Security and Privacy for IoT Applications in Smart Environments

Dear Colleagues,

The emergence of the Internet of Things (IoT) is driven by the desire to effortlessly collect and transmit data, enabling seamless and remote information exchange. This concept refers to a network of interconnected objects and devices equipped with embedded sensors capable of collecting and transmitting data. IoT applications and devices have become integral parts of our daily lives, expanding into areas such as the healthcare sector, where the IoT, including Wireless Sensor Networks (WSNs) and Wireless Body Area Networks (WBANs), has become indispensable. Additionally, within homes, IoT devices have expanded into living spaces, facilitating home automation and the creation of intelligent, highly interconnected homes. Household items, from power outlets to light bulbs and thermostats, now come equipped with networking capabilities, enabling wireless remote control. IoT devices and applications are pervasive in homes, cars, trains, streets, transportation systems, agriculture, and businesses.

The extensive and diverse nature of the data collected by IoT devices raises fundamental security questions about data collection, processing, and storage. IoT devices are susceptible to various security risks, including distributed denial of service (DDoS) attacks, botnets, and malware, which assume control of compromised IoT devices for malicious purposes. DDoS attacks against IoT devices can affect not only the target but other devices and services in the same network. This collateral damage can have unintended consequences. An IoT botnet is a network of compromised IoT devices that have been infected with malware and are controlled by a remote attacker. These devices, once infected, can be used to perform coordinated actions, often without the device owner's knowledge. While the IoT has the immense potential to be beneficial in many areas, serious concerns persist regarding its security, particularly in terms of privacy issues. There is an urgent need to swiftly develop and adopt security standards to ensure the secure design, connectivity, and accessibility of IoT devices.

The challenges outlined above underscore the importance of gaining a deeper understanding of the security and privacy concerns associated with IoT systems and their applications, and the importance of developing effective solutions to these concerns. Therefore, this Special Issue of aims to compile original research papers, surveys, and case studies that contribute to the advancement of the security and privacy of IoT systems and their applications. The topics covered in this Special Issue encompass, but are not limited to, the following:

1. Security and privacy challenges, as well as their potential solutions, within diverse IoT application domains. These domains include, but are not restricted to, smart buildings, smart cities, intelligent transportation systems, industry, precision agriculture, digital healthcare, and supply chain automation.
2. The exploration of security architectures, protocols, and mechanisms tailored to IoT systems. This encompasses, but is not limited to, aspects such as authentication, authorization, access control, auditing, intrusion detection, secure communications, lightweight and post-quantum cryptography, key management, and safeguards against various security risks.
3. Security measures designed for embedded IoT devices are a key focus, encompassing areas such as malware protection, firmware security, OS hardening, secure software development, the establishment of a root-of-trust, runtime integrity verification, remote attestation, and secure update mechanisms.
4. Designing and analysing the security tailored to IoT systems and their applications. This includes, but is not limited to, practices such as threat modelling, the specification of security requirements, the verification of security properties, security testing, and ethical hacking.
5. Privacy-enhancing technologies for IoT systems, in areas such as anonymization, differential privacy, query auditing, location privacy mechanisms, and privacy-preserving computation.

Dr. Isam Wadhaj
Dr. Baraq Ghaleb
Guest Editors

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Electronics is an international peer-reviewed open access semimonthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 2400 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

• authentication, authorization, access control, and auditing within IoT systems
• lightweight and post-quantum cryptography along with key management in IoT systems
• safeguarding IoT devices against malware threats
• threat modelling and security testing for IoT systems
• privacy-enhancing technologies within IoT systems
• detection of vulnerabilities