IoTBDS 2025 Abstracts

Area 1 - Big Data Research

Full Papers

Paper Nr:	27
Title:	Real-Time Manufacturing Data Quality: Leveraging Data Profiling and Quality Metrics
Authors:	Teresa Peixoto, Bruno Oliveira, Óscar Oliveira and Fillipe Ribeiro
Abstract:	Ensuring data quality in decision-making is essential, as it directly impacts the reliability of insights and business decisions based on data. Data quality measuring can be resource-intensive, and it is challenging to balance high data quality and operational costs. Data profiling is a fundamental step in ensuring data quality, as it involves thoroughly analyzing data to understand its structure, content, and quality. Data profiling enables teams to assess the state of their data at an early stage, uncovering patterns, anomalies, and inconsistencies that might otherwise go unnoticed. In this paper, we analyze data quality metrics within Industry 4.0 environments, emphasizing various critical aspects of data quality, including accuracy, completeness, consistency, and timeliness, and showing how typical data profiling outputs can be leveraged to monitor and improve data quality. Through a case study, we validate the feasibility of our approach and highlight its potential to improve data-driven decision-making processes in smart manufacturing environments.
Download

Paper Nr:	33
Title:	Data Network Game: Enabling Collaboration via Data Mesh
Authors:	Lucaleonardo Bove, Nicolò G. Totaro and Massimiliano Gervasi
Abstract:	Organizations aim to transform raw data into valuable insights using advanced analytical methods. Since data can be replicated and shared, multiple actors can simultaneously utilize the same information. This study presents the Data Network, a theoretical framework representing potential collaborations among organizations sharing data in large-scale big data projects, using Data Mesh as a supporting architecture. The Data Network Game (DNG) extends this model by applying game theory to analyze inter-organizational collaborations, incorporating market-imposed constraints that limit compatibility. Various scenarios, defined by distinct benefit and cost functions, are explored to understand their impact on coalition formation and market dynamics. A simplified theoretical example shows how coalitions can achieve greater value through collaboration than by acting independently. This model serves as a practical tool for assessing the trade-offs of cooperation and offers insights into managing emerging data-driven markets.
Download

Paper Nr:	36
Title:	Approach to Deploying Batch File Data Products in a Big Data Environment
Authors:	Richard de Arruda Felix, Patricia Della Méa Plentz and Jean Carlo Rossa Hauck
Abstract:	Data science has become essential across industries such as government, healthcare, and finance, driving decision-making through large-scale data analysis. Deploying batch data products, like the periodic calculation of credit scores for millions, presents significant challenges, including integration with existing big data architectures and ensuring scalability and efficiency. This study proposes an optimized approach that leverages software engineering and agile methodologies to streamline the deployment of such products. Validated through action research conducted at a Brazilian credit bureau, the approach demonstrated a substantial reduction in deployment time by improving documentation, development, and testing processes, offering a scalable solution to modern batch data processing challenges.
Download

Paper Nr:	57
Title:	A Comparative Study of Log-Based Anomaly Detection Methods in Real-World System Logs
Authors:	Nadira Anjum Nipa, Nizar Bouguila and Zachary Patterson
Abstract:	The reliability and security of today’s smart and autonomous systems increasingly rely on effective anomaly detection capabilities. Logs generated by intelligent devices during runtime offer valuable insights for monitoring and troubleshooting. Nonetheless, the enormous quantity and complexity of logs produced by contemporary systems render manual anomaly inspection impractical, error-prone, and laborious. In response to this, a variety of automated methods for log-based anomaly detection have been developed. However, many current methods are evaluated in controlled environments with set assumptions and frequently depend on publicly available datasets. In contrast, real-world system logs present greater complexity, lack of labels, and noise, creating substantial challenges when applying these methods directly in industrial settings. This work explores and adapts existing machine learning and deep learning techniques for anomaly detection to function on real-world system logs produced by an intelligent autonomous display device. We conduct a comparative analysis of these methods, evaluating their effectiveness in detecting anomalies through various metrics and efficiency measures. Our findings emphasize the most efficient approach for detecting anomalies within this specific system, enabling proactive maintenance and enhancing overall system reliability. Our work provides valuable insights and directions for adopting log-based anomaly detection models in future research, particularly in industrial applications.
Download

Short Papers

Paper Nr:	14
Title:	A Highly Nonlinear Survival Network for Hospital Readmission Prediction of Cardiac Patients
Authors:	Yuejing Zhai, Yiping Li, Lihua He and Wuman Luo
Abstract:	Hospital readmission prediction of cardiac patients is an increasingly important survival analysis problem these days. So far, three groups of methods for cardiac readmission have been proposed: statistical-based, machine learning-based and deep learning-based. However, the assumptions of the statistical-based methods limit their practicality in real-world applications. The traditional machine learning-based methods suffer from the problem of over-reliance on feature engineering. Deep learning-based methods can be further classified into two groups in terms of how they deal with first hitting times: discrete strategy-based and continuous strategy-based. It is nontrivial for the discrete strategy-based methods to find the optimal granularity of output time intervals. The continuous strategy-based methods assume nonlinear proportional hazards condition, which often limits the model performance in practical applications. Besides, existing deep learning-based methods still have room for improvement in calculating the mean value of fitted dropout models. To address these issues, in this paper, we propose a highly nonlinear survival network called Environment-Aware Max-out Deep Survival Neural Network (EMaxSurv) to predict the risk value of hospital readmission of cardiac patients. EMaxSurv is based on a key observation that environmental conditions have a significant impact on the health of cardiac patients. The basic idea of EMaxSurv is to adopt maxout deep networks combined with environmental information to better capture the relationship between covariates and the distribution of the first-hitting times. To evaluate the proposed model, we conduct extensive experiments on three real world datasets. The experimental results show that EMaxSurv outperforms the other baselines in all three datasets.
Download

Paper Nr:	16
Title:	RAM-IoT: Risk Assessment Model for IoT-Based Critical Assets
Authors:	Kayode S. Adewole, Andreas Jacobsson and Paul Davidsson
Abstract:	As the number of Internet of Things (IoT) devices continues to grow, understanding and mitigating potential vulnerabilities and threats is crucial. With IoT devices becoming ubiquitous in critical sectors like healthcare, transportation, energy, and industrial automation, identifying and addressing risks is increasingly important. A comprehensive risk management approach enables IoT stakeholders to safeguard user data and privacy, as well as system integrity. Existing risk assessment frameworks focus on qualitative risk analysis methodologies, such as operationally critical threat, asset, and vulnerability evaluation (OCTAVE). However, security risk assessment, particularly for IoT ecosystem, demands both qualitative and quantitative risk assessment. This paper proposes RAM-IoT, a risk assessment model for IoT-based critical assets that integrates qualitative and quantitative risk assessment approaches. A multi-criteria decision making (MCDM) approach based on fuzzy Analytic Hierarchy Process (fuzzy AHP) is proposed to address the subjective assessment of the IoT risk analysts and their corresponding stakeholders. The applicability of the proposed model is illustrated through a use case connected to service delivery in the IoT. The proposed model provides a guideline to researchers and practitioners on how to quantify the risks targeting assets in IoT, thereby providing adequate support for protecting IoT ecosystems.
Download

Paper Nr:	19
Title:	Enhanced Intrusion Detection in IIoT Networks: A Lightweight Approach with Autoencoder-Based Feature Learning
Authors:	Tasnimul Hasan, Abrar Hossain, Mufakir Qamar Ansari and Talha Hussain Syed
Abstract:	The rapid expansion of the Industrial Internet of Things (IIoT) has significantly advanced digital technologies and interconnected industrial sys- tems, creating substantial opportunities for growth. However, this growth has also heightened the risk of cyberattacks, necessitating robust security measures to protect IIoT networks. Intrusion Detection Systems (IDS) are essential for identifying and preventing abnormal network behaviors and malicious activities. Despite the potential of Machine Learning (ML)-based IDS solutions, existing models often face challenges with class imbalance and multiclass IIoT datasets, resulting in reduced detection accuracy. This research directly addresses these challenges by implementing six innovative approaches to enhance IDS perfor- mance, including leveraging an autoencoder for di- mensional reduction, which improves feature learning and overall detection accuracy. Our proposed Decision Tree model achieved an exceptional F1 score and accuracy of 99.94% on the Edge-IIoTset dataset. Furthermore, we prioritized lightweight model design, ensuring deployability on resource-constrained edge devices. Notably, we are the first to deploy our model on a Jetson Nano, achieving inference times of 0.185 ms for binary classification and 0.187 ms for mul-ticlass classification. These results highlight the novelty and robustness of our approach, offering a practical and efficient solution to the challenges posed by imbalanced and multiclass IIoT datasets, thereby enhancing the detection and prevention of network intrusions.
Download

Paper Nr:	53
Title:	Graph-Based Learning for Multimodal Route Recommendation
Authors:	Zakariya Ghalmane and Brahim Daoud
Abstract:	Transportation recommendations are a vital feature of map services in navigation applications. Earlier transportation recommendation systems have struggled to deliver a satisfactory user experience because they focus exclusively on single-mode routes, such as cycling, taxis, or buses. In this paper, we represent the transportation network as a complex network (or graph). Modeling transportation as a network of nodes and edges has gained attention in the literature, generating numerous studies over the years. This approach requires a clear definition of what constitutes a node or an edge: nodes represent stops, while edges represent road segments connecting these stops. Based on this representation, we propose a framework that generates embeddings for each node and edge in the transportation network. These embeddings are created using GRU (Gated Recurrent Units) and GCN (Graph Convolutional Network) models to capture spatial and temporal patterns within the network, while incorporating centrality measures reflecting the influence of each stop. This vector representation facilitates multi-task learning for effective multi-modal transportation recommendations. The proposed framework is applied to the transportation network of Strasbourg, France. Experimental results demonstrate the framework’s efficiency in recommending suitable multimodal transportation routes, considering criteria such as meteorological conditions, safety, and passenger comfort.
Download

Paper Nr:	66
Title:	Anomaly Detection on Univariate Time Series Data Using Exponentially Weighted Moving Average (AnEWMA)
Authors:	Jalaa Hoblos
Abstract:	Anomaly detection in time series data is a critical task with wide-ranging applications in industries such as finance, cybersecurity, healthcare, and manufacturing. It involves the identification of data points or patterns that deviate significantly from the expected behavior, thereby ensuring the integrity and reliability of data analysis and decision-making processes. Several methods have been developed to address this challenge, each offering unique advantages and addressing different aspects of the problem, ranging from statistical methods, to machine learning techniques, and dynamic time warping methods. In this work, we present a novel Anomaly Detection approach (AnEWMA) able to identify anomalies through the application of the Exponentially Weighted Moving Average (EWMA). AnEWMA leverages the responsiveness of EWMA to subtle shifts in data trends, enabling the detection of anomalies in a lightweight and computationally efficient manner. AnEWMA adjusts the control limits of the monitoring system using tuned heuristic multipliers. Traditional methods often rely on fixed control limits, which can lead to a high rate of false positives or missed anomalies, especially in the presence of noisy or non-stationary data. The proposed AnEWMA algorithm shows promising results when compared with state-of-the-art unsupervised and semi-supervised anomaly detection methods using stream data from popular Benchmarks.
Download

Area 2 - Emerging Services and Analytics

Full Papers

Paper Nr:	23
Title:	PatSimBoosting: Enhancing Patient Representations for Disease Prediction Through Similarity Analysis
Authors:	Yuzheng Yan, Ziyue Yu and Wuman Luo
Abstract:	Patient representation learning based on electronic health records (EHR) is crucial for disease prediction. So far, various deep learning-based methods have been proposed and have made great progress. In particular, recent research has shown that trends and variations of dynamic features are of great importance in patient representation learning. However, these methods ignored the similarity between the patients. Although a number of similarity-based methods have been proposed for patient representation learning, they regarded each dynamic feature as a whole in similarity detection and failed to utilize the important fine-grained characteristics of each feature. To address this issue, we propose a Patient Similarity-Based Representation Boosting framework (PatSimBoost) to enhance patient representation for disease prediction based on EHR. Our proposed framework consists of four modules: Frequency Extraction Module (FEM), Similarity Calculation Module (SCM), Patient Representation Learning Module (PRLM), and Prediction Module (PM). FEM extracts trends and variations of dynamic features, while SCM employs Dynamic Time Warping (DTW) to assess the similarity between patients. PRLM learns patient representations, and the PM utilizes the representation of the most similar patient, along with the current patient’s representation, to perform disease prediction. Experimental results on two real-world public datasets demonstrate that PatSimBoost outperforms existing state-of-the-art methods in terms of F1-score, AUROC, and AUPRC.
Download

Short Papers

Paper Nr:	74
Title:	Intelligent Anomaly Detection for Context-Oriented Data Brokerage Systems
Authors:	Rawaa Al-Wani and Mays Al-Naday
Abstract:	Applications of the Internet of Things (IoT) face challenges related to interoperability and heterogeneity due to variations in data representation formats and the absence of connectivity standards across wireless networks. This has led to the emergence of context-oriented data brokering frameworks, with FIWARE being the most widely adopted. However, such frameworks are not able to differentiate malicious from benign data. Consequently, challenges related to data quality persist, and brokering overlays are susceptible to exploitation for the distribution of malicious data assets. We propose a novel Artificial Intelligence (AI) anomaly detection service that communicates with the FIWARE broker via the Fast Application Programming Interface (FastAPI). The system also uses the Publish/Subscribe (Pub/Sub) model of FIWARE to allow networking between brokers to validate data assets before disseminating them. This is to analyze the overhead that anomaly detection introduces as a cost of the solution. The results show that the solution can detect around 95% malicious data, with an approximate overhead of 12% increase in response time.
Download

Area 3 - Internet of Things (IoT) Applications

Full Papers

Paper Nr:	13
Title:	Internet of Things Devices Management for Smart Cities
Authors:	Nilson Rodrigues Sousa, George P. Pinto and Cassio V. S. Prazeres
Abstract:	In this work, we address the critical challenge of managing IoT devices within Smart City infrastructures. We propose a comprehensive solution tailored to the specific requirements of IoT device management, different from traditional network device management. Our approach integrates hundreds of devices across urban areas, leveraging telecommunications and information technologies (ICT) to improve urban services and citizens’ quality of life. We reviewed existing architectures and platforms and developed a prototype to demonstrate the practical application of our solution. Our prototype ensures consistent service availability and efficient resource management. The insights gained from our work provide valuable guidance for future developments and implementations of IoT device management strategies in Smart Cities.
Download

Paper Nr:	17
Title:	Bridging the Cost Gap: A Comprehensive Analysis of CAPEX and OPEX for Smart Home Transition from a Provider's Perspective
Authors:	Nilton F. S. Seixas, Adriano H. O. Maia, George P. Pinto, Dhyego Tavares M. da Cruz, Bruno P. Santos, Ivan do C. Machado, Eduardo S. Almeida, Frederico A. Durao, Maycon L. M. Peixoto, Gustavo B. Figueiredo and Cassio V. S. Prazeres
Abstract:	The urgency of addressing global warming has driven global efforts to enhance energy efficiency and transform energy acquisition methods. In this context, the adoption of smart technologies has gained relevance across various domains, including smart cities and smart homes. While smart cities are often promoted through government initiatives, transforming conventional homes into smart homes largely depends on consumer adoption. However, there is a significant gap in the literature regarding the implementation costs and benefits of this transition, with many studies focused on unrealistic scenarios tailored to the average American consumer profile. This study aims to fill that gap by proposing a methodology to estimate the conversion of conventional homes into smart homes, accounting for both capital expenditures (CAPEX) and operational expenditures (OPEX). The proposed approach seeks to enable an affordable transition for a wider range of consumer profiles. Four case studies are presented to demonstrate how smart systems can be integrated into homes, maximizing economic and environmental benefits for end-users. Additionally, the paper analyzes the commercial relationship between manufacturers and smart environment providers, exploring acquisition and operational cost models. As an alternative to the traditional device-based business model, the study suggests a subscription-based system, supported by the continuous delivery of smart solutions, promoting greater customer retention and scalability.
Download

Paper Nr:	75
Title:	EV-Connect: Energy Efficient & Incentive Cost Based Model for Range Anxious EVs with Multi-Hop Socially Assisted V2V Charging
Authors:	Srishti Sharma and Rahul Thakur
Abstract:	With an increasing demand for a sustainable environment, there has been a rapid shift from internal combustion engines (ICEs) to battery-powered engines (BPEs), which are installed in electric vehicles (EVs). With the increasing need and demand for electric vehicles (EVs), the need for charging stations (CS) is also increasing. However, the paradigm shift is slow regarding CSs because of their high installation costs. Thus, there is still the non-ubiquity of CSs in cities, highways, and remote areas, which causes EV users to experience range anxiety. In this context, vehicle-to-vehicle (V2V) charging could be a promising solution recently gaining prominence. In this paper, we have proposed the incentive-based socially connected V2V charging model for EVs where the excess charge of EVs acts as an alternate charging option for other EVs. We have used the maximum bipartite matching algorithm to map the EVs experiencing range anxiety with available CSs and other EVs with surplus charge. The results of our model have shown the trend that the number of EV users who were experiencing range anxiety is less than the only CS-dependent users. Also, the trend of results indicates that there could be a significant reduction of load on the power grid in that particular area, especially during peak hours.
Download

Short Papers

Paper Nr:	34
Title:	Analysis and Design of Smart Components in Digital Energy Twins
Authors:	Katharina Legler, Muhammad Sheheryar Jajja and Klaus Volbert
Abstract:	The energy crisis, energy demand growth, and dependence on fossil fuels worldwide have made urgent action necessary for us to seek sustainability in energy production and use. Digital technologies, especially Digital Energy Twins, have immense potential to reduce energy consumption, thereby reducing environmental impacts, particularly in the building sector. This paper presents the development of a digital energy twin that supports sustainable energy consumption analysis and optimization. Our study begins with a comprehensive analysis of the energy consumption data, the weather data, and the building plans as a solid basis for the analysis. We identify key energy consumption trends and patterns across different timescales and device-specific details that could be optimized, such as base load consumption and device-specific inefficiencies. A key part of our work is forecasting energy consumption using time series models, such as the ARIMA model, which promises to be useful in identifying patterns for improving energy efficiency. Overall, our study provides valuable insights into energy optimization and could form the base for further advances in digital energy twins at OTH Regensburg, helping to contribute to its sustainable development goals and smart campus initiatives.
Download

Paper Nr:	59
Title:	Measuring Fall Risk Using the Internet-of-Things Chair
Authors:	Alexander W. Lee, Melissa S. Lee, Chelsea Yeh and Kyle Yeh
Abstract:	Falls are one of the leading causes of injuries and deaths for U.S. adults ages 65 and older. People can fall because of imbalance and leg weakness. Fall risks are evaluated by standardized tests, including the 30-Second Chair Stand Test (30CST) and 5x Sit-to-Stand Test (5xSST). These tests are conducted by visual observation of the participant and manual counting, which can be inaccurate and tedious. This study clinically tested an Internet of Things Chair (IoT) on how well it performed on the 30CST and 5xSST. A clinical study was performed on 224 participants. The results of the IoT Chair were found to be similar to the traditional, visually observed method. The IoT Chair required less manual work and provided information that was not obtainable with the observer method. The IoT Chair was able to calculate the weight exerted on the individual chair legs, rate of weight change, lag time between each sit-stand cycle, the amount of time spent standing during each cycle, and the amount of time each sit-stand cycle required. This additional information can allow for a better understanding of a person's leg strength and improves the prediction for falls, which can save lives and lower healthcare costs.
Download

Paper Nr:	64
Title:	A Multilevel Graph-Based Recommender System for Personalized Learning Paths in Archaeological Parks: Leveraging IoT and Situation Awareness
Authors:	Mario Casillo, Francesco Colace, Angelo Lorusso, Domenico Santaniello and Carmine Valentino
Abstract:	Enhancing Cultural Heritage relies on innovative technologies to improve user interaction with cultural assets. The advent of the Internet of Things (IoT) has made integrating smart devices with educational methodologies possible, enabling a combination of cultural engagement, heritage promotion, and learning. This study aims to introduce a Recommender System capable of suggesting personalized learning paths for users visiting archaeological parks, leveraging a multilevel graph-based approach. The method is grounded in Situation Awareness (SA) and structured into three main levels: perception, comprehension, and prediction. The perception level is ensured through data acquisition from sensors deployed in the field; the comprehension level utilizes semantic and contextual graph approaches for domain representation; and the prediction level is developed using predictive algorithms based on Bayesian Networks. A preliminary experimental campaign conducted across three archaeological parks allowed for testing the effectiveness of the proposed approach, demonstrating its predictive capabilities and potential in creating tailored cultural experiences. The findings highlight how advanced technologies can enrich users’ educational experiences and significantly contribute to the valorization of cultural heritage.
Download

Paper Nr:	77
Title:	Design of an IoT-Driven Software Architecture for an Automated Robotic Fueling System in Open-Pit Mining
Authors:	Carlos Antonio Vilchez Pascual, Brian David Pajares Correa and Felix Melchor Santos López
Abstract:	The fueling process for haul trucks in open-pit mining operations is traditionally manual, leading to inefficiencies, operational delays, and increased costs. This paper presents the design of an automated robotic fueling system aimed at optimizing fueling operations by automating key tasks such as fuel nozzle positioning, authorization, and process monitoring. The proposed system leverages Internet of Things (IoT) technology and a cloud-based architecture to enable real-time monitoring and seamless integration with existing mine infrastructure. The physical design of the system follows the German Guideline VDI 2206 methodology, while the cloud platform is structured using the Attribute Driven Design (ADD) 3.0 methodology to ensure scalability and adaptability. Additionally, interface prototypes were developed, including an Human-Machine Interface (HMI) and a responsive web application, to provide real-time data visualization and operational control. The results of this study demonstrate the potential of automation to improve fueling efficiency, enhance safety, and reduce downtime in mining operations.
Download

Paper Nr:	21
Title:	Agri-Guard: IoT-Based Network for Agricultural Health Monitoring with Fault Detection
Authors:	Kushagra Singh, Kafil Abbas Momin, M. Nishal, Chinmay Sultania and Madhav Rao
Abstract:	Agricultural sector is increasingly adopting advanced technologies to enhance crop productivity and sustainability. Precision agriculture leverages IoT devices, sensors, and data analytics to monitor and manage various environmental parameters, addressing challenges such as global food demand, climate change, and resource optimization. Previous research has demonstrated the efficacy of wireless sensor networks (WSNs) and remote sensing technologies in improving irrigation efficiency and early disease detection. However, these systems often assume that all components continue to operate, thereby offering an incomplete view. This study presents an advanced agricultural monitoring system referred to as Agri-Guard that integrates a wide array of sensors to measure temperature, humidity, soil moisture, and gases like CO2, methane and ammonia. By utilizing an ESP8266 microcontroller and IoT connectivity, the system ensures seamless data transmission and real-time processing. Additionally, a centralized hub, equipped with a Raspberry Pi 5 and a thermal camera, enhances the detection of crop anomalies, and an inoperative sensor hub. The sensor hub in the form of a cone is optimally designed to detect environmental parameters besides being rainproof. The proposed Agri-Gaurd setup clearly demonstrated the lack of manure and water from the sensors’ data, whereas thermal imaging showcased the classification of 92.7% between a dead and alive plant. The anomaly between an operating and non-operating Agri-cone was found to be in complete agreement (100%). The proposed system represents a significant improvement over existing solutions, empowering farmers with precise data and faulty hub detection, leading to quick recovery and more sustainable farming practices.
Download

Paper Nr:	26
Title:	Inventory Management System Through the Integration of RPA and IoT to Enhance Processes in SMEs Within Peru’s Automotive Sector
Authors:	Tadashi Buitron, Enzo Peña and Pedro Castañeda
Abstract:	This paper presents the design and implementation of an inventory management system that integrates Robotic Process Automation (RPA) and Internet of Things (IoT) technologies to enhance operational efficiency in small and medium-sized enterprises (SMEs) within Peru's automotive sector. The system addresses common challenges faced by SMEs, such as inaccurate inventories and inefficient stock management, through automated processes and real-time monitoring. By streamlining repetitive tasks and enabling continuous inventory updates, the solution reduces operating costs and improves record-keeping accuracy. Initial results show a 30% reduction in management time and a 25% decrease in operational costs, highlighting the transformative potential of RPA and IoT technologies in inventory management. The project offers a practical model that can be scaled and replicated across other sectors, contributing to the long-term competitiveness of SMEs.
Download

Paper Nr:	32
Title:	Making Use of Design Patterns in IoT Middleware Implementation
Authors:	Lasse Harjumaa, Ilkka Kivelä, Petri Jyrkkä and Ismo Hakala
Abstract:	This paper describes the usage of object-oriented and microservice design patterns to enhance system maintainability. The project involved bringing together data from multiple sensor networks and providing single endpoint for client applications. The middleware consists of purpose-specific components, databases and various off-the-shelf IoT components. Key lessons learned include the role of design patterns in simplifying complex system interactions and improving understandability. The importance of a modular approach, where design patterns provide a structured framework that promote reuse of proven solutions and reduce technical complexity becomes clear during the implementation of the middleware.
Download

Paper Nr:	38
Title:	IoT-Driven Livestock Monitoring: Leveraging LoRaWAN for Behavior Analysis and Enhanced Farm Management
Authors:	Khadijah Febriana, Rahul Thakur and Sudip Roy
Abstract:	Cattle play a crucial role in farming by providing essential resources such as milk, meat, leather, and labor, contributing significantly to both economic and social stability in rural areas of India. This work develops an energy-efficient IoT system based on LoRaWAN to monitor and analyze livestock behavior. The system employs an MPU6050 sensor and TTGO T-Beam microcontroller to capture livestock’s movement and positional data. This data is continuously transmitted via a mesh network, utilizing The Things Network and ThingSpeak for remote analytics. A neural network with two hidden layers and ReLU activation functions is trained with sparse categorical cross-entropy loss. Validation on a 20% subset of the training data demonstrates high accuracy in classifying complex animal behaviors. Classification results, including F1-scores, precision, and recall metrics, highlight the model’s strong capability in behavior differentiation. Overall, this system enhances animal health and welfare, improves farm productivity, promotes environmental sustainability, and strengthens India’s food security.
Download

Paper Nr:	62
Title:	PacketZapper: A Scalable and Automated Platform for IoT Traffic Collection and Analysis
Authors:	Mathias Fredrik Hedberg, Jia-Chun Lin and Ming-Chang Lee
Abstract:	The increasing adoption of IoT devices in home environments has raised significant concerns about security and privacy. Analyzing real IoT traffic is essential for understanding these implications, yet the process poses challenges for researchers, requiring expertise in hardware selection, data collection, storage, and analysis. To address these challenges, we introduce PacketZapper, an automated and scalable platform for IoT traffic collection, processing, and analysis. PacketZapper combines existing open-source tools with custom components to streamline research workflows. It follows a four-stage solution structure—collect, parse, store, and process—ensuring modularity and future extensibility. The platform supports the collection of Zigbee and 433MHz traffic using commercial USB dongles, with the potential to integrate additional IoT protocols. Data is stored in Elasticsearch, enabling efficient querying and exploration, while Apache Airflow automates task orchestration through Directed Acyclic Graphs (DAGs). A case study evaluation demonstrated PacketZapper’s capability to infer devices in a smart home and to facilitate effective data exploration. The platform provides a robust foundation for reproducible IoT traffic research, addressing critical gaps in IoT traffic analysis. It offers researchers an extensible, automated, and scalable solution for conducting diverse experiments.
Download

Area 4 - Internet of Things (IoT) Fundamentals

Full Papers

Paper Nr:	61
Title:	The Integration of Time Series Anomaly Detection into a Smart Home Environment
Authors:	Eran Kaufman, Yigal Hoffner, Adan Fadila, Amin Masharqa and Nour Mawasi
Abstract:	Smart home IoT systems have become integral to modern households. To ensure security and safety, prevent hazards, accidents and health emergencies, optimize resource usage, and maintain system reliability, it is essential to have anomaly detection as an integral part of the home management system. Integrating anomaly detection into the smart home environment requires it to be extended to a comprehensive anomaly management process that can be broken down into several stages: data collection and aggregation, anomaly detection, anomaly assessment, decision-making, action-taking, logging and analysis of anomaly events and responses. Our work focuses on three key contributions. First, we explore anomaly detection algorithms to improve detection accuracy, improve classification, and provide users with detailed information on identified anomalies. Second, we present a step-by-step breakdown of the anomaly management process, highlighting how anomaly detection functions as its critical subprocess. Finally, we provide an in-depth explanation of how this management process is seamlessly integrated into a functional smart home environment, ensuring a cohesive and effective approach to anomaly handling.
Download

Short Papers

Paper Nr:	54
Title:	Generating Realistic Cyber Security Datasets for IoT Networks with Diverse Complex Network Properties
Authors:	Fouad Al Tfaily, Zakariya Ghalmane, Mortada Termos, Mohamed-el-Amine Brahmia, Ali Jaber and Mourad Zghal
Abstract:	In the cybersecurity community, finding suitable datasets for evaluating Intrusion Detection Systems (IDS) is a challenge, particularly due to limited diversity in complex network properties. This paper proposes a dual-purpose approach that generates diverse datasets while producing efficient, compact versions that maintain detection accuracy. Our approach employs three techniques - community mixing modification, centrality-based modification, and time-based modification - each targeting specific network property adjustments while achieving significant dataset size reductions (up to 81.5%). Our approach is validated on real-world datasets, including NF-UQ-NIDS, CCD-INID-V1, and TON-IoT, demonstrating its ability to generate realistic datasets while preserving network properties, attack patterns, and structural integrity. The generated datasets exhibit diverse complex network properties, making them particularly useful for IDS technique evaluation that incorporates complex network measures. The reduced size and preserved accuracy (96.4%) make these datasets especially valuable for resource-constrained environments. Moreover, our approach facilitates the construction of homogeneous datasets required for federated learning situations where data distribution similarity across clients is essential. This contribution helps address both dataset scarcity and computational efficiency challenges while ensuring that the generated datasets retain the characteristics of real-world network traffic.
Download

Paper Nr:	63
Title:	Enhancing Scalability in Wi-Fi IoT Networks with Logical Data Plane Segregation Using SDN Principles
Authors:	Gabriel Vieira, Ana Rita Ortigoso, Daniel Fuentes, Luis Frazão, Nuno Costa and António Pereira
Abstract:	The increasing demand for wireless connectivity, with IoT devices projected to exceed 20 billion by 2025, reinforces Wi-Fi as the dominant technology. However, the standard star topology limits coverage for widely dispersed IoT devices. While mesh networking extends coverage, most IoT endpoints lack native mesh support, posing scalability and security challenges. This study proposes an IoT architecture leveraging a dual-stack and dual logical data plane approach based on SDN principles. It separates control and data traffic into three planes: IoT data, Wi-Fi extension, and control. The control plane employs ESP-NOW for mesh optimisation, while Wi-Fi ensures compatibility and expanded functionality. A prototype using ESP32-C6 DevKitC-1 modules demonstrates cost-efficiency, supporting stable connectivity with performance degradation beyond 50 metres. Experimental results confirm the architecture’s ability to establish a self-organising, resilient mesh network with dynamic reconfiguration, offering a scalable and flexible solution for IoT mesh networks.
Download

Paper Nr:	72
Title:	Clustering-Based Pattern Prediction Framework for Air Pollution Prediction
Authors:	Athiruj Poositaporn and Hanmin Jung
Abstract:	Accurately predicting patterns from large and complex datasets remains a significant challenge, particularly in environments where real-time predictions are crucial. Despite advancements in predictive modeling, there remains a gap in effectively integrating clustering techniques with advanced similarity metrics to enhance prediction accuracy. This research introduces a clustering-based pattern prediction framework integrating Kmeans with our Overall Difference with Crossover Penalty (OD with CP) similarity metric to predict data patterns. In the experiment, we demonstrated its application in air pollution pattern prediction by comparing 15 different model-cluster combinations. We employed five predictive models: Euclidean Distance, Markov Chain, XGBoost, Random Forest, and LSTM to predict the next day's pollution pattern across three cluster sizes (K = 10, 20, and 30). Our aim was to address the limitation of traditional clustering methods in pattern prediction by evaluating the performance of each model-cluster combination to determine the most accurate predictions. The results showed that our framework identified the most accurate model-cluster combination. Therefore, the study highlighted the generalizability of our framework and indicated its adaptability in pattern prediction. In the future, we aim to apply our framework to a Large Language Model (LLM) combined with Retrieval Augmented Generation (RAG) to enhance in-depth result interpretation. Furthermore, we intend to expand the study to include client engagement strategy to further validate the effectiveness of our study in real-world applications.
Download

Paper Nr:	73
Title:	Towards Client Engagement Using RAG System with Pattern Prediction Framework
Authors:	Hanmin Jung and Athiruj Poositaporn
Abstract:	Client engagement refers to the process of companies and customers building and maintaining relationships through communication, personalized marketing, and value-added services. This often results in analysis reports, consulting services, and strategic planning documents. Tools like GPT-4o have significant potential to support these interactions in sectors such as meteorological organizations. However, standalone generative models like GPT-4o face challenges in accessing external datasets and often produce generic outputs. To overcome these limitations, this study introduces a chat-based Retrieval-Augmented Generation (RAG) system integrated with a pattern prediction framework. We demonstrate our RAG system in analyzing air pollution pattern prediction results from our prior study and compare its generated answers with a standalone GPT-4o model. Experimental results show that the RAG system delivers actionable recommendations and contextually enriched outputs grounded in domain-specific data. In future work, we aim to explore the potential of RAG in real-world applications, such as improving client engagement by generating client-focused reports.
Download

Paper Nr:	56
Title:	A Distributed Event-Orchestrated Digital Twin Architecture for Optimizing Energy-Intensive Industries
Authors:	Nicolò Bertozzi, Anna Geraci, Letizia Bergamasco, Enrico Ferrera, Edoardo Pristeri and Claudio Pastrone
Abstract:	This paper presents a novel distributed architecture designed to spawn digital twin solutions to improve energy efficiency in energy-intensive industrial scenarios. By executing user-defined workflows, our platform enables the implementation of real-time monitoring, forecasting, and simulation microservices to enhance decision-making strategies for optimizing industrial processes. Leveraging a stateless centralized orchestration mechanism built around an Apache Kafka-based backbone, the platform ensures scalability, fault tolerance, and efficient handling of heterogeneous data. Key features include intuitive workflow configuration, asynchronous communication for streamlined workflow execution, and API-driven scheduling for dynamic, event-based task management. This platform will be deployed and validated in several energy-intensive industrial scenarios, supporting the management of energy systems of different plants, to prove its effectiveness across a wide range of energy management challenges.
Download

Area 5 - IoT Technologies

Full Papers

Paper Nr:	31
Title:	Toward a More Realistic Energy Consumption Model for IoT Nodes in Extreme-Edge Computing Environments
Authors:	Hassan Hammoud, Frédéric Weis, Melen Leclerc and Jean-Marie Bonnin
Abstract:	As Internet of Things (IoT) networks grow, accurately modeling the energy consumption of individual IoT nodes has become essential for understanding and managing energy use in diverse applications. In extreme-edge computing scenarios, where processing is pushed as close to the device as possible to support local data manipulation, memory operations play a substantial role in power consumption. However, existing models in the literature primarily focus on communication, processing, and sensing, often overlooking the contribution of memory operations to overall energy use. This paper presents an extended energy model for IoT nodes, incorporating memory-related energy usage alongside traditional factors. Results show that addressing memory usage within the energy model provides a more comprehensive understanding of consumption patterns, supporting more effective management strategies for IoT applications. Furthermore, we propose an approach that optimizes power consumption by implementing data management techniques that efficiently handle data retrieval and storage.
Download

Paper Nr:	41
Title:	Smoke Segmentation Improvement Based on Fast Segment Anything Model with YOLOv11 for a Wildfire Monitoring System
Authors:	Puchit Bunpleng, Puthtipong Thunyatada, Bhutharit Aksornsuwan, Kanokvate Tungpimolrut and Ken T. Murata
Abstract:	Forests and wildlife are crucial parts of our ecosystem. Wildfires occurring in dry and hot regions represent a significant threat to these areas, particularly in ASEAN countries during the dry season. While human observers are often employed to detect wildfires, their scarcity and limited availability highlight the need for automated solutions. This study explores the use of machine learning, specifically computer vision, to enhance wildfire detection by segmenting smoke, an approach which potentially gives information regarding the size and the direction of the spread of the smoke, aiding mitigation efforts. We extend prior work by proposing a model to predict the errors and performance of segmentation masks without access to the ground truth, with the aim of facilitating iterative self-improvement of segmentation models. The FireSpot dataset is used to fine-tune a YOLOv11 model to predict bounding boxes of smoke successfully; subsequently, the outputs of this model are used as a prompt to refine a FastSAM model designed to segment the image into a proposed mask containing the smoke. The proposed mask and the corresponding original image are then used to train a machine learning model where the targets are metrics regarding the error rates of the masks. The results show that a gradient boosting model achieves good prediction performance in predicting some error metrics like the IoU (denoted TPP in this paper) between the proposed and actual segmentation masks with an MSE of 0.03 and R2 of 0.46, as well as the proportion of false positives over the union of the proposed and actual masks (denoted FPP in our paper) with an MSE of 0.0002 and R2 of 0.95, while a pre-trained deep learning model fails to learn the distribution, achieving considerably lower performance for IoU with an MSE of 0.05 and R2 of 0.06 and FPP with an MSE of 0.0002 and R2 of -1.15. These findings open the way to future work where the results of the error prediction model can be used as feedback to improve the prompts and hyperparameters of the segmentation model.
Download

Short Papers

Paper Nr:	60
Title:	L2C: Learn to Clean Time Series Data
Authors:	Mayuresh Hooli and Rabi Mahapatra
Abstract:	In today’s data-driven economy, where decisions hinge on vast amounts of data from diverse sources such as social media and government agencies, the accuracy of this data is paramount. However, data complexities including errors from missing information and outliers challenge its integrity. To address this, we introduce a novel machine learning framework, L2C (Learn to Clean), specifically designed to enhance the cleanliness of time series data. Unlike existing methods like SVR and ARIMA that are limited to handling one or two types of outliers, L2C integrates techniques from SVR, ARIMA, and Loess to robustly identify and correct for all three major types of outliers—global, contextual, and collective. This paper marks the first implementation of a framework capable of detecting collective outliers in time series data. We demonstrate L2C’s effectiveness by applying it to air quality sensor data sampled every 120 seconds from wireless sensors, showcasing superior performance in outlier detection and data integrity enhancement compared to traditional methods like ARIMA and Loess.
Download

Paper Nr:	20
Title:	Implementation of Rank Attack and Its Mitigation in RPL-Based IoT Networks
Authors:	Madhu Yadav and Rajbir Kaur
Abstract:	The burgeoning interest in the Internet of Things (IoT) has led to the widespread deployment of Low-power and Lossy Networks (LLNs). The Routing Protocol for Low-Power and Lossy Networks (RPL) is a standard protocol designed for networks with resource-constrained devices and high packet loss rates. However, RPL is vulnerable to various attacks, particularly rank attacks, which can disrupt network performance and compromise security. This paper addresses this gap by implementing rank attacks in RPL using the Cooja Simulator in Contiki OS and analyzing their impact on network performance. While rank attacks are extensively dis-cussed in the literature, practical implementations remain limited. To mitigate these attacks, we propose a novel trust-based mitigation strategy that integrates seamlessly with resource-constrained IoT devices. Our approach dynamically computes trust metrics to detect and isolate malicious nodes, thereby improving network security, reducing power consumption, and ensuring reliable packet transmission. Comparative analysis demonstrates the superiority of our approach over existing techniques, offering enhanced scalability and adaptability for secure IoT deployments.
Download

Paper Nr:	76
Title:	A Novel Wi-Fi Mesh Network Framework for Efficient Mobile Data Transmission
Authors:	Yu-Jie Ou, Yan-Ming Chen and Chun-Chao Yeh
Abstract:	The current trend involves the use of robots and various IoT devices to assist in production and development. In the future, with the integration of AI technology, related applications will become even more widespread. Within this context, whether it is command transmission, equipment status reporting, or equipment condition monitoring, a stable network environment is essential. Presently, the technology can be mainly categorized into wired networks, wireless networks (Wi-Fi), and mobile networks. While wired networks are fast and stable, they are constrained by physical lines and cannot be used in environments requiring interlaced movement. Wireless networks face disconnection issues when crossing different APs. While mobile networks, particularly those using 5G, offer excellent real-time performance, the establishment of private networks is expensive and the signal sources are relatively singular. This study proposes the use of Wi-Fi technology combined with the UDP (User Datagram Protocol) and QUIC (Quick UDP Internet Connections) protocols to create a new type of multipath network system. This system aims to reduce the adverse effects of physical environmental changes and wireless access point (AP) device transitions, achieving a low-cost, high-speed, highly mobile, and secure network environment in specific settings. The proposed scheme leverages the encryption and security features of the QUIC protocol to protect data privacy while supporting the needs of high-mobility applications.
Download

Area 6 - Security, Privacy and Trust

Full Papers

Paper Nr:	22
Title:	Sockpuppet Detection in Wikipedia Using Machine Learning and Voting Classifiers
Authors:	Rafeef Baamer and Mihai Boicu
Abstract:	Sockpuppet accounts, deceptive identities created by individuals on social networks, present significant challenges to online integrity and security. In this study, we analyse various approaches for detecting Sockpuppet accounts through the computation of several distinct features and the application of seven different classifiers. To enhance detection accuracy, we employ simple majority voting to aggregate the predictions from multiple classifiers, involving all seven classifiers, or only best five or three of them. This approach allows us to leverage the strengths of different classifiers while mitigating their individual weaknesses. Our experimental results show a significant improvement over previous studies, achieving an accuracy rate of 88% with 87% precision. Additionally, our experiments highlight the critical importance of feature engineering, demonstrating how carefully selected features directly influence classification performance. The findings also emphasize the value of human-in-the-loop involvement, where iterative feedback refines the models and improves their predictive capabilities. These insights offer meaningful contributions toward strengthening the security and integrity of online social networks by enabling more accurate and robust detection of Sockpuppet accounts.
Download

Paper Nr:	39
Title:	Information Flow Control for the Internet of Things
Authors:	Gildas Kouko, Josée Desharnais and Nadia Tawbi
Abstract:	The Internet of Things (IoT) refers to devices and applications that interact and connect the physical and digital worlds. Unfortunately, their interactions often lead to information leaks and safety issues. Controlling their autonomous behavior related to events and actions in their environment is therefore important. This is the key to uncovering conflicts between user-defined expectations. To control these conflicts, we propose to verify IoT information-flow according to the principles of model checking. We propose a model based on an abstraction of the information flow induced by device and application operations and interactions in an IoT network. More precisely, the model is independent of any functional and technical heterogeneity. This abstraction is the result of an information flow analysis carried out, a priori, for all the involved devices, as well as for all the applications controlling them. A transition system is constructed from these abstractions enabling us to transform the information flow control into reachability and safety properties verification. We express these properties using a modal logic inspired by Timed Computation Tree Logic (TCTL) (Baier and Katoen, 2008). We illustrate our approach with an example and adapt the language and the model to an existing model checker.
Download

Paper Nr:	40
Title:	Pseudorandom Number Generators, Perfect Learning and Model Visualization with Neural Networks: Expanding on LFSRs and Geffe
Authors:	Sara Boancă
Abstract:	The present paper explores the use of Artificial Neural Networks in the context of Pseudorandom Number Generators such as Linear Feedback Shift Registers and Geffe. Because of their hardware efficiency, variations of these generators may be used by IoT devices for security purposes. Testing to ensure security is essential, but it was observed that traditional test suites are too slow for the task. Machine Learning models, on the other hand, represent a faster alternative. While Artificial Neural Networks have been able to learn from these generators, improvements are still needed in terms of optimization and lowering domain knowledge. For that, the present paper focuses on the manner in which state of the art neural network approaches scale for a wider variety of Linear Feedback Shift Registers, including some of degree ≥ 100 and discusses the challenges that arise. Moreover, it proposes a novel Geffe learning approach that produces up to 100% testing accuracy and, based on that, promotes an additional optimization by capitalizing on model visualization and the ability of neural networks to learn deterministic functions to perfection. A comparative analysis is performed in order to show the superiority of the approach and an in-depth discussion is conducted on the possibility and implications of neural network perfect learning, particularly when coupled with model visualization. The obtained results can be regarded as incremental advances towards the creation of more robust neural network models to perform PRNG security evaluation for IoT devices.
Download

Short Papers

Paper Nr:	12
Title:	Dynamic Obfuscation for Secure and Efficient Multi-Cloud Business Processes
Authors:	Amina Ahmed Nacer and Mohammed Riyadh Abdmeziem
Abstract:	Organizations increasingly outsource complex business processes to the cloud, but concerns about exposing business strategies persist. While existing solutions split processes across multiple cloud providers, they don’t fully address the risk of information leakage. Our approach leverages random obfuscation techniques at each execution to safeguard sensitive data, offering a lightweight alternative to encryption. In multi-cloud environments, where processes are distributed across providers, obfuscation reduces leakage risks with lower computational overhead, making it ideal for resource-constrained scenarios compared to more expensive cryptographic solutions.
Download

Paper Nr:	30
Title:	A Technology Review of Zero Knowledge Proof Techniques
Authors:	Seyed Mohsen Rostamkolaei Motlagh, Claus Pahl, Hamid R. Barzegar and Nabil El Ioini
Abstract:	Distributed systems, particularly in IoT, require robust privacy-preserving authentication mechanisms to address increasing concerns about data security and integrity. Zero-Knowledge Proofs (ZKPs) have emerged as a promising solution to balance security, privacy, and efficiency. This paper reviews and compares state-of-the-art ZKP protocols, focusing on their suitability for decentralized, resource-constrained environments. We propose a comprehensive evaluation framework and apply it to zk-SNARK, zk-STARK, and Bulletproof protocols, analyzing metrics such as scalability, efficiency, and proof size. Our findings provide actionable insights into the trade-offs between these protocols, offering guidance for their application in IoT systems.
Download

Paper Nr:	42
Title:	A Comparative Analysis of Anonymous and Non-Anonymous Authorization Architectures for IoT Environments in Cooperative Intelligent Transport Systems
Authors:	Hannes Salin
Abstract:	In this paper, we present a comparative analysis of two distinct authorization architectures with a focus on their applicability in dynamic and cooperative intelligent transportation networks (C-ITS) suitable for low-powered IoT devices. Both architectures leverage accumulators for authorization and secret key storage, while our modification of the original architecture introduces an enhanced privacy feature enabling anonymous device access via a proxy node. This modification results in increased communication complexity, trading off anonymity against increased interaction overhead. We provide a proof of concept implementation with performance experiments, and conclude that the cryptographic computational performance remains relatively unaffected between the two architectures. Our findings suggest a potential for different deployment strategies of these architectures; in urban settings with a dense presence of proxy nodes, but also in sparser regions where privacy is not paramount due to minimal vehicle presence.
Download

Paper Nr:	45
Title:	Understanding How to Use Open-Source Libraries for Differentially Private Statistics on Energy Metering Time Series
Authors:	Ana C. P. Paixão, Breno R. da Silva, Rafael L. Silva, Filipe H. Cardoso and Alexandre Braga
Abstract:	Demand forecasting and dynamic pricing for renewable energy open markets may require heavy analytics capabilities on fine-grained consumption data. With differential privacy, data aggregators in the energy sector can compute statistics on metering information without accidentally leaking consumption patterns of specific consumers over time. However, differential privacy is complex and hard to implement correctly. In this paper, we propose a method for evaluating differential privacy libraries by their ability to produce private and useful statistics on time series for energy consumption. The method was validated by applying it to three open source libraries used to compute differentially private averages, counts, and sums on energy metering data. The method was able to clearly distinguish between private (indistinguishable) and disclosed (distinguishable) statistics. Our method and findings can help data scientists and privacy officers within the energy sector better understand how open-source differential privacy libraries behave with time series for energy metering data.
Download

Paper Nr:	51
Title:	Automating the Assessment of Japanese Cyber-Security Technical Assessment Requirements Using Large Language Models
Authors:	Kento Hasegawa, Yuka Ikegami, Seira Hidano, Kazuhide Fukushima, Kazuo Hashimoto and Nozomu Togawa
Abstract:	Several countries, including the U.S. and European nations, are implementing security assessment programs for IoT devices. Reducing human effort in security assessment has great importance in terms of increasing the efficiency of the assessment process. In this paper, we propose a method of automating the conformance assessment of security requirements based on Japanese program called JC-STAR. The proposed method performs document analysis and device testing. In document analysis, the use of rewrite-retrieve-read and chain of thought within retrieval-augmented generation (RAG) increases the assessment accuracy for documents that have limited detailed descriptions related to security requirements. In device testing, conformance with security requirements is assessed by applying tools and interpreting the results with a large language model. The experimental results show that the proposed method assesses conformance with security requirements with an accuracy of 95% in the best case.
Download

Paper Nr:	55
Title:	Enhancing IoT Network Intrusion Detection with a New GraphSAGE Embedding Algorithm Using Centrality Measures
Authors:	Mortada Termos, Zakariya Ghalmane, Mohamed-el-Amine Brahmia, Ahmad Fadlallah, Ali Jaber and Mourad Zghal
Abstract:	The rapid expansion of the Internet of Things (IoT) has led to many opportunities in addition to introducing complex security challenges, necessitating more powerful Network Intrusion Detection Systems (NIDS). This study addresses this challenge by enhancing Graph Neural Networks (GNNs) with centrality measures to improve intrusion detection performance in IoT environments. We propose the so-called ”Centrality-based E-GraphSAGE”, an extension to the E-GraphSAGE model incorporating the centrality measures: Degree, Betweenness, Closeness, PageRank, and K-truss. These centrality measures, which highlight both the local and global influence of nodes (IoT devices), can uncover hidden patterns and relationships in network traffic data, thereby enhancing the performance of IDS systems. The centrality-informed initialization of node embeddings aids the model in capturing critical structural insights in the graph. The inclusion of residual connections further improves classification accuracy. Our models were evaluated on four datasets: NF-UQ-NIDS, NF-CSE-CIC-IDS2018, CCD-INID, and X-IIoTID. Results showed significant performance gains in accuracy of detection evaluated using F1-score and reduced number of false alarms. This work paves the way for more advanced and robust intrusion detection systems to improve the security of IoT networks.
Download

Paper Nr:	58
Title:	Anomalous IoT Behavior Detection by LSTM-Based Power Waveform Prediction
Authors:	Ryusei Eda and Nozomu Togawa
Abstract:	Internet of Things (IoT) devices have very rapidly spread out in recent years. In IoT devices where applications run on operating system (OS), the power consumption of the OS and the power consumption of the applications overlap, resulting in complex power waveform. Previous methods need to explicitly extract the application power waveform from the multiple signal sources in the measured power waveform, which often fail to detect anomalous behaviors. In this paper, we propose a method to detect anomalous behaviors by using LSTM (Long Short Term Memory). The proposed method learns power waveform containing multiple signal sources and compares the predicted waveform and the actual one. Then, we can successfully detect anomalous behaviors, even though the measured power waveform is composed of multiple signal sources. Experimental results show that anomalous behavior can be successfully detected from an IoT device built with Raspberry Pi4.
Download

Paper Nr:	65
Title:	Unravelling the Sequential Patterns of Cyber Attacks: A Temporal Analysis of Attack Dependencies
Authors:	Fares Ashraf ElSalamony, Nahla Barakat and Ahmad Mostafa
Abstract:	Cybersecurity has become increasingly challenging, particularly in understanding and predicting complex attack sequences within network traffic. In this paper, we introduce a new approach for predicting cybersecurity attacks utilizing time series data and transformer architecture, which has achieved the state-of-the-art F1-score for a time series, multiclass problem on the UNSW-NB15 dataset. This is despite earlier studies either considered binary task only (attack/non-attack) or did not deal with the problem as a time series. For the first time, we integrated time series prediction with analysis and visualization methods for detecting possible sequences of cyber-attacks, which were then verified with domain experts. Statistical methods confirmed the significance of the detected sequence, ensuring that these attacks are not random. Our findings revealed the existence of patterns of attack sequences, demonstrating how one attack type often precedes another in predictable patterns. This paper not only fills a critical gap in attack progression modelling but also introduces advanced visualization and analysis that confirm the predictions of the model.
Download

Paper Nr:	70
Title:	Cybersecurity Indicators Within a Cybersecurity Testing and Monitoring Framework
Authors:	Steve Taylor, Norbert Goetze, Joerg Abendroth, Jens Kuhr, Rosella Omana Mancilla, Bernd Ludwig Wenning, Pasindu Kuruppuarachchi, Aida Omerovic, Ravishankar Borgaonkar, Andrea Neverdal Skytterholm, Antonios Mpantis, George Triantafyllou, Oscar Garcia and Oleh Zaritskyi
Abstract:	This paper describes the concept and use of Indicators for cybersecurity decision support. We define an Indicator as observable information about a Device Under Test (DUT) or System Under Test (SUT) that potentially can underpin insight on its cybersecurity posture. We describe different types of Indicators, how they are generated by tools and components in a cybersecurity testing and monitoring framework, how they may be transformed to increase their utility and illustrate their use via an exemplary case in smart manufacturing. We summarise key observations and properties of Indicators based on collaborative multidisciplinary work that has brought together developers of tools that generate Indicators, tools that consume and analyse indicators, and representatives of users who have motivating scenarios where Indicators may inform about their cybersecurity posture.
Download

Paper Nr:	18
Title:	DLT-Based Approach for Secure and Cyber Resilient Resource Constrained IoT Devices: A Survey on Recent Advances
Authors:	Sthembile Mthethwa, Moses Dlamini and Edgar Jembere
Abstract:	Distributed Ledger Technologies (DLTs) are advancing various fields such as the financial sector, supply chain management, Internet of Things (IoTs), etc. Through its characteristics, DLTs have the potential to solve some of the challenges encountered by IoT devices as the number of connected devices continues to grow tremendously. These characteristics includes but not limited to decentralisation, traceability, security, transparency, immutability, non-repudiation, etc. There has been an increase in the body of knowledge in relation to the convergence of DLTs and IoTs. This paper examines how DLTs can enhance the security of resource-constrained IoT devices, which have limitations that prevent the implementation of traditional security measures like encryption due to size and computational power. This paper consolidates existing research by comparing techniques, technologies used, and results achieved over the years. Finally, the research identifies knowledge gaps for future exploration.
Download

Paper Nr:	29
Title:	A Comparative Evaluation of Zero Knowledge Proof Techniques
Authors:	Seyed Mohsen Rostamkolaei Motlagh, Claus Pahl, Hamid R. Barzegar and Nabil El Ioini
Abstract:	Common to many distributed systems such as the Internet-of-Things (IoT) is decentralisation, often with a growing number of devices with diverse computational capabilities and security requirements. If integrated into critical applications, ensuring secure communication and data integrity is critical. In particular, privacy and security concerns are growing with the rise of these architectures. Zero-Knowledge Proof (ZKP) techniques are solutions to improve security without compromising on privacy. While the advantages of ZKP techniques are well-documented, it is important to consider the inherent limitations of these distributed environments, such as restricted processing power, memory capacity, and energy constraints, when aiming to solve security concerns. Here, we select two prominent ZKP techniques, Bulletproof and zk-STARK, and experimentally compare a number of their variants for a set of architecture-specific assessment criteria.
Download

Paper Nr:	50
Title:	Automated Test Input Generation Based on Web User Interfaces via Large Language Models
Authors:	Kento Hasegawa, Hibiki Nakanishi, Seira Hidano, Kazuhide Fukushima, Kazuo Hashimoto and Nozomu Togawa
Abstract:	The detailed implementation of IoT devices is often opaque, necessitating the use of a black-box model for verification. A challenge in fuzzing for the diverse types of IoT devices is generating initial test inputs (i.e., initial seeds for fuzzing) that fit the specific functions of the target. In this paper, we propose an automatic test input generation method for fuzzing the management interfaces of IoT devices. First, the automated web UI navigation function identifies the input fields. Next, the test input generation function creates appropriate test inputs for these input fields by analyzing the surrounding information of each field. By leveraging these functions, we establish a method for automatically generating test inputs specifically for the web user interfaces of IoT devices. The experimental results demonstrate that test inputs that are suitable for the input fields are successfully generated.
Download

Paper Nr:	68
Title:	A Study of Anomalous Communication Detection for IoT Devices Using Flow Logs in a Cloud Environment
Authors:	Yutaro Iizawa, Norihiro Okui, Yusuke Akimoto, Shotaro Fukushima, Ayumu Kubota and Takuya Yoshida
Abstract:	Research on network-based anomaly detection has been conducted as a countermeasure against cyberattacks from IoT devices. Specifically, anomaly detection based on flow data, such as IPFIX, has garnered increasing attention to address the rising communication volume. In these studies, obtaining flow data from the communication data sent and received by IoT devices is necessary; however, obtaining these data can be difficult when the IoT system is already built in a cloud environment. In this study, we investigated an anomalous communication detection method using VPC Flow Logs, which can be obtained via AWS. VPC Flow Logs record only the number of packets and bytes in a single direction, resulting in less information than that obtained via flow data. For example, session information is divided into multiple records according to the time window. To increase the precision of anomalous communication detection using VPC Flow Logs data, we developed a methodology for the effective conversion of multiple VPC Flow Logs into bidirectional data. The efficacy of this approach was assessed by evaluating its performance on public datasets.
Download