Security for the Internet of Things in Terrestrial and Non-Terrestrial Networks

Abstract

The IoT revolution is transforming various sectors by enabling seamless connectivity and data exchange between devices. However, this rapid expansion brings significant security challenges due to IoT devices' constrained resources and diverse nature. This thesis presents a comprehensive security framework addressing these challenges through three interconnected components: detection, identification, and authentication. This integrated approach is crucial for establishing a robust IoT security framework capable of mitigating various threats effectively.

First, we focus on the detection and identification components by investigating the multi-user detection (MUD) problem in uplink grant-free NOMA. This scenario involves identifying the number of active IoT devices and decoding their transmitted data without prior knowledge of device activity levels. The proposed solution leverages an attention-based bidirectional long short-term memory (BiLSTM) network, exploiting the temporal correlation of IoT device transmissions. The BiLSTM network processes the device activation history through forward and reverse-pass LSTMs, while the attention mechanism highlights crucial activation points. This approach forms a hierarchical pathway for detecting active IoT devices and performs blind data detection using complex spreading sequences. The results indicate that this method significantly outperforms existing benchmark schemes, providing superior detection accuracy and flexibility without requiring prior knowledge of device sparsity or channel conditions.

Next, we investigate the IoT authentication component by introducing an innovative physical-layer authentication scheme tailored for terrestrial IoT devices with limited computational capabilities. The scheme eliminates the need for repeated key generation and verification by verifying access time slots and spreading sequences. This approach reduces computational overhead and enhances security by concealing seed information from potential attackers. The results demonstrate a near threefold reduction in the misdetection rate of illegitimate devices and a false alarm rate close to zero, even with varying numbers of active devices and signal-to-noise ratios. The scheme boasts at least half the computational cost of benchmark methods, underscoring its practicality for real-world IoT deployments.

Finally, we address the unique security challenges associated with IoT authentication in non-terrestrial Low Earth Orbit (LEO) satellite-based IoT networks. This work proposes a modified AKMA framework incorporating local key refreshment for decentralized and continuous authentication. This modification reduces the need for repeated authentication attempts with satellites, mitigating the risks of man-in-the-middle and spoofing attacks. The framework's performance is evaluated in the presence of an illegitimate Unmanned Aerial Vehicle (UAV), showing improved authentication rates for legitimate devices and reduced misdetection rates for illegitimate devices compared to existing shared key and physical channel-based authentication schemes. The modified AKMA framework demonstrates its applicability and effectiveness in enhancing security for LEO satellite-based IoT networks.

In summary, this thesis presents a holistic IoT security framework that effectively addresses the critical detection, identification, and authentication components. Each component offers significant advancements in its respective domain, and their integration forms a comprehensive framework to safeguard IoT devices against a broad spectrum of security threats. This work not only contributes valuable insights into IoT security but also provides practical solutions that can be implemented to ensure the secure operation of IoT networks in various environments. The results underscore the importance of a multi-faceted approach to IoT security, paving the way for future research and development in this vital field. Show more