rajkumar, Vellore Institute of Technology, India

Dr. Shwadhin Sharma, California State University, Monterey Bay, USA

Dr. Vijendra Singh, NorthCap University, India

Dr. Alireza Souri, Islamic Azad University, Iran

Dr. Suresh Veluru, United Technologies Research Center Ireland, Ireland

Dr. Shingo Yamaguchi, Yamaguchi University, Japan

Dr. Honbo Zhou, UbiLink Co. Ltd., China

Dr. Dimitris Zissis, University of the Aegean, Greece